Archives for : September2009

    Adelaide City to Bay

    Some pictures from the city to bay walk/run.

    I did the 12 km walk. It was a great day for it.

    D-Star IC2820 VK5 ICF – updated

    I recently downloaded the IC2820 V19a channel mapping for the ICOM 2820 from IC2820_VK5RWN_C_V19a.icf.

    After uploading the file to the radio I discovered that many of the simplex channels I previously used on my IC2820 were now gone (not surprising). Lucky I copied the original radio config to a new .icf file before I uploaded the new one.

    One frustrating thing I did discovered with the 2820 cloning software is that the EXPORT function appears to only export the stations heard by the radio to CSV and no the full radio configuration. A full copy of the config can only be stored in the native .icf file format, which is full of numbers (looks like memory contents). So manually editing the config file was out of the question.



    For those who have played with the software (CS-2820), you may have noticed that you can only spawn one instance. So copying the frequencies from my old config to the new config (the above link plus my original mapping) was not going to be as easy as I thought i.e export both and combine in notepad or excel.

    I discovered that it is possible to highlight and copy multiple lines in the channel map (only in the application copy buffer, not in the windows clipboard – can’t copy it to excel or notepad). Once you have copied the lines you want from the original config select ‘File – Open’ from the menu and open the new config (in my case the above file – renamed). If the application has not been closed it is possible to place the cursor where you want to add the channels from the old config and select paste (control v) and the copied rows will then be placed into the new config.

    I originally based my simplex frequencies (2m and 70cm) on the AREG frequencies in the modified ham Motorola Syntrx radios located on the AREG website.

    VK5 – 2M Syntrx Frequency Plan – Issued 22/11/2005
    VK5 – 70cm Syntrx Frequency Plan – Issued 22/11/2005

    The new updated file containing the new D-Star mapping, supplemented by my slightly modified AREG simplex channels can be located here.


    Here is a screen print.

    CS-2820 copy screen print

    CS-2820 copy screen print

    This is the .icf file converted to a .xls (csv to xls – from excel). The conversion can be done with CHIRP.

    The Freq and channel file: 2820h

    I hope this information helps someone.

    Kerry’s painting

    This is Kerry’s group birthday painting

    Posted by ShoZu

    Nmap Examples

    Some Nmap examples I thought I would post.

    Scanning past Watchguard Firewalls: nmap -sS -iL targetlist.txt -P0 -sV -T4

    Verbose Scan: nmap -v

    This option scans all reserved TCP ports on the target machine. The -v option enables verbose mode.

    nmap -sS -O /24

    Launches a stealth SYN scan against each machine that is up out of the 256 IPs on “class C” sized network where Scanme resides. It also tries to determine what operating system is running on each host that is up and running. This requires root privileges because of the SYN scan and OS detection.

    nmap -sV -p 22,53,110,143,4564 198.116.0-255.1-127

    Launches host enumeration and a TCP scan at the first half of each of the 255 possible eight-bit subnets in the 198.116 class B address space. This tests whether the systems run SSH, DNS, POP3, or IMAP on their standard ports, or anything on port 4564. For any of these ports found open, version detection is used to determine what application is running.

    nmap -v -iR 100000 -PN -p 80

    Asks Nmap to choose 100,000 hosts at random and scan them for web servers (port 80). Host enumeration is disabled with -PN since first sending a couple probes to determine whether a host is up is wasteful when you are only probing one port on each target host anyway.

    nmap -PN -p80 -oX logs/pb-port80scan.xml -oG logs/pb-port80scan.gnmap

    This scans 4096 IPs for any web servers (without pinging them) and saves the output in grepable and XML formats.

    Instead of limiting ourselves to scanning just one target., let’s broaden our horizon’s to bigger and better things. In example 2 we used our IP address to base a scan against. Using that address again we can get a look at numerous targets in our “community”. At the command line type the following (substituting a valid address of your choice of course):

    nmap -sT -O

    What this does is instruct nmap to scan every host between the IP addresses of and If you happen to find many interesting feedback results from this or a larger scale scan then you can always pipe the output into your choice of a human readable file or a machine parsable file for future reference by issuing the following option:

    To create a human readable output file issue the -oN command into your nmap string so that it would look similar to this:

    nmap -sT -O -oN sample.txt

    Rather have a machine parsable file? Enter the -oM to pipe the output into a machine parsable file:

    nmap -sT -O -oM sample.txt

    *Back when I was becoming aquatinted with all the nmap options, I ran my first large scale scan against 250 consecutive machines using an arbitrary number (nmap -sX -O -oN sample.txt XXX.XXX.XXX.0-250).To my great surprise I was confronted with 250 up and running virgin Linux machines. Another reason why Linux enthusiasts should NEVER become bored.

    -I This is a handy little call that activates nmap’s TCP reverse ident scanning option. This divulges information that gives the username that owns available processes. Let’s take a look (Note that the host has to be running ident). At the command line issue this command against your target, in this case our default Eve running Linux:

    -iR Use this command to instruct nmap to scan random hosts for you.

    -p Port range option allows you to pick what port or ports you wish nmap to scan against.

    -v Use verbosity to display more output data. Use twice (-v -v) for maximum verbosity.

    -h Displays a quick reference of nmap’s calls

    Now that we have looked at nmap’s three basic usage types and some of it’s other options, let’s mix and match them.

    nmap -v -v -sS -O

    This instructs nmap to use a maximum amount of verbosity to run a stealth scan and OS detection against all machines between IP addresses and This command will also require root privileges due to both the -sS and -O calls. Of course this will display a very overwhelming amount of data so let’s log our results into a human readable file for future reference:

    nmap -v -v -sS -O -oN sample.txt

    Now let’s make nmap run a stealth scan and instruct it to look only for machines offering http and ftp services between the addresses of and Once again we will log the output (I’m a log junkie) for future reference into a human readable file called ftphttpscan.txt:

    nmap -sS -p 23,80 -oN ftphttpscan.txt

    Remember the -iR option mentioned previously? Let’s use it to take a random sampling of Internet web servers using the verbatim example from nmap’s man page:

    nmap -sS -iR -p 80

    Last but certainly not least, while gleaning information, don’t forget to nmap yourself. Just type at the command line: nmap This is especially useful and recommended if you’re a newcomer to Linux and connected to the Internet via DSL or cable modem.

    Detect promiscuous network devices or sniffers on a network

    Old versions       nmap –script=promiscuous

    New Versions     nmap -sV –script=sniffer-detect