Posts Tagged ‘destination’

Scanning ports with netcat “nc” command on Linux and UNIX / Checking for firewall filtering between source and destination with nc

Friday, September 6th, 2019

scanning-ports-with-netcat-nc-command-on-Linux-and-UNIX-checking-for-firewall-filtering-between-source-destination-host-with-netcat

Netcat ( nc ) is one of that tools, that is well known in the hacker (script kiddie) communities, but little underestimated in the sysadmin world, due to the fact nmap (network mapper) – the network exploratoin and security auditing tool has become like the standard penetration testing TCP / UDP port tool
 

nc is feature-rich network debugging and investigation tool with tons of built-in capabilities for reading from and writing to network connections using TCP or UDP.

Its Plethora of features includes port listening, port scanning & Transferring files due to which it is often used by Hackers and PenTesters as Backdoor. Netcat was written by a guy we know as the Hobbit <hobbit@avian.org>.

For a start-up and middle sized companies if nmap is missing on server usually it is okay to install it without risking to open a huge security hole, however in Corporate world, due to security policies often nmap is not found on the servers but netcat (nc) is present on the servers so you have to learn, if you haven't so to use netcat for the usual IP range port scans, if you're so used to nmap.

There are different implementations of Netcat, whether historically netcat was UNIX (BSD) program with a latest release of March 1996. The Linux version of NC is GNU Netcat (official source here) and is POSIX compatible. The other netcat in Free Software OS-es is OpenBSD's netcat whose ported version is also used in FreeBSD. Mac OS X also comes with default prebundled netcat on its Mac OS X from OS X version (10.13) onwards, on older OS X-es it is installable via MacPorts package repo, even FreeDOS has a port of it called NTOOL.

The (Swiss Army Knife of Embedded Linux) busybox includes a default leightweight version of netcat and Solaris has the OpenBSD netcat version bundled.

A cryptography enabled version fork exists that supports that supports integrated transport encryption capabilities called Cryptcat.

The Nmap suite also has included rewritten version of GNU Netcat named Ncat, featuring new possibilities such as "Connection Brokering", TCP/UDP Redirection, SOCKS4 client and server support, ability to "Chain" Ncat processes, HTTP CONNECT proxying (and proxy chaining), SSL connect/listen support and IP address/connection filtering. Just like Nmap, Ncat is cross-platform.

In this small article I'll very briefly explain on basic netcat – known as the TCP Army knife tool port scanning for an IP range of UDP / TCP ports.

1. Scanning for TCP opened / filtered ports remote Linux / Windows server

Everyone knows scanning of a port is possible with a simple telnet request towards the host, e.g.:

telnet SMTP.EMAIL-HOST.COM 25

The most basic netcat use that does the same is achiavable with:

$ nc SMTP.EMAIL-HOST.COM 25
220 jeremiah ESMTP Exim 4.92 Thu, 05 Sep 2019 20:39:41 +0300


Beside scanning the remote port, using netcat interactively as pointing in above example, if connecting to HTTP Web services, you can request remote side to return a webpage by sending a false referer, source host and headers, this is also easy doable with curl / wget and lynx but doing it with netcat just like with telnet could be fun, here is for example how to request an INDEX page with spoofed HTTP headers.
 

nc Web-Host.COM 25
GET / HTTP/1.1
Host: spoofedhost.com
Referrer: mypage.com
User-Agent: my-spoofed-browser

2. Performing a standard HTTP request with netcat

To do so just pype the content with a standard bash integrated printf function with the included end of line (the unix one is \n but to be OS independent it is better to use r\n  – the end of line complition character for Windows.

printf "GET /index.html HTTP/1.0\r\nHost: pc-freak.net\r\n\r\n" | nc pc-freak.net 80

3. Scanning a range of opened / filtered UDP ports

To scan for lets say opened remote system services on the very common important ports opened from UDP port 25 till, 1195 – more specifically for:

  • UDP Bind Port 53
  • Time protocol Port (37)
  • TFTP (69)
  • Kerberos (88)
  • NTP 123
  • Netbios (137,138,139)
  • SNMP (161)
  • LDAP 389
  • Microsoft-DS (Samba 445)
  • Route BGP (52)
  • LDAPS (639)
  • openvpn (1194)

nc -vzu 192.168.0.1 25 1195

UDP tests will show opened, if no some kind of firewall blocking, the -z flag is given to scan only for remote listening daemons without sending any data to them.

4. Port Scanning TCP listening ports with Netcat

As prior said using netcat to scan for remote opened HTTP Web Server on port 80 an FTP on Port 23 or a Socks Proxy or MySQL Database on 3306 / PostgreSQL DB on TCP 5432 is very rare case scenario.

Below is example to scan a Local network situated IP for TCP open ports from port 1 till 7000.

# nc -v -n -z -w 5 192.168.1.2 1-7000

           nc: connect to host.example.com 80 (tcp) failed: Connection refused
           nc: connect to host.example.com 20 (tcp) failed: Connection refused
           Connection to host.example.com port [tcp/ssh] succeeded!
           nc: connect to host.example.com 23 (tcp) failed: Connection refused

Be informed that scanning with netcat is much more slower, than nmap, so specifying smaller range of ports is always a good idea to reduce annoying waiting …


The -w flag is used to set a timeout to remote connection, usually on a local network situated machines the timeout could be low -w 1 but for machines across different Data Centers (let say one in Berlin and one in Seattle), use as a minimum -w 5.

If you expect remote service to be responsive (as it should always be), it is a nice idea to use netcat with a low timeout (-w) value of 1 below is example:
 

netcat -v -z -n -w 1 scanned-hosts 1-1023

5. Port scanning range of IP addresses with netcat


If you have used Nmap you know scanning for a network range is as simple as running something like nmap -sP -P0 192.168.0.* (to scan from IP range 1-255 map -sP -P0 192.168.0.1-150 (to scan from local IPs ending in 1-150) or giving the network mask of the scanned network, e.g. nmap -sF 192.168.0.1/24 – for more examples please check my previous article Checking port security on Linux with nmap (examples).

But what if nmap is not there and want to check a bunch 10 Splunk servers (software for searching, monitoring, and analyzing machine-generated big data, via a Web-style interface.), with netcat to find, whether the default Splunk connection port 9997 is opened or not:

for i in `seq 1 10`; do nc -z -w 5 -vv splunk0$i.server-domain.com 9997; done

6. Checking whether UDP port traffic is allowed to destination server

Assuring you have access on Source traffic (service) Host A  and Host B (remote destination server where a daemon will be set-upped to listen on UDP port and no firewall in the middle Network router or no traffic control and filtering software HUB is preventing the sent UDP proto traffic, lets say an ntpd will be running on its standard 123 port there is done so:

– On host B (the remote machine which will be running ntpd and should be listening on port 123), run netcat to listen for connections

# nc -l -u -p 123
Listening on [0.0.0.0] (family 2, port 123)


Make sure there is no ntpd service actively running on the server, if so stop it with /etc/init.d/ntpd stop
and run above command. The command should run as superuser as UDP port 123 is from the so called low ports from 1-1024 and binding services on such requires root privileges.

– On Host A (UDP traffic send host

nc -uv remote-server-host 123

netcat-linux-udp-connection-succeeded

If the remote port is not reachable due to some kind of network filtering, you will get "connection refused".
An important note to make is on some newer Linux distributions netcat might be silently trying to connect by default using IPV6, bringing false positives of filtered ports due to that. Thus it is generally a good idea, to make sure you're connecting to IPV6

$ nc -uv -4 remote-server-host 123

Another note to make here is netcat's UDP connection takes 2-3 seconds, so make sure you wait at least 4-8 seconds for a very distant located hosts that are accessed over a multitude of routers.
 

7. Checking whether TCP port traffic allowed to DST remote server


To listen for TCP connections on a specified location (external Internet IP or hostname), it is analogous to listening for UDP connections.

Here is for example how to bind and listen for TCP connections on all available Interface IPs (localhost, eth0, eth1, eth2 etc.)
 

nc -lv 0.0.0.0 12345

Then on client host test the connection with

nc -vv 192.168.0.103 12345
Connection to 192.168.0.103 12345 port [tcp/*] succeeded!

8. Proxying traffic with netcat


Another famous hackers use of Netcat is its proxying possibility, to proxy anything towards a third party application with UNIX so any content returned be printed out on the listening nc spawned daemon like process.
For example one application is traffic SMTP (Mail traffic) with netcat, below is example of how to proxy traffic from Host B -> Host C (in that case the yandex current mail server mx.yandex.ru)

linux-srv:~# nc -l 12543 | nc mx.yandex.ru 25


Now go to Host A or any host that has TCP/IP protocol access to port 12543 on proxy-host Host B (linux-srv) and connect to it on 12543 with another netcat or telnet.

to make netcat keep connecting to yandex.ru MX (Mail Exchange) server you can run it in a small never ending bash shell while loop, like so:

linux-srv:~# while :; do nc -l 12543 | nc mx.yandex.ru 25; done


 Below are screenshots of a connection handshake between Host B (linux-srv) proxy host and Host A (the end client connecting) and Host C (mx.yandex.ru).

host-B-running-as-a-proxy-daemon-towards-Host-C-yandex-mail-exchange-server

Host B netcat as a (Proxy)

Host-A-Linux-client-connection-handshake-to-proxy-server-with-netcat
that is possible in combination of UNIX and named pipes (for more on Named pipes check my previous article simple linux logging with named pipes), here is how to run a single netcat version to proxy any traffic in a similar way as the good old tinyproxy.

On Proxy host create the pipe and pass the incoming traffic towards google.com and write back any output received back in the named pipe.
 

# mkfifo backpipe
# nc -l 8080 0<backpipe | nc www.google.com 80 1>backpipe

Other useful netcat proxy set-up is to simulate a network connectivity failures.

For instance, if server:port on TCP 1080 is the normal host application would connect to, you can to set up a forward proxy from port 2080 with

    nc -L server:1080 2080

then set-up and run the application to connect to localhost:2080 (nc proxy port)

    /path/to/application_bin –server=localhost –port=2080

Now application is connected to localhost:2080, which is forwarded to server:1080 through netcat. To simulate a network connectivity failure, just kill the netcat proxy and check the logs of application_bin.

Using netcat as a bind shell (make any local program / process listen and deliver via nc)

netcat can be used to make any local program that can receive input and send output to a server, this use is perhaps little known by the junior sysadmin, but a favourite use of l337 h4x0rs who use it to spawn shells on remote servers or to make connect back shell. The option to do so is -e

-e – option spawns the executable with its input and output redirected via network socket.

One of the most famous use of binding a local OS program to listen and receive / send content is by
making netcat as a bind server for local /bin/bash shell.

Here is how

nc -l -p 4321 -e /bin/sh


If necessery specify the bind hostname after -l. Then from any client connect to 4321 (and if it is opened) you will gain a shell with the user with which above netcat command was run. Note that many modern distribution versions such as Debian / Fedora / SuSE Linux's netcat binary is compiled without the -e option (this works only when compiled with -DGAPING_SECURITY_HOLE), removal in this distros is because option is potentially opening a security hole on the system.

If you're interested further on few of the methods how modern hackers bind new backdoor shell or connect back shell, check out Spawning real tty shells article.

For more complex things you might want to check also socat (SOcket CAT) – multipurpose relay for bidirectional data transfer under Linux.
socat is a great Linux Linux / UNIX TCP port forwarder tool similar holding the same spirit and functionality of netcat plus many, many more.
 

On some of the many other UNIX operating systems that are lacking netcat or nc / netcat commands can't be invoked a similar utilitiesthat should be checked for and used instead are:

ncat, pnetcat, socat, sock, socket, sbd

To use nmap's ncat to spawn a shell for example that allows up to 3 connections and listens for connects only from 192.168.0.0/24 network on port 8081:

ncat –exec "/bin/bash" –max-conns 3 –allow 192.168.0.0/24 -l 8081 –keep-open

9. Copying files over network with netcat


Another good hack often used by hackers to copy files between 2 servers Server1 and Server2 who doesn't have any kind of FTP / SCP / SFTP / SSH / SVN / GIT or any kind of Web copy support service – i.e. servers only used as a Database systems that are behind a paranoid sysadmin firewall is copying files between two servers with netcat.

On Server2 (the Machine on which you want to store the file)
 

nc -lp 2323 > files-archive-to-copy.tar.gz


On server1 (the Machine from where file is copied) run:
 

nc -w 5 server2.example.com 2323 < files-archive-to-copy.tar.gz

Note that the downside of such transfers with netcat is data transferred is unencrypted so any one with even a simple network sniffer or packet analyzier such as iptraf or tcpdump could capture the file, so make sure the file doesn't contain sensitive data such as passwords.

Copying partition images like that is perhaps best way to get disk images from a big server onto a NAS (when you can't plug the NAS into the server).
 

10. Copying piped archived directory files with netcat

On computer A:

export ARIBTRARY_PORT=3232
nc -l $ARBITRARY_PORT | tar vzxf –

On Computer B:

tar vzcf – files_or_directories | nc computer_a $ARBITRARY_PORT

11. Creating a one page webserver with netcat and ncat


As netcat could listen to port and print content of a file, it can be set-up with a bit of bash shell scripting to serve
as a one page webserver, or even combined with some perl scripting and bash to create a multi-serve page webserver if needed.

To make netact serve a page to any connected client run in a screen / tmux session following code:

while true; do nc -l -p 80 -q 1 < somepage.html; done

Another interesting fun example if you have installed ncat (is a small web server that connects current time on server on connect).
 

ncat -lkp 8080 –sh-exec 'echo -ne "HTTP/1.0 200 OK\r\n\r\nThe date is "; date;'

12. Cloning Hard disk partitions with netcat


rsync is a common tool used to clone hard disk partitions over network. However if rsync is not installed on a server and netcat is there you can use it instead, lets say we want to clone /dev/sdb
from Server1 to Server2 assuming (Server1 has a configured working Local or Internet connection).

On Server2 run:
 

nc -l -p 4321 | dd of=/dev/sdb

Following on Server2 to start the Partition / HDD cloning process run

dd if=/dev/sdb | nc 192.168.0.88 4321


Where 192.168.0.88 is the IP address listen configured on Server2 (in case you don't know it, check the listening IP to access with /sbin/ifconfig).

Next you have to wait for some short or long time depending on the partiiton or Hard drive, number of files / directories and allocated disk / partition size.

To clone /dev/sda (a main partiiton) from Server1 to Server2 first requirement is that it is not mounted, thus to have it unmounted on a system assuming you have physical access to the host, you can boot some LiveCD Linux distribution such as Knoppix Live CD on Server1, manually set-up networking with ifconfig or grab an IP via DHCP from the central DHCP server and repeat above example.


Happy netcating 🙂

Trip to Shipka Peak,Sopot and 3rd of March Liberation of Bulgaria from Turkish Slavery 1878

Sunday, March 6th, 2016

Shipka_memorial_stone-of-Russian-Turkish-war-and-liberation-of-Bulgaria

Its 3rd of March for one more year, (Bulgaria Independence Day), the Liberation of Bulgaria from Turkish Slavery.
Eternal Glory be to all Bulgarians, Russian, Ukrainian, Belarusian, Romanian, Finish, Serbian and Moldovans and All Russian army Soldiers (Eastern Orthodox Christians) who fall fighting for the liberty of  my homeland Bulgaria!

3rd of March is Biggest and perhaps brightest among all the feasts of new history of Bulgaria because on 3-rd of March 1878 San Stefano Treaty (peace contract) between Russian Empire and Ottoman Empire.
My homeland Bulgaria was enslaved under the yoke of Turkish Empire from 1393 (when it fall under Ottoman Slavery) to 1878 received independence and Bulgaria as a country was rebuild for 3rd time (The 3rd Bulgarian Kingdom) arised.

San Stefano's Treaty The treaty created the Principality of Bulgaria with a territory including current territory of Bulgaria plus the Macedonia region (nowadays country of Macedonia) which has historically been most of the time part of Bulgarian Empire and Bulgarian country which at  the time of signing the treaty was mainly populated with Bulgarians. Later the Berlin contract revisioned San-Stefano Treaty because the countries of power at the day didn't wanted such a big country at the heart of Europe.

3rd of March has a very special way of  celebration especially at the places where there was battles between the side of Russian Empire (Ukrainians, Moldovans, Belarusians, Finnish) with the help of  few hundred thousands of Bulgarians, Romanian, Serbians has fought and defeated heroically the Turkish Army – which at the time was better equipped and more numerous than the Russian / Bulgarian and other ally soldiers, but as the saying goes The Power is not in the Multitude but in God alone, so the almost 494 397 soldiers army of Turkish Empire was defeated by just collectively 312  thousands of Russian, Bulgarians and other Christian allies.
This year here in Bulgaria we celebrate 138 years since liberation of Bulgaria from Turkish Slavery, so for one more year, we enjoy freedom from the darkness of economic and religious Turkish slavery.

In the war most of the soldiers that took participation had been Eastern Orthodox Christians so it could be said the war was almost a war of Faiths – On one side All Eastern Orthodox believers and on other Muslims.
The Turkish-Russian war (1877-1878) is hence absolutely epochal and becomes a good history lesson to look back to especially with the latest exarcebation of relations between Russia and Turkey.

The war had been disadvantageous at a certain time and there was a high chances that the Eastern Orthodox armies could have been defeated if it wasn't the heroic win of the Battle for Shipka Peak where about 35000 well equipped Turkish soldiers were defeated by just 5500 mostly Bulgarians and some  Russians.

Shipka-Ottoman-Turkish-fighting-with-Bulgarian-and-Russian-armies-on-Shipka

The Bulgarian and Russian armies has been fortified themselves and has severely fought for 3 days while on Shipka peak with some old fashined battle guns and some old riffles (many of which self produced) and insufficiency of ammos.
The Bulgarians didn't have any food so kept hungry for 3 days while being under a siege of the Ottoman, when they run out of Ammos, the only way to fight was to catch stones and throw over the enemy, when the stones were over, they started picking up the dead bodies of other mates and through over Turkish enemy.

The Bulgarian poet, publicist and Romanist Ivan Vazov has written a glorious poem being inspired by the heroism called "Epic of the Forgotten / Opylchencite na Shipka"
which occured in July / August and September 1877.

Shipka_Bulgarian_turkish-slavery-liberation_memorial_stone
Some years ago I had the chance to visit the Shipka  Monastery and the Majestic Russian Church nearby Shipka  but not until this year I haven't been on the Shipka peak itself nearby the battles where a majestic central majestic monument was build as a memorial stone and few other little memorial stones were build by the Russian Tsarist Army.

Memorial_stone-Shipka-Alexander_II_emperor-of-Russia

Memorial Russian Stone build in honour of the fallen Russian, Moldovian, Belarusian and Ukrainian for the Liberty of the Brotherly slavonic nation.

The stone depicts the Byzantine Empire Eagle (coat of arms) adopted by Russian Empire after fall of Byzantium and a memorial note in honor of Russian Emperor Tsardom Alexander (Nikolaevich) II.

This year by God's grace I had a chance to visit also the central monument stone exactly on 3rd of March as a friend of mine Pavel with his wife Ivanka had already planned a Trip to Shipka for the feast and they didn't objected to join them and visit Shipka Peak.
The monument of Shipka started on 1922 and completed in 1930, the monument was first officially opened in 1934 on top of the entrance of Shipka monument is an enormous bronze Lion (which is a Symbol of Bulgaria and also a symbol of Juda the tribe from which the Saviour God-Man Jesus Christ descended by flesh bloodline. The 3 writtings on the monumentum Shipka, Stara Zagora, Sheinovo are written to commemorate the great battles for liberation that occured on that 3 places.  Traditionally each year since 1934, there is our Eastern Orthodox prayer (Moleben) for the fallen in the fights and great feasts gatherings with Bulgarian and other country officials and a lot of people from VMRO (a nationalist organization), Voini na Tangra (Tangra Warriors) and many mostly nationalists and patriots. It is curious fact that Putin visited Shipka on 3rd of March 2003.

 

We travelled from Sofia to Shipka quite early in the morning 5:45 morning in order to escape the traffic jams and drived to there about 250 km with a short break on an oil station.
Being there nearby the village we had to wait on a long queue with cars of other people going for the Shipka feast and after some 50 mins of jam, we finally parked because it was already impossible to continue because of the multitude of parked cars all around the road.
From there we had to walk about 8 kilometers climb up the mountain as Shipka peak is about 1326 metres high.
Normal way was in a asphalt car road, but as there was many cars going back and forth and the air there was quite dirty after about 2 km we catched alternative wild route through some mountain paths.

God had been good to us these day as even though it is still the end of Winter in Bulgaria and usually March is a cold month the day was Sunny and Warm and there was no rain at all, this was a big grace to us and all of the tens of thousands of people all around …

Being there we entered the monumentum which happens to also be a 4 staged museum with some beautiful monuments inside.

Shipka-Marble-Sarcophagus-with-bones-leftovers-of-Shipka-Heroes-thanks-to-which-Bulgaria-is-free

Sacrophagus with Bone Remains of Soldiers fallen for the Victory of Bulgarian-Russian Brotherly armies on Shipka

Then we had a walk back the road fallowing the 892 steps down from the monumentum to the asphalt road leading back to Shipka village.

Shipka_890-steps-down-the-peak-liberation-monumentum

Going down the stairs from Shipka there are plenty of Souvenirs being sold some Fast Food vans selling coffee, beer sausages and burgers so we took Karnache-ta with Bread (which is a kind of traditional famous Bulgarian hunter sausage) 🙂

Having a kind of dinner we travelled back and went to see the Majestic Russian Church built from 1882 and sanctified in 1902. The Church Crypt (containing also bones of the dead soldiers who left their bones for our freedom), the Church was build with donations from Russians and contains at the moment also a lot of Holy Relics of Eastern Orthodox saints and thus is a great destination for pilgrimage.

memorial-Russian-Church-of-soldiers-fallen-for-liberation-of-Bulgaria

We wanted to sleep in a hotel or a guest house in Shipka but because of the feast everything was already occupied so we travelled to nearby famous Bulgarian revolutionary city Sopot (which is famous for being a very central for the Bulgarian liberation movement of Vasil Levsky) and most importantly the birth place of the patriarch of Bulgarian literature and probably the best poetries, romanist and publicist of Bulgaria of all times Ivan Vazov.

We had called a gues house phone and found a accomodation place to stay for the night in one of the many Guest houses in Sopot and then we our dinner in some local pub called CHICHOVCI (Uncles), nearby Sopot center church which is in famous of Saint Peter and Saint Paul.
Here is time to say that perhaps the fact everything went smoothly with finding an accomodation so easily in so late time and having such a nice dinner nearby the Church was not a coincidence, because earlier on our road back from Shipka, my wife Svetlana was teaching Pavel the Church Troparion of Saint Peter and Paul, which is in honour of st. Paul the protector saint of Pavel.

The guest house accomodation (we got the number to seek for rooms) from a Ads in front of restaurant pub of CHICHOVCI in Sopot turned to be also quite cheap 12 lv (6 eur) per person. So 2 person room costed only 12 euro. We were accomodated straigh in the beatiful crest of the mountain nearby a pine forest.
This night I slept quite peaceful, probably because the air in a small town as Sopot is crystal clear as it is in most mountain parts of our heavinly country Bulgaria.

In the morning we had a quick meal and went for a coffee and tea as we have the custom to do here in Bulgaria mornings on free days in a small but cozy coffee place.

saint_Peter-and-Paul-Church-Sopot

From then on we took some food for a lunch Duners from nearby and went to see the St. Paul, St. Peter church.
The Church is from y. 1840 and is in its authentic form and had plenty of old 100+ years Eastern Orthodox icons and the Christ Grace inside is so heavy. The central icon of the Church in honour of Saint Paul and Peter is considered miraculous and has an all time unexplainable heavy scent.

saint-Peter-and-Paul-church-inside-interior-Sopot

Our next destination was the Museum birth house of Ivan Vazov author of the most famous Bulgarian novel after liberation "Pod Igoto / Under the Yoke", which illustrates very precisely the way of life of common Bulgarian before and throughout the efforts to organize inside bulgaria, liberation war and struggles of Bulgarian ordinary people because of the inhuman Ottoman Turkish enslavers.

Sopot-Ivan-Vazov-monument

As you see behind the monument in remembrance of Vazov, Sopot's mountains and nature just like Shipka's is amazingly beatiful.

Ivan-Vazov-birth-house-the-most-famous-Bulgarian-novelist

Vazov's house is a great place for anyone who wants to go back in time with 130 years back in time and see the way rich Bulgarians housed used to look like, what were people working, what was the common interior of a Bulgarian house for that time as well as many specifics about the glorious (intellectuals) family of Vazov, two of his brothers (Georgi Vazov and Vladimir Vazov), studied in Russian Empire and were succesful and famous Generals in Bulgarian army, where Boris Vazov was famous politician.
Nearby Sopot, there is a special lift for paraglinding and is a famous destination for paragliding very near I heard there is monastery Sveti Spas (Holy Saviour).

Unfortunately this time the time was short and we had to go back so we couldn't visit the monastery, but I'm determined to go there in Sopot / Shipka and nearby hopefully soon in some of coming next holidays – if God bless so.

Bulgaria Top outsource destination – 5th in the World and 2nd in Europe in list of best countries to outsource business to

Thursday, December 19th, 2013

why outsource in bulgaria bulgaria 5th in world and second in europe in outsourcing1

I was stunned today to find out my countryland Bulgaria is 2nd in Europe and 5th in the world in terms of most attractive outsourcing destination according to BTA (Bulgarian News Agency).
Bulgaria is ordering 5th after, India, Indonesia, Estonia and Singapore. The ranking of most attractive destination is based on factors;

  • General Competitiveness of Labor cost Worldwide
  • Eligibility of Workhand
  • Multilingual English speaking population (mainly young people)
  • Expertised highly educated people
  • Very Low Taxes (if compared to "developed" European countries)
  • Decreased transportation costs (produc transportation to Europe is generally cheap)
  • Internet bandwidth speed and high bandwidth connectiveness to worldwide Trade Markets

All this opens a big opportunity for economy development and inflush of fresh-money from outsourced jobs. Due to higher and European standard level of education in Bulgaria, the workhand pool in Bulgaria is usually more knowledgeable and better in quality if compared to rest of 3rd world countries India, Indonesia, Sinagopore etc. Bulgaria has generally good infrastructure and offers easy transportation of people and resources, something not so well developed yet in lets say India or Indonesia. Therefore opportunities for further development in Bulgaria as a leading outsource center in Europe are immerse in the coming 10 years. So far big companies who already realized the great Bulgaria potential like Comverse, HP, IBM etc. started actively hire people in Bulgaria and outsource their businesses but this mainly happens in Sofia.

bulgaria top business destionation for outsourcing 5th in world and 2nd in europe for outsourcing

The trend in long run however is that European leading companies start outsource in smaller cities and towns as well. Right now most prepared personal ready for outsourcing in Bulgaria is in field of Information Technologies, Electronics, Marketing, Transportation Equipment, Business Management, Chemical Industry, Food & Bevarage and Logistics. General outsourcing trend is more and more people working in not high qualitified labor to enter the market of out-sourcing. There are plenty of companies already in Bulgaria involved in textile (clothes) industry offering their cheap and high quality workhand to large external multinational companies like Zara, H & M , Versace etc.

Currently Bulgaria is considered the poorest countries in the European Union with the shocking minimal wage of 310 leva about (155 EUR) and avarage monthly sallary of 812 leva (406 EUR) monthly. The cheapness of Bulgaria is still unidentified gold field ignored by many Western Multinational companies. Outsourcing in Bulgaria has great advantages for European Countries based companies in terms of product logistics as product transportation cost and taxation within the European Union are very cheap if compared to rest of top non-EU outsourcing countries. Due to оbviously advantegous conditions in Bulgaria there are plenty of companies in Bulgaria already specialised in auditing outsourcing business risks and planning steps a company could partake to outsource its business in BG. Current Bulgarian government is making further attempts to relieve country's conditions to attract new business investors by 'Simplifying country's business registration and operations administration requirements and fostering better business environment' as said recently by second minister of economics Krasin Dimitrov in recent business forum "Opportunities and Challanges in Business Process Outsourcing (BPO) and Shared Service Centers (SSC) in Bulgaria"

Use rsync to copy from files from destination host to source host (rsync reverse copy) / few words on rsync

Monday, January 9th, 2012

I've recently had to set up a backup system to synchronize backup archive files between two remote servers and as I do usually with this situation I just set up a crontab job to periodically execute rsync to copy data from source server to the destination server . Copying SRC to DEST is the default behaviour rsync uses, however in this case I had to copy from the destination server to the source server host (in other words sync files the reversely.

The usual way to copy with rsync via SSH (from SRC to DEST) is using a cmd line like:

debian:~$ /usr/bin/rsync -avz -e ssh backup-user@xxx.xxx.xxx.xxx:/home/backup-user/my-directory .

Where the xxx.xxx.xxx.xxx is my remote server IP with which files are synched.
According to rsync manual, the proposed docs SYNOPSIS is in the format;
Local: rsync [OPTION…] SRC… [DEST

Obviusly the default way to use rsync is to copy source to destination which I used until now, but in this case I had to the other way around and copy files from a destination host to the source server. It was logical that swapping the SRC and DEST would complete my required task. Anyways I consulted with some rsync gurus in irc.freenode.net , just to make sure it is proper to just swap the SRC, DEST arguments.
I was told this is possible, so I swapped args;

debian:~$ /usr/bin/rsync -avz -e ssh . backup-user@xxx.xxx.xxx.xxx:/home/backup-user/my-directory
...

Surprisingly this worked 😉 Anyways I was adviced by by a good guy nick named scheel , that putting -e ssh to command line is generally unnecessery except if there is no some uncommon used SSH port over which the data is transferred. An example case in which -e 'ssh is necessery would be if transferring via lets say SSH port 1234;

rsync -avz -e 'ssh -p1234' /source user@host:/dest

In all other cases omitting '-e ssh' is better as '-e ssh' is rsync default. Therefore my final swapped line I put in cron to copy from a destinatio to source host with rsync looked like so:

05 03 2 * * /usr/bin/ionice -c 3 /usr/bin/rsync -avz my-directory backup-user@xxx.xxx.xxx.xxx:/home/backup-user/ >/dev/null 2>&1