Wednesday, December 22, 2010
Monday, December 20, 2010
Saturday, December 18, 2010
Butter rum recipe
Ingredients:
Mug of hot water
tab of butter
clove (whole cloves preffered)
table spoon (to taste) brown sugar
optional vanilla extract
meyer's dark rum
place butter, clove, sugar, vanilla & rum into mug.
bring the water to near boil then pour into mug and stir.
Enjoy!
Mug of hot water
tab of butter
clove (whole cloves preffered)
table spoon (to taste) brown sugar
optional vanilla extract
meyer's dark rum
place butter, clove, sugar, vanilla & rum into mug.
bring the water to near boil then pour into mug and stir.
Enjoy!
Why not store VMware vm data in DNS?
Why add yet another layer of database management to the IT work place? Store information that supports VM's in DNS ...
Mac stuff
To install MAC OS X you need the install DVD.
Place the DVD into the system.
Reboot the system and hold down the 'c' key.
The system should boot from the DVD.
Next follow on screen instructions.
Place the DVD into the system.
Reboot the system and hold down the 'c' key.
The system should boot from the DVD.
Next follow on screen instructions.
Thursday, December 09, 2010
How to see constraints in oracle database
red@red_dev> desc all_constraints;
Name Null? Type
----------------- -------- ------------
OWNER NOT NULL VARCHAR2(30)
CONSTRAINT_NAME NOT NULL VARCHAR2(30)
CONSTRAINT_TYPE NULL VARCHAR2(1)
TABLE_NAME NOT NULL VARCHAR2(30)
SEARCH_CONDITION NULL LONG
R_OWNER NULL VARCHAR2(30)
R_CONSTRAINT_NAME NULL VARCHAR2(30)
DELETE_RULE NULL VARCHAR2(9)
STATUS NULL VARCHAR2(8)
DEFERRABLE NULL VARCHAR2(14)
DEFERRED NULL VARCHAR2(9)
VALIDATED NULL VARCHAR2(13)
GENERATED NULL VARCHAR2(14)
BAD NULL VARCHAR2(3)
RELY NULL VARCHAR2(4)
LAST_CHANGE NULL DATE
INDEX_OWNER NULL VARCHAR2(30)
INDEX_NAME NULL VARCHAR2(30)
INVALID NULL VARCHAR2(7)
VIEW_RELATED NULL VARCHAR2(14)
Monday, December 06, 2010
[ProFTPD-announce] ProFTPD ftp.proftpd.org compromise
http://marc.info/?l=proftpd-announce&m=129124765606322
ProFTPD Compromise Report On Sunday, the 28th of November 2010 around 20:00 UTC the main distribution server of the ProFTPD project was compromised. The attackers most likely used an unpatched security issue in the FTP daemon to gain access to the server and used their privileges to replace the source files for ProFTPD 1.3.3c with a version which contained a backdoor. The unauthorized modification of the source code was noticed by Daniel Austin and relayed to the ProFTPD project by Jeroen Geilman on Wednesday, December 1 and fixed shortly afterwards. The fact that the server acted as the main FTP site for the ProFTPD project (ftp.proftpd.org) as well as the rsync distribution server (rsync.proftpd.org) for all ProFTPD mirror servers means that anyone who downloaded ProFTPD 1.3.3c from one of the official mirrors from 2010-11-28 to 2010-12-02 will most likely be affected by the problem. The backdoor introduced by the attackers allows unauthenticated users remote root access to systems which run the maliciously modified version of the ProFTPD daemon. Users are strongly advised to check systems running the affected code for security compromises and compile/run a known good version of the code. To verify the integrity of the source files, use the GPG signatures available on the FTP servers as well on the ProFTPD homepage at: http://www.proftpd.org/md5_pgp.html.
Friday, November 26, 2010
Using DNS to play chess?
Using DNS to play chess? Or any games really. You can think of any game as a tree data structure. Each move is a branch of the tree. All the possible moves could be stored in DNS.
Sunday, November 21, 2010
Getting E3000 Storage mount on ubuntu
I connected a 2TB Western Digital MyBook to my E3000 linksys router.
I did have a ext3 filesystem on the mybook but the E3000 only supports FAT filesystem (lame linksys)
so I had to reform the disk using the router configuration web UI.
Once I did that I tested the connection to the drive from my Windows XP system. For some reason I could not connect the drive as admin so I again used the router's web UI to add an user and set the password for this new user. Again add another lamo point to the linksys's lame score.
Now I want to get the drive mount on my ubuntu server so I will attempt to follow the instructions from here:
https://help.ubuntu.com/community/MountWindowsSharesPermanently
And it turns out that since E3000 only supports FAT FS I cannot backup files from my ubuntu server with rsync MAJOR SAD FACE AND LAME ON LINKSYS!!! The harddrive connected to my router is COMPLETELY USELESS TO ME!!!
I did have a ext3 filesystem on the mybook but the E3000 only supports FAT filesystem (lame linksys)
so I had to reform the disk using the router configuration web UI.
Once I did that I tested the connection to the drive from my Windows XP system. For some reason I could not connect the drive as admin so I again used the router's web UI to add an user and set the password for this new user. Again add another lamo point to the linksys's lame score.
Now I want to get the drive mount on my ubuntu server so I will attempt to follow the instructions from here:
https://help.ubuntu.com/community/MountWindowsSharesPermanently
- sudo apt-get install smbfs
- I skipped the nit about unmount order
- I already have a group that I want to access the drive 'cricket' with gid 305
- Create .smbcredentials file like so ...
red@ubuntu:~$ cd
red@ubuntu:~$ cat > ..smbcredentials <<EOT
> username=harddrive
> password=12345678
> EOT
red@ubuntu:~$ sudo chown root .smbcredentials* harddrive is the user I created with the E3000's web UI
red@ubuntu:~$ sudo chmod 600 .smbcredentials
- edit fstab like so ...
red@ubuntu:~$ cd /etcAnd Wall - ah ...
red@ubuntu:/etc$ sudo cp fstab fstab.no_share
red@ubuntu:/etc$ sudo vim fstab
wee@ubuntu:/etc$ diff fstab fstab.no_share
28d27
< //192.168.1.1/public /mnt/nfs smbfs credentials=/home/red/.smbcredentials,uid=1000,gid=305 0 0
red@ubuntu:/etc$ sudo mount -a
red@ubuntu:/etc$ df
Filesystem 1K-blocks Used Available Use% Mounted on
...
//192.168.1.1/public 1952344512 96 1952344416 1% /mnt/nfs
And it turns out that since E3000 only supports FAT FS I cannot backup files from my ubuntu server with rsync MAJOR SAD FACE AND LAME ON LINKSYS!!! The harddrive connected to my router is COMPLETELY USELESS TO ME!!!
Thursday, November 18, 2010
Verify Child KSK and DS hash
On Sat, 13 Nov 2010, Osterweil, Eric wrote:
> Hey everyone,
>
> Sorry to be Johnny-come-lately to this thread, but for anyone [else] who is trying to get DS records for
> dnskeys, the dnskey-grab utility in Vantages can also do that (as of version 0.8.8b) w/ a "-d" flag. For
> example:
Okay, and after a weekend of experimentation, I've got your original
request, using openssl. I think it's important to be able to do this with
standard command line tools, and I think it's critical for adoption for
people to be able to peek under the hood. I might find it fun to make a
web-version of this that jumps through this, step by step, as a learning
and teaching aid.
Anyway,
The thing you're sha'ing is going to be a concatenation of:
1) the wire-format of the owner name + flags , proto and algo in hex + a
binary dump of the rdata of the DNSKEY record.
1a) The wire-format of a name is: each label, preceded with a binary
length identifier, terminated by 0x00 (additional parsing is required for
non-printing characters, not covered here.)
printf "\03isc\03org\00" > /tmp/some.file
2) while I could parse the DNSKEY to extract "257 3 5", I know that it
translates in hex to 0x01, 0x01, 0x03, 0x05 (writing additional parsing
code is left as an exercise for the reader.)
printf "\01\01\03\05" >> /tmp/some.file
3) I used the following snippet of shell to extract the RDATA and
translate it to binary:
dig isc.org DNSKEY | grep 257 | cut -f 6 | sed s/257\ 3\ 5\ //g | sed
s/\ //g | openssl enc -d -base64 -A >> /tmp/some.file
Note that some fields in the output of dig are tab-separated, some are
space separated. I'm using BSD, your "cut" utility may differ. Note also
that for just verifying this in a manual fashion, I could do it with
cut-and-paste of the rdata.
4) We put it all together, and hash the file we created.
%cat /tmp/some.file | openssl sha1 | awk '{print toupper($1)}'
982113D08B4C6A1D9F6AEE1E2237AE
(without the awk bit it's still totally possible to verify visually)
And compare it with:
%dig +short isc.org DS
%cat /tmp/some.file | openssl dgst -sha256 | awk '{print toupper($1)}'
F1E184C0E1D615D20EB3C223ACED3B
To actually look at the file, you might want a tool like "hexdump" or
"xxd", which will nicely print out the hex format. (xxd will also show
the printables), but you can clearly see the bits we've put into it.
Hope this helps, it's been great fun to figure out.
-Dan
> Hey everyone,
>
> Sorry to be Johnny-come-lately to this thread, but for anyone [else] who is trying to get DS records for
> dnskeys, the dnskey-grab utility in Vantages can also do that (as of version 0.8.8b) w/ a "-d" flag. For
> example:
Okay, and after a weekend of experimentation, I've got your original
request, using openssl. I think it's important to be able to do this with
standard command line tools, and I think it's critical for adoption for
people to be able to peek under the hood. I might find it fun to make a
web-version of this that jumps through this, step by step, as a learning
and teaching aid.
Anyway,
The thing you're sha'ing is going to be a concatenation of:
1) the wire-format of the owner name + flags , proto and algo in hex + a
binary dump of the rdata of the DNSKEY record.
1a) The wire-format of a name is: each label, preceded with a binary
length identifier, terminated by 0x00 (additional parsing is required for
non-printing characters, not covered here.)
printf "\03isc\03org\00" > /tmp/some.file
2) while I could parse the DNSKEY to extract "257 3 5", I know that it
translates in hex to 0x01, 0x01, 0x03, 0x05 (writing additional parsing
code is left as an exercise for the reader.)
printf "\01\01\03\05" >> /tmp/some.file
3) I used the following snippet of shell to extract the RDATA and
translate it to binary:
dig isc.org DNSKEY | grep 257 | cut -f 6 | sed s/257\ 3\ 5\ //g | sed
s/\ //g | openssl enc -d -base64 -A >> /tmp/some.file
Note that some fields in the output of dig are tab-separated, some are
space separated. I'm using BSD, your "cut" utility may differ. Note also
that for just verifying this in a manual fashion, I could do it with
cut-and-paste of the rdata.
4) We put it all together, and hash the file we created.
%cat /tmp/some.file | openssl sha1 | awk '{print toupper($1)}'
982113D08B4C6A1D9F6AEE1E2237AE
(without the awk bit it's still totally possible to verify visually)
And compare it with:
%dig +short isc.org DS
12892 5 1 982113D08B4C6A1D9F6AEE1E2237AE
12892 5 2 F1E184C0E1D615D20EB3C223ACED3B
E18DA6B5
If you have a recent openssl, you can also do sha256 to verify the other:12892 5 2 F1E184C0E1D615D20EB3C223ACED3B
E18DA6B5
%cat /tmp/some.file | openssl dgst -sha256 | awk '{print toupper($1)}'
F1E184C0E1D615D20EB3C223ACED3B
To actually look at the file, you might want a tool like "hexdump" or
"xxd", which will nicely print out the hex format. (xxd will also show
the printables), but you can clearly see the bits we've put into it.
Hope this helps, it's been great fun to figure out.
-Dan
Wednesday, November 17, 2010
rndc addzone in bind 9.7*
This is mentioned in this blog ...
http://blog.fupps.com/2010/10/04/dynamically-add-zones-to-bind-with-rndc-addzone/
... I wanted to leave a comment but that feature appears to be broken. So I will comment here:
I think the rndc addzone feature would be nice but it would extra nice if there was an named.conf.jnl that would get created and if one wanted the change to permanent one could "flush or sync" the named.conf.jnl file the named.conf. say maybe "rndc named.conf sync" or something like that.
http://blog.fupps.com/2010/10/04/dynamically-add-zones-to-bind-with-rndc-addzone/
... I wanted to leave a comment but that feature appears to be broken. So I will comment here:
I think the rndc addzone feature would be nice but it would extra nice if there was an named.conf.jnl that would get created and if one wanted the change to permanent one could "flush or sync" the named.conf.jnl file the named.conf. say maybe "rndc named.conf sync" or something like that.
Sunday, November 14, 2010
Verifying Child Zone KSK with command line tools ...
red@cricket:~$ dig +dnssec DNSKEY isc.org. | grep 257 | cut -f1,4- | \
sed -e's/\t/ /g' > Kisc.org.005.12892.key
red@cricket:~$ /usr/local/sbin/dnssec-dsfromkey Kisc.org.005.12892.key
isc.org. IN DS 12892 5 1 982113D08B4C6A1D9F6AEE1E2237AEF69F3F9759
isc.org. IN DS 12892 5 2
F1E184C0E1D615D20EB3C223ACED3B03C773DD952D5F0EB5C777586D E18DA6B5
red@cricket:~$ dig +short isc.org DS
12892 5 1 982113D08B4C6A1D9F6AEE1E2237AEF69F3F9759
12892 5 2 F1E184C0E1D615D20EB3C223ACED3B03C773DD952D5F0EB5C777586D E18DA6B5
http://dnssec-deployment.org/pipermail/dnssec-deployment/2010-November/004642.html
Monday, November 08, 2010
CISSP Certification
Cisco offers CISSP Certification
http://en.wikipedia.org/wiki/Certified_Information_Systems_Security_Professional
http://en.wikipedia.org/wiki/Certified_Information_Systems_Security_Professional
Checking for source-port randomization to prevent Kaminsky cache poisoning vulnerability
Do digs like this ...
dig @example.com +short porttest.dns-oarc.net TXT
"127.0.0.1 is GREAT: 26 queries in 2.6 seconds from 26 ports with std dev 19493"
Saturday, November 06, 2010
more chaos net digs (authors.bind)
[red@localhost spool]$ dig +dnssec authors.bind txt chaos @sfba.sns-pb.isc.org
; <<>> DiG 9.3.4 <<>> +dnssec authors.bind txt chaos @sfba.sns-pb.isc.org
; (2 servers found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55354
;; flags: qr aa rd; QUERY: 1, ANSWER: 12, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 4096
;; QUESTION SECTION:
;authors.bind. CH TXT
;; ANSWER SECTION:
authors.bind. 0 CH TXT "Danny Mayer"
authors.bind. 0 CH TXT "Damien Neil"
authors.bind. 0 CH TXT "Matt Nelson"
authors.bind. 0 CH TXT "Michael Sawyer"
authors.bind. 0 CH TXT "Brian Wellington"
authors.bind. 0 CH TXT "Mark Andrews"
authors.bind. 0 CH TXT "James Brister"
authors.bind. 0 CH TXT "Ben Cottrell"
authors.bind. 0 CH TXT "Michael Graff"
authors.bind. 0 CH TXT "Andreas Gustafsson"
authors.bind. 0 CH TXT "Bob Halley"
authors.bind. 0 CH TXT "David Lawrence"
;; AUTHORITY SECTION:
authors.bind. 0 CH NS authors.bind.
;; Query time: 64 msec
;; SERVER: 149.20.64.3#53(149.20.64.3)
;; WHEN: Sat Nov 6 19:07:20 2010
;; MSG SIZE rcvd: 366
digging for bind version
[red@localhost ~]$ dig isc.org NS
; <<>> DiG 9.3.4 <<>> isc.org NS
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20945
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 2
;; QUESTION SECTION:
;isc.org. IN NS
;; ANSWER SECTION:
isc.org. 43200 IN NS ord.sns-pb.isc.org.
isc.org. 43200 IN NS ams.sns-pb.isc.org.
isc.org. 43200 IN NS sfba.sns-pb.isc.org.
isc.org. 43200 IN NS ns.isc.afilias-nst.info.
;; ADDITIONAL SECTION:
ams.sns-pb.isc.org. 43120 IN A 199.6.1.30
ord.sns-pb.isc.org. 43061 IN A 199.6.0.30
;; Query time: 24 msec
;; SERVER: 68.87.76.182#53(68.87.76.182)
;; WHEN: Sat Nov 6 19:01:23 2010
;; MSG SIZE rcvd: 156
[red@localhost ~]$ dig version.bind txt chaos @sfba.sns-pb.isc.org
; <<>> DiG 9.3.4 <<>> version.bind txt chaos @sfba.sns-pb.isc.org
; (2 servers found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18238
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;version.bind. CH TXT
;; ANSWER SECTION:
version.bind. 0 CH TXT "9.6.2"
;; AUTHORITY SECTION:
version.bind. 0 CH NS version.bind.
;; Query time: 17 msec
;; SERVER: 149.20.64.3#53(149.20.64.3)
;; WHEN: Sat Nov 6 19:01:42 2010
;; MSG SIZE rcvd: 62
Thursday, November 04, 2010
Librivox ROCKS! I just discovered this site.
http://www.librivox.org
You can even get the complete catalog here:
http://wiki.librivox.org/index.php/LibriVoxAPI
You can even get the complete catalog here:
http://wiki.librivox.org/index.php/LibriVoxAPI
DNS port Randomness Test
https://www.dns-oarc.net/oarc/services/dnsentropy
Also check this out:
Also check this out:
red@cricket-lnx:~$ dig +short porttest.dns-oarc.net TXT @red-cricket
porttest.y.x.w.v.u.t.s.r.q.p.o.n.m.l.k.j.i.h.g.f.e.d.c.b.a.pt.dns-oarc.net.
"xxx.69.2.xxx is GREAT: 26 queries in 0.2 seconds from 26 ports with std dev 20345"
Wednesday, November 03, 2010
Saturday, October 30, 2010
Friday, October 29, 2010
Thursday, October 28, 2010
Tuesday, October 26, 2010
Cracking Windows XP Passwords
http://en.wikibooks.org/wiki/Reverse_Engineering/Cracking_Windows_XP_Passwords
The Windows XP passwords are hashed using LM hash and/or NTLM hash. The hashes are stored in c:\windows\system32\config\SAM. The SAM file is encrypted using c:\windows\system32\config\system and is locked when Windows is running. To get the passwords, you need to shutdown Windows, decrypt the SAM file, and then crack the hashes. You can also obtain the hashes using other software that does not require you to turn your computer off. If everything goes well, you'll have the passwords in 15 minutes.
The SKCLONE tool will allow extracting password hashes in PWDUMP format from the live SAM and importing them to other live systems including 64 bit systems, making it a useful tool for migrating local user accounts to 64 bit windows. It does however require you to run the software as the SYSTEM account, since it will try to reach HKLM\SECURITY\SAM in the registry.
The Windows XP passwords are hashed using LM hash and/or NTLM hash. The hashes are stored in c:\windows\system32\config\SAM. The SAM file is encrypted using c:\windows\system32\config\system and is locked when Windows is running. To get the passwords, you need to shutdown Windows, decrypt the SAM file, and then crack the hashes. You can also obtain the hashes using other software that does not require you to turn your computer off. If everything goes well, you'll have the passwords in 15 minutes.
The SKCLONE tool will allow extracting password hashes in PWDUMP format from the live SAM and importing them to other live systems including 64 bit systems, making it a useful tool for migrating local user accounts to 64 bit windows. It does however require you to run the software as the SYSTEM account, since it will try to reach HKLM\SECURITY\SAM in the registry.
Monday, October 25, 2010
Friday, October 22, 2010
Perl Cannot open /tmp/tempfile.txt :Inappropriate ioctl for device
Cannot open /tmp/setup-commands_1287772931_10480 :Inappropriate ioctl for device
What's up with that?
Thursday, October 21, 2010
Wednesday, October 20, 2010
Private Address Space RFC 1918
3. Private Address Space
The Internet Assigned Numbers Authority (IANA) has reserved the
following three blocks of the IP address space for private internets:
10.0.0.0 - 10.255.255.255 (10/8 prefix)
172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
192.168.0.0 - 192.168.255.255 (192.168/16 prefix)
We will refer to the first block as "24-bit block", the second as
"20-bit block", and to the third as "16-bit" block. Note that (in
pre-CIDR notation) the first block is nothing but a single class A
network number, while the second block is a set of 16 contiguous
class B network numbers, and third block is a set of 256 contiguous
class C network numbers.
Tuesday, October 19, 2010
Woes of Apache 1.3 in the 21st Century and mod_auth_vas (fronm Quest)
First stubling block I hit is this:
This is the first google result which seems to answer my question
http://www.gjt.org/mlist/gnujsp/msg02831.html
and sure enough there are these lines in apache/src/Configuration file ...
$ /usr/local/apache/bin/apxs -q list
apxs:Error: Sorry, no DSO support for Apache available
apxs:Error: under your platform. Make sure the Apache
apxs:Error: module mod_so is compiled into your server
apxs:Error: binary `/usr/local/apache/bin/httpd'.
This is the first google result which seems to answer my question
http://www.gjt.org/mlist/gnujsp/msg02831.html
and sure enough there are these lines in apache/src/Configuration file ...
################################################################
# Dynamic Shared Object (DSO) support
#
# There is experimental support for compiling the Apache core and
# the Apache modules into dynamic shared object (DSO) files for
# maximum runtime flexibility.
#
# The Configure script currently has only limited built-in
# knowledge on how to compile these DSO files because this is
# heavily platform-dependent. The current state of supported and
# explicitly unsupported platforms can be found in the file
# "htdocs/manual/dso.html", under "Supported Platforms".
#
# For other platforms where you want to use the DSO mechanism you
# first have to make sure it supports the pragmatic dlopen()
# system call and then you have to provide the appropriate
# compiler and linker flags below to create the DSO files on your
# particular platform.
#
# The placement of the Apache core into a DSO file is triggered
# by the SHARED_CORE rule below while support for building
# individual Apache Modules as DSO files and loading them under
# runtime without recompilation is triggered by `SharedModule'
# commands. To be able to use the latter one first enable the
# module mod_so (see corresponding `AddModule' command below).
# Then enable the DSO feature for particular modules individually
# by replacing their `AddModule' command with `SharedModule' and
# change the filename extension from `.o' to `.so'.
#
# Sometimes the DSO files need to be linked against other shared
# libraries to explicitly resolve symbols from them when the
# httpd program not already contains references to them. For
# instance when buidling mod_auth_db as a DSO you need to link
# the DSO against the libdb explicity because the Apache kernel
# has no references for this library. But the problem is that
# this "chaining" is not supported on all platforms. Although one
# usually can link a DSO against another DSO without linker
# complains the linkage is not really done on these platforms.
# So, when you receive "unresolved symbol" errors under runtime
# when using the LoadModule directive for a particular module try
# to enable the SHARED_CHAIN rule below.
#CFLAGS_SHLIB=
#LD_SHLIB=
#LDFLAGS_SHLIB=
#LDFLAGS_SHLIB_EXPORT=
Rule SHARED_CORE=default
Rule SHARED_CHAIN=default
Friday, October 15, 2010
Using snmpwalk to list installed RPMs Redhat
red@cricket:~$ snmpwalk -m THING `hostname` secretstring > snmpwalk.out
red@cricket:~$ grep xman snmpwalk.out
25.6.3.1.2.93 = "net-snmp-xman-extensions-1.0-7.el5"
25.6.3.1.2.357 = "xman-bones-2.2-2.el4"
Thursday, October 14, 2010
error: Legacy syntax is unsupported: copyright
My new version of rpmbuild doesn't like the Copyright tag any more. Need to change it to license ... or better just delete the F-ing line all together.
Wednesday, October 13, 2010
Tuesday, October 12, 2010
Sunday, October 10, 2010
Never run iptables -A OUTPUT -j DROP
Never run this on your system :)
I saw this on http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch14_:_Linux_Firewalls_Using_iptables
bad advice ;)
iptables -A OUTPUT -j DROP
I saw this on http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch14_:_Linux_Firewalls_Using_iptables
bad advice ;)
Common use of "map" in Perl my @titles = map { chomp; $_ } ( );
# set name CHILDREN KIDS AUDIO BOOKS MP3 3 DVD SET
my @titles = map { chomp; $_ } ( <DATA> );
...
__DATA__
Peter Pan
Alice's Adventures in Wonderland
The Adventures of Pinocchio
Dorothy and the Wizard of Oz
The Enchanted Castle
The Burgess Animal book for Children
Little Wizard Stories of Oz
The Golden Goose Book
Five Children and It
English Fairy Tales
The Life and Adventures of Santa Claus
Anne of Green Gables
The Aesop for Children
Squirrels and other Fur-Bearers
The True Story of the 3 Little Pigs
The Secret Garden
Anne of Avonlea
American India Fairy Tales
A Little Princess
The Real Mother Goose
Thursday, October 07, 2010
What's up with amenworld.com and why are they trying to hack me?
Thu Oct 7 19:30:01 PDT 2010
Someone at wpc0287.amenworld.com has tried at least 5 times to hack into my system. Latest attempt at Thu Oct 7 15:38:28 PDT 2010.
Wednesday, October 06, 2010
guest access and E3000 linksys update
Here's is my chat with linksys support ... chat spoiler is SAD FACE no resolution other than setting router back to factory defaults:
This is the session transcript you requested for session # XXXXXXXX with Apu Nahasapeemapetilon (XXXXX) on Wednesday, October X, 2010 0:02 ?m
Apu Nahasapeemapetilon (XXXXX) has joined this session.
from Red Cricket to All Participants:
hi
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
Welcome to Live Chat Cisco Support for Linksys Products. My name is Apu Nahasapeemapetilon ( XXXXX )
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
Hi, how are you doing today?
from Red Cricket to All Participants:
ok
from Red Cricket to All Participants:
can you help me with an isssue I have
from Red Cricket to All Participants:
?
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
Could you please brief me what is the problem you are experiencing with your Linksys product?
from Red Cricket to All Participants:
well I am not able to view or change the guest connection password on my e3000 router
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
Have you installed the cisco connect software using the setup disc?
from Red Cricket to All Participants:
yes
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
Let me confirm that you are trying to disable the Guest network ?
from Red Cricket to All Participants:
?
from Red Cricket to All Participants:
what?
from Red Cricket to All Participants:
why would I do that?
from Red Cricket to All Participants:
sounds like you are going through the automated trouble shooting thing
from Red Cricket to All Participants:
I tried that
from Red Cricket to All Participants:
it sucks
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
I am not sure, what you are trying to do ?
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
So, that I can assist you properly.
from Red Cricket to All Participants:
I am trying to change the password to the guest connection
from Red Cricket to All Participants:
not disable it
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
Okay... I got it.
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
Could you please open Cisco Connect Application listed under All Programme list.
from Red Cricket to All Participants:
hold on
from Red Cricket to All Participants:
it will take a minute or two to start my windows system where I installed that
from Red Cricket to All Participants:
almost there
from Red Cricket to All Participants:
ok it is open
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
Could you please click on Router Settings
from Red Cricket to All Participants:
I do not have that link on the cisco connect application
from Red Cricket to All Participants:
this is what I see
from Red Cricket to All Participants:
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiL9jnNiJuPDPj3RFAwh-GItqRUcscva1Rmew9iBYJ2CKU17PiVyp_cBxNQpoE6kJTxhuGJZDrwFS-Tm3mllUmfd21WULq23sjTrxfX4r_zWZUsoe2sLTDakvOQzIa0eu2JigcSJsod7r8/s1600/ciscoconnect.PNG
from Red Cricket to All Participants:
The router adavanced settings have been changed
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
Click on close, and make a note of Router Name and Password, its the main network name and password to connect any wireless devices.
from Red Cricket to All Participants:
you mean the username and password?
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
That's correct.
from Red Cricket to All Participants:
ok I closed the app.
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
Now, come back to the main of Cisco Connect application and click on Guest Access.
from Red Cricket to All Participants:
I should start cisco conect again? i just closed that right?
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
Sure, please start it again.
from Red Cricket to All Participants:
ok already done
from Red Cricket to All Participants:
there is no Guest Access to click on.
from Red Cricket to All Participants:
the same thing happened
from Red Cricket to All Participants:
cisco connect says :The router advanced setting have been changed"
from Red Cricket to All Participants:
did you look at the link I posted?
from Red Cricket to All Participants:
that's what I see when I start isco con.
from Red Cricket to All Participants:
cisco conn
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
That's fine. just continue.
from Red Cricket to All Participants:
how?
from Red Cricket to All Participants:
hello
from Red Cricket to All Participants:
hello
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
Sorry for the delay...
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
Please post the image you could see ?
from Red Cricket to All Participants:
I did already but will do so again
from Red Cricket to All Participants:
please look at it this time
from Red Cricket to All Participants:
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiL9jnNiJuPDPj3RFAwh-GItqRUcscva1Rmew9iBYJ2CKU17PiVyp_cBxNQpoE6kJTxhuGJZDrwFS-Tm3mllUmfd21WULq23sjTrxfX4r_zWZUsoe2sLTDakvOQzIa0eu2JigcSJsod7r8/s1600/ciscoconnect.PNG
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
Do you remember the router name and password for the router?
from Red Cricket to All Participants:
yes
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
Please clck on Advanced Settings.
from Red Cricket to All Participants:
you mean click on "Open advance settings"?
from Red Cricket to All Participants:
sure will do
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
Yes...
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
It will prompt you for User Name and Password ?
from Red Cricket to All Participants:
There is a message and a OK and Cancel buttons
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
What's the message is ?
from Red Cricket to All Participants:
Advanced settings this is for expert use only. use these setting if you are ... Changing the advance settings can prevent you from using Cisco Connect
from Red Cricket to All Participants:
If you want to contine click ok
from Red Cricket to All Participants:
I did
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
Please say, OK we would be on the setup page ?
from Red Cricket to All Participants:
yes we are on the setup page
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
Great..
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
Please click on Wireless tab and select Manual.
from Red Cricket to All Participants:
ok done
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
Click on Wireless Security >> select Security Mode as WPA2 Personal
from Red Cricket to All Participants:
for 5GHz or 2.4Ghz
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
For both the networks.
from Red Cricket to All Participants:
Here's what I see on that tab
from Red Cricket to All Participants:
5 GHz Wireless Sec. >> Sec. Mode WPA2/WPA Mixed mode
from Red Cricket to All Participants:
passphrase mypass
from Red Cricket to All Participants:
2.4 GHz Wireless Sec.
from Red Cricket to All Participants:
sec mode wpa2/'wpa Mixied mode
from Red Cricket to All Participants:
passphrase mypass
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
Change the password of your choice, make it sure password should be same for both the networks and Save the Settings.
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
Before that select the Security mode as WPA2 Persoanal.
from Red Cricket to All Participants:
I don't understand
from Red Cricket to All Participants:
which one is the guest connection?
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
Okay.. wait...
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
I will explain you.
from Red Cricket to All Participants:
what's the differnce between 5Ghz and 2.4GHz?
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
Gusest network is functionality of Cisco Connect software.
from Red Cricket to All Participants:
ok
from Red Cricket to All Participants:
I want to change the password on my guest network
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
Its a virtual network created with the help of Cisco Connect Software, it can changed with the help of Cisco Connect software only.
.
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
As the router's settings have been changed using the advanced settings of the router.
from Red Cricket to All Participants:
ok
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
That's why we are not able to access or use Cisco Connect applicaton.
from Red Cricket to All Participants:
I know
from Red Cricket to All Participants:
I am asking for help in fixing that
from Red Cricket to All Participants:
looks like I locked the keys in the car
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
Now, to diasble or change the guest password we need to make some changes on the router and then install the Cisco Connect software again.
from Red Cricket to All Participants:
ok
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
So, please go ahead making the changes on the setup page and then we will install the cisco connect application.
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
Now, on the Wireless Security tab, you have two networks 2.4 and 5 Ghz networtk available.
from Red Cricket to All Participants:
yes
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
For both the network please select the security mode as WPA2 Personal and please wait dont save the settings.
from Red Cricket to All Participants:
does it have to WPA2 or will WPA2/WPA Mixed mode work?
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
As I already mentioned WPA2 Personal, not WPA2/WPA Mixed Mode.
from Red Cricket to All Participants:
ok
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
Now, change the password for both the network , make it sure that password should be the same for both the network.
from Red Cricket to All Participants:
can I use the password I already have set?
from Red Cricket to All Participants:
does it have to change?
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
If you change it, that will be better.
from Red Cricket to All Participants:
I will have to reconfigure all my clients
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
Okay... then keep it same.
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
Please save the settings.
from Red Cricket to All Participants:
ok
from Red Cricket to All Participants:
done
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
Click on Administration
from Red Cricket to All Participants:
ok
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
Enter the Router password and Re confirm password as similar to the wireless password we have.
Make it sure it should be the same.
from Red Cricket to All Participants:
ok
from Red Cricket to All Participants:
done
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
Now, please uninstall the previous cisco connect from your computer.
from Red Cricket to All Participants:
ok
from Red Cricket to All Participants:
let me find the install cd
from Red Cricket to All Participants:
found the cd and i am uninstalling cisco connect
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
We dont need that.
from Red Cricket to All Participants:
i will use add/remove progs in the control panel of windows
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
That's correct.
from Red Cricket to All Participants:
ok we don't need the install cd
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
Just tell me the operating system installed on your computer?
from Red Cricket to All Participants:
windows xp
from Red Cricket to All Participants:
I have uninstalled cisc conn
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
Let me confirm that you have Cisco E3000 Router ?
from Red Cricket to All Participants:
yes
from Red Cricket to All Participants:
I have the e3000
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
http://homedownloads.cisco.com/downloads/utility/Downloadable.CiscoConnect.E3000.1.2.10218.1-ship-Stable.Hotspot,0.exe
Click on the link and Save onto your desktop screen for easy access.
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
Please click on Run when its saved.
from Red Cricket to All Participants:
can you email that link to russell_cecala@yahoo.com
from Red Cricket to All Participants:
i am running the chat from my comptuer at work
from Red Cricket to All Participants:
not where I have installed the cisco conn
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
Okay...
from Red Cricket to All Participants:
thanks
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
On the top of the chat window right hand side corner you an click on the envelope icon and send this transcript it to your email id.
from Red Cricket to All Participants:
ok
from Red Cricket to All Participants:
off it goes
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
You are not able to send the email...
from Red Cricket to All Participants:
I got it downloaded
from Red Cricket to All Participants:
should I run the download?
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
Great...
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
Sure, please.
from Red Cricket to All Participants:
it is downloading updates
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
Sure, please let it do..
from Red Cricket to All Participants:
ok
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
Just follow the steps what you can see on the screen.
from Red Cricket to All Participants:
ok
from Red Cricket to All Participants:
still downloading
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
aaaaahhhh.. .
from Red Cricket to All Participants:
ok download done
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
What you can see on the screen ?
from Red Cricket to All Participants:
your router has lareday been set up ...
from Red Cricket to All Participants:
do you want to keep your current router settings and install Cisco Conn. If so have your router password ready
from Red Cricket to All Participants:
I guess I should choose yes
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
That's correct, selet yes and continue to go ahead.
from Red Cricket to All Participants:
ok back to the same old window
from Red Cricket to All Participants:
"the router advanced setting have been changed"
from Red Cricket to All Participants:
hello
from Red Cricket to All Participants:
do you know the default password for the guest access ?
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
We dont have a default password for guest password it is ranndomy created by cisco connect applicatoni.
from Red Cricket to All Participants:
well I am still locked out of the guest access
from Red Cricket to All Participants:
I guess I will have to set the router back to factory defaults and reinstall the cisco con software
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
Click on Adminstration and then Restore it to factory default option over there.
from Red Cricket to All Participants:
yeah I know. I don't have the time to do that right now
from Red Cricket to All Participants:
can't take a network outage right now
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
So, Recommed you to come back to chat sesion or call us on our phone support number 1-800-3260-7114 for furthere assistanc.e
from Red Cricket to All Participants:
ok thanks for trying
from Apu Nahasapeemapetilon (XXXXX) to All Participants:
You are most welcome.
Tuesday, October 05, 2010
Someone asked me once ...
Someone asked me once, "Do you know anything about sockets?"
I said, "Yes, they are female socks" YUK YUK YUK!
I said, "Yes, they are female socks" YUK YUK YUK!
IO::Socket: Cannot configure a generic socket
IO::Socket: Cannot configure a generic socket at ./perl_select_example.pl line 34 what a pain in the ass.
How do I fix this. Ah I should of used IO::Socket::INET (not IO::Socket).
How do I fix this. Ah I should of used IO::Socket::INET (not IO::Socket).
Monday, October 04, 2010
How do I verify that sshd is compiled and linked with PAM support.?
How do I verify that sshd is compiled and linked with PAM support.? No really how is this done? There doesn't appear to be a command line switch like a -V or something like that, that would tell what I need to know. Luckily I am running Redhat and can look at the SRC RPM's (openssh-server) spec file ... TBC
Saturday, October 02, 2010
iRenew ??? What a Crap! I'd be so embarrassed to wear one!
iRenew ??? What a Crap! I'd be so embarrassed to wear one!
Really have you seen this TV ad? https://www.buyirenew.com/
How awful!!! Would you give a job to some who would wear
something SO DUMB! If you had a job would you want anyone to
see you wearing your iRenew bracelet ?
Really have you seen this TV ad? https://www.buyirenew.com/
How awful!!! Would you give a job to some who would wear
something SO DUMB! If you had a job would you want anyone to
see you wearing your iRenew bracelet ?
Things I Still Can't Do
- E3000 Linksys - SUCKS - Why? I can't change the password on my -guest connection LAME !
- Mount DVD media on my ubuntu server 10.04.1 obvious bug. SUCKS
- Using MyBook External USB devices still a PAIN IN THE ASS! (hald SUCKS)
Just found a IBM Lenovo T50 in the e-waste recyclying at work !!!
Just found a IBM Lenovo T50 in the e-waste recycling at work !!!
Hmmm ... I found a docking station too!!! Let's have fun with ubuntu and wireless access !!!
Hmmm ... I found a docking station too!!! Let's have fun with ubuntu and wireless access !!!
DANG! Fedora 13 still downloading !!!
That's the nice thing about ubuntu! Nice, small functional installation in under 10 minutes !!!
Ventured into Perl 6 land tonight ... http://perl6.org/
http://perl6.org/ what an awesome web site !!! To bad it is not delivered via Perl 6. SAD FACE
Going to Give Fedora 13 a Go!
Going to Give Fedora 13 a Go! I like the theme (Apollo Project) The Apollo Project the crowning achievement of White America Males (still waiting for the rest of you to catch up :)
Please check it out
Please check it out
OpenSSH Server on Fedora Core release 6 (Zod) SUCKS!
One cannot change the listening Port to anything other that 22. SAD FACE! :(
ubuntu USB Mybooks and UUID's
I have noticed that my USB external hard drives will unpredictably umount them selves and UUID change or at least the previously reported UUID no longer exist! score one for the "UUID SUCKS" team.
Friday, October 01, 2010
Keep an Eye for Perl 6 from outer space!
http://which-dwarf-are-you.blogspot.com/2010/09/exploring-perl6_30.html
Thursday, September 30, 2010
Wednesday, September 29, 2010
Securing SSH on the internet - Changing listening port
By default sshd uses port 22 and any hacker know that ... so to make you server a little more obscure from hackers and their bots simply change the port sshd used like so ...
OOPS! I forgot to update my port forwading on my router at home :-O
[red@localhost ~]$ cd /etc/ssh/
[red@localhost ssh]$ sudo cp sshd_config sshd_config.port22
[red@localhost ssh]$ sudo diff sshd_config sshd_config.port22
13c13
< Port 88
---
> #Port 22
[red@localhost ssh]$ sudo /etc/init.d/sshd restart
Stopping sshd: [ OK ]
Starting sshd: [ OK ]
[red@localhost ssh]$
[red@localhost ssh]$
OOPS! I forgot to update my port forwading on my router at home :-O
Disallowing root ssh access to your server (OpenSSH)
I want to be able to ssh into my server at home so I enabled port forwarding on my router. And, of course, the very next day there is some a**hole's bot out there trying to brut force there way in as root ...
Sep 29 06:50:28 localhost sshd[14292]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=12.151.36.14 user=rootBest thing to do is disallow ssh access as root like so ...
Sep 29 06:50:30 localhost sshd[14292]: Failed password for root from 12.151.36.14 port 50017 ssh2
Sep 29 06:50:30 localhost sshd[14293]: Received disconnect from 12.151.36.14: 11: Bye Bye
Sep 29 06:50:30 localhost sshd[14295]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=12.151.36.14 user=root
Sep 29 06:50:32 localhost sshd[14295]: Failed password for root from 12.151.36.14 port 51098 ssh2
Sep 29 06:50:32 localhost sshd[14296]: Received disconnect from 12.151.36.14: 11: Bye Bye
[red@localhost ssh]$ cd
[red@localhost ~]$ cd /etc/ssh/
[red@localhost ssh]$ sudo cp sshd_config sshd_config.orig
[red@localhost ssh]$ sudo vim sshd_config
[red@localhost ssh]$ sudo diff sshd_config sshd_config.orig
39c39
< PermitRootLogin no
---
> #PermitRootLogin yes
[plankton@localhost ssh]$ sudo /etc/init.d/sshd restart
Stopping sshd: [ OK ]
Starting sshd: [ OK ]
[red@localhost ssh]$
Tuesday, September 28, 2010
Found a useful Unix/Linux site.
http://www.unixtutorial.org/
I posted a question about the problems I am having mounting DVDs on my ubuntu server
I posted a question about the problems I am having mounting DVDs on my ubuntu server
don't use /etc/fstab to mount USD External MyBook HDs on ubuntu
I have had problems booting my system (HP Proliant ML110) running ubuntu 10.04.1 (64 bit). If for some reason one of the drives is not responsive the system wouldn't boot. So instead I mount my mybook hard drives with a script:
#!/bin/sh
UUIDS="d4b57836-3897-4264-a5d3-ba0d8d21ce8c \
289af6ab-aea5-4b68-b4b1-28fd71e9ceee \
4d8df696-264f-413a-883c-92622d6d50aa \
aae0aa05-c167-4605-8ab9-6e52e4c992db \
c2ba49c4-627d-4074-9dcf-74216314f4a1 \
c6500c6e-b224-42a2-8ddc-2b8c10d8f4fa"
for uuid in $UUIDS
do
if [ ! -e /media/$uuid/MOUNTED ]
then
sudo mount -t auto /dev/disk/by-uuid/$uuid /media/$uuid
sleep 1
else
echo "$0 Good $uuid is mounted."
fi
done
Changing the -guest password on E3000 linksys router
The configuration tool(s) for the E3000 linksys suck! If you ever clicked on 'advanced routing' you will no longer be able to use the "cisco connect" software. Instead you will go to the router setup on your local network and 192.168.1.1 (or whatever you set) where much of the functionality is missing ... like setting the password for the guest connection.
Here's the linksys help page for how to do this: Title: Finding out Wireless Network Name and Password in Cisco Connect
But when I run "Cisco Connect" I do not see what they show in the article. I see this:
If you click on the "Open advanced setting" link your browser will open and you and log to a setup web page being served out of the E3000 router. But in that web page THERE IS NO WAY TO SEE OR CHANGE THE PASSWORD OF THE GUEST CONNECTION !!!
Oh you know what else sucks ... at the bottom of the "article" at linksys there is a feedback form ... you know was this article helpful [] yes [] no [] somewhat ... I select NO and the window closed on me :/
Well I have spent an hour dicking around with the linksys/cisco on-line support ... I guess the only anyone can do is to set the router back to factory defaults and reinstall the CRAPPY "Cisco Connect" software.
Here's the linksys help page for how to do this: Title: Finding out Wireless Network Name and Password in Cisco Connect
But when I run "Cisco Connect" I do not see what they show in the article. I see this:
If you click on the "Open advanced setting" link your browser will open and you and log to a setup web page being served out of the E3000 router. But in that web page THERE IS NO WAY TO SEE OR CHANGE THE PASSWORD OF THE GUEST CONNECTION !!!
Oh you know what else sucks ... at the bottom of the "article" at linksys there is a feedback form ... you know was this article helpful [] yes [] no [] somewhat ... I select NO and the window closed on me :/
Well I have spent an hour dicking around with the linksys/cisco on-line support ... I guess the only anyone can do is to set the router back to factory defaults and reinstall the CRAPPY "Cisco Connect" software.
Wednesday, September 22, 2010
VPN Server for home network?
I might want to be able to VPN into my home network to help the with home business while I am away
https://help.ubuntu.com/community/VPNServer/
also look here : http://openvpn.net/
https://help.ubuntu.com/community/VPNServer/
also look here : http://openvpn.net/
What the heck is /dev/shm ?
It is tempfs (what's tempfs)?
From: http://lxr.linux.no/#linux+v2.6.35.5/Documentation/filesystems/tmpfs.txt#L57
From: http://lxr.linux.no/#linux+v2.6.35.5/Documentation/filesystems/tmpfs.txt#L57
tmpfs has three mount options for sizing: 58 59size: The limit of allocated bytes for this tmpfs instance. The 60 default is half of your physical RAM without swap. If you 61 oversize your tmpfs instances the machine will deadlock 62 since the OOM handler will not be able to free that memory. 63nr_blocks: The same as size, but in blocks of PAGE_CACHE_SIZE. 64nr_inodes: The maximum number of inodes for this instance. The default 65 is half of the number of your physical RAM pages, or (on a 66 machine with highmem) the number of lowmem RAM pages, 67 whichever is the lower. 68 69These parameters accept a suffix k, m or g for kilo, mega and giga and 70can be changed on remount. The size parameter also accepts a suffix % 71to limit this tmpfs instance to that percentage of your physical RAM: 72the default, when neither size nor nr_blocks is specified, is size=50% 73 74If nr_blocks=0 (or size=0), blocks will not be limited in that instance; 75if nr_inodes=0, inodes will not be limited. It is generally unwise to 76mount with such options, since it allows any user with write access to 77use up all the memory on the machine; but enhances the scalability of 78that instance in a system with many cpus making intensive use of it. 79 80 81tmpfs has a mount option to set the NUMA memory allocation policy for 82all files in that instance (if CONFIG_NUMA is enabled) - which can be 83adjusted on the fly via 'mount -o remount ...' 84 85mpol=default use the process allocation policy 86 (see set_mempolicy(2)) 87mpol=prefer:Node prefers to allocate memory from the given Node 88mpol=bind:NodeList allocates memory only from nodes in NodeList 89mpol=interleave prefers to allocate from each node in turn 90mpol=interleave:NodeList allocates from each node of NodeList in turn 91mpol=local prefers to allocate memory from the local node 92 93NodeList format is a comma-separated list of decimal numbers and ranges, 94a range being two hyphen-separated decimal numbers, the smallest and 95largest node numbers in the range. For example, mpol=bind:0-3,5,7,9-15 96 97A memory policy with a valid NodeList will be saved, as specified, for 98use at file creation time. When a task allocates a file in the file 99system, the mount option memory policy will be applied with a NodeList, 100if any, modified by the calling task's cpuset constraints 101[See Documentation/cgroups/cpusets.txt] and any optional flags, listed 102below. If the resulting NodeLists is the empty set, the effective memory 103policy for the file will revert to "default" policy. 104 105NUMA memory allocation policies have optional flags that can be used in 106conjunction with their modes. These optional flags can be specified 107when tmpfs is mounted by appending them to the mode before the NodeList. 108See Documentation/vm/numa_memory_policy.txt for a list of all available 109memory allocation policy mode flags and their effect on memory policy. 110 111 =static is equivalent to MPOL_F_STATIC_NODES 112 =relative is equivalent to MPOL_F_RELATIVE_NODES 113 114For example, mpol=bind=static:NodeList, is the equivalent of an 115allocation policy of MPOL_BIND | MPOL_F_STATIC_NODES. 116 117Note that trying to mount a tmpfs with an mpol option will fail if the 118running kernel does not support NUMA; and will fail if its nodelist 119specifies a node which is not online. If your system relies on that 120tmpfs being mounted, but from time to time runs a kernel built without 121NUMA capability (perhaps a safe recovery kernel), or with fewer nodes 122online, then it is advisable to omit the mpol option from automatic 123mount options. It can be added later, when the tmpfs is already mounted 124on MountPoint, by 'mount -o remount,mpol=Policy:NodeList MountPoint'. 125 126 127To specify the initial root directory you can use the following mount 128options: 129 130mode: The permissions as an octal number 131uid: The user id 132gid: The group id 133 134These options do not have any effect on remount. You can change these 135parameters with chmod(1), chown(1) and chgrp(1) on a mounted filesystem. 136 137 138So 'mount -t tmpfs -o size=10G,nr_inodes=10k,mode=700 tmpfs /mytmpfs' 139will give you tmpfs instance on /mytmpfs which can allocate 10GB 140RAM/SWAP in 10240 inodes and it is only accessible by root. 141 142 143Author: 144 Christoph Rohland <cr@sap.com>, 1.12.01 145Updated: 146 Hugh Dickins, 4 June 2007 147Updated: 148 KOSAKI Motohiro, 16 Mar 2010 149
Saturday, September 18, 2010
Using 2TB Mybook with ubuntu and ML110 Proliant
I am hooking my 2TB Mybook to my ML110 running ubuntu server 10.04.1.
I read in the /etc/fstab that I would do this ...
So this is my /etc/fstab ...
I did have to also do fdisk & mkfs ... no surprise there.
But no joy ...
Looks like that UUID number that is not suppose to change changed ???
So change line in fstab to ...
Now mount works ...
I rebooted the system just for fun. The system didn't come back up! I had to connect a monitor and saw the system was trying to PXE boot!!! Oh crap !!! What did I do? Did I just format my boot disk? Well turns out that Phoniex Setup software on the HP ML110 defautls to using the USB device as the boot disk. I had to hit F10 and get into the setup and monkey with the boot order and everything was fine. Kinda of scary !!!
I read in the /etc/fstab that I would do this ...
wee@ubuntu:~$ sudo blkid -o full -s UUID
/dev/sda1: UUID="82d18b5c-0049-4ff6-9ab7-6a87cd5906db"
/dev/sda2: UUID="d97daca7-8046-49d7-93bd-24a6ee6ad33d"
/dev/sda3: UUID="bf565e06-0ddd-44b5-b58f-bc9771c55b21"
/dev/sda5: UUID="685a4f87-57c2-4aca-8bf4-54f112e19cbd"
/dev/sda6: UUID="21fa44e0-651c-4e22-8e88-240c2546e39b"
/dev/sda7: UUID="d7121d7e-0969-4b30-86e4-987d530702d9"
/dev/sda8: UUID="9c0f5186-c475-4d5f-a1ef-5a46fe5ddb9e"
/dev/sdb1: UUID="68066cd7-6446-42b7-9386-892a2d540691"
So this is my /etc/fstab ...
wee@ubuntu:~$ cat /etc/fstab
# /etc/fstab: static file system information.
#
# Use 'blkid -o value -s UUID' to print the universally unique identifier
# for a device; this may be used with UUID= as a more robust way to name
# devices that works even if disks are added and removed. See fstab(5).
#
#
proc /proc proc nodev,noexec,nosuid 0 0
# / was on /dev/sda1 during installation
UUID=82d18b5c-0049-4ff6-9ab7-6a87cd5906db / ext4 errors=remount-ro 0 1
# /coop was on /dev/sda8 during installation
UUID=9c0f5186-c475-4d5f-a1ef-5a46fe5ddb9e /coop ext4 defaults 0 2
# /home was on /dev/sda5 during installation
UUID=685a4f87-57c2-4aca-8bf4-54f112e19cbd /home ext4 defaults 0 2
# /tmp was on /dev/sda6 during installation
UUID=21fa44e0-651c-4e22-8e88-240c2546e39b /tmp ext4 defaults 0 2
# /usr was on /dev/sda3 during installation
UUID=bf565e06-0ddd-44b5-b58f-bc9771c55b21 /usr ext4 defaults 0 2
# /var was on /dev/sda2 during installation
UUID=d97daca7-8046-49d7-93bd-24a6ee6ad33d /var ext4 defaults 0 2
# swap was on /dev/sda7 during installation
UUID=d7121d7e-0969-4b30-86e4-987d530702d9 none swap sw 0 0
#
# Mybooks
# got UUID from executing sudo blkid -o full -s UUID
UUID=68066cd7-6446-42b7-9386-892a2d540691 /media/coop-disk-01 ext3 defaults 0 0
I did have to also do fdisk & mkfs ... no surprise there.
But no joy ...
wee@ubuntu:~$ sudo mount /media/coop-disk-01
[sudo] password for wee:
mount: special device UUID=68066cd7-6446-42b7-9386-892a2d540691 does not exist
wee@ubuntu:~$ df
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/sda1 7690408 345136 6954616 5% /
none 502920 228 502692 1% /dev
none 507352 32 507320 1% /dev/shm
none 507352 96 507256 1% /var/run
none 507352 0 507352 0% /var/lock
none 507352 0 507352 0% /lib/init/rw
/dev/sda5 24382868 247916 22896376 2% /home
/dev/sda8 93687744 188104 88740500 1% /coop
/dev/sda6 1921036 36344 1787108 2% /tmp
/dev/sda2 14614904 978032 12894472 8% /var
/dev/sda3 9612516 3050876 6073348 34% /usr
Looks like that UUID number that is not suppose to change changed ???
So change line in fstab to ...
#
# Mybooks
# got UUID from executing sudo blkid -o full -s UUID
#UUID=68066cd7-6446-42b7-9386-892a2d540691 /media/coop-disk-01 ext3 defaults 0 0
UUID=d4b57836-3897-4264-a5d3-ba0d8d21ce8c /media/coop-disk-01 auto defaults 0 0
Now mount works ...
wee@ubuntu:~$ sudo mount /media/coop-disk-01
wee@ubuntu:~$ df
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/sda1 7690408 345136 6954616 5% /
none 502920 228 502692 1% /dev
none 507352 28 507324 1% /dev/shm
none 507352 96 507256 1% /var/run
none 507352 0 507352 0% /var/lock
none 507352 0 507352 0% /lib/init/rw
/dev/sda5 24382868 248028 22896264 2% /home
/dev/sda8 93687744 188104 88740500 1% /coop
/dev/sda6 1921036 36352 1787100 2% /tmp
/dev/sda2 14614904 978032 12894472 8% /var
/dev/sda3 9612516 3050876 6073348 34% /usr
/dev/sdb1 1922858352 68956 1825113796 1% /media/coop-disk-01
I rebooted the system just for fun. The system didn't come back up! I had to connect a monitor and saw the system was trying to PXE boot!!! Oh crap !!! What did I do? Did I just format my boot disk? Well turns out that Phoniex Setup software on the HP ML110 defautls to using the USB device as the boot disk. I had to hit F10 and get into the setup and monkey with the boot order and everything was fine. Kinda of scary !!!
Thursday, September 16, 2010
How to create zombie process
I know that zombie processes do not take up any system resources expect maybe in extreme cases where your system would max out the number of processes in the process table. And people usually ask "why am I seeing zombie [or <defunct>] processes" and "how do I get rid of them". I am asking just that question but I need to understand at the code level how this happens.
... now run it and then in another terminal execute ...
Whoo! Hoo! There a zombine!
You can keep the zombies from happening by adding ...
... before doing the fork.
#!/usr/bin/perl -w
use strict;
use warnings;
use Sys::Syslog qw(:DEFAULT setlogsock);
my $keep_going = 1;
#
# startDaemon
#
my $child_pid;
if( $child_pid = fork ){
print "This is parent process and child ID is $child_pid .\n";
print "Parent process is sleep for 60 seconds ... \n";
sleep 60;
print "Parent process is exitting 0.\n";
exit 0;
}
# give the child something to do like write the /var/log/messages
setlogsock('unix');
openlog('Two', 'pid,nowait', 'local1');
my $count = 0;
while( $keep_going == 1 ) {
my $date = `date`;
chomp( $date );
syslog( "crit", "The date is [$date]" );
my $out = `date >> /tmp/Two.pl.log`;
sleep 5;
if ( $count == 2 ) { die "count is 5 ... arrgg!\n"; }
$count ++;
}
closelog();
exit (0); # child exits here
... now run it and then in another terminal execute ...
$ ps -ef | grep logg
rala 698 31230 0 15:21 pts/0 00:00:00 /usr/bin/perl -w ./logging_deamon_example3_make_zombies.pl
rala 699 698 0 15:21 pts/0 00:00:00 /usr/bin/perl -w ./logging_deamon_example3_make_zombies.pl
rala 704 32676 0 15:21 pts/1 00:00:00 grep logg
$ ps -ef | grep logg
rala 698 31230 0 15:21 pts/0 00:00:00 /usr/bin/perl -w ./logging_deamon_example3_make_zombies.pl
rala 699 698 0 15:21 pts/0 00:00:00 /usr/bin/perl -w ./logging_deamon_example3_make_zombies.pl
rala 725 32676 0 15:21 pts/1 00:00:00 grep logg
$ ps -ef | grep logg
rala 698 31230 0 15:21 pts/0 00:00:00 /usr/bin/perl -w ./logging_deamon_example3_make_zombies.pl
rala 699 698 0 15:21 pts/0 00:00:00 [logging_deamon_]
rala 727 32676 0 15:21 pts/1 00:00:00 grep logg
$ ps -ef | grep logg
rala 698 31230 0 15:21 pts/0 00:00:00 /usr/bin/perl -w ./logging_deamon_example3_make_zombies.pl
rala 699 698 0 15:21 pts/0 00:00:00 [logging_deamon_]
rala 729 32676 0 15:21 pts/1 00:00:00 grep logg
Whoo! Hoo! There a zombine!
You can keep the zombies from happening by adding ...
$SIG{'CHLD'} = 'IGNORE';
... before doing the fork.
Wednesday, September 15, 2010
nomachine installed no problem!
Wow! Something easy and useful! went to http://www.nomachine.com/download-package.php
downloaded the three deb packages and installed as per instructions.
downloaded the three deb packages and installed as per instructions.
quick notes on ubuntu server and gnome desktop
finally got it working. Not extacly sure how ...
did stuff like
figured that out because ...
would fail with /usr/bin/X not found.
So i got ubuntu to tell what to install by executing
# /usr/bin/X
and the error message said to install xerver-xorg ... kinda nice
then reboot ... looks awesome
did stuff like
# apt-get install gnome-desktop-environmet ... then later on # apt-get install xserver-xorg
figured that out because ...
startx
would fail with /usr/bin/X not found.
So i got ubuntu to tell what to install by executing
# /usr/bin/X
and the error message said to install xerver-xorg ... kinda nice
then reboot ... looks awesome
Gnome Desktop Software and Ubuntu Server 10.04.1
Since ubuntu server is a "server" there is no desktop software installed by default (I guess). So I am learning to use "aptitiude" to install things.
Tuesday, September 14, 2010
Got a HP Proliant ML110 G6 / Installing ubuntu server 10.04.1 64bit
I will install ubuntu 10.04.1 64bit on it ... or I'll try to :)
The partitioning on the ubuntu install is a bit confusing.
Default is all avail diskspace as LVM root with just root and swap.
Somehow I wound up with /usr, /var, tmp and a huge /home partition.
Guess I got some learning to do.
The partitioning on the ubuntu install is a bit confusing.
Default is all avail diskspace as LVM root with just root and swap.
Somehow I wound up with /usr, /var, tmp and a huge /home partition.
Guess I got some learning to do.
Sunday, September 12, 2010
I Guess I Should Read the Dojo Basics
So I am looking at :
http://dojotoolkit.org/reference-guide/quickstart/dojo-basics.html#quickstart-dojo-basics.
It talks about
I got something ...
Error: uncaught exception: Could not load cross-domain resources: something
http://dojotoolkit.org/reference-guide/quickstart/dojo-basics.html#quickstart-dojo-basics.
It talks about
dojo.requirelet's try it out ...
I got something ...
Error: uncaught exception: Could not load cross-domain resources: something
Attempt to Quick Start with DoJo
I heard about Dojo last week. Figured I play around with it. I thought I would try and write a simple javascript base Web UI to a chess board. I had done this a while back in 90's with just straight javascript. It was pretty straight forward and I was able to hook it up to a "crafty" chess engine on the backend.
So I went to :
http://dojotoolkit.org/reference-guide/quickstart/gettingstarted.html#quickstart-gettingstarted
So on my web server I created ...
plankton@ubuntu:/var/www/EC$ cat mytry1.html
<html>
<head>
<!-- see http://www.dojotoolkit.org/download/ --!>
<script src="http://ajax.googleapis.com/ajax/libs/dojo/1.5/dojo/dojo.xd.js"></script>
<title>My Dojo Try 1</title>
</head>
<body>
<p>
© Me MMX
</p>
</body>
</html>
</code>
... and loaded it in my browser and no surprise all that got outputted was the copyright thingy.
Next I took a look at an example and cut-n-pasted (like it said to do) this ...
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html dir="ltr">
<head>
<link rel="stylesheet" type="text/css" href="../_static/js/dijit/themes/claro/claro.css"
/>
<style type="text/css">
body, html { font-family:helvetica,arial,sans-serif; font-size:90%; }
</style>
</head>
<body class=" claro ">
<div id="showMe" style="padding: 10px;">
click here to see how it works
</div>
</body>
<script type="text/javascript" src="../_static/js/dojo/dojo.js" djConfig="parseOnLoad: true">
</script>
<script>
dojo.addOnLoad(function() {
dojo.query("#showMe").onclick(function(e) {
var node = e.target;
var a = dojo.anim(node, {
backgroundColor: "#363636",
color: "#f7f7f7"
},
1000);
dojo.connect(a, "onEnd", function() {
dojo.anim(node, {
color: "#363636"
},
null, null, function() {
node.innerHTML = "wow, that was easy!";
dojo.anim(node, {
color: "white"
});
});
});
});
});
</script>
<!-- NOTE: the following script tag is not intended for usage in real
world!! it is part of the CodeGlass and you should just remove it when
you use the code -->
<script type="text/javascript">
dojo.addOnLoad(function() {
if (document.pub) {
document.pub();
}
});
</script>
</html>
... into a file mytry2.html ... and what do you think happened when I loaded that with my browser???? OH! the suspense! Well the string ...
click here to see how it works
... got outputted and what do you thing happens when you click on the string ????
Are you sitting down?
Well nothing happened. Lame :( What am I doing wrong?
So I went to :
http://dojotoolkit.org/reference-guide/quickstart/gettingstarted.html#quickstart-gettingstarted
So on my web server I created ...
plankton@ubuntu:/var/www/EC$ cat mytry1.html
<html>
<head>
<!-- see http://www.dojotoolkit.org/download/ --!>
<script src="http://ajax.googleapis.com/ajax/libs/dojo/1.5/dojo/dojo.xd.js"></script>
<title>My Dojo Try 1</title>
</head>
<body>
<p>
© Me MMX
</p>
</body>
</html>
</code>
... and loaded it in my browser and no surprise all that got outputted was the copyright thingy.
Next I took a look at an example and cut-n-pasted (like it said to do) this ...
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html dir="ltr">
<head>
<link rel="stylesheet" type="text/css" href="../_static/js/dijit/themes/claro/claro.css"
/>
<style type="text/css">
body, html { font-family:helvetica,arial,sans-serif; font-size:90%; }
</style>
</head>
<body class=" claro ">
<div id="showMe" style="padding: 10px;">
click here to see how it works
</div>
</body>
<script type="text/javascript" src="../_static/js/dojo/dojo.js" djConfig="parseOnLoad: true">
</script>
<script>
dojo.addOnLoad(function() {
dojo.query("#showMe").onclick(function(e) {
var node = e.target;
var a = dojo.anim(node, {
backgroundColor: "#363636",
color: "#f7f7f7"
},
1000);
dojo.connect(a, "onEnd", function() {
dojo.anim(node, {
color: "#363636"
},
null, null, function() {
node.innerHTML = "wow, that was easy!";
dojo.anim(node, {
color: "white"
});
});
});
});
});
</script>
<!-- NOTE: the following script tag is not intended for usage in real
world!! it is part of the CodeGlass and you should just remove it when
you use the code -->
<script type="text/javascript">
dojo.addOnLoad(function() {
if (document.pub) {
document.pub();
}
});
</script>
</html>
... into a file mytry2.html ... and what do you think happened when I loaded that with my browser???? OH! the suspense! Well the string ...
click here to see how it works
... got outputted and what do you thing happens when you click on the string ????
Are you sitting down?
Well nothing happened. Lame :( What am I doing wrong?
Subscribe to:
Posts (Atom)