the xer's blog

16 January 2014

The Crisis

Filed under: Daily — Tags: — xer @ 11:00 PM

Let’s not pretend that things will change if we keep doing the same things. A crisis can be a real blessing to any person, to any nation. For all crises bring progress.

Creativity is born from anguish, just like the day is born form the dark night. It’s in crisis that inventiveness is born, as well as discoveries made and big strategies. He who overcomes crisis, overcomes himself, without getting overcome. He who blames his failure to a crisis neglects his own talent and is more interested in problems than in solutions. Incompetence is the true crisis. The greatest inconvenience of people and nations is the laziness with which they attempt to find the solutions to their problems.

There’s no challenge without a crisis. Without challenges, life becomes a routine, a slow agony.

There’s no merit without crisis. It’s in the crisis where we can show the very best in us. Without a crisis, any wind becomes a tender touch. To speak about a crisis is to promote it. Not to speak about it is to exalt conformism. Let us work hard instead. Let us stop, once and for all, the menacing crisis that represents the tragedy of not being willing to overcome it.

Albert Einstein 1930

16 January 2012

How to check MTU with ping


Sometimes even if you does not have any access to your networking devices, you may need to check what is actual maximum MTU of your connection.

Ping command and parameters -l and -f are very useful.
With -f you will set to do not fragment the packets and with -l you will set the packet size.

Here is an example of pinging http://www.google.com with a packet site 1500

You have noticed that response from ping command is “Packet needs to be fragmented”.
You can lower the packet size until the ping command will response correctly as below:

After several tentatives, you will reach the maximum packet size before to the “Packet needs to be fragmented” response.
Once you’ll have that value (e.g. 1421) you must add 28 (IP/ICMP header) so (1449) just the get the very perfect tuned maximum MTU.

1 January 2012

Clean Linux Ubuntu RAM usage

Filed under: *nix notes — Tags: , , , , , , , , — xer @ 12:00 PM

As root

#: free -m
verify actual RAM status

#: sync
Force changed blocks to disk, update the super block.

#: echo 3 > /proc/sys/vm/drop_caches
Writing to this will cause the kernel to drop clean caches, dentries and inodes from memory, causing that memory to become free.
To free pagecache: echo 1 > /proc/sys/vm/drop_caches
To free dentries and inodes: echo 2 > /proc/sys/vm/drop_caches
To free pagecache, dentries and inodes: echo 3 > /proc/sys/vm/drop_caches
As this is a non-destructive operation, and dirty objects are not freeable, the user should run “sync” first in order to make sure all cached objects are freed.

#: free -m
Verify if memory has been freed

3 September 2010

rootkit TDL3 – warning for x64 windows system

Filed under: Windows — xer @ 11:00 AM

TDL3 is the worse rootkit for x64 windows systems.
His infection can cause several damages to the operative system, in recent days, a lot of companies has been infected.

If you use a x64 operative system as me, you can check if your system has been infected, open a command prompt (start -> run -> cmd)

And launch “diskpart”, then try the command: “lis dis”

If you showing the same as my picture, then you are not infected, if the command “lis dis” says that a disk does not exist, then you got TDL3 infection.

In this case, i suggest to run immediately a standalone program as DrWeb CureIt:

http://www.freedrweb.com/

22 August 2010

Windows 7 – Disable burning CD-DVD and turn off auto eject

Filed under: Windows — xer @ 9:00 AM

To Disable and Turn Off CD or DVD Burning Support and Stop Disc Tray from Auto Eject in Windows 7, just:

Run gpedit.msc (Group Policy Editor) from Start Search.
Expand Local Group Policy -> User Configuration -> Administrative Templates -> Windows Components.
Select Windows Explorer.
In the right pane, double click on Remove CD Burning features.
Select Enabled radio button to stop and disable all features in the Windows Explorer that allow users to use their CD writer to burn, and ability to auto eject disc tray. Click OK when done.
Restart computer or log off and log on again for the change to take effect.

To reset and re-enable the CD burning feature in Vista, simply choose back the setting to Not Configured or Disabled.

Some editions of Windows 7 doesn’t have Group Policy Editor. In this case, manually change the CD burning feature support in the registry. To do so, run Registry Editor (regedit), and then navigate to the following registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer

In the right pane, if it’s not already existed, right click on a blank space, and select New to create a new DWORD (32-bit) Value. Name the new value name as NoCDBurning, and assign its value data to 1.

To reset and turn back on CD burning feature, delete the NoCDBurning value, or set its value data to 0.

ProFTPD – change default welcome message

Filed under: *nix notes — xer @ 9:00 AM

After installing proftpd and you connect to the server as ftp client, the server displays a standard welcome message:

$ ftp localhost
Connected to localhost.
220 ProFTPD 1.2.8 Server (localhost) [127.0.0.1]
Name (localhost:user):

The line 220 ProFTPD 1.2.8 Server will be displayed to anyone who does an ftp connection to your server.

In case you don’t want everyone to see what FTP server software and expecially what version of the ftp server are you running, you can customize all these with ServerName and ServerIdent ProFTPD directives.

ServerIdent – Set the message displayed on connect
ServerIdent [ ServerIdent off|on [identification string]]

Default: ServerIdent on “ProFTPD [version] Server (server name) [hostname]“

The ServerIdent directive sets the default message displayed when a new client connects.
Setting this to off displays “[hostname] FTP server ready.” If set to on, the directive can take an optional string argument, which will be displayed instead of the default text.
Sites desiring to give out minimal information will probably want a setting like ServerIdent on “FTP Server ready.”, which won’t even reveal the hostname.

Examples:
ServerIdent on “Welcome to FTP Server”

Another option is ServerName which configure the name displayed to connecting users:

ServerName [ ServerName "name"]
Default: ServerName “ProFTPD Server [version]“

The ServerName directive configures the string that will be displayed to a user connecting to the server.

Modify your proftpd.conf file (/usr/local/etc/proftpd.conf on FreeBSD or /etc/proftpd.conf on Linux) and modify ServerName and ServerIdent lines (or add them if they don’t exist) to whatever you wish and test it.

$ ftp localhost
Connected to localhost.
My FTP Server
Name (localhost:user):

FreeBSD – ignore portaudit

Filed under: *nix notes — Tags: — xer @ 9:00 AM

If you want to install a port and portaudit reports vulnerabilities for this port, you can bypass portaudit by using DDISABLE_VULNERABILITIES feature.

$ cd /usr/ports/lang/php4
$ make -DDISABLE_VULNERABILITIES

Upgrade FreeBSD port even though portaudit reports vulnerability

For upgrading ports on FreeBSD, you can you use portupgrade.
In case that portupgrade tells that it cannot continue because the port has a vulnerability reported by portaudit, bypass the vulnerability check with portupgrade option: -m DISABLE_VULNERABILITIES=yes port_name

$ portupgrade -m DISABLE_VULNERABILITIES=yes [port name]

Sometimes we need to install some very old ports even if they have some vulnerabilities, and for this reason, I do not recommend using these methods unless you know what you’re doing.

Windows 7 and Vista – Adding a custom picture to logon screen

Filed under: Windows — Tags: , — xer @ 8:00 AM

 

In Windows 7 and Windows Vista, the default user account pictures are stored in the following location:

C:\ProgramData\Microsoft\User Account Pictures\Default Pictures

You can add your custom pictures to the above location so that the user accounts applet lists them automatically.
Ensure that the dimension of the picture is 128×128 pixels, and it’s a Bitmap image (.bmp).

If you find a picture on the internet that you want to use for your account, save the picture locally and crop the image (to 128×128 px) using any image editor of your choice.

Ubuntu Server 8.10 Network Upgrade from Ubuntu Server 8.04

Filed under: *nix notes — Tags: , — xer @ 8:00 AM

This procedure, apply on a Ubuntu and Debian Linux releases,these examples are for SERVER edition.

Login using ssh for remote server or open console for local server.
First, make sure your server is up to date with 8.04 version.

Type the following two command to apply all upgrades:

$ sudo apt-get update
$ sudo apt-get upgrade

We need to change the release from LTS no normal, so open /etc/update-manager/release-upgrades file:

$ sudo bash
# nano /etc/update-manager/release-upgrades

Locate the line:
Prompt=lts

Change to:
Prompt=normal

Save and close the file.
This will set release update from LTS (long support version) to latest 8.10 version.
To make accomplished the total upgrade, we need to install or upgrade update manager, enter:

$ sudo apt-get install update-manager-core

Above will install / update update-manager-core if it is not already installed.
Once installed just update system using the following command.

$ sudo do-release-upgrade

Now, just follow the on-screen instructions that will come through.

14 August 2010

Open ports – List established connections on *nix servers

Filed under: *nix notes — Tags: , — xer @ 7:30 AM

List established connections on *nix servers
Using netstat to list established connections on UNIX (BSD, Linux) boxes

Netstat is a very useful tool for showing network status. It displays the contents of various net-work-related data structures. There are a number of output formats, depending on the options for the information presented.
Netstat:

-a Show the state of all sockets and all routing table entries; normally, sockets used by server processes are not shown and only interface, host, network, and default routes are shown.
-n Show network addresses and ports as numbers. Normally netstat attempts to resolve addresses and ports, and display them symbolically.

For Unix use: netstat -an | grep “ESTABLISHED”. This will show established connections on port 80 (http) in this form:

$ netstat -an | grep “ESTABLISHED” | grep “.80 “
tcp4 0 0 192.168.1.10.80 194.212.29.163.63154 ESTABLISHED
tcp4 0 0 192.168.1.10.80 194.212.29.163.63154 ESTABLISHED
tcp4 0 0 192.168.1.10.80 194.212.29.163.63154 ESTABLISHED
tcp4 0 0 192.168.1.10.80 195.45.29.63.63154 ESTABLISHED
tcp4 0 0 192.168.1.10.80 15.212.31.56.63154 ESTABLISHED

On FreeBSD you can also use sockstat -4c command, which is also very usefull to list connected sockets (established connections) on the server. It combines netstat with lsof.

$ man sockstat
NAME
sockstat — list open sockets

SYNOPSIS
sockstat [-46clu] [-p ports]

DESCRIPTION
The sockstat command lists open Internet or UNIX domain sockets.

The following options are available:

-4 Show AF_INET (IPv4) sockets.
-6 Show AF_INET6 (IPv6) sockets.
-c Show connected sockets.
-l Show listening sockets.
-p ports Only show Internet sockets if either the local or foreign
port number is on the specified list. The ports argument is
a comma-separated list of port numbers and ranges specified
as first and last port separated by a dash.
-u Show AF_LOCAL (UNIX) sockets.

$ sockstat -4c | grep -E “COMMAND|:80″
www httpd 28949 21 tcp4 192.168.1.10:80 193.35.20.13:56011

Of course, output from both commands sockstat -4c and netstat -an | grep “ESTABLISHED” can be redirected to grep or/and wc -l in order to count and/or filter established connections you are interested in.

Older Posts »

The Silver is the New Black Theme. Create a free website or blog at WordPress.com.