Saiweb

laurent gaffie has produced a proof of concept remote BSOD affecting windows vista /7.

It is advised at this time to block all NETBIOS and SMB trafic on your network as there is currently no patch available.

Read the entry here: http://seclists.org/fulldisclosure/2009/Sep/0039.html

At the time of writing this entry I tested this on a Windows Vista VM (fully patched).

MS – Security Advisory

This issue has come about whilst having to migrate a positively huge number of files, and have to check the integrity of the transfer.

Build the manifest

• -type f : This flag tells find to only return files
• -print0: This flag tells find to null terminate strings, this allows us to take files with spaces
• –null: This flag tells xargs to accept null terminated strings
• NOTE: PUT THE MANIFEST OUTSIDE THE FOLDER YOU ARE INDEXING!

Checking the manifest

The above will return all failed checks, if you want a simple count (maybe for automated reporting) just add | wc -l

FAQ

How big is the manifest?

This depends entirely on the length of your filepaths, taking UTF-8 as an encoding example each char is 8bits or 1byte, each manifest line consists of the md5hash, a space and the filepath as the filepath length varies there is no exact way to estimate the filesize of the manifest.

However each line is always 32 + 1 + len(path) bytes.

The more sub directories you have the larger the manifest size will be.

How long does the manifest take to build?

This depends on the number of files you have to index, along with any other factors such as network shares, in test runs 2819 files indexed in 1.493 seconds.

Finaly it is ready and in a state I am happy to release it.

Features

• Complete code re-write, much more efficient and easier to update
• Flowplayer 3.1.1
• License detection, will only use the commercial version if you enter a license!
• Playlists
• Better wordpress API integration, all settings now stored in wordpress no more config files!
• Same admin interface

(Videos from Apple.com)

Again this is a late blog post about some code committed several months ago, in this case the code was committed 09/06/2009

It is a very short python script to force a subversion commit message to be greater than 10 characters in length

Installation:

svn export http://svn.saiweb.co.uk/branches/python/svn_force_message.py /path/to/your/svn/hooks/pre-commit
chmod +x /path/to/your/svn/hooks/pre-commit

Note installation this way will replace your current pre-commit hooks file.

Pre-req reading:

Nagios customization: Alerting via SMS, or anything you like!

Making the bird tweet using python

or
Update twitter in a single line

This entry will cover how to send nagios alerts to twitter, in the examples to follow curl will be used however you can choose to use the python example (link above) in place of this.

Firstly edit /usr/local/nagios/etc/objects/commands.cfg

And add the two following commands.

Now define a contact for this twitter service

/usr/local/nagios/etc/objects/contacts.cfg

Choose your own notification options, for my feed I only choose alerts, I also have this send updated to a ‘private feed’ which I then follow.

Add this contact into your existing contact groups, i.e.

Then run a nagios-verify to ensure you have no syntax errors, and restart nagios.

Trigger an alert by manually switching a monitored service off or entering a manual result to test.

Some two months after the fact, I thought it may well be time to post a blog on this little code snippet.

As some of you have noticed every commit message to my subversion repository is infact updating my twitter.

This code was uploaded to subversion on 10/06/2009, so sorry for the late write up!

Requirements

Python 2.5 or higher
Subversion server

Installation

• svn co http://svn.saiweb.co.uk/branches/python/svn_tweeter.py /usr/bin/svn_tweeter
• chmod +x /usr/bin/svn_tweeter
• cd /path/to/svn/hooks
• Edit post-commit with your favorite text editor

Now try a commit, and check your syslog for entries from the script.

Aug 24 11:36:26 132 python: SVN_TWEETER: http://twitter.com/statuses/update.json query complete

We are still unfortunately waiting for the memory to arrive from crucial, *sigh*, so in this part I will cover what the “extras” are and the installation of them.

Parts list:

1. Chenbro ES34069
2. Jetway JNC92 Motherboard
3. Jetway SATA II Daughterboard
4. 2GB Transcend Flash Memory Module
5. 4 x Samsung Spinpoint 1TB
6. 2GB Low profile Ram (When it arrives)

The Case

The Chenbro ES34069 case has 4 ‘hot swappable’ SATA 2 HD caddies, optional card reader, internal PSU.

PROS:

Good quite case, has all the required features, even some extras such as LED’s for the network interfaces, nice and compact, with the hot swap being a major bonus

CONS:

I’d have to say the price, this case weighs in at £200+ which is a bit hefty for a case.

The proprietary PSU adapter, I’ve not had any issues with the PSU’s power adapter, but by the looks of things it is bespoke to Chenbro, so I doubt getting a spare/replacement is going to be easy.

The USB header, and optional Card reader, this is more a ‘con’ of this build, as the motherboard used only has 2 USB headers, one of which is being used by the USB storage for the operating system, meaning you have the choice of either using the front facing USB or the optional card reader.

Inaccessible backplane, now this for me was the kicker, the Daughterboard comes with some finely crafted 90 degree SATA cables, which would of been perfect, if I had been able to actually access the backplane to attach them, I could not for the life of me find a way to get to the backplane without causing irreversible damage to the case itself.

The Motherboard

The Jetway JNC92 Motherboard comes with an Intel Atom Dual core 330 processor, the reasoning behind this will become clear later on, however you can opt for the cheaper single core processors if you wish.

As the picture shows I have opted to use a Transcend 2GB USB module which attaches directly onto the motherboard, this will be used to store the freeNAS operating system

The SATA II Daughterboard has onboard hardware RAID support 0, 1, 0+1, and 5 RAID options across the 4 ports, I am still debating using the hardware RAID over Software RAID for the following reasons.

Yes I know Hardware raid is much much faster however as I understand it due to the XOR logic used in the hardware processor, using hardware raid essentially locks you into using a particular manufacturers hardware, which if this line is discontinued by the time something goes wrong is a serious issue when trying to recover data, this is where software raid shines as it is code based, and will run from any x86 capable hardware, and lets face it, it is not as if we are lacking CPU power in this build!

PROS:

Cheap and cheerfull motherboard

Powerful dual core CPU (Not like we’re going to be playing Crysis here, but for the use it is intended this CPU has ample power)

Expandability, this HAS to be the biggest selling point for this motherboard, you do not have to use it for any one thing in particular, I will shortly be looking at using this motherboard with the 3 x Gigabit daughterboard for building a hardware network monitor, think IDS, man in the middle machine goodness!

CONS:

Heatsinks, or their rotation they are top to bottom, where as the case I am using as most cases now has the airflow front to back, this is a minor con, but the heatsinks should be orientated for the best airflow.

USB headers, the Transcend USB module is designed to lock into the plastic socket you useually find on your USB headers, this motherboard does not have the sockets just the raw pins.

More images

As the company I am working for (Psycle Interactive Ltd) grow there became an increasing need to store and share large files between machines, granted we are all on MACs here, but the “drop box” becomes inconvenient when you want to share that file with multiple people.

As such I looked for ways to build a “cost effective” NAS, and now following the success of a recent build using FreeNAS for deploying an office NAS with 2.7TB of usable disk space I/we have developed a concept for using these relatively cheap NAS systems for Disaster Recovery Purposes.

This NAS build at the time of writing costs £740.54 inc VAT, for a 4TB system, giving approx 2.7TB of usable diskspace in a RAID 5 configuration, try getting a pre-built model for that, here’s a comparison

• 4TB NAS Built in this series £740.54 inc VAT
• Iomega 4TB NAS ~£2576.50
• HP Proliant 4TB ~£4502
• Netgear Readynas ~£1322.17

note: “~”
As show above I will be building our 4 NAS systems (1 I have already built) for around £1600 less than the price of a single HP Proliant system.

This blog series will cover the build process of the NAS systems as they are built, along with the theory and methods used to allow them to function as DR devices.

Currently we are waiting for the memory to arrive from Crucial, so until that arrives the new builds will not progress, in Part 2 I will be going over the motherboard and the “extras” we have chosen to use for this build.

See you in part 2!

The problem

We’ve all been in this position at some point, working for a company who wants to internationalize their website, and so their mySQL CMS data …

But all is not so well as just using ‘SET NAMES utf8′ and changing all ‘charset’ on tables to utf8,

You may fall foul of seeing content like Á£

This is due to the fact in this case the latin1 encoded £ has not properly been converted to utf8 and as such is not rendering correctly, this is true of most ‘multibyte’ characters.

The solution

What you need to do is actually convert the character set to utf8, in order to do this your going to need to run it through a program you could use iconv if you are already familiar with it, however if your system has python installed you can grab a copy of my sysadmin program which has iconv like functionality but is far more user friendly.

What you will need

• Text Editor (vi/nano/pico/emacs)
• Python 2.4 or higher
• SED package
• Sysadmin program
• mySQL

Preparing the file

This assumes the database is currently using latin1, in theory this could be any encoding.

Get a dump of the database:

Now you have to be aware of what you need to replace using SED, you can’t just replace all instances of ‘latin1′ as Murphy’s law being as it is means that somewhere there will be ‘latin1′ in the physical content, especially for instance if I was using a mysql dump from this blog.

As such you need to replace the following:

If your database dump is small enough (sub 100mb) you can edit this line directly in your text editor, alternatively you can do the following.

Now you need to replace all instances of ‘CHARSET=latin1′

Now we have to run the file through the charset converter

If your sql dump is over 30mb, you will be prompted to confirm you wish to proceed, please remember that this will load the entire file into memory, so ensure you have enough available system memory before proceeding, I also suggest not running this on a production server.

If any characters could not be converted you will be alerted to their exact position within the file, from there you will either need to use sed to replace the character or use your text editor.

If all went well you now have ./databasename-latin1.sql.utf-8 (note the utf-8 extension), you now have a complete utf8 mySQL dump, all you need do now is import the dump.

Further reading

1. Force mySQL utf8 connections
2. mySQL backup script

spambag.org domain appears to have not been renewed as such it is sat at a generic ‘adverts’ placeholder.

This does mean that RBL lookups against blacklist.spambag.org are returning as a ‘false positive’, (similar to the ORDB issue)

If you are concerned about being listed on some RBL’s then get a copy of my sysadmin script here at the time of writing the ‘rblcheck’ function checks 27 RBL’s.