Wieder einmal aufgeweckt vom embedded Linux

Posted on 17.04.201008.01.2019 by mario

Heute Nacht bin ich mal wieder von meinem embedded Linux aufgewacht, wie schon einmal. Nach der letzten Attacke hatte fail2ban installiert, was erstaunlich einfach ging.

sudo apt-get install fail2ban
sudo nano /etc/fail2ban/jail.conf
sudo /etc/init.d/fail2ban restart

Fertig! Das war es schon.

Und dennnoch blinkte die LED unaufhörtlich in der Nacht. Über 100 IP adressen, die gehackt haben bis endlich ruhe war. Alle anderen computer waren ausgeschaltet, so dass die anderen Ports vom Portforwarding beim scan zumindest closed oder filtert anzeigen müssen. So viel Ernergie wegen einem offnen SSH port bei einer IP die sich alle 24 Stunden ändert? Mich wundert, dass der kleine NSLU2 nicht aufgegeben hat bei einem solchen DDOS, immerhin dauert es schon mal 3,5 Stunden um alleine nmap zu compilieren ;-) Naja 266 MHz und 32 MB RAM sind auch nicht gerade viel, aber als Eingang in mein Netzwerk hat es für mich immer gereicht. Fragt sich nur, was ich als nächstes gegen einen solchen Angriff machen kann. Fail2ban scheint da nicht mehr zu reichen. Ideen?

compile mod_perl x64 windows 64 bit

Posted on 16.04.201011.01.2019 by mario

install activeperl x64 if you haven’t done yet

get the source from trunk

C:\build\>svn checkout https://svn.apache.org/repos/asf/perl/modperl
/trunk/ mod_perl-2.0

configure it

C:\build\mod_perl-2.0>perl Makefile.PL MP_AP_PREFIX=C:\Apache22

nmake
nmake test
nmake install
edit your httpd.conf ;-)

Compile openssl windows 64 bit

Posted on 12.04.201011.01.2019 by mario

Sadly there is no asm available for 64 bit on windows. That makes openssl minimal slower than with asm, but there is the native 64 bit binary :-)

perl Configure VC-WIN64A --prefix=/Apache22 --openssldir=/Apache22/conf enable-camellia disable-idea
ms\do_win64a
nmake -f ms\ntdll.mak
REM remove md2 and idea test
nmake -f ms\ntdll.mak test

Win7: Office 2000 geht, aber Word 2000 nicht

Posted on 31.03.2010 by mario

Da installiert man Office 2000 weil die Lizenz vorhanden noch ist. Alles geht, nur Word will partou nicht laufen. Entweder sind alle Navigationleisten blank / weg oder das Dokument lädt sich nicht. Aber es gibt eine Lösung! Office LiveAddIn deinstallieren. Office reparieren und voila: Word geht und das OHNE Kompatibilitätsmodus!

/dev/null

Posted on 27.03.2010 by mario

In /dev/null hört dich keiner schreien..

PHP benchmark class

Posted on 24.03.201024.03.2010 by mario

< ?php
/**
 * benchmark
 * @access public
 * @var $timing_start_times float
 * @var $timing_stop_times float
 */
class benchmark{

	public $timing_start_times;
	public $timing_stop_times;


	/**
	* benchmark::timer_start()
	* @access public
	* @param string $name
	* @return int
	*/
	public function timer_start($name = 'default'){
		$this->timing_start_times[$name] = explode(' ', microtime());
	}

	/**
	* benchmark::timer_stop()
	* @access public
	* @param string $name
	* @return
	*/
	public function timer_stop($name = 'default'){
		$this->timing_stop_times[$name] = explode(' ', microtime());
	}

	/**
	* benchmark::timer_result()
	* @access public
	* @param string $name
	* @return int
	*/
	public function timer_result($name = 'default'){
		if (!isset($this->timing_start_times[$name])) {
        	return 0;
    	}
    	if (!isset($this->timing_stop_times[$name])) {
        	$stop_time = explode(' ', microtime());
    	}
    	else
		{
        	$stop_time = $this->timing_stop_times[$name];
    	}
	    // do the big numbers first so the small ones aren't lost
	    $current = $stop_time[1] - $this->timing_start_times[$name][1];
	    $current += $stop_time[0] - $this->timing_start_times[$name][0];
	    return $current;
	}

}
?>

example code

< ?php
require_once "benchmark.class.php";
$bm = new benchmark();
?>
Test Inline Tags vs echo



< ?php $bm->timer_start('echo'); ?>
< ?php
for ($i=0; $i<1000; $i++) {
    echo $i."
";
}
?>
< ?php $bm->timer_stop('echo'); ?>



< ?php $bm->timer_start(str); ?>
< ?php
$str = '';
for ($i=0; $i<1000; $i++) {
    $str .= $i."
";
}
echo $str;
?>
< ?php $bm->timer_stop(str); ?>


 < ?php $bm->timer_start(inline); ?>
< ?php
for ($i=0; $i<1000; $i++) {
?>
123

< ?php
}
?>
< ?php $bm->timer_stop(inline); ?>





Result

echo - < ?php echo $bm->timer_result('echo'); ?>



str - < ?php echo $bm->timer_result(str); ?>



inline - < ?php echo $bm->timer_result(inline); ?>

Datum in batch umformatieren

Posted on 22.03.2010 by mario

Ein einfaches echo %date% gibt zwar das Datum aus, aber nicht gerade in einer schönen Formatierung, vorallem wenn damit Ordner oder Dateien automatisch erstellt werden. Da sortieren der Dateien nach Namen verursacht dann ein ziemliches chaos. Deshalb sollte das Datum eine andere Reihenfolge haben wie: YYYYMMDD

FOR /F "tokens=1,2,3 delims=/. " %%a in ('date /T') do set datum=%%c%%b%%a
echo %datum%

Gleich ein wenig schöner :-)

Grub wieder herstellen

Posted on 16.03.201008.01.2019 by mario

Starten mit SuperGrub
sudo grub-install –root-directory=/ /dev/sda

Ubuntu WOL

Posted on 16.03.201030.04.2010 by mario

Ubuntu Wake on LAN

1. If you havent already, go to your BIOS, and turn on WakeOnLAN (it varies, look for it.) If your network card is onboard, your set for step 2, otherwise there is probably a cable that should go from your network card to your motherboard, though this is not always the case.

2. Back in ubuntu, kubuntu, xubuntu, w/e, we now need to make a script that will run every time the computer is started, because this command only lasts until the computer is turned on again once.

2a. Find out what network device you want to have the computer wake-able from, usually all, which is just one. If you have more network devices in your system, 9 chances out of 10, you already know what they are called. You can NOT wake up a laptop or computer that is only connected via wireless with wake-on-lan, unless the bios has a method for this, this is very rare, and I do not garuntee this howto will work in such cases. In your terminal, type: Code:

ifconfig

You’ll get something like: (I have removed my mac address for security)

eth0      Link encap:Ethernet  HWaddr 01:23:45:67:89:ab
          inet addr:192.168.1.2  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::215:f2ff:fe6f:3487/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:71495 errors:0 dropped:0 overruns:0 frame:0
          TX packets:76190 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:23164212 (22.0 MiB)  TX bytes:7625016 (7.2 MiB)
          Interrupt:217 Base address:0xd400

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:1290 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1290 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:161182 (157.4 KiB)  TX bytes:161182 (157.4 KiB)

So, I want this system to be wake-able from eth0.

2b. Now we create the script. Note: you must be an administrator on the system you are doing this to.

sudo -i

Enter your password at the prompt. Change to the startup script directory and start editing a new file:

cd /etc/init.d/
nano wakeonlanconfig

Paste, or type this into the file, replacing eth0 with your network device, repeat the ethtool line as many times for your devices before the exit line:

#!/bin/bash
ethtool -s eth0 wol g
exit

Set the permissions of the file:

chmod a+x wakeonlanconfig

Make the script run on startup:

update-rc.d -f wakeonlanconfig defaults

You should see something like:

 Adding system startup for /etc/init.d/wakeonlanconfig ...
   /etc/rc0.d/K20wakeonlanconfig -> ../init.d/wakeonlanconfig
   /etc/rc1.d/K20wakeonlanconfig -> ../init.d/wakeonlanconfig
   /etc/rc6.d/K20wakeonlanconfig -> ../init.d/wakeonlanconfig
   /etc/rc2.d/S20wakeonlanconfig -> ../init.d/wakeonlanconfig
   /etc/rc3.d/S20wakeonlanconfig -> ../init.d/wakeonlanconfig
   /etc/rc4.d/S20wakeonlanconfig -> ../init.d/wakeonlanconfig
   /etc/rc5.d/S20wakeonlanconfig -> ../init.d/wakeonlanconfig

Now we finish by running it, and making sure there are no errors.

/etc/init.d/wakeonlanconfig

This should produce no output and put you right back at the prompt you started at.

3. Use it. you’ll need something to send wake-on-lan packets with, „wakeonlan“ is in the repos. And you’ll need the mac address of the system.

To get your MAC address, on the same system you just enabled WOL on, type: Code:

ifconfig | grep HW

its the thing that looks like 01:23:45:67:89:ab , write it down. turn off that system:

sudo halt

if your using wakeonlan from the repos, and you are on the same network as the computer your tying to wake up, replace 01:23:45:67:89:ab with your mac address and do, from another computer:

wakeonlan 01:23:45:67:89:ab

In MOST cases, you CAN SEND wake on lan packets from a wireless connected computer. If that doesnt work, its likely the port on the system your trying to wake up isnt the default (9), try 7, or if your BIOS settings or book told you one, use that one.

wakeonlan -p 7 01:23:45:67:89:ab

Author: mario