Posts Tagged ‘info’

Why don’t you use Window Maker GNU Step to improve your computer interaction performance

Monday, October 30th, 2017

Why-dont-you-use-Window-Maker-graphical-environment-for-your-GNU_Linux-FreeBSD-desktop

If you're pissed off too already of GNOME 3 Unity / GNOME 3 Flashback and KDE Plasma  as I am you perhaps are looking for something more light weigth but you're not okay with default Debian Cinnanom GUI environment or you don't feel confortable for system administration jobs and programming with XFCE then perhaps you would like to give a try to something more old school but build with good design in Mind.

Those who are fans of the evil genius Steve Jobs (as Richard Stallman use to call him), definitely Remember NeXT company and the revolutionary Graphic Environment they tried to develop NeXT Step then you'll be happy to hear about GNUStep  which historically was called AfterStep and is a Free Software remake of NextStep graphical environment for Free and Open Source operating systems (FOSS) such as GNU / Linux and FreeBSD / OpenBSD / NetBSD etc.

Amanda_the_panda_mascot_of_window_maker-graphical-environment-system

Amanda the Panda is the mascot of Window Maker. She was designed by Agnieszka Czajkowska.

The good thing about Window Maker and the complete bunch of desktop environment GNUStep is it much lighter and less complex than the more and more becoming bloated modern Free Software graphical environments, it definitely easifies the way the user interacts with basic browsing with Firefox / Opera, terminal code writting or command system administration and basic chat functionalities such as with Gajim or Pidgin and basic email writting operatins be it with some text email client such as Mutt or with Thunderbird. Its great also to reduce the overall load the Operating System puts on your brain so you can have more time to invest in more useful stuff like programming.

windows-maker-increase-performance-of-work-with-your-computer-howto-wmaker-screenshot

After all simplicity in Operating System is a key for an increased productivity with your computer.
Besides that stability of Window Maker is much better when compared to GNOME and GNOME 2 fork MATE graphical environment which nowadays in my opinion is becoming even more buggy than it used to be some years ago.

Below is how Window Makers site describes Window Maker:

"Window Maker is an X11 window manager originally designed to provide integration support for the GNUstep Desktop Environment. In every way possible, it reproduces the elegant look and feel of the NEXTSTEP user interface. It is fast, feature rich, easy to configure, and easy to use. It is also free software, with contributions being made by programmers from around the world.

Window Maker has a stable user interface since many years and comes with a powerful GUI configuration editor called WPrefs, which removes the need to edit text-based config files by hand. It supports running dockapps which make everyday tasks such as monitoring system performance and battery usage, mounting devices or connecting to the internet very easy. Please see the features section for more specifics on what Window Maker can do, and how it compares with other popular window managers."

Window Maker is bundled with a number of useful applications which gives ability to put Dock applets easily for easily intearcive desktop update of current Weather Report, Monitoring Network Traffic, TV Player (video4linux), laptop battery info dock, CD player and Volume control management app, text editor, pdf viewer, integrated Mail application, Calculator, RSS Reader, GNUStep games and much useful things to customize from the desktop resembling many of the basic features any other graphical environment such as GNOME / KDE Provides.

The User Interface (UI) of Window Maker is highly configurable with an integrated WMaker tool called

WPrefs

Why-dont-you-use-Wmaker-for-better-desktop-performance-Windowmaker_colour_preferences

All generated settings from WPrefs (Window Maker Prefernces) GUI tool are to be stored in a plaintext file:
 

~/GNUstep/Defaults/WMRootMenu

All Wmaker configurations are stored inside ~/GNUstep/ (Your user home GNUStep), so if you're to become its user sooner or later you will have to get acquired to it.

Wmaker is very minimalist and the performance is killing so Window Maker is perhaps the number one choice Graphical Environment to use on Old Computers with Linux and BSD.

Below is a full list of all packages installed on my Debian GNU / Linux that provides WMaker / GNUStep great functionalities:

root@jericho:/home/hipo# dpkg -l |grep -i wmaker; dpkg -l |grep -i gnustep
ii  wmaker                                        0.95.8-2                             amd64        NeXTSTEP-like window manager for X
ii  wmaker-common                                 0.95.8-2                             all          Window Maker – Architecture independent files
ii  wmbattery                                     2.50-1+b1                            amd64        display laptop battery info, dockable in WindowMaker
ii  wmcdplay                                      1.1-2+b1                             amd64        CD player based on ascd designed for WindowMaker
ii  wmifs                                         1.8-1                                amd64        WindowMaker dock app for monitoring network traffic
ii  wmnut                                         0.66-1                               amd64        WindowMaker dock app that displays UPS statistics from NUT's upsd
ii  wmpuzzle                                      0.5.2-2+b1                           amd64        WindowMaker dock app 4×4 puzzle
ii  wmrack                                        1.4-5+b1                             amd64        Combined CD Player + Mixer designed for WindowMaker
ii  wmtv                                          0.6.6-1                              amd64        Dockable video4linux TV player for WindowMaker
ii  wmweather                                     2.4.6-2+b1                           amd64        WindowMaker dockapp that shows your current weather
ii  wmweather+                                    2.15-1.1+b2                          amd64        WindowMaker dock app that shows your current weather
ii  addressmanager.app                            0.4.8-2+b2                           amd64        Personal Address Manager for GNUstep
ii  agenda.app                                    0.42.2-1+b7                          amd64        Calendar manager for GNUstep
ii  charmap.app                                   0.3~rc1-3                            amd64        Character map for GNUstep
ii  charmap.app-common                            0.3~rc1-3                            all          Character map for GNUstep (arch-independent files)
ii  cynthiune.app                                 1.0.0-1+b4                           amd64        Music player for GNUstep
ii  dictionaryreader.app                          0+20080616+dfsg-2+b6                 amd64        Dict client for GNUstep
ii  edenmath.app                                  1.1.1a-7.1+b1                        amd64        Scientific calculator for GNUstep
ii  gnumail.app                                   1.2.2-1.1                            amd64        Mail client for GNUstep
ii  gnumail.app-common                            1.2.2-1.1                            all          Mail client for GNUstep (common files)
ii  gnustep                                       7.8                                  all          User applications for the GNUstep Environment
ii  gnustep-back-common                           0.25.0-2                             amd64        GNUstep GUI Backend – common files
ii  gnustep-back0.25                              0.25.0-2                             all          GNUstep GUI Backend
ii  gnustep-back0.25-cairo                        0.25.0-2                             amd64        GNUstep GUI Backend (cairo)
ii  gnustep-base-common                           1.24.9-3.1                           all          GNUstep Base library – common files
ii  gnustep-base-doc                              1.24.9-3.1                           all          Documentation for the GNUstep Base Library
ii  gnustep-base-runtime                          1.24.9-3.1                           amd64        GNUstep Base library – daemons and tools
ii  gnustep-common                                2.7.0-1                              amd64        Common files for the core GNUstep environment
ii  gnustep-core-devel                            7.8                                  all          GNUstep Development Environment — core libraries
ii  gnustep-core-doc                              7.8                                  all          GNUstep Development Environment — core documentation
ii  gnustep-devel                                 7.8                                  all          GNUstep Development Environment — development tools
ii  gnustep-games                                 7.8                                  all          GNUstep games
ii  gnustep-gui-common                            0.25.0-4                             all          GNUstep GUI Library – common files
ii  gnustep-gui-doc                               0.25.0-4                             all          Documentation for the GNUstep GUI Library
ii  gnustep-gui-runtime                           0.25.0-4+b1                          amd64        GNUstep GUI Library – runtime files
ii  gnustep-icons                                 1.0-5                                all          Several free icons for use with GNUstep and others
ii  gnustep-make                                  2.7.0-1                              all          GNUstep build system
ii  gnustep-make-doc                              2.7.0-1                              all          Documentation for GNUstep Make
ii  gomoku.app                                    1.2.9-2+b2                           amd64        Extended TicTacToe game for GNUstep
ii  gorm.app                                      1.2.23-1                             amd64        Visual Interface Builder for GNUstep
ii  gridlock.app                                  1.10-4+b2                            amd64        Collection of grid-based board games for GNUstep
ii  grr.app                                       1.0-1+b2                             amd64        RSS reader for GNUstep
ii  gworkspace-common                             0.9.3-1                              all          GNUstep Workspace Manager – common files
ii  gworkspace.app                                0.9.3-1+b2                           amd64        GNUstep Workspace Manager
ii  helpviewer.app                                0.3-8+b3                             amd64        Online help viewer for GNUstep programs
ii  libaddresses0                                 0.4.8-2+b2                           amd64        Database API backend framework for GNUstep (library files)
ii  libaddressview0                               0.4.8-2+b2                           amd64        Address display/edit framework for GNUstep (library files)
ii  libgnustep-base-dev                           1.24.9-3.1                           amd64        GNUstep Base header files and development libraries
ii  libgnustep-base1.24                           1.24.9-3.1                           amd64        GNUstep Base library
ii  libgnustep-gui-dev                            0.25.0-4+b1                          amd64        GNUstep GUI header files and static libraries
ii  libgnustep-gui0.25                            0.25.0-4+b1                          amd64        GNUstep GUI Library
ii  libpantomime1.2                               1.2.2+dfsg1-1                        amd64        GNUstep framework for mail handling (runtime library)
ii  libpopplerkit0                                0.0.20051227svn-7.1+b9               amd64        GNUstep framework for rendering PDF content (library files)
ii  libpreferencepanes1                           1.2.0-2+b2                           amd64        GNUstep preferences library – runtime library
ii  librenaissance0                               0.9.0-4+b6                           amd64        GNUstep GUI Framework – library files
ii  librenaissance0-dev                           0.9.0-4+b6                           amd64        GNUstep GUI Framework – development files
ii  librsskit0d                                   0.4-1                                amd64        GNUstep RSS framework (runtime library)
ii  mknfonts.tool                                 0.5-11+b5                            amd64        Create nfont packages for GNUstep
ii  price.app                                     1.3.0-1                              amd64        Image filtering and manipulation using GNUstep
ii  projectcenter.app                             0.6.2-1                              amd64        IDE for GNUstep Development
ii  renaissance-doc                               0.9.0-4                              all          GNUstep GUI Framework – documentation
ii  systempreferences.app                         1.2.0-2+b2                           amd64        GNUstep preferences application
ii  terminal.app                                  0.9.8.1-1                            amd64        Terminal Emulator for GNUstep
ii  textedit.app                                  4.0+20061029-3.5+b1                  amd64        Text editor for GNUstep
ii  viewpdf.app                                   1:0.2dfsg1-5+b2                      amd64        Portable Document Format (PDF) viewer for GNUstep
ii  zipper.app                                    1.5-1+b2                             amd64        Archive manager for GNUstep

Well yes it is true Window Maker is not a spoon for every mouth, those who want to have more confortable desktop environment better look out at other options as Window Maker is Unix / Linux graphical environment that fits better hackers, computer developers and system administrators.

Anyhow if you have some old family member that has to use an old computer architecture and the person is only to use mainly just browser to check email, youtube and basic surfing then Wmaker will be a great choice as it will consume little CPU and Memory much less than the heavy and computer resources sucking GNOME and KDE.

I've historically used Wmaker also with its teminal emulator rxvt (VT102 terminal emulator for the X Windows System) which is a kinda of improved version of xterm (the default terminal program bundled with Xorg server), but for those who are already used to Gnome Terminal nice tabs perhaps that would be not the terminal of choice.

rxvt was build to match well the look and feel of AfterStep and consequently Wmaker, its scrollbar was aiming to very much resemble NeXTStep style scrollbar

windowmaker-bind-run-application-to-make-alt-f2-work-like-in-gnome

Most "custom" shortcuts are used to launch specific applications. To add your own keyboard shortcut for an application, go to the "Applications Menu Definition" panel in the Preferences app.  Select the application item in the menu for which you want to create a shortcut, then use the "capture" button to capture the keystrokes you want to assign to that item.  In the screenshot, I've assigned Mod1 + W to open Firefox.

Above  screenshot shows how to map the Run Application keyboard bind to behave like GNOME Run application ALT + F2

window-maker-run-command-like-gnome-run-screenshot-gnu-linux-unix-freebsd

Customizing background of Window Maker

Because WMaker is so simple made and targetting more of a developer audience for use it doesn't have a special graphical interaface to set a Background if you like so, but instead you need to use a wmsetbg command to do so:
 

wmsetbg -s -u filename.jpg

 

WMSetBG command stands for WindowMaker Set Background


If you're too lazy to install and start configuring wmaker, there is a Window Maker LiveCD, you can run Window Maker through LiveCD in Virtual Machine such as VirtualBox to get feeling what you're about to get if you install and start using Wmaker on your Computer.

window-maker-livecd-screenshot-synaptic+wprefs
 

Well at first with Window Maker you might feel confused and quickly irritating missing the already established way to work with your computer, but that's just for a starter sooner you will realize, that for using a limited number of applications for work wmaker, makes you much more efficient. Moreover using your computer with Wmaker can rewire your brain circuits to think a little bit different.

Once you switched to Window Maker you will likely want to have a graphical option to connect to Wireless Networks especially if you're using Wmaker on a notebook it is convenient to not always manually do scan for networks with
 

Iwlscan


commad and use wpasupplicant command to connect instead you can just install wicd and stop default Gnome Network Manager (called Network Manager), you can do so by running as root:
 

service network-manager stop
apt-get install wicd wicd-gtk
service wicd start
wicd-gtk &

 

How to check Linux OS install date / How long ago was Linux installed

Sunday, October 22nd, 2017

If you're sysadmin who inherited a few hundreds of Linux machines from a previous admin and you're in process of investigating how things were configured by the previous administrator one of the crucial things to find out might be

How Long ago was Linux installed?

Here is how to check the Linux OS install date.

The universal way nomatter the Linux distribution is to use fullowing command:

 

root@pcfreak:~# tune2fs -l /dev/sda1 | grep 'Filesystem created:'
Filesystem created:       Thu Sep  6 21:44:22 2012

 

 

Above command assumes the Linux's root partition / is installed on /dev/sda1 however if your case is different, e.g. the primary root partition is installed on /dev/sda2 or /dev/sdb1 / dev/sdb2 etc. just place the right first partition into the command.

If primary install root partition is /dev/sdb1 for example:
 

root@pcfreak:~# tune2fs -l /dev/sdb1 | grep 'Filesystem created:'

 


To find out what is the root partition of the Linux server installed use fdisk command:

 

 

 

root@pcfreak:~# fdisk -l

 

Disk /dev/sda: 465,8 GiB, 500107862016 bytes, 976773168 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x00051eda

Device     Boot     Start       End   Sectors   Size Id Type
/dev/sda1  *         2048 965193727 965191680 460,2G 83 Linux
/dev/sda2       965195774 976771071  11575298   5,5G  5 Extended
/dev/sda5       965195776 976771071  11575296   5,5G 82 Linux swap / Solaris

Disk /dev/sdb: 111,8 GiB, 120034123776 bytes, 234441648 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x00000000

 


Other ways to check the Linux OS install date on Debian / Ubuntu / Mint etc. deb. based GNU / Linux

 


Deban based Linux distributions do create an initial /var/log/installer directory containing various install information such as hardware-summary, partition, initial installed deb packages, exact version of Linux distribution, and the way it was installed either it was installed from an ISO image, or it was network install etc.

 

root@pcfreak:~# ls -al /var/log/installer/
total 1228
drwxr-xr-x  3 root root   4096 sep  6  2012 ./
drwxr-xr-x 72 root root  12288 окт 22 06:26 ../
drwxr-xr-x  2 root root   4096 sep  6  2012 cdebconf/
-rw-r–r–  1 root root  17691 sep  6  2012 hardware-summary
-rw-r–r–  1 root root    163 sep  6  2012 lsb-release
-rw——-  1 root root 779983 sep  6  2012 partman
-rw-r–r–  1 root root  51640 sep  6  2012 status
-rw——-  1 root root 363674 sep  6  2012 syslog

 

If those directory is missing was wiped out by the previous administrator, to clear up traces of his previous work before he left job another possible way to find out exact install date is to check timestamp of /lost+found directory;
 

root@pcfreak:~# ls -ld /lost+found/
drwx—— 2 root root 16384 sep  6  2012 /lost+found//

 

Check OS Linux install date on (Fedora, CentOS, Scientific Linux, Oracle and other Redhat RPM based Distros)

 

[root@centos: ~]# rpm -qi basesystem
Name        : basesystem
Version     : 10.0
Release     : 7.el7
Architecture: noarch
Install Date: Mon 02 May 2016 19:20:58 BST
Group       : System Environment/Base
Size        : 0
License     : Public Domain
Signature   : RSA/SHA256, Tue 01 Apr 2014 14:23:16 BST, Key ID     199e2f91fd431d51
Source RPM  : basesystem-10.0-7.el7.src.rpm
Build Date  : Fri 27 Dec 2013 17:22:15 GMT
Build Host  : ppc-015.build.eng.bos.redhat.com
Relocations : (not relocatable)
Packager    : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>
Vendor      : Red Hat, Inc.
Summary     : The skeleton package which defines a simple Red Hat Enterprise Linux system
Description :
Basesystem defines the components of a basic Red Hat Enterprise Linux
system (for example, the package installation order to use during
bootstrapping). Basesystem should be in every installation of a system,
and it should never be removed.

 

Check how webpage looks with Internet Explorer on Linux and FreeBSD with Mozilla Firefox (Netrenderer Firefox plugin)

Thursday, November 1st, 2012

Simulate Internet Explorer in screenshots on GNU / Linux and FreeBSD using Netrenderer in Firefox - Internet Explorer testing tool for web developers on Linux and FreeBSD

I'm not full time web developer. But sometimes, I develop websites too or just had to do some website testing.
I'm using GNU / Linux and BSD as main server and desktop platforms for many years already and hence I don't have regular access to Windows OS and respectively Internet Explorer. In that manner of thoughts it is very useful to have a way to check if a certain website I create displays fine on Internet Explorer 6,7,8 too.

Usually whether I need to test if website displays properly its elements in Internet Explorer I do use the infamous  http://ipinfo.info/netrenderer/index.php – I guess it is almost impossible anyone is developing websites on Linux and don't know it :). Fortunately while I was googling to remind myself about the exact link location to netrenderer, I've stumbled upon Mozilla Firefox add-on extension which does precisely what ipinfo.info/netrenderer/ website does – i.e. renders a website with HTML Web Engine compatible   to most Internet Explorer versions and creating screenshots on how a website would look under Internet Explorer. Of course the plugin is not a panace and since it only makes screenshots whether there are problems with interactivity (Javascript AJAX) of a website on IE will the plugin will be of zero use. However in general it is good to know if at least the website elements are ordered fine.
After the plugin is added in the usual way as any other plugin in FF, you can start using it with keyboard shortcuts:

Ctrl+Shift+F5/F6/F7/F8 – respectively renders the page in IE5.5, IE 6, IE 7 / IE 8 Beta 2

Pressing CTRL + Shift + FX, makes the IE screenshot of site using http://ipinfo.info/netrenderer/

I'm currently running latest Firefox version 16.0.2 and here plugin works, fine I guess on most FF releases not older than few years it should work fine too.

Below is description of the plugin, as taken from plugin website:

IE NetRendered Add-on Description

Adds buttons, tools menu and contextual menu entries to get a screenshot of the current page with IE NetRenderer.

Keyboard shortcuts are also available: Ctrl+Shift+F5/F6/F7/F8 to render the page in IE5.5/6/7/8 Beta 2 (Cmd+Shift+F* on Mac).

Really useful for webmasters which are not using Windows!

You can also access the IE NetRenderer service here: http://ipinfo.info/netrenderer/index.php

Please note that the extension developper is not affiliated with GEOTEK, providing the IE NetRenderer service. You can visit his website here: http://nicopensource.free.fr/

 

 

 

 

 

 

 

 

 

MK Ultra Documentary movie on CIA Mind Research project – Human Experiments in U.S.

Wednesday, May 16th, 2012

mk-ultra-CIA-mind-control-human-experiments-research-project

As I've talked already about the existence of mind control brain manipulation techniques developed in the 1960-70s in US under secrecy with a codename MK Ultra. While I was checking stuff in youtube, I've stumbled today on a whole length 47 minutes documentary. Going after the tracks of the MK-Ultra Project. The video gives quite a good details on how the project went and surely is a must see for anyone interested in the sphere…
Here is the video:

MKULTRA Documentary: CIA Mind Control Research – Human Experiments in the United States

As one can guess the Russian had also a similar mind control secret program runnning  in their secret services. There is not so much available on how far the Russians has gone. Some of the programs Russians done is using waves to damage or put under a hypnotic like state the masses. The Russia's research was mostly in the field of Psychotronic research – This means using elecromagnetic forces to alter the human psycho. Here is one video I found on the subject, though I'm not so sure how reliable the quoted info is.
As always Russia is way more secret than the rest of the world.
I guess secrecy is part of the slavonic nations genes 🙂

Monarch Chapter 10B: Russian Mind Control

We can only guess, how far have nowdays the researches on Mind Control and Psychotronic weapons go. Some people say (as far as I've researched so far) there are already some kind of radio sound waves going around that puts us in a state that we can easily accept suggestions, I'm not sure this info is real though. As I don't think God will allow humans to do something such monsterous as behind the scenes  mass human population mind control. 

My guess is people involved into business, are pretty much aware of this programs and has researched plenty on the topic already. As succesful manipulation (mind control / branwashing) call it as you will is a key to almost every kind of succesful business out there. 

How to check Java JAR JDBC / ODBC version on Linux / Unix and Windows server

Tuesday, March 31st, 2015

how-to-check-java-jar-odbc-jdbc-version-linux-unix-windows-server
If you're forced to update some Java based Web application using Java + Tomcat / WebSphere / Weblogic it is a common thing that the Java App developer handed to you will ask you which version is the Oracle JDBC / ODBC driver on current Java Virtual Machine version installed.


Actually there are few methods to check Java JDBC / ODBC version:

1. Check Java ODBC version greeping it in  WEB-INF/MANIFEST.MF

Usually the .jar file comes archived in a .ZIP – i.e.  application-name5 .zip
 

server:~# unzip application-name5.zip

 

Then if the .zip file contains the OJDBC as a .JAR extension – (Java Archive), inflate it with jar tool.
 

server:~# jar -xvf ojdbc7.jar META-INF/MANIFEST.MF
inflated: META-INF/MANIFEST.MF

server:~# grep Implementation META-INF/MANIFEST.MF
Implementation-Vendor: Oracle Corporation
Implementation-Title: JDBC
Implementation-Version: 12.1.0.1.0

 

Alternative way to check the info (if you don't have java or jar installed on the Linux / Unix machine) is simply with unzip + grep like so:

 

server:~# unzip -p ojdbc14.jar META-INF/MANIFEST.MF | grep -C 1 version

Manifest-Version: 1.0
Implementation-Version: "Oracle JDBC Driver version – 10.1.0.5.0"
Specification-Title: "Oracle JDBC driver classes for use with JDK1.4"
Specification-Version: "Oracle JDBC Driver version – 10.1.0.5.0"
Implementation-Title: "ojdbc14.jar"

 

If you're on a Windows (and you have Windows server grep.exe installed), use instead:

 

C:\jar> unzip -p ojdbc14.jar META-INF/MANIFEST.MF | grep -C version

 


2. Getting some info with Java JRE tool

You can check some useful Java version info also just with Java Runtime Environment (java) tool
 

server:~# java -jar ojdbc5.jar

Oracle 11.1.0.7.0-Production JDBC 3.0 compiled with JDK5

Maximal protection against SSH attacks. If your server has to stay with open SSH (Secure Shell) port open to the world

Thursday, April 7th, 2011

Brute Force Attack SSH screen, Script kiddie attacking
If you’re a a remote Linux many other Unix based OSes, you have defitenily faced the security threat of many failed ssh logins or as it’s better known a brute force attack

During such attacks your /var/log/messages or /var/log/auth gets filled in with various failed password logs like for example:

Feb 3 20:25:50 linux sshd[32098]: Failed password for invalid user oracle from 95.154.249.193 port 51490 ssh2
Feb 3 20:28:30 linux sshd[32135]: Failed password for invalid user oracle1 from 95.154.249.193 port 42778 ssh2
Feb 3 20:28:55 linux sshd[32141]: Failed password for invalid user test1 from 95.154.249.193 port 51072 ssh2
Feb 3 20:30:15 linux sshd[32163]: Failed password for invalid user test from 95.154.249.193 port 47481 ssh2
Feb 3 20:33:20 linux sshd[32211]: Failed password for invalid user testuser from 95.154.249.193 port 51731 ssh2
Feb 3 20:35:32 linux sshd[32249]: Failed password for invalid user user from 95.154.249.193 port 38966 ssh2
Feb 3 20:35:59 linux sshd[32256]: Failed password for invalid user user1 from 95.154.249.193 port 55850 ssh2
Feb 3 20:36:25 linux sshd[32268]: Failed password for invalid user user3 from 95.154.249.193 port 36610 ssh2
Feb 3 20:36:52 linux sshd[32274]: Failed password for invalid user user4 from 95.154.249.193 port 45514 ssh2
Feb 3 20:37:19 linux sshd[32279]: Failed password for invalid user user5 from 95.154.249.193 port 54262 ssh2
Feb 3 20:37:45 linux sshd[32285]: Failed password for invalid user user2 from 95.154.249.193 port 34755 ssh2
Feb 3 20:38:11 linux sshd[32292]: Failed password for invalid user info from 95.154.249.193 port 43146 ssh2
Feb 3 20:40:50 linux sshd[32340]: Failed password for invalid user peter from 95.154.249.193 port 46411 ssh2
Feb 3 20:43:02 linux sshd[32372]: Failed password for invalid user amanda from 95.154.249.193 port 59414 ssh2
Feb 3 20:43:28 linux sshd[32378]: Failed password for invalid user postgres from 95.154.249.193 port 39228 ssh2
Feb 3 20:43:55 linux sshd[32384]: Failed password for invalid user ftpuser from 95.154.249.193 port 47118 ssh2
Feb 3 20:44:22 linux sshd[32391]: Failed password for invalid user fax from 95.154.249.193 port 54939 ssh2
Feb 3 20:44:48 linux sshd[32397]: Failed password for invalid user cyrus from 95.154.249.193 port 34567 ssh2
Feb 3 20:45:14 linux sshd[32405]: Failed password for invalid user toto from 95.154.249.193 port 42350 ssh2
Feb 3 20:45:42 linux sshd[32410]: Failed password for invalid user sophie from 95.154.249.193 port 50063 ssh2
Feb 3 20:46:08 linux sshd[32415]: Failed password for invalid user yves from 95.154.249.193 port 59818 ssh2
Feb 3 20:46:34 linux sshd[32424]: Failed password for invalid user trac from 95.154.249.193 port 39509 ssh2
Feb 3 20:47:00 linux sshd[32432]: Failed password for invalid user webmaster from 95.154.249.193 port 47424 ssh2
Feb 3 20:47:27 linux sshd[32437]: Failed password for invalid user postfix from 95.154.249.193 port 55615 ssh2
Feb 3 20:47:54 linux sshd[32442]: Failed password for www-data from 95.154.249.193 port 35554 ssh2
Feb 3 20:48:19 linux sshd[32448]: Failed password for invalid user temp from 95.154.249.193 port 43896 ssh2
Feb 3 20:48:46 linux sshd[32453]: Failed password for invalid user service from 95.154.249.193 port 52092 ssh2
Feb 3 20:49:13 linux sshd[32458]: Failed password for invalid user tomcat from 95.154.249.193 port 60261 ssh2
Feb 3 20:49:40 linux sshd[32464]: Failed password for invalid user upload from 95.154.249.193 port 40236 ssh2
Feb 3 20:50:06 linux sshd[32469]: Failed password for invalid user debian from 95.154.249.193 port 48295 ssh2
Feb 3 20:50:32 linux sshd[32479]: Failed password for invalid user apache from 95.154.249.193 port 56437 ssh2
Feb 3 20:51:00 linux sshd[32492]: Failed password for invalid user rds from 95.154.249.193 port 45540 ssh2
Feb 3 20:51:26 linux sshd[32501]: Failed password for invalid user exploit from 95.154.249.193 port 53751 ssh2
Feb 3 20:51:51 linux sshd[32506]: Failed password for invalid user exploit from 95.154.249.193 port 33543 ssh2
Feb 3 20:52:18 linux sshd[32512]: Failed password for invalid user postgres from 95.154.249.193 port 41350 ssh2
Feb 3 21:02:04 linux sshd[32652]: Failed password for invalid user shell from 95.154.249.193 port 54454 ssh2
Feb 3 21:02:30 linux sshd[32657]: Failed password for invalid user radio from 95.154.249.193 port 35462 ssh2
Feb 3 21:02:57 linux sshd[32663]: Failed password for invalid user anonymous from 95.154.249.193 port 44290 ssh2
Feb 3 21:03:23 linux sshd[32668]: Failed password for invalid user mark from 95.154.249.193 port 53285 ssh2
Feb 3 21:03:50 linux sshd[32673]: Failed password for invalid user majordomo from 95.154.249.193 port 34082 ssh2
Feb 3 21:04:43 linux sshd[32684]: Failed password for irc from 95.154.249.193 port 50918 ssh2
Feb 3 21:05:36 linux sshd[32695]: Failed password for root from 95.154.249.193 port 38577 ssh2
Feb 3 21:06:30 linux sshd[32705]: Failed password for bin from 95.154.249.193 port 53564 ssh2
Feb 3 21:06:56 linux sshd[32714]: Failed password for invalid user dev from 95.154.249.193 port 34568 ssh2
Feb 3 21:07:23 linux sshd[32720]: Failed password for root from 95.154.249.193 port 43799 ssh2
Feb 3 21:09:10 linux sshd[32755]: Failed password for invalid user bob from 95.154.249.193 port 50026 ssh2
Feb 3 21:09:36 linux sshd[32761]: Failed password for invalid user r00t from 95.154.249.193 port 58129 ssh2
Feb 3 21:11:50 linux sshd[537]: Failed password for root from 95.154.249.193 port 58358 ssh2

This brute force dictionary attacks often succeed where there is a user with a weak a password, or some old forgotten test user account.
Just recently on one of the servers I administrate I have catched a malicious attacker originating from Romania, who was able to break with my system test account with the weak password tset .

Thanksfully the script kiddie was unable to get root access to my system, so what he did is he just started another ssh brute force scanner to crawl the net and look for some other vulnerable hosts.

As you read in my recent example being immune against SSH brute force attacks is a very essential security step, the administrator needs to take on a newly installed server.

The easiest way to get read of the brute force attacks without using some external brute force filtering software like fail2ban can be done by:

1. By using an iptables filtering rule to filter every IP which has failed in logging in more than 5 times

To use this brute force prevention method you need to use the following iptables rules:
linux-host:~# /sbin/iptables -I INPUT -p tcp --dport 22 -i eth0 -m state -state NEW -m recent -set
linux-host:~# /sbin/iptables -I INPUT -p tcp --dport 22 -i eth0 -m state -state NEW
-m recent -update -seconds 60 -hitcount 5 -j DROP

This iptables rules will filter out the SSH port to an every IP address with more than 5 invalid attempts to login to port 22

2. Getting rid of brute force attacks through use of hosts.deny blacklists

sshbl – The SSH blacklist, updated every few minutes, contains IP addresses of hosts which tried to bruteforce into any of currently 19 hosts (all running OpenBSD, FreeBSD or some Linux) using the SSH protocol. The hosts are located in Germany, the United States, United Kingdom, France, England, Ukraine, China, Australia, Czech Republic and setup to report and log those attempts to a central database. Very similar to all the spam blacklists out there.

To use sshbl you will have to set up in your root crontab the following line:

*/60 * * * * /usr/bin/wget -qO /etc/hosts.deny http://www.sshbl.org/lists/hosts.deny

To set it up from console issue:

linux-host:~# echo '*/60 * * * * /usr/bin/wget -qO /etc/hosts.deny http://www.sshbl.org/lists/hosts.deny' | crontab -u root -

These crontab will download and substitute your system default hosts with the one regularly updated on sshbl.org , thus next time a brute force attacker which has been a reported attacker will be filtered out as your Linux or Unix system finds out the IP matches an ip in /etc/hosts.deny

The /etc/hosts.deny filtering rules are written in a way that only publicly known brute forcer IPs will only be filtered for the SSH service, therefore other system services like Apache or a radio, tv streaming server will be still accessible for the brute forcer IP.

It’s a good practice actually to use both of the methods 😉
Thanks to Static (Multics) a close friend of mine for inspiring this article.

How to determine WordPress blogs with most spam on multiple blog hosting server

Thursday, November 27th, 2014

determine_find_blogs_with_most_spam-on-multiple-wordpress-blogs-hosting-server-stop-and-clea-large-amounts-ofrcomment-spam
If you're a hosting company that is hosts Joomla / WordPress / ModX websites (each) on separate servers and thus you end up with servers hosting multiple WordPress customer Blogs only, lets say (100+ WP blogs per host) soon your MySQL blogs databases will be full (overfilled) with spam comments. Blogs with multitude of spam comments reduces the WordPress site attractiveness, takes useless disk space, makes wp databases hard to backup and slowing drastically the SQL server.

As our duty as system administrators is to keep the servers optimized (improve performance) and prevent spam-bots to hammer your Linux servers, its is always a good idea to keep an eye on which hosted blogs attract more spammers and cause server overheads and bad hardware optimization.

WordPress blogs keeps logged comments under database_name.wp_comments  (table) thus the quickest way to find out blogs with largest comments tables is to use Linux's find command and print out only comments tables larger than set size.

Here is how:

find /var/lib/mysql/ -type f -size +1024k -name "*_comments.MYD" -exec ls -lh {} ; | awk '{ print $9 ": " $5 }'


/var/lib/mysql/funny-blog/wp_comments.MYD: 15,7M
/var/lib/mysql/wordblogger/wp_comments.MYD: 5,3M
/var/lib/mysql/loveblog/wp_comments.MYD: 50,5M

A comments database of 1MB means about at least 500+ comments, thus the blog loveblog's wp_comments.MYD = 50,5 Mbs contains probably about 10000! comments and should be definitely checked in a browser, if its overfilled with spam because of bad anti-spam policy or missing currently best wordpress spam catcher plugin Akismet. In cases of lack of client to protect his spam you can write quickly a script to auto mail him and ask him kindly to check / fix his blog spam.
In some cases it is useful to write a few liners bash script to automatically disable users with extraordinary blog spam comments databases (quickest way to do it is to move users blog data under quarantine directory and adding a Blog Suspended static html webpage with text like "Please contact support for more info".

1024k find arguments is 1MB, on a big hosted blogs this might be low and you might want to use (100Mb) = 102400kbytes.
You should note that *_comments.MYD in above find cmd is because though standardly wordpress sets wp_ as a prefix to its created skele table structures it is not always the case. 

In above command example find looks for spam comments in /var/lib/mysql (because this is a Debian Linux server), however on other MySQL custom installs, it might be in another dir i.e. /usr/local/mysql/data etc.

It is useful to set the wp_comments statistics output to execute at least once a day as a cronjob:

crontab -u root -e 00 24 * * * /usr/sbin/check_spammed_blogs.sh

vim /usr/check_soammed_blogs.sh

Set a script like:

#!/bin/sh
find /var/lib/mysql/ -type f -size +1024k -name "*_comments.MYD" -exec ls -lh {} ; | awk '{ print $9 ": " $5 }' | tee -a /var/log/blogs_with_most_spam_comments.log

Though above commands is to run on GNU / Linux, for Windows servers based hosting you can  install GNUWin tools and adapt above cmd using windows standard commands or PowerShell to do the same.
Finally you can might want to use some other SQL script to clear blogs with enormously large tables from spam or clear all unapproved spam comments

How to View Mail (Full Headers) in Outlook 97 / 98 / 2003 / 2007 / 2010 and Outlook 2013 Mail client on Windows and Mac OS

Tuesday, December 16th, 2014

View-Full-Mail-headers-in-Outlook-97-98-2003-2007-2010-2013-on-Windows-Mac-OSX

Being able to see the headers is very important if you have to administer Microsoft Exchange mail server / Windows Active directory in case whether mails have some issues not being received within a Corporate Outlook MS Clients because of being mistakenly flagged as spam, or just to track the route of the mail. By default Outlook displays only few fields of the headers: From, Sent (date and time), To, and CCs. This gives too little info and is often irritating, as you can't really see important info such as:

  • Mail Carriers (Mail SMTPs) through which Mail has been passed
  • Mail MIME Header / Type (specifics)
  • Any extra written by mail server Anvirus
  • Anti-Malware check headers etc
  • Pyzor / Razor / Blacklisting check pass / fail headers etc.


1. How to view Mail headers in Outlook 2010 / 2013
 

In Outlook 2010 / 2013  when you use the default settings, you need to OPEN the message (Double Click on some random Mail) and either go to the Tags section of the ribbon or go to File, Properties.

message-property-tag-microsoft-outlook-2010-2013-screenshot 

Click on the Expand button (highlighted in yellow) in the lower right corner to show the Message options dialog. Voila You will have the Properties dialog with the (Mail) Internet headers in the bottom (see screenshot)

 

One thing to mention is when you have a Mail Message Headers visible through the Properties dialog in Outlook, it is very unpleasent there is no way to search inside Visualized Mail headers ..
 

2. How to access Outlook Full Mail Headers using a shortcut

For those who had to regularly check Mail headers, it is very useful to make Outlook View Headers accessible through a key shortcut.

Here is how:

a) Go to File > Options > Quick Access Toolbar.
b) In Choose Commands From, select
Commands Not in the Ribbon

commands-not-in-the-ribbon-screenshot-ms-outlook-2010-2013

c) Click in the list of commands and press M on the keyboard

d) Scroll to find Message Options

e) Click Add > (button) to add it to the QAT.

Outlook-Options-Quick_Access_Toolbar_screenshot-ms-windows-add-QAT-shortcut-to-message-options
 

To Quickly Access New added "Message Options" / View headers QAT, the shortcut to use is something like ALT + 3, or ALT + number (depending on the number of QATs already existing in the mailbox, the position of the Message Options on the QAT bar determines the exact nr. to be used.)

On older versions of Microsoft Outlook Mail Clients 97 / 98 / 2003 / 2007 to View Mail Headers

Right-click on Mail message in the folder view, then choose Options.

Or

In an Opened Mail Message, choose View -> Options.
 

3. Viewing Mail Headers on MS Outlook running on Mac OS 

If you happen to need use MS Outlook on Mac OS X (hope you'll not 🙂 ) to View Complete Mail Headers

Select the message whose headers you want to view.
Right-click (or Control-click) on the message and choose View Source.
Message headers appear at the top of the text document that opens.