number Archives - Page 5 of 8 - ☩ Walking in Light with Christ - Faith, Computing, Diary ☩ Walking in Light with Christ

Posts Tagged ‘number’

How to disable ACPI (power saving) support in FreeBSD / Disable acpi on BSD kernel boot time

Tuesday, May 15th, 2012

On FreeBSD the default kernel is compiled to support ACPI. Most of the modern PCs has already embedded support for ACPI power saving instructions.
Therefore a default installed FreeBSD is trying to take advantage of this at cases and is trying to save energy.
This is not too useful on servers, because saving energy could have at times a bad impact on server performance if the server is heavy loaded at times and not so loaded at other times of the day.

Besides that on servers saving energy shouldn't be the main motivator but server stability and productivity is. Therefore in my personal view on FreeBSD used on servers it is better to disable complete the ACPI in order to disable CPU fan control to change rotation speeds all the time from low to high rotation cycles and vice versa at times of low / high server load.

Another benefit of removing the ACPI support on a server is this would probably increase the CPU fan life span and possibly prevent the CPU to be severely heated at times.

Moreover, some piece of hardware might have troubles in properly supporting ACPI specifications and thus ACPI could be a reason for unexpected machine hang ups.

With all said I would recommend to anyone willing to use BSD for a server to disable the ACPI (Advanced Configuration and Power Interface), just like I did.

Here is how;

1. Quick review on how ACPI is handled on FreeBSD

acpi support is being handled on FreeBSD by a number of loadable kernel modules, here is a complete list of all the kernel modules dealins with acpi:

freebsd# cd /boot freebsd# find . -iname '*acpi*.ko' ./kernel/acpi.ko ./kernel/acpi_aiboost.ko ./kernel/acpi_asus.ko ./kernel/acpi_fujitsu.ko ./kernel/acpi_ibm.ko ./kernel/acpi_panasonic.ko ./kernel/acpi_sony.ko ./kernel/acpi_toshiba.ko ./kernel/acpi_video.ko ./kernel/acpi_dock.ko

By default on FreeBSD, if hardware has some support for ACPI the acpi gets activated by acpi.ko kernel module. The specific type of vendors specific ACPI like IBM, ASUS, Fujitsu are controlled by the respective kernel module from the list …

Hence, to control if ACPI is loaded or not on a FreeBSD system with no need to reboot one can use kldload, kldunload module management BSD cmds.

a) Check if acpi is loaded on a BSD

freebsd# kldstatkldstat | grep -i acpi 9 1 0xc9260000 57000 acpi.ko

b) unload kernel enabled ACPI support

freebsd# kldunload acpi

c) Load acpi support (not the case with me but someone might need it, if for instance BSD is running on laptop)

freebsd# kldload acpi

2. Disabling ACPI to load on bootup on BSD

a) In /boot/loader.conf add the following variables:

hint.acpi.0.disabled="1" hint.p4tcc.0.disabled=1 hint.acpi_throttle.0.disabled=1

b) in /boot/device.hints add:

hint.acpi.0.disabled="1"

c) in /boot/defaults/loader.conf make sure:

##############################################################
### ACPI settings ##########################################
##############################################################
acpi_dsdt_load="NO" # DSDT Overriding
acpi_dsdt_type="acpi_dsdt" # Don't change this
acpi_dsdt_name="/boot/acpi_dsdt.aml"
# Override DSDT in BIOS by this file
acpi_video_load="NO" # Load the ACPI video extension driver

d) disable ACPI thermal monitoring

It is generally a good idea to disable the ACPI thermal monitoring, as many machines hardware does not support it.

To do so in /boot/loader.conf add

debug.acpi.disabled="thermal"

If you want to learn more on on how ACPI is being handled on BDSs check out:

freebsd# man acpi

Other alternative method to permanently wipe out ACPI support is by not compiling ACPI support in the kernel.
If that's the case in /usr/obj/usr/src/sys/GENERIC make sure device acpi is commented, e.g.:

##device acpi

Tags: acpi specifications, acpi support, advanced configuration and power interface, aiboost, Auto, benefit, boot time, BSD, cd boot, control, cpu fan, default kernel, Draft, fan control, fan life, FreeBSDacpi, Fujitsu, ibm, impact, iname, kernel module, kldload, life span, loadable kernel modules, loader, Monitoring, motivator, number, personal view, piece, power, quot, reason, rotation, rotation speeds, saving energy, server load, server performance, server stability, shouldn, support, time, type, ups, video
Posted in FreeBSD, System Administration | No Comments »

Editting binary files in console and GUI on FreeBSD and Linux

Thursday, April 26th, 2012

I’ve recently wanted to edit one binary file because there was compiled in the binary a text string with a word I didn’t liked and therefore I wanted to delete. I know I can dig in the source of the proggie with grep and directly substitute my “unwatned text” there but I wanted to experiment, and see what kind of hex binary text editors are for Free OSes.
All those who lived the DOS OS computer era should certainly remember the DOS hex editors was very enjoyable. It was not rare case, where in this good old days, one could simply use the hex editor to “hack” the game and add extra player lives or modify some vital game parameter like put himself first in the top scores list. I even remember some DOS programs and games was possible to be cracked with a text editor … Well it was times, now back to current situation as a Free Software user for the last 12 years it was interesting to see what is the DOS hexeditor like alternatives for FreeBSD and Linux and hence in this article I will present my findings:

A quick search in FreeBSD ports tree and Debian installable packages list, I’ve found a number of programs allowing one to edit in console and GUI binary files.

Here is a list of the hex editors I will in short review in this article:

hexedit
dhex
chexedit
hte
hexer
hexcurse
ghex
shed
okteta
bless
lfhex

1. hexedit on Linux and BSD – basic hex editor

I’ve used hexedit already on Linux so I’ve used it some long time ago.

My previou experience in using hexedit is not too pinky, I found it difficult to use on Redhat and Debian Linux back in the day. hexedit is definitely not a choice of people who are not “initiated” with hex editting.
Anyways if you want to give it a try you can install it on FreeBSD with:

freebsd# cd /usr/ports/editors/hexedit
freebsd# make install clean
…

On Debian the hexedit, install package is named the same so installation is with apt:

debian:~# apt-get –yes install hexedit

2. Hex editting with chexedit

I’ve installed chexedit the usual way from ports:

freebsd# cd /usr/ports/editors/chexedit
freebsd# make install clean

…

chexedit is using the ncurses text console library, so the interface is very similar to midnight commander (mc) as you see from below’s screenshot:

Editting the binary compiled in string was an easy task with chexedit as most of the commands are clearly visible, anyways changing a certain text string contained within the binary file with some other is not easy with chexedit as you need to know the corresponding binary binary value representing each text string character.
I’m not a low level programmer, so I don’t know the binary values of each keyboard character and hence my competence came to the point where I can substitute the text string I wanted with some unreadable characters by simply filling all my text string with AA AA AA AA values…

chexedit on Debian is packaged under a deb ncurses-hexedit. Hence to install it on Deb run:

debian:~# apt-get –yes install ncurses-hexedit
…

Further on the binary to run chexedit on binary contained within ncurses-hexedit is:

debian:~# hexeeditor

3. Hex Editting on BSD and Linux with hte

Just after trying out chexedit, I’ve found about the existence of one even more sophisticated hexeditor console program available across both FreeBSD and Linux.
The program is called hte (sounds to me a bit like the Indian word for Elephant “Hatti” :))

hte is installable on Debian with cmd:

debian:~# apt-get install ht

On FreeBSD the port name is identical, so to install it I execed:

freebsd# cd /usr/ports/editors/hte
freebsd# make install clean
…

hte is started on Debian Linux (and presumably other Linux distros) with:

$ hte

On FreeBSD you need to run it with ht command:

freebsd# ht

You see how hte looks like in below screenshot:

ht has the look & feel like midnight commander and I found it easier to use than chexedit and hexeditor
4. hexer VI like interface for Linux

As I was looking through the available packages ready to install, I’ve tried hexer

debian:~# apt-get install –yes hexer
…

hexer does follow the same standard commands like VIM, e.g. i for insert, a for append etc.

It was interesting to find out hexer was written by a Bulgarian fellow Petar Penchev 🙂
(Proud to be Bulgarian)

http://people.freebsd.org/~roam/ – Petar Penchev has his own page on FreeBSD.org

As a vim user I really liked the idea, the only thing I didn’t liked is there is no easy way to just substitute a string within the binary with another string.

5. hexcurse another ncurses library based hex editor

On Deb install and run via:

debian:~# apt-get –yes install hexcurse
debian:~# hexcurse /usr/bin/mc

hexcurse is also available on FreeBSD to install it use cmd:

freebsd# cd /usr/ports/editors/hexcurse
freebsd# make install clean
….

To access the editor functions press CTRL+the first letter of the word in the bottom menu, CTRL+H, CTRL+S etc.
Something I disliked about it is the program search is always in hex, so I cannot look for a text string within the binaries with it.

6. ghex – Editting binary files in graphical environment

If you’re running a graphical environment, take a look at ghex. ghex is a gnome (graphical hex) editor.Installing ghex on Debian is with:

debian:~# apt-get –yes install ghex
….

To run ghex from terminal type:

debian:~# ghex2

To install ghex on FreeBSD (and I assume other BSDs), install via port:

freebsd# cd /usr/ports/editors/ghex
freebsd# make install clean

Gnome hex editor have plenty of tools, useful for developers to debug binary files.

Some nice tools one can find are under the the menus:

Windows -> Character Table

This will show a complete list of each keyboard sent character in ASCII, Hex, Decimal, Octal and Binary

Another useful embedded tool in ghex is:

Windows -> Type Convertion Dialog

Note that if you want to use the Type Convertion Dialog tool to find the representing binary values of a text string you will have to type in the letters one by one and save the output within a text file and later you can go and use the same editor to edit the text string within the binary file you like.

I’m not a programmer but surely for programmers or people who want to learn some binary counting, this 2 ghex edmebbed tools are surely valuable.

To conclude even though there are plenty of softwares for hex editting in Linux and BSD, none of them is not so easy to use as the old DOS hexdedit tool, maybe it will be a nice idea if someone actually rewrites the DOS tool and they package it for various free operating systems, I’m sure many people will find it helpful to have a 1:1 equivalent to the DOS tool.

7. Shed pico like interfaced hex editor

For people, who use pico / nano as a default text editor in Linux shed will probably be the editor of choice as it follows the command shortcuts of picoOn Deb based distros to install it run:

debian:~# apt-get install –yes shed
…

Shed has no BSD port as of time of writting.8. Okteta a KDE GUI hex editor

For KDE users, I found a program called okteta. It is available for Deb based Linuxes as deb to install it:

debian:~# apt-get –yes install okteta

As of time of writting this article there is no okteta port for BSDs.
Okteta has plenty of functions and even has more of a functions than ghexedit. Something distinctive for it is it supports opening multiple files in tabs.

9. lfhex a large file text editor

lfhex is said to be a large (binary) file text editor, I have not tested it myself but just run it to see how it looks like. I don’t have a need to edit large binary files too, but I guess there are people with such requirements too 🙂

To install lfhex on Debian:

debian:~# apt-get install –yes lfhex

lfhex has also a FreeBSD port installable via:

freebsd# cd /usr/ports/editors/lfhex
freebsd# make install clean

10. Bless a GUI tool for editting large hex (binary) files

Here is the description directly taken from the BSD port /usr/ports/editors/bless

Bless is a binary (hex) editor, a program that enables you to edit files asa sequence of bytes. It is written in C# and uses the Gtk# bindings for theGTK+ toolkit.

To install and use ot on deb based Linuxes:

debian:~# apt-get install –yes bless
….

On BSD installation is again from port:

freebsd# cd /usr/ports/editors/bless
freebsd# make install clean
….

Something that makes bless, maybe more desirable choice for GUI users than ghex is its availability of tabs. Opening multiple binaries in tabs will be useful only to few heavy debuggers.

11. Ghextris – an ultra hard hacker tetris game 🙂

For absolute, hacker / (geeks), there is a tetris game called ghextris. The game is the hardest tetris game I ever played in my life. It requires more than regular IQ and a lot of practice if you want to become really good in this game.

To enjoy it:

debian:~# apt-get –yes install ghextris

Unfortunately there is no native port of ghextris for BSD (yet). Anyhow, it can be probably run using the Linux emulation or even compiled from source.
Well that’s all I found for hexedit-ing, I’ll be happy to hear if someone can give me some feedback on his favourite editor.

Tags: Auto, binary files, binary text, BSD, current situation, dos programs, Draft, editor, editting, experiment, file, Free, freebsd ports, game parameter, grep, hex, hex editor, hex editors, hexcurse, hexedit, hexeditor, hte, Linux, long time, Midnight, number, pinky, player, proggie, rare case, Redhat, screenshot, Search, software, software user, text, text editors, text string, time, tree, vital game
Posted in System Administration | 4 Comments »

Fix Null error in WordPress comment reply with wordpress-threaded-comments plugin enabled

Friday, April 6th, 2012

I'm running WordPress for already 3 years or so now. Since some very long time. The first wordpress install, I can hardly remember but it something like wordpress 2.5 or wordpress 2.4

Since quite a long time my wordpress blog is powered by a number of plugins, which I regularly update, whenever new plugins pops up …
I haven't noticed most of the time problems during major WordPress platform updates or the update of the installed extensions. However, today while I tried to reply back to one of my blog comments, I've been shocked that, I couldn't.
Pointing at the the Comment Reply box and typing inside was impossible and a null message was stayed filled in the form:

To catch what was causing this weird misbehaving with the reply comments functionality, I grepped through my /var/www/blog/wp-content/plugins/* for the movecfm(null,0,1,null):

# cd /var/www/blog/wp-content/plugins # grep -rli 'movecfm(null,0,1,null)' */*.php wordpress-thread-comment/wp-thread-comment.php

I've taken the string movecfm(null,0,1,null) from the browser page source in in my Firefox by pressing – Ctrl+U).

Once I knew of the problem, I first tried commenting the occurances of the null fields in wp-thread-comment.php, but as there, were other troubles in commenting this and I was lazy to read the whole code, checked online if some other fellows experienced the same shitty null void javascript error and already someone pointed at a solution. In the few minutes search I was unable to find anyone who reported for this bug, but what I found is some user threads on wordpress.org mentioning since WordPress 2.7+ the wordpress-threaded-comments is obsolete and the functionality provided by the plugin is already provided by default in newer WPinstalls.

Hence in order to enable the threaded comments WordPress (embedded) reply functionality from within the wp-admin panel used:

Settings -> Discussions -> Enable Threaded (nested) comments (Tick)

Enable Nested Comments WordPress default wp comments enable reply functionality screenshot

You see there is also an option to define how many nested comments subcomments, can be placed per comment, the default was 5, but I thought 5 is a bit low so increased it to 10 comments reply possible per comment.

Finally, to prevent the default threaded comments to interfere with the WordPress Threaded Comments plugin, disabled the plugin through menus:

Plugins -> Active -> WordPress Thread Comments (Deactivate)

This solved the weird javascript null "bug" caused by wordpress-threaded-comments once and for all.
Hopefully onwards, my blog readers will not have issues with threaded Reply Comments.

Tags: admin panel, Auto, code, Comment, Ctrl, Draft, fellows, few minutes, Firefox, form, grep, long time, misbehaving, movecfm, null fields, null message, number, occurances, option, page, page source, php, phpI, platform, plugin, Plugins, quot, reply comments, rli, someone, something, thread, threads, tick, time, time problems, Wordpress, wordpress blog, wp
Posted in Web and CMS, Wordpress | 1 Comment »

How to digital watermark to a picture – Protect pic with copyright image or text with composite, convert and Phatch on GNU / Linux

Friday, March 23rd, 2012

Watermarking is a technique to identify a physical or non-physical object with its owner (creator). First watermarks in history originates from very ancient times.

There are two basic types of Watermark types:

I. Physical Watermarks (classical)

II. Digital Watermarks

Historically Classical Watermarks, were mostly important. As we tend to use more and more visible and we switch to use of more invisible stuff, nowdays the importance and use of digital watermarks is steadily raising.

You have most likely already seen pictures from websites which contain a copyright holder message stamp or website logo on it.
As you could imagine the picture watermark is placed in order to prevent pictures from being re-used in another internet space ,without the picture copyright holder explicit permission…

Watermarks have entered most if not all areas of our life, but we often don't recognize they're there / rarely think about them.
Few of the many "physical watermarks" we use daily are:

paper money watermark (to protect against anti money forgery)
bank debit / credit cards stamps near the card chip
postcards paper stamps

There are too many different kind of "physical watermarks" and since this is not the accent of this article, I will continue straight to explaiin a bit on Digital (picture) watermarks and how to watermark images with ImageMagick image editting command line suit.

Just like with physical watermarks, there are different kinds of digital watermarks. There are:

Picture (Images) digital watermarks

– Steganography

Video watermarks
Audio stream digital watermarks
Visual digital watermarks

– Visible area of text or picture over another text picture or video

Invisible digital watermarks

– digital information (files) metadata with watermark content etc.

The topic of watermarking is quite wide, so I will stop here and focus on the main idea of this article – to show how to place digital watermark on graphic image or collection of pictures.

The most straightway non-interactive way to do picture watermarking is with ImageMagick's composite command line tool. This little handy tool is capable of creating watermarks in single and multiple pictures.

If you prefer to have a simple text as a watermark, then you should use imagick's convert cmd.

1. Putting a watermark of picture in the right bottom corner

$ composite -gravity southeast -dissolve 100 \ watermark_picture.png image-to-watermark.png \ output-watermarked-image.png

Snoopy Writting pc freak watermark picture text watermark on the right bottom corner with composite

2. Placing watermark to picture in the bottom right corner

$ composite -gravity northeast -dissolve 80 \ watermark_picture.png image-to-watermark.png \ output-watermarked-image.png

Snoopy Writting pc freak picture text watermark on the right bottom corner with composite

3. Watermarking picture in the bottom left corner

$ composite -gravity southwest -dissolve 90 \ watermark_picture.png image-to-watermark.png \ output-watermarked-image.png

Snoopy writting watermarking picture on the bottom left corner imagemagick (composite)

4. Watermarking picture in the top left corner

$ composite -gravity northwest -dissolve 100 \ watermark_picture.png image-to-watermark.jpg \ output-watermarked-image.jpg

As you see from above example, composite even accept mixing up input / output between PNG and JPEG pictures 🙂

Output Watermarked Image picture on top left corner with pc-freak logo image Imagick composite

5. Put a watermark in the image center

$ composite -gravity center -dissolve 100 \ watermark_picture.png image-to-watermark.png \ output-watermarked-image.png

position watermark on the picture middle (center) composite output picture

6. Sealing image with custom text / Text Watermarking a picture

a) Writting text watermark to an image centered in "footer"

$ convert image-to-watermark.png -pointsize 20 \ -draw "gravity south fill black text 0,12 \ 'hip0s Watermark'" output-watermarked-image.jpg

This will place a watermark in position 0,12, meaning the text will be added in the bottom center of the watermarked image.

Watermarking a picture sealing with custom text image imagick composite pic

-pointsize 20 defines the text font size. hip0s Watermark is the actual text that will be stamped.

b) Writting image watermark with font type customization (Arial Tahoma etc.):

To list all available fonts ready to be used by convert, type:

$ convert -list font $ convert -list font |grep -i arial Font: Arial-Black-Regular family: Arial Black glyphs: /usr/share/fonts/truetype/msttcorefonts/Arial_Black.ttf Font: Arial-Bold family: Arial glyphs: /usr/share/fonts/truetype/msttcorefonts/Arial_Bold.ttf Font: Arial-Bold-Italic family: Arial glyphs: /usr/share/fonts/truetype/msttcorefonts/arialbi.ttf Font: Arial-Italic family: Arial glyphs: /usr/share/fonts/truetype/msttcorefonts/ariali.ttf Font: Arial-Regular family: Arial glyphs: /usr/share/fonts/truetype/msttcorefonts/Arial.ttf

$ convert -list type Bilevel ColorSeparation ColorSeparationMatte Grayscale GrayscaleMatte Optimize Palette PaletteBilevelMatte PaletteMatte TrueColorMatte TrueColor

On my system, I have 392 of fonts installed, to check the number of installed fonts ready for use by convert I used:

$ convert -list font|grep -i 'font:'|wc -l 392

To only check exact fonts names usable in convert:

$ convert -list font|grep -i 'font:'

To use the red marked Arial-Regular for font of the text picture timestamp issue;

$ convert watermark_picture.jpg -font Arial-Regular \ -pointsize 20 -draw "gravity south fill black text 0,12 'hip0s Watermark'" \ output-watermarked-image.jpg

Watermark and with Arial-Regular font image magick convert screenshot dog type writter

c) Using external font with convert to place image text watermark

Lets say you would like to use an external font (arhangai.ttf) not listed in convert -font list usable fonts:

$ convert image-to-watermark.png -pointsize 20 \ -font /usr/share/fonts/truetype/arhangai/arhangai.ttf \ -draw "gravity south fill black text 0,12 \ 'hip0s Watermark'" output-watermarked-image_7.png

Talking about fonts, if you would like to add some external, nice free-fonts (ttf) files to your current logged in user, exec:

hipo@noah:~$ cd ~/fonts hipo@noah:/fonts$ for i in \ $(lynx -dump http://www.webpagepublicity.com/free-fonts.html|grep -i .ttf|grep -i http|awk '{ print $2 }'); \ do wget -r -l2 -nd -Nc $i; done

This will add 85 new nice looking fonts. Putting fonts in .fonts/ directory, are red while fonts are looked up by applications installed on respective the server or desktop GNU / Linux systems. Any font put there is ready to be used across all ImageMagick command line tools, as well as will be added across the list of possible fonts to use in GIMP and the rest of gui editors installed on the system.

According to the (watermark) texts font size passed to convert on some pictures the text written will exceed the picture dimensions and only partially some of the text intended as watermark will be visible.
If you encounter the exceed picture text problem, take few minutes and play with fonts sizes until you have a good font size to fit the approximate dimensions of the (expected minimum / maximum – horizontal and vertical) stamped picture dimensions.

For the sake of clarity, here is a list with arguments used in above, composite and convert examples.

composite — The ImageMagick command that combines two images.
-dissolve 80 — The number after the option determines the brightness of the watermark. 100 is full strength.
-gravity southeast — Determines the placement of watermark.
Possible options are; north, west, south, east, northwest, northeast, southeast, southwest, center
watermark_picture.png — The watermark image is the first argument.
image-to-watermark.jpg — The second argument is the original image to be watermarked.
output-watermarked-image.jpg — The third argument is the new composite image to be created.
N. B. ! If you don't specify a new file, be careful, the original file will be overwritten.

As ImageMagick is cross platform graphic editting suit – it runs on both *nix (Linux,BSD) and Windows. I have tested it on Linux, only but on FreeBSD and other BSDs it should work without any problem.
The composite and convert above examples should be easily rewritten to run on achieve watarmarking on MS Windows too.

7. Watermarking multiple pictures in a directory

To watermark multiple pictures within a directory use, a short bash loop in combination with either convert or composite could be used:

$ cd your-directory/ $ for i in *; do convert $i -pointsize 20 -draw "gravity south fill black text 0,12 'hip0s Watermark'" output-watermarked-image.jpg done

convert and composite also support wildcards like '*.JPG, *.PNG', but I'm not sure if this syntax can be used for mass picture marking?

8. Adding watermark and doing other various advanced Image Edit, Convert and Compose stuff with Phatch GUI program

Another program that is capable to put watermarks on pictures and besides that doing a number of routine graphic manipulation operations achievable with expert Image manipulation programs like GIMP / Inkscape is PHATCH = PHOTO & BATCH

Phatch is swiss army knife for doing web design or or graphics design on Linux.

Phatch is really great and easy to use program. Tt makes putting basic designer effects on pictures with no requirement for any design skills.
With Phatch you can become a designer for a day literally 😉

If you haven't used it yet, make sure you try it!
Below, are two screenshots of Phatch running on my Debian G* / Linux

Phatch Linux Debian Squeeze Screenshot

Phatch Linux Debian Squeeze Screenshot Watermark effect

Phatch is installable via apt on Debian and Ubuntu Linux. It has also a phatch-cli tools, which are a possible substitute to ImageMagick's composite / convert tools.

On deb based distros install Phatch with:

noah:~# apt-get --yes install phatch phatch-cli

In Phatch it is also possible, to create a combination of filters to be later applied to an image file or a group of image files all in a directory. The program capabilities are really outstanding, it is pure joy to work with it.

Using Phatch GUI interface is hard to comprehend in the beginning, I needed few minutes until I can get the idea how to use it. Anyhow once you know the basics, its very easy to use onwards.

Phatch currently can perform the following actions:

Auto Contrast – Maximize image contrast
Border – Crop or add border to all sides
Brightness – Adjust brightness from black to white
Canvas – Crop the image or enlarge canvas without resizing the image
Colorize – Colorize grayscale image
Common – Copies the most common pixel value
Contrast – Adjust from grey to black & white
Convert Mode – Convert the color mode of an image (grayscale, RGB, RGBA or CMYK)
Effect – Blur, Sharpen, Emboss, Smooth, ..
Equalize – Equalize the image histogram
Fit – Downsize and crop image with fixed ratio
Grayscale – Fade all colours to gray
Invert – Invert the colors of the image (negative)
Maximum – Copies the maximum pixel value
Median – Copies the median pixel value
Minimum – Copies the minimum pixel value
Offset – Offset by distance and wrap around
Posterize – Reduce the number of bits of colour channel
Rank – Copies the rank'th pixel value
Rotate – Rotate with random angle
Round – Round or crossed corners with variable radius and corners
Saturation – Adjust saturation from grayscale to high
Save – Save an image with variable compression in different types
Scale – Scale an image with different resample filters.
Shadow – Drop a blurred shadow under a photo with variable position, blur and color
Solarize – Invert all pixel values above threshold
Text – Write text at a given position
Transpose – Flip or rotate an image by 90 degrees
Watermark – Apply a watermark image with variable placement (offset, scaling, tiling) and opacity

Most of the function / effects Phatch in the up list works fine as I tested them to get to know the program.
The only effect that didn't worked for me is Blender effect.
Trying to apply the Blending effect I got error:

Can not apply action Blender: 'dict' object has no attribute 'rfind'

dict object has not attribiture rfind error screenshot my linux

Its really a pity blender filter don't work. I've seen on Phatch's website some pictures showing the blender effect in action and it looks really awesome.

In attempt to work around the err, I tried downloading Phatch's latest release and running it with python interpreter but it didn't work out …
I tried also to install some packages to the system that somehow seemed to be related to blender – versatile 3D modeller/renderer program but this worked neither.
I suspect Phatch blender effect is not working on Ubuntu too as I've red complains in some Ubuntu forums.
If someone succeeding making blend effect work please let me know how?

Interesting feature of Phatch is the program support for applying its predefined filters using a cli interface.
The syntax for phatch cli, should be something like:

phatch -console action_list.phatch

Where action_list.phatch is a Phatch predefined filter. Anyways I didn't manage to figure out how to use the program CLI. I'll be glad to hear if someone succeeded in using the program console, if so please share with me how?

9. Adding Watermark to pictures with GIMP

To add a watermark text or picture in GIMP, there are plenty of ways but is more time consuming by both Phatch or convert, composite..
There is a script in gimp plugin registry site – watermark.scm which adds watermarking capability to GIMP

On my system this script was installed with the deb package gimp-data-extras. To apply the plugin on a pic, I used GIMP menus:

Filters -> Eg -> Copyright Placer

GIMP Copyright Holder plugin Watermark Screenshot

If someone knows about better or quicker ways to do watermarking, please share 🙂

Tags: argument, arialbi, ariali, audio stream, Auto, Bilevel, center, copyright infringement, debit credit cards, different kinds, digital information, digital watermark, digital watermarks, Draft, explicit permission, family, file, font, gnu linux, Grayscale, GUI, hip, hipo, Image, ImageMagick, images, internet space, Linux, money forgery, nbsp, noah, number, Optimize, Palette, paper money, paper stamps, picture, pointsize, postcards, quot, size, steganography, system, text, type, typeBilevelColorSeparationColorSeparationMatteGrayscaleGrayscaleMatteOptimizePalettePaletteBilevelMattePaletteMatteTrueColorMatteTrueColorOn, visible area
Posted in Linux and FreeBSD Desktop, System Administration | 2 Comments »

How to delete million of files on busy Linux servers (Work out Argument list too long)

Tuesday, March 20th, 2012

How to Delete million or many thousands of files in the same directory on GNU / Linux and FreeBSD

If you try to delete more than 131072 of files on Linux with rm -f *, where the files are all stored in the same directory, you will get an error:

/bin/rm: Argument list too long.

I've earlier blogged on deleting multiple files on Linux and FreeBSD and this is not my first time facing this error.
Anyways, as time passed, I've found few other new ways to delete large multitudes of files from a server.

In this article, I will explain shortly few approaches to delete few million of obsolete files to clean some space on your server.
Here are 3 methods to use to clean your tons of junk files.

1. Using Linux find command to wipe out millions of files

a.) Finding and deleting files using find's -exec switch:

# find . -type f -exec rm -fv {} \;

This method works fine but it has 1 downside, file deletion is too slow as for each found file external rm command is invoked.

For half a million of files or more, using this method will take "long". However from a server hard disk stressing point of view it is not so bad as, the files deletion is not putting too much strain on the server hard disk.
b.) Finding and deleting big number of files with find's -delete argument:

Luckily, there is a better way to delete the files, by using find's command embedded -delete argument:

# find . -type f -print -delete

c.) Deleting and printing out deleted files with find's -print arg

If you would like to output on your terminal, what files find is deleting in "real time" add -print:

# find . -type f -print -delete

To prevent your server hard disk from being stressed and hence save your self from server normal operation "outages", it is good to combine find command with ionice, e.g.:

# ionice -c 3 find . -type f -print -delete

Just note, that ionice cannot guarantee find's opeartions will not affect severely hard disk i/o requests. On heavily busy servers with high amounts of disk i/o writes still applying the ionice will not prevent the server from being hanged! Be sure to always keep an eye on the server, while deleting the files nomatter with or without ionice. if throughout find execution, the server gets lagged in serving its ordinary client requests or whatever, stop the execution of the cmd immediately by killing it from another ssh session or tty (if physically on the server).

2. Using a simple bash loop with rm command to delete "tons" of files

An alternative way is to use a bash loop, to print each of the files in the directory and issue /bin/rm on each of the loop elements (files) like so:

for i in *; do rm -f $i; done

If you'd like to print what you will be deleting add an echo to the loop:

# for i in $(echo *); do \ echo "Deleting : $i"; rm -f $i; \

The bash loop, worked like a charm in my case so I really warmly recommend this method, whenever you need to delete more than 500 000+ files in a directory.

3. Deleting multiple files with perl

Deleting multiple files with perl is not a bad idea at all.
Here is a perl one liner, to delete all files contained within a directory:

# perl -e 'for(<*>){((stat)[9]<(unlink))}'

If you prefer to use more human readable perl script to delete a multitide of files use delete_multple_files_in_dir_perl.pl

Using perl interpreter to delete thousand of files is quick, really, really quick.
I did not benchmark it on the server, how quick exactly is it, but I guess the delete rate should be similar to find command. Its possible even in some cases the perl loop is quicker …

4. Using PHP script to delete a multiple files

Using a short php script to delete files file by file in a loop similar to above bash script is another option.
To do deletion with PHP, use this little PHP script:

<?php $dir = "/path/to/dir/with/files"; $dh = opendir( $dir); $i = 0; while (($file = readdir($dh)) !== false) { $file = "$dir/$file"; if (is_file( $file)) { unlink( $file); if (!(++$i % 1000)) { echo "$i files removed\n"; } } } ?>

As you see the script reads the $dir defined directory and loops through it, opening file by file and doing a delete for each of its loop elements.
You should already know PHP is slow, so this method is only useful if you have to delete many thousands of files on a shared hosting server with no (ssh) shell access.

This php script is taken from Steve Kamerman's blog . I would like also to express my big gratitude to Steve for writting such a wonderful post. His post actually become inspiration for this article to become reality.

You can also download the php delete million of files script sample here

To use it rename delete_millioon_of_files_in_a_dir.php.txt to delete_millioon_of_files_in_a_dir.php and run it through a browser .

Note that you might need to run it multiple times, cause many shared hosting servers are configured to exit a php script which keeps running for too long.
Alternatively the script can be run through shell with PHP cli:

php -l delete_millioon_of_files_in_a_dir.php.txt.

5. So What is the "best" way to delete million of files on Linux?

In order to find out which method is quicker in terms of execution time I did a home brew benchmarking on my thinkpad notebook.

a) Creating 509072 of sample files.

Again, I used bash loop to create many thousands of files in order to benchmark.
I didn't wanted to put this load on a productive server and hence I used my own notebook to conduct the benchmarks. As my notebook is not a server the benchmarks might be partially incorrect, however I believe still .they're pretty good indicator on which deletion method would be better.

hipo@noah:~$ mkdir /tmp/test hipo@noah:~$ cd /tmp/test; hiponoah:/tmp/test$ for i in $(seq 1 509072); do echo aaaa >> $i.txt; done

I had to wait few minutes until I have at hand 509072 of files created. Each of the files as you can read is containing the sample "aaaa" string.

b) Calculating the number of files in the directory

Once the command was completed to make sure all the 509072 were existing, I used a find + wc cmd to calculate the directory contained number of files:

hipo@noah:/tmp/test$ find . -maxdepth 1 -type f |wc -l 509072
real 0m1.886s user 0m0.440s sys 0m1.332s

Its intesrsting, using an ls command to calculate the files is less efficient than using find:

hipo@noah:/tmp/test$ time ls -1 |wc -l 509072
real 0m3.355s user 0m2.696s sys 0m0.528s

c) benchmarking the different file deleting methods with time

– Testing delete speed of find

hipo@noah:/tmp/test$ time find . -maxdepth 1 -type f -delete real 15m40.853s user 0m0.908s sys 0m22.357s

You see, using find to delete the files is not either too slow nor light quick.

– How fast is perl loop in multitude file deletion ?

hipo@noah:/tmp/test$ time perl -e 'for(<*>){((stat)[9]<(unlink))}'real 6m24.669suser 0m2.980ssys 0m22.673s

Deleting my sample 509072 took 6 mins and 24 secs. This is about 3 times faster than find! GO-GO perl 🙂
As you can see from the results, perl is a great and time saving, way to delete 500 000 files.

– The approximate speed deletion rate of of for + rm bash loop

hipo@noah:/tmp/test$ time for i in *; do rm -f $i; done
real 206m15.081s user 2m38.954s sys 195m38.182s

You see the execution took 195m en 38 secs = 3 HOURS and 43 MINUTES!!!! This is extremely slow ! But works like a charm as the running of deletion didn't impacted my normal laptop browsing. While the script was running I was mostly browsing through few not so heavy (non flash) websites and doing some other stuff in gnome-terminal) 🙂

As you can imagine running a bash loop is a bit CPU intensive, but puts less stress on the hard disk read/write operations. Therefore its clear using it is always a good practice when deletion of many files on a dedi servers is required.

b) my production server file deleting experience

On a production server I only tested two of all the listed methods to delete my files. The production server, where I tested is running Debian GNU / Linux Squeeze 6.0.3. There I had a task to delete few million of files.
The tested methods tried on the server were:

– The find . type -f -delete method.

– for i in *; do rm -f $i; done

The results from using find -delete method was quite sad, as the server almost hanged under the heavy hard disk load the command produced.

With the for script all went smoothly. The files were deleted for a long long time (like few hours), but while it was running, the server continued with no interruptions..

While the bash loop was running, the server load avarage kept at steady 4
Taking my experience in mind, If you're running a production, server and you're still wondering which delete method to use to wipe some multitude of files, I would recommend you go the bash for loop + /bin/rm way. Yes, it is extremely slow, expect it run for some half an hour or so but puts not too much extra load on the server..

Using the PHP script will probably be slow and inefficient, if compared to both find and the a bash loop.. I didn't give it a try yet, but suppose it will be either equal in time or at least few times slower than bash.

If you have tried the php script and you have some observations, please drop some comment to tell me how it performs.

To sum it up;

Even though there are "hacks" to clean up some messy parsing directory full of few million of junk files, having such a directory should never exist on the first place.

Frankly, keeping millions of files within the same directory is very stupid idea.
Doing so will have a severe negative impact on a directory listing performance of your filesystem in the long term.

If you know better (more efficient) ways to delete a multitude of files in a dir please share in comments.

Tags: Auto, client, deletec, deleteJust, Deleting, deleting files, Disk, downside, Draft, exec rm, eye, file, file deletion, freebsd, half a million, hard disk, heavy load, hipo, junk files, Linux, linux servers, maxdepth, multiple files, multitudes, multple, nbsp, new ways, noah, nomatter, number, obsolete files, operation, option, point of view, printing, quot, real time, rm command, servers work, Shell, ssh, terminal, test, time, tmp, type, unlink
Posted in Linux, Programming, System Administration | 12 Comments »

How to upgrade single package with their dependencies on Debian and Ubuntu Linux

Friday, March 16th, 2012

Debian GNU / Linux apt-get upgrade a package selection of a whole bunch of packages ready to upgrade apt artistic logo

Are you a Debian System Administrator and you recently run apt-get upgrade && apt-get upgrade finding out there are plenty of new packagesfor upgrade? Do you need only a pre-selected number of packages to upgrade with apt?
I run apt-get update && apt-get upgrade on one of our company Debian servers, just to see there are a number of packages to be upgraded among which there was some I didn't wanted to upgrade. Here is a little paste output from apt-get upgrade:

debian:~# apt-get update && apt-get upgrade Hit http://security.debian.org squeeze/updates Release.gpg ... Hit http://security.debian.org squeeze/updates/main amd64 Packages Fetched 128 kB in 0s (441 kB/s) Reading package lists... Done Reading package lists... Done Building dependency tree Reading state information... Done The following packages will be upgraded: at imagemagick libdbd-pg-perl libfreetype6 libmagickcore3 libmagickcore3-extra libmagickwand3 libmysqlclient16 mysql-client mysql-client-5.1 mysql-common mysql-server mysql-server-5.1 mysql-server-core-5.1 Do you want to continue [Y/n] 14 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.

From first sight it seems logical to issue apt-get upgrade packagename to upgrade only single package with its package dependencies, instead of the whole group the above packs. However doing:
apt-get upgrade imagemagick will still try to upgrade all the packages instead of just imagemagick and its dependency package deb libmagickcore3

debian:~# apt-get upgrade imagemagick Reading package lists... Done Building dependency tree Reading state information... Done The following packages will be upgraded: at imagemagick libdbd-pg-perl libfreetype6 libmagickcore3 libmagickcore3-extra libmagickwand3 libmysqlclient16 mysql-client mysql-client-5.1 mysql-common mysql-server mysql-server-5.1 mysql-server-core-5.1 14 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. Do you want to continue [Y/n]

Doing all package,upgrade is not a good idea in my case, since upgrading mysql-server will require a MySQL server restart (something which we cannot afford to do right now) on this production server.
MySQL server restart during upgrade is never a good idea especially on productive busy (heavy loaded) SQL servers.
A restart of the MySQL server serving thousands of requests per second could lead often to crashed tables and hence temporary server downtime etc.

Still it is a good idea to upgrade the rest of packages with their newer versions. For exmpl. to upgrade; imagemagick, at , libfreetype6 and so on.

In order to upgrade only this 3 ones and their respective package dependencies, issue:

debian:~# apt-get --yes install imagemagick at libfreetype6

Repeat the apt-get install command with passing all the single package name you want to be upgraded and voila you're done :).
Be sure the apt-get install packagename upgrade doesn't require also upgrade of myssql-server, mysql-client, mysql-common or mysql-server-core-5.1 or any of the package name you want to preserve from upgrading.

Tags: administrator, amp, Auto, building, deb, debian system, dependencies, dependency, dependency tree, doesn, DoneBuilding, Draft, Fetched, information, libfreetype, libmysqlclient, Linux, mysql server, number, package, packagesfor, pg, production, reading package, Repeat, second, server mysql, servers, something, SQL, squeeze, state information, system administrator, tree, Ubuntu, ubuntu linux, upgradeHit, voila
Posted in Linux, System Administration | No Comments »

Xubuntu improve default picture viewing with gpicview

Tuesday, March 13th, 2012

The default picture viewer on Xubuntu's XFCE is risterroro. Risterroro is quite lightweight, but anyways is lacking even basic functionality with reading a number of pictures in a directory and showing, them one by one lacks any picture automated slider. The lack of picture back/forward functionality makes picture viewing very inconvenient on those Linux distro.

Ristretto Screenshot on Xubuntu Linux Desktop

Thanksfully this kind of unconfortable default behaviour on Xubuntu can easily be changed to use a handy picture viewer program called gpicview xubuntu-linux:~# apt-get install --yes gpicview

gpicviewer grandmothers screenshot on Xubuntu Linux

Gpicview is a good minimalistic program which has all the functionality of the default GNOME picture viewer program eog – (eye of the Gnome). If you're aaccustomed to GNOME's eog you can always install and use eog instead 🙂

Tags: Auto, behaviour, default, default behaviour, directory, distro, Draft, eog, functionality, Gnome, gpicview, gpicviewGpicview, kind, Lack, Linux, linux distro, minimalistic, number, picture, program, Risterroro, slider, Thanksfully, viewer, XFCE, Xubuntu
Posted in Linux, Linux and FreeBSD Desktop, System Administration | No Comments »

How to Secure Apache on FreeBSD and CentOS against Range: header DoS attack (affecting Apache 1.3/2.x)

Thursday, June 30th, 2011

How to Secure Apache webserver on FreeBSD and CentOS against Range: header Denial of Service attack

Recently has become publicly known for the serious hole found in all Apache webserver versions 1.3.x and 2.0.x and 2.2.x. The info is to be found inside the security CVE-2011-3192 – https://issues.apache.org/bugzilla/show_bug.cgi?id=51714

Apache remote denial of service is already publicly cirtuculating, since about a week and is probably to be used even more heavily in the 3 months to come. The exploit can be obtained from exploit-db.com a mirror copy of #Apache httpd Remote Denial of Service (memory exhaustion) is for download here

The DoS script is known in the wild under the name killapache.pl
killapache.pl PoC depends on perl ForkManager and thus in order to be properly run on FreeBSD, its necessery to install p5-Parallel-ForkManager bsd port :

freebsd# cd /usr/ports/devel/p5-Parallel-ForkManager freebsd# make install && make install clean ...

Here is an example of the exploit running against an Apache webserver host.

freebsd# perl httpd_dos.pl www.targethost.com 50 host seems vuln ATTACKING www.targethost.com [using 50 forks] :pPpPpppPpPPppPpppPp ATTACKING www.targethost.com [using 50 forks] :pPpPpppPpPPppPpppPp ...

In about 30 seconds to 1 minute time the DoS attack with only 50 simultaneous connections is capable of overloading any vulnerable Apache server.

It causes the webserver to consume all the machine memory and memory swap and consequently makes the server to crash in most cases.
During the Denial of Service attack is in action access the websites hosted on the webserver becomes either hell slow or completely absent.

The DoS attack is quite a shock as it is based on an Apache range problem which started in year 2007.

Today, Debian has issued a new versions of Apache deb package for Debian 5 Lenny and Debian 6, the new packages are said to have fixed the issue.

I assume that Ubuntu and most of the rest Debian distrubtions will have the apache's range header DoS patched versions either today or in the coming few days.
Therefore work around the issue on debian based servers can easily be done with the usual apt-get update && apt-get upgrade

On other Linux systems as well as FreeBSD there are work arounds pointed out, which can be implemented to close temporary the Apache DoS hole.

1. Limiting large number of range requests

The first suggested solution is to limit the lenght of range header requests Apache can serve. To implement this work raround its necessery to put at the end of httpd.conf config:

# Drop the Range header when more than 5 ranges. # CVE-2011-3192 SetEnvIf Range (?:,.*?){5,5} bad-range=1 RequestHeader unset Range env=bad-range # We always drop Request-Range; as this is a legacy # dating back to MSIE3 and Netscape 2 and 3. RequestHeader unset Request-Range # optional logging. CustomLog logs/range-CVE-2011-3192.log common env=bad-range CustomLog logs/range-CVE-2011-3192.log common env=bad-req-range

2. Reject Range requests for more than 5 ranges in Range: header

Once again to implement this work around paste in Apache config file:

This DoS solution is not recommended (in my view), as it uses mod_rewrite to implement th efix and might be additionally another open window for DoS attack as mod_rewrite is generally CPU consuming.

# Reject request when more than 5 ranges in the Range: header. # CVE-2011-3192 # RewriteEngine on RewriteCond %{HTTP:range} !(bytes=[^,]+(,[^,]+){0,4}$|^$) # RewriteCond %{HTTP:request-range} !(bytes=[^,]+(?:,[^,]+){0,4}$|^$) RewriteRule .* - [F]

# We always drop Request-Range; as this is a legacy # dating back to MSIE3 and Netscape 2 and 3. RequestHeader unset Request-Range

3. Limit the size of Range request fields to few hundreds
To do so put in httpd.conf:

LimitRequestFieldSize 200

4. Dis-allow completely Range headers: via mod_headers Apache module

In httpd.conf put:

RequestHeader unset Range RequestHeader unset Request-Range

This work around could create problems on some websites, which are made in a way that the Request-Range is used.

5. Deploy a tiny Apache module to count the number of Range Requests and drop connections in case of high number of Range: requests

This solution in my view is the best one, I've tested it and I can confirm on FreeBSD works like a charm.
To secure FreeBSD host Apache, against the Range Request: DoS using mod_rangecnt, one can literally follow the methodology explained in mod_rangecnt.c header:

freebsd# wget http://people.apache.org/~dirkx/mod_rangecnt.c .. # compile the mod_rangecnt modulefreebsd# /usr/local/sbin/apxs -c mod_rangecnt.c ... # install mod_rangecnt module to Apachefreebsd# /usr/local/sbin/apxs -i -a mod_rangecnt.la ...

Finally to load the newly installed mod_rangecnt, Apache restart is required:

freebsd# /usr/local/etc/rc.d/apache2 restart ...

I've tested the module on i386 FreeBSD install, so I can't confirm this steps works fine on 64 bit FreeBSD install, I would be glad if I can hear from someone if mod_rangecnt is properly compiled and installed fine also on 6 bit BSD arch.

Deploying the mod_rangecnt.c Range: Header to prevent against the Apache DoS on 64 bit x86_amd64 CentOS 5.6 Final is also done without any pitfalls.

[root@centos ~]# uname -a; Linux centos 2.6.18-194.11.3.el5 #1 SMP Mon Aug 30 16:19:16 EDT 2010 x86_64 x86_64 x86_64 GNU/Linux [root@centos ~]# /usr/sbin/apxs -c mod_rangecnt.c ... /usr/lib64/apr-1/build/libtool --silent --mode=link gcc -o mod_rangecnt.la -rpath /usr/lib64/httpd/modules -module -avoid-version mod_rangecnt.lo [root@centos ~]# /usr/sbin/apxs -i -a mod_rangecnt.la ... Libraries have been installed in: /usr/lib64/httpd/modules ... [root@centos ~]# /etc/init.d/httpd configtest Syntax OK [root@centos ~]# /etc/init.d/httpd restart Stopping httpd: [ OK ] Starting httpd: [ OK ]

After applying the mod_rangecnt patch if all is fine the memory exhaustion perl DoS script's output should be like so:

freebsd# perl httpd_dos.pl www.patched-apache-host.com 50 Host does not seem vulnerable

All of the above pointed work-arounds are only a temporary solution to these Grave Apache DoS byterange vulnerability , a few days after the original vulnerability emerged and some of the up-pointed work arounds were pointed. There was information, that still, there are ways that the vulnerability can be exploited.
Hopefully in the coming few weeks Apache dev team should be ready with rock solid work around to the severe problem.

In 2 years duration these is the second serious Apache Denial of Service vulnerability after before a one and a half year the so called Slowloris Denial of Service attack was capable to DoS most of the Apache installations on the Net.

Slowloris, has never received the publicity of the Range Header DoS as it was not that critical as the mod_range, however this is a good indicator that the code quality of Apache is slowly decreasing and might need a serious security evaluation.

Tags: apache httpd, apache server, apache webserver, ATTACKING, bugzilla, CentOS, com, config, copy, CustomLog, deb package, denial of service, denial of service attack, dos attack, dos script, download, exploit, freebsd, host, HTTP, info, machine memory, memory exhaustion, minute time, mirror copy, mod, necessery, Netscape, number, perl httpd, poc, pPpPpppPpPPppPpppPp, REJECT, Remote, RewriteCond, script, simultaneous connections, work
Posted in Computer Security, Linux, System Administration | No Comments »

How to find and kill Abusers on OpenVZ Linux hosted Virtual Machines (Few bash scripts to protect OpenVZ CentOS server from script kiddies and easify the daily admin job)

Friday, July 22nd, 2011

These days, I’m managing a number of OpenVZ Virtual Machine host servers. Therefore constantly I’m facing a lot of problems with users who run shit scripts inside their Linux Virtual Machines.

Commonly user Virtual Servers are used as a launchpad to attack hosts do illegal hacking activities or simply DDoS a host..
The virtual machines users (which by the way run on top of the CentOS OpenVZ Linux) are used to launch a Denial service scripts like kaiten.pl, trinoo, shaft, tfn etc.

As a consequence of their malicious activities, oftenly the Data Centers which colocates the servers are either null routing our server IPs until we suspend the Abusive users, or the servers go simply down because of a server overload or a kernel bug hit as a result of the heavy TCP/IP network traffic or CPU/mem overhead.

Therefore to mitigate this abusive attacks, I’ve written few bash shell scripts which, saves us a lot of manual check ups and prevents in most cases abusers to run the common DoS and “hacking” script shits which are now in the wild.

The first script I’ve written is kill_abusers.sh , what the script does is to automatically look up for a number of listed processes and kills them while logging in /var/log/abusers.log about the abusive VM user procs names killed.

I’ve set this script to run 4 times an hour and it currently saves us a lot of nerves and useless ticket communication with Data Centers (DCs), not to mention that reboot requests (about hanged up servers) has reduced significantly.
Therefore though the scripts simplicity it in general makes the servers run a way more stable than before.

Here is OpenVZ kill/suspend Abusers procs script kill_abusers.sh ready for download

Another script which later on, I’ve written is doing something similar and still different, it does scan the server hard disk using locate and find commands and tries to identify users which has script kiddies programs in their Virtual machines and therefore are most probably crackers.
The scripts looks up for abusive network scanners, DoS scripts, metasploit framework, ircds etc.

After it registers through scanning the server hdd, it lists only files which are preliminary set in the script to be dangerous, and therefore there execution inside the user VM should not be.

search_for_abusers.sh then logs in a files it’s activity as well as the OpenVZ virtual machines user IDs who owns hack related files. Right after it uses nail mailing command to send email to a specified admin email and reports the possible abusers whose VM accounts might need to either be deleted or suspended.

search_for_abusers can be download here

Honestly I truly liked my search_for_abusers.sh script as it became quite nice and I coded it quite quickly.
I’m intending now to put the Search for abusers script on a cronjob on the servers to check periodically and report the IDs of OpenVZ VM Users which are trying illegal activities on the servers.

I guess now our beloved Virtual Machine user script kiddies are in a real trouble ;P

Tags: admin job, bash scripts, bash shell scripts, CentOS, check ups, consequence, data, DDoS, Denial, denial service, download, host, host servers, job, kill, launchpad, Linux, log, malicious activities, network traffic, number, openvz, overhead, quot, script, script kiddies, Search, server overload, servers, Shell, shits, tcp ip network, tfn, ticket, trinoo, ups, Virtual, virtual machine, virtual machines, virtual servers, vm user
Posted in System Administration | 29 Comments »

How to suspend Cpanel user through ssh / Cpanel shell command to suspend users

Friday, August 5th, 2011

One of the servers running Cpanel has been suspended today and the Data Center decided to completely bring down our server and gave us access to it only through rescue mode running linux livecd.

Thus I had no way to access the Cpanel web interface to suspend the “hacker” who by the way was running a number of instances of this old Romanian script kiddies brute force ssh scanner called sshscan .

Thanksfully Cpanel is equipped with a number of handy scripts for emergency situations in /scripts directory. These shell management scripts are awesome for situations like this one, where no web access is not avaiable.

To suspend the abuser / (abusive user ) I had to issue the command:

root@rescue [/]# /scripts/suspendacct abuse_user Changing Shell to /bin/false...chsh: Unknown user context is not authorized to change the shell of abuse_user Done Locking Password...Locking password for user abuse_user. passwd: Success Done Suspending mysql users warn [suspendmysqlusers] abuse_user has no databases. Notification => reports@santrex.net via EMAIL [level => 3] Account previously suspended (password was locked). /bin/df: `/proc/sys/fs/binfmt_misc': No such file or directory Using Universal Quota Support (quota=0) Suspended document root /home/abuse_user/public_html Suspended document root /home/abuse_user/public_html/updateverificationonline.com Using Universal Quota Support (quota=0) Updating ftp passwords for abuse_user Ftp password files updated. Ftp vhost passwords synced abuse_user's account has been suspended

That’s all now the user is suspended, so hopefully the DC will bring the server online in few minutes.

Tags: brute force, center, data, document root, emergency, emergency situations, few minutes, file, Ftp, ftp passwords, hacker, handy scripts, home abuse, instances, level, level 3, livecd, management scripts, mysql users, notification, number, password, password files, quot, Quota, quota support, rescue, rescue mode, root, santrex, scanner, script, script kiddies, Shell, shell command, ssh, Success, Universal, web access, web interface
Posted in System Administration, Various, Web and CMS | 1 Comment »

☩ Walking in Light with Christ – Faith, Computing, Diary

Posts Tagged ‘number’

How to disable ACPI (power saving) support in FreeBSD / Disable acpi on BSD kernel boot time

Fix Null error in WordPress comment reply with wordpress-threaded-comments plugin enabled

How to suspend Cpanel user through ssh / Cpanel shell command to suspend users

Daily Bible quote

GET ARTICLE UPDATES

Useful blog? Help it:

Links to Other Places

Recent Posts

Ads

Categories

About Myself

Recent Comments

Top Post Views

blogtopsites