Business and Technology

Web 2.0, Business, PHP, MySQL, CodeIgniter, Volkan Rivera’s Blog

Posts Comments



The worst error I ever seen in Debian

20 May, 2008 (11:28) | OpenSource, Security | By: volkan68

Share this post:

The problem with the library OpenSSH in Debian has generated too much noise in the blogsphere, in the last days. But just today I realize many of my servers would be vulnerable to this kind of explotation. You can detect if your system are affected using this script in python: http://demo21.ovh.com/82a960d7199ea9391c73c2034b6b34dfP/debian_ssh_scan_v4.tar.bz2 If your are affected, simple upgrade your system using this commands as root: # apt-get update # apt-get dist-upgrade Just to be sure your system had not compromise conduct an audit to check if nobody has gained access to the server meanwhile it was vulnerable through this flaw in the library. You can read more about this problem in Technology Review.

Setting up your own GAE server

19 May, 2008 (09:34) | Internet, OpenSource, Google | By: volkan68

Share this post:

The newest service of Google that has drawn my attention in recent months is GAE (Google App Engine), which allows us to use the Google’s network to deploy our web application in a transparent manner and win the ability to withstand million hits a day and to have our data replicated. Solving two serious problems facing all Start-up of the Information Technology Industry, scalability and high availability.

The main problem now with GAE, which is in beta right now, is that it is just available by invitation from Google. Fortunately I have one of this invitations accounts, but I began to think of all those who wish to test the service and currently do not have an GAE account . Even if I would  be generous, Google does not allow more than three projects in GAE right now, and I can not erase projects, so until I have to be careful with my three projects.

So what can we do? Well, Google now offers as part of the SDK of GAE a very simple webserver which allows us to test our GAE application in our own machine, the problem is that by default the script dev_appserver.py only listen on localhost on port 8080. I thought about it, and after play around with the settings, I got a configuration that works using public IP and port 80, now I have that kind of solution running on http://gae.volkanrivera.com

It is important to be aware that not all features are supported by the GAE dev_appserver.py, the most important lack is the ability of logging using a Google Account. Please note that this type of solution I present here is a bit risky so I recommend you do it on a virtual server that can simply shut down in case of problems (someone hack the dev_appserver.py and our server is used to send spam). Let’s start with the configuration, as root user install these packages:
 
# apt-get install g++ zip unzip less postfix proftpd pound

If necessary you can reconfigure the postfix using this command:
 
# dpkg-reconfigure postfix

When asked about what type of service you want for proftpd, select "standalone". Then edit /etc/proftpd/proftpd.conf and add these lines:

TimesGMT off
DefaultRoot ~

Do it after these line:

# Port 21 is the standard FTP port.
Port 21

Additionally disable the protocol ipv6 in /etc/proftpd/proftpd.conf this way:

UseIPv6 off

Now we edit the configuration file of the reverse proxy at /etc/pound/pound.cfg Just let these lines, be careful to replace www.xxx.yyy.zzz by the public IP of your server:

User            "www-data"
Group           "www-data"
LogLevel        1
## check backend every X secs:
Alive           30

ListenHTTP
        Address www.xxx.yyy.zzz
        Port    80

        xHTTP           0

        Service
                BackEnd
                        Address 127.0.0.1
                        Port    8080
                End
        End
End

Then edit /etc/default/pound and place the value of variable startup = 1 Now we install the SDK, in order to do it, we have to download and install it as root user, in this way:

# cd /usr/src # wget http://googleappengine.googlecode.com/files/google_appengine_1.0.2.zip
# unzip google_appengine_1.0.2.zip
# mv google_appengine /usr/local/gae


Now that we have installed our SDK we proceed to create a user who will run the GAE webserver in our case we will use the username "gae", but it can be anyone:

# adduser gae

Finally we change the user "gae" and continue the rest of the configuration as "gae" user:

$ cd ~/
$ cp -R /usr/local/gae/demos/guestbook/ ./


We need to create two scripts one to start the GAE server and another to stop it, here the script to start up the dev_appserver.py, you can call it "start_gae":

#!/bin/bash

/usr/local/gae/dev_appserver.py
–enable_sendmail
$1
2>~/gae.log &


Here is the script to stop it, you can call it "stop_gae":

#!/bin/bash

kill -9 `lsof -i :8080 | grep ^python | awk ‘{print $2}’`

Before starting the server GAE, we need to create the following files, we’ll do with the same user that will run GAE webserver, to do so we use these commands:

$touch /tmp/dev_appserver.datastore
$touch /tmp/dev_appserver.datastore.history


If you do not have privileges to create these files as user "gae", simply change to "root" user create them, and then change the owner with the chown command to user "gae". Now we are ready to start the GAE server, which for the moment we use to run the demo application that comes within the SDK call "guestbook", to do so as the user "gae" execute this command:

$ ./start_gae guestbook/

If you have done all well. You should obtain this as the result of a "netstat-tl":

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
tcp        0      0 localhost:webcache      *:*                     LISTEN
tcp        0      0 *:ftp                   *:*                     LISTEN
tcp6       0      0 *:ssh                   *:*                     LISTEN
tcp6       0      0 *:smtp                  *:*                     LISTEN


Note that "webcache" is the name of the port 8080. Now as the "root" user we must initiate the reverse proxy, to do so we use this command:

# /etc/rc.d/pound start

Ready now we can see our guessbook simply pointing to the IP public or using a valid domain name pointed to the IP. Enjoy your own GAE server, and happy coding.

Apple Macintosh 24th Anniversary

22 January, 2008 (23:50) | Uncategorized | By: volkan68

Share this post:

The Apple Macintosh perform 24 years of its launch in the market this January 24, and with it the introduction of the graphical environment to the general public. Prior to the Apple Macintosh PC, the model Lisa, had already offered a graphical environment and mouse, but at a prohibitive price of nearly $ 10000. To commemorate the date Dave Clausen, has made a modification of a case Macintosh 512k and has changed the mainboard by a Mac Mini, in addition to making the appropriate adjustments in order to withstand a floppy LS120 and the classic keyboard and the mouse Macintosh 512k. The steps required to replicate the feat, circuits, photos and videos of the project are on the website of Dave. Here the video of Steve Jobs introducing the Apple Macintosh:


The American outsourcing way.

18 January, 2008 (01:32) | Humor | By: volkan68

Share this post:

CompUSA website now hosted by Tigerdirect

15 January, 2008 (10:28) | Business | By: volkan68

Share this post:

After giving me a tour of the site of CompUSA, looking for a bargain because it is already in liquidation, I found it suspiciously similar to the website of Tigerdirect, then I decided to check out where is hosted the CompUSA website, and oh! surprise, it is in range of IPs that belong to Tigerdirect.

Look what I got:

volkan68@volkan68-desktop:~$ nslookup www.compusa.com
Server: 64.52.192.98
Address: 64.52.192.98#53

Non-authoritative answer:
Name: www.compusa.com
Address: 199.181.77.62

volkan68@volkan68-desktop:~$ whois 199.181.77.62

OrgName: TigerDirect
OrgID: TIGERD-1
Address: 3329 chapell blvd.
City: Durham
StateProv: NC
PostalCode: 27707
Country: US

NetRange: 199.181.77.0 - 199.181.78.255
CIDR: 199.181.77.0/24, 199.181.78.0/24
NetName: TIGER
NetHandle: NET-199-181-77-0-1
Parent: NET-199-0-0-0-0
NetType: Direct Assignment
NameServer: MARCOPOLO.TIGERDIRECT.COM
NameServer: DNS2.TIGERDIRECT.COM
Comment:
RegDate: 1994-07-21
Updated: 2001-10-04

RTechHandle: AP-ORG-ARIN
RTechName: Amato, Peter
RTechPhone: +1-305-228-3390
RTechEmail: pamato@tigerdirect.com

# ARIN WHOIS database, last updated 2008-01-14 19:07
# Enter ? for additional hints on searching ARIN’s WHOIS database.

If somebody knows what is the story behind this, please let us know. Tigetdirect bought the CompUSA domain name or CompUSA is using Tigerdirect as a ASP for the virtual shop.

How will be the last day of Bill Gates in Microsoft?

12 January, 2008 (22:53) | Humor | By: volkan68

Share this post:

Sweet Child O’Mine

6 January, 2008 (17:02) | Uncategorized | By: volkan68

Share this post:

In 1987, Guns N’ Roses, rock band release its firs album "Appetite for Destruction", in which "Sweet Child O’Mine" was the first number one hit of the band. But I found this video, which is really funny, the same song but in unplugged version played by Indian musicians:


Film director hate people who watch movies on iPhone

5 January, 2008 (13:52) | Internet | By: volkan68

Share this post:

This is a very funny video from youtube, where director David Lynch, tell us, what he think about people who watch movies over the iPhone.

Wifi pandemic

5 January, 2008 (12:14) | Internet | By: volkan68

Share this post:

In a paper published in the Indiana University the researchers Hao Hu, Steven Meyers, Vittoria Colizza and Alessandro Vespignani (which can be downloaded from here). Explain how is possible a specific designed malware can propagate for a entire city using the wifi routers, because in many cases it has areas where the signal overlap. If it became a true event could stop a vast part of the Internet.

Top 10 Family Guy moments season 6

3 January, 2008 (23:07) | Humor | By: volkan68

Share this post:

What can I say, really funny.