Thu, Apr 28, 2016 8:28 pm
Counting the number of lines in a file with the find command
A simple way to count the number of lines in a file on a Microsoft Windows system is by using the following command:
find /v /c "" somefile.txt
The /c option counts the number of lines while the
/v option displays all lines NOT containing the specified string.
Since the null string, i.e. "", is treated as never matching,
you should see the number of lines in the file displayed - see the
Stupid command-line trick: Counting the number of lines in stdin
article at Raymond Chen's Microsoft Developer Blog,
The Old New Thing for
an explanation of why this works and how a bug in the earliest
MS-DOS version
of the find command became a feature that remains to this day.
The MS-DOS operating system was an operating system for early
IBM
PC compatible personal computers provided by Microsoft long before
the company created Microsoft Windows. The operating system was commonly found
on
personal computers (PCs) during the 1980s to the mid 1990s. The operating
system was acquired by Microsoft from
Seattle Computer Products and modified by Microsoft to meet
the needs of IBM for its IBM PC
[/os/windows/commands]
permanent link
Wed, Apr 27, 2016 11:58 pm
Cutting and Pasting a File in the OS X Finder
If you want to "cut" a file from one directory and "paste" it into another
directory under Apple's OS X operating system, you may expect the functionality
to work as it does under Microsoft's Windows operating system where in the
Windows
File Explorer you can click on a file to select it then right-click on
it, choose
Cut, then right-click in some other folder and choose
Paste to move the file from one directory to another. In Apple's OS X
Finder application, if you highlight a file by clicking on it to
select it and then choose
Edit expecting to be able to use
the
Cut option you will find that option grayed out. The
Cut
option is only available to you from the
Edit dropdown list when
you have text highlighted that can be cut. E.g., you could cut text out of
the file's name, but you can't cut the file from the directory the way you
can under Microsoft Windows.
You can achieve similar functionality with keyboard shortcuts under
OS X, however. Click on the file you wish to cut from a directory to
highlight it, then hit the command-C keys. I.e., hit the
command and C
keys simultaneously. Then navigate to the directory where you wish to paste
the file and hit the command-option-V keys simultaneously. The
file will then be removed from its prior directory location and placed in the
new directory location.
[/os/os-x]
permanent link
Mon, Apr 25, 2016 10:42 pm
Digital Color Meter
On Apple OS X systems, if you want to identify the text color or background
color on an image or within a window, you can use the Digital Color Meter
application, which you will find in
Applications/Utilities, as
a color picker. When you move the mouse pointer over the area containing
the color you wish to identify, you will see the color displayed within a
box in the Digital Color Meter and codes identifying the color. You can
select from the following color standards:
- Display native values
- Display in sRGB
- Display in Generic RGB
- Display in Adobe RGB
- Display in L*a*b*
[ More Info ]
[/os/os-x]
permanent link
Sun, Apr 24, 2016 10:44 pm
SELinux entries in /var/log/messages
I had been noticing
setroubleshootd
frequently using a high percentage of the CPU's time on a CentOS Linux system
when I run
top. E.g.:
top - 21:26:35 up 227 days, 6:13, 27 users, load average: 0.83, 0.90, 1.50
Tasks: 329 total, 3 running, 326 sleeping, 0 stopped, 0 zombie
%Cpu(s): 83.3 us, 16.5 sy, 0.0 ni, 0.0 id, 0.0 wa, 0.0 hi, 0.2 si, 0.0 st
KiB Mem : 1875896 total, 177868 free, 495072 used, 1202956 buff/cache
KiB Swap: 2113532 total, 958752 free, 1154780 used. 951776 avail Mem
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
22725 apache 20 0 42332 10400 2172 R 95.0 0.6 0:03.93 blosxom
22727 root 20 0 263660 41572 10032 R 95.0 2.2 0:03.96 setroubles+
22720 root 20 0 146260 2164 1360 R 2.5 0.1 0:00.62 top
13 root 20 0 0 0 0 S 0.9 0.0 641:26.32 rcu_sched
15 root 20 0 0 0 0 S 0.6 0.0 216:15.71 rcuos/1
24450 root 20 0 396436 7712 5180 S 0.6 0.4 9:58.86 httpd
418 root 20 0 0 0 0 S 0.3 0.0 107:26.61 xfsaild/dm+
639 root 20 0 0 0 0 S 0.3 0.0 104:29.30 xfsaild/dm+
657 root 16 -4 116708 496 316 S 0.3 0.0 45:09.63 auditd
674 root 12 -8 80220 440 256 S 0.3 0.0 31:45.76 audispd
1278 jim 20 0 142884 1100 820 S 0.3 0.1 0:28.74 sshd
1 root 20 0 196044 9296 2808 S 0.0 0.5 147:49.67 systemd
2 root 20 0 0 0 0 S 0.0 0.0 1:18.37 kthreadd
3 root 20 0 0 0 0 S 0.0 0.0 3:11.27 ksoftirqd/0
5 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kworker/0:+
7 root rt 0 0 0 0 S 0.0 0.0 7:26.68 migration/0
8 root 20 0 0 0 0 S 0.0 0.0 0:00.00 rcu_bhThe process shows up as setroubles+, i.e., setroubles with a plus sign at
the end, because the full process name, setroubleshootd, can't be
displayed in the 80 columns I have alloted for the terminal window.
I've also noticed hundreds of thousands of entries it has created in
/var/log/messages related to
SELinux
issues. I had switched SELinux from "enforcing" mode to "permissive" mode on
the system, due to web server application issues, so SELinux wasn't stopping
applications from running, but issues are being logged. I finally decided that
I at least needed to reduce the number of log entries being creatd
substantially, which will, hopefully, improve the responsiveness of the server.
I had fixed the
SELinux issue for one
application, CometChat recently, but I decided I needed to fix at least
some of the issues for other sites on the system, also, related to the
SELinux context for files under the public_html directory beneath user's home
directories.
[ More Info ]
[/os/unix/linux/selinux]
permanent link
Sat, Apr 23, 2016 10:53 pm
Web Spiders Crawling Site on 2016-04-23
When I viewed a page on the site this morning, the page took a long time to
load in my browser. I checked the
Apache access
log to see what it was showing in regards to site activity, since I had noticed
several
web
crawlers, aka web spiders, accessing the site yesterday. Checking the
site's Apache access log for today, I saw that it was being crawled
by four web spiders simultaneously: baiduspider, bingbot, MegaIndex.ru,
and the linkdexbot. The first, baiduspider, is associated with the Chinese
search engine company, Baidu, and the second, bingbot, is Microsoft's web
crawler, which is used by its Bing search engine. The latter two, MegaIndex.ru
and linkdexbot are associated with search engine optimization (SEO) companies.
[ More Info ]
[/network/web/crawlers]
permanent link
Fri, Apr 22, 2016 10:24 pm
Blosxom calendar plugin cache file causing internal server error
This morning, when I attempted to access an old blog posting to see
how I had resolved a problem in the past that I was experiencing again,
I saw a page displaying an "Internal Server Error" message. The page also
noted "More information about this error may be available in the server error
log. When I checked the Apache error log for the site, I noticed references
to the problem being linked to line 322 in the
calendar plugin
code for the
Blosxom blogging software I use on the site. I found the issue was related
to the the calendar plug-in's cache file being only zero bytes in
length. When I deleted the cache file it was automatically recreated,
which resolved the problem. I experienced the same problem a month ago on
March 22.
[ More Info ]
[/network/web/blogging/blosxom]
permanent link
Thu, Apr 21, 2016 10:13 pm
DreamLab
Vodafone Foundation Australia provides the free
DreamLab program to aid
Garvan Institute of Medical Research researchers in solving problems related
to cancer research using the processing power of idle smartphones. The
foundation estimates that problems that are part of the cancer research
puzzle may be solved 30 times faster if just 1,000 people use the app.
Help solve cancer while you sleep.
The Garvan Institute of Medical Research needs more computing power to speed
up cancer research. Donate the power of your smartphone to help, with DreamLab -
the flagship program of Vodafone Foundation Australia.
Download the app, choose how much data to give, and let your phone crack a
piece of the cancer puzzle as it recharges.
The
Garvan Institute of Medical Research is one of Australia's largest medical
research institutions with over 600 scientists, students, and support staff. The
institute conducts research on cancer, diabetes, osteoporosis, Alzheimer's
disease, Parkinson's disease as well as autoimmune and inflammatory conditions
such as rheumatoid arthritis, multiple sclerosis, asthma, and
Sjogren's syndrome,
a chromic automimmune disease in which the body's white blood cells destroy the
exocrine
glands. The institute developed a test that may predict the outcome of prostate cancer more effectively than the standard (PSA) test.
Genetic research is conducted by the institute and in
2014 the institute became one of three organizations in the world
able to sequence the entire human genome for less than $1,000 USD.
References:
-
This new app helps your smartphone cure cancer while you sleep
Date: November 9, 2015
Electronic Products
-
DreamLab app to help solve cancer | Vodafone Australia
Vodafone Australia
-
Garvan Institute of Medical Research
Wikipedia, the free encyclopedia
[/phone]
permanent link
Wed, Apr 20, 2016 9:44 pm
QuickTime Player Crashing When Attempting to Save Recording
I recorded the audio for a talk on a subject of interest to me using
QuickTime Player version 10.4 (833.7) on my MacBook Pro laptop running OS X
10.10.5 (Yosemite). At the end of the talk, I stopped the recording
and clicked on
File and then
Save to save the audio
recording to the system's hard disk drive. When I did so, QuickTime
crashed. I sent the
report to Apple.
Looking at the details for the report, I saw the cause listed as
follows:
Exception Type: EXC_CRASH (SIGABRT)
Exception Codes: 0x0000000000000000, 0x0000000000000000
Application Specific Information:
*** Terminating app due to uncaught exception 'NSInvalidArgumentException', reason: 'Cannot set outputURL to NULL'
terminating with uncaught exception of type NSException
abort() called
[ More Info ]
[/software/audio_video/quicktime]
permanent link
Tue, Apr 19, 2016 10:14 pm
Troubleshooting RDP through a NetScreen Firewall
I needed to determine why a Remote Desktop Protocol (RDP) connection could not
be established through a NetScreen firewall to a Microsoft Windows system
on the trusted side of the firewall , so I logged into the firewall and set a
filter to capture traffic on port 3389, the port used for RDP connections.
I then turned "snooping" on by issuing the
snoop command, which led
me to realize that I was trying to connect to the wrong IP address.
I was using the rdesktop program on a Ubuntu Linux system to establish
the connection to the Microsoft Windows system. After I realized my error
regarding the destination IP address, I was able to establish the RDP
connection, but then received a
"Connect a smart card" message
when I got to the login screen and clicked on the relevant account. I
was able to log into the system, however, if I used the -p option
with the rdesktop command to supply the password for an account on the
Microsoft Windows system.
[ More
Info ]
[/security/firewalls/netscreen]
permanent link
Mon, Apr 18, 2016 11:15 pm
Keeping an SSH connection alive
If you need to keep a
SSH connection alive, e.g., when you won't be
entering any commands for awhile after logging into the remote system via
SSH, you can use the
-o option with
ServerAliveInterval
. You can specify the interval in seconds which will be used by the SSH
client to send
keepalive packets with
-o ServerAliveInterval x
where
x is the frequency for sending the keepalive packets. E.g.,
if I wanted the SSH client to send keepalive packets every minute (60 seconds)
to the remote SSH server, I could use a command like the one below when
establishing the SSH session:
$ ssh -o ServerAliveInterval=60 jdoe@example.com
By using this option, you should be able to reduce the likelihood that
your SSH connection will get dropped after a certain amount of time due to
no activity for the session.
You can also use the
ServerAliveCountMax
parameter with ServerAliveInterval to drop the connection, if the SSH
client hasn't received a response from the server to the prior "heartbeat"
signal when the time comes to send another keepalive packet. E.g., ssh
-o ServerAliveInterval=60 -o ServerAliveCountMax=1 jdoe@example.com
would result in the connection being dropped if the client was awaiting
a response to even one outstanding keepalive packet.
There is also a TCPKeepAlive option in
OpenSSH.
That option is used to recognize when a connection is no longer active due
to some problem such as the SSH client application crashing or a prolonged
network outage. If the SSH server never recognizes that the client is no
longer communicating with it, it will continue to allocate resources,
such as memory, for the connection. The option is turned on by default
in the OpenSSH configuration file /etc/ssh/sshd_config. You
will see the following line in that file:
#TCPKeepAlive yes
You don't need to uncomment the line by removing the pound sign, since
"yes" is the default value. The option causes
Transmission Control Protocol (TCP) to periodically
transmit keepalive messages. If it doesn't receive responses within the
expected time, it returns an error to the sshd process, which will then
shut down the connection. The purpose of this option is to prevent half-dead
connections building up over time and consuming more and more system
resources as the number grows. The keepalive interval is typically in the
order of hours rather than minutes to minimize the network load for the
server. If the keepalive period was made shorter, that would affect all TCP
connections on the system, not just the SSH ones, potentially increasing the
network load unnecessarily and also causing connections to be dropped even
for transient issues, such as a short and temporary network issue.
The TCPKeepalive option is for dealing with longer term issues for a
connection rather than the loss of connectivity due to firewall, proxying, or
Network Address Translation (NAT) timeouts.
You can specify the option on the command line at the SSH client end as
follows:
$ ssh -o TCPKeepAlive=yes joe@example.com
References:
-
SSH, The Secure Shell: The Definitive
Guide
By: Daniel Barrett, Richard Silverman, Robert Byrnes
[/network/ssh]
permanent link
Sun, Apr 17, 2016 10:28 pm
SELinux and CometChat
On a CentOS 7 server, I noticed that
setroubleshootd
seemed to be using an inordinate percentage of the CPU's time when I ran
the
top command. When I
used the
ausearch
command to query the audit daemon logs for entries that might have
been created by setroubleshootd, I saw references to the
cometchat/.htaccess file in a user's directory beneath the
directory where her
Simple Machines Forum
(SMF) software resided. I also found tens of thousands of references
to that file in the
/var/log/messages file. The server runs
Security-Enhanced Linux
(SELinux) and I found that I needed to update the SELinux context for
the file to stop such entries being logged.
[ More Info ]
[/network/web/forums/smf/cometchat]
permanent link
Sat, Apr 16, 2016 3:55 pm
Security Advisory Posted for Adobe Flash Player
On April 5, 2016, Adobe released security advisory
APSA16-01 (CVE number: CVE-2016-1019) for a vulnerability in the
Adobe Flash
Player . The vulnerability affects the player on Microsoft Windows, Apple OS
X, Linux, and Google's Chrome OS. The vulnerability affects all versions of
Windows from Windows 10 backwards through Windows XP. The vulnerability
exists in Adobe Flash Player 21.0.0.197 and earlier versions. The
vulnerability is currently being exploited "in the wild", i.e.,
malefactors are already taking advantage of the vulnerability to
compromise vulnerable systems. The vulnerability allows malefactors
to crash a system and even potentially gain remote control of the
system. The vulnerability is being used by the Magnitude Exploit Kit
to spread
Locky ransomware -
see
Zero-Day Attack Discovered in Magnitude Exploit Kit Targeting
CVE-2016-1019 in Older Versions of Adobe Flash Player.
A software change Adobe made in version 21.0.0.182 will prevent the
exploit from being successful, so users who have at least that version should
be safe from the exploit allowing their systems to be compromised, since on
versions 21.0.0.182 and 21.0.0.197, it will only cause a
crash1. But I would advise users to
upgrade to the current version of the Adobe Flash Player, which is
version 21.0.0.213. If you use multiple web browsers on a system,
you should ensure that each of them have the latest version of an Adobe
Flash Player plug-in, if you have Adobe Flash Player support
installed for the browser. You can check the version
of the Flash Player being used by a browser by visiting
Adobe's
www.adobe.com/software/flash/about/ page. Alternate methods for
checking the version of the Flash Player on Apple OS X systems can be
found at Determining the version of
Adobe Flash on an OS X system.
References:
-
Zero-Day Attack Discovered in Magnitude Exploit Kit Targeting
CVE-2016-1019 in Older Versions of Adobe Flash Player
Posted: APril 7, 2016
Simply Security News, Views and Opinions from Trend Micro, Inc
-
A Look Into Adobe Flash Player CVE-2016-1019 Zero-Day Attack
Posted: April 8, 2016
Simply Security News, Views and Opinions from Trend Micro, Inc
[/security/vulnerabilities/multios]
permanent link
Fri, Apr 15, 2016 10:25 pm
Excel 2011 not enough memory and AutoRecovery files
Microsoft Excel for Mac 2011 was crashing whenever I attempted to open it
on a MacBook Pro laptop I use. Whenever I attempted to reopen it, I would be
presented one by one with files to reopen that had been open when it crashed.
If I chose to reopen all of the workbooks, it would display the message "Not
enough memory." then crash again. The problem occurred even after
I closed other applications that were open and rebooted the system
to minimize the amount of memory used by other processes running
on the system.
[ More Info ]
[/software/office]
permanent link
Thu, Apr 14, 2016 11:19 pm
Loop through an array in Bash
The
Bash shell, which is available on Unix, Linux, OS X,
and soon Microsoft Windows as well as
Microsoft has announced
support for Bash in the Windows 10 Annivesary Update expected to ship in
the summer of 2016, supports
arrays
, a commonly used programming
data type
for storing collections of elements. And with the
for loop
that is also available for Bash, you can iterate over the items in an array
that you create. Since Bash also supports arithmetic operations on numeric
values assigned to variables, you can perform arithmetic operations while
looping through the items in an array.
[ More Info ]
[/os/os-x]
permanent link
Wed, Apr 13, 2016 9:58 pm
Sharing files between OS X systems with Bluetooth
One means of sharing files between OS X systems such as MacBook Pro laptops
is to use the
Bluetooth wireless capability built into the systems. You can enable
Bluetooth file sharing by opening
System Preferences then selecting
Bluetooth Sharing. Once you've enabled Bluetooth sharing on both
devices, you can send files from one to another or browse the Public folder
on one from the other. To share files and folders between devices using
Bluetooth, the devices need to be fairly close to one another, since the
range for Bluetooth short-wavelength UHF radio waves is typically less
that 10 meters (approximately 33 feet), though the maximum possible
range is about 100 meters (approximately 330 feet) - see
Bluetooth Range.
[ More Info ]
[/os/os-x]
permanent link
Tue, Apr 12, 2016 11:18 pm
Excluding certain directories when using the find command
If I want to find all files with an HTML extension beneath the current
directory and its subdirectories, but skip one directory, on a Linux system, I
can perform a recursive search using the following command, which will
exclude the contents of the directory named "private" which is directly
below the current directory. The results will be placed in a file named
htmlfiles.txt.
$ find . -path ./private -prune -o -name '*.html' -print > htmlfiles.txt
The period immediately after the find, i.e., find .
tells find to start its
search from the current directory from which the command is being
executed; I could use something like find /somedir to start
the search in a different directory.
The -path ./private -prune -o tells find that for the directory
path that is ./private - the dot (.) represents the
current directory, so the path is the private directory below
the current directory - don't include it in the search, i.e., "prune" that
directory from the search path. Including
-prune indicates, if the file is a directory, do not descend into it.
But it is the "dash o", i.e., -o which ensures that nothing is
printed from within that directory.
[ More Info ]
[/os/unix/commands]
permanent link
Mon, Apr 11, 2016 11:00 pm
groff can't find DESC file
When I want to convert a
man page to an HTML file on an OS X
or Linux system, I pipe the man page file into
groff - see
Converting a man page to HTML,
PDF, text. I've used groff for that purpose on
CentOS, but,
when I tried that technique today on two
Ubuntu
Linux systems, I received the same "groff: can't find `DESC' file" error
message on both, which was followed by
"groff:fatal error: invalid device `html' (try installing the `groff' package?)"
Both systems were running
12.04 LTS (Precise Pangolin). I was able to resolve the problem by
installing the groff package with apt-get.
[ More Info ]
[/os/unix/linux/ubuntu]
permanent link
Sun, Apr 10, 2016 9:03 pm
Upgrading CometChat
I needed to upgrade
CometChat on a web site using
Simple Machines Forum (SMF) where
CometChat provides an online chat feature for users of the forum. The prior
version of CometChat was very out-of-date at 4.4.0 - see
Checking the version
of CometChat installed on a forum for methods for checking the version -
The SMF software was at the current version, 2.0.11. Before commencing the
installation of the upgrade to the latest version of CometChat,
I backed up the database for
the SMF forum and all of its files. I was able to successfully install
the
smf.zip file that was part of the upgrade package, but so
far have not been able to install the
cometchat.zip file needed
to complete the upgrade.
[ More Info ]
[/network/web/forums/smf/cometchat]
permanent link
Sat, Apr 09, 2016 10:48 pm
Fail2ban Logging
When I checked the fail2ban log on a CentOS 7 server today, I found that
two IP addresses assigned to to a system or systems in China had been banned
385 times in the past week because of repeated failed attempts to break into
the system via Secure Shell (SSH) logins. The IP addresses were:
183.3.202.183
183.3.202.184
When I checked for whether others had noted hostile activity from those
IP addresses at the Internet Storm Center,
I found that others had reported such activity from the two IP addresses
starting on March 30, 2016 and continuing through today.
[ More Info ]
[/os/unix/linux/centos]
permanent link
Fri, Apr 08, 2016 10:26 pm
Using SQLite
An easy way to create and maintain
Structured Query Language (SQL) databases at no cost is
to use the free
SQLite
software, which is
available
for Linux, OS X, and Microsoft Windows systems and also as C source code.
SQLite is provided by Apple with the current version of OS X; I don't know when
it was first included with OS X, but I know it has been present
from at least OS X 10.8.5
(Mountain Lion). If you open the
Terminal
application, which you can find in /Applications/Utilities,
and type which sqlite3, you should see the program.
[ More Info ]
[/software/database/sqlite]
permanent link
Thu, Apr 07, 2016 10:15 pm
Location of cron files on a CentOS system
I needed to know the last time crontab had been used to update the
cron table
(crontab) file for a user account on a
CentOS 7
system, since an expected output file from a cron job that should have
been created from the last modification to the cron file had not
appeared. On a CentOS Linux system, the crontab files can be found in
/var/spool/cron.
# ls -l /var/spool/cron
total 8
-rw-------. 1 jdoe jdoe 409 Apr 7 12:32 jdoe
-rw-------. 1 root root 542 Jan 1 2015 root
The files are used to schedule jobs to run periodically on the system and
can be edited with crontab -e. A crontab file for an account
can be viewed by issuing the command crontab -l while logged into
that account.
[/os/unix/linux/centos]
permanent link
Wed, Apr 06, 2016 10:51 pm
Checking the version of CometChat installed on a forum
If you are using
CometChat with a
Simple Machines Forum (SMF) to provide
an online chat feature for users of the forum and wish to determine
the version currently on a Linux system, make the current working
directory the one in which CometChat is installed, e.g.
cd
~/public_html/myforum/cometchat, if that is the directory where
CometChat is installed; the
~ will be translated by the
system to represent your "home" directory, i.e, the directory you are
placed in when you log into the system. Then search for "currentversion"
in the
index.php file, which will be found in the
admin subdirectory beneath the
cometchat
directory. In the example below, the version installed is 4.4.0.
$ grep "currentversion" admin/index.php
$currentversion = '4.4.0';
$
You can also find the version by viewing the contents of the
CHANGELOG.txt file in the CometChat directory. The current
version will be listed near the top of the file with the new features
provided in that version.
$ more CHANGELOG.txt
-------------------------------------------------------------
CometChat Change Log
-------------------------------------------------------------
-------------------------------------------------------------
4.4.0
-------------------------------------------------------------
Features
+ Jabber/XMPP support
+ Inline popups for plugins/extensions
+ Desktop Messenger support
+ CometService/BeaconPush/APE enabled for chatrooms
+ Facebook chat login with your own Facebook application keys
+ Enhanced and simplified theming
+ Sleaker scroller
The CometChat website has a statement that "We provide support only
for the latest stable version. No support is provided for beta or older
releases."
[/network/web/forums/smf]
permanent link
Tue, Apr 05, 2016 9:45 pm
Recording audio on a Mac OS X system with QuickTime Player
If you need to create an audio recording, e.g., to record a lecture, etc.,
you can do so on a Mac OS X system using the QuickTime Player application
that you should be able to find in the
/Applications directory
on the system. When you have completed recording, you can save the file
in the MPEG-4 Part 14 multimedia container format as a .ma4 file. If you
wish to convert the file to another format, you can convert it with
iTunes or the
afconvert utility
that comes with the OS X operating system.
[ More Info ]
[/os/os-x/audio]
permanent link
Mon, Apr 04, 2016 10:13 pm
Encrypting a folder on a Microsoft Windows system
You can encrypt a directory, aka folder, on a Microsoft Windows system
so that it's contents can't be accessed by others even if they boot
the system with an alternate operating system from a CD or USB flash
drive or remove the drive and put it in another system, so that Windows
file permissions that might otherwise apply can't be bypassed. To encrypt
a folder and its contents, right-click on the folder within the Windows
File Explorer and choose
Properties then click on the
Advanced
button and then click on the check box next to "Encypt contents to secure
data". You will be asked to confirm that you wish to proceed with the change
to the folder's attributes. Proceed, applying the changes to the folder, its
subfolders, and the files within it.
[ More Info ]
[/os/windows]
permanent link
Sun, Apr 03, 2016 8:47 pm
Sending an Email from Adobe Acrobat DC using Thunderbird
Yesterday, someone reported to me that she was unable to send a document
she had scanned from within Adobe Acrobat using Thunderbird, which is
the email client she uses on her Microsoft Windows 10 desktop system. She
said she had contacted Adobe support and followed the instructions given
to her by the support person, but those instructions had not resolved
the problem and she still could not send email from within Adobe Acrobat.
I found the problem was due to Acrobat attempting to use the default mail
application on the system, which was Microsoft Outlook, which she didn't
use, so was likely not even configured for an email account. After I made
Thunderbird the default mail application on her system, she was able to
send a file she had open in Acrobat via email from within Adobe Acrobat
using Thunderbird.
[ More Info ]
[/os/windows/software/pdf/acrobat]
permanent link
Sat, Apr 02, 2016 6:20 pm
Verifying the legitmacy of programs with PowerShell cmdlets
If you need to verify the authenticity or legimacy of a program on a
Microsoft Windows system, e.g., if you need to check whether the program
has remained unaltered since it was provided by the developer or check
that it came from the developer it is purportedly from, you can use
Windows PowerShell cmdlets to give you a greater degree of confidence.
Oftentimes a developer website will list a
cryptographic hash code for a file. The cryptographic hash code allows you
to verify that a program that you have on a system is an unaltered copy of
the program as it was delivered by the developer, since changing even a
single character/byte in a file will result in a different hash code being
calculated for the file when it is checked by a program that can calculate
hash codes for files. To calculate a cryptographic hash code for a file,
you can use a program like
md5sum or,
on a Microsoft Windows system, you can obtain a
SHA-256
hash code value for a file from a
Windows PowerShell prompt using the
Get-AppLockerFileInformation cmdlet.
[ More Info ]
[/os/windows/PowerShell]
permanent link
Fri, Apr 01, 2016 10:48 pm
Using fail2ban on a CentOS 7 system
If you run a server that is accessible to anyone on the Internet, you
should expect that many people and bots will attempt to break into the
system, which is why you should ensure that all accounts have strong
passwords. Many attackers will use a dictionary attack where they pair
common account names, such as root, admin, administrator, etc. with every
word in a dictionary. Or they may even pair a "name dictionary" with a
dictionary for a particular language, such as English. Such dictionaries
can be readily found on the Internet. Name dictionaries may be used by
expectant parents looking for a name for their yet to be born child,
but a malefactor may use such a dictionary as well as part of an attack
against a system. E.g., an attacker may start with abe as a username and
then try every word in an English language dictionary as a password. If
he can't get in using abe as the user name, he might next try al, alan,
ann, arthur, etc. going all the way up to names that start with the letter
"z". Certainly pairing each name with every word in a dictionary would
take an inordinate amount of time, if someone manually typed each username
and password combination, but there is no need for an attacker to manually
make guesses in an attempt to compromise a system. Instead, he can use
a program that will read entries from dictionaries and submit them to
the system under attack. A program can potentially submit thousands of
guesses a minute if there is sufficient bandwidth between the attacking
and attacked systems and sufficient CPU power on both systems. If you are
responsible for a server, you are unlikely to want an attacker to have
unlimited attempts to break into the system. The attacker will be using
bandwidth to your server and system resources, such as CPU cycles, even
if he never manages to break into the system. And, if even one user has
a weak password, such as a dictionary word, sports team name, car name,
etc., which may also be in a dictionary used for password guessing,
granting an attacker unlimited attempts to try breaking in may result
in the attacker being successful. One way to preclude an attacker from
being able to submit an unlimited number of password guesses is with
fail2ban.
[ More Info ]
[/os/unix/linux/centos]
permanent link
Privacy Policy
Contact
