While troubleshooting an isuue on a
CentOS server,
which functions as a web server, I used the
tcpdump
utility to monitor network traffic to and from the web server. I used the
tcpdump commandtcpdump -i enp1s4 -vvv port 80 to observe traffic on network
interface enp1s4, which was the
Local Area Network
(LAN) interface, and only on port 80, the
well-known port for
HTTP traffic. Amidst the expected traffic
I also saw HTTP connectivity from the server on which I was performing the
troublehshooting to another web server, which seemed odd, since it wasn't
immediately apparent to me why the server I was troubleshooting was connecting
to that other web server at IP address 8.247.90.236.
15:12:46.491073 IP (tos 0x0, ttl 64, id 21907, offset 0, flags [DF], proto TCP (
6), length 52)
moonpoint.com.33309 > 8.247.90.236.http: Flags [F.], cksum 0x26b7 (incorrect
-> 0x2738), seq 3599572683, ack 3802137359, win 115, options [nop,nop,TS val 28
33407685 ecr 423340583], length 0
15:12:46.515987 IP (tos 0x0, ttl 54, id 31318, offset 0, flags [none], proto TCP
(6), length 52)
8.247.90.236.http > moonpoint.com.33309: Flags [F.], cksum 0x13c6 (correct),
seq 1, ack 1, win 114, options [nop,nop,TS val 423345561 ecr 2833407685], lengt
h 0
15:12:46.516052 IP (tos 0x0, ttl 64, id 21908, offset 0, flags [DF], proto TCP (
6), length 52)
moonpoint.com.33309 > 8.247.90.236.http: Flags [.], cksum 0x26b7 (incorre
ct -> 0x13ac), seq 1, ack 2, win 115, options [nop,nop,TS val 2833407710 ecr 423
345561], length 0
Yesterday, while using the
free and open sourcepacket
analyzer software Wireshark to observe network traffic reaching a router, I had
set a packet filter in Wireshark to filter on
Internet Control Message Protocol (ICMP) traffic. I saw
a lot of unexpected ICMP "port unreachable" packets coming from a
server behind the router headed outbound to the Internet to the
IP address
116.31.116.41.
Internet Control Message Protocol
Type: 3 (Destination unreachable)
Code: 3 (port unreachable)
Checksum: 0xa821 [correct]
[Checksum Status: Good]
Unused: 00000000
ICMP
destination unreachable packets are "generated by the host or its
inbound gateway to inform the client that the destination is unreachable
for some reason." There is a "code" field that follows the "type" field in an
ICMP packet. If the code is 3, then it indicates a port unreachable error
(the designated protocol is unable to inform the host of the incoming
message). When I checked the destination port at the server end, I saw it was
22, which is the
well-known port for the Secure
Shell (SSH) protocol.
My wife usually reads at night using her Amazon Kindle before going to sleep.
Recently, however, she experienced problems charging the Kindle. We looked
at new Kindles, including the
Kindle Fire HD 10 Tablet That Kindle is larger
than her prior Kindle, but she was impressed with how light it is and felt that
she could read comfortably at night in bed with it, so we ordered that one
online; it arrived today. When I purchased our first Kindle, the first one
offerred, we shared the Kindle. Eventually I bought her a Kindle of her own and
then later we purchased a new third Kindle for her, but since Amazon didn't
offer a means to transfer books from one family member to another, we didn't
have a mechanism for transferring her books from the first and second Kindles to
her latest Kindle, if we created a second account just for her, so she would
see my books if she looked for books we'd purchased to download to her Kindle
and I'd see recommendations refelecting her reading tastes when I logged into
my account. It was annoying that Amazon didn't previously provide a means for
us to separate our Kindle ebooks, but when the new Kindle arrived today, I
decided I'd check to see if they now did offer an option for family members
to share or transfer books, since it had probably been at least a year since
I'd last checked. Happily, I found that Amazon now offers a "Family Library"
option that allows adult family members to share books with one another,
which would allow me to create a new Amazon account for her and share the
books she'd already purchased under my original account to her new account.
The following steps can be taken to remove the cookies associated with a
particular website in the Firefox browser. Note: these steps were taken on
Firefox 50.0.2 on a Microsoft Windows 10 system, but should be applicable to
other versions as well.
Click on the 3 horizontal bars at the upper, right-hand corner of the Firefox
Window.
Click on Options.
In the about:preferences window, click on Privacy.
Under the History setion of the Privacy window, click on
"remove individual cookies".
In the Cookies window, scroll down to you find the relevant site.
Click on the relevant site to select it, then click on the Remove Selected
button.
I performed a
malware scan of a system with McAfee Total
Protect on 2016-12-14 which found malware that was apparently placed on the
system on December 8, 2016. Since
BrowsingHistoryView from Nir Sofer provides
a means to examine the browsing history stored on a system for many browsers,
I installed it on the system - the installation process consists of simply
extracting the files contained in the zip file you can download from the
NirSoft website - in an attempt to determine
the source for the malware. I thought there might be an entry in the browsing
history for a time near the time stamp on the malware file that would reveal
a website from which it might have been downloaded. BrowsingHistoryView
allows one to view the browsing history for the following browsers:
I ran a scan for malware on a Microsoft Windows 10 system using
SUPERAntiSpyware,
an anti-spyware program that is available as a free version, today. I ran
a scan of another Windows 10 system
at the same location using SUPERAntiSpyware a few days ago after the user of
that system reported performance problems on her system. The other user told
me that the user of the system I scanned today was also experiencing problems
with her system. SUPERAntiSpyware reported "1 Item Found" on the system I
scanned today. It reported that it found an application Search
Protection:
Search Protection is a program that may display advertisements and is bundled
with other potentially unwanted programs.
It identified the following Windows registry key as suspicious:
The 0x0 represents
hexadecimal value zero and that value indicates the system is not currently
configured to use a proxy server. A value of one, i.e., 0x1,
indicates it is currently configured to use a proxy server.
Even if the value is 0, you can determine if a proxy server had previously
been set that will be used again if you set the value to 1 by using the
reg query command below.
In the example above, since the proxy server setting was set to be a
SOCKS proxy, any browser, such as Edge or
Firefox, if it was
configured to use the system wide proxy settings, would now route web traffic
through the proxy server.
I started the installation of a program on a MacBook Pro laptop running
OS X
Yosemite (10.10.5), but then switched to a
Terminal window. When I wanted to switch back to the installation window
I could no longer find it in the
OS X
dock at the bottom of the screen, nor could I see it by cycling through open
windows with the Command-Tab keys, nor did I see it when I clicked on
the Apple icon at the upper, left-hand corner of the screen and looked for it
under Force Quit. When I tried to restart the installation by
clicking on the Apple Disk Image .dmg file, nothing appeared to happen.
I was able to find the invisible window by hitting the F3 function
key on the keyboard, though.
I could then see the hidden DiskImages UI Agent window that I hadn't
been able to locate previously. I was able to click on it and bring it
to the foreground where I could proceed with the installation.
I ran a malware scan of a Microsoft Windows 10 system yesterday after the
user of the system reported that she was having problems with
QuickBooks
and
Internet Explorer on the system and that the system had been performing
poorly for some time. SUPERAntiSpyware
detected Cartwheel Shopping, et al. potentially unwanted software on the
system. I had SUPERAntispyware remove everything it detected, but this evening
decided to also run a scan of the system with the antivirus software, McAfee
Total Protection, which has been on the system since it was purchased. That
antivirus software reported it detected two items.
The two items detected were
Adware-DealPly and PUP-XAO-ME.
A user reported that she was having a lot of problems with her Windows 10 PC,
including performance issues and problems with the
Internet Explorer web browser. When I logged into an administrator account
and scanned the system with
SUPERAntiSpyware, an
anti-spyware
program that is available as a free edition, it detected Cartwheel
Shopping, which it noted "is a program that may display advertisements and
is bundled with other potentially unwanted programs."
When I want to convert
man pages to HTML files,
I usually employ the groff utility. E.g., I can locate the
modifyrepo man page
with the find command and
then cut and paste the location of the man page file after the
cat command or use
command substitution to take the
output from the find command as input to the cat command. I then
pipe
the output into the
groff command. But sometimes that method doesn't produce clean HTML
code. An alternative means of producing an HTML file from a man page is with
the man2html utility.
When an automatic reboot has been scheduled for a Microsoft Windows 10 system
after an operating system (OS) update, you will be warned that the
system will be rebooted. The system shouldn't be rebooted while you are actively
using it, but it could reboot after you've stepped away from the system
temporarily for a short time when the OS deems the system is idle, if the
time is outside what the OS considers the "active hours" for the system, i.e.,
the hours you would be expected to be using it normally. Windows view of what
are "active hours" may be different than your view, however. You can check on
what hours it deems to be the "active ones" for your
PC
and change the time it is scheduled to reboot automatically by bringing up the
Windows Update settings window by the following steps.
While troubleshooting a problem with
Domain Name System (DNS) lookups on a
CentOS 7
system, I ran
tcpdump using the -vv option to get very verbose output. The
output from tcpdump showed many "bad udp cksum 0x431b" messages.
# tcpdump -i enp1s4 -vv port 53
tcpdump: listening on enp1s4, link-type EN10MB (Ethernet), capture size 65535 by
tes
15:04:44.432784 IP (tos 0x0, ttl 64, id 18564, offset 0, flags [DF], proto UDP (
17), length 75)
moonpoint.com.39018 > 208.67.220.220.domain: [bad udp cksum 0x431e -> 0x9f9d
!] 29085+ A? 248.13.189.1.sbl.spamhaus.org. (47)
15:04:44.433856 IP (tos 0x0, ttl 64, id 21529, offset 0, flags [DF], proto UDP (
17), length 73)
As explained at
UDP / TCP Checksum errors from tcpdump & NIC Hardware Offloading by
Sokratis Galiatsis "This is caused because you have checksum offloading on your
network card (NIC) and tcpdump reads IP packets from the Linux kernel right
before the actual checksum takes place in the NIC’s chipset. That’s
why you only see errors in tcpdump and your network traffic works ok."
If you need to obtain a list of all disk drives on a Microsoft Windows system
from a
command line interface (CLI), e.g., a command prompt window, you can do so using
Windows Management Instrumentation Command-line (WMIC). You can obtain
a list of drives by opening a
command prompt window and then issuing a wmic logicaldisk get
command followed by parameters relevant to the information you
wish to see. You can see a list of parameter options by issuing the command
wmic logicaldisk get /?.
C:\>wmic logicaldisk get /?
Property get operations.
USAGE:
GET [<property list>] [<get switches>]
NOTE: <property list> ::= <property name> | <property name>, <property list>
The following properties are available:
Property Type Operation
======== ==== =========
Access N/A N/A
Availability N/A N/A
BlockSize N/A N/A
Caption N/A N/A
Compressed N/A N/A
ConfigManagerErrorCode N/A N/A
ConfigManagerUserConfig N/A N/A
Description N/A N/A
DeviceID N/A N/A
DriveType N/A N/A
ErrorCleared N/A N/A
ErrorDescription N/A N/A
ErrorMethodology N/A N/A
FileSystem N/A N/A
FreeSpace N/A N/A
InstallDate N/A N/A
LastErrorCode N/A N/A
MaximumComponentLength N/A N/A
MediaType N/A N/A
Name N/A N/A
NumberOfBlocks N/A N/A
PNPDeviceID N/A N/A
PowerManagementCapabilities N/A N/A
PowerManagementSupported N/A N/A
ProviderName N/A N/A
Purpose N/A N/A
QuotasDisabled N/A N/A
QuotasIncomplete N/A N/A
QuotasRebuilding N/A N/A
Size N/A N/A
Status N/A N/A
StatusInfo N/A N/A
SupportsDiskQuotas N/A N/A
SupportsFileBasedCompression N/A N/A
VolumeName N/A N/A
VolumeSerialNumber N/A N/A
The following GET switches are available:
/VALUE - Return value.
/ALL(default) - Return the data and metadata for the attribute.
/TRANSLATE:<table name> - Translate output via values from <table name>.
/EVERY:<interval> [/REPEAT:<repeat count>] - Returns value every (X interval) seconds, If /REPEAT specified the command is executed <repeat count> times.
/FORMAT:<format specifier> - Keyword/XSL filename to process the XML results.
NOTE: Order of /TRANSLATE and /FORMAT switches influences the appearance of output.
Case1: If /TRANSLATE precedes /FORMAT, then translation of results will be followed by formatting.
Case2: If /TRANSLATE succeeds /FORMAT, then translation of the formatted results will be done.
C:\>
For example, the results from issuing the command on a Windows 10
system to display the device ID, volume name, and description are shown
below:
C:\>wmic logicaldisk get deviceid, volumename, description
Description DeviceID VolumeName
Local Fixed Disk C: OS
CD-ROM Disc D:
CD-ROM Disc E:
Removable Disk F: EMTEC
C:\>
I was notified by a user that she was not able to check her email. After
verifying that I could successfully establish a
Telnet
connection to the
Simple Mail Transfer Protocol (SMTP) port, i.e.,
well-known port 25, which her system would use for sending email, I then
tried establishing a
Post Office Protocol version 3 (POP3) connection to the mail server from an
external Microsoft Windows system, using
Microsoft's telnet
client. But that got stuck at "connecting to".
Microsoft Telnet> open mail.example.com 110
Connecting To mail.example.com...
So I logged into the mail server, which is a
CentOS 7 Linux server running
Sendmail
and
Dovecot, and tried connecting to the
localhost
address, 127.0.0.1, but Dovecot never responded with a banner, nor did I receive
any response when I issued a user command to provide login
credentials. I had to hit Ctrl-] to exit from the Telnet
program, since I wasn't getting any response from Dovecot.
# telnet 127.0.0.1 110
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
user lila
^]
telnet> quit
Connection closed.
#
If you wish to download a YouTube video to store locally on your computer,
you can do so on a
Mac OS X system, and Linux systems, also, using
youtuble-dl, a
Python script. You can also download a
Microsoft Windows exe file from the
youtube-dl Download
Page. With youtube-dl, you can download videos from YouTube and other
sites from a command-line interface (CLI).
For a Mac OS X system, you can obtain the script using the
curl utility that is provided
with the operating system. You can also use curl on a Linux system, if you
have it installed on that system. Alternatively, you can use
wget, which isn't
provided with the OS X system, but which you may have on a Linux system, if
you don't have curl available. To obtain the youtube-dl script using curl on
a Mac OS X system, you can open a
Terminal
window and issue the command sudo curl -L
https://yt-dl.org/downloads/latest/youtube-dl -o
/usr/local/bin/youtube-dl. That will download the script and place it in
the /usr/local/bin directory.
If you need to view the
message header
for an email message received with Microsoft Outlook 2013, you can take
the following steps:
Double-click on the message for which you wish to view the message header
fields to open it in a separate window.
With the Message tab selected, you will see a column with the
following items:
Mark Unread
Categorize
Follow Up
Beneath those items, you will see "Tags". Click on the diagonally,
downard-pointing arrow to the right of "Tags".
You will then see a Properties window with an "Internet headers"
section where you will see the message header that will show you the
return-path, the email servers the message has passed through, etc.
DLNA provides a standard for sharing
digital
media among multimedia devices and Vuze can be used to stream
audio and video from a computer to a device that supports the DLNA
standard, e.g., a input device for a
television
(TV).
In Microsoft Outlook for Mac 2011 (version 14.6.7), which is part of the
Microsoft Office for Mac 2011office suite, while composing an email message, you can click
on Draft on the top menu bar and then select Security to choose to
digitally sign and/or encrypt a message to the recipients.
If you don't have a signing certificate installed for the account from which
you are sending the email, though, when you click on Send, you will see
the message "You must first install a valid signing certificate before you can
send a digitally signed message. Do you want to send this message without a
digital signature?"
After Microsoft Excel for Mac 2011, which is part of the
Microsoft Office for Mac 2011 office suite, crashed on my
MacBook Pro laptop running OS X Yosemite (10.10.5), whenever I tried to reopen one of
the workbooks I had open at the time of the crash, I would see the message
"Microsoft Excel quit unexpectedly."
The crash report showed an exception type
of "EXC_CRASH (SIGABRT)" and "Application Specific Information" was "[50842]
stack overflow".
If I tried opening the workbook with the
Apache OpenOffice 4.1.2 on the same system, it displayed "Loading..."
and then seemed to get stuck there. However, when I returned to the system
about 15 minutes later, the spreadsheet I needed to access was open within
the OpenOffice
Calc application. All of the sheets within the workbook were
accessible and I clicked on File, then chose Save
and then saved the file with the default file type of "ODF Spreadsheet (.ods)",
so that I would have a readable copy of my data that I could at least open
with OpenOffice. I then clicked on File again and this time chose
Save As and used a file type of "Microsoft Excel 2003 XML (.xml)".
I received a warning that "This document may contain formatting or content
that cannot be saved in the Microsoft Excel 2003 XML file format. Do you want
to save the document in this format anyway?" I chose "Keep Current Format" to
save the spreadsheet in the .xml format.
Microsoft provides a free viewer that runs on Microsoft Windows systems for
files created by its Visio diagramming and
vector
graphics application. But it does not provide a viewer for systems
running Apple's
OS X operating system. VSD Viewer Pro from
LawBox LLC provides a good, low-cost means
to view the .vsd and .vsdx files produced by Visio on Mac OS X systems.
The developer's webpage for the application is at
VSD Viewer Pro for Mac. The current
release, VSD Viewer Pro 1.2, is compatible with
OS X
Mavericks 10.9 or later for systems with a
64-bit processor.
The software can be obtained using the
Mac App
Store application on OS X systems. The current cost is $4.99
USD.
If you are unable to insert new worksheets into an Excel workbook or make
other changes to the workbook because it is protected and you don't know
the password to unprotect the workbook, if the workbook is in a .xlsx file,
you can remove the password by changing the .xlsx
file
extension to .zip, then extract the contents of the zip file, locate
the workbook.xml file within it and remove the password
between the double quotes following workbookProtection workbookPassword=
using a text editor, then resave the file and recompress the
directory produced when you unzipped the zip file, but, on an OS X system,
you will need to ensure that the directory and its contents are compressed
in the way Excel is expecting, e.g. with the
zipdir Pyhon script.
If you have a file with an .xlsx extension on the file name that was last edited
by
Microsoft Excel, then the file is stored in an
Office
Open XML (OpenXML) zipped, XML-based file format developed by Microsoft for
spreadsheets, charts, presentations and word processing documents. You can
change the file extension to .zip by renaming the file. You should then
be able to extract the contents of the zip file as you would with any other
zip file.
There are different algorithms that can be used for storing files within a
zip file that determine the level of compression and speed of production of
a zip file. If you are using a
Linux or
Apple OS X
system, you can see choices that are available for compressing files and
directories into a zip file from the
command line, e.g. from a
Terminal
window on an OS X system, by looking at the
man page
for the zip program by
issuing the command man zip.
The Python code below will create a
zip
file from the files and any subdirectories within a specified directory.
I.e., it will recursively compress the files within a directory.
#!/usr/bin/python
# Name: zipdir.py
# Version: 1.0
# Created: 2016-11-13
# Last modified: 2016-11-13
# Purpose: Creates a zip file given a directory where the files to be zipped
# are stored and the name of the output file. Don't include the .zip extension
# when specifying the zip file name.
# Usage: zipdir.py output_filename dir_name
# Note: if the output file name and directory are not specified on the
# command line, the script will prompt for them.
import sys, shutil
if len(sys.argv) == 1:
dir_name = raw_input("Directory name: ")
output_filename = raw_input("Zip file name: ")
elif len(sys.argv) == 3:
output_filename = sys.argv[1]
dir_name = sys.argv[2]
else:
print "Incorrect number of arguments! Usage: zipdir.py output_filename dir_name"
exit()
shutil.make_archive(output_filename, 'zip', dir_name)
The script takes two
arguments: the output file name and the directory to be
compressed. The .zip extension should not be included with the output
file name; it will automatically be appended to the output file name. If
no arguments are specified on the command line, the script will prompt for
them. E.g., if I wanted to create a zip file named test.zip from
the contents of the folder Example, I could use the command
python zipdir.py test Example or, if the zipdir.py
script is
made executable on a
Linux or
Apple OS X system with
chmod u+x zipdir.py, then ./zipdir.py test Example
can be used.
If your email address is in a Mailman mailing list, you can send an
email message to the list with help in the subject or body of
the email to get an email reply showing you the commands that you can put
in email messages to the list. E.g., supposing that you are a member of
a mailing list called "browncoats" on the server example.com. To see a list
of the available commands supported by the Mailman mailing list handling
email to that mailing list, you would send an email with help
in the subject or body of the message to
browncoats-request@example.com. I.e., you would put the name
of the mailing list, in this case "browncoats" followed by a dash and the
word "request" as the email address to which you would be sending the
command. If you put help in the body of the message, you don't
need to specify a subject, but put help as the first line of
the message with no other text on the line.
A user who uses Microsoft Office Professional Plus 2010 as his email
client reported that he could no longer download email. Whenever the
user would check his email, a window would appear prompting him to
re-enter his userid and password. Even after I reset his password on
the server, the same thing kept happening. At the bottom, right-hand
corner of the Outlook window, I saw a "Send/Receive error" messsage
next to a yellow triangle with an exclamation mark within it.
When I clicked on that error message, I saw "reported error (0x800CCC91):
'Your e-mail server rejected your user name. Verify your user name
for this account in Account Settings. The server responded -ERR [AUTH]
Plaintext authentication disallowed on non-secure (SSL/TLS) connections.'"
After I upgraded ClamWin to version 0.99.1 on an
HP laptop running Microsoft Windows 7 Professional, I saw a window titled
"freshclam.exe - Ordinal Not Found" with the message "The ordinal 177
could not be located in the dynamic link library libclamav.dll."
When I right-clicked on the ClamWin icon in the
notification area
at the lower, right-hand corner of the screen and selected Open ClamWin,
I saw the prompt "You have not yet downloaded Virus Definitions Database.
Would you like to download it now?" I chose "Yes" and saw the
"Ordinal Not Found" message again.
I use the Python xlrd module
to extract a column from an Excel spreadsheet. I've been using a
Python script,
extract-addresses.py to pull the data from a set column in an .xls
spreadsheet, Directory.xls, and store it in a text file. I decided to
make the script more generic, so that I can extract the data from a
spreadsheet I specify when I run the script rather than a set spreadsheet and
to have the specific column and output file name be variable as well. The
new script is
extract-column.py. The Python
xlrd module will need to be
installed for the script to work; xlrd can be downloaded from one of the links
below:
If no arguments are provided on the command line, the script will prompt
for the name of the spreadsheet file from which the data should be extracted,
the column number containing the data to be extracted (A is treated as
column 1, B as column 2, etc.), and the name of the output file to hold
the extracted data.
If you receive a message from a
Secure
Shell (SSH) or
Secure File
Transfer Protocol (SFTP) application regarding the host key of the server
to which you are attempting to connect being unknown or changed, such as
the message from WinSCP below, you can check the server's public host key on the
server itself, if it is a
Linux server, using the
ssh-keygen utility.
The -l option shows the fingerprint of a specified public key file.
Private RSA1 keys are also supported. For
RSA
and DSA keys, ssh-keygen tries to find the matching public key
file and prints its fingerprint. If the -l option is combined
with -v, an ASCII art representation of the key is supplied with
the fingerprint. The -f filename option allows you to
specify the file name of the key file.
The ssh-keygen -l -f /etc/ssh/ssh_host_rsa_key.pub command isn't
showing the key itself, but instead shows the
"fingerprint" for
the key, which is a sequence of 32
hexadecimal
digits. You can see the much larger key value itself by issuing the
command cat /etc/ssh/ssh_host_rsa_key.pub.
On a CentOS 7 system I saw "Core temperature above threshold, cpu clock
throttled" messages like those below appear on the console today.
[68546.319229] CPU1: Core temperature above threshold, cpu clock throttled (total events = 189995)
[68546.319240] CPU0: Core temperature above threshold, cpu clock throttled (total events = 189989)
[68546.519121] CPU0: Core temperature above threshold, cpu clock throttled (total events = 192228)
[68546.519131] CPU1: Core temperature above threshold, cpu clock throttled (total events = 192234)
I checked to see if the lm_sensors package was installed on
the system, so I could check fan speeds and the
central processing unit (CPU) temperature. It wasn't installed, so I
installed it from the root account with yum install lm_sensors.
Ncat, which is a reimplementation of
the netcat
computer networking utility, is a utility which reads and writes data across a
network from a
command-line interface (CLI), such as a shell prompt or a Microsoft Windows
command prompt. It supports
TCP and
UDP,
SSL, and proxy connections via
SOCKS4 or
the HTTP CONNECT method.
You can downloaded a precompiled binary version of the utility from
Nmap.org or this site.
Email clients often allow you to create a
signature block that will automatically be added to the bottom of every
email message you compose. Signatures typically contain items such as the
sender's name, email address, physical address, phone numbers, company name,
etc. To create such a signature in Outlook 2011, which is part of
Microsoft Office for Mac 2011, take the following steps inside Outook:
AppLocker is a policy-based security component of Microsoft Windows
introduced in Windows 7
Professional, Enterprise and Ultimate editions and
Windows Server
2008 R2. It enables or disables execution of software based on rules such
as location, properties and digital signature, so it can be used to restrict
that software that can be run on a Microsoft Windows system.
Executable file restrictions can be based on a
hash value, publisher certificate, etc. Further details on
AppLocker can be found at
An approach for managing Microsoft AppLocker policies.
The
Get-AppLockerFileInformationPowerShell
cmdlet will return a hash code it labels as "SHA256". But you will find
that a hash code it returns differs from one returned by the Get-FileHash
cmdlet for executable, e.g., .exe files.
I heard some good news on the radio while driving home from the office this
afternoon. Indian law enforcement officers arrested 70 people working in
call centers on the outskirts of Mumbai who were involved in a phone scam operation where they
would call U.S. citizens and leave voice mail messages where they claimed to be
U.S. Internal Revenue Service (IRS) agents demanding
payments for taxes those called supposedly owed with the threat of arrest
if the callee doesn't pay. Assistant police commissioner Bharat Shelke
stated that "Fearing arrest, some used to call back, and employees
at the call center then demanded a few thousand dollars to settle the
case." Shelke also stated that an estimated $36.5 million was extorted
from Americans duped into paying the scammers. Unfortunately, the police
haven't yet caught the ringleaders of the operation.
Indian authorities stated that the callers were trained to disguise their
Indian accents, so that they would sound more like native-born Americans.
Employees of the scammers were given a six-page script with tips on how to
allay potential victims suspicions. For their jobs as criminals, callers
were paid between 10,000 rupees and 70,000 rupees every month, which is
equivalent to between $150 and $1,050 U.S. dollars, police said. Shelke
stated "Employees were aware of the fraud, but since they were getting
a good salary, they remained silent."
Such scammers don't target just Americans. Tax agencies in Canada and
Australia have all issued warnings over such scam callers. Last year,
Sahil Patel, a scammer residing in
Pennsylvania, was sentenced to 14 1/2 years in prison for his role in
a similar scam where callers posed as law enforcement officers or tax agents.
He was also ordered to forfeit one million dollars. The call centers
Patel worked with used software that allowed them to spoof calling numbers so
that those called would see a phone number that appeared to be associated with
the agency with which the callers claimed to be associated.
At a Senate hearing in 2015 prior to Patel's conviction, a
U.S. Department of the Treasury official estimated that
such scams generated between 9,000 and 12,000 complaints a week and had gained
scammers more than $15.5 million from 3,000 victims.
So kudos to Indian law enforcement officers for the recent operation; I hope they catch the kingpin(s) for whom those arrested worked.
If you wish to create folders in Outlook 2011, which is part of
Microsoft Office for Mac 2011, so that you are using less
space on a Microsoft Exchange Server, where you might have a quota
limiting your mailbox storage, you can create local folders that will result
in the email messages being placed in them being stored on your computer's
disk drive, instead, of on the server. To do so, you can take the following
steps:
Click on Outlook at the top of the top, left-hand corner of the
Outlook window.
Select Preferences
Click on General under Personal Settings. In the General
settings window, uncheck the check boxes next to "Group similar folders, such
as inboxes, from different accounts and "Hide On My Computer folders". You can
then close the window by clicking on the red circle at the upper, left-hand
corner of the window.
Click on Inbox under ON MY COMPUTER
Click on File then select New and then Folder
When you provide a name for the new folder, it will be placed under the
Inbox folder, but you can click on it and drag it up to On MY
COMPUTER to put it at the same level in the hierarchy as the Inbox.
Once you have a folder at the same level as the Inbox folder, you can
create subfolders beneath that folder by clicking on it to select it and then
selecting File, New, and Folder from the
menu bar.
To copy a message from the Inbox on the server to the ON MY COMPUTER
inbox, click on the message and drag it to the new location. If you want to move
the message, instead, click on the message to select it then click on
Message from the Outlook menu bar then select Move and select
the folder you created under ON MY COMPUTER that should hold the message.
If there is no program set as the default application for opening a file
type, when you right click on a file of that file type and choose
Properties, you will see "Pick an app" next to "Opens with".
If you wish to identify all of the extensions known by the system,
you can use the assoc command. If you type the command
at a command prompt with no parameters, you will get a long list.
You can redirect the output to a file with assoc > list.txt
or page through it by piping the output of the command to the
more command with assoc | more.
JavaScript can be
used to control the display of elements on a web page. E.g., suppose I
don't wish visitors to a webpage to see a certain element on the page
unless the width of their browser window is a specified value. The element
could be a
div, which might contain an advertisement or some other image that might be
too wide for a browser window that was less than a certain width. So I want
to hide the display of the element, so that it doesn't detract from the
aesthetics of the page.
I could put the following code in the HEAD section of the webpage, if
I wanted any DIV element on the page that has a class of
sometimesHide to be hidden in certain circumstances. The
styling I chose below is arbitrary, you could use would ever you preferred
and you could put the style information in an external
Cascading Style Sheets (CSS) file, instead.
While working on a family member's PC, which is running Microsoft Windows 10
Professional edition, I found performance was slow while I was trying to look
up some information in a tab in the
Microsoft Edge browser. When I hit Ctrl-Alt-Del and brought up the
Windows Task Manager, clicked on the Performance tab, then clicked on Memory to view the
memory utilization, I saw that most of the system's memory was being consumed,
which would contribute to poor performance, if information needs to be swapped
in and out of memory to disk while I'm switching between open applications.
CPU utilization was also, high.
When I clicked on Details and then clicked on the "Memory (private
working set)" column header to order the processes by memory consumption,
I saw that the 7 topmost consumers of memory were
MicrosoftEdgeCP.exe processes, i.e.,
Microsoft Edge web browser processes.
With HTML 4, you can horizontally align an element in a cell in a
table using the align parameter, e.g.:
<td align="right"> to horizontally align text to the right
side of a cell. However, with HTML5, use of the align
parameter for horizontally aligning text within elements
of a table has been deprecated. E.g., if you check your
HTML code for adherence to the HTML 5 standard with the Nu Html Checker provided by the
World
Wide Web Consortium, you will see an error similar to the following
one displayed if you are using align in the HTML code for a table.
Thealignattribute on thetdelement is obsolete.
Use CSS instead.
From line 118, column 5; to line 118, column 22
</tr>↩<tr><td align="right">;<b>Vir
My wife could not hear audio today when she was viewing
YouTube
videos in the
Firefox browser. She thought the problem occurred after the automatic update
of Windows 10 on her system with the Anniversary Update. The YouTube audio
setting was not muted and was turned up to a level where I should have heard
sound and I found that I could hear audio for a music file outside of Firefox
and I could hear audio for the YouTube video she was trying to view within the
Microsoft
Edge web browser on the system. And when I went to the
CNN website, I was able
to listen to the audio associated with a news video on the site.
I could not delete a
TrueType font file, BlackFlowersBlossom.ttf, from the folder in which it was
located, which was a folder beneath the user's Documents directory on her Microsoft
Windows 10 system. If I attempted to delete it, a "File in Use" window opened with the
message "The action can't be completed because the file is open in System."
With other fonts beneath her Documents folder I was able to then open
Fonts from the
Control Panel, which you can get to in Microsoft Windows 10 by typing
fonts in the Cortana "Ask me anything" field at the bottom, left hand
corner of the screen, then selecting Fonts Control Panel and then selecting
the font and deleting it from the Fonts Control Panel. Once it was
deleted from the Fonts area of the Control Panel, I could then
delete the .ttf file from the user directory after rebooting the system.
With HTML 4, you could center a table using
align="center".
<table align="center">
...
</table>
However, that method of centering a table is deprecated in
HTML5.
To center a table, which is a block-level element, in HTML5 using
a Cascading Style Sheets method, you can use
a style that includes margin-left: auto; margin-right: auto;
as shown below.
I needed a way to perform a daily check that a Linux email server is able to
successfully transmit email to external email addresses. Such a test can
easily be scheduled using cron and mailx. You can use the crontab utility to schedule
mailx to run periodically and send a test message to a specified email address.
E.g., the following entry will send a test message at five minutes after noon
every day to john.doe@example.com:
The body of the message will contain the contents of the file
/home/jan/Documents/daily_mail_test_message.txt.
The first 5 elements on the line in the crontab file are scheduling
elements:
# ┌───────────── min (0 - 59)
# │ ┌────────────── hour (0 - 23)
# │ │ ┌─────────────── day of month (1 - 31)
# │ │ │ ┌──────────────── month (1 - 12)
# │ │ │ │ ┌───────────────── day of week (0 - 6) (0 to 6 are Sunday to
# │ │ │ │ │ Saturday, or use names; 7 is also Sunday)
# │ │ │ │ │
# │ │ │ │ │
# * * * * * command to execute
If an asterisk is used for an element, that indicates that scheduling is
done for every possible value for that element. E.g., the 05 on the line
indicates five minutes after the hour, in this case 12 (noon) and the following
three asterisks indicate that the cron job should be run every day of every
month and every day of the week, i.e., Sunday to Saturday.
To query a
MariaDB - MariaDB is a
fork of
MySQL -
database using PHP, code similar to that shown below can be used.
In this exmple, the account used to query the database is johndoe
with a password of ThePassword. The database is named
Acme and contains a table named Accounts.
<?php
$con = mysql_connect("localhost","johndoe","ThePassword");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("Acme", $con);
$accounts = mysql_query("SELECT * FROM Accounts");
?>
I needed to upgrade two Microsoft Windows 10 systems running QuickBooks Pro
2011 to QuickBooks Pro 2016 after the Microsoft Windows 10 Anniversary
Update was installed automatically on those systems. QuickBooks Pro 2011 would
stop working after the user tried to proceed past the user name and password
prompt to open the company file - see
QuickBooks 2011 crashes at startup.
I found others complaining about the same problem after the Anniversary Update
was installed. I resolved the problem by updating QuickBooks to QuickBooks Pro
2016, but that upgrade was not without problems as well.
A user reported to me that QuickBooks was crashing when she tried to use it.
When I attempted to start the QuickBooks 2011 program, it would get to the
point where I could enter the username and password, but when I tried to
proceed beyong that point it would stop working with
the message below:
QuickBooks has stopped working
A problem caused the program to stop working correctly.
Windows will close the program and notify you if a solution is available.
If you wish to use a Google font on a web page, go to
fonts.google.com and select a font
that appeals to you. When you've selected a font, you will see "1 Family
Selected" at the bottom of the page; click on that text.
You will then see the code you need to include in your webpage to use the
font. E.g., if I want to use the
Yatra One font, I
would include the following HTML code in the HEAD section of the webpage:
You will also see the code to use in tags within the page to specify that
text should be displayed in the chosen font.
Then I could use font-family: 'Yatra One', cursive; to
specify use of that font. The inclusion of cursive after
'Yatra One' indicates to a vistor's browser that if the first
font listed, Yatra One, is unavailable or can't be used, whatever font it uses
for a cursive font should be used, instead. You can include multiple alternate
font options separated by commas. Note that in the link to the Google web page
for the style sheet for the font that "Yatra" and "One" have a plus sign
between them, instead of the space, but the font name is "Yatra One", which is
what is used when you specify the use of the font in the page. E.g.,
suppose I wanted to specify that font for use with an H3 header tag. I
might use code such as the following code:
In the above example, I changed the font color to orange and increased the
font size to 35 pixels and centered the text on the page. The text would be
displayed as shown below:
If you wish to create a zip file containing the contents of a folder on a
Microsoft Windows system from a command line interface (CLI), you can use
PowerShell
for that purpose. If you have version 5.0 or later of PowerShell, you can use
the compress-archive and expand-archive cmdlets -
cmdlets (pronounced command-lets) are specialized .NET
classes implementing a particular operation. You can determine which version
of PowerShell you have by opening a PowerShell window and typing
$psversiontable.
If you need to lookup the
American Standard
Code for Information Interchange (ASCII) code for a particular
character, you can do so on an OS X or Linux system via the ASCII
man
page. Simply type man ascii to see an ASCII table.
E.g., from the man page on an OS X system:
DESCRIPTION
The octal set:
000 nul 001 soh 002 stx 003 etx 004 eot 005 enq 006 ack 007 bel
010 bs 011 ht 012 nl 013 vt 014 np 015 cr 016 so 017 si
020 dle 021 dc1 022 dc2 023 dc3 024 dc4 025 nak 026 syn 027 etb
030 can 031 em 032 sub 033 esc 034 fs 035 gs 036 rs 037 us
040 sp 041 ! 042 " 043 # 044 $ 045 % 046 & 047 '
050 ( 051 ) 052 * 053 + 054 , 055 - 056 . 057 /
060 0 061 1 062 2 063 3 064 4 065 5 066 6 067 7
070 8 071 9 072 : 073 ; 074 < 075 = 076 > 077 ?
100 @ 101 A 102 B 103 C 104 D 105 E 106 F 107 G
110 H 111 I 112 J 113 K 114 L 115 M 116 N 117 O
120 P 121 Q 122 R 123 S 124 T 125 U 126 V 127 W
130 X 131 Y 132 Z 133 [ 134 \ 135 ] 136 ^ 137 _
140 ` 141 a 142 b 143 c 144 d 145 e 146 f 147 g
150 h 151 i 152 j 153 k 154 l 155 m 156 n 157 o
160 p 161 q 162 r 163 s 164 t 165 u 166 v 167 w
170 x 171 y 172 z 173 { 174 | 175 } 176 ~ 177 del
With HTML 4, you can horizontally center an image in a paragraph
using <p align="center">. E.g., the
image in the following paragraph would be cenered on the web page:
However, with
HTML5, use of the align parameter for horizontally aligning
a paragraph on a web page has been deprecated. E.g., if you check your HTML
code for adherence to the HTML 5 standard with the
Nu Html Checker provided by the
World
Wide Web Consortium, you will see an error similar to the following
one displayed if you are using align with the p (paragraph) tag.
Thealignattribute on thepelement is obsolete.
Use CSS instead.
From line 73, column 1; to line 73, column 18
tent -->↩↩<p align="center">↩<img src
If you need to query a device that supports the
Simple Network Management Protocol (SNMP), you can do
so from a command line interface, i.e, a shell prompt, on a Mac OS X or
Linux system using the
snmptest tool. To use the utility, issue the snmptest command specifying
the "community string", which is somewhat equivalent to a password, with
the -c option, specify the version of SNMP with the
-v option and then specify the IP address or
fully qualified domain name (FQDN). You will get
a "Variable:" prompt when you run the command. You can specify an
object identifider (OID) that you wish to query at that prompt. If
you hit Enter the prompt will be repeated. When you've finished
entering variables you wish to query, hit Enter at the next
"Variable" prompt without entering any variable. You should then see
the results returned as shown below. You can hit Ctrl-C to terminate
the program.
# snmptest -c SomeSecret0123 -v 1 192.168.0.11
Variable: system.sysLocation.0
Variable: system.sysContact.0
Variable:
Received Get Response from UDP: [192.168.0.11]:161->[0.0.0.0]:41231
requestid 0xAF07FC2 errstat 0x0 errindex 0x0
SNMPv2-MIB::sysLocation.0 = STRING: London
SNMPv2-MIB::sysContact.0 = STRING: John Doe
Variable: ^C
#
I received a call from someone today reporting that he could no longer check
email for his Verizon email account using
Thunderbird on his Apple laptop. He
reported that he was getting a message indicating that authorization
was failing. He had the same problem a few days ago and had contacted
Verzon support then. The Verizon support person he talked to reset his
password. He was able to check his email afterwards through the
webmail
interface Verizon provides to its users through webmail.verizon.net,
but the same password was not working with Thunderbird. I connected to
his system via TeamViewer and verified that the userid and password
that was working through the webmail interface was not working when used
in Thunderbird. I verified that the email settings in Thunderbird matched
what Verizion recommended, though he had been using those settings
successfully for a long time, so they should have been working today. The
settings inside Thunderbird were as follows:
POP3: pop.verizon.net (port 995, SSL/TLS, normal password)
SMTP: smtp.verizon.net (port 465, SSL/TLS, normal password)
The fold command, which
is found on Mac OS X and Linux systems, allows you to "fold" the contents of
specified files, or the standard input if no files are specified, breaking the
lines to have a maximum of eighty characters/columns by default,
though you can also specify that the line breaks be made at some
other character width with the -w width option.
A family member wanted to create her own custom playing cards for
Magic: The Gathering. She had downloaded a number of .mse-installer files
for the game and asked me to help her use them, since there was no application
on her system that would open them. I had previously installed
a computerized version of Magic called
Magic Workstation, an
application for Microsoft Windows systems, on her Microsoft Windows 10 system,
but it would not open the .mse-installer files. I found that such files are
associated with Magic Set
Editor (MSE). MSE has the following features:
Easily create your own cards for Magic: the Gathering, VS System, Yu-Gi-Oh!,
and other games
Create realistic looking images of your cards
Analyze your set and find ways to improve it
Play with your own cards in Apprentice and CCG Lackey
Create professional looking 'spoilers'
Keep all of your designs in one place
Templates available up to M15 frame keep your cards up to date
If you have a .mse-installer file, you can use it with
Magic Set Editor
by double-clicking on the file after Magic Set Editor has been installed
If there is an update available in the package, you can click on it to
select it.
If you wish to search for information within a .gz file produced by the
gzip utility,
which is a tool used for
data
compression, you don't have to uncompress the file first. Instead, you can
use the zgrep utility. E.g., if I
wished to search for the string "Splunk" in a
gzip compressed text file, if
I used grep, I wouldn't be
able to find the text for which I was searching since the contents of the file
were compressed, but I could find it with zgrep.
You can use the same options with the zgrep command that you can
use with grep - see zgrep man
page. E.g., I could determine how many times the pattern for which
I'm searching occurs in the file using the -c option.
$ zgrep -c "Splunk" tools.txt.gz
1
$
The zgrep utility is present by default on Mac OS X systems. You can
run it from a command line interface by opening a
Terminal
window (Terminal is found in the /Applications/Utilities
directory). It is also found on Linux systems. E.g., for
CentOS Linux systems, it
will be present if the gzip package has been installed.
You can benchmark a website's performance using the
AppleBench utility which is a tool available on Mac OS X
and Linux systems. The tool was originally developed to test
Apache web
servers, but can be used to test web servers running any web server
software. The tool will report the web server software that is in use on
the server being tested in a "Server Software" line in the output from the
tool.
On an OS X system, you can run it from a
Terminal window; the Terminal application is found in the
/Applications/Utilities directory by using the
ab command (man page) command.
To test a web site, e.g., example.com, you can issue a command in
the form ab http://example.com.
$ ab http://example.com/
This is ApacheBench, Version 2.3 <$Revision: 1663405 $>
Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/
Licensed to The Apache Software Foundation, http://www.apache.org/
Benchmarking example.com (be patient).....done
Server Software: ECS
Server Hostname: example.com
Server Port: 80
Document Path: /
Document Length: 1270 bytes
Concurrency Level: 1
Time taken for tests: 0.042 seconds
Complete requests: 1
Failed requests: 0
Total transferred: 1622 bytes
HTML transferred: 1270 bytes
Requests per second: 23.96 [#/sec] (mean)
Time per request: 41.744 [ms] (mean)
Time per request: 41.744 [ms] (mean, across all concurrent requests)
Transfer rate: 37.95 [Kbytes/sec] received
Connection Times (ms)
min mean[+/-sd] median max
Connect: 19 19 0.0 19 19
Processing: 23 23 0.0 23 23
Waiting: 21 21 0.0 21 21
Total: 42 42 0.0 42 42
$
I needed to compare two files on a
CentOS Linux
system to find the lines in one file that didn't appear in the other. I.e., I
had a file bounced.txt with a list of email addresses that had experienced
bounced messages. Some, but not all of those email address were part of a
mailing list stored at /etc/mail/mailinglist.txt. I wanted to see only those
lines in bounced.txt that did not appear in mailinglist.txt. The
comm utility,
which is also present on Mac OS X
systems, allows you to compare two files and determine which lines occur in
one but not another file.
I was able to find the lines that appeared in bounced.txt, but not
mailinglist.txt with the following
comm command:
# comm <(sort /etc/mail/mailinglist.txt) <(sort bounced.txt) -13
bounce-600404@bounce.getaresponse.com
jasmith@example.com
You need to provide comm with sorted files for it to do its matching,
which is why I used the sort
command to sort the files before providing the contents of the two files
to the comm command. I included the -13 because normally comm
produces three columns of output as explained below in information from
the comm man page:
NAME
comm - compare two sorted files line by line
SYNOPSIS
comm [OPTION]... FILE1 FILE2
DESCRIPTION
Compare sorted files FILE1 and FILE2 line by line.
With no options, produce three-column output. Column one contains
lines unique to FILE1, column two contains lines unique to FILE2, and
column three contains lines common to both files.
-1 suppress column 1 (lines unique to FILE1)
-2 suppress column 2 (lines unique to FILE2)
-3 suppress column 3 (lines that appear in both files)
When I attempted to execute a
Python script today on a CentOS Linux system from a shell
prompt with ./check.py, I received the following error message:
import: unable to open X server `' @ error/import.c/ImportImageCommand/369.
The first line of code I had in the file I was attempting to run was
as follows:
import json
It has been quite a while since I created a Python script, but the line
looked fine to me and I couldn't understand why the
JSON library
wasn't being imported, but, instead, the import command seemed to be producing
an error message. I believe that library has been available for use
with Python since Python 2.6 and the system on which I was attempting
to execute the script had Python 2.7.5 on it (you can find the version
from a shell prompt by issuing the command python --version).
Eventually I realized, I had forgotten to put the
shebang line as the first line in the file. The shebang line, which
starts with #! tells the shell, in this case the
Bash
shell, which program to use to interpret the rest of the file. When
I put the following line as the first line in the file, that fixed the problem.
#!/bin/python
I could have run the script successfully without that line, if I used
python check.py. But when I attempted to execute the
script from the command line without making it an argument to the python command, the shell
was interpreting the code, rather than Python.
If you are using SparkPost for email
delivery and wish to check message events, you can view message events
information using the
Wget utility, which is available for Linux, OS X, and Microsoft Windows
systems. The man page for the command on a CentOS Linux
system is here and the
home page for the utility is at
GNU Wget. Alternatively, for information on how to use
curl, instead, see
SparkPost - Addresses Associated With
Bounced Email.
To download message events information for the last hour using the SparkPost
application programming interface (API) with Wget, you can use a command
similar to wget https://api.sparkpost.com/api/v1/message-events?events=bounce,out_of_band --header="Authorization: my_API_key" --header="Accept:
application/json" where my_API_key is an API key provided to you
by SparkPost. However, if you haven't granted access to message events for
that key, you will receive a "ERROR 403: Forbidden" error as shown below.
The API key, which in this case is a dummy key, is provided by sending a
custom header that includes Authorization: my_API_key:
To grant a key permission to access message event data, log into your
SparkPost account at the SparkPost website, then click on Account,
select API Keys and for an existing or new API key check the check box
next to "Message Events: Read-only".
If you are using SparkPost for email
delivery, you might expect that you can determine which email addresses in
a mailing list resulted in bounced messages by logging into the SparkPost
website, clicking on Reports and then Bounces. But, though
that will give you a total number for bounced email messages and the
percentage of messages that bounced, and even the reasons email bounced, the
report doesn't identify the individual email addresses that caused email to
bounce. To see particular addresses that caused email to bounce, if you
click on Lists, rather than Reports, and then click on
Suppressions and check the check box next to Bounce Rule and
click on Search, you will see recipients email addresses listed that
triggered a bounced email.
I recently created a SparkPost account
to use SparkPost for smart host email delivery service for an organization's
monthly newsletter distribution by email. SparkPost provides a free level
of service that will allow one to send up to 100,000 messages per month.
I had switched back to another service, but when I discovered a problem with
deliveries through the other service yesterday, I reconfigured
Sendmail to
use the SparkPost
SMTP server as the smart host. To use the SparkPost SMTP
server, smtp.sparkpostmail.com, as the smart host, I had the following lines
in /etc/mail/sendmail.mc, but email was not reaching recipients.
dnl # Uncomment and edit the following line if your outgoing mail needs to
dnl # be sent out through an external mail server:
dnl #
define(`RELAY_MAILER_ARGS', `TCP $h 587')
define(`ESMTP_MAILER_ARGS', `TCP $h 587')
define(`SMART_HOST', `smtp.sparkpostmail.com')dnl
While troubleshooting an email delivery problem on a
CentOS 7 Linux
server running
Sendmail, I saw an unexpected entry when I checked the mail queue with
the mailq command.
The system was running
Apache, but I would not expect any email to originate from Apache destined
for a Yahoo
email address.
The contents of queued email are stored in the /var/spool/mqueue
directory. For a queued message there will normally be two files,
one beginning with the letters "df" and the other with the letters "qf",
containing the queue id, in this case u83BWu3X020476, as the
rest of the file name.
# ls /var/spool/mqueue/??u83BWu3X020476
/var/spool/mqueue/dfu83BWu3X020476 /var/spool/mqueue/qfu83BWu3X020476
#
Note: you will only be able to access these files from the root account.
When I was running Sendmail on a CentOS 5 server, I needed to use the
m4 command after modifying
/etc/sendmail.mc to rebuild /etc/sendmail.cf from
that file, i.e., m4 /etc/mail/sendmail.mc >
/etc/mail/sendmail.cf. E.g., see
Configuring Sendmail to
Use a Smart Host, but that is no longer needed with CentOS 7 and,
though I went from CentOS 5 to 7, may have gone away as a needed step
in CentOS 6. Now, if you modify /etc/sendmail.mc, when
you restart sendmail, e.g., with service sendmail restart,
the sendmail.cf file is automatically rebuilt.
I needed to print to a Konica Minolta bizhub 363
Multi-Function Device (MFD) from a MacBook Pro laptop running OS X Yosemite
(10.10.5). When I checked the system to see if there was already an appropriate
Konical Minolta printer driver present on the laptop, I did not see any
Konica Minolta printer drivers.
$ ls -l /Library/Printers/PPDs/Contents/Resources | grep -i Konica
$
So I searched for one at the Konica Minolta
Support & Downloads page. I downloaded the
BH423PSMacOS109_1100MU.dmg (10240 KB) file (you have to accept the license
agreement before you can download the file). If you double-click on the
downloaded file, in the OS X
Finder, you will see bizhub_423_10...
appear under Devices. If you click on that item, you will see two
files are contained in the
Apple Disk Image .dmg file: Readme_e.txt
and .devices_bizhub.png.
To install the driver, double-click on the .pkg file which will open a
"Welcome to the 423 Series PS Installer" window.
You can obtain a list of the fonts on a Mac OS X system using the
system_profiler
command system_profiler SPFontsDataTye. A large amount of
information will be displayed for each font, so you may want to capture the
output in a file, e.g. fontslist.txt.
$ system_profiler SPFontsDataType > fontslist.txt
If you want the output in XML format,
you can include the -xml option, e.g. system_profiler
-xml SPFontsDataType > fontslist.xml.
I had a lot of windows and tabs open in the Safari web browser on my MacBook
Pro laptop running OS X 10.10.5 (Yosemite) as well as many other apps open.
I've found when I leave many browser tabs open for a prolonged period
that eventually they consume almost all of the system's memory. The
Activity Monitor application was
showing about 15 GB of the system's 16 GB of memory as in use. I closed a
couple of tabs, but then opened another one. Then I got the "spinning
beachball" and could do nothing further with Safari, so I clicked on the
Apple icon at the top, left-hand corner of the screen and chose Force
Quit and forced Safari to quit. That reduced the "memory used" value
from about 15 GB down to about 5 GB, but I saw that many other applications
were listed as "paused" in the Force Quit Applications window and I
could no longer use those applications - I just got the multi-colored, spinning
beach ball when I clicked on them or tried to access them by cycling through
open applications with Command-Tab.
The Activity Monitor window showed those applications as
"Not Responding".
The Terminal application is not shown as "Not Responding"
in the Activity Monitor window, though it is shown as "paused" in
Force Quit Applications because I unpaused it prior to taking the
Activity Monitor screenshot. To unpause applications, I needed
to access a Terminal window to issue "kill -CONT" commands. You can use
kill commands to stop errant processes,
but you can also use kill -CONT pid commands where
pid is the
process identifier (PID) of the process you wish to "unpause" to cause
a process to resume or "continue" its operation - see
Suspending and resuming a process on OS X.
If you want to display the contents of a file on a Linux system, you can
use the cat command -
the "cat" is shorthand for "concatenate.
$ cat sample.txt
Adhere to your purpose and you will soon feel as well as you ever did.
On the contrary, if you falter, and give up,
you will lose the power of keeping any resolution,
and will regret it all your life.
~ Abraham Lincoln in a June 28, 1862 letter to Quintin Campbell
$
Should you ever need to display the characters on a line in reverse order,
on a Linux system you can use the
rev command to do so - the
"rev" is shorthand for "reverse". E.g., suppose I want to display the same file
as in the example above. If I type rev sample.txt, I will see
every line displayed in reverse with the last character in the line becoming
the first and the first the last.
$ rev sample.txt
.did reve uoy sa llew sa leef noos lliw uoy dna esoprup ruoy ot erehdA
,pu evig dna ,retlaf uoy fi ,yrartnoc eht nO
,noituloser yna gnipeek fo rewop eht esol lliw uoy
.efil ruoy lla ti terger lliw dna
llebpmaC nitniuQ ot rettel 2681 ,82 enuJ a ni nlocniL maharbA ~
$
If you wanted to display the last line as the first line and the first
line as the last rather than reversing the characters on each line, you can
use the tac command - "tac" is
"cat" in reverse. E.g., for the same
sample.txt file:
$ tac sample.txt
~ Abraham Lincoln in a June 28, 1862 letter to Quintin Campbell
and will regret it all your life.
you will lose the power of keeping any resolution,
On the contrary, if you falter, and give up,
Adhere to your purpose and you will soon feel as well as you ever did.
$
On a CentOS
Linux system, the cat and tac
commands are part of the coreutils package while the rev
command is part of the util-linux package.
The util-linux package can be obtained using whatever
package
management utility you normally use for your distribution of Linux,
e.g., yum for CentOS, or you can obtain the utility via
FTP
from the Linux Kernel Archive at ftp.kernel.org. You can login using
"anonymous" as the userid and anything for the password, then type
cd pub/linux/utils/util-linux to see the available versions.
I've had my current Android smartphone for several years, but have never
tried its voice recognition features. I did try the feature on my prior
phone, but after a few frustrating attempts to just have it call home when
I said my wife's name, I deemed the feature useless to me; it was too
aggravating to have the phone say something like "Did you say..." followed by
something entirely unrelated. Though I might eventually get it to dial our
home number, the process was more time consuming than for me to just type
in the phone number. But after hearing an NPR report today while I was driving
home on a recent study conducted jointly between researchers at
Stanford University, the
University of Washington
and the Chinese search engine company
Baidu that
pitted humans typing on Apple
iOS
keyboards against Baidu's speech recognition software, I'll see how well
the speech dictation software works on my current phone. The results of
the study can be found on a Stanford University site at
Speech Is 3x
Faster than Typing for English and Mandarin Text Entry on Mobile Devices.
For the speech transcription method, the researchers used Baidu's
Deep Speech 2 deep learning speech recognition system. The software
took the spoken input and converted it to text. Recognition errors could
then be corrected by the study participants by either speech or the
smartphone's keyboard. That method was found to be three times faster than
the participants relying solely on their typing skills on the keyboards
for English and 2.8 times as fast for Mandarin Chinese. And, strikingly,
the English error rate was 20.4% lower, and the Mandarin error rate 63.4%
lower, than the keyboard method. I don't know Mandarin, but a 20.4% lower error
rate for English is significant.
I took a typing class in high school - when I was in high school typewriters
were still common - after the typing teacher stated that it would be useful
for typing papers for those of us who hoped to go on to college. I bought
a cheap typewriter in college, but didn't use it much, instead I had most
of the papers I needed to be typewritten typed by a local high school teacher
who, as a side business typed papers for the nearby university students at
a nominal cost. She also proofread the papers, correcting spelling and grammar
errors, which I felt was worth the cost of paying to have papers typed that
would be an important part of my grade. But, though I didn't use the typing
skills I learned in the high school typing class a lot for typing papers,
I found those skills invaluable for the many later computer courses I took.
So, I'm a fairly fast typist on a full size keyboard, but I'm very slow on
the tiny keyboard on my phone and am akin to the sloth, Flash, in the movie
Zootopia when compared
to some of my nieces - one of my nephews bought a phone for his younger sister,
but had to quickly change the text plan when she had 3,000 text messages one
month. For her, typing her text messages might be faster than using the voice
recognition feature on her phone, but, even though the voice recognition
software on my phone is doubtless far less powerful than that of Baidu's
Deep Speech 2, I'll try that feature of the phone, since I would also expect
there has been improvement in the intervening years since I first tried the
feature on a prior phone. As Baidu chief scientist Andrew Ng noted
"Humanity was never designed to communicate by using our fingers to poke
at a tiny little keyboard on a mobile phone. Speech has always been a
much more natural way for humans to communicate with each other."
Ng also stated he looks forward to the day when his future grandchild
comes home and asks, "Is it really true that when you were young, if you
came home and you said something to your microwave oven — did it really
just sit there and ignore you? That's just so rude of the microwave." As
we move futher into the
Internet of Things
(IoT), I expect that people talking to their microwaves and other household
appliances will become common.
The vi editor
is a screen-oriented text editor that supports
regular expressions for pattern matching and character substitution.
Vim which stands for "Vi IMproved" is a clone of vi and recognizes similar
commands.
If you want to replace or insert characters at the beginning of a line,
the line beginning is represented by the
caret character, i.e.,
^ (Shift-6 on a standard computer keyboard), and line
endings are represented by the
dollar sign character,
i.e., $.
E.g., the following quote has three occurences of the word "us". If I wanted
to replace only the "us" at the end of the line with "ourselves", I could hit
the colon key while not in vi's insert mode, which would give me a colon prompt
and then enter s /us$/ourselves/ which would replace the occurence
of "us" at the end of the lne with "ourselves".
What lies behind us and what lies before us are tiny compared to what lies
within us
You can ascertain if a .db file is a BDB file using
the file command.
E.g., the
Sendmail email software uses .db files stored in /etc/mail
to control various aspects of the software's functionality. For instance,
you can specify the domains for which Sendmail will accept email in
the /etc/mail/local-host-names file or create "virtual users"
using the /etc/mail/virtusertable file. But to alter
Sendmail's behavior using these files, you need to generate .db files from
the text files using the
makemap command. E.g., makemap hash
/etc/mail/virtusertable < /etc/mail/virtusertable. If you check
the type of file for the .db file that will be created by the
makemap utility with the file command, you will
see the following information, if you check from the root account:
# file /etc/mail/virtusertable.db
/etc/mail/virtusertable.db: Berkeley DB (Hash, version 9, native byte-order)
#
I needed to change the
smart host setting for a Sendmail email server, so I edited
/etc/mail/sendmail.mc and rebuilt /etc/mail/sendmail.cf
with the m4 command.
I then attempted to restart
Sendmail, but it did not restart.
# m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
# service sendmail restart
Redirecting to /bin/systemctl restart sendmail.service
Job for sendmail.service failed because the control process exited with error code. See "systemctl status sendmail.service" and "journalctl -xe" for details.
When I issued a systemctl status sendmail.service command
for further information, I saw the following:
# systemctl status sendmail.service
● sendmail.service - Sendmail Mail Transport Agent
Loaded: loaded (/usr/lib/systemd/system/sendmail.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Thu 2016-08-18 15:40:49 EDT; 11s ago
Process: 25578 ExecStart=/usr/sbin/sendmail -bd $SENDMAIL_OPTS $SENDMAIL_OPTARG (code=exited, status=78)
Process: 25573 ExecStartPre=/etc/mail/make aliases (code=exited, status=0/SUCCESS)
Process: 25570 ExecStartPre=/etc/mail/make (code=exited, status=0/SUCCESS)
Main PID: 3394 (code=exited, status=0/SUCCESS)
Aug 18 15:40:49 moonpoint.com systemd[1]: Starting Sendmail Mail Transport A....
Aug 18 15:40:49 moonpoint.com sendmail[25578]: 554 5.0.0 /etc/mail/sendmail....d
Aug 18 15:40:49 moonpoint.com sendmail[25578]: NOQUEUE: SYSERR(root): /etc/m...d
Aug 18 15:40:49 moonpoint.com sendmail[25578]: NOQUEUE: SYSERR(root): InputF...y
Aug 18 15:40:49 moonpoint.com sendmail[25578]: 451 4.0.0 InputFilter BitDefe...y
Aug 18 15:40:49 moonpoint.com systemd[1]: sendmail.service: control process ...8
Aug 18 15:40:49 moonpoint.com systemd[1]: Failed to start Sendmail Mail Tran....
Aug 18 15:40:49 moonpoint.com systemd[1]: Unit sendmail.service entered fail....
Aug 18 15:40:49 moonpoint.com systemd[1]: sendmail.service failed.
Hint: Some lines were ellipsized, use -l to show in full.
When I undid the changes I had made to sendmail.mc, the issue
remained. When I used the
journalctl command to check on the problem, I saw the following:
# journalctl -xe
--
-- Unit sendmail.service has failed.
--
-- The result is failed.
Aug 18 15:43:25 moonpoint.com systemd[1]: Dependency failed for Sendmail Mail Tr
-- Subject: Unit sm-client.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit sm-client.service has failed.
--
-- The result is dependency.
Aug 18 15:43:25 moonpoint.com systemd[1]: Job sm-client.service/start failed wit
Aug 18 15:43:25 moonpoint.com systemd[1]: Unit sendmail.service entered failed s
Aug 18 15:43:25 moonpoint.com systemd[1]: sendmail.service failed.
Aug 18 15:43:25 moonpoint.com polkitd[771]: Unregistered Authentication Agent fo
Aug 18 15:43:53 moonpoint.com sshd[25845]: Address 168.176.56.13 maps to wimax13
Aug 18 15:43:53 moonpoint.com sshd[25845]: Invalid user log from 168.176.56.13
Aug 18 15:43:53 moonpoint.com sshd[25845]: input_userauth_request: invalid user
Aug 18 15:43:53 moonpoint.com sshd[25845]: pam_unix(sshd:auth): check pass; user
Aug 18 15:43:53 moonpoint.com sshd[25845]: pam_unix(sshd:auth): authentication f
Aug 18 15:43:55 moonpoint.com sshd[25845]: Failed password for invalid user log
Aug 18 15:43:56 moonpoint.com sshd[25845]: Connection closed by 168.176.56.13 [p
lines 1490-1512/1512 (END)
Microsoft Office applications, such as the
desktop publishing application
Microsoft Publisher, have a built-in
autosave
feature that will periodically save your work in progress at a set interval,
so that you won't accidentally lose all the work you you've done while
working on a document in the application in the event the application or the
entire system crashes. The default setting for automatic saves in Publisher
2013 is ten minutes. To adjust that setting, take the following steps in
Publisher:
Click on File from the program's menu.
Select Options.
Click on Save.
The default setting is to save any document changes
every 10 minutes. Change the value to whatever you like and click on OK.
$ telnet 192.168.1.7 25
Trying 192.168.1.7...
telnet: connect to address 192.168.1.7: No route to host
$
So I used the debug
command on the NetScreen firewall to view traffic to the SMTP port, which
showed me it was passing the traffic to the email server behind it. So I then
checked the host-based software on the CentOS server. Since it was running
CentOS 7, the default firewall management software on it is
FirewallD.
I first checked to see what services the firewall was allowing through and saw
that SMTP wasn't included, so I added that to the allowed services and made
it a permanent rather than temporary change. For permanent changes, the firewall
software must be reloaded, so I then issued a reload command. Since I ran the
commands from a normal user account, I was prompted to provide the root
account password to add the service and reload the firewall software.
I have an Excel spreadsheet where I track firewall rule requests. Column B
in the spreadsheet tracks the status of requests that have been submitted.
A request can have a status of "modified", "pending", "approved", "denied",
"completed", or "implement removal". Column G contains the dates when a
request was either approved or denied. I could calculate how many requests
I approved or denied since a particular date by putting that date in cell F947.
I use a COUNTIFS function,
which allows you to count the number of instances where an entry in a
spredsheet meets multiple criteria. E.g., the value in column B for a row
is greater than 10 and, also, the value in column C is "Jane". I use the
formula =COUNTIFS(G2:G932,">="&F947, B2:B932,"Denied")
to calculate all the entries that have been denied since a particular date.
E.g., if cell F947 contains the date 8/10/2016, I can count all the rows
starting with G2, since the first row is a header row, up through the last
entry where the date in column 2 is greater than or equal to August 10, 2016
and the status in column B is "Denied". I can also calculate the number of
requests I've dealt with since that date with
=COUNTIF(G2:G932,">="&F947), i.e., I have Excel count
any entries where the date is greater than or equal to the date
specified in cell F947. I can also count the number of requests
with a particular status that indicates the request was approved,
but then might have been implemented, which would send it to the
"Completed" state or which had been approved, but, because the
approval was for the removal of rules from firewalls, went to the
"Implement Removal" state with the following:
All of the above indicate that the request was approved, though the
status for the request might not be listed as "Approved" in the system
used to manage the requests, but could, instead be shown as
"Completed" or "Implement Removal".
But I also wanted to have a cell where Excel would provide a total for
the number of requests that were in any of the above states where the
date for the request in the G column was on or after the specified date.
To do so, I had to
"sum"
multiple "countifs" statements, since I couldn't find a way to
easily put an "and" or "or" logical condition within a countifs
statement. I was able to get the total with the below forumula:
If you want to determine which
software
repository a
package can be found in from a
CentOS Linux
system, you can use the
repoquery command
or yum info commands.
A package doesn't have to be installed on the system for you to determine
which repository it can be found in.
If you would like to have a
free and open
source, cross-platform, music player for use on a Linux system,
Amarok
, which was created by Mark Kretschmann, provides the capability to play
various audio media files, such as MP3, FLAC, Ogg, AAC, etc. It also allows
you to stream online music from services such as
Jamendo,
Shoutcast, etc.
To install Amarok on a CentOS Linux system using the
yum package management utility, you will first need to
configure the system to
check the EPEL repository for packages. Once you have done that, you can
issue the command yum install amarok from the root account to
install the software.
A
Juniper Networks NetScreen firewall/router can be configured to function
as a DHCP
server; for the method to do so from a command line interface
(CLI), which you can obtain by a
Secure Shell (SSH)
connection to the device,
see
Using a Juniper Networks NetScreen Firewall as a DHCP Server.
The system can assign addresses dynamically from a pool of addresses you select
or you can have it assign a reserved, i.e., fixed, address based on the
media access control (MAC) address of the system requesting a DHCP-assigned
IP address.
You can determine what addresses have already been assigned to systems
via DHCP using a command in the form get interface <interface>
dhcp server ip allocate where interface is a particular interface,
e.g., trust, untrust, etc.
ns5xp-> get interface trust dhcp server ip allocate
IP State MAC Lease Time
192.168.0.34 COMMIT *000d560e185e 3236 minutes
192.168.0.35 COMMIT *4c72b99cb82a 3925 minutes
ns5xp->
If I wished to assign the IP address 192.168.0.7 to the system above with
MAC address 4c72b99cb82a, I could use the command below:
set interface trust dhcp server ip 192.168.0.7 mac 4c72b99cb82a
When I checked the
fail2ban log on one of my servers today, I found that
fail2ban had banned IP address
221.229.172.35 for failed attempts to log into the system
via Secure
Shell (SSH).
# tail -n 10 /var/log/fail2ban.log
2016-08-09 10:12:56,296 fail2ban.filter [1590]: INFO [sshd] Found 221.229.172.35
2016-08-09 10:12:57,914 fail2ban.filter [1590]: INFO [sshd] Found 221.229.172.35
2016-08-09 10:12:58,663 fail2ban.filter [1590]: INFO [sshd] Found 221.229.172.35
2016-08-09 10:12:59,143 fail2ban.filter [1590]: INFO [sshd] Found 221.229.172.35
2016-08-09 10:12:59,870 fail2ban.actions [1590]: NOTICE [sshd] Ban 221.229.172.35
2016-08-09 10:13:00,591 fail2ban.filter [1590]: INFO [sshd] Found 221.229.172.35
2016-08-09 10:13:01,298 fail2ban.filter [1590]: INFO [sshd] Found 221.229.172.35
2016-08-09 10:13:01,522 fail2ban.filter [1590]: INFO [sshd] Found 221.229.172.35
2016-08-09 10:13:03,538 fail2ban.filter [1590]: INFO [sshd] Found 221.229.172.35
2016-08-09 10:13:04,075 fail2ban.filter [1590]: INFO [sshd] Found 221.229.172.35
#
When I checked the country where that IP address is assigned using the
geoiplookup tool, I found it is assigned to an entity in China. The tool
is in GeoIP, a
geolocation
package, which can be installed on
Red Hat
derived distributions of Linux, such as
CentOS with
yum install geoip. The free version of the software which I use is
provided by MaxMind
$ geoiplookup 221.229.172.35
GeoIP Country Edition: CN, China
$
On a Linux system, you can use the
dhclient
command to identify any
Dynamic Host
Configuration Protocol (DHCP) servers that are available on the
local area network (LAN).
First, you need to determine a relevant network interface on the system
over which an IP address might be acquired via DHCP. You can do so using
the ip command. If the
-f inet option is given to the command, it will show only IPv4
addresses.
# ip -f inet address
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: enp4s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
inet 192.168.0.35/24 brd 192.168.0.255 scope global dynamic enp4s0
valid_lft 156092sec preferred_lft 156092sec
3: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN
inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
valid_lft forever preferred_lft forever
Alteratively, you can use the
ifconfig command with the -a option to show all network
interfaces and any assigned IP addresses for them. I.e.,
ifconfig -a.
In the example above from a CentOS 7 system, I can see that an IP address is
assigned to the enp4s0 network interface and that is the interface
I will use for the DHCP query to locate any DHCP servers on the network, which
may be legitimate or rogue DNS servers.
To have the dhclient command search for DHCP servers, I'll use the
-d and -nw options.
# telnet 127.0.0.1 25
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
220 jinn.localdomain ESMTP Postfix
quit
221 2.0.0 Bye
Connection closed by foreign host.
#
You can enter SMTP commands that other email servers would issue to
send an email to a local user on the system as shown below:
# telnet 127.0.0.1 25
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
220 jinn.localdomain ESMTP Postfix
ehlo Me
250-jinn.localdomain
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
mail from: tester@example.com
250 2.1.0 Ok
rcpt to: joe
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
From: tester22@example.com
To: joe@example.com
Subject: Just a test
This is only a test.
.
250 2.0.0 Ok: queued as B27928276DA1
quit
221 2.0.0 Bye
Connection closed by foreign host.
$
A user reported that email was not working. So I logged into an account
on the CentOS 7 email server
and connected to port 25, the
Simple Mail
Transport Protocol (SMTP) port, via
Telnet to
ensure that the server was responding to SMTP connections.
$ telnet 127.0.0.1 25
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
220 moonpoint.com ESMTP Sendmail 8.14.7/8.14.7; Sat, 6 Aug 2016 09:26:06 -0400
quit
221 2.0.0 moonpoint.com closing connection
Connection closed by foreign host.
$
Since the
Sendmail SMTP service seemed to be functioning properly, I next checked
the
DovecotPOP3/POP3S software on the system. I entered the commands
an email client would submit to authenticate with the server on the POP3 port,
port 110, i.e., pass followed by the user's login id then
pass and the password for the user's account. I received an
immediate response to the user command, but when I entered
the pass command followed by the password and hit Enter
I didn't see any response even after waiting much longer than I would expect
to have to wait for a response. So I hit Ctrl-], i.e., the Ctrl
and ] keys to return to the Telnet prompt and then exited from
the telnet program.
The Konqueror
web browser, which is available for Linux and Microsoft Windows systems,
provides a mechanism to save and restore sessions. If Konqueror becomes unresponsive and
you have to kill it, you should be given a choice to restore the previous
session when you reopen the browser.
You can manually save a session, by clicking on File on the menu bar,
then selecting Sessions, then Save As.... You will then
be prompted to provide a name for the session.
You can reopen a saved session by selecting File then Sessions
from the menu bar and then selecting from one of the saved sessions
you will see listed. If you have previously saved one or more sessions,
you will see them listed under the Save As... and Manage...
options.
If you wish to view a list of the files contained in a
zip
file, i.e., one with a .zip extension, on Linux and Mac OS X systems you
can use the zipinfo
command. If you enter the command zipinfo followed by the
name of the zip file, you will see a Unix-style file listing for each
compressed file contained within the zip file.
$ ls -l vnc-osx.zip
-rw-r--r--. 1 joe joe 57641 Jun 28 2013 vnc-osx.zip
$ zipinfo vnc-osx.zip
Archive: vnc-osx.zip
Zip file size: 57641 bytes, number of entries: 4
drwxr-xr-x 3.0 unx 0 bx stor 13-Jun-28 12:43 vnc/
-rw-r--r-- 3.0 unx 21375 bx defN 13-Jun-27 20:31 vnc/Connect_to_Server.png
-rw-r--r-- 3.0 unx 36303 bx defN 13-Jun-27 20:33 vnc/Enter_Name_Password.png
-rw-r--r-- 3.0 unx 2834 tx defN 13-Jun-28 12:43 vnc/vnc-remote-access.html
4 files, 60512 bytes uncompressed, 56943 bytes compressed: 5.9%
$
In the example above you can see that there are three files stored in the
zip file; the output indicates 4 files because the directory, vnc, is counted
as a file on a Unix system. The total bytes for the four files before they
were compressed into a zip file is 60,512 bytes. They were compressed
down to 56,943 bytes, which is a 5.9% compression ratio, since (60512 -
56943) / 60512.0 * 100 = 5.9.
If you just wish to see the file and directory names contained in the zip
file, you can use the -1 argument (that's the number one).
I wanted to determine the hexadecimal or RGB values for the text in a Terminal
window on a CentOS 7 Linux system. I didn't have gpick or another color picker
utility available, but I did have the
GNU Image
Manipulation Program (GIMP) already installed on the system (you can
install it on a CentOS system with yum install gimp), so
I was able to take a
screenshot of the window with GIMP and then use GIMP's
color picker tool to determine the color of the
text. To access the color picker tool, select Tools and then Color
Picker from the GIMP menu.
You can determine the version of Microsoft Windows on a system from a
command line interface (CLI), e.g., a command prompt, using the
systeminfo command.
Since that command will provide a lot of other information
on the system, you can filter the output to see only the
operating system (OS) version by piping its output into the
findstr command using
the "|" pipe character. The command below will show only the
operating system version:
The /R option indicates that the findstr command should perform
its search based on a regular expression. The "^" character is a character
that when included in a regular expression means that what follows should be
at the beginning of the line. Without it, you could see something like the
following, instead, since "BIOS Version also matches:
The period between "OS" and "Version" indicates in a regular expression that
any one character in that space will match; in this case there is a space
character between the two words, which will match the period in a regular
expression. If you want to have a period treated as a period rather than
serving its function as a regular expression character, you can "escape"
its meaning by using the backslash, i.e. "\",
escape character.
I have been using several
email blacklists on a CentOS 7 server where I use
Sendmail
to handle email. The blacklists, aka blocklists, I've been employing are
DNS-based
Blackhole Lists (DNSBLs). A DNSBL is a list of
IP addresses
known to be associated with the transmission of spam. The ones I've
been using are listed below:
I configured Sendmail to use those blacklists by putting the following lines
in /etc/mail/sendmail.mc:
FEATURE(`blacklist_recipients')dnl
FEATURE(`dnsbl', `sbl.spamhaus.org', `550 Spam Block: mail from $&{client_addr} refused - See http://www.spamhaus.org/sbl/')dnl
FEATURE(`dnsbl', `psbl.surriel.com', `550 Spam Block: mail from $&{client_addr} refused - see http://psbl.surriel.com/')dnl
FEATURE(`dnsbl',`dnsbl.sorbs.net',`550 Spam Block: mail from $&{client_addr} refused - see http://dnsbl.sorbs.net/')dnl
FEATURE(`dnsbl',`dnsrbl.swinog.ch',`550 Spam Block: mail from $&{client_addr} refused - see http://antispam.imp.ch/spamikaze/remove.php')dnl
FEATURE(`enhdnsbl', `bl.spamcop.net', `"Spam blocked see: http://spamcop.net/bl.shtml?"$&{client_addr}', `t')dnl
If you add those lines to the Sendmail configuration file, you need to
regenerate /etc/mail/sendmail.cf with the command m4
/etc/mail/sendmail.mc > /etc/mail/sendmail.cf. Then restart sendmail
with service sendmail restart.
Still, despite those multiple anti-spam blacklists, a lot of spam is getting
through to accounts on the mail server. So I decided to install
Free Antispam for Mail Servers (FRAMS)
from Bitdefender,
which describes the software thusly:
Bitdefender Free Antispam for Mail Servers provides essential features
for increased productivity in any organization by blocking spam on
Linux-based mail servers. Bitdefender's award winning antispam engines
provide antiphishing, content and attachment filtering. It's extremely
easy to install and administrators have an easy to use web-based interface
and powerful command line management.
The deadline Microsoft has given for its free upgrade of Windows 7 and 8
to Windows 10 is 5:59 AM EDT Saturday July 30, 2016. When I checked with the
owner of a couple of Windows 7 systems on whether she wished me to upload
the systems prior to the deadline, she said "Yes." I wanted to have
current backups for the systems, so I backed them up using the built-in
backup program Microsoft provides with the Windows 7 operating system - see
Windows 7 Image Backup to Network Location
on the steps to start and configure that software. I found that there
was only a few megabytes of disk space still available on the USB-attached
backup device for one of the systems and I wanted to retain the earlier backups
on that device, so I decided to backup the system over the network, instead.
That backup was much slower than I would have liked it to have been over the
100 Mbs LAN. The steps to perform a Windows 7 backup to a network location
are listed here.
After resolving a problem with network connectivity on a
CentOS 7 Linux
server, I attempted to install a package using
yum, but received the message "Another app is currently
holding the yum lock; waiting for it to exit..."
# yum install rdesktop
Loaded plugins: fastestmirror, langpacks
Existing lock /var/run/yum.pid: another copy is running as pid 16020.
Another app is currently holding the yum lock; waiting for it to exit...
The other application is: PackageKit
Memory : 46 M RSS (1.4 GB VSZ)
Started: Fri Jul 29 12:08:28 2016 - 01:14 ago
State : Running, pid: 16020
Another app is currently holding the yum lock; waiting for it to exit...
The other application is: PackageKit
Memory : 46 M RSS (1.4 GB VSZ)
Started: Fri Jul 29 12:08:28 2016 - 01:16 ago
State : Sleeping, pid: 16020
Another app is currently holding the yum lock; waiting for it to exit...
The other application is: PackageKit
Memory : 46 M RSS (1.4 GB VSZ)
Started: Fri Jul 29 12:08:28 2016 - 01:18 ago
State : Sleeping, pid: 16020
Another app is currently holding the yum lock; waiting for it to exit...
The other application is: PackageKit
Memory : 46 M RSS (1.4 GB VSZ)
Started: Fri Jul 29 12:08:28 2016 - 01:20 ago
State : Sleeping, pid: 16020
Another app is currently holding the yum lock; waiting for it to exit...
The other application is: PackageKit
Memory : 46 M RSS (1.4 GB VSZ)
Started: Fri Jul 29 12:08:28 2016 - 01:22 ago
State : Sleeping, pid: 16020
Another app is currently holding the yum lock; waiting for it to exit...
The other application is: PackageKit
Memory : 46 M RSS (1.4 GB VSZ)
Started: Fri Jul 29 12:08:28 2016 - 01:24 ago
State : Sleeping, pid: 16020
^C
Exiting on user cancel.
#
I checked the process and saw the following information:
If you need to take an image of a window or an area on the screen on a
Linux system, one of the options available is to use the
GNU Image
Manipulation Program, which is a
free and
open-source graphics editor that is also available for
FreeBSD,
Mac OS X, Microsoft Windows, and
Solaris systems.
You can determine if the application is already installed using the
which command.
$ which gimp
/bin/gimp
$
If it isn't installed, on systems that use the
yum package management tool, such as
CentOS, you
can use the command yum install gimp from the root
account to install it. On Linux distributions that use the
Advanced
Packaging Tool (APT) for package management, e.g.,
Ubuntu, you can use sudo apt-get install gimp.
To take a snapshot of a window or an area of the screen, take the following
steps:
A user reported problems with email deliveries this morning, but when I
checked the outgoing mail queue with the
mailq command on
the CentOS 7 server running sendmail, the queue was empty.
# mailq
/var/spool/mqueue is empty
Total requests: 0
#
I tried sending a test message from the mail sever to an
external email account with the mailx command. For the body of the message, I put some text into a file
named test.txt and used the < character to
provide the contents of the
file as input to mailx for the body of the message. I didn't receive
any error message and I didn't see any messages stuck in the mail queue
when I checked it after I sent the message. But the message was not received
at the destination email account.
# mailx -s "Testing" moonpoint@example.com <test.txt
# mailq
/var/spool/mqueue is empty
Total requests: 0
#
So I then used the
sendmail command, instead, to send a test message to see if it would provide
me with any information that I could use for troubleshooting the problem. I
created a file with the following contents to send as a test message.
# cat temp.txt
Subject: Sendmail test
This is a test.
This is only a test.
You can send a test message whose contents are contained in a text file
from a command line interface using a
sendmail command in
the form sendmail recipient_email_address <
input_file. But when I did that, I saw a "Connection
refused by [127.0.0.1]" message.
There are quite a few HTML attributes made obsolete in
HTML5,
which is the current HTML standard. I've been trying to make new web pages
on my site compliant with version 5 of the standard and transitioning some
created using HTML 4.1 to HTML5, so I've had to modify the HTML code to use
other tags or eliminate the use of attributes that have been deprecated with
HTML5. Some of the
elements
and attributes that have been deprecated are listed below:
Evernote
Corporation, which produces the Evernote note-taking application,
unfortunately, doesn't provide an application for Linux as it does for
Microsoft Windows and OS X, but you can use Evernote from within a browser,
such as Firefox. To install Evernote support from within Firefox, take
the steps listed here.
A user reported that she was unable to receive email using her Outlook email
client. When I checked her system, I found that Outlook 2016 was reporting
the following error message:
Task 'nell@example.com - Receiving' reported error (0x80042108): 'Outlook
cannot connect to your incoming (POP3) email server. If you continue to receive
this message, contact your server administrator or Internet service provider
(ISP).'
I verified that I could connect to the email server on the
SMTP port, port 25, and the
POP3
port, port 110, from external systems and she told me that
her husband's system was able to check his email successfully. Since I knew
his system was establishing a POP3 connection to the mail server to check
email, but her system was establishing an encrypted POP3S connection
on port 995, I checked the Linux email server to verify that it was
listening for connections on port 995, since there had been a power
outage at its location recently that I thought might have caused it to
reboot. It was listening on that port.
So I thought the problem was likely at a NetScreen firewall between the
user and the server. I logged into the firewall via
Secure Shell (SSH).
I verified that there were no filters currently set for the firewall and
then set a filter for destination port 995 with the command
set ffilter dst-port 995. I then cleared the debug buffer with
clear db and started debugging on the router/firewall with
debug flow basic - see
NetScreen Debugging
Commands for an explanation of the debugging commands. I could see
that TCP packets were reaching the firewall, but the firewall
was reporting "packet dropped: for self but not interested".
I needed to restore an external USB-connected Toshiba disk drive from
an image created with Disk Utility
on a MacBook Pro running the OS X operating system. With the external disk
drive attached, a
diskutil command, diskutil list, showed the following:
$ diskutil list
/dev/disk0
#: TYPE NAME SIZE IDENTIFIER
0: GUID_partition_scheme *500.3 GB disk0
1: EFI EFI 209.7 MB disk0s1
2: Apple_HFS Macintosh HD 499.4 GB disk0s2
3: Apple_Boot Recovery HD 650.0 MB disk0s3
/dev/disk2
#: TYPE NAME SIZE IDENTIFIER
0: GUID_partition_scheme *13.8 MB disk2
1: Apple_HFS C_PGP2FV_B_A0 13.8 MB disk2s1
/dev/disk3
#: TYPE NAME SIZE IDENTIFIER
0: GUID_partition_scheme *500.1 GB disk3
1: EFI EFI 209.7 MB disk3s1
2: Apple_HFS TOSHIBA EXT 499.8 GB disk3s2
3: Apple_Boot Boot OS X 134.2 MB disk3s3
$
If you wish to generate a calendar on an Apple system running the
OS X operating
system at a
command line interface (CLI), e.g., within a
terminal
window, you can use the
ncal command to display a calendar. If you enter the command
with no parameters, it will display a calendar for the current month
$ ncal
July 2016
Mo 4 11 18 25
Tu 5 12 19 26
We 6 13 20 27
Th 7 14 21 28
Fr 1 8 15 22 29
Sa 2 9 16 23 30
Su 3 10 17 24 31
If you wish to display the calendar for another month, you can specify
the month on the command line by putting the month and year after the
command. E.g., to display a calendar for February of 20216, the command
below could be used. The command ncal february 2016 would
also work.
$ ncal 2 2016
February 2016
Mo 1 8 15 22 29
Tu 2 9 16 23
We 3 10 17 24
Th 4 11 18 25
Fr 5 12 19 26
Sa 6 13 20 27
Su 7 14 21 28
If you combine the -l option with the -f option,
you will see even more information for the process that may be helpful when
the process name is truncated.
To create an image backup of an external disk drive using the OS X
Disk
Utility found in the Applications/Utilities folder, take the
following steps after attaching the drive to the Apple computer.
Open Disk Utility, from the Applications/Utilities
directory.
Click on the external disk drive in the left pane of the utility to select it.
Click on File, then select New and Disk Image from, e.g.
Disk Image from "TOSHIBA EXT" for an external Toshiba USB drive.
You will then be prompted to give the image a name and can select the
directory where you wish it to be stored. You can also select whether the
image will be compressed and whether it will be encrypted.
Click on Save to initiate the creation of the disk image. When prompted
that "diskimages-helper wants to make changes. Type your password to allow
this.", provide a password for an account with administrator privileges on the
system. When the image has been created, you will see it listed in the
left pane of the Disk Utility window.
You can then use the OS X
Finder program to view the files stored in the
Apple Disk Image DMG file that was created by double-clicking on
the .dmg file that was created.
My wife received a call at 1:02 PM Eastern Time today from someone with an
Indian accent claiming he was from the "Windows Technical Department" calling
because they noticed that our "computer is infected with some harmful viruses."
The call was obviously a scam, but I picked up the phone and played along for
several minutes to see what the person would try to do. He had
me open the Windows Event Viewer and suggested that the entries I saw in
the Application log indicated the system was infected with viruses. There
will normally be a plethora of entries in the log associated with the normal
functioning of a Microsoft Windows system, but I can undestand
how such con artists might be able to scare someone who has never
looked at such log entries before into thinking they were evidence of
something being terribly wrong with his/her system. When I asked him
what percentage of people he called fell for the scam, he insisted it
wasn't a scam. When I asked him if he was calling from outside of the
U.S. and so felt immune from prosecution in the U.S., he hung up. When
I used *69 to get the calling number I found it was 315-825-8947.
When I tried calling the number, I heard a recorded message stating
"The person you are trying to reach is not accepting calls at this time.
Please try your call again later."
When I then searched online for that number, I found others reporting
receiving similar scam calls from that number, e.g., at the 800Notes page at
315-825-8947
I found reports such as "They called me 4 times. I finally picked up
on the last time and it was a woman with an Indian accent claiming to
be from Windows Tech Support and I immediately hung up. This is a scam."
Fifty minutes later, my wife received a similar call again at 1:52 PM
from someone with an Indian accent. She informed the caller that she knew
it was a scam and asked to be removed from the calling list. I used
*69 again and this time I was informed that the caling number was
315-639-8222. I found that number also listed at the 800Notes site at
315-639-8222.
When I tried calling that number I heard a message that "The number you
have reached has been disconnected or is no longer in service."
We received two more "Windows Technical Departement" calls within a
couple of hours. We were watching a series on Netflix during that period
and I didn't try to check those two calling numbers with *69.
I think it was the second call where I again picked up the phone and talked
to the caller who again had an Indian accent - my wife told me all four
seemed to have an Indian accent. I asked where he was calling from and he
told me New York. I asked him what company he worked for; he said "Windows
Technical Department". I asked him if he knew what company produces Windows.
He didn't answer, but attempted to continue with his spiel telling me where
to click with the mouse. I tried to see if he knew anything except the spiel
he had been given, but this caller wanted to stick with the spiel telling me
where to click, though he eventually hung up when I told him to hold on for
a minute while I went to another phone, where I was going to record our
conversation.
My wife gets very annoyed by such calls; she's usually the one picking
up the phone for our home phone number, which is a
VoIP
service from our cable provider. I haven't received such scam calls on
my cell phone number, though I do get a fair number of unwanted telemarketing
calls on that number,
often from
spoofed numbers. My wife said she frequently gets the Windows scam calls
when I'm not home. A few months ago,
I received a call on our
home number from another scammer pretending to be from the IRS.
Our phone numbers are on the U.S. Federal Trade Commission (FTC)
Do Not Call
list, but, of course, scammers, and many telemarketers as well, don't bother
checking that list.
AT&T CEO Randall Stephenson recently
claimed
that AT&T doesn't have the "authority" to implement new robocall blocking
technology in its mobile network, even though the Federal Communications
Commission
clearly stated last year that carriers have the "green light"
to offer robocall-blocking services to consumers.
To eject a CD/DVD tray on a CentOS 7 system, you can use the
eject
command. With no arguments given to the command on the command line,
i.e., a shell prompt, the tray will be ejected. To retract the tray,
you can use eject --trayclose or -t. You can
use -T or --traytoggle to open the drive,
if it is closed or close it, if it is open.
If you specify the -n or
--noop option, information on the device will be shown, but no
action is taken.
$ eject -n
eject: device is `/dev/sr0'
You can use eject --default to see the default name for the
device.
If you want to know how long a Mac OS X system has been running since the
last reboot, you can use the
uptime command, which can be run from a command line interface available
from a
Terminal window.
The output above shows that the time is 10:17 PM (the time is in
24-hour clock format, often referred to as
military time) and that it has been 20 days, 12 hours, and
24 minutes since the system was last rebooted. The three numbers
at the end of the output, 2.95, 2.93, and 2.46, are the load average
of the system over the last 1, 5, and 15 minutes.
The output above shows 18 users on the system when the uptime command
was run. If you want to see a list of those users, use the
w command. If you are the
only user of the system, don't worry that you may see a number greater than
1 listed; it's likely they are all logins for your account as they were when
I checked for the above instance where "18 users" was listed. The output
is showing every logged in session and in this case I had multiple shell
prompts through open tabs in the Terminal application.
In Python, you can use the followng six comparators to determine
if one value is or isn't equal to another or whether the value
is less than, less than or equal to, greater than, or greater than or
equal to another.
I have been experiencing issues with wireless network connectivity at one
location recently while using my MacBook Pro laptop running OS X Yosemite
(10.10.5). Until fairly recently, wireless network connectivity at the location
was great, but recently I would find that
SSH
connections I made from the laptop to another MacBook Pro laptop were
constantly being dropped requiring me to re-establish the connection. And when
I would ping the other system, which I was accessing via the wireless network,
I would see "request timeout" messages. I would also see "request timeout"
messages when I pinged the router's address. A few minutes later I might be
able to successfully ping both systems. Or I could go to System Preferences
, then double-click on Network, and then click on "Turn Wi-Fi Off"
and then, after WiFi connectivity was disabled, I could turn it back on and
the Wi-Fi access would then work.
When I used the airport
utility from a Terminal windowto check the noise level and
signal strength for the WiFi connection, I saw the following:
$ /System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport -I
agrCtlRSSI: -56
agrExtRSSI: 0
agrCtlNoise: -87
agrExtNoise: 0
state: running
op mode: station
lastTxRate: 73
maxRate: 72
lastAssocStatus: 0
802.11 auth: open
link auth: wpa2-psk
BSSID: 94:44:52:4a:43:40
SSID: Rain
MCS: 7
channel: 11
After reopening the last session when I reopened Safari 9.1.1 (10601.6.17)
on a MacBook Pro laptop running OS X Yosemite (10.10.5), I found that, though
the icon for Evernote was appearing the the left of the address bar, clicking
on it did not bring up the Evernote window that would allow me to save
webpages, though
I had installed Evernote
previously.
I had closed and reopened Safari after it stopped responding to any
keyboard entries or mouse movement.
When I clicked on Safari from Safari's menu bar and chose
Preferences and then clicked on Extensions, no extensions
were shown. I noticed that the Develop option was not appearing
in the Safari menu bar, though I had
enabled the Develop menu.
So I re-enabled the Develop menu by clicking on Safari from
the Safari menu bar, selecting Preferences, then clicking on
Advanced and then checking the check box next to
"Show Develop menu in menu bar". I then clicked on Develop from
the menu bar when that option reappeared. I then selected
Disable Extensions. I then clicked on Develop again and
again selected Disable Extensions, which this time removed the check
mark next to that option.
If you need to eject a CD/DVD disk drive from a command line interface
(CLI) there are a number of ways to do so. Three ways to do so from
a command prompt on a Microsoft Windows system are included below.
Batch File
@echo off
echo Set oWMP = CreateObject("WMPlayer.OCX.7") >> %temp%\temp.vbs
echo Set colCDROMs = oWMP.cdromCollection >> %temp%\temp.vbs
echo For i = 0 to colCDROMs.Count-1 >> %temp%\temp.vbs
echo colCDROMs.Item(i).Eject >> %temp%\temp.vbs
echo next >> %temp%\temp.vbs
echo oWMP.close >> %temp%\temp.vbs
%temp%\temp.vbs
timeout /t 1
del %temp%\temp.vbs
If you wish to check or update the date and time on a
Juniper NetScreen router/firewall from a command line interface, you can
establish a
Secure Shell (SSH) connection to the device, provided you have already
configured it to permit SSH access. You can then use the get clock
command to view the current date and time on the Netscreen device.
ns5gt-> get clock
Date 06/24/1997 07:43:02, Daylight Saving Time enabled
The Network Time Protocol is Disabled
Up 917 hours 27 minutes 27 seconds Since 17 May 1997 02:15:35
867138182.710668 seconds since 1/1/1970 0:0:0 GMT
GMT time zone area -5:00
GMT time zone offset 4:00
ns5gt->
In the above output, I can see that the date and time are not set
correctly. I can see that the time offset from
Greenwich Mean Time (GMT) is four hours, which is currently correct for
this device, though. You can see the current GMT time as well as the times for
many major cities throughout the world at
The World Clock - Worldwide.
The set clock command can be used to set the date.
ns5gt-> set clock ?
mm/dd/yyyy month/day/year
dst-off disable daylight saving time
ntp enable network time protocol
timezone GMT Time zone area
ns5gt->
You can specify the month, date, and year in the form mm/dd/yyyy
. The time should be specified after the date in the form hh:mm
or hh:mm:ss.
I needed to be able to retrieve a Firefox bookmark for an account on a
MacBook Pro laptop running OS X Yosemite (10.10.5). I wanted to be able
to view the bookmarks from a command line interface (CLI), i.e., a
shell prompt that I would get in a
Terminal window. On an OS X system, the bookmarks and other account-unique
information is stored beneath the profile directory for the
account, which you can find beneath the ~/Library/Application
Support/Firefox/Profiles directory.
$ ls ~/Library/Application\ Support/Firefox/Profiles
bgq13udo.default
$
Within that directory is a places.sqliteSQLite database.
OS X comes with the sqlite3 program for creating, viewing,
and editing SQLite databases - see
Using SQLite for
information on how to use the program.
I wanted to check on the cookies stored when I visited a site using
Safari 9.1.1 (10601.6.17) on a MacBook Pro laptop running OS X
Yosemite (10.10.5). When I clicked on Safari on the Safari
menu
bar and then selected Preferences, then Privacy,
I saw a "Cookies and website data" section, but no means to view
the cookies, only a way to delete them by clicking on Remove All
Website Data.
However, you can configure Safari to show details on cookies that are
placed on the system when you visit a webpage by taking the following steps
within the Safari browser.
Two users reported that they were not receiving any email this morning.
I logged into the email server, which is a CentOS Linux system using
Dovecot to provide
POP3 email
service, i.e., it is the software on the server to which email clients
connect to download users' email. I then connected to the POP3
port,
TCP port 110, using the
Telnet
program on the system and attempted to check email for a user's account
by issuing the user command, but after I entered the command
the connection was terminated before I could enter the pass
command with the password for the account.
# telnet 127.0.0.1 110
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
user nell
Connection closed by foreign host.
#
So I then checked Dovecot's log file. I saw many entries similar to the
following ones in that file:
# grep dovecot /var/log/maillog | tail -5
Jul 4 09:15:44 moonpoint dovecot: master: Warning: service(pop3-login): process
_limit (100) reached, client connections are being dropped
Jul 4 09:18:55 moonpoint dovecot: master: Warning: service(pop3-login): process
_limit (100) reached, client connections are being dropped
Jul 4 09:19:57 moonpoint dovecot: master: Warning: service(pop3-login): process
_limit (100) reached, client connections are being dropped
Jul 4 09:21:01 moonpoint dovecot: master: Warning: service(pop3-login): process
_limit (100) reached, client connections are being dropped
Jul 4 09:26:13 moonpoint dovecot: master: Warning: service(pop3-login): process
_limit (100) reached, client connections are being dropped
#
When you use %random%, you will get numbers between 0 and
32,767, which is 2 to the 15th power. But you can
make the range of numbers smaller by using a command like the following
where 0 is the lower bound for the numbers and n-1 is the upper bound
of the range.
While checking a firewall's logs, I noticed a "TCP FIN SCAN" entry for
66.235.139.18. The log entry showed the local host accessing port 80 on the
remote host at that IP address. Out of curiosity, I performed an nslookup on
the IP address. The
PTR record for the IP address points to the 2o7.net
domain
name.
The Adobe Marketing Cloud
solutions enable our business customers to personalize and improve the
performance of their websites, apps, and social networking pages. These
companies use Adobe Marketing Cloud solutions to collect and analyze
information, such as clicks made by visitors on their websites, apps, and
social networking pages. The solutions also allow the companies to provide you
with more relevant messages within their emails, text messages, and other
online and offline marketing campaigns. In general, companies use Adobe
Marketing Cloud solutions when they want to better understand and improve
their online resources and marketing.
You can determine if the Microsoft
Windows Firewall is enabled from a command line interface (CLI) by
opening a command prompt window
and using the
netsh command netsh advfirewall show currentprofile. If it is
enabled, you will see the "state" value is set to "ON".
C:\Users\nell>netsh advfirewall show currentprofile
Public Profile Settings:
----------------------------------------------------------------------
State ON
Firewall Policy BlockInbound,AllowOutbound
LocalFirewallRules N/A (GPO-store only)
LocalConSecRules N/A (GPO-store only)
InboundUserNotification Enable
RemoteManagement Disable
UnicastResponseToMulticast Enable
Logging:
LogAllowedConnections Disable
LogDroppedConnections Disable
FileName %systemroot%\system32\LogFiles\Firewall\pfirewall.log
MaxFileSize 4096
Ok.
C:\Users\nell>
If you want to check on whether inbound access is permitted through the
firewall for a particular port or application, you can search for it with a
netsh advfirewall firewall show rule name=all dir=in command.
Since there will likely be many lines of output, you can filter the output for
a particular port or application name by
piping it to the find command. E.g., if I want to check on whether a rule is
in place for an SSH server application, I can have find look for
"SSH".
C:\Users\nell>netsh advfirewall firewall show rule name=all dir=in | find "SSH"
Rule Name: Bitvise SSH Server (TCP/IPv6 22)
Grouping: Bitvise SSH Server
Rule Name: Bitvise SSH Server (TCP/IPv4 22)
Grouping: Bitvise SSH Server
C:\Users\nell>
Iperf is a
free open-source software tool that provides a capability
to measure the throughput between two hosts using both
Transmission Control Protocol (TCP) and
User Datagram Protocol (UDP) data streams. The software can be run in
either server or
client mode. To determine the network bandwidth available between two
systems, you can run iperf in server mode on one of the systems and in
client mode on the other.
You can perform logical "or" operations on Microsoft Windows systems with
the findstr
command using the
pipe character, i.e., |, to separate the terms you wish to
search on. E.g., if I wanted to filter the output of the
netstat
command to search for any lines that contain either ":21", ":22", or ":990",
I could use the command below.
After downloading the Evernote Web Clipper extension
from Evernote's website at
GET
WEB CLIPPER FOR SAFARI, I tried to install it for Safari 9.1.1
(10601.6.17) on a MacBook Pro laptop running OS X Yosemite (10.10.5), but I
encountered the error message below when I double-clicked on the downloaded
Evernote.6.8.1.safariextz file.
Safari can't install this extension
An error occurred while installing the extension "Evernote Web Clipper".
I tried several times with the same results. I redownloaded the file
from Evernote's website twice more just to eliminate the possibility of
file corruption during the download process, but the results remained the
same each time. I then tried clicking on Safari from Safari's
menu and selecting Preferences, then Extensions, which
showed that there were no extensions installed.
As Google does with
its search engine, Microsoft maintains a history of all the searches you
have performed from its search engine while logged into a Microsoft account,
e.g., Hotmail, Outlook.com, etc. You can view the history of your searches
conducted with the
Bing search engine by clicking on Search History at the top of the
Bing web page. If you click on that link, you will see links for "Recent
searches" and for "Frequent searches".
If you use Google's search engine to search the web, if you're logged into
a Google
account, such as a Gmail account, while performing the searches, you can
see a history of the searches you have performed by visiting
https://history.google.com/history/ while logged into that same account.
There you will see a graph displaying the number of searches you've performed
over the last few days and the total number of searches during that time
period, plus your top search clicks. You can change the time period displayed
to be last week, last month, last year, or all time.
In Python, you can use a function called datetime.now() to retrieve
the current date and time. First you need to import the
datetime library
so that it can be used in the script, which can be done with
from datetime import datetime. You can then display the
current date and time with print datetime.now(). E.g.:
$ python
Python 2.7.10 (default, Jul 14 2015, 19:46:27)
[GCC 4.2.1 Compatible Apple LLVM 6.0 (clang-600.0.39)] on darwin
Type "help", "copyright", "credits" or "license" for more information.
>>> from datetime import datetime
>>>
>>> print datetime.now()
2016-06-22 12:34:06.719688
>>>
Chrome on a MacBook Pro laptop running OS X Yosemite (10.10.5) that I
was using became unresponsive. Activity
Monitor showed a Google Chrome process was using about 100% of the CPU
cycles. I wanted to see what web sites the process was accessing in the browser
tabs associated with the process. One way to do so is to double-click
on the Chrome process in the Activity Monitor, which will open a
smaller window showing information on that process. Click on the
Open Files and Ports tab on that window. You can then copy the
information you see in that window into a file and, using
grep, extract all of the lines containing
the IP address of the system, which will provide a list of sites accessed by
the Chrome process.
The default settings for powering off the monitor and PC under Microsoft
Windows 10 are to turn off the screen after 10 minutes with no keyboard nor
mouse activity when the system is plugged into a power outlet and to put
the system to sleep when plugged in after 30 minutes of no keyboard nor
mouse activity. You can view and modify the settings by right-clicking
on the desktop in an area unoccupied by any shortcut and selecting
Display Settings, then clicking on Power & Sleep.
If you need to know the port on a Cisco switch to which a particular host
is connected and know the media access control (MAC) address, you can determine
the port to which it connects using a show mac address-table address
command. You can view all of the entries in the MAC address table
with the command show mac address-table, but if you know the
MAC address of the relevant system and only wish to determine the port on
the switch to which it connects, you can specify its MAC address with the
command show mac address-table address followed by the 48-bit
MAC address, which can be in the form xx.xx.xx.xx.xx.xx
or xxxx.xxxx.xxxx .
Saturn>show mac address-table address 50:e5:49:d8:13:37
Mac Address Table
-------------------------------------------
Vlan Mac Address Type Ports
---- ----------- -------- -----
1 50e5.49d8.1337 DYNAMIC Fa0/19
Total Mac Addresses for this criterion: 1
Saturn>
With the port number, you can determine details for the interface to which
the system connects using a show interfaces port where
port is the port identified by the show mac address-table address
command.
While checking on another problem, I noticed a lot of "Permission denied"
messages in a maillog file in the /var/log directory. The errors
were occurring whenever one particular user checked her email, which was
being checked by Microsoft Outlook on her PC.
# grep "Permission denied" /var/log/maillog.1 | tail -n 3
Jun 17 18:56:08 moonpoint dovecot: pop3(nell): Error: open(/home/nell/mail/.imap
/INBOX/dovecot.index.log) failed: Permission denied (euid=503(nell) egid=1002(ne
ll) missing +x perm: /home/nell/mail/.imap/INBOX, dir owned by 0:0 mode=0700)
Jun 17 19:26:44 moonpoint dovecot: pop3(nell): Error: open(/home/nell/mail/.imap
/INBOX/dovecot.index.log) failed: Permission denied (euid=503(nell) egid=1002(ne
ll) missing +x perm: /home/nell/mail/.imap/INBOX, dir owned by 0:0 mode=0700)
Jun 17 19:57:29 moonpoint dovecot: pop3(nell): Error: open(/home/nell/mail/.imap
/INBOX/dovecot.index.log) failed: Permission denied (euid=503(nell) egid=1002(ne
ll) missing +x perm: /home/nell/mail/.imap/INBOX, dir owned by 0:0 mode=0700)
#
Checking the permissions and ownership on the referenced
mail/.imap/INBOX file for her account and comparing it to other
accounts, I saw that root was listed as the owner and the group for the file
under her home directory, but for other users the same file under their home
directory was owned by the user's account and the group matched the user name
for the user.
I needed to know the IP address a user had been connecting from to access his
email on a POP3 email server running the
open-sourceDovecot email software. By default, Dovect logs to syslog
using mail facility, but you can change that by modifying the
syslog_facility setting. The syslog configuration is often in
/etc/syslog.conf or /etc/rsylog* files. E.g., on the
CentOS 7 mail server on which Dovect was running the configuration was in
/etc/rsyslog.conf, which had the following line within it:
# Log all the mail messages in one place.
mail.* -/var/log/maillog
You can find the location of dovecot logs using the doveadm log find
command.
Since the user had not connected from his PC to check his email account for
several days, I looked in a maillog file from several days ago to determine
the IP address from which he connected then and saw the following.
After downloading an image file from
Google Drive
to a MacBook Pro laptop running OS X 10.10.5, I found when I tried to
open the file in the
Preview application on the Mac, I couldn't open it with that
application. I then right-clicked on the file in the
Finder and chose "open with" then "other" and then tried the Photos
application, but it couldn't open the file either. So I used the
file utility, which
can determine the format type for files based on a
magic number contained within a file.
$ file Map
Map: RIFF (little-endian) data
The file program indicated that the file I downloaded, which was a campus
map, was in the
Resource Interchange File Format (RIFF), a file
container format that was introduced by Microsoft and IBM in 1991; it
was the default format for
Microsoft
Windows 3.1 multimedia files. The format is based on the
Interchange File Format (IFF) introduced by
Electronic Arts for the
Commodore Amiga Amiga in 1985. However, whereas
multi-byte
integers are stored in
big-endian format, which is a format native to the 68k processor series
used in Amiga and Apple Macintosh computers, RIFF files use the
little-endian
format, which is why the file utility reports "RIFF
(little-endian) data".
Using
Outlook on the web, aka Outlook Web App (OWA)and Outlook Web Access, to
check my email on a Microsoft Exchange server using a web browser, I can use
the search function to search for a
string
that may be part of a word in the subject of a message. But I can only search
for that string if it occurs at the beginning of a word. E.g., if I'm looking
for any message that has "CRQ000000473568" within the subject of a message, I
can use either of the two searches below to successfully find such messages.
Subject: CRQ000000473568
Subject: CRQ*
I can use the asterisk as a
wildcard character to represent one or more of any character.
But if I use either of the following search parameters, the relevant
messages won't be found.
Subject: *473568
Subject: *473568*
The search function doesn’t provide a search option that will allow you
to search for text in the middle or end of a word. It only find items that
contain a word that begins with your search string.
I needed to count the number of records in a table I use for tracking tasks
within an SQLite
database. The table is named "Tasks" and, in addition to other columns
has a Received column, where I record when I received a task and an
Approved column, where I record the date I approved the task. If I only want
to see the task numbers and the dates on which I received and approved tasks and
I want the records ordered by approval date, I can use the following
Structured Query
Language (SQL) command:
I can count all of the records in the table with the SQL command below:
sqlite> select COUNT(*) FROM Tasks;
33
sqlite>
Within the table, I have a field named "Approved" that I use to track
the approval date for tasks; I store the date as a text field, since
SQLite doesn't have a storage class
specifically for dates. If I want to know how many tasks I've approved since
a specific date, I can use a command like the one below to determine the number
approved since the specified date.
sqlite> select COUNT(*) FROM Tasks WHERE Approved > "2016-06-07";
8
sqlite>
You can use an
OpenSSL
s_client -connect command to check a certificate on a remote server by
specifying the remote system in the form x.x.x.x:port
where x.x.x.x is the IP address of the remote system and port is
the relevant port or you can use the
fully qualified domain name (FQDN) in place of the IP
address. E.g., I used the command below to check the status of a certificate I
obtained from Let's Encrypt, a
"certificate authority that
launched on April 12, 2016 that provides free
X.509
certificates for
Transport Layer Security (TLS) encryption via an automated
process designed to eliminate the current complex process of manual
creation, validation,
signing, installation, and renewal of certificates for secure websites."
The server I checked functions as a
POP3S server using port 995, so that was the port I
specified.
There are occasions where I need to monitor all traffic between two hosts
with tcpdump,
but I want to exclude the traffic for a particular port. E.g., I may be
logged into a system via Secure Shell (SSH), but don't want to have the
output of tcpdump cluttered with the SSH traffic. If you want to view traffic
between the host you are logged into and a remote system, you can specify the
remote system using tcpcump host remote_host where
remote_host is the fully qualified domain name (FQDN) of the remote
system, e.g. system1.example.com, or the IP address of the remote system.
You can monitor only traffic to/from a particular port using the
port port_number parameter where port_number is
the relevant port. E.g., if I wanted to monitor
only SSH traffic with the host system1.example.com for the
standard SSH port, port 22, I could use the command below:
# tcpdump host system1.example.com and port 22
If you wish to have tcpdump monitor traffic based on two parameters, e.g.,
host name and port number in the example above, put the word and
between the parameters. However, if I wanted to monitor all traffic to/from
system1.example.com, except for traffic using port 22, I can put
not before the word port.
# tcpdump host system1.example.com and not port 22
Microsoft Windows versions prior to version 10 don't come with a built-in
printer driver to create Portable Document Format (PDF) files from any
application. You can find many free PDF printer driver programs on the Internet
for Microsoft Windows systems, but you need to be very careful when installing
many of them, since they come bundled with adware, though, if you choose a
custom installion when installing the software, you may be able to avoid
the adware being installed along with the software you want. E.g., the
February 8, 2014 article
Controversial Advertising Program Now Being Embedded in More Software
mentions that PrimoPDF,
which I've used in the past, is bundled with
OpenCandy, adware
software that many antivirus programs will flag. If you are careful during the
installation, you should be able to avoid having any OpenCandy software
installed as well as the PDF printer driver, though. PrimoPDF is not the
only printer driver utility for Microsoft Windows systems that comes bundled
with adware, though. The August 20, 2014 article by Justin Pot titled
7 Best Tools To
Print To PDF lists other tools that will allow you to print to PDF from
any application on a Microsoft Windows system that also come with
adware, aka "crapware", e.g.
CutePDF, which I've also used previously. Again, if you are careful
during installation, you should be able to avoid installing the other sofware,
though.
If you would like to avoid having to worry about inadvertently installing
adware with such a tool, though, Stefan Heinz offers a free program,
FreePDF, which I've used on a Microsoft
Windows 8 system, that provides a printer driver that will allow you
to print from any application run under Microsoft Windows to a PDF
file. Unlike much of the other free PDF printer driver software, you
don't need to worry about adware being installed with the software. The
developer states at What
is FreePDF:
Freepdf.exe really is free - no hidden costs and no advertising. No spyware, no
automatic updates. Simply because I also do not like this in other "freeware".
I wanted to pipe the output of the
find command through the
tail command and then
pipe its outout into the cat
command. E.g., I used the find command to locate the
manual page
for the curl command on a
MacBook Pro running OS X as shown below:
There were two man pages with "curl" as part of the file name, but I only
wanted the second one, so I piped the output of find into
tail, selecting the last line of output only with the
-n 1 option.
I then wanted to have cat process that file name.
I could have just typed the directory path and file name produced from the
above sequence of commands or copied and pasted the result,
of course, but I thought it would be useful to know a method
to get cat to process the output from find
for other situations. There is a simple method, using
command substitution of getting cat to process a
file name that find has located. One can simply use a
command similar to cat `find [whatever]` as explained by Laurence
Gonsalves in response to a Stack Overflow question How to pipe list of files returned by find command to cat
to view all the files. The command subsitution takes
the output of the command or commands between successive backtick characters and uses that as the argument
for another command, in this case the cat command.
When I started using a MacBook Pro laptop running OS X Yosemite (10.10.5) today,
I found that the Google Chrome browser (version 35.0.1916.153) was slow to
respond when I attempted to access web pages. When I checked the system
CPU usage from a Terminal tab using the top
command, I found a Google Chrome process with
process identififer (PID) 29634 was consuming about 90% of the CPU
cycles.
You can determine what web pages a Google Chrome process has open by putting
chrome://memory in the Chrome address bar. Once you've identified
the relevant Chrome window/tabs associated with a process, you can close the
tab, or tabs, that may be associated with the process to reduce CPU usage.
If needed, you can also suspend a process
temporarily under OS X with the kill command.
On a Mac OS X system, passwords can be stored in a
keychain. You
can view and manage stored passwords via the
Keychain Access program found in the Applications/Utilities
folder. If you use the
Apple Mail program to check email for a
Gmail account, you can view
the password stored in a keychain for the Gmail account by opening
the Keychain Access program and then typing gmail in
the search box at the upper, right-hand corner of the window and
hitting Enter. You should then see entries displayed for
imap.gmail.com and smtp.gmail.com, if you
are checking email via the
Internet
Message Application Access Protocol (IMAP) and sending email
via the
Simple Mail Transfer Protocol (SMTP).
On a Mac OS X system, you can use
Python to start a simple web server in any directory
by opening a Terminal window (the Terminal program is found in
Applications/Utilities) and entering the command
python -m SimpleHTTPServer port with port being
the port you wish to access the web server on. Typically,
web servers listen on
TCP port 80 for
HTTP connections, but you can specify any currently unused
port on the system with the caveat that if you pick a
well-known port, i.e., a port less than 1,024,
then you will need to prefix the command with
sudo to run
the command as root, .e.g, sudo python -m SimpleHTTPServer 80.
However, you can pick ports above 1,023, such as 8080, without using sudo.
E.g., python -m SimpleHTTPServer 8080. If you issued that
command, you should see Python respond with "Serving HTTP on 0.0.0.0 port 8080
..." Then, within a browser, you could access an HTML file in the directory
from which you issued the command with
http://localhost:8080/filename. E.g., if I wished to
display a file named test.html, I could use
http://localhost:8080/test.html. If test.html was
just a simple HTML file, I would see GET /test.html HTTP/1.1" 200
displayed on the command line where the Python command was issued. The
"200"
at the end of the line is an
HTTP status code indicating a successful HTTP request.
If you have a file named index.html in the directory, then
just as with a normal webserver, you don't need to specify it to view its
contents. E.g. http://localhost:8080 would be sufficient for
displaying index.html. If there are links to images within
index.html, Python would display the relevant
HTTP GET commands the browser issued to retrieve the images.
When you wish to stop Python from listening on the specified port, you can
use the control-C keys to stop the web server and return to the shell prompt.
Note: you will see some error messages displayed when you do so.
Below is the output displayed by Python when I first accessed a file
named test.html and then when I accessed the index.html
file in the same directory. The index.html file had links
to 4 image files contained in the same directory as the index.html
file, so the GET commands issued by the browser are displayed for those as
well. The 127.0.0.1 IP address is the localhost address. The
last line shown was produced when I hit the control and "C" keys.
During a meeting I was in today, the projector, a Dell 5100MP projector,
stopped displaying anything on the screen. The projector was mounted to the
ceiling and thus was mounted upside down, so the buttons on top would be
accessible. To fix the problem someone stood on the conference table and
after powering the projector on and off didn't work, unplugged the power to
the projector. After it was powered back on, it appeared to revert to the
factory default setting for the display resulting in the display on the
screen being upside down. I found the manual for the projector online, which
listed the following steps to take from the management menu to invert the image
displayed for ceiling-mounted projection:
If you need to verify the PHP code in a .php file, you can do so from a
command line interface (CLI), e.g., a
shell
prompt using the -l option; that's the letter "l", not the
number "1". E.g., when I tried accessing a web page I had created,
e.g., http://www.example.com/sompepage.php, I saw only a blank page. If
I examined the source code for the page in the browser from which I was
viewing the page, there was nothing there. Looking through the PHP code,
the cause of the error wasn't immediately obvious to me, but when I
issued the command php -l somepage.php on the server where
the page resided, the line that was causing the problem was identified.
$ php -l somepage.php
PHP Parse error: syntax error, unexpected '$download_url_description' (T_VARIAB
LE) in somepage.php on line 79
Errors parsing somepage.php
Examining the code, I realized I had omitted a required semicolon from the
prior line. When I added the semicolon at the end of the line and reran the
check, I no longer saw any error messages and when I refreshed the webpage in
the browser after making the update, it then displayed correctly.
The following steps can be used to import contacts from an Outlook
.pst file into Outlook 2013:
Click on File.
Click on Open & Export.
Select Import/Export.
When the Import and Export Wizard window opens,
select "Import from another program or file" and click on Next.
Select "Outlook Data File (.pst)" and click on Next.
Browse to the location of the .pst file and then click on Next after
selecting the option you prefer in regards to how Outlook should deal with
any entries that duplicate existing entries in your contact list. The options
are as follows:
Replace duplicates with items imported
Allow duplicates to be created
Do not import duplicates
At the next step, you can select the folder to import from. You can also
decide whether you wish to import any subfolders from the imported file;
the default value is to include subfolders. You can also choose from the
following 2 options:
Import items into the current folder
Import items into the same folder in
For contacts, you may want to import them into the Contacts
folder in Outlook, so can leave "Import items into the same folder in"
selected for the appropriate email account.
Click on Finish to complete the process.
For creating a contacts list PST file from the prior version of the
application which can be imported into Outlook 2013, see
Exporting contacts from Outlook 2010.
After updating /etc/aliases on a CentOS 7 system that uses
sendmail
for transmitting email by adding a new alias, I ran
newalises.
When I did so, it took a fair amount of time for the command to complete and
when it did I saw the error message below:
[root@moonpoint ~]# newaliases
WARNING: local host name (moonpoint) is not qualified; see cf/README: WHO AM I?
/etc/aliases: 360 aliases, longest 69 bytes, 6301 bytes total
[root@moonpoint ~]#
The referenced "cf/README" file is at /usr/share/sendmail-cf/README
.
I had also noticed that when I entered the
mailq command to see what
messages were queued for transmission it took a long time to see the results.
And whenever I sent email from the system with the email client
Alpine, it was taking
a long time for email messages to be transmitted.
I received a report from a couple of users that email they were sending
wasn't being delivered to recipients, though they weren't receiving any
bounced messages or any indication that their email was not being delivered.
Their email clients were sending email to smtp.atlanticbb.net. When I sent
email from the same IP address to that Atlantic Broadband
Simple Mail Transfer Protocol (SMTP) server addressed to
several email accounts I maintain for email troubleshooting on a number of free
email services, such as Gmail, none of them reached their destinations, even
though as far as the email client was concered, they were successfully
delivered to the Atlantic Broadband SMTP server.
Examining the message headers from an email sent from a tech support
person at Atlantic Broadband, whom I contacted on June 1 regarding the
problem, to my Gmail account (see
Viewing message
headers in Gmail), I learned that Atlantic Broadband uses Echo Labs to handle their email. I
saw the following in the message headers:
Received: from cluster1.echolabs.net (mail.atlanticbb.net. [38.111.141.32])
by mx.google.com with ESMTP id l144si10145927ybf.89.2016.06.01.19.40.53
The say command on a Mac OS X
system can be used to have the system vocalize text you type. E.g.,
at a
Terminal window (the Terminal application is found in
Applications/Utilities) you could issue the command say
"Hello world". Though you can include a period or question mark
at the end of the text, if you include an exclamation mark, since that
has a special meaning to the shell, you will get an error message.
$ say "hello world"
$ say "hello world."
$ say "hello world?"
$ say "hello world!"
-sh: !": event not found
You can have the words in a file spoken by using say -f filename where filename is a text file containing whatever text you
wish the system to read aloud. E.g., to read the contents of
saythis.txt, I could issue the command
say -f saythis.txt.
-D [bind_address:]port
Specifies a local “dynamic” application-level port forwarding.
This works by allocating a socket to listen to port on the local
side, optionally bound to the specified bind_address. Whenever a
connection is made to this port, the connection is forwarded over
the secure channel, and the application protocol is then used to
determine where to connect to from the remote machine. Currently
the SOCKS4 and SOCKS5 protocols are supported, and ssh will act
as a SOCKS server. Only root can forward privileged ports.
Dynamic port forwardings can also be specified in the configura-
tion file.
IPv6 addresses can be specified by enclosing the address in
square brackets. Only the superuser can forward privileged
ports. By default, the local port is bound in accordance with
the GatewayPorts setting. However, an explicit bind_address may
be used to bind the connection to a specific address. The
bind_address of “localhost” indicates that the listening port be
bound for local use only, while an empty address or ‘*’ indicates
that the port should be available from all interfaces.
E.g., if I wished to create a SOCKS proxy server at the SSH server end
from an SSH client using the
registered port commonly used as the listening port for a SOCKS proxy, i.e.,
TCP port 1080, I could use the command below, assuming
that I have a jdoe account on the SSH server at example.com.
After taking a large number of photos yesterday and then transferring the
memory card from her camera to her PC, my wife found that three of the
JPG files on the memory card
were not readable. I tried to open the files using various graphics programs
on her PC, which is running Microsoft Windows 8, to see if any of them might
be able to read the files by right-clicking on a photo and choosing "open
with". I saw the following error messages:
Application
Error Message
Paint
Paint cannot read this file.
This is not a valid bitmap file, or its format is not currently supported.
Photos
This file can't be opened. The file might be damaged.
Windows Photo Viewer
Windows Photo Viewer can't open this picture because
the file appears to be damaged, corrupted, or is too large
Corel PaintShop Pro X7
Unable to open the file. Pleae verify that the file
is valid.
Adobe Photoshop Elements 13 Editor
Could not complete your request because an unknown or
invalid JPEG marker type is found.
Possibly some sectors on the memory card were damaged or the corruption
could have been due to some other reason, but I thought I might be able to
recover the images using a file repair tool. I tried the
RS File Repair
tool, which runs on Microsoft Windows systems, from
Recovery Software, but the repaired
files it generated were not useful.
On Unix, Linux, and OS X systems,
traceroute
sends UDPdatagrams to high-numbered ports with an increasing
time to
live (TTL) value. The first datagram sent has a time to live of 1. Each
network hop, e.g. a
router, along the path of a UDP datagram or
TCP packet to its destination will decrement the TTL value
by 1 and, unless the system is the final destination, will send
an ICMP error datagram (11 -
Time Exceeded) back to the source system, if after it decrements the TTL
the TTL value is 0.
As an example, suppose you are performing a traceroute between two computers
with two routers between the source and destination systems as in the diagram
below.
When you issue the command traceroute workstation2, the
traceroute command will first send out a UDP datagram with a TTL of 1.
Router 1 will decrement the TTL, at which point it becomes 0, so router 1 sends
an ICMP "time exceeded" datagram back to workstation 1. Workstation 1 then
sends another datagram to workstation 2, but this time with a TTL of 2. Router
1 is the first hop on the path to workstation 2 and it decrements the TTL
and sends it on to router 2 which also decrements the TTL at which point it
is now 0, so router 2 sends back a "time exceeded" datagram to workstation 1.
Then workstation 1 sends a datagram with a TTL of 3. This time the TTL is
decremented to 2 at router 1 and then to 1 at router 2, which sends the
datagram on to workstation 2, which is the destination system that will send
a reply back to workstation 1. On Microsoft Windows systems, the tracert
command uses a similar process except it sends ICMP echo requests, instead of
UDP packets to a high-numbered port.
Another tool available for use on Microsoft Windows systems is
tcproute.
Tcproute sends TCP packets to port 80 on the destination system, increasing the TTL value by one with each packet sent, so the tool is similar to the process
employed by traceroute on Unix, Linux, or OS X systems, though it is using
TCP rather than UDP and is using a destination port of 80, the default port
used by web servers for
Hypertext
Transfer Protocol (HTTP) traffic.
The
Secure Shell (SSH) protocol allows you to interactively log into remote
systems. Once logged into a remote system, you have a shell prompt where you
can enter commands on the remote system. But you can use an SSH client to
execute a command on a remote system without logging into that system and
obtaining a shell prompt on the remote system. E.g., if you wanted to
get a command line interface (CLI) on the remote system, you
might enter a command similar to the following one:
$ ssh jdoe@example.com
But, if you just were logging in to enter one command, say you wanted
to find the hardware platform of the remote system using the
uname
command uname --hardware-platform, you could simply append that
command to the end of the above ssh command you would have used to log into
the remote system. E.g.:
In the example above, issuing the same command on the local system, i.e.,
the one on which the SSH command is being issued shows that the result returned
when the uname command was issued at the end of the ssh command line returned
a result from the remote system.
You may even be able to use a text-based editor, such as the
vi editor, though you may see
error messages like the ones below:
$ ssh jdoe@example.com vi temp.txt
jdoe@example.com's password:
Vim: Warning: Output is not to a terminal
Vim: Warning: Input is not from a terminal
When you enter an ssh command in the form ssh
user@host the remote system allocates a
pseudo-tty (PTY), a
software abstraction used to handle keyboard input and screen
output. However, if you request SSH to run a command on the remote
server by appending that command after ssh user@host, then
no interactive terminal session is required and a PTY is not allocated, so
you see the error messages when you use a screen-based program intended for
use with a terminal, such as the vi editor.
For such cases you should inclde the -t option to the SSH
command.
-t
Force pseudo-tty allocation. This can be used to execute arbitrary
screen-based programs on a remote machine, which can be very useful,
e.g. when implementing menu services. Multiple -t options force tty
allocation, even if ssh has no local tty.
TeslaCrypt is a now
defunct variant of
ransomware. It can now be considered defunct because this month (May 2016)
the TeslaCrypt developer(s) released a master key that will decrypt the files
on any system that were encrypted with TeslaCrypt after Lawrence
Abrams, a security researcher for the IT security company
ESET,
asked for the master decryption key on a TeslaCrypt support site
after noticing that the TeslaCrypt variant of ransomware was being
phased out in favor of another ransomware variant, CryptXXX, though
Abrams rated CryptXXX inferior to TeslaCrypt stating "TeslaCrypt
showed a great deal of experienced coding and knowledge about
cryptography. CryptXXX on the other have had both of their versions
decrypted already."1
TeslaCrypt underwent improvements in its own coding over time after
first emerging in March 2015. It was
originally developed to encrypt files associated with some computer games
forcing players to pay a ransom in
bitcoins, a preferred
payment method for ransomware developers, because of its anonymity feature.
Once a system was infected the ransomware would search for 185 file extensions
related to 40 different games, including the Call of Duty series, World of
Warcraft, Minecraft and World of Tanks and encrypt files so that players would
be forced to pay a ransom to the TeslaCrypt developer(s) to unlock their
data2. Later the developers expanded the types
of files that were encrypted to include Microsoft Word, PDF, and JPG files
that would likely be found on nongamers' systems. When researchers for
Cisco
Systems Talos Group managed to develop a decryption tool for TeslaCrypt, the
TeslaCrypt developer(s) released a version 2.0 of the ransomware so that
the Talos Group tool could no longer be used to free victims from paying
a $500 USD ransom to decrypt their files.
Later, in November of 2015,
Kaspersky
Lab researchers discovered a flaw in the 2.0 version of TeslaCrypt, which
was corrected by the TelaCrypt developer(s) in a 3.0 release circulating as
of January 2016.
On March 18 of 2016, version 4.0 of the ransomware was discovered.
Researchers for the Danish security firm
Heimdal Security published the security alert
Security Alert: TeslaCrypt 4.0 – Unbreakable Encryption and Worse Data Leakage
regarding enhancements to the malware that made it even harder to
crack. The 4.0 upgrade also fixed a bug that would render files greater than
4 GB permanently unavailable even to those who paid the ransom.
Morten Kjaersgaard, CEO of Heimdal, stated "They're really trying to make it
like a product so when you do pay up you get your money's
worth,"3 since ransomware developers
know they won't be able to get new victims to pay the ransom if
there are widespread reports by prior victims that they couldn't
decrypt files even after paying the ransom. The 4.0 version of the
ransomware also incorporated code to join infected computers into a botnet.
Now, though, with the release of a free, publicly available tool from ESET,
which can be dowloaded from
http://download.eset.com/special/ESETTeslaCryptDecryptor.exe, to
decrypt files encrypted with TeslaCrypt using the master key, victims can
unencrypt their files without paying a ransom.
When I need to work on a piece of new equipment that has a power adapter,
I usually note the model number and part
number for the power adapter in case the adapter should be separated
from the equipment later, so that I can easily determine which
adapter goes with which piece of equipment and so, if a wire within
the cord for the adapter gets broken over years of use, I can easily
locate a source for a replacement if needed. I sometimes
also take a photo of the power adapter, so I know what it looks like if
I'm searching through boxes of adapters for the correct one.
So I took some pictures of the adapter for a new
HP 15-af131dx notebook. I
used a station my wife has in her studio for taking photos that has a
white cloth for a backdrop and lights that are focused on the area to be
photographed. But I used my cell phone to take the photos rather than the
camera she uses. Even though I made some adjustments to the phone's
settings for taking photos so that the images had a white background
when I viewed them on the phone, when I uploaded them from the phone
to a computer I found that the white backdrop looked somewhat gray
when I viewed them on a couple of computers.
On my MacBook Pro laptop, I normally use the
Preview
program, which is found in the Applications directory on OS
X systems, to view images. That application provides color adjustment
capabilites that allowed me to easily adjust the colors in the image so
that I got the whiter background I wanted for the images. After opening
a photo in Preview, I could click on Tools then Adjust
Color to bring up an Adjust Color window where I could change
the following values for an image:
A MacBook Pro laptop with OS X Yosemite (10.10.5) I've been using today had
been performing poorly. When I checked on CPU and memory usage, I found
Firefox 38.7.0 was responsible for most of the memory usage and was consuming
an excessive amount of CPU cycles. The
Activity Monitor application, which is found in
Applications/Utilities, showed that Firefox was consuming about
1/2 of the 16 GB of Random Access Memory (RAM) on the system. The Activity
Monitor was also showing about 100% CPU utilization by Firefox. If a
process is misbehaving, you can kill it with the kill command, but you
can also suspend and resume it with the kill command using kill
-STOP pid and kill -CONT pid where
pid is the process identifier for the process. I used the command
kill -STOP 509 to temporarily suspend execution of Firefox
so I could complete some pressing tasks.
If you wish to take a screen shot on a Linux system, whether it is a CentOS,
Ubuntu, or other Linux distribution, one tool that may already be on the
system that will allow you to perform a screen capture from a command line
interface, i.e., a shell prompt, is
gnome-screenshot. You can determine if the utility is present on a
system using the which
command.
$ which gnome-screenshot
/usr/bin/gnome-screenshot
You can obtain help on using the tool to take a screenshot by typing
gnome-screenshot at a shell prompt.
$ gnome-screenshot --help
Usage:
gnome-screenshot [OPTION...] Take a picture of the screen
Help Options:
-h, --help Show help options
--help-all Show all help options
--help-gtk Show GTK+ Options
Application Options:
-c, --clipboard Send the grab directly to the clipboard
-w, --window Grab a window instead of the entire screen
-a, --area Grab an area of the screen instead of the entire screen
-b, --include-border Include the window border with the screenshot
-B, --remove-border Remove the window border from the screenshot
-d, --delay=seconds Take screenshot after specified delay [in seconds]
-e, --border-effect=effect Effect to add to the border (shadow, border or none)
-i, --interactive Interactively set options
--display=DISPLAY X display to use
Sometimes after I've established an SSH connection to an SSH server, I
encounter a situation where the remote system isn't responding to keyboard
input and I want to terminate the SSH session and return to a command prompt.
E.g., often when I've connected to a Microsoft Windows system running SSH
software from my Ubuntu Linux laptop, I find that I'm in a situation where
after I've entered a command at the Windows system's command prompt the
remote system no longer seems to be accepting keyboard input from the
Linux system. Sometimes it seems to occur when I've mistyped a Windows
command and the Windows system may be waiting for further input, but doesn't
seem to accept what I type. In such cases, rather than close the Terminal
tab on the Linux system to terminate the connection, which then requires me
to open a new tab and establish a new SSH session, I'd prefer to break out
of the current SSH session and return to the shell prompt on the Linux
system where I can re-establish the SSH connection. In such cases,
Ctrl-C, Ctrl-D, and Ctrl-Z don't help me.
But there is an
escape sequence
that will allow me to terminate the current SSH session. Hitting the
three keys listed below will allow me to terminate the session.
When I tried to install a package on an Ubuntu Linux system with
apt-get yesterday, I saw the error message below:
$ sudo apt-get install ibmonitor
E: Could not get lock /var/lib/dpkg/lock - open (11: Resource temporarily unavailable)
E: Unable to lock the administration directory (/var/lib/dpkg/), is another process using it?
I saw there was another installation in progress via the
Update
Manager, but the Update Manager update had been running for many days
without successfully completing. I couldn't cancel or kill the Update Manager
update through the graphical user interface (GUI) for the Update Manager, so I
checked for any process identifier (PID) associated with
update-manager.
Versions of Linux based on the Debian distribution, such as
Ubuntu, use
.deb files for the package management system. Debian .deb packages are
standard Unixar archives
that include two
tar
archives, which may optionally be compressed with
gzip (zlib),
Bzip2, the
Lempel–Ziv–Markov
chain algorithm (LZMA), or xz (lzma2). One of the two archives holds the
control information and the other contains the program data. At the base
of the software management system is
dpkg; dpkg originally stood
for "Debian package".
dpkg is a low-level tool that is used by other package management tools such
as Advanced Package Tool (APT). APT was originally designed
as a
front end to dpkg. In turn
aptitude, which allows a user to interactively choose packages to
install or remove, is a front end to apt.
Synaptic provides a
graphical user interface (GUI) for apt.
To install a .deb package with dpkg, you can use dpkg -i debFileName
. You can obtain a list of the installed packages on a system with
dpkg -l or dpkg -l [optional pattern] to filter the
list of packages shown by an optional pattern.
I've never created a .deb package and was curious as to how to do so.
I thought I'd start with something simple by creating a .deb package for
ibmonitor, since the
program is just one Perl script. To build the package, I followed the
instructions in the
How to Build
section of Debian
Packages.
If you want to monitor the traffic on network interfaces on a Linux system,
one tool that will give you real-time statistics on network utilization is
ibmonitor. An
RPM package and the Perl script that constitutes the program and is
contained in
ibmonitor-1.4.tar.gz can be downloaded from
ibmonitor. The program is a
console application
, i.e., a command line program with a text interface. It is written
in the Perl
programming language. Its features include the following:
Shows received, transmitted and total bandwidth of each interface
Calculates and displays the combined value of all interfaces
Diplays total data transferred per interface in KB/MB/GB
Values can be displayed in Kbits/sec(Kbps) and/or KBytes/sec(KBps)
Can show maximum bandwidth consumed on each interface since start of
utility
Can show average bandwidth consumption on each interface since start of
utility
The output with all features (max, avg and display in Kbps and KBps) easily
fits on a 80x24 console or xterm
Can interactively change its output display format depending on key pressed
by user.
You can create a menu of options for someone to choose from in a
Bash script using the select construct. E.g., the following
Bash script will present a text-based menu with three choices:
"Option 1", "Option 2", and "Option 3".
#!/bin/bash
# Bash Menu Script Example
PS3='Please enter your choice: '
options=("Option 1" "Option 2" "Option 3" "Quit")
select option in "${options[@]}"
do
case $option in
"Option 1")
echo "You chose option 1"
;;
"Option 2")
echo "You chose option 2"
;;
"Option 3")
echo "You chose option 3"
;;
"Quit")
echo "Quitting the program"
break
;;
*) echo invalid option;;
esac
done
When the script is run, it will display the following text:
1) Option 1
2) Option 2
3) Option 3
4) Quit
Please enter your choice:
If the person running the script types "1", the script will display "You
chose option 1". It will display "You chose option 2", if he/she types "2",
"You chose option 3", if he/she types "3" and, if he/she types "4", will
display "Quitting the program" and then exit from the script. Hitting any
other key will cause the script to display "invalid option" while allowing
the user to type another key for one of the other options.
By setting the PS3 variable you can control the prompt that
is displayed to the user. If it wasn't set, the user would see a default prompt,
which is #?, displayed, instead, as shown below:
1) Option 1
2) Option 2
3) Option 3
4) Quit
#?
The select construct has the following format:
select Word in Array
do
commands-for-options
done
Word and Array are names of your choosing. If you are
unfamiliar with what an array represents, think of it as a collection of items.
You can think of it as a list, though in computer programming languages those
are not necessarily synonymous. You can find more information at
Bash
Arrays.
In the example above, I chose "Option" for Word and
"Options" for the array name. The array, i.e., the list of options, was created
with the following command:
options=("Option 1" "Option 2" "Option 3" "Quit")
The first element of the array, which contains 4 elements in this case,
is "Option 1", the next "Option 2", etc.
The ${options[@] in select option in "${options[@]}"
returns each item in the array as a separate word.
Between the case $option in and esac
(case reversed), I can insert the commands to be carried out for each option
that is selected. Including a *) allows the script to take some
action when any key not associated with a valid option is typed.
Each clause in the case statement must be terminated with ";;". Each case
statement is ended with the esac statement. For further information on the
case statement, see
Using
case statements in Machtelt Garrels
Bash Guide for
Beginners.
Bash is a common
shell on Unix and Linux systems and is the default shell when you open the
Terminal application
on a Mac OS X system. And even
Microsoft has announced that it will provide a Bash shell in the Windows
10 Anniversary Update, which is expected to be shipped this summer. So you
can create text-based menus using this method on a variety of operating
systems.
If you need to produce a sequence of sequential or random numbers on a Mac OS X
or Linux system among the options available to you are the
seq or jot
commands, or you can use "brace expansion".
Seq
E.g., if you want to generate the numbers from 1 to 15 in increments of 1,
you could use the seq command below:
In most cases, kernel panics are not caused by an issue with the
Mac itself. They are usually caused by software that was installed,
or a problem with connected hardware.
To help avoid kernel panics, install all available software updates
until Software Update reports, "Your software is up to date." OS X
updates help your Mac handle the kinds of issues that can cause
kernel panics, such as malformed network packets, or third party
software issues. For most kernel panics, updating your software is
all you have to do.
Apple has information on how to interpret what you find in the crash log
for an Intel-based system, such as a MacBook Pro, at
How to Read the Panic Log from an Intel-Based Mac. That article indicates
that you can determine the task name from which the current thread orginated
from the line that begins with "BSD process name corresponding to current
thread". Examining the crash report, I saw the following:
$ grep "BSD process name corresponding to current thread:" /Library/Logs/Diagnos
ticReports/Kernel_2016-05-05-122657_GSSLA15122293.panic
BSD process name corresponding to current thread: plugin-container
When I checked for any currently running processes associated with
"plugin-container", I saw the following:
I was using the Firefox web browser, version 38.7.0, at the moment
the system crashed, so that application appears to have, indeed, been
the culprit for the crash. I had a few Firefox windows and many tabs
open when the system crashed. When I logged in after it rebooted, I
reopened Firefox and chose to restore the prior session, but the system
did not crash again after that today.
If you would like a
graphical user interface (GUI) to view and manage
SQLite
databases, you can use
DB Browser for SQLite, which was
originally developed by Mauricio Piacentini of Tabuleiro Producoes as the Arca
Database Browser. The program was later modified to be compatible with
SQLite 2.x databases and rleased into the
public
domain. In 2014, the project was renamed to "Database Browser
for SQLite" at the request of Richard Hipp
, the creator of SQLite. The software is available for Microsoft Windows,
Apple OS X, and Linux systems. You can use it to view the records in tables
in existing databases, add new records to tables, etc.
ImageMagick is a free and open-source software suite widely used on
Linux systems for displaying, converting and editing images. It is also
available for many other platforms, including Apple's OS X and iOS operating
systems and Microsoft Windows. A code execution bug was recently found in
the software by Nikolay Ermishkin.
Another security researcher, Ryan Huber, reports that the bug would allow
a malefactor to create a malformed image file that when uploaded to a web
server that processes images with ImageMagick, e.g., to resize an image
uploaded by a website visitor, can cause the server to execute code
embedded in the image by the malefactor. Huber stated that the exploit is
trivial to implement so one should expect that many malicious individuals will
soon attempt to exploit the vulnerability to compromise websites.
If such individuals can compromise a website, they may then be able to
place code on sites that could infect unsuspecting website visitors with
other malicious software.
Huber advised website owners using ImageMagick for image processing on their
sites to check the
magic number in uploaded image files to
verify that an uploaded file is an image file. Wikipedia provides a list
of common magic numbers at
List of
file signatures. One reason for ImageMagick's popularity is that it
supports a large number of different file formats, supporting over 200 file
formats. You can find a list of the supported file formats at
ImageMagick:
Formats. If you have ImageMagic installed, you can check on which formats
it supports on the installed system by issuing the command identify
-list format.
To configure an Actiontec MI424WR-GEN router/firewall to permit an
RDP connection through to a system behind the firewall, you can take
the steps listed here
to configure the device for connections on either the standard RDP port of
3389 or a non-standard port of your choosing.
You may want to choose a nonstandard port to reduce the number of
break-in attempts on the port from systems on the Internet or in cases where
you have one public IP address for the outside of the router, but multiple
systems behind the router that need to be accessed by users via RDP.
A simple way to count the number of lines in a file on a Microsoft Windows system is by using the following command:
find /v /c "" somefile.txt
The /c option counts the number of lines while the
/v option displays all lines NOT containing the specified string.
Since the null string, i.e. "", is treated as never matching,
you should see the number of lines in the file displayed - see the
Stupid command-line trick: Counting the number of lines in stdin
article at Raymond Chen's Microsoft Developer Blog,
The Old New Thing for
an explanation of why this works and how a bug in the earliest
MS-DOS version
of the find command became a feature that remains to this day.
The MS-DOS operating system was an operating system for early
IBM
PC compatible personal computers provided by Microsoft long before
the company created Microsoft Windows. The operating system was commonly found
on
personal computers (PCs) during the 1980s to the mid 1990s. The operating
system was acquired by Microsoft from
Seattle Computer Products and modified by Microsoft to meet
the needs of IBM for its IBM PC
If you want to "cut" a file from one directory and "paste" it into another
directory under Apple's OS X operating system, you may expect the functionality
to work as it does under Microsoft's Windows operating system where in the
Windows
File Explorer you can click on a file to select it then right-click on
it, choose Cut, then right-click in some other folder and choose
Paste to move the file from one directory to another. In Apple's OS X
Finder application, if you highlight a file by clicking on it to
select it and then choose Edit expecting to be able to use
the Cut option you will find that option grayed out. The Cut
option is only available to you from the Edit dropdown list when
you have text highlighted that can be cut. E.g., you could cut text out of
the file's name, but you can't cut the file from the directory the way you
can under Microsoft Windows.
You can achieve similar functionality with keyboard shortcuts under
OS X, however. Click on the file you wish to cut from a directory to
highlight it, then hit the command-C keys. I.e., hit the
command and C
keys simultaneously. Then navigate to the directory where you wish to paste
the file and hit the command-option-V keys simultaneously. The
file will then be removed from its prior directory location and placed in the
new directory location.
On Apple OS X systems, if you want to identify the text color or background
color on an image or within a window, you can use the Digital Color Meter
application, which you will find in Applications/Utilities, as
a color picker. When you move the mouse pointer over the area containing
the color you wish to identify, you will see the color displayed within a
box in the Digital Color Meter and codes identifying the color. You can
select from the following color standards:
I had been noticing
setroubleshootd
frequently using a high percentage of the CPU's time on a CentOS Linux system
when I run top. E.g.:
top - 21:26:35 up 227 days, 6:13, 27 users, load average: 0.83, 0.90, 1.50
Tasks: 329 total, 3 running, 326 sleeping, 0 stopped, 0 zombie
%Cpu(s): 83.3 us, 16.5 sy, 0.0 ni, 0.0 id, 0.0 wa, 0.0 hi, 0.2 si, 0.0 st
KiB Mem : 1875896 total, 177868 free, 495072 used, 1202956 buff/cache
KiB Swap: 2113532 total, 958752 free, 1154780 used. 951776 avail Mem
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
22725 apache 20 0 42332 10400 2172 R 95.0 0.6 0:03.93 blosxom
22727 root 20 0 263660 41572 10032 R 95.0 2.2 0:03.96 setroubles+
22720 root 20 0 146260 2164 1360 R 2.5 0.1 0:00.62 top
13 root 20 0 0 0 0 S 0.9 0.0 641:26.32 rcu_sched
15 root 20 0 0 0 0 S 0.6 0.0 216:15.71 rcuos/1
24450 root 20 0 396436 7712 5180 S 0.6 0.4 9:58.86 httpd
418 root 20 0 0 0 0 S 0.3 0.0 107:26.61 xfsaild/dm+
639 root 20 0 0 0 0 S 0.3 0.0 104:29.30 xfsaild/dm+
657 root 16 -4 116708 496 316 S 0.3 0.0 45:09.63 auditd
674 root 12 -8 80220 440 256 S 0.3 0.0 31:45.76 audispd
1278 jim 20 0 142884 1100 820 S 0.3 0.1 0:28.74 sshd
1 root 20 0 196044 9296 2808 S 0.0 0.5 147:49.67 systemd
2 root 20 0 0 0 0 S 0.0 0.0 1:18.37 kthreadd
3 root 20 0 0 0 0 S 0.0 0.0 3:11.27 ksoftirqd/0
5 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kworker/0:+
7 root rt 0 0 0 0 S 0.0 0.0 7:26.68 migration/0
8 root 20 0 0 0 0 S 0.0 0.0 0:00.00 rcu_bh
The process shows up as setroubles+, i.e., setroubles with a plus sign at
the end, because the full process name, setroubleshootd, can't be
displayed in the 80 columns I have alloted for the terminal window.
I've also noticed hundreds of thousands of entries it has created in
/var/log/messages related to
SELinux
issues. I had switched SELinux from "enforcing" mode to "permissive" mode on
the system, due to web server application issues, so SELinux wasn't stopping
applications from running, but issues are being logged. I finally decided that
I at least needed to reduce the number of log entries being creatd
substantially, which will, hopefully, improve the responsiveness of the server.
I had fixed the
SELinux issue for one
application, CometChat recently, but I decided I needed to fix at least
some of the issues for other sites on the system, also, related to the
SELinux context for files under the public_html directory beneath user's home
directories.
When I viewed a page on the site this morning, the page took a long time to
load in my browser. I checked the
Apache access
log to see what it was showing in regards to site activity, since I had noticed
several web
crawlers, aka web spiders, accessing the site yesterday. Checking the
site's Apache access log for today, I saw that it was being crawled
by four web spiders simultaneously: baiduspider, bingbot, MegaIndex.ru,
and the linkdexbot. The first, baiduspider, is associated with the Chinese
search engine company, Baidu, and the second, bingbot, is Microsoft's web
crawler, which is used by its Bing search engine. The latter two, MegaIndex.ru
and linkdexbot are associated with search engine optimization (SEO) companies.
This morning, when I attempted to access an old blog posting to see
how I had resolved a problem in the past that I was experiencing again,
I saw a page displaying an "Internal Server Error" message. The page also
noted "More information about this error may be available in the server error
log. When I checked the Apache error log for the site, I noticed references
to the problem being linked to line 322 in the
calendar plugin
code for the
Blosxom blogging software I use on the site. I found the issue was related
to the the calendar plug-in's cache file being only zero bytes in
length. When I deleted the cache file it was automatically recreated,
which resolved the problem. I experienced the same problem a month ago on
March 22.
Vodafone Foundation Australia provides the free
DreamLab program to aid
Garvan Institute of Medical Research researchers in solving problems related
to cancer research using the processing power of idle smartphones. The
foundation estimates that problems that are part of the cancer research
puzzle may be solved 30 times faster if just 1,000 people use the app.
Help solve cancer while you sleep.
The Garvan Institute of Medical Research needs more computing power to speed
up cancer research. Donate the power of your smartphone to help, with DreamLab -
the flagship program of Vodafone Foundation Australia.
Download the app, choose how much data to give, and let your phone crack a
piece of the cancer puzzle as it recharges.
The
Garvan Institute of Medical Research is one of Australia's largest medical
research institutions with over 600 scientists, students, and support staff. The
institute conducts research on cancer, diabetes, osteoporosis, Alzheimer's
disease, Parkinson's disease as well as autoimmune and inflammatory conditions
such as rheumatoid arthritis, multiple sclerosis, asthma, and
Sjogren's syndrome,
a chromic automimmune disease in which the body's white blood cells destroy the
exocrine
glands. The institute developed a test that may predict the outcome of prostate cancer more effectively than the standard (PSA) test.
Genetic research is conducted by the institute and in
2014 the institute became one of three organizations in the world
able to sequence the entire human genome for less than $1,000 USD.
I recorded the audio for a talk on a subject of interest to me using
QuickTime Player version 10.4 (833.7) on my MacBook Pro laptop running OS X
10.10.5 (Yosemite). At the end of the talk, I stopped the recording
and clicked on File and then Save to save the audio
recording to the system's hard disk drive. When I did so, QuickTime
crashed. I sent the report to Apple.
Looking at the details for the report, I saw the cause listed as
follows:
Exception Type: EXC_CRASH (SIGABRT)
Exception Codes: 0x0000000000000000, 0x0000000000000000
Application Specific Information:
*** Terminating app due to uncaught exception 'NSInvalidArgumentException', reason: 'Cannot set outputURL to NULL'
terminating with uncaught exception of type NSException
abort() called
I needed to determine why a Remote Desktop Protocol (RDP) connection could not
be established through a NetScreen firewall to a Microsoft Windows system
on the trusted side of the firewall , so I logged into the firewall and set a
filter to capture traffic on port 3389, the port used for RDP connections.
I then turned "snooping" on by issuing the
snoop command, which led
me to realize that I was trying to connect to the wrong IP address.
I was using the rdesktop program on a Ubuntu Linux system to establish
the connection to the Microsoft Windows system. After I realized my error
regarding the destination IP address, I was able to establish the RDP
connection, but then received a
"Connect a smart card" message
when I got to the login screen and clicked on the relevant account. I
was able to log into the system, however, if I used the -p option
with the rdesktop command to supply the password for an account on the
Microsoft Windows system.
If you need to keep a SSH connection alive, e.g., when you won't be
entering any commands for awhile after logging into the remote system via
SSH, you can use the -o option with ServerAliveInterval
. You can specify the interval in seconds which will be used by the SSH
client to send
keepalive packets with -o ServerAliveInterval x
where x is the frequency for sending the keepalive packets. E.g.,
if I wanted the SSH client to send keepalive packets every minute (60 seconds)
to the remote SSH server, I could use a command like the one below when
establishing the SSH session:
$ ssh -o ServerAliveInterval=60 jdoe@example.com
By using this option, you should be able to reduce the likelihood that
your SSH connection will get dropped after a certain amount of time due to
no activity for the session.
You can also use the
ServerAliveCountMax
parameter with ServerAliveInterval to drop the connection, if the SSH
client hasn't received a response from the server to the prior "heartbeat"
signal when the time comes to send another keepalive packet. E.g., ssh
-o ServerAliveInterval=60 -o ServerAliveCountMax=1 jdoe@example.com
would result in the connection being dropped if the client was awaiting
a response to even one outstanding keepalive packet.
There is also a TCPKeepAlive option in
OpenSSH.
That option is used to recognize when a connection is no longer active due
to some problem such as the SSH client application crashing or a prolonged
network outage. If the SSH server never recognizes that the client is no
longer communicating with it, it will continue to allocate resources,
such as memory, for the connection. The option is turned on by default
in the OpenSSH configuration file /etc/ssh/sshd_config. You
will see the following line in that file:
#TCPKeepAlive yes
You don't need to uncomment the line by removing the pound sign, since
"yes" is the default value. The option causes
Transmission Control Protocol (TCP) to periodically
transmit keepalive messages. If it doesn't receive responses within the
expected time, it returns an error to the sshd process, which will then
shut down the connection. The purpose of this option is to prevent half-dead
connections building up over time and consuming more and more system
resources as the number grows. The keepalive interval is typically in the
order of hours rather than minutes to minimize the network load for the
server. If the keepalive period was made shorter, that would affect all TCP
connections on the system, not just the SSH ones, potentially increasing the
network load unnecessarily and also causing connections to be dropped even
for transient issues, such as a short and temporary network issue.
The TCPKeepalive option is for dealing with longer term issues for a
connection rather than the loss of connectivity due to firewall, proxying, or
Network Address Translation (NAT) timeouts.
You can specify the option on the command line at the SSH client end as
follows:
On a CentOS 7 server, I noticed that
setroubleshootd
seemed to be using an inordinate percentage of the CPU's time when I ran
the top command. When I
used the ausearch
command to query the audit daemon logs for entries that might have
been created by setroubleshootd, I saw references to the
cometchat/.htaccess file in a user's directory beneath the
directory where her Simple Machines Forum
(SMF) software resided. I also found tens of thousands of references
to that file in the /var/log/messages file. The server runs
Security-Enhanced Linux
(SELinux) and I found that I needed to update the SELinux context for
the file to stop such entries being logged.
On April 5, 2016, Adobe released security advisory
APSA16-01 (CVE number: CVE-2016-1019) for a vulnerability in the
Adobe Flash
Player . The vulnerability affects the player on Microsoft Windows, Apple OS
X, Linux, and Google's Chrome OS. The vulnerability affects all versions of
Windows from Windows 10 backwards through Windows XP. The vulnerability
exists in Adobe Flash Player 21.0.0.197 and earlier versions. The
vulnerability is currently being exploited "in the wild", i.e.,
malefactors are already taking advantage of the vulnerability to
compromise vulnerable systems. The vulnerability allows malefactors
to crash a system and even potentially gain remote control of the
system. The vulnerability is being used by the Magnitude Exploit Kit
to spread
Locky ransomware -
see
Zero-Day Attack Discovered in Magnitude Exploit Kit Targeting
CVE-2016-1019 in Older Versions of Adobe Flash Player.
A software change Adobe made in version 21.0.0.182 will prevent the
exploit from being successful, so users who have at least that version should
be safe from the exploit allowing their systems to be compromised, since on
versions 21.0.0.182 and 21.0.0.197, it will only cause a
crash1. But I would advise users to
upgrade to the current version of the Adobe Flash Player, which is
version 21.0.0.213. If you use multiple web browsers on a system,
you should ensure that each of them have the latest version of an Adobe
Flash Player plug-in, if you have Adobe Flash Player support
installed for the browser. You can check the version
of the Flash Player being used by a browser by visiting
Adobe's
www.adobe.com/software/flash/about/ page. Alternate methods for
checking the version of the Flash Player on Apple OS X systems can be
found at Determining the version of
Adobe Flash on an OS X system.
Microsoft Excel for Mac 2011 was crashing whenever I attempted to open it
on a MacBook Pro laptop I use. Whenever I attempted to reopen it, I would be
presented one by one with files to reopen that had been open when it crashed.
If I chose to reopen all of the workbooks, it would display the message "Not
enough memory." then crash again. The problem occurred even after
I closed other applications that were open and rebooted the system
to minimize the amount of memory used by other processes running
on the system.
The Bash shell, which is available on Unix, Linux, OS X,
and soon Microsoft Windows as well as
Microsoft has announced
support for Bash in the Windows 10 Annivesary Update expected to ship in
the summer of 2016, supports
arrays
, a commonly used programming
data type
for storing collections of elements. And with the
for loop
that is also available for Bash, you can iterate over the items in an array
that you create. Since Bash also supports arithmetic operations on numeric
values assigned to variables, you can perform arithmetic operations while
looping through the items in an array.
One means of sharing files between OS X systems such as MacBook Pro laptops
is to use the
Bluetooth wireless capability built into the systems. You can enable
Bluetooth file sharing by opening System Preferences then selecting
Bluetooth Sharing. Once you've enabled Bluetooth sharing on both
devices, you can send files from one to another or browse the Public folder
on one from the other. To share files and folders between devices using
Bluetooth, the devices need to be fairly close to one another, since the
range for Bluetooth short-wavelength UHF radio waves is typically less
that 10 meters (approximately 33 feet), though the maximum possible
range is about 100 meters (approximately 330 feet) - see
Bluetooth Range.
If I want to find all files with an HTML extension beneath the current
directory and its subdirectories, but skip one directory, on a Linux system, I
can perform a recursive search using the following command, which will
exclude the contents of the directory named "private" which is directly
below the current directory. The results will be placed in a file named
htmlfiles.txt.
The period immediately after the find, i.e., find .
tells find to start its
search from the current directory from which the command is being
executed; I could use something like find /somedir to start
the search in a different directory.
The -path ./private -prune -o tells find that for the directory
path that is ./private - the dot (.) represents the
current directory, so the path is the private directory below
the current directory - don't include it in the search, i.e., "prune" that
directory from the search path. Including
-prune indicates, if the file is a directory, do not descend into it.
But it is the "dash o", i.e., -o which ensures that nothing is
printed from within that directory.
When I want to convert a man page to an HTML file on an OS X
or Linux system, I pipe the man page file into
groff - see
Converting a man page to HTML,
PDF, text. I've used groff for that purpose on
CentOS, but,
when I tried that technique today on two
Ubuntu
Linux systems, I received the same "groff: can't find `DESC' file" error
message on both, which was followed by
"groff:fatal error: invalid device `html' (try installing the `groff' package?)"
Both systems were running
12.04 LTS (Precise Pangolin). I was able to resolve the problem by
installing the groff package with apt-get.
I needed to upgrade
CometChat on a web site using
Simple Machines Forum (SMF) where
CometChat provides an online chat feature for users of the forum. The prior
version of CometChat was very out-of-date at 4.4.0 - see
Checking the version
of CometChat installed on a forum for methods for checking the version -
The SMF software was at the current version, 2.0.11. Before commencing the
installation of the upgrade to the latest version of CometChat,
I backed up the database for
the SMF forum and all of its files. I was able to successfully install
the smf.zip file that was part of the upgrade package, but so
far have not been able to install the cometchat.zip file needed
to complete the upgrade.
When I checked the fail2ban log on a CentOS 7 server today, I found that
two IP addresses assigned to to a system or systems in China had been banned
385 times in the past week because of repeated failed attempts to break into
the system via Secure Shell (SSH) logins. The IP addresses were:
183.3.202.183
183.3.202.184
When I checked for whether others had noted hostile activity from those
IP addresses at the Internet Storm Center,
I found that others had reported such activity from the two IP addresses
starting on March 30, 2016 and continuing through today.
SQLite is provided by Apple with the current version of OS X; I don't know when
it was first included with OS X, but I know it has been present
from at least OS X 10.8.5
(Mountain Lion). If you open the
Terminal
application, which you can find in /Applications/Utilities,
and type which sqlite3, you should see the program.
I needed to know the last time crontab had been used to update the
cron table
(crontab) file for a user account on a
CentOS 7
system, since an expected output file from a cron job that should have
been created from the last modification to the cron file had not
appeared. On a CentOS Linux system, the crontab files can be found in
/var/spool/cron.
# ls -l /var/spool/cron
total 8
-rw-------. 1 jdoe jdoe 409 Apr 7 12:32 jdoe
-rw-------. 1 root root 542 Jan 1 2015 root
The files are used to schedule jobs to run periodically on the system and
can be edited with crontab -e. A crontab file for an account
can be viewed by issuing the command crontab -l while logged into
that account.
If you are using
CometChat with a
Simple Machines Forum (SMF) to provide
an online chat feature for users of the forum and wish to determine
the version currently on a Linux system, make the current working
directory the one in which CometChat is installed, e.g. cd
~/public_html/myforum/cometchat, if that is the directory where
CometChat is installed; the ~ will be translated by the
system to represent your "home" directory, i.e, the directory you are
placed in when you log into the system. Then search for "currentversion"
in the index.php file, which will be found in the
admin subdirectory beneath the cometchat
directory. In the example below, the version installed is 4.4.0.
You can also find the version by viewing the contents of the
CHANGELOG.txt file in the CometChat directory. The current
version will be listed near the top of the file with the new features
provided in that version.
$ more CHANGELOG.txt
-------------------------------------------------------------
CometChat Change Log
-------------------------------------------------------------
-------------------------------------------------------------
4.4.0
-------------------------------------------------------------
Features
+ Jabber/XMPP support
+ Inline popups for plugins/extensions
+ Desktop Messenger support
+ CometService/BeaconPush/APE enabled for chatrooms
+ Facebook chat login with your own Facebook application keys
+ Enhanced and simplified theming
+ Sleaker scroller
The CometChat website has a statement that "We provide support only
for the latest stable version. No support is provided for beta or older
releases."
If you need to create an audio recording, e.g., to record a lecture, etc.,
you can do so on a Mac OS X system using the QuickTime Player application
that you should be able to find in the /Applications directory
on the system. When you have completed recording, you can save the file
in the MPEG-4 Part 14 multimedia container format as a .ma4 file. If you
wish to convert the file to another format, you can convert it with
iTunes or the afconvert utility
that comes with the OS X operating system.
You can encrypt a directory, aka folder, on a Microsoft Windows system
so that it's contents can't be accessed by others even if they boot
the system with an alternate operating system from a CD or USB flash
drive or remove the drive and put it in another system, so that Windows
file permissions that might otherwise apply can't be bypassed. To encrypt
a folder and its contents, right-click on the folder within the Windows
File Explorer and choose Properties then click on the Advanced
button and then click on the check box next to "Encypt contents to secure
data". You will be asked to confirm that you wish to proceed with the change
to the folder's attributes. Proceed, applying the changes to the folder, its
subfolders, and the files within it.
Yesterday, someone reported to me that she was unable to send a document
she had scanned from within Adobe Acrobat using Thunderbird, which is
the email client she uses on her Microsoft Windows 10 desktop system. She
said she had contacted Adobe support and followed the instructions given
to her by the support person, but those instructions had not resolved
the problem and she still could not send email from within Adobe Acrobat.
I found the problem was due to Acrobat attempting to use the default mail
application on the system, which was Microsoft Outlook, which she didn't
use, so was likely not even configured for an email account. After I made
Thunderbird the default mail application on her system, she was able to
send a file she had open in Acrobat via email from within Adobe Acrobat
using Thunderbird.
If you need to verify the authenticity or legimacy of a program on a
Microsoft Windows system, e.g., if you need to check whether the program
has remained unaltered since it was provided by the developer or check
that it came from the developer it is purportedly from, you can use
Windows PowerShell cmdlets to give you a greater degree of confidence.
Oftentimes a developer website will list a
cryptographic hash code for a file. The cryptographic hash code allows you
to verify that a program that you have on a system is an unaltered copy of
the program as it was delivered by the developer, since changing even a
single character/byte in a file will result in a different hash code being
calculated for the file when it is checked by a program that can calculate
hash codes for files. To calculate a cryptographic hash code for a file,
you can use a program like
md5sum or,
on a Microsoft Windows system, you can obtain a
SHA-256
hash code value for a file from a
Windows PowerShell prompt using the
Get-AppLockerFileInformation cmdlet.
If you run a server that is accessible to anyone on the Internet, you
should expect that many people and bots will attempt to break into the
system, which is why you should ensure that all accounts have strong
passwords. Many attackers will use a dictionary attack where they pair
common account names, such as root, admin, administrator, etc. with every
word in a dictionary. Or they may even pair a "name dictionary" with a
dictionary for a particular language, such as English. Such dictionaries
can be readily found on the Internet. Name dictionaries may be used by
expectant parents looking for a name for their yet to be born child,
but a malefactor may use such a dictionary as well as part of an attack
against a system. E.g., an attacker may start with abe as a username and
then try every word in an English language dictionary as a password. If
he can't get in using abe as the user name, he might next try al, alan,
ann, arthur, etc. going all the way up to names that start with the letter
"z". Certainly pairing each name with every word in a dictionary would
take an inordinate amount of time, if someone manually typed each username
and password combination, but there is no need for an attacker to manually
make guesses in an attempt to compromise a system. Instead, he can use
a program that will read entries from dictionaries and submit them to
the system under attack. A program can potentially submit thousands of
guesses a minute if there is sufficient bandwidth between the attacking
and attacked systems and sufficient CPU power on both systems. If you are
responsible for a server, you are unlikely to want an attacker to have
unlimited attempts to break into the system. The attacker will be using
bandwidth to your server and system resources, such as CPU cycles, even
if he never manages to break into the system. And, if even one user has
a weak password, such as a dictionary word, sports team name, car name,
etc., which may also be in a dictionary used for password guessing,
granting an attacker unlimited attempts to try breaking in may result
in the attacker being successful. One way to preclude an attacker from
being able to submit an unlimited number of password guesses is with
fail2ban.
Microsoft announced yesterday that the
Windows 10 Anniversary Update, which is expected to be shipped this summer,
will include support for the
Bash shell commonly provided on
Unix and
Linux systems
as well as with Apple
OS X systems.
Microsoft had previously provided software called
Windows
Services for Unix (SFU), which provided a Unix subsystem for Microsoft
Windows systems, but discontinued that software.
Last year the Microsoft PowerShell Team announced that Microsoft was
going to provide SSH server software, a staple for remote management of
Unix and Linux systems and server software available by default with OS X.
I would certainly be appreciative of having the same command line tools,
such as AWK,
grep, etc. available under a
Bash shell on Linux systems on Microsoft Windows systems, also. And, since I
usually install a third-party SSH server application, such as
Bitvise SSH Server,
Copssh,
freeSSHd,
PowerShell SSH Server for Windows, or
SilverSHield, to be
able to remotely connect to Microsoft Windows for command line troubleshooting, I'm hoping that will be available by some this year or next as well, though
I'm not aware of the date it is expected to become available.
When I attempted to connect to a wireless network, after changing a password
for authenticating with systems in use at a location, when I arrived at that
location today with my MacBook Pro laptop, I found that instead of
connecting to the wireless network at that location automatically,
I was not able to establish a connection to the WiFi network. When
I checked the Network settings under System Preferences, I found
that for the Wi-Fi connection it was showing "Self-Assigned IP" with the
message "Wi-Fi has the self-assigned IP address 169.254.57.115 and will not
be able to connect to the Internet. For that network, the laptop needs to
authenticate with
802.1X
to gain access to the network." But the status for 802.1X was stuck at
"Authenticating." I was able to successfully authenticate after changing
the "802.1X Password" for the wireless network through the Keychain
Access utility.
If you wish to calculate a total size for all files in a directory on
a Unix, Linux, or Mac system running Apple's OS X operating system,
two ways to do so are by using the awk utility or with the Python
programming language. E.g., ls -l example | awk '{sum +=$5} END
{print sum}'. For a Python solution, you can use the
dirsize.py
program.
If you wish to have a program run whenever a
user logs into the system, then you can add an entry to
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
in the Windows Registry, assuming you are logged into
the system as the user for which you wish to have the program run at logon at
the time you add the entry to the registry, so that
HKEY_CURRENT_USER (HKCU), which applies to the currently logged in user,
applies to that user's account.
One way you can add a new entry in the registry for a program to run when
the user logs in is to use the regedit program
that comes with the Windows operating system and which is normally found in the
C:\Windows directory.
If you need to know a saved wireless network password on a system running
Apple's OS X
operating system, e.g. a MacBook Pro, you can do find that
information using the Keychain Access program found in
Applications/Utilities. To find the information using that
utility, open it, then click on Edit then Find and
search for the
SSID for the wireless router or click on Passwords under
Category in the left pane of the window and look for it in the
list you will see. You can then double-click on a relevant entry to see
the password/key. Alternatively, you can use the command line
security program with the find-generic-password option
to display the password.
If you wish to exclude lines containing a specified pattern when using the
grep command
on a Unix,
Linux, or
OS X system,
you can do so using the -v or --invert-match. option.
-v, --invert-match
Invert the sense of matching, to select non-matching lines. (-v
is specified by POSIX.)
E.g., suppose I have a file names.txt containing the following
names:
$ cat names.txt
John Smith
Paul McCartney
Bob Jones
Allen Smith
Greg Smith
Bob Smith
Carl Smith
John Doe
If I want to view all lines except for those containing "Allen", I can
use grep -v "Allen" names.txt. But what if I want to exclude
more than one pattern, e.g. any line containing "Allen" or "Bob". I could
pipe the output of one grep command to another grep command with
grep -v "Allen" names.txt | grep -v "Bob". Or you can perform
a logical disjunction using the
"pipe"
character, i.e., "|", aka a "vertical bar".
$ grep -v "Allen\|Bob" names.txt
John Smith
Paul McCartney
Greg Smith
Carl Smith
John Doe
$
In the above example, I am instructing
grep to ignore any lines
containing either Allen or Bob in the line. Because the pipe character has
another meaning to the Bash shell, i.e., it is used by the shell to "pipe" the
output of one command to another with the output of the first command becoming
the input of the second, its meaning must be "escaped" to be processed by
grep as a logical disjunction symbol. That is done by preceding the character
with a
backslash, which is an
escape character.
When I attempted to access blog postings on this site where I use
Blosxom for the blog,
I saw the message below:
Internal Server Error
The server encountered an internal error or
misconfiguration and was unable to complete
your request.
Please contact the server administrator at
webmaster@moonpoint.com to inform them of the time this error occurred,
and the actions you performed just before this error.
More information about this error may be available
in the server error log.
I was able to access webpages that were not blog postings. When I checked
the site's error log file, I saw many entries similar to the following
indicating that others were experiencing the same problem when accessing
the site:
[Tue Mar 22 11:43:12.276013 2016] [cgi:error] [pid 24979] [client 136.243.36.80:
52035] AH01215: Magic number checking on storable file failed at /usr/lib64/perl
5/vendor_perl/Storable.pm line 381, <DATA> line 32, at /home/jdoe/public_html/su
pport/blog/plugins/calendar line 322.
I use a Blosxom
calendar plugin, so I checked line 322 in the calendar plugin file and
found the following code:
The line starting with "$cache" is line 322. I checked the cache file
for the plugin which is under the plugins/state directory
for the blog software and saw it was zero bytes in length.
# ls -al /home/jdoe/public_html/support/blog/plugins/state/.calendar.cache
-rw-r--r--. 1 apache apache 0 Mar 22 11:42 /home/jdoe/public_html/support/blog/plugins/state/.calendar.cache
So I deleted the file; it will be recreated automatically when the blog
is accessed after it is deleted.
# rm /home/jdoe/public_html/support/blog/plugins/state/.calendar.cache
rm: remove regular empty file ‘/home/jdoe/public_html/support/blog/plugins/state/.calendar.cache’? y
Deletion of the .calendar.cache file fixed the problem. When
I refreshed the page in my browser for a blog posting from years ago I
had been attempting to view I could then see it and access other blog
postings as well. I also saw the file had been recreated.
# ls -al /home/jdoe/public_html/support/blog/plugins/state/.calendar.cache
-rw-r--r--. 1 apache apache 94578 Mar 22 21:54 /home/jdoe/public_html/support/blog/plugins/state/.calendar.cache
After installing the VLC media player on a Mac
OS X system, if you wish to save a song that you have been listening to
from one of the Internet sources it lists, such as Jamendo Selections, you
can do so through its Streaming/Exporting Wizard. The wizard will
give you the option to save the song in a number of file formats, e.g.
Ogg, for a song, to the hard drive of the Mac or an external device attached
to it.
If you want to know which application is listening on a particular
network port on a Microsoft Windows system, e.g., port 80, the port used
for HTTP connections to a web server, you can obtain that information
from a command line interface (CLI) by
obtaining a command prompt and
using the netstat and tasklist commands which are provided with the
operating system; you do not need to install any additional software,
though there are programs that will allow you to view that information
from a graphical user interface (GUI).
If you wish to connect to a
Socket Secure
(SOCKS) proxy server from a system running Apple's OS X operating
system, you can do so through the Network option from System
Preferences by clicking on the Advanced button, then
selecting the Proxies tab and then checking the check box next
to SOCKS Proxy and providing the relevant values or you can use
the networksetup command
to configure SOCKS proxy server support from a command line interface
(CLI), e.g. a Terminal window.
If you need to determine the currently connected WiFi network from a
command line interface (CLI), aka a shell prompt, on an Apple OS X
system, e.g., a MacBook Pro laptop, you can do so by opening a Terminal
window (the application is in /Applications/Utilities) and
issuing the command networksetup -getairportnetwork wifi_device where wifi_device is the port used for wireless connections
on the system. You can determine the hardware port used for Wi-Fi
connectivity on the system by issuing the command
networksetup -listallhardwareports and then piping its
output into the grep command looking for
Wi-Fi in the output and when it is found displaying that line and
the two lines after it. E.g., in the example below, en0 is the
relevant device interface for wireless connections and the
SSID for the currently connected Wi-Fi network is "Hogwarts".
The grepcommand-line utility found on
Unix,
Linux, and
OS X
systems can be used to extract
strings from files or other data input to the command.
As an example of extracting digits from a string, suppose I have the
following text that contains a version number between
<string> and </string>:
<string>14.6.0</string>
I only want to see the 14.6.0, so I can use the grep
command with the -o option to specify I ony want the text
that matches a specified pattern displayed. The pattern I can use is
'[0-9.]\+'.
When I booted an eMachines 250-1162 netbook running
Ubuntu 12.04 today, I was able to tab between fields on a webpage, but the
touchpad
was not working - I could not move the mouse pointer. I hit the
Ctrl-Alt-F2
keys simultaneously to obtain a
console
window where I entered the following command:
I then switched back to the
graphical
user interface (GUI) console by hitting Ctrl-Alt-F7. I was then
able to move the mouse pointer using the touchpad.
On a CentOS 7 Linux system, I could issue the command hostname
and see the name for the system displayed.
# hostname
moonpoint
Yet, if I tried entering any option for the command, I received the
error message "Name or service not known".
# hostname -a
hostname: Name or service not known
# hostname -i
hostname: Name or service not known
# hostname -f
hostname: Name or service not known
# hostname --fqdn
hostname: Name or service not known
I wanted to determine the user name under which PHP was running for a
WordPress blog on a hosting site. To do so, I placed a PHP script,
whoami_here.php, in the home folder for the WordPress installation
and then accessed the webpage for that script via a browser, e.g.
http://example.com/whoami_here.php.
There are a variety of methods you can use to check on which account
PHP is running under, e.g., <?php passthru("whoami"); ?>,
though some methods may not work on some systems.
Microsoft® Excel® for Mac 2011 (Version 14.6.0) crashed and
when it reopened it crashed again. When it reopened, I saw
the message "Microsoft Excel quit unexpectedly. Click Reopen to
open the application again. Click Report to see more detailed
information and send a report to Apple."
I was able to stop it from continually crashing by choosing not to reopen
all of the spreadsheets that had previously been opened. When it displayed
the message "This workbook contains macros. Do you want to disable macros before
opening the file?", I chose "Do Not Open" for some of the workbooks that
previously had been open.
I was then able to successfully open the application and continue working
on other workbooks that had been open in Excel.
I checked for the crash logs related to the problem in
~/Library/Logs/DiagnosticReport.
I saw two crash reports for today, March 11, 2016.
$ ls ~/Library/Logs/DiagnosticReports/
Google Chrome_2016-02-24-131912_GSSLA15122293.crash
Microsoft Excel_2016-03-11-114210_GSSLA15122293.crash
Microsoft Excel_2016-03-11-141557_GSSLA15122293.crash
PGP Engine_2016-02-22-212124_GSSLA15122293.crash
When I checked both Excel crash reports, I found that the cause was logged as
a stack overflow. I looked for the line that immediately follows the
"Application Specific Information:" line in the files, which is why I used
the -A 1 argument to the
grep
command.
Adobe has released an emergency update for its
Flash
media player which contains fixes for about two dozen
critical
vulnerabilities. Adobe defines a critical vulnerability as "A
vulnerability, which, if exploited would allow malicious native-code
to execute, potentially without a user being aware.
Adobe Security Bulletin ASP16-08 lists the following
Common Vulnerabilities and Exposures (CVEs) addressed in the new release:
If you need to determine what
Network Time Protocol (NTP) server is being used on an Apple OS X
system from a command line interface (CLI), aka a shell prompt, you
can use the systemsetup
command with the -getnetworktimeserver option.
$ sudo systemsetup -getnetworktimeserver
Password:
Network Time Server: time.example.com
If you wish to set the time server you can use the
-setnetworktimeserver command, e.g.:
The Apache HTTP server software supports many features
via compiled
modules which extend the core functionality of the web server software.
Modules support various authentication methods,
URL
rewriting, proxying, etc. You can check on what modules are loaded
using the command httpd -t -D DUMP_MODULES or with PHP using
apache_get_modules().
To view the host name for a Linux or
OS X system you
are logged into, you can use the
uname command
with the -n option. On a Linux system, you can also use
--nodename in lieu of -n, but
--nodename won't work on OS X. If the host name has not been set,
you will see localhost.localdomain displayed.
$ uname --nodename
localhost.localdomain
You can also use the
hostname command on a Linux or OS X system to show or set the host name. To
show the host name, issue the command without any parameters
$ hostname
localhost.localdomain
On some versions of Linux, e.g.,
CentOS and
Ubuntu, you can also view the host name using the
sysctl
command; it won't work on OS X, however.
On a Microsoft Windows system, you can obtain a list of all processes that
are currently running from a command line interface (CLI) using the
Windows PowerShell cmdlet get-process. To see all running
processes, obtain a PowerShell prompt and type get-process.
Handles: The number of process handles that the process opened. A
handle is an integer that Windows assigns to processes. For instance, each
process thread is typically assigned a handle.
NPM(K): Non-paged memory the process is using, in kilobytes.
PM(K): Pageable memory the process is using, in kilobytes.
WS(K): Process working set, in kilobytes. The value refers to the number of
memory pages that the process recently accessed.
Sometimes you may need to determine the number of work days from one date
to another in a Microsoft Excel,
Google Sheets, or
Apache
OpenOffice Calc spreadsheet. E.g., you may need to exclude Saturdays,
Sundays, and holidays from a calculation. All three spreadsheet programs provide
a WORKDAY function that you can use to calculate dates based on
business work days rather than just the total number of days from a start
date. For Microsoft Excel on both Microsoft Windows and OS X and Google Sheets,
the syntax for the WORKDAY function is as follows:
WORKDAY(start_date, num_days, [holidays])
For OpenOffice Calc, you need to separate the parameters with a semicolon
rather than a colon. I.e.:
WORKDAY(Start_date; num_days; [holidays])
If you separate the parameters with a comma in Calc, it will display
Err:508.
"Holidays" is enclosed in brackets to indicate it is an optional parameter, you
would not actually include the brackets if you specified holidays.
The arguments to the function have the following meaning:
Start_date - Required. A date that represents the starting date for
a calculation
num_days - Required. The number of nonweekend and nonholiday days before
or after the start_date. A positive value yields a future date while a negative
value yields a past date.
holidays - Optional. An optional list of one or more dates to exclude
from the working calendar, such as state and federal holidays and floating
holidays. The list can be either a range of cells that contain the dates
or an array constant of the serial numbers that represent the dates.
E.g., I need to determine the date when work requests that should
be completed within 5 business days after approval should be completed.
I can display the required implementation date for each request in a
worksheet by using the formula =WORKDAY(cell,5) where
cell holds the approval date. E.g., if the approval date is in cell
A2, I can set the formula for the required implemenation date to be
WORKDAY(A2,5) for Excel or Google Sheets or
WORKDAY(A2;5) for Apache OpenOffice Calc.
If there was no date in cell A2, Excel will display January 6, 1900
in the cell holding the implemenation date, e.g. 1/6/00, if
the date format is D/M/YY (day/month/2-digit year), but OpenOffice Calc
and Google Sheets will display January 5, 1900. Microsoft Excel stores
dates as sequential serial numbers so they can be used in calculations
and, by default, uses January 1, 1900 as serial number 1. If you have a
date field containing January 1, 2008 that is equivalent to 39,448, which
you would see if you put that day in a cell formatted to hold a date then
changed the format to be a number. January 1, 2016 is 42,370. January 1,
2008 is 39,448 days after January 1, 1900 and January 1, 2016 is 42,370
days after that date.
Why do Google Sheets and Apache OpenOffice Calc show January 5,
1900 as the calculated date when there is no date in the start_date
field while Microsot Excel displays January 6, 1900? Long before Microsoft
became a dominant player in the spreadsheet market,
Lotus 1-2-3
from
Lotus Development Corporation was a dominant spreadsheet in the personal
computer market. There was a bug in Lotus 1-2-3 due to the developers
assuming that the year 1900 was a leap year; it was not. When Microsoft released
Excel they had to compete with Lotus 1-2-3, the then dominant spreadsheet for
personal computers, so Microsoft needed to ensure that spreadsheets created in
Lotus 1-2-3 returned the same results in Excel, so for compatibility retained
the incorrect assumption regarding the year 1900 - see the Microsoft article
Excel incorrectly
assumes that the year 1900 is a leap year and
Excel Date Conversion (Days from 1900) regarding making an allowance for
that incorrect assumption. Google Sheets and Apache OpenOffice Calc did not
retain that incorrect assumption regarding the year 1900 and so you will
see January 5 used in certain calculations in those spreadsheets where
January 6, 1900 is used by Exel, which is why sometims you may get
differing results for date calculations between those spreadsheet
programs.
If an argument to the workday function is not a valid
date, e.g., 2/30/16 for February 30, 2016, which is not a valid date,
you will see #VALUE! displayed by the function in all three
spreadsheets. In all three spreadsheets, if days is not an integer, the
number is truncated to an integer value. E.g., if you used the formula
=WORKDAY(A2,5.7) you would get the same result as entering
WORKDAY(A2,5).
If you wish to download a web page with a
Python
script, you can imput the urllib2 module into a Python
script as explained at
Downloading a web page with Python. I've modified the script posted there
to allow the webpage
URL
and output file name to be specified as command line arguments to the
script:
#!/usr/bin/python
# download_page
# download a webpage to a specified file. The script takes two parameters:
# the URL of the page to download and a file name to be used to hold
# the downloaded web page.
import urllib2, sys
try:
sys.argv[1]
except IndexError:
print "Error - URL missing! Usage: ./download_page.py download_page_url outfile"
sys.exit(1)
else:
url = sys.argv[1]
try:
sys.argv[2]
except IndexError:
print "Error - missing output file name! Usage: ./download_page.py download_page_url outfile"
sys.exit(1)
else:
outfile = sys.argv[2]
page = urllib2.urlopen(url)
source = page.read()
downloadFile = open(outfile, 'w')
downloadFile.write(source)
downloadFile.close()
The sys module is imported to check the command line
arguments using sys.argv[x], where x. is the
number specifying the argument; sys.argv[0] is always the
name of the script itself, in this case
download_page.py, so sys.argv[1] should be the URL of
the webpage to be saved and sys.argv[2] the file name for
the output file. The file name can contain a location for the output file, e.g.,
mydir/somepage.html. If a directory is specified with the
file name, the script doesn't check to ensure the directory exists and
will exit with a Python "No such file or directory" error message should
that error occur. If no directory path is included with the file name,
the directory from which the script is run will be used to store the
downloaded webpage.
The script will print error messages if the URL and output file name are
omitted from the command line. It can be run using python
./download_page.py or ./download_page.py, if for the latter
option you have first changed the
file permissions on the program to mark it as executable, e.g., with
chmod 755 download_page.py.
My wife informed me this morning that someone had commented on a site
she visits regularly that Google is now providing a kid-friendly version
of its search engine, Kiddle. I hadn't heard of the site and when I checked
I found that the site isn't owned or operated by Google, but, instead, was
developed by someone else based on the Google Custom Search capability, i.e.,
it relies on Google's search engine, but with its own custom filters to
eliminate results that may be unsuitable for young children.
PuTTY is a
free and open source network utility that allows you to establish
Telnet and
Secure
Shell (SSH) connections to servers. It is commonly used on Microsoft
Windows systms, but is also available for
Linux and
Apple OS X
systems. You can use it for interactive SSH logins where you provide a
userid and password to authenticate with an SSH server, but you can also use
it for public key-based logins where the server has a public key
that is matched against a private key stored on the system from which you
are connecting. By a mathematical calculation based on large
prime
numbers, the public key and private key can be matched with one another
as a means of authenticating the login.
The rsync utility, which
is available for Unix, Linux, OS X, and Microsoft Windows systems, can be
used to synchronize files and directories on two systems. Rsync is widely used
for mirroring one system to another, for backups, and for copying files
and directories. If files to be transferred already exist at the destination
system, but are older versions, the tool contains a delta-transfer algorithm
that reduces the amount of data that needs to be sent over a network when using
it to transfer files to another system over a network; the algorithm allows
rsync to send only the differences between source and destination files rather
than entire files. By default, rsync determines if files need to be transferred
by using a "quick check" algorithm that looks for files that have changed in
size or in last-modified time. The utility will copy links and devices and
will preserve owner and group permissions on files and directories. Rsync
also has an option to exclude specified files and directories from the
synchronization operation. It can can use any transparent remote shell,
including
Secure Shell (SSH) or remote shell (rsh).
After a specified period of time Windows 10 will put the monitor to
sleep, so the display will go black and you will need to re-enter your userid
and password to get access to the system again. This behavior can be
changed either via a
graphical user interface (GUI) or by using the command line utility
powercfg. For the GUI method, right-click on the desktop and
select Display Settings then click on Power & Sleep and
then change the value for "When plugged in, PC goes to sleep after". For
the command line method, from a command prompt enter the command
powercfg -change -monitor-timeout-ac x where x
is the timeout value in minutes. E.g, for a timeout value of one hour, you
could use powercfg -change -monitor-timeout-ac 60. If you use
zero for x, that is the same as setting the value to "Never" via the GUI method.
This morning at 8:12 AM my time I received a call from someone speaking
with what sounded like an Indian accent who claimed to work for the
U.S. Internal Revenue Service (IRS) asking me if I was aware
that a warrant had been issued in the state of Maryland by the IRS for my
arrest. Since I have not received any correspondence recently from
the IRS by postal mail and it seemed unlikely an IRS employee would call
me to notify me that a warrant was issued for my arrest, I was angered,
but not worried by the call. I asked the caller where he was calling from
and he said he was located in Washington D.C., which is, of coure, the location
for the IRS. I asked for the calling phone number and he told me
1-800-829-1040. I was so irked by what seemed like an obvious
scam attempt that I didn't let him go through his whole spiel
to learn the details of how the scam was conducted. Instead, I
simply told him that the call seemed like a scam and he seemed
like a fraudster. He immediately responded with profanity and
hung up; his knowledge of American profanity at least seemed good.
Section 10
Taxpayer Contact of Chapter 1 of Part 5 of the Internal Revenue
Manual states that it is a violation of IRS policy for an employee to
use "obscene, profane, or abusive language", so that was only another
indicator that the call was fraudulent.
After he hung up, I used *69 on my phone to see what calling number was
reported. The calling number reported was 1-800-829-4933. That number and
the one he gave are actual IRS numbers. The 1-800-829-4933 number is the
IRS main taxpayer assistance line listed at
How to Get Tax Help from the IRS and the 1-800-829-4933 one is the
one listed on that same page for taxpayers to call with small business-related
questions. However, it is common for telemarketers and scammers to spoof
the calling number. Unfortunately, it seems that is fairly easy for them
to do. E.g., often when I receive telemarketing calls to my mobile phone I
notice that the first six digits of the calling number match those of my
phone, but if I call the number back, the person who that phone number
actually belongs to will answer and knows nothing about such calls.
Telemarketers spoofing calling numbers is a common way to make it more
difficult for people to identify the actual originating phone number when
they file a complaint, but also telemarketers will spoof a calling number
to make it more likely that the callee will think that he/she is receiving
a local call and thus answer the phone. Con artists will spoof a calling
number from a legitimate business, organization, or government agency
to dupe a callee into thinking the call is legitimate.
The Internal Revenue Service today warned consumers about a
sophisticated phone scam targeting taxpayers, including recent immigrants,
throughout the country.
Victims are told they owe money to the IRS and it must be paid promptly
through a pre-loaded debit card or wire transfer. If the victim refuses to
cooperate, they are then threatened with arrest, deportation or suspension
of a business or driver’s license. In many cases, the caller becomes
hostile and insulting.
The article notes "that the first IRS contact with taxpayers on a tax
issue is likely to occur via mail", which is what I would expect and lists
the following characteristics for the scam:
Scammers use fake names and IRS badge numbers. They generally use
common names and surnames to identify themselves.
Scammers may be able to recite the last four digits of a victim’s
Social Security Number.
Scammers spoof the IRS toll-free number on caller ID to make it
appear that it’s the IRS calling.
Scammers sometimes send bogus IRS emails to some victims to support
their bogus calls.
Victims hear background noise of other calls being conducted to
mimic a call site.
After threatening victims with jail time or driver’s license
revocation, scammers hang up and others soon call back pretending to be
from the local police or DMV, and the caller ID supports their claim.
The article notes that you can file a complaint with the
Federal Trade
Commission (FTC), a consumer protection agency, regarding such
calls:
You can file a complaint using the
FTC Complaint Assistant; choose “Other” and then “Impostor Scams.” If the
complaint involves someone impersonating the IRS, include the words “IRS
Telephone Scam” in the notes.
Note: I found that I needed to select "Scams and Rip-offs" and then
"Impostor Scams", which is for "Someone posing as a well-known business,
a family/friend, or a government agency". After that I made the following
selections (it didn't sem to be as obvious as I would have expected how
one should file a complaint regarding someone pretending to represent
a U.S. federal government agency):
How were you contacted? Phone
Are you contacting us to complain about the company’s telemarketing
practices? No
Did the person: Pretend to be a representative or employee of a
local, state, or federal government?
You will then be taken to the "Information Collection" step where
"In just a few moments you will be able to tell your story in your own
words. But first we would like to collect some information." After I
completed the complaint submission process, I saw the following information:
Thank you for submitting your complaint to the Federal Trade
Commission. Based on the information you have given us, we believe the
following links to our consumer website may be helpful to you:
Sometimes I'd like to be able to save a list of what web pages are open
in the Safari browser's tabs. Using Apple's
AppleScript
scripting language it is possible to record that information to a text
file. The following script will create a text file that lists each Safari
browser window that is open and for each tab within a window, the title for
the webpage and the URL. The script will prompt for the location and name
for the file where you wish to store that information
(example output
file).
tell application "Safari"
set myFile to open for access (choose file name) with write permission
set windowNumber to 1
repeat the number of windows times
set myTabs to every tab of window windowNumber
write "----- Window Number " & windowNumber & " -----
" to myFile
set tabNumber to 0
repeat with aTab in myTabs
set tabTitle to name of aTab & "
"
write tabTitle to myFile
set tabURL to URL of aTab & "
"
write tabURL to myFile
set tabNumber to tabNumber + 1
end repeat
write "Window Number: " & windowNumber & " Number of tabs: " & tabNumber & "
" to myFile
set windowNumber to windowNumber + 1
end repeat
close access myFile
end tell
I often have a number of browser windows open with many tabs open in the
windows and wanted a way of producing a list of the open windows and the
tabs within each with the title and URL for each tab. I had a simple
AppleScript
script that will display Firefox
windows titles, but that just lists the active tab in each window whereas
I wanted a list of every tab's title and URL, so I created a new script for
Chrome that will create a text file containing that information.
On my prior MacBook Pro laptop running OS X Mountain Lion (10.8.5), there
was a speaker icon in the menu bar at the top of the system's screen which
appeared between the battery status indicator and the day and time display.
I could click on the icon and a slider bar would appear that would allow
me to adjust the volume or mute the audio by moving the slider to the bottom
position.
With my new MacBook Pro laptop running OS X Yosemite (10.10.5), there
was no speaker icon on the menubar that would allow me to adjust the
volume. I could adjust the sound volume or mute the audio from a command
line interface, i.e. a Terminal window using the AppleScript
osascript utility - see
Muting audio on OS X
from a Terminal window. But sometimes it would be easier to adjust
it the way I had before. The speaker icon representing a volume control
can be put on the menu bar at the top of screen by clicking on the Apple
icon at the top, left-hand corner of the screen then selecting System
Preferences, then selecting Sound. At the Sound window,
simply check the box next to "Show volume in menu bar".
Once I checked the check box, the speaker icon appeared between
the icon for WiFi conenctivity and the battery status indicator.
If you have a Microsoft Windows domain and want to determine the groups to which
an account belongs from a
command line interface (CLI), aka a command prompt, you can do so using
the DSQUERY and DSGET commands. The dsquery
command allows you to query the
Active Directory (AD) service according to specified criteria. E.g. the
dsquery user command finds users in the directory. By adding a
user name at the end of the command, you can view information for that user.
I needed to have a password reset email for an online account sent to an email
address other than the one designated for that account, so I set up
forwarding on the server where the designated account resided by using a
.forward file to forward the message on to the email address where
I wanted it to go as I've done
in the past when I needed to forward mail from a Linux system
that uses
Sendmail email program.. I wanted the email to go to
the inbox for the account it would normally be delivered to, but also be
forwarded to another account as well, but the email message wasn't forwarded.
I had created the .forward file in the home directory for the
relevant account with a command similar to the following:
I created the forward file while logged into the relevant user account,
so the file was owned by that account. The \jdoe ensures that
the email goes to the inbox for the account itself. Following it by a comma
and another email address results in the email also going to that second
address.
However, the email reset only went to the inbox on the system where I
created the .forward file. So I used the mailx
command to send some test messages. You can use the following syntax
to send messages with mailx: mailx -s subjectemail_address where subject is the subject you want
the message to have and email_address is the email address you
wish to use for the recipient. When you hit Enter, you can enter
text for the body of the message. Hit Ctrl-D to complete the
message. You will then see "EOT" and the message will be sent. E.g., I used
the following:
$ mailx -s 'Email forwarding test' jdoe
Just a test
EOT
You can also put whatever text you wish to put in the body of the message
in a text file and include it with < file where
file is a text file you wish to use for the body of the message. E.g.:
mailx -s 'Forwarding Test' jdoe < mymessage.txt.
But the test messages I sent didn't reach the forwarding address. During
testing, I realized that because I hadn't changed the default permissions for
the .forward file, forwarding wasn't actually occurring. When I
looked at the permissions on the file, I saw the following:
$ ls -l .forward
-rw-rw-r--. 1 jdoe jdoe 28 Feb 21 22:21 .forward
The file permissions
should be 644 whereas they were 664. I.e., not
only did the owner have read and write permissions, but so did the group. If
group has write permission rather than just read permission, then email
will not be forwarded by sendmail. When I changed the permissions with
chmod 644 .forward, forwarding worked and I was able to
receive test messages in the inbox for the account on the system, but
also at the remote inbox.
The VLC media player, which is a
free and open-source media player available for the
Windows, OS X, Linux, BSD, Solaris, Android, iOS, Chrome OS, Windows Phone,
QNX, Haiku, Syllable, and OS/2 operating systems provides a
convenient means to acces free music from
Jamendo,
a community of independent artists and music lovers that bills itself as
"the world's largest digital service for free music".
As of January 2015, Jamendo listed 460,000 tracks with more than 250 million
downloads since the launch of the platform. Jamendo is a
portmanteau
of "jam session" and "crescendo".
The music provided through Jamendo is free for personal use, so you can
download songs musicians have provided through the service legally. Jamendo's
goal is to link artists who want to share their music and music lovers around
the world. Jamendo provides an opportunity for the musicians that provide
their music to Jamendo to obtain revenue from
music synchronization licensing, i.e., the licensing of the right to
synchronize the music with visual media, such as film, television shows,
advertistements, video games, website music, movie trailers, etc., and through
licensing the music to be used as
background music
for films, TV, Internet video, such as
video
logs, aka vlogs, etc.
When I set up another website on a Linux host to use
Blosxom,
a Perl-based blogging system,
I encountered a few problems initially. I've been using Blosxom for this
site for twelve years now - I posted the first entry
Identifying a Motherboard from the Award BIOS String to the site on
February 22, 2004. It appealed to me because it was simple to set up and
use. Posts are just text files you can create in any text editor. But it
has been a long time since I set up a site using Blosxom and, though it is
fairly straight-forward to set up and configure, I had a couple of issues
to address after installing blosxom, one of which was just due to a
misconfiguration I made in
Apache's
/httpd/conf/httpd.conf file.
For webpages on this site, I used the following HTML code to center a
div on
the pages:
<div id="header" align="center">
That didn't produce any error messages when I used the
HTML 4.01
document type (doctype) declaration below as the first lines
in the HTML file when I checked the page for errors using the
W3C Markup Validation
Service.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
However, when I wanted to convert the pages to make them valid for HTML 5
and put
<!DOCTYPE html>
as the first line in the file, instead, I saw the following error message
reported by the validation service:
Thealignattribute on thedivelement is obsolete.
Use CSS instead.
From line 20, column 1; to line 20, column 32
↩↩<body>↩↩<div id="header" align="center">↩↩<scr
If you have an Apple system running Apple's OS X operating system, e.g.,
a MacBook Pro laptop, etc., the operating system already includes the
software needed to configure the system to function as an SSH server. You
merely have to enable the Remote Login feature under System
Preferences. Once you've accessed System Preferences, click on
Sharing and then check the check box for Remote Login and
decide which accounts should be granted SSH access to the system.
A serious vulnerability in the
GNU C Library,
commonly known as glibc, were widely reported today. The GNU C
Library is widely used on Linux systems and is used within routers
that rely on Linux for their firmware. The vulnerability is within the
getaddrinfo
function that converts domain names, hostnames, and IP addresses
between human-readable text and the structured binary formats
used by the operating system. The vulnerability permits a buffer overflow
attack to potentially allow the execution of arbitrary code on an affected
system by an attacker.
An attacker could take advantage of the vulnerability through a lookup on
an attacker controlled domain name or through compromised
Domain Name System (DNS)
servers, or via a
man-in-the-middle
attack where an attacker has the capabililty to alter DNS data flowing to/from
the vulnerable system and DNS servers.
The vulnerability has been given the
Common Vulnerabilities and Exposures (CVE) designation
CVE-2015-7547. The issue was detected by Google researchers investigating a
segmentation fault
issue they encountered with a
Secure Shell (SSH) application. The researches traced the issue to a buffer
overflow inside glibc. When they reported the issue to the glibc maintainers,
they found that the maintainers had been informed of the vulnerability in July
and that individuals involved with the
Red Hat distribution of
Linux had also discovered the vulnerability and were working on a fix for it.
The Google researchers disclosed the vulnerability today.
If you are responsible for a Linux system or other equipment that uses
glibc, you should update the software as soon as feasible. If you have a system
that uses the RPM
Package Manager, you can see what version of glibc is installed and the
build date for the package with rpm -qi glibc. On systems that
use the open-source command-line package-management utility
yum,
you can issue the command yum update glibc from the root account.
The currently available version for
CentOS Linux systems is glibc 2.17. CentOS is functionally compatible with its
upstream source,
Red Hat Enterprise
Linux (RHEL)
When I attempted to update a
Simple Machines Forum (SMF) site from version 2.0.8 to 2.0.9 by choosing
SMF 2.0.8 to SMF 2.0.9 upgrade,
for the "Package to
Upload" under Upload a Package on the Package Manager
page for the forum, whch is reachable from the Admin menu, I saw the
error message below:
An Error Has Occurred!
Package upload failed due to the following error:
"The package you are trying to install cannot be located. You may want
to manually upload the package to your Packages directory."
The Wi-Fi
network adapter in a Microsoft Windows system may support
dual
band wireless connections, i.e, both the 2.4 GHz and 5 GHz bands for a
wireless local area network (WLAN), or it may only only support the older
2.4 GHz standard. A
radio
frequency (RF) band is is a group of frequencies containing many channels.
To determine if a wireless adapter can support both the 2.4 and 5 GhZ Wifi
standards, you can obtain a command
prompt and type the command netsh wlan show drivers. If
you see 802.11a listed on the "Radio types supported line, then the adapter
supports the 5 GHz as well as the 2.4 GHz bands.
If you want to update all entries in a
MySQL or
MariaDB
database table for entries that meet a specific criterion, you can use a
Structured Query
Language (SQL) command like the one below:
Update table_name
SET column_name = "new_value"
WHERE colum_name = "old_value";
E.g., suppose I have a table named "Students" in a database I'm currently
using with a column in the table named "LastName". Suppose, there are students
named Smith whose last name has changed to Lamb and I want to change all
instances where an entry in the table has "Smith" in the LastName field to
"Lamb". I could use the following SQL command:
Update Students
SET LastName = "Lamb"
WHERE LastName = "Smith";
If you want to change every entry in a table, simply leave off the
WHERE clause.
If you want to change multiple fields/columns in a table at the same
time, you can separate them with commas in the SET statement,
i.e., SET column1=value1,column2=value2,.... E.g., suppose all of
the students with a last name of Smith are also undergoing an address change as
well as a change to their last name.
Update Students
SET LastName = "Lamb", Address="1234 Cherry Lane"
WHERE LastName = "Smith";
When I attempted to forward an email message I received in the
Microsoft Outlook Web App (OWA), which I had accessed in the
Firefox browser on a MacBook Pro laptiop, I found that the text I was
typing was not wrapping, but kept extending across the window where
I was typing additional information I wanted to add to the message. I
copied the text I was typing and closed the window and then attempted
forward it again. When I pasted the text I had been typing into the
message, the same problem occurred. Microsoft has an article titled
Wordwrapping
does not work in Outlook or in OWA email messages that describes
the problem.
Symptoms
When you compose email messages in Microsoft Office Outlook or
in Outlook Web Access (OWA), you notice that the wordwrapping
functionality does not work as expected.
The Microsoft article states the problem can occur if there are extra space
characters in the message, i.e., if you have two or more spaces right after
one another, e.g., if you type fast and inadvertently type an extra space or
more. The solution listed in the article is to compose the message as plain
text rather than HTML or to remove the extra spaces. Since I was using an Apple
OS X system, I hit command-F to search for " ", i.e., two spaces.
OWA reported that there were such instances in the message. In this case,
I simply discarded the message I had been typing and opted to start fresh
with the foward process for the message, retyping the text I had intended to
add to the forwarded message and the problem didn't occur this time.
If, instead, you wished to opt for the alternative of composing the email
as a plain text message, you can look to the right of "Options" in the window
where you are composing the message. You will see "HTML" there; you can change
the selection to "Plain text", instead.
Though, when I tried to recreate the problem by forwarding the message
again and purposefully typing extra spaces at verious points in the text
I was adding, the text wrapped as I expected. I.e., I could not recreate
the problem.
You can obtain information on the
Basic Input/Output
(BIOS) in a system running the Linux operating system, e.g., CentOS Linux,
Ubuntu or another Linux distribution, using the dmidecode command.
E.g., you can use dmidecode --type bios to obtain such
information:
[root@localhost ~]# dmidecode --type bios
# dmidecode 2.12
SMBIOS 2.3 present.
Handle 0x0000, DMI type 0, 24 bytes
BIOS Information
Vendor: American Megatrends Inc.
Version: 0601
Release Date: 11/30/2006
Address: 0xF0000
Runtime Size: 64 kB
ROM Size: 512 kB
Characteristics:
ISA is supported
PCI is supported
PNP is supported
APM is supported
BIOS is upgradeable
BIOS shadowing is allowed
ESCD support is available
Boot from CD is supported
Selectable boot is supported
BIOS ROM is socketed
EDD is supported
5.25"/1.2 MB floppy services are supported (int 13h)
3.5"/720 kB floppy services are supported (int 13h)
3.5"/2.88 MB floppy services are supported (int 13h)
Print screen service is supported (int 5h)
8042 keyboard services are supported (int 9h)
Serial services are supported (int 14h)
Printer services are supported (int 17h)
CGA/mono video services are supported (int 10h)
ACPI is supported
USB legacy is supported
AGP is supported
LS-120 boot is supported
ATAPI Zip drive boot is supported
BIOS boot specification is supported
Targeted content distribution is supported
BIOS Revision: 8.10
Handle 0x002D, DMI type 13, 22 bytes
BIOS Language Information
Language Description Format: Abbreviated
Installable Languages: 1
en|US|iso8859-1
Currently Installed Language: en|US|iso8859-1
[root@localhost ~]#
Alternatively, you can use the --sring parameter and
specify a particular option, such as BIOS vendor, as shown below:
[root@localhost ~]# dmidecode --string bios-vendor
American Megatrends Inc.
[root@localhost ~]# dmidecode --string bios-version
0601
[root@localhost ~]# dmidecode --string bios-release-date
11/30/2006
Note: you need to run the commands as root. On a Ubuntu system, you can run
the commands by prefixing the commands with sudo, e.g.,
sudo dmidecode --type bios or sudo dmidecode
--string bios-version, and provide your password when prompted.
Otherwise you will get a "Permission denied" message.
Dmidecode is known to work on the following systems:
Linux i386, x86-64, ia64
FreeBSD i386, amd64
NetBSD i386, amd64
OpenBSD i386, amd64
BeOS i386
Cygwin i386
Solaris x86
Haiku i586
If it isn't available on your system, you can download the source code
at dmidecode.
On an Apple OS X system, you can reduce the size of an image by using the
sips command with the -Z size parameter where size
is the maximum value you want for either height or width. E.g., suppose I
have a PNG file named system_preferences.png", which
is 1,560 pixels wide by 1,604 high. The image height is greater than the image
width and I want the maximum dimension to be 780 pixels. By opening a
Teminal window - the Terminal utility is found in the
Applications/Utilities directory - I can get a command line interface
(CLI), aka a "shell prompt", that will allow me to enter the command
sips -Z 780 system_preferences.png. The command will ensure
that neither dimension will be greater than 780 pixels. In this case the
height will be set to 780 pixels and the width will be adjusted to maintain
the current aspect ratio, so the new dimensions will be 758 pixels wide
and 780 pixels high.
Since today is the yearly
Safer Internet Day,
you can get a free, permanent additional 2 gigabytes (GB) of storage on
Google Drive today just
by checking the security settings for any Google account you
may have, e.g., a Gmail account. If you are signed into your Google account
in your browser, when you go to
www.google.com, you should see "It's #SaferInternetDay. Stay safe online
with a 2-minute Security Checkup". If you click on the
"Security Checkup" link you will be prompted to verify your security settings.
If you are not signed in, you will see
"It’s #SaferInternetDay.
Explore tips to help
you stay safe online", instead. You can also start the process by going to
Security Checkup and signing in to your Google account from that page.
If you missed the storage upgrade opportunity on February 9, Valentina
Palladino notes in
Today you can get 2GB of Google Drive storage for free that
"There's no word on when this 2GB offer will expire, but you have at
least one week to complete the security check-up."
It should only take about a minute to complete the process.
At the first step of the process you will be prompted to
"Check your recovery information" for your account.
Help us get in touch with you if there’s unusual activity in your account or
you accidentally get locked out. Don’t worry, we’ll only use this info if we
need to reach you about your account.
You will be asked to verify that your recovery phone number,
recovery email address, and security question are correct. At the next
step you will be asked to "Check your connected devices"
Next, please review the devices connected to your Google Account. Let us know
if any of these devices look unfamiliar to you, and we'll work together to
ensure no one else has access to your account.
You will be shown a list of devices identified as "Windows", "Linux",
etc. depending on what devices you use to access your account, and a city
where that device was used to log into your Google account. If they look
ok to you, you can click on "Looks good" and proceed to the next step,
which is "Check your account permissions". E.g., if you use Google Drive,
you may see it listed with "Has some account access, including Google
Drive, Google Hangouts". You will see other services listed to which
you've given permission to access some information associated with your
Google account. You will see the date authorization was granted to a
service and you have the opportunity to remove access to Google account
information by that service. If they all look ok, you can click on "Done"
to complete the process. If you click on "Continue to account settings",
if you click on "Your Google Drive storage" under "Account preferences"
on the left side of the browser window, you should see that you've been
granted another 2 GB of storage on Google Drive.
The files that you store in Google Drive are always encrypted in transit
between your systems and Google's servers and also while stored in Google’s
data centers. By confirming the settings for your account, also, you help
to ensure the security and privacy of the data that you store using Google's
services.
If you wish to view documentation for commands and utiilties on a system
running Apple's OS X operating system, or Linux, you can use the man
command to view the manual page, aka a
"man
page" for the command/utility. If you want to convert the man page to
a HyperText Markup
Language (HTML) document, you can use the
groff
text formatting utility. You can find man pages beneath the
/user/share/man directory in subdirectores named manx where x is a number, e.g. man1, man2,
etc. E.g. under OS X, if you wanted to view the documentation for Apple's
AppleScript
scripting language osascript
utility, you can find the man page on an OS X system at
/usr/share/man/man1/osascript.1. To format it as HTML,
you can pipe the contents of the file into groff as
shown below:
If you wish to be able to easily distinguish
Secure Shell (SSH) sessions to a particular
server when using PuTTY,
a
free and open-source SSH and
Telnet
client application available for Microsoft Windows, OS X, and Linux
systems, you can change the background color used for connections
to a particular server through PuTTY's "Change Settings" option,
which will allow you to change the background and foreground colors
(the foreground color is used for text). Colors are specified by
RGB value.
If you use a desktop version of Intuit's Quicken 2015 for managing
your personal and/or business finances and have also installed the
mobile application, Quicken 2014/15/16 Companion, on your phone, but
find that certain accounts that are present in the desktop version are
not appearing on the mobile version, then check the
"accounts to sync" settings within the "Intuit ID, Mobile &
Alerts" preferences within Quicken on the desktop system to ensure that
Quicken on the desktop is configured to syncrhonize those particular
accounts with the Quicken app on a mobile device.
If you want to check or set audio settings, such as the volume level
or whether sound is muted, from a command line interface (CLI), aka
"shell
prompt", on an Apple OS X system, you can do so by using
Apple's
AppleScript scripting language utility,
osascript.
To check the current volume setting, you can use the following command:
$ osascript -e 'output volume of (get volume settings)'
54
To check whether audio is muted, use the following command:
$ osascript -e 'output muted of (get volume settings)'
false
The osascript -e 'set volume output volume x', where
x is a number between 0 and 100, can be used to change the sound
level, i.e., to make the sound softer or louder:
You can provide a number less than zero or more than 100 when issuing the
set command, but the volume setting will never be less than 0 nor more than
100.
When I received a new MacBook Pro (Retina, 15-inch, Mid 2015) laptop running
OS X Yosemite (10.10.5), I found that there were no scrollbars in
Windows, e.g., within a Terminal or browser window. I could scroll
through a page in a browser window using the up and down arrow keys; a
scroll bar would appear on the right of the window as I was moving up and
down with the arrow keys, but if I tried moving the mouse pointer over to
where the scrollbar was appearing, it would disappear and I couldn't move
up or down using the builtin by moving the mouse ponter to the right to a
scroll bar using the touchpad on the laptop. I could scroll up and down in
a web page or a Terminal window by putting two fingers down on
the touchpad and then moving them up and down, but I liked having the
scroll bar at the right side of a window to use for scrolling.
I was able to have a scroll bar appear by clicking on the Apple icon at the top
left-hand corner of the screen, selecting System Preferences,
View, then General and changing the option for "Show
scroll bars" from "Automatically based on mouse or trackpad to "Always".
The other option was "When scrolling".
The meaning for the settings is as follows:
Automatically based on mouse or trackpad - see scroll bars based on the
device you are using. If your device allows gestures, scroll bars are
hidden until you start scrolling. Otherwise, they are visible.
When scrolling - hide scroll bars until you start scrolling.
Security software firm
CheckPoint says eBay usually filters out scripts and iFrames from item
descriptions or online stores, but only strips alphanumeric characters
from these HTML tags.
CheckPoint claims that by using those non-alphanumeric characters,
malefactors could pull code from a remote server that would allow them to
trick an unsuspecting eBay user visiting a eBay store listing where the
nefarious JavaScript is posted into agreeing to install software that the
user may incorrectly assume is being provided by eBay.
CheckPoint stated it informed eBay of the potential issue on December 15,
but on January 16 was informed that eBay would not be providing a fix for
the issue because active content is allowed on eBay's website.
eBay's
HTML and JavaScript Policy page has the following guidelines on what
sellers aren't allowed to do on their listing pages:
You can't use HTML or JavaScript that:
Calls remote scripts and pages automatically, such as JavaScript
"includes" or "iframes."
Changes registry entries or otherwise writes to another person's computer
hard drive.
Creates automatic pop-ups except for links that open in a new window
when clicked on.
Is used to drop or read a cookie on any eBay page.
Loads any binary program on another person's computer automatically,
except for Flash content.
Launches a song or video when a listing is opened.
Overwrites any area in the listing outside of the item description area.
Manipulates areas outside the listing description, including changing
fonts, colors, and backgrounds in areas such as eBay headers and footers.
Posts to scripts on eBay automatically.
Redirects the user from eBay to another web page, such as using the
"replace" script.
I.e., the above guidelines do not seem to preclude the use of any
JavaScript on a listing page. And there are sites that provide scripts
to be used in eBay listings, e.g.,
Script Snips at Auction Repair
.
On an Apple OS X system, such as a MacBook Pro laptop, the command pmset
-g rawlog displays an ongoing log of battery state as read
directly from the battery. When the system has external alternating
current (AC) power, the value for external connected
is "yes". If the battery is 100% charged, battery charging
is "no".
$ pmset -g rawlog
pmset is in RAW logging mode now. Hit ctrl-c to exit.
* Battery matched at registry = 12803
external connected = yes
battery present = yes
battery charging = no
cap = 3839/3839
time remaining = 1092:15
current = 0
cycle count = 194/1000
location = 0
If I disconnect the power cable, pmset will periodically update its
display showing me the current status for the battery, including the estimated
time remaining on battery power.
$ pmset -g rawlog
pmset is in RAW logging mode now. Hit ctrl-c to exit.
* Battery matched at registry = 12803
external connected = yes
battery present = yes
battery charging = no
cap = 3839/3839
time remaining = 1092:15
current = 0
cycle count = 194/1000
location = 0
2/2/16 9:45:29 PM EST
external connected = yes
battery present = yes
battery charging = no
cap = 3839/3839
time remaining = 1092:15
current = 0
cycle count = 194/1000
location = 0
2/2/16 9:46:24 PM EST
external connected = no
battery present = yes
battery charging = no
cap = 3839/3839
time remaining = 1092:15
current = 0
cycle count = 194/1000
location = 0
2/2/16 9:46:54 PM EST
external connected = no
battery present = yes
battery charging = no
cap = 4209/4209
time remaining = 3:03
current = -1377
cycle count = 194/1000
location = 0
2/2/16 9:47:25 PM EST
external connected = no
battery present = yes
battery charging = no
cap = 4209/4209
time remaining = 2:47
current = -1509
cycle count = 194/1000
location = 0
2/2/16 9:47:55 PM EST
external connected = no
battery present = yes
battery charging = no
cap = 4209/4209
time remaining = 2:45
current = -1528
cycle count = 194/1000
location = 0
In the above output I can see that the estimated time remaining for
battery power doesn't necessarily match the amount of time that has
elapsed since the last update was displayed. E.g. at 9:45:25 the time
remaining value was 2 hours and 47 minutes, yet at 9:45:55, 30 seconds
later, the estimated time remaining has been decreased by 2 minutes. The
above readings where the "cap" value was x/x, e.g., 4209/4209, were
displayed at times the battery capacity display at the top of the screen
was reading 100% When the value displayed at the top of the screen
for the OS X GUI
dropped to 95%, I saw the following:
2/2/16 10:01:06 PM EST
external connected = no
battery present = yes
battery charging = no
cap = 4004/4209
time remaining = 2:20
current = -1716
cycle count = 194/1000
I.e., the capacity reading was then x-y/x. Plugging the power cable
back in changed the battery present and battery
charging values to "yes".
The pmset command, which is used to manipulate power management
settings, can be used on a Mac laptop running Apple's OS X operating
system to obtain information regarding the
alternating current (AC) adapter being used to power the laptop.
-g ac / adapter will display details about an attached AC
power adapter. Only supported for MacBook and MacBook Pro.
E.g., the output below is from a MacBook Pro laptop with an Apple 85W MagSafe
Power Adapter model number A1343 plugged into it.
$ pmset -g ac
Wattage = 85W
Revision = 0x0000
AdapterID = 0x0100
Family Code = 0x0085
Serial Number = 0x00981dc6
On a laptop running Apple's OS X oerating system, it is usually easy
to check the state of the battery by just glancing at the top of the screen,
but if you connect remotely to a system by Secure Shell (SSH) or just spend
a lot of time at a command line interface (CLI), aka shell prompt, which you
can obtain using the Terminal app, you may want a way to check the
battery charge level by issuing a command from a command line. If so, you can
use pmset -g batt (note: use "batt" not "battery").
$ pmset -g batt
Currently drawing from 'AC Power'
-InternalBattery-0 100%; charged; 0:00 remaining
$ pmset -g batt
Currently drawing from 'Battery Power'
-InternalBattery-0 86%; discharging; (no estimate)
In the first instance of the command being issued above on a MacBook Pro
laptop, the power cable was plugged into the laptop and it was
charging. In the second instance, the power cable was disconnected and
the internal battery is discharging.
If you need to recover a forgotten
MySQL or
MariaDB password, if the
password was entered at a
shell prompt
while starting either program with the mysql command and the
user's account uses the
Bash shell,
you may be able to find the password in the
Bash history file for the user's acount, which is .bash_history
in the user's home directory. E.g., if the user entered the command below:
$ mysql --user=users_acct --password=users_password
If you viewed the contents of the Bash history file for that user's account you
would see the command with the password just as you would see other commands
entered from the user's account. E.g., if the user's account was jdoe:
# grep mysql ~jdoe/.bash_history
mysql --user=users_account --password=users_password
But, if the user entered the command mysql -u users_acct -p and
didn't follow the `-p` or `--password` with the password, but, instead, just
entered one of those parameters without putting the password immediately
after it, that leads to the system prompting the user for the password and
the password won't be in the Bash history file.
Note: if the user is still logged in to the account for which you are
checking the .bash_history file, you won't see the commands
entered during that login session until after the user logs out of the
session.
If you are logged into the relevant account or use the
su command, which is
also referred to as the "substitute user", "switch user", or "super user"
command, you can use the history command to view the commands
entered at the command line. E.g., you could use history | grep
mysql.
I wanted to check the time a MacBook Pro laptop was last backed up using Apple's
OS X Time Machine backup utility without the external USB-attached
backup disk drive being connected to the system. The tmutil
command can be run from a command line interface (CLI), aka a shell prompt
by running the Terminal application which is found in
Applications/Utilities. But whenever I issued any tmutil command, even
when I prefaced it with sudo, I received the same message: "Unable
to locate machine directory for host."
$ tmutil latestbackup
Unable to locate machine directory for host.
$ tmutil listbackups
No machine directory found for host.
$ tmutil compare -s
Unable to locate machine directory for host.
-------------------------------------
Added: 0B
Removed: 0B
Changed: 0B
$ sudo tmutil latestbackup
Password:
Unable to locate machine directory for host.
$ tmutil machinedirectory
No machine directory found for host.
$ sudo tmutil machinedirectory
No machine directory found for host.
If I ran the Time Machine program itself, I saw the message
"Your Time Macine backup disk can't be found."
But I was able to get the last backup time even with the backup drive
disconnected from the system using the command below:
You can obtain additional information such as the number of
snapshots
stored on the drive and the date of the oldest complete snapshot of the
system's hard drive stored on the backup device using defaults read
/Library/Preferences/com.apple.TimeMachine.plist Destinations.
If you just want one of those pieces of information, e.g., the oldest
complete snapshot date, you can filter the result with grep and, if you
don't want to see the text you are searching for with grep, pipe its output
into the cut command. E.g. for the oldest complete snapshot date on the
drive being used for Time Machine backups you can
use the cut command to just display columns 49 to 59.
If you want to obtain the current date and time on a Windows system from
a command prompt, you can use date /t and time /t -
if you omit the /t you will be prompted to change the values.
If you want to see what event logs are available on a remote system, you
can use the PowerShell command get-eventlog -List -ComputerName
system_name where system_name is the name of the remote
computer.
If you want to see a list of only the
"Modern", aka "Metro" apps installed on a
Microsoft Windows system, get a
Windows PowerShell prompt, which you can do on Windows 10 by clicking on the
Start button, or hitting Ctrl-Esc, then typing PowerShell then
right-click on Windows PowerShell and choose "Run as
administrator". Then type Get-AppxPackage and hit Enter.
If you don't want to see all of the details for the installed packages, just
the name, use Get-AppxPackage | findstr "^Name" - put the
^ before "Name" so that you get lines beginning with "Name" and
not those beginning with "PackageFullName" and "PackageFamilyName".
PS C:\> Get-AppxPackage | findstr"^Name" | more
Name : Microsoft.Getstarted
Name : Microsoft.MicrosoftOfficeHub
Name : Microsoft.CommsPhone
Name : Microsoft.XboxApp
Name : Microsoft.MicrosoftSolitaireCollection
Name : Microsoft.WindowsCamera
Name : Microsoft.Office.Sway
Name : Microsoft.WindowsMaps
Name : Microsoft.Messaging
Name : Microsoft.BingFinance
Name : Microsoft.BingWeather
Name : Microsoft.BingSports
Name : Microsoft.BingNews
Name : king.com.CandyCrushSodaSaga
Name : Microsoft.Windows.Photos
Name : Microsoft.VCLibs.140.00
Name : Microsoft.VCLibs.140.00
Name : Microsoft.NET.Native.Framework.1.1
Name : Microsoft.NET.Native.Framework.1.1
Name : Microsoft.NET.Native.Framework.1.2
Name : Microsoft.NET.Native.Runtime.1.1
Name : Microsoft.NET.Native.Framework.1.0
Name : Microsoft.NET.Native.Framework.1.0
Name : Microsoft.NET.Native.Runtime.1.0
Name : Microsoft.NET.Native.Runtime.1.0
Name : Microsoft.AAD.BrokerPlugin
Name : Microsoft.BioEnrollment
Name : Microsoft.Windows.CloudExperienceHost
Name : Microsoft.Windows.ShellExperienceHost
Name : windows.immersivecontrolpanel
Name : Microsoft.Windows.Cortana
Name : Microsoft.AccountsControl
Name : Microsoft.LockApp
Name : Microsoft.MicrosoftEdge
Name : Microsoft.Windows.AssignedAccessLockApp
Name : Microsoft.Windows.ContentDeliveryManager
Name : Microsoft.Windows.ParentalControls
Name : Microsoft.Windows.SecondaryTileExperience
Name : Microsoft.WindowsFeedback
Name : Microsoft.XboxGameCallableUI
Name : Microsoft.XboxIdentityProvider
Name : Windows.ContactSupport
Name : Windows.MiracastView
Name : Windows.PrintDialog
Name : Windows.PurchaseDialog
Name : Microsoft.NET.Native.Runtime.1.1
Name : Microsoft.NET.Native.Framework.1.2
Name : 9E2F88E3.Twitter
Name : windows.devicesflow
-- More --
The touch command
is a standard command available on Unix/Linux systems. It can be used to
create new, empty files or change the
timestamp on existing
files. If there is an existing file named test.txt created on
January 22, 2016 at 10:13 PM, i.e. 22:13 in the
24-hour time format,
aka "military time", I can change the date to Decembe 25, 2015 and the time
to 5:13 PM by using the command shown below.
$ touch -t 201512251713 test.txt
$ ls -l test.txt
-rw-rw-r-- 1 joe joe 0 Dec 25 17:13 test.txt
The -t option indicates that I wish to change the time stamp.
It is followed by the date and time in the format YYYYMMDDHHMM where YYYY
represents the year, MM the month, DD the day, HH the hour and MM represents
minutes.
Using the --date argument to the command, you can even specify
a time as YYYY-MM-DD HH:MM. Note: use the
--time-style=long-iso or --time-style=full-iso
options for the ls -l command to show the full timestamp.
$ touch --date="2013-01-25 09:00" example.txt
$ ls -l --time-style=long-iso example.txt
-rw-rw-r-- 1 joe joe 0 2013-01-25 09:00 example.txt
With the --date option, you can even specify a date in a format
such as "next Friday" or "last Friday". A date string may contain items
indicating calendar date, time of day, time zone, day of week, relative
time, relative date, and numbers. An empty string indicates the beginning of
the day.
E.g., suppose, today is Saturday January 23, but I want to create two new
files, one with a date of the prior Friday and one with a date of next Friday.
I could use the commands shown below.
$ touch --date="last Friday" oldsample.txt
$ touch --date="next Friday" newsample.txt
$ ls -l *sample.txt
-rw-rw-r-- 1 joe joe 0 Jan 29 2016 newsample.txt
-rw-rw-r-- 1 joe joe 0 Jan 22 00:00 oldsample.txt
You can also specify the hours, minutes, and seconds using such a format,
e.g., suppose I already have the file newsample.txt, but want to
change the date and time for the existing file to be this coming Sunday at
11:00 PM. I could use the touch command below.
$ touch --date="Sunday 23:11:05" newsample.txt
$ ls -l --time-style="long-iso" newsample.txt
-rw-rw-r-- 1 joe joe 0 2016-01-24 23:11 newsample.txt
$ ls -l --time-style="full-iso" newsample.txt
-rw-rw-r-- 1 joe joe 0 2016-01-24 23:11:05.000000000 +0000 newsample.txt
You can even specify the time down to fractions of a section by putting
a period after the seconds value, which appears as HH:MM:SS. E.g.:
$ touch --date="Sunday 23:11:05.01234" newsample.txt
$ ls -l --time-style="full-iso" newsample.txt
-rw-rw-r-- 1 joe joe 0 2016-01-24 23:11:05.012340000 +0000 newsample.txt
If you wish to create multiple empty files at once e.g.,
for test purposes, you can use a command such as touch
file{n1..n2} where file is the first
part of the file name, n1 is the starting number you wish to add
to the end of the file name, and n2 is the ending number to be
appended to the file name. The touch command will then
create ten files starting with file1 through file10.
$ ls
index.html
$ touch file{1..10}.html
$ ls
file10.html file2.html file4.html file6.html file8.html index.html
file1.html file3.html file5.html file7.html file9.html
You can determine the last
Windows Registry
key accessed in regedit by issuing a reg query command from a
command prompt. E.g., suppose I ran regedit and viewed
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run and then
exited from regedit.
From a command line interface (CLI), i.e., a command prompt, I can issue
the command reg query HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Applets\Regedit /v LastKey, which will show me the last key
that was accessed while in regedit. If I reopen regedit, it will start with
that key selected, i.e., it will open from the key selected when I exited from
the program.
Note: the command is querying a key in HKEY Current User (HKCU), so the
results apply to the account from which the command is run. If you run the
command from a different account on the system, you will get the LastKey
value for that account.
Amazon changed the format they use for Ads months ago and ads using the old
format no longer work, but I've never gotten around to fixing all of the links
I have in PHP files on
a Linux system, some going back many years, so a lot of pages show a
"not found" block on pages where ads for Amazon books related to an
article I wrote appear. I've corrected a few when I needed to reference
a page again to recall how I resolved a problem in the past when I
encountered it again, but I have done that for only a small number of the
many pages. So I decided to determine how many such pages exist and make a
list of the file locations and the titles that appear in the HTML code for
the pages, i.e., the text that appears between <title>
and </title>.
To find all the PHP files
containing the old ads, I can search for "rcm.amazon", since I know that
string
is part of the old ad format, but not the new ad format.
The -rwl parameters to the
grep command have the
following meanings:
-r, --recursive
Read all files under each directory, recursively, following
symbolic links only if they are on the command line. This is
equivalent to the -d recurse option.
-w, --word-regexp
Select only those lines containing matches that form whole
words. The test is that the matching substring must either be
at the beginning of the line, or preceded by a non-word
constituent character. Similarly, it must be either at the end
of the line or followed by a non-word constituent character.
Word-constituent characters are letters, digits, and the
underscore.
-l, --files-with-matches
Suppress normal output; instead print the name of each input
file from which output would normally have been printed. The
scanning will stop on the first match. (-l is specified by
POSIX.)
The -r parameter performs a recursive search from the
directory where I ran the command down through all subdirectories within it.
In this case, I could have omitted the -w, but I normally use
it when performing such searches. I used -l because I just want
to see the file names; I don't want anything else from the grep command.
I used the --include="*.php" because I know that the text I'm
searching for will be in files that have a file name ending with .php; I don't
want the command to waste time searching in other files. That option will
ensure that the grep command searches only for any files that have a file name
ending with .php.
If I wanted a count of the number of files that have the text for which
I'm searching, i.e., "rcm.amazon", I can pipe the output of the grep
command into the
wc (word count) utility.
The -l parameter to the wc command tells the
utility that I only want to see a count of the number of lines.
The PHP files are webpages and I'd like to know the title for each page.
The title will appear within the HTML code between the <title>
and </title> tags, so I want to feed the output
of the grep command into another grep command to show the titles. One way to
do that is to put the first grep command within $() and use that
in place of the file argument to the outer grep command, which will
run the command and substitute its output for the file parameter for the outer
grep command - see the answer provided by Gilles at
How do I pass a list of files to grep.
$ grep '<title>' $(grep -rwl "rcm.amazon" --include="*.php")
software/database/mysql/field-types.php:<title>MySQL Field Types</title>
software/database/mysql/creating-mysql-db.php:<title>Creating a MySQL Database</
title>
software/database/collectorz/MC-Customization/index.php: <title>Movie Collector
6.4.1 Customization</title>
security/malware/010210/index.php:<title></title>
security/malware/system_defender/033011/index.php:<title>System Defender Infecti
on</title>
security/malware/111511/index.php:<title>AV Security 2012v121.exe Rogue Antiviru
s Program</title>
security/firewalls/netscreen/smtp-vip.php:<title>Configuring a NetScreen Firewal
l for an Internal SMTP Server</title>
security/firewalls/netscreen/syslog.php:<title>Configuring a Netscreen Firewall
for Syslog Server Support</title>
Note: the above command will fail if there are any files with a space
in the file name in the search path, i.e. test me.php, but in my
case I know no such files exist.
But I just want the title, not the <title> and
</title>, so to eliminate those strings, I can feed
the output into the sed
command.
$ grep '<title>' $(grep -rwl "rcm.amazon" --include="*.php") | sed -e 's/<title>//' | sed -e 's/<\/title>//'
software/database/mysql/field-types.php:MySQL Field Types
software/database/mysql/creating-mysql-db.php:Creating a MySQL Database
software/database/collectorz/MC-Customization/index.php: Movie Collector 6.4.1
Customization
security/malware/010210/index.php:
security/malware/system_defender/033011/index.php:System Defender Infection
security/malware/111511/index.php:AV Security 2012v121.exe Rogue Antivirus Progr
am
security/firewalls/netscreen/smtp-vip.php:Configuring a NetScreen Firewall for a
n Internal SMTP Server
security/firewalls/netscreen/syslog.php:Configuring a Netscreen Firewall for Sys
log Server Support
The s in 's/<title>// tells sed that I want
to search for whatever appears between the next two /
(forward
slash) characters and subsitute whatever appears after the second
foward slash and the following one in its place - the "s" stands for
substitute. In this case since nothing appears between the second and
third forward slashes, then "<title>" is eliminated from the line with
nothing substituted in its place. I then pipe the output into a
second sed command to eliminate the "</title >". Since there is
a forward slash withing the string I want to search for, I don't want
sed to interpret the line to mean I want it to search just for "<",
so I need to "escape" the special meaning the forward slash has for sed
in this instance. I can do that by preceding that forward slash with
an "escape
character". The
backslash character, i.e., \, is the escape character
that takes away the special meaning for the forward slash before "title",
so that it is included in the text for which sed will search.
The above string of commands will provide the file name followed by a colon
and then the title for the web page. If I just want the title, I can pipe
the output from the above commands into the
cut utility.
$ grep '<title>' $(grep -rwl "rcm.amazon" --include="*.php") | sed -e 's/<title>//' | sed -e 's/<\/title>//' | cut -d":" -f2
MySQL Field Types
Creating a MySQL Database
Movie Collector 6.4.1 Customization
System Defender Infection
AV Security 2012v121.exe Rogue Antivirus Program
Configuring a NetScreen Firewall for an Internal SMTP Server
Configuring a Netscreen Firewall for Syslog Server Support
That command makes it clear that I have some unnecessary spaces or a tab
character at the beginning of the title line for the Movie Collector page and
a missing title for security/malware/010210/index.php.
The -d":" option to cut specifies that I want
to use a colon as the delimiter between fields. The -f2 option
instructs cut to just show me the second field, i.e., the one after the colon.
After inserting the missing title line in the file for which no title was
shown, I modified the first sed command to ignore any spaces or tabs that
occur on the line with the title tags by using \s which
represents spaces or tabs. I followed the \s with an asterisk,
*, which, for
regular
expressions undestood by many Unix/Linux commands, means zero or more of
the preceding character, so in this case sed will remove
"<title>" or " <title>", i.e., it will remove
the beginning title tag or, if there are any spaces or tabs before the tag,
it will remove those and the title tag.
$ grep '<title>' $(grep -rwl "rcm.amazon" --include="*.php") | sed -e 's/\s*<title>//' | sed -e 's/<\/title>//' | cut -d":" -f2 | more
MySQL Field Types
Creating a MySQL Database
Movie Collector 6.4.1 Customization
Malware Scanning on Dell Inspiron 1526
System Defender Infection
AV Security 2012v121.exe Rogue Antivirus Program
Configuring a NetScreen Firewall for an Internal SMTP Server
Configuring a Netscreen Firewall for Syslog Server Support
After adding a VirtualHost section to /etc/httpd/conf/httpd.conf
on an Apache web server, when I tried accessing the site I saw the message
below:
Forbidden
You don't have permission to access /
on this server.
I'd encountered the problem in the past when there was a problem with
permissions on the user's home directory. I didn't see any log files for the
site in the directory under the user account, either, where the
ErrorLog and CustomLog directives in the
VirtualHost section for the website should have placed them. I checked the
access for the user's home directory and found that the only access to that
directory was read, write, and execute access for the user's account.
# ls -ld /home/jim
drwx------ 5 jim jim 4096 Jan 22 21:44 /home/jim
When I added "search" access for the group and all users to the user's home
directory from the root account, I was able to access the website from a
browser.
# chmod ga+x /home/joe
I.e., the cause of the problem had been the same as the last time I
encountered the error message.
C:\>wmic cpu get name
Name
AMD FX(tm)-4100 Quad-Core Processor
You can also specify, manufacturer as an option to the command,
instead.
C:\>wmic cpu get manufacturer
Manufacturer
AuthenticAMD
C:\>
Or wmic cpu get caption.
C:\>wmic cpu get caption
Caption
AMD64 Family 21 Model 1 Stepping 2
If you want to know the CPU's clock speed, you can use
currentclockspeed. There is also a maxclockspeed
parameter.
C:\>wmic cpu get currentclockspeed
CurrentClockSpeed
3600
C:\>wmic cpu get maxclockspeed
MaxClockSpeed
3600
C:\>
If you want to obtain a figure for the current CPU utilization from
a command line interface (CLI), i.e.,
a
command prompt, rather than checking it through a
GUI, such as
through the Task Manager, you can use wmic cpu get
loadpercentage.
If you have a Microsoft account, such as a Hotmail, now
Outlook.com, account
you were eligible for 15 GB of free storage for files with
OneDrive, which provides
cloud-based storage. Microsoft is reducing the amount allocated to accounts
from 15 GB to 5 GB. Howerver, if you visit this
OneDrive page, you can
click on the button there to retain the 15 GB limit to ensure
"your account will not be affected when the amount of free storage changes
from 15 GB to 5 GB and the +15 GB camera roll bonus is discontinued." But you
will need to do so by January 31, 2016. If you do so you can have a total of
30 GB in free online storage that will allow you to share files between
devices and backup your files offsite in the cloud.
A user of a Windows 7 Professional system (64-bit version) sent me a screen
shot she had taken of a BitDefender Threat Scanner window that had popped up on
her system Friday morning. She had been seeing the message periodically in
the past.
BitDefender Threat Scanner
A problem has occured in BitDefender Threat Scanner. A file containing
error information has been created at
C:\Windows\TEMP\c44f5eb-94e1-4222-b781-15e2ddadac3b\BitDefender Threat
Scanner.dmp. You are strongly encouraged to send the file
to the developers of the application for further investigation of the
error.
After using the Sysinternals autoruns utility, I found that
a BitDefender driver Trufos.sys was being loaded. I disabled
it with autoruns.
If you are seeing high memory consumption by Firefox, put about:memory
in the address bar of a tab and try the "Reduce memory usage" option, which
triggers a global garbage collection followed by a cycle collection, and can
reduce memory usage in other ways, e.g., by flushing various caches. If that
doesn't sufficiently reduce memory, try the "Measure" option to view memory
usage by Firefox, which will allow you to see usage information associated
with URLs that can allow
you to determine which tab or tabs you could close to significantly reduce
Firefox's memory usage.
C:\>wmic os get OSArchitecture
OSArchitecture
64-bit
C:\>
You can also pipe the output of the syteminfo command into
either findstr or find to make the determination
whether you have a 32-bit or 64-bit version of the OS:
C:\>systeminfo | findstr /C:"System Type"
System Type: x64-based PC
C:\>systeminfo | find "System Type"
System Type: x64-based PC
Note: the above commands were run on a Windows 10 system, but will work
on earlier versions as well.
Also, if you have just a C:\Program Files directory, but
no C:\Program Files (x86) directory, then you likely have a
32-bit version whereas if you have both directories, then you likely have
a 64-bit version of Windows.
You can run either 32-bit or 64-bit applications on a 64-bit version of
Windows, but you can only run 32-bit versions of applications on a 32-bit
version of Windows. You can determine if an application is 32-bit or
64-bit using the steps noted at
32 or 64-bit Application.
If you wish to know how many days have passed since a given date, you
can do so in
Python using the
datetime module.
If I wanted to know the number of days from December 31, 2013 until today,
I could use the code below, which shows 745 days have elapsed since that date:
$ python
Python 2.7.5 (default, Jun 24 2015, 00:41:19)
[GCC 4.8.3 20140911 (Red Hat 4.8.3-9)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> from datetime import date as D
>>> print (D.today() - D(2013, 12, 31)).days
745
>>> exit()
$
If, instead, I want to know the number of days that remain until a given
date, a command such as the one below, which calculates the number of days
from today until April 31, 2019, could be used.
>>> print (D(2019, 4, 30) - D.today()).days
1201
Of course, the calculations don't have to be from or to today, any arbitrary
day can be selected as shown in the example below, which provides the
number of days between January 1, 2016 and January 1, 2019
If you would prefer to get the result from the command line, aka shell
prompt, with just one command line rather than through the Python interpreter's
interactive mode, a command such as the following one could be used:
$ python -c "from datetime import date as D; print ( D(2019,1,31) - D(2016,1,31) ).days"
1096
$
Ars Technica published an article today
titled
Bug that can leak crypto keys just fixed in widely used OpenSSH which
explained how a compromise of a
SSH server running
OpenSSH software could
lead to the server being used to capture data from the memory of systems
that have connected to the server via SSH including private keys for users
connecting to the server.
The vulnerability resides only in the version end users use to connect to
servers and not in versions used by servers. A maliciously configured server
could exploit it to obtain the contents of the connecting computer's memory,
including the private encryption key used for SSH connections. The bug is the
result of code that enables an experimental roaming feature in OpenSSH
versions 5.4 to 7.1
"The matching server code has never been shipped, but the client code was
enabled by default and could be tricked by a malicious server into leaking
client memory to the server, including private client user keys," OpenSSH
officials wrote in an advisory published Thursday. "The authentication of the
server host key prevents exploitation by a man-in-the-middle, so this
information leak is restricted to connections to malicious or compromised
servers."
The roaming feature was intended to allow users to resume broken SSH
connections, even though the feature was disabled in OpenSSH server software
years ago. E.g., when I connected to a server I have running OpenSSH server
software, I saw the folowing:
$ ssh -v jdoe@127.0.0.1 2>&1 >/dev/null | grep -i 'roaming'
debug1: Roaming not allowed by server
Since version 5.4, the OpenSSH client supports an undocumented feature called
roaming. If a connection to an SSH server breaks unexpectedly, and if the SSH
server supports roaming as well, the client is able to reconnect to the server
and resume the interrupted SSH session. The roaming feature is enabled by
default in OpenSSH clients, even though no OpenSSH server version implements
the roaming feature.
For affected products, the article also notes:
Red Hat Enterprise Linux 7 since version 7.1 has provided OpenSSH 6.6 for
which the default configuration is not affected by this flaw. OpenSSH 6.6 is
only vulnerable to this issue when used with certain non-default ProxyCommand
settings. Security update
RHSA-2016-0043
corrects this issue.
So CentOS 7 systems using a
default OpenSSH configuration should be unaffected, since CentOS is derived from
Red Hat
Enterprise Linux.
On a Linux system, you can check the version of SSH installed with
ssh -V.
$ ssh -V
OpenSSH_6.6.1p1, OpenSSL 1.0.1e-fips 11 Feb 2013
On a CentOS Linux system using the
RPM Package Manager
you can also use rpm -qi openssh | grep Version.
$ rpm -qi openssh | grep Version
Version : 6.6.1p1
On a CentOS system, you can update the software from the command line, aka a
shell prompt, using the command yum update openssh.
If you are using a vulnerable OpenSSH client, you can also specify the
-oUseRoaming=no parameter on the command line to ensure that
a malicious server can't take advantage of the vulnerability. E.g.
ssh -oUseRoaming=no jdoe@example.com. Or the feature can
be disabled for all users on a system by putting UseRoaming no in
/etc/ssh/ssh_config or by an individual user for his account
by adding the line to ~/.ssh/config.
If you use the
Bash shell on a Unix/Linux system, you can return to the prior directory
you were in using cd $OLDPWD or simply cd -.
If you wish to be able to easily return to a prior directory further back,
you can use the pushd and popd commands. The
pushd command pushes the current directory onto a directory
stack,i.e., each time you issue the command the current directory is added to the
"top" of the stack. When you issue the popd command, you are
returned to the directory that is currently at the top of that stack.
So if you were in the directory /home/jdoe/test then issued
the command pushd, later changed the working directory to
/home/jdoe/abc and issued the command pushd
again then the command cd /home/jdoe/def followed
later by cd /home/jdoe/ghi, if you then issued the
command popd, your current working directory would become
/home/jdoe/abc. If you entered the popd command
a second time without any intervening pushd command, you
would be returned to directory /home/jdoe/test, the first
directory pushed onto the stack.
E.g., if I have 3 Firefox windows open, one of which has multiple tabs open,
I might see something like the following:
The first window title displayed is for a Firefox window with 9 tabs open,
but only the title for the currently selected tab "After sticking a land-based
return, SpaceX will try the ocan again | Ars Technica" is displayed.
Note: putting an ending double quote on the line below the opening one
results in a new line.
The WMIC startup command can be used to check the programs that will be
run when a user logs into a Microsoft Windows system.
C:\>wmic startup /?
STARTUP - Management of commands that run automatically when users log onto the
computer system.
HINT: BNF for Alias usage.
(<alias> [WMIObject] | <alias> [<path where>] | [<alias>] <path where>) [<verb c
lause>].
USAGE:
STARTUP ASSOC [<format specifier>]
STARTUP CREATE <assign list>
STARTUP DELETE
STARTUP GET [<property list>] [<get switches>]
STARTUP LIST [<list format>] [<list switches>]
C:\>
The list parameter can be specified to obtain a list
of programs that will be run upon logon.
C:\>wmic startup list /?
Property list operations.
USAGE:
LIST [<list format>] [<list switches>]
The following LIST formats are available:
BRIEF - Command, User, Caption
FULL - Command, Description, SettingID, User, Location, Cap
tion
INSTANCE - Caption
SYSTEM - __CLASS, __DERIVATION, __DYNASTY, __GENUS, __NAMESPA
CE, __PATH, __PROPERTY_COUNT, __RELPATH, __SERVER, __SUPERCLASS
The following LIST switches are available:
/TRANSLATE:<table name> - Translate output via values from <table name>.
/EVERY:<interval> [/REPEAT:<repeat count>] - Returns value every (X interval) se
conds, If /REPEAT specified the command is executed <repeat count> times.
/FORMAT:<format specifier> - Keyword/XSL filename to process the XML results.
NOTE: Order of /TRANSLATE and /FORMAT switches influences the appearance of outp
ut.
Case1: If /TRANSLATE precedes /FORMAT, then translation of results will be follo
wed by formatting.
Case2: If /TRANSLATE succeeds /FORMAT, then translation of the formatted results
will be done.
C:\>
E.g., if I only want a brief listing, i.e, just the Command, User, and
Caption values, I can use wmic startup list brief. If I just
want the "caption", I can use wmic startup list instance
as shown below:
If I don't want to use any of the predefined list formats like brief,
full, instance, etc., I can use wmic startup get followed
by the values I'm interested in. E.g., if I wanted the caption
and command values, I could use the command shown below:
If you need to obtain a list of
shared resources
on a Microsoft Windows system, such as shared folders, you can use a
Windows Management Instrumentation Command-line (WMIC) command,
wmic share get. E.g., wmic share get
caption,name,path, which will show the share names on the system
on which the command is issued and the full directory path for shared
folders associated with those sharenames.
c:\>wmic printer get /?
Property get operations.
USAGE:
GET [<property list>] [<get switches>]
NOTE: <property list> ::= <property name> | <property name>, <property list>
The following properties are available:
Property Type Operation
======== ==== =========
Attributes N/A N/A
Availability N/A N/A
AvailableJobSheets N/A N/A
AveragePagesPerMinute N/A N/A
Capabilities N/A N/A
CapabilityDescriptions N/A N/A
Caption N/A N/A
CharSetsSupported N/A N/A
Comment N/A N/A
ConfigManagerErrorCode N/A N/A
ConfigManagerUserConfig N/A N/A
CurrentCapabilities N/A N/A
CurrentCharSet N/A N/A
CurrentLanguage N/A N/A
CurrentMimeType N/A N/A
CurrentNaturalLanguage N/A N/A
CurrentPaperType N/A N/A
Default N/A N/A
DefaultCapabilities N/A N/A
DefaultCopies N/A N/A
DefaultLanguage N/A N/A
DefaultMimeType N/A N/A
DefaultNumberUp N/A N/A
DefaultPaperType N/A N/A
DefaultPriority N/A N/A
Description N/A N/A
DetectedErrorState N/A N/A
DeviceID N/A N/A
Direct N/A N/A
DoCompleteFirst N/A N/A
DriverName N/A N/A
EnableBIDI N/A N/A
EnableDevQueryPrint N/A N/A
ErrorCleared N/A N/A
ErrorDescription N/A N/A
ErrorInformation N/A N/A
ExtendedDetectedErrorState N/A N/A
ExtendedPrinterStatus N/A N/A
Hidden N/A N/A
HorizontalResolution N/A N/A
InstallDate N/A N/A
JobCountSinceLastReset N/A N/A
KeepPrintedJobs N/A N/A
LanguagesSupported N/A N/A
LastErrorCode N/A N/A
Local N/A N/A
Location N/A N/A
MarkingTechnology N/A N/A
MaxCopies N/A N/A
MaxNumberUp N/A N/A
MaxSizeSupported N/A N/A
MimeTypesSupported N/A N/A
Name N/A N/A
PNPDeviceID N/A N/A
PaperSizesSupported N/A N/A
PortName N/A N/A
PowerManagementCapabilities N/A N/A
PowerManagementSupported N/A N/A
PrintJobDataType N/A N/A
PrintProcessor N/A N/A
PrinterPaperNames N/A N/A
PrinterState N/A N/A
PrinterStatus N/A N/A
SeparatorFile N/A N/A
ServerName N/A N/A
ShareName N/A N/A
SpoolEnabled N/A N/A
StartTime N/A N/A
Status N/A N/A
StatusInfo N/A N/A
SystemName N/A N/A
TimeOfLastReset N/A N/A
UntilTime N/A N/A
VerticalResolution N/A N/A
The following GET switches are available:
/VALUE - Return value.
/ALL(default) - Return the data and metadata for the attribute.
/TRANSLATE:<table name> - Translate output via values from <table name>.
/EVERY:<interval> [/REPEAT:<repeat count>] - Returns value every (X interval) se
conds, If /REPEAT specified the command is executed <repeat count> times.
/FORMAT:<format specifier> - Keyword/XSL filename to process the XML results.
NOTE: Order of /TRANSLATE and /FORMAT switches influences the appearance of outp
ut.
Case1: If /TRANSLATE precedes /FORMAT, then translation of results will be follo
wed by formatting.
Case2: If /TRANSLATE succeeds /FORMAT, then translation of the formatted results
will be done.
Some parameters may yield similar results, e.g., the results
of a query for DeviceID, DriverName, and
Name on one system are shown below:
c:\>wmic printer get DeviceID, Name
DeviceID Name
Send To OneNote 2010 Send To OneNote 2010
Ricoh Aficio MP C2500 PCL5c Ricoh Aficio MP C2500 PCL5c
Microsoft XPS Document Writer Microsoft XPS Document Writer
HP Photosmart 6510 series (Network) HP Photosmart 6510 series (Network)
HP Deskjet 6940 series HP Deskjet 6940 series
Fax Fax
Adobe PDF Adobe PDF
c:\>wmic printer get DeviceID, DriverName
DeviceID DriverName
Send To OneNote 2010 Send To Microsoft OneNote 2010 Driver
Ricoh Aficio MP C2500 PCL5c Ricoh Aficio MP C2500 PCL5c
Microsoft XPS Document Writer Microsoft XPS Document Writer
HP Photosmart 6510 series (Network) HP Photosmart 6510 series
HP Deskjet 6940 series HP Deskjet 6940 series
Fax Microsoft Shared Fax Driver
Adobe PDF Adobe PDF Converter
If I want to check the IP address for a printer, I can use
PortName.
c:\>wmic printer get DeviceID, PortName
DeviceID PortName
Send To OneNote 2010 nul:
Ricoh Aficio MP C2500 PCL5c 192.168.0.90
Microsoft XPS Document Writer XPSPort:
HP Photosmart 6510 series (Network) 192.168.0.21
HP Deskjet 6940 series 192.168.0.9
Fax SHRFAX:
Adobe PDF Documents\*.pdf
c:\>
If I just want the IP address for a particular printer I can specify it
with where DeviceId="printer_deviceid PortName where
printer_deviceid is that printer's device ID. I could also query based
on Name, DriverName, etc.
c:\>wmic printer where DeviceID="HP Deskjet 6940 series" get PortName
PortName
192.168.0.9
To check the horizontal and vertical resolution, I can use
HorizontalResolution and VerticalResolution:
c:\>wmic printer get DeviceID, HorizontalResolution, VerticalResolution
DeviceID HorizontalResolution VerticalResolution
Send To OneNote 2010 600 600
Ricoh Aficio MP C2500 PCL5c 600 600
Microsoft XPS Document Writer 600 600
HP Photosmart 6510 series (Network) 600 600
HP Deskjet 6940 series 600 600
Fax 200 200
Adobe PDF 1200 1200
If I want to see a sharename for a printer, i.e., the name used for a
printer that is a
shared resource for other computers on the network, I can use the
ShareName parameter. E.g., the results for such a command issued
on a Windows Server 2012 system showing a printer shared from another system in
the Windows domain
for which it is the domain controller:
C:\Users\Admin>wmic printer where portname="LPT3:" get deviceid, sharename
DeviceID ShareName
\\MERGENTHALER.IMAGINATION.local\HP LaserJet 5100 Series PCL6 CSR_HP_5100
C:\Users\Admin>
After I attempted to close a table in an
Apache OpenOffice
Base database, the database application stopped responding. The
table remained open, but I couldn't do anything in it, open any
other table, etc. So I forced the program to quit using the Activity Monitor. When I tried
to reopen OpenOffice after its abnormal termination, I saw the
message below:
OpenOffice 4.1.1
Either another instance of OpenOffice is accessing your personal settings or
your personal settings are locked.
Simultaneous access can lead to inconsistencies in your personal settings.
Before continuing, you should make sure user 'jasmith1' closes OpenOffice
on host 'gs371.example.com'.
Do you really want to continue?
I selected "No" and looked in the OpenOffice user profile for my account for
a .lock file - you need to use the -a option for the
ls command to see "dot something" files that would otherwise be
hidden.
$ ls -al ~/Library/Application\ Support/OpenOffice/4
total 8
drwxr-xr-x 4 jasmith1 NDC\Domain Users 136 Jan 8 16:28 .
drwxr-xr-x 3 jasmith1 NDC\Domain Users 102 May 18 2015 ..
-rw-r--r-- 1 jasmith1 NDC\Domain Users 143 Jan 8 16:28 .lock
drwxr-xr-x 18 jasmith1 NDC\Domain Users 612 Jan 8 20:42 user
$
Since OpenOffice wasn't closed normally, the .lock file remained. After I
deleted the .lock file, I was able to open OpenOffice without the message
reappearing.
When the program reopened I saw an OpenOffice Document Recovery window allowing
me to recover the database I had been working on before I had to terminate
the Base application.
I clicked on the Start Recovery button and then was informed that the
recovery of the database was successful.
When I clicked on Next I was able to access the database again.
I had been using
InstalledPrograms.vbs, a
VBScript script written by Bill James,
to query systems for a list of installed programs. I ran the script today
while logged into a user's account on a Microsoft Windows 7 system, I received
an error message because the script was in a sudirectory beneath
C:\Program Files and the script's output file is stored by
default in the directory from which the script is run, but the user's account
did not have permission to write to that directory. To fix the problem,
rather than move the script to another directory or run the script from
an administrator account, I added VBScript code from Rob van der Woude's
Browse Folder Dialog function so that a user can select the
directory to be used for the output file.
When I run into excessive memory usage by an application on a MacBook Pro
laptop I use, the culprit is usually Safari. It is often a culprit in
high CPU utilization problems as well. Another common cause for high CPU
usage making the system unresponsive is the Symantec Endpoint Protection
daemon. Today, after closing a tab with a MacRumors.com webpage open to
reduce excessive memory consumption and CPU usage by Safari, I immediately
encountered another CPU usage issue caused by SymDaemon.
In spreadsheet programs such as
Microsoft Excel,
OpenOffice Calc, and
Google Sheets, you can determine an end date given a start date and
the number of weeks that some entry, such as a class, will last by using
the formula =startdate + numweeks * 7. E.g.,
if the start date is January 11, 2016, which is stored in cell C2
as 1/11/16 (assuming you are using the U.S. MM/DD/YYdate
format) and the end date is to be stored in D2
and the duration is 10 weeks, you could put the formula =C2 +
10 * 7 in the D2 cell. The result should be
3/21/16. If you wanted to know the date 10 weeks from today and
if today is January 5, 2016, you could use =TODAY() + 10 *
7 . In mathematics and normally in computer operations the
order
of precedence results in multiplication and division having
precedence over addition and substraction, so ten will be multiplied by
seven and that result added to the current date to determine the last
day of the event.
When I attempted to log in remotely to a Windows 10 system that is a
member of a Server 2012 Windows domain using a domain account, I saw
the message "The connection was denied because the user account is not
authorized for remote login." The problem can be resolved by logging
into the system remotely using a domain administrator account and adding
the accounts for which you wish to grant remote logon access to the
Remote Desktop Users group through the Control Panel
by selecting System and Security, Administrative Tools,
and Computer Management.
If you want to find the time a Microsoft Windows system, e.g., XP,
Vista, Small Business Server 2003, Windows 7, 8, and 10, was last
rebooted, you can run the systeminfo command from a command
prompt and filter the output using the find command so that
you see just the line containing "Boot Time":
C:\>systeminfo | find "Boot Time"
System Boot Time: 1/2/2016, 10:19:02 AM
C:\>wmic os get lastbootuptime
LastBootUpTime
20160102101902.495471-300
The output of the command in the above example is in the format
YYYYMMDDHHSS where YYYY is the year, MM is the month, DD is the day of
the month, HH is the hour in
12-hour clock format,
aka "military time".
If you wish to get the model number for a
Dell system from a command line
interface (CLI), i.e., a command prompt, you can use the wmic command
wmic csproduct get vendor, name as shown below:
C:\Users>wmic csproduct get vendor,name
Name Vendor
Inspiron 570 Dell Inc.
If you just wanted the model, you could use wmic csproduct get name
.
Besides "vendor", you can also use "manufacturer" in a
BIOS query with
WMIC to see the system was manufactured by Dell.
C:\Users>wmic bios get manufacturer
Manufacturer
Dell Inc.
C:\Users>
For some Dell models, e.g., an Inspiron 620s, you can also get the service
tag, which is the equivalent of a serial number for Dell systems, by issuing
the command wmic bios get serialnumber.
C:\>wmic csproduct get vendor,name
Name Vendor
Inspiron 620s Dell Inc.
C:\>wmic bios get manufacturer, name, serialnumber
Manufacturer Name SerialNumber
Dell Inc. BIOS Date: 11/21/11 10:52:35 Ver: 04.06.04 FP1QVR1
You will see in the above example that if you use "name" as a parameter
for the wmic bios get command that, unlike with the wmic
csproduct get name command, you see information for the BIOS, in this
case the BIOS date and version number, rather than the model number for
the system. But the serial number corresponds to the Dell service tag.
For some systems, you will see the manufacturer of the BIOS, such as
Award Software
listed when you issue a wmic bios get manufacturer command. E.g.,
the example below is for a custom-built system rather than one from Dell.
For this system, there is no manufacturer assigning a serial number to
the system. I can get the BIOS version by appending version
to the wmic query.
C:\Users\Lee>wmic bios get manufacturer, version, serialnumber
Manufacturer SerialNumber Version
Award Software International, Inc. GBT - 42302e31
For the Dell Inspiron 620s, I can use either the wmic bios get
serialnumber or the wmic csproduct get identifyingnumber
to get the Dell service tag.
C:\>wmic csproduct get vendor,name
Name Vendor
Inspiron 620s Dell Inc.
C:\>wmic bios get manufacturer, name, serialnumber
Manufacturer Name SerialNumber
Dell Inc. BIOS Date: 11/21/11 10:52:35 Ver: 04.06.04 FP1QVR1
C:\>wmic csproduct get vendor,name,identifyingnumber
IdentifyingNumber Name Vendor
FP1QVR1 Inspiron 620s Dell Inc.
C:\>
I found the commands also show the service tag on a Dell Latitude E6530
laptop, however, you won't be able to use those for all Dell computer models to
get the service tag. E.g., a Dell Inspiron 570:
C:\Users>wmic csproduct get vendor,name,identifyingnumber
IdentifyingNumber Name Vendor
Inspiron 570 Dell Inc.
C:\Users>wmic bios get manufacturer, name, serialnumber
Manufacturer Name SerialNumber
Dell Inc. BIOS Date: 09/02/10 15:02:26 Ver: 08.00.15
C:\Users>
You can use the same commands with computers from other manufacturers.
E.g., the output from the same commands run on a
Gateway system running
Windows Small
Business Server (SBS) 2003 is shown below (the Dell systems in the above
examples were running Windows 7 Professional):
C:\Documents and Settings>wmic bios get manufacturer,name,serialnumber
Manufacturer Name SerialNumber
American Megatrends Inc. AMIBIOS (C)2001 American Megatrends Inc., Version 07.00.00 0032880113
C:\Documents and Settings>wmic csproduct get vendor,name,identifyingnumber
IdentifyingNumber Name Vendor
0032880113 920 Series Gateway
And the output from an HP system running Windows Server 2012:
C:\Users\Admin>wmic bios get manufacturer, name, serialnumber
Manufacturer Name SerialNumber
AMI Ver: RED_807.ROM vRED8.07 MXU24202NE
C:\Users\Admin>wmic csproduct get vendor,name,identifyingnumber
IdentifyingNumber Name Vendor
MXU24202NE p2-1310 Hewlett-Packard
C:\Users\Admin>
That Kindle is larger
than her prior Kindle, but she was impressed with how light it is and felt that
she could read comfortably at night in bed with it, so we ordered that one
online; it arrived today. When I purchased our first Kindle, the first one
offerred, we shared the Kindle. Eventually I bought her a Kindle of her own and
then later we purchased a new third Kindle for her, but since Amazon didn't
offer a means to transfer books from one family member to another, we didn't
have a mechanism for transferring her books from the first and second Kindles to
her latest Kindle, if we created a second account just for her, so she would
see my books if she looked for books we'd purchased to download to her Kindle
and I'd see recommendations refelecting her reading tastes when I logged into
my account. It was annoying that Amazon didn't previously provide a means for
us to separate our Kindle ebooks, but when the new Kindle arrived today, I
decided I'd check to see if they now did offer an option for family members
to share or transfer books, since it had probably been at least a year since
I'd last checked. Happily, I found that Amazon now offers a "Family Library"
option that allows adult family members to share books with one another,
which would allow me to create a new Amazon account for her and share the
books she'd already purchased under my original account to her new account.
