MoonPoint Support Logo


Shop Amazon Warehouse Deals - Deep Discounts on Open-box and Used ProductsAmazon Warehouse Deals

Advanced Search
Sun Mon Tue Wed Thu Fri Sat

Thu, Apr 28, 2016 8:28 pm

Counting the number of lines in a file with the find command

A simple way to count the number of lines in a file on a Microsoft Windows system is by using the following command:

find /v /c "" somefile.txt

The /c option counts the number of lines while the /v option displays all lines NOT containing the specified string. Since the null string, i.e. "", is treated as never matching, you should see the number of lines in the file displayed - see the Stupid command-line trick: Counting the number of lines in stdin article at Raymond Chen's Microsoft Developer Blog, The Old New Thing for an explanation of why this works and how a bug in the earliest MS-DOS version of the find command became a feature that remains to this day.

The MS-DOS operating system was an operating system for early IBM PC compatible personal computers provided by Microsoft long before the company created Microsoft Windows. The operating system was commonly found on personal computers (PCs) during the 1980s to the mid 1990s. The operating system was acquired by Microsoft from Seattle Computer Products and modified by Microsoft to meet the needs of IBM for its IBM PC

[/os/windows/commands] permanent link

Wed, Apr 27, 2016 11:58 pm

Cutting and Pasting a File in the OS X Finder

If you want to "cut" a file from one directory and "paste" it into another directory under Apple's OS X operating system, you may expect the functionality to work as it does under Microsoft's Windows operating system where in the Windows File Explorer you can click on a file to select it then right-click on it, choose Cut, then right-click in some other folder and choose Paste to move the file from one directory to another. In Apple's OS X Finder application, if you highlight a file by clicking on it to select it and then choose Edit expecting to be able to use the Cut option you will find that option grayed out. The Cut option is only available to you from the Edit dropdown list when you have text highlighted that can be cut. E.g., you could cut text out of the file's name, but you can't cut the file from the directory the way you can under Microsoft Windows.

You can achieve similar functionality with keyboard shortcuts under OS X, however. Click on the file you wish to cut from a directory to highlight it, then hit the command-C keys. I.e., hit the command and C keys simultaneously. Then navigate to the directory where you wish to paste the file and hit the command-option-V keys simultaneously. The file will then be removed from its prior directory location and placed in the new directory location.

[/os/os-x] permanent link

Mon, Apr 25, 2016 10:42 pm

Digital Color Meter

On Apple OS X systems, if you want to identify the text color or background color on an image or within a window, you can use the Digital Color Meter application, which you will find in Applications/Utilities, as a color picker. When you move the mouse pointer over the area containing the color you wish to identify, you will see the color displayed within a box in the Digital Color Meter and codes identifying the color. You can select from the following color standards:
  1. Display native values
  2. Display in sRGB
  3. Display in Generic RGB
  4. Display in Adobe RGB
  5. Display in L*a*b*

[ More Info ]

[/os/os-x] permanent link

Sun, Apr 24, 2016 10:44 pm

SELinux entries in /var/log/messages

I had been noticing setroubleshootd frequently using a high percentage of the CPU's time on a CentOS Linux system when I run top. E.g.:

top - 21:26:35 up 227 days,  6:13, 27 users,  load average: 0.83, 0.90, 1.50
Tasks: 329 total,   3 running, 326 sleeping,   0 stopped,   0 zombie
%Cpu(s): 83.3 us, 16.5 sy,  0.0 ni,  0.0 id,  0.0 wa,  0.0 hi,  0.2 si,  0.0 st
KiB Mem :  1875896 total,   177868 free,   495072 used,  1202956 buff/cache
KiB Swap:  2113532 total,   958752 free,  1154780 used.   951776 avail Mem

22725 apache    20   0   42332  10400   2172 R  95.0  0.6   0:03.93 blosxom
22727 root      20   0  263660  41572  10032 R  95.0  2.2   0:03.96 setroubles+
22720 root      20   0  146260   2164   1360 R   2.5  0.1   0:00.62 top
   13 root      20   0       0      0      0 S   0.9  0.0 641:26.32 rcu_sched
   15 root      20   0       0      0      0 S   0.6  0.0 216:15.71 rcuos/1
24450 root      20   0  396436   7712   5180 S   0.6  0.4   9:58.86 httpd
  418 root      20   0       0      0      0 S   0.3  0.0 107:26.61 xfsaild/dm+
  639 root      20   0       0      0      0 S   0.3  0.0 104:29.30 xfsaild/dm+
  657 root      16  -4  116708    496    316 S   0.3  0.0  45:09.63 auditd
  674 root      12  -8   80220    440    256 S   0.3  0.0  31:45.76 audispd
 1278 jim       20   0  142884   1100    820 S   0.3  0.1   0:28.74 sshd
    1 root      20   0  196044   9296   2808 S   0.0  0.5 147:49.67 systemd
    2 root      20   0       0      0      0 S   0.0  0.0   1:18.37 kthreadd
    3 root      20   0       0      0      0 S   0.0  0.0   3:11.27 ksoftirqd/0
    5 root       0 -20       0      0      0 S   0.0  0.0   0:00.00 kworker/0:+
    7 root      rt   0       0      0      0 S   0.0  0.0   7:26.68 migration/0
    8 root      20   0       0      0      0 S   0.0  0.0   0:00.00 rcu_bh

The process shows up as setroubles+, i.e., setroubles with a plus sign at the end, because the full process name, setroubleshootd, can't be displayed in the 80 columns I have alloted for the terminal window.

I've also noticed hundreds of thousands of entries it has created in /var/log/messages related to SELinux issues. I had switched SELinux from "enforcing" mode to "permissive" mode on the system, due to web server application issues, so SELinux wasn't stopping applications from running, but issues are being logged. I finally decided that I at least needed to reduce the number of log entries being creatd substantially, which will, hopefully, improve the responsiveness of the server. I had fixed the SELinux issue for one application, CometChat recently, but I decided I needed to fix at least some of the issues for other sites on the system, also, related to the SELinux context for files under the public_html directory beneath user's home directories.

[ More Info ]

[/os/unix/linux/selinux] permanent link

Sat, Apr 23, 2016 10:53 pm

Web Spiders Crawling Site on 2016-04-23

When I viewed a page on the site this morning, the page took a long time to load in my browser. I checked the Apache access log to see what it was showing in regards to site activity, since I had noticed several web crawlers, aka web spiders, accessing the site yesterday. Checking the site's Apache access log for today, I saw that it was being crawled by four web spiders simultaneously: baiduspider, bingbot,, and the linkdexbot. The first, baiduspider, is associated with the Chinese search engine company, Baidu, and the second, bingbot, is Microsoft's web crawler, which is used by its Bing search engine. The latter two, and linkdexbot are associated with search engine optimization (SEO) companies.

[ More Info ]

[/network/web/crawlers] permanent link

Fri, Apr 22, 2016 10:24 pm

Blosxom calendar plugin cache file causing internal server error

This morning, when I attempted to access an old blog posting to see how I had resolved a problem in the past that I was experiencing again, I saw a page displaying an "Internal Server Error" message. The page also noted "More information about this error may be available in the server error log. When I checked the Apache error log for the site, I noticed references to the problem being linked to line 322 in the calendar plugin code for the Blosxom blogging software I use on the site. I found the issue was related to the the calendar plug-in's cache file being only zero bytes in length. When I deleted the cache file it was automatically recreated, which resolved the problem. I experienced the same problem a month ago on March 22.

[ More Info ]

[/network/web/blogging/blosxom] permanent link

Thu, Apr 21, 2016 10:13 pm


Vodafone Foundation Australia provides the free DreamLab program to aid Garvan Institute of Medical Research researchers in solving problems related to cancer research using the processing power of idle smartphones. The foundation estimates that problems that are part of the cancer research puzzle may be solved 30 times faster if just 1,000 people use the app.

Help solve cancer while you sleep.

The Garvan Institute of Medical Research needs more computing power to speed up cancer research. Donate the power of your smartphone to help, with DreamLab - the flagship program of Vodafone Foundation Australia.

Download the app, choose how much data to give, and let your phone crack a piece of the cancer puzzle as it recharges.

The Garvan Institute of Medical Research is one of Australia's largest medical research institutions with over 600 scientists, students, and support staff. The institute conducts research on cancer, diabetes, osteoporosis, Alzheimer's disease, Parkinson's disease as well as autoimmune and inflammatory conditions such as rheumatoid arthritis, multiple sclerosis, asthma, and Sjogren's syndrome, a chromic automimmune disease in which the body's white blood cells destroy the exocrine glands. The institute developed a test that may predict the outcome of prostate cancer more effectively than the standard (PSA) test. Genetic research is conducted by the institute and in 2014 the institute became one of three organizations in the world able to sequence the entire human genome for less than $1,000 USD.


  1. This new app helps your smartphone cure cancer while you sleep
    Date: November 9, 2015
    Electronic Products
  2. DreamLab app to help solve cancer | Vodafone Australia
    Vodafone Australia
  3. Garvan Institute of Medical Research
    Wikipedia, the free encyclopedia

[/phone] permanent link

Wed, Apr 20, 2016 9:44 pm

QuickTime Player Crashing When Attempting to Save Recording

I recorded the audio for a talk on a subject of interest to me using QuickTime Player version 10.4 (833.7) on my MacBook Pro laptop running OS X 10.10.5 (Yosemite). At the end of the talk, I stopped the recording and clicked on File and then Save to save the audio recording to the system's hard disk drive. When I did so, QuickTime crashed. I sent the report to Apple. Looking at the details for the report, I saw the cause listed as follows:

Exception Type:        EXC_CRASH (SIGABRT)
Exception Codes:       0x0000000000000000, 0x0000000000000000

Application Specific Information:
*** Terminating app due to uncaught exception 'NSInvalidArgumentException', reason: 'Cannot set outputURL to NULL'
terminating with uncaught exception of type NSException
abort() called

[ More Info ]

[/software/audio_video/quicktime] permanent link

Tue, Apr 19, 2016 10:14 pm

Troubleshooting RDP through a NetScreen Firewall

I needed to determine why a Remote Desktop Protocol (RDP) connection could not be established through a NetScreen firewall to a Microsoft Windows system on the trusted side of the firewall , so I logged into the firewall and set a filter to capture traffic on port 3389, the port used for RDP connections. I then turned "snooping" on by issuing the snoop command, which led me to realize that I was trying to connect to the wrong IP address.

I was using the rdesktop program on a Ubuntu Linux system to establish the connection to the Microsoft Windows system. After I realized my error regarding the destination IP address, I was able to establish the RDP connection, but then received a "Connect a smart card" message when I got to the login screen and clicked on the relevant account. I was able to log into the system, however, if I used the -p option with the rdesktop command to supply the password for an account on the Microsoft Windows system.

[ More Info ]

[/security/firewalls/netscreen] permanent link

Mon, Apr 18, 2016 11:15 pm

Keeping an SSH connection alive

If you need to keep a SSH connection alive, e.g., when you won't be entering any commands for awhile after logging into the remote system via SSH, you can use the -o option with ServerAliveInterval . You can specify the interval in seconds which will be used by the SSH client to send keepalive packets with -o ServerAliveInterval x where x is the frequency for sending the keepalive packets. E.g., if I wanted the SSH client to send keepalive packets every minute (60 seconds) to the remote SSH server, I could use a command like the one below when establishing the SSH session:
$ ssh -o ServerAliveInterval=60

By using this option, you should be able to reduce the likelihood that your SSH connection will get dropped after a certain amount of time due to no activity for the session.

You can also use the ServerAliveCountMax parameter with ServerAliveInterval to drop the connection, if the SSH client hasn't received a response from the server to the prior "heartbeat" signal when the time comes to send another keepalive packet. E.g., ssh -o ServerAliveInterval=60 -o ServerAliveCountMax=1 would result in the connection being dropped if the client was awaiting a response to even one outstanding keepalive packet.

There is also a TCPKeepAlive option in OpenSSH. That option is used to recognize when a connection is no longer active due to some problem such as the SSH client application crashing or a prolonged network outage. If the SSH server never recognizes that the client is no longer communicating with it, it will continue to allocate resources, such as memory, for the connection. The option is turned on by default in the OpenSSH configuration file /etc/ssh/sshd_config. You will see the following line in that file:

#TCPKeepAlive yes

You don't need to uncomment the line by removing the pound sign, since "yes" is the default value. The option causes Transmission Control Protocol (TCP) to periodically transmit keepalive messages. If it doesn't receive responses within the expected time, it returns an error to the sshd process, which will then shut down the connection. The purpose of this option is to prevent half-dead connections building up over time and consuming more and more system resources as the number grows. The keepalive interval is typically in the order of hours rather than minutes to minimize the network load for the server. If the keepalive period was made shorter, that would affect all TCP connections on the system, not just the SSH ones, potentially increasing the network load unnecessarily and also causing connections to be dropped even for transient issues, such as a short and temporary network issue.

The TCPKeepalive option is for dealing with longer term issues for a connection rather than the loss of connectivity due to firewall, proxying, or Network Address Translation (NAT) timeouts. You can specify the option on the command line at the SSH client end as follows:

$ ssh -o TCPKeepAlive=yes


  1. SSH, The Secure Shell: The Definitive Guide
    By: Daniel Barrett, Richard Silverman, Robert Byrnes

[/network/ssh] permanent link

Sun, Apr 17, 2016 10:28 pm

SELinux and CometChat

On a CentOS 7 server, I noticed that setroubleshootd seemed to be using an inordinate percentage of the CPU's time when I ran the top command. When I used the ausearch command to query the audit daemon logs for entries that might have been created by setroubleshootd, I saw references to the cometchat/.htaccess file in a user's directory beneath the directory where her Simple Machines Forum (SMF) software resided. I also found tens of thousands of references to that file in the /var/log/messages file. The server runs Security-Enhanced Linux (SELinux) and I found that I needed to update the SELinux context for the file to stop such entries being logged.

[ More Info ]

[/network/web/forums/smf/cometchat] permanent link

Sat, Apr 16, 2016 3:55 pm

Security Advisory Posted for Adobe Flash Player

On April 5, 2016, Adobe released security advisory APSA16-01 (CVE number: CVE-2016-1019) for a vulnerability in the Adobe Flash Player . The vulnerability affects the player on Microsoft Windows, Apple OS X, Linux, and Google's Chrome OS. The vulnerability affects all versions of Windows from Windows 10 backwards through Windows XP. The vulnerability exists in Adobe Flash Player and earlier versions. The vulnerability is currently being exploited "in the wild", i.e., malefactors are already taking advantage of the vulnerability to compromise vulnerable systems. The vulnerability allows malefactors to crash a system and even potentially gain remote control of the system. The vulnerability is being used by the Magnitude Exploit Kit to spread Locky ransomware - see Zero-Day Attack Discovered in Magnitude Exploit Kit Targeting CVE-2016-1019 in Older Versions of Adobe Flash Player.

A software change Adobe made in version will prevent the exploit from being successful, so users who have at least that version should be safe from the exploit allowing their systems to be compromised, since on versions and, it will only cause a crash1. But I would advise users to upgrade to the current version of the Adobe Flash Player, which is version If you use multiple web browsers on a system, you should ensure that each of them have the latest version of an Adobe Flash Player plug-in, if you have Adobe Flash Player support installed for the browser. You can check the version of the Flash Player being used by a browser by visiting Adobe's page. Alternate methods for checking the version of the Flash Player on Apple OS X systems can be found at Determining the version of Adobe Flash on an OS X system.


  1. Zero-Day Attack Discovered in Magnitude Exploit Kit Targeting CVE-2016-1019 in Older Versions of Adobe Flash Player
    Posted: APril 7, 2016
    Simply Security News, Views and Opinions from Trend Micro, Inc
  2. A Look Into Adobe Flash Player CVE-2016-1019 Zero-Day Attack
    Posted: April 8, 2016
    Simply Security News, Views and Opinions from Trend Micro, Inc

[/security/vulnerabilities/multios] permanent link

Fri, Apr 15, 2016 10:25 pm

Excel 2011 not enough memory and AutoRecovery files

Microsoft Excel for Mac 2011 was crashing whenever I attempted to open it on a MacBook Pro laptop I use. Whenever I attempted to reopen it, I would be presented one by one with files to reopen that had been open when it crashed. If I chose to reopen all of the workbooks, it would display the message "Not enough memory." then crash again. The problem occurred even after I closed other applications that were open and rebooted the system to minimize the amount of memory used by other processes running on the system.

[ More Info ]

[/software/office] permanent link

Thu, Apr 14, 2016 11:19 pm

Loop through an array in Bash

The Bash shell, which is available on Unix, Linux, OS X, and soon Microsoft Windows as well as Microsoft has announced support for Bash in the Windows 10 Annivesary Update expected to ship in the summer of 2016, supports arrays , a commonly used programming data type for storing collections of elements. And with the for loop that is also available for Bash, you can iterate over the items in an array that you create. Since Bash also supports arithmetic operations on numeric values assigned to variables, you can perform arithmetic operations while looping through the items in an array.

[ More Info ]

[/os/os-x] permanent link

Wed, Apr 13, 2016 9:58 pm

Sharing files between OS X systems with Bluetooth

One means of sharing files between OS X systems such as MacBook Pro laptops is to use the Bluetooth wireless capability built into the systems. You can enable Bluetooth file sharing by opening System Preferences then selecting Bluetooth Sharing. Once you've enabled Bluetooth sharing on both devices, you can send files from one to another or browse the Public folder on one from the other. To share files and folders between devices using Bluetooth, the devices need to be fairly close to one another, since the range for Bluetooth short-wavelength UHF radio waves is typically less that 10 meters (approximately 33 feet), though the maximum possible range is about 100 meters (approximately 330 feet) - see Bluetooth Range.

[ More Info ]

[/os/os-x] permanent link

Tue, Apr 12, 2016 11:18 pm

Excluding certain directories when using the find command

If I want to find all files with an HTML extension beneath the current directory and its subdirectories, but skip one directory, on a Linux system, I can perform a recursive search using the following command, which will exclude the contents of the directory named "private" which is directly below the current directory. The results will be placed in a file named htmlfiles.txt.

$ find . -path ./private -prune -o -name '*.html' -print > htmlfiles.txt

The period immediately after the find, i.e., find . tells find to start its search from the current directory from which the command is being executed; I could use something like find /somedir to start the search in a different directory.

The -path ./private -prune -o tells find that for the directory path that is ./private - the dot (.) represents the current directory, so the path is the private directory below the current directory - don't include it in the search, i.e., "prune" that directory from the search path. Including -prune indicates, if the file is a directory, do not descend into it. But it is the "dash o", i.e., -o which ensures that nothing is printed from within that directory.

[ More Info ]

[/os/unix/commands] permanent link

Mon, Apr 11, 2016 11:00 pm

groff can't find DESC file

When I want to convert a man page to an HTML file on an OS X or Linux system, I pipe the man page file into groff - see Converting a man page to HTML, PDF, text. I've used groff for that purpose on CentOS, but, when I tried that technique today on two Ubuntu Linux systems, I received the same "groff: can't find `DESC' file" error message on both, which was followed by "groff:fatal error: invalid device `html' (try installing the `groff' package?)" Both systems were running 12.04 LTS (Precise Pangolin). I was able to resolve the problem by installing the groff package with apt-get.

[ More Info ]

[/os/unix/linux/ubuntu] permanent link

Sun, Apr 10, 2016 9:03 pm

Upgrading CometChat

I needed to upgrade CometChat on a web site using Simple Machines Forum (SMF) where CometChat provides an online chat feature for users of the forum. The prior version of CometChat was very out-of-date at 4.4.0 - see Checking the version of CometChat installed on a forum for methods for checking the version - The SMF software was at the current version, 2.0.11. Before commencing the installation of the upgrade to the latest version of CometChat, I backed up the database for the SMF forum and all of its files. I was able to successfully install the file that was part of the upgrade package, but so far have not been able to install the file needed to complete the upgrade.

[ More Info ]

[/network/web/forums/smf/cometchat] permanent link

Sat, Apr 09, 2016 10:48 pm

Fail2ban Logging

When I checked the fail2ban log on a CentOS 7 server today, I found that two IP addresses assigned to to a system or systems in China had been banned 385 times in the past week because of repeated failed attempts to break into the system via Secure Shell (SSH) logins. The IP addresses were:

When I checked for whether others had noted hostile activity from those IP addresses at the Internet Storm Center, I found that others had reported such activity from the two IP addresses starting on March 30, 2016 and continuing through today.

[ More Info ]

[/os/unix/linux/centos] permanent link

Fri, Apr 08, 2016 10:26 pm

Using SQLite

An easy way to create and maintain Structured Query Language (SQL) databases at no cost is to use the free SQLite software, which is available for Linux, OS X, and Microsoft Windows systems and also as C source code.

SQLite is provided by Apple with the current version of OS X; I don't know when it was first included with OS X, but I know it has been present from at least OS X 10.8.5 (Mountain Lion). If you open the Terminal application, which you can find in /Applications/Utilities, and type which sqlite3, you should see the program.

[ More Info ]

[/software/database/sqlite] permanent link

Thu, Apr 07, 2016 10:15 pm

Location of cron files on a CentOS system

I needed to know the last time crontab had been used to update the cron table (crontab) file for a user account on a CentOS 7 system, since an expected output file from a cron job that should have been created from the last modification to the cron file had not appeared. On a CentOS Linux system, the crontab files can be found in /var/spool/cron.
# ls -l /var/spool/cron
total 8
-rw-------. 1 jdoe jdoe 409 Apr  7 12:32 jdoe
-rw-------. 1 root root 542 Jan  1  2015 root

The files are used to schedule jobs to run periodically on the system and can be edited with crontab -e. A crontab file for an account can be viewed by issuing the command crontab -l while logged into that account.

[/os/unix/linux/centos] permanent link

Wed, Apr 06, 2016 10:51 pm

Checking the version of CometChat installed on a forum

If you are using CometChat with a Simple Machines Forum (SMF) to provide an online chat feature for users of the forum and wish to determine the version currently on a Linux system, make the current working directory the one in which CometChat is installed, e.g. cd ~/public_html/myforum/cometchat, if that is the directory where CometChat is installed; the ~ will be translated by the system to represent your "home" directory, i.e, the directory you are placed in when you log into the system. Then search for "currentversion" in the index.php file, which will be found in the admin subdirectory beneath the cometchat directory. In the example below, the version installed is 4.4.0.
$ grep "currentversion" admin/index.php
$currentversion = '4.4.0';

You can also find the version by viewing the contents of the CHANGELOG.txt file in the CometChat directory. The current version will be listed near the top of the file with the new features provided in that version.

$ more CHANGELOG.txt
 CometChat Change Log


+ Jabber/XMPP support
+ Inline popups for plugins/extensions
+ Desktop Messenger support
+ CometService/BeaconPush/APE enabled for chatrooms
+ Facebook chat login with your own Facebook application keys
+ Enhanced and simplified theming
+ Sleaker scroller

The CometChat website has a statement that "We provide support only for the latest stable version. No support is provided for beta or older releases."

[/network/web/forums/smf] permanent link

Tue, Apr 05, 2016 9:45 pm

Recording audio on a Mac OS X system with QuickTime Player

If you need to create an audio recording, e.g., to record a lecture, etc., you can do so on a Mac OS X system using the QuickTime Player application that you should be able to find in the /Applications directory on the system. When you have completed recording, you can save the file in the MPEG-4 Part 14 multimedia container format as a .ma4 file. If you wish to convert the file to another format, you can convert it with iTunes or the afconvert utility that comes with the OS X operating system.

[ More Info ]

[/os/os-x/audio] permanent link

Mon, Apr 04, 2016 10:13 pm

Encrypting a folder on a Microsoft Windows system

You can encrypt a directory, aka folder, on a Microsoft Windows system so that it's contents can't be accessed by others even if they boot the system with an alternate operating system from a CD or USB flash drive or remove the drive and put it in another system, so that Windows file permissions that might otherwise apply can't be bypassed. To encrypt a folder and its contents, right-click on the folder within the Windows File Explorer and choose Properties then click on the Advanced button and then click on the check box next to "Encypt contents to secure data". You will be asked to confirm that you wish to proceed with the change to the folder's attributes. Proceed, applying the changes to the folder, its subfolders, and the files within it.

[ More Info ]

[/os/windows] permanent link

Sun, Apr 03, 2016 8:47 pm

Sending an Email from Adobe Acrobat DC using Thunderbird

Yesterday, someone reported to me that she was unable to send a document she had scanned from within Adobe Acrobat using Thunderbird, which is the email client she uses on her Microsoft Windows 10 desktop system. She said she had contacted Adobe support and followed the instructions given to her by the support person, but those instructions had not resolved the problem and she still could not send email from within Adobe Acrobat. I found the problem was due to Acrobat attempting to use the default mail application on the system, which was Microsoft Outlook, which she didn't use, so was likely not even configured for an email account. After I made Thunderbird the default mail application on her system, she was able to send a file she had open in Acrobat via email from within Adobe Acrobat using Thunderbird.

[ More Info ]

[/os/windows/software/pdf/acrobat] permanent link

Sat, Apr 02, 2016 6:20 pm

Verifying the legitmacy of programs with PowerShell cmdlets

If you need to verify the authenticity or legimacy of a program on a Microsoft Windows system, e.g., if you need to check whether the program has remained unaltered since it was provided by the developer or check that it came from the developer it is purportedly from, you can use Windows PowerShell cmdlets to give you a greater degree of confidence.

Oftentimes a developer website will list a cryptographic hash code for a file. The cryptographic hash code allows you to verify that a program that you have on a system is an unaltered copy of the program as it was delivered by the developer, since changing even a single character/byte in a file will result in a different hash code being calculated for the file when it is checked by a program that can calculate hash codes for files. To calculate a cryptographic hash code for a file, you can use a program like md5sum or, on a Microsoft Windows system, you can obtain a SHA-256 hash code value for a file from a Windows PowerShell prompt using the Get-AppLockerFileInformation cmdlet.

[ More Info ]

[/os/windows/PowerShell] permanent link

Fri, Apr 01, 2016 10:48 pm

Using fail2ban on a CentOS 7 system

If you run a server that is accessible to anyone on the Internet, you should expect that many people and bots will attempt to break into the system, which is why you should ensure that all accounts have strong passwords. Many attackers will use a dictionary attack where they pair common account names, such as root, admin, administrator, etc. with every word in a dictionary. Or they may even pair a "name dictionary" with a dictionary for a particular language, such as English. Such dictionaries can be readily found on the Internet. Name dictionaries may be used by expectant parents looking for a name for their yet to be born child, but a malefactor may use such a dictionary as well as part of an attack against a system. E.g., an attacker may start with abe as a username and then try every word in an English language dictionary as a password. If he can't get in using abe as the user name, he might next try al, alan, ann, arthur, etc. going all the way up to names that start with the letter "z". Certainly pairing each name with every word in a dictionary would take an inordinate amount of time, if someone manually typed each username and password combination, but there is no need for an attacker to manually make guesses in an attempt to compromise a system. Instead, he can use a program that will read entries from dictionaries and submit them to the system under attack. A program can potentially submit thousands of guesses a minute if there is sufficient bandwidth between the attacking and attacked systems and sufficient CPU power on both systems. If you are responsible for a server, you are unlikely to want an attacker to have unlimited attempts to break into the system. The attacker will be using bandwidth to your server and system resources, such as CPU cycles, even if he never manages to break into the system. And, if even one user has a weak password, such as a dictionary word, sports team name, car name, etc., which may also be in a dictionary used for password guessing, granting an attacker unlimited attempts to try breaking in may result in the attacker being successful. One way to preclude an attacker from being able to submit an unlimited number of password guesses is with fail2ban.

[ More Info ]

[/os/unix/linux/centos] permanent link

Valid HTML 4.01 Transitional

Privacy Policy   Contact

Blosxom logo