Posts

Showing posts from 2007

Security and technology

The nature of the attacks will be different: the targets, tactics and
results. Security is both a trade-off and an arms race, a balance between
attacker and defender, and changes in technology upset that balance.
- Bruce Schneier, Security in Ten Years

Windows Live Writer and Mail - Nice!

As you can see from my previous post, Live Writer seems to be working nice with image posting. And I'm using Windows Live Mail client here to access my hotmail account (bah, a story to tell another day), my office account and my gmail account. Works well. Not bad at all. Although there are some rough edges in the settings UI, I didn't expect this good a job from Microsoft. So I'm impressed. And in recent news, I read that IE8 can render the Acid2 smiley. (FF3 can't, I just checked).One of the things I read in the comments was a guy asking for a Bugzilla (not exactly bugzilla, but a open bug tracking site) where people can file bugs and track it openly and search other's issues when they encounter something themselves. I feel that this is strongly needed. Infact I feel that any software company that has a developer community owes it to the developer community for all the business they get in return. Like Office which is a microsoft stronghold, web is another microso…

Picture test

Image
Trying to see if I can insert a picture in my blog via Windows Live Writer. Lets see if it can do the job.Well. It seems to preview nicely in here.Also, the shadow effect of the photo is nice. Seems to have choosen some good defaults. That's nice. And it seems to do good word wrapping too. Not bad. Only if it works fine when I post.

Windows Live sucks

This service, they don't even call it beta, doesn't work most of the time. Anytime I try to sign in, it is unavailable. Redirections go dead, browser shows error page and dies. Real crappy for a big company like Microsoft. Our company does a much better job with such low resources than MS. I agree that it might be scalability problems, but wtf, call it beta, do limited beta, stop accepting registrations. But don't accept registration and make the user go to a dead page. That's sheer disrespect from an arrogant large corporation to the users.I've been working on getting e-mails delivered to hotmail from our corporate mail server. That's for another post. But preliminary investigation indicates that almost everyone is facing this problem. Seems like bozos over there can't interpret SPF records. Having valid spf record makes your mail to get junked while not having spf record at all yields better results. Typical of microsoft.

Windows Live Writer...Lets see what's Improved.

Hmm.. making this post via Windows Live writer. It automatically detected this blog by just asking for the url (which I gave as tech.vys.in)! I had to give my Google credentials to it, which I'm still not comfortable with.One glitch. it said it can't upload the image. :( same issue as last time.. not fixed yet.

Linux IPC and Limits

Note: POSIX implementation provides better and cleaner api to IPC compared to System V. Prefer using POSIX api if you are known to be running on 2.6 or later kernel.

System V IPC implementation on Linux includes Shared memory, Semaphores and Message queues. There are system imposed limits that are important to keep in mind when developing application/services in Linux.

To know the limits use ipcs command. For example on my system:
[root@f7 ~]# ipcs -l

------ Shared Memory Limits --------
max number of segments = 4096
max seg size (kbytes) = 32768
max total shared memory (kbytes) = 8388608
min seg size (bytes) = 1

------ Semaphore Limits --------
max number of arrays = 128
max semaphores per array = 250
max semaphores system wide = 32000
max ops per semop call = 32
semaphore max value = 32767

------ Messages: Limits --------
max queues system wide = 16
max size of message (bytes) = 8192
default max size of queue (bytes) = 16384

Or via sysctl interface:
kernel.shmmni = 4096
kernel.shmall = 2097152
kernel.shm…

putty+ssh tunnels

Amazing things are possible with this simple 190KB application called putty.

A simple ssh tunnel to save you lot of trouble with accessing machines on a private network behind a gateway. Assuming you can ssh into a normal user account on a gateway, you can setup a ssh SOCKSv5 proxy on your machine so that other programs can access machines on private LAN via SOCKS v5 proxy.

TortoisePlink.exe -D : -l -C -N -batch > 1.log

Note: I use tortoiseplink as it goes to background completely.

To ssh into machines on private network, configure putty to use the above configured proxy.
You can even tunnel your browser via this SOCKS v5 proxy. This can be a very useful feature if you are on a untrusted network, like wifi in airport, and want to access sensitive website via a known clean Internet connection.

DJBDNS in 2 minutes!

Here's how to setup djbdns in 2 minutes:

On a machine that has a standard Linux installation like Fedora Core, run the following commands in a script with proper arguments:


#!/bin/bash
# $1 is this server's IP address
# $2 is slave server's IP address to which you want to allow AXFR
# $3 is the domain for which you want to allow AXFR

# Installs daemontools
mkdir-p /package
chmod1755 /package
cd /package
echo" Getting daemontools-0.76 from cr.yp.to "
wget http://cr.yp.to/daemontools/daemontools-0.76.tar.gz
gunzip daemontools-0.76.tar
tar -xpf daemontools-0.76.tar
rm-f daemontools-0.76.tar
cd admin/daemontools-0.76
echo gcc -O2 -include /usr/include/errno.h > src/conf-cc
echo" Starting compilation and installation "
package/install
# Installs ucspi-tcp-0.88
mkdir-p /package
chmod1755 /package
cd /package
echo" Getting ucspi-tcp-0.88 from cr.yp.to "
wget http://cr.yp.to/ucspi-tcp/ucspi-tcp-0.88.tar.gz
gunzip ucspi-tcp-0.88.tar
tar -xf ucspi-tcp-0.88.tar
rm-f ucspi-tcp-0…