My Timex Ironman leaked!!

Had a nice dip in the Arabian sea and when I was  walking back to the shore I glanced at my trusty Ironman timex .. The screen was blank !!!. I couldn't  believe it . Back home I opened the back cover and discovered that the o-ring was slightly misaligned . I took one strap off , took the machine out of its casing , cleaned the inner casing , placed the machine back , aligned the o-ring , screwed the back cover on to the casing and attached the strap to the casing . 

You will need a precision kit ( small screwdrivers) to service this watch.

• 1) take one strap off : carefully press the pin release with a screwdriver and slide the pin out of the groove. Gently pull the strap in one direction .
• 2) Unscrew the metal cover
• 3) Align the o-ring in it's groove and keep it aligned while closing the back cover
• 4) close the back cover and tighten  alternate (opposite) screws . 
• 5) make sure all screws are tightened properly

The battery can be easily replaced by unhooking the battery cover gently from its plastic hooks using a pin . The case once opened needs to be very carefully reassembled to avoid losing the water resist. Silicone sealant is recommended but I didn't have any  so I sealed it just by cleaning the rubber o-ring . 

Speeding up vmplayer over x11 ssh tunneling with compression

Are you running vmplayer (or any other remote gui) over ssh ?  Chances are it's going to be slow unless you've enabled compression and chosen a faster cypher. this is how you can :

  ssh -X -C -c blowfish  remoteuser@remotehost_or_ip

Performance is significantly improved :)

Making a bootable pen drive in one command

 Well you can make one in a single command and it works like a charm.  Here's how :

1) plug in your pen drive
2) Run dmesg and check the drive letter (identifier) ( eg /dev/sdb)
3) Run the following command :

dd if=ubuntu.iso  of=/dev/sdb  bs=4M ; sync 

Note : if is your iso file .  DONOT append any trailing number to the pen drive

Thats it ...

VMware player 5.0.2 on linux ( ubuntu 12.04 LTS ) and mint 17 - Installation

Updated june 2017 . The following has been tested on mint 17 as well

Virtualisation is very useful if you want to experiment with network stacks , web servers , load balancers etc. Open source offerings like Xen are out there but the industry standard seems to be vmware. The following is about  how one can go about installing it on linux .

Observations:
1) The vmware site is a very typical "corporaty"  mess . not easy to use.
2) All thet you get via google is a vmware download page with rpm's.
3) Don't download from third party sources , the binary could be tainted!

Distro : Ubuntu 12.04 LTS   (  LTS 's are usually more stable )

Install the dependencies :

$ sudo apt-get install build-essential linux-headers-$(uname -r)


Get the "bundle" :

 wget -c http://goo.gl/JXy7L -O VMware-Player-5.0.2-1031769.x86_64.bundle.tar

note : The shortened URL points to a vmware hosted download server

The above link no longer works !!!!
WORKING LINK : ( June 19 2017) :
 wget -c https://www.vmware.com/go/tryplayerpro-linux-64

 $chmod +x tryplayerpro-linux-64

Create a directory say VMware and move the bundle to that dir. The just run the "bundle".

./tryplayerpro-linux-64


Have fun :)


Grilled keyboard with fries and mayo

It is very important to keep that base of your notebooks ventilated. Plonk it on a soft pillow and play flash games for long hours and what you get is grilll.. That's exactly what a girl who plays a lot of flash games did .. :P  . 

The thing to remember is that even though some processors like the intel atom are capable of operating at 100 deg C !  the other things may not be . In this case the thin keyboard somehow got all the heat and fried !! . 

you can keep a watch on the core temperature using something like this :

 cat /proc/acpi/thermal_zone/TZ00/temperature

Also its good practice to us a frequency governor  and keep the processor on "power save"    unless you  really need the extra cycles.

fork bombz

The first time I saw this series of characters (was about ~= 10 years ago)  .. They looked interesting and not very harmful. So I ran the code .. and a few seconds later my system froze.  Try this (in bash) :

                                          :(){ :|:& };:

Its basically a function recursively calling itself  .. The way to protect the system against this us to set ulimit -u ( number of user processes)  to some finite value ..Its fun to play with them though .. 

warning : you may have to hard reboot your system .. ( no biggie for people accustomed to windoze )

                              

                             

Firestarter log parser scriptlet

Some time ago, I  noticed constant incoming traffic on one of my boxes . Firestarter was running on it and I thought I'd give the "events log" a look . There were like 1000+ blocked connections many of which looked like scans .. and many were .. The most scanned port was ms-sql ( not surprised at all ) . So I whipped up a quick scriptlet to get the top 20 IP's and "whois" them  to know where they were coming from .. 

The results :

---------------- 124 scans from 91.198.174.234 ------------------------
descr:          Wikimedia's Amsterdam cluster (knams)
descr:          Wikimedia Foundation, Inc.
country:        NL
address:        Wikimedia Foundation, Inc.
address:        USA
address:        US
address:        San Francisco, CA 94105 USA
address:        San Francisco
address:        CA 94105 San Francisco
address:        CA 94105
address:        3rd Floor
address:        3rd floor
address:        149 New Montgomery Street
address:        149 New Montgomery, 3rd Floor
---------------------------------------------------------------
---------------- 109 scans from 91.198.174.233 ------------------------
descr:          Wikimedia's Amsterdam cluster (knams)
descr:          Wikimedia Foundation, Inc.
country:        NL
address:        Wikimedia Foundation, Inc.
address:        USA
address:        US
address:        San Francisco, CA 94105 USA
address:        San Francisco
address:        CA 94105 San Francisco
address:        CA 94105
address:        3rd Floor
address:        3rd floor
address:        149 New Montgomery Street
address:        149 New Montgomery, 3rd Floor
------------------------------------- 37 scans from 81.0.237.38 ------------------------
descr:          Gransy s.r.o.
descr:          Casablanca INT
country:        CZ
address:        Vinohradska 184, Prague 3 - 130 52
address:        Czech republic
address:        Casablanca INT
---------------------------------------------------------------
---------------- 18 scans from 58.221.60.159 ------------------------
descr:          China Telecom
descr:          CHINANET jiangsu province network
descr:          Beijing 100088
descr:          A12,Xin-Jie-Kou-Wai Street
country:        CN
address:        No.31 ,jingrong street,beijing
address:        260 Zhongyang Road,Nanjing 210037
address:        100032
------------------------------------------
---------------- 10 scans from 42.96.185.184 ------------------------
descr:          Chaoyang District,Beijing
descr:          Alibaba (Beijing) Technology Co., Ltd.
descr:          9F,Tower A Winterless center,NO.1 West Da Wang Lu,
country:        CN
Comment:        using this IP address range and is not able to investigate
Comment:        This IP address range is not registered in the ARIN database.
Comment:        spam or abuse reports relating to these addresses. For more
address:        No.99 HuaXing Rd. Hangzhou,310099
---------------------------------------------------------------
---------------- 8 scans from 87.93.45.81 ------------------------
descr:          DNA Oy
descr:          DNA Finland
country:        FI
address:        PL 41
address:        Finland
address:        DNA Oy
address:        01741 Vantaa
---------------------------------------------------------------

Sciptlet :
------------------------------------------------------------------------
 #!/bin/bash

# scriptlet to know where the scans are coming from

echo "Enter the firestarter events file"
read $events

tmp="event_tmp"
tmp_who="tmp_who"


egrep -o -h   "Source:[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}"   $events  \
 | awk -F ":" '{ print $2 }' | sort | uniq -c | sort -nr | head -10  > $tmp


while read line
do
        count=`echo $line | awk '{ print $1 }'`
        ip=`echo $line | awk '{ print $2 }'`
        whois $ip > $tmp_who
        echo "---------------- $count scans from $ip ------------------------" 
              cat $tmp_who | grep  'country\|address\|descr' | sort -r | uniq
        echo "---------------------------------------------------------------"
        sleep 1
done < $tmp

rm $tmp $tmp_who
 -------------------------------------------------------------------------

Conclusions :

• Miscro$oft products are most searched by worms n scanners
• Firestarter is a hack . n ot for professional use
• A lot of folks/worms from china scan everyone else all the freakin time!!

:)  

Raydio saved my life tonight ...

I just wanted a nice radio player with which i can play , save and rip my fav stations ( from shoutcast.com) . I searched .. could not find any .. I found a plugin from rhydmbox but the thing was sending traffic to unknown shady hosts .. so I junked it .. and started writing my own little script . 

Its called raydio :) its nice .. command line and easy ..

find it at :  http://sourceforge.net/projects/raydio/

:-)