Comments for Adam Palmer, Linux, PHP Programmer, MySQL Developer, Embedded Hardware, Security Consultant

Comment on Resume & Portfolio by Paul

Paul — Mon, 15 Mar 2010 13:13:43 +0000

That’s Really Big… Keep On Moving.. Your great

Comment on Linux virtualization, vmware, xen, hosting, and squeezing the most out of your resources by Ian Chilton

Ian Chilton — Sun, 07 Mar 2010 22:56:16 +0000

Hi Adam,

Very interesting post!

What do you think of OpenVZ?

From what i’ve read, Xen is a better bet as a VPS customer as it’s more isolated like a real machine and the provider can’t oversell but for running your own VPS, it seems OpenVZ can perform better as long as you dont need any Xen specific features like the ability to run different kernels, have swap etc (and obviously providers like it as they can oversell).

Thanks,

Ian

Comment on netfilter/iptables split access with multiple ISPs by user

user — Sat, 06 Mar 2010 22:34:42 +0000

You are splitting both incoming (to IN_ETHx) and outgoing packets (to M1/M2) – which is not necessary. Follow http://dev.medozas.de/NF-Cookbook.txt item 5 for a unified solution that also does not need the weighted default gateway.

Comment on netfilter/iptables split access with multiple ISPs by fukawi2

fukawi2 — Thu, 04 Mar 2010 02:20:14 +0000

The kernel connection tracking module is capable of tracking UDP streams. You need to use the state NEW configuration for the UDP traffic like the TCP traffic or your UDP will end up all over the place.

Comment on How to create a simple disk image formatted to ext3 by Kris

Kris — Tue, 02 Mar 2010 15:56:41 +0000

Thanks a lot for this mini-tutorial! This is such a simple task, but I couldn’t grab the right commands to get the job done. I needed to do this to make an ext3 image containing the contents of the latest XO software. They only provide jffs2 images. I’m going to turn into a vmdk virtual disk so I can run virtual XOs in VMware. Oh, I think I also need to replace the kernel with something that doesn’t only run on the AMD ISA. Anyway, thanks again!

Comment on UDP Tunneling to avoid hotspot or firewall restrictions by sileNT

sileNT — Sat, 27 Feb 2010 00:54:18 +0000

And where 53 UDP is blocked, but DNS works (i.e. queries going to a hotspot DNS server) you can always make a tunnel in… DNS queries – for example, with iodine.

Comment on Quick Linux and Windows OpenVPN HOWTO and tutorial, including VPN routing by UDP Tunneling to avoid hotspot or firewall restrictions | Adam Palmer, Linux, PHP Programmer, MySQL Developer, Embedded Hardware, Security Consultant

Wed, 24 Feb 2010 22:20:34 +0000

[...] traffic is allowed out to anywhere, without any kind of authentication. You can therefore install OpenVPN on a remote server which by default listens in on UDP port 1194. You can change this with one [...]

Comment on Linux Squid Transparent Proxy by UDP Tunneling to avoid hotspot or firewall restrictions | Adam Palmer, Linux, PHP Programmer, MySQL Developer, Embedded Hardware, Security Consultant

Wed, 24 Feb 2010 22:16:48 +0000

[...] These are the same type of rules used to configure transparent proxying for Squid. [...]

Comment on Local and Remote Kernel Upgrades – Failsafe Grub by pcz

pcz — Mon, 15 Feb 2010 22:26:25 +0000

you should clearly state, what versions of GRUB have this functionality.
0.96, 0.97 or newer?

maybe some distros have they own versions patched with this functionality?

Comment on Extending tc and iproute2. Linux routing split access multiple uplinks multiple isps iptables masquerading by netfilter/iptables split access with multiple ISPs | Adam Palmer, Linux, PHP Programmer, MySQL Developer, Embedded Hardware, Security Consultant

Wed, 10 Feb 2010 02:43:01 +0000

[...] Quite a while back, I posted article http://www.adamsinfo.com/extending-tc-and-iproute2-linux-routing-split-access-multiple-uplinks-multi... [...]

Comment on PHP Developer – Loops in General by Louie Sison

Louie Sison — Sun, 07 Feb 2010 16:16:03 +0000

PHP basics never turns grey! You made it still shinny adam. Kudos!

Comment on Copy/Export MySQL User Priviledges by Peter Kingsbury

Peter Kingsbury — Sun, 07 Feb 2010 13:59:25 +0000

Hi Adam,

Excellent article, but your site is rendering HTML with extraneous characters which don’t equate to quotation marks.

The correct code would be:
SELECT DISTINCT CONCAT (’show grants for `’, user, ‘`@`’, host, ‘`;’) AS query FROM mysql.user;

Cheers!

Comment on NetCat tutorial for Linux & Windows, HOWTO, nc by Rupak Khurana

Rupak Khurana — Wed, 03 Feb 2010 16:12:07 +0000

I have a CPU board with two 1GigE ethernet ports on it and I am intersted to find out the practical rate at which the data being fed to these ports can be consumed(keeping into account the tcp/ip stack latency, CPU speed etc). How can I accomplish that using netcat? My thoughts are to run a netcat listener and another netcat sender that sends the same data at different speeds and see if it is received ok by the receiver. pls advise.

Comment on Website Security Scan by Thomas J. Raef

Thomas J. Raef — Mon, 25 Jan 2010 10:43:16 +0000

You’ve created a very valuable list here.

I would like to add that one of the most frequent ways we’ve seen of website hacking is through compromised FTP credentials.

Many people immediately think of “cracking” FTP passwords, but that’s not even necessary.

What hackers do is take advantage of the fact that anti-virus companies are having a difficult time keeping up with the viruses. Some reports state that anti-virus companies have to create signatures for up to 30,000 new viruses a day. In order to keep up with this, the anti-virus companies have created more generic type signatures.

These generic signatures are ill-equipped for today’s intelligent cybercriminals. So viruses do get through.

What some hackers have done is create viruses that search the infected PC for certain files that contain the FTP login credentials for websites. That way, the hacker has access to infect hundreds or thousands more PCs.

Some FTP programs store these important credentials in plain text files. For instance, many people use Filezilla. It stores the FTP address, username and password saved by the user in a plain text file. Easy pickings for today’s viruses.

The viruses also “sniff” the FTP traffic leaving a PC. Since FTP transmits all data, including username and password, in plain text, it’s easy for the virus to steal the username and password that way as well.

So, in addition to the steps you’ve outlined above, please let people know that they also need to protect their PCs as well. Otherwise, they may be calling you to help them clean up their websites.

Comment on Linux PPTP (Poptop) VPN Setup with MPPE and MPPC by Johnny

Johnny — Fri, 22 Jan 2010 16:29:50 +0000

Thanks for that info it has really proven to be helpful. I really enjoy reading easy articles leading straight to the point.

Thanks allot.