ejes consulting

Techincal Consulting Design and Automation

Archive for June 2009

Rudimentry tcp/ip blocking

with one comment

An old throwback from Arpanet is the old “hosts” file.  This was used instead of DNS servers to resolve names to ip addresses. 

The Internet is so huge now that the hosts file is no longer a useful way to resolve host IP addresses to IP addresses, but this “hosts” file does still exist on all TCP/IP capable computers.

You can find yours too by looking in the right spot. 

Windows

In older versions of windows (Windows Me and older) you can find your “hosts” file in your “%WINDIR%” (usually c:\windows).  More modern Windows Variants (NT, 2000, XP, Vista, and 7) can be found in “%SYSTEMROOT%\System32\drivers\etc” (it’s defined in the HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DataBasePath registry key). 

Macintosh

Older Macintosh systems (9 and earlier) it can be found in the System or Preferences folder, or in OS/X (including iPhones and iPods) in the /private/etc/hosts file. 

UNIX/Linux/BSD

All UNIX based systems have a /etc/hosts file. 

Netware

Netware systems it is in the “SYS:etc\hosts” directory.

OS/2

In the c:\mptn\etc\ directory.

Once you’ve determined where your hosts file is you can find that it mostly contains information about your own computer.   Something like:

127.0.0.1       localhost

Hackers sometimes will put their own code in here to point you to their malicious sites:

www.evil.com        www.google.com

The above would effectively send any request for www.google.com to www.evil.com instead.

We can use this to our advantage by blocking known malicious or just plain annoying sites.

Who maintains this list?  The guys at MVPs.org have this as a free service.  Located here: http://www.mvps.org/winhelp2002/hosts.txt

Just download that file, copy it’s entries into your “hosts” file and you should have a fairly recently up to date list of malicious sites and some rudimentary blocking to these sites.

How it works is when your computer goes to lookup the address to these malicious sites (should it ever have to), the address it gets back is 127.0.0.1 which is ALWAYS your own computer.  Meaning that any time it tries to attach to a malicious site, it would actually try to attach to your own computer instead.

Remember, this doesn’t make you invincible; but it does definitely help.

Advertisements

Written by ejes

June 29, 2009 at 11:17 am

Posted in Tutorials

Tagged with , , ,

FreeNAS + MediaWiki Match Made In Heaven

with 4 comments

I love my home network; it’s well designed and more importantly secure.

As part of a modern network, Network Attached Storage is a must.  Especially since I like to have all my information centrally accessable for my XBMC and my multitude of computers and remote access sites, not to mention a source repository for my projects and consulting.

I evaluated a whole lot of solutions for Network Attached Storage,  including out of the box NAS appliances and even building the functionality I needed with OpenBSD or Ubuntu Server.  Finally I was turned on to FreeNAS by a colligue.

FreeNAS, out of the box, came with all the functionality I needed.  Web server, Bitttorrent, CIFS stack and NFS.  As well as a bunch I don’t use (yet).

Configuration was a breeze, just boot from CD, and ta-da it worked beautifually.

I started doing a bit of development on the web-server portion of FreeNAS.  It runs a full blown lighthttp server, with a tiny SQLite backend.  This means that MediaWiki can actually work on this tiny embedded platform.

How?  Simple.

In FreeNAS enable the web server, create a directory to serve from and put the latest version of MediaWiki there, configure it up, including a sqlite database (that I put in a non-browseable place for security purposes) and what do you know… home private wiki.

I’m going to start working on scripts and extensions so that my home media wiki will give information on my house, and media contained therein.

If there is enough interest, I’ll post a tutorial for setting up FreeNAS, and the MediaWiki.

Written by ejes

June 23, 2009 at 8:41 am

Posted in Commentary

Bug: Visual Basic Scripting

leave a comment »

I was developing a source code repository with revision tracking system in VBS for a client.

In this repository each revision would be incremented by 0.01 on each commit to the repository.

Kind of like CVS but much, much simpler.

So it turned out to be quite simple (the source is in my Scripts Library) but I found some strange activity in VBS when it comes to floating point math.

VBS has a function to convert a signed decimal string to a number so that you can perform mathematical functions on it.  “CSng(string)”  is the function.

So once you’ve converted a number from a string, then add 0.01 it should effectively add 0.01 to the last number.

So, lets consider this code:

Version=CSng("0.01")
WScript.Echo Version
Version=Version+0.01
WScript.Echo Version

What would you assume the ouput would be?  0.02 right?vbs-csgn error

WRONG!  VBS outputs “1.99999997764826E-02”.

VBS Can’t Do Math!

Written by ejes

June 15, 2009 at 11:16 am

Tutorial: Free Air Miles

with one comment

Like many, I collect air miles.  It takes me months, sometimes years to aqurie enough air miles to buy a pack of gum – but I collect them anyway.

A short time ago, Air Miles teamed up with Yahoo! search and they produced something called the “AIR MILES (R) TOOLBAR” (https://www.airmiles.ca/arrow/Toolbar)

This toolbar gave you the ability to add up to 30 air miles per month based on how many searches you do.

I tried it.  It’s slow and buggy, it crashes constantly, and I hate using Windows.  This made me hate this application, but the hacker in me decided to see if I could exploit this toolbar for my own purposes.

The first thing I noticed is that you can search just by typing in the “address bar” in Internet Explorer (my least favorite browser)

Knowing that VBS (Visual Basic Scripting Edition) can be used to enter text directly into the address bar, I decded to see if it could initiate a search on my behalf.

LOL, it CAN!!!

So, The only thing left, a dictionary of search terms.

Here is a link to my script: https://ejesconsulting.wordpress.com/scripts/airmiles.vbs/

Enjoy!

Remember this is released for educational purposes only, to use it would break your agreement with Air Miles, and therefore put you at risk for legal action.

This script is offered in an incomplete format so that in order to use it you must purposesly try to break your licence agreement with Air Miles.

Written by ejes

June 8, 2009 at 2:18 pm

Tutorial: iPhone Ringtones for Free!

with one comment

 The iPhone is the ultimate handheld platform, it’s very well designed (like most Apple hardware and software) and has a vast list of features.
One of which is Ringtones.

I’ve seen literally hundreds of sites advertising their rss feed, podcast, or immediately downloadable ringtones for your iPhone.

I also found a few sites (for example: http://theappleblog.com/2008/08/07/free-custom-iphone-ringtones-using-only-itunes/) on how to create ringtones.  (amazing tutorial by the way, works like a dream)

But what if you don’t have the song in your library?  I like having video game music as my ringtone, especially obscure ones like “Mario Kart Wii – Star Man”

So, what I did is found a copy of Mario Kart Wii – Star Man in MP3 format.  (http://www.vgmusic.com)

After downloading it, I could just import it into my iTunes library, convert it, and insert it on my iPhone like the tutorial suggests.

But, I’m difficult.  I don’t want to mess up my library, and I wanted a slightly lighter process than the one listed.

I also wanted to be able to do it on ANY operating system, for free and with no legal ramifications.

My favorite tool (lately) for converting media formats is VLC.  (http://www.videolan.org/)

Other than being able to play any format known to man (and some that aren’t), VLC can convert from one format to another.  It’s interface isn’t very good, but it’s workable for our process.

So, now i have an mp3; it’s shorter than 30 seconds which is the maximum length the iPhone accepts for a ringtone, so I can use this one out of the box.  If it WERE larger than 30 seconds I would probably trim it using “SoX” (Sound eXchange) (http://sox.sourceforge.net/)

Now load up VLC.

Select “Media -> Convert / Save”.

Now, the tricky part. 

On the “Encapsulation” tab select MP4.  Set up a “File” while you’re here.

VLC transcode options (m4r) screenshot 1

VLC Encapsulation Options

 

 Then select the “Audio codec” tab, and enable it.  Set the Codec to “MPEG 4 Audio (AAC)“.  Ensure the bitrate is 128 kb/s and the 2 channels.

VLC

VLC Audio Codec Options

 

That’s it.  Press Save.

Change the extension to “.m4r”, and import it into iTunes, sync it with your iPhone and select your new Ringtone from the Settings screen.

For the lazy, I wrote a batch file that should do this for you:

https://ejesconsulting.wordpress.com/scripts/mp3-to-m4r-bat/

Written by ejes

June 8, 2009 at 1:44 pm

Posted in Tutorials

Tagged with , , , , , , ,