HOWTO: disable IPv6 networking in Debian
IPv6 is ready?
Tonight I did ran netstat (`netstat -plunt`) on my Debian server and saw that I had some ports listening via IPv6. It’s a shame IPv6 hasn’t caught on as it’s better than IPv4 in virtually every way, and it should, especially since TCP/IPv4 was standardized in ARPANET RFC’s… in 1981! Also, IPv6 provides network level security via IPSec, which enables authentication of sender and encryption of communication path, to secure communications, all fun stuff, but while some point to the fact that the Beijing Olympics used IPv6 exclusively as a point in how far it’s come, that’s hardly saying much when the protocol went Alpha… in 1996! I mean I put things off and get distracted, sure, but come on! So while its adoption can be argued to be a case of the chicken before the egg, since I’m not using anything IPv6, nor do I or my ISP even have the capability to use it, it’s silly and perhaps dangerous to leave it running with open ports. So, if you’re not using it, disable it – it’s easy, just put on your pointy hat and follow along… (more…)
Army: Twitter could be a terrorist tool
Tweet, tweet, bomb?
Hmmm…so the Army has claimed that terrorists may be ‘tweeting’ along to plan and organize attacks. Well yeah, I guess they could use Gmail, Slashdot comments and other things the same way, it seems their claim is that since this is more ‘real time’ it could be a danger. Ok, oh, and they take a swipe at Skype as well. Additionally they define a new name I would happily accept, “The report describes hacktivists as politically motivated hackers“. Hacktvist, that’s awesome. The report goes on with,
“The ‘Twitter’ member can send Tweets (messages) near real time to Twitter cell phone groups and to their online Twitter social networking page,” the author said, adding that “there are multiple pro- and anti-Hezbollah Tweets.”
Twitter members “can also mashup their Tweets with a variety of other tools including geo-coordinates and Google Maps or other electronic files/artifacts. Members can direct and re-direct audience members to other Web sites and locations from ‘Tweets’ and can engage in rapid-fire group social interaction,” the writer said.
The author outlined three scenarios where Twitter could be used by terrorists, and pointed out that terrorists have also talked about using other technologies, including cell phones, and Skype and other internet telephony services.
The author, who did not sign the paper, warned that most of the information came from “al-Qaida-like Web sites from ‘uncorroborated’ postings made by terrorists” and “persons sympathetic to terrorism.” Only “rudimentary Arabic language skills and the Google translating tool” were used.
There’s no doubt that ‘terrorists’ will use any means necessary to accomplish their goals, but is this really something to take seriously?
Distributing biodiversity data globally
My current project at work will take me far into next year, and that’s good because I’m facing an unprecedented amount of data, that will only continue to grow. Because of this I’m finally getting to put my money where my mouth is. For years I’ve talked about my ideas and theories about how I could network disparate systems together and have them leverage each other to keep everything in sync. So, while working with Open Source to push boundaries I seem to find more ways to do more complex things. One basic idea that I’m working on now is that data sets are huge, and are only going to get huger (and hugerer) as time goes on, how to handle this has been solved a few different ways. Usually it’s someone like the Internet Archive who have 1000s of computers networked together to share the data (they are using some parts of hadoop for the distributed file system, and then nutch for search indexing) – but it’s still working from one central point of failure. I started doing research to find out how this has been solved before, and if my idea of building a BitTorrent network was sound – and I found some great information to build on. As I’m setting up my demo BitTorrent tracker in Debian, this info keeps me thinking of the best ways to implement my ideas. Much of my progress is due to the very helpful advice of Paul at Geograph Torrent Archive, a project that has somewhat similar goals. (more…)
HOWTO: webserver in 100 lines of Bash
I’m a big Bash fan, I know Perl is the more popular scripting language, and I’m slowly using it more, but hey, if I need something done, I can do it quicker in Bash (keeping in mind that I’m a systems guy, not a dev guy). While at work looking up Bash related syntax I came across a page describing how to run a webserver with 100 lines of Bash. It uses the old school GNU utility Netcat (nc) for communication between the pipes, and just a ton of basic logic and functions to pass it on to the user. It’s one of those things I look at and can’t believe it works, but it does. Of course security is unknown, as is the original author, but I consider this a reference on how to do networking things in Bash; who knows what I’ll use (parts) of it for. If anyone has details on who originally wrote this I’m all ears.[sourcecode language='xml']#!/bin/bash
function debug {
local severity=”$1″
shift
local message=”$@”
echo -n “`date -u`” 1>&2
echo -ne ‘\t’ 1>&2
echo -n “$severity” 1>&2
echo -ne ‘\t’ 1>&2
echo “$message” 1>&2
}
function fix_path {
echo -n “$1″ | head -n 1 | sed ’s|^[/.-]*||’ | sed ’s|/\.*|/|g’
}
function serve_dir {
local dir=”`fix_path “$1″`”
if [ "$dir" = "" ]; then
dir=”./”
fi
echo ‘HTTP/1.1 200 OK’
echo ‘Content-type: text/html;charset=UTF-8′
echo
echo LISTING “$dir”
echo ‘
‘
ls -p “$dir” | sed -e ’s|^\(.*\)$|\1
|’
}
function serve_file {
echo ‘HTTP/1.1 200 OK’
echo ‘Content-type: application/x-download-this’
echo
local file=”`fix_path “$1″`”
debug INFO serving file “$file”
cat “$file”
}
function process {
local url=”`gawk ‘{print $2}’ | head -n 1`”
case “$url” in
*/)
debug INFO Processing “$url” as dir
serve_dir “$url”
break
;;
*)
debug INFO Processing “$url” as file
serve_file “$url”
;;
esac
}
function serve {
local port=”$1″
local sin=”$2″
local sout=”$3″
while debug INFO Running nc; do
nc -l -p “$port” < "$sin" > “$sout” &
pid=”$!”
debug INFO Server PID: “$pid”
trap cleanup SIGINT
head -n 1 “$sout” | process > “$sin”
trap – SIGINT
debug INFO Killing nc
kill “$pid”
done
debug INFO Quiting server
}
function cleanup {
debug INFO Caught signal, quitting…
rm -Rf “$tmp_dir”
exit
}
tmp_dir=”`mktemp -d -t http_server.XXXXXXXXXX`”
sin=”$tmp_dir”/in
sout=”$tmp_dir”/out
pid=0
port=”$1″
mkfifo “$sin”
mkfifo “$sout”
debug INFO Starting server on port “$port”
serve “$port” “$sin” “$sout”
cleanup[/sourcecode]
Hi, I'm fak3r and I've been online for over 15 years, blogging for 10. I work with open source software, various hardware and whatever else that I can hack on. I enjoy learning by doing, painting infrequently and listening to more music than the law allows. Feel free to follow me and comment on my thoughts and ideas; we're all in it together kid.
