Setting up easy_install

Posted by admin May 5th, 2010

Many python packages suggest using ‘easy_install‘ to install them. How do you get easy_install working if its not present on your system.

Download the correct egg for your python version from http://pypi.python.org/pypi/setuptools.

Run the egg as if it were a shell script (which it is). For example sh xxx.egg

There are various options for changing defaults for if you are not root for example, but if you are god on your platform….this just works.

Password Authentication Takes Another Poke In the Eye

Posted by andy January 19th, 2010

On January 4th as reported on DarkReading and DataBreaches, Lincoln National Corporation notified the New Hampshire Attorney General’s Office of a major security breach affecting 1.2 million people. In addition to the internal cost of investigating the breach and bringing in an external forensics team; in addition to planning and executing remediation activities; in addition to the brand impact and loss of trust in the marketplace, Lincoln National had to cut checks for identity and credit monitoring services for all affected users……….

http://blog.thesecurityconsortium.net/2010/01/password-authentication-takes-another-poke-in-the-eye/

Using route and iptables to proxy traffic

Posted by andy September 10th, 2009

As part of an experiment at work, I wanted to intercept all traffic on port 80 that was headed to a certain IP address. To handle the traffic, I built a python script using BaseHTTPServer based around this sample code and ran it on .202 - one of my CentOS 5.2 boxes.

Next step was to get the traffic to the right machine. As the browser was on a Vista box, I used the windows command route ADD 82.94.164.162  192.168.0.202 Yes that’s the python.org website. I often use that for testing as is generally well behaved and doesn’t seem to do ’special’ things.

Now I needed to tell the .202 box to not forward the traffic, but to deliver it locally. iptables to the rescue: sudo /sbin/iptables -t nat -A PREROUTING -p tcp -j REDIRECT

Didn’t even need to poke a hole in the iptables firewall as this seemed to do the job without.

iptables is BUCK!

Converting VMWare 1.0.6 preallocated virtual disks to growable

Posted by andy February 16th, 2009

Running out of space on your VMWare Server? Try this to convert some of your larger preallocated disks to growable. This way they only consume the space on the disk that they currently need, and will not consume disk space on the host drive for disk space on the guest systems whic is in fact empty and unused.

Stop the VM, then:

vmware-vdiskmanager -r GuestVM.vmdk -t 0 NewGuestVM.vmdk

This will create a new, growable, copy of the original drive. Then you will need to point the VM at the new drive (or delete the original and rename the new one back to the same name as the old).

I assume there is a performance penalty for doing this. But if you are running out of space, this can at least buy you some time.

While you are messing around on the command line, you could use the following to defrag the VMDK file for better perfomance.

vmware-vdiskmanager -d Guest.vmdk

CentOS 5.2 does not install on VMWare Server 1.0.6

Posted by andy February 15th, 2009

This is a known bug inherited from RedHat.

http://rhn.redhat.com/errata/RHSA-2009-0225.html

Workaround is to add

scsi0.virtualDev = "lsilogic"

to the .vmx file before installation.

To read a CD into an ISO on CentOS 5.2

Posted by andy January 2nd, 2009

dd if=/dev/cdrom of=your_image.iso

Mounting the CDRom on Centos 5.2

Posted by andy January 2nd, 2009

Ensure the mount point /mnt/cdrom exists.

To perform the mount:

mount -t auto /dev/cdrom /mnt/cdrom

If the symbolic link /dev/cdrom is not there, then try:

mount -t auto /dev/hdb /mnt/cdrom

replacing hdb with whatever your device is called.

Poking a hole in the CentOS firewall

Posted by andy January 2nd, 2009

With CentOS 5.2 (as ever), use the following to enable a listening tcp port (in this case 8000) to be accessed through the firewall.

sudo /sbin/iptables -A INPUT -p tcp –dport 8000 -j ACCEPT
sudo /sbin/service iptables save
sudo /sbin/iptables -F

Enabling RDP on Windows Vista Home

Posted by andy December 27th, 2008

The instructions for retrofitting Terminal server to Windows Vista Home are here. This enables Remote Desktop to that machine.

Enabling RDP on Windows XP Home

Posted by andy December 27th, 2008

The instructions for retrofitting Terminal server to Windows XP Home are here. This enables Remote Desktop to that machine.