Security - We will get there

1. How to extract files in rpm packages without installing them for file in `ls -1 ../*.rpm` ; do rpm2cpio $file | cpio -ivmud ; done
2. Files inside multiple rpm packages for file in `ls -1 ../*.rpm`; do echo The Files in $file >>filelist.txt; rpm -ql -p $file >>filelist.txt; echo >>filelist.txt ; echo >>filelist.txt; done

   

Just two quick tips when dealing with regular expression

1. Regex coach, an interactive regular expressions testbed program from http://weitz.de/regex-coach/

2. To match the rpm file name, for example: gcc-5.0.1-99-102.i386.rpm
       ([^\d]+)-(\d.\d.\d)-(\d\d)-(\d+).(\w+).rpm

To fix the CSS security vulnerabilities.

I did the backup for both files and db, then copy over the new version, copy back the file .htaccess and sites/default/settings.php, then run the update.php. All went smoothly and the site is up in 30 minutes.

 

Recently drupal.org turned off the site search function but suggested to use google instead. Here is the snippet from Eric which is great for my drupal based website too.

"I almost always use site:drupal.org -site:lists.drupal.org -site:cvs.drupal.org -site:api.drupal.org at google.com to search through the forums and the rest of Drupal.org."

From the Improvements to the Drupal.org infrastructure posted at drupal.org, you can have some idea on what the folks are working on.

Here is the whole article for my reference:

Inline Interface Mode Operating in inline interface pair mode puts the IPS directly into the traffic flow and affects packet-forwarding rates making them slower by adding latency. This allows the sensor to stop attacks by dropping malicious traffic before it reaches the intended target, thus providing a protective service. Not only is the inline device processing information on Layers 3 and 4, but it is also analyzing the contents and payload of the packets for more sophisticated embedded attacks (Layers 3 to 7). This deeper analysis

I had nx server setup a while ago to provide remote access for my home network. Recently as I changed my laptop, I had to reinstall the client. It took me a little while to figure out the options to make it work. Here is the tips:

1. NX private key needs to be copied from the server and put into the client.
2. enable ssl encryption, otherwise it will not work.

Then enjoy!

Being busy for the recent 2 weeks. It's another big change for me. To realize my dream, I left my wife and my lovely kids for San Francisco. It's a dream place for me since I am young. I am here to work as an IT security professional, but more importantly I want to get into the atomosphere where startup get born. The work is ok and I should have no problem to grasp the technology there. My spare time was spent on driving around, hanging out with groups and yeah-endless phone calls to my family(using my voip server at home)

1. For x-lite softphone:

cmtor1.ciktel.com   64.187.25.78

Enabled: Yes
Display Name: 4165487147
Username: 999******
Authorization User: CIK*******
Password: ****
Domain/Realm: 64.187.25.78
SIP Proxy: CMTor1.ciktel.com
Out Bound Proxy: CMTor1.ciktel.com

voip