Just for my notes.. Even though the CVV numbers on a credit card, look like numbers :), don’t treat them as integers in your code. Some of the numbers start with a 0.. so 059 might become 59 by the time you try to process it if you capture the CVV field as an integer.
Just treat them like a string.
And obviously you are not storing them anywhere in your application/network :). Or you might end up in the headlines like some of our retailers.
Interesting analogy to Thomas Edison’s quote “Genius is one percent inspiration, ninety-nine percent perspiration” by Elizabeth Gilbert on a recent Radio Lab show
99% Oyster and 1% pearl
Came across quote by Robert A. Heinlein on a blog post by Jacques Mattheij regarding a what a competent man should be able to do
A human being should be able to change a diaper, plan an invasion, butcher a hog, conn a ship, design a building, write a sonnet, balance accounts, build a wall, set a bone, comfort the dying, take orders, give orders, cooperate, act alone, solve equations, analyze a new problem, pitch manure, program a computer, cook a tasty meal, fight efficiently, die gallantly. Specialization is for insects.
Some of the joys I got to experience in the last two years raising our Son :).
And yes.. a whole lot of new found respect for my parents.
We needed to add a certificate that is currently in PKCS#12 format currently into a java keystore at work recently. The typical step would be due to create an empty keystore and then import the certificate from the PKCS#12 store using the following command
[code]keytool -importkeystore -srckeystore sourceFile.p12 -srcstoretype PKCS12 -destkeystore destinationFile.jks[/code]
Note: PKCS#12 files can have extensions “.p12” or “.pfx”
The command executed without any issues, but we received the following error when we started the application server using this newly created keystore
[code]java.io.IOException: Error initializing server socket factory SSL context: Cannot recover key [/code]
It didn’t make sense, because we were able to view the certificate in the keystore and were using the right password in the configuration files.
After a lot of searching and head scratching, the team came up with the following solution
The commands used were
[code]
openssl pkcs12 -in sourcePKCS12File.p12 -nocerts -out privateKey.pem
openssl pkcs12 -in sourcePKCS12File.p12 -nokeys -out publicCert.pem
openssl pkcs12 -export -out intermittentPKCS12File.p12 -inkey privateKey.pem -in publicCert.pem
keytool -importkeystore -srckeystore intermittantPKCS12File.p12 -srcstoretype PKCS12 -destkeystore finalKeyStore.jks
[/code]
I have use grep extensively before to analyze data in log files before. A good example is this post about using grep and sort to find the unique hits to a website. Here is another way to do it using grep and awk.
Say the log file you are analyzing is in the format below and you need to get the unique number of BundleIDs
[code]2013-02-25 12:00:06,684 ERROR [com.blahblah.sme.command.request.CustomCommand] Unable to execute AssignServiceCommand, request = ‘<AssignServiceToRequest><MemberId>123456</MemberId><OrderBundle><BundleId>5080</BundleId></OrderBundle></AssignServiceToRequest>'[/code]
you can use grep and awk to find the number of times a unique bundleID appears by running
[code]grep -i bundleID LOG_FILE_NAME | awk ‘{ split ($11,a,">"); print a[6]}’ | sort | uniq -c | sort -rn [/code]
breaking down the commands
grep -i : tells grep to only show the lines from the file (LOG_FILE_NAME) containing the text bundleID and makes the search case insensitive
awk ‘{ split ($11,a,”>”); print a[6]}’ : tells awk to grab the input from grep and take the 11th item (by default awk separates content with a space) and split the string into an array (a) using > as a delimiter. And finally print out the value of the array a’s sixth member
sort : sorts the output from awk into ascending order
uniq -c : takes the output from sort and counts uniq items
sort -qn : takes the output from uniq and does a reverse order sort
The output looked like this
[code]
173 5080</BundleId
12 5090</BundleId
8 2833</BundleId
1 2412</BundleId
1 2038</BundleId
1 1978</BundleId
1 1924</BundleId
[/code]
quick note for self. If you are capturing traffic using tcpdump, you can rotate the capture files based on size
[code]sudo tcpdump -i INTERFACE_TO_CAPTURE_TRAFFIC_ON -C 10 -s0 -W NO_OF_FILES_TO_ROTATE_THROUGH -w /PATH_TO_CAPTURE_FILE [/code]
explanation of the options used
-i : specify the interface you want to capture the traffic on. If not specified, tcpdump will listen on the lowest numbered interface. i.e. eth0
-C : specify the size of the file multiplied by 1000000 bytes. In this example, the file created would be 10000000 bytes. Or ~9.8MB
-s : specify the packet length to capture. 0 (zero) tells tcpdump to capture the entire packet
-W : specify the number of files to rotate through once the files size specified in -C is reached. The files keep rotating throughout the capture
-w : Specify the path to the capture file. tcpdump appends an integer to the end of the file based on the number of files it has to rotate through.
If you are using the mod_proxy feature in Apache to forward requests for certain content to a backend server, but want to restrict access to that content to clients originating from certain IP addresses, you can use the location feature in Apache.
The Location directive limits the scope of the enclosed directives by URL. This is very similar to the Directory directive, but the difference is that you can put controls based on the URL rather than the location of the content.
In this example, I am forwarding content destined to https://kudithipudi.org/testLocation to an internal server at http://127.0.0.1:8080/testLocation. I am going to use the Location directive to restrict access to just requests originating from IP Address 10.10.10.10
[code]
<Location /testLocation>
Order Deny,Allow
Deny from all
Allow from 10.10.10.10
</Location>
ProxyPass /testLocation http://127.0.0.1:8080/testLocation
ProxyPassReverse /testLocation http://127.0.0.1:8080/testLocation [/code]
A collection of one liners using different tools and programming languages to run a full fledged web server on any machine. They can be used to
The criteria for the on liners was that you don’t need any additional modules other than the standard modules included with the language distributions.
netcat (nc) is pretty powerful network utility. You can start a web server running on port 8080 by simply running
[code]nc -l 8080[/code]
If you want to serve a particular file, you can do so by running
[code]while :; do nc -l 8080 < SAMPLE_FILE ; done [/code]
You can start a web server in python by running
Python 2.x
[code] python -m SimpleHTTPServer 8080 [/code]
Python 3.x
[code]python -m http.server 8080 [/code]
This command will serve up a page with listing of all the files in the directory that the command was executed in. Pretty nifty way to quickly share files
You can start a web server in perl by running
[code]perl -MIO::All -e ‘io(":8080")->fork->accept->(sub { $_[0] < io(-x $1 ? "./$1 |" : $1) if /^GET \/(.*) / })’ [/code]
You can start a web server using Ruby by running
sudo ruby -rwebrick -e ‘server = WEBrick::HTTPServer.new : Port = >8080
server.start’
I haven’t been able to figure out how to pass an end of line in the command line. So you need to literally pass the commands in two lines.
Scratch that.. My friend, Ray, showed me the right way to pass a line delimiter in the same command.
[code]ruby -rwebrick -e ‘server = WEBrick::HTTPServer.new(:Port => 8080) ; server.start’ [/code]
He even provided an additional option to define the directory you want to serve files from
[code]: DocumentRoot => ‘/some/shit’ [/code]
Starting with PHP 5.4 you can initiate a web server by running
[code]php -S localhost:8080[/code]
All of these options should work on any operating system. But I have only tried them on Linux.
Do you know how to do the same thing in other languages? Please share them in the comments section.
Credits: I collected these bits of code from the following sites
Python : http://www.garyrobinson.net/2004/03/one_line_python.html
Perl : http://www.perlmonks.org/?node_id=470397
Ruby : http://phrogz.net/simplest-possible-ruby-web-server
PHP : http://php.net/manual/en/features.commandline.webserver.php
I am a Google fanboy. And I don’t make a secret of it :). All the smartphones I have ever carried are Android based, unless you count the Blackberry as a smartphone. All my tablets are Android based. My personal domain is served by Google Apps. I use Google Analytics to report on the traffic to this blog.
You get the picture.. I love all things Google 🙂
Today, I have made a pretty radical decision. Radical, considering my history and association. I am going to use an iPhone and iPad for the next 60 days. And then I am going to use a Windows Phone and Windows Tablet for the following 60 days.
Why you ask? I think it is important for every technology executive to try offerings from all the major players in the market. You might your personal preferences, but you should at least experience what your customers are experiencing when they use the technology on a daily basis.
I wouldn’t necessarily call it dogfooding, since I am not developing (or involved in) these devices, but you have to have a good understanding of the different offerings out there. Yes, you can read the reviews, but experiencing it on your own is quite different.
I will be blogging the results of this experiment soon :).
