head -n1 /proc/meminfo | awk '
BEGIN {}
{ TOTAL = $2; }
END {
print "Total memory: " TOTAL;
}'
Tuesday, April 27, 2010
Thursday, April 22, 2010
remove "Antispyware soft" virus
1, The virus is in this folder
%Documents and Settings%\[UserName]\Local Settings\Application Data\[random characters ]\[random characters]tssd.exe
C:\Documents and Settings\Chang\Local Settings\Application Data
You cannot delete this folder, but you can change the folder name.
Try to rename the folder and reboot your pc.
2, reboot your pc and go to safe mode
3, update your regedit
Here is the reference link:
http://www.2-viruses.com/remove-antispyware-soft
4, fuck Antispyware soft
%Documents and Settings%\[UserName]\Local Settings\Application Data\[random characters ]\[random characters]tssd.exe
C:\Documents and Settings\Chang\Local Settings\Application Data
You cannot delete this folder, but you can change the folder name.
Try to rename the folder and reboot your pc.
2, reboot your pc and go to safe mode
3, update your regedit
Here is the reference link:
http://www.2-viruses.com/remove-antispyware-soft
4, fuck Antispyware soft
Monday, April 19, 2010
dump mysql record into a txt file - under linux
step 1 : create a sql file wg.sql
SELECT signature FROM sig_db.signatures ;
Step 2: create shell script file: wg.sh
mysql -N -u yourusername -pyourpassword sig_db < wg.sql > wg.rules
Step 3: run wg.sh
./wg.sh
SELECT signature FROM sig_db.signatures ;
Step 2: create shell script file: wg.sh
mysql -N -u yourusername -pyourpassword sig_db < wg.sql > wg.rules
Step 3: run wg.sh
./wg.sh
Friday, April 16, 2010
view access log, exclude google and yahoo
grreg@abc:~$ sudo tail -f /var/log/apache2/access.log | grep -v yahoo | grep -v google
Thursday, April 15, 2010
reverse mapping checking getaddrinfo
This is dictionary attack - literally a machine trying to connect and login over and over again using usernames and passwords from a dictionary.
In this situation you can create a collection of firewalling rules which will deny access from remote clients who attempt to connect "too many" times.
If you have an existing firewall in place, using iptables, then adding the rules is very straightforward.
The way the recent module works is fairly straightforward, you basically add IP addresses to a list, which can then be used in the future to test connection attempts against. This allows you to limit the number of connections against either a number of seconds, or connection attempts. In our example we'll do both.
An example is probably the simplest way to illustrate how it works. The following two rules will limit incoming connections to port 22 to no more than 3 attemps in five minutes - an more than that will be dropped:
sudo iptables -I INPUT -p tcp --dport 22 -m state --state NEW -m recent --set
sudo iptables -L
sudo iptables -I INPUT -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 300 --hitcount 4 -j DROP
============ log file: sudo less /var/log/auth.log ==================
Apr 15 02:10:44 SS sshd[23278]: reverse mapping checking getaddrinfo for customer-static-123-146-53.
Apr 15 02:10:44 SS sshd[23278]: Invalid user rfmngr from 200.123.146.53
Apr 15 02:10:44 SS sshd[23278]: pam_unix(sshd:auth): check pass; user unknown
Apr 15 02:10:44 SS sshd[23278]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.123.146.53
Apr 15 02:10:46 SS sshd[23278]: Failed password for invalid user rfmngr from 200.123.146.53 port 46864 ssh2
Apr 15 02:10:47 SS sshd[23281]: reverse mapping checking getaddrinfo for customer-static-123-146-53.
Apr 15 02:10:47 SS sshd[23281]: Invalid user sales from 200.123.146.53
Apr 15 02:10:48 SS sshd[23281]: pam_unix(sshd:auth): check pass; user unknown
Apr 15 02:10:48 SS sshd[23281]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.123.146.53
Apr 15 02:10:49 SS sshd[23281]: Failed password for invalid user sales from 200.123.146.53 port 47024 ssh2
Apr 15 02:10:51 SS sshd[23283]: reverse mapping checking getaddrinfo for customer-static-123-146-53.
Apr 15 02:10:51 SS sshd[23283]: Invalid user recruit from 200.123.146.53
Apr 15 02:10:51 SS sshd[23283]: pam_unix(sshd:auth): check pass; user unknown
Apr 15 02:10:51 SS sshd[23283]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.123.146.53
Apr 15 02:10:53 SS sshd[23283]: Failed password for invalid user recruit from 200.123.146.53 port 47137 ssh2
Apr 15 02:10:54 SS sshd[23285]: reverse mapping checking getaddrinfo for customer-static-123-146-53.
Apr 15 02:10:54 SS sshd[23285]: Invalid user alias from 200.123.146.53
Apr 15 02:10:54 SS sshd[23285]: pam_unix(sshd:auth): check pass; user unknown
Apr 15 02:10:54 SS sshd[23285]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.123.146.53
Apr 15 02:10:56 SS sshd[23285]: Failed password for invalid user alias from 200.123.146.53 port 47248 ssh2
Apr 15 02:10:57 SS sshd[23287]: reverse mapping checking getaddrinfo for customer-static-123-146-53.
Apr 15 02:10:57 SS sshd[23287]: Invalid user office from 200.123.146.53
Apr 15 02:10:57 SS sshd[23287]: pam_unix(sshd:auth): check pass; user unknown
Apr 15 02:10:57 SS sshd[23287]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.123.146.53
Apr 15 02:11:00 SS sshd[23287]: Failed password for invalid user office from 200.123.146.53 port 47357 ssh2
Apr 15 02:11:01 SS sshd[23289]: reverse mapping checking getaddrinfo for customer-static-123-146-53.
In this situation you can create a collection of firewalling rules which will deny access from remote clients who attempt to connect "too many" times.
If you have an existing firewall in place, using iptables, then adding the rules is very straightforward.
The way the recent module works is fairly straightforward, you basically add IP addresses to a list, which can then be used in the future to test connection attempts against. This allows you to limit the number of connections against either a number of seconds, or connection attempts. In our example we'll do both.
An example is probably the simplest way to illustrate how it works. The following two rules will limit incoming connections to port 22 to no more than 3 attemps in five minutes - an more than that will be dropped:
sudo iptables -I INPUT -p tcp --dport 22 -m state --state NEW -m recent --set
sudo iptables -L
sudo iptables -I INPUT -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 300 --hitcount 4 -j DROP
============ log file: sudo less /var/log/auth.log ==================
Apr 15 02:10:44 SS sshd[23278]: reverse mapping checking getaddrinfo for customer-static-123-146-53.
Apr 15 02:10:44 SS sshd[23278]: Invalid user rfmngr from 200.123.146.53
Apr 15 02:10:44 SS sshd[23278]: pam_unix(sshd:auth): check pass; user unknown
Apr 15 02:10:44 SS sshd[23278]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.123.146.53
Apr 15 02:10:46 SS sshd[23278]: Failed password for invalid user rfmngr from 200.123.146.53 port 46864 ssh2
Apr 15 02:10:47 SS sshd[23281]: reverse mapping checking getaddrinfo for customer-static-123-146-53.
Apr 15 02:10:47 SS sshd[23281]: Invalid user sales from 200.123.146.53
Apr 15 02:10:48 SS sshd[23281]: pam_unix(sshd:auth): check pass; user unknown
Apr 15 02:10:48 SS sshd[23281]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.123.146.53
Apr 15 02:10:49 SS sshd[23281]: Failed password for invalid user sales from 200.123.146.53 port 47024 ssh2
Apr 15 02:10:51 SS sshd[23283]: reverse mapping checking getaddrinfo for customer-static-123-146-53.
Apr 15 02:10:51 SS sshd[23283]: Invalid user recruit from 200.123.146.53
Apr 15 02:10:51 SS sshd[23283]: pam_unix(sshd:auth): check pass; user unknown
Apr 15 02:10:51 SS sshd[23283]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.123.146.53
Apr 15 02:10:53 SS sshd[23283]: Failed password for invalid user recruit from 200.123.146.53 port 47137 ssh2
Apr 15 02:10:54 SS sshd[23285]: reverse mapping checking getaddrinfo for customer-static-123-146-53.
Apr 15 02:10:54 SS sshd[23285]: Invalid user alias from 200.123.146.53
Apr 15 02:10:54 SS sshd[23285]: pam_unix(sshd:auth): check pass; user unknown
Apr 15 02:10:54 SS sshd[23285]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.123.146.53
Apr 15 02:10:56 SS sshd[23285]: Failed password for invalid user alias from 200.123.146.53 port 47248 ssh2
Apr 15 02:10:57 SS sshd[23287]: reverse mapping checking getaddrinfo for customer-static-123-146-53.
Apr 15 02:10:57 SS sshd[23287]: Invalid user office from 200.123.146.53
Apr 15 02:10:57 SS sshd[23287]: pam_unix(sshd:auth): check pass; user unknown
Apr 15 02:10:57 SS sshd[23287]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.123.146.53
Apr 15 02:11:00 SS sshd[23287]: Failed password for invalid user office from 200.123.146.53 port 47357 ssh2
Apr 15 02:11:01 SS sshd[23289]: reverse mapping checking getaddrinfo for customer-static-123-146-53.
Friday, April 9, 2010
install fio - linux check disk IO
1, yum install libaio libaio-devel
2, download and install fio
wget http://freshmeat.net/urls/3aa21b8c106cab742bf1f20d60629e3f
tar zxvf fio-1.38.tar.gz
2, download and install fio
wget http://freshmeat.net/urls/3aa21b8c106cab742bf1f20d60629e3f
tar zxvf fio-1.38.tar.gz
3, cd fio-1.38
make
make install
4, create fio test file
vim random-read-test.fio
fio random-read-test.fio
mkdir /tmp/fio-testing/
mkdir /tmp/fio-testing/data
fio random-read-test.fio
fio random-read-test-aio.fio
=== random-read-test.fio =======
[random-read]
rw=randread
size=128m
directory=/tmp/fio-testing/data
=====random-read-test-aio.fio===
[random-read]
rw=randread
size=128m
directory=/tmp/fio-testing/data
ioengine=libaio
iodepth=8
direct=1
invalidate=1
5, test
fio random-read-test.fio
[root@localhost mcafee]# fio random-read-test.fio
random-read: (g=0): rw=randread, bs=4K-4K/4K-4K, ioengine=sync, iodepth=1
Starting 1 process
random-read: Laying out IO file(s) (1 file(s) / 128MB)
Jobs: 1 (f=1): [r] [100.0% done] [1,588K/0K /s] [387/0 iops] [eta 00m:00s]
random-read: (groupid=0, jobs=1): err= 0: pid=8230
read : io=128MB, bw=1,143KB/s, iops=285, runt=114704msec
clat (usec): min=184, max=54,583, avg=3491.60, stdev=2170.71
bw (KB/s) : min= 760, max= 1612, per=100.09%, avg=1143.00, stdev=80.09
cpu : usr=0.03%, sys=1.75%, ctx=32778, majf=0, minf=32
IO depths : 1=100.0%, 2=0.0%, 4=0.0%, 8=0.0%, 16=0.0%, 32=0.0%, >=64=0.0%
submit : 0=0.0%, 4=100.0%, 8=0.0%, 16=0.0%, 32=0.0%, 64=0.0%, >=64=0.0%
complete : 0=0.0%, 4=100.0%, 8=0.0%, 16=0.0%, 32=0.0%, 64=0.0%, >=64=0.0%
issued r/w: total=32768/0, short=0/0
lat (usec): 250=3.67%, 500=8.09%, 750=0.87%, 1000=2.25%
lat (msec): 2=13.63%, 4=28.85%, 10=42.39%, 20=0.19%, 50=0.05%
lat (msec): 100=0.01%
Run status group 0 (all jobs):
READ: io=128MB, aggrb=1,142KB/s, minb=1,170KB/s, maxb=1,170KB/s, mint=114704msec, maxt=114704msec
Disk stats (read/write):
dm-0: ios=32743/2373, merge=0/0, ticks=112699/206517, in_queue=319223, util=98.62%, aggrios=0/0, aggrmerge=0/0, aggrticks=0/0, aggrin_queue=0, aggrutil=0.00%
sda: ios=0/0, merge=0/0, ticks=0/0, in_queue=0, util=nan%
[root@localhost mcafee]# fio random-read-test
random-read-test-aio.fio random-read-test.fio
[root@localhost mcafee]# fio random-read-test-aio.fio
random-read: (g=0): rw=randread, bs=4K-4K/4K-4K, ioengine=libaio, iodepth=8
Starting 1 process
Jobs: 1 (f=1): [r] [100.0% done] [5,801K/0K /s] [1K/0 iops] [eta 00m:00s]
random-read: (groupid=0, jobs=1): err= 0: pid=8237
read : io=128MB, bw=5,357KB/s, iops=1,339, runt= 24467msec
slat (usec): min=8, max=39,678, avg=18.37, stdev=295.99
clat (usec): min=5, max=74,765, avg=5943.53, stdev=5904.37
bw (KB/s) : min= 4392, max= 5992, per=99.88%, avg=5350.44, stdev=364.84
cpu : usr=0.04%, sys=7.98%, ctx=30600, majf=0, minf=34
IO depths : 1=0.1%, 2=0.1%, 4=0.1%, 8=100.0%, 16=0.0%, 32=0.0%, >=64=0.0%
submit : 0=0.0%, 4=100.0%, 8=0.0%, 16=0.0%, 32=0.0%, 64=0.0%, >=64=0.0%
complete : 0=0.0%, 4=100.0%, 8=0.1%, 16=0.0%, 32=0.0%, 64=0.0%, >=64=0.0%
issued r/w: total=32768/0, short=0/0
lat (usec): 10=0.01%, 250=4.06%, 500=6.07%, 750=1.39%, 1000=2.27%
lat (msec): 2=9.86%, 4=19.62%, 10=40.74%, 20=12.70%, 50=3.21%
lat (msec): 100=0.08%
Run status group 0 (all jobs):
READ: io=128MB, aggrb=5,357KB/s, minb=5,485KB/s, maxb=5,485KB/s, mint=24467msec, maxt=24467msec
Disk stats (read/write):
dm-0: ios=32464/54, merge=0/0, ticks=191666/2553, in_queue=194260, util=99.75%, aggrios=0/0, aggrmerge=0/0, aggrticks=0/0, aggrin_queue=0, aggrutil=0.00%
sda: ios=0/0, merge=0/0, ticks=0/0, in_queue=0, util=nan%
Thursday, April 8, 2010
install pdflib
Step 1: download pdflib lite
wget http://www.pdflib.com/binaries/PDFlib/704/PDFlib-Lite-7.0.4p4.tar.gz
Step 2: install pdflib lite
./configure
make
make install
Step 3: Pecl for PDFlib
wget http://www.pdflib.com/binaries/PDFlib/704/PDFlib-Lite-7.0.4p4.tar.gz
Step 2: install pdflib lite
./configure
make
make install
Step 3: Pecl for PDFlib
install:
install dependences: phpize (php5-dev package)
pecl install pdflib
path to pdflib installation? :/usr/local
Step 4: php.ini
extension=pdf.so
Step 5:
/etc/init.d/apache2 reload
Subscribe to:
Posts (Atom)