Tuesday, April 13, 2010

virus issues

expand C:\I386\explorer.ex_ %systemroot%\explorer.exe
sfc /scannow
http://www.squidoo.com/explorer-exe
http://www.helpwithwindows.com/WindowsXP/howto-24.html
http://www.windowsbbs.com/malware-virus-removal/91421-resolved-nothing-will-open-trojan-horse-3.html

http://www.virustotal.com/
http://spywarehammer.com/simplemachinesforum/index.php?PHPSESSID=aan48qtqdimgkrsc6o922dl1j0&topic=7328.15
http://www.avg.com/gb-en/avg-rescue-cd
http://www.threatexpert.com/report.aspx?md5=f5e8d2e4bc003eb319cb2480d7e54084
http://www.bleepingcomputer.com/combofix/how-to-use-combofix

find all files created in last 7 days
modified in last 7 days

posted by roleli @ 1:54 PM  

Saturday, January 16, 2010

Haiti, Earthquake and Twitter

The tragic earthquake in Haiti has once again highlighted the usefulness of Twitter. In the minutes that followed the earthquake the first voice from Haiti was over the Twitter streams. It its not only Twitter that has stood out the ability to 'tweet', i.e. send messages, using the smartphones such as the IPhone, Blackberry, Nokia and others. What this has done is allowed not only text but images to be tweeted in seconds. The phone has become powerful too.

Useful Twitter Users
Going back to Haiti, there have have been a some twitter users whose updates have proven useful. These accounts I have found helpful in following events in Haiti


A quick search of Haiti turned up users retweeting, i.e. repeating, updates provided by those users and in effect they quickly became the credible sources of what was happening around Haiti.

Twitter 101
Twitter allows users to freely sign up for an account and begin sending messages limited to 140 characters. Users can then follower other users, (twitters) and other persons can follow them. Users can communicated publicly by sending messages to each other using the "@username message" syntax , retweet/repeating messages using the "RT @username message" syntax and where a user is following you send a private direct message by typing "DM username message".
To tag messages the use is made of the hashtag (#), e.g. 'message #tag'.
In a nutshell that is a Twitter 101 and you are on the way.

Interestingly, it was only a year ago on that the United Airlines was forced to land in the Hudson after a bird strike took out the engines. The first place with the news was Twitter. When Micheal Jackson died it was Twitter again. In Jamaica, when the fire at Wray and Nephew broke out it was Twitter again and when the American Airlines crashed after landing Twitter was my first source.

This real-time up-to-minute stream has made reporters of all and Journalists in the media in Jamaica will have to accept this.

Google's Partnership
Google's Partnership with Twitter in providing real-time Twitter search results has only served to increase Twitter's audience

Lessons Learnt
CNN has championed scoial media and used it to full effect in the 2008 USA Presidential Race. Today it appears that everyone of CNN's anchors has a Twitter account, Facebook page or blog.
They have used twitter and the contacts made to good effect. Message to media in Jamaica, ignore twitter and by extension social media to your own peril.

Remember to donate to the credible place like
  • American Red Cross
  • Salvation Army
  • Adventist Development Relief Agency (ADRA)
CNN has a good list http://cnn.com/impact/

Labels: , ,

posted by roleli @ 4:23 PM  

Friday, January 01, 2010

Spamassassin 2010 Bug Solution

It seems that every year at the start of the year there is some computer related issue. This time the bug has struck Spamassassin a tool used by many web host in Spam Filtering. The bug seems to affect both Spamassassin versions 2.x and 3.x.

The bug lies in a rule, FH_DATE_PAST_20XX, that checks for email with forward dates e.g. 2010,2011... 2020. However the rule worked fine for mail with dates 2000-2009 but we are now in 2010.

Solution: (Quick Fix)

There are a few approaches

1. Add local.cf

Add this rule

score FH_DATE_PAST_20XX 0

2. 50_scores.cf
Find 50_scores.cf and edit it

change
score FH_DATE_PAST_20XX 2.00753.384 3.554 3.188 #n=2

to
score FH_DATE_PAST_20XX 0 #n=2


You might need to restart you spamd process .

Note: this is a quick fix not a permanent solution
a) if your spamassassin settings are global and not on a user by user basis. You will need to update the user settings.
b) The rule needs correcting

A bug report has been filed by users.

References

Labels:

posted by roleli @ 10:02 AM  

Thursday, November 12, 2009

Force File Download with PHP

Here is the code taken from
function output_file($file, $name, $mime_type='')
{
/*
This function takes a path to a file to output ($file),
the filename that the browser will see ($name) and
the MIME type of the file ($mime_type, optional).

If you want to do something on download abort/finish,
register_shutdown_function('function_name');
*/
if(!is_readable($file)) die('File not found or inaccessible!');

$size = filesize($file);
$name = rawurldecode($name);

/* Figure out the MIME type (if not specified) */
$known_mime_types=array(
 "pdf" => "application/pdf",
 "txt" => "text/plain",
 "html" => "text/html",
 "htm" => "text/html",
 "exe" => "application/octet-stream",
 "zip" => "application/zip",
 "doc" => "application/msword",
 "xls" => "application/vnd.ms-excel",
 "ppt" => "application/vnd.ms-powerpoint",
 "gif" => "image/gif",
 "png" => "image/png",
 "jpeg"=> "image/jpg",
 "jpg" =>  "image/jpg",
 "php" => "text/plain"
);

if($mime_type==''){
  $file_extension = strtolower(substr(strrchr($file,"."),1));
  if(array_key_exists($file_extension, $known_mime_types)){
  $mime_type=$known_mime_types[$file_extension];
  } else {
  $mime_type="application/force-download";
  };
};

@ob_end_clean(); //turn off output buffering to decrease cpu usage

// required for IE, otherwise Content-Disposition may be ignored
if(ini_get('zlib.output_compression'))
 ini_set('zlib.output_compression', 'Off');

header('Content-Type: ' . $mime_type);
header('Content-Disposition: attachment; filename="'.$name.'"');
header("Content-Transfer-Encoding: binary");
header('Accept-Ranges: bytes');

/* The three lines below basically make the
   download non-cacheable */
header("Cache-control: private");
header('Pragma: private');
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");

// multipart-download and download resuming support
if(isset($_SERVER['HTTP_RANGE']))
{
 list($a, $range) = explode("=",$_SERVER['HTTP_RANGE'],2);
 list($range) = explode(",",$range,2);
 list($range, $range_end) = explode("-", $range);
 $range=intval($range);
 if(!$range_end) {
  $range_end=$size-1;
 } else {
  $range_end=intval($range_end);
 }

 $new_length = $range_end-$range+1;
 header("HTTP/1.1 206 Partial Content");
 header("Content-Length: $new_length");
 header("Content-Range: bytes $range-$range_end/$size");
} else {
 $new_length=$size;
 header("Content-Length: ".$size);
}

/* output the file itself */
$chunksize = 1*(1024*1024); //you may want to change this
$bytes_send = 0;
if ($file = fopen($file, 'r'))
{
 if(isset($_SERVER['HTTP_RANGE']))
 fseek($file, $range);

 while(!feof($file) &&
  (!connection_aborted()) &&
  ($bytes_send<$new_length)
       )
 {
  $buffer = fread($file, $chunksize);
  print($buffer); //echo($buffer); // is also possible
  flush();
  $bytes_send += strlen($buffer);
 }
fclose($file);
} else die('Error - can not open file.');

die();
} 

/*********************************************
   Example of use
**********************************************/ 

/*
Make sure script execution doesn't time out.
Set maximum execution time in seconds (0 means no limit).
*/
set_time_limit(0); 
$file_path='that_one_file.txt';
output_file($file_path, 'some file.txt', 'text/plain');

posted by roleli @ 5:55 AM  

Thursday, October 08, 2009

Touch Command for Windows

If you every need to change the last modified date on a windows file here is a command that does so

copy /b test.txt +,,

Source:

Labels:

posted by roleli @ 4:42 AM  

Thursday, July 30, 2009

Keeping your Geolocation up to date

If you host Open Ads or use Geographic targeting you will realise that from time to time you need to update you geo-location data file. This is an shell script to help

Script

#!/bin/sh
# retrieve and update Geolocation database

#get date...
today=`date +%d-%m-%y`
#today=`date +%d-%m-%y` #date in this format 04-08-09
#today=`date +%Y%m%%d` #date in this format 20090804

#go to folder
cd /home/adserver/

#grab data file
/usr/bin/wget -q --limit-rate=100k wget http://geolite.maxmind.com/download/geoip/database/GeoLiteCountry/GeoIP.dat.gz

# Check if file exists

if [ -f /home/adserver/GeoIP.dat.gz ]
then
#backup current file
if [ -f /home/adserver/GeoIPCity.dat ]
then
/bin/mv /home/adserver/GeoIP.dat /home/adserver/GeoIP-$today.dat
fi

#uncompress new file
/bin/gzip -d /home/adserver/GeoIP.dat.gz
fi

Cron Job
Let us say the file above is called update.sh. Add this to your cron.

0 2 7 * * /bin/sh /home/adserver/update.sh > dev/null 2>&1

Notes:

1. Ensure the full paths for mv, cd, wget are correct
you can find that by doing a whereis command name e.g whereis mv

2. Change "/home/adserver/" to the your path to where you want to put the file

3. if " if [ -f filename ] ..." does not work try "if[ -e filename ].."

4. The service is free, from maxmind.com so I try not to abuse their servers.
a) limit the download rate to --limit-rate=100k
b) update once month usually about the 5,6,7th ( the say the 1st of the month but the updates are usually late
( paid services are available)

5. you an remove the old file using "/bin/rm -f /home/adserver/GeoIP.dat " but I am one for backups


Useful

Labels:

posted by roleli @ 6:28 AM  

Monday, June 29, 2009

MYSQL, Foreign Keys

Here is my example and some pointers that lead a solution to my problem.

'contact_id' in table 'note' referencing 'id' in table 'contact'

CREATE TABLE 'contact' (
'id' int(10) unsigned NOT NULL auto_increment COMMENT 'Unique Contact ID',
PRIMARY KEY ('id'),
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci AUTO_INCREMENT=0 ;

CREATE TABLE 'note' (
'id' int(10) unsigned NOT NULL auto_increment COMMENT 'Note ID',
'entity_table' varchar(64) collate utf8_unicode_ci NOT NULL COMMENT 'Name of table where item being referenced is stored.',
'entity_id' int(10) unsigned NOT NULL COMMENT 'Foreign key to the referenced item.',
'contact_id' int(10) unsigned default NULL COMMENT 'FK to Contact ID creator',
PRIMARY KEY ('id'),
KEY 'index_entity' ('entity_table','entity_id'),
KEY 'FK_note_contact_id' ('contact_id')
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci AUTO_INCREMENT=0;

ALTER TABLE 'note'
ADD CONSTRAINT 'FK_note_contact_id' FOREIGN KEY ('contact_id') REFERENCES 'contact' ('id') ON DELETE SET NULL;

Things to note

1. Tables must be same type. [in this case InnoDB]
2. The columns must be the same type.[in this case int(10)]
3. The Attributes must be the same unsigned
4. The field that is referencing must be default set to null "default NULL"
i.e. contact_id , must be default NULL. (If you specify a SET NULL action, make sure that you have not declared the columns in the child table as NOT NULL.)
5. Indexes on foreign keys and referenced keys
6. Watch your case. the FK is case sensitive

If you need to alter a table do the following

set foreign_key_checks = 0;
...
Alter table etc..
..
set foreign_key_checks = 1;

Useful reference:
See also:

posted by roleli @ 7:30 PM