Monday Feb 16, 2009
Back in 2006, which is just yesterday in terms of domain name ownership, I registered a domain name. Late in 2008 my ex-business partner left his full time employment and together with somebody else I never met, they went into business together. Good for them. At that point I was asked by my ex-business partner to give away my domain name. It was a good name and it was of use to them. I wasn't about to just give away a perfectly good domain name, and why would I? I asked that he sort out some outstanding paperwork around the business we had, and then I'll think about it. Maybe. Suddenly he wasn't in a hurry to sort our anything so I started ignoring his mails asking about the domain transfer.
Today I learned that Nominet (organization in charge of the .uk top level domain) transferred the domain name to my ex-business partner account, without my approval. Without an email or so much as a phone call or even a signature bearing FAX to me. Essentially Nominet just gave away my domain that I registered in 2006. Nominet stole my domain. Then they sold it or gave it away.
That is theft in my book.
It is also very bad business for people in the internet domain name registration practice to just really mess up on basic security.
So I am seriously wondering what or how did it happen, without my authorization. I was never contacted by them, so... I am speculating here, but if a third party is able to call in, and say he is me, and request a domain to be transfered, which more over succeeds without the TLD administrator verifying identity of the requester, then something is seriously wrong with Nominet.
I just mailed Nominet awaiting some explanation about why they allowed someone to steal my domain name. Was identity thief involved in this?
Saturday Nov 10, 2007
I have become the lucky owner of a Trust 1200VA management UPS. The bad news is that, the manufacturer provides software for Microsoft systems only. However, I found an opensource ups monitor called Network UPS Tools, that is said to work under unix a-like systems. And yes, I managed to make it work on Solaris 10, this short howto tells you how.
The first thing we need is a user account that will be used to run nut daemons. I say, the user 'ups', and the group 'ups' (also), with the home directory in /var/ups, that will be used as the state directory (this is mentioned later).
# groupadd -g 999 ups
# useradd -u 999 -g ups -d /var/ups -s /bin/false -m ups
# chown ups:ups /var/ups
# chmod 750 /var/ups
At this point you need NUT sources, that are available for download at http://www.networkupstools.org/source.html. You have to download, extract, and compile them:
# /usr/sfw/bin/wget http://www.networkupstools.org/source/2.2/nut-2.2.0.tar.gz
# gunzip -c nut-2.2.0.tar.gz | tar -xf -
# cd nut-2.2.0
# ./configure --prefix=/opt/nut --with-statepath=/var/ups --with-user=ups --with-group=ups
# make && make install
Let's stop here for a second, as I need to explain couple of things, with regards to the configure command. The prefix is where nut is going to be installed, the statedir is the same as the home directory of previously created user, the user and the group are self-explanatory.
I presume everything went fine, there were not errors - just like in the ideal world. Ok, its time configure it a little bit. So be prepared to edit couple of files in the text editor of your choice, but please do also read the comments, as some of the options (e.g. the password) have to be changed.
/opt/nut/etc/ups.conf:
[trust]
# full list of deivers at http://www.networkupstools.org/compat/stable.html)
driver = megatec
port = /dev/ttya
/opt/nut/etc/upsd.conf:
# bind to localhost only
LISTEN 127.0.0.1
# define ACLs
ACL all 0.0.0.0/0
ACL localhost 127.0.0.1/32
# Accept connections from localhost...
ACCEPT localhost
# ... and reject anything else
REJECT all
/opt/nut/etc/upsd.users
# define monitor user
[monuser]
password = YOUR_PASSWORD
allowfrom = localhost
upsmon master
/opt/nut/etc/upssched.conf
CMDSCRIPT /opt/nut/bin/upssched-cmd
/opt/nut/etc/upsmon.conf
RUN_AS_USER root # root is required for shotdown
MONITOR trust@localhost 1 monuser YOUR_PASSWORD_AGAIN master
MINSUPPLIES 1
SHUTDOWNCMD "/usr/sbin/poweroff"
POLLFREQ 5
POLLFREQALERT 5
HOSTSYNC 15
DEADTIME 15
NOTIFYCMD /opt/nut/bin/notify # will create this later
POWERDOWNFLAG /etc/killpower
NOTIFYFLAG ONLINE SYSLOG+WALL+EXEC
NOTIFYFLAG ONBATT SYSLOG+WALL+EXEC
NOTIFYFLAG LOWBATT SYSLOG+WALL+EXEC
NOTIFYFLAG COMMOK SYSLOG+WALL+EXEC
NOTIFYFLAG COMMBAD SYSLOG+WALL+EXEC
NOTIFYFLAG SHUTDOWN SYSLOG+WALL+EXEC
NOTIFYFLAG REPLBATT SYSLOG+WALL+EXEC
NOTIFYFLAG NOCOMM SYSLOG+WALL+EXEC
NOTIFYFLAG FSD SYSLOG+WALL+EXEC
RBWARNTIME 43200
NOCOMMWARNTIME 300
FINALDELAY 5
Done, now simply change permissions to only created config files, so that only ups user is able to read them as your password is stored there.
# chgrp ups ups.conf upsd.conf upsmon.conf upssched.conf
# chmod 640 ups.conf upsd.conf upsmon.conf upssched.conf
I have previously mentioned the notify script that, would mail you whenever the UPS status changes (e.g. low battery).
#!/bin/bash
echo "$*" | mail -s "UPS state changed" foo@bar.com
Don't forget to make it exacutable
# chmod 755 /opt/nut/bin/notify
We are almost home, the only thing left here is the SMF, so that the nut daemons would start auto-magically on system boot. You need the method and manifest files to make this work.
# mkdir -p /opt/nut/lib/svc/method
# vi nut
#!/usr/bin/sh
. /lib/svc/share/smf_include.sh
NUT_DIR=/opt/nut
STATE_DIR=/var/ups
PID_UPS=${STATE_DIR}/upsd.pid
PID_MON=/var/run/upsmon.pid
ups_stop () {
if [ -f ${PID_MON} ]; then
/usr/bin/kill `cat ${PID_MON}` > /dev/null
/usr/bin/rm -f ${PID_MON}
fi
if [ -f ${PID_UPS} ]; then
/usr/bin/kill `cat ${PID_UPS}` > /dev/null
/usr/bin/rm -f ${PID_UPS}
fi
${NUT_DIR}/bin/upsdrvctl stop > /dev/null 2>&1
}
ups_start () {
$NUT_DIR/bin/upsdrvctl start >/dev/null 2>&1
$NUT_DIR/sbin/upsd >/dev/null 2>&1
$NUT_DIR/sbin/upsmon >/dev/null 2>&1
}
##
# Start of script
#
case "$1" in
start)
ups_start
;;
stop)
ups_stop
;;
restart)
ups_stop
while pgrep upsd > /dev/null
do
sleep 1
done
ups_start
;;
*)
echo ""
echo "Usage: `basename $0` { start | stop | restart }"
echo ""
exit 64
;;
esac
# vi /var/svc/manifest/network/nut.xml
<?xml version="1.0"?>
<!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1">
<service_bundle type='manifest' name='nut'>
<service name='application/nut' type='service' version='1'>
<instance name='default' enabled='false'>
<dependency name='network'
grouping='require_all'
restart_on='error'
type='service'>
<service_fmri value='svc:/milestone/network:default'/>
</dependency>
<dependency name='filesystem-local'
grouping='require_all'
restart_on='none'
type='service'>
<service_fmri
value='svc:/system/filesystem/local:default'/>
</dependency>
<exec_method
type='method'
name='start'
exec='/opt/nut/lib/svc/method/nut start'
timeout_seconds='60'>
<method_context />
</exec_method>
<exec_method
type='method'
name='stop'
exec='/opt/nut/lib/svc/method/nut stop'
timeout_seconds='60'>
<method_context />
</exec_method>
<exec_method
type='method'
name='refresh'
exec='/opt/nut/lib/svc/method/nut restart'
timeout_seconds='60'>
<method_context />
</exec_method>
</instance>
<stability value='Evolving' />
<template>
<common_name>
<loctext xml:lang='C'>
Network UPS Tools
</loctext>
</common_name>
</template>
</service>
</service_bundle>
You can download them directly from:
http://blogs.sun.com/mikey/resource/method-nut and http://blogs.sun.com/mikey/resource/manifest-nut
That's everything, time to enable the service and test the configuration:
# svccfg import nut.xml
# svcadm enable svc:/application/nut:default
# /opt/nut/bin/upsc trust@localhost
battery.charge: 95.0
battery.voltage: 13.50
battery.voltage.nominal: 12.0
driver.name: megatec
driver.parameter.pollinterval: 2
driver.parameter.port: /dev/ttya
driver.version:
driver.version.internal: 1.5.4
input.frequency: 49.9
input.voltage: 247.0
input.voltage.fault: 247.0
input.voltage.maximum: 252.3
input.voltage.minimum: 243.0
output.voltage: 247.0
output.voltage.nominal: 230.0
ups.beeper.status: enabled
ups.delay.shutdown: 0
ups.delay.start: 2
ups.load: 11.0
ups.mfr: unknown
ups.model: unknown
ups.serial: unknown
ups.status: OL
ups.temperature: 25.0
You should be able to see the output similar to this above, which is a kind of confirmation that everything works fine.
Sunday Jul 29, 2007
Today, I was invited over to see a wrestling match in Bathgate. There is a club called SSW, and these guys are really good, maybe not as good as guys you can see on TV, but keep on mind I've never been to such a place before. So, again these guys are good and probably most important - they have a lot of passion to what they do. I've got over 100 pics on my cell phone but most of them ain't worth anything. Basically because these guys are moving, well... too FAST to catch them in action.... or this is me - being too excited about the whole thing and not pressing the button fast enough. Anyway, there are couple of good shots available bellow, enjoy!
Wednesday Jul 25, 2007
Just a short note before I hit the rack.
As you are probably aware there was a power outage in San Francisco, California this afternoon where over 20k households lost power. This outage also affected Sun sites (including www.sun.com, doc.sun.com and even opensolaris.org) which were unavailable due to power outage in InterNAP's San Francisco Data Centre. So far the cause of outage remains unknown.
Read more:
Reuters
San Francisco Gate
Fox News
Tuesday Jul 24, 2007
Today morning I received my card reader from RBS. This piece of technology
is to ensure customers secure transactions over their on-line
banking system.
The actualdevice looks like of the picture.
There are three function buttons on the device, called identify, respond, and sign respectively. According to enclosed instruction manual the first one has use to login to the banking system, the second to verify the transactions, set up new standing orders, etc. and the third remains quite a mystery to me (maybe a feature of some kind), and is not documented.
The actual device has a card reader that reacquires your RBS debit card to work. So for instance to create a new standing order you need to:
(to make its easier lets presume you're already logged in the digital banking and only need to verify that you are who you say you are)
a) insert your RBS debit card into a card reader
b) punch in your card's PIN
c) enter the query number shown on your computer screen
d) respond with a securecode given by your card reader
Now you may say, “cool finally my internet banking would be safe from hackers, yay!”. Or you may alternatively say “I don't have a MIT engineering degree, help!”, neither do I, and here is how I see it...
First of all you need to carry your card reader with you whenever you go, same applies to your card, that you probably already have in your wallet. I tend to wear jeans and there are only two pockets. And I usually have my wallet, mobile and keys with me, so both pockets are in use. Where I am expected to carry this card-reader anyway?
The other issue is, it's still possible to login to digital banking using your passwords combination. The thing sometimes I just want to look up my balance, and it would really annoy me if I had to use the card-reader each time I want to do so.
Anyway, its good to see that RBS takes security of their customers very seriously, and balance can be checked on *selected* ATMs also.
P.S.: I'd like to thank to Glynn Foster for the best, greatest hackergotchi I ever had :D -- thanks Glynn!
Saturday May 26, 2007
I came across a requirement of obtaining the list of svn authors along with the number of corresponding commits. My solution to this is as follows...
The first assumption is, the list has to be updated every time a new commit is made to the svn repository. The best solution to this is to use post-commit script that resides in SVNROOT/hooks directory and is executed every time for a successful commit after it has been made.
NOTE: In the following example SVNROOT is located at/svnroot/repos/opensolarispl
$ cat /svnroot/repos/opensolarispl/hooks/post-commit
# update contributor counters
/home/users/mnowak/bin/svnstats.sh
As you can see here, the post-commit script simply calls the svnstats.sh script. And its all the job I need. Let's have a closer look at the svnstats.sh then.
$ cat /home/users/mnowak/bin/svnstats.sh
#!/bin/bash
cat /svnroot/repos/opensolarispl/db/revprops/* |
/home/users/mnowak/bin/wgrep.pl -d -w0:2 svn:author | grep -v
'svn:author' | grep -v 'V ' | sort | uniq -c | sort -gr | awk '{print FNR". " $2 " ("$1")" }' > /home/users/mnowak/public_html/svnstats.txt
Let me explain this one. First of all, script reads every single file in the SVNROOT/db/revprops directory that contains data on every commit (author, date, log). Every single file in that directory represents a separate commit by the respective author. The structure of an example file in question looks like this:
K 10
svn:author
V 9
mnowak
K 8
svn:date
V 27
2006-11-21T16:47:07.791433Z
K 7
svn:log
V 20
a test commit
END
At this point an amazing tool called wgrep comes in handy, as author's nick is two lines after the svn:author tag, and this is how I catch it. The rest of the script cleans up the output a little, counts the number of occurrences for every author (each occurrence is one commit made by an author), and finally writes it to the file in a format we would like to see.
Finally the list would look like this:
1. trochej (58)
2. claudiush (36)
3. mnowak (29)
4. dosiu (21)
5. estibi (15)
6. schism (4)
7. greyer (1)
Sunday May 20, 2007
check it out, it's pretty cool ... http://msdewey.com
It is the new live search engine, with a flash AI interface and an attractive women speaking to you every the time you preform a search. Speech recognition could be fun also, you might be just "speaking" to her, to get your searching on the table.
I give it 8/10, but ya gotta play with it like ask it about launch codes, she will go with "I have always wanted one of those, and I have also wanted a mid life crisis".
Here are some of her responses I managed to get:
Q: "Answer to life, the universe, and everything"
A: "Are you just letting your dog type now?"
Q: "Quantum physics"
A: "I am not drunk enough to listen to it right now"
Then, leave her alone for a minute, don't type anything, and watch...
It's nice but to do it right, it would take an ungodly amount of horsepower, like the googleplex....imagine if GOOGLE did something like that..how cool it would be?
Thursday May 17, 2007
Everyone is excited about ZFS these days, so am I! The thing is, I am one of these guys who hate too many directories in the / filesystem, like ZFS do.
In the following example every ZFS dataset is mounted out of the zpool container (/mercury), so this remains empty. I wanted to get rid of this empty zpool container dataset somehow...to meet *my*, errr...ahem well..."mikey Fashion Standard©"
NAME USED AVAIL REFER MOUNTPOINT
mercury 5.68G 262G 25.5K /mercury
mercury/mail 36.4M 3.96G 36.4M /var/mail
mercury/samba 996M 99.0G 996M /data/samba
mercury/software 24.5K 262G 24.5K /export/software
The solution was in fact pretty easy...
zfs set mountpoint=none mercury
so I end up with:
NAME USED AVAIL REFER MOUNTPOINT
mercury 5.68G 262G 25.5K none
mercury/mail 36.4M 3.96G 36.4M /var/mail
mercury/samba 996M 99.0G 996M /data/samba
mercury/software 24.5K 262G 24.5K /export/software
Well, I can set a mountpoint for this zpool to something else, say... /tmp/mercury, but what's the point? It's empty, anyway.
Gotta love this feature.
Thursday May 17, 2007
It was always my dream to open this Portal, and now it became reality..
It is a great honour and pleasure to announce Polish OpenSolaris Portal.
There were some complications so that delayed things a little bit, but we are back on track! The problem is, it was difficult to get all the team members sign their SCA, basically because some members disappeared after translating one or two pages. The good news is there are many new members we have gained, and that willing to work, so the community is growing.
Poland is the second country to open its portal just right after Japan (according to Country Portals Project page). I hope this Portal will be beneficial to the community as Poland happens to be in the top of the list of countries ordering OpenSolaris Starter Kit.
The other thing is this move should encourage other county portals communities to open their own portals, as there are only three places on the podium, so first come, first served.. :)
In the end, from this very place I'd like to thank my team
members - good job guys, I am proud of y'all :)
|
|
|
|
Maybe your ex business partner was somehow able to...
Hi Kevin,
thanks for your comment, but this is n...
Dear Alan,
appreciate your post, but this is wit...
Hi Mikey,
I'm really concerned to read your comm...
UPDATE:
After the mail I fired to Lesley Cowley,...
This has just happened to me now! I had a breach o...