Remove reviews

How to save/restore iptables rules on Ubuntu?

cdman83 — Mon, 28 Dec 2009 05:01:00 -0800

This might be an obvious thing to old Linux-heads out there, but it sure caught me off-guard, so there might be some use in spelling it out:

iptables-save and iptables-restore do not actually save/load the iptables rules to/from an external file. You are responsible for redirecting the output of iptables-save to a file and modifying the interface-up scripts such that it is loaded before the given interface comes up.

The Ubuntu documentation tells you how (although, it also was the source of my confusion) - the following commands should be executed as root, so don't forget to sudo su first:

Save your rules in a file: iptables-save >/etc/iptables.rules
Edit your interfaces file (substitute your own favorite editor here): nano /etc/network/interfaces
Add a pre-up command to restore the saved rule. The fully configured file should look similar to this (the bold line is the one added):
```
auto eth0
iface eth0 inet dhcp pre-up iptables-restore < /etc/iptables.rules
```

HTH. And remember - security is a process / mindset, not a state. Always test the configuration changes you've done, don't just assume that everything went ok because you didn't receive error messages.

How eco-friendly is a BMW?

cdman83 — Sat, 26 Dec 2009 14:06:00 -0800

The short answer is: I don't know :-)

While I was watching National Geographic, I caught a glimpse of the BMW "Efficient Dynamic" advertisement campaign. The claims made by this campaign were quite extraordinary and - being the cynic that I am - I thought: hang on, this sounds too good to be true. The claims as I recall were:

BMW reduced fuel consumption by 16%
This reduction is more than twice the reduction achieved by the next premium segment competitor
This reduction is more than twice the average reduction obtained by the industry

Being an aspiring skeptic I decided to look into these claims, but being the lazy ass that I am, quickly gave up after making a mental list of what would be involved (finding out what they mean by "premium segment" and who their competitor were, finding a reliable source of data, etc). So, instead, I turned to math to see if all these claims can be true at once. So, in math-talk we have the following data:

BMW = 16
Lets suppose that we have three competitors A, B and C with A being the closes to BMW
A, B and C are in the interval [0, 100]
BMW >= 2*A
BMW >= 2 * AVG(BMW, A, B, C)

Then I turned to the OpenOffice Solver which promptly came up with an answer: A=8, B=0, C=0. Starting from this I came up with a more plausible-looking solution: A=7, B=5, C=5.

What does this mean? That - mathematically speaking - the claims made might be true. As always - trust, but verify. These simple mathematical tools are available to everyone and can be used to unmask the more extreme false claims (of course, just because a claim is mathematically possible, it doesn't make it necessarily true). Go search for information. You should find it - since it wants to be free!

Picture taken from maazbot's photostream with permission.

Recouping your data from a hung program

cdman83 — Sat, 26 Dec 2009 13:15:00 -0800

Scenario: you are typing away in your blog editor on Ubuntu doing a (somewhat) Flash-heavy post. You make the mistake of hitting "Preview" and the blogging software hangs. How can you get your post out?

Find the PID of your blogging software
Coredump it (gcore [PID] - this will create a file called core.[PID] in the current directory) - sidenote: interestingly, coredumping doesn't actually kill the application - this makes me wonder about thread safety... What guarantees does gcore make about the consistency of the dumped state? Probably none... This isn't important in this case, since the program is hung for good.
Use a hex editor (GHex for example) and search for a part of the blogpost. You will probably find it multiple times, but you can easily identify one occurrence which has a complete copy.
Copy the blogpost from the hexeditor
Profit!

Hope this saves somebody from retyping their text!

PS. This can be applied to other programs too where the storage format is "human readable" (like text editors - as opposed to spreadsheet editors). An other trick you might try is to search for the string as Unicode (since more international-aware programs might store it as that). While GHex doesn't support this directly, you can manually insert the 00 bytes between the Latin characters. An other option would be to run strings on the coredump file with different --encoding options.

Congratulation to AV-Comparatives!

cdman83 — Fri, 25 Dec 2009 12:06:00 -0800

AV-Comparatives is an independent, well-known and well respected testing organization in the AV/Anti-Malware field. They recently published two reports and one meta-report:

Go read them if you have questions like "which product is the best for me?". Thank you Andreas for providing a great and impartial service.

PS. One surprising thing for me was the high detection rates in the dynamic test - upward of 90%. This indicates that either I'm too much of a cynic or that their crawler system still has room to improve - I would expect AV products to be around 60-70% effective against new threats.

Don't listen alone!

cdman83 — Fri, 25 Dec 2009 11:47:00 -0800

Do you like Linux? Do you listen to podcasts? If you've answered yes to both of those questions, you should know what LUG Radio is (if not, do a quick checking - I promise you that it will be worth it!).

The bad news? They stopped it in 2008. The good news? A documentary titled "Don't listen alone!" - a great title if I may say so - about it just came out! So watch it below (sorry for splitting it up into 10 minute segments, but YouTube limits you to this):

Or go over to Jono's site and watch it from blip.tv (my problem with blip.tv is that their delivery method seems to be much less bandwidth friendly - I've got constant "buffering" even on connections where YouTube HQ clips play fine) or download it from archive.org. You can also read up on how the documentary was created (on Linux!) here.

Finally, if you still miss their voices (as I do), head over to ShotOfJaq or to FLOSS weekly and you will be pleasantly surprised!

PS. Offtopic rant: I'm all for open formats and such, but when - after days of searching! - I can't find a tool which supports the OGV container (or the Theora codec for that matter) properly, I'm tempted to give up on them! On the AVI/XVID/h264 side there is Avidemux for example... Finally I had to re-encode the whole video into AVI/XVID just be able to chomp it into 10 minute segments.

delicious/cdman83

cdman83 — Fri, 25 Dec 2009 11:30:00 -0800

A long overdue "linky" post:

Internet Guide | dyn.com

Posted: 22 Oct 2009 04:55 AM PDT

Dyn (of DynDNS) is also getting in the internet content filtering business.

About the Fitbit

Posted: 23 Oct 2009 11:10 AM PDT

BorderWare ReputationAuthority

Posted: 23 Oct 2009 12:09 AM PDT

Petabytes on a budget: How to build cheap cloud storage | Backblaze Blog

Posted: 22 Oct 2009 11:25 PM PDT

Sucuri information security (BETA)

Posted: 22 Oct 2009 11:16 PM PDT

Via http://evilfingers.blogspot.com/2009/10/sucuri-information-security.html

Wall Street (1987)

Posted: 22 Oct 2009 11:04 PM PDT

TeamViewer - Free Remote Access and Remote Desktop Sharing over the ...

Posted: 24 Oct 2009 02:21 AM PDT

On the Effectiveness of Aluminium Foil Helmets: An Empirical Study

Posted: 26 Oct 2009 11:05 PM PDT

Via http://sunbeltblog.blogspot.com/2009/10/tinfoil-hat-time-us-spy-agencies-buy.html

BrightCloud - OEM Hosted Security Services

Posted: 26 Oct 2009 08:47 AM PDT

Bill & Ted's Excellent Adventure (1989)

Posted: 26 Oct 2009 08:07 AM PDT

Amazon.com: Masterminds of Programming: Conversations with the Creators of Major Programming Languages (Theory in Practice (O'Reilly)) (9780596515171): Federico Biancuzzi, Shane Warden: Books

Posted: 30 Oct 2009 08:20 AM PDT

Amazon.com: Programmers at Work: Interviews With 19 Programmers Who Shaped the Computer Industry (Tempus) (9781556152115): Susan Lammers: Books

Posted: 30 Oct 2009 08:20 AM PDT

Amazon.com: Coders at Work (9781430219484): Peter Seibel: Books