echo "00:11:24:3e:a5:78" | egrep "^([0-9a-fA-F]{2}\:){5}[0-9a-fA-F]{2}$"

In the event that there was a problem getting the MAC address (e.g., faulty NIC or unstable device driver), I generate a random hostname instead of basing the hostname generation on the MAC. Here’s how I validated the MAC in the script:

if [ `echo $ACTIVE_INTERFACE_MAC | egrep "^([0-9a-fA-F]{2}\:){5}[0-9a-fA-F]{2}$"` ]; then
	# generate unique hostname based on MAC
else
	# generate random-character hostname
fi

For systems that are only accessed remotely via SSH, such a scenario can be painful. What is needed is a daemon that watches the link status of the Ethernet jack and reconfigures the network (or sends out another DHCP request) when it detects a cable is plugged in (or the power to the router is restored).

ifplugd does exactly that:

ifplugd is a Linux daemon which will automatically configure your ethernet device when a cable is plugged in and automatically unconfigure it if the cable is pulled.

On a Debian system, installing and configuring ifplugd is relatively simple using apt-get install ifplugd. Once its been installed, it needs to be configured by editing /etc/default/ifplugd. The most basic configuration is to simply set INTERFACES="auto" and HOTPLUG_INTERFACES="all". This configuration tells ifplugd to watch all network interfaces for a new link status and automatically reconfigure them using the Debian network configuration defined in /etc/network/interfaces.

I recently needed to automate the install and configuration of ifplugd on many remote Linux systems, so I wrote this simple script.

Download: install-ifplugd.tar.gz

#!/bin/sh

#########################################
# Author: Raam Dev
#
# This script installs ifplugd and configures
# it to automatically attempt to restore any
# lost connections.
#
# Must be run as root!
#########################################

# Check if we're running this as root
if [ $EUID -ne 0 ]; then
   echo "This script must be run as root" 1>&2
   exit 1
fi

# Files used when configuring ifplugd
OUTFILE=/tmp/outfile.$$
CONFIG_FILE=/etc/default/ifplugd

# Update package list and install ifplugd, assuming yes to any questions asked
# (to insure the script runs without requiring manual intervention)
apt-get update --assume-yes ; apt-get install --assume-yes ifplugd

# Configure ifplugd to watch all interfaces and automatically attempt configuration
sed 's/INTERFACES=\"\"/INTERFACES=\"auto\"/g' < $CONFIG_FILE > $OUTFILE
mv $OUTFILE $CONFIG_FILE

sed 's/HOTPLUG_INTERFACES=\"auto\"/HOTPLUG_INTERFACES=\"all\"/g' < $CONFIG_FILE > $OUTFILE
mv $OUTFILE $CONFIG_FILE

If you’re interested in doing more with ifplugd, check out this article.

First, login to the admin section of your SupportSuite installation. Now insert a new mail parser rule by selecting Mail Parser » Manage Rules » Insert New Parser Rule in the left navigation menu. Now configure the parsing rule as follows:

Rule Title: Close Ticket via Email
Stop processing rules: No
Execution Order: 1

Now add three criteria (press the green plus icon to add more than one criteria).

Body » Contains » close this request
Plain-text Body » Contains » close this request
HTML Body » Contains » close this request

You can change ‘close this request’ to whatever you like, but keep in mind it should be something that isn’t likely to occur in a ticket response (i.e., ‘close’ would probably be too generic).

If you have more than one email queue and you only want this mail parser rule to apply to a specific queue, you can add a forth (optional) criteria:

Destination E-mail Address: [mail queue address, i.e., support@mycompany.com]

Now finish configuring this parser rule:

Select Match Any Criteria
Set Rule Type: Post Parse
Change Ticket Status: Closed

That’s it! Now press Insert and you’re done.

To get started, navigate to to the following screen by choosing Settings -> Mail, Contacts, Calendars -> Add Account… -> Other:

Now choose Add CalDAV Account and enter your Google Calendar account login details. The server should be set to www.google.com. When you’re done, press Next and wait for the iPhone to verify the information:

When it finishes, go back to your home screen and open your calendar. Press the Calendars button at the top left to view a list of all available calendars. You will now see an All Google option listed:

If you only want to view your Google calendars, you can select the All Google option. Otherwise, choose All Calendars to view all of them. Now when you add, delete, or modify an entry on any of your Google calendars from your iPhone, they will automatically be synced with Google!

CVE-2008-5353 is a critical Java vulnerability that was discovered back in August 2008 and patched by Sun Microsystems a few months later. However, Apple has failed to release a patched version of Java, even in the latest 10.5.7 update! CVE-2008-5353 is described as follows:

Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows untrusted applets and applications to gain privileges via unknown vectors related to “deserializing calendar objects.”

Since Apple failed fix this vulnerability in the latest update to OS X (10.5.7), Landon Fuller, a programmer and former Apple Engineer, released a proof-of-concept demonstrating the exploit. The demonstration is done by launching a Java applet in your web browser and using the exploit to run the /usr/bin/say command on your Mac to “speak” some words through your speakers. This may not sound very dangerous, but this same exploit could be used to run malicious code on your Mac without your even knowing it!

So, how can I protect myself?

For now, all you can do is entirely disable Java in your browsers to ensure no Java applets are allowed to run. The good news is that chances are you probably don’t depend on Java anyway (remember, Java is not JavaScript). And if you find yourself needing to run something that does require Java (the browser will alert you with a message saying the Java plugin isn’t installed), you can always re-enable Java in your browser while you’re using the applet, and then disable it again when you’re done. Inconvenient, yes, but worth it. This is one nasty vulnerability, and with all the publicity it’s been getting lately, there’s bound to be more malicious code in the wild just waiting to hijack your system.

Disabling Java in Firefox

In Firefox, choose from the menu, Firefox -> Preferences. Then select the Content tab and un-check the Use Java option:

Disabling Java in Safari

(applies to both Safari 3 and Safari 4 Beta)

In Safari, choose from the menu, Safari -> Preferences. Then select the Security tab and un-check the Enable Java option:

Update: TidBITS writes that Apple has released a patched version of Java that fixes this issue. It is available through Software Update.

vi /path/to/some/file.conf
[make some edits]
:w
VIM Message: E45: 'readonly' option is set (add ! to override)
:q!
$ sudo vi /path/to/some/file.conf
[make all my edits AGAIN]
:w

I have gone through this process so many times that I knew there must be an easy fix for it. (I know about sudo !! for running the previous command, but I only recently started developing the habit of using it.) After forgetting to use sudo while editing a configuration file yet again this morning, I finally decided to search Google and find a solution. Here it is:

vi /path/to/some/file.conf
[make some edits]
:w
VIM Message: E45: 'readonly' option is set (add ! to override)
:w !sudo tee %

The :w !sudo tee % command tells VIM to write the file (w) but run the sudo command first (!sudo) and read the writing of the file from standard input to standard output (tee) using the same filename as the one we’re editing (%).

After saving the file as root, you’ll get this message: “W12: Warning: File “/private/etc/smb.conf” has changed and the buffer was changed in Vim as well”. You’ll be given the option to reload it, but since you were already looking at the new version it doesn’t much matter which option you choose (OK or Reload).

And last but not least, if you don’t want to remember the syntax for this command, you can map the command in your ~/.vimrc file:

cmap w!! w !sudo tee % >/dev/null

Now, if you forget to edit a file with sudo, you can simply type :w!! to fix the problem!

However, I successfully imported this same certificate, using the same password, on Firefox and Safari. But Internet Explorer (both IE7 and IE8) continued to tell me I was using the wrong password. After checking, double-checking, and quadruple-checking the password, I was 1000% sure the private key password that I was using was correct and that Internet Explorer itself was to blame.

After much trial and error, I discovered the problem: Internet Explorer has a maximum private key password length! The password I was using (modified for security purposes, but identical in length) was as follows:

603979ba15c2097f8f7fy35ec0ucfbeb

That’s 32 characters, the same length as an MD5. However, Internet Explorer appears to have a problem with that! I changed the password to the following 26 character password and the certificate imported with no complaints from IE!

ae869d263e267593286188b638

If you’re having the same problem, you may be wondering how to change the password on your P12 file. To do this, you’ll need access to OpenSSL. If you have a Mac, you might be able to find OpenSSL in /opt/local/bin/openssl. But more likely you’re on Windows and you will need to download and install the OpenSSL binary for Windows.

You can use the OpenSSL program to convert the P12 file to PEM format, and then convert the PEM certificate back into a P12 file, using a shorter 26-character password when prompted. Here’s how:

First, convert the original P12 file to PEM format:

openssl pkcs12 -in my-original.p12 -out certkey.pem -nodes -clcerts

This should give you a file called certkey.pem. This file contains both the certificate and the private key. However, the next command requires that the key be contained in a separate key.pem file, so you’ll want to edit certkey.pem with a text editor and extract the private key portion (it should be the bottom half of the file). The key.pem file should look somewhat like this:

Bag Attributes
    localKeyID: EE 35 CB 41 81 23 4C 89 FF 43 42 E0 3C 3B FF 93 9E 0E B7 AA
Key Attributes: <No Attributes>
-----BEGIN RSA PRIVATE KEY-----
MIIoOwLBAAJBANSdWgmhySZsCD/koC6nST/JzH/Uqjm6NXsQwtTwx493rhM/90BB
JyfdkfDQCHR/XP0szI1LqS/AXfSx1q25/3MCAwEAAQJBAM0Iu+Mm7zJTT7nqDgfv
VW+4RaRVp05JHaWQdeerpBnWJI+2NDsiKrovyrvYjglJcdpXHhoM95T5qm8x65XP
MhkCIQD5vQ2dNGoFGn0yL0ELDU39PrVvfZyJV3wXedjrQm9utwIhAN0FRk/qIWzz
p9ZP9DjIpIRj6BdWLRrZmLqxdnUXifSlAiBy6fb1u0RJjK7HBM9dPK7+NHiQEJCS
8dp7wZl5d1xnCSIhANLoF6pmnyLil4QwgVlOTv9ufqjSZ+w5GD7a3Vj678RpAiAV
6rTJ3mAZAeQiaRHhgRP7SuvQS6EDWDPxbMBMwYklfA==
-----END RSA PRIVATE KEY-----

With these files in place, you can run the following command to convert the PEM certificate back into a P12 format, providing a new password (maximum 26 characters) when prompted for the Export Password:

$ openssl pkcs12 -export -in certkey.pem -inkey key.pem -out my-new-certificate.p12 -rand /dev/random
2048 semi-random bytes loaded
Enter Export Password:
Verifying - Enter Export Password:

That’s it! Now you should be able to install the certificate in Internet Explorer without any “incorrect password” complaints.

$ sudo touch /forcefsck

Alternatively (and depending on your version of Linux) you may also be able to pass an option to the shutdown command:

$ shutdown -rF now

When using a static IP configuration on Linux, you normally add the DNS servers to the /etc/resolv.conf. However, if you try to add a DNS server to /etc/resolv.conf under a DHCP configuration, you’ll notice that your static entry disappears as soon as the DHCP client runs (usually on boot). To prevent this, you need to tell the DHCP client to prepend the static DNS server(s) to /etc/resolv.conf before adding the ones provided from the DHCP server (if any).

The configuration file you’ll need to edit is the same on both Debian and Ubuntu, however depending on your setup the location of the file may vary. Here are the two common places I’ve found the file:

Debian: /etc/dhclient.conf
Ubuntu: /etc/dhcp3/dhclient.conf

Open the file in your favorite editor and add one of two lines at the top, separating multiple DNS servers with a comma and ending the entry with a semi-colon:

If you simply want to add static DNS servers to be used in addition to the ones provided by DHCP, use a prepend entry:

prepend domain-name-servers 208.67.222.222, 208.67.220.220;

If you want to override the DNS servers provided by DHCP entirely and force the system to use the ones you provide, use the supersede entry:

supersede domain-name-servers 208.67.222.222, 208.67.220.220;

Before these static DNS servers will to be appended to your /etc/resolv.conf file, you’ll need to re-run the DHCP client. The easiest way to do this is by running /etc/init.d/networking restart (sudo required) or you can try running the dhclient command.

After re-running the DHCP client, check your /etc/resolv.conf file to confirm the static DNS servers have been added.

Download & Install Software

1. Download MacTheRipper (v2.6.6 is listed on that site but I’m using v3.0. Search BitTorrent for the newer version if you’re interested.)
2. Download HandBrake (I’m using v0.9.3)
3. Install the above applications

Rip the DVD Using MacTheRipper (what an awesome name!)

1. Insert the DVD
2. OS X will automatically start playing the DVD. Press CMD+Q to quit the application.
3. Launch MacTheRipper (and be careful he doesn’t hurt you)



4. Leave the default options and select File -> Save To…
5. Create a new directory to temporarily store the raw contents of the DVD and select it
6. Click Open. MacTheRipper will automatically start ripping the raw contents of the DVD to the directory you selected
7. When the ripping finishes, quit MacTheRipper

Convert the Raw DVD Data to MPEG-4 Using HandBrake

1. Launch HandBrake (don’t break your hand)
2. Upon launching, you should be presented with the Open dialog. You want to select the directory to which you ripped the DVD using MacTheRipper. Note: Select the directory that contains the VIDEO_TS directory, but not VIDEO_TS directory itself! The other directories contain important data, such as AUDIO_TS for audio data.
3. Click Open and HandBrake will scan the various titles in the raw data. When finished, you’ll be left with the main HandBrake screen



4. The correct title should already be selected and it should be the longest one in the list. If it’s a 2-hour DVD, you don’t want to select the title that says 1 minute. There may be lots of short titles mixed in and these may be extras on the DVD or previews.
5. After you’ve selected the correct title, choose browse and select a location where you want to save the converted video. After selecting the location, you can change the filename or leave the default. I like to store various bits of information in the video filename, such as the year the video was released, whether it’s widescreen or full screen, and the codec and audio formats. For example:

   Gattaca.1997.WS.DVDRip.XviD.AC3.avi

6. Now select the format. I usually choose AVI for the best compatibility.
7. For video codec, choose “MPEG-4 (XviD)”
8. Next to “Quality:”, select “Target size (MB)” and use the following guidelines. I like to retain as much of the quality as possible, so I follow these rules. Remember, the higher the file size, the better the quality. If you don’t care so much about quality or don’t have lots of free space, you can just use 700MB for DVDs. I use 1400MB for DVDs, and smaller sizes for TV/Documentary or episodic movies.

   Here are the sizes I use depending on the length of the movie or episode:

   175MB (20-30 mins)
   350MB (40-55 mins)
   1400MB (90 min+), also known as 2CD quality

9. Click the “Audio & Subtitles” tab
10. Choose the best audio source quality available. Sometimes the DVD will contain 6-Channel 5.1 audio, but it won’t be selected by default.
11. If it’s available, select “AC3 Passthru” under “Audio Codec”.



12. With everything configured, click Start. If you’re converting a DVD that is a collection of shorter movies (like the Outer Limits DVD I’m ripping in the example), you can simply click “Add to Queue”, repeat the above process for each of the titles, and then click Start when everything is queued up. If you plan to do this though, you should definitely convert at least one episode first to make sure it comes out correct.

Depending on the speed of your computer, the quality, and the length of the movie you’re converting, this process could take anywhere from 30 minutes to 3 hours.

When HandBrake finishes, try watching the resulting AVI and make sure it plays correctly (with sound and all). If you’re not happy, delete it and repeat the process again. Once you’re happy with the AVI, you can delete the raw data that you ripped earlier with MacTheRipper (it takes up 6-7GB of space!).