UTF-8 in PuTTy

Posted on February 26, 2012 by jon

At work we use Windows on the desktop and so often end up using PuTTy to administer UNIX servers.

Recently I’ve been migrating a large MySQL database containing both Latin-1 and UTF-8 encoded tables. Whilst verifying that the migrated tables were correctly encoded I discovered that by default PuTTy will display Latin-1 even if the remote server’s locale is UTF-8.

Fortunately if you need to work with UTF-8 in PuTTy then you can change the following option:

Configuration -> Window -> Translation -> Remote character set -> UTF-8

Securing MySQL

Posted on February 21, 2012 by jon

Did you know that a default installation of MySQL comes with anonymous, test and remote root user accounts? An attacker with knowledge of MySQL can use these accounts as stepping stones for other attacks. Its definitely worth spending a couple of minutes removing these accounts and make your MySQL installation a little more secure.

# Delete anonymous users
DELETE FROM mysql.user WHERE User='';

# Delete remote root users
DELETE FROM mysql.user WHERE User='root' AND Host!='localhost';

# Delete test database
DROP DATABASE test;

# Delete test users
DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%';

# Refresh privileges
FLUSH PRIVILEGES;

Creating a tiny PXE rescue environment using Slitaz

Posted on February 19, 2012 by jon

Slitaz is a very small (base is 8mb) and highly configurable “live cd” distribution this makes it perfect for use in a rescue environment. The following steps were used to create a ‘rescue mode’ version of Slitaz which can be rapidly booted via PXE and includes RAID kernel modules, networking + SSH.

All of these steps were completed on a virtual machine booted using Slitaz 3.0 base (available from http://mirror.slitaz.org/iso/3.0/flavors/slitaz-3.0-base.iso). When the machine first boots you should login as root (password root) and start ssh (dropbear) then you can complete the instructions via an SSH client.

sed -i 's/DROPBEAR_OPTIONS.*/DROPBEAR_OPTIONS=""/' /etc/daemons.conf
/etc/init.d/dropbear start

Now SSH into the VM and copy/adjust/paste the rest of the instructions.

Get base flavor to work from

tazlito extract-flavor base
cp -a /home/slitaz/flavors/base /home/slitaz/flavors/rescue
cd /home/slitaz/flavors/rescue

Update metadata

sed -i s/base/rescue/ receipt
sed -i 's/Minimal set of packages to boot/base + rescue customisations/' receipt

Add useful packages

echo lvm2 >> packages.list
echo nano >> packages.list

Create directory for custom config

mkdir -p rootfs/etc

Allow root logins

cat /etc/daemons.conf | sed 's/DROPBEAR_OPTIONS.*/DROPBEAR_OPTIONS=""/' > rootfs/etc/daemons.conf

Run ssh on boot

cat /etc/rcS.conf | sed 's/RUN_DAEMONS="/RUN_DAEMONS="dropbear /' > rootfs/etc/rcS.conf

Use interface on private network

cat /etc/network.conf | sed s/eth0/eth1/ > rootfs/etc/network.conf

Set root passwd

passwd
deluser tux
cp /etc/shadow rootfs/etc

Install toolchain and kernel source

for i in slitaz-toolchain ncurses-dev perl linux-source; do tazpkg get-install $i; done

Enable storage kernel modules

cd /usr/src/linux
echo CONFIG_MEGARAID_SAS=m >> .config
echo CONFIG_SCSI_3W_9XXX=m >> .config

Build Slitaz package with the new kernel image and modules

make tazpkg

Copy newly built package into local repo (Note: The filename change is important s/slitaz-/)

mkdir /home/slitaz/packages
cp /usr/src/linux/linux-slitaz-2.6.30.6.tazpkg /home/slitaz/packages/linux-2.6.30.6.tazpkg

Create ISO

tazlito pack-flavor rescue
tazlito get-flavor rescue.flavor
tazlito gen-distro

Copy the kernel and filesystem

scp /home/slitaz/distro/rootcd/boot/rootfs.gz  server:/var/www/html/ipxe/rescue
scp /home/slitaz/distro/rootcd/boot/vmlinuz-2.6.30.6-slitaz  server:/var/www/html/ipxe/rescue

Flashing Belkin APs with DD-WRT without TFTP

Posted on February 7, 2011 by jon

As part of a project to provide complete wireless coverage for a large office building I purchased a batch of 12 Belkin wireless access points. It was decided that replacing the stock firmware with DD-WRT would be a sensible move as it would provide lots of extra functionality. It turned out that the standard procedure for flashing Belkin APs using TFTP was rather hit and miss – it took about 10 reboots to get the first access point flashed!

Fortunately I stumbled across this forum post which described how to modify a DD-WRT firmware image so that it would be accepted by the firmware upload function of the Belkin’s web interface. To simplify this process for the future I wrote a small Perl script which does all the hard work.

Download belkinize.pl.

Dirty IT Jobs!

Posted on June 27, 2009 by jon

I definately prefer my job to any of these! Even dirtier IT jobs: The muck stops here

Immortal Computers

Posted on June 27, 2009 by jon

Still have some of these things in my house! Where Are They Now? 25 Computer Products That Refuse to Die

A sneak peak inside a Google Data Centre

Posted on April 13, 2009 by jon

They aren’t using corkboards anymore! Google container data center tour

Flutter

Posted on March 6, 2009 by jon

Twitter is so last year, I’m on flutter! Flutter: The New Twitter

Yay for Google Sync!

Posted on February 10, 2009 by jon

I’ve been hoping Google would release a SyncML service for Google Calendar and GMail Contacts and now they have! Calendar and contact syncing for iPhone and Windows Mobile devices. Up until now I’ve been using ScheduleWorld (which is really good). All we need from Google now is CardDAV and CalDAV tasks support.

The GNU way to do internationalisation in Javascript

Posted on February 4, 2009 by jon

Useful approach to internationalisation. JavaScript Internationalisation