Click this link to go to the page where public peak detection algorithms are compared.
Click this link to go to Github page that contains Peak detection algorithm implemented in Python
Click this link to go to the page where public peak detection algorithms are compared.
Click this link to go to Github page that contains Peak detection algorithm implemented in Python
https://pandora.circl.lu/ | quick, private and simple suspicious document analysis. |
https://lookyloo.circl.lu/ | check and review URLs and website. |
https://hashlookup.circl.lu/ | hashlookup online service to check the existence of a file in known public distributions. |
enter the command as follows to generate a certificate valid for 365 days
sudo apache2-ssl-certificate -days 365
The program asks for few inputs. Please enter as required. It is shown below
Country Name (2 letter code) [GB]:Now you should have your certificate ready to use.
State or Province Name (full name) [Some-State]:
Locality Name (eg, city) []:Singapore
Organization Name (eg, company; recommended) []:
Organizational Unit Name (eg, section) []:
server name (eg. ssl.domain.tld; required!!!) []:enter your domain name here
Email Address []:
(NOTE: Ubuntu Feisty has a bug where the command apache2-ssl-certificate is missing. This is a well documented bug. Here is the file you need to download to overcome this defect to create a self signed certificate. After you download, follow the notes below to copy the downloaded files to the location where they are supposed to be present.Once you have your certificate ready, then you need to configure you apache2.conf file. In this case, the configuration is very simple. Here is an example on how to do it:
Extract the package and put ssleay.cnf to /usr/share/apache2/ and apache2-ssl-certificate to /usr/sbin.
Create /etc/apache2/ssl directory. Then apache2-ssl-certificate script should work.)
I installed Ubuntu Server Edition. Ubuntu Server edition provides an option to install LAMP stact during the installation phase. Choose this option as it saves you the trouble of configuring later.2. Setting up the Root password for MYSQL database
The default installation of LAMP stack will not set the Root password for the MYSQL Database. It is essential that you set the Root password or you will not be able to create any database or create databases from PHPMYADMIN.3. Installing PhpMyAdmin
Ubuntu has a nice way of installing new packages. All i did was:4. Creating Directory structures
sudo apt-get update
sudo apt-get install phpmyadmin
Voila!! PhpMyAdmin was downloaded from ubuntu site and installed automatically. Automatic installation has one limitation though. PhpMyAdmin is linked to your DocumentRoot of Apache.
That is if the Document Root is /var/www. then a symbolic link to PhpMyAdmin is created in /var/www.
So if a anyone can access php just by typing www.yourdomain.com/phpmyadmin. The phpmyadmin user interface shows up. Hence you need to be careful. Please read further down how i am handling the phpmyadmin feature.
This is not necessary if you are a casual user or an enthusiast. But if you are about running your own server either in home or in data centers, then i would strongly recommend to put some thoughts on the Directory structures, users and groups. There are no set rules that the directories needs to be in particular order.
This is the way i am doing it:
Each virtual Host will have its own Document root pointing to seperate location as shown below.
The default directory is
/var/www
…………./default
The default catches all those requests where no signle VHost can serve. This could happen if someone connects to your IP address at Port 80. Since there will be no Host header, Apache will serve from this default root. Other could some one has configured a domain name that resolves to your IP address. In this case, you would not have that domainname in your VHOST, and hence apache will serve from default root. More about Vhosts below.
Now, the Virtual Host directories. I am configuring Two Virtual Hosts.It is a good idea to create directories in the Home directory of the user who hosts that domain.
/home/”username”
……………………/”domainname1″/www
……………………………………………./cgibin
……………………………………………../securearea ( Secure using a htpassword )
…………………………………………………………../MediaStore/photos ( Symbolic Link )
……………………………………………………………/MediaStore/videos ( Symbolic Link )
/home/”username”
……………………/”domainname2″/www
……………………………………………./cgibin
……………………………………………../securearea ( Secure using a htpassword )
……………………………………………………………/MediaStore/videos ( Symbolic Link )
Now setup a Secure area for system admin over internet. This area could be used for running PhpMyAdmin, or a file valut or some thing you want absolute security.
The following is only via SSL
/var/www
………./ssl_securearea
……………………./phpMyadmin ( Symbolic Link )You may notice that the way i have created the directory structure is to seperate your secure area and Non-secure area. For me this is very important as i am overly security consiuos. So ssl_securearea can only be accessed by https and authentication. Securearea under the virtual host is a place where you want to have some kind of user athuentication to maintain your privacy but still contents are not classified in nature. Say, your photo album. You dont want any tom,dick and harry see it. And hence you have some basic athuentication. But at the same time you dont want your photos be encrypted/decrypted before the user sees.
……………………./MediaStore/files ( Symbolic Link )
……………………./MediaStore/Copyrighted Ebooks
Alias Name for First Virtual Host: localdomain1Domain Name for Second Virtual Host: www.doman2.com
Alias Name for Second Virtual Host: localdomain2Domain name for Third Virtual Host: www.domain3.com
Alias Name for Third Virtual Host: SecureDomainFirst make sure that HomeServer is configured properly in your setup. When you type the command hostname, you should Get “HomeServer”. When you do a ping `hostname`, the hostname should resolve to either 127.0.1.1 or the static address you have configured for your interface or the DHCP address provided by your DHCP server. In my case, and most probably your case as well, it resolves to 127.0.1.1. if it does not resolve than please check your network setup.
/etc/hostsSecond make sure that your aliases and domain names are resolvable. In my case, and in most case, domain names are hosted outside so DNS resloving is not an issue. But the issue could alias resolving. All the alias i have mentioned above is for local use only. In my case, the router i have allowed me to configure these alias name and its IP address. If not, then you have to change your /etc/hosts file as follows
/etc/resolve.conf
/etc/hostname
A word before we jump into that. If you notice, for each virtual host i have a domain alias as well. I did this for two reasons. And i encourage others as well. One is that if i want to access my virtual host with in my netowrk, that is behind the firewall, then i just use local alias rather than using the fully qualified domain name. Some of the router, the one i have, does not even allow to access my local machine via a fully qualified domain name. Second, when you are configuring your virtual hosts, i assign these alias to the ServerName directive. As you might know, when apache reads the configuration file, it does host name resolution to resolve all hostnames into IP address. Irrespetive of whether your DNS host is up or down, apache will be able to resolve the alias names as these are locally configured in your /etc/hosts file. Please read this article to know more about this issue.
This is for ubuntu Linux server .
Make sure your /etc/apache2/apache2.conf has the following lines at the end. ( By default it is present )
# Include the virtual host configurations:
Include /etc/apache2/sites-enabled/
Now in /etc/apache2/sites-avilable, crete three files with the following. Backup the defaul file that is already in this directory.
default
www.domain1.com
www.domain2.com
www.domain3.com
Open the “default” file copy the following into it. Change the names and directory according to your setup
ServerName HomeServer
NameVirtualHost *
<VirtualHost *>
ServerAdmin webmaster@localhost
ServerName HomeServer
DocumentRoot /var/www/default
<Directory />
Order Deny,Allow
Deny from all
Options None
AllowOverride None
</Directory>
<Directory /var/www/default>
Options None
AllowOverride None
Order allow,deny
allow from all
</Directory>
ErrorLog /var/log/apache2/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog /var/log/apache2/access.log combined
ServerSignature On
</VirtualHost>
Now open the second file which i have named here as www.domain1.com ( You can name whatever you want. For me this is simpler to keep track of what is inside the file )
The file should have the following
<VirtualHost *>
ServerName localdomain1
ServerAlias lingams www.domain1.com
DocumentRoot /home/”username”/www.domain1.com/www
<Directory />
Order Deny,Allow
Deny from all
Options None
AllowOverride None
</Directory>
<Directory /var>
Order Deny,Allow
Deny from all
Options None
AllowOverride None
</Directory>
<Directory /var/www>
Order Deny,Allow
Deny from all
Options None
AllowOverride None
</Directory>
<Directory /home/”username”/www.domain1.com/www>
Options -Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory “/usr/lib/cgi-bin”>
AllowOverride None
Options ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog /var/log/apache2/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog /var/log/apache2/access.log combined
ServerSignature On
Alias /doc/ “/usr/share/doc/”
<Directory “/usr/share/doc/”>
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>
</VirtualHost>
~
For the second virtual host same as above, only thing changes is the DocumentRoot, Servername and ServerAlias directives.
Now, the following shows how to configure for a VHOST, that allows only SSL trafficNow all the vhost has been configured. You need to enable it. Use the ubuntu provided commands to enable the sites.
<VirtualHost *>
ServerAdmin webmaster@localhost
ServerName securedomain
ServerAlias securedomain www.domain3.com
DocumentRoot /var/www/ssl_securearea
RewriteEngine on
RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [R]
</VirtualHost>
NameVirtualHost *:443
<VirtualHost *:443>
ServerAdmin webmaster@localhost
ServerName securedomain
ServerAlias securedomain www.domain3.com
DocumentRoot /var/www/ssl_securearea
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/apache.pem
<Directory />
Order Deny,Allow
Deny from all
Options None
AllowOverride None
</Directory>
<Directory /var>
Order Deny,Allow
Deny from all
Options None
AllowOverride None
</Directory>
<Directory /var/www>
Order Deny,Allow
Deny from all
Options None
AllowOverride None
</Directory>
<Directory /var/www/ssl_securearea>
Options -Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory “/usr/lib/cgi-bin”>
AllowOverride None
Options ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog /var/log/apache2/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog /var/log/apache2/access.log combined
ServerSignature On
Alias /doc/ “/usr/share/doc/”
<Directory “/usr/share/doc/”>
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>
</VirtualHost>
apache2: Could not reliably determine the server’s fully qualified domain name, using 127.0.1.1 for ServerNameThis is becuase apache is unable to resolve the default hostname of the machine it is running on. To solve this problem, look at the first 5 lines in the “default” file configuration. I am cutting it and pasting it here for your reference
[warn] NameVirtualHost *:80 has no VirtualHosts….This is becuase somewhere in your configuration file you have the same NameVirtualHost:* entered more than once. Apache document clearly state that you can only have one NameVirtualHost per IP address port combination. That is if you have NameVirtualHost *, then you cannot redefine it in some other place. It has to be a different combination. You can see in my securedomain configuration. The last is NameVirtualHost *:443 is ok, becuase it is different port. But i cannot repeat this defination again.
*filter # By Default Drop all incoming and forwarded packets :INPUT DROP [0:0] :FORWARD DROP [0:0] #By default allow all packets that originates from your machine to the outside world :OUTPUT ACCEPT [0:0] #now allow the incoming packets from an established outgoing connection from your machine -A INPUT -m state –state ESTABLISHED,RELATED -j ACCEPT # Allow required Incoming ports. Here i am allowing packets whose destination port is for # http, https, and SSH -A INPUT -p tcp –dport 80 -j ACCEPT -A INPUT -p tcp –dport 443 -j ACCEPT -A INPUT -p tcp –dport 22 -j ACCEPT # accept from local host. -A INPUT -i lo -j ACCEPT # accept echo requests. This will be good to test whether your server is alive -A INPUT -p icmp –icmp-type ping -j ACCEPT COMMIT |
$chmod 600 /etc/sysconfig/iptables |
$service iptables restart /* if you are a root*/ OR $sudo service iptables restart /*if you have privilege to gain root permission*/ |
# # hosts.allow This file describes the names of the hosts which are # allowed to use the local INET services, as decided # by the ‘/usr/sbin/tcpd’ server. # #allow connection from 127.0.0.1 (localhost) to all INET services ALL: 127.0.0.1 #Allow connection from all internet address to sshd service sshd: ALL |
# hosts.deny This file describes the names of the hosts which are # *not* allowed to use the local INET services, as decided # by the ‘/usr/sbin/tcpd’ server. # #Simple Deny access from any address to any service. This is like “Deny first, allow required” #policy ALL: ALL |
I recently came across a website called www.grc.com. When you click on this link it will generate a ultra high secure WPA-PSK keys. Then you can cut and paste into your WIFI base stations and the computers that would like to join your network. I highly recommend this site if you have any Wireless/Network security concerns.
Also they have network port scanner which will scan how vulnerable your network is. I highly recommend you run the tool and close the holes in the firewall. Here is the link for this tool SheildsUp
This site also has software for recovering data from crashed hard drives. It is called SpinRite
WPA-PSK key need to be 256 bits in lenght. Somesoftware, allow the user to enter 256 Key directly by allowing to enter 64 Hexadecimal numbers. But many of them asks for a pass phrase that are between 8 to 63 character in lenght and then convert it into 256 bit Keylength.
This article briefly mentions how this is done.
A key derivation function named PBKDF2 from RSA securities is been standardised by the Wifi alliance for deriving the key from pass phrase.
To know more about the PBKDF2 click RFC2898
PBKDF2 hashes with the SSID of the Access point that we want to join to produce the 256 bit key. The hash function used is SHA1-HMAC. SHA1 computes a 160 bit hash function. And HMAC creates the Message authentication function.
The SHA1-HMAC is iterated over 4096 time to produce the Key. To know more about SHA1 click SHA1 RFC. To knoe more about HMAC, clickHMAC RFC
The Algorithm from top level looks as follows
key = PBKDF2( Pass phrase, SSID, Interation count = 4096, Key length = 256 )
Hope this helps some one.
After your installation of Linux, it is a better idea to do away with root account. This is part of making your system as secure as possible. Almost all Linux installations comes with a program named sudo that provides root privileges to normal users without knowing the root password. This way you can execute commands that are meant to be executed by root. Please follow the steps below to enable any user to obtain the root privileges:
$visudo =========== File snippet below ===================== # sudoers file. # # This file MUST be edited with the ‘visudo’ command as root. # # See the sudoers man page for the details on how to write a sudoers file. # # Host alias specification # User alias specification # Cmnd alias specification
# Defaults specification # User privilege specification # Uncomment to allow people in group wheel to run all commands. Uncomment the following line # Same thing without a password |
$usermod -a -G wheel “username here without the quotes” |
$wc /etc/sudoers wc: /etc/sudoers: Permission denied $sudo wc /etc/sudoers password: # enter your account password here 28 94 579 /etc/sudoers |
If you are using SSH to login to your machine remotely, then follow the procedure below to disallow “root” to login
$sudo groupadd sshusers $sudo usermod -a -G sshusers “username who needs to ssh access without quotes” |
$sudo vi /etc/sshd/sshd_config=========== File snippet. Only the required portion is shown= #LoginGraceTime 2m PermitRootLogin no #Add this line into the file AllowGroups sshusers |
Test it out just by logging in as root. You should get Access Denied message
Now try to login using a user that belongs to sshusers group. You should be able to login
One of my friends forwarded this joke and it is really hilarious. This blog is more about technical stuff. But once in a while a dose of humor is good for you. read on and laugh heartily
ENGLISH OF TOMORROW EU ANNOUNCEMENT
The European Commission has just announced an agreement whereby English will
be the official language of the European Union rather than German, which was
the other possibility.
As part of the negotiations, the British Government conceded that English
spelling had some room for improvement and has accepted a 5- year phase-in
plan that would become known as “Euro-English”.
In the first year, “s” will replace the soft “c”. Sertainly, this will make
the sivil servants jump with joy.
The hard “c” will be dropped in favour of “k”. This should klear up
konfusion, and
keyboards kan have one less letter.
There will be growing publik enthusiasm in the sekond year when the
troublesome “ph” will be replaced with “f”. This will make words like
fotograf 20% shorter.
In the 3rd year, publik akseptanse of the new spelling kan be expekted to
reach the stage where more komplikated changes are possible.
Governments will enkourage the removal of double letters which have always
ben a deterent to akurate
speling.
Also, al wil agre that the horibl mes of the silent “e” in the languag is
disgrasful and it should go away.
By the 4th yer people wil be reseptiv to steps such as replasing “th” with
“z” and “w” with “v”.
During ze fifz yer, ze unesesary “o” kan be dropd from vords kontaining “ou”
and after ziz fifz yer, ve vil hav a reil sensi bl riten styl.
Zer vil be no mor trubl or difikultis and evrivun vil find it ezi tu
understand ech oza. Ze drem of a united urop vil finali kum tru.
Und efter ze fifz yer, ve vil al be speking German like zey vunted in ze
forst plas.
If zis mad you smil, pleas pas on to oza pepl.