XBee DIO

Posted by admin - 10/05/12 at 04:05:56 am
The configuration for both xbee modules is straight forward (thanks ladyada for documenting this):
Remote – TX setup (attached to doorbell input button)
- D0 – DIO Configuration – (3 – DI) [data in]
- IC – Dio Change Detect – (FF)
- Set sample rate to 0 (unless you want synchronous updates)
Base – RX setup
- DO – DIO Configuration – (4 DO) [data out low]
- Under I/O Line Passing set “Input Addresses” to 0xFFFF (allow any
radios)
- Set IU – I/O Output enable to Disabled

The configuration for two xbee modules to pass a digital signal:

Remote – TX setup (attached to doorbell input button)

- D0 – DIO Configuration – (3 – DI)

- IC – Dio Change Detect – (FF)

- Set sample rate to zero

Base – RX setup

- DO – DIO Configuration – (4 DO)

- Under I/O Line Passing set “Input Addresses” to 0xFFFF

- Set IU – I/O Output enable to Disabled

JMX

Posted by admin - 29/04/12 at 04:04:00 am

-Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.port=5678 -Dcom.sun.management.jmxremote.ssl=false

Tomcat for performance

Posted by admin - 19/12/11 at 01:12:13 am

Tomcat used to be a slow bulky java web server before version 6.x. After version 6 was released, it allowed to use a custom executor to handle requests, and introduced the non-blocking built-in connector  protocol=”org.apache.coyote.http11.Http11NioProtocol” that required very little configuration unlike the old apr connectors. Follow the steps below to get the most of your tomcat installation:

-By default, tomcat is not configured to use the non blocking connector, this is the very first thing to add when installing tomcat (inside the Connector element in server.xml file)

<Connector port=”8080″ ….  protocol=”org.apache.coyote.http11.Http11NioProtocol” connectionTimeout=”20000″/>

-Disable logging: this has its downsides, but the performance benefits are massive, especially if the webserver runs on a VPS. disable catalina logging  at conf/logging.properties, also disable the access log in your server.xml file. This will save disk space, and most importantly will save some waiting time when your website’s traffic is massive or when using an SSL connector.

-IMPORTANT: increase OS limits, linux users increase file limits, (# ulimit -n) and /etc/sysctl.conf fs.file-max switches. This will prevent the “Too Many Connections” error.. (windows users do some google reasearch).

-Memory is important (depending on the application), add JAVA_OPTS=’-Xms1g -Xmx2g’ to your catalina.sh file, this highly depends on your installation. Remember to keep some memory for your OS kernel to run freely.

-Tested under oracle jdk, and open jdk delivered a very acceptable performance.

tomcat 6/7 without keytool

Posted by admin - 13/12/11 at 09:12:27 pm

To add SSL support to your tomcat installation without using the keytool and tomcat keystores, you can use your OpenSSL generated key file, CAFile and certificate files to generate a .p12 chain. To import the existing .crt signed by your own CA into a PKCS12 keystore using OpenSSL,  execute :

openssl pkcs12 -export -in mycert.crt -inkey mykey.key -out mycert.p12 -name tomcat -CAfile myCA.crt -caname root -chain

This will generate a .p12 file, that you can use in your tomcat connector. But first you have to tell tomcat that this is a p12 file by editing your conf file (conf/server.xml)

<Connector port=”443″ minSpareThreads=”5″ maxSpareThreads=”75″ acceptCount=”400″ maxThreads=”400″ scheme=”https” secure=”true” SSLEnabled=”true” keystoreFile=”/path/to/mycerts/mycert.p12″ keystorePass=”changeit” keystoreType=”PKCS12″clientAuth=”false” sslProtocol=”TLS” compression=”on” compressionMinSize=”2048″ noCompressionUserAgents=”gozilla, traviata” compressableMimeType=”text/html,text/javascript,text/css” protocol=”org.apache.coyote.http11.Http11NioProtocol” connectionTimeout=”20000″/>

Repair mysql replication

Posted by admin - 14/10/11 at 12:10:11 am

When mysql server is having problem replicating data on the slave, the slave stops running.

mysql> show slave status \g
Slave_SQL_Running: No
Last_Error: Error ‘Table ‘dbx.test’ doesn’t exist’ on query. Default database: ‘dbx’.

To fix the error, we just ignore the error and resume the replication by doing the following steps:

1. Stop slave: mysql> STOP SLAVE;

2. Ignore error: mysql> SET GLOBAL SQL_SLAVE_SKIP_COUNTER = 1;

3. Resume: mysql> slave start;

At this point mysql> show slave status \G  will return “Slave_SQL_Running: Yes”

Foreign Ambassadors in Lebanon (fun)

Posted by admin - 29/09/11 at 07:09:18 pm

Japan: Yama Nikto Yama

Russian: Nico Balakhof

French: Jean Jabliquier

Greece: Yaniki Yatriki

Yemen: Abed al Haresss Bayddatou

Spain: Maria De Coussamantouf

Mexico: Franco Dandalaero

China: Shim Tizi Shim

Italy: Bitizou Fellini

Germany: Shlakto Btakhto

Turkey: Intisab Hamamat

Congo: Zibbo Wawa

Romania: Esseminshof Airomov

Jordan: Ba3ass Al Matayzeh

Kuweit: Abdalah Al-Nakkah

Saudi Arabia: Mahsour Bin Fakhdayn

Armenia: Tobtanik Bokhshakyan

Peru: Pedro tartash

India: Jawaher ejadahro

More to come…

create and sign your own mod_ssl httpd certificate

Posted by admin - 11/02/11 at 04:02:33 pm

Short answer:

# openssl genrsa -des3 -rand file1:file2:file3:file4:file5 -out server.key 1024

# openssl rsa -in server.key -out server.pem

# openssl req -new -key server.key -out server.csr

# openssl x509 -req -days 60000 -in server.csr -signkey server.key -out server.crt

httpd startup script:

# cp server.key server.key.org

# openssl rsa -in server.key.org -out server.key

# chmod 400 server.key

hardening and securing new linux box

Posted by admin - 21/01/11 at 03:01:29 am

Securing your linux server is important to protect your data from malicious individuals.  Here are few tips that help making a linux OS secure and hard to break.

1- upgrade your system to the latest kernel and software stacks using

# yum update

# yum upgrade

2- Minimize installed software: with fresh installations, there are several installed software stacks running. Some of the pre-installed software can be totally useless depending on your requirements. List and remove your installed packages using :

# yum list installed
# yum list packageName
# yum remove packageName

You can optionally keep the installed package, but kill the running process and remove it from the auto-start scripts:

ex:

# /etc/init.d/sendmail stop
# chkconfig sendmail off

# /etc/init.d/yum-updatesd stop
# chkconfig yum-updatesd off

# /etc/init.d/cups stop
# chkconfig cups off

# /etc/init.d/gpm stop
# chkconfig gpm off

# /etc/init.d/crond stop
# chkconfig crond off

3- Use Linux Security Extensions: using SELinux provides a standard access control for applications and processes, such as file operations, sockets, and other processes. This will protect the system against flawed applications that can access the file system.

4- Accounts and passwords:
a- enable password expiration:
# chage -M 9999 userName
b- lock user accounts after login fail using the faillog command
c- disable root login by editing sshd.conf

4- Configure IPtables rules to filter out malicicous/unwanted traffic. This could very well reduce the risks of DOS attacks.

5- Harden /etc/sysctl.conf:

# Turn on execshield
kernel.exec-shield=1
kernel.randomize_va_space=1
# Enable IP spoofing protection
net.ipv4.conf.all.rp_filter=1
# Disable IP source routing
net.ipv4.conf.all.accept_source_route=0
# Ignoring broadcasts request
net.ipv4.icmp_echo_ignore_broadcasts=1
net.ipv4.icmp_ignore_bogus_error_messages=1
# Make sure spoofed packets get logged
net.ipv4.conf.all.log_martians = 1

6- Permissions set by linux are irrelevant if an attacker has a physical access to your hard disks, in this situation you can protect files and partitions using the following tools:
a- gpg command to symmetrically encrypt/decrypt files.
b- TrueCrypt is a free open source disk encryption software that is easy to use.

Debug java on Centos redhat

Posted by admin - 16/12/10 at 12:12:23 pm

There is an incompatability between NTPL (Linux’s new thread library)  and the Java 1.6+ JVM. A random bug causes the JVM to hang and eat up 100% CPU.

To work around it set LD_ASSUME_KERNEL=2.4.1 before running the JVM, export LD_ASSUME_KERMEL=2.4.1 . This disables NTPL.

Other debugging tips:

- Use java -Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.port=5678 -Dcom.sun.management.jmxremote.ssl=false when running an application, this allows you to remotely attach to your process using jconsole. This has a small print on the performance so it is fine to keep it enabled all the time. You can always enable SSL if security is a concern.

-Send the process SIGQUIT, and it should produce a thread trace (use kill -SIGQUIT [process id]). If it doesn’t, the JVM has hung.

-As a last resort, then you can try attaching to the JVM process with gdb (gdb – [process id]) and get a back trace (bt). You might be able to figure out where in your program the problem lies from the current native code executing. Alternatively, you can get a log of the system calls with strace (strace -p [process id]).

Coloring Mangas

Posted by admin - 23/11/10 at 06:11:08 pm

Screenshot

Powered by WordPress with GimpStyle Theme design by Horacio Bella.
Entries and comments feeds. Valid XHTML and CSS.