Mounting the Be Quiet Pure Rock cooler on the Prime X-370 Pro Motherboard.
This motherboard has the AM4 socket, so removal of backplate is not necessary.
Friday, May 26, 2017
Prime X-370 PRO
Mounting the Be Quiet Pure Rock cooler on the Prime X-370 Pro Motherboard.
This motherboard has the AM4 socket, so removal of backplate is not necessary.
Friday, September 16, 2016
Using the Linux iptables firewall
The most common firewall for Linux-systems is the iptables firewall. Iptables is generally preinstalled on any Linux distribution. If it is not installed on your system, just get it via
sudo apt-get install iptables
Iptables uses policy chains,i.e sets of rules, to allow or block inbound/outbound traffic.
These policy chains consist of three different types:
INPUT - Manages incoming connections.
FORWARD - Manages packets that are not to be delivered locally,
but instead forwarded to their target(s).
OUTPUT - Handles outgoing traffic. If you try to ping www.google.com,
iptables will check its output chain regarding icmp packets and
the destined host before deciding whether or not to allow/deny
the connection
When securing a system with iptables, keep in mind that a lot of communication protocols,
such as ssh, require two-way communication. Hence, both the INPUT chain as well as the
OUTPUT chain must be configured accordingly.
The command
sudo iptables -L | grep policy
will display all policies currently set on your system. On a newly installed system no
rules is yet configured so output will be:
Chain INPUT (policy ACCEPT)
Chain FORWARD (policy ACCEPT)
Chain FORWARD (policy ACCEPT)
SIMPLE TEST : DISABLE AND RE-ENABLE WAN CONNECTIVITY
ping -c 3 www.google.com
If this works, stop all packets to your system by issuing the command:
sudo iptables --table filter --append INPUT --jump DROP
Repeating the ping-command will now not work.
Running
sudo iptables -L
will display the newly added iptables policy. The "flush"-command
sudo iptables -F
will remove the rule and it will work to ping Google again.
Note that the "--append" flag to OUTPUT/FORWARD/INPUT policies also can be written as "-A".
MANAGING CONNECTIONS FROM RANGES OF IP-ADDRESSES
Ex: Block all connections from IP address 10.10.10.4
sudo iptables -A INPUT -s 10.10.10.4 -j DROP
Ex: Block all connections from IP-range 10.10.10.0/24
sudo iptables -A INPUT 10.10.10.0/24 -j DROP
Ex: Block ssh-traffic from IP ADDRESS 10.10.10.4
sudo iptables -A INPUT -p tcp --dport ssh -s 10.10.10.4 -j DROP
The -p option above tells what kind of connection the protocol uses.
Ex: Block ssh-traffic from any connection
sudo iptables -A INPUT -p tcp --dport ssh -j DROP
sudo apt-get install iptables
Iptables uses policy chains,i.e sets of rules, to allow or block inbound/outbound traffic.
These policy chains consist of three different types:
INPUT - Manages incoming connections.
FORWARD - Manages packets that are not to be delivered locally,
but instead forwarded to their target(s).
OUTPUT - Handles outgoing traffic. If you try to ping www.google.com,
iptables will check its output chain regarding icmp packets and
the destined host before deciding whether or not to allow/deny
the connection
When securing a system with iptables, keep in mind that a lot of communication protocols,
such as ssh, require two-way communication. Hence, both the INPUT chain as well as the
OUTPUT chain must be configured accordingly.
The command
sudo iptables -L | grep policy
will display all policies currently set on your system. On a newly installed system no
rules is yet configured so output will be:
Chain INPUT (policy ACCEPT)
Chain FORWARD (policy ACCEPT)
Chain FORWARD (policy ACCEPT)
SIMPLE TEST : DISABLE AND RE-ENABLE WAN CONNECTIVITY
ping -c 3 www.google.com
If this works, stop all packets to your system by issuing the command:
sudo iptables --table filter --append INPUT --jump DROP
Repeating the ping-command will now not work.
Running
sudo iptables -L
will display the newly added iptables policy. The "flush"-command
sudo iptables -F
will remove the rule and it will work to ping Google again.
Note that the "--append" flag to OUTPUT/FORWARD/INPUT policies also can be written as "-A".
MANAGING CONNECTIONS FROM RANGES OF IP-ADDRESSES
Ex: Block all connections from IP address 10.10.10.4
sudo iptables -A INPUT -s 10.10.10.4 -j DROP
Ex: Block all connections from IP-range 10.10.10.0/24
sudo iptables -A INPUT 10.10.10.0/24 -j DROP
Ex: Block ssh-traffic from IP ADDRESS 10.10.10.4
sudo iptables -A INPUT -p tcp --dport ssh -s 10.10.10.4 -j DROP
The -p option above tells what kind of connection the protocol uses.
Ex: Block ssh-traffic from any connection
sudo iptables -A INPUT -p tcp --dport ssh -j DROP
Thursday, August 11, 2016
Scp - secure copy- across linux hosts
As part of the OpenSSH suite of tools included in most linux distros, the scp (secure copy) command provides a convenient way of copying files across hosts.
The tool uses an ssh connection in the background to perform the file transfer.
Basic syntax:
scp source_file_path destination_file_path
If you want to transfer(or "upload") a file from your local machine to a remote machine the command would be:
scp ~/a_local_file.txt user@remote_host.com:/some_remote_directory
If you want to transfer files from a remote host to the local host home directory:
scp user@remote_host.com:/some_remote_directory/a_remote_file.txt .
Is the remote ssh server listening to a specified port other than 22, the port must
be specified via the -P flag.
My raspberry pi's ssh-server listens to port 3878, and has ip-address 192.168.1.6
Hence the command for transferring a file from the raspberry to my local machine would be:
scp -P 3878 pi@192.168.1.6:/home/pi/some_file.txt .
The tool uses an ssh connection in the background to perform the file transfer.
Basic syntax:
scp source_file_path destination_file_path
If you want to transfer(or "upload") a file from your local machine to a remote machine the command would be:
scp ~/a_local_file.txt user@remote_host.com:/some_remote_directory
If you want to transfer files from a remote host to the local host home directory:
scp user@remote_host.com:/some_remote_directory/a_remote_file.txt .
Is the remote ssh server listening to a specified port other than 22, the port must
be specified via the -P flag.
My raspberry pi's ssh-server listens to port 3878, and has ip-address 192.168.1.6
Hence the command for transferring a file from the raspberry to my local machine would be:
scp -P 3878 pi@192.168.1.6:/home/pi/some_file.txt .
Monday, April 25, 2016
Netgear WNR2000 and serial port
Recently I wanted to inspect the serial port of an old Netgear WNR2000 router.
To open it, just remove two screws and take off the top cover:
The Netgear WNR2000 router pinout is well documented , find position J1 inside the router.
At position J1, from right to left the pins are:
GND, RX, TX, VCC(3.3 V)
My usb to ttl cable has 4 different wires with colors:
Black corresponding to GROUND
White corresponding to RX
Green corresponding to TX
Red corresponding to + 5V (will not be used here)
From running
dmesg | grep tty
after connecting the usb to ttl cable to the computer the correct serial device for minicom
is obtained as:
/dev/ttyUSB0
Note that in order to receive data from the router the ttl-cable's RX-wire will be connected to the
TX-port and the ttl-cable's TX-wire to the RX-port, ground is connected to ground:
Next, run
minicom -s
to enter minicom and provide the correct serial device found earlier as
/dev/ttyUSB0
Then power on the router. Boot-messages will appear in minicom and finally one arrives at a
busybox-shell.
Excerpt from boot-log:
Press CTRL-A Z for help on special keys
�
U-Boot 1.1.4.16-g04e9b8bf (May 14 2008 - 17:04:28)
AP81 (ar7100) U-boot
sri
32 MB
Top of RAM usable for U-Boot at: 82000000
Reserving 245k for U-Boot at: 81fc0000
Reserving 192k for malloc() at: 81f90000
Reserving 44 Bytes for Board Info at: 81f8ffd4
Reserving 36 Bytes for Global Data at: 81f8ffb0
Reserving 128k for boot params() at: 81f6ffb0
Stack Pointer at: 81f6ff98
Now running in RAM - U-Boot at: 81fc0000
id read 0x100000ff
flash size 4MB, sector count = 64
Flash: 4MB
In: serial
Out: serial
Err: serial
Net: ag7100_enet_initialize...
Fetching MAC Address from 0x81fea7b0
: cfg1 0xf cfg2 0x7114
eth0: 00:22:3f:04:8b:b9
dup 1 speed 100
eth0 up
eth0
### main_loop entered:
---etc--
## Booting image at bf2a0000 ...
Image Name: Linux Kernel Image
Created: 2008-12-18 9:51:34 UTC
Image Type: MIPS Linux Kernel Image (lzma compressed)
Data Size: 737478 Bytes = 720.2 kB
Load Address: 80060000
Entry Point: 80267000
Verifying Checksum ... OK
Uncompressing Kernel Image ...OK
No initrd
## Transferring control to Linux (at address 80267000) ...
## Giving linux memsize in bytes, 33554432
Starting kernel ...
Linux version 2.6.15 (root@linux-server) (gcc version 3.4.4 (OpenWrt-2.0)) #199 Thu Dec 18 17:45:39 CST 2008
flash_size passed from bootloader = 4
arg 1: console=ttyS0,115200
arg 2: root=31:02
arg 3: init=/sbin/init
arg 4: mtdparts=ar7100-nor0:256k(u-boot),64k(u-boot-env),2304k(rootfs),64k(user-config),1152k(uImage),128k(language_table),64k(rootfs_check)
arg 5: mem=32M
CPU revision is: 00019374
Determined physical RAM map:
memory: 02000000 @ 00000000 (usable)
User-defined physical RAM map:
memory: 02000000 @ 00000000 (usable)
Built 1 zonelists
Kernel command line: console=ttyS0,115200 root=31:02 init=/sbin/init mtdparts=ar7100-nor0:256k(u-boot),64k(u-boot-env),2304k(rootfs),64k(us
Primary instruction cache 64kB, physically tagged, 4-way, linesize 32 bytes.
Primary data cache 32kB, 4-way, linesize 32 bytes.
---etc---
References:
http://www.devttys0.com/2012/11/reverse-engineering-serial-ports/
http://www.liatoss.com/blog/28-it-hardware/66-netgear-wnr2000-v3-serial-recovery-guide-en.html
http://andre.blaatschaap.be/2013/01/cubieboard-serial-connection/
https://wiki.openwrt.org/doc/hardware/port.serial
To open it, just remove two screws and take off the top cover:
The Netgear WNR2000 router pinout is well documented , find position J1 inside the router.
At position J1, from right to left the pins are:
GND, RX, TX, VCC(3.3 V)
My usb to ttl cable has 4 different wires with colors:
Black corresponding to GROUND
White corresponding to RX
Green corresponding to TX
Red corresponding to + 5V (will not be used here)
From running
dmesg | grep tty
after connecting the usb to ttl cable to the computer the correct serial device for minicom
is obtained as:
/dev/ttyUSB0
Note that in order to receive data from the router the ttl-cable's RX-wire will be connected to the
TX-port and the ttl-cable's TX-wire to the RX-port, ground is connected to ground:
Next, run
minicom -s
to enter minicom and provide the correct serial device found earlier as
/dev/ttyUSB0
Then power on the router. Boot-messages will appear in minicom and finally one arrives at a
busybox-shell.
Excerpt from boot-log:
Press CTRL-A Z for help on special keys
�
U-Boot 1.1.4.16-g04e9b8bf (May 14 2008 - 17:04:28)
AP81 (ar7100) U-boot
sri
32 MB
Top of RAM usable for U-Boot at: 82000000
Reserving 245k for U-Boot at: 81fc0000
Reserving 192k for malloc() at: 81f90000
Reserving 44 Bytes for Board Info at: 81f8ffd4
Reserving 36 Bytes for Global Data at: 81f8ffb0
Reserving 128k for boot params() at: 81f6ffb0
Stack Pointer at: 81f6ff98
Now running in RAM - U-Boot at: 81fc0000
id read 0x100000ff
flash size 4MB, sector count = 64
Flash: 4MB
In: serial
Out: serial
Err: serial
Net: ag7100_enet_initialize...
Fetching MAC Address from 0x81fea7b0
: cfg1 0xf cfg2 0x7114
eth0: 00:22:3f:04:8b:b9
dup 1 speed 100
eth0 up
eth0
### main_loop entered:
---etc--
## Booting image at bf2a0000 ...
Image Name: Linux Kernel Image
Created: 2008-12-18 9:51:34 UTC
Image Type: MIPS Linux Kernel Image (lzma compressed)
Data Size: 737478 Bytes = 720.2 kB
Load Address: 80060000
Entry Point: 80267000
Verifying Checksum ... OK
Uncompressing Kernel Image ...OK
No initrd
## Transferring control to Linux (at address 80267000) ...
## Giving linux memsize in bytes, 33554432
Starting kernel ...
Linux version 2.6.15 (root@linux-server) (gcc version 3.4.4 (OpenWrt-2.0)) #199 Thu Dec 18 17:45:39 CST 2008
flash_size passed from bootloader = 4
arg 1: console=ttyS0,115200
arg 2: root=31:02
arg 3: init=/sbin/init
arg 4: mtdparts=ar7100-nor0:256k(u-boot),64k(u-boot-env),2304k(rootfs),64k(user-config),1152k(uImage),128k(language_table),64k(rootfs_check)
arg 5: mem=32M
CPU revision is: 00019374
Determined physical RAM map:
memory: 02000000 @ 00000000 (usable)
User-defined physical RAM map:
memory: 02000000 @ 00000000 (usable)
Built 1 zonelists
Kernel command line: console=ttyS0,115200 root=31:02 init=/sbin/init mtdparts=ar7100-nor0:256k(u-boot),64k(u-boot-env),2304k(rootfs),64k(us
Primary instruction cache 64kB, physically tagged, 4-way, linesize 32 bytes.
Primary data cache 32kB, 4-way, linesize 32 bytes.
---etc---
References:
http://www.devttys0.com/2012/11/reverse-engineering-serial-ports/
http://www.liatoss.com/blog/28-it-hardware/66-netgear-wnr2000-v3-serial-recovery-guide-en.html
http://andre.blaatschaap.be/2013/01/cubieboard-serial-connection/
https://wiki.openwrt.org/doc/hardware/port.serial
Monday, April 11, 2016
CasperJS:Submit login-form with evaluate() method
Sometimes the in previous post described method of logging in to a site with casperjs fails. That could be caused by some restrictions set server-side. Then it might be worth to try the evaluate-call in the login-script:
Example:
var casper = require('casper').create(
{
logLevel: "info",
verbose: "true",
onPageInitialized: function() {
console.log('Page has been loaded successfully');
}
});
casper.userAgent('Mozilla/5.0 (compatible; Windows NT 5.0) ' );
casper.viewport = {width: 1366, height: 768};
url = 'http://www.page/login.com';
casper.start(url);
/* Next step is to fill in the credentials and submit the form
Collect id-attributes for username and password elements from source code of login-page.
*/
casper.then(function() {
console.log('will now log in..');
this.evaluate(function() {
document.getElementById("id-username").value = "username";
document.getElementById("id-password-here").value = "password"
document.getElementById("id-SignIn-button").click();
});
/* If document.getElementById("id-signin-button").click() fails
try document.querySelector("selector-ofSignIn-button").click();
*/
});
// wait 1 second, then take screenshot
casper.wait(1000, function() {
console.log('now taking screenshot');
casper.capture('photo1.png');
});
casper.run();
Example:
var casper = require('casper').create(
{
logLevel: "info",
verbose: "true",
onPageInitialized: function() {
console.log('Page has been loaded successfully');
}
});
casper.userAgent('Mozilla/5.0 (compatible; Windows NT 5.0) ' );
casper.viewport = {width: 1366, height: 768};
url = 'http://www.page/login.com';
casper.start(url);
/* Next step is to fill in the credentials and submit the form
Collect id-attributes for username and password elements from source code of login-page.
*/
casper.then(function() {
console.log('will now log in..');
this.evaluate(function() {
document.getElementById("id-username").value = "username";
document.getElementById("id-password-here").value = "password"
document.getElementById("id-SignIn-button").click();
});
/* If document.getElementById("id-signin-button").click() fails
try document.querySelector("selector-ofSignIn-button").click();
*/
});
// wait 1 second, then take screenshot
casper.wait(1000, function() {
console.log('now taking screenshot');
casper.capture('photo1.png');
});
casper.run();
Examples of submitting login-forms using CasperJS
One of the standard use-cases of CasperJS is automation of a user logging in to a webpage.
The login-system requires CasperJS to handle:
- Filling in the username and password field
- Submitting the login-form
- Storing cookies received by the server - This is carried out automatically by CasperJS
- Resending cookies after every new HTTP-request( automatically carried out by CasperJS)
Example 1: Using this.sendKeys:
Sometimes it may not work due to some serverside setting. Then at first try to set to 'false' above
The login-system requires CasperJS to handle:
- Filling in the username and password field
- Submitting the login-form
- Storing cookies received by the server - This is carried out automatically by CasperJS
- Resending cookies after every new HTTP-request( automatically carried out by CasperJS)
Example 1: Using this.sendKeys:
var casper = require('casper').create({
pageSettings: {
loadImages: false,//The script is faster when this field is set to false
loadPlugins: false,
userAgent: 'Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.157 Safari/537.36'
}
});
var x = require('casper').selectXPath;
casper.start(url-loginpage, function() {
this.sendKeys("#name_username_form_element", "username");
this.sendKeys("#name_password_form_element", "password");
});
// proceed to click submit using XPATH-expression
casper.thenClick(x(' INSERT XPATH EXPRESSION HERE'));
casper.wait(2000,function() {
casper.capture('screenpicture.png');
}), // wait some time for page to load and take screenshot
casper.run();
XPATH-expression is easily found inspecting the login form with tools such as Chrome-developer
tool or the Firebug extension in Mozilla Firefox.
Note that sometimes it may work to skip the XPATH expression and instead use:
casper.then(function() {
this.clickLabel('TITLE-Login_Button');
});
Example 2 : Using casper.fill
The syntax is then :
casper.fill('selector', {
'nameOfFormElement' : 'yourInput'
}, submit);
An example form with selector form#loginform and elements username and password is then filled out as follows:
casper.fill('form#signInForm', {
'username' : 'mynamehere',
'password' : 'difficultpasswordhere'
}, true);
In the above expression the submit button is set to true, so it will automatically submit the credentials.
Sometimes it may not work due to some serverside setting. Then at first try to set to 'false' above
and use the .click() method afterwards, i.e add:
casper.then(function(){
this.click("selector-signin-button");
}); Saturday, April 9, 2016
Basic browsing in casperjs
Suppose we want to browse a site and retrieve the page title using casperjs.
First step is to require and create a new casper instance:
{ verbose: true,
logLevel: 'debug' //logLevel parameter can also be 'error', 'info','warning'
pageSettings: {
userAgent: "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_2) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.97 Safari/53"
} );
The create() method will then create and return an instance of the casper class.
Above further optional settings to the create method has been added for debugging, as well
as a specified useragent.
Second step is to start casper and browse the target site. This is done using the
created casper instance and with it calling the start method:
The "function()" above denotes a function that may be carried out once the page has been loaded
So let's assume we want to visit google.com:
To browse the google site and print its title:
casper.start(http://www.google.com, function() {
this.echo(this.getTitle(), 'INFO');
});
Messages can be printed in the following range of styles:
'INFO', 'ERROR', 'WARNING', 'COMMENT'
At the end call the run() method with the created casper object:
casper.run();
The resulting code will then be:
var casper = require('casper').create(
{ verbose: true,
logLevel: 'debug',
pageSettings: {
userAgent: "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_2) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.97 Safari/53"
} );
casper.start(http://www.google.com, function() {
this.echo(this.getTitle, 'INFO');
});
casper.run();
The above code is saved in a .js file and can be executed by running
casperjs filename.js
First step is to require and create a new casper instance:
{ verbose: true,
logLevel: 'debug' //logLevel parameter can also be 'error', 'info','warning'
pageSettings: {
userAgent: "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_2) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.97 Safari/53"
| } |
The create() method will then create and return an instance of the casper class.
Above further optional settings to the create method has been added for debugging, as well
as a specified useragent.
Second step is to start casper and browse the target site. This is done using the
created casper instance and with it calling the start method:
The "function()" above denotes a function that may be carried out once the page has been loaded
So let's assume we want to visit google.com:
To browse the google site and print its title:
casper.start(http://www.google.com, function() {
this.echo(this.getTitle(), 'INFO');
});
Messages can be printed in the following range of styles:
'INFO', 'ERROR', 'WARNING', 'COMMENT'
At the end call the run() method with the created casper object:
casper.run();
The resulting code will then be:
var casper = require('casper').create(
{ verbose: true,
logLevel: 'debug',
pageSettings: {
userAgent: "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_2) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.97 Safari/53"
| } |
} );
casper.start(http://www.google.com, function() {
this.echo(this.getTitle, 'INFO');
});
casper.run();
The above code is saved in a .js file and can be executed by running
casperjs filename.js
Subscribe to:
Posts (Atom)