Claudio Santambrogio - csant/log - Posts tagged by "".

Posts tagged with "tools"

filmtagger

emacs & unicode

ssh brute force attack annoyance

canon powershot a610

./inspectr

Update 1

Update

Update 2

Update 3

Update 4 - and hopefully last one!

Update

Example

Sunday, 14. December 2008, 13:56:04

…is a simple, cross-platform tool to add EXIF information to pictures taken with a film camera. One (possibly the only?…) disadvantage with non-digital photographic work is that the images produced from scanning the films do not contain relevant meta data - which camera the shot was taken with, which lens, which film, etc…

Filmtagger (available for Windows, Mac and Linux), developed by Sverrir Valgeirsson, is a simple GUI tool to tag an entire directory at once.

5 comments

Wednesday, 6. September 2006, 19:35:18

cli, linux, tools

I run most applications in terminal, and Emacs is not an exception. But I had been struggling with Emacs 21.4.1 and had some trouble with some Unicode input - I'd have no trouble in X, but there are several reasons why I'd still prefer running it in terminal.

I just upgraded to the CVS version 22.0.50.1, and have solved all my troubles.

No comments

Saturday, 25. March 2006, 22:49:12

linux, security, tools, ssh

Running a machine with an open ssh port will lead, sooner or later, to annoying log entries in your system log:

sshd[24592]: Invalid user pi from x.x.x.x
sshd[24598]: Invalid user wf from x.x.x.x
sshd[24600]: Invalid user fj from x.x.x.x

or possibly even

sshd[53704]: Failed password for user from x.x.x.x port z ssh2

They rarely pose a serious threat if you are running with good enough passwords - and this is a reminder to all to please use strong passwords. But the risk for successful attacks is still present (I never feel too confortable when reading the logs of intrusion attempts), and furthermore these attempts awfully clutter your system log.

So I set off looking for various ways of avoiding brute force hammering - and found a quite neat solution in sshdfilter, a wrapper to run sshd and create iptables rules on the fly to throttle access to the ssh port.

A first measure to already lower the chances of brute force login attemtps is to simply run the ssh service on a higher port than 22 - it certainly does not help when a full portscan is made, but, as simple as it sounds, it already avoids those idiots running blind attempts on port 22 across the net. You might also consider not allowing remote root login, and allow ssh access only to a restricted number of users - make sure to have the following two lines in your /etc/ssh/sshd_config:

PermitRootLogin no
AllowUsers user

Next I set up sshdfilter and restarted sshd via sshdfilter: any login attempt with an invalid username will be immediately banned and failed passwords for valid users are treated the same way.

Thomas, with whom I had been talking about throttling ssh brute force attacks, has posted his solution to the problem - nice and elegant!

1 comment

Tuesday, 27. December 2005, 20:46:58

tools, linux, photo

I got myself finally a camera: the Canon PowerShot A610. It seems to come close to what I have been looking for in a camera, including macro photography, automatic but also manual settings, small size and lightweight, good quality, and, last but not least - being able to use it under Linux.

The camera is not to be mounted as a USB mass storage device, but supports Picture Transfer Protocol (PTP) to transfer the files. I was very pleased to see Canon just support the standard, without any proprietary extensions - there is some ptp software available: the easiest was to install gphoto2 and then simply

$ gphoto2 --get-all-files

to retrieve all pictures from the camera. Actually, the A610 is not recognized in the gphoto2 2.1.6 release yet - only the 2.1.99 version lists the camera, but that is about everything that is needed to officially support it. Currently it autodetects the camera as

$ gphoto2 --auto-detect
Model                          Port                                            
----------------------------------------------------------
USB PTP Class Camera           usb:            
USB PTP Class Camera           usb:004,004

and can talk with it without any further trouble.

Yay for standards!

Just updated libgphoto2 to the latest 2.1.99 release:

$ gphoto2 --auto-detect
Model                          Port                                            
----------------------------------------------------------
Canon PowerShot A610 (normal mode) usb:            
Canon PowerShot A610 (normal mode) usb:004,005

After my initial rejoice, I had some trouble with the latest libgphoto2 2.1.99 release - as in, it would refuse to communicate with the camera, with the error message

Camera not operational

Have found at least one more thread about this issue, but no solution to the problem yet.

Luckyly gphoto2 isn't the only PTP software out there, and the much simpler ptpcam included in the libptp2 package solved my problem.

After all, having different software for one and the same task isn't that bad at times…

I got gphoto2 to work nicely again, with a little workaround.

The new libgphoto2 library seems to misdetect the camera: it is not to be treated as "Canon PowerShot A610 (normal mode)" (see above), but as "Canon PowerShot A610 (PTP mode)".

$ gphoto2 --camera "Canon PowerShot A610 (PTP mode)" --list-files

produces the expected listing. But then, when trying to

$ gphoto2 --camera "Canon PowerShot A610 (PTP mode)" --get-all-files

gphoto2 drops out with

$ gphoto2 --camera "Canon PowerShot A610 (PTP mode)" --get-all-files
Downloading 'IMG_0072.JPG' from folder '/store_00010001/DCIM/100CANON'...      
gphoto2: symbol lookup error: gphoto2: undefined symbol: GP_SYSTEM_IS_FILE

Hmmmm, did they change something in the API? A first quick search finds

if ((p.flags & FLAGS_QUIET) == 0) {
 while ((p.flags & FLAGS_FORCE_OVERWRITE) == 0 &&
  GP_SYSTEM_IS_FILE (s)) {
    do {
      putchar ('\007');
      printf (_("File %s exists. Overwrite? [y|n] "),
        s);
      fflush (stdout);

in gphoto2's main.c - and indeed

gphoto2 --quiet --camera "Canon PowerShot A610 (PTP mode)" --get-all-files

downloads all files with no further trouble.

Right, you have to love small changes - they *did* "change" API.

libgphoto2 2.1.6 defined in camlibs/directory/directory.c

GP_SYSTEM_IS_FILE

and the new 2.1.99 has, in the same file

gp_system_is_file

~~but I couldn't find this mentioned in any Changelog (have I missed something?).~~ which is part of some keep namespace clear: rename GP_SYSTEM_* to gp_system_* cleanup.

$ cd gphoto2-2.1.6
$ make clean
$ $EDITOR gphoto2/main.c

change the one occurence of "GP_SYSTEM_IS_FILE" to "gp_system_is_file",

$ make
$ make install
$ gphoto2 --camera "Canon PowerShot A610 (PTP mode)" --get-all-files

or be more sensible and do not mix gphoto2 2.1.6 with libgphoto2 2.1.99 libraries…

Amen.

1 comment

Tuesday, 18. October 2005, 19:12:52

opera, tools, linux

I should have maybe posted this already some time back - but later is better than never. Axel ported the crashlogger inspector to x86 Linux! So here comes a little HowTo run it: First you'll need to download inspectr, save it somewhere and

$ chmod 755 inspectr

Next step is to attach it to the Opera you want to monitor for a crash:

$ ./inspectr <opera_binary_PID>

The <opera_binary_PID> is the ProcessID of the binary you want to monitor - the binary, not the wrapper script (this is easily done wrong). How to detect the PID of the Opera binary?

$ ps aux | grep opera

This will give you a list of all processes called opera that you might need: if you want to monitor the main Opera installation that you started with the command

$ opera&

you'll need to be looking for something like

/usr/lib/opera/<opera_version>/opera

if, on the other hand, you want to monitor a test version you started from a tarball with

$ ./opera

look out for

./bin/opera

Done! As soon as Opera crashes, inspectr will create a crashlog in its directory. For the procedure on how to report crashers, follow the instructions - note that for compression bzip2 is reccomended (it should be installed on virtually any Linux distro). Update: please always also report which package you are using (static .1, shared .5 or .6).

(just a tiny bit simplified output, for readability):

$ ./opera&
$ ps aux | grep opera
csant 14203 /bin/sh ./opera
csant 14212 ./bin/opera
$ ./inspectr 14212
Using PID 14212

November 2009January 2010

There is now also an official KB article on the topic.

17 comments

Blog search