Andy Dixon

A nice quick and easy one..

Add the following into /etc/fstab, replacing the parts with stars with your information.

//**SERVER**/**SHARE** /mnt/**MOUNTPOINT** smbfs rw,user,username=**USER**,password=**PASS** 0 0

make sure the location /mnt/**MOUNTPOINT** exists, chmodded correctly (eg 666) and then just mount it with:

mount /mnt/**MOUNTPOINT**

I keep a database of tor hosts which gets updated quite often, and I have written a script in python which downloads the list and updates iptables so that they are all blocked.

It is recommended that the script gets added to cron so that the machines iptables keep up to date.

This script is ideal for schools and businesses to prevent people from circumventing content filtering, and also useful for servers to prevent abuse from ‘anonymous’ people who use tor for hacking for denial of service.

The script can be found here (http://www.andydixon.com/blocktor.py) and requires python (tested on v2.6)

If you have a network with multiple VLANs and you want to be able to connect on more than one, you can set up virtual nics, one for each vlan.

To do this, you need to install the vlan package:
sudo apt-get -y install vlan

You then need to edit your /etc/network/interfaces to add the additional nics. For each vlan you wish to access, add the following lines, replacing information where necessary:

auto vlan5
iface vlan5 inet static
address 10.5.1.2
netmask 255.255.255.0
network 10.5.0.0
broadcast 10.5.255.255
gateway 10.5.0.1
mtu 1500
vlan_raw_device eth0


Once saved, you can just give your machine a quick reboot and all will be peachy.

This little gem will certainly help get rid of pending bounce messages resulting from spam hitting your mail server:

mailq | tail -n +2 | grep -v ‘^ *(’ | awk ‘BEGIN { RS = “” }{ if ($7 == “MAILER-DAEMON” ) print $1 }’ | tr -d ‘*!’ | postsuper -d -

You cant really get simpler than this…

In 2008, I wrote a module in perl called Net::Tor::servers (which can be found in CPAN). Below is the code (albeit not as complicated as the module) which will get a list of Tor servers into an array called @torarray.

One use of this module is a script I wrote which adds all the Tor servers into an IP blacklist on Smoothwall firewalls. I used to run the community version at home last year but got rid of it when the box died.
The script can be found here:
http://www.cpan.org/modules/by-authors/id/A/AJ/AJDIXON/torblacklister.pl

The code is thus:

#/usr/bin/perl
use LWP::Simple
my @torarray=();
my @arrayrecord=();
my $router;
my @rarray;
my $torserver = "128.31.0.34";
my $port = 9031;
my $content = get("http://$torserver:$port/tor/status/all");
my @lines = split(/\n/,$content);

Updated: oops, forgot the use clause…

This script could easily be adapted to work for any postfix server, but at this moment, I dont really have the time to do it. If someone can, then please let me know at andy at andydixon.com

You run this script in this way:

repair (username) – eg: repair ajd
(where ajd is a user on the mail server)

The script is thus:


#!/bin/bash

There are two ways of mounting a share, depending on what the server you are connecting to is.

For anything apart from Windows Server 2003 onwards, (this is XP, Windows 2000 server, NT server, other samba servers, etc):

mount -t smbfs -o username=username //windows.andydixon.com/share-name /mnt/windows-share-name

Otherwise, for Windows 2003 server onwards, you need to change smbfs to cifs. Either way, you’ll be prompted for a password..

Netcat is a simple program which listens on a port of your choice and can send any data to a file. This is useful for backups.

I like using tar for backing up lots of files, and using the network to copy from one server to another, so on the destination machine, I open up a port:

nc -l -p 1337 > backup.tar.gz

Then on the source machine, I can use netcat to send the data across the network to the destination:

tar zlcvPpf - /location/to/backup | nc backup-destination.andydixon.com 1337
(where backup-destination.andydixon.com is the backup location, either IP address or FQDN)

The weird tar variables are (in order):
z – use gzip
l – packup only one file system (miss proc, cd-rom, nfs, samba and other mounts)
c – create the archive
v – verbose (see whats happening)
P – keep the leading / from paths
p – Keep file permissions
f – file to write to (the hyphen means that you are writing to stdout, which is piped to netcat)

If you want to recover data:

On the backup device:
nc -l -p 1337 < backup.tar.gz
This will spit the contents of the compressed archive to any open connections

On the target machine:

nc backup-destination.andydixon.com 1337 | tar -xz

Easy as pie.

I keep forgetting how to do this so I have finally written it down..

On the machine which you are ssh-ing from:
ssh-keygen -t rsa

You should see:
Generating public/private rsa key pair.
Enter file in which to save the key (/home/andy/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
(Just hit enter here)
Enter same passphrase again:
(enter again)
Your identification has been saved in /home/andy/.ssh/id_rsa.
Your public key has been saved in /home/andy/.ssh/id_rsa.pub.
The key fingerprint is:
f6:61:a8:27:35:cf:4c:6d:13:22:70:cf:4c:c8:a0:23 andy@leviathan

To copy your key to the target machines (eg a server) you can use:
cat ~/.ssh/id_rsa.pub | ssh (username)@(server) ' cat >>~/.ssh/authorized_keys'

That should be it. If it does not work, try this on the target machine:
chmod 644 ~/.ssh/authorized_keys

Last night I was out in my garden and I saw some strange lights, so naturally I took some photos on a camera which were not really suited for in-the-dark photography. It was really bizarre watching them go across the sky..

The close-up one was taken when I was resting the camera on something to keep it steady.

After an hour or so after tweeting the pictures, I had a reply from @andytoots who has experienced a similar display of orange lights in the sky, and his images can be found here: http://andytoots.wordpress.com/2009/09/12/the-aliens-are-coming/