msgbartop
Blog di Bernardino (Dino) Ciuffetti
msgbarbottom

16 Set 11 Lettera del Sindaco di Roma ai suoi cittadini

Oggi leggendo la posta elettronica ho visto una mail proveniente niente popò di meno che dal Sindaco di Roma Giovanni Alemanno.
Si tratta della protesta che stanno facendo molti Comuni italiani dopo i gravi tagli previsti dalla manovra finanziaria del Governo italiano.

Segue la trascrizione del testo:

I TAGLI AI COMUNI SONO TAGLI AI TUOI DIRITTI

Carissimi cittadini,
oggi ho comunicato al Prefetto e al Ministro dell’Interno che Roma Capitale non è
più in grado di garantire i servizi ai cittadini. Come è stato deciso
dall’Associazione Nazionale Comuni Italiani (ANCI), chiuderò simbolicamente
l’ufficio Anagrafe e stato civile come stanno facendo quasi tutti i miei colleghi Sindaci.

Si tratta di una forma di protesta molto forte, alla quale i Comuni italiani
sono arrivati perché, fino ad ora, non sono riusciti a far cambiare in modo
significativo una manovra economica necessaria ma troppo pesante per le
istituzioni territoriali.

Non vogliamo peggiorare la qualità della vostra vita ma cercare di migliorare
i servizi e difendere i vostri diritti.

Infatti, fino a quando sarà possibile tutti i servizi saranno garantiti grazie
allo sforzo della struttura comunale.

Oggi non è più possibile percé si preferisce togliere ai Comuni invece di
andare a vedere dove le risorse si sprecano realmente.

Ogni anno i Comuni portano soldi alle casse dello Stato per un totale di oltre
3 miliardi di euro. Queste risorse si perdono in mille rivoli, mentre noi veniamo
costretti ad aumentare le tasse o a chiudere i servizi.

Ho deciso di scrivervi perché ognuno di voi possa rendersi conto che la
protesta che Roma Capitale e l’ANCI stanno facendo non è una polemica politica
o una rivendicazione istituzionale.

Al contrario il nostro obbiettivo è solo quello di trovare un nuovo accordo con
il Governo per rendere le nostre città e il nostro Paese sempre più solidi,
competitivi e vivibili.

Per ulteriori informazioni potete consultare il sito www.anci.it.

Un cordiale saluto.

Il Sindaco di Roma
In qualità di Ufficiale di Governo
(Giovanni Alemanno)

 

Lettera del Sindaco di Roma ai suoi cittadini

Alemanno: I tagli ai Comuni sono tagli ai tuoi diritti

31 Ago 11 CVE-2011-3192 – Apache killer DOS vulnerability

Hi people. On August 2011 has been discovered that apache httpd server is vulnerable to a simple to perform DOS attack. A simple perl exploit has been released called apache killer that make a big number of parrallel crafted HTTP calls (HEAD method) with the “Range” header. This make possibile to the attacker to consume memory and cpu on the attacked server bringing apache and the system down in no time. The attacker does not need large bandwidth to perform the attack.

Anyone using apache httpd in production environment is encouraged to upgrade to the latest apache version that solve the security problem.

If you cannot upgrade to >= 2.2.20 you can use mod_rewrite to deny requests with the Range header like the rewrite regexp below. This is what you need on your httpd.conf:

RewriteCond %{HTTP:range} ^bytes=[^,]+(,[^,]+){0,4}$
RewriteRule .* – [F]

You can find the exploit script on google. I will not put it here.
Ciao, Dino.

13 Giu 11 How to unpack a patch.e2 enigma2 file from linux

The enigma2 patch file, generally named patch.e2, is a packet binary file containing a cramfs root filesystem and a linux kernel in zboot format.
It is commonly used by some TV decoder linux distribution systems to update the system firmware.

I didn’t find a quick way to extract the “/” cramfs filesystem from patch.e2 files from a linux system, so I decided to write a small utility from myself.

It is in attach, it’s called unpack_e2 and it’s very easy to use.
Just compile it with:

gcc -o unpack_e2 -O2 -Wall unpack_e2.c

And call it with the patch.e2 file as the first argument.
The two files produced are cram.img and kernel.img.

dino@dam2k:~/AZBOX_RTi_E2$ ./unpack_e2 /tmp/patch.e2
Team name: RTi Team
Description: Core 1.0
Version: 1.0.0
About: v.1.0
Kernel description: #78_May27
Size of cram image: 47542272 bytes (45.34 Mb)
Size of kernel image: 6584320 bytes (6.28 Mb)
Unpacking cramfs image to cram.img
Unpacking kernel image to kernel.img

Warning: it will work only with the new E2 image format (I think >= Core RC12).

If for some weird reason you need to extract the linux binary kernel file, you must use those commands:
# mount -t auto -o loop kernel.img /mnt
# dd if=/mnt/xrpc_xload_vmlinux_ES4_prod.bin skip=1 bs=836 |zcat >/tmp/vmlinux.bin

P.S. To do the reverse (pack a patch.e2) follow this link: http://sourceforge.net/projects/rticoree2/files/image_tools/

Ciao, Dino.

unpack_e2.c

31 Mag 11 liborient: A simple LGPLv3 linux C library proof of concept

Today i posted to the orientdb mailinglist and I’ve written about liborient, my very first orientdb C library implementation.
We are searching for new developers to join. This is what I putted to the list.

Hi all.
I’m making an attempt to write a proof of concept, simple, LGPLv3
OrientDB C library for linux.

The library is written in best effort, so don’t kill me if you see bad
code for now…
As a starting point, there is already a very first implementation of
some simple binary protocol methods.
For those there are interested, this is the API that it’s just (it
seems…) working with the latest OrientDB SVN version:
http://www.tuxweb.it/temp/apishot/liborient/liborient_8h.html#func-members

You can view development code here:
http://svn.tuxweb.it/cgi-bin/viewvc.cgi/liborient/trunk/main/liborient/src/

INSTALL:
1) Install the latest GNU autoconf, automake and libtool
2) svn co http://svn.tuxweb.it/SVN/projects/liborient/trunk/main/liborient
3) cd liborient
4) ./autogen.sh
5) ./configure –prefix=/tmp/liborient
6) make
7) make check
8) make install

Warning: this is a very first proof of concept implementation that I
started to study OrientDB. Do not use it in production environments.

Even if I think “the scalable way”, I’m a Linux SysAdmin and not a
full time developer, so may be the API is not well designed and the
code is ugly.
We need people that write code. If you are interested, please join in
and contribute.

This is a sample C program that links liborient… and works 🙂
http://svn.tuxweb.it/cgi-bin/viewvc.cgi/liborient/trunk/main/liborient/test/single_orient.c?view=markup

<snip>
orientdb *oh;
o_conh *och;
unsigned long cid;

// create a new liborient handler
oh = orient_new();
// setup library debug level to “ORIENT_DEBUG”
orient_debug_setlevel(oh, ORIENT_DEBUG);
// setup debug callback
orient_debug_sethook(oh, &your_debug_function);
// preparing to open a new binary connection handler for orientDB
och = orient_prepare_connection(oh, ORIENT_PROTO_BINARY, “localhost”, “2424”);
// setting admin credentials
orient_set_credentials(oh, och, ORIENT_ADMIN, “root”, “pippo”);
// setting user credentials
orient_set_credentials(oh, och, ORIENT_USER, “reader”, “reader”);
// create the real connection with orientdb server
cid = orient_connect(oh, och, timeout);
// open the database “demo”
orient_dbopen(oh, och, cid, “demo”, timeout);
// get the DB size
dbsize = orient_db_size(oh, och, cid, timeout);
// get the total number of records
records = orient_db_countrecords(oh, och, cid, timeout);
// close the database
orient_dbclose(oh, och, cid, timeout);
// free library stuff
orient_free(oh);
</snip>

Any thoughts?
Ciao, Dino Ciuffetti.

11 Mar 11 Japan earthquake 11 mar

earthquake in Japan: great number of big circles on my phone… never seen before… Japanese kids, guys, moms, people, hold on. We are with all of you!!!

android earthquake alert app, big circles on my android map over japan

android earthquake alert app, big circles on my android map over japan show a great number of big quakes over Japan. Hold on guys!! We are with you.

05 Mar 11 Great event, great day

Today was one of the most productive day of the year for me. Codemotion event was great, full of great talks, good new ideas and tech staff demistified.
Great speech on orientdb and nosql by Luca Garulli and very good talk by Alessandro Nadalin: “REST in peace”, the RESTful + ESI correct usage.

02 Mar 11 ajax_proxy cross domain php in bundle with orientdb

I’m very happy that my simple proxy php script is now in bundle with a great product: orientdb.
Now, I’m going to take two beers!! Cheers!!!!

08 Feb 11 NuvolaBase.com, the OrientDB on the Cloud

So this is finally there. NuvolaBase.com (alpha release) has been published yesterday at UIM-GDB in Barcelona by Luca Garulli, the OrientDB author.

I am really excited as TuxWeb cofounder for joining our technical collaboration with him for the alpha realization of this project.

I personally cover all the system administration and low level stuff.

– dAm2K!!

26 Mar 10 Il tuo server linux personale

Se quello che hai sempre cercato e’ avere il tuo personalissimo server linux up and running 24 ore su 24, SliceHost e’ l’opzione giusta per te.

Questa meravigliosa azienda americana (in Italia purtroppo certe cose ce le sogniamo alla grande!) ha sviluppato un sistema automatico con interfaccia web in grado di fornirti in tempo reale per pochi dollari al mese una tua personalissima macchina virtuale con cui potrai realizzare e gestire il tuo server linux in tutta tranquillita’.
Banda e connettivita’ internazionale a internet non sono un problema e potrai scegliere tra vari tagli di offerte pronte per te.

Se sei interessato, dai un’occhiata al sito https://manage.slicehost.com/customers/new?referrer=af57db3020e04bb27352e271753a7a18 e affiliati anche tu.

Avrai la possibilita’ di scegliere la distribuzione linux che piu’ ti aggrada e il tuo server linux personale sara’ in piedi in pochi secondi.

Noi di TuxWeb lo stiamo utilizzando con successo per gestire i siti internet di alcuni nostri clienti.

Ciao, Dino – http://www.tuxweb.it/

13 Mar 10 DynaBlast, and your access_log give you something

If you want an apache httpd server access_log scanner written in C that check for you every IP address that exceed a given number of hits in the last given time period, then DynaBlast is a tool that make sense for you.

This tool, released as usual in GPLv2, can be spawned every minute in crontab without the risk of having two instances running: we make use of a lock mechanism.
It has a fast mode that can skip already parsed line from a consecutive scan, so each time it runs, it play very fast.

In stdout you’ll get the scanning result. Ex:

blacklisted:10.248.220.43
blacklisted:23.212.121.165

You can download DynaBlast from here: http://www.tuxweb.it/?section=progetti/dynablast

Ciao, Dino.