How to block HTTP requests based on HTTP header fields using iptables

The trick is to:
  • filter the right TCP packet (not just process all packets going to/from the webserver's port ... that'd be a serious waste of CPU power) ... in this task the "Recent" match module can be of great help
  • use the "String" match module to seach the first couple of bytes of the targeted packet for a string match

The htp.p procedure in Oracle RDBMS does not work (well) with multibyte charactersets

A long time ago I wrote my own framework for PL/SQL projects and one of the first things I did was to create a proper alternative to the builtin htp package. The Oracle supplied variant has lots of limitations and a few bugs/problems too. Since I worked for years on systems that had only English speaking users, I never faced the problem of htp.p (or htp.prn or htp.print) with multibyte characterset databases/strings. The code snippet written by amber.jah demonstrates the problem quite well.

Cloning an OEM Windows 7 installation

First of all: Microsoft's licensing does not permit this. The "Unsupported Sysprep scenarios" document tells you this clearly:

Microsoft does not support the use of Sysprep to create a new image of a system that was originally created by using a custom OEM installation image or by using OEM installation media. Microsoft only supports such an image if the image was created by the OEM manufacturer. For more information see the following licensing brief on Reimaging Rights.

Don't get fooled by the "supports" or "is supported" terms in the above paragraph. The the referenced "Reimaging Rights" document they make a clear statement:

OEM Specific Information:
  • Organizations do not have the right to reimage by using OEM media.
  • An OEM image can only be preloaded on a PC by the OEM during manufacturing. An image can be individually recovered by the organization (or a service provider they choose) by using the Recovery Media. The OEM recovery media should match the product version originally preinstalled on the system; no other image may be used to restore the system to its original state.

However there's a method to clone an OEM Windows 7 instance and change the product key afterwards. But legally you're on your own.

How to make filenames NTFS compatible

Let's assume you've a bunch of files (in a directory tree) on a linux/unix system and you'd like to copy them over to a Windows NTFS filesystem. The latter allows a lot less characters in filenames (and directory names), then linux/unix. The following code goes through the entire tree (starting with the current working directory) and removes all invalid characters from directory entries. Note that it relies on a few non-standard extensions (eg. not all find implementations have a -print0 option.

find . -depth -mindepth 1 -print0 | while IFS="" read -r -d "" entry; do if [ -f "${entry}" ]; then b="$(basename "${entry}")"; n="$(echo "${b}" | tr -d '\001-\037/\\:*?"<>|')"; if [ "${b}" != "${n}" ]; then d="$(dirname "${entry}")"; [ -f "${d}/${b}" ] && mv "${entry}" "${d}/${n}"; fi; fi; done

P.S.: I used David's writeup on how to process directory entries correctly and the Wikipedia article on NTFS for the list of valid characters.

P.S.2: Beware that simply removing invalid characters might result in data loss since several filenames can be converted to the same string this way. Eg. both the filename "my test?file.txt" and the filename "my test:file.txt" will be converted to "my testfile.txt" and only one will be kept. If you really need to cover such special cases, you could replace invalid characters with a number (instead of simply removing the invalid characters) and increment this number after each processed file (ie. directory entry). This way you could be sure that no file is lost during the process.

How to activate Maildir support in Thunderbird

The mail.serverDefaultStoreContractID preference sets the default storage engine for new accounts and the mail.server.server5.storeContractID preference (substitute the number 9 with the given server id) stores the engine name/implementation for a specific server/account. The default value for these is;1 standing for the mbox format and;1 stands for the Maildir format. The latter is experimental though and should be handled with care (ie. at least frequent backups).


"DMG2IMG is an Apple's compressed dmg to standard (hfsplus) image disk file convert tool."

How to keep your Google searches anonymous and still use Google products

I don't know about other browsers, but in Firefox I do this ...

Easy method to put 100% CPU load on your linux system

There're obviously a zillion ways to do this. Smile Here's a simple one-liner I've found quite useful:
IFS=$'\n' sh -c 'for i in $(grep "^processor" /proc/cpuinfo); do dd if=/dev/urandom of=/dev/null bs=1024 & done'
It starts up instances of dd, each pulling pseudo-random data from /dev/urandom (actually the kernel providing this pseudo-random data creates the CPU load). The number of dd instances is taken from the number of processors reported by /proc/cpuinfo. To stop the extra load, you can easily kill all instances via killall dd (assuming there're no other dd instances running on the server that you've the right/permission to kill and that were not started by this one-liner). And this doesn't even require root access, any user will do. Of course on servers using advanced resource control (eg. cgroups) this won't work since the kernel will limit the total load one user can put on the system (regardless of how many processes you start up).

How to pack and unpack system.img and userdata.img from an Android factory image

  1. Download the repository:
    git clone
  2. Check out a revision of your choice:
    cd extras
    git checkout android-4.1.1_r1
  3. Compile simg2img:
    cd ext4_utils
    gcc -o simg2img -lz sparse_crc32.c simg2img.c
  4. Unpack your Android image files:
    cd ../../
    ./extras/ext4_utils/simg2img system.img system.raw.img
    ./extras/ext4_utils/simg2img userdata.img userdata.raw.img
  5. Do whatever you want with the images (eg. you can use Paragon's ExtFS on a Mac or just simply mount the images in linux via the loop device).
    (Update, 2012.02.16: Paragon's ExtFS -or at least v8- does not work well. Sad It doesn't show all files that are in the ext4 image.)
    mkdir /mnt/my_system /mnt/my_userdata
    mount -t ext4 -o loop system.raw.img /mnt/my_system
    mount -t ext4 -o loop userdata.raw.img /mnt/my_userdata
  6. Compile make_ext4fs:
    cd extras/ext4_utils
    gcc -o make_ext4fs -lz make_ext4fs_main.c make_ext4fs.c ext4fixup.c ext4_utils.c allocate.c backed_block.c output_file.c contents.c extent.c indirect.c uuid.c sha1.c sparse_crc32.c wipe.c
  7. Repack the images:
    cd ../../
    PATH="$PATH:$(pwd)/extras/ext4_utils/make_ext4fs" ./extras/ext4_utils/ -s /mnt/my_system_dir my_system.img ext4 /tmp 512M
P.S.: if compiling stuff is not your thing, you can just download simg2img and make_ext4fs from here.

How to disable geolocation services in Firefox

  1. Type in address bar: about:config
  2. Enter in search field: geo.enabled
  3. Double click the geo.enabled line in the list so it's value changes to "false"
Syndicate content Syndicate content