Author Archives: Joe

The hunger games and Egypt “Revolution”

Posted on by
Reply

Hunger Games.. awesome read
Last month I found myself drawn into this amazing trilogy audio books. I started to listen to it to kill time in my ugly daily commute but i found my self completely consumed by it. Partly because it’s easy language and the unexpected turns of events which makes my 1 hour drive a bit less painful, But after a while I started to notice a pattern and suddenly ….. Egypt
The trilogy is 3 books, 400 pages each, full of details and events but out of these, one line of events stood out clearly “the rebellion
The story project almost perfectly Egypt revolutions starting from the fifties
The Story Line
Someday in the future the whole civilization is shrunk to 13 districts and the capital. the 13 districts were living in poor conditions while doing the hard work for the capital such as mining, manufacturing, agriculture…
At some point they decided to stand against the Capital, which result in a destruction of district 13 and initiation of the hunger games where every year the capital get randomly a boy and a girl from each district and let them fight in an arena till only one of them is alive. The Hunger games was an entertainment for the Capital people and a reminder for the district of the capital superiority. One of these years a girl (Katniss) and a boy from district 12 got into the game and stayed alive till the very end of the game not playing by the capital rules they wanted to be announced vector together. This action (whoever small it is) was considered the spark that initiated the rebellion in all 12 districts again.
Long story short, while the people of the districts were fighting the capital they found out that district 13 was not completely destroyed but they managed to have a deal with the capital all these years to stay hidden and the capital leave them alone or else they will launch there nuclear missiles towards the capital.
After a lot of fighting and death from districts people now led by district 13 (and it’s president) inspired by the girl who won the games . They managed to defeat the capital (and president of district 13 as a ruler of course) only to find themselves falling into a loop where a new version of the hunger games starting.

Sound familiar….. hah
Of course this is just a very skimmed version of the story but the more details you read the more resemblance you find.
Capital, district 13, secret deals, power and rebellion. These are all just too familiar
All I can hope for is that the end o story in Egypt is better than the one in the book

Securing your apache – Part 1 (Hiding Server banner)

Posted on by
Reply

The first thing that the hacker will do while attacking your web application is to get information about your web server. Using netcat tool is pretty easy even for script kiddies. For example firing the next simple command can get the web server brand, version name and operating system

nc xxx.xxx.xxx.xxx 80
HEAD / HTTP/1.0

Here is the result

HTTP/1.1 200 OK
Date: Fri, 20 Jan 2012 14:24:08 GMT
Server: Apache/2.2.16 (Debian)
Last-Modified: Tue, 15 Nov 2011 09:24:49 GMT
ETag: "180d5-b1-4b1c28f12fa40"
Accept-Ranges: bytes
Content-Length: 177
Vary: Accept-Encoding
Connection: close
Content-Type: text/html

As you can see some dangerous information are available about the web server.
Also if you tried to request a non-existing page the server will respond with full details about it and the host OS

Not Found 
The requested URL /hack-test was not found on this server.

Apache/2.2.20 (Unix) DAV/2 PHP/5.3.6 with Suhosin-Patch Server at localhost Port 80

Fortunately a mitigation for such a leakage in apache is simple

  1. To hide server details shown when you request a non-existing page, you need to add the following line to httpd.conf (or whatever the apache configuration file name) 
    ServerSignature Off

    This will remove the server details from the page

  2. To hide server details from the response header, you need to install mod_security module for apache (in Debian servers the task is easy enough) 
    apt-get install libapache2-mod-security2

    then add the following line to httpd.conf (or whatever the apache configuration file name)

    ServerTokens Full
SecServerSignature "Web Server"

    This will show the word “Web Server” instead of you full server details

Sure there are other ways to determine the server banner using fingerprinting, but this will be for another post

Seeding rails application with data

Posted on by
Reply

While development I like to have some sample data for testing and demo purposes. Instead filling them out using application interface, rails console or database operation rails has a slick way of seeding your database.

When you create a new rails application you can find a file called seeds.rb on db directory. This file can contain all your seeding data as follows

?View Code RUBY
projects = Project.create([{:title => 'xxxxx', :description => 'yyyyyyyy'}, {:title => 'rrrrrrrrr', :description => 'zzzzzzzzzzzzz'}])

To execute this file and fill your database with seeding data run

?View Code CMD
rake db:seed

Note that if you run it more than once you’ll have your data filled twice in the database, to reset your database run

?View Code CMD
rake db:reset

Having your seeding data in ruby file can give you some advantages as you can use loops to fill data series or use other tools such as Faker. To use faker with your seed data:

1- Add gem ‘faker’ to your Gemfile

2- Add require ‘faker’ on top of seeds.rb

3- Use faker in your seed data

?View Code RUBY
projects = Project.create([{:title => 'xxxxx', :description => Faker::Lorem.paragraph(10)}])

Changing port number for Central Administration site

Posted on by
Reply

I posted this trick in an older blog but recently I was in a situation where is was in desperate need for it, here is the old post

I always like to have a standard port number for Central Administration accross all my WSS/MOSS instalations. I always use the following command to change it to my standard 1000

?View Code CMD
stsdm -o setadminport -port 1000

It might be unsafe to change the port number as it might break something but so far nothing broken for me

Install rmagick gem on windows 7

Posted on by
1

My MacBook Pro was broken few days ago and i had to deal with the pain of rails programming on windows 7 :(

one of the biggest pain I stumbled upon was getting rmagic gem to work on the windows machine. It took me about 8 hours to figure out how it is done.

  1. Install ruby DevKit http://github.com/downloads/oneclick/rubyinstaller/DevKit-tdm-32-4.5.2-20110712-1620-sfx.exe
  2. Install ImageMagick 6.6.x with windows installer with headers http://www.imagemagick.org/download/binaries/ImageMagick-6.7.3-3-Q16-windows-dll.exe (You should change the installation folder to c:\ImageMagic otherwise it won’t work)
  3. Set the following Environment variables
    set PATH = c:\ImageMagic;%PATH%
    set CPATH = c:\ImageMagic;%CPATH%
    set LIBRARY_PATH=c:\ImageMagic\lib;%LIBRARY_PATH%
  4. gem install rmagick
    This will install the latest rmagick (in this case 2.13.1)

New Year Resolutions 2012

Posted on by
1

Every year before it starts I make a list things I need to achieve by the end of the year (commitments, goals,…). Rarely I check all of them out by the ond of the year (if I manage to check any thing at all :) ).
This year I decided to publish my list online for two reasons:

  1. This approach should help me keeping my promises to avoid public humiliation
  2.  It should force be to create a realistic list to avoid keeping me stressed all year long.

Here is my list for this year

  • Getting married: should be easy as I’m already engaged and the weeding date is set (yes I’m cheating in my list :) )
  • Finish my CSSLP certification
  • Finish my secret new project (shhhhh)
  • Loose 12 Kg
  • Go cycling at least twice a week
  • Ge to gym at least 3 times a week
  • Eat Healthy
  • Write more Rails code
  • Every line of code should have a unit test
  • Publish more technical blog posts (at least once a week)
  • Learn French

Happy New Year

Happy singleton

Posted on by
Reply

I love Ruby (Well…., only the programming language, I actually hate the stone)

I don’t know what makes this programming language special to me, but I would like to share a small ahh moment i had while reading about ruby

We are all familiar with the standard GOF implementation for singleton

?View Code RUBY
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17

class Logger
  def initialize
    @log = File.open("log.txt", "a")
  end
 
  @@instance = Logger.new
 
  def self.instance
    return @@instance
  end
 
  def log(msg)
    @log.puts(msg)
  end
 
  private_class_method :new
end

That’s is the plain old singleton but with some Ruby magic it can be like this

?View Code RUBY
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17

class Logger
  def initialize
    @log = File.open("log.txt", "a")
  end
 
  @@instance = Logger.new
 
  def self.instance
    return @@instance
  end
 
  def log(msg)
    @log.puts(msg)
  end
 
  private_class_method :new
end

It is some of these small things that brings me closer to Ruby every day

Pragmatic approach to learn Ruby on Rails

Posted on by
Reply

Three years ago out of bore and frustration with .Net framework while cruising on the web I stumbled upon Ruby on Rails, and from the first moment it clicked. I started to learn the framework and felt in love with it. I was working on and off with it for the last 3 years mostly due to the lake of Rails project (most of people still attached to other famous technologies)

Here I want to share the learning approach that will get you up to speed with RoR with minimal frustration.

To be able to explain my approach I will have to explain what is RoR briefly, Ruby on Rails is a web development framework built using Ruby language.
First step here is to learn the language

Learning Ruby

  1. Setup your system: RoR work best on Linux/Unix/Mac os (but it also work fine on windows platform). if you want to have the best experience without investing much money you can install Linux as a virtual machine on your system or clear 20 GB on your hard drive and install it directly on your computer (My favorit approach). My recommended Linux distribution is Ubuntu
  2. If you installed linux and needs to be familiar with it you can use this pdf to introduce you to the mysteries world of linux
  3. If you installed Linux you can google the installation approach (will introduce it in a later post). and if you will use your windows system you need to install it using ruby installer at this time the recommended version is 1.9.2 p290. Mac machines comes already with Ruby interpreter installed.
  4. After setting up the environment the following resources have proved really helpful.
    why’s (poignant) Guide to Ruby
    Learning Ruby (O’Reilly)

Learning Rails

  1. First step is to write a very basic rails application and see how it works, the following link is my first choice to see RoR in action.
    http://guides.rubyonrails.org/getting_started.html
  2. I would recommend building a simple application (such as a blog, Task management…) without worrying so much about writing tests just to get yourself familiar with Rails environment.
  3. Authentication is a must in almost all project you can use the instructions in the following screencast to add authentication aspect to your application
    http://railscasts.com/episodes/209-introducing-devise or in text format
    http://www.asciicasts.com/episodes/209-introducing-devise
  4. Now you have an overview how RoR works and created a simple demo application. Make sure you go through most of the materials on Ruby Guides and familiarize yourself with Testing Rails Applications guide.
  5. Pick a real project and fire your command line and start programming
  6. Start using rSpec & Cucumber into your projects to create better tests, the best resource i found in this topic is The RSpec Book from Pragmatic Programmers.

Tools

You can using only the command line a text editor to build awesome rails apps (In fact I found it is the best way)

  • For Windows you can use e-texteditor
  • For Mac TextMate is your best friend
  • VI is my editor of choice but if you are new to linux Redcar can provide a good graphical interface editor

If you are the IDE type of person Aptana is a great IDE with wonderful support for Rails

Additional Resources

Happy Coding