The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

    Mastodon

  • Twitter Updates

  • My Flickr Stream

    20140508-Delphi-2007--Project-Options--Cannot-Edit-Application-Title-HelpFile-Icon-Theming20140430-Fiddler-Filter-Actions-Button-Run-Filterset-now20140424-VMware-Fusion-6.0.3.-no-reclaimable
    More Photos

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,862 other subscribers

Archive for the ‘Communications Development’ Category

« Previous Entries
Next Entries »

Latest Tumbleweed distribution update likely kills sshd

Posted by jpluimers on 2016/05/03

After a recent big update to OpenSuSE Tumbleweed, I could not ssh into my system any more.

Symptoms

The ssh client side would report a Read from socket failed: Connection reset by peer which I misinterpreted as the sshd not running at all.

Luckily the server is a VM, so I could reach the console. There I saw this:

sshd trying to load files it shouldn't

sshd trying to load files it shouldn’t

The files should not be loaded as they are not specified in the sshd_config file:

dsa and ecdsa not specified in the config file

dsa and ecdsa not specified in the config file

So I knew something was broken. After reading some messages in the forums.opensuse.org I got at Bug 977812 – sshd killed by SIGSYS on client connection

The cause

As usual with such issues the cause seems a combination of factors:

And we have the culprit, I believe: together with the glibc upgrade, openssl
was updated from 1.0.2g-1.1 to 1.0.2-2.12 which brought, among others, patch
openssl-urandom-reseeding.patch.

Temporary fix

A temporary fix is to comment out a line in /etc/sshd_config so you get this diff:

-UsePrivilegeSeparation sandbox # Default for new installations.
+# UsePrivilegeSeparation sandbox # Default for new installations.

Be sure to undo this as soon as you’ve received a final fix.

Final fix

A final fix is being fast-tracked so it appears in Tumbleweed soon.

I will report after deployment of [opensuse-factory] New Tumbleweed snapshot 20160502 released! as I think it contains the fix.

Aftermath

I already knew about openQA: Test summary which lists the builds, but not the changes in the builds.

Reading through Information Board or the like for Tumbleweed I found the openSUSE Mailinglist Archive: opensuse-factory which does the announcements and release notes for Tumbleweed.

It had both the announcement of the “big patch”, ssh bug report and temporary fix:

–jeroen

 

 

Posted in *nix, Communications Development, Development, Internet protocol suite, Linux, openSuSE, Power User, SSH, SuSE Linux, TCP, Tumbleweed | 2 Comments »

some more lsof, netstat and rpcinfo examples

Posted by jpluimers on 2016/03/07

Last friday I updated the examples at *nix networking – lsof: How to tell what process has a specific port open on Linux (via: Server Fault) as I needed to document some of the machines around here (so it becomes easier replacing them).

I also added some links to background information and (when I get to using it: OS X still goes without) a good iproute2 starter page.

–jeroen

Posted in *nix, *nix-tools, Apple, Communications Development, Cygwin, Development, Internet protocol suite, Linux, Mac, Mac OS X / OS X / MacOS, Mac OS X 10.6 Snow Leopard, MacBook, MacBook Retina, MacBook-Air, MacBook-Pro, MacMini, OS X 10.10 Yosemite, OS X 10.8 Mountain Lion, OS X 10.9 Mavericks, Power User, TCP | Leave a Comment »

On my research list is Netcat: the TCP and UDP swiss army knife

Posted by jpluimers on 2016/01/14

Through [WayBack] netcat 1.11 for Win32/Win64 I bumped into [WayBackNetcat – Wikipedia, the free encyclopedia.

The docs at [WayBack] Netcat: the TCP/IP swiss army made it arrive on my research list.

Time for some scripting with it (:

–jeroen

via:

Posted in Communications Development, Development, Internet protocol suite, TCP | Leave a Comment »

Computer network technologies and services/VoIP – Wikibooks, open books for an open world

Posted by jpluimers on 2015/12/25

Nice explanation of unicast, multicast, RTP and much more:

Computer network technologies and services/VoIP – Wikibooks, open books for an open world.

–jeroen

Posted in Communications Development, Development, Internet protocol suite, TCP | Leave a Comment »

paping – Cross-platform TCP port testing, emulating the functionality of ping (port ping) – Google Project Hosting

Posted by jpluimers on 2015/12/22

Hopefully someone will move this to Github before Google code goes down: paping – Cross-platform TCP port testing, emulating the functionality of ping (port ping) – Google Project Hosting.

Paping (pronounced pah ping) is a computer network administration utility used to test the reachability of a host on an Internet Protocol (TCP/IP) network and to measure the time it takes to connect to a specified port

–jeroen

via:

Posted in *nix, *nix-tools, Communications Development, Console (command prompt window), Development, Internet protocol suite, Power User, TCP, Windows | 1 Comment »

network, multicast and send address in TransportNetwork; via Digging into Tibco Rendezvous network details – II

Posted by jpluimers on 2015/10/28

Tibco is very powerful and can do all sorts of casting.

For my memory (formatted for readability; there are more details at OpenPGM Concepts : Transport):

The network parameter consists of up to three parts, separated by semicolons—network, multicast groups, send address—as in these examples:

Example Meaning
lan0 network only
lan0;225.1.1.1 one multicast group
lan0;225.1.1.1,225.1.1.5;225.1.1.6 two multicast groups, send address
lan0;;225.1.1.6 no multicast group, send address

The format is like this:

partOne;partTwo;partThree

and some bits are optional

partOne[;[partTwo][;[partThree]]]

Part one identifies the network, which you can specify in several ways: – Host name, Host IP address, Network name, Network IP number, Interface name, Default TRDP daemons use the network interface which corresponds to the hostname of the system as determined by the C function gethostname(). PGM daemons use the default PGM multicast interface, 224.0.1.78.

Part Two—Multicast Groups – Part two is a list of zero or more multicast groups to join, specified as IP addresses, separated by commas. Each address in part two must denote a valid multicast address. Joining a multicast group enables listeners on the resulting transport to receive data sent to that multicast group.

Part Three—Send Address, Part three is a single send address. When a program sends multicast data on the resulting transport, it is sent to this address. (Point-to-point data is not affected.) If present, this item must be an IP address—not a host name or network name. The send address need not be among the list of multicast groups joined in part two. If you join one or more multicast groups in part two, but do not specify a send address in part three, the send address defaults to the first multicast group listed in part two.

Note: I wasn’t aware that for Tibco Rendezvous the default multi-cast network was 225 (often you see 224 here, as that is the starting multi-cast range in the IANA IPv4 Address Space list)

–jeroen

via:

Posted in Communications Development, Development, Internet protocol suite, Network-and-equipment, Software Development, TCP, TIBCO Rendezvous | Leave a Comment »

NOC Zone and NOC Apps – A Service and Free Mobile App for Website Monitoring

Posted by jpluimers on 2015/10/16

Interesting: this works through an on-line service that monitors up to 2 servers for free (including protocols like HTTP, SMTP and PING).

You can get reports at either through:

I’m using this to monitor my boxes at home.

A demo video is below.

–jeroen

Read the rest of this entry »

Posted in *nix, Communications Development, Development, HTTP, Internet protocol suite, Power User, SMTP, TCP | Leave a Comment »

Can a Raspberry Pi do NAT port forwarding to a non LAN address? If so, what…

Posted by jpluimers on 2015/09/19

Can a Raspberry Pi do NAT port forwarding to a non LAN address? If so, what distribution would be the easiest one?

Johannes Self added some nice comments for generic Linux distributions in the G+ thread, but just in case my blog readers have even more concrete answers…

–jeroen

Posted in *nix, Development, Hardware Development, Internet protocol suite, Power User, Raspberry Pi, TCP | Leave a Comment »

Using httpbin to test http/https requests

Posted by jpluimers on 2015/09/15

StackOverflow user Kenneth Reitz has written a great on-line and free httpbin tool that responds to many kinds of http/https requests including the standaard http request methods (or verbs) used by REST: get, post (for http 1.0) and patch, put, delete (for http 1.1).

These verbs are not supported: head (http 1.0) and trace, options, connect (http 1.1).

The site is geared towards JSON (as most the responses are in JSON, except for one XML response and a few TEXT responses), but even if your environment does not use JSON, it is very useful as you basically get an echo of information on what you pass to it.

Except one endpoint (/encoding/utf8), none of the response encodings can be determined by the request. This is a pity as sometimes it is good to see how a specific encoding works for JSON, but it is very hard to support encodings well, so I can understand the support is not there (or not there yet).

There are many examples on the site, which I won’t list.

There are at least two sites hosting them. The original supports HTTP and HTTPS only, but the ngHttp2 people also support HTTP2 and SPDY:

What I do list are the endpoints as copied from the site on 20141228:

Read the rest of this entry »

Posted in .NET, Delphi, Development, HTTP, Internet protocol suite, REST, Software Development, TCP | Leave a Comment »

Hacking Team had more and more need for SSL MITM

Posted by jpluimers on 2015/07/07

Interesting reads:

–jeroen

Posted in Communications Development, Development, https, Internet protocol suite, LifeHacker, Power User, Security, TCP, TLS | Leave a Comment »

« Previous Entries
Next Entries »