Archive for » April, 2009 «

Sunday, April 26th, 2009 | otè:

Trust me. We’re still dealing with regexesjust in a roundabout (and vaguely practical) way. This is a pretty comprehensive listing of how to go about flushing DNS caches while using regexes to show where similar methods deviate.

Why do we want to clear DNS caches exactly?

There are a number of reasons to clear DNS caches, though I believe these are the most common:

  • An intranet service has an private (internal) IP address when on the company network but it has a public IP address for outside access. When you try to access that service from outside after accessing it from inside, there’s a chance that you would have cached the private (inaccessible) IP. A good long-term solution is to make the service inaccessible except via VPN. A simpler solution is to leave work at work. 😛
  • An internet service or web site changes their DNS settings and your desktop/laptop is looking at theoldsetting. In this case, the new setting has not yet propagated. Hosting Admins come across this case very often.
  • Privacy: If someone can track your DNS history then it wouldn’t be too hard to figure out which web sites you’ve been viewing. Though the individual pages you’ve viewed can’t be tracked in this way, the hostnames, tankou “dogma.swiftspirit.co.za” oswa “google.comwill be in the DNS cache, gen anpil chans nan lòd la ou premye jwenn aksè chak sit. Gen fason pi bon fè menm si sa a. Yon egzanp se sèvi ak yon rezo Tor pou tout demann dns.

Flushing Windows’ dns kachèt, soti nan èd memwa lòd:

Prèv sijere ke yo anvan Windows 2000, Windows OS a pa t 'kachèt dns rezilta. Nan ipkonfig lòd, kouri soti nan èd memwa nan lòd, te bay kèk kontwòl sou kachèt a dns ak li te rete apeprè menm bagay la tou depi.

Pou li ale nan èd memwa a si lè l sèvi avèk Vista kòm ki pa Admin: Head Start -> pwogram -> Pwodwi pou Telefòn -> Dwa-klike sou “Kòmand rapid” -> Kouri kòm administratè

Sinon: Head Start -> Ryon -> [km ] -> [ OK ]

ipkonfig / flushdns

Flush the DNS Resolver Cache in Windows

Li posib tou klè kachèt la nan Windows pa rekòmanse nan “dns Kliyan” oswa “Dnscache” sèvis.

Flushing Mac OS X dns kachèt, soti nan èd memwa koki:

depi Mac OS X, Apple Macnan yo te kouri yon UNIX ki baze sou, POSIX-konfòme, sistèm opere ki baze sou Lòt etap, tèt li orijinal ki gen Kòd soti nan frizbs ak NetBSD. Mac OS X itilizasyon lookupd oswa dscacheutil jere kachèt a dns, depann sou vèsyon an.

Pou li ale nan èd memwa a: Aplikasyon -> itilite -> tèminal

(lookupd|dscacheutil) -flushcache

Ki sa ki gen nou isit la? Tankou pou chak pati 1, nan ba vètikal endike ke swa “lookupd” OSWA “dscacheutil” yo akseptab. Nan parantèz endike ke nan ba vètikal sèlman aplike nan la “lookupd|dscacheutil” pòsyon nan ekspresyon an. Se konsa, nan ” -flushcache” se pa si ou vle, epi yo dwe enkli nan lòd la yo nan lòd pou li nan travay. Remake byen ke kòmandman sa yo pwodwi pa gen okenn pwodiksyon sòf si gen yon erè.

Sèvi ak dscacheutil si w ap itilize Mac OS X 10.5 (leyopa) oswa pita.

Mac OS X:

lookupd -flushcache

Mac OS X leyopa:

dscacheutil -flushcache

Use dscacheutil to flush the cache in Mac OS X Leopard

Genyen tou se yon zouti entèfas, dns Flusher, ki otomatikman sèvi ak lòd ki kòrèk la ki disponib.

Flushing Linux / UNIX’ dns kachèt, soti nan èd memwa koki:

N.B. Si ou pa deja gen swa mare (ak caching Passage pèmèt), ns, oswa dsmask enstale ak kouri sou * ou nix ki baze sou Desktop / sèvè, ou yo se pwobableman pa caching dns nan tout ak pa gen anyen yo kole. Nan ka sa a ou pral itilize sèvè dns ou pou chak demann sou sit, pwobableman ralanti eksperyans entènèt ou *. Si se konsa, Mwen rekòmande omwen ns enstale kòm li se pi fasil a yo mete kanpe. **

Flòch kachèt ns la

Menm jan ak yo lòd, ki Mac OS, sa a pwodui absoliman okenn pwodiksyon sòf si gen yon erè:

(|sudo )(|/Uzr / sben /)ns -i gen tout pouvwa a
  • sèvi ak sudo si ou pa deja rasin otreman seleksyon an premye a se vid.
  • Espesifye / Uzr / sben / si ns se pa deja nan la “chemen”. Si distribisyon ou ns nan yon kote ki etranj, jwenn li premye:
jwenn -r bin / ns $

Remake pi wo a “bin / ns $” se tèt li yon ekspresyon regilye. 🙂

Lè l sèvi avèk ns, invalid a “gen tout pouvwa a” cache, louvri sesyon an kòm yon itilizatè:
sudo ns gen tout pouvwa a -i
Lè l sèvi avèk ns, invalid a “gen tout pouvwa a” cache, louvri sesyon an kòm rasin:
ns -i gen tout pouvwa a
Lè l sèvi avèk ns, invalid a “gen tout pouvwa a” cache, louvri sesyon an kòm rasin, espesifye chemen an plen:
/Uzr / sben / ns -i gen tout pouvwa a

Flòch kachèt mare nan

Kachèt kole mare nan, nou bay yon lòd atravè rndc. Sèvi ak sudo si ou pa deja rasin:

(|sudo )rndc kole

Rekòmanse sèvis sa yo cacheing tou travay!

Men ki jan yo rekòmanse swa nan damon yo caching:

(|sudo )(sèvis |/elatriye /(rc\.d|rc\.d/init\.d|init\.d)/)(mare|dsmask|ns) rekòmanse

Sa a kòmanse jwenn difisil nan li. *** Chans mwen te eksplike an detay:

  • Menm jan ak yo lòd, ki anvan yo, sèvi ak sudo si ou pa deja rasin.
  • Seleksyon an dezyèm gen opsyon a an premye “sèvis “. Sa a aplike sitou nan Wouj Hat / CentOS ak sistèm Fedora.
  • Nan “/elatriye /(rc\.d|rc\.d/init\.d|init\.d)/” bezwen yo dwe elaji pi lwen. Sa a se pou pifò lòt sistèm. Anjeneral, the rc.d is for if you’re using a BSD-style init system (for example: Arch Linux, frizbs, or OpenBSD). The best way to know for sure which command to use is to ‘locatethe correct nscd or dsmask chemen. Most Unix flavours, even Solaris, use nscd:
locate -r \.d/nscd$ ; locate -r \.d/dnsmasq$ ; locate -r \.d/rndc$
  • The last choice is between “mare”, “ns”, ak “dsmask”. This depends entirely on which is installed and in use.
  • The last of the pattern, ” rekòmanse”, is the instruction given to the daemon’s control script.

Arch, using dnsmasq, restarting the cache daemon, louvri sesyon an kòm rasin:

/etc/rc.d/dnsmasq restart

Arch, using nscd, restarting the cache daemon, logged in as user:

sudo /etc/rc.d/nscd restart

CentOS / Red Hat, using nscd, restarting the daemon, as root:

service nscd restart

nscdrestart

Flush Mozilla Firefox’s internal DNS cache:

Mozilla Firefox keeps its own DNS cache for performance. Firefox 2 would cache only 20 entries for up to 60 seconds. The default setting as of Firefox 3 appears to be 512 entries for up to 60 minutes which seems much more reasonable for every-day browsing. If your desktop has a built-in cache (which most now do) then the cache here is actually redundant. I’m not aware of any other browsers that implement DNS caching.

I’ve found a few solutions for when you need to clear the cache. It seems there are many ways to do this however these are the easiest, which I’ve put into order of preference.:

  1. Install the Firefox DNS Flusher Addonprovides a button to flush the cache.
  2. Install the DNS Cache Addonprovides a toggle which disables or enables the DNS cache.
  3. Clear Cache (clears browser cache as well as DNS Cache): Select Tools -> Clear Private Data; Deselect all checkboxes except for Cache; Click [ Clear Private Data Now ].
  4. Manually do what DNS Cache does: set the following 2 about:config optionsnetwork.dnsCacheExpiration” ak “network.dnsCacheEntries” to 0 and then back to the default.

I had a bad cached record and I cleared my browser’s cache. But its still giving me the wrong info. What gives?

Because of how DNS propagation works, you preferably need to flush the DNS on all DNS hosts between yourself and theauthoritivehost, starting with the host closest to the authoritive host (furthest away from your browser).

As an example, if you have a router that is caching DNS, reset the router’s cache before restarting the DNS cache of your operating system, and only then should you clear the cache in Firefox. The reason is that even if you only clear your OS and Firefox’s caches, your desktop is still going to ask the router for its bad record anyway.

What if my DNS server is a server on the net outside my control?

You could try temporarily using a different nameserver, possibly even a publicly open server. OpenDNS shows some good information on how to do this. If you’d like, you should also be able to get relevant information from your own ISP regarding their resolving DNS servers. A local example (South Africa) is SAIX which lists their resolving DNS servers.

* Likely the reason why Firefox has a DNS cache built-in ****
** “((pakman|yogout) -S|emerge|(yum|aptitude|apt-get) install) ns” and then ensure that the service is added to the startup scripts. Refer to your distribution’s installation documentation.
*** I’m looking for a syntax highlighting plugin that can work with regex
**** I’ve read statements that restarting the network(ing|) service also clears the DNS cache however I haven’t seen any evidence that this is true. If anyone has a example where this is true, please provide me with the details.
pataje
Thursday, April 23rd, 2009 | otè:
Who Rules?! Who Made this Awesome Image?!

Who Rules?!

When an artist has released his work (even as Creative Commons) and the IPTC / EXIF data is no longer in the image, how do you find out who the original artist is? All I have here is a difficult-to-read signature. 🙁

pataje
Wednesday, April 22nd, 2009 | otè:

Arch Linux’s installation process is documented on the Arch wiki. I recommend that persons new to Arch try the excellent Beginner’s Guide instead of the Official Arch Linux Install Guide. Though both wiki entries cover similar ground, the Beginner’s Guide gives a lot more relevant information for those new to the system. The Beginner’s Guide is aimed at desktop installation and, as I’m installing a server, I won’t be going through the installation of the graphical environment at all. Assuming that you’re following my installation, assume that I’ve followed the Beginner’s Guide right up to and including the installation of sudo. I installed the ssh daemon afterwards rather than during the initial setup however.

A few small recommendations and notes regarding installation:

  • If you can, consider using a USB memory stick for the installer and keep it handy for future installations.
  • I keep a copy of my localrepositoryof installed applications on my installer memory stick. Once installation is finished I save a bit of download and update time by copying this to the new server’s /var/cache/pacman/pkg/ folder. The repository on my desktop is typically 1.7GB
  • For the rc.conf, South African-appropriate regional settings are:
    LOCALE=en_ZA.utf8
    TIMEZONE=Africa/Johannesburg
  • I’ve set up the network very simply, according to the guide, and will be expanding on the network setup in a later post.
  • As it is for a server, my non-privileged user on the server is only part of 3 groups: wheel (for sudo), storage, and users. A desktop user will likely be in many more groups.

I prefer using an application called yogout instead of Arch’s default package manager. Yaourt has the exact same usage syntax as pacman except that it supports a few extra options. It is actually a wrapper application in that it, in turn, uses pacman. Importantly, yaourt supports installation of applications from Arch’s AUR. Nan AUR is a repository of installation scripts built by Arch users for Arch users to easily install applications that are not officially supported by the main Arch repositories. Yaourt can download and install applications from AUR or the main repositories with the same command, treating the AUR asjust another repository”. Pacman unfortunately does not support this.

Again, the installation is covered in the wiki. I recommend the easy route mentioned in the wiki if you’re new at Arch. Its too much too soon to do it the hard way (also mentioned in the wiki entry).

When done, update your system by issuing the single command:

yaourt -Syu

OSWA

pacman -Syu

and follow the given recommendations.

pataje
Lendi, April 20th, 2009 | otè:

I’m looking at the South African banking system (partly a result of watching the Zeitgeistdocumentary”) ak, after finding my bank implicated most with regards to the SA-Banking Competition Commission wikileaks scandal, I’m putting serious consideration into switching banks.

What ethical banks are out there right now? I’ve even looked into Sharia (Islamic) banking because of their strict ethics laws but even there I’m looking at even more unknowns. I’m not Islamic and I have nothing against funding pork-related activities.

On that note, do you know if your bank has a code of ethics? If they’re public, where can we see these ethics codes?

Tell me about service levels I haven’t heard of before and which bank you believe deserves to handle my money.

pataje
Sunday, April 19th, 2009 | otè:

I think the Internet is a scary place. Wi, me. Some days I find myself horrified to find the lowliest of criminal bastards trying to steal our livelihoods.

Wi, people, there are criminals out there and they want your money or they want to use you to make money. What’s even more scary is the lengths to which they are willing to go, even risking YOU. Do not pass Go. Do not collect $200.

I received an email saying that I was being offered a job as aRegional Assistant” ak, though the details weren’t given, the email suggested that it was a legitimate opportunity. I replied asking about where they’d received my details and also about what they would require of me.

Being the skeptic I am, I thought I could spot scammers a mile away. How fortunate that I can still laugh at the idea.

A few hours later, they replied indicating that I’d soon receive further instructions. They’dprobablybeen referred to me by a friend and they had a pile of referrals and so couldn’t specify which friend had recommended me. I waited patiently and left it to the back of my mind. “They’ve probably found a good candidate already and I’ve lost out”, I thought. “How nice that a friend might refer me. Obviously I’m Awesome.” (and daft :-/)

So later on, I receive my email with myfurther instructions”. This is where I finally realised that I was dealing with scammers:

Hi. We’d like to start a trial task. Our customer will make a bank transfer to you this week. Please go to our site <site omitted> to submit the banking details where the transfer will go to. Once we’ve established a good transaction history, you will receive between 2-3 transfers per week (amounts of about R10 000 each except the first trial transfers).
Please confirm that you can start. We don’t send any transfers to your account until we receive confirmation from you.
On Monday you will receive notification, detailed information and instructions regarding the transfers. Thank you and have a lovely weekend.

Say what??? I checked out the web site in question and, without a doubt, this is a money laundering scheme done by professionals. They know what they’re doing and they probably launder millions every month. What’s more is that, inevitably, they will screw you over and get the cops to arrest YOU. These criminals can leave evidence behind implicating you even if all you’ve done is diligently moved money from one place to anotherand kept a small percentage for yourself. 😛

Money laundering is where illegitimate money (stolen, probably) is transferred via third parties to appear more legitimate. You’re an accessory to the crime and, even worse, you’re even likely to be the victim of it. Recognise when an opportunity is too good to be true. I was fooled for a short while. Next up, given that a victim might give out a lot of personal details, the scammers might steal your identity and start to implicate you in fraudulent activities without you ever having done a thing.

If you happen to have already given any details such as the above where they wanted my banking details, contact your bank and inform them of the situation. They will give you the best possible advice on what to do next. If you’ve already responded to the mail but haven’t yet already given them the information they want, don’t reply any further. I’d also suggest calling your local police for further advice.

pataje