My online notes – Section 0001

Note 1:
MongoDB Applied Design Patterns
https://www.dropbox.com/s/5nksr6e8z09mu83/Oreilly.MongoDB.Applied.Design.Patterns.Mar.2013.epub?dl=0

Peopleware
https://www.dropbox.com/s/4v3j51mkt13yusc/Peopleware.epub?dl=0


Note 2:

static PerformanceCounter cpuUsage;
public static void Main(string[] args)
{
	cpuUsage = new PerformanceCounter("Processor", "% Processor Time", "_Total");
	Timer t = new Timer(new TimerCallback(TimerFunction), null, 0, 500);
	Console.ReadLine();
}

static void TimerFunction(Object stateInfo)
{
	//AutoResetEvent autoEvent = (AutoResetEvent)stateInfo;
	Console.WriteLine(cpuUsage.NextValue() + " %");
}

Note 3:

private void SetControlText(Control c, string strText)
{
//    if (InvokeRequired)  unnötig, denn du **weißt** ja dass Invoke Required ist
	this.BeginInvoke(()=> c.Text = strText);
}

Note 5: Ffmpeg Mp4 Join

ffmpeg -f concat -safe 0 -i “C:\Temp\mp4.txt” -c copy “C:\Temp\nhi.mp4”

Content of mp4.txt

file 'C:\Temp\WP_20170107_10_24_10_Pro.mp4'
file 'C:\Temp\WP_20170107_10_32_31_Pro.mp4'
file 'C:\Temp\WP_20170107_10_36_39_Pro.mp4'
file 'C:\Temp\WP_20170107_10_45_33_Pro.mp4'
file 'C:\Temp\WP_20170107_10_46_32_Pro.mp4'
file 'C:\Temp\WP_20170107_11_02_39_Pro.mp4'
file 'C:\Temp\WP_20170107_11_07_42_Pro.mp4'
file 'C:\Temp\WP_20170107_11_14_45_Pro.mp4'
file 'C:\Temp\WP_20170107_11_20_57_Pro.mp4'
file 'C:\Temp\WP_20170107_11_23_28_Pro.mp4'
file 'C:\Temp\WP_20170107_11_24_06_Pro.mp4'
file 'C:\Temp\WP_20170107_11_34_41_Pro.mp4'
file 'C:\Temp\WP_20170107_12_09_37_Pro.mp4'
file 'C:\Temp\WP_20170107_12_12_25_Pro.mp4'

1) Kernel:
Write this values to /etc/sysctl.conf then run # sysctl -p

net.netfilter.nf_conntrack_tcp_timeout_syn_recv = 2
net.ipv4.tcp_syn_retries = 3
net.ipv4.tcp_synack_retries = 1
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_max_syn_backlog = 8192
net.ipv4.tcp_mem = 786432 1048576 1572864
net.ipv4.tcp_rmem = 4096        87380   1048576
net.ipv4.tcp_wmem = 4096        16384   1048576
net.ipv4.tcp_max_orphans = 2048

2) Adjust iptables (consider iptables -P INPUT DROP)

iptables -N syn
iptables -A syn -j ACCEPT
iptables -N SYN_CHECK
iptables -A SYN_CHECK -m recent --set --name SYN
iptables -A INPUT -p tcp --syn -d $IP -m state --state NEW -j SYN_CHECK

iptables -A SYN_CHECK -m recent --update --seconds 60 --hitcount 10 --name SYN -j LOG --log-prefix "FLOOD: "
iptables -A SYN_CHECK -m recent --update --seconds 60 --hitcount 10 --name SYN -j DROP

iptables -A SYN_CHECK -m recent --update --seconds 60 --hitcount 3 --name SYN -j syn
iptables -A INPUT -p tcp ! --syn -d $IP -m state --state ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p tcp -s $IP -m state --state ESTABLISHED -j ACCEPT

To be sure blocking all violated IP (which used to cause SYN Flood) in 2 minutes; after 2 minutes check again if it does not attack anymore then let it in. Add this block

iptables -t mangle -N blockip
iptables -t mangle -A blockip -j DROP
iptables -t mangle -A PREROUTING -p tcp -d $IP -m recent --name SYN --update --seconds 120 -j blockip

$IP is the IP which is bounded on external interface of Linux server.

Note 5: Hash Strengthening
Source: http://codahale.com/how-to-safely-store-a-password/
A modern server can calculate the MD5 hash of about 330MB every second. If your users have passwords which are lowercase, alphanumeric, and 6 characters long, you can try every single possible password of that size in around 40 seconds.

Note 6: Changing running account of SQL Server to enable backup to network drive
– Start –> Microsoft SQL Server 2008 –> Configuration Tools –> SQL Server Configurations Manager
– In new dialog choose SQL Server Service –> Right click on “SQL Server (SQLEXPRESS) –> Properties –> At “Log In” Tab choose “This account” –> under Account Name is network account name for example “edr\nguy” and under Password is windows login password –> Then click “Apply”.
– To backup database to network drive then using UNC Path for example “\\srvedrx\Transfer\Nguyen\test.bak”. Man will be asked for using this path although it can be not accessible, just click “Yes” to pass through.

Note 7: Top5 Freelancer platform in Germany
Top5 Freelancer platform in Germany

Note 8: Release und update DNS when site can not be found
ipconfig /registerdns –> ipconfig /displaydns –> ipconfig /flushdns –> ipconfig /displaydns
http://compnetworking.about.com/od/workingwithipaddresses/a/ipconfig.htm

Note 9: Windows Installer Clean Up
http://www.mediafire.com/download/g81refyfwwtafh6/msicuu2.exe
https://app.box.com/s/osuns61gfe3l6iav9eb54ile5l4s3bdq

Note 10: Authentication with .htaccess
http://www.hvaonline.net/hvaonline/posts/list/37738.hva#232191

Note 11: List all installed programms from command line
wmic product > list.txt (it takes time to finish).

Note 12: Windows Messages Enumeration
http://www.pinvoke.net/default.aspx/Constants/WM.html

Note 13: Code to make a window behind all of windows and can not be minimized meaning that it will be visible with Win+M and Win+D

[DllImport("user32.dll", SetLastError = true)]
static extern IntPtr FindWindow(string lpClassName, string lpWindowName);

[DllImport("user32.dll", SetLastError = true)]
static extern IntPtr SetParent(IntPtr hWndChild, IntPtr hWndNewParent);

public frmMain()
{
	InitializeComponent();

	IntPtr hwndParent = FindWindow("progman", null);
	SetParent(this.Handle, hwndParent);
}

Note 14: Webmail for Bluehost when port 2095 is blocked
If you do not have access to www.yourdomain.com/webmail because port 2095 is blocked on your network, you can alternately use http://login.bluehost.com using same login credential.

Note 15: SQL Injection at Order By Clause of MySQL (no chance to test, just take a note, see it later)
Case study:
http://www.test.com/list.php?orderby=1 means “SELECT id,name,price FROM list ORDER BY 1”
Bugs:
http://www.test.com/list.php?orderby=rand(true)
returns a different result then this request:
http://www.test.com/list.php?orderby=rand(false)
Exploit: Get the first character of all tables
http://www.test.com/list.php?orderby=rand((select char(substring(table_name,1,1)) from information_schema.tables limit 1)<=128))

Note 16: Check if program is started in Debug.Mode or Console.Mode

Debugger.IsAttached or Environment.CommandLine


Note 17: Important Add-Ins for Visual Studio

http://archive.msdn.microsoft.com/PowerCommands

Note 18: WyBuild Patched Full Version 2.6.12.0
http://www.megaupload.com/?d=91OO5R4G

Note 19: Latest free version of .Net Reflector 6.6.0.30 with Reflexil
http://www.megaupload.com/?d=UUMBQLQJ
.Net Reflector 7.0.0.420 download

Note 20: Tool to control traffic in Network
– Which kind of traffic on network, source and destination of each kind as well as which traffic consumes most of bandwidth : NetFlow, SNMP, NBAR
– To limit bandwidth of limit (still allow traffic goes on network however its bandwidth should be limited) then use QoS on router: Queuing (CBWFQ), Policing, Shaping

Note 21: Differences between const, static, static readonly, readonly
– Use const when having a variable of a type, know at runtime (string literal, int, double, enums,…) that all instances or consumers of a class to have access to where the value should not change.
– Use static when having data that all instances or consumers of a class to have access to where the value can change.
– Use static readonly when having a variable of a type that not know at runtime (objects) that all instances or consumers of a class to have access to where the value should not change.
– Use readonly when having an instance level variable that know at the time of object creation that should not change.
One final note: a const field is static, but the inverse is not true.
http://en.csharp-online.net/const,_static_and_readonly

Notes 22: Generate Lotto numbers

var lotto = Enumerable.Range(1, 40)
                      .OrderBy(i => Guid.NewGuid())
                      .Take(6)
                      .ToArray();

Leave a Reply

Your email address will not be published. Required fields are marked *