.bootstrap - Safe with most medications

DOS text files traditionally have a carriage return and line feed character as newline character or symbol – mostly for historic reasons i think. Unix and Linux on the other hand have a line feed character as newline character in text files – and Macs have yet another “standard”.

From time to time I need to convert from one text file “standard” to another.

Red Hat-based Linux distributions are normally distributed with a small tool called dos2unix, which is able to do the conversion job very easy, but Debian-based Linux distributions like Debian itself and Ubuntu do not include the dos2unix tool by default.

The dos2unix tool i available in the Debian / Ubuntu package called tofrodos. To install the packages just type:

aptitude install tofrodos

Once you have the tofrodos package installed you are able to use the dos2unix command from the command line, like this:

dos2unix dosfile.txt

After running the command all the historic and crappy windows newlines are gone.

Related posts:

1. Recursive convert dos newlines to unix ones with dos2unix
2. Howto: Create your own Debian or Ubuntu package repository
3. Howto: Install Ruby and Rails on Debian or Ubuntu
4. Ubuntu Howto: Install Oracle
5. Bash shortcuts tips and tricks
6. Howto install Sun Java on Debian Sarge
7. Howto Install Oracle on Debian
8. Howto: Write Debian Package Descriptions
9. How to mount bin / cue image files in Linux
10. Howto: Install Windows Vista Fonts in Ubuntu

Developing a web applications is often articulated as easy and a good thing for new programmers to start with. Many books and tutorials have been written on the subject, and many frameworks and programming languages have been built to facilitate quick construction of web applications. Just one thing bothers me about this, many of the books and tutorials ignore many of the security issues that are related to building web applications. This fact might explain why we do have such a huge number of insecure and vulnerable web applications around on the net.

Anyway, it is not just bad – a number of initiatives have been formed to communicate the need for security and web-based applications. One of these initiatives is OWASP, which is an open-source application security project. The OWASP community includes corporations, educational organizations, and individuals from around the world. This community works to create freely-available articles, methodologies, documentation, tools, and technologies.

OWASP’s most successful documents include the book-length OWASP Guide and the widely adopted OWASP Top 10 awareness document. The most widely used OWASP tools include their training environment WebGoat, their penetration testing proxy WebScarab, and their OWASP .NET tools. OWASP includes roughly 100 local chapters around the world and thousands of participants on the project mailing lists. OWASP has organized the AppSec series of conferences to further build the application security community.

Hopefully initiatives like OWASP will provide up-coming web developers with a awareness of the security issues related to development of web application and enable them to avoid the classic pitfalls in web application security. At least so far I have learned a lot from OWASP articles and guides.

Related posts:

1. Google Gives Away Web App Security Tool
2. PHP Source Code Security Audit Tool
3. 68 Linux Related Free E-books
4. Voices That Matter: GWT – Security
5. Test your environment’s security with BackTrack
6. Popular Photoshop Tutorials
7. Firefox Flash Interaction Bug: I Cannot Click In Flash Application e.g. Youtube
8. Top 15 Free SQL Injection Scanners
9. Howto Install Ruby and Ruby on Rails on Debian Etch 4.0
10. Germany warns users against Internet Explorer

During the last couple of weekends I have experimented with Google Web Toolkit (GWT). I have tried to build a number of small simple web interfaces and I have experimented with a number of IDEs for development of GWT.

I’m currently still experimenting, but I’ll write a post on my experiences later on.

Related posts:

1. Google’s new operating system: Chrome OS boots at 7 seconds
2. Google Gives Away Web App Security Tool
3. GWT 1.4.62 and GWT 1.5.0 Documentation
4. Dalvik: How Google routed around Sun’s IP-based licensing restrictions on Java ME
5. Google Cube
6. Google Gmail on your own domain
7. GWT, Usability and User Experience
8. /dev/hello_world: A Simple Introduction to Device Drivers under Linux
9. Linux developers considering move to Eclipse
10. Google Maps with Danish street names

Microsoft Windows is collapsing under its own weight and radical changes are needed to change that according to Gartner.

Microsoft’s Windows juggernaut is collapsing as it tries to support 20 years of applications and becomes more complicated by the minute. Meanwhile, Windows has outgrown hardware and customers are pondering skipping Vista to wait for Windows 7. If Windows is going to remain relevant it will need radical changes.

That sobering outlook comes courtesy of Gartner analysts Michael Silver and Neil MacDonald. Half of a full room of IT managers and executives raised their hands when asked whether Microsoft needed to radically change its approach to Windows. “Windows is too monolithic,” says Silver.

News Stories on the issue
– Windows collapsing under its own weight; Radical change needed
– Gartner: Windows heavyweight champ, but no longer nimble
Well, Well – Finally somebody shed light on this issue.

Could he same thing be said about the recently ISO-approved standard OOXML, since it is very bloated too – especially compared to OpenDocument (odf).

Related posts:

1. Microsoft forced partners to vote Yes
2. ISO captured by vendor Microsoft?
3. How to Download Microsoft Windows 7
4. NO to the Microsoft Office format as an ISO standard
5. an ex-microsoft employee’s view on Linux and the open source community
6. Unix beats Windows – says Microsoft Research
7. Microsoft’s Annual Report Reveals OSS Mistakes
8. Windows Developers Begin Slow Defection to Linux
9. Microsoft is using Linux
10. Vulnerability: Microsoft Excel 2000 and 2003 exploit

Brussels, 2 April 2008 — ISO members failed to disapprove the Open XML format. Microsoft has compromised the International Standards Organisation (ISO) during the rush to get a stamp for their Office OpenXML (OOXML), using unfair practices such as committee stuffing in several countries and political interventions of ministers in the standardization process.

Read more on noooxml.org.

Related posts:

1. NO to the Microsoft Office format as an ISO standard
2. Microsoft forced partners to vote Yes
3. Microsoft Windows collapsing under its own weight; Radical change needed
4. OS2World: The Swedish OOXML vote has been declared invalid!
5. Er OpenOffice et realistisk alternativ til Microsofts Office-pakke?
6. an ex-microsoft employee’s view on Linux and the open source community
7. Microsoft and the Open Source movement
8. OpenOffice Gets More Features
9. Microsoft is using Linux
10. Microsoft’s Annual Report Reveals OSS Mistakes

Warning: Malicious use of SYN-floods are punishable by law.

This post shows howto to establish a synflood attack on an arbitrary remote host. The attack is performed using hping, which is free packet generator and analyzer for the TCP/IP protocol. Hping is one of the de facto tools for security auditing and testing of firewalls and networks. A syn-flood attack is basically a DOS-attack on a bug in TCP – some will argue that TCP is defective by design

The actual attack is initialized by this command:

hping -i u1 -S -p 80 dst-host-or-ip


In most cases DoS attacks like this one renders a webserver totally unable to serve any requests from users.

To get hping installed on a Debian or Ubuntu-based system, type this to install:

aptitude install hping2

Related posts:

1. HackerGuide: Sniff Live Network Connections Using Ettercap
2. HackerGuide: Crack Password Encrypted Zip-files
3. TCP Resource Exhaustion Denial of Service (DoS) Attack
4. Bash shortcuts tips and tricks
5. Hack Wireless WEP Network
6. What is the coolest thing you can do using Linux that you can’t do with Windows or on a Mac?
7. dos2unix on Ubuntu and Debian
8. Run Single Commands on a SSH-based Server
9. Combine Multiple PDFs Into One File
10. Crack Cisco VPN (hack)