1) How does one create a file starting with hyphen(-)?
2) How does one remove a file starting with hyphen(-)?
My Solution
===========
1)
bash-2.05$touch a
bash-2.05$tar cvf -c.tar a
2)bash-2.05$ rm ./-c.tar
Monday, November 19, 2007
Saturday, October 27, 2007
How can a host determine what address mask is in use on a remote host without logging in?
Interestingly, icmp is so powerful , that it can get us this information.
RFC 792 does not mention about the Address Mask( or type 17/18). However RFC 950 has the inherent rationale(Section 2.3) for embedding this option in icmp.
Using nemesis the solution can be seen in action outright.
@SOURCE_MACHINE>/usr/local/bin/nemesis icmp -qM -i 17 -m 0 -S 129.158.224.205 -D 129.158.224.182 -H 0:3:ba:4e:40:44 -M 00:03:ba:5b:8f:5d
ICMP Packet Injected
@SOURCE_MACHINE>snoop icmp
Using device /dev/eri (promiscuous mode)
SOURCE_MACHINE -> DESTINATION_MACHINE ICMP Address mask request
DESTINATION_MACHINE -> SOURCE_MACHINE ICMP Address mask reply (Mask = 0xffffff00)
^C@SOURCE_MACHINE>
RFC 792 does not mention about the Address Mask( or type 17/18). However RFC 950 has the inherent rationale(Section 2.3) for embedding this option in icmp.
Using nemesis the solution can be seen in action outright.
@SOURCE_MACHINE>/usr/local/bin/nemesis icmp -qM -i 17 -m 0 -S 129.158.224.205 -D 129.158.224.182 -H 0:3:ba:4e:40:44 -M 00:03:ba:5b:8f:5d
ICMP Packet Injected
@SOURCE_MACHINE>snoop icmp
Using device /dev/eri (promiscuous mode)
SOURCE_MACHINE -> DESTINATION_MACHINE ICMP Address mask request
DESTINATION_MACHINE -> SOURCE_MACHINE ICMP Address mask reply (Mask = 0xffffff00)
^C@SOURCE_MACHINE>
Thursday, October 18, 2007
My failed experiment to detect nodes in Promiscious mode.
Basic Prerequisites: Promiscuous mode,ARP, ICMP and Packet Injection.
Problem:
========
The decision to accept/drop the network packets is controlled by the Network Interface Card(NIC). NIC filters out the desired packets which system is entitled to recieve. However by setting the NIC to promiscuous mode the sniffing application receives packets regardless of the system being the intended destination. Sniffing is a difficult problem to acertain as it does not interfere with the network traffic, leaving no digital traces to track.
My Approach in theory
=====================
A “dynamic” protocol like Address Resolution Protocol (ARP) can be leveraged to detect the sniffing host. This protocol works alongside the Internet Protocol(IP) in Layer 3. On account of this ARP's operation occurs automatically in the background, without concern to the application user.
ARP works by sending an address request and collecting the response to create its mapping of addresses. The hardware addresses are only needed for hosts on the local network. At the lowest level, the Ethernet driver needs the hardware address of the remote system to which it will send a packet. When it does not have that address, it “broadcasts” a request for the missing address. This request, called an “ARP request”, contains the IP address of the host in question and is sent to all systems on the local network. A system may respond with a reply, called an “ARP reply”, which contains the host IP address and hardware address. The response received is used to build a table of IP addresses and hardware addresses.
Another feature of the protocol is called “gratuitous ARP”. This occurs when a host broadcasts an ARP request for its own hardware address. A Solaris system does this at boot time. It is used to detect if another system is using its IP address, indicating a misconfigured system. The other use of gratuitous ARP is to send updated
hardware address information. Systems that receive requests like this will automatically update the hardware address information for that host.
ARP by default uses BROADCAST method to get the destination MAC address. The idea here is to craft an ARP packet with the destination address being a non-BROADCAST address with a specific target IP address. If the NIC is in non-promiscuous mode, the packet is ignored and after the specified TTL no response is got back. However if the node with the corresponding IP address is in promiscuous mode, a prompt response is given by the sniffing host as the packet is percolated to the higher layers.
Using a handcrafted packet like ICMP with appropriate fields can induce the same effect.
References
----------
-Defeating Sniffers and Intrusion Detection Systems
http://www.phrack.com/issues.html?issue=54&id=10#article
-Plummer, Dave. An Ethernet Address Resolution Protocol, RFC 826, Network
Information Center, SRI International, Menlo Park, CA., November 1982.
- Interetworking with TCP/IP VolumeII Design,Implementation and Internals. Douglas E. Comer/David L. Stevens
-Solaris Operating Environment Network Settings for Security , By Alex Noordergraaf and KeithWatson
http://www.sun.com/blueprints/1299/network.pdf
The Reality ( Getting the hands dirty )
=======================================
Destination Machine
===================
@SOURCE-MACHINE>ping DESTINATION-MACHINE
DESTINATION-MACHINE is alive
@ SOURCE-MACHINE>arp -a | grep DESTINATION-MACHINE
eri0 DESTINATION-MACHINE 255.255.255.255 00:03:ba:5b:8f:5d
@SOURCE-MACHINE>ping -s !$
ping -s DESTINATION-MACHINE
PING DESTINATION-MACHINE: 56 data bytes
64 bytes from DESTINATION-MACHINE (129.158.224.182): icmp_seq=0. time=1.26 ms
64 bytes from DESTINATION-MACHINE (129.158.224.182): icmp_seq=1. time=0.920 ms
^C
----DESTINATION-MACHINE PING Statistics----
2 packets transmitted, 2 packets received, 0% packet loss
round-trip (ms) min/avg/max/stddev = 0.920/1.09/1.26/0.24
@SOURCE-MACHINE>
Source Machine
===================
@SOURCE-MACHINE>hostname
SOURCE-MACHINE
@SOURCE-MACHINE>ifconfig -a
lo0: flags=2001000849 mtu 8232 index 1
inet 127.0.0.1 netmask ff000000
eri0: flags=1000843 mtu 1500 index 2
inet 129.158.224.205 netmask ffffff00 broadcast 129.158.224.255
ether 0:3:ba:4e:40:44
Packet Injection
=================
@SOURCE-MACHINE>/usr/local/bin/nemesis icmp -S 129.158.224.205 -D 129.158.224.182 -H 0:3:ba:4e:40:44 -M 00:03:ba:5b:8f:5d
ICMP Packet Injected
@SOURCE-MACHINE>
@SOURCE-MACHINE>snoop icmp
SOURCE-MACHINE -> DESTINATION-MACHINE ICMP Echo request (ID: 15815 Sequence number: 46167)
DESTINATION-MACHINE -> SOURCE-MACHINE ICMP Echo reply (ID: 15815 Sequence number: 46167)
Now sending a wrong MAC address to Destination ( last letter changed from d to e )
@SOURCE-MACHINE>/usr/local/bin/nemesis icmp -S 129.158.224.205 -D 129.158.224.182 -H 0:3:ba:4e:40:44 -M 00:03:ba:5b:8f:5e
ICMP Packet Injected
@SOURCE-MACHINE>snoop icmp
Using device /dev/eri (promiscuous mode)
SOURCE-MACHINE -> DESTINATION-MACHINE ICMP Echo request (ID: 12112 Sequence number: 10553)
Interesting thing to note was that the Packet was seen in the snoop output on DESTINATION-MACHINE but was not replied.
There goes the failed experiment. Reality turns out to be different than the assumed theory. Digging further as to how snoop manages to get a snapshot of the packet and not process the packet.
Problem:
========
The decision to accept/drop the network packets is controlled by the Network Interface Card(NIC). NIC filters out the desired packets which system is entitled to recieve. However by setting the NIC to promiscuous mode the sniffing application receives packets regardless of the system being the intended destination. Sniffing is a difficult problem to acertain as it does not interfere with the network traffic, leaving no digital traces to track.
My Approach in theory
=====================
A “dynamic” protocol like Address Resolution Protocol (ARP) can be leveraged to detect the sniffing host. This protocol works alongside the Internet Protocol(IP) in Layer 3. On account of this ARP's operation occurs automatically in the background, without concern to the application user.
ARP works by sending an address request and collecting the response to create its mapping of addresses. The hardware addresses are only needed for hosts on the local network. At the lowest level, the Ethernet driver needs the hardware address of the remote system to which it will send a packet. When it does not have that address, it “broadcasts” a request for the missing address. This request, called an “ARP request”, contains the IP address of the host in question and is sent to all systems on the local network. A system may respond with a reply, called an “ARP reply”, which contains the host IP address and hardware address. The response received is used to build a table of IP addresses and hardware addresses.
Another feature of the protocol is called “gratuitous ARP”. This occurs when a host broadcasts an ARP request for its own hardware address. A Solaris system does this at boot time. It is used to detect if another system is using its IP address, indicating a misconfigured system. The other use of gratuitous ARP is to send updated
hardware address information. Systems that receive requests like this will automatically update the hardware address information for that host.
ARP by default uses BROADCAST method to get the destination MAC address. The idea here is to craft an ARP packet with the destination address being a non-BROADCAST address with a specific target IP address. If the NIC is in non-promiscuous mode, the packet is ignored and after the specified TTL no response is got back. However if the node with the corresponding IP address is in promiscuous mode, a prompt response is given by the sniffing host as the packet is percolated to the higher layers.
Using a handcrafted packet like ICMP with appropriate fields can induce the same effect.
References
----------
-Defeating Sniffers and Intrusion Detection Systems
http://www.phrack.com/issues.html?issue=54&id=10#article
-Plummer, Dave. An Ethernet Address Resolution Protocol, RFC 826, Network
Information Center, SRI International, Menlo Park, CA., November 1982.
- Interetworking with TCP/IP VolumeII Design,Implementation and Internals. Douglas E. Comer/David L. Stevens
-Solaris Operating Environment Network Settings for Security , By Alex Noordergraaf and KeithWatson
http://www.sun.com/blueprints/1299/network.pdf
The Reality ( Getting the hands dirty )
=======================================
Destination Machine
===================
@SOURCE-MACHINE>ping DESTINATION-MACHINE
DESTINATION-MACHINE is alive
@ SOURCE-MACHINE>arp -a | grep DESTINATION-MACHINE
eri0 DESTINATION-MACHINE 255.255.255.255 00:03:ba:5b:8f:5d
@SOURCE-MACHINE>ping -s !$
ping -s DESTINATION-MACHINE
PING DESTINATION-MACHINE: 56 data bytes
64 bytes from DESTINATION-MACHINE (129.158.224.182): icmp_seq=0. time=1.26 ms
64 bytes from DESTINATION-MACHINE (129.158.224.182): icmp_seq=1. time=0.920 ms
^C
----DESTINATION-MACHINE PING Statistics----
2 packets transmitted, 2 packets received, 0% packet loss
round-trip (ms) min/avg/max/stddev = 0.920/1.09/1.26/0.24
@SOURCE-MACHINE>
Source Machine
===================
@SOURCE-MACHINE>hostname
SOURCE-MACHINE
@SOURCE-MACHINE>ifconfig -a
lo0: flags=2001000849
inet 127.0.0.1 netmask ff000000
eri0: flags=1000843
inet 129.158.224.205 netmask ffffff00 broadcast 129.158.224.255
ether 0:3:ba:4e:40:44
Packet Injection
=================
@SOURCE-MACHINE>/usr/local/bin/nemesis icmp -S 129.158.224.205 -D 129.158.224.182 -H 0:3:ba:4e:40:44 -M 00:03:ba:5b:8f:5d
ICMP Packet Injected
@SOURCE-MACHINE>
@SOURCE-MACHINE>snoop icmp
SOURCE-MACHINE -> DESTINATION-MACHINE ICMP Echo request (ID: 15815 Sequence number: 46167)
DESTINATION-MACHINE -> SOURCE-MACHINE ICMP Echo reply (ID: 15815 Sequence number: 46167)
Now sending a wrong MAC address to Destination ( last letter changed from d to e )
@SOURCE-MACHINE>/usr/local/bin/nemesis icmp -S 129.158.224.205 -D 129.158.224.182 -H 0:3:ba:4e:40:44 -M 00:03:ba:5b:8f:5e
ICMP Packet Injected
@SOURCE-MACHINE>snoop icmp
Using device /dev/eri (promiscuous mode)
SOURCE-MACHINE -> DESTINATION-MACHINE ICMP Echo request (ID: 12112 Sequence number: 10553)
Interesting thing to note was that the Packet was seen in the snoop output on DESTINATION-MACHINE but was not replied.
There goes the failed experiment. Reality turns out to be different than the assumed theory. Digging further as to how snoop manages to get a snapshot of the packet and not process the packet.
Thursday, October 04, 2007
Getting the Kth smallest element in two Sorted Lists
Problem
--------
Let A and B be two sorted arrays. The intent is to find the kth smallest number in the union of the two lists.
Sounds Simple, but the catch is to get it done with a better time complexity than O(size(A) + size(B)).
I now have the solution which works with O(log(size(A) + size(B)), but i gave a crappy solution to my friend who gave me this puzzle. I used the intuitive, 2 pointer solution. Dont fall for it.
--------
Let A and B be two sorted arrays. The intent is to find the kth smallest number in the union of the two lists.
Sounds Simple, but the catch is to get it done with a better time complexity than O(size(A) + size(B)).
I now have the solution which works with O(log(size(A) + size(B)), but i gave a crappy solution to my friend who gave me this puzzle. I used the intuitive, 2 pointer solution. Dont fall for it.
Tuesday, October 02, 2007
Implementing a queue with 2 Stacks
Interesting, but intuitive question.
My Solution:-
//QueueWith2Stacks.java
import java.util.Stack;
public class QueueWith2Stacks {
Stack< Object> insertStack=new Stack< Object>();
Stack< Object> popStack=new Stack< Object>();
void enqueue(Object element){
insertStack.push(element);
}
Object dequeue(){
if(popStack.empty()&& insertStack.empty())
return(null);
if(popStack.empty())//This is the only interesting part about it.
while(!insertStack.empty())
popStack.push(insertStack.pop());
return(popStack.pop());
}
void display(){
System.out.println(popStack.toString()+insertStack.toString());
}
}
My Solution:-
//QueueWith2Stacks.java
import java.util.Stack;
public class QueueWith2Stacks {
Stack< Object> insertStack=new Stack< Object>();
Stack< Object> popStack=new Stack< Object>();
void enqueue(Object element){
insertStack.push(element);
}
Object dequeue(){
if(popStack.empty()&& insertStack.empty())
return(null);
if(popStack.empty())//This is the only interesting part about it.
while(!insertStack.empty())
popStack.push(insertStack.pop());
return(popStack.pop());
}
void display(){
System.out.println(popStack.toString()+insertStack.toString());
}
}
Sunday, August 12, 2007
Configuring SSO
After analyzing JOSSO and CAS as candidates for SSO , the JOSSO implementation seems very promising.
What is SSO ?
Josso
-----
Positives
--------------------
1) Just works. Can easily embed my application to the SSO framework.
2) Out-of-the box seem less integration with custom made tomcat. Inbuilt SSL configurations.
3) To-Do steps
i) Download Josso tomcat
ii) Refer to http://www.josso.org/tomcat55-howto.html
iii) JAVA_OPTS=-Djava.security.auth.login.config=..\conf\jaas.conf (Spent a romantic night for this. Had to write it )
iv) For getting the login data from the DB refer to this
Negatives
--------------------
1) Pathetic Docs
2) In-active community.
CAS
---
I could not get CAS working on my system. I know it works, but somehow the jigsaw is not complete. The community is very active and vibrant.Updated wiki . Let me know if anyone gets it working.
What is SSO ?
Josso
-----
Positives
--------------------
1) Just works. Can easily embed my application to the SSO framework.
2) Out-of-the box seem less integration with custom made tomcat. Inbuilt SSL configurations.
3) To-Do steps
i) Download Josso tomcat
ii) Refer to http://www.josso.org/tomcat55-howto.html
iii) JAVA_OPTS=-Djava.security.auth.login.config=..\conf\jaas.conf (Spent a romantic night for this. Had to write it )
iv) For getting the login data from the DB refer to this
Negatives
--------------------
1) Pathetic Docs
2) In-active community.
CAS
---
I could not get CAS working on my system. I know it works, but somehow the jigsaw is not complete. The community is very active and vibrant.Updated wiki . Let me know if anyone gets it working.
Monday, June 11, 2007
Is this implementation of select() syscall in Linux correct?
Here is the code
linuxMachine:/tmp # uname -a
Linux linuxMachine 2.4.21-309.PTF.97199.1-smp #1 SMP Mon Jul 24 12:20:00 UTC 2006 i686 unknown
linuxMachine:/tmp # cat testSelectCall.c
#include "stdio.h"
#include "sys/time.h"
#include "sys/types.h"
#include "unistd.h"
int
main(void) {
fd_set rfds;
struct timeval tv;
int retval;
FD_ZERO(&rfds);
FD_SET(0, &rfds);
tv.tv_sec = 5;
tv.tv_usec = 0;
retval = select(1, &rfds, NULL, NULL, &tv);
/* Here is the tricky part! */
printf("tv.tv_sec=%i\n",tv.tv_sec);
printf("tv.tv_usec=%i\n",tv.tv_usec);
if (retval)
printf("Data is available now.\n");
else
printf("No data within five seconds.\n");
return 0;
}
linuxMachine:/tmp # !gcc
gcc testSelectCall.c
linuxMachine:/tmp # !time
time ./a.out
tv.tv_sec=0
tv.tv_usec=0
No data within five seconds.
real 0m5.000s
user 0m0.000s
sys 0m0.000s
linuxMachine:/tmp #
On a solaris box
solarisBox>uname -a
SunOS solarisBox 5.10 Generic_118835-02 sun4u sparc SUNW,Sun-Blade-100
solarisBox>gcc testSelectCall.c
solarisBox>!time
time ./a.out
tv.tv_sec=5
tv.tv_usec=0
No data within five seconds.
real 0m5.025s
user 0m0.003s
sys 0m0.010s
solarisBox>
Man Page has the following description
man 2 select
Some code calls select with all three sets empty, n zero, and a non-null
timeout as a fairly portable way to sleep with subsecond precision.
On Linux, the function select modifies timeout to reflect the amount of
time not slept; most other implementations do not do this. This causes
problems both when Linux code which reads timeout is ported to other
operating systems, and when code is ported to Linux that reuses a struct
timeval for multiple selects in a loop without reinitializing it. Con�
sider timeout to be undefined after select returns.
linuxMachine:/tmp # uname -a
Linux linuxMachine 2.4.21-309.PTF.97199.1-smp #1 SMP Mon Jul 24 12:20:00 UTC 2006 i686 unknown
linuxMachine:/tmp # cat testSelectCall.c
#include "stdio.h"
#include "sys/time.h"
#include "sys/types.h"
#include "unistd.h"
int
main(void) {
fd_set rfds;
struct timeval tv;
int retval;
FD_ZERO(&rfds);
FD_SET(0, &rfds);
tv.tv_sec = 5;
tv.tv_usec = 0;
retval = select(1, &rfds, NULL, NULL, &tv);
/* Here is the tricky part! */
printf("tv.tv_sec=%i\n",tv.tv_sec);
printf("tv.tv_usec=%i\n",tv.tv_usec);
if (retval)
printf("Data is available now.\n");
else
printf("No data within five seconds.\n");
return 0;
}
linuxMachine:/tmp # !gcc
gcc testSelectCall.c
linuxMachine:/tmp # !time
time ./a.out
tv.tv_sec=0
tv.tv_usec=0
No data within five seconds.
real 0m5.000s
user 0m0.000s
sys 0m0.000s
linuxMachine:/tmp #
On a solaris box
solarisBox>uname -a
SunOS solarisBox 5.10 Generic_118835-02 sun4u sparc SUNW,Sun-Blade-100
solarisBox>gcc testSelectCall.c
solarisBox>!time
time ./a.out
tv.tv_sec=5
tv.tv_usec=0
No data within five seconds.
real 0m5.025s
user 0m0.003s
sys 0m0.010s
solarisBox>
Man Page has the following description
man 2 select
Some code calls select with all three sets empty, n zero, and a non-null
timeout as a fairly portable way to sleep with subsecond precision.
On Linux, the function select modifies timeout to reflect the amount of
time not slept; most other implementations do not do this. This causes
problems both when Linux code which reads timeout is ported to other
operating systems, and when code is ported to Linux that reuses a struct
timeval for multiple selects in a loop without reinitializing it. Con�
sider timeout to be undefined after select returns.
Monday, June 04, 2007
Microsoft announces surface
I am sure, many are aware of it. In case you haven't then check this out
http://www.microsoft.com/surface/
http://www.microsoft.com/surface/
Wednesday, May 30, 2007
Getting shell script variable values
Here is the problem
bash-2.05# cat test1.sh
ATM_PIN="123"
echo "Environment variables" > out.log
env >> out.log
echo $ATM_PIN
bash-2.05# sh test1.sh
123
bash-2.05# cat out.log |grep -i atm
bash-2.05#
While debugging a shell script, if the values of the variables are required in an intermittent state of the shell script execution use the -a option.
bash-2.05# sh -a test1.sh
123
bash-2.05# cat out.log |grep -i atm
ATM_PIN=123
bash-2.05#
bash-2.05# cat test1.sh
ATM_PIN="123"
echo "Environment variables" > out.log
env >> out.log
echo $ATM_PIN
bash-2.05# sh test1.sh
123
bash-2.05# cat out.log |grep -i atm
bash-2.05#
While debugging a shell script, if the values of the variables are required in an intermittent state of the shell script execution use the -a option.
bash-2.05# sh -a test1.sh
123
bash-2.05# cat out.log |grep -i atm
ATM_PIN=123
bash-2.05#
Thursday, May 17, 2007
Configuring rsh service on Linux
By default the rsh service is not enabled (obviously).
So here are the steps
1. Check if the rpms are installed. (else use the cd's to install)
redhat# rpm -qa|grep rsh
rsh-server-0.17-25.4
rsh-0.17-25.4
redhat#
2. In /etc/xinetd.d/rsh set disable = no
3. Edit the following files
redhat# cat /etc/hosts.allow
#
# hosts.allow This file describes the names of the hosts which are
# allowed to use the local INET services, as decided
# by the '/usr/sbin/tcpd' server.
#
ALL : localhost/hostA
redhat# cat /etc/hosts.equiv
localhost
redhat# cat .rhosts
+ user1
4. /etc/init.d/xinetd restart
5. Test the above
redhat# rsh localhost
redhat#
//password less login to remote machine
Disclaimer: more secure services like ssh are recommended than services like rsh.
So here are the steps
1. Check if the rpms are installed. (else use the cd's to install)
redhat# rpm -qa|grep rsh
rsh-server-0.17-25.4
rsh-0.17-25.4
redhat#
2. In /etc/xinetd.d/rsh set disable = no
3. Edit the following files
redhat# cat /etc/hosts.allow
#
# hosts.allow This file describes the names of the hosts which are
# allowed to use the local INET services, as decided
# by the '/usr/sbin/tcpd' server.
#
ALL : localhost/hostA
redhat# cat /etc/hosts.equiv
localhost
redhat# cat .rhosts
+ user1
4. /etc/init.d/xinetd restart
5. Test the above
redhat# rsh localhost
redhat#
//password less login to remote machine
Disclaimer: more secure services like ssh are recommended than services like rsh.
Sunday, April 29, 2007
Having a private snmp number for ones organization ..... No fee invovled
http://pen.iana.org/pen/PenApplication.page
Friday, March 30, 2007
How does one sort the files based on size in Unix ???
Again elementary but not used much
ls does not give an option to sort the files based on file sizes. (some os have -S option not sure which)
Here is a way to do it in a very generic way
bash-2.05# ls -hl /tmp/a.out /tmp/test.c |sort -k 4 -n
-rw-r--r-- 1 root other 0 Mar 30 21:41 /tmp/a.out
-rw-r--r-- 1 root other 108 Mar 29 11:49 /tmp/test.c
sort -k does the trick. So position can be any column in the output.
For more details man sort
ls does not give an option to sort the files based on file sizes. (some os have -S option not sure which)
Here is a way to do it in a very generic way
bash-2.05# ls -hl /tmp/a.out /tmp/test.c |sort -k 4 -n
-rw-r--r-- 1 root other 0 Mar 30 21:41 /tmp/a.out
-rw-r--r-- 1 root other 108 Mar 29 11:49 /tmp/test.c
sort -k
For more details man sort
Wednesday, March 28, 2007
Debugging tomcat applications using IDE's
Problem:
You have deployed your war file into tomcat. You have the source code, but you cannot innitate a DEBUG from the IDE(Eclipse or Netbeans). How does one debug?
Solution:
Run tomcat in DEBUG mode
WINDOWS
EDIT %CATALINA_HOME%/bin/catalina.bat
set JAVA_OPTS=-Xdebug -Xrunjdwp:server=y,transport=dt_socket,address=3091,suspend=n
UNIX
EDIT $CATALINA_HOME/bin/catalina.sh
JAVA_OPTS=-Xdebug -Xrunjdwp:server=y,transport=dt_socket,address=3091,suspend=n
Restarting tomcat will render it in debug mode listening on port 3091.
Now in your favourite IDE have the REMOTE DEBUGGING listening on port 3091.
Then the course is normal, place breakpoints in your code and trace for possible bugs.
You have deployed your war file into tomcat. You have the source code, but you cannot innitate a DEBUG from the IDE(Eclipse or Netbeans). How does one debug?
Solution:
Run tomcat in DEBUG mode
WINDOWS
EDIT %CATALINA_HOME%/bin/catalina.bat
set JAVA_OPTS=-Xdebug -Xrunjdwp:server=y,transport=dt_socket,address=3091,suspend=n
UNIX
EDIT $CATALINA_HOME/bin/catalina.sh
JAVA_OPTS=-Xdebug -Xrunjdwp:server=y,transport=dt_socket,address=3091,suspend=n
Restarting tomcat will render it in debug mode listening on port 3091.
Now in your favourite IDE have the REMOTE DEBUGGING listening on port 3091.
Then the course is normal, place breakpoints in your code and trace for possible bugs.
Wednesday, March 14, 2007
Partitioning in postgres
Partioning is useful to drop group of data in a table in bulk. In most cases year old data is purged on a regular basis by an application. Partitions are a useful design design to manage the data.
create table master (i int);
create table slave1 ( CHECK ( i > 0 AND i <> 10 AND i <> 20 AND i < postgres="#"> 0 AND i <> 10 AND i <> 20 AND i < 30) ) inherits (master);
postgres=# insert into master values(5);
INSERT 0 1
postgres=# insert into master values(15);
INSERT 0 1
postgres=# insert into master values(25);
INSERT 0 1
postgres=# select * from master;
i
----
15
25
5
(3 rows)
postgres=# select * from slave1;
i
---
5
(1 row)
postgres=# select * from slave2;
i
---
15
(1 rows)
postgres=# select * from slave3;
i
---
25
(1 rows)
Note: Copy command of postres does not copy the rules associated with the table. So to make sure the rules are reflected, create partitions as a trigger.
Also here is an interesting thing
postgres=# update master set i=15 where i=5;
ERROR: new row for relation "slave1" violates check constraint "slave1_i_check"
This says it all
create table master (i int);
create table slave1 ( CHECK ( i > 0 AND i <> 10 AND i <> 20 AND i < postgres="#"> 0 AND i <> 10 AND i <> 20 AND i < 30) ) inherits (master);
postgres=# insert into master values(5);
INSERT 0 1
postgres=# insert into master values(15);
INSERT 0 1
postgres=# insert into master values(25);
INSERT 0 1
postgres=# select * from master;
i
----
15
25
5
(3 rows)
postgres=# select * from slave1;
i
---
5
(1 row)
postgres=# select * from slave2;
i
---
15
(1 rows)
postgres=# select * from slave3;
i
---
25
(1 rows)
Note: Copy command of postres does not copy the rules associated with the table. So to make sure the rules are reflected, create partitions as a trigger.
Also here is an interesting thing
postgres=# update master set i=15 where i=5;
ERROR: new row for relation "slave1" violates check constraint "slave1_i_check"
This says it all
Saturday, March 03, 2007
Effective JDBC
JDBC supports connection pooling, which essentially involves keeping open a cache of database connection objects and making them available for immediate use for any application that requests a connection. Instead of performing expensive network roundtrips to the database server, a connection attempt results in the re-assignment of a connection from the local cache to the application. When the application disconnects, the physical tie to the database server is not severed, but instead, the connection is placed back into the cache for immediate re-use, substantially improving data access performance.
To get more of it checkout these links
http://java.sun.com/developer/onlineTraining/Programming/JDCBook/conpool.html
http://dev.mysql.com/tech-resources/articles/connection_pooling_with_connectorj.html
From my limited research, I understand tomcat implements connection pool by default.
Here is the link taking at length about it http://www.javapractices.com/Topic75.cjp
Also during the research came up with this nice article by the Martin Fowler talking about the design decisions of allowing certain business logic in the database rather than handling them exclusively in the application software (esp things like orderby, filtering tools (WHERE,LIKE etc))
Here's the link
http://www.martinfowler.com/articles/dblogic.html
This was typically the point made by the oracle database legend Tom Kyte in the article JDBC : SQL vs PL/SQL, Which performs better
Simple anology(not entrirely a perfect analogy) ,
when we know we need to grep for say automountd process to just know the pid of the process
instead of ps -aef|grep auto
a simple ps -a -o comm,pid|grep auto
will be more effective.
This design problem is tackled at across various layers. A simple typical case is the OS, where we typically end up getting huge data( say in truss or ps output), there after prunning the processed(cpu) data using grep,awk like utilities. A tool which stops from generating the unwanted data from being generated always scores over the basic tools we use.
To get more of it checkout these links
http://java.sun.com/developer/onlineTraining/Programming/JDCBook/conpool.html
http://dev.mysql.com/tech-resources/articles/connection_pooling_with_connectorj.html
From my limited research, I understand tomcat implements connection pool by default.
Here is the link taking at length about it http://www.javapractices.com/Topic75.cjp
Also during the research came up with this nice article by the Martin Fowler talking about the design decisions of allowing certain business logic in the database rather than handling them exclusively in the application software (esp things like orderby, filtering tools (WHERE,LIKE etc))
Here's the link
http://www.martinfowler.com/articles/dblogic.html
This was typically the point made by the oracle database legend Tom Kyte in the article JDBC : SQL vs PL/SQL, Which performs better
Simple anology(not entrirely a perfect analogy) ,
when we know we need to grep for say automountd process to just know the pid of the process
instead of ps -aef|grep auto
a simple ps -a -o comm,pid|grep auto
will be more effective.
This design problem is tackled at across various layers. A simple typical case is the OS, where we typically end up getting huge data( say in truss or ps output), there after prunning the processed(cpu) data using grep,awk like utilities. A tool which stops from generating the unwanted data from being generated always scores over the basic tools we use.
Friday, March 02, 2007
How to know the current process state
This one feature though trivial will be thoughly learnt on a need basis.
When we need to find out what is the current state of a process is (aka Running(R), Sleeping(S), Stopped(T),Zombie(Z) etc), we can use the ps command effectively.
Here is the basic setup
test@shantanu>more simple1.c
#include
int main()
{
int i=0;
printf("Waiting for a console output\n");
scanf("%d",&i);
return(0);
}
test@shantanu>gcc simple1.c -o simple1
test@shantanu>./simple1
Waiting for a console output
........///No input is yet given
In another terminal run
test@shantanu>ps -a -o comm -o s|grep simple1
./simple1 S
So the process is currently sleeping for my input.
All the state changes hereafter can be observed independently.
When we need to find out what is the current state of a process is (aka Running(R), Sleeping(S), Stopped(T),Zombie(Z) etc), we can use the ps command effectively.
Here is the basic setup
test@shantanu>more simple1.c
#include
int main()
{
int i=0;
printf("Waiting for a console output\n");
scanf("%d",&i);
return(0);
}
test@shantanu>gcc simple1.c -o simple1
test@shantanu>./simple1
Waiting for a console output
........///No input is yet given
In another terminal run
test@shantanu>ps -a -o comm -o s|grep simple1
./simple1 S
So the process is currently sleeping for my input.
All the state changes hereafter can be observed independently.
Tuesday, February 27, 2007
core file generation
Got to know this interesting bit today
By default in solaris core dump occurs when an application misbehaves(say segmentation fault).
But in linux the default core dumping is disabled.
Using ulimit command one can turn on this feature.
Just enable the application to core dump by
$>ulimit -c unlimited
For more on this refer to
http://www.novell.com/coolsolutions/feature/16257.html
By default in solaris core dump occurs when an application misbehaves(say segmentation fault).
But in linux the default core dumping is disabled.
Using ulimit command one can turn on this feature.
Just enable the application to core dump by
$>ulimit -c unlimited
For more on this refer to
http://www.novell.com/coolsolutions/feature/16257.html
Friday, February 23, 2007
Amazon turks now in Indian rupees
Amazon turk now renders Indian rupee transaction. Check it out
http://www.mturk.com/mturk/welcome
http://www.mturk.com/mturk/welcome
Saturday, February 10, 2007
Sun Tech days in Hyderabad
Tuesday, February 06, 2007
Continuations in java
Continuation is an object that represents the execution state of a program at a certain point. We can use continuation to restart the execution from the point stored in it.
One area that has seen practical use of continuations is in web programming
Check out an enumeration here
One area that has seen practical use of continuations is in web programming
Check out an enumeration here
Subscribe to:
Posts (Atom)
