Currently our users have to enter http://biglongservername:9000/sonar in order to access our site. Can it be configured to correspond to http://sonar? Our DNS guys say that can't do any more than change the CNAME so that pinging "sonar" takes you to biglongservername.domainname.org, which doesn't help our users much, but might be a start. Is this possible?
There are 3 parts to this:
DNS configuration to alias http://biglongservername to http://sonar. Your DNS guys have already said they can make this happen for you, so take them up on it. The address becomes http://sonar:9000/sonar
Dropping the :9000 from the address. This is a matter of SonarQube configuration. In $SONARQUBE_HOME/conf/sonar.properties, set sonar.web.port to 80, the default port. Restart. The address becomes http://sonar/sonar
Dropping the "/sonar" from the end of the address. This is again a matter of configuration. In $SONARQUBE_HOME/conf/sonar.properties (yes, the same file) comment out sonar.web.context. Restart. The address becomes http://sonar.
Note that I would test each of these steps before moving on to the next one. And while step #1 can happen transparently to your users, they will certainly notice steps #2 and #3. You may want to set up a brief outage window.
Related
I have a syslog server, but I need to find out the URL that has been used to reach my server. For example I have syslog1.example.com and syslog2.example.com, both of which hit the same server, then in the conf file I will filter which URL was set and update a database field based on this value.
I have added fields to the database and using the conf file I am able to manipulate the request, but I need the referer URl. Does anyone have any idea how I can get this.
Obviously I have managed everything else, but have tried little towards this part of the task as I need to know if it is possible and my searches are bringing up results based on Curl which is not what I need. If anyone knows how I can get the URL, it would be most appreciated.
Update
I have a device which has busybox and syslogd installed. I am able to set an address on the device for the syslog, for example 1.1.1.1:514. But I am not able to do anymore on the device other than this.
I have for example 100 devices, 50 are type A and 50 are type B. The issue is that when using 1.1.1.1:514 in every device as the syslog server address, when receiving the device information on the remote syslog server I am unable to differentiate whether the device is type A or type B.
I have the following solution in mind, although there may be another way to achieve this. If I create two subdomains and point them to the same address, ie typea.example.com and typeb.example.com, then in theory in devices with a type A I will set the remote syslog address to typea.example.com:514 and for type B, typeb.example.com:514. Both of these subdomains will point to 1.1.1.1, therefore the syslog information is now being received by devices of Type A and devices of Type B.
I need to now figure out how to in the syslog.conf on the remote server, find out whether the information was received by a device using typea.example.com or typeb.example.com.
The server does not have apache installed etc, however, in PHP for example we can use $_SERVER and normally I would be able to retrieve this information from, $_SERVER['HTTP_HOST']. Is there any way to do this in the syslog.conf on the remote syslog server.
As mentioned this is one solution I have in mind and it may not be the only one. Syslog is new to me and I am currently wrapping my head around this. From what I understand rather than variable or parameters, syslog uses macros. None of the macros provided seem to give me the information I need.
I know I can also set the syslog by doing say
syslogd -R 1.1.1.1:514
Is there anyway here I can include further information for example:
syslogd -R 1.1.1.1:514 type=a
Then I could say use $TYPE to get the value or alternatively add a custom header with the syslog.
As you can likely tell I am racking my brains for solutions and hitting brick walls. Any solution or docs that may point me in the right direction would be greatly appreciated.
Final point would be to mention I am also looking at redirecting the syslog info to a PHP script or a C (I'll say script but I know I am wrong) in order to vet the information there and then insert into the DB.
Quite simply I need a way to differentiate by type A or type B. Hopefully this clears matters up and these are not just the ramblings of a mad man.
How can I find the number of "active sessions" in my OpenERP server ?
I'm aware that "active sessions" is not an exact concept here, but overall what I would like to be aware of is the level of usage stress the server is being subject to, and comparing that to the OS resources being dedicated to the process.
I added a small amount of logging code to the server to trace the user id, model, and a few other parameters for each request that came through. You need to be careful not to record anything sensitive like passwords, and you should be careful that your tracing doesn't add a significant load to the server. You can see the tracing code we added to OpenERP 5 on launchpad.
If you don't need the same level of detail, it would probably add less load to use a network sniffer to count connections to OpenERP's port, as described in this question.
I'm writing a web crawler for academic research. This crawler makes millions of requests that I want to distribute over ten or so IP addresses.
My machine has one IP address already. I can get a second by using Tor. Can I get even more IP addresses out of Tor? Here are ideas (and questions surrounding them) that I have for doing this
Run multiple instances of Tor; each provides an IP address. (But will Tor map more than one or two anonymized IP addresses to my machine?)
Run one instance but for each request change its identity. (But will Tor rate-limit this behavior, as mentioned here?)
Would either of these ideas work, or do the bits in parentheses make them fail? Any other ideas?
Tor relays have rate limits. NEWNYM is limited to 5 second intervals.
If they're not fast enough, a willing botnet or app engine should work.
I was wondering how the windows host-name resolution system works.
More precisely I wonder about the use, or lack thereof, of local caching in the process.
According to Microsoft TCP/IP Host Name Resolution Order, the process is as follows:
The client checks to see if the name queried is its own.
The client then searches a local Hosts file, a list of IP address and names stored on the local computer.
Domain Name System (DNS) servers are queried.
If the name is still not resolved, NetBIOS name resolution sequence is used as a backup. This order can be changed by configuring the NetBIOS node type of the client.
What I was wondering is, whether stage (2) is cached in some way.
The sudden interest arose this last few days, as I installed a malware protection (SpyBot) that utilizes the HOSTS file. In fact, it is now 14K entries big, and counting...
The file is currently sorted according to host name, but this of course doesn't have to be.
lg(14K), means 14 steps through the file for each resolution request. These request probably arrive at a rate of a few every second, and usually to the same few hundred hosts (tops).
My view of how this should work is like this:
On system startup the windows DNS-resolution mechanism loads the HOSTS file a single time.
It commits a single iteration over it that sorts file. A working copy is loaded into memory.
The original HOSTS file, will not be further read throughout the resolution's process' life.
All network-processes (IE, Firefox, MSN...) work via this process/mechanism.
No other process directly interfaces/reads HOSTS file.
Upon receiving a name resolution request, the process check its memory-resident cache.
If it finds the proper IP then is answers appropriately.
Otherwise (it's not cached), the resolution process continues to the memory resident (sorted) HOSTS file, and does a quick binary search over it. From here on, the process continues as originally described.
The result of the resolution is cached for further use.
Though I am not sure as to the significance of these, I would really appreciate an answer.
I just want to see if my reasoning is right, and if not, why so?
I am aware that in this age of always-on PCs the cache must be periodically (or incrementally) purged. I ignore this for now.
In the DNS Client service (dnsrslvr) you can see a function called LoadHostFileIntoCache. It goes something like this:
file = HostsFile_Open(...);
if (file)
{
while (HostsFile_ReadLine(...))
{
Cache_RecordList(...);
...
}
HostsFile_Close(...);
}
So how does the service know when the hosts file has been changed? At startup a thread is created which executes NotifyThread, and it calls CreateHostsFileChangeHandle, which calls FindFirstChangeNotificationW to start monitoring the drivers\etc directory. When there's a change the thread clears the cache using Cache_Flush.
Your method does not work when the ip address of a known hostname is changed in hosts without adding or changing the name.
Technet says that the file will be loaded into the DNS client resolver cache.
IMO this is mostly irrelevant: A lookup in a local file (once its in the disk cache) will still be several orders of magnitude faster than asking the DNS servers of your ISP.
I don't think that each process maintains it's own cache. If there is a cache, it probably exists in the TCP/IP stack or kernel somewhere, and even then, only for a very short while.
I've had situations where I'll be tinkering around with my hosts file and then using the addresses in a web browser and it will update the resolved names without me having to restart the browser.
If,for example,The socket in my compiled application is designed to connect to 123.456.789.0.
How do I check if its connected to 123.456.789.0? Is there a way to do this?
The idea is this:I want to prevent other people editing my program and changing the address to,for example, 127.0.0.1 and make it connect through a proxy.
Is there any function/way/trick to check the address after the socket is connected?
Use the getpeername function to retrieve the address of the remote host.
If someone edits your program like you mention, they'll probably alter such a check as well though.
nos's comment about the insecurity of this approach is correct, but incomplete. You wouldn't even need to change the program's code to circumvent your proposed mechanism.
The easiest way around it would be to add an IP alias to one of the machine's network interfaces. Then a program can bind to that interface on the port your program connects to, and the OS's network stack will happily send connections to the attacker's local program, not your remote one.
So, now you say you want to know how to list the computer's interfaces so you can detect this sort of subversion. Your opponent counterattacks, launching your program as a sub-process of theirs after installing a Winsock hook that routes Winsock calls back through the parent process.
We then expect to find you asking how to read the executable code section of a particular DLL loaded into your process space, so you can check that the code is what you expect. Now your opponent drops the Winsock shim, switching to an NDIS layer filter, rewriting packets from your program right before they hit the NIC.
Next we find you looking for someone to tell how to list the drivers installed on a Windows system, so you can check that one of these filters isn't present. Your opponent thinks for about 6 seconds and decides to start screwing with packet routing, selecting one of at least three different attacks I can think of off the top of my head. (No, wait, four.)
I'm not a security expert. Yet, I've spent five minutes on this and already have your security beat seven different ways.
Are you doomed? Maybe, maybe not.
Instead of you coming up with fixes to the risks you can see, better to post a new question saying what it is you're trying to protect, and have the experts comment on risks and possible fixes. (Don't add it here. Your question is already answered, correctly, by nos. This is a different question.)
Security is hard. Expertise counts for far more in that discipline than in most other areas of computer science.