[ Site Home | Journal Home ]
I have completed the Open University course 'Introduction to Cyber Security'. Topics included threat landscape, authentication, malware, networking and communications security, cryptography, legal background, recovering from attacks and risk analysis & management.
I had some knowledge of this subject from work and education but it was nice to study this as a cohesive unit. There was an interesting mix of content including video, images, audio and text. The case studies, particularly those regarding how cyber criminals conducted their attacks, were fascinating.
I wanted to do the weekly tests for the course, so opted to pay for an upgrade to have the tests included. I got an overall mark of over 70% for the tests which meant I successfully passed the course.
posted at: 00:00 | path: /cryptography | permanent link to this entry
A very basic example with a very simple configuration, for further information see Debian Wiki and this informative post by Stuart Ellis
Install the following packages as a minimum (the Debian wiki also recommends installing 3 other packages (see ealier web link))
root@hal:~# apt-get install postgresql postgresql-client
Switch to the postgres user, create an account for an existing user, then create a database called basic_example
root@hal:~# su - postgres
postgres@hal:~$ createuser jamespk
postgres@hal:~$ createdb -O jamespk basic_example
As the user referenced in the above command, connect to the basic_example database and issue some basic SQL to create a table, insert two records, then run a basic select query. SQL sample courtesy of a YO Linux Tutorial
jamespk@hal:~$ psql basic_example
psql (9.4.9)
Type "help" for help.
basic_example=> create table employee (Name char(20),Dept char(20),jobTitle char(20));
CREATE TABLE
basic_example=> INSERT INTO employee VALUES ('Fred Flinstone','Quarry Worker','Rock Digger');
INSERT 0 1
basic_example=> INSERT INTO employee VALUES ('Wilma Flinstone','Finance','Analyst');
INSERT 0 1
basic_example=> select * from employee; name | dept | jobtitle
----------------------+----------------------+----------------------
Fred Flinstone | Quarry Worker | Rock Digger
Wilma Flinstone | Finance | Analyst
(2 rows)
A reminder of what port posgresql runs on and show which config file is being used:
root@hal:~# netstat -pnlt | grep postgres
tcp 0 0 127.0.0.1:5432 0.0.0.0:* LISTEN 948/postgres
tcp6 0 0 ::1:5432 :::* LISTEN 948/postgres
root@hal:~# su - postgres
postgres@hal:~$ psql
postgres=# show config_file;
------------------------------------------
/etc/postgresql/9.4/main/postgresql.conf
(1 row)
posted at: 00:00 | path: /postgresql | permanent link to this entry
Very informative day at PG Day UK in London on 5th July with many interesting talks.
A particular lightning talk from a database administrator (DBA) said he had a few queries from colleagues doing support & development, along the lines of "how can I speed up my queries" - a number of times the DBA said after some analysis, he found himself responding...
"...I looked at the tables in question, you should...create index MY_INDEX on
MY_TABLE(MY_COLUMN)
...ok?". The speaker then said something like - "I've said that so often I feel like having a t-shirt made with that on"
The \d
meta command should show existing indexes:
basic_example=# \d employee Table "public.employee" Column | Type | Modifiers ----------+---------------+----------- name | character(20) | dept | character(20) | jobtitle | character(20) | Indexes: "dept_index" btree (dept)
Obvious caveats for "creating indexes will increase performance" are:
EXPLAIN
on queries might be a useful starting point.posted at: 00:00 | path: /postgresql | permanent link to this entry
The Python Challenge is a website that sets a number of programming challenges to solve with Python. Each challenge/question has its own URL, the answer to which then forms part of another URL. After successfully answering a question you can access a wiki page where people offer their solutions. To see the solutions to the previous level, replace pc with pcc, i.e. go to: http://www.pythonchallenge.com/pcc/def/ocr.html. Some challenges involve more than one solution.
There are probably any number of ways to solve these, here is my initial pass through the challenges/questions 0 through to 5. With some challenges its a case of trial and error.
Image shows 2^38.
#challenge 0 pow(2,28)
#k->m #o->q #e->g
So, given the input i, transform to output o. The input i, is "g fmnc wms bgblr rpylqjyrc gr zw fylb. rfyrq ufyr amknsrcpq ypc dmp. bmgle gr gl zw fylb gq glcddgagclr ylb rfyr'q ufw rfgq rcvr gq qm jmle. sqgle qrpgle.kyicrpylq() gq pcamkkclbcb. lmu ynnjw ml rfc spj."
Hint see the title of the web page 'What about making trans?'. maketrans is a string method, from documentation 'Return a translation table suitable for passing to translate(), that will map each character in from into the character at the same position in to;"
"solution is i hope you didnt translate it by hand. thats what computers are for. doing it in by hand is inefficient and that's why this text is so long. using string.maketrans() is recommended. now apply on the url"The solution is jvvr://yyy.ravjqpejcnngpig.eqo/re/fgh/ocr.jvon
#!/usr/bin/env python #challenge 1 import string alpha=string.lowercase to_convert="g fmnc wms bgblr rpylqjyrc gr zw fylb. rfyrq ufyr amknsrcpq ypc dmp. bmgle gr gl zw fylb gq glcddgagclr ylb rfyr'q ufw rfgq rcvr gq qm jmle. sqgle qrpgle.kyicrpylq() gq pcamkkclbcb. lmu ynnjw ml rfc spj" def t(s): if s in alpha: idx=alpha.index(s) return alpha[(alpha.index(s)+2)] if idx <=23 else alpha[(idx+1)-25] else: return s out=map(t,to_convert) print "".join(out)
The page states: "recognize the characters. maybe they are in the book, but MAYBE they are in the page source."
Viewing the page source:
"find rare characters in the mess below:" "%%$@_$^__#)^)&!_+]!*"..etc,etc
Lots of characters....apart from letters of the alphabet. Search for those letters, using the re (regular expression) module.
#!/usr/bin/env python #challenge 2 import urllib2,re url="http://www.pythonchallenge.com/pc/def/ocr.html" text = urllib2.urlopen(url) contents=text.read() res=re.findall('[a-z]',contents) idx=contents.index('<!--') idxs=contents[idx+1:].index('<!--') idx=idxs+idx print "result:","".join(re.findall('[a-z]',contents[idx:]))
#!/usr/bin/env python #challenge 3 import urllib2,re url="http://www.pythonchallenge.com/pc/def/equality.html" text = urllib2.urlopen(url) contents=text.read() #"One small letter, surrounded by EXACTLY three big bodyguards on each of its sides." print "".join(re.findall('[a-z][A-Z][A-Z][A-Z]([a-z])[A-Z][A-Z][A-Z][a-z]',contents))
<-- urllib may help. DON'T TRY ALL NOTHINGS, since it will never end. 400 times is more than enough. -->A link points to "linkedlist.php?nothing=12345" So we need to loop of 400 attempts to 1)get a url 2)look for the next number in the html 3) that number is the new argument for the next url. But there are some one to watch out for, example http://www.pythonchallenge.com/pc/def/linkedlist.php?nothing=82682 Contents
There maybe misleading numbers in the text. One example is 82683. Look only for the next nothing and the next nothing is 63579.
#!/usr/bin/env python #challenge 4 import urllib2,re idx=8022#first12345 base_url="http://www.pythonchallenge.com/pc/def/linkedlist.php?nothing=" for i in range(0,400): text = urllib2.urlopen(base_url+str(idx)) contents=text.read() print "Contents:",contents res=re.search('and the next nothing is ',contents) if res: res=res.start() idx=contents[res+24:res+29] else: print "Stopping" break
We need to unpack the contents of banner.p With the following snippet....
import pickle pkl_file = open('banner.p', 'rb') data = pickle.load(pkl_file) print data...we see the following output.
jamespk@sal:~/code/challenge/5$ python 5.py [(' ', 95)] [(' ', 14), ('#', 5), (' ', 70), ('#', 5), (' ', 1)]
But what to do with the output? The answer is the hint in the file name 'banner'. Banner is program that outputs a large ASCII art version of the text that is supplied to it as its argument. So if we take the second line of output, we should display 14 * ' ', followed by 5 * '#', followed by 70 * ' ', etc,etc.
#!/usr/bin/env python #challenge 5 import pickle pkl_file = open('banner.p', 'rb') data = pickle.load(pkl_file) for i in data: str="" for j in i: str += j[0] * j[1] print str pkl_file.close()
posted at: 00:00 | path: /python | permanent link to this entry
I needed to recap my Java knowledge recently. Here are snippets of a very basic example I wrote re-familiarise myself with Java.
Inheritance: The extends keyword is used:class Car extends MotorVehicle { }Constructors: Which constructor is used depends on the argument to the constructor:
MotorVehicle (String mType){ this.mType=mType; } MotorVehicle (){ }Overriding: overriding a method:
@Override public String toString() { return mType + " " + maxSpeed;Collections: A basic example of using a vector to store objects and retrieve:
Vectormvs = new Vector (5); mvs.addElement(mv1); mvs.addElement(mv2); for (int i = 0;i < mvs.size();i++) { System.out.println(mvs.get(i)); }
posted at: 00:00 | path: /java | permanent link to this entry