Wednesday, February 21, 2007
#
Here is a neat trick I stumbled across while doing some Stream Editing.
Here is a command that will remove all tabs and spaces before a new line.
sed -e 's/[]*$//' -e '/^$/ d'
(This command is yet untested)
This should reduce those extra characters from causing the b load command to fail.
Monday, August 28, 2006
#
I have found my initial foray into online marketing to be less than successful. It is odd what words people choose to find things online. The most obvious keywords do not neccessarily result in the most clicks.
I recall a book I read entitled Selling the Invisible, I highly recommend for anyone who sells consulting services.
After all of my efforts crafting the advertisements and honing keywords I have recieved only one click. For all that work, it didn't even result in a conversion. Fortunately, as an engineer, I don't give up easily.
Wednesday, June 28, 2006
#
OpenSSL is a usefull tool for trouble shooting issues with BIG-IP.
The sytax for creating a client connection is as follows:
openssl s_client -connect hostname:port
Tuesday, June 07, 2005
#
F5 has given me a sample configuration for the /etc/syslog-ng/syslog-ng.conf
Here is what you should add to the file for logging to a remote “loghost“.
destination loghost {
udp ("remote_ip_of_server");
};
log {
source(local);
destination (loghost);
};
Monday, June 06, 2005
#
My clients often request to use a syslog server for security notifications. It would be my preference to do this with Web services. In the mean time I will have to make due with syslog. Here is a page with a canned script for log rolling.
http://www.afp548.com/article.php?story=20040916181619888
Monday, November 01, 2004
#
Simple technique to correct the date/time of a Big-IP. F5 will tell you to take your unit into single user mode, this is not neccessary. I have discovered that you can update the time of an standby unit in multiuser mode.
You can update the clock in multiuser mode with ntpdate.
Syntax: ntpdate -b (time server IP/FQDN)
Manual page for ntpdate: http://www.eecis.udel.edu/~mills/ntp/html/ntpdate.html
Wednesday, December 08, 2004
#
Thursday, September 09, 2004
#
What are the criteria that constitutes meaningful ECV.
Would this be a page match for an authenticated user session?
If a simple content match on the home page is our goal it would require that we authenticate through Siteminder or thwart it. Given, my understanding of Siteminder a script that authenticates a user would require an extended application verification script. This aproach would exceed our ECV requirements.
An alternative would be unprotect a page (if there is such an ability) have Big-IP issue a get request and thwart the authentication. This would not tell us if the Siteminder elements are working and there could be a scenario where Big-IP can retreive a page that a user cannot authenticate.
What if a Siteminder referal response is good enough to consider a service available?
This can be done with a http v.1.1 request:
GET /index.html HTTP/1.1
Accept: */*
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)
Host: www.yoursite.com Connection: close
The recieve string could be:
http://smntlm.yoursite.com/siteminderagent/ntlm/creds.ntc?CHALLENGE=&TARGET=$SM$http
Wednesday, September 29, 2004
#
If you put a 32 bit host mask (255.255.255.255) in your SNMP client allow list (hosts.allow) Big-IP will not respond. You must remove the host mask and leave an empty value unless your client is a network address
example: 192.168.1.0 255.255.255.0.
Normally with BSD you are required to go into single user mode prior to changing the time. I have discovered that you can use ntpdate to correct the time in multi-user mode (A.K.A. init level 2).
Monday, September 13, 2004
#
I found an excelent site that details various
attempts at telecine. It is quite remarkable to see the result of the images produce by using a microscope and camera combination. I have used several of the devices that are featured from the site, so, I can relate to some of the authors challanges. One thing that has always troubled my film scanning endeavors are the moving parts. Either the device moves the film or the scanner moves a CCD. The quality of the image is limited, in part, to the accuracy of the movement. The microscope/camera technique seems to over come the moving CCD, assuming that the image is properly positioned at the time of the capture.
Thursday, September 09, 2004
#
Here are the requirements:
Exclude access, to either HTTP requests that contain /portal/console in the URI or from among deemed suspicious variables, from all client requests other than those who's source address is from internal address space.
***UNTESTED***
rule server_lock_down {
if (http_uri matches_regex "/portal/console" and not one of internal_network_class) {
redirect to "http://%h"
}
else if (http_content contains one of bad_variable_class and not one of internal_network_class) {
redirect to "http://%h"
}
else {
use pool x
}
}
The issue is Vignette makes LDAP v.2 requests that are load balanced to a Master and Consumer, Sun Java System Directory Server 5.2. I must parse the transactions to identify “read“ and “write“ requests. Read requests may be sent to either servers, while the write requests must be sent only to the Master LDAP server.
Read request redirected to Master or Consumer LDAP server:
- SearchRequest
- CompareRequest
Write requests forwarded to Master LDAP server:
- ModifyRequest
- AddRequest
- DelRequest
- ModifyDNRequest
Operations common to both Master and Consumer LDAP servers:
- BindRequest
- UnbindRequest
- AbandonRequest
- ExtendedRequest
Here are the details of the protocols.
Protocol rollover: How the server discovers the best protocol to initiate the stream.
Windows 2000
explaination of MMS with client side firewall.
As it turns out Vannevar Bush didn't coin the phrase hypertext although he lays out the concepts of the web in his collumn “As We May Think“ for the Atlantic Monthly. Clearly a brilliant visionary, he even considers the problems we now face with i/o devices and logical abstraction.
Of note, it seems that Vannevar was a logical positivist, it is intersting to see the dillema that has resulted in a now post modern world that, in large part, is sceptical in regards to truth. The pressuppositions of this article assume that facts would be the overriding drive behind the choices of ones logical progression.