IT Dribble

Adobe Reader X (10.1.3) Offline Installer Link

Cam McKenzie — Sun, 13 May 2012 22:59:21 +0000

Here is the Windows XP (SP3) and Windows 7 offline installer for Adobe Reader X: http://ardownload.adobe.com/pub/adobe/reader/win/10.x/10.1.3/en_US/AdbeRdr1013_en_US.exe

How to send HTML message from the linux command line

Cam McKenzie — Wed, 09 May 2012 03:55:16 +0000

echo “YAY HTML Works” | mail -s “$(echo -e “Subject Goes Here\nContent-Type: text/html”)” to@yourmum.com

How to adjust WordPress Blog Storage Space

Cam McKenzie — Thu, 03 May 2012 00:29:53 +0000

I had the tricky job of adjusting a clients WordPress blog that had ran out of “Storage Space” and to modify it, it was quite tricky to find this sneaky option.

To change it:

Log into the WP dashboard,
Up in to top right where it says ” Howdy, USERNAME” click that
Then Network Admin
Goto Sites on the left
“Edit” the blog you want to adjust
Click the “Settings Tab”
Scroll to the bottom and adjust “Site Upload Space Quota”.
Click “Save”

Shortcut to Offer Remote Assistance

Cam McKenzie — Tue, 17 Apr 2012 05:28:57 +0000

If you know how impossible it is to find this link when you need it.
Valid for Windows XP & Windows 2003 Server
%windir%\explorer.exe "hcp://CN=Microsoft%20Corporation,L=Redmond,S=Washington,C=US/Remote%20Assistance/Escalation/Unsolicited/Unsolicitedrcui.htm"

CamMcKenzie.com is IPv6 Ready

Cam McKenzie — Tue, 10 Apr 2012 18:10:33 +0000

Check it out at ipv6.cammckenzie.com! Although it does a redirects to www which is an IPv4 address but who cares at least I’m future proofed for the moment!

Performance Tuning WordPress for Low Spec Servers

Cam McKenzie — Wed, 04 Apr 2012 09:27:23 +0000

I recently moved my website to a cheap VPS I had the fun journey of trying to get it work without grinding to a halt everytime I clicked on a page, which you ‘should’ have noticed is fixed.

Firstly I needed to be realistic this blog wouldn’t have more than two simultanious connections at once, with that known I could then edit the amount for apache server threads to an un-godly small number in /etc/apache2/apache2.conf
StartServers 2 MinSpareServers 2 MaxSpareServers 2 MaxClients 20 MaxRequestsPerChild 0

With that noted a quick look at ‘top’ shows MySQL eating lots of Virtual Memory a quick swap of the configuration file: /usr/share/doc/mysql-server-5.1/examples/my-small.cnf to /etc/mysql/my.cnf sorts out that problem. (Don’t forget to backup your originals)

And finally modifying the WordPress max memory limit as noted in this post
suhosin[10882]: ALERT – script tried to increase memory_limit to 268435456 bytes

WordPress Permalinks no longer working

Cam McKenzie — Wed, 04 Apr 2012 08:49:25 +0000

Again after the fun times of being to cheap too pay for a good provider and hosting this website from a low end VPS with limited memory running WordPress and MySql, I have finally tuned it so that it no longer uses swap! yay!

Anyway I had trouble getting permalinks working and knowing nothing about them I set off in my investigation. It appears that permalinks require mod_rewrite to be enabled. After checking in mods_avaliable and search debian repos, I came up blank. It seems that you need to enable mod_rewrite via the command [code] a2enmod rewrite [/code]

Too Easy!

suhosin[10882]: ALERT – script tried to increase memory_limit to 268435456 bytes

Cam McKenzie — Wed, 04 Apr 2012 01:25:44 +0000

After moving from web hosting to a low spec VPS Provider (read: less ram) I noticed the following errors in my apache2/access.log:

vps suhosin[10882]: ALERT – script tried to increase memory_limit to 268435456 bytes which is above the allowed value (attacker ‘MY.IP.ADD.RESS’, file ‘/var/www/blog/wp-admin/admin.php’, line 109)

When trying to access parts of the WordPress dashboard. The required fix was that WordPress wanted 256MB of memory (which I didn’t have).

The fix involved editing: wp-includes/default-constants.php
line 28: define( ‘WP_MAX_MEMORY_LIMIT’, ’256M’ );
to something a little more reasonable like 64M

Awesome Security Videos

Cam McKenzie — Thu, 29 Mar 2012 04:22:26 +0000

Just a quick post with a link of some great security videos: http://www.securitytube.net and a interesting blog: http://r00tsec.blogspot.com.au

Rouge Access Points within the Enterprise

Cam McKenzie — Fri, 02 Mar 2012 02:18:15 +0000

Today I found out an interesting feature of Windows 7 – Soft Access Point Mode. This feature which you can create a Wireless Access Point complete with DHCP and ICS (Internet Connection Sharing) is great if you want internet / network sharing without having to purchase additional hardware, unfortunately this can create an interesting attack vector for businesses…

Imagine this scenario: An attacker somehow breaches your network and they have admin rights on a workstation / laptop from the business, now with command prompt access they are able to start a Soft Access Point (WPA2 password enforcement required by Windows 7). When this happens no prompt is given to the user and concurrent access is also maintained to active connections (even from the same wireless adapter which is now hosting our network ), therefore not providing the user with any hint that a problem(?) is afoot.

Now what happens next is limited to the attacker,but perhaps the original method of compromise get patched so access is no longer available but because a wireless connection being available they still a permanent backdoor with network level access!

Perhaps a good party trick would be to run a script on every PC / Laptop within the business and turn this feature on?

Anyway here is the command:

C:\Windows\system32>netsh wlan set hostednetwork mode=allow ssid=SomeSSIDYouLike key=Some8CharPlusPassword
C:\Windows\system32>netsh wlan start hostednetwork

Happy Internet Connection Sharing!