Friday, January 20, 2017

VirtualBox on Ubuntu 16.04 DNS Failure From Guest OS

I have a couple of VM's on my system running a variety of operating systems for testing and learning. Recently U upgraded the host system to Ubuntu 16.0.4 when I installed a new SSD. I moved the VMs from the old spinny disk and VM's start fine.
Yay! I can log into the VMs but realise there is a problem with DNS. I can ping outside hosts and all seems fine with the network. Started changing network settings in one of the guest OS and no, nothing is happening

After some investigation, this appears to be due to a change in how Ubuntu is doing DNS and that the Guest OS are unable to handle that natively.

The cure
Enable two parameters as the user you run your VM's under

VBoxManage modifyvm "Centos 7" --natdnsproxy1 on
VBoxManage modifyvm "Centos 7" --natdnshostresolver1 on
VBoxManage -natnetwork list
NAT Networks:

Name:        NatNetwork
Network:     10.0.2.0/24
Gateway:     10.0.2.1
IPv6:        No
Enabled:     Yes

Make sure all VM are stopped and then  run this, it willl crash VirtualBox but makes sure next time you start VirtualBox the new network settings will apply

VBoxManage natnetwork stop --netname "NatNetwork"


Sunday, January 08, 2017

Python 2.7 Installation and SSL errors

Working to get some python code finished and ran into an issue with seems to have plagued python for somne time.

When building python as you would often do to be able to use later versions in Redhat, as you cannot update the original Python as it breaks yum and many other Redhat tools you need to look at doing local installs. For the little bit of space and then using virtualenv, this is probably for many things a better option.

When installing Python 2.7.13 from source on Redhat it doesn't install the SSL modules. Ha, I don't need SSL, I am not connecting to any SSL. Sorry to tell you the bad new but pip now connects to https to access the repository, really it has for some time.

What does one do to resolve this?
What needs to be done is make sure the SSL development libraries are there as their absence leaves you without SSL which you need for pip. Of course, that means you cannot install packages directly fro the python repository. Agggghhh

Firstly you download and prepare to install python as local install, lots of good instructions out there.

Next, you make sure the zlib1g is installed as well as openssl-develop packages. Unless it's a very minimal installation, it should have the OpenSSL  runtime stuff there already.

Untar the python and cd into the unpacked source code
Go to Module and open the Setup file and if it's not there run configure and make and it is generated.
Now as per this StackOverflow question. You need to uncomment some SSL text

SSL=/usr/local/ssl
_ssl _ssl.c \
    -DUSE_SSL -I$(SSL)/include -I$(SSL)/include/openssl \
    -L$(SSL)/lib -lssl -lcrypto



Now make and make altinstall to where your local installation is

The path to verify SSL has changed in 2.7.13, possibly earlier editions as well

python /usr/local/lib/python2./test/test_ssl.py

This might become helpful to someone down the track as it seems a ridiculous issue to still be a problem for this long.

See ya round

Peter

Thursday, January 05, 2017

Some thoughts on the MongoDB Ransom Attack

As reported on a number of news sites there are a lot of unsecured Mongo DB servers out on the Web. This has created a new business opportunity whereby an ingenious hacker has found a business model. Backup your MongoDB, trash its contents and then leave a note for Ransomware to get the data back. I expect this is going to make a handsome earning.

Why you might ask? The databases have almost certainly in many cases been set up but unskilled people, I will take a stab at it and say probably not the most competent DBA or not even a DBA. My reasoning is that there are two things that stick out any decent DBA will have looked at two key tasks of the DBA, backups and security. Any DBA worth his daily pay would have both of these high in mind. He would have questioned how the data is accessed, the connections from any website and understood the architecture of the applications connecting to the databases being managed. The DBA would have constantly looked at how to lower the attack surface and had reliably tested backups reducing the concerns of any attempt to ransomware.

So if you don't have a DBA and you are running databases, I would suggest this is a warning to you to get either a service or hire one to make sure you don't have the opportunity to explain to your board to shareholders



See ya round

Peter

Saturday, December 31, 2016

2017 is rolling in

Its New Years Eve and I would like to thank those of you who have been part of my 2016 audience and will be bringing more in 2017.

Enjoy your New Years Eve, have a great celebration wherever you are in the world
Look forward to a great 2017 and that is prosperous and happy





See ya round

Peter

Thursday, October 13, 2016

Bemoaning DB2

About a year ago I was presented with an addition to my role. As part of the company acquiring Infosphere I acquired DB2 under its bonnet. This has proved somewhat of a learning curve and at this time DB2 still has a couple of mysteries up its sleeve. I still have answers to find about DB2's space management and table sizing and storage. I had previously had some experience with installing and some basic application integration steps but never learned much about the day to day management.

A definite win for the DB2 community is Data Server Manager. DSM is a great tool and is rapidly maturing. If you are new to DB2 or are using it definitely keep up with the upgrades right now as there is a lot happening. The current release has some great new features over its earlier counterparts and whilst there are a lot of graphical tools which could be added to the dashboard it's very handy as is.

Easy SQL tool, and the simple dashboard are great. Being able to check any part of the DB2 system in a couple of clicks are all great to have.

I am sure there are those who will still frown upon people using graphical tools but using this as a way to better understand rather than just a mindless point and click will learn a lot very quickly from being assisted by the tool.

So I am still no fan of DB2, it is the 5th product I have worked on seriously in the database realm so I have some considerable experience across them, DB2 will be easier to manage and easier to teach someone in due course  with DSM. Back to war tomorrow and see what else I learn.


See ya round

Peter

Friday, June 12, 2015

QLD Government Innovation Portal - Cool idea

QLD Government has recently opened up a site to garner outside thoughts on challenges which the government faces. These might be unusual problems about data, security, and just about anything which requires a solution  that some off the shelf software won't cut out of the box.

There is presently a discussion going on with regards to preserving calendars which are currently in Outlook PST files. Now as to the problems they are trying to solve with that preservation, such as it needs to have the ability to be readable and useful 100 years hence and what formats are open to preserve such things and retain the integrity of the original calendar entry  and be in a format which shall be readable by the fact the file specification will be openly preserved allowing anyone to go and read the file with readily available software knowing the file format.

There is learning going on with both sides of the conversation, with a response of the request specification needing to be addressed as the ideas whilst perhaps good have  a second set of issues. The asked and are altering the question in response to responses as they had learned their initial request may have had some gaps in it.

Well done to the guys at QLD government who set up and run the site and those that are willing to put their ideas out there and canvas a wider pool of thought.

This is a great idea and good to see some people getting into the spirit to try and resolve the question/problem raised.

I hope a lot more departments are able to bring problems to the open to get solutions which may never have been thought of using only oe set of views.

The site is http://innovation-portal.dsitia.qld.gov.au/

See ya round

Peter

Friday, May 01, 2015

Modelio 3.3 on Xubuntu 3.13

I recently started working with Modelio running on Xubuntu. f you are not familiar with Xubuntu it is a lightweight desktop Ubuntu build. Lighter UI than KDE or Gnome, you will likely end up with parts of KDE or Gnome in your system due to other applications you want to need either KDE or gnome libraries. It is still lightweight and the only reason I use Windows at home is for one purpose and that is accessing the Tax Office (ATO)
Now I am probably not as thin as originally installed as there are some things that you just try and work with.

Modelio has a few issues that you need to resolve to get it working.

Firstly download the software, mine was the open source version 3.3
Unpack it and move it to a directory.
Then you need to make sure your Java is correct. Modelio 3.3 requires java 8 you will need to make sure it is your default Java version, there are a few notes around on Ubuntu you require the alternatives command sudo update-alternatives --config java

I have then set the -vm parameter in modelio.ini to your Java 8 location

Without Java 8 you may find it loading with blank screen and no menus, or it wont start with a framework error.

I had a problem that the TOGAF module wouldn't enable in a project. It was a problem from a previous version of Modelio, actually a 32bit version. I deleted the project. So warning if changing Modelio export your projects before doing anything and import them to the new version. In this case, it was nothing important. You may not be so lucky