Archive for the ‘Technology’ Category

Recovering a Corrupted Partition Table

Friday, August 19th, 2011

There are few things worse than the sinking feeling you get when you boot your computer and find that partitions are missing, or even worse that it won’t boot at all. For sure drives fail due to moving components wearing out over time, but if the drive is mechanically intact there are many options for recovering your data, and not all of them involve spending thousands of dollars to have a recovery specialist deconstruct the drive in a clean room. This option is useful if the drive no longer spins or is unrecoverable by other methods, and in many cases recovery can be too complicated an ordeal for a normal user to approach.

You’d never know the extent of the problem however without doing an initial bit of investigation, Does the drive spin? Yes? Is it making funny noises? No? Well chances are your data is still there, but may have gotten lost by a corrupt or broken partition. You could spend a bit of money on software designed to scan your drive for unmapped data (ie. GetDataBack & DiyDataRecovery’s Diskpatch are a couple of my favorites), though there is a good chance you could recover a backup of your partition table for free if you just knew how.

Enter Testdisk. I first discovered this useful freeware utility when using Insert, a mini-Linux distribution on a live cd focused on security. Since then I’ve found it’s also available on Windows and MacOSX and has helped me out of similar predicaments on countless occasions, and no technician’s arsenal is complete without it.

Full details can be found on their wiki at

http://www.cgsecurity.org/wiki/TestDisk

with step by step instructions at

http://www.cgsecurity.org/wiki/TestDisk_Step_By_Step

SociBook del.icio.us Digg Facebook Google Yahoo Buzz StumbleUpon

Disconnecting in a Connected World

Monday, August 8th, 2011

To a large percentage of the world’s population, the Internet couldn’t be more irrelevant or any lower on the totem pole of life’s necessities. However, I happen to live in the group that relies heavily on the Internet to conduct business, perform research, communicate with friends, family and of course, waste time.

If you are like me, you are plastered with Internet access 24/7 in your day-to-day life, especially at work or at home. While I’m out and about, I’ve always got my trusty iPhone which can do 90% of the things that I need to get done with relative ease. If my iPhone lets me down, I can use my iPad to tackle the other 9% percent. The last 1% are probably things I could do without anyway, so they can wait.

I’ve been traveling this past week so I have experienced a fairly consistent lack of Internet connectivity and as a result, have had to travel a short distance (less than a mile) to a local café with free WiFi or maybe I got lucky and bummed free WiFi off someone with an unsecured network.

When I’m thoroughly disconnected and have no Internet resources whatsoever, something strange happens to me. I tend to notice things that are around me more because I’m not bumping into them while checking the weather on my iPhone. I also find myself engaging in conversation with more people because I’m not busy deleting spam out my inbox or replying to a text message. Does any of this sound familiar?

Yes I need the Internet and no I don’t need the Internet. Let me try this another way.. if I had to choose between never having access to the Internet again for the rest of my life or.. well, I can’t think of anything that would be applicable for a trade. You can’t say television because the Internet provides television. You can’t say the music or radio because the Internet provides both of those. We pretty much can’t say anything that you can’t physically put your hands on because the Internet provides all of that too. But you can say anything that you can touch, feel, taste, and smell. I left “see” out because as we already know, you can see everything on the Internet. Especially the stuff you have no interesting seeing.

What I’m trying to say is that I/we forget too often that the Internet is just a tool to help us do things and it’s not really very good at anything else. Have you ever tried to have a conversation with the internet? How about asking the internet on the date? Maybe go to dinner with the internet or make friends with the internet? Sure you can see the great pyramids on the internet but let’s be real, that’s no substitute for standing in front of them, smelling the air, feeling the sun reflect off of them or touching the stones. So I suppose it’s okay to be disconnected and in some cases, even therapeutic. It’s sad to say but I know people who would have a complete meltdown if they lost their Internet connection for a week or two. If you’re reading this blog post it’s very likely that I don’t know you, but it’s also very likely that he might be one of those people.

Not that you asked for it, but my recommendation would be to pick one day on the weekend to not use the Internet. That means disconnect the data portion on your phone as well because that would be cheating. You’ll survive an entire day without Google maps and even though your “real friends” on Facebook might be scratching their heads at your sudden absence, they too will survive. Just do it as a test and think about that day as it progresses. If you’re not an Internet junkie already, sorry to have made you waste another five minutes of your life on the internet.

SociBook del.icio.us Digg Facebook Google Yahoo Buzz StumbleUpon

MySQL Error in the errmsg.sys file

Friday, August 5th, 2011

I came across a simple fix for an odd MySQL issue. We recently had a MySQL server that needed to be restored from backups. After reinstalling all the essentials and importing the data, the database engine wouldn’t start. The log file indicated the following error.

[ERROR] Error message file '/usr/share/mysql/english/errmsg.sys' had only 481 error messages,
but it should contain at least 641 error messages.

After some googling, I found that some of the official RPM packages for MySQL actually contain the incorrect errmsg.sys files. The recommended fix listed on several sites was to either recompile from scratch or, vaguely, to “replace it with the correct errmsg.sys file.” I decided to try the vague reference and make it more specific here.

  • First, determine the version of MySQL installed. In our case it was 5.1.56
  • Second, locate a zip file of the raw uncompiled tar.gz of that version. I used http://mysql.llarian.net/Downloads/MySQL-5.1/mysql-5.1.56.tar.gz
  • Third, download and extract the file to a location of your choosing.
    cd /usr/local/src
    wget http://mysql.llarian.net/Downloads/MySQL-5.1/mysql-5.1.56.tar.gz
    tar -zxf mysql-5.1.56.tar.gz
  • Fourth, backup the existing errsg.sys file.
    mv /usr/share/mysql/english/errmsg.sys /usr/share/mysql/english/errmsg.sys.old
  • Fifth, copy the errmsg.sys file from the extrated source code to the live location.
    cp /usr/local/src/mysql-5.1.56/sql/share/english/errmsg.sys /usr/share/mysql/english/errmsg.sys

After that’s done, MySQL should start normally unless it encounters other errors.

-Mark Kraus
Senior Systems Administrator

SociBook del.icio.us Digg Facebook Google Yahoo Buzz StumbleUpon

How to Identify a Matching SSL Cert and Key

Friday, August 5th, 2011

Sometimes when needing to install or reinstall an SSL cert the key file used to generate the cert becomes misplaced, rendering the certificate useless. This can especially be a problem when installed via a control panel where the key is stored in the underlying filesystem. If multiple requests were generated the key file which was used may not match the one that is currently in place. When attempting to install the certificate you may receive an error that the key file does not match, though it is fairly easy to identify the appropriate key using the OpenSSL command line utility.

To see the full details used for a certificate (such as the Common Name, issuer, expiration date, etc.) you can run the following command against the certificate:

[root@host ssl.crt]# openssl x509 -text -noout -in somedomain.cer

which will produce full details about the certificate in question, including what is referred to as the ‘modulus’. To single out a particular piece of information, you can ‘grep’ for the particular line of output you are looking for, or the command can be modified with the specific parameter, such as:

[root@host ssl.crt]# openssl x509 -subject -noout -in somedomain.cer

will tell what specific hostname(s) the certificate was registered for, while

[root@host ssl.crt]# openssl x509 -enddate -noout -in somedomain.cer

will tell you when the certificate will expire.

The easiest way to identify the particular key file that matches this cert is to look at the modulus:

[root@host ssl.crt]# openssl x509 -modulus -noout -in somedomain.cer

this will produce several lines of output, which in itself can be a bit tricky to compare visually:

Modulus=C81B0D3BB43343E779F34BC6371F3AF4E8F9031FFD6DD01D15B

A9BEC1242008C9EFD468132BA7DFGBC7CFAB9F938BE534F3BDC96EF58FF

4EE640154C6243CE1B1C2787D22306E25E86A9A5F3759B14C2A890F4006

9B975830147E0772337AEC058B8AC2CF3356EEE4F8619FE2FB2F578C4EB

B8D46EB15E47B5E44C28A5C3462D

 

The solution is to pipe this output to the ‘md5sum’ (or simply md5 on some os’s) command:

[root@host ssl.crt]# openssl x509 -modulus -noout -in somedomain.cer | md5sum
cd75b831054e4418f7bf7fe0fc5b609a -
[root@host ssl.crt]#

If you use the same option against the key file you can easily match up the specific one used to generate this cert:

[root@host ssl.crt]# openssl x509 -modulus -noout -in somedomain.cer | md5sum
cd75b831054e4418f7bf7fe0fc5b609a -
[root@host ssl.crt]# openssl rsa -modulus -noout -in ../ssl.key/somedomain.key | md5sum
cd75b831054e4418f7bf7fe0fc5b609a -
[root@host ssl.crt]#

This output is much easier to compare and will only match for the specific files which correspond with each other.

SociBook del.icio.us Digg Facebook Google Yahoo Buzz StumbleUpon

Google+

Thursday, August 4th, 2011

I’m not really a fan of Facebook, or even Myspace (Does that still exist?) but recently converting to Google+ I’ve found it to be pretty cool. So far the interface could use work, features added, and security options expanded, but the great thing about its early development is that we Google+ users get to see the interface in its infancy, and knock the tires on it. Much like was done on Gmail. The only thing keeping Google+ from being used instead of Facebook for social media is that it’s by invite only still, and some users just don’t want to convert over. I guess that is the same situation as with Myspace users to Facebook, but eventually I think Google+ will be pretty competitive with Facebook for the social media market.

SociBook del.icio.us Digg Facebook Google Yahoo Buzz StumbleUpon