Troubleshooting Bind9 Queries
by errr on Feb.05, 2010, under BSD, Linux
Yesterday I was adding a new domain to our servers to slave. While looking though syslog to make sure this was all working I noticed a whole flood of requests for a site that was busted.
unexpected RCODE (REFUSED) resolving ‘www.examplesite.com/A/IN’: x.x.x.x#53
This was just filling my logs like crazy. I wanted to know who on my network was making so many requests for this site.. I was really hoping I didnt have some infected PC on my LAN. To find out I turned on the query log. This is not on by default on Debian, or on Ubuntu, or CentOS which is what I use for all of my DNS. To turn on query log is pretty simple. I added the following to my named.conf.options file
logging {
channel “querylog” {
file “/var/log/bind9-query.log”;
print-time yes;
};
category queries {
querylog;
};
};
Once added you need to make sure this directory is present. If you are in a chroot environment like a good sysadmin remember this path is relevant to your chroot so /var/log/bind9-query.log might really be /chroot/bind9/var/log/bind9-query.log Next make sure your bind user had read/write access to the file.
chown bind:bind /chroot/bind9/var/log/bind9-query.log
Next simply
rndc reload
and go watch that puppy fill up in a hurry. I do not like to keep this turned on because it fills up so fast and I only seem to need it when there is a problem. If you do decide to keep it turned on make sure you set up a logrotate for it. In my environment this log will get to be several megs in under an hour. Sure hope this will help you figure out who is querying what on your network.
Sample output from the log file
05-Feb-2010 09:08:25.524 client 192.168.1.142#51521: query: claimlj2.my.domain.com IN AAAA +
Windows Media Center No Sound on Some Channels
by errr on Feb.01, 2010, under Microsoft
So my media center pc was having issues with sound. Some channels worked great, and others didnt work right at all. By this I mean that you could hear the laugh track perfect but couldnt hear the dialog at all. I am using an Asus P5Q SE/R motherboard, this board has a Realtech HD audio chipset. The sound seemed to work perfect in all the apps I tried.. VLC, Windows Media player, even the HDHomerun Quick TV app. I was stumped.. The device manager showed no unknown devices and reported all devices working correctly. As usual I went to google and tried to find a solution. I found nothing.. I decided there were not enough options in the windows control panel for my sound card so I thought I would see if Asus had a driver for this system They did… I downloaded the audio drivers from Asus here: http://support.asus.com/ you have to search for your motherboard then your OS, then go to the audio driver section. I grabbed the global file which was about 72MB worth of a zip file. Once the down load is complete you can right click the file and extract the files, browse into the directory and find the Setup file, and run through it.. Once the reboot is complete you just need to make sure the Realtech audio settings are correct for your speaker setup do the test from the audio app, and enjoy the sound not giving you problems in media center any more 
Add Hulu Desktop To Windows Media Center
by errr on Jan.31, 2010, under Microsoft
I upgraded my Vista Windows Media Center machine to Windows 7 this weekend. I was wishing I could get Hulu into media center so I went to google. I found posts where people had done it, but most of them were using some 3rd party app to edit some settings and do it, and the rest never said how they did it. Well since none of the apps were open source it made me very un-trusting of them. I decided to figure out how to add this my self. Its pretty simple. First you need to install the Hulu Desktop. Next open a windows explorer and navigate to your users WMC directory. Here is where my users info is:
C:\Users\errr\AppData\Roaming\Media Center Programs
Next simply stick a shortcut to the Hulu desktop in this folder. Windows Media Center should not be running while you do this. Name this shortcut “Hulu Desktop” or what ever you want. Once that is done simply close your explorer window and start WMC. You will need to go to the Extras section, and go into the Extras Library, select Hulu Desktop (or what ever you named it). This will minimize Windows Media Center and open Hulu Desktop. If its not full screen simply full screen it, and when you close it from full screen it will reopen that way next time. You will now be able to control Hulu desktop with your Media Center remote. The annoying thing is that when you close out of Hulu it does not restore WMC, but you can hit your Media Center button and that will reopen WMC in full screen.
Pretty easy eh?
py-nag A notification script for nagios to nag you in Twitter
by errr on Jan.23, 2010, under Linux
So I have been trying to think of cool things I could do with Twitter. I happen to be a HUGE fan of nagios for monitoring my systems. From time to time some of the systems I monitor go down, and sometimes they are my email servers, so getting a message from nagios about this is kind of out of the question unless I setup alternative email accounts that I would then have to add to the already large number accounts I have… So why not just “tweet” the notice. This way I have an easy way to get the status. This is what prompted me to write py-nag. Its a pretty simple script that you can toss on your system and then define a new command in nagios and easy as pie now you get notices in twitter. Its all python and the only dep needed should be python-twitter And a simple apt-get install python-twitter took care of that for me.
To set this up you can simply place the nagger.py script somewhere on your system. I put it in /usr/local/bin and named it py-nag
#wget -O /usr/local/bin/py-nag https://code.google.com/p/py-nag/source/browse/nagger.py
Note the # this indicates the command needs to be run as root or you can use sudo. Next set the file to be executable
#chmod +x /usr/local/bin/py-nag
Next you need to configure nagios. On my Debian box I will edit the following file like so:
vim /etc/nagios3/commands.cfg
Next we need to add the command definition
define command {
command_name notify-userName-by-tweet
command_line /usr/local/bin/py-nag –twitusr=MYTWITUSER –twitpass=’MYTWITPASS’ –msg=’T: $NOTIFICATIONTYPE$ Hst: $HOSTALIAS$ dt: $LONGDATETIME$’ –dmonly –user=WhoToTweet
}
Next you need to set your contact to use this command like so:
service_notification_commands notify-userName-by-tweet
This is done in your contact confg. service_notification_commands will accept a comma seperated list so this can be one of many commands. Next you need to reload the nagios config. Now you are all ready to get Direct messages from your nagios nagger. If you prefer to not get the notice as a DM you can use the optional –tweetit param instead of the –dmonly If you use the –tweetit param you do not need the –user flag. I sure hope some people find this useful.
Rename Files Fast from the Linux CLI
by errr on Jan.14, 2010, under Linux
So today I moved our web root from this OLD system to our new server. First things first I tried to hit some of the links and I was served given the option to d/l the file… Well I could go to the Web server config file and tell it to parse these files as php, or how about we ditch the .php3 for something this decade… like .php So I go to our web root and look for all the files that end in .php3
find . -iname “*.php3″ -print
Nice. Now I have a huge list of files here.. How on earth can I rename them with out this taking all day… I used rename like so:
find . -iname “*.php3″ -print |xargs rename -n ’s/\.php3/\.php/’
This command will NOT actually change ANYTHING on your system. The -n flag says to run through as a test and tell me what you would be doing if I wanted it done… I can see from this output that I do indeed want to run this command.
find . -iname “*.php3″ -print |xargs rename -v ’s/\.php3/\.php/’
Now this time it did go though and rename and it printed to the screen what it did (thats what the -v flag does verbose). Now I can go though and edit the index file that pointed to these php3 files and remove that 3. Simple and now I dont have that silly 3 on the file names any more.
Change your product key for Office 2007 with out reinstalling
by errr on Jan.06, 2010, under Microsoft
So today I was setting up a new laptop for one of our employees. I went to activate his copy of Office 2007 and was told that I had already activated this copy to many times!! Oops, that is my bad for having such a messy desk that I grabbed the wrong copy of office and used the wrong key. No big deal I think to my self so I call to activate over the phone. While talking to this script reader he tells me that my copy is over activated and now I need to reinstall using this other disk (same version of office same everything..) I get a bit pissed cause I have better things to do with my time then totally reinstall Office just to change a simple key. I tell him how that is crazy and that there just HAD to be a way to do this with out a reinstall. The “tech” tells me that there is no way. I tell him he is nuts and how he is lazy and should learn more about his job. So off to regedit I went. I dug though HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\12.0\ since it was the biggest number. Mine also had an 8.0 and an 11.0. While digging though there I see “Registration”, I open it then while going though there I found something called DigitalProductID and something else called ProductID. On a whim I decided to just delete these key=>values so I right clicked on them and hit delete. Next I closed regedit and opened up Outlook. Guess what it asked me for thats right!! It asked me for a product key. I gave it, then Office activated with no issues… So this is to you, jerk at M$ who tried telling me this was not possible!! IN YO FACE!!!
DRAC Attack!! Default username and password for DRAC
by errr on Jan.06, 2010, under Hardware
Simple and quick post… The default user for DRAC is root with a password of calvin
enjoy!!
Export xBase/dBase files into MySQL
by errr on Jan.04, 2010, under Database, Linux
If you have an application that uses xBase/dBase files to store data you may at some point need to export that data into a real database, like MySQL. This is a really simple task thanks to a nifty app called dbf2mysql. For my example I was using some CRM software called ACT. They used dBase III files to store their data. So I just went to the windows box that was holding my dBase file. I used winscp to move it to my Linux box. Next I used:
dbf2mysql -vvv -c -f -d dbname -r -U dbuser -P dbuserpass CustomerInfo.dbf
What this does is turns up the verbose logging to my screen, next the -c will create a table in my database named “test” (this is default and can be changed with the -t flag) -f makes all the field named from the dbf file be changed to lower case, next the -d, -U, and -P seem pretty obvious, and that leaves us with the -r which will Trim trailing and leading white space from CHAR type fields. All this info and more can be found in the man page. Here is the trail end of what I got from the output of my command:
fields in dbh 71, allocated mem for query 4293, query size 2156
Inserting records
Inserting record 0
Inserting record 100
Inserting record 200
Inserting record 300
Inserting record 400
Inserting record 500
Inserting record 600
Inserting record 700
Inserting record 800
Closing up….
Now I can log into phpmyadmin and verify that all my data has been moved successfully.
Starting Over
by errr on Dec.30, 2009, under General
Well we are starting over with a fresh new site, and some fresh new content. Check back often to find the latest useless information.
