UnixServerAdmin

Server Administration & Management

How to Download Oracle Latest Java JRE/JDK in linux by bypassing license using wget

Oracle has recently disabled direct download of java from their servers. So to download java, users have to visit their site via web browser and have to accept their license and terms, then users will get the download link. But if you are working of linux servers in which you can’t access the web browser, then  you should use wget command on the console. Use Below command to download java from linux terminal.

#  wget –no-cookies –no-check-certificate –header “Cookie: gpw_e24=http%3A%2F%2Fwww.oracle.com%2F” “http://download.oracle.com/otn-pub/java/jdk/7u25-b15/jdk-7u25-linux-x64.tar.gz”

Where :

Cookie: gpw_e24=http%3A%2F%2Fwww.oracle.com%2F :- It is a single cookie for all that is needed to bypass license and terms

–no-cookies : – Cookies are a mechanism for maintaining server-side state.  The server sends the client a cookie using the “Set-Cookie” header, and the client responds with the same cookie upon further requests.

–no-check-certificate : – Don’t check the server certificate against the available certificate authorities.  Also don’t require the URL host name to match the common name presented by the certificate.

Advertisements

June 26, 2013 Posted by | Java, Tips & Tricks | , , | Leave a comment

How to reconfigure MySQL Slave server after Break

mysql_slave

When you get the SQL Running “NO” error, do not use slave skip counter as shown below.

mysql> stop slave;SET GLOBAL SQL_SLAVE_SKIP_COUNTER=1;start slave;  

The above statement will skip one sql statement and execute the next statement found in the binary log file. When you get the following “Could not parse relay log event entry” error, it means that Relay log file is corrupt. The IO thread is running and SQL thread is stopped. SQL thread may be broken due to 2 reasons.

1) SQL statement can not be executed.
2) OR slave is stopped due to Relay log event entry.

1.1) In case of first case use skip counter statement.

mysql> SET GLOBAL SQL_SLAVE_SKIP_COUNTER=1;

1.2) In case of second case when SQL relay log is corrupt you need to restart the slave by using “change master to” statement as shown below.

mysql> stop slave;
mysql> reset slave;
mysql> CHANGE MASTER TO MASTER_HOST=’192.168.X.X’, MASTER_USER=’slave_user’, MASTER_PASSWORD=’slave_user’, MASTER_LOG_FILE=’mysql-bin.000xxx’, MASTER_LOG_POS=503102260;
mysql> start slave;

Master log file and Master log position can be found in the show slave status output.
Relay_Master_Log_File: mysql-bin.000xxx
Exec_Master_Log_Pos: 503102260

mysql> show slave status\G
*************************** 1. row ***************************
Slave_IO_State: Waiting for master to send event
                Master_Host: 192.168.x.x
                Master_User: slave_user
                Master_Port: 3306
              Connect_Retry: 60
            Master_Log_File: mysql-bin.000300
        Read_Master_Log_Pos: 328331704
             Relay_Log_File: mysqld-relay-bin.000024
              Relay_Log_Pos: 108519259
      Relay_Master_Log_File: mysql-bin.000xxx
           Slave_IO_Running: Yes
          Slave_SQL_Running: No
            Replicate_Do_DB:
        Replicate_Ignore_DB:
         Replicate_Do_Table:
     Replicate_Ignore_Table:
    Replicate_Wild_Do_Table:
Replicate_Wild_Ignore_Table:
                 Last_Errno: 0
                 Last_Error: Could not parse relay log event entry. The possible reasons are: the master’s binary log is corrupted (you can check this by running ‘mysqlbinlog’ on the binary log), the slave’s relay log is corrupted (you can check this by running ‘mysqlbinlog’ on the relay log), a network problem, or a bug in the master’s or slave’s MySQL code. If you want to check the master’s binary log or slave’s relay log, you will be able to know their names by issuing ‘SHOW SLAVE STATUS’ on this slave.
               Skip_Counter: 1
        Exec_Master_Log_Pos: 503102260
            Relay_Log_Space: 872754335
            Until_Condition: None
             Until_Log_File:
              Until_Log_Pos: 0
         Master_SSL_Allowed: No
         Master_SSL_CA_File:
         Master_SSL_CA_Path:
            Master_SSL_Cert:
          Master_SSL_Cipher:
             Master_SSL_Key:
      Seconds_Behind_Master: NULL
1 row in set (0.00 sec)

The master IP address along with username, password can be found in master.info file. Relay log info file has the binary log file name and position. These 2 files are found in MySQL data directory. In this case these files can be found in /var/lib/mysql/ folder.

[root@localhost]# cat /var/lib/mysql/master.info
14
mysql-bin.000300
327270768
192.168.x.x
slave_user
slave_user
3306
60
0

In the following case skip slave counter command was used to skip the SQL error and go to the next command from binary.

mysql> show slave status\G  
*************************** 1. row ***************************
Slave_IO_State: Waiting for master to send event
                Master_Host: 192.168.X.X
                Master_User: slave_user
                Master_Port: 3306
              Connect_Retry: 60
            Master_Log_File: mysql-bin.000300
        Read_Master_Log_Pos: 397589316
             Relay_Log_File: mysqld-relay-bin.000004
              Relay_Log_Pos: 254511006
      Relay_Master_Log_File: mysql-bin.000300
           Slave_IO_Running: Yes
          Slave_SQL_Running: No
            Replicate_Do_DB:
        Replicate_Ignore_DB:
         Replicate_Do_Table:
     Replicate_Ignore_Table:
    Replicate_Wild_Do_Table:
Replicate_Wild_Ignore_Table:
                 Last_Errno: 1064
                 Last_Error: Error ‘You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ” at line 1’ on query. Default database: ‘freshnew1’. Query: ‘insert into audit_trail(PROCESS, PAGE_NAME, TABLE_NAME, TA��’
               Skip_Counter: 0
        Exec_Master_Log_Pos: 462435
            Relay_Log_Space: 397590023
            Until_Condition: None
             Until_Log_File:
              Until_Log_Pos: 0
         Master_SSL_Allowed: No
         Master_SSL_CA_File:
         Master_SSL_CA_Path:
            Master_SSL_Cert:
          Master_SSL_Cipher:
             Master_SSL_Key:
      Seconds_Behind_Master: NULL
1 row in set (0.00 sec)

mysql> stop slave; SET GLOBAL SQL_SLAVE_SKIP_COUNTER=1; start slave;  

Query OK, 0 rows affected (0.00 sec)

Query OK, 0 rows affected (0.00 sec)

Query OK, 0 rows affected (0.00 sec)

June 21, 2013 Posted by | MySQL | , | Leave a comment

What is the difference between MD5 and SHA

MD5: 128-bit/16-byte digest. Somewhat faster than SHA.
SHA: 160-bit/20-byte digest. More secure because stronger against brute force attacks.

MD5 was developed by Professor Rivest (1994).
SHA (actually SHA-1) was developed by NIST (1994).

The MD5 algorithm is slightly cheaper to compute, however MD5 is currently very vulnerable to collision attacks. Similarly SHA1 will most likely be very vulnerable to collision attacks in a few years since there are now some attacks, security experts consider SHA1 broken since collision attacks are feasible.

The MD5 hashing algorithm uses a hash code which is 16 bytes long whereas SHA1 uses a hash code which is 20 bytes long.

This means that MD5 executes faster but is less secure than SHA1.

However, the security of both these algorithms has been compromised in recent years.

Cryptography Research has received many inquiries about the hash collision attacks that were recently announced at the CRYPTO 2004 conference. This document attempts to address these questions.

(This document was updated on February 16, 2005 to reflect new collision results reported against the SHA-1 algorithm.)

Q: What hash functions are now broken?
A: Collisions were announced in SHA-0, MD4, MD5, HAVAL-128, and RIPEMD. Antoine Joux presented the collision in SHA-0. The collisions against MD4, MD5, HAVAL-128, and RIPEMD were found by the Chinese researcher Xiaoyun Wang with co-authors Dengguo Feng, Xuejia Lai, and Hongbo Yu. (See http://eprint.iacr.org/2004/199.pdf.) In February 2005, an (as-yet unimplemented) attack against SHA-1 was reported by Xiaoyun Wang, Lisa Yiqun Yin, and Hongbo Yu that can find collisions in SHA-1 with an estimated effort of 2^69 hash computations.

Q: What is a collision attack and a preimage attack?
A: A preimage attack would enable someone to find an input message that causes a hash function to produce a particular output. In contrast, a collision attack finds two messages with the same hash, but the attacker can’t pick what the hash will be. The attacks announced at CRYPTO 2004 are collision attacks, not preimage attacks.

Q: What is the connection between digital signatures and hash functions?
A: All major digital signature signing techniques (including DSA and RSA) involve first hashing the data then signing the hash. Raw message data is not signed because of both performance and security reasons.

Q: How might an attacker exploit a collision attack?
A: To exploit a collision attack, an adversary would typically begin by constructing two messages with the same hash where one message appears legitimate or innocuous. For example, suppose the attacker (Charlie) discovers that the message “I, Bob, agree to pay Charlie $ 5000.00 on 4/12/2005.” has the same hash as “I, Bob, agree to pay Charlie $18542841.54 on 9/27/2012.” Charlie could then try to get Bob (the victim) to digitally sign the first message (e.g., by purchasing $5000 of goods). Charlie would then claim that Bob actually signed the second message, and “prove” this assertion by showing that Bob’s signature matches the second message.

Q: What are the implications of collision attacks for code signing systems?
A: Collisions can be a problem for systems that involve signed code. In particular, a collision attack can enable adversaries to construct an innocuous program and a malicious program with the same hash. For example, a trusted compiler/verifier might accept and sign the innocuous program, which could then be substituted for the malicious one. Collision attacks do not allow tampering with arbitrary programs; this would require a preimage attack. (Note: Java accepts MD5 hashes in signatures on JAR files, e.g. see http://www.hmug.org/man/1/jarsigner.html.)

Q: What are the implications for certificate authorities, such as those issuing SSL web server certificates containing MD5 or SHA-1 hashes?
A: Collision attacks do not enable tampering with existing certificates. There is, however, a concern that an adversary might be able to construct a valid certificate request that had a corresponding hash collision with a certificate conferring greater or different powers. For example, a devastating attack would be one that enabled adversaries to obtain a legitimate server certificate with a collision to one containing a wildcard for the domain name and an expiration date far in the future. The use of unpredictable serial numbers early in the certificate data structure may prevent such attacks, but further research is required. From a cryptographic perspective, the best solution to this problem is to transition away from MD5, but this is difficult since many CAs and software programs currently support MD5.

Q: Are all hash functions broken?
A: No. The new attacks affect specific hash functions which happen to share a related class of vulnerabilities. In particular, these attacks are all based on the neutral bit technique of Biham and Chen (see http://eprint.iacr.org/2004/146.ps). There is no evidence suggesting that strong hash functions cannot be constructed.

Q: How hard would it be to find collisions in SHA-1?
A: The reported attacks require an estimated work factor of 2^69 (approximately 590 billion billion) hash computations. While this is well beyond what is currently feasible using a normal computer, this is potentially feasible for attackers who have specialized hardware. For example, with 10,000 custom ASICs that can each perform 2 billion hash operations per second, the attack would take about one year. Computing improvements predicted by Moore ‘s Law will make the attack more practical over time, e.g. making it possible for a wide-spread Internet virus to use compromised computers to mount such attacks as well. Once a collision has been found, additional collisions can be found trivially by concatenating data to the matching messages.

Q: Do these attacks break HMAC using MD5 or SHA-1?
A: No. Because of the way hash functions are used in the HMAC construction, the techniques used in these recent attacks do not apply.

Q: Do these attacks allow somebody to break tools that use MD5 or SHA-1 to check for malicious binaries?
A: Not usually, as this would require a preimage attack. It would, however, be possible for someone to construct an innocuous program and a malicious program with the same hash. If this adversary could get the innocuous version on the “good” list (e.g. by having a trusted authority sign the hash value), the malicious program would also be accepted.

Q: What is the difference between SHA-0 and SHA-1? Is SHA-0 widely used?
A: SHA-0 was initially proposed in FIPS 180 (May 1993) as hashing standard by the U.S. government, but was replaced by SHA-1 in FIPS 180-1 (April 1995). SHA-1 adds an additional circular shift operation that appears to have been specifically intended to address the weaknesses found in SHA-0. SHA-0 is not widely used and should not be used in new systems. In light of the new attacks, careful consideration should be made before using SHA-1 in new systems.

Q: Is SSL 3.0/TLS affected by these results?
A: The SSL 3.0 protocol (which was co-authored by Cryptography Research President & Chief Scientist Paul Kocher) uses MD5 and SHA-1 in a redundant fashion in the handshake protocol and also supports MD5 HMAC. Neither use is affected by these attacks. While there is also some concern that signing authorities could be affected (see the question above on certificate authorities), certificate formats and procedures are beyond the scope of the SSL/TLS protocol.

Q: Can the problem be solved by updating hash function implementations to detect the messages that produce collisions?
A: No. The attack methods are general and enable the construction of additional collisions.

June 16, 2013 Posted by | Shell Script, Tips & Tricks, Unix/Linux | , , | Leave a comment

shutdown.bat

shutdown -t 120

# Shutdown within 2 Minutes.

June 11, 2013 Posted by | Shell Script, Windows | , | Leave a comment

open-browser.bat

cd c:\
cd Program Files\Internet Explorer
start IEXPLORE.EXE

cd c:\
cd Program Files
cd Mozilla Firefox
start firefox.exe

June 6, 2013 Posted by | Shell Script, Windows | , | Leave a comment

backup_via_system.bat

@echo off

REM ———
REM BACKUP
REM ———
ECHO ——————————————————-
ECHO CLOSE ALL PROGRAMS and APPLICATIONS NOW!!
ECHO ——————————————————-
ECHO.
ECHO Your hard drive is about to be searched for Documents,
ECHO Databases, Spreadsheets, and Email storage files.
ECHO.
ECHO All files of these types will be saved to
ECHO your REMOVABLE DEVICE in their original
ECHO directories\folders.
ECHO.
ECHO This will replace any previous backup on the
ECHO removable drive.
ECHO.

pause

echo %computername%
cd c:\
set mm=%date:~4,2%
set dd=%date:~7,2%
set yy=%date:~10,4%
mkdir e:\datasrv\%dd%-%mm%-%yy%
xcopy d:\datasrv\* e:\datasrv\%dd%-%mm%-%yy% /e /s /y

June 1, 2013 Posted by | Shell Script, Windows | , | 2 Comments