Category Archives: Geekery

Are your servers vulnerable to Shellshock?

I’ve put together a simple script to check your Linux systems for vulnerability to the BASH “Shellshock” exploit.

Specifically CVE-2014-6271, CVE-2014-7169, and CVE-2014-7186.

SSH into your server and run the following commands;

wget http://tank.uqdc.com/scripts/shellshock-test.sh
chmod +x shellshock-test.sh
./shellshock-test.sh

To patch your system, if you are running Debian “Squeeze” you will need to add the following to your /etc/apt/sources.list;

deb http://http.debian.net/debian/ squeeze-lts main contrib non-free
deb-src http://http.debian.net/debian/ squeeze-lts main contrib non-free

Then run the following;

apt-get update
apt-get install debian-archive-keyring

If you are running Debian “Wheezy” or above, simply do;

apt-get update
apt-get install --only-upgrade bash

Then run “shellshock-test.sh” again to check that all is patched.

Quickly setup Click to Dial via VoIP SIP PBX on Windows

Here’s a super quick way to get click to dial working on Windows, via your VoIP/SIP phone system (in-house, or hosted).

Before you start, you will need the SIP domain, outbound proxy, and extension credentials. These are the same details you would typically need when configuring a physical SIP phone or soft phone.

Start by downloading my Click2Dial installer, all I’ve done here is packaged the various components you will need to get this working into a single installer file.

  • Hamlesh’s Click2Dial – 32bit – 694KB – Download
  • Hamlesh’s Click2Dial – 64bit – 709KB – Download

You will need to reboot your computer, the modules won’t be loaded until you reboot.

Once you’ve rebooted, go into Control Panel, then Phone and Modem.

You will probably get asked to configure your regional dialling settings – just specify your area code and click OK.

  • Select the Advanced tab and click Add
  • Select the “SIPTAPI Service Provider” option and click Add
  • You will return to the provider list, select SIPTAPI and Configure

  • You will need to configure your extension details, just like configuring your desk/soft phone
  • Click Apply and Ok, and return to your desktop

Assuming the details you’ve specified are correct for your phone system, making calls should now work.

Testing

You can either use Dialer.exe built into Windows, or the command line dialler that my Click2Dial package has installed for you (this method is far more slick).

Using Dial.exe to initiate calls

Click Start > Run > “dial PHONENUMBER“, you can either specify another extension or any normal number you’d like to call. Your desk phone should start to ring, answer and your phone system will begin to dial the PHONENUMBER you’ve specified.

Creating shortcuts to quickly initiate calls

Next create a shortcut on your desktop, right click on your desktop, New > Shortcut, type in “dial PHONENUMBER“, Click Next, and name the shortcut something relevant eg: “Call Bob” (if PHONENUMBER is Bob’s). Double click shortcut, and your desk phone should start to ring.

Now, you can further tweak things, right click on your new shortcut, select Properties, Change Icon, Browse, and in your C:\Windows\ directory you should see dial_home, dial_mobile, and dial_work icon files, pick one, Apply and Ok.

Calling directly from Outlook

You can also trigger calls directly from your Address Book in Outlook.  There are issues with Outlook 2013 and the “People” view, which I haven’t found a work around for, however opening the contact card via the Address Book will work.

If you’ve found this post useful, please post some feedback.

I’ve only tested this on a 64bit system – if you’re on a 32bit system, I’d appreciate some feedback, either post a comment or @hamlesh on twitter.

OpenVPN on iPhone iPad without jailbreaking

Earlier this morning the guys and girls at OpenVPN announced that their “Connect” app has finally been approved by Apple and is available in the App Store!

Screen Shot 2013-01-17 at 17.30.40

Its long overdue, but finally those of us that don’t like the idea of jailbreaking our devices (or don’t want “faff”), can finally connect to OpenVPN end points from our iOS devices :)

This is such good news, that I felt it should be shared :)

Track and graph your Inbox

We spend a lot of time looking at what makes us different from each other, rather than recognizing our similarities.  One commonality we share is “intention mismatches”, where we know and want to “be better at” doing a regular/repetitive task, but yet rarely do, in a focused and sustained manner.

For me, like most of my network, my biggest pain is caused by “daily email management”.  Checking for email, reading emails, taking action on emails, and deferring those that need “to be thought about”.  Lots has already been written about email management tactics (Inbox Zero, 43folders, etc), I’m not rehashing any of that with this post, merely setting some context as to how this came about.

Another commonality is how we are typically triggered to take action, and how we measure ourselves.  Measurements need to be taken regularly and automatically.  Across my various business interests, when we log, graph and display the number of open tickets overtime, the support team are automatically motivated in a very different way to resolve tickets as quickly as possible.  This gives us empirical metrics of how we are doing over time, are we improving, etc.

 

Graphing Inbox

For a while now, I’ve been looking for an automated way to log and graph the number of items in my Inbox.  There are lots of web services out there that have this ability as part of a more complex set of features.  I didn’t want all the other fluff, just the pure metric of “Items in mailbox over time”, and I definitely did not want to be giving access to my mailbox to any sort of cloud/hosted/web service – I needed a self hosted solution.

So, I’ve built my own, and I’ve published the code on github, so you can run your own version.

 

Graphing my Inbox using GraphMailbox

The graph above is live, and generated by;

<iframe src=”http://hamlesh.com/graphbox/24hours.php” frameborder=”0″ width=”576″ height=”300″>

GraphMailbox uses php_imap to connect to your IMAP server (you can use POP, GMAIL etc too), and logs the number of items into a mysql database.  The graphs are generated using the Google Chart API.  You set the frequency at which the logging happens, mines set to every hour.  You can then construct pages to generate specific graphs, and embed them in pages as iframes.  I’ve included my two graph pages in the code repository, and I’ll add more over time as I dream them up, or based on feedback. For example, this is the 30 day view of my inbox (tracking only started on the 20th Sept 2012).

Feel free to grab the code from github, deploy it, modify and improve on it.  Please fork the github repository, and push changes, any added features etc back to the repo.  If you find this useful, and build on it, no doubt someone else will – commonalities :)

 

The End Game

As interesting as it is to have these metrics, this actually becomes more useful as a triggering mechanism.  The graph for my personal mailbox is now on my desktop dashboards, so I am constantly and subconsciously reminded of how I’m doing.

Lets see if this helps clear the backlog, lets me get to inbox zero, and this time, stay there!

 

How else could these metrics be useful?

There are some features I want to add, and I’ll build in over time.  Such as support for multiple mailboxes, and multiple folders, from the same instance.  The way this is currently built, you’d have to run another instance and db for additional mailboxes/folders.  I’m already doing this (through multiple instances), you can see that here: http://hamlesh.com/mailstats.  I’d also like to add more charting options, and test/document more ways of connecting to mail servers.

How else could these types of metrics be applied?  What would make this more useful to you?

As always, interested in your feedback.