Sanity Insanity and Moi

I have been thinking for a long time that i need to write about this tool that i found. Its quite interesting that this tool is really helpful in automating many of the routine sessions that i as a tester came across. This is by far the best automation tool that i found for telnet sessions.

Imagine these scenarios :

• You need to do BSO authentications frequently when you switch networks
• Get intermittent logs from the server for analysis
• Run automated tests on remote systems (something which i have started to call as run-and-forget)
• stuck in traffic…no way
  

Lets get into what this tool is and how to use it.

The tool is for windows (one of the things that i felt bad). To make use of this tool, u will need the exe file, i.e., tst10.exe and an input commands file. The input file will has the first line as the hostname/IP and port, which is followed by alternating SEND and WAIT commands.

Consider this example. I need to connect to a server of IP - 192.168.1.100, where a telnet service is running at PORT - 2300. This is how my script/input file will look like :

192.168.1.100 2300
SEND "\m"
WAIT "login:"
SEND "admin\m"
WAIT "Password:"
SEND "admin1\m"
WAIT "s1#"
SEND "co\m"
WAIT "s1(config)#"
SEND "show load; show cpu\m"
WAIT "s1(config)#"

“\m” = \n in C/PERL/Java/most programming langunages = CR or in non-techie terms “Enter”. SEND, sends the commands to be executed and the WAIT that follows tried to match the string in the output of the SEND commands before it.

How to run it?. There are 2 ways to do it. You can open up the command prompt navigate to the directory where the files are and then issue this command -

tst10.exe /r:IN /o:OUT

where IN is the input file and OUT stores the complete output of the session, so that you can skim through the file and have a look at what happened. OR, put the command in a batch file and double click it every time you need to run it.

Here is the screen capture -

TST10 Screen Capture

How is it different from Net::Telnet module of Perl or something similar in TCL or Python? Think about it.

• Time to write the code - 30min to ? depending upon how complex the situation is
• Trying to match the output to with REGEX, which means that you need to spend time in coming up with the right regex. Now you have 2 problems in hand
• Testing time to make sure that the script is robust enough

So this is perfect! NO. This doesn’t work for ssh sessions. Since telnet is getting substituted by ssh in most of the servers due to the secure nature of the connection its kind of difficult to fit it in a normal installation of Linux. I’m not sure about the telnet-ssh thingie happening in Solaris or any of the other servers.

Is there something like this for Linux? No. Hey, but look at it this way. Its some relief for us on windows platform for scripting.

You can build complex automatons with this combined with a little bit of Perl and Outlook. Here is one typical scenario that i made and which i have presented as a white-paper.

• Outlook has a setting that detects for incoming mails with a specific subject line.
• When the mail comes it evokes a Perl script.
• The Perl script will go ahead an call the TST’s batch file, which initiates the TST10 session, connects to the remote server starts/runs the automation. The output will be stored in OUT file
• The Perl script will skim the OUT file for any errors reported during the run.
• Then it calls an FTP script that will go ahead and get the log files from the remote system
• The log files are read, the results extracted and neatly formatted into mail and send to the required email-ids

sounds complex, but this script gave me enough time to hut for a new job and quit the previous employer.

Who wrote this? Someone by the name of Albert Yale. His home page is - http://ay.home.ml.org/, sadly the site is no longer online.

What happened to the white-paper? It got rejected , humor was not the order of the day.

Download TST10 : tst10.exe | tst10.zip

How cool can it get. On the very first day at office you get to do things that you just simple love doing?

The Case : A page is displayed with a certain width in IE. But is taking the whole width in Fx …

Sounds familiar ? They where about to tag it as an Fx bug. Wait a sec!!! That’s not a BUG in Fx. Its just the way Fx is handling things. Pop in some things i read at Joel’s blog - Martian Headsets. Voila!!! all agree that its not a bug… :). I’m happy, they are happy …

Here is my simple explanation :

Its all with the implementation difference of the two browsers.

In US you drive on the right side of the road. Hence all cars are left-hand drive.

Bring the same car to UK/India where we drive on the left side of the road, things seem to be a bit mixed up. You car is not buggy nor is the law in place. Cars are always designed to place the driver towards the center of the road. in UK it has to be the right side of the car, but in US it has to be the left side. There is no way out.

Why is there this problem? Coz all the countries doesnt have the same traffic rules. They have some basic guidelines in place and have the law built around it to match them. Simple!!!

To solve these confusions. Own a McLaren F1 car. It has a 3-seat setup, with the driver in the center. You never will have problem again. Just that you would have to be filthy rich ..

I will try not to be too much biased against Windows. But will like to point out what is wrong.

Hearing the news of the Demo/Preview/Debut of Windows 7 at D6 conference by Microsoft VP Julie Larson-Green, my first reaction was, Oh NO not again!!!

I had my concerns. Microsoft has been stealing the show with its sleeky looks and publicity. If there is somebody at the market that can sell a rickety old-bus just by repainting it, its Microsoft.

Though all the other OS-es has evolved with age, windows simply refuses to budge more or less. The system requirements just to run a basic version of their latest OS takes more than twice the power that is required to run the latest Open Source OS. The fact remains that will less overhead the Open Source counterpart gives the looks and the WOW-ness.

How far can they drive along by just adding the new features without correcting the basic problems.

XP came and by the time people got adjusted to the response time, reaction time and usability, Vista was born. Now why the hell do i have to go for double the configuration for a new OS. Then again i will be doing the same things but that is going to add another transition phase in my life. From my own personal experience, the very simple task of setting an IP which took 4-5 clicks in XP, took me 5-10min in Vista just to figure out how to get the Properties window. Though basic functionality of an OS that the user looks for needs to be kept the same across versions, Microsoft fails to comply.

If the new version is going to be more user friendly than its previous one, why do you still need to pack the age old Win-98 looks with XP? They need to realize what the other OS-es in the market are doing different to keep things abreast with feature improvements, usability and performance.

At this point they just need to stop stuffing in features into an OS. It more or less looks like a huge american burger. A bite at one end will have half of the things falling out of the other end. By the time you get used to the new tasty burger in comes a new version double the size.

For mySpace Session update see here-

So this is what is happening at BCB6

Technorati Tags - barcampbangalore6 and barcampbangalore

Finally the Session has started …

Technorati Tags - barcampbangalore6 and barcampbangalore

Picture this about a laptop

It comes for as low as $299, ie Rs. 12K. Most expensive is $499, ie Rs.20k
Fully-featured laptop costs $69 less than the 16 GB Apple iPod Touch.
It’s $100 less than an Amazon Kindle e-book reader
It runs Linux (Xandros running KDE)- which is $30 less than Amazon.com’s discounted price for Microsoft Windows Vista Ultimate
They first in market with flash based storage.

Now thats a laptop that i would buy soon. (Just dont ask how soon ’soon’ is, as i’m known for procrastinating)
This makes ASUS Eee PC hated by, well lets just say every major company. Now that includes - Microsoft, Apple, Dell etc. and Azuztek a.k.a Azuz the most hated IT company as of now.
Intel loves them coz they are running a Celeron processor.
Is this going to hurt OLPC after the Intel back-out? I dont know and frankly i cant just about predict or speculate anything about the OLPC project. Their $100 laptop is now priced at $200 and now without Intel … i just cant make out anything.
[Source of news - http://itmanagement.earthweb.com/]
[Image source - engadget]

Creativity has no limits and the fact that people can go to any extend to infect you machine with malware, let me say comes as a total relief. After people has spend dollars securing their machine with the latest spyware remover, anti-virus, pop-up blocker and all the shit that you can get you hands on, there is no stopping a curious browser who downloads some thing and authorizes it to do some operation and ends ups in a deeper shit that he was before.

We all love torrent. The countless torrent files that you looked up on the net to download your favorite movie, would have at least made you thin, what you would have done with out those torrent sites. Its the same feeling you get when you thank George Bush for the oil that he is bringing in from Iraq and Kuwait.

So when some thought of the idea of infecting your machine with the help of torrent download and get paid $3 for doing so , has to be credited with the ingenuity of the idea. Here is the whole scenario.

You download a movie (most of the reports came up with the latest movies like Hitman, Beowuf, National Treasure : Book of Secrets) or an episode of your favorite series on TV. When you try to play it it says

“This video can only be played in DomPlayer, Visit Download.Domplayer.Com“

Like any other desperate downloader you visit their site :

Pretty neat site of a movie player, compared to VLC Player and Real Player. So you go and download the player, the Download button is right in front of you. So whats the big deal. Go ahead download the file… At this point i got suspicious and thought hey i never heard any of my friends talk about such a player, instead of installing it at the home PC (Windows XP), let me try to get an installer/player for Linux. That way its safe and its my Laptop, if anything gets screwd up i can just install all over again. Big Deal!!!

Web searches got me to couple of forums here and here. They talked about another player 3wPlayer by Wildman Productions(i have no idea who the hell they are).

In fact the real deal here is as reported from Best Security Tips is DOM Player says its clean but you call them up and pay them to activate the attack on your P. If that doesnt work they ask you to download 3wPlayer. Which is another piece of shit and load the malware to the PC free of charge.

Now that is a cool idea. You get paid to get infected like the way you paid to get protected. Over that you download movie files (AVI files) which might be renamed porno movies.

Security is still a big issue in India. Since there are terrorists ready to blow up anything here, we must be aware of the fact that we are vulnerable and take all means in avoiding it. Of lately when the security measures in my company was stepped up, many employees expressed dissatisfaction and where highly irritated. Sadly they dont realize the threat. They all complained that the Security at the main gates and buildings scrutinized their belongings and treated them equally like terrorists. To a mail sent by my colleague to the Security in charge, part of the reply went like this

… We (the security and the company) are not bothered about what the employee takes unauthorized from the company(hardware and documents). But more worried about the a much more grave situation… The attack at IISc Bangalore was first planned against IT companies as they (Terrorists) realize that a well planned strike at the heart of the Silicon Valley of India, will send India’s market crashing and the country will be in a chaos in no time. Sadly our company was also in their list. They were outside our gates, looking at every move and they found the security tight even for a normal employee. Thus we were spared. Else the AKs would have gone in any of the leading IT company…

A normal Techie, works from 8-to-8 and is completely oblivious to much of the things shaping up in the outside world, spare may be Bipasha’s curves or SRK’s Abs. He doesnt realize that the Bad Guys have really turned ugly and they are recruiting Graduates and Post Grads, like most IT companies, to do the dirty job (both ways its true for the Terror Organization and IT Company). I was surprised one Monday morning when i was asked to stop at the gates and the security guy checked my ID to verify its me. After 2 years, that day i entered the campus a bit happy, coz i found the Security doing their job properly.

Sadly, the fact is, the Security at majority of the IT Companies are a bit inadequate. They in most of the cases doesn’t realize the force they are up against. Everyday i see the security at all the companies on my way to office and i bet i can breach their physical security. I dont know why i do that. But i like doing it. Every time i face a security at a gate, i think of a way of beating him without raising the slightest suspicion.

Leave alone the physical security, its the Cyber age and are we prepared against an attack via the net. No!!! Network security, if you look at most of the intranets, is getting internally compromised by the employees. Simply coz a fair number of people will click the “You won a million dollars“, flashing ad on a web page. In most of the case, that will lead to a pornographic site, at times they open up the pandora’s box for the network of the company. E-mails in particular can bring a network down. A well placed attachment asking the user to open it is more than required. Remember “I love you” or you dont coz you remember it as what your lover told you.

I have had friends approach me saying “I think my damn system is affected with virus. I have the latest in anti-virus updated everyday, the latest pop-up blocker (how did that ever block a virus), a bazooka and an entire army guarding my system… but still. Damn windows … its all because of Windows.” Let me tell you there is nothing wrong with Windows (may be not entirely and probably this will be the only time i’ll be talking for Windows and Microsoft), what is wrong is YOU. Couldn’t resist visiting the site that flashed “Sexy savvy teens… going dirty…”, or couldnt resist opening the attachment that told you how to increase what ever you have or may be had. Think before what you click on or open. They are out there to make money and they will make it any way possible.

Knowing all this what can you do … if u cant make that out by your self, then how lame are you???

“How lame are you???”, the words that lead the world’s biggest Hacker Kevin Mitnik to his fall.

l33t What is it?
Ans : An Evil Programming Language By Stephen McGreal and Alex Mole

Thats the info given in the site, before getting into the details what exactly is an Leet? Or what is this 31337 or 1337 or l33t ??? Confused.
It was a form of language based on english developed so that the ‘elite’ geeks can have their way around on chats …

Wikipedia has a sample chart -

Now talking about the Programming Language. Here is something ripped off right from the site which, errr explains almost everything needed.

1ph +#4= \X/a$ /\/0+ 3/\/0(_)6#, The following is the first ever functioning program written in l33t. It loops forever, printing all 255 ASCII characters, and takes the form of a short insulting rant about geeks:

Adding on here is the snapshot of Google’s H4×0r page

One thing that is good about Linux is that, it can run for a long time with out ever restarting. The same doesnt apply to windows.Given a good PC in a decent condition., it takes 2 min for the PC to boot up.

The article -Restarting Windows Without Restarting Your PC (Vista or XP), says that 30 sec of the time is for the BIOS to boot up, but why do you need that in the first place to reboot. So restart the PC with out restarting the BIOS - just hold down the Shift key while invoking Restart<Codejacked - Restarting Windows Without Restarting Your PC (Vista or XP)

Windows Vista: Select Start, then hover over the right arrow that is to the right of the padlock icon until the pop-up menu appears that contains “restart” as one of it’s choices. Hold down the SHIFT key while clicking on the “restart” choice.

Windows XP: Select Start. Select “Shut Down…”. Change the drop-down combo box under “What do you want the computer to do?” to “Restart”. Hold down the SHIFT key while clicking on the “OK” button.