Siemens Dishwasher E-01 Error

by Süleyman Petek 18. Ekim 2016 08:54
This is a real life lessons learned issue, if you have a Siemens dishwasher and one day you see that

This is a real life lessons learned issue, if you have a Siemens dishwasher and one day you see that your machine does not work and gives the E-01 error, you first do what the service says to you. I have done also what they suggest. Somehow the problem did not leave me. Then another electricity device in the kitchen gave error ! The root cause was the fuse-box of the home, some cables were slack and because of that some cables were burned. We have get off a big trouble lightly by chance. So this error has gone when we replaced the fuse box... Keep in mind to check your fuse box at home regularly...

Tags: ,

Tip

Parse XML with Python

by Süleyman Petek 10. Haziran 2016 12:12
Here i am again with a small blog post, a life saver small Python script to parse your XML files.I s

Here i am again with a small blog post, a life saver small Python script to parse your XML files.

I suppose you have an XML file like below that you exported from some other tool ;

<schedule>
    <job name="www.mysite.com">
    <job name="www.mysite.com">
    ...
</schedule>

And you want to get all the "name" attribute values from the XML structure, then you can write Java or C Sharp or any other language to parse this file however i think Python is the easiest and the most speed one.

It is as short as below:

import xml.etree.ElementTree
f=open("jobs.txt","w")
e=xml.etree.ElementTree.parse('schedule.xml').getroot()
for atype in e.findall('job'):
f.write(atype.get('name')+"\n")
f.close()

I just create a .txt file here called "jobs.txt" and write all the job names to it.

Enjoy...


Tags: ,

Life Saver | Tip

Spotify Labs Puzzles -Medium- Solution with Java

by Süleyman Petek 9. Mayıs 2016 11:40
import java.util.*;public class SpotifyMedium {&amp;nbsp; &amp;nbsp; public static void main(String[] args)

import java.util.*;


public class SpotifyMedium {


    public static void main(String[] args) {       


        List<String> indata = new ArrayList<String>();


        System.out.println("Please enter the count of played times and name of the song with a one char gap...");

        System.out.println("e.g. 487 LetItBe");

        String line;

        Scanner stdin = new Scanner(System.in);

        while (stdin.hasNextLine() && !(line = stdin.nextLine()).equals("")) {

            String[] tokens = line.split(" ");

            indata.add(tokens[0] + ":" + tokens[1]);

        }


        System.out.println("Please enter the total song to select...");

        int totalSelect = Integer.parseInt(stdin.nextLine());

        stdin.close();


        String[][] songList = new String[indata.size()][3];

        for (int i = 0; i < indata.size(); i++) {

            String[] row = indata.get(i).split(":");

            songList[i][0] = row[0];

            songList[i][1] = row[1];

            songList[i][2] = String.valueOf(i + 1);

        }

    

        String[][] calculatedSongList = new String[songList.length][3];


        for (int i = 0; i < songList.length; i++) {

            for (int j = 0; j < songList[i].length; j++) {

                String zipValue = String.valueOf(ZipsLaw(songList.length, i + 1));

                String qualityValue = String.valueOf(SongQuality(Double.parseDouble(songList[i][0]), Double.parseDouble(zipValue)));

                calculatedSongList[i][j] = songList[i][j] + ":" + qualityValue;

            }

        }


        Arrays.sort(calculatedSongList, new Comparator<String[]>() {

            @Override

            public int compare(final String[] entry1, final String[] entry2) {

                String strObj1[] = entry1[0].split(":");

                String strObj2[] = entry2[0].split(":");

                

                Double obj1 = new Double(strObj1[1]);

                Double obj2 = new Double(strObj2[1]);

                int retval = obj2.compareTo(obj1);

                if (retval > 0) {

                    //System.out.println("obj1 is greater than obj2");

                } else if (retval < 0) {

                    //System.out.println("obj1 is less than obj2");

                } else {

                    //System.out.println("obj1 is equal to obj2");                    

                }

                return retval;

            }

        });


        int total = 0;

        for (final String[] s : calculatedSongList) {

            if (total < totalSelect) {

                System.out.println(s[1].split(":")[0]);

            }

            total++;

        }             

    }


    public static double ZipsLaw(double n, double i) {

        return (n * n) / i;

    }


    public static double SongQuality(double fi, double zi) {

        return fi / zi;

    }


}


Tags: , , , ,

Tech | Tip

Spotify Labs Puzzles -Easy- Solution with Java

by Süleyman Petek 5. Mayıs 2016 17:25
public static void main(String[] args) {&amp;nbsp; &amp;nbsp; &amp;nbsp; &amp;nbsp;&amp;nbsp;&amp;nbsp; &amp;nbsp; &amp;nbsp; &amp;nbsp;

public static void main(String[] args) {        

        int yourNumber; 

        Scanner in = new Scanner(System.in);

        System.out.println("Enter your number");

        yourNumber = in.nextInt();        

        

        if (yourNumber < 0) {

            System.out.println("Error: Less then Zero");

        } 

        else 

        { 

            System.out.print("Binary is: ");           

            toBinary(yourNumber);

        }

    }

 

    public static void toBinary(int int1){       

       System.out.println(Integer.toBinaryString(int1));               

       String b = new StringBuffer(Integer.toBinaryString(int1)).reverse().toString();       

       System.out.println("The reverse in binary format is: "+ b);                  

       int decimalValue = Integer.parseInt(b, 2);           

       System.out.println("The reverse decimal is:" +decimalValue); 

   }


For harder ones, please visit https://labs.spotify.com/puzzles/ (:

Tags: , , , , ,

Geyik | Innovation | Tech | Tip

How to call batch files via Python

by Süleyman Petek 10. Mart 2016 17:26
Gentle reminder for me and anyone who needs in the future, say that you have lots of .bat files and

Gentle reminder for me and anyone who needs in the future, say that you have lots of .bat files and you need to call them all.

You can do it via Python like below :


import glob  

import os 

os.chdir('c:\YourBatFiles')  

for filename in glob.iglob('*.bat', recursive=True): 

print(filename)

os.system(filename)


Tags:

Tech | Tip

Cleaning SQL Server Database - Script

by Süleyman Petek 20. Ocak 2016 11:09
Sometimes you work with a database and you may come with a garbage on your database while you are tr

Sometimes you work with a database and you may come with a garbage on your database while you are trying different architectures in your mind. This is usual but when it comes to tidy up the db,sometimes it is hard  to find and delete all assets on db. This is a script that will  save your time, enjoy...


/* Drop all non-system stored procs */

DECLARE @name VARCHAR(128)

DECLARE @SQL VARCHAR(254)


SELECT @name = (SELECT TOP 1 [name] FROM sysobjects WHERE [type] = 'P' AND category = 0 ORDER BY [name])


WHILE @name is not null

BEGIN

    SELECT @SQL = 'DROP PROCEDURE [dbo].[' + RTRIM(@name) +']'

    EXEC (@SQL)

    PRINT 'Dropped Procedure: ' + @name

    SELECT @name = (SELECT TOP 1 [name] FROM sysobjects WHERE [type] = 'P' AND category = 0 AND [name] > @name ORDER BY [name])

END

GO


/* Drop all views */

DECLARE @name VARCHAR(128)

DECLARE @SQL VARCHAR(254)


SELECT @name = (SELECT TOP 1 [name] FROM sysobjects WHERE [type] = 'V' AND category = 0 ORDER BY [name])


WHILE @name IS NOT NULL

BEGIN

    SELECT @SQL = 'DROP VIEW [dbo].[' + RTRIM(@name) +']'

    EXEC (@SQL)

    PRINT 'Dropped View: ' + @name

    SELECT @name = (SELECT TOP 1 [name] FROM sysobjects WHERE [type] = 'V' AND category = 0 AND [name] > @name ORDER BY [name])

END

GO


/* Drop all functions */

DECLARE @name VARCHAR(128)

DECLARE @SQL VARCHAR(254)


SELECT @name = (SELECT TOP 1 [name] FROM sysobjects WHERE [type] IN (N'FN', N'IF', N'TF', N'FS', N'FT') AND category = 0 ORDER BY [name])


WHILE @name IS NOT NULL

BEGIN

    SELECT @SQL = 'DROP FUNCTION [dbo].[' + RTRIM(@name) +']'

    EXEC (@SQL)

    PRINT 'Dropped Function: ' + @name

    SELECT @name = (SELECT TOP 1 [name] FROM sysobjects WHERE [type] IN (N'FN', N'IF', N'TF', N'FS', N'FT') AND category = 0 AND [name] > @name ORDER BY [name])

END

GO


/* Drop all Foreign Key constraints */

DECLARE @name VARCHAR(128)

DECLARE @constraint VARCHAR(254)

DECLARE @SQL VARCHAR(254)


SELECT @name = (SELECT TOP 1 TABLE_NAME FROM INFORMATION_SCHEMA.TABLE_CONSTRAINTS WHERE constraint_catalog=DB_NAME() AND CONSTRAINT_TYPE = 'FOREIGN KEY' ORDER BY TABLE_NAME)


WHILE @name is not null

BEGIN

    SELECT @constraint = (SELECT TOP 1 CONSTRAINT_NAME FROM INFORMATION_SCHEMA.TABLE_CONSTRAINTS WHERE constraint_catalog=DB_NAME() AND CONSTRAINT_TYPE = 'FOREIGN KEY' AND TABLE_NAME = @name ORDER BY CONSTRAINT_NAME)

    WHILE @constraint IS NOT NULL

    BEGIN

        SELECT @SQL = 'ALTER TABLE [dbo].[' + RTRIM(@name) +'] DROP CONSTRAINT [' + RTRIM(@constraint) +']'

        EXEC (@SQL)

        PRINT 'Dropped FK Constraint: ' + @constraint + ' on ' + @name

        SELECT @constraint = (SELECT TOP 1 CONSTRAINT_NAME FROM INFORMATION_SCHEMA.TABLE_CONSTRAINTS WHERE constraint_catalog=DB_NAME() AND CONSTRAINT_TYPE = 'FOREIGN KEY' AND CONSTRAINT_NAME <> @constraint AND TABLE_NAME = @name ORDER BY CONSTRAINT_NAME)

    END

SELECT @name = (SELECT TOP 1 TABLE_NAME FROM INFORMATION_SCHEMA.TABLE_CONSTRAINTS WHERE constraint_catalog=DB_NAME() AND CONSTRAINT_TYPE = 'FOREIGN KEY' ORDER BY TABLE_NAME)

END

GO


/* Drop all Primary Key constraints */

DECLARE @name VARCHAR(128)

DECLARE @constraint VARCHAR(254)

DECLARE @SQL VARCHAR(254)


SELECT @name = (SELECT TOP 1 TABLE_NAME FROM INFORMATION_SCHEMA.TABLE_CONSTRAINTS WHERE constraint_catalog=DB_NAME() AND CONSTRAINT_TYPE = 'PRIMARY KEY' ORDER BY TABLE_NAME)


WHILE @name IS NOT NULL

BEGIN

    SELECT @constraint = (SELECT TOP 1 CONSTRAINT_NAME FROM INFORMATION_SCHEMA.TABLE_CONSTRAINTS WHERE constraint_catalog=DB_NAME() AND CONSTRAINT_TYPE = 'PRIMARY KEY' AND TABLE_NAME = @name ORDER BY CONSTRAINT_NAME)

    WHILE @constraint is not null

    BEGIN

        SELECT @SQL = 'ALTER TABLE [dbo].[' + RTRIM(@name) +'] DROP CONSTRAINT [' + RTRIM(@constraint)+']'

        EXEC (@SQL)

        PRINT 'Dropped PK Constraint: ' + @constraint + ' on ' + @name

        SELECT @constraint = (SELECT TOP 1 CONSTRAINT_NAME FROM INFORMATION_SCHEMA.TABLE_CONSTRAINTS WHERE constraint_catalog=DB_NAME() AND CONSTRAINT_TYPE = 'PRIMARY KEY' AND CONSTRAINT_NAME <> @constraint AND TABLE_NAME = @name ORDER BY CONSTRAINT_NAME)

    END

SELECT @name = (SELECT TOP 1 TABLE_NAME FROM INFORMATION_SCHEMA.TABLE_CONSTRAINTS WHERE constraint_catalog=DB_NAME() AND CONSTRAINT_TYPE = 'PRIMARY KEY' ORDER BY TABLE_NAME)

END

GO


/* Drop all tables */

DECLARE @name VARCHAR(128)

DECLARE @SQL VARCHAR(254)


SELECT @name = (SELECT TOP 1 [name] FROM sysobjects WHERE [type] = 'U' AND category = 0 ORDER BY [name])


WHILE @name IS NOT NULL

BEGIN

    SELECT @SQL = 'DROP TABLE [dbo].[' + RTRIM(@name) +']'

    EXEC (@SQL)

    PRINT 'Dropped Table: ' + @name

    SELECT @name = (SELECT TOP 1 [name] FROM sysobjects WHERE [type] = 'U' AND category = 0 AND [name] > @name ORDER BY [name])

END

GO

Tags:

Life Saver | Tip

Fast Flux Domains

by Süleyman Petek 30. Kasım 2015 12:25
According to Wikipedia : &quot;Fast flux&amp;nbsp;is a&amp;nbsp;DNS&amp;nbsp;technique used by&amp;nbsp;botnets&amp;nbsp;to h

According to Wikipedia : "Fast flux is a DNS technique used by botnets to hide phishing and malware delivery sites behind an ever-changing network of compromised hosts acting as proxies." When a domain of a fast flux network is resolved, it returns more than one IP addresses. These domains continuously changes the IP address order that the domains are returned, this technic is called round-robin. The HoneyNet project provides a deep information about this issue : Know Your Enemy (http://www.honeynet.org/papers/ff)

It will be more effective to realize fast flux networks otherwise you will just waste your time blocking each IP address for them. Instead, blocking  the domain would be much more intelligent.

The fast flux domains will return several IP addresses when you resolve them or may return only one address but change it frequently.

How can we catch it ? 

A German security company BFK will help us at first step : http://www.bfk.de/bfk_dnslogger_en.html The BFK query page will allow us to query for passive DNS services.It is obvious that passive DNS search results will return many IP addresses for a fast flux network domain. If your search results contains dozens of different IP addresses, you can say that the domain you searched is a member of a fast flux domain.

We have another way  to check the status, that is checking the TTL value. If the TTL value is very low and the hostname is changing the IP address very quickly, it can be said that a fast flux domain. The value of TTL is zero means DNS server are not caching the IP addresses. You can use "dig" in Linux to find the TTL value of a domain.



Tags:

IT Security | Awareness | Malware | Malware Analysis | Web Defense

DevOps 101

by Süleyman Petek 18. Ekim 2015 19:27
Yet another trendy word in IT world is &quot;DevOps&quot;. It is an abbreviaton for Development and Operations

Yet another trendy word in IT world is "DevOps". It is an abbreviaton for Development and Operations. At first look it seems like that it is the combination for Development and Operations as it's name but we should see it as a cultural change. It is not a new technology or a product. This cultural change requires development teams to accept feedbacks from operation teams and consecutively operation teams need to accept frequent updates from development teams. Adapting to the new style of business requires IT to be effective at managing risk while moving faster.

 

The combination of speed and effectiveness helps make businesses more agile. DevOps overlaps with Agile in the concepts such as Individuals, Interactions and Collaboration. DevOps extends Agile approaches and applies them to the whole organization, not only the development process. Only creating a team called "DevOps" or renaming an existing team to "DevOps" just to check off an item on a checklist  is  neither  necessary  nor  sufficient  for  creating  a  DevOps culture. If  your organization is in a state where the development and operations teams cannot communicate with each other, an additional team adds the potential for more communication issues. (n*(n+1))/2 communication paths, remember.

It is grounded in a combination of speed, efficiency and quality methodologies: 

  • Agile software development
  • Lean Manufacturing 
  • Kaizen 
  • Six Sigma

What DevOps brings to you ?

  • Speed in Release Cycle
  • Shorter Delivery Times 
  • Unified Tools and Process 
  • Integration among different teams
Communication, Integration and Collaboration are the keywords. In order to implement Devops, first of all you should break down the barriers between teams, give people shared responsibilities, focus on business not the technology and build trust in everything.

We can list DevOps principles like below;
  • Culture
  • Automation
  • Measurement
  • Sharing
and we can list DevOps practices ;

  • Version Control For All
  • Automated Testing
  • Proactive Monitoring and Metrics
  • Kanban/Scrum
  • Visible Ops/Change Management
  • Configuration Management
  • Incident Command System 
  • Continuous Integration/Deployment/Delivery
  • Virtualization/Cloud/Containers
  • Transparent Uptime/Incident Retrospectives

Find ways to collaborate and involve others early, find ways to automate and make self service, become metrics driven, metrics are your friend, demand measurable outcomes, learn new things, fail fast, continually improve, understand the larger business goals, metrics, and priorities you support. Communicate, be open and honest and build on small successes to gain broad support for more substantive change. Finally, align roles and responsibilities across groups, enable collaboration.

Tags: , , ,

DevOps

Securing The Internet of Things

by Süleyman Petek 28. Eylül 2015 20:30
Internet of things aka &quot;IoT&quot; is a very popular word recently. Many large companies are investing abo

Internet of things aka "IoT" is a very popular word recently. Many large companies are investing about this issue. We can also say that another popular word "Big Data" is overlapping with IoT. The architecture of the original Internet was created long before communicating with billions of simple devices such as sensors and appliances was ever envisioned. The upcoming explosion of these simple devices creates gorgeous challenges for the current networking paradigm. The scope and range of the devices to be connected are huge and the connections to the edges of the network where these devices will be setup will be low-speed, lossy and by snatches. Within a few years, devices on the IoT will overdose human beings on the planet and the number of devices will continue to grow.

Here are some basic design guidelines;

  • It should specify as little as possible and leave much open for others to innovate.
  • Systems must be designed to fail gracefully seeking not to eliminate errors, but to accommodate them.
  • Graduated degrees of networking functionality and complexity are applied only where and when needed.
  • The architecture is created from simple concepts that build into complex systems using the analog provided by natural phenomena.

There are many products on the market today under the label of IoT with the lack of  basic security architectures. It is very easy for a knowledgeable person to take control of devices for malicious purposes. The management knows how to manage known risks but they don't know how to measure them in the field of IoT and computer communication. We can list the attack types as:

  • Denial of Service
  • Breaking the Stored Credentials / Guessing the Credentials
  • Man in the Middle
  • Network Sniffing
  • Port Scanning / Web Crawling
  • Search Features & Wildcards
And how can we protect ourselves ?
  • Virtual Private Networks
  • Certificates & Encryption
  • Authentication of things


According to the HP Fortify 2014 IoT Security report
  • Six out of 10 devices that provide user interfaces were vulnerable to a range of issues such as persistent XSS and weak credentials
  • 70 % of devices used unencrypted network service
  • 90 % of devices collected at least one piece of personal information via the device, the cloud, or its mobile application
  • 60 % raised security concerns with their user interfaces
etc.

You can also check the OWASP for IoT as they list the top 10 for 2014 as below

  • I1 Insecure Web Interface
  • I2 Insufficient Authentication/Authorization
  • I3 Insecure Network Services
  • I4 Lack of Transport Encryption
  • I5 Privacy Concerns
  • I6 Insecure Cloud Interface
  • I7 Insecure Mobile Interface
  • I8 Insufficient Security Configurability
  • I9 Insecure Software/Firmware
  • I10 Poor Physical Security

Tags: , ,

IT Security | Awareness | Tech | Internet Of Things

On behalf of September 14, 2015 (:

by Süleyman Petek 15. Eylül 2015 21:52
As i promised last night on #developersTube, i think i have to give some little information for our

As i promised last night on #developersTube, i think i have to give some little information for our friends who are interested in Software Security...

First of all, the links to be followed below :

  • https://www.owasp.org
  • http://www.webguvenligi.org
  • http://www.scmagazine.com
  • https://packetstormsecurity.com
  • http://www.tripwire.com/state-of-security/topics/latest-security-news/
  • https://www.fireeye.com/blog.html
  • http://null-byte.wonderhowto.com
  • http://www.securityweek.com
Then the tools;

For static analysis:
  • HP Fortify
  • Checkmarx
  • IBM Appscan
For dynamic analysis:
  • Netsparker
  • HP Webinspect
  • Nikto

I would like to thank again Burak Selim Şenyurt for this kindly conversation
and for those who have missed it, enjoy...


Tags:

IT Security | Awareness | Secure Coding | Web Security

Calendar

<<  Aralık 2016  >>
PztSalÇarPerCumCmtPaz
2829301234
567891011
12131415161718
19202122232425
2627282930311
2345678

View posts in large calendar

RecentPosts