ASM on Linux – ASMlib, Multipathing etc

This blog is about how to setup ASM on Linux. 

Note: This content is heavily borrowed from the excellent blog at 

Automatic Storage Manager is Oracle’s alternative to Veritas Volume Mgr and Veritas File System.  It allows DBAs to manage their own diskspace.  It also takes away some of the complexity that used to surround performance when the DB wrote to disks using drivers that were written mostly with filesystems and files in mind rather than tiny writes scattered across large, raw binary files and read in an equally randomly.

Features of ASM

  •  Raw-disk performance

What does this mean? ASM provides high-performance reads and writes to disk. It treats the disks as raw to bypass the caching and write-grouping features of the OS. This gets files onto and off of the disk faster.

  • ASM (when configured with ASMlib) provides a consistent disk name. 

Linux names disks based on the order that it sees them at boot time. In Linux, we are not guaranteed that the disk named /dev/sdg will always be known as /dev/sdg. If a disk in the middle dies or is slow to respond to the OS probe … oops it’s now a different disk. (Imagine you referred to your kids in the order they came downstairs in the morning:  “Kid1 wants oatmeal…”  By contrast Solaris maps /dev/dsk/c0t0d0 to a hardware path and does not change this unless you force it to redo the device mapping. New devices  are added to the end and you can prune out unused devices without shifting all disk names).

  •  Files are distributed across disks to reduce device contentionSince ASM manages all the disks, it can put files where it wants to. When it decides where to put a file, it trys to write it to one of the disks that is not as heavily used.
  •  Redundancy What does this mean? You can configure a disk group to keep 1 (external redundancy), 2 (normal) or 3 (high-redundancy) copies of a file. For dual redundancy, each disks is allocated to one of two ‘failure’ groups and files are written to both failure groups (you can even over-ride this on a per-file basis).  Another feature to increase uptime is that you can tell ASM that you plan to pull a disk (‘DROP DISK’) so it can try to copy off the data from that disk before you pull it.
  • Cooked filesystems You can create cooked filesystems (ie. a typical filesystem with directories and files – not raw) from raw ASMspace. ASM even provides a filesystem type for this purpose – ACFS, but you can use other types of filesystems.

ASM Theory ASM accepts several types of diskspace to manage. You can give it an entire disk or LUN (with no partition table), a single partition, a file in an NFS mount or a logical volume (though this duplicates ASM functionality, thus it’s overhead).  My recommended rule of thumb is to create a single partition on a disk and use this partition for ASM (more later). Disks are grouped into ‘disk groups’ to allow different features per disk group. One group may be have the high-redundancy feature (were dual copies are kept). Another group may composed of physically faster disks (a good place to store redo logs) or slower disks (good for FRA). A single DB may use more than one disk group. And more than one DB can store files in the same disk group. While ASM was written with binary files in mind, it was designed to store physical files that are used by databases – control files, SPFILEs and logs, bitmaps, OCR etc. ASM comes with a template for each of these filetypes so you get the best performance, redundancy etc. Files which live in ASM start with a plus and end with the disk-group name (eg. +data/orcl/controlfile/Current.256.541956473) In addition, you can create regular filesystems on top of ASM formatted with the ACFS or even an OS filesystem. Interesting features of ACFS: simultaneous mount on multiple nodes, automount at ASM startup, dynamic resizing, snapshots, FS cleanup by a healthy member in case a cluster member dies while writing to ACFS. Oracle strongly prefers that DB-related files are stored directly in ASM, not on an ACFS filesystem.

Best practices for ASM on Linux :

1.  Let Linux manage your multipathing to your disks
As of DB, ASM does not have multi-pathing (managing multiple paths to a physical disk) built into it. This means we’ll need to use dm-multipath devices.

/etc/multipath.conf : 

# Do not manage ram,raw,loopback,floppies,tape etc 
# Do not multipath IDE devices or internal HP drives
blacklist {
  devnode  "^(ram|raw|loop|fd|md|dm-|sr|scd|st)[0-9]*"  
  devnode  "^hd[a-z]"
  devnode  "^cciss!c[0-9]d[0-9]*[p[0-9]*]"	
#  user_friendly_names  creates /dev/mpath*
# 'prio const'          was 'prio_callout /bin/true' 
#  path_selector:  bmarzins at redhat suggests using 
#    service-time instead of default  round-robin 
#  checker_timer 180    obviates a similar rule in udev
defaults {
  polling_interval     10
  path_selector        "service-time 0"
  getuid_callout  "/lib/udev/scsi_id --whitelisted --device=/dev/%n"
  prio                  const
  path_checker          readsector0
  rr_min_io             100
  failback              immediate
  user_friendly_names   yes
  checker_timer         180

Now enable and start the multipathd service

 # chkconfig  on multipathd
 # service       multipathd restart 
 # service       multipathd status

Check that multipath is working. For each of your mpaths run :

[root@server1 ~]:#   multipath -ll  mpath0
mpath0 (3600601602b702d006218b7de8130e111) dm-13 DGC,  RAID 5
[size=67G] [features=1 queue_if_no_path][hwhandler=1 alua][rw]
\_  round-robin 0        [prio=4][active]
   \_ 3:0:0:0  sdae       65:224 [active][ready]           | HBA1
   \_ 3:0:1:0  sdat       66:208 [active][ready]           |
   \_ 1:0:0:0  sdf        8:5    [active][ready]       | HBA2
   \_ 1:0:1:0  sdp        8:240  [active][ready]       |

In case it is not obvious what this shows:  sdae, sdat, sdf and sdp  are the same disk discovered four times due to four different paths to the disk.  multipath presents mpath0 to the user and if you use it, multipath intelligently distributes reads/writes across the four paths. The RAID5 is because multipath has detected that, in fact, the disk is physically a RAID5 lun.

If you have multiple nodes sharing the disks, it is smart to pick a ‘master’ node and once you have configured the disks, copy the multipath bindings file [ /var/lib/multipath/bindings ] from that node to the others to ensure that they all map the same way.
Also, if your /var directory is on a diff filesystem from your root, I suggest copying the multipath file to /etc and pointing the variable /etc/multipathd.conf:bindings_file at the new location in order to avoid a situation where the /var filesystem is not mounted when multipath starts, so it cannot read the bindings file.

2.  Present partitions, not raw disks to ASM
Instead of giving the entire disk to ASM, create a partition on each of the multipath disks which allocates all space on that disk. I often start my partition with sector 1 instead of sector 0. IMO, creating a partition is generally a better than using the entire disk. It allows the OS to recognize that the disk is not a brand new disk. And forcing the partition to start with sector 1 wastes very little diskspace but keeps the real data out of the way of any disk tools that might want to write boot code or disk labels etc. One one of the servers, for each disk, create a partition :

# fdisk /dev/mapper/mpathX 
   new partition from sector 1 to the max sector

Of course we realize that this change affects all of the members of the multipath (sdf, sdp, sdae and sdat in the example above). Now, since you’re likely in a multi-node environment,  let’s update the cached view each nodes has of it’s disk partition tables with the latest partition table (since we have may have updated the disks from a different node). To do so, on each node and for each mpath, run the following :

# partprobe /dev/mapper/mpathX
# kpartx -d /dev/mapper/mpathX
# kpartx -a /dev/mapper/mpathX

Aside :  Listing WWID for disks (from Yannid)

for disk in `ls /dev/sd*`
     disk_short=`basename $disk`
     wwid=`scsi_id -g -s /block/$disk_short`
  echo -e "Disk $disk \t has WWID: $wwid."

# Sample Output 
# Disk sdac  has WWID: 3600601602b702d007f2a73fbc648e111
# Note that each disk in a multipath group shares the same WWID

3.  For better results, limit the disks that ASM sees
Assuming that you have already created the oracleasm config file (and created ASM devices etc) by running   (the optional ‘-I’ allows more detailed asm config questions)

# /usr/sbin/oracleasm configure -I

You can now update the  /etc/sysconfig/oracleasm  file to restrict ASM from looking at plain SCSI disks and force it to scan only multipath devices when it starts.  The dm should be redundant, but we include it. Similarly, we could exclude IDE devices (hd), CDs (sr) and tape drives (st) if you have many of those attached. /etc/sysconfig/oracleasm: 


Alternately(?) use the ‘ASM_DISKSTRING=..’ parameter with ‘*’ wildcards in the config file to specify the disks that should be scanned. Typically ASM_DISKSTRING should point to /dev/oracleasm if you will be using ASMlib and point to /dev/asm if not.
Now you can create your ASM disks. They must start with a letter. Convention says that names are all capitals and a number (leave room for growth). Some examples are DATA001 FRA_001 OCR1 There are many ways to manage ASM disks – ASMCMD provides and SQL-like interface for DBAs. OEM provides tools.  The most sysadmin-friendly is ASMlib, which I recommend using.  You can use the following ASMlib commands to manage disks:

# /etc/init.d/oracleasm  createdisk  VOL1  /dev/sdg1
# /etc/init.d/oracleasm  listdisks
# /etc/init.d/oracleasm  deletedisk  VOL1 
# /etc/init.d/oracleasm  querydisk         /dev/sdg1

Once you have created the disks on one node, you must discover them on the other nodes:

# /etc/init.d/oracleasm  scandisks

Once you have created and discovered disks, you can add them to ASM disk groups. Or you can create the disks and disk groups at the same time with the sample SQL statement below. You can also manage disks through the /usr/sbin/oracleasm command.
FWIW, here is an ASMCMD (the alternative to #oracleasm createdisk) to create a diskgroup. I have not found a CLI way to do it through ASMlib.  But you can invoke the BUI named ‘ASM Configuration Assistant (ASMCA)’
FAILGROUP is a group of disks (say a tray) that are likely to fail at the same time. This hints ASM where to write duplicate copies of data (ie. not inside the same failure group).

  FAILGROUP controller1 DISK
    '/devices/diska1' NAME diska1,
    '/devices/diska2' NAME diska2,
    '/devices/diska3' NAME diska3,
    '/devices/diska4' NAME diska4
  FAILGROUP controller2 DISK
    '/devices/diskb1' NAME diskb1,
    '/devices/diskb2' NAME diskb2,
    '/devices/diskb3' NAME diskb3,
    '/devices/diskb4' NAME diskb4
  ATTRIBUTE 'au_size'='4M',
   'compatible.asm' = '11.2',
   'compatible.rdbms' = '11.2',
   'compatible.advm' = '11.2';

This moves files around to different ASM disks to ensure that each ASM disk is filled to about the same amount. It’s like defragmenting a filesystem. You can set the ASM_POWER_LIMIT parameter to restrict how much effort ASM puts into this. You can manually fire off a rebalance with a low priority (max is 1024).


If you want some really interesting info on ASMlib, download the source from the ASMLib support page on It is very user-friendly – lots of documentation and shell scripts.

Solaris 11 New Features

* Changes to Solaris 11

  1. OS runs on ZFS Filesystem
    So What?
    * Automatically creates a “Boot Environment” backup when you install packages (similar to Windows Restore Points. More Later)
    * network based. You don’t have to download a big package, you point at a network service. You CAN still run it locally too.
  2. Network changes
    * New network structures
    – vnic
    – etherstub (virtual physical NIC )
    – bridge      (virtual net switch)
    – IP Tunnel
    – vlan
    – … more .


    A network interface is now composed of multiple layers, which can be categorized by ISO network layers
    The physical layer
    #dladm  show-phys
    Types (in OS priority):
    Onboard devices have priority / assigned lower instance numbers over peripheral

    The datalink layer  –   dladm 
    # dladm  show-link
    # dladm rename-link net0  oldnet0 ;  dladm rename-line  newnet0  net0
              (eg. net0 maps to igbe0 and newnet0 maps to ixgbe0 : 1Gb to 10Gb)
    Types of Datalink objects:
    etherstub0 (a virtual HW NIC)
    switches – link aggregations, VLan, bridges
    Properties of a DL :
    Link Speed&Duplex & negotiation,
    Up/Down state,
    STREAMS modules (allow 3rd party SW network function plugins)
     The network layer
    # ipadm   (all interfaces) ;  ipadm show-ip           ;    ipadm show-addr
    # ipadm create-ip  net0   ipadm create-addr -a net0
    Examples : net0, vnet0,
    Classes   : IP, IPMP, vni=Streams
    The Transport layer
    # netstat -P
    Protocols : IP, arp, ICMP, UDP, SCTP

    Also cool, you can run your network in reactive mode, where based on preconfigured ‘profiles’ (say a wifi goes active or a VPN is enabled), the OS will switch network configuration and/or  IP filter settings.  Managed by netcfg and netadm commands.

    * New commands
    –  plumb becomes    ‘ipadm  create-ip’
    –  ipadm  show-phys  or  ipadm  show-addr

  3. Solaris 11 automatically can mount ISO images as a filesystem type hsfs
  4. New IPS =  Image Packaging System
    – Note: This new stuff is non-intuitive with weird-paths and service properties.
    Don’t wing it. Find and follow instructions.
    * Automatically figures out dependencies (amazing to be proud of that – WAY late to the party. The beer’s already warm. And IPS is STILL not prime-time. The OS of the IPS repo has to be newer or the same version as the clients. And it’s not too hard to apply patches that get you into a funky state – ie applying some patches will (incorrectly?) bump your OS version to a os-rev higher than 11.1 and prevent you from properly installing 11.1. BUT as is typical, if you can get through the small weirdness and complexity, it will do pretty cool stuff.)
    * It seems that the previous term ‘package’ is now called a ‘relocatable package’.
    Package now refers to a *large* group of relocatable packages as large as the entire Solaris OS.
    * A package repository also has a catalog with  intelligence about dependencies etc
    * A package repository can have different versions of top-level pkgs eg solaris, solaris_plus_company-tools.
    *There are three types of packages : full pkg type for an OS install, zone pkg type for installing a zone, relocatable package (the former ‘package’)
    * There are three official sources from which to download repos.
    – few Interesting IPS commands 
    $ pkg update -nv          (a dry run of a full update of all relocatable packages)
    $ pkg update                (full upgrade to the latest on the IPS server)
    $ beadm list                 (show available BEs – like restore points)
    # pkg install myRelopackage
    phases : create plan, resolve depend, check conflicting actions,
  5. Boot Environments
    These are snapshots of the filesystem similar to Windows’ “restore points”. When you install packages, the OS automatically creates a BE for the previous.
    Each BE created automatically has an entry in grub for x86
    For Sparc,  obp>  boot -L    -> list      ::  obp>  boot -N rpool/ROOT/solaris-2
  6. Newly built-in packages  : wireshark,  sudo, top
  7. root is no longer a user but a role
  8.  default FS is ZFS
  9.  kickstart -> “automated installer”
  10. Network interfaces are virtualized onto virtual switches
  11. Automated Installer – a re-packaging of    jumpstart   using PXE
    – uses IPS repository service (proxyd)   AI service,
    – DHCP not needed for sparc. Use wanboot (http loaded image) instead.
    DHCP and DNS multicast is still needed for x86
    – optional profile per computer (pre-choose hostname etc)

Commands to configure a local IPS Repository

1. Create a ZFS dataset
# zfs create rpool/export/IPS

2. Download and assemble the software package
# unzip
# unzip
# cat    sol-11-1-repo-full.iso-a  sol-11-1-repo-full.iso-b > sol-11-1-repo-full.iso

3. Copy files from the ISO to the ZFS filesystem

## If the hosting OS is less than  Solaris 11
# lofiadm -a sol-11-1-repo-full.iso /dev/lofi/1
# mount -F hsfs   /dev/lofi/i    /mnt/IPS_repo                            – OR –
# If the host OS is Solaris 11
# mount -F hsfs -o ro sol-11-1-repo-full.iso /mnt/IPS_repo

# rsync   -aP  /mnt/IPS_repo/repo   /export/IPS
(This will likely take a few hours – it copies data from the ISO to the filesystem)

# pkgrepo refresh -s /export/IPS
(refresh the catalogs and search data for the repo)

4.  Configure the repo server service – set readonly property. set inst_root property
# svccfg -s application/pkg/server   setprop  pkg/inst_root=/export/IPS/repo
# svccfg -s application/pkg/server   setprop  pkg/readonly=true     ( In the future,  set readonly to false before updating IPS with patches )

# svcprop -p   pkg/inst_root           application/pkg/server        /export/IPS/repo
(This will set the inst_root property of the ‘server’ package to be IPS/repo )
# svcadm  refresh                         application/pkg/server
( Force service to re-read its config file – !before starting it.
Refresh the snapshot’d configs with the service running config )
# svcadm  enable                          application/pkg/server

# svcs                                          application/pkg/server
online …

# zfs set  share.nfs=on  /export/IPS  name=repoSolaris11,path/export/IPS,prot=nfs
# dfshares  s11-ss
This shares out /export/IPS  as a mountpoint /export/IPS using NFS.

5.  Setup the  local IPS publisher   URI (to )
#  pkg  publisher
solaris          origin  online      F
# pkg set-publisher -G ‘*’            -g
( where server is your server and include the trailing ‘/’ -G means first delete old data )
(output shows:)  solaris
# pkg publisher
solaris            origin   online      F
(Note the URI returned- as the destination for jumpstart. publisher is the type of repository:  solaris / cluster-ha / etc )

6.  Testing IPS on the local server –
Search the IPS repo for the package named ‘entire’
# pkg search entire
(output)  pkg.fmri     set    solaris/entire       pkg:/entire@0.5.11-0….

## Client Side

#  pkg info    ( NOTE : NOT pkginfo )
#  pkg list      – Locally installed packages     ( the last column  shows three fields :  ifo  – Installed, Frozen, Obsolete)
#  pkg list -a   : all packages (even not installed, but in the repository)
#  pkg search pkg : search in the repository

How to grow a large ext3 filesystem on a SAN volume without interrupting users


  •     Expanding the SAN volume is outside the scope of this article.
    For the curious, this is an EMC LUN.
  •     The server is running RHEL5.9
  •     The partition is mounted / managed using RHEL’s multipathing software.
  •     The partition is larger than 2TB. Otherwise, you’ll probably use fdisk instead of parted.



# df -h  /backup
Filesystem                              Size     Used  Avail   Use% Mounted on
/dev/mapper/mpath2      4.0T   3.0T  820G   79%    /backup

# parted  /dev/mapper/mpath2
(parted) print
Number Start End Size File system Flags
1   0.00kB   4935GB   4935GB     ext3
# multipath -ll /dev/mapper/mpath2

mpath2 (360060160df751d000cb0364c9dd6e111) dm-8 DGC,VRAID
[size=4.5T][features=0][hwhandler=1 alua][rw]
\_ round-robin 0 [prio=1][active]
\_ 3:0:1:2 sdg 8:96 [active][ready]
\_ 4:0:1:2 sdm 8:192 [active][ready]
\_ round-robin 0 [prio=0][enabled]
\_ 3:0:0:2 sdd 8:48 [active][ready]
\_ 4:0:0:2 sdj 8:144 [active][ready]

This shows me several things
a) my multipath device:  dm-8
b) the disks that make up dm-8 :  sdg, sdm, sdd, sdj

Now I will make each of them in turn take note of the newer, larger LUN.

for DEV in sdg sdm sdd sdj; do 
     echo “## DEVICE:  ${DEV} ” 
     cat /dev/sys/block/${DEV}/size
     echo 1 > /dev/sys/block/${DEV}/device/resize
     cat /dev/sys/block/${DEV}/size
     echo ” “

Sample sub-output

I don’t think that this is necessary for SAN devices,  just internal ones, but it doesn’t hurt:
# partprobe
This takes a minute to run,  don’t panic.

# multipathd -k
multipath> resize map mpath2
multipath> ^d   (control-d)

# cat /dev/sys/block/dm-8/size

# parted  /dev/mapper/mpath2 
(parted) print
Number Start End Size File system Flags
1      0.00kB   5472GB    5472GB    ext3

Now that the partition table is updated,  we can finally resize the actual filesystem.
The default is to resize to use the full partition. That suits me just fine.
resize2fs -p /dev/mapper/mpath2       
Filesystem at /dev/mapper/mpath2 is mounted on /backup; on-line resizing required
(long pause)
Performing an on-line resize of /dev/mapper/mpath2 to 1335885824 (4k) blocks.
(even longer pause – about 30min in my case)
The filesystem on /dev/mapper/mpath2 is now 1335885824 blocks long.

# df -h /backup
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/mpath2 4.9T 3.0T 1.8T 64% /backup

That looks good. Users now have more diskspace and I get to keep my job for another day.

Add Disks to your SUN without losing your SANity.

Note: This is not fully polished, but I think it has some useful tips when you’re trying to wrangle a mess of SAN disks. 

1. Discover the disks
# touch /reconfigure && reboot
# echo | format | awk ‘{ print $2 }’ | sort | grep c[56]t > SANDISKS
2. Label the disks
for DISK in `cat SANDISKS`; do
printf “label\nyes\nquit\n” | format -d $DISK

3. Figure out the size of the disks

We’ll grabbing slice 2 from the partition table. By convention in Solaris, partition2 holds the entire disk.
But be careful, it IS possible to over-write this information and you lose the true disk config.
Before running this command, it would be smart to run prtvtoc on all disks and check the bytes/sector.
Any disk where this is not the standard 512bytes/sector, will show the wrong size (adjust the 2048/1024 section). 
Typically this happens on the larger disks. 

The darker purple just prints the disk name and the partition table, then selects the disk size and disk geometry.
In the section in light purple, I group all the data onto one line and print only:
     * The disk name ($DISK) [field 1]
     * The tag  (tags show the partition “name” – unassigned/root/swap/var etc) [field 4]
     * The flag (0x00=RW, 0x01=non-mount, 0x10=RO) [field 5]
     * The SectorCount (which I convert to GB. Maybe you prefer to work with 10-digit numbers. The registers in my brain are too small). 

for DISK in `cat SANDISKS`; do
echo -n “$DISK:: \t “
prtvtoc /dev/rdsk/${DISK}s2 | egrep ” bytes|^[(space)|(tab)]*2″
done | paste – – – | sort -k 10 | \
awk ‘{ print $1, “\t”, “$4, $5, “Sector: ” $6 “\t”, $NF/2048/1024, “GB” }’ > PARTITIONS

4. Fix the partition table
When the disks are presented from the SAN array, they already have a sample partition table. And it is NOT the one I want. Blech. That just makes extra work for me since I want all my space in one slice – slice 0. So I have to figure out an automated way to put all space in slice 0 and also wipe all other slices (except for slice 2). 
Since slice2 shows the full disk, I’ll copy that to slice0. Then I’ll zero out all of the other slices.
Remember – It IS possible to overwrite the data in slice 0. This is NOT recommended, so do not include partition 2 in the list of partitions below.   

for DISK in `cat SANDISKS`; do 
  prtvtoc -s /dev/rdsk/${DISK}s2 | grep “^[(space)(tab)]*2″ | sed ‘s/2/0/1’  > DISK.prt 
  for SLICE in 1 3 4 5 6 7; do
      echo “$SLICE  0  00  0 0 0” >> DISK.prt 
cat DISK.prt  |  fmthard -s – /dev/rdsk/${DISK}s2
prtvtoc  -s  /dev/rdsk/${DISK}s2


This line  grabs slice 2, copies the values  to slice 0. Do replace (space) and (tab) with an actual space character and tab character. The sed line there replaces 2 (slice 2) with slice 0, but only the first time we see a ‘2’. 
This line  creates blank values for the other slices.
This line  writes the new partition table to the disk.
This line prints off the final partition table for the disk. 


The story so far …
* We have a list of disks in a file called SANDISKS and a list of partitions in a file PARTITIONS.
* We have labelled the disks (ie. created a partition table), put all space in slice 0 and wiped other partitions.

The next Step is plan how you’ll allocate the disks to the LDOMs and to format the partitions. 
If you’re not using LDOMs, you can tweak this step to just loop through the PARTITION file doing the newfs line.
Otherwise, edit the PARTITION file into a file with three columns: disk, partition name and OS mountpoint. 

# DISK                        Partition-Label     Mountpoint
c5t2342EAF23422d2    node1-root    /
c5t2342EAF23422d0    node1-data   /database
c5t2342EAF23422d1    node1-redo   /database/redo

   echo -e “/dev/dsk/${DISK} /dev/rdsk/${DISK} $MOUNTPOINT \t ufs 2 nologging” >> /etc/vfstab
   echo y | newfs /dev/rdsk/${DISK}s0
  # Lots more needed here – creating the 



Website Hacking Explanations with Real World equivalents

Cross Site Requested Forgery  aka CSRF

How it works online –

The bank has sent you a cookie that proves you are who you say you are. The cookie is good for a week. The next day, you visit which includes HTML code saying  <img src=http://bank/transfer?to=EHacker …>  Because your cookie from your bank session from yesterday is still valid, the transfer works.

How it works In Real Life (IRL) :

Assuming that the attacker knows that you often borrow money from Rob. One day he tells you “Remember last Tuesday when Rob loaned you $50?  He told me to ask you to to pay that money to me because he owes me $50”.  This attack could work (if you had borrowed $50 from Rob last Tuesday) because the attacker should not know that secret info between you and Rob. That secret info is similar to the still valid bank cookie in your browser. Note that most of the time these attack will fail because your browser doesn’t still have a valid bank cookie, but on occasion it would work.

How to avoid it online. The bank needs to include a per-session token (ie. as well as a cookie, in the page you fill out to request the transfer, they include a token with a random value. When you when you submit the form, your submission must include that token.)

How to avoid it IRL.

Rob says – If I pass this debt to someone, I’ll also tell them the purpose for which I borrowed the money.” This is a sort of per-session information that must be included for the transaction of passing the debt to be valid.

Cross Site Scripting aka XSS

Type A – Stored Cross Site Scripting

How it works online

Hacker writes the following code in an review

“Good radio
I like the radio alot”
You told your browser NOT to run javascripts from, but because you trust Amazon, you told your browser allow javascript there. When your browser displays the comment from the users, it sees the javascript in the review text and runs it.

An example from the Real World

Attacker changes someone’s email signature to say “PS. And please loan $50 to EvelHacker. I’ll pay you back.”  This ‘procedure’ is stored in the users email client and is called when the user sends out an email. You trust the sender so you execute the procedure.

How to avoid online

Amazon scans comments posted by users and blocks most HTML tags.

Type B – Reflected

How it works online.

An attacking website tricks you into submitting compromised input to a good website. This input is reflected back from the good website to your browser which trusts it.  As an example.  You get an email from with a link that says, “We will beat your bank’s loan rate by 2%. Click here
to check your bank’s current rates.”  And the link is>CustomerName=”popup.Window=http://bank/myaccountinfo?email=EHacker”%5D
The bank’s error message is “Sorry %CustomerName%, missing page”.  So the bank page returns a fairly correct error page saying “Sorry” but also includes the malicious code telling your browser to popup a window to email account info to the attacker. You trust the bank. And the bank trusts you since your request is from you (current cookie) AND you return the correct random token (the fix for the previous attack). But now your own input tricked the bank website into requesting your browser to perform an insecure action.

A RealWorld Example

Navy SEALS follow bin Laden’s courier back to OBL’s house and kill him. The courier did not himself do anything to hurt OBL (or vice versa), but the intruders used OBL’s trust in the courier to reflect OBL’s location to an attacker.
How to prevent it online:
Bank needs to check all customer inputs to verify that there are no extra commands.

Type C – DOM

Similar to type B, but the request is to modify a parameter in the client’s environmental variables like language preferences. The trusted but insecure
website reflects the compromised parameter back to the client and the browser executes it.

Click Jacking

How it works online

Hacker displays a bank webpage on their website, but loads a hidden frame over a clickable area to trick the user into clicking it.

Real World Equivalent

ATM thieves have installed a fake keypad on top of a real keypad. The fake keypad steals the magnetic stripe information and records the PIN entered. It may either pass these values through to the ATM after recording them or it may generate a legitimate looking error for the user. The attacker then gathers the info from the fake keypad and uses it to make ATM withdrawls.


How it works online

The hacker enters a value into a form that modifies the webpage algorithm, usually to expose a larger amount of data than intended, but depending on what the code is doing and what privileges the process has, the attack may also modify stored data, (perhaps even to create a stored procedure hack) or run a completely different process than intended.
As an example. The code may say something similar to “select user data where user.firstname is %user_input%” But the attacker enters a wildcard value that selects all users, or the input might be simlar to ‘joeAND create a database user named EHacker with no password‘. This second form would return joe’s information but also would create an account in the database for the hacker to use. The third format might be   ‘joeAND .. change the database value fortotal number of usersto be.. evil HTML code”  This injected code could blowup an entirely different web query at a later date. The last format could be ‘joe” AND call an operating system command to delete all files‘.

A Real World Example

An obvious example of an injection is an attacker changing the values on a check – putting a number one in front of the digits and the words ‘one hundred and’ in front of the text on the check. In fact, the very reason for writing out the check’s value in words it to make it harder for anyone to ‘inject’ an extra hundred dollars into the check amount.

Progress Bar in DD copies

(Copied from the blog ‘IT from All Angles’ by Matthew Mattoon)

PV is a command that shows a progress bar 
Options are 
   p – progress
   t – timer
   r – rate
   e – eta 
   b – bytes
   s – size (default is in bytes) of the transfer

# dd if=/root/test.file 2>/dev/null | pv -tpreb -s 1024M | dd of=/root/test.file2 2>/dev/null
1GB 0:00:06 [ 148MB/s] [=================================>] 100%


Mapping Multiple Locations


Mapping Multiple Locations

Mapping Multiple Locations with MapAList

0. This used to be easy on Yahoo Maps. Ten years ago it was a regular feature. Maybe not a popular one, but I loved it. Now you gotta write a bunch of code to translate names to GPS locations and create a KML file or something. Luckily someone else has already done all the nerdy work for you…
1. Create a Google Spreadsheet of addresses. You can have multiple other columns. It will guess which is the address column.
2. Create an account on Their privacy protection seems pretty good – they share aggregated data and use your data to display ads.
3. Jump through a couple hoops – there are a half dozen (Next) buttons to click through. MapAList guesses which is the address column, confirm or correct the guess. Give your map a name, generate it.
4. If you like, you can share it out. Every POI is clickable with the name of you gave the and directions to it (but not the address – maybe worthwhile doing two address columns one to generate the map, one to display. I haven’t tried).

Excel Tips


, ,

How to format cells in Excel

This is so easy, but so useful.

Training Wheels
In recent versions of Excel, you can click on a cell, then on the paintbrush icon in the ‘Home’ ribbon bar / Clipboard panel / little paintbrush icon’. Then click on a destination source and the formatting (font, color and background color) are copied. Nice.

To paste to several sequential cells, click, formatbrush then click and drag the format across several cells in a row.

BMX mode
Here’s the cool part. To paste to non-sequential cells double-click the format painter icon. The click any cell of your fancy to paste the format. Hit Esc key to drop out of daVinci mode.


X Games
Conditional Formatting.  If you want cells to format themselves based on their values, look into conditional formatting. You can define formats based on the cell contents. Say perhaps all negative values get a red italicized format.
Select a group of cells, say a column, click HomeRibbon/Styles Panel/Conditional Formatting. Select ‘Highlight Cell Rules’ / ‘Less Than’. Choose a format for the cells then input the number to the ‘less than’ field. Apply.
Interestingly, you can apply multiple conditional formats in sequence. Cells which are not affected by the newly applied conditions retain their previous formatting.