EICAR test virus MIME attachment text

This test virus was developed by the European Institute for Computer Anti-Virus Research (EICAR) to provide an easy (and safe!) way to test whether your anti-virus software is working.

The text in this post is encoded as if it was delivered from your MUA/MTA to a SMTP server.

 

Content-Type: multipart/mixed;
 boundary="------------080402020706010804020800"
This is a multi-part message in MIME format.
--------------080402020706010804020800
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Text goes here.  There is an attachment to this message containing a
Base-64 encoded copy of the EICAR test virus.  Hopefully it will be 
difficult for you to get this message and attachment accepted by
a mail server.
--------------080402020706010804020800
Content-Type: application/octet-stream;
 name="eicar.zip"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
 filename="eicar.com"

WDVPIVAlQEFQWzRcUFpYNTQoUF4pN0NDKTd9JEVJQ0FSLVNUQU5EQVJELUFOVElWSVJVUy1URVNU
LUZJTEUhJEgrSCoNCg==

————–080402020706010804020800–

No Comments

Linux online resize of LVM disk LUN

You’ll start out with a Disk that looks something like this.
# fdisk -l /dev/sdd
Disk /dev/sdd: 598.9 GB, 598925639680 bytes
255 heads, 63 sectors/track, 72815 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes


Device Boot Start End Blocks Id System
/dev/sdd1 1 72816 584888319+ 8e Linux LVM

Step 1.

grow the LUN on your array

Step 2.

tell the kernel to scan the device for changes
# echo 1 > /sys/block/sdd/device/rescan

you’ll end up with something like this in the logs:
Jul 3 10:10:21 kernel: SCSI device sdd: 2339551264 512-byte hdwr sectors (1197850 MB)
Jul 3 10:10:21 kernel: sdd: Write Protect is off
Jul 3 10:10:21 kernel: SCSI device sdd: drive cache: write back w/ FUA
Jul 3 10:10:21 kernel: sdd: detected capacity change from 598925639680 to 1197850247168

Create a new partition with the newly available space,  Since I want to use all of the space, fdisk will figure out my start cylinder, and end cylinder for me.  I can just take the defaults.  I’ll have to specify the Linux LVM
# fdisk /dev/sdd

Command (m for help): n
Command action
e extended
p primary partition (1-4)
p
Partition number (1-4): 2
First cylinder (72816-145630, default 72816):
Using default value 72816
Last cylinder or +size or +sizeM or +sizeK (72816-145630, default 145630):
Using default value 145630

Command (m for help): t
Partition number (1-4): 2
Hex code (type L to list codes): 8e
Changed system type of partition 2 to 8e (Linux LVM)

Command (m for help): w
The partition table has been altered!
Calling ioctl() to re-read partition table.

WARNING: Re-reading the partition table failed with error 16: Device or resource busy.
The kernel still uses the old table.
The new table will be used at the next reboot.
Syncing disks.

Next we need to make sure the kernel know about the new partition

# partprobe -s /dev/sdd

/dev/sdd: msdos partitions 1 2

After this, we end up with the LUN having two partitions.  We’ll just add the new one to our existing LVM setup.

add the new partition as a physical volume

# pvcreate /dev/sdd2
Physical volume "/dev/sdd2" successfully created
# pvscan
PV /dev/sdd1 VG u02 lvm2 [557.79 GB / 0 free]
PV /dev/sdd2 lvm2 [557.79 GB]
Total: 2 [1.09 TB] / in use: 1 [557.79 GB] / in no VG: 1 [557.79 GB]

extend the volume group with the new physical volume

# vgextend u02 /dev/sdd2
Volume group "u02" successfully extended

extend the logical volume to use all of the free space in the volume group (and as a bonus re-size the EXT3 filesystem that is mounted currently)

# lvextend --resizefs --extents +100%FREE /dev/u02/sun-2540-lun2
Extending logical volume sun-2540-lun2 to 1.09 TB
Logical volume sun-2540-lun2 successfully resized
resize2fs 1.39 (29-May-2006)
Filesystem at /dev/mapper/u02-sun--2540--lun2 is mounted on /u02; on-line resizing required
Performing an on-line resize of /dev/mapper/u02-sun--2540--lun2 to 292442112 (4k) blocks.
The filesystem on /dev/mapper/u02-sun--2540--lun2 is now 292442112 blocks long.

And now we’re done!

# df -h /u02
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/u02-sun--2540--lun2
1.1T 224G 819G 22% /u02

No Comments

Meadows of Webster Construction

The model home for the “Meadows of Webster” development as it was under construction at the beginning of summer 2012

Construction began earlier this year on the Meadows of Webster subdivision.
The Town of Webster Planning board granted final approval of Phase I of the development to Tom Thomas of 800 Philips Road, LLC at their March 15th, 2011 meeting.

Phase I of the Meadows of Webster consists of 27 patio home lots on just over 85 acres situated at the southeast corner of Phillips Rd. and Schlegal Rd.  This location is just north of the Xerox campus in Webster, NY.

By the beginning of summer in 2012, the first home was up, and the street and utilities were in place for the initial part of the neighborhood.

Lots with utilities installed are waiting to be built at the Meadows of Webster subdivision. June 21, 2012.

, ,

No Comments

Problems with webmail.1and1.com

I can never stay logged in to my personal 1&1 hosting webmail account from work.

I suspect that I know why, but haven’t been able to find any confirmation that this is true.
I’ll get to that later, though.

First the problem that I see every time I try to use my webmail account:
I can log in and start to brows through my messages, but after just a minute or two, I always end up getting logged out with this error message

Your session has expired. Please log in again. (Error-ID: 1006460543-45924140)

Error Message

Webmail Error message. Due to my load-balanced proxy configuration?

My hypothesis is that the proxy configuration that I need to use while at the office is causing problems with the software on the 1and1 webmail system.  Under normal conditions, the IP address that I use to make outbound HTTP and HTTPS connections jumps around a lot.  Even during a single, continuous session.  I’m betting that there is something in my hosting provider’s webmail system that goes beyond cookie-based session authentication that notices that it is seeing a cookie come from an un-expected IP address, and as a result invalidating that session.  I just have not been able to find anything to confirm this.

If anybody sees this post, and can add anything useful, please comment!

It ends up being a little annoying to me, but I can understand the type of attack that this will end up preventing, so I’m not going to complain much about it.

, , ,

No Comments