On a web server, suPHP allows PHP to run as the user and group that owns the file.
In WordPress, for example it allows to upload files, update wordpress itself or its plugins.
But obvious security issues can make this Apache module really dangerous for your other websites. Here is how I installed it only for WordPress.
After testing GIT, and without hesitation, I decided to abandon SVN/Subversion. I won’t write here one more article comparing them but I wrote (and update regularly) a wiki page explaining how to install it on Debian and give access via HTTP, SSH and HTML.
http://wiki.gonzofamily.com/a/Install_GIT_as_public_repository_on_Debian
I also noted how I transfered my existing local XCode repositories to this server, but I will improve this doc soon:
Tags: apple · dev · en · IT · network · Server
On iOS, you want to know your local IP (for example, when an application opens a webpage on the wifi interface) but the iOS SDK provides no simple way to get the IP Address for the wifi connection.
I found an interesting Method in Objective-C which retrieve the IPv4 address of the wifi connexion as a NSString on Zach Waugh’s blog.
Sadly it doesn’t work with IPv6. So I modified it and here is the code:
http://wiki.gonzofamily.com/a/Retrieve_local_IPv4/IPv6_on_Wifi/Cellular
Tags: apple · dev · en · IT · phone
On Linux we use to see the Processes associated to a listening network port with the following command
netstat -p
On Windows it’s
netstat -o
Sadly on Mac OS X this option doesn’t exist. The equivalent will be
sudo lsof -P
So we can imagine that we need to know which program dare listening on port 123
sudo lsof -Pn | grep 123
You will see something like that:
ntpd 21 root 20u IPv4 0x0899ace4 0t0 UDP *:123
ntpd 21 root 21u IPv6 0x0899ac08 0t0 UDP *:123
ntpd 21 root 22u IPv6 0x0899baa4 0t0 UDP [::1]:123
ntpd 21 root 23u IPv6 0x0899b8ec 0t0 UDP [fe80:1::1]:123
ntpd 21 root 24u IPv4 0x0899b810 0t0 UDP 127.0.0.1:123
ntpd 21 root 25u IPv6 0x098b5658 0t0 UDP [fe80:4::cabc:c8ff:fe90:6472]:123
ntpd 21 root 27u IPv6 0x098b5b80 0t0 UDP [2002:3ba7:d4b1::cabc:c8ff:fe90:6472]:123
ntpd 21 root 28u IPv4 0x15463370 0t0 UDP 10.0.130.101:123
ntpd 21 root 30u IPv6 0x15464b80 0t0 UDP [2002:3ba7:d4b1::c3e:e29a:8de6:68cc]:123
So it was the NTP Daemon with the process ID 21…. petit coquin !
(Cf this page of my Wiki: http://wiki.gonzofamily.com/a/Port_listening_on_Mac,_Windows_or_Linux)
Tags: apple · en · IT · network · Server
As most of my IT articles were about guides, I decided to open a Wiki. It will be more convenient to keep them updated and organised.
Little by little this wiki will become my main website.
Here it is : http://wiki.gonzofamily.com
What is a wiki?
It’s a collaborative website that allows the creation and editing of any number of webpages. It’s easy to modify its pages without programming knowledge, and then to keep them up-to-date
You can correct yourself anything on this wiki. You just need to login with a real email address.
IPv6 makes it easy to track you. Let me explain.
IPv6 is composed of a Prefix and a suffix:
IPv6 address: 2001:0DB8:1fc3:481:b357:83ff:fecb:4c30
Prefix: 2001:0DB8:1fc3:481:
Suffix: b357:83ff:fecb:4c30
The prefix changes according to your internet access (at home, work, friend’s…) but the Suffix is deduced from your MAC address and will be always the same for one computer.
So even if your IPv6 Adresse changes, the end of it is unique and identifies your device for sure.
The counter mesure is called IPv6 Privacy Address.
When you enable this policy on your computer, a second IPv6 is randomly affected during autoconfiguration, called Temporary IPv6 address. Even if you cannot change the Prefix, the Suffix changes each time.
It means: you can still contact your computer with the previous IPv6 address, but in the other way (when the computer connect to the internet) it will have a different random address. It has got 2 addresses.
Windows Vista/Seven: it’s enabled by default, you certainly saw “Temporary IPv6 Address” in your ipconfig
Mac OS X 10.6: you have to enable it
How to enable IPv6 Privacy Address on Mac?
you must create the file /etc/sysctl.conf with the following content:
net.inet6.ip6.use_tempaddr=1
net.inet6.ip6.prefer_tempaddr=1
Next restart you’ll get a second IPv6 address and it will be prefered for every internet access.
But I use to protect my servers via the IP address!
Many SSH/FTP/HTTPS servers use IP Addresses to filter access. You would like to keep always the same IP.
I think that every client software should be able to choose which IPv6 address it want to use (since we have 2 IPv6 in Privacy Mode), I guess it will become common very soon. For example in ssh you can add the following line in .ssh/config :
BindAddress 2001:0DB8:1fc3:481:b357:83ff:fecb:4c30
But I think, most of the time, a limited access can be based on the prefix of your IPv6 address. Allowing all your local network to access.
Tags: apple · en · IT · network · windows
I just got my Free IPv6 certification from Hurrican ( tunnelbroker.net ).
It’s a very interesting process. I think this certification is worth the time spent on it, and means you really mastered IPv6 network and servers configuration.
Before continuing I must wait for my Glue Register…
Anyway, here in Australia this free tunner broker is very efficient. It allowed me to connect my all home network on IPv6 (the Apple Time Capsule has everything necessary for ipv6 tunnels, even a selective Firewall).
It also allowed me to connect my experimental Linux server (whose provider doesn’t provide IPv6 connexion). This website (on a Dedibox v3) will at last receive an IPv6 next week, Online.net promised… thanks to Hurricane Electric, I did all the necessary tests before the big jump (that I already had done 4 years ago on an OVH server… Online.net is very late…)
Being a user of Linux, I got used to change the port of SSH on my Mac with the following line:
sudo vi /etc/sshd_config
Then I could change the number and uncomment the following line:
#Port 22
Sadly I noticed that it makes my IPv6 SSH connection unavailable on the new port (neither on the previous port 22).
The real clean way of changing a Mac OS X Daemon is in the plist files
So now I just changed the port in the ssh.plist file and my SSH Daemon runs on IPv4 and IPv6, on the new port.
sudo vi /System/Library/LaunchDaemons/ssh.plist
And modify as following if you want the port to become 22222:
<key>Sockets</key>
<dict>
<key>Listeners</key>
<dict>
<key>SockServiceName</key>
<string>22222</string>
<key>Bonjour</key>
<array>
<string>22222</string>
<string>sftp-ssh</string>
</array>
</dict>
</dict>
You can add 2 lines to make SSH available only via IPv4:
<key>Sockets</key>
<dict>
<key>Listeners</key>
<dict>
<key>SockServiceName</key>
<string>22222</string>
<key>SockFamily</key>
<string>IPv4</string>
<key>Bonjour</key>
<array>
<string>22222</string>
<string>sftp-ssh</string>
</array>
</dict>
</dict>
Tags: apple · en · IT · network
After only 2 weeks in China I can give you some keys to avoid the waste of time I got. See the following apps:
Only one guide for 44 languages, it gives you translation of hundreds useful words and sentence from and to the 44 languages, very well made, easy to use:
Lingopal 44
Only one subway guide for 33 cities around the world:
Metro Maximus
700 offline cities maps to save Location and to be geolocalised via GPS:
700 City Maps (this apps is free, but each offline map must be bought, otherwise you just access an online map like google maps)
Currency exchange rates, works offline :
Currency
How could we survive before iPhones and iPads ??
I wanted to use the 3G connection of my iPad in China. After “visiting” the 3 big companies in Shanghai, I can say they don’t sell data subscription for less than one year and unlimited does not exist.
I also have bought (180 yuan) a SIM card from China Mobile. I noticed that I can go on the internet. I noticed the APN was “cmnet”.
Then I tried successfully to use the China Mobile SIM card you can buy everywhere for less then 10€.
I will have to refund it once empty, but I’ll comment that post then. I think I will have to plug the SIM card back in a real mobile phone.
Of course I had to cut the SIM card to the micro SIM size.
I was connected to China Mobile and just added APN Settings :
APN name : cmnet
Login : (empty)
Password : (empty)
