1nixadmin

qt-faststart is included in ffmpeg source. You can find it located in tools/qt-faststart.c. There are comments in the file on how to build this application for your use:

/*
* qt-faststart.c, v0.1
* by Mike Melanson (melanson@pcisys.net)
* This file is placed in the public domain. Use the program however you
* see fit.
*
* This utility rearranges a Quicktime file such that the moov atom
* is in front of the data, thus facilitating network streaming.
*
* To compile this program, start from the base directory from which you
* are building FFmpeg and type:
*  make tools/qt-faststart
* The qt-faststart program will be built in the tools/ directory. If you
* do not build the program in this manner, correct results are not
* guaranteed, particularly on 64-bit platforms.
* Invoke the program with:
*  qt-faststart <infile.mov> <outfile.mov>
*
* Notes: Quicktime files can come in many configurations of top-level
* atoms. This utility stipulates that the very last atom in the file needs
* to be a moov atom. When given such a file, this utility will rearrange
* the top-level atoms by shifting the moov atom from the back of the file
* to the front, and patch the chunk offsets along the way. This utility
* presently only operates on uncompressed moov atoms.
*/
If you are building ffmpeg from freebsd ports, you can use the following command to build qt-faststart:

make work/ffmpeg-2008-07-27/tools/qt-faststart

Move the created binary to your favorite location and use!

If you are attempting to update FreeBSD 4 Port tree using csvup with your current ports-supfile, you may run into some issues. FreeBSD is currently End of Life, so modifcation needs to be made so it uses the RELEASE_4_EOL release.

Modify your supfile to read the following:

*default host=cvsup2.FreeBSD.org
*default base=/usr
*default prefix=/usr
#*default release=cvs tag=.
*default release=cvs tag=RELEASE_4_EOL
*default delete use-rel-suffix

Update your ports tree by using csvup:

/usr/local/bin/cvsup -g -L 2 /usr/share/examples/cvsup/ports-supfile

At one point you may need to find a file that has been modified between a specific time, say between 11AM – 12PM. We can find the results using the find and touch command.

We will need to first create two files that will represent our boundries:

usage: touch -t ‘YYYYMMDDhhmm’ filename

touch -t ‘200903101100′ /tmp/bound1 # representing March 10th 11AM

touch -t ‘200903101200′ /tmp/bound2 # representing March 10th 12PM

The using find with -newer option we can search:

find / -type f -newer /tmp/bound1 -a ! -newer /tmp/bound2

Your output should be files between the ranges specified.

Rather then using ffmpeg to create screenshots for your FLV video, you can use also Mplayer by using the following command:

mplayer -vf framestep=$rate,scale=$resolution \
-framedrop -nosound $filename -speed 100 -vo \
jpeg:outdir=/path/to/output/directory

$rate should be changed to the number of frames to skip before another screen shot is created
$resolution should be set to the resolution of the output image 320:280
$filename is the flv file you want to create screens shot

We wanted to know how well mod_gzip or mod_deflate will perform, and with our searching on the internets we have found the following site:

http://www.whatsmyip.org/mod_gzip_test/

It will test if gzip is enabled on a specific URL. It will also tell you how much compression is possible.

The following htaccess rewrite rule will replace any broken images that are no longer being hosted on your server with a default image. This will allow your site or other sites hotlinking your images do not load up with a broken image.

RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule \.(gif|jpg|png)$ http://path/to/imagefile [R=301,L]

With Vista UAC, it restricts modifying the host file. You will usually get a message telling you that you don’t have the correct permissions. Use the following steps below to add hosts correctly:

1)  Browse to Start -> All Programs -> Accessories
2)  Right click “Notepad” and select “Run as administrator”
3)  Click “Continue” on the UAC prompt
4)  Click File -> Open
5)  Browse to “C:\Windows\System32\Drivers\etc”
6)  Change the file filter drop down box from “Text Documents (*.txt)” to “All Files (*.*)”
7)  Select “hosts” and click “Open”
8)  Make the needed changes and Save.

If you are using qmail on your server, you may run into an issue with PHP trying to use sendmail to while using the PHP Mail Function. If you are not a root user, you will possibly receive the following error:

sendmail: fatal: your mailing privileges have been removed

You can fix this by providing the path for qmail in the php.ini:

sendmail_path = /var/qmail/bin/qmail-inject

If you are using Linux, you can use the power of iptables and ipt_recent to block SSH brute force attacks. You will find many results via Google on how to stop SSH brute force attacks. You can use the following rules:

iptables -N SSHSCAN
iptables -A INPUT -p tcp -m tcp –dport 22 -m state –state NEW -j SSHSCAN
iptables -A SSHSCAN -m recent –set –name SSH –rsource
iptables -A SSHSCAN -m recent –update –seconds 300 –hitcount 3 –name SSH –rsource -j DROP

You can possibly find more advanced chains on the web, but this is what I am currently using on box to stop SSH Attacks. As far as I can tell, it has worked to thawrte constant attacks against my box which filled my logs up.

Recently I have been receiving large amount of FTP Brute Force Attacks, so I modified the above rule to use it for FTP:

iptables -N FTPSCAN
iptables -A INPUT -p tcp -m tcp –dport 21 -m state –state NEW -j FTPSCAN
iptables -A FTPSCAN -m recent –set –name FTP –rsource
iptables -A FTPSCAN -m recent –update –seconds 300 –hitcount 3 –name FTP –rsource -j DROP

Initial testing is promising and has blocked those attempting to access FTP port serveral times. You can watch the ipt_recent bucket using the following path: /proc/net/ipt_recent/

below is the following output of my FTP ipt_recent bucket. I have made a synthetic attack on the server just to see if it does work:

[jason@stealthsrv ~]# cat /proc/net/ipt_recent/FTP
src=71.167.42.204 ttl: 63 last_seen: 5996404666 oldest_pkt: 6 5994532232, 5994536594, 5995242627, 5995252675, 5996395210, 5996404666
src=210.21.56.141 ttl: 252 last_seen: 5995765848 oldest_pkt: 4 5995075694, 5995075696, 5995765847, 5995765848

To commit these changes so that these rules stay live after a reboot, run the following command:

/sbin/iptables-save > /etc/sysconfig/iptables

While working on a server today, I see the following errors in /var/log/message. During this time the network on the box went down:

Dec 16 13:34:12 server kernel: printk: 153 messages suppressed.
Dec 16 13:34:12 server kernel: Neighbour table overflow.
Dec 16 13:34:14 server kernel: printk: 54 messages suppressed.
Dec 16 13:34:14 server kernel: Neighbour table overflow.
Dec 16 13:34:19 server kernel: printk: 138 messages suppressed.
Dec 16 13:34:19 server kernel: Neighbour table overflow.

This error occurs when neighbor table is maxed out. The neighbor table settings represents how many arp cache entries the kernel will keep. The default value is 128, 512, 1024.

To view the current values:

/sbin/sysctl -a | grep net.ipv4.neigh.default.gc_thresh

You can modify the values in the following files:

/sbin/sysctl -w net.ipv4.neigh.default.gc_thresh2=2048

/sbin/sysctl -w net.ipv4.neigh.default.gc_thresh1=1024

/sbin/sysctl -w net.ipv4.neigh.default.gc_thresh3=4096

This will change values immediately, or you can put the values in /etc/sysctl.conf,

Others have recommended using the following method below:

echo 1024 > /proc/sys/net/ipv4/neigh/default/gc_thresh1

echo 2048 > /proc/sys/net/ipv4/neigh/default/gc_thresh2

echo 4096 > /proc/sys/net/ipv4/neigh/default/gc_thresh3

However I ran into the issue that the system would rewrite the values to default immediately. Using sysctl worked without a problem.

The differences between these values are as follows:

gc_thresh3 = hard limit, kernel will not allocate more then this entry

gc_thresh2 = soft limit, kernel will begin to perform garbage collection