Category: General

Change Amazon RDS database timezone to non UTC

Amazon RDS is a very powerful hosted Relational Database solution. I recently came across a big annoyance with it which was not being able to set a default timezone. I had a PHP application along with several scripts talking to MySQL on Amazon RDS.

There are many solutions available around the internet like changing the code on application side and setting the timezone on every connection from the application. However, i wanted a server side solution  to ensure that the timezone is changed for every connection. It would have been hazardous if i fail to change the code even at one place in my applications/scripts.

Many places talked about using CURRENT_USER() function in a stored procedure, checking if the user is not rdsadmin, then set the timezone for that session. However, it did not work for me. Also i wanted to change timezone only for certain users in my database. So, without further discussion, i will jump straight into the implementation.

I created a stored procedure named “change_time_zone” in “mysql” database which is the default database in a MySQL installation.

DELIMITER #
CREATE PROCEDURE mysql.change_time_zone ()
IF user() REGEXP '^(user1|user2|user3)' THEN
SET SESSION time_zone = "America/New_York"
END IF #
DELIMITER ;

Read More

Enabling slow query log on Amazon RDS

The slow query log can be used to find queries that take a long time to execute and are therefore candidates for optimization. If you want to enable slow query log on your Amazon MySQL RDS instance, you need to be aware of 2 things :-

  1. To be able to enable and disable slow query log on the RDS instance. Make sure you disable it after a few mins of enabling it. It’s not advised to keep it enabled for long, especially on production servers.
  2. To be able to view the slow queries once you have enabled the log. As of MySQL 5.1.6, the destination of the slow query log can be a file or a table or both.

You are going to need to edit the parameter “slow_query_log” under the DB parameter group of your RDS instance.  A RDS instance would usually be setup with a default DB parameter group e.g. if you are running Mysql 5.5.x. your DB parameter group would be called default.mysql5.5 and so on. I believe AWS won’t allow you to modify a default DB parameter group, so it’s best to create one of your own based on one of the default ones and use that for your DB instance. Once your RDS instance is running off your custom parameter group, you can then go ahead and start modifying parameters in it.

Since not too long ago, this could only be done via the command line. But now, this can be done via the AWS Management console as well. You need to be in the DB Parameter Groups section in the AWS RDS Console. Find your Parameter group and click on it. Then click on the ‘Edit Parameters’ button.

edit_parameters_rds_console

 

Once in the edit mode, find the “slow_query_log” parameter. You might have to scroll down towards the bottom. Change this value to 1 if you are enabling it and 0 if you are disabling it. No other values would be accepted here. Read More

SANS Investigative Forensic Toolkit 2.14 Released

The SANS Investigative Forensic Toolkit (SIFT) Workstation is a VMware Appliance that is pre-configured with all the necessary tools to perform a detailed digital forensic examination. It is compatible with Expert Witness Format (E01), Advanced Forensic Format (AFF), and raw (dd) evidence formats. The brand new version has been completely rebuilt on an Ubuntu base with many additional tools and capabilities that can match any modern forensic tool suite.

 

New in SIFT 2.14

Wireshark 1.8.3 Released

Wireshark is the world’s foremost network protocol analyzer, and is the de facto standard across many industries and educational institutions.

 

Highlights of Wireshark 1.8.3:
• A lot of protocols were updated:
• A bug that caused the HSRP dissector could to go into an infinite loop has been fixed;
• A bug that causeD the PPP dissector to abort has been repaired;
• Martin Wilck discovered an infinite loop in the DRDA dissector. It was fixed;
• HDCP2 now used the correct protocol id;
• Markers are now showed when maps are displayed;
• Truncated/partial JPEG files are now dissected;
• Support for MPLS Packet Loss and Delay Measurement has been implemented;
• A bug that caused Wireshark to crash when VoIP Calls were selected was fixed; Read More

Yaptest – A penetration testing framework

It is a penetration testing framework that helps automate the boring parts of pentests.Yaptest aims to make it easy for a pentester to automate parts of testing on the fly. This is particularly useful when testing very large networks. Below are some examples of tasks which would be easy to automate using yaptest:
  • Run nikto on anything nmap thinks is an HTTP service
  • Run hydra on every host with TCP port 21 open
  • Attempt upload a file to any TFTP servers found
  • Run onesixtyone on all hosts that are up
  • Try metasploit’s solaris_kcms_readfile exploit against any hosts running kcmsd
Yaptest is the glue between your favourite tools and the knowledge base gathered during your pentest. It handles all the mundane stuff that can easily be automated and leaves you free to get on with owning boxes demonstrating risk using techniques that yaptest doesn’t know about yet. Read More

Please boycott youtube

Please boycott youtube
on 20 , 21 , 22 sep.
To record protest for film against islam.
22 million+ internet users of muslims can realize
them
to remove this video from youtube and can show
the world that
we love our Prophet Muhammad S.A.W.W
forward to all muslims.

Flashbacks

Women

Media Own People

There is nothing called Israel