blog di jdaemon

Deceive and monitor by honeypot systems

It's intrinsically impossible coping with all possible threats, including those not yet known.

In traditional systems you try to avoid attacks but sooner or later it will happen. With the introduction of NIDS monitoring function was added. Then with IPS, the systems became reactive through attempts to block network traffic from the malicious suspected source but it was still defending production value.

Thanks to the honeypot system the perspective changes radically because it has no production value. Rather it pretends to have it.

Factory Method and Abstract Factory compared

Factory Method (FM) and Abstract Factory (AF) are two of the main Design Patterns[0]. Both highly correlated, have several traits in common including:

  • The purpose to create objects, which is why FM and AF are classified as creational
  • The design feature of decoupling[1] the client class from implementation of factory classes of products[2]. In this way, the client is freed from knowing how the products are created

Cannot open display

When it try to start a graphical application from a terminal and it fails returning only an error of type cannot open display[0] is very likely to be an environment variable error. In Unix-like systems for each Xorg server must be a logical display identifier of the form :0, :1, ..., :0.0, :0.1, ..., :1.0, :1.1 and so forth.

Messages like:

** (PROGRAM_NAME:PORT): CRITICAL **: Failed to parse arguments: Cannot open display:[1]
the most frequent:
(PROGRAM_NAME:PORT): Gtk-WARNING **: cannot open display: VALUE
or even
Error: cannot open display: VALUE

indicate that the VALUE logical display cannot be accessed ...

No protocol specified

In Unix-like systems, if it fails to start any graphical application from a terminal which returns an error message contains the following statement:

No protocol specified

with the consequent final warning (that in these cases, must not be considered because there's the first priority statement[0]) of the kind shown below:

WARNING: cannot open display: :x.x

or in rare cases, an Xlib[1] error such as:

Xlib: connection to "<hostname>:x.x" refused by server
Xlib: No protocol specified

Usefulness of the Linux Framebuffer on the Virtual Console

The Linux Framebuffer is a graphic hardware-independent abstraction low level to show graphics on the monitor. It allows to display image, video, presentation files and more on the console through to the use of specific CLIs which support one. Useful when you have to use OS without X Window System...

Before starting you need to make sure that Framebuffer is currently available. Open any terminal and digit:
dmesg | grep -i vesa
Should see the "vesafb driver" (VESA standard) and the "fbX devices" entries, otherwise you need to enable framebuffer support by setting the bootloader and/or recompiling kernel.


Lo *Lab spegne la prima candelina - 31/03/2012

Ad un anno dall'inaugurazione della nostra sede, avvenuta l'oramai remoto 21/03/2011, ci accingiamo a festeggiare la nostra ascesa con un party a base di birra e succo di frutta per gli astemi. La festa avrà luogo la sera di sabato 31 così che tutti possano prenderne parte.

Porteremo amici e compagni d'avventura. Non sarà solo la festa dell'HackLab, bensì di tutti i gruppi che come noi condividono il medesimo tetto sotto il quale svolgere attività sociali, politiche e culturali. Lo *Lab è centro di gravità, ambiente fecondo per chi desidera condividere ed implementare i propri sogni o per chi ama semplicemente far parte di una grande comunità.

Tante idee sono state sfornate e chissà quante altre ancora ne nasceranno, ma giorno 31 i nostri cervelli verranno temporaneamente disconnessi. Affogheremo in fiumi di birra e vino per i più tradizionalisti. Chi verrà vivrà!

Grazie a Tutti! ;)

SOCKS/HTTP/FTP Proxy on shell

Surfing through a proxy server on command line net tool (curl, wget, ftp, gopher[0] and others) or text based Web browser (w3m, links, lynx ect.) in Unix-like OS is possible by setting some environment variables or specific parameters of program in question. Some browsers also support the "no_proxy" environment variable that specifies a set of domains for which the proxy should not be consulted.[1] As for ssh see connect-proxy debian package and ssh man page.

For the HTTP connections assign the ip/hostname http proxy (with an optional username and password) to the http_proxy variable:


For the FTP connections assign the ip/hostname ftp proxy (with an optional username and password) to the ftp_proxy variable:



RTNETLINK answers: File exists

When the virtual terminal displays the following message:

RTNETLINK answers: File exists

It should not be interpreted literally.

It's a misuse of (rt)netlink interface for communication with the kernel. Generally the message is caused by the Dynamic Host Configuration Protocol (DHCP) system which assigns an "X" IP address to the computer on which it was previously set same "X" IP address.

None of the authentication protocols specified are supported

In Unix-like systems, if you try to start a graphical application as no "session manager" executor root/user in pseudo-terminal and it returns the following output:
Failed to connect to the session manager: None of the authentication protocols specified are supported
Warning: Tried to connect to session manager, None of the authentication protocols specified are supported

It may be required a login shell ...

NVidia Driver and ignoreABI Option

If after upgrading xorg 1:7.6+8 (Debian) or xorg-x11-server (Fedora)

nvidia driver don't work, X don't start

and you have found in the following files:

or /var/log/Xorg.*.log*: