SMS alert for you server with Google Calender

During the college days, I had much fun doing the dumbest things which had absolutely no hope of finding any practical application – but just made me feel good. To bring back the good times, this weekend I thought of doing something similar.
Have you ever:

  1. Felt getting sms reminder from your Google Calender makes you more efficient
  2. Felt the need what’s going on in your server when you are not looking at it
  3. Felt Python is the neatest language around

Wondering what’s common in the three of them? How about using Google’s free sms service to get updated about the health of your server? Google’s gdata api allows you to do that, just with a few lines of python.

What’s the big deal about that? Nagios already has that feature, you might say! But unfortunately, I’m using windows these days, and all the free sms gateways in India are worthless.

Anyway, for the win32 api functionalities, I got pywin32 [Build 212] . Next I got the gdata-python-client [gdata.py-1.2.2.zip]. Installation was hassle free.

Peeped into the sample in the samplescalendar folder, and took out the required part from the calendarExample.py and made some little changes, and it was done. Here is the script.

The script isn’t really good and just checks if the Remote Registry Service is up or not. But with more love, cool things (like sms alert on unauthorised access, low isk space etc.) can be done.
However, to remove the ugliness of the script, firstly the hardcoding needs to go.

start_time = time.strftime(‘%Y-%m-%dT%H:%M:%S+05:30’, time.localtime(time.time() + 600))

where +05:30 indicates my time zone, ie IST and the 600 seconds, the time lag between the running of the script and the creation of the event. The sms reminder is sent 1 minute before the event begins, making the time lag 9 minutes. 

If you dont have your mobile registered with Google, just move down to the Settings tab at the top of the page in Google Calendar, and then to the mobile setup tab.

You need to have your default reminder type in Google Calenda as SMS. The Javascript Api, allows you to set the type of reminder eassily – no reason to suspect that the Python Api would not be able to do that; need to check this.

But more importantly, there should be saner way of passing a password to a script. I had my dad’s cell registered with a less important google account and scheduled a .bat file  in Winodws Scheduler that calls the script to set events every 10 minutes. Unfortunately, he did not enjoy it as much as I did.

Pesky tasks with batch scripts

Scripting is art. Nifty and subtle, wicked cool scripts can weave magic, and startle compiled language supporters with their skimpy appearance. But it is for getting yet-another-pesky-job done, that scripting becomes so important.
The batch scripting language, is the Windows equivalent(read wannabe) for the more sane bash scripting. Like many other products from Microsoft, it lacks elegance, is limited and does not have a good support for regular expressions. Below are some pesky jobs that can still be done with batch scripts.

Pesky job 1 : Map a network drive

net use N:| find “OK”
if errorlevel 1 net use N: \servernamepath$ ******** /user:******* /persistent:yes

This will check if the drive N is mapped or not; in case there is an error, it will map servernamepath with proper username/password values and keep this map persistent across reboots.

Pesky job 2 : Copying files with a time stamp
Say we want to copy a few files from one directory to another file to another with the current date stamp, it could be a simple
copy help.txt Desktop%date:~10,4%%date:~7,2%%date:~4,2%-chgs-1.txt

Truly ugly? Quite right.

Normally the date command would output

C:Documents and SettingsTatha>date
The current date is: Mon 11/17/2008
Enter the new date: (mm-dd-yy)

To use the date-stamp say in an echo statement, put the command with in percentage signs. to extract part of the time stamp, the command should be followed with a “:~offset, number_of_characters”. For example

C:Documents and SettingsTatha>echo %date:~0,14%
Mon 11/17/2008

So, the copy command above would create a copy the help.txt to the path C:Documents and SettingsTathaDesktop with a name 20081711-chgs-1.txt, on 17th November 2008.

But wait, this wont work in a Windows NT box. Seems like the automatic variables DATE and TIME were not implemented until windows 2000, so if you want a time stamp in an NT box you should

time /t >> file.txt

Pesky job 3 : Starting and stopping windows services gracefully
Another glitch when running newer bat scripts in Windows NT, that I came across is controlling Windows services. Consider the following snippet to stop a service named SomeAppServer or someappserver in a Windows Xp box.

net start | find “SomeAppServer”
if errorlevel 1 goto STOPPED
if errorlevel 0 echo %date% %time% Attempting to Stop SomeAppServer >> log.txt
start /wait net stop “SomeAppServer” >> log.txt 2>&1
if errorlevel 1 echo %date% %time% SomeAppServer could not be stopped >>log.txt
:STOPPED
echo %date% %time% SomeAppServer is stopped >> log.txt
echo — >> log.txt

However, in case the name of the service is someappserver, instead of SomeAppServer as written in the script, it would fail to stop the service in a Windows NT box. NT treats the service names as case sensitive and you need to supply exactly as it is listed.

Here are some good resources for batch scripting
http://www.robvanderwoude.com/batchcommands.html
http://weblogs.asp.net/jgalloway/archive/2006/11/20/top-10-dos-batch-tips-yes-dos-batch.aspx

Chrome is here

The entire world seems to be going crazy over Google’s open source browser Chrome, released yesterday – and with thousands testing the new toy, the response has been great so far.

In the video titled The Story behind Google Chrome one of the engineers mentions that each page opened in a tab spawns a new process and is sandboxed from other processes(pages) to provide better security.
Well, people like me who’ll never have enough RAM – that is quite an alarm. Because we can’t work without an unhealthy number of tabs opened, each gorging on a sizable amount of the core – and don’t forget the whole lot of other desktop apps like IDE, pdf readers and bitorrent clients etc minimised.
So, I dumped the process memory usages into a csv

C:Documents and SettingsTatha>wmic /output:C:ProcessList.csv path win32_process get Caption, Processid, workingsetsize /format:csv

On opening ProcessList.csv, I could find 6 processes has been listed, the total memory consumption was 94740480 or 94 MB.

However, as the screenshot shows below, I had 18 tabs opened by then.

OK – but what if I open a few more tabs?
Before opening a new tab

C:Documents and SettingsTatha>wmic process where “name=’chrome.exe'” get Caption, ProcessId, WorkingSetSize
Caption ProcessId WorkingSetSize
chrome.exe 3904 29917184
chrome.exe 4092 15052800
chrome.exe 1944 13385728
chrome.exe 1180 42876928
chrome.exe 2364 25825280
chrome.exe 2540 3198976
After opening a new tab

C:Documents and SettingsTatha>wmic process where “name=’chrome.exe'” get Caption, ProcessId, Worki
ngSetSize
Caption ProcessId WorkingSetSize
chrome.exe 3904 32575488
chrome.exe 4092 16211968
chrome.exe 1944 13418496
chrome.exe 1180 44613632
chrome.exe 2364 25825280
chrome.exe 2540 2891776

I tried a few more times and got 6 processes named Chrome, at any point of time. Notice the change in the working set sizes.

When you switch between the tabs – you’ll find the a few tabs will come up quickly, however the ones opened a soometimes back – will take some time to get rendered, but the delay is nothing unacceptable.

But wait… see the magic when you press Shift+Esc. Seems like Google knew, we the peeping toms would be looking for more info and made life much easy for them. Hit on the link “Stats for nerds” and you’ll find what you are looking for.

A wonderful and feature is you can add shortcuts to web based applications directly to the Windows Start menu or quick launch bar. Think of it – you’ll be able to open gmail, Google docs, Google notebook directly from quick launch bar the same way you open Outlook, Microsoft Word, etc. This will be a great help for low cost desktop computing projects that are trying to replace costly desktop apps with freely available web based alternatives.

For those, who couldn’t start working without installing Fullerscreen with Firefox and the look a clean and lean look and feel is like a gift long held in waiting.

Though the lightning fast V8 Javascript engine promises you lowest latency compared to other browsers, it’ll still take sometime to get migrate from Firefox to Chrome – mostly because of the rich set of plugins. Having said that, if Firefox reclaimed the web, Google Chrome is here to redefine the web.

Moving on

Life has not been that interesting to produce further gibberish adage for the last few months. At work I’m looking into a plethora of antediluvian technologies – but still putting up to learn the new ones.

My white paper titled Security Concerns with Web Services was warmly appreciated and got published our internal knowledge net. Though, I cannot publish it anywhere else … I surely can share the helpful tools that I used to detect web service vulnerabilities.

With the tools listed below, some imaginations and a desire to have fun – you can really have a good idea about web services security.

Tools for studying Web Services Security

  • WebGoat is an insecure J2EE application that provides a number of lessons for practicing commonly known security exploits.
  • Soap UI is a popular SOA and Web Services testing tool with a number offeatures like web service client code generation, mock serviceimplementation, and groovy scripting.
  • WS Fuzzer is a fuzzing penetration testing tool used against HTTP SOAP based web services. It tests numerous aspects (input validation, XML Parser, etc) of the SOAP target.
  • WebScarab is a framework for analysing applications that communicate using the HTTP and HTTPS protocols.
  • LiveHTTPHeader is a mozilla plugin that provides all the information about the browser traffic.
  • Cryptcat is a lightweight version of netcat with integrated transport encryption capabilities.
  • Fiddler is a HTTP Debugging Proxy which logs all HTTP traffic between your computer and the Internet. Fiddler allows you to inspect all HTTP Traffic, set breakpoints, and “fiddle” with incoming or outgoing data.
  • TcpMon is a utility that allows the user to monitor the messages passed along in TCP based conversation.
  • cURL is a tool to transfer data from or to a server, using one of the supported protocols (HTTP, HTTPS, FTP, FTPS, SCP, SFTP, TFTP, DICT, TELNET, LDAP or FILE). The command is designed to work without user interaction.

Most of the above tools comes with neat documentation, so have fun!

On loss and new beginning

“How does it feel
How does it feel

To be on your own

With no direction home

Like a complete unknown

Like a rolling stone?”

I lost it. I lost it all.
Three years of electronic ranting, tales of code, help, pride, use, abuse, love, hate, lies, videos, pdfs, – fuck, the list is endless! It surely justifies taking a sick leave …
Andrew Grove says Only the paranoid survives. But he never says getting hyper-paranoid for survival. Well, no regrets brother – just lessons.
If you happen to have no clue which loss I’m talking about – you hardly know me. Its my google account – I forgot the password for it. The big G is the spinal cord of your online existence – once you snap from it your gmail, blog, orkut, notebook, reader, docs everything refuses you as if you are some sort of a beguiler trying to steal the free services and be the next spam superstar!

Every loss makes you wiser. Its like a tool that refreshes the the old, and paves the way for the new change. So …

Turn the clock to zero, boss
The river’s wide, we’ll swim across
Started up a brand new day

It could happen to you – just like it happened to me
There’s simply no immunity – there’s no guarantee
I say love’s such a force – if you find yourself in it
And sometimes no reflection is there“