--> https://arvera.github.io/blog/
Saturday, November 03, 2018
Thursday, November 01, 2018
Ncat -vvv
Upon doing some testing for some connectivity, a client college recommended to use ncat with -v, the exact command was ncat -vvv -w2 -i2 <HOST> <PORT>
I was trying to understand the results and I did something where
| hosto | source environment
| hosta | target environment
## For a failing not open connection on port 80:
angelo@hosto:~$ ncat -vvv -i2 -w2 hosta 80
Ncat: Version 6.40 ( http://nmap.org/ncat )
libnsock nsi_new2(): nsi_new (IOD #1)
libnsock nsock_connect_tcp(): TCP connection requested to 192.168.1.124:80 (IOD #1) EID 8
libnsock nsock_trace_handler_callback(): Callback: CONNECT ERROR [Connection refused (111)] for EID 8 [192.168.1.124:80]
Ncat: Connection refused.
## For a working connection on port 22 (ssh-server running):
Ncat: Version 6.40 ( http://nmap.org/ncat )
libnsock nsi_new2(): nsi_new (IOD #1)
libnsock nsock_connect_tcp(): TCP connection requested to 192.168.1.124:22 (IOD #1) EID 8
libnsock nsock_trace_handler_callback(): Callback: CONNECT SUCCESS for EID 8 [192.168.1.124:22]
Ncat: Connected to 192.168.1.124:22.
libnsock nsi_new2(): nsi_new (IOD #2)
libnsock nsock_read(): Read request from IOD #1 [192.168.1.124:22] (timeout: -1ms) EID 18
libnsock nsock_readbytes(): Read request for 0 bytes from IOD #2 [peer unspecified] EID 26
libnsock nsock_timer_create(): Timer created - 2000ms from now. EID 36
libnsock nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 18 [192.168.1.124:22] (41 bytes): SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2..
SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2
libnsock nsock_readbytes(): Read request for 0 bytes from IOD #1 [192.168.1.124:22] EID 42
libnsock nsock_event_cancel(): Event #36 (type TIMER) cancelled
libnsock msevent_cancel(): msevent_cancel on event #36 (type TIMER)
libnsock nsock_timer_create(): Timer created - 2000ms from now. EID 52
libnsock nsock_trace_handler_callback(): Callback: TIMER SUCCESS for EID 52
Ncat: Idle timeout expired (2000 ms).
I was trying to understand the results and I did something where
| hosto | source environment
| hosta | target environment
## For a failing not open connection on port 80:
angelo@hosto:~$ ncat -vvv -i2 -w2 hosta 80
Ncat: Version 6.40 ( http://nmap.org/ncat )
libnsock nsi_new2(): nsi_new (IOD #1)
libnsock nsock_connect_tcp(): TCP connection requested to 192.168.1.124:80 (IOD #1) EID 8
libnsock nsock_trace_handler_callback(): Callback: CONNECT ERROR [Connection refused (111)] for EID 8 [192.168.1.124:80]
Ncat: Connection refused.
## For a working connection on port 22 (ssh-server running):
Ncat: Version 6.40 ( http://nmap.org/ncat )
libnsock nsi_new2(): nsi_new (IOD #1)
libnsock nsock_connect_tcp(): TCP connection requested to 192.168.1.124:22 (IOD #1) EID 8
libnsock nsock_trace_handler_callback(): Callback: CONNECT SUCCESS for EID 8 [192.168.1.124:22]
Ncat: Connected to 192.168.1.124:22.
libnsock nsi_new2(): nsi_new (IOD #2)
libnsock nsock_read(): Read request from IOD #1 [192.168.1.124:22] (timeout: -1ms) EID 18
libnsock nsock_readbytes(): Read request for 0 bytes from IOD #2 [peer unspecified] EID 26
libnsock nsock_timer_create(): Timer created - 2000ms from now. EID 36
libnsock nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 18 [192.168.1.124:22] (41 bytes): SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2..
SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2
libnsock nsock_readbytes(): Read request for 0 bytes from IOD #1 [192.168.1.124:22] EID 42
libnsock nsock_event_cancel(): Event #36 (type TIMER) cancelled
libnsock msevent_cancel(): msevent_cancel on event #36 (type TIMER)
libnsock nsock_timer_create(): Timer created - 2000ms from now. EID 52
libnsock nsock_trace_handler_callback(): Callback: TIMER SUCCESS for EID 52
Ncat: Idle timeout expired (2000 ms).
ncat for dummies
Looking for a some documentation for ncat to try to understand better the output of the -v I stumble upon this blog entry that seems really useful and handy.
https://zero-day.io/netcat/
https://zero-day.io/netcat/
Looking for a new blog-home
I have started to evaluate new hosting solutions for my blog. Because lately I have adopted and like the annotation that .md provides. Every git repository is using it out there and I have finally adopted it.
With that I am looking really hard at http://pages.github.com
Thursday, October 25, 2018
RAD and multiple workspace
Question:
| Hi Angel, we have developers working in multiple branches and they want to switch branches and test their code. How can RAD work with multiple workspaces in WCS toolkit? |
Rational Application Developer(RAD) as it is build with eclipse has the capabilities of changing workspaces.
RAD (when deployed as a toolkit for commerce) does accept the '-data' flag to specify a workspace, in fact it is always specified.
The startup script:
w:\wcde_\bin\StartWCToolkit.bat
has a line that always specify the -data flag.
But one thing to keep in mind is that many of the scripts for Commerce are bound to use the w:\wcde_\workspace directory. Using a different workspace might put you in a unsupported enviroment, that statement goes as far as making changing to the value of the -data variable or making RAD load a different workspace.
In any approach you will need to stop the workspace and stop the server, at the very minimum. That is because GIT or you will replace the files that the server is using, which are hold in the workspace.
If you want to still use multiple workspace, one approach that I can suggest is to.
1) stop the server
2) close RAD,
3) make a copy of the current w:\wcde_\workspace to w:\wcde_\workspace_branch1 (this will take significant time)
When wanting to switch branch:
4) rename the current w:\wcde_\workspace to w:\wcde_\workspace_master
5) rename the w:\wcde_\workspace_branch1 to w:\wcde_\workspace
6) start RAD the traditional way and the server
This can be time consuming if you don't have a powerful computer, because starting the server and RAD are quite timely.
With good habits the activities can help to keep everything in sync without having your enviroment getting corrupted by the constant replacing of branches that eGIT allows, unknowingly if the server is up or down.
Tuesday, October 23, 2018
Git and IBM WCS workspace
Having been a developer for RAD and Eclipse, and now a SME for IBM Commerce Toolkit in the IBM consultant community. I am often asked what is the better setup for developers when working with Git.
There is not one approach that works for everyone, each have Pro and Cons. For Git usage I suggest and advocate for a separate workspace and repository, specially if you are using git-flow or any other approach where you will be switching branches often.
## Having a workspace separate from the repo:
- workspace dir: w:\wcde\workspace
- repository: c:\gitRepo
Pro:
1) Less workspace corruptions
2) Ease of `git pull`
3) Less Git conflicts/merges (as developers can pull content from GIT any time)
4) very easy to explain to developers where git repo is vs workspace
5) Adaptable for entire workspace check in or only delta check-ins
Con:
1) Developers have to download a separate tool for merges (beyond compare is recommended)
2) Deleted files in the repo may not always be deleted by the developers
3) Developers can forget to check in files
## Having a workspace attach to git
- workspace dir: w:\wcde\workspace
- repository: w:\wcde\workspace
Pro:
1) Easy to keep in sync with git
2) Deleted files will be removed during pulls and merges
3) No need for a separate compare tool
Con:
1) Need to setup .git-ignore rules
2) In the past eGit performance and bugs have had some troubles
3) If developers swtich branches often, can cause workspace corruption, if the server is up
4) Merge issues can easily cause workspace corruption
A new command to figure out ports
Recently in a project as we were doing the setup of the system, our hosting provider made a typo in one of the MANY ports that our solution uses and it cause a lot of confussion.
When creating the VIP (Virtual IPs) and ports mapping and the ports got flipped. Our hosting provider gave us a document saying this are your servers:
| IP | server service |
| -- | -- |
| 10.2.3.120 | VIP for live |
| 10.2.3.121 | VIP for auth |
| 192.168.1.140 | IP for live |
| 192.168.1.141 | IP for auth |
But we found out it was reversed, `.120` was auth and `.121` was live.
So after a lot arguing and a lot of hours of explaining what happened, how to test, and reporting to people.
I had the need to find a way to bring down the server and effectively test that we are hitting a particular server in a specific port, not through the ports that are used by the server and services because sometimes they may not necessarily tell me if I am hitting auth. My options:
- Check the access log in the web server
- Create different data in auth and live (a user or a product that exists in auth but not in live)
- Enable accesslog trace in the app server
Find a way to test without the app server layer?
Solution:
From Auth:
1) logon to auth at 192.168.1.141
2) `nc -l 5001`
From a client try:
3) http://10.2.3.120:5000
4) in auth, check the output of the `nc` command
When creating the VIP (Virtual IPs) and ports mapping and the ports got flipped. Our hosting provider gave us a document saying this are your servers:
| IP | server service |
| -- | -- |
| 10.2.3.120 | VIP for live |
| 10.2.3.121 | VIP for auth |
| 192.168.1.140 | IP for live |
| 192.168.1.141 | IP for auth |
But we found out it was reversed, `.120` was auth and `.121` was live.
So after a lot arguing and a lot of hours of explaining what happened, how to test, and reporting to people.
I had the need to find a way to bring down the server and effectively test that we are hitting a particular server in a specific port, not through the ports that are used by the server and services because sometimes they may not necessarily tell me if I am hitting auth. My options:
- Check the access log in the web server
- Create different data in auth and live (a user or a product that exists in auth but not in live)
- Enable accesslog trace in the app server
Find a way to test without the app server layer?
Solution:
From Auth:
1) logon to auth at 192.168.1.141
2) `nc -l 5001`
From a client try:
3) http://10.2.3.120:5000
4) in auth, check the output of the `nc` command
Friday, March 24, 2017
What are my O/S belives
Lately non techy people ask me what O/S I prefer: APPLE or WINDOWS?. Often with the more techy inclined the topic does come up at some point in our conversation: APPLE, WINDOWS, LINUX, BSD, Solaris, OS390 (zOS).
When I was in university at some point I said to a good friend of mine "When I grow older and I have a house I will have one computer with each platform" Well I am older now and I have a house, and wife, and kids, and spare computer parts (doesn't everyone have them), lego, tons of lego, although not enough. But the one thing that I also have is accomplished my dream of having one copy at least, of each platform, so not only I have accomplished my dream but over accomplished it, because in reality I have multiple copies of many platforms.
Back then in Uni i was really refering and having: 1 linux, 1 Windows, 1 Mac at that time people would ask me why a Mac? and not everyone would know also that there was something call Machintosh.... well those times certainly have change.. haven't they?
So which platform I prefer? I will say not OS/390 or AS/400 but maybe because I don't have enough experience with them, my experience with both of those platforms have been limited by access at times.
I declare myself O/S Agnostic.
When I was in university at some point I said to a good friend of mine "When I grow older and I have a house I will have one computer with each platform" Well I am older now and I have a house, and wife, and kids, and spare computer parts (doesn't everyone have them), lego, tons of lego, although not enough. But the one thing that I also have is accomplished my dream of having one copy at least, of each platform, so not only I have accomplished my dream but over accomplished it, because in reality I have multiple copies of many platforms.
Back then in Uni i was really refering and having: 1 linux, 1 Windows, 1 Mac at that time people would ask me why a Mac? and not everyone would know also that there was something call Machintosh.... well those times certainly have change.. haven't they?
So which platform I prefer? I will say not OS/390 or AS/400 but maybe because I don't have enough experience with them, my experience with both of those platforms have been limited by access at times.
I declare myself O/S Agnostic.
Deleting files in subdirectories and creating empty folders for Windows users
If you have had to create a directory structures to provide a template for other users, you can find some tricks online on how to do that. But all of those post seem to be lacking of "how to create a file in each directory in windows".
The other day I found myself with this need as I had to check a directory structure in GIT, and GIT doesn't like you checking in empty folders.
So first I copy the directory strucuture that I wanted from somewhere else and then deleted all the files inside using:
Del /R *.*
Well that easy I had a bunch of empty folders now to create the empty file.
Reading up on batch scripting which I have done in the past after several tries I came up with this:
@echo off
setlocal
set "location=W:\GitRepo\src\patch\ConsolidatePatch7"
for /R %location% %%G in (.) do (
Pushd %%G
echo. 2>.readme
Popd
)
That created a .readme file on each and every directory and subdirectory of location. I was then able to check in this strucutre in GIT without a problem.
The other day I found myself with this need as I had to check a directory structure in GIT, and GIT doesn't like you checking in empty folders.
So first I copy the directory strucuture that I wanted from somewhere else and then deleted all the files inside using:
Del /R *.*
Well that easy I had a bunch of empty folders now to create the empty file.
Reading up on batch scripting which I have done in the past after several tries I came up with this:
@echo off
setlocal
set "location=W:\GitRepo\src\patch\ConsolidatePatch7"
for /R %location% %%G in (.) do (
Pushd %%G
echo. 2>.readme
Popd
)
That created a .readme file on each and every directory and subdirectory of location. I was then able to check in this strucutre in GIT without a problem.
Wednesday, August 31, 2016
Payment services
In my line of job it is always challenging to understand and separate the business requirements from the actual technical implementation, and a added challenge is the language. I am not just talking about English <-> Spanish, I am a fluent Spanish speaker but the Spanish that some latin american countries speak is just plain different. I am talking about the language barriers between IT and business users, even between IT fellow coworkers..
A small example: I called Strawberries, Fresas in Chile they are called Frutilla.
Anyhow....
This customer is looking to integrate with 3 different payment system. This is when I learn about a new term "Transaction Completa" or "Complete transaction". It took a couple of back and forth conversation for us to be on the same page as we didn't have a "Client term dictionary" to IT eCom terms.
Let's look at the payment system that I have experienced.
1) In house direct Payment System: ... where the eComm system directly talks to a interface. Such interface can be a hardware that is provided by a 3rd party company or to a home-grown system that handles the direct communication to a mayor payment system (bank, transbank, interact, paymentech, chase 3dsecure...)
In this type of integration there is a transaction_ID stored somewhere in that should be encrypted either the eComm persistance layer or the interface layer, to associate the order to a payment transaction.
2) Middle Man: ... where the eComm does not capture the CC information but rather eComm transfer the control to a contracted payment system and what eComm gets in return is a authToken that refers to the transaction. This authToken should be encryted in the system. This type of integration is also known as punchout, in the sense that we send the control to a another system.
The eComm never handles information related to the CC and thus responsibility to keep that information save is passed on to the 3rd party system. This is the most common and preferred approach.
There is a large market of providers out there: PayPal, WebPay, Transbank, Chase
3) Direct Gateway: ... where the eComm talk directly to the bank entity. In the older days before Punchout existed, this used to be a direct type of connection code directly on the eCommerce platform and would directly talk to each bank/payment system. Because each bank/payment system had their own specs and apis, this would become too complicate to code, support and mantain, thus almost always this would end up on a in-house payment system and this approach would be abandoned.
Now a days each bank have grown to understand the customer and they now provide their own propitiatory punchout payment interface. In some cases even providing eWallets where you can store your own credit card. Some sample of this system are Visa Checkout, MasterPass
A small example: I called Strawberries, Fresas in Chile they are called Frutilla.
Anyhow....
This customer is looking to integrate with 3 different payment system. This is when I learn about a new term "Transaction Completa" or "Complete transaction". It took a couple of back and forth conversation for us to be on the same page as we didn't have a "Client term dictionary" to IT eCom terms.
Let's look at the payment system that I have experienced.
1) In house direct Payment System: ... where the eComm system directly talks to a interface. Such interface can be a hardware that is provided by a 3rd party company or to a home-grown system that handles the direct communication to a mayor payment system (bank, transbank, interact, paymentech, chase 3dsecure...)
In this type of integration there is a transaction_ID stored somewhere in that should be encrypted either the eComm persistance layer or the interface layer, to associate the order to a payment transaction.
The eComm never handles information related to the CC and thus responsibility to keep that information save is passed on to the 3rd party system. This is the most common and preferred approach.
There is a large market of providers out there: PayPal, WebPay, Transbank, Chase
3) Direct Gateway: ... where the eComm talk directly to the bank entity. In the older days before Punchout existed, this used to be a direct type of connection code directly on the eCommerce platform and would directly talk to each bank/payment system. Because each bank/payment system had their own specs and apis, this would become too complicate to code, support and mantain, thus almost always this would end up on a in-house payment system and this approach would be abandoned.
Revamping the site
I have had this blog for a while, it was meant to be for my linux adventures but I ended up not using it.. so my plan is to now use it for ecom stuff. I thought on the of the name one day when I was walking on the streets on chile comming back from work.
Sunday, October 16, 2005
After 5 or 6 years.. Coming back to linux
So I am finally starting to pick up on this Linux thing again.. WOOOO!! IS SO MUCH FUN!!!! i just hope I don't break my configuration and have to do it all again from the begining... that would hurt.
I decided to start up with FC4.. I have always been loyal to RH and Mandrake.. So i downloaded it i then tried installing it.. oh my.. what a pain..there is a bug in the installer in where if you start to customize your enviroment it will fail when trying to format the partitions.
Leason learn: If the first attempt is unsuccessful CHOOSE the defaults.. if it works then try it again with more options.
I had several attempts until finally I was able to install it.
I then had to configure a bunch of things.. and I had to go buy a new mouse, keyboard and speakers, first time in 4 years that I actually buy computer stuff again.. :D
I decided to start up with FC4.. I have always been loyal to RH and Mandrake.. So i downloaded it i then tried installing it.. oh my.. what a pain..there is a bug in the installer in where if you start to customize your enviroment it will fail when trying to format the partitions.
Leason learn: If the first attempt is unsuccessful CHOOSE the defaults.. if it works then try it again with more options.
I had several attempts until finally I was able to install it.
I then had to configure a bunch of things.. and I had to go buy a new mouse, keyboard and speakers, first time in 4 years that I actually buy computer stuff again.. :D
Subscribe to:
Posts (Atom)