IT: How to setup SSH tunneling (File Transfer, Email, Windows XP Remote Desktop, X Window).
Client Software:
SSH Secure Shell for Workstations 3.2
PuTTY: http://www.chiark.greenend.org.uk/~sgtatham/putty/
The SSH2 protocol is designed to provide secure network communications. SSH tunneling (SSH port forwarding) is a technique to forward insecure TCP traffic through encrypted SSH tunnel. When you want to access internal resources behind the firewall occasionally, SSH tunneling can be used as a temporary replacement of VPN. For example, like other schools and companies, our Ryerson University's campus network is protected by a firewall. If you want to access the internal hosts from outside, you have to SSH-logon to our PASCAL host first for authentication. From there, you can use the terminal to establish further connections to access the internal hosts. Imagine a situation like this, during your vacation, you may want to use Outlook Express to check your emails at home, or download a large file from an internal host. How can you do that? For these cases, SSH tunneling is the solution. Generally speaking, to access the firewall-protected internal resources from outside, you have to logon an authentication host (let's call it SSHd server). All further TCP traffic goes through the SSHd server no matter which internal host you use later on. To use SSH tunneling, we need to setup a tunnel first. The tunnel needs to be established between the local host and the remote SSHd server. Usually the application server in the internal network is not the same as SSHd server; therefore, we also need to specify the destination host and port. When the tunnel is established (The SSH connection needs to be kept active during tunneling), we can logon to local host, and all the TCP traffic is forwarded to the destination host in secure SSH channels.
Detailed configuration is described as follows:
1. Download free SSH secure file transfer client software from campus network. And then download PuTTY from the link at the beginning of this article.
2. Start putty.exe and configure SSH port forwarding.
2.1. Choose "Session" from the left panel, and configure "host name" and "port", for example, in my case I have to use "pascal.ee.ryerson.ca" and "22" which is the configuration of my campus's SSHd server, and then specify the profile name in "Saved Sessions", and then click the "Save" button to save the settings.
2.2. Choose "SSH->Tunnels", and then specify a port number for tunneling in "Source port". Any number that is larger than 5000 should be OK. Next, specify the application server and port number in "Destination" field. For example, if I want to download a large file from my lab file server, I have to use "cserv.ee.ryerson.ca:22" as my destination configuration.
2.3. Click "Add" button to add the above configuration and then go back to the session setting part and "Save" the settings. Note that all the above forwarded port settings are for "Local".
2.4. Restart PuTTY, load the profile and click "Open" to setup the SSH connection. You will be prompted to type your password.
2.5. Keep the above SSH connection alive during tunneling.
3. Start SSH Secure File Transfer client software, and add a new profile.
3.1. Configure Host Name: 127.0.0.1
3.2. Configure your user name.
3.3. Configure your port number. Recall that you have chosen a local port number for tunneling. Type that port number here. This port number must be consistent with the "Source Port" in your PuTTY settings.
3.4. Configure Encryption Algorithm: AES, 128. That one works for me.
3.5. Configure MAC Algorithm: HMAC-MD5.
3.6. Compression: use default.
3.7. Terminal answerback: use default.
3.8. Keep default values for all other settings.
4. Use the above settings to connect to the local host. It looks like you are trying to SSH log-on to local host, but you actually logon to the destination host inside the remote firewall. Now you can do your file transfer safely.
Troubleshooting:
1. Port Number: To find out which port numbers have been used by your local system, you can check out this file (Windows XP):
C:\WINDOWS\SYSTEM32\DRIVERS\ETC\SERVICES
2. Port Number: To find out which port number might be used by your current running program, you can check out this link:http://www.chebucto.ns.ca/~rakerman/port-table.html.Note that you can still use some of those port numbers as long as the applications are not running.
The above settings are for secure file transfer. To setup secure incoming and outgoing email at home, the idea is almost the same. You may need to forward the following port numbers: 25 for outgoing mail (SMTP), and 993 for incoming mail (SSL IMAP). For example, my department mail server is "imap.ee.ryerson.ca". So, the local port 25 on my home computer needs to be forwarded to the destination "imap.ee.ryerson.ca:25", and the local port 993 should be forwarded to "imap.ee.ryerson.ca:993". After the SSH tunneling is setup, Outlook Express on my local machine needs to be configured to connect to "localhost" to send and retrieve emails. Note that during that process, the PuTTY SSH connection has to be alive.
Microsoft Remote Desktop is previously known as Terminal Service. Now the Remote Desktop Connection client software is already a built-in tool in my Windows XP professional edition. It can be found in "All Programs -> Accessories -> Communications -> Remote Desktop Connection". To remotely logon to my office Windows XP computer (That computer was bought in 2003 and has 2G memory. I really should make good use of it.), SSL tunneling still works. Microsoft Remote Desktop service uses port 3389. And since the XP machine already listens to port 3389, we cannot configure PuTTY to listen/forward port 3389, otherwise, there is a conflict. Forwarding another port won't work either, since users are not allowed to remotely logon to 127.0.0.1. This is true if you haven't upgraded to SP2. However, there is a workaround for this problem. The trick is that we can configure PuTTY to listen to the host 127.0.0.2. During the configuring, we can type "127.0.0.2:3389" in the "Source port" field, and forward the requests to the destination such as "caspal8:3389". When we use Remote Desktop Connection, we just need to connect to 127.0.0.2, which is also a local host by default. By doing this, we avoid the port conflict in 127.0.0.1.
To use X over SSH tunneling is also possible on Windows XP. The first step is to install X window server software on your Windows XP. You can use Exceed or Cygwin but don't forget Exceed is not free. I use Cygwin in my Windows XP machine. After finishing the installation of Cygwin, we need to run "startx" to start X Window Server program in the local machine. Next, we have to configure SSH client software to enable "Tunnel X11 connections". For example, I reconfigure my tunneling to CSERV and enable the X11 tunneling. Then I can logon to localhost: 5050, which is the tunnel of my "cserv.ee.ryerson.ca". After I logon, I can test whether the X11 tunneling works or not by using the command "printenv DISPLAY". If everything works fine, I may get a response something like "localhost: 10.0". To use window-based software in the remote computer, for example, a GUI-based Matlab, I can just type "Matlab", and a popup window is created in my local machine, and the graphic version of Matlab is started.
Software: Network Simulator (NS2) Setup
Major references:
[1]
http://140.116.72.80/~smallko/ns2/setup.htm
1. Phase One: Cygwin Installation
1.1. Run Cygwin setup program directly from official Cygwin web sites.
1.2. Install from Internet and select 'for me'.
1.3. Choose mirror sites
ftp://mirrors.kernel.org.
1.4. Expand the tree view and check the following packages:
XFree86-base, XFree86-bin, XFree86-prog, XFree86-lib
XFree86-etc, make, patch, perl, gcc, gcc-g++, gawk, gnuplot, tar, gzip.
1.5. Run cygwin.bat.
>> Troubleshooting for phase 1:
a) Home environment variable setting: When we enter cygwin, by default, we should automatically enter home directory which has the format like /home/username, for example, /home/jamesz. If your home directory is strange, chances are that your cygwin HOME environment variable is overwritten by external Windows XP HOME environment variable. Note that it is a feature that cygwin can import external Windows XP environment variable settings into its own environment, such as PATH variable. But this behavior is not desirable when comes to HOME variable. One workaround is to edit c:\cygwin\cygwin.bat file and add the following line to reset the HOME environment variable in cygwin:
set HOME=C:\cygwin\home\jamesz
Now we can restart cygwin. If everything works properly, we should come to our default home directory and three files are copied to our home directory, and they are '.bash_profile', '.bashrc', and '.inputrc'. We can customize our environment settings by configuring these files.
--------------------------------------------
2. Phase Two: Network Simulator (NS) Installation
2.1. Download all in one software package from:
http://www.isi.edu/nsnam/ns/
http://www.isi.edu/nsnam/dist/ns-allinone-2.27.tar.gz
2.2. Add the following lines in current users's '.bashrc' file.
export NS_HOME=`pwd`/ns-allinone-2.27
export PATH=$NS_HOME/tcl8.4.5/unix:$NS_HOME/tk8.4.5/unix:$NS_HOME/bin:$PATH
export LD_LIBRARY_PATH=$NS_HOME/tcl8.4.5/unix:$NS_HOME/tk8.4.5/unix:$NS_HOME/otcl-1.8:$NS_HOME/lib:$LD_LIBRARY_PATH
export TCL_LIBRARY=$NS_HOME/tcl8.4.5/library
2.3. Copy the compressed file to our home directory.
2.4. Decompress the file: tar xvzf ns-allinone-2.27.tar.gz.
2.5. Go to the ns2 directory and run './install'.
2.6. Optional: 'cd ns-allinone-2.27/ns-2.27'; './validate'.
2.7. Run 'startx' to start x windows.
2.8. 'cd ns-allinone-2.27/ns-2.27/ns-tutorial/examples';
'ns example2.tcl'.
>> Troubleshooting in Phase 2:
a) Diff prompt message: select y.
b) Not responding when checking gcc -g option: Software version problem. If gcc packages are downloaded from the above recommended ftp site, this problem won't happen.
c) Error message about Perl: The perl version is not correct. Download the latest Perl version and delete ns2, and reinstall ns2.
--------------------------------------------
3. Phase Three: Modification and Make
3.1. Modify the source files if needed.
3.2. Go to ns-2.27 directory and run './configure'.
2.3. Make depend, make
>> Troubleshooting in Phase 3:
a) 'CPP_NAMESPACE' undeclared: This Make error can be solved by re-run make depend and then run 'make' again. Someone also posted other possible solutions that can be found here:
4. Other problems.
4.1. Re-installation: when you want to re-install NS2, it reports some strange errors something like "no rule to make xxxx, or no makefile in /ns-allinone-2.27/tcl8.4.5/unix/dltest/Makefile". When such error happens, one could go to the above directory, and then go to the parent directory and copy 'Makefile.in' to /dltest. It seems at least the installation can continue. If some other errors occur, one can try 'make depend' and then 'make'.
IT: Hotmail not responding.
In the past few days, I have been experiencing 'not responding' problem whenever I try to load and use Hotmail. At first, I though it might be caused by JavaScript, but later it turned out this problem is actually related to SSL Cache. The reference to solve this problem can be found
[here].
From Control Panel -> Internet Options -> Content -> Clear SSL State.
According to the information provided by
[Microsoft]. This 'Clear SSL State' feature is used for Client Authentication.
Server Authentication is that we clients/users check server certificates before we can trust the web sites. Client Authentication works in a similar way in that the server applications need to authenticate the client or user, for example, ask for proper client certificates, before they can further process the client requests. Usually when we do online banking or e-commerce transactions, only Server Authentication is used. We customers are very concerned about the credibility of the servers. That's why we need to check and validate those certificates sent from the servers. In the meantime, the server side applications only use some web protocols such as some special login tokens to verify client users. Most of the time, this is OK. But in some situations where a higher level of security is needed, for example, only those requests from a specific computer are allowed, then Client Authentication needs to be applied.
Some banks do provide Client Authentication as an optional choice.
C/C++ : Write a function in different ways that will return f(7) = 4 and f(4) = 7.
Solution 1:
int foo(int bar)
{
int ret;
bar==7? ret = 4: ret = 7;
return ret;
}
Solution 2:
int foo(int bar)
{
return 11 - bar;
}
C/C++ : Multiply x by 7 without using multiplication (*) operator.
This one is easy. I came up with several solutions:
Solution 1:
return (x + x + x + x + x + x + x);
Solution 2:
return (x << 3) – x;
Solution 3:
return (x << 2) + (x << 1) + x;
However solution 2 and solution 3 only work for integers. What if the number is not an integer? How about this one?
Solution 4:
return x/(1/7.0);
C/C++ : Find if the given number is a power of 2.
Solution stolen from here [flipcode.com]:
inline bool isPowerOf2(unsigned x) { if (x<1) return false; return (x&(x-1))==0;}
Since the most beautiful solution has already been found, I don't even bother to find something else.
C/C++: Write a C++ program without using any loop (if, for, while etc) to print numbers from 1 to 100 and 100 to 1
This question clearly specifies that 'if', 'for', 'while', etc are not allowed. I don't know how come 'if' is counted as a loop. But obviously the last resort to tackle this problem is to use recursive functions. Since 'if' is not allowed, I choose conditional operator and hopefully it is not against the rule, :-). My solution is:
#define max 100
#define min 1
int foo1(int bar)
{
(bar > min)? foo1(bar-1):1;
return printf("%d\n", bar);
}
int foo2(int bar)
{
(max > bar)? foo2(bar+1):1;
return printf("%d\n",bar);
}
int main(int argc, char* argv[])
{
foo1(max);
foo2(min);
return 0;
}
Recently I found someone posted an interesting solution for this problem on Slashdot. The recursion part is the easy part. The question is how to avoid the 'if'. Here is his/her idea [1]:
a(int c){printf("%d ",c);(c^100)&&amp;amp;amp;a(c+1);}
b(int c){printf("%d ",c,(c^100)&&amp;amp;amp;b(c+1));}
main(){a(1);puts("\n");b(1 );puts("\000");}
The method uses '&&' (Logical-AND) to define a stop condition for the recursion. Note that the expressions are evaluated from left to right. When the left part is false (0), the right part will not be evaluated, and this becomes the stop condition for the recursion. Similarly, we can also use '' (Logical-OR).
[1] http://developers.slashdot.org/comments.pl?sid=131673&cid=10995170
C: Write a "Hello World" program in 'C' without using a semicolon.
It is not difficult to figure it out we can use '{}' trick to save a semicolon. Solution:
if(printf("Hello World\n")){}
C/C++: swap two numbers without using a temporary variable.
This is an old and infamous trick. I can't trace its origin. But if you do a little homework at 'Google University', you will find out this topic has been discussed many times online, especially at those programming forums. Rumor says this is a typical interview question. Well, I believe this one is no longer in use since it is already well-known to most programmers. However, it is still an interesting question and I think it is worth writing a note here as my first serious post.
Before we get started, I think it is reasonable to assume both numbers are of the same type. The first solution we might come up with is:
Solution (1)
a = a * b;
b = a / b;
a = a / b;
Obviously, there are two problems with this solution. Firstly, if number b equals zero, it will cause a division by zero, which gives undefined behavior. Secondly, the multiplication and division might cause overflow/underflow (the number is too small to represent). Note that underflow won’t occur when both numbers are integers. To fix the first problem, we can add a condition check. That is:
Solution (1a)
if (b!=0){
a = a * b;
b = a / b;
a = a / b;
}
else{
b = a;
a = 0;
}
Now, it is getting better, but the overflow/underflow problem still remains unsolved. Next, we might come up with another method based on additions and subtractions. That is our solution (2):
Solution (2)
a = a + b;
b = a - b;
a = a - b;
Solution (2) automatically avoids division by zero, but it still could cause overflow problems. Note that if both numbers are integers, the overflow problem is not as serious as it looks. Since addition and subtraction are modular in C, this solution works. It also holds for signed numbers as long as the negative numbers are represented via two complement. Similarly, we can do a subtraction first, and then an addition, and so on. And furthermore, we can add several condition checks and decide whether we should do a subtraction or an addition as the first step to avoid overflow. But that is not so fun any more.
The most interesting method is solution (3) that is based on 'exclusive or'.
Solution (3)
a = a ^ b;
b = a ^ b;
a = a ^ b;
XOR operation returns 1 when two bits are different; 0 otherwise. Note that this solution only works for integers.
Flickr
This is a test post from 
, a fancy photo sharing thing.
