Getting Started With PHP

I stumbled upon a great resource yesterday called The PHPBridge: Get Started. It's a step-by-step guide to teach you PHP. This seems especially useful if you're coming from another language and want to learn the syntax and methods used by the PHP community. The getting started section includes a Vagrant box, Sublime Text 3 and a recent PHP stack (PHP 5.5). Read more ›

Debugging Performance Problems With Zabbix Internal Items

Even after all these years, Zabbix remains my monitoring tool of choice. There's plenty of alternatives, but years of investing in the configs, the templates and the automation have kept my love for it. But, it's not always easy to keep this beast up-and-running, especially once you start to have a serious collection of hosts, items and triggers you're monitoring. Read more ›

Remove Orphaned Data From Zabbix’s MySQL Tables

A few years ago, I wrote a couple of SQL queries that I put onto Github to clean up a Zabbix database. It'll take items, triggers, events etc. that are no longer attached to a host, and remove them from the database.

This repo contains a few useful queries to cleanup old orphaned data in a Zabbix database. While Zabbix does Housekeeping, it does not clear orphaned data very well. Especially if you come from a long upgrade-line (1.x to 1.6 to 1.8 to 2.x), chances are your database is riddled with orphaned data that is consuming disk space.

I recently needed the files again after a few migrations, and they've served their purpose once again. They remain on Github for your consideration: Zabbix Orphaned Data Cleanup.

Hooray for open source! ;-)

Snakes On A Keyboard

Now this is a very cool hardware mod. Read more ›

Remote Code Execution via ‘less’ on Linux Boxes

Mondays, gotta love'm.

Many Linux distributions ship with the 'less' command automagically
interfaced to 'lesspipe'-type scripts, usually invoked via LESSOPEN.
This is certainly the case for CentOS and Ubuntu.

Unfortunately, many of these scripts appear to call a rather large
number of third-party tools that likely have not been designed with
malicious inputs in mind. On CentOS, lesspipe appears to include
things such as groff + troff + grotty, man, and cpio.

...

...where we end up allocating a zero-byte buffer and then promptly
writing out of bounds (just under the buffer on 32-bit systems or
somewhere above it on 64-bit).

Michal Zalewski, seclist.org

Buffer overflow, anyone? I wonder what the real-world impact of this is. I don't use less at all (I'm a more user), neither at the CLI nor in scripts. But how can I be certain other scripts, like vendor-supplied ones, aren't using this and potentially making me vulnerable? Unsetting the LESSOPEN and LESSCLOSE environment variables seems like they might actually break more than they fix.

Some more reading material can be found on the seclist.org post and on the HackerNews post.

Presentation: DNSSEC, The Good, The Bad & The Secure

Another set of slides I found that never got published, it seems. The presentation was actually never given, but was prepared for several conferences. It stops abruptly and was never completed, but still contains a lot of useful material (at least, that's my view on it). Read more ›

Presentation: Mobile Zabbix, Why Mobile Matters (MoZBX)

Going through some old files, I found a presentation I gave in Riga on the Zabbix Conference in 2012, that I never posted online. Better late than never! Read more ›

CPU Flame Graphs

I've only heard of CPU Flame Graphs since the article on NodeJS performance issues at Netflix. Read more ›

Enable MySQL’s slow query log without a restart

You're debugging a MySQL server and want to enable the Slow Query, you can do so via the MySQL CLI. There's no need to make changes to the my.cnf file and restart your MySQL service -- even though that would also work. Read more ›

The PHP circle: from Apache to Nginx and back

As with many technologies, the PHP community too evolves. And over the last 6 or 7 years, a rather remarkable circle has been made by a lot of systems administrators and PHP developers in that regard. Read more ›

Advertisement

Why ads?

I'm glad you made it to this blogpost. I hope it helps solve your problem. So why then do I show ads on the site? Writing content, testing it and making sure the layout isn't totally b0rked takes time. A lot of time. The ads are a way to pay back a small portion of that time.

And as you know running a site costs (a bit of) money: the domain name, webhosting, time spent writing and updating content, ... So if you like the content of this blog, consider disabling your AdBlocker for this domain. Thanks!

Recent posts

Looking for help?

Tired of fixing all these tech-problems yourself? We've got an excellent team at Nucleus, a top-class Belgian hosting provider, that can help you.

Discover our Managed Hosting, where skilled engineers manage your servers and keep them up-to-date, so you can focus on your core business. We use a variety of Configuration Management Systems such as Puppet to make sure every config is reviewed, unit-tested and guaranteed to be working.

Want to get in touch? Find me as @mattiasgeniar on Twitter or via the contact-page on this blog.