Easy Steps to Stop SMTP AUTH Relay Attack and Identify Compromised Email Account for Postfix


Today lots of the email application such as Sendmail, Postfix, or even MS Exchange has been re-designed to reduce the possibility of become an 'spam-relay'. From our experience, most of the SMTP AUTH relay attack is caused by the compromised of the weakly password protected user accounts. Once the accounts discovered and been compromised. Spammer authenticate using the user credentials, they are granted to relay via the server, which is then used to send spam.

Below are the easy steps to stop these spam emails quickly and identify which account (s) has been compromised.

Step1: Stop on on-hold mail queue.

Large amount of spam emails keep queueing your mail spool. What even worst is all the spam it fill up all your / var. Thus, it is always to hold the mail queue for temporary until you find out the which account has been exploited by spammer and send a large amount of emails.

Step2: Check your mail log.

Go to / var / log / maillog to have a quick look on the line with from: <>. You might see lots of email domain name there are not belong yo your organization. This is due to the spammer is faking the mail from: <>.

Step 3: Identify compromised account authenticating SMTP AUTH connection

Next, let us check those email accounts that has been exploited. Run a have cat grep sasl_username and sort it. You should see a long list of the login attempt and session for those exploited account. You can also do a quick calculation by running wc -l command to see total sessions for a particular user.

Step4: Disable the exploited email account.

Once, we have SASL_username string, which is the user account. You are advised to disabled or change the password to complex password.

Step 5: Move the mail queue or delete the spam email

Now, we have to deal with our mail queue. Easier and fastest way is to move your mail queue and do the housekeeping later. Or, you can delete those spam email using Bash script.

Step 6: Release Mail queue

Remember to release mail queue after our housekeeping process and keep on monitoring of the mail traffic.


Source by James Edward Lee

WMV Files – Play Your Tune


World's topmost company Microsoft Corporation developed a format better known as Windows Media Video or WMV in short which is basically used to view videos in a computer or laptop. This type of video format works well with any of the common players like Windows Media Player, Real Player, VLC Media Player, KM Player, Win amp and not to forget the giant Power DVD. The first version WMV 7 which was developed in the year 1999 and was successful.

One of the major reasons for using these files is that it allows mega capacity videos to be easily compressed without affecting their quality. These files can be played by the use of a set of codecs. A codec is a small program that can read a file, create video and audio formats from the data given.

WMV files when played on PC

There are few basic yet essential streps required that you need to follow to play such files in your personal computer.

1. If your computer already has a Windows Media Player program, WMP, then update its latest version so that you can play those video files properly. You can do this by downloading from the Microsoft Windows Media Player website. But, In case you are not able to view these on your system, then Windows can give you an error message mentioning that WMV files can not be opened. For this, you need to identify which program can open those files or your registry may be damaged.

2. Now, open the Windows Media Player from your PC and select the video file to be played.

3. You can select multiple files to be played in WMP.

4. If you do not wish to use WMP, then you can use other players that support this format such as Win amp, Power DVD, VLC etc

WMV files when played on Linux

Windows Media Video can be played in Linux using a compatible media player. Linux supports Video LAN Client or VLC player through which you can play your files. VLC player supports format of WMV files directly. Some of common players usually used in Linx are Boxee, Real Player, Mplayer and Helix Player.

WMV files when played on Macintosh

You can also run your video files in the Mac OS using the Mac Version of Windows Media Player. Apple computer supports Apple Quicktime media player which can also play WMV files. For this, you need to install File4mac plugin. It is a freeware that can be downloaded from Microsoft website.

WMV files can not be played on Vista since it is an operating system. It does not play anything.

Happy tuning to all viewers !!


Source by Rupa R Sinha

Introducing: SAP ASE Edge Edition – Retiring Sybase ASE SBE


This might be the biggest announcement from SAP you never heard of. After dropping the name Sybase from its product names last year, SAP is quietly reshaping its database platform offerings. And I mean this in a good way.

Under the Sybase name there were 2 ASE products; Sybase ASE Enterprise Edition (EE) and Sybase ASE Small Business Edition (SBE). The Sybase ASE EE product was and still is the flagship and the most commonly known edition of Sybase. But it came with a hefty price ticket. To offer a Sybase ASE database server to the SMB market space, Sybase created ASE SBE, limited to 2 CPU sockets and 8 engines on a physical server, at a very low price.

The server virtualization revolution has dramatically changed the server landscape and database servers made their transitions to the new world. The majority of newly deployed database servers are virtualized, either on premise or in the cloud. The Sybase ASE EE 15.7 database server enabled Sybase clients to make the move to the virtual servers with the introduction of the threaded kernel model. SAP ASE EE 16 continued the optimization for virtual servers and offers one of the most advanced database servers in the market.

However, Sybase ASE SBE never made the step into the virtual world and that was bad news for SMB, who are trying to save money on infrastructure costs. Hence the introduction of SAP ASE Edge Edition .

SAP ASE Edge Edition will retire the old Sybase ASE SBE. It is based on the SAP ASE EE 16 edition with a limit of 4 cores. Other than that, SAP pulled out the stops and created an entry level ASE server that packs features that other databases only offer in their enterprise edition, but set a price point that competes with other vendor's standard edition database.

The following matrix shows the comparison between SAP ASE Edge Edition and Sybase ASE SBE. But pay close attention to the options that are now included and compare this to other vendors standard offerings.

Limits / Options
ASE Edge Edition
ASE SBE (retired)

Max Engines
No Limit

Max Cores OS can use
No Limit

Max CPU Chips
No Limit

Max Concurrent User Connections
No Limit


High Availability

Disaster Recovery Package

Security and Directory Services


Encrypted Columns




Active Messaging



In Memory Database

Advanced Backup Services (TSM)

Enterprise Connect – Oracle

Enterprise Connect – ODBC

  • (Included) X (Not Available)

SAP ASE Edge Edition also includes unlimited cores of SAP Replication Server Premium Edition, restricted to warm standby capabilities of SAP ASE Edge data.

If you're running Sybase ASE SBE today in either server or user based licensing, you should take a closer look at SAP ASE Edge Edition. The savings in server virtualization alone can justify the investment.

If you're running a shareware database server and would like to upgrade to an enterprise class database system, running on Linux and Windows servers, you should talk to us about SAP ASE Edge Edition.

If you're planning on implementing a commercial database server in your company and or product, SAP ASE Edge Edition should be on your checklist.

Call us today at 813 322 3240 to learn more about SAP ASE Edge Edition.


Source by Peter Dobler

How To Repair The Acer D2D Recovery


This tutorial can also help to do it on other computer brands

Disclaimer: First of all you must be aware that some of the operations to come can cause irreversible change on your hard disk, I recommend to you and I will never make it enough make a backup of your system before launching you in any hazardous operation. Any damage and / or modification done on your system will be under your whole responsibility. The following procedures were done on a Acer Aspire 5102wlmi and some also functioned on a Dell Inspiron 9400/1705.

As you know, the Acer computers and those of other manufacturers are now delivered with a system of restoration installed in a hidden partition of your hard disk. This system launches out while pressing keys ALT + F10 simultaneously. And sometimes for various reasons this system ceases functioning.

The first cause often comes owing to the fact that function D2D Recovery is disable in the bios (menu principal).

The solution: enable the function and try to press keys ALT + F10 during the starting of the computer.

The second cause: in this case hidden partition PQSERVICE was erased or damaged, or you replaced the disc and in this case it is not present.

The solution: If you did not previously make a backup of your system by making an image disc. It will not be possible to use the D2D recovery. Your only hope will be to have in your possession Acer Recovery CD / DVD.

And the third causes: the Acer Master Boot Record (MBR) was damaged or replaced by non-Acer MBR. As long as partition PQSERVICE is present or that you can put the hand on the necessary Acer files you can reinstall the MBR of Acer.

The solution:

First method: on a functional Windows system :

1 disable the D2D recovery option of the bios.

2 open a Windows session with an account administrator.

3 Download, unzip and launch partedit32 (registration required for download).

4 Identify the Pqservice partition by its size (at the bottom of the partedit window there is a partition information box) it is a small sized partition approximately 2 to 6 Go.Once made change the type of your partition into 0C and save. Restart and open a session with an administrator account, you should be able to navigate to the PQservice partition. Seek these two files mbrwrdos.exe and rtmbr.bin once localised open a command prompt and launch this command mbrwrdos.exe install rtmbr.bin, this will install the Acer MBR. Close the command prompt window restart again Windows go into the bios and reactivate the D2D recovery. Now ALT + F10 should launch Acer recovery at the starting of the computer.

Second method: On a nonfunctional Windows system .

For that you must use a Linux distribution (for me Mandriva provided all the tools necessary).

1 Boot on the Mandriva install CD / DVD the boot menu will give you the possibility to repair or to restore the Windows boot loader.

2 If that is not enough launch an installation of linux (this will be an occasion to test this terrible OS) and choose LILO as boot loader (a boot menu that allow you to choose between several operating systems) once finished the installation. Restart your computer in the boot loader menu system you will have at least 2 Windows options the first generally point to PQservice choose it and you will boot directly into acer D2D recovery.

The last solution is the simplest one, just note that during the Linux installation you will have to resize your Windows partition to create a place for a new Linux partition it is the most perilous part because irreversible, therefore take your precautions at this time.


Source by Alan Bradock

IBM iSeries Utilities For Data Interchange


1. Introduction

The IBM iSeries computers, still commonly known as AS / 400 systems use the IBM successful DB2 database to store and access data which are organised into files with the following characteristics:

  • They are structured in data fields which usually have a fixed length and type
  • They have external data definitions which can be used by application programs
  • Numeric data can be stored in packed format where each digit is stored in a semibyte.
  • Data are coded in EBCDIC

Other systems such as Linux / Unix and Windows use files which are just a sequence of bytes (normally coded in ASCII) and therefore are known as stream files. Often their fields have not a fixed length and are delimited by a special field delimiter character such as a semicolon, a colon or a pipe (field delimited files are often produced by exporting data originally stored in spreadsheets such as Microsoft Excel or databases such as Microsoft Access).

It is often necessary or useful to transfer files between the IBM iSeries (AS / 400) and PCs and Linux / Unix systems, but the different file organisations described above often make such transfers complicated and painful.

This article described some approaches to simplify the work.

2. IBM useful commands

The IBM AS / 400 uses an integrated file system (IFS) that allows to use on the same server different file organisations such as those used by Linux / Unix or Windows and the native AS / 400 ones. The native AS / 400 files are stored in libraries or DB2 collections within the QSYS.LIB. Other file systems exist in the QOpenSys (similar to Unix) or the QDLS (used to store documents and files in PC formats) environments.

The IFS allows to use on the same server Linux / Unix based applications together with the native AS / 400 applications.

The AS / 400 Operating system provides some useful commands to simplify the data interchanges between different file systems as described below:

  • CPYFRMIMPF to copy data from IFS to the AS / 400 database system
  • CPYTOIMPF to copy data from the AS / 400 database system to IFS
  • CPYFRMSTMF to copy stream files into AS / 400 database files
  • CPYTPSTMF to copy AS / 400 database files to stream files
  • CPYTOPCD to copy AS / 400 database files to PC documents, stored in the QDLS folders
  • CPYFRMPCD to copy PC documents in the QDLS folders into AS / 400 database files

The CPYTOPCD and CPYFRMPCD commands are specific for the QDLS system and have not many options whereas the other ones allow to use many options and are more flexible. They look similar, but there are important differences as follows:

CPYFRMSTMF converts text files (stream files that are in text format) to physical files. It has no concept of fields, so it can only write records to program described files (ie files that have no fields defined) or source pfs.

CPYFRMIMPF converts text files as well, but it tries to interpret fields in the input file and copy them to the appropriate fields in the output file. You can either import delimited fields (for example, comma separated value (CSV) files, tab-delimited files, pipe delimited files, etc) or you can read input from fixed-position fields (you have to define the record layout in a " field definition file ")

An example of the second command is the following:


The example above uses a fixed data format (ie not delimited) and uses a field definition file (FILE4) to describe the text file fields as follows:

– This is comment
– DBFieldname startpos endpos nullIndpos
field1 1 12 13
field2 14 24 0
field3 25 55 56
field4 78 89 90
field5 100 109 0
field6 110 119 120
field7 121 221 0

The above would be needed to import the text file data into a DB file with field names of: FIELD1, FIELD2, FIELD3, …, and FIELD7. The * END is required. I think you can leave off the third column if no fields are null capable.

3. Some User Utilities

The commands above are useful and normally perfectly adequate, but they can be complex especially when the data fields to be copied are not in the same sequence or when one wants to extract only some data from the text file.

I was involved in a few system migration exercises where such copies between Unix, PCs and AS / 400 systems had to be done frequently and I developed therefore some utilities to simplify these activities.

The utilities have the objective to satisfy following requirements:

  • Support of any separator character used to delimiter the fields
  • Possibility to copy valid data into fields defined as alphanumeric, numeric or packed numeric
  • Possibility to copy data stored in different sequences in the two files. For instance it should be possible to copy fields 1, 3,4 and 6 of the text file into the fields 5, 2, 1 and 4 of the target database file.
  • The utility should be able to store the file fields mappings (such as those described above) to allow the user to simply use the previously entered mapping.

I organised the utilities in a few commands and programs as follows:

a) Command UCPYFTP to control the copy between two files. The command requires to enter following parameters:

AS400 DB File. . . . . . . . . TOFILE …….

AS400 Library. . . . . . . . . TOLIB * LIBL

AS400 Member. . . . . . . . . . TOMBR * FIRST

FTP File. . . . . . . . . . . . FROMFILE …….

FTP Library. . . . . . . . . . FROMLIB …….

Field Separator # T = TAB]. . . . SEPARATOR '|'

Decimal Point. . . . . . . . . DECPOINT '.'

View Field Mappings (Y / N). . . VIEWMAP 'N'

Up to Record No. . . . . . . . . UPTOREC 0

b) Program UFMA01L to display and maintain existing file mappings.

The display looks as follows:


AS400 Database File: WERCSWKF FTP File: WERCS

Seq AS400 Fld Description Type Len D From

No. Name FldN

1 WK0003 WK_CLIENTE A 9 3

2 WK0004 WK_CLI_SAP A 10 4

3 WK0005 WK_RAGSOC A 40 5

4 WK0006 WK_ZIP A 5 9

5 WK0016 WK_ADDRESS1 A 100 17

6 WK0017 WK_ADDRESS2 A 100 19

7 WK0101 WK_INDI A 30 0

8 WK0102 WK_CAP A 5 0

9 WK0103 WK_LOC A 25 0

10 WK0104 WK_PROV A 2 0


F3 = Exit F6 = Update Mappings F9 = Use sequential mapping F11 = Process

The screen shows that field number 3 of the FTP file is copied to the first field of the database file called WK0003, field 4 is copied to WK0004 and so on. The fields for which the number is zero are not copied, but are initialised correctly in the target file (with zeros or blanks).

Notice following points:

  • The file to be copied is called FTP file because normally is sent to the AS / 400 by using an FTP transfer.
  • The user must specify the name and library of both the FTP file and the target AS / 400 database file.
  • The commands use some defaults for the field separator and decimal point, but these can be changed by the user.
  • When the View Field Mappings parameter is set to 'Y', the user will see previously defined field mappings or enter new mappings.
  • When the user invokes the command for the first time on a new couple of ftp and target files, the program extracts the field definitions of the database file and displays the mapping screen to allow the user to enter the field mappings which are then stored to allow a future re-use.

A similar utility called UCPYTOFTP allows to copy the data from an AS / 400 database file to a text file to be downloaded to a Linux / Unix or Windows machine.

The Utilities and their documentation can be downloaded for free from my website. The programs are free software that can be redistributed and / or modified it under the terms of the GNU General Public Licence as published by the Free Software Foundation.


Source by Mario Pesce

How Can VPS Hosting Prove To Be Economical For Enterprises?


In order to cater to the accuracy, speed and delivery requirements of mission-critical business operations, one has to deploy a VPS hosting model. This technology provides fixed storage to mediums that are accessible via a facility; it also comprises of software which is implemented upon server side operations. This kind of a remodeled web host renders restricted access which is granted through a web browser and / or a special software application running on client side.

The VPS hosting services are also referred as "cloud computing" because data is usually stored in a secure physical location. There is no distribution of services over a variety of servers. This innovative approach is popular because it delivers high levels of security and speed to access files in upload and / or download functions.

VPS hosting and its benefits

A major issue with hosting service solutions is that people fail to select the correct provider. Recently people have begun to realize that their business requires both dedicated and shared web server features to ensure continuity and seamless operation. Virtual private server hosting solutions actually meet these demands. Such a stupendous combination of features provide a person with the best features. Best part about hiring VPS is that the cost is lower and one can still access root control panel.

One needs to spend some time on researching about quality VPS hosting providers. Companies offering a list of compatible services at affordable prices must be chosen. Only then the decision can be cost-effective for a business as well as beneficial for existing environment.

A wide range of benefits still exist with such hosting services that actually prove to be beneficial from the user's perspective. Some advantages of hosting a website on a virtual private server are:

• Any account created in a VPS plan is less expensive than regular dedicated hosting plans which use ordinary physical servers.

• Many a times, VPS plans are customized to cater to all the needs of a business and ultimately the client is billed on a pay-per-use basis. Domain name booking is one such requirement that VPS hosts cater to beautifully.

• In certain cases VPS hosting plans turn out to be easily scalable. While one gets to start off within a virtual environment with minimum resources, growing business needs are accommodated within flexible hosting plans. So the customer need not pay for excessive resources.

• Client gets to exercise critical control upon a virtual server through affordable shared hosting plans. Many a times, providers allow complete root access as well as the ability to make use of scripts which are not allowed within a shared environment.

• Linux VPS hosting providers also offer similar technical support for the services offered just as in shared hosting.

• One also gets to choose from a range of semi managed hosting services where in web hosts handle similar maintenance services and also fully managed services.


Source by Eva Maris

How To Turn Your Useless Home PC Into IP Phone PBX?


When we are talking about setting up the IP phone PBX system in our home, the first thing that comes to our mind is where or how to begin. Here, we will discuss at an easy way to turn your home PC into a fully fledged IP phone PBX. Let us first understand what this technology really is.

Installation using the old method:

The old method of installing the asterisk was one of the most awful ways to install the IP phone. Using CLI (command line interface) based interface to do anything is no more a choice, and when we are talking about Linux, that becomes even more painful. This is the single biggest reason why people now think of installing asterisk in their homes nothing short of a nightmare. When this CLI based Linux installation was carried out, it took many dark twists and turns, at the end of the day. There were fundamentally, two teasing things. For a layman, the first one was remembering all those commands and executing them at the right time. Secondly, for installing Linux separately, you also needed to install asterisk, which was nothing short of climbing the Mount Everest.

GUI Based Asterisk:

Now, users do not have to wrestle with the text based command prompt. New packages have included everything in just one CD and you just do not need to install different software packages in bits and pieces.

There is a GUI based Linux software which solves half the worries related to remembering all the Linux CLI commands. Now ordinary people like you and me can see as well as relate to what is happening on the screen. Secondly, asterisk's new GUI based version further makes things easy for the users.

They can make all the changes in asterisk through graphic user interface instead of using the command line interface. There are many GUI based asterisk available and most of them are open source like AsteriskNow, Flash in a PBX, and many others.

All these changes have not only made the installation process a lot easier but also reduced the unnecessary headaches which ordinary people had to go through earlier.

We talked about a useless PC on which asterisk work. Anyhow, we will still have a look at the minimum requirements for the computer that can be used for this purpose.

– You need a PC that is x86 with Linux GUI based operating system installed on it.
– The PC should be a minimum Pentium III with 500 MHz of processor.
– There must be one slot available PCI.
– You must have Digium TDM-400P that supports 2 X FXO daughter cards and 2 X FXS daughter cards.
– Your PC must have a sound card installed and working in perfect condition.

Assuming that you already have Linux operating system installed on your PC, we will proceed with the Trixbox installation as this is one of the most common GUI based asterisk in use.

Installing asterisk on your PC using Trixbox

Once you reach the console, login using these details.

Username: root
Password: The one you provided at the time of installation

Once you have successfully been able to log into your system, your system will mention you the DHCP server received IP address. Now you need to give your system a permanent address which you can do by two ways, either through the GUI or by system-config-network.

Upon configuring the IP address you need to restart the service network.

You will need to use your web browser to continue doing the configuration task through the IP that you just assigned.

Now you will need to click on Switch next to User Mode for opening the Admin GUI. Login details provided below.

user: maint
pass: password

Select the Asterisk – PBXconfig from the GUI.

Go to tools – module admin. Here you can select from a list of modules given. Install the ones which you really think of benefit to you.

Now go to setup – extensions – generic sip device to add your first extension.

Now you can enter different phone extensions that you want to use. Many people prefer starting from 200.

What to do next?

Once you have successfully configured all the settings, now you need to have a phone to make and receive calls. But as in this case, you are using your PC. Make sure you have good quality VoIP headset pair with a mic. This will help you make and receive phone calls. Make sure you have enabled voicemail to get the extra benefits. Now you can virtually attach as many phone users as you want. Just make sure to correctly configure it in your GUI based asterisk and do not forget to assign an extension to each new phone user added. The extension would be unique which can only be assigned to one phone user.

Enjoy managing a big network of phones with secure OS like Linux run by asterisk. There does involve some hard work but at the end. You will not need to invest that much amount of money or effort.

Reduce the cost To of the whole process and Increase the joys, make sure That you have a reliable internet phone service like Vonage , Axvoice or Skype ™ at the hand , the backend.


Source by Ricky Lim

The SAP System OS Collector – SAPOSCOL in a Nutshell


The SAP System OS collector (SAPOSCOL) is a platform independent stand-alone program that runs in OS background and collects the system information using a segment of the shared memory for various applications and all SAP instances on a host. These information details can be viewed through transaction code ST06 / OS06 in frontend SAPGUI. It is a very useful tool for NetWeaver / Basis Administrators & consultants to monitor server performance. SAPOSCOL extracts real-time data from system, although it does not refreshes automatically, you need to click the 'Refresh' button to get the updated data. SAPOSCOL collects system data every 10 seconds and records it, and also records the hourly averages for the last 24 hours. It runs autonomously from SAP instances exactly one process per host and collects data from various operating system resources. User can monitor all the servers under SAP landscape with this tool. But for remote server (livecache server) the transaction code is OS07. You can check CPU utilization, Physical & virtual memory usage, Pool data / Swap size, disk response time, utilization of physical disks and file systems, resource load for running processes and even LAN data from the monitoring list.

You can navigate to this tool from SAP Menu-> Tools-> CCMS-> Control / Monitoring-> Performance-> Operating System-> Local-> Activity.

If you can not see any data, that means the OS Collector (SAPOSCOL) is not running (error code: Shared memory not available). In this situation your main task is to fix the saposcol to run properly. This usually happens after a new SAP installation or Kernel upgrades. If you are new with the SAP Systems the following guideline will be helpful to overcome the saposcol issue.

Unix / Linux / AIX / Sun / Solaris System:

First, Check the permission of saposcol.exe file, it should be 777 (owner is root in group sapsys) and sticky bit should be set to 4750. If you want to know which user is running saposcol, use "ps -ef | grep saposcol ". Now to change the saposcol file to owner root, group sapsys, mode 4750, log in as root to your unix system and execute the commands as below,

cd / usr / sap // SYS / exe / run
chown root saposcol
chgrp sapsys saposcol
chmod 4750 saposcol

You can also run the "saproot.sh" in the exe dir to set the permissions. Then run saposcol -l as the same owner (root). Check collector status using saposcol -s. After setting the file permissions, you can also use, ST06 -> Operating System Collector -> Click on 'Start' to run SAPOSCOL.

To stop the OS collector use saposcol -k. If this command failed to kill the process, you can execute "cleanipc 99 remove" (Check SAP Note 548699). If this attempt also fails, then you need to remove the shared memory key of saposcol. Execute command "ipcs -ma" and note down Shared Memory ID in the line that contains saposcol key. Then execute the command "ipcrm -m ID". Shared memory key will be created again next time when you run saposcol.

Sometimes using "saposcol -l" gives a message that it's already running, but when you grep the process using "ps -ef | grep -i saposcol" it may not show the process. In this situation, you can use a undocumented parameter "saposcol -f", where "f" stands for starting the process forcefully. When it starts, then stop the process in regulation methon using "saposcol -k" and then start it normally using "saposcol -l".

If saposcol still does not run, then you need to start it in dialog mode. Login with use adm and follow the steps below,

saposcol -d
Collector> clean
Collector> quit
saposcol -k to stop the collector.
Before restarting
saposcol -d
Collector> leave (You should get a message- Shared memory deleted)
Collector> quit
cd / usr / sap / tmp
mv coll.put coll.put.sav

"Coll.put", if this file contains the old shared memory and should be deleted in order to get a clean start (Check SAP Note 548699, point 7). If you are unsuccessful in clearing shared memory, please try the following commands to clear the shared memory:

$ Saposcol -kc
$ Saposcol -f

If this also fails, then you need to restart the system from OS level and seems like also need a new version of saposcol (Check SAP Note 19227).

IBM iSeries i5 / OS (OS / 400, OS / 390):

– Check permissions of directory '/ usr / sap / tmp' and the file 'saposcol.exe', it should be 4755 and owner must be root in sapsys group. Check SAP Note 790639. After assigning permissions you can run from OS command line using 'SAPOSCOL -l'. To show the status use 'SAPOSCOL -s' and to stop the process use 'SAPOSCOL -k'. You can also run the process by submitting a job in OS level using
It submits the job in job queue QBATCH in library QGPL.

– In iSeries, you might experience strange data when analyzing CPU utilization using tcode ST06 / OS06. Even you are using multiple CPU's, SAPOSCOL might only report CPU usage for the first CPU. Also sometimes you will find CPU utilizations reported above 100% in some intervals, if you are running SAP instance in an uncapped partition where multiple logical partitions are using a shared processor pool. In this situation, be sure that CPU usage reported for CPU number 0 is the average usage for all CPU's being used in the system. If you want to view shared CPU partition information, apply support packages as per SAP Note 994025 including following patch levels

6.40 disp + work package (DW): 182 SAPOSCOL: 69
7.00 disp + work package (DW): 109 SAPOSCOL: 34

By applying these patches and support packages into the system, new transactions, OS06N, ST06N, and OS07N are available to view additional information in two sections titled "Host system" and "Virtual system". These include information about the partition type and the available and consumed CPU in the current partition as well as in the shared processor pool. So, if you are a iSeries user and your SAPOSCOL is not running, highest probability is that you need to put the latest kernel & saposcol patch. (SAP Note 708136 & 753917)

– Another scenario in iSeries, when your saposcol is not running, and you can not start it from ST06 / OS06. Problem might be with the authorization list R3ADMAUTL was not accurate. You can solve it by this way,

1) Remove QSECOFR * ALL X
2) Change * PUBLIC from * USE to * EXCLUDE
3) Add R3OWNER * ALL X

Now you can start saposcol using the tcode ST06 / OS06. And also you can start the process from command line,


If this does not solve the problem check if both programs QPMLPFRD and QPMWKCOL in library QSYS have * USE- authority assigned for user R3OWNER (SAP Note: 175852). If not then you have to run the following commands:


Then you should verify if the user R3OWNER is part of authority list R3ADMAUTL (SAP Note: 637174). After this if you receive the error "SAPOSCOL not running? (Shared memory not available), then follow the steps below,

1) Remove the shared memory (coll.put) as per SAP Note: 189072. 'coll.put' location is: '/ usr / sap / tmp'.
3) Delete the temporary user space, WRKOBJ OBJ (R3400 / PERFMISC *) OBJTYPE (* USRSPC)
5) CALL QYPSENDC PARM ( '* PFR' '') [There are 6 blanks after * PFR and there are 6 blanks making up the second parameter]
6) ENDJOB JOB (xxxxxx / QSYS / QYPSPFRCOL) OPTION (* IMMED) SPLFILE (* YES) [This command must be run for all QYPSPFRCOL jobs found on the system even if they show with * OUTQ as their status]
7) ENDJOB JOB (xxxxxx / QSYS / CRTPFRDTA) OPTION (* IMMED) SPLFILE (* YES) [This command must be run for all CRTPFRDTA jobs even if they show with * OUTQ as their status]
9) RNMOBJ OBJ (QUSRSYS / QPFRCOLDTA) OBJTYPE (* DTAQ) NEWOBJ (QPFRCOLDTX) [This object may or may not exist at this time]
10) CALL QYPSCOLDTA * note This program will create a new * USRSPC. After collection services is started there should be a new * DTAQ.
11) Start collection services using GO PERFORM, opt 2, and opt 1; OR CALL QYPSSTRC PARM ( '* PFR' '* STANDARDP' '') [There are 6 blanks after * PFR and there are 6 blanks making up the second parameter]. Or, Start collection services from Operations Navigator.
13) End and restart Operations Navigator if running. IBM authorized See program analysis report (APAR) SE12188 for more information.
14) Now start SAPOSCOL from ST06 / OS06.

Windows System:

– Go to the Kernel folder in command line where you will find saposcol.exe. Set full owner permission
for the file & folder. Then run saposcol -l (saposcol -d in dialog mode)

– You can also try Start / Stop SAPOSCOL service from Control Panel -> Administrative Tools -> Services (services.msc).

If all other attempts fail, then make sure you have the correct version of SAPOSCOL. Get latest SAPOSCOL from SAP Service Marketplace for your OS. Download the SAPOSCOL.SAR file for your Kernel and save in a directory. Then STOP SAP & SAPOSCOL. Check for any Kernel library locks and do not forget to take library backup. Then run APYR3FIX and then APYSAP. Check OSS Note 19466.

SAPOSCOL also can be terminated due to small amount of internal memory allocation. When this memory filled gradually during the runtime of SAPOSCOL, system writes data outside the buffer. As a result the following buffer is cleared and SAPOSCOL terminates with a dump. Apply the following patches with at least the patch levels specified below:

SAP Release 640: SAPOSCOL patch level 100 and DW patch level 293
SAP Release 700: SAPOSCOL patch level 75 and DW patch level 151
SAP Release 701: SAPOSCOL patch level 18 and ILE patch level 53
SAP Release 710: SAPOSCOL patch level 36 and ILE patch level 161
SAP Release 711: SAPOSCOL patch level 12 and ILE patch level 48

So, it's obvious that if we use different SAP Systems in one server with incompatible mixture of Kernel versions, SAPOSCOL will face crisis and will not provide data for all systems, though SAP system functions will run without any trouble. This happens because we are using new IBM technology with EXT Kernels, so it will not allow SAPOSCOL to reside in single level store (SLS), rather than put it to Teraspace. In this situation it's obvious that if you run an EXT system with some other non-EXT systems, saposcol will run only in one system. To overcome this issue you need to upgrade to EXT Kernel for all SAP systems with latest patches. Then set proper authorization for SAPOSCOL file & directory as guided which will solve any problem related to SAP OS Collector.


Source by Masudur Rahman

How to Run Windows Programs on Android


Windows is the most popular operating system for PCs and laptops while Android is the most widely used platform for the smartphones and tablets.

Many people still rely on Windows apps for different purposes but is it possible to use them on handheld devices?

Yes! You can do it with a fast internet connection and a virtualization software. Here I will comprehensively guide you how.


Connect your Windows machine to your Smartphone or tablet using Microsoft Remote Desktop app.

This application gives you access to all the programs installed on your PC, but it works only with the certain edition of Windows. Particularly for Windows 7, you will need Ultimate, Professional, and Enterprise while for Windows 8; this utility is available in Pro and Enterprise editions only. In Windows 10, this utility is not available natively.

Given the fact that most of the people use home or basic editions on their PCs, it is not an ideal option.

Although Remote Desktop apps can be used on all Android devices, it will be better if you connect a tablet to your PC using this software instead of a smartphone because you will have to zoom and pan again and again while trying to navigate a Windows which is a fairly difficult task to do on a small screen.

After connecting the two devices, you can run Windows programs using Crossover, a software developed by CodeWeavers. This program was considered as a useful tool to run Windows programs on Mac or LINUX in past and made its appearance on Android just at the end of last year.

Crossover requires an x86 processor and at least 2GB of RAM to run most real-world Windows applications, which limits the availability of this option to certain Android devices.

Like Crossover, another software WINE, which is used to run Windows programs on LINUX, is also poised to make inroads to Android soon.

Dual-boot Android and Windows Tablets

There are several tablets in the market which allow you to switch between Windows and Android operating systems.

Cube i10 is one of the popular dual-boot tablets. Powered by Intel Z3735 Quad Core 1.8GHz processor, this 10.6-inch device runs on Android 4.4.4 and Windows 8.1 Bing, features 2GB RAM and 32 GB ROM and comes up with a price tag of $ 130.

You can search more dual-boot tablets on the sites like GearBest, Geekbuying, and TinyDeal.


Source by Adam Saad

5 Open Source Firewalls You Should Know About


Despite the fact that pfSense and m0n0wall appear to receive the lion's share of consideration in the open source firewall / router market, with pfSense edging out m0n0wall in recent years, there are several excellent firewall / router distributions obtainable under both Linux and BSD. All of these projects build on their respective OSes native firewalls. Linux, for instance, incorporates netfilter and iptables into its kernel. OpenBSD, on the other hand, uses PF (Packet Filter), which replaced IPFilter as FreeBSD's default firewall in 2001. The following is a (non-exhaustive) list of a few of the firewall / router distributions available for Linux and BSD, along with some of their capabilities.

[1] Smoothwall

The Smoothwall Open Source Project was set up in 2000 in order to develop and maintain Smoothwall Express – a free firewall that includes its own security-hardened GNU / Linux operating system and an easy-to-use web interface. SmoothWall Server Edition was the initial product from SmoothWall Ltd., launched on 11-11-2001. It was essentially SmoothWall GPL 0.9.9 with support provided from the company. SmoothWall Corporate Server 1.0 was released on 12-17-2001, a closed source fork of SmoothWall GPL 0.9.9SE. Corporate Server included additional features such as SCSI support, along with the capability to increase functionality by way of add-on modules. These modules included SmoothGuard (content filtering proxy), SmoothZone (multiple DMZ) and SmoothTunnel (advanced VPN features). Further modules released over time included modules for traffic shaping, anti-virus and anti-spam.

A variation of Corporate Server called SmoothWall Corporate Guardian was released, integrating a fork of DansGuardian known as SmoothGuardian. School Guardian was created as a variant of Corporate Guardian, adding Active Directory / LDAP authentication support and firewall features in a package designed especially for use in schools. December 2003 saw the release of smoothwall Express 2.0 and an array of comprehensive written documentation. The alpha version of Express 3 was released in September 2005.

Smoothwall is designed to run effectively on older, cheaper hardware; it will operate on any Pentium class CPU and above, with a recommended minimum of 128 MB RAM. Additionally there is a 64-bit build for Core 2 systems. Here is a list of features:

  • Firewalling:
    • Supports LAN, DMZ, and Wireless networks, plus external
    • External connectivity via: Static Ethernet, DHCP Ethernet, PPPoE, PPPoA using various USB and PCI DSL modems
    • Port forwards, DMZ pin-holes
    • Outbound filtering
    • Timed access
    • Simple to use Quality-of-Service (QoS)
    • Traffic stats, including per interface and per IP totals for weeks and months
    • IDS via automatically updated Snort rules
    • UPnP support
    • List of bad IP addressed to block
  • Proxies:
    • Web proxy for accelerated browsing
    • POP3 e-mail proxy with Anti-Virus
    • IM proxy with real time log-viewing
  • UI:
    • Responsive web interface using AJAX techniques to provide real time information
    • Real time traffic graphs
    • All rules have an optional Comment field for ease of use
    • Log viewers for all major sub-systems and firewall activity
  • Maintenance:
    • Backup config
    • Easy single-click application of all pending updates
    • Shutdown and reboot for UI
  • Other:
    • Time Service for network
    • Develop Smoothwall yourself using the self-hosting "Devel" builds

[2] IPCop

A stateful firewall created on the Linux netfilter framework that was originally a fork of the SmoothWall Linux firewall, IPCop is a Linux distribution which aims to provide a simple-to-manage firewall appliance based on PC hardware. Version 1.4.0 was introduced in 2004, based on the LFS distribution and a 2.4 kernel, and the current stable branch is 2.0.X, released in 2011. IPCop v. 2.0 incorporates some significant improvements over 1.4, including the following:

  • Based on Linux kernel 2.6.32
  • New hardware support, including Cobalt, SPARC and PPC platforms
  • New installer, which allows you to install to flash or hard drives, and to choose interface cards and assign them to particular networks
  • Access to all web interface pages is now password protected
  • A new user interface, including a new scheduler page, more pages on the Status Menu, an updated proxy page, a simplified DHCP server page, and an overhauled firewall menu
  • The inclusion of OpenVPN support for virtual private networks, as a substitute for IPsec

IPCop v. 2.1 includes bugfixes and a number of additional improvements, including being using the Linux kernel 3.0.41 and URL filter service. Additionally, there are many add-ons obtainable, such as advanced QoS (traffic shaping), e-mail virus checking, traffic overview, extended interfaces for controlling the proxy, and many more.

[3] IPFire

IPFire is a free Linux distribution which can act as a router and firewall, and can be maintained via a web interface. The distribution offers selected sever daemons and can easily be expanded to a SOHO server. It offers corporate-level network protection and focuses on security, stability and ease of use. A variety off add-ons can be installed to add more features to the base system.

IPFire employs a Stateful Packet Inspection (SPI) firewall, which is built on top of netfilter. During the installation of IPFire, the network is configured into separate segments. This segmented security scheme means there is a place for each machine in the network. Each segment represents a group of computers that share a common security level. "Green" represents a safe area. This is where all regular clients will reside, and is usually comprised of a wired local network. Clients on Green can access all other network segments without restriction. "Red" indicates danger or the connection to the Internet. Nothing from Red is permitted to pass through the firewall unless specifically configured by the administrator. "Blue" represents the wireless part of the local network. Since the wireless network has the potential for abuse, it is uniquely identified and specific rules govern clients on it. Clients on this network segment must be explicitly allowed before they may access the network. "Orange" represents the demilitarized zone (DMZ). Any servers which are publicly accessible are separated from the rest of the network here to limit security breaches. Additionally, the firewall can be used to control outbound internet access from any segment. This feature gives the network administrator complete control over how their network is configured and secured.

One of the unique features of IPFire is the degree to which it incorporates intrusion detection and intrusion prevention. IPFire incorporates Snort, the free Network Intrusion Detection System (NIDS), which analyzes network traffic. If something abnormal happens, it will log the event. IPFire allows you to see these events in the web interface. For automatic prevention, IPFire has an add-on called Guardian which can be installed optionally.

IPFIre brings many front-end drivers for high-performance virtualization and can be run on several virtualization platforms, including KVM, VMware, Xen and others. However, there is always the possibility that the VM container security can be bypassed in some way and a hacker can gain access beyond the VPN. Therefore, it is not suggested to use IPFire as a virtual machine in a production-level environment.

In addition to these features, IPFire incorporates all the functions you expect to see in a firewall / router, including a stateful firewall, a web proxy, support for virtual private networks (VPNs) using IPSec and OpenVPN, and traffic shaping.

Since IPFire is based on a recent version of the Linux kernel, it supports much of the latest hardware such as 10 Gbit network cards and a variety of wireless hardware out of the box. Minimum system requirements are:

  • Intel Pentium I (i586)
  • 128 MB RAM
  • 2 GB hard drive space

Some add-ons have extra requirements to perform smoothly. On a system that fits the hardware requirements, IPFire is able to serve hundreds of clients simultaneously.

[4] Shorewall

Shorewall is an open source firewall tool for Linux. Unlike the other firewall / routers mentioned in this article, Shorewall does not have a graphical user interface. Instead, Shorewall is configured through a group of plain-text configuration files, although a Webmin module is available separately.

Since Shorewall is essentially a frontend to netfilter and iptables, usual firewall functionality is available. It is able to do Network Address Translation (NAT), port forwarding, logging, routing, traffic shaping and virtual interfaces. With Shorewall, it is easy to set up different zones, each with different rules, making it easy to have, for example, relaxed rules on the company intranet while clamping down on traffic coming for the Internet.

While Shorewall once used a shell-based compiler frontend, since version 4, it also uses a Perl-based frontend. IPv6 address support started with version 4.4.3. THe most recent stable version is 4.5.18.

[5] pfSense

pfSense is an open source firewall / router distribution based on FreeBSD as a fork on the m0n0wall project. It is a stateful firewall that incorporates much of the functionality of m0n0wall, such as NAT / port forwarding, VPNs, traffic shaping and captive portal. It also goes beyond m0n0wall, offering many advanced features, such as load balancing and failover, the capability of only accepting traffic from certain operating systems, easy MAC address spoofing, and VPN using the OpenVPN and L2TP protocols. Unlike m0n0wall, in which the focus is more on embedded use, the focus of pfSense is on full PC installation. Nevertheless, a version is provided targeted for embedded use.


Source by David Zientara