A few group policies I use on Windows 10

Disable the lock screen, always showing a login prompt:
Group Policy Editor (gpedit.msc) => Computer Configuration => Administrative Templates => Control Panel => Personalization => Do not display the lock screen

Disallow the use of OneDrive:
Group Policy Editor (gpedit.msc) => Computer Configuration => Administrative Templates => Windows Components => OneDrive => Prevent the usage of OneDrive for file storage

Wiping an Azure database, deleting all tables

Just for personal reference

USE [mydb]

  declare @sql nvarchar(2000)
    FROM information_schema.table_constraints

  exec (@sql)
  PRINT @sql


while(exists(select 1 from INFORMATION_SCHEMA.TABLES where TABLE_NAME != '__MigrationHistory' AND TABLE_SCHEMA = 'dbo'))
  declare @sql nvarchar(2000)
    SELECT TOP 1 @sql=('DROP TABLE ' + TABLE_SCHEMA + '.[' + TABLE_NAME + ']')
    WHERE TABLE_NAME != '__MigrationHistory' AND TABLE_SCHEMA = 'dbo'
  declare @sql2 nvarchar(2000)
    SELECT TOP 1 @sql2=('DROP VIEW ' + TABLE_SCHEMA + '.[' + TABLE_NAME + ']')
    WHERE TABLE_NAME != '__MigrationHistory' AND TABLE_SCHEMA = 'dbo'

  exec (@sql)
  PRINT @sql
  exec (@sql2)
  PRINT @sql2


Mounting and using KVM raw image files on the host system

Boldly stolen from David Champion at the University of Chicago, and archived for personal reference. All

kpartx will scan a block device — e.g., your /dev/loop0 — and create device-mapped specials under /dev/mapper for the partitions. Then you can address individual partitions. (N.B.: When done, before you can losetup -d the greater block device, you have to delete the device-mapped specials!)

Here’s a bit of terminal action to illustrate:

# First map the loop device to your KVM disk image.
$ losetup -fv /kvm/watercooler.mwt2.org.img 
Loop device is /dev/loop0

# No partitions!    
$ ls /dev/loop0* /dev/mapper/loop0*
ls: /dev/mapper/loop0*: No such file or directory

# Use kpartx -a to discover and device-map the partitions.
$ kpartx -av /dev/loop0
add map loop0p1 : 0 204800 linear /dev/loop0 2048
add map loop0p2 : 0 16930816 linear /dev/loop0 206848
add map loop0p3 : 0 16416768 linear /dev/loop0 17137664

# Look, partitions.
$ ls /dev/loop0* /dev/mapper/loop0*
/dev/loop0  /dev/mapper/loop0p1  /dev/mapper/loop0p2  /dev/mapper/loop0p3

# Fiddle with /dev/loop0p1 et al.

# Try to un-loop the file.  You can't, because kpartx's partition devices are still mapped.
$ losetup -d /dev/loop0
ioctl: LOOP_CLR_FD: Device or resource busy

# Ask kpartx to unmap.
$ kpartx -dv /dev/loop0
del devmap : loop0p1
del devmap : loop0p2
del devmap : loop0p3

# Now you can un-loop.
$ losetup -d /dev/loop0

Hardening IIS and scanning for SSL-related vulnerabilities – IISCrypto

I stumbled upon this great tool to set all the relevant registry entries (WTF?) to allow only the cryptographic algorithms that are considered secure to be negotiated with the server.

I archived it here, for my personal reference, but if you prefer (and you should, frankly) you can get it from the author’s site.

Also, make sure to scan your page using, for example, this tool when you’re done.

Tool tip: “vbetool” runs real-mode video BIOS code to alter hardware state

This is so damn useful to turn on and off remote displays through SSH, for wall-mounted information screens and similar.

Available in your friendly neighbourhood Linux distribution.

VBETOOL(1) User Commands VBETOOL(1)

  vbetool - run real-mode video BIOS code to alter hardware state

  vbetool [[vbestate save|restore]|[vbemode set|get]|[vgamode]|[dpms on|off|standby|suspend|reduced]|[post [romfile]]|[vgastate on|off]|[vbefp pan‐

  vbetool uses lrmi in order to run code from the video BIOS. Currently, it is able to alter DPMS states, save/restore video card state and attempt
  to initialize the video card from scratch.

  vbetool takes the following options:

    vbetool will use the VESA 0x4f0f extensions to save or restore hardware state. This will be sent to or read from stdin. This information is
    highly hardware specific - do not attempt to restore state saved from a different machine. This command will not work unless you are at a
    text console, as it interferes badly with X.
    vbetool will use the VESA 0x4f10 extensions to alter the power management state of your screen. "On", "off", "standby", "suspend" and
    "reduced" are acceptable further options and determine which state will be activated.
    vbetool will get or set the current VESA mode. "get" will return the current mode number on stdout - "set" will set the mode to the next
    vbetool will set the legacy VGA mode to the following numeric argument.
    vbetool will attempt to run BIOS code located at c000:0003. This is the code run by the system BIOS at boot in order to intialise the video
    hardware. Note that on some machines (especially laptops), not all of this code is present after system boot - as a result, executing this
    command may result in undefined behaviour. This command must be run from a text console, as it will otherwise interfere with the operation
    of X. This command takes an optional argument which is the location of a file containing a ROM image. If provided, this image will be mapped
    to the c000 segment and used instead of the system's video BIOS.
    vbetool will enable or disable the current video card. On most hardware, disabling will cause the hardware to stop responding until it is
    reenabled. You probably don't want to do this if you're using a framebuffer.
    vbetool will execute a VESA flat panel interface call.
      panelid will provide information about the panel
      panelsize will provide the size of the panel
      getbrightness will provide the current screen brightness as an integer
      setbrightness accepts an integer as an argument and will set the screen brightness to that
      invert will invert the colours of the screen
  Switching dpms modes may interact badly with X on some systems.
  The vbestate command may behave in strange ways.
  The post command may result in the execution of arbitrary code that happens to be lying around in the area where chunks of your video BIOS used to
  The VESA specification does not require that "vbemode get" provides the correct mode if the current mode was set via some means other than the VESA
  BIOS extensions.
  The VESA flat panel interface ceased development at the proposal stage. panelid and panelsize will work on many machines, but the other arguments
  are unlikely to be implemented on available hardware.
  vbetool was written by Matthew Garrett <mjg59@srcf.ucam.org>, based on code from read-edid by John Fremlin <john@fremlin.de>, LRMI (http://source‐
  forge.net/projects/lrmi/) and XFree (http://www.xfree86.org). It is released under the terms of the GNU General Public License.

vbetool 0.2 31 December 2004 VBETOOL(1)

Solution: Using ProxyPass from http to https in apache2 causes AH02032 SNI error

I got this error message on the internal.server.host when forwarding an URL from an extrernal HTTP server to an internal HTTPS server:

AH02032: Hostname internal.server.host provided via SNI and hostname external.server.host provided via HTTP are different

The problem turned out to be that the internal server was trusting the external one’s X-Forwarded- headers, a feature which was crucial to other parts of the setup and couldn’t be disabled. The solution was to disable sending of X-Forwarded- for this particular proxy URL by disabling ProxyAddHeaders.

The “fixed” config, as follows:

SSLProxyEngine on
SSLProxyCheckPeerCN on
SSLProxyCheckPeerExpire on
ProxyPass /nice/page.php https://internal.server.host/nice/page.php min=1 max=5 retry=10
ProxyPassReverse /nice/page.php https://internal.server.host/nice/page.php
ProxyAddHeaders off
ProxyPreserveHost off

Hope this helps someone :)

The fastest way to extend disk image files on Linux

So the VM is using too much space, and the disk image needs to grow. Previously I used dd with a bunch of options to do this. However, the truncate tool makes the whole ordeal a lot easier.

A simple command, such as the following, will grow the file disk.img by 10 gigabytes:

truncate -s +10G disk.img

Read the manual for truncate for more options.

Happy resizing.

Aeon Cobra 50cc (GOES 50s) service manuals and parts lists

Something completely unrelated to this blog thing, but I feel I have to put it somewhere. I recently did some mechanical work on an Aeon Cobra 50cc (AT70 in the registration) and spent a few evenings looking up information about it.

The Aeon Cobra 50cc is sold in several Nordic countries as the GOES 50s.

I no longer have access to said vehicle, but in case anyone else needs it, here are my findings.

Parts lists, relevant to stores like LandQuad in France, who do worldwide shipping at a reasonable price:

Service manuals for the AT70 and related vehicles:

Have fun getting your hands dirty :)

Using MERGE to insert/update in SQL Server

After finding various useless references on how to use the MERGE statement in SQL Server 2008, I found this one that I could use, so I copied it here for personal reference:

MERGE tablename AS target
USING (VALUES ('new value', 'different value'))
    AS source (field1, field2)
    ON target.idfield = 7
    field1 = source.field1,
    field2 = source.field2,
    INSERT ( idfield, field1, field2, ... )
    VALUES ( 7,  source.field1, source.field2, ... )