# Bit, byte and the conversion from/to decimal

A bit can have only one of two values: 0 or 1. The term bit is a shorted form of binary digit. The two values (0 and 1) can also be interpreted as logical values (true/false, yes/no), algebraic signs (+/?) and so on. A group of eight bits is commonly called one byte, but historically the size of the byte is not strictly defined.

The symbol for bit, as a unit of information, is either simply bit (ISO/IEC standard 80000-13 (2008)) or lowercase b (IEEE 1541 Standard (2002)). In contrast, the upper case letter B is the standard and customary symbol for byte. While the term byte might be ambiguous, you might find the term octet as a representation of 8 bits (used in the representation of IP addresses and network protocol parameters).

Computers usually manipulates bits in groups of a fixed sizes, conventionally named words. Like the byte, the number of bits in a word also varies with the hardware design, and is typically between 8 and 80 bits, or even more. Nowadays, the most common word size are of 32 or 64 bits.

The lack of human capabilities to think in binary, led to different mapping mechanism: byte, ASCII, hexadecimal and so on. As such, when it comes to a conversion for human use, this is what 8 bits can represent:

• 00000000 – decimal 0
• 00000001 – decimal 1
• 00000010 – decimal 2
• 00000011 – decimal 3
• 00000100 – decimal 4
……..
• 11111110 – decimal 254
• 11111111 – decimal 255

Who said that math is fun? Let’s see several methods that would allow us to convert a decimal into a binary and a binary back into a digital. And let’s start by saying that a decimal number has digits that go from 0 to 9 and that the bytes have the highest value bit at the left and the lowest value at the right (if I lost you already, is the exact same way as a decimal number). Now, each bit in a byte is referred using it’s index number:

• bit 7 – index: 7 (MSB)
• bit 6 – index: 6
• bit 5 – index: 5
• bit 4 – index: 4
• bit 3 – index: 3
• bit 2 – index: 2
• bit 1 – index: 1
• bit 0 – index: 0 (LSB)

where bit 0 is is the lowest value bit (Lowest Significant Bit – LSB) and bit 7 is the highest value bit (Most Significant Bit – MSB). Let’s see now how we can convert the byte 10101101 into a decimal number. First of all, this byte is represented by position – you will move from right to left and increase the multiplier by the power of two (2). This multiplier is used as the binary format is using the base-2 notation.

• 1st digit from right multiplier 20 = 1
• 2nd digit from right multiplier 21 = 2
• 3rd digit from right multiplier 22 = 4
• 4th digit from right multiplier 23 = 8
• 5th digit from right multiplier 24 = 16
• 6th digit from right multiplier 25 = 32
• 7th digit from right multiplier 26 = 64
• 8th digit from right multiplier 27 = 128

Now let’s get back to our binary value – 10101101 – and let’s apply the same logic.

• 1st digit represents the number of 20‘s => 1 * 20
• 2nd digit represents the number of 21‘s => 0 * 21
• 3rd digit represents the number of 22‘s => 1 * 22
• 4th digit represents the number of 23‘s => 1 * 23
• 5th digit represents the number of 24‘s => 0 * 24
• 6th digit represents the number of 25‘s => 1 * 25
• 7th digit represents the number of 26‘s => 0 * 26
• 8th digit represents the number of 27‘s => 1 * 27

Considering the above, our digital representation of our byte is the sum of all the values:

(1 * 20) + (0 * 21) + (1 * 22) + (1 * 23) + (0 * 24) + (1 * 25) + (0 * 26) + (0 * 27) =
= 1 + 0 + 4 + 8 + 0 + 32 + 0 + 128 =
= 173

Now that we have seen how to convert the byte into a digit, let’s see how we can covert the number 173, into a byte or a binary format. For this, on each bit position you need to see if the bit adds to the total value or if it doesn’t. This time, we will start with the highest bit position value and we will use the division with remainder technique.

• Can I divide the full number 174 by 128?
• Yes, the whole part is 1 and the remainder is 36.

• Can I divide the remainder 46 by 64?
• Yes, with the whole part 0 and the remainder 36.

• Can I divide the remainder 46 by 32?
• Yes, with the whole part 1 and the remainder 14.

• Can I divide the remainder 14 by 16?
• Yes, with the whole part 0 and the remainder 14.

• Can I divide the remainder 14 by 8?
• Yes, with the whole part 1 and the remainder 6.

• Can I divide the remainder 6 by 4?
• Yes, with the whole part 1 and the remainder 2.

• Can I divide the remainder 2 by 2?
• Yes, with the whole part 1 and the remainder 0.

• Can I divide the remainder 0 by 1?
• Yes, with the whole part 0 and the remainder 0.

Once I got the remainder 0, I can easily obtain the byte associated with the digit 174, by having the whole part concatenated from right to left. As such, the resulted byte is 10101110.

Both methods can be scaled up for as many bytes, binary digits or digital digits that you might need.

# Exim alternate port 587

Nowadays, most of the ISP’s are blocking the port 25 case that can be simply tested by establishing a telnet connection on port 25:

\$ telnet dragos.fedorovici.com 25
Trying 67.210.111.70…
telnet: Unable to connect to remote host: Connection timed out

If you see the above error message, your ISP is very likely blocking the ability to send mail through servers other than theirs. Over the last few years, more and more ISP’s have started to require their subscribers to use their SMTP server to send mail. This allows them to monitor spammers, and to reduce to the overwhelming amounts of spam and exploitation that occurs daily with email. You may want to contact your ISP to see if they are willing to work with you on this issue or try port 587 or 26 which may be opened.

When it comes to your server, if you are running Exim as the default MTA on your server, you can bypass this block from different ISP’s, by opening an alternate port for Exim. and allowing your clients to use this port for outgoing SMTP. For this you will need to edit the configuration file of Exim (usually /etc/exim.conf) and add a similar line to the configuration file:

daemon_smtp_ports = 25 : 587

Restart the mail server and you should be able to bypass the restriction added by your ISP:

\$ telnet dragos.fedorovici.com 587
Trying 67.210.111.70…
Connected to dragos.fedorovici.com.
Escape character is ‘^]’.
220-torch.lunarmania.com ESMTP Exim 4.69 #1 Wed, 07 Dec 2011 13:32:08 -0800
220-We do not authorize the use of this system to transport unsolicited,
220 and/or bulk e-mail.
^]

telnet>

# rsync SSH non standard port

Let’s assume that the ssh daemon from one of your remote servers is running on a non standard port, and you need to perform a rsync between your server (you are using the default port right?) and this machine. After some searching, the man page of rsync finally offered the magic solution to specify the SSH port, by using the -e parameter:

rsync -vrtz -e “ssh -p 22022” root@fedorovici.com:/path/to/my/files/ /other/similar/path/

-v = increase verbosity
-r = recursive
-t = preserve times
-z = compress file data during the transfer

Evrika!

# [How To] Mount an additional drive

In this article I will describe how you can mount an additional drive on a Linux machine. First of all you will need to ensure that the OS is able to see both drives correctly, using the fdisk command:

root@server [~]# fdisk -l
Disk /dev/sda: 160.0 GB, 160040803840 bytes
255 heads, 63 sectors/track, 19457 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes

Device Boot      Start         End      Blocks   Id  System
/dev/sda1   *           1          32      257008+  83  Linux
/dev/sda2              33       18948   151942770   83  Linux
/dev/sda3           18949       19457     4088542+  82  Linux swap / Solaris

Disk /dev/sdb: 160.0 GB, 160041885696 bytes
255 heads, 63 sectors/track, 19457 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes

Disk /dev/sdb doesn’t contain a valid partition table

As you can see, the second drive (/dev/sdb) doesn’t contain a valid partition table so we will need first to create a partition:

root@server [~]# /sbin/fdisk /dev/sdb
Device contains neither a valid DOS partition table, nor Sun, SGI or OSF disklabel
Building a new DOS disklabel. Changes will remain in memory only,
until you decide to write them. After that, of course, the previous
content won’t be recoverable.

The number of cylinders for this disk is set to 19457.
There is nothing wrong with that, but this is larger than 1024,
and could in certain setups cause problems with:
1) software that runs at boot time (e.g., old versions of LILO)
2) booting and partitioning software from other OSs
(e.g., DOS FDISK, OS/2 FDISK)
Warning: invalid flag 0x0000 of partition table 4 will be corrected by w(rite)

Command (m for help): n
Command action
e   extended
p   primary partition (1-4)
p
Partition number (1-4): 1
First cylinder (1-19457, default 1):
Using default value 1
Last cylinder or +size or +sizeM or +sizeK (1-19457, default 19457):
Using default value 19457

Command (m for help): w
The partition table has been altered!

Calling ioctl() to re-read partition table.
Syncing disks.

To recap, you will need to run /sbin/fdisk on the second drive (/dev/sdb) , then you will type ‘n’ in order to create a new partition, ‘p’ to have it created as a primary partition, you will need to set the desired partition number (in the above example is 1) and leave everything else as default. The partition that is created is /dev/sdb1 (as I set 1 as the partition number). Once the partition is created we will need to format it:

/sbin/mkfs -t ext3 /dev/sdb1

A mount point for the new partition needs to be created and you will need to assign a label to this mount point:

mkdir /backup
/sbin/e2label /dev/sdb1 /backup

In order to have the new partition mounted automatically after a reboot, you will need to add a new line in /etc/fstab that should include the label assigned, the mount point, the partition type ect:

vi /etc/fstab and add:
LABEL=/backup   /backup   ext3   defaults   1 2

Finally, mount the new created partition

mount /backup

and check the results:

[root@server ~]# df -h
Filesystem            Size  Used Avail Use% Mounted on
/dev/sda3             108G   54G   50G  53% /
/dev/sda1              99M   24M   70M  26% /boot
none                  498M     0  498M   0% /dev/shm
/usr/tmpDSK           485M   12M  449M   3% /tmp
/tmp                  485M   12M  449M   3% /var/tmp
/dev/sdb1              74G   85M   70G   1% /backup

# [How To] Install APF (Advanced Policy Firewall)

Advanced Policy Firewall (APF) is an iptables (netfilter) based firewall system designed around the essential needs of today’s Linux servers. The configuration is designed to be very informative and easy to follow. The management on a day-to-day basis is conducted from the command line with the ‘apf’ command, which includes detailed usage information on all the features.

This guide will show you how to install and configure APF firewall:

mkdir /root/setup ; cd /root/setup
wget http://www.rfxnetworks.com/downloads/apf-current.tar.gz
tar -zxf apf*
cd apf* && ./install.sh

Once the installation is completed you may use the following options to perform basic operations:

To start the firewall run: apf -s
To restart the firewall run: apf -r
To flush the firewall run: apf -f

Create a backup of the configuration file and open it using the desired text editor and go over the general configuration to get your firewall running. This isn’t a complete detailed guide of every feature the firewall has. Look through the README and the configuration for an explanation of each feature.

cd /etc/apf && cp conf.apf conf.apf.bak && nano conf.apf

Take the firewall out of development mode in the file by changing DEVEL_MODE from 1 to 0.

# !!! Do not leave set to (1) !!!
# When set to enabled; 5 minute cronjob is set to stop the firewall. Set
# this off (0) when firewall is determined to be operating as desired.
DEVEL_MODE=”1″

Enable common egress (outbound) ports by setting the value of the EGF variable to 1:

# Egress filtering [0 = Disabled / 1 = Enabled]
EGF=”1″

Finally check IG_TCP_CPORTS, IG_UDP_CPORTS, EG_TCP_CPORTS and EG_UDP_CPORTS, and make sure that all the ports that you are relaying on are opened. Below you will find my configuration for a server that is running cPanel:

# Common ingress (inbound) TCP ports
IG_TCP_CPORTS=”20,21,22,25,26,53,80,110,143,443,465,993,995,2077,2078,2082,2083,2086,2087,2095,2096,3306″

# Common ingress (inbound) UDP ports
IG_UDP_CPORTS=”21,53,465,873,2077,2078″

# Common egress (outbound) TCP ports
EG_TCP_CPORTS=”21,22,25,26,37,43,53,80,110,113,443,465,873,2089,3306″

# Common egress (outbound) UDP ports
EG_UDP_CPORTS=”20,21,53,465,873″

To see which of your ports are open and which are closed on your server, you can run: netstat -nap
To locate the APF version that you are using:  cat /etc/apf/VERSION

If you did wish to uninstall APF, you should run the following commands:

iptables -F
rm -Rf /etc/apf
rm -Rf /usr/local/sbin/apf
rm -Rf /etc/rc.d/init.d/apf
rm -Rf /var/log/apf_log
rm -Rf /var/log/apfados_log
/sbin/chkconfig –level 345 apf off