You are here

Risharde's Blog

UPNP / DLNA Windows Media Player 12 Sharing Vs. Nero MediaHome 4

So I began testing an LG Bluray player with built in network access to stream videos over the network. The LG bluray came bundled with Nero MediaHome 4 which is a simple application to enable you to share videos on your computer to your home network and basically let the LG bluray player to play movies from over your network.

After noticing a dramatic decrease in performance on my RAID 1 computer, I opened up Windows Task Manager and clicked the Processes tab and enabled I/O Read Byes and I/O Write Bytes. To my amazement, it seems the Nero MediaHome 4 background service was writing exessively to the drive even while it was not being used for streaming purposes. In fact, there were more writes than reads which is extremely odd since Nero MediaHome4 is responsible for reading from the hard drive so it is very strange to see I/O writes peaking.

In any event, enough was enough, this program is crap so I removed it and decided to keep it simple. Low and behold, I was extremely shocked to see the effeciency of Microsoft Media Player 12 Media sharing (yes, Microsoft actually gets it right sometimes). After running tests, Microsoft's implementation was twice as fast at listing files and was much less resource intensive than Nero Media Home 4 by far.... a little bit shocked, my confidence in Microsoft has once more been re-established a little more.

There are alternatives such as XBMC which was not tested so I can't comment on its efficiency.

Changing default SSH port in CENTOS

I thought this would be useful in helping to secure your CentOS linux box better

So basically, the default SSH port is 22 allowing anyone to be able to get to your username and password prompt and do some bruteforcing etc.

You can move SSH to a different port by editing the /etc/sshd/sshd_config file

I like to use nano (a small text editor to edit text files in CentOS) so basically you type the following at the console prompt

nano /etc/sshd/sshd_config

Look for the line
#Port 22

Remove the # from the start of the line
Change the number 22 to some other number. Make sure the number is a positive number and less than 65535. Also make sure its not a port in use. For example port 80 is used for http so you never want to use a port that is currently in use by another server application that is listening for connections.

Save your config file

Then do the following:

service sshd stop


service sshd restart

Now open another ssh client and connect to the new port and make sure it is working before you close off your previous ssh client connection (this is to make sure that you can get back into your linux box)


Good luck

Crontab files stored on CentOS

I discovered that crontab files for users are also stored in the /var/spool/cron/ directory
as well as the /etc/crontab file and a few sub folders which you can find by typing
ls /etc/cron*

Good luck

Block a host (iptables firewall)

Thanks to and Alex_Liquidhost for this:

iptables -A INPUT -s x.x.x.x -j DROP

where x.x.x.x is the IP address

I haven't tried it but it seems fairly straight forward and should work.

Of course, please be careful using the iptables command since it can be used to block all connections to your server.

Good luck!

Getting Unix Bench to run on CentOS

Okay, firstly you have to download Unix Bench via

You can use the wget command to do this

Next, after you download the unixbench.tar.gz file, you need to extract the files from the archive.
I use: tar -xvf unixbench.tar.gz

Make sure to install the libXext packages
I use: yum install libXext*

Go into the unixbench folder via the command line interface and type


That's it

Good luck! ;)

Useful IPTABLES commands

Save rules: service iptables save
Restart iptables: service iptables restart
Delete a rule 1:
iptables -D INPUT 1

iptables -A INPUT -p tcp --dport 80 -j ACCEPT

iptables -A INPUT -p tcp --dport 80 -j REJECT

iptables -A INPUT -s x.x.x.x -j DROP

Spoofed domain hn.kd.ny.adsl

I was able to get the actual ip range of the hn.kd.ny.adsl attacker. It seems the attacker uses compromised machines to do http attacks or perhaps bruteforce. Very strange indeed.

182.118.*.* seems to have some compromised servers trying an http attack on my linux box?

I shall keep monitoring...


Test your VPS/server's file IO performance

This generates a ~1 GB file and checks how long it takes to create. Use this to test the hard disk drives write speeds

dd if=/dev/zero of=test bs=64k count=16k conv=fdatasync

Good luck


Gzip a directory in linux

tar -zcvf archive-name.tar.gz directory-name

change archive-name to whatever you want. change directory-name to whatever directory name it is

Good luck

suPHP versus modPHP

So I've been testing both and there are a few trade offs here between suPHP and modPHP.

MODPHP Security
Firstly to get started, modPHP is supposed less safe sine PHP will run as apache thus a compromise on one website can lead to the reading of other directorys/websites of other users within the same linux server/box.

suPHP Security
suPHP security is indeed a notch higher when configured properly. Basically each user has their own username and suPHP will basically allow their website or in this case apache to run under the specific username. This means that if a website of a specific user were to be compromised, it would be much harder to get access to other websites on the box not running under the compromised user account.

HOWEVER, there is a catch
After my testing, I've noticed that suPHP is a bit slower but more importantly extremely CPU and memory intensive compared to its less secure modphp counterpart. At 50 users, the load on my server went up to 10.x which I have never seen happen with modphp. In fact, modphp wouldn't even break a serious sweat with this number of clients. More worrying is that suPHP used nearly 2 GBs of RAM during this 50 user load test while modPHP didn't go over 1 GB...

So really, the choice is up to you when it comes down to the security vs resources issue. I'm going to try caching with suPHP and see if that helps at all.