Raj Mittal Blogs

Thursday, 13 August 2015

Difference between bitmap and vector images?

Bitmap (or raster) images are stored as a series of tiny dots called pixels. Each pixel is actually a very small square that is assigned a color, and then arranged in a pattern to form the image. When you zoom in on a bitmap image you can see the individual pixels that make up that image. Bitmap graphics can be edited by erasing or changing the color of individual pixels using a program such as Adobe Photoshop or Fireworks, You can easily increase the size of image in any of these image editing tool and check pixel level.

Unlike bitmaps, vector images are not based on pixel patterns, but instead use mathematical formulas to draw lines and curves that can be combined to create an image from geometric objects such as circles and polygons. Vector images are edited by manipulating the lines and curves that make up the image using a program such as Adobe Illustrator.

Vector images have some important advantages over bitmap images. Vector images tend to be smaller than bitmap images. That’s because a bitmap image has to store color information for each individual pixel that forms the image. A vector image just has to store the mathematical formulas that make up the image, which take up less space.

Vector images are also more scalable than bitmap images. When a bitmap image is scaled up you begin to see the individual pixels that make up the image. This is most noticeable in the edges of the image. There are ways of making these jagged edges less noticeable but this often results in making the image blurry as well. When a vector image is scaled up, the image is redrawn using the mathematical formula. The resulting image is just as smooth as the original.

Unfortunately, vector formats are not well supported on the web. The two most popular image formats used on the Web, GIF and JPEG are bitmap formats. Most vector images must first be converted into bitmaps images (or rasterized) before they can be used on the Web. An exception is the SWF format used to create animations using Macromedia’s Flash animation software.

Bitmap formats are best for images that need to have a wide range of color gradations, such as most photographs. Vector formats, on the other hand, are better for images that consist of a few areas of solid color. Examples of images that are well suited for the vector format include logos and type.

	Bitmap graphics	Vector graphics
What are they made up of?	Pixels of different colours	Objects
What can be edited?	Individual pixels	Individual objects
What is the file size?	Large, as the computer stores details of every pixel	Small, as the computer stores details of objects, which do not require much memory
What happens when they are resized?	They lose quality	They do not lose quality
How real do they look?	Real	Not real (many of them look like cartoon images)
Native formats that the software can read	.bmp	.svg
Common file formats	.bmp, .dib, jpeg, gif, tiff, .png	.cgm, .svg, .odg, .eps, .xml

Saturday, 9 May 2015

Threading in C Sharp

What is Threading ?

Threading means parallel code execution.

There are two types of thread.

1) Foreground thread 2) Background thread

Lets see a simple example without any threading.

class Program

{

static void Main(string[] args)

{

Function1();

Function2();

Console.ReadLine();

}

static void Function1()

{

for (int i = 0; i < 10; i++)

{

Console.WriteLine("Runing from Func 1: {0}", i);

}

static void Function2()

{

for (int i = 0; i < 10; i++)

{

Console.WriteLine("Runing from Func 2: {0}", i);

}

Output:

We can see, Its executing Function 1 first and then Function 2. Its a synchronous process. One by one functions are running.

Now Lets see with Threading.

First import System.Threading namespace

Using System.Threading ;

class Program

{

static void Main(string[] args)

{

//Created two threads

Thread obj1 = new Thread(Function1);

Thread obj2 = new Thread(Function2);

//Invoke these threads

obj1.Start();

obj2.Start();

Console.ReadLine();

}

static void Function1()

{

for (int i = 0; i < 10; i++)

{

Console.WriteLine("Runing from Func 1: {0}", i);

Thread.Sleep(500);

}

static void Function2()

{

for (int i = 0; i < 10; i++)

{

Console.WriteLine("Runing from Func 2: {0}", i);

Thread.Sleep(500);

}

As we can clearly see, both the threads running simultaneously.

Note* In reality Processor execute one thread for some time, and then execute another thread for some time, It happens so quickly that it appears that execution is happening simultaneously.

Two Kinds of Thread

1) Foreground Thread: Its a thread which keeps running till its execution is completed, Although main thread execution finished.

2) Background Thread: Its a thread which stops executing whenever main thread stops.

Monday, 2 June 2014

Reason for developing the programming languages

Computers can not understand human language like Hindi, English, French. Computers can only understand machine level language or machine code or an instruction. How these instructions are organized is beyond the scope of this blog, but it is interesting to note two things.

1) Each instruction is composed of a number of binary digits, each of which can only be a 0 or a 1. These binary numbers are often called bits (short for binary digit). Example, the MIPS architecture instruction set always has instructions that are 32 bits long. Other architectures (such as the x86, which you are likely using) have instructions that can be a variable length.
For example, here is a x86 machine language instruction: 10110000 01100001

2) Each set of binary digits is translated by the CPU into an instruction that tells it to do a very specific job, such as compare these two numbers, or put this number in that memory location. Different types of CPUs will typically have different instruction sets, so instructions that would run on a Pentium 4 would not run on a Macintosh PowerPC based computer. Back when computers were first invented, programmers had to write programs directly in machine language, which was a very difficult and time consuming thing to do.

At the beginning of the programming, Developers used to code in machine level language. But it was so hard and time consuming task to code in machine language. They invented the assembly language.

In an assembly language, each instruction is identified by a short name (rather than a set of bits), and variables can be identified by names rather than numbers. This makes them much easier to read and write. However, the CPU can not understand assembly language directly. Instead, it must be translated into machine language by using an assembler. Assembly languages tend to be very fast, and assembly is still used today when speed is critical. However, the reason assembly language is so fast is because assembly language is tailored to a particular CPU. Assembly programs written for one CPU will not run on another CPU. Furthermore, assembly languages still require a lot of instructions to do even simple tasks, and are not very human readable.
Here is the same instruction in assembly language: mov al, 061h

To address these concerns, high-level programming languages were developed. C, C++, Pascal, Ada, Java, Javascript, and Perl, are all high level languages. Programs written in high level languages must be translated into a form that the CPU can understand before they can be executed. There are two primary ways this is done: compiling and interpreting.

1) Compiler : A compiler is a program that reads code and produces a stand-alone executable that the CPU can understand directly. Once your code has been turned into an executable, you do not need the compiler to run the program. Although it may intuitively seem like high-level languages would be significantly less efficient than assembly languages, modern compilers do an excellent job of converting high-level languages into fast executables. Sometimes, they even do a better job than human coders can do in assembly language.
Here is a simplified representation of the compiling process:

2) Interpreter : An interpreter is a program that reads code and essentially compiles and executes (interprets) your program as it is run. One advantage of interpreters is that they are much easier to write than compilers, because they can be written in a high-level language themselves. However, they tend to be less efficient when running programs because the compiling needs to be done every time the program is run. Furthermore, the interpreter is needed every time the program is run.

Example:

Any language can be compiled or interpreted, however, traditionally languages like C, C++, and Pascal are compiled, whereas “scripting” languages like Perl and Javascript are interpreted. Some languages, like Java, use a mix of the two.

High level languages have several desirable properties.

1) high level languages are much easier to read and write.

Here is the same instruction as above in C/C++: a = 97;

2) They require less instructions to perform the same task as lower level languages. In C++ you can do something like a = b * 2 + 5; in one line. In assembly language, this would take 5 or 6 different instructions.

3) You don’t have to concern yourself with details such as loading variables into CPU registers. The compiler or interpreter takes care of all those details for you.

These are the reasons several high level programming languages were developed.

Saturday, 15 September 2012

Snort 2.9.2 installation on RHEL 6.2

Introduction

This article describes the process of setting up a Snort Intrusion Detection System 2.9.2 (IDS) with Red Hat Enterprise Linux (RHEL) Server 6.2 on x86/64 hardware.

Install Dependencies

Some or all of these may be already on your system (depending on your installation options). Best to make sure, though.

$ yum install pcre pcre-devel php php-common php-gd php-cli php-mysql flex bison

$ yum install libxml2-devel php-pear.noarch vim-enhanced.x86_64 gcc gcc-cpp gcc-c++

$ rpm -Uvh http://ftp.riken.jp/Linux/fedora/epel/6/i386/epel-release-6-7.noarch.rpm

$ rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-6.rpm

$ yum install php-pear-DB.noarch php-pear-File.noarch

$yum -y install iptables-devel mysql-devel

Update the system:

$ yum -y update

Reboot the system :

$reboot

Downloading pre-requisites

Download the following packages:

$ wget http://www.securixlive.com/download/barnyard2/barnyard2-1.9.tar.gz

$ wget http://www.snort.org/downloads/1221 -O daq-0.6.2.tar.gz

$ wget http://www.tcpdump.org/release/libpcap-1.1.1.tar.gz

$ wget http://www.snort.org/downloads/1347 -O snort-2.9.2.tar.gz

$ wget http://libdnet.googlecode.com/files/libdnet-1.12.tgz

$ wget http://ftp.netfilter.org/pub/libnfnetlink/libnfnetlink-0.0.41.tar.bz2

$ wget http://ftp.netfilter.org/pub/libnetfilter_queue/libnetfilter_queue-1.0.1.tar.bz2

$ wget http://www.snort.org/reg-rules/snortrules-snapshot-2912.tar.gz/64ff58897b3a5c5296261a7eb3feeb5d75266124 -O snortrules-snapshot-2912.tar.gz

Installing Pre-Requisites

Install the Libdnet package

$tar zxvf /root/snort-packages/libdnet-1.12.tgz

$cd /root/snort-packages/libdnet-1.12

$ ./configure "CFLAGS=-fPIC -g -O2" --prefix=/usr

$make

$make install

$ yum install libdnet-devel

$ locate libdnet

$ ln -s libdnet.1 libdnet.so.1

$ cp /usr/lib64/libdnet.so.1 /usr/local/lib/libdnet.so.1

Install the Libnfnetlink and libnetfilter_queue package

$cd /root/snort-packages

$tar xf /root/snort-packages/libnfnetlink-0.0.41.tar.bz2

$cd /root/snort-packages/libnfnetlink-0.0.41

$./configure --prefix=/usr

$make

$make install

$export PKG_CONFIG_PATH=/usr/lib/pkgconfig/

$cd /root/snort-packages

$tar xf /root/snort-packages/libnetfilter_queue-1.0.1.tar.bz2

$cd /root/snort-packages/libnetfilter_queue-1.0.1

$./configure --prefix=/usr/local

$make

$make install

Uninstall libpcap old version and install the new version

$yum remove libpcap libpcap-devel

$cd /usr

$tar zxvf /root/snort-packages/libpcap-1.1.1.tar.gz

$cd libpcap-1.1.1

$./configure

$make

$make install

$cp /usr/local/lib/libpcap.a /usr/lib64/

Install DAQ

$cd /usr

$tar zxvf /root/snort-packages/daq-0.6.2.tar.gz

$cd daq-0.6.2

$./configure

Note: Open the netlink.h file

$vi /usr/include/linux/netlink.h

Note: Add the below lines in the file :

#ifndef SOL_NETLINK

#define SOL_NETLINK 270

#endif

$make

$make install

Snort Installation

$cd /usr

$tar zxvf /root/snort-packages/snort-2.9.2.tar.gz

$cd snort-2.9.2

$./configure --with-mysql-libraries=/usr/lib64/mysql/

$ make

$ make install

Set up Snort Environment

Create directory for storing snort configuration file:

$ mkdir /etc/snort

Create directory for storing snort logs:

$ mkdir /var/log/snort

Install the Snort rules

$cd /etc/snort

$tar zxvf /root/snort-packages/snortrules-snapshot-2912.tar.gz -C /etc/snort

Note: Create a group snort.

$groupadd snort

Note: Add a user snort and assign it to group snort.

$useradd -g snort snort -s /bin/false

Note: Change the ownership of the /var/log/snort

$chown snort:snort /var/log/snort

$touch /var/log/snort/alert

$chown snort:snort /var/log/snort/alert

$chmod 600 /var/log/snort/alert

$mkdir /usr/local/lib/snort_dynamicrules

$cd /usr/local/lib/snort_dynamicrules

$cp /etc/snort/so_rules/precompiled/RHEL-6-0/x86-64/2.9.1.2/*.so /usr/local/lib/snort_dynamicrules

Note: Enable snort rules using below command

$cd /usr/local/lib/snort_dynamicrules

$ cat /etc/snort/so_rules/*.rules >> /etc/snort/rules/so-rules.rules

Configuring Snort and Snort Rules

Note: The snort.conf file defines how snort will run once the application is started.

$ vi /etc/snort/etc/snort.conf

Find the variable RULE_PATH and change to /etc/snort/rules

Find the variable PREPROC_RULE_PATH and change to /etc/snort/preproc_rules

Find the variable SO_RULE_PATH and change to /etc/snort/so_rules

Search for Reputation and comment all the lines of preprocessor. If you want to use it, you have to create white list and blacklist rules.

Find “unified2”. Uncomment the line, change merged.log to snort.log and make sure to delete the nostamp option. Failing to remove nostamp will cause problems with Barnyard2 parsing the log files. Also, remove mpls and vlan event types,statements. When done, it should read like below:

Note: The above modifications will cause Snort to generate unified2 log files named "snort.u2.<timestamp> (eg snort.u2.1245910233), limited to 128MB each, and place them in /var/log/snort. You can now run Snort the same way you always have and the unified2 files should be visible.

Test the snort installation by using below command:

$snort -c /etc/snort/etc/snort.conf –T

Barnyard Installation

$cd /usr

$tar zxvf /root/snort-packages/barnyard2-1.9.tar.gz

$cd barnyard2-1.9

Note: Compile the source and let barnyard2 know that you want mysql awareness.

$./configure --with-mysql-libraries=/usr/lib64/mysql/

$make

Note: this will place the barnyard2 binary in /usr/local/bin by default

$make install

$cp /usr/barnyard2-1.9/etc/barnyard2.conf /etc/snort

Note: you can check the version of snort and barnyard2

snort --version

barnyard2 --version

Configure barnyard

$mkdir -p /var/log/barnyard2

$chmod 666 /var/log/barnyard2

$touch /var/log/snort/barnyard2.waldo

chown snort:snort /var/log/snort/barnyard2.waldo

$mv /usr/barnyard2-1.9/etc/barnyard2.conf /etc/snort

Note: Edit the /etc/snort/barnyard2.conf & add db details like below, Here host name will be the IP address of the RDS.

$vi /etc/snort/barnyard2.conf

output database: log, mysql, user=user_name password=passwd dbname=snorby host=localhost

Uncomment the below two lines

config hostname: localhost

config interface: eth0

Comment the below line

$output alert_fast: stdout

Starting Snort during boot

$ln -s /usr/local/bin/snort /usr/sbin/snort

$cp /usr/snort-2.9.2/rpm/snortd /etc/init.d

$cp /usr/snort-2.9.2/rpm/snort.sysconfig /etc/sysconfig/snort

$cd /etc/rc3.d

$ln -s ../init.d/snortd S99snortd

$cd ../rc0.d

$ln -s ../init.d/snortd K99snortd

$cd /etc/rc5.d

$ln -s ../init.d/snortd S99snortd

$cd ../rc6.d

$ln -s ../init.d/snortd K99snortd

$chmod 755 /etc/init.d/snortd

$chkconfig snortd on

Note: Edit the snort sysconfig file.

$vim /etc/sysconfig/snort

Find and comment ALERTMODE=FAST, DUMP_APP=1, BINARY_LOG=1

Save and close the file.

To test this, type the following:

$cd /etc/snort/etc

$cp * /etc/snort

$/etc/init.d/snortd start

Barnyard configuration

$vim /etc/snort/barnyard2.conf

Uncomment config daemon

Uncomment and set the path to your waldo file, /var/log/snort/barnyard2.waldo.

$vim /usr/barnyard2-1.9/rpm/barnyard2.config

Change the LOG_FILE to snort.log and change the CONF variable to /etc/ snort/barnyard2.conf

Starting Barnyard2 during boot

$ln -s /usr/local/bin/barnyard2 /usr/sbin/barnyard2

$cp /usr/barnyard2-1.9/rpm/barnyard2 /etc/init.d

Edit barnyard2 file.

$vim /etc/init.d/barnyard2

Change the BARNYARD_OPTS line to read BARNYARD_OPTS="-D -c $CONF -d $SNORTDIR -w $WALDO_FILE -f $LOG_FILE -X $PIDFILE $EXTRA_ARGS". Save and close file.

$cp /usr/barnyard2-1.9/rpm/barnyard2.config /etc/sysconfig/barnyard2

$chmod 755 /usr/local/bin/barnyard2

$cd /etc/rc3.d

$ln -s ../init.d/barnyard2d S99barnyard2d

$cd ../rc0.d

$ln -s ../init.d/barnyard2d K99barnyard2d

$cd /etc/rc5.d

$ln -s ../init.d/barnyard2d S99barnyard2d

$cd ../rc6.d

$ln -s ../init.d/barnyard2d K99barnyard2d

$chmod 755 /etc/init.d/barnyard2

$chkconfig --add barnyard2

$chkconfig barnyard2 on

To test, type

$/etc/init.d/barnyard2 start