I was using JDBC to connect to IBM DB2 AS400 for iSeries in my Rails Application. Now it looks like I will have to move to use the ibm_db gem.
https://github.com/ibmdb/ruby-ibmdb
I attempted this with irb first and used the following in a command like:
require 'ibm_db'
conn=IBM_DB.connect("DATABASE=ABCUATDT;hostname=TEST.HERE.COM;PORT=9471;SECURITY=SSL;PROTOCOL=TCPIP;AUTHENTICATION=SERVER;UID=username;PWD=abc1234;", "", "")
This gives me the following error:
SQL30081N A communication error has been detected. Communication
protocol being used: \"SSL\". Communication API being used:
\"SOCKETS\". Location where the error was detected: \"\".
Communication function detecting the error: \"sqlccSSLSocketSetup\".
Protocol specific error code(s): \"414\"
I then try without SSL:
conn=IBM_DB.connect("DATABASE=ABCUATDT;hostname=TEST.HERE.COM;PORT=446;PROTOCOL=TCPIP;AUTHENTICATION=SERVER;UID=username;PWD=abc1234;", "", "")
SQL30082N Security processing failed with reason \"15\" (\"PROCESSING
FAILURE\"). SQLSTATE=08001 SQLCODE=-30082"
These ports and username/pw etc all work fine with JDBC, but not using the ibm_db gem.
EDIT: I tried using different ports, I know that 8471 is open for non-SSL and 9471 is open for SSL. I decided to skip SSL altogether and I started using the db2cli on my Mac OSX.
db2cli execsql -connstring "database=ABCUATDT;hostname=TEST.HERE.COM;port=8471;uid=username;pwd=abcd1234"
This just hangs and doesn't give me a prompt to write SQL:
IBM DATABASE 2 Interactive CLI Sample Program (C) COPYRIGHT
International Business Machines Corp. 1993,1996 All Rights Reserved
Licensed Materials - Property of IBM US Government Users Restricted
Rights - Use, duplication or disclosure restricted by GSA ADP Schedule
Contract with IBM Corp.
I then tried the python library AND the DB2 CLI - both of which gave the same errors. Is there something needed to be changed at the DB2 side?
Why would it work for JDBC but not for the IBM ODBC driver?
Speak with your i administrator(s) or management team. Stackoverflow may not be not what you need right now. When asking questions, it's smart to fully detail your environment for obvious reasons, if necessary speaking with relevant persons at the client site to establish the facts before asking questions.
Find out whether there is a Db2-connect server (separate purchase) already installed on the i-series. The regular Db2-client for MAC can then communicate with CLI/ODBC via that product which does the required protocol conversions while acting as a gateway.
Find out if there is a Db2-connect server already deployed anywhere that runs on Windows/Linux/Unix that you can use (it does the required protocol conversions while acting as a gateway) once configured with connections for i-series. The regular Db2-client for MAC OS X can then use that as a gateway for CLI/ODBC to i-series.
IBM does not currently sell "IBM i access" for MAC OS X afaik, which offers the CLI/ODBC interface and does not require a Db2-connect server. That product is available for Microsoft Windows and Linux platforms. Those platforms may offer you an alternative if MAC OS X is currently unsupported.
The regular Db2-driver from IBM for MAC OS X requires for CLI/ODBC a Db2-connect server for the protocol conversions with i-series, so db2cli tool will not work without a Db2-connect gateway.
Other non IBM vendors may offer solutions in this area.
Another possibility is to use a ODBC to JDBC bridge, running on your MAC OS X, which would reroute ODBC calls to your working jdbc driver. You might research that.
Related
Has anyone seen anything on Windows Server 2019 that would prevent browsing the network in a Active Directory domain environment to find available OPC servers on remote hosts when all other OPC communications seem to be functioning normally and file share browsing seems to also be functioning?
There is something I'm missing here, but I cannot find it. Since the core OPC functions are working, tools like OPC Expert are not showing any errors and guides for DCOM settings from OSIsoft, KEPware, and OSI Institute are all being used to no avail. None of the DCOM settings seem to be addressing the CLSID network browsing. If a client has the ability to supply a remote host and query that host, the OPC services enumeration works just fine. The problem is that we are attempting to use clients that do not have any features to manually define the servers and solely relies on the network browsing functions.
Please tell me someone else has seen this behavior. I suspect that it is some network security feature of Windows Server 2019, but I can't find any documentation that points to what might be causing this function to fail. Worse, the function is completing normally, but with zero results, so I don't even have error messages to track the issue down with.
It really depends on the application you are using. There are many ways for an OPC Client to find the remote OPC Server. Most clients will use a combination of the folowing:
OPCEnum. In particular the heavy lifting is done using EnumClassesOfCategories which is part of Component categories Manager. Does not crawl through registry.
GetOPCServers(). This is a method is available as part of an interface called IOPCAutoServer which comes from the OPC foundation itself (via OPCDAAuto.dll)
CLSIDFromProgID() first to get the CLSID and then does the CoCreateInstanceEx().
When CLSIDFromProgID() fails, it falls back to using OPCEnum to list all OPC servers before making a connection.
That means that you would first need to find out what your client application is using to list the OPC Servers.
Then, on the Windows Security side of things, depending on the OS version of both nodes, you may need to disable Simple File Sharing mode (that is the case for Windows XP and older)
If it uses OPCEnum, you will need to configure DCOM for OPCEnum as well, which is the recommended method to list remote OPC Servers.
If the application only supports remote registry lookup to find the OPC Server, then you will need to grant access to the account connecting from the client to the Server
I'm a new comer to using the overseas server. Recently I bought a vps from virmach in order to see foreign websites like google and wiki.
I've been trying for a long time configuring my shadowsocks on my server.
However, when I was using shadowsocks-qt5 to connect my server, it was timeout.
And of course I can't access google correctly.
What I want to ask is the reason why I failed.
Here are things that I do remember to do:
stop the firewall on both computers;
build the .json file which I referred to blogs in China.
Here are the outline of my shadowsocks.json on my server:
{
"server":"0.0.0.0",
"server_port":8388,
"local_address":"127.0.0.1",
"local_port":1080,
"password":"XXXX",
"timeout":600,
"method":"aes-256-cfb"
}
Other useful(maybe) information:
my client OS version: Ubuntu 18.04.3 LTS
my server OS version: Ubuntu 16.04.6 LTS
the client I choose is from: https://github.com/shadowsocks/shadowsocks-qt5
I could not help but wandered, are there any other possible reasons I've forgot? Can anyone inform me some helpful details to solve this puzzling problems? Thanks a lot!
I have not set up my own VPS but I have instead subscribed to the server provided by caonima.io, so I can't speak for any server related issues. Additionally, I have no affiliation with caonima.io. I did however successfully set up my client on Ubuntu 16.04 after having some issues connecting to GFW-blocked (China's Great FireWall) websites.
From what I understand from my solution, the client configuration is NOT the only step of setup. There are two layers of proxy access that need to be completed:
Client Configuration. Configure your client with the server and connection information. A successful connection looked like this for me with my command line interface
shadowsocks-libev command line client successful connection
System or Browser Proxy Configuration. You will need to configure either your browser or web access tool to use a proxy, or set system-wide proxy settings. To set system wide proxy settings, go to system settings > network > network proxy and enter the proxy information. Setting Socks host to localhost:1080 resulted in successful GFW-blocked website access (as shown below)!
Ubuntu network settings proxy manual configuration
I made an app using the barcoding for inventory management, now i need to transfer that data to the computer. For this purpose i used TCP/IP Host client sample applications given in windows mobile 6.5.3 SDK samples.
When i run the application its' fine no errors, shows connected to the Host IP but no data is transferred, When i debugged there is no exception code just works fine but there is no functionality performed. My connection is USB connection. IP shown in host application is correct, my device is also having IP (check through ipconfig). Now when i ping my host computer from device, it is giving error
PING: transmit failed, error code 11010
Is my approach right towards this situation using this data transfer over this socket ? If yes then how can i make this connection successful ? If not what is the other solution for this data transfer from device to computer. (software on device is using SQL CE and application on computer is ASP.NET application using SQL Server database.)
I saw various similar questions about this problem but unable to find any suitable solution. PS i am new this platform of windows mobile/embedded
If not what is the other solution for this data transfer from device
to computer. (software on device is using SQL CE and application on
computer is ASP.NET application using SQL Server database.)
These are some common solutions for client/server communications on Windows Mobile:
Use RAPI or RAPI2 to communicate with the mobile device and host PC using the USB ActiveSync/Windows Mobile Device Center connection. You could use this option to export a CSV file from the mobile device to the host PC. Then you can import the CSV file into the host database. Requires physical access to host PC via USB.
Call a web service to transmit the data to the server. You can write a simple RESTful web service using ASP.NET Web API. If you're using C++ you can use WinInet API, but it's kind of painful. If you're using C# then you have built-in support and it's not an issue.
Use SQL CE Replication.
I would like to be able to do some ICMP network diagnostics from a windows 10 universal app, including ping, traceroute, etc.
However it would appear that the System.Net.NetworkInformation.Ping class isn't available to store apps and when creating a new System.Net.Sockets.Socket the ProtocolType.Icmp is not available when I try.
All the information I can find on the Internet about this topic all relates to windows 8.1 apps and I want to know if anything new has been added to the API in Windows 10 that would allow me to produce ICMP ping, etc.
I've seen suggestions that you could use raw sockets but it appears that these are no longer allowed on client versions of Windows.
My preferred language is C# but I'm OK with using C++ if this gives me an advantage.
Note: checking the network status is not sufficient. I'm actually wanting to test the connection to specific machines on the network, I really do want a proper ICMP ping.
The System.Net.NetworkInformation.Ping dot net class is a wrapper for the Win32 IP Helper Functions.
UWP Apps run in a protected environment, and as a result, many Win32, COM, and CRT API calls that might compromise the security of the platform are not allowed.
Windows Runtime apps and Universal Windows Platform (UWP) apps can use a subset of the Win32 and COM APIs which you can call in a native app.
Unfortunately, the Win32 IP Helper Functions are not supported in UWP yet.
We have acquired a 4 channel GSM Gateway, model GoIPx4-G610 (the manual is titled "GoIP Series SIM Card for GSM Voice Gateway - GSM VOIP Gateway").
We are looking to develop a custom application to control the GOIP gateway. We have developed in the past custom applications that controlled simple GSM modems through AT commands for sending/receiving SMS messages in particular.
Although the gateway can be controlled through SIP we would like to control the GSM modems embedded in the gateway through AT commands if possible. This is because of the fine grained control AT commands offer and because we do not need VoIP features since we need only to send/receive SMS messages.
The gateway runs an unknown Linux instance to which we can connect through telnet. Unfortunately we do not have the credentials to authenticate to it. The gateway also has a web http administration interface to which we can authenticate but we can't find there settings/information related to channels that we can use for AT commands.
The documentation is very poor and the provider could not offer us any helpful information regarding this.
If anyone knows how we can send AT commands to the modems inside the gateway it is highly appreciated.
Up to now we have tried a brute force attack on the telnet interface to find the credentials with no success. We hope that once we can connect to the Linux instance driving the gateway we can connect from there to the modems through serial connections (to send AT commands) and we can reconfigure it to redirect the connections outside of the modem or to make an interface for sending commands to the modems.
The device has an update firmware option (through the web interface) which always gives the error "download failed". Downloaded the firmware (.pkg file) manually from their update pages and extracted the files from the embedded Linux distribution that should correspond to the ones placed on the gateway. The files were kept in the pkg file as an ROMFS compressed image which we mounted on a test station to see the files (probably the running OS on the gateway is an uClinux distribution).
Did this hoping that we can find there the /etc/passwd file which could be cracked with classic attack. However didn't found it and probably that file is placed on the gateway flash memory (contrary to the Linux files which are stored on the ROM memory). So if there is a way to erase / reset this flash memory that could be a solution (in case the gateway doesn't refuse to boot without those files). Another solution would be to be able to access the flash memory with the passwd file if there is such thing.
You might take the lid off and see what parts are inside.
If it's a general purpose processor with a published data sheet and without a lot of code security features, you might be in luck. For example, you might find:
By guessing headers or tracing from known pins, a console serial port, either logic level or RS232, hopefully with a shell listening
A boot mode pin for the micro connected to a resistor, which you could jumper to cause the micro to boot to a uart bootloader where you could download a new system image, or patch the existing one. If you are lucky the bootloader would be something known, like u-boot.
A JTAG port for the processor
A removable storage device which you could remove and alter
an SPI flash which you could carefully tap into and alter
A flash chip which you could desolder and transplant to a programmer
You could also make a GPL sources request for the kernel and whatever else from the vendor. Or even just trying to identify versions of things like a web server could help you look up any known exploits. Since it seems you have a similar system image to that which is installed, looking through it could be helpful - look for additional daemons running, listening on ports you weren't previously aware of, left over debug support, etc.
I am the developer of the GoIP you've purchased. Instead of trying to hack the GoIP, did you contact us to support your development of custom applications? Here are the updates of GoIP for you.
GoIP now supports SMPP. This could be an alternative to using AT commands to send and receive SMS.
API (Application Programming Interface) for GoIP is now available to support your custom application development.
If AT commands are still the preferred method, please contact us and I would be happy to discuss with you further.