Archive for October, 2012

Orthodox Christian Church songs performance of Psalms 1, 2, 3

Wednesday, October 31st, 2012

I have idea to collect if possible all performance of Psalms in the Orthodox Church. I'm not sure if I would be able to find all of them in the internet. So far I could find the first 3 performed by Church choires and monasteries. Hopefully if God bless so I will be able to make a list of all Psalms as Sung by our brothers and sisters in Christ.


 

† Bigorski monastery † – Blessed is the man (Psalm 1) 2007


 

Romanian Orthodox Chant – Psalm 1,2,3 at Putna Monastery


 

PSALM 3 – ORTHODOX CHRISTIAN SONG (Sung by an Orthodox Christian


 

Fr. Yousef Asaad – Psalm 3 (Coptic Orthodox Church chant)

 

Enjoy the first 3 ones! 🙂

Using GNU screen for opening multiple shells within a single shell / Handy way to keep constant SSH connections to servers from 1 single shell

Wednesday, October 31st, 2012

Handay way to keep ssh connections persistent after ssh logout / Using GNU screen for opening multiple shells within a shell

As GNU / Linux user I use screen window manager to manage multiple SSH connections (all over one ssh connection) to a host over the last maybe 10 years. Though screen is generally popular it is still possible some novice sysadmin did not use it or (hope not) never heard of it. For those who don't use GNU screen still, give it a try; launch it within a (system bash, csh etc.) shell and then inside the main screen window launch multiple screen internal sessions (by pressing simultaneously) keys CTRL + ALT + c .

Each CTRL + ALT + c makes screen open a new "Virtual Window (pty)"  inside itself, the multiple screen sub-instances are kept in memory of main screen program loaded in memory. In a way Virtual Windows of screen in logic are very Similar to Apache's Webserver Apache Parent and Child processes.

Anyways to test screen type in console:

pcfreak:~$ screen

And press enter twice, it will launch under screen a new instance of your current logged in shell (if you logged in bash will open bash if zsh – zsh etc.)

Afterwards, you can open multiple Virtual Screens as I've mentioned with pressing CTRL + ALT + c.
Moving between all open screen sessions is done with simultaneous press of:

CTRL + ALT + pTo move to previous screen Virtual Window Shell Session
CTRL + ALT + n
– To move to next screen Virtual Window Session

The most useful from all screen functionality is DETACH. You can detach (like save state of) curreng GNU Screen active sesion by  pressing together:

CTRL + a + d – Detach current active GNU Screen session

Screen supports detaching multiple sessions (whether 2 or more screen sessions run with identical user credentials).

An example use of multiple detached screen sessions would be if you login via SSH with a certain user lets say user myuser and later detach by pressing CTRL + a + d after which open new session, you will get in shell message similar to:

[detached from 1549.pts-11.pcfreak]

The msg indicates new screen session is detached. Onwards run screen once again, for sake of test typing in same shell once again:
 

pcfreal:~$ screen

After screen loads its second session press again CTRL + a + d – to detach second active session, again you will get msg:

[detached from 15691.pts-0.pcfreak]


Next on you can use screen to list all active window sessions by issuing:

pcfreak:~$ screen -list
There are screens on:
        1549.pts-11.pcfreak     (10/27/2012 09:45:58 PM)        (Detached)
        15691.pts-0.pcfreak     (10/24/2012 02:50:06 PM)        (Detached)
2 Sockets in /var/run/screen/S-hipo.
 

To attach to detached active GNU screen session, use:

 
pcfreak:~$ screen -r PID_OF_SESSION

For example to attach to 1 listed screen session 1549:

pcfreak:~$  screen -r 1549

To attach to second one 15691:

pcfreak:~$ screen -r 15691

The -r  switch stands for re-attach and second part of PID name like in above example pts-11.pcfreak pts-0.pcfreak is just indicating the hostname where screen was detached as well as the pty (pseudo tty number assigned to detached session), the time included shows the exact time in which main screen session was started for instance for screen 1549 it is 10/27/2012 09:45:58 PM.

The 2 Sockets in /var/run/screen/S-hipo displays the directory location of the screen socket, on each screen user startup a separte directory is created in /var/run/screen, the attach detach of screens is done via using a UNIX socket (fifo named pipe):

pcfreak :~$ ls
1549.pts-11.pcfreak|  15691.pts-0.pcfreak|  byobu.reload-required*
pcfreak:~$ cd /var/run/screenS-hipo
pcfreak:/var/run/screen/S-hipo$ file 1549.pts-11.pcfreak
1549.pts-11.pcfreak: fifo (named pipe)
 
The use case of screen are really up to your imagination, however for running programs which require you to have a permanent interactive terminal, like lets say: Midnight Commander (mc), iptraf, tcpdump, irssi (IRC chat client), ettercap, sniffit 🙂 screen is really *precious sysadmin tool
screen is great for PuTTY users who dislike that putty doesn't by default support tab-bed multple SSH logins (you might like to check my previous post where I explain about Putty Connection manager which supports tabbed ssh)
Actually, i'm so accustomed to SCREEN, that it is quite hard to imagine the times when it was not. I guess sysadmin life was much difficult back then 🙂

Many people who still remember irc clients like BitchX and epic and the IRC times should remember, how well known and frequent people used to detach those progs or even detach eggdrops with specific TCL scripts inside separate screen sessions.

The most useful use of screen of course is to open multiple SSH sessions to different server nodes and keep permanently logged in on hosts by detaching the screen session.

I can think of 3 main advantages of using ssh inside single screen session:

1. At any time you can login to just one server instead of (for exmpl. 10 servers), and use this one server as a reference through which you can "stuntly" check statuses of all 10 hosts with no need to login 10 times via SSH or with a Putty client (if logging from Windows)
 
 2. If you're using unstable often interrupted lets say modem (dial up) line to connect to the Internet and you need continuation of previously interrupted SSH ssh login due to interrupted connection

 3. You can save a lot of time and effort of typing passwords multiple times at ssh login prompts 
 

Of course there are disadvantages too;

From security point of view it is a weak practice to keep logged in to multiple servers via SSH from one single screen session. If someone sniffs user password with which screen is started and attach to the screen session he will suddenly be granted to access to 10 more servers! 
Anyhow for  lazy people who believe to maintain high security policies, e.g.:

 a. do not login to SSH sessions from Windows hosts
 b. use some kind of UNIX / Linux / BSD based OS
 c. login from a host used only by a single person
etc. etc. ,  keeping screen detached with multiple sshs might save you a lot of time; this is especially if you have to login 10 times to the servers a day changing location – lets say if you use (notebook and travel a lot).

GNU screen also understands some commands, which can configure the Shell Prompt of it as long as color gamma of main and sub-screen (virtual) sessions. To have a screen shell prompt outline and blue color gamma as in the picture in beginning of my post you can download and use my .screenrc into your ~/.screenrc i.e.:

pcfreak:/~$ cd ~
pcfreak:/~$ wget -q https://www.pc-freak.net/files/.my-screenrc
pcfreak:/~:$ mv .my-screenrc .screenrc
 
Another good screenrc configured to make your screen sessions more user friendly is here.

Below I include a screenshot on how screen sessions looks like, whenever above "user friendly screenrc" is used:

Screen custom screenrc in gnome terminal Debian Squeeze Linux screenshot
 It might be helpful to mention, there are newer piece of soft with richer screen functionality one of those newer virtual window managers (alternative to GNU screen) is byobu. I've tested byobu myself and I feel
  
Sometimes, when a screen session is interrupted, because screen running host is restarted or shutdown, dead screen sockets remain.

pcfreak:~$ screen -list
25542.pts-28.pcfreak (Dead ???)

1636.pts-21.pcfreak (Attached)

In case you see some screens, like this you should use screen -wipe to cleanse socket pointing to already non-existing screen:

pcfreak:~$ screen -wipe

Screen has plenty of other command shortcuts, all of them are starting with a key combination of CTRL + a + )some kbd letter)

CTRL + a + aDoes switch between first and last screen open windows

CTRL + a + HTurns screen log on for active screen session

Ctrl + a + mTurns (on/off) screen monitoring for activity of a screen shell (useful if you left kernel, openoffice or some huge app to compile

CTRL +a + _Turns monitoring and reports outside of screen session if a running shell inside screen is not active for more than 30 seconds

CTRL +a + shift + SIs very handy as it splits the screen between all logged in active screen sessions (Use control CTRL + a + tab to switch between splitted windows)

how to GNU Screen split windows Linux gnome-terminal shot

Ctrl + a + x locks the screen, in the same fashion as Screen Lock is done inside a GUI environment GNOME, KDE etc. Once pressed it can be unlocked after you type in your user pass. This is very handy if you have to go to toilet and you don't want your colleague to snuff in your console 🙂
 

It is also possible to switch between screen sub-virtual windows using:

CTRL + a + (number starting from 0), e.g.:

CTRL + a + 0
CTRL + a + 1
CTRL + a + …
CTRL + a + 9

There are plenty of other helpful functionalities which you might want to look in the manual (man screen) – check in the manual section DEFAULT KEY BINDINGS section

P. S.  – Some of screen keybindings, does not work in gnome-terminal and konsole and other terminal clients which already had a key bindings set to CTRL + a + whatever key. If that's the case you can change screen assigned keybindings through .screenrc

If you google around you will find a dozen of tricks you can do with screen, since my only goal of this article

History of Belarus in 5 minutes – Learn a lot for Belarus in short time

Tuesday, October 30th, 2012

I've been recently interested in Belarusian History. I found few very interesting videos in youtube, so decided with people who want to learn more about Slavonic Culture. Belarus is a Slavonic culture and old Belarusian language dates back to Ancient Bulgarian traditions. Also Belarusian Ancient language includes a lot of Slavonic Ancient Bulgarian words. As a Bulgarian it is very interesting to me too the severe impact that our Great Bulgarian nation had on Slavonic Nations and Russians. Belarusians both lingually and culturely are very close to us Bulgarian. Orthodox Christian faith which later spread in Belarusian lands, has also been transferred from Bulgarian and Serbian lands to Belarus. After the pupils of Saint Cyril and Methodius, spread Slavonic alphabet in nowdays Romanian lands, Moldova and Belarus.
The first below video Belarus History in 5 minutes has a genuine video and musical arrangment. It was quite interesting to me, find out Belarussian people had a long known tradition in Musical Instruments and Folklore Music. Nowdays they produce also a great Gothic Music, just like most of celtic nations 🙂

History of Bulgarus in 5 minutes – Aristic short presentation lesson on Belarussian history


0:02
At first, there was nothing

 

0:03
now there’s a lot of everything

 

0:04
we have to thank God for that

 

0:06
He created our world in the freestyle genre

 

0:09
He said, "Budzma" (“So be it!”)

 

0:10
and Our Land appeared.

 

0:11
Ichthyosauri and other dragons…

 

0:13
in the beginning, we lived in the ocean

 

0:15
but then we left the bosom of the sea

 

0:17
and started to be called the Neuri.

 

0:19
From the earliest times

 

0:21
the Neuri could turn into wolves

 

0:23
that was a customary thing for them…

 

0:26
Žycien, Piarun, Dažboh, and Svaroh

 

0:28
our ancestors believed in heathen gods

 

0:30
but Christianity already knocked on the door.

 

0:34
Let’s know our roots! The Belarusians, the daring people!

 

0:38
In the year 862 of our era

 

0:41
the city of Polacak was mentioned for the first time

 

0:43
There, St. Safija Cathedral was build

 

0:45
(there’re only three such churches in the world)

 

0:47
Local Prince Usiaslau Caradziej

 

0:49
was a cool personage; Listen what I say!

 

0:51
St. Jefrasinnia lived in Polacak

 

0:53
the memory of her is cherished down the ages

 

0:56
The famous cross was made for her

 

0:58
(it wasn’t just super, it was marvelous)

 

1:00
but during WWII, it was lost

 

1:02
and now it’s our own grail

 

1:04
Let’s continue, let’s march ahead

 

1:07
The time of Grand Prince Mindouh came

 

1:09
and here we must remember that

 

1:11
Belarus was called Litva then

 

1:13
or rather – the Grand Principality of Litva

 

1:15
its coat of arms was Pahonia (pursuit)

 

1:16
it had a formidable army

 

1:17
Our capital Vilnia was founded by

 

1:19
Grand Prince Hiedymin

 

1:21
the legend says he had a dream about an iron wolf…

 

1:24
Wikipedia describes this event

 

1:26
Let’s know our roots!

 

1:28
The Belarusians, the daring people!

 

1:31
The year 1362

 

1:34
The sword is drawn; flags flutter in the wind…

 

1:36
In the Battle of Blue Waters

 

1:38
our army defeated three Khans of the Golden Horde

 

1:41
and the Grand Principality of Litva suddenly

 

1:43
became the largest country in Europe

 

1:45
Let’s continue, let’s march ahead.

 

1:47
Vitaut reigns in the Grand Principality

 

1:49
The Teutonic Order threatens us.

 

1:51
The Battle of Grunwald shows who’s right

 

1:53
Vitaut and Jahajla, King of Poland

 

1:55
junked the Crusaders like scrap metal

 

2:00
Francysk Skaryna was a tough guy

 

2:02
he went to study abroad

 

2:04
He was the first who printed the Bible

 

2:06
in the Old Belarusian language in Prague

 

2:08
Our warriors were tough men, too

 

2:11
they defeated the Moscow Army near Vorsa

 

2:13
in the year 1514

 

2:17
In the meantime, the Grand Principality of Litva

 

2:19
accepted its constitution – the Statute of the GPL 1588

 

2:21
In the Battle of Kircholm, we defeated the Swedish army

 

2:24
Apparently, you didn’t know this fact before.

 

2:26
Let’s know our roots!

 

2:28
In the city of Mahilou

 

2:30
7,000 invaders were killed in the fight

 

2:32
Who were these invaders? Well, these … from the East

 

2:34
representatives of the "brotherly" Russian nation

 

2:37
They were called Muscovites then.

 

2:38
And there’s already a new state

 

2:40
the Polish–Litvian Commonwealth

 

2:43
For some reason, it irritated all the neighbors

 

2:45
The three partitions of this Commonwealth

 

2:47
and we were divided between three states

 

2:49
The biggest part was occupied by Russia

 

2:51
It engendered discontent among the nobility

 

2:53
and Tadevus Kasciuska appears on the scene

 

2:56
It’s necessary to remember this name because

 

2:58
he was a great revolutionary

 

3:00
for liberty, equality and fraternity

 

3:02
he struggled even in the United States

 

3:04
but the Russian Tsar cast him into prison

 

3:06
Let’s know our roots!

 

3:10
During Napoleon’s war

 

3:13
the Belarusians fought with the Belarusians

 

3:15
and in 1863 there was a new rebellion

 

3:20
Kastus Kalinouski, a patriot of Belarus

 

3:24
and his peasant soldiers – "kasiniery"

 

3:25
struggled for independence

 

3:26
but he was caught and hanged in Vilnia

 

3:30
The world enters the 20th century

 

3:32
It’s necessary to revive our culture!

 

3:34
Bahusevic, Bahdanovic, Kupala and Kolas

 

3:36
Lastouski, Luckievic… Many people!

 

3:39
Dozens and dozens of outstanding names…

 

3:41
but the Red Revolution is approaching fast

 

3:45
Well, in the terror of the Revolution

 

3:47
a new state with a beautiful name was born

 

3:49
the Belarusian People’s Republic

 

3:51
We still celebrate the day it was proclaimed

 

3:54
But suddenly, out of the blue

 

3:56
another Republic was installed here

 

3:58
its name wasn’t romantic at all

 

4:00
Belarusian Soviet Socialist Republic.

 

4:02
The 1920s. We remember that time

 

4:04
Belarusianization is everywhere

 

4:06
Writers publish their excellent works

 

4:09
Viciebsk artists create their chefs-d’oeuvre…

 

4:11
This process was stopped

 

4:12
in the year 1937

 

4:14
the blood purge began.

 

4:15
After that, one more hell – WWII

 

4:20
There were invaders, there were partisans

 

4:21
the country was torn apart again…

 

4:24
The Belarusians fought with the Belarusians again

 

4:26
shedding each other’s blood

 

4:30
The war is over! No need to fight!

 

4:32
There’re cosmonauts flying in the sky

 

4:34
Maserau, it’s time for you to speak!

 

4:36
Piesniary, it’s time for you to sing!

 

4:39
Barys Kit, make your discoveries for NASA

 

4:41
and we keep living in our country

 

4:43
which name now is the Republic of Belarus

 

4:45
We’ve got our ensign and national emblem

 

4:47
we sing our songs and read our poems…

 

4:50
the year 1991…

 

4:51
Let’s know our roots!

 

4:54
The Belarusians, the daring people!

 

4:56
We stop here, but now it’s your time

 

4:58
All of you can write your own continuation…

 

5:00
Let’s know our roots!

 

5:02
The Belarusians, the daring people!

 

5:04
Let’s know our roots!

 

5:06
The Belarusians, the daring people!

 

5:09
Budzma viedac svoj rod!

 

5:11
Salony narod, Bielaruski narod!

 

History of Belarus Гісторыя Беларусі Historia Białorusi _ – 8 minutes video explaining in short Belarusian etymological roots

Ancient Musical Instruments of Belarus

Most importantly, nowdays Belarus still hold the light of Orthodox Christian faith, just like us Bulgarians. Spiritually Bulgaria and Belarus is united in our Orthodox Christian faith. This summer, I had the blessing many Belarusians in Pomorie Monastery (An Orthodox monastery located in the Black Sea sea coast (near Burgas) in Bulgaria). I've been amazed by the faith and spirituality Belarusians still hold even in this "dark times" of Christian faith decay and increased ungodliness.

History of Belarus (A 10 minutes short History of

Make custom installed Mozilla Firefox restore tab sessions on Debian GNU / Linux

Tuesday, October 30th, 2012

How to make custom installed Firefox restore tabs on browser close up - firefox restore website windows sessions

As my blog readers might, know I'm running Debian Squeeze on my notebook as a Desktop OS. Until some time I used to be a big fan of Epiphany but lately I started not using Epiphany so much because of its too frequent crashes while browsing a website that contains Flash. The problem of course is not in Epiphany itself but in the flash but still, as this is really disturbing if someone works, I nowdays use only Firefox. I tried for a while to use IceWeasel, but IceWeasel (Firefox) version is too old:

hipo@noah:~$ iceweasel –version
Mozilla Iceweasel 3.5.17, Copyright (c) 1998 – 2011 mozilla.org

Thus I use a custom download binary release from Firefox's website the one distributed as of time of writing post in archive firefox-16.0.2.tar.bz2

One of main advantages of installing the custom binary from Firefox, website is it auto updates and I'm always running the latest Release on myLinux Desktop, something IceWeasel still doesn't.

My current firefox version is:

hipo@noah:/opt/firefox$ /opt/firefox/firefox –version
Mozilla Firefox 16.0.2

All works fine with it, except two little things;

  • One is Firefox development team compiled the Browser to still use OSS and not the newer and used almost by all programs ALSA (Advanced Linux Sound Architecture) – something that is unfortunately irreversalble
     
  • Secondly  (which is the reason to write this) Firefox Linux version – doesn't by default Restore closed browser open tab websites! – e.g. session restore in those Firefox version is not working.

In Windows Firefox usually asks, while closing the whole browser, if the user wants to Save Browser Session, on the Linux version this is not default behavior, maybe developers have to answer why?

I was not sure if this would work but I went googling about a plugin to make Firefox Restore Sessions and tried installing first query matched FF plugin Session Manager

I was a bit sceptical that this would work

and actually just intalling the plugin didn't changed Firefox to save websites open in tabs on a close. After however I configured the plugin from FF menus:

Tools -> Session Manager -> Session Manager Options Tab restoration in Firefox worked

In below screnshot from Session Manager Options you can see my exact selected settings


Well that's all, finally I can remember what I had my browser before PC shutdown 🙂

Install Acer Aspire notebook 5100-5023 Windows XP 32-bit Drivers – Fixing problems with Wireless, Video and TouchScreen

Tuesday, October 30th, 2012

Acer Aspire 5100 - 5023 Windows XP drivers download, acer aspire laptop picture

 

I had to fix one old notebook computer Acer Aspire model 5100 – 5023.
The PC was preloaded with Windows 32 bit XP by someone but the drivers were not installed. I tried installing the drivers downloading them from Acer.com's website drivers download section from here . However the PC in question as it was writen on the vendor sticker was not 5100 but some kind of 5100 modification laptop. Some of the few differences between Acer Aspire 5100 and Acer Aspire 5023 are 5100 is bundled with Camera and a TV Tuner, whether 5100-5023 is without WebCam and TV Tuner.

The most important drivers I've downloaded rom Acer.com's for me was the Wireless Adapter drivers, because without internet on it takes time downloading drivers from my notebook and moving them via an USB stick … I've downloaded drivers for Wireless as provided by website (Wireless_Atheros_5.3.0.67) but installing them though I didn't get any error and the drivers brought up the Wireless Adapter, somehow I couldn't connect to any wireless network protected with WPA2-PSK key (passphrase) encryption. The Windows XP installed by somebody before I received the laptop for repair was Service Pack 2 (SP2) and latest stable Win XP is with SP3 as well as a bunch pack of updates after SP3 so updating Win XP SP2 to Win XP SP3 would have probably take more time than a clean re-install. Besides that the Computer did not have any information to backup as it was bundled with a fresh Win XP SP2 so formatting was not a problem either.

Thus Ire-installed over OS, formatting with Quick Format and a clean latest Windows English XP SP3 .

After re-installing it took me a while of pondering until I figure out what drivers I need to install, I knew for sure there might a problem with Wireless Adapter as on the previous WIN XP installed it did not work. So before proceeding to download all for Acer Aspire 5100 from acer.com's website, I first used Everest 2.20 Home edition to check the exact PC hardware Vendors and consequentially look for the correct WI-FI driver. Everest identified the Wireless Adapter as

  • Atheros_AR5005G_Wireless_Network_Adapter_NE785H

so I looked on the Net for the driver. Actually there are some other brand notebooks which also come bundled with NE785H (i.e. Asus, HP). First I couldn't find correct driver for Acer and give a try installing a NE785H driver for Asus notebook this did not make the WI-FI work correctly, so after a further investigation I found Wireless NE785H 32 bit Windows XP driver for Acer laptops a mirror of is here

After installing this driver, I've downloaded all the rest of drivers from acer.com's website, for convenience of people who look for same Acer Aspire 5100 – 5023 drivers please check my drivers mirror here

For convenience, I've made also a Acer-Aspire-5100-5023-XP_Drivers.tar.gz archive of all drivers for Aspire 5100 – 5023  notebook here (Archive size is 256MB).

Two important notes to make here is I had a severe problem with the notebook touchscreen and for a long time I thought TouchScreen device is not working because of improperly intstalled driver (in Drivers provided by Acer.com there are two drivers provided for two different TouchPad devices – (Synaptics and Elantech). I tried installing them one by one and both together but in any case the TouchScreen did not react but keep hanging – fixing it was as simple as pressing simultaneously FN + F7!

Also another obstacle, I've faced was with the Video Card the notebook is with Integrated ATI Radeon Xpress 1100 as visible in Everest, drivers. In list of drivers on acer.com's website there was not a VGA driver for XP? This was puzzling so I googled and found few ATI Radeon Xpress 1100 drivers for other notebook vendors just like with Wireless. Downloading and testing other vendors drivers seem to install well but inside Control Panel -> System (Device Properties) -> Peripherals  Video Card was with yellow questionmark (not properly working) …

It took me a while to figure it out but later it appeared for Windows XP VGA drivers for Aspire 5100 – 5023 (ATI Radeon Xpress 1100) are there under the not so intuitive name Chipset_ATI_8.251.060427_XPx86.zip. Updating the improper driver inside System -> Peripherals -> Video Adapter with the one from the zip made the Video card finally work 🙂
With rest of PC hardware drivers, there was not issues, I just had to install as usual all rest from vendor ZIPs:

Audio_5_10_0_5273.zip
BTW_5_1_2535_0_utility_1500.zip
CPU Driver Ver.1.3.1.0.zip – For improved CPU work
FIR_SMC_5.1.3600.7_XPx86.zip – Infrared support and card reader
MODEM_Foxconn_7.62.0.0_XPx86.zip – for Integrated Foxconn Modem Wireless LAN_Broadcom_4.100.15.5_XPx86_A.zip – Driver for 5100's lancard
Bluetooth_Broadcom_5.1.2535.0_XPx86.zip – Driver for bluetooth device

Lastly as an article close up if you're living on the territory of The Netherlands (Arnhem , Nijmegen or the near cities) looking for a very Cheap repair (50 to 70 EUR) of your Windows OS PC or notebook contact me 🙂


How to check about infected files in clamav log files

Tuesday, October 30th, 2012

How to check about infected files in clamav log files

I've just run clamav with low priority to check the whole drive of a server for infected files Phpshells and other unwanted script kiddie tools. This was part of my check up if the server is compromised, after yesterday's unexpected cracker break in one of our company servers

# nice -n 19 clamav -r /* -l /var/log/clamav-scan.log

This exact server has about 100 Gigabytes of data all contained on one hard disk partition;, thus check up of all files took a few hours. clamav is relatively slow, compared to DrWeb or nod32. But since I'm not in a hurry plus, we can't afford to spend some extra money to buy AV just for one scan I left it scanning in a separate screen sesion.

clamscan execution put some extra load on the server (which btw is used mainly for processing a multitude of SQL queries and provides some HTTP access to few websites via Apache server. After the scan was completed I ended up with enormous very clamav log file, listing all scanned files:

I checked the file content in vim, but as reviewing 119MB of log line by one! – is unthinkable task, e.g.:

debian:~# du -hsc /var/log/clamav_scan.log
119M /var/log/clamav_scan.log
119M total

I did quick review of clamav_scan.log and tailing it displays me::

# tail -n 10 /var/log/clamav_scan.log
----------- SCAN SUMMARY -----------
Known viruses: 1270572
Engine version: 0.97.3
Scanned directories: 18927
Scanned files: 221445
Infected files: 44
Total errors: 287
Data scanned: 12457.43 MB
Data read: 97007.10 MB (ratio 0.13:1)
Time: 1842.362 sec (30 m 42 s) 

Thus I needed a way to not read screen by screen all by screen to see what was detected as Infected Files, but just show only infected files found by clamav.

I didn't know how this done, so did a quick search in Google and found the question how to only grep infected files from clamav.log  answered in Clamav-Users Mailing List read whole thread here

The thread suggests using:

[root@mail clamav]# cat clamd.log | grep -i "found"

Since cat-ing the log is worthless however it is much better to only do grep "found"  clamd.log or as in my case file is clamav_scan.log do:

# grep -i 'found' /var/log/clamav_scan.log

/usr/share/clamav-testfiles/clam.bz2.zip: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.d64.zip: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.ppt: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.tnef: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam-aspack.exe: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.exe.rtf: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.7z: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam_IScab_ext.exe: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.odc.cpio: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.newc.cpio: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.pdf: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam-wwpack.exe: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.ole.doc: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.cab: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam-mew.exe: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam-petite.exe: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.sis: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam-fsg.exe: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.exe: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam_cache_emax.tgz: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.exe.bz2: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam_ISmsi_int.exe: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.exe.szdd: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.chm: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.arj: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam_IScab_int.exe: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.ea05.exe: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.tar.gz: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.exe.html: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.exe.binhex: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.impl.zip: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam-upack.exe: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.bin-be.cpio: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.mail: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.exe.mbox.uu: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.zip: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam-nsis.exe: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam_ISmsi_ext.exe: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam-yc.exe: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.bin-le.cpio: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam-upx.exe: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam-pespin.exe: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.exe.mbox.base64: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.ea06.exe: ClamAV-Test-File FOUND
 

Surprisingly all the "Infected" files turned to be a regular clamav scan (virus, spyware badware testfiles – i.e. clamav just use this file to check its database definitions works okay). Thus the supposingly  Infected files: 44 turned to be just another false positive.

Actually this grepping and logging of all scanned files, nevertheless they're not infected is completely useless. Thus it would have been much better if instead have run clamscan with cmd options:

debian:~# clamscan -r /* --infected

I hope ppl reading this article wouldn't repeat my "mistake".
In mean time after this thing here, maybe it will be a good idea to schedule 2 weeks or 1 months period clamscan of whole file system to make sure someone doesn't uploaded some malicious PHPShell script, exploit or other unwanted stuff.

Captured crackers sslog mysqljackpot MySQL bruteforcer tool / exploit – Xzibit Rootkit and HIDDEN Processes Found: 1 False Positive reports

Monday, October 29th, 2012

XZibit false positive .depend.boot mysqljackpot script kiddie mysql admin user bruteforcer tool and 3 scenarios on how a server could have been hacked
I've noticed some kind of script kiddie gained access somehow on one of the servers, I administrate. A MS-SQL Scanner tool called sslog, was downloaded in tmp and run with root user credentials.

The cracked victim host is running Debian Linux Squeeze and last security update, I've made about few months ago. Inside /tmp/.a/ directory, I've found 0day MS-SQL scanner called mysqljackpot. Maybe the tool is still private exploit scanner because on the Internet I couldn't find it anywhere.:

# ls -al /tmp/.a
total 52
drwxr-xr-x 5 root root 4096 Oct 29 01:10 ./
drwxrwxrwt 10 root root 36864 Oct 29 14:46 ../
drwxr-xr-x 3 root root 4096 Oct 27 21:46 mysqljackpot/
drwxr-xr-x 3 root root 4096 Oct 28 16:58 new/
drwxr-xr-x 3 root root 4096 Oct 29 12:48 pass-multe/
# ls -al /tmp/.a/new/
total 12
drwxr-xr-x 3 root root 4096 Oct 28 16:58 ./
drwxr-xr-x 5 root root 4096 Oct 29 01:10 ../
drwxr-xr-x 3 root root 4096 Oct 29 00:58 mysqljackpot/

After further investigations, I've realized ./sslog is actually a frontend scanner program (Synscan 5.02):

root@host:/tmp/.a/new/mysqljackpot/scanner# ./sslog
Synscan 5.02 (http://www.digit-labs.org/files/tools/synscan/)
by John Anderson ,
Neil Kettle .
./sslog: getuid(): UID or EUID of 0 required

As you see in order for the scanner to run it requires to be root with superuser privileges.

mysqljackpot is actually a brute force tool which as explained in a file (README.mysql), found in its directory :

Here is content of README.mysql:

MySQL Login Scanner
By Kingcope
REQUIRES A FAST SCANSERVER!!! DONT TRY TO RUN THIS FROM A SLOW CONNECTION! ***

Scans for open mysql servers with the following credentials:
root <nopass>
root mysql
root root
admin <nopass>
admin admin
admin mysql
mysql <nopass>
mysql mysql

Runs on linux.
Requirements: mysql development libraries and headers
Compile (try one of the following depending on your system):
$ ./configure LIBS=-lmysqlclient
OR
$ ./configure LIBS="-L/usr/lib/mysql" -lmysqlclient
OR
$ ./configure LIBS="-L/usr/lib64/mysql" -lmysqlclient
OR
$ ./configure CFLAGS="-lmysqlclient"

afterwards type

$ make linux

Run:
terminal 1:
./sslog -v
terminal 2:
./synscan -b <ip block> -p 3306

Inspect Logfile "mysqljack.pot" for open servers.
 

There is one other README in /tmp/.a/new/mysqljackpot/README, here is what I found in it:

less README
Oracle MySQL on Windows Remote SYSTEM Level Exploit zeroday
All owned By Kingcope

Installation Instructions
=============================

1. Install mysql client libraries and headers (UNIX)
RedHat based (e.g. CentOS):
yum install mysql mysql-devel

2. Compile the standalone exploit
issue commands:
gcc mysqljackpot.c -o mysqljackpot -L/usr/lib/mysql -lmysqlclient

3. Compile the reverse shell payload (this is required!)
required because the connect back ip and port are hardcoded in the dll:
use mingw on windows or wine
change REVERSEIP and REVERSEPORT to suit your needs. If you change REVERSEPORT you have
to change the port in mysqljackpot.c too (default port: 443).
issue commands:
set PATH=%PATH%;c:\MinGW\bin\
gcc -c payload.c
gcc -shared -o payload.dll payload.o -lws2_32
copy the payload.dll into the mysqljackpot exploit folder

4. Run The Exploit
./mysqljackpot -u root -p "" -t 99.99.99.99
A valid database admin user and his password are required
for the exploit to work properly.
This exploit is especially useful when used in connection
to a MySQL login scanner, see scanner/README.mysql inside this package.
Be sure to have the firewall open on the desired reverse port
on the attacking machine.

5. Enjoy your SYSTEM Shell!!!

Yours Sincerely,

— Kingcope
 

 

Here is also the header from mysqljackpot.c mysql username brute force tool:

/* Oracle MySQL on Windows Remote SYSTEM Level Exploit zeroday
 * Copyright (C) 2012 Kingcope
 *
 * Thanks to danny.
 */
 

After thinking over the security breach I thought of  few scenarios on how the attacker entered and run as root superuser. One is;

  •   Cracker entered directly via SSH after sniffing somehow the root password.

After however, a review of last cmd, I've concluded this case is not very likely, e.g.:

# last |grep -i root

did not found any logs, of unusual root logins, neither there seem to be any unusual activity with logins with other non-root users. Of course it is possible someone logged in as root and used some tool to clean, his tracks with some kind of user log-cleaner tool like the one I've written in past in bash this doesn't seem very likely however because. It seem the /tmp/.a/, directory was created by some amateur script kiddie, a professional one would create some a bit smarter directory like for example just few empty spaces , i.e. would create it with, lets say::

# mkdir "   "

instead of the so trivial

# mkdir /tmp/.a/

Also the name of the directory containing the script kiddie tool /tmp/.a is not selected intelligently, but just done in a hurry, hence I even assume /tmp/.a, is created by some automated SK tool writen in hurry by some Romanian SK Cracker 🙂

On the host there was webmin and usermin running. So;

  • my second assumption was it could be someone sniffed a login password via encrypted SSL connection, whether the root logged in via webmin, or somehow exploited usermin (though I should say usermin (which listens by default on port number 20000)
     

TCP port 20000 on which usermin listens by default is filtered by an iptables rules for all hosts incoming connections, whether webmin logins are permitted only from few IP addresses. Thus this scenario, though more possible than a direct SSH login with root sniffed password still seems to me not very probable.

  • Therefore as a third scenario (most likely what happened), I assume some of the PHP forms on the server or some other undefined PHP excecutable via Apache variable script was missing definition.

 

Actually saw in /var/log/apache2/error.log plenty of re-occuring warnings of existing undefined variables:

[Mon Oct 29 16:30:43 2012] [error] [client 213.149.142.73] PHP Notice:  Undefined variable: not_assign in /home/site_dir/www/modules/start.mod.php on line 121, referer: http://site-domain-name.com/start?qid=3&answered_id=4
[Mon Oct 29 16:30:43 2012] [error] [client 213.149.142.73] PHP Notice:  Undefined variable: counter_cookie in /home/site_dir/www/modules/start.mod.php on line 130, referer: http://site-domain-name.com/start?qid=3&answered_id=4
[Mon Oct 29 16:30:43 2012] [error] [client 213.149.142.73] PHP Notice:  Undefined variable: campaign_cukie in /home/site_dir/www/modules/start.mod.php on line 135, referer: http://site-domain-name.com/start?qid=3&answered_id=4
[Mon Oct 29 16:30:43 2012] [error] [client 213.149.142.73] PHP Notice:  Undefined index: actions in /home/site_dir/www/counter/count.php on line 11, referer: http://site-domain-name/start?qid=3&answered_id=4
[Mon Oct 29 16:30:43 2012] [error] [client 213.149.142.73] PHP Notice:  Undefined variable: flag2 in /home/site_dir/www/counter/count.php on line 52, referer: http://iqtest.bg/start?qid=3&answered_id=4
 

Taking this in consideration, I assume the attacker, entered the system finding about the undefined variables, defining them and somehow achieving access to the www-data Apache user shell, and through this shell running some 0day Linux kernel exploit to gain root access and download and install mysqljackpot exploit scanner tool.

Logically as it is common in situations like this, I used rkhunter, chkrootkit and unhide tools to check if the server's main binaries and kernel modules are compromised and is there a rootkit installed (earlier written a post on that here)

In short to do checks, installed rkhunter, chkrootkit and unhide with apt-get (as this is a Debian Squeeze server):

apt-get install --yes rkhunter unhide chkrootkit
….

 

Afterwards run in a row:
 

# for i in $(echo proc sys brute); do unhide $i; done
....
......
# chkrootkit
...
.....
# rkhuter --check
...
....

Reports, of the three ones are like so:

Unhide 20100201
http://www.security-projects.com/?Unhide

[*]Searching for Hidden processes through /proc scanning
# for i in $(echo proc sys brute); do unhide $i; done

[*]Starting scanning using brute force against PIDS with fork()

Unhide 20100201
http://www.security-projects.com/?Unhide

[*]Searching for Hidden processes through kill(..,0) scanning

[*]Searching for Hidden processes through  comparison of results of system calls

[*]Searching for Hidden processes through getpriority() scanning

[*]Searching for Hidden processes through getpgid() scanning

[*]Searching for Hidden processes through getsid() scanning

[*]Searching for Hidden processes through sched_getaffinity() scanning

[*]Searching for Hidden processes through sched_getparam() scanning

[*]Searching for Hidden processes through sched_getscheduler() scanning

[*]Searching for Hidden processes through sched_rr_get_interval() scanning

[*]Searching for Hidden processes through sysinfo() scanning

HIDDEN Processes Found: 1
Unhide 20100201
http://www.security-projects.com/?Unhide

Found HIDDEN PID: 4994
Found HIDDEN PID: 13374
Found HIDDEN PID: 14931
Found HIDDEN PID: 18292
Found HIDDEN PID: 19199
Found HIDDEN PID: 22651
[*]Starting scanning using brute force against PIDS with Threads

Found HIDDEN PID: 3296
Found HIDDEN PID: 30790

# chkrootkit -q

/usr/lib/pymodules/python2.5/.path /usr/lib/pymodules/python2.6/.path /lib/init/rw/.ramfs

# rkhunter –check

System checks summary
=====================

File properties checks…
    Files checked: 137
    Suspect files: 0

Rootkit checks…
    Rootkits checked : 245
    Possible rootkits: 2
    Rootkit names    : Xzibit Rootkit, Xzibit Rootkit

Applications checks…
    All checks skipped

The system checks took: 1 minute and 5 seconds

All results have been written to the log file (/var/log/rkhunter.log)

One or more warnings have been found while checking the system.
Please check the log file (/var/log/rkhunter.log)

 

Reports from unhide and chkrootkit,  not seem troubling, however I was concerned about the report from rkhunter – Rootkit names    : Xzibit Rootkit, Xzibit Rootkit.

To get some more info on why chkrootkit, thinks, system is infected with Xzibit (which by the way is an artistic alias of a RAP singer from the 1980's 🙂 I check in /var/log/rkhunter.log

 

# grep -i xzibit /var/log/rkhunter.log
[16:52:48] Checking for Xzibit Rootkit...
[16:52:48] Xzibit Rootkit                                    [ Not found ]
[16:52:56]          Found string 'hdparm' in file '/etc/init.d/hdparm'. Possible rootkit: Xzibit Rootkit
[16:52:56]          Found string 'hdparm' in file '/etc/init.d/.depend.boot'. Possible rootkit: Xzibit Rootkit
[16:53:01] Rootkit names    : Xzibit Rootkit, Xzibit Rootkit
 

Onwards I checked content of hdparm and .depend.boot and there I don't see nothing irregular. They both are files from legitimate Debian install, I've checked if they belong to a deb packages as well if they are existing on other Debian Squeeze servers I administer as well as on my Debian Desktop notebook, everywhere they're present, hdparm is part of hdparm deb and .depend.boot is loaded by /etc/init.d/rc script, containing some user string references:

# grep -rli .depend.boot *
rc
 

# dpkg -S /etc/init.d/hdparm
# hdparm: /etc/init.d/hdparm
  /etc/init.d/.depend.boot
# dpkg -S /etc/init.d/.depend.boot
dpkg: /etc/init.d/.depend.boot not found.

 

Another troubling thing was unhide's return:

HIDDEN Processes Found: 1

 

After a close examination of the system as well as research on the internet, I've figured out this is also a false positive. For sake of not distributing, Script Kiddie tools, which might put in danger other system administrators I will not put a download link to mysqljackpot publicly. Anyways if someone is willing to have it for study purposes, just drop me a mail and I will post you temporary download link to it.

 

Also as webmin and usermin is not frequently used, I've decided to completely stop and disable them to load on boot.

I've done also a clamav scan with (lowered priority) over the whole file system with:

# nice -19 clamscan -r /*

in order to determine, if there is no PHPShell or some kind of other remote admin Script kiddie script in perl / php etc. installed.
Tomorrow, I will continue investigatin what is happening and hopefully once I got, how the abuser entered the server will update this post.

Fix unworking Acer Aspire 5100 TouchPad / Turn on, turned off Acer Aspire 5100-5023 TouchPad

Monday, October 29th, 2012

Acer Aspire TouchPad on modem 5100 5023 how to fix weird touchpad hang up fix not working aspire 5100 touchpad
 

I have a task to fix one Acer Aspire 5100 Also known as Acer Aspire 5100-5023. After re-installing Windows XP on the notebook, I've downloaded correct laptop touchpad drivers as provided by acer.com's website here (TouchPad Section).There inside the ZIP, I've run all the 3 installers provided by Touchpad Driver Synaptics 8.2.19.0 .zip (e.g. Setup.exe, Elantech/setup.exe, Synaptics/Setup.exe).

When all installations were completed, after each one I had to do the standard restart.

For my surprise after Windows boot while testing TouchPad (scratching over it) the TouchPad moved the Mouse Pointer but, after a sec it stopped responding. This is the first time I face such problem so, my guess was either something is wrong with TouchPad Driver or / and the Driver is broken.

To make sure all is fine and driver show properly installed I checked if it is showing correctly installed in:

Control Panel -> System -> Hardware ->Device Manager

There all seem normal under:

Mice and other pointing devices menu I can see

PS/2 Compatible Mouse

Having this situation as you can guess I re-install TouchPad with a couple of driver versions , this not helped either. So after a bit of search on the net. I've got the solution to not responding TouchPad pointed in this Q&A thread

Solution was as easy as just pressing Fn + F7 key. I guess by mistake someone while testing the Function keys on this laptop disabled TouchPad device. The owner of the laptop had no idea about function keys so he never thought of this causes the whole issue. It seems stupidly enough Acer made the laptop function key remember the Function key choice, even after computer restart (pressing Fn+somenumber probably sets some settings in BIOS, so on next boot the settings keeps saved). BTW it might be worthy say, even re-installing with brand new Windows XP does not change a previously set Function setting. Actually it is rather strange why vendors make touchpads possible to disable; I never heard of anybody willing to disable his TouchPad ….

Also I've some people suggest Fn + F6 as a fix to those weird freezed TouchPad Problem, but I believe this are just rumors. Well that's, if you have the same Free Unresponding TouchPad on Acer another Notebook brand name, just enable pressing Fn + F7 keys or whatever Fn + Fx is on the notebook model.
Hope this helps someone 🙂

The origin of English Words and The History of English in 10 Minutes / History of King James Holy Bible

Monday, October 29th, 2012

 


 

The Origin of English Words

 

 

The History of English in 10 Minutes

 

 

Though funny and sometimes ridiculous the second presentation is quite interesting for people interested in Antrophology; how English Country and Language established and most people who somehow influence the development of English language as we know it.

 

 

Mongrel Nation – origin of english language

I knew English language used to be a mixture of French, German and dead Latin, but never thought the origin of most words are so mixed up. Also the story with King James Bible is very interesting, I never knew King James Bible Version. So widely known as ( KJV ) has plaid so essential role for English as we know it. As the video points out KJV, played most essenail role in all English history for development of the modern English language. As with mostly all else in modern developed civilization it is Strong Christian faith which play a key role in formation of a development of modern civillized society as we know it. It is a pity nowdays most English people and Westerners forgot, how important the Holy Bible (Bible btw means Book of Books Bi-Ble) and earlier Church teachings and writings were in order to have a good safety life, good fed people which live in the Western Countries.
There was a good reason Why this Holy Bible translation still is referred as King James Bible. King James (19 June 1566 – 27 March 1625) was a very wise man (linguist and scientist) along with being a King of Great Britain France, Scotland and Ireland.

History of the King James Holy Bible version

Ancient English used to be called Anglo-Saxon English. The called Old English is part of the Germanic Languages group, so in theory nowadays should be much easier for a German, Dutch or some western person to speak English and understand its meaning than to people who belong to other main groups of languages like Slavonic Language group. Actually Slavonic Language group has also taken a multitude of words from German language, so situation with categorizing languages is not so clear to do. It was really interesting to me to learn Dutch Language is maybe in a way more close to primordial Original Anglo-Saxon English. This explains also how comes Dutch in general contains so much English in it and also so many English lingual structure  🙂

With all said, it is clear English as we know it just a mixture of words taken from languages around the world. Colonization that  Great Britain  did in past also played essential role for the inclusion of new words within English Language and Enriching the Language so much. It is also clear, how it come to be that the English is relatively easy to learn and flexible enough to become an International Language as it is today. There were also factors the Invasive character of Great Britain, the migration of many British and Germans to America continent the creation of the United States. And the raise of the US this all played important role in wide-spread of English. Most importantly the World Politics and the interests of certain people (Masonry and Royal Groups), development of modern science, Isaac Newton and the many scientists or (pseudo-scientists) that UK give birth to played an important role for making English popular.

While talking about impact of Christian faith to English, it is no strange Africa (continent countries) and the rest of the undeveloped or so called third world countries are in such a bad condition, because many of them had never had the chance of true spiritual enlightenment through faith in the Lord Jesus Christ. It is probably one of the reasons why western civilization was blessed to have a material goods advancement as a mean that those people help the poor and needy and spread the light of faith. Unfortunately now westerners can no longer spread the light of the faith because English Church is Anglican and is no longer in communion with the One Holy Apostolic Church – The Holy Orthodox Church. It is useful to say Anglican Church in its development as a separate Church did take some of its beliefs of Roman Catholics and some of beliefs from Protestant Reformation. I even red somewhere, the Anglican Church had a point in his history where some negotiations were made with (Greek Eastern Orthodox Church?) that Anglicans unite with the Eastern Orthodox Church. Pitily this never happened. But who knows maybe in future Anglicans will change back to the original Christian faith Orthodox Christianity.

Though King James Bible version, played important role in development of Englishman and English as we know it, some of the verses inside are translated so they correspond better to a protestant understanding of the Holy Bible than Orthodox or Roman Catholic. Besides that the bible contains less books (66 Books), whether the Orthodox Christian bible contains (77 Books).

Though missing some important books still the Bible included many new words and by letting the multitudes across Great Britain, Scotland, England and later new populated American lands it become the most rich words book for XVI th century. Thought some words in KJV are too much archaic for nowdays, the language of it is pretty close to modern English and 95% and more understandable by mostly anyone who speaks some kind of English. Because of its historical importance of forming the English Language. King James Holy Bible version is a great reading for anyone willing to learn some English. I myself has significantly improved my English by reading KJV.  Actually I believe for anyone interested in history and anthropology it is very important to study well Christianity. Christianity and faith in Christ played so huge role in our civilization development, that it is impossible for us to understand properly History and Civilization without knowing well Christian faith. I took some time to  read interesting facts related to King James Holy Bible so I found an interesting page prepared by some Christian enthusiasts which did a statistical analysis over King James Bible Content 🙂

The whole topic of Origin of Words is mostly the most important thing that should be taught at schools and universities today, as it helps us better to understand why our culture and civilization is the way we are. As long as I studied in Holland in Arnhem Business School, it is quite saddening to say nowadays Universities and modern science has so much forgot about its relation and origins to faith in God, that  even the little sort of anthropology I was told in Arnhem Business School – Human Resources and Quality Management (now known under the new official name IBS – International Business Studies) has absolutely nothing to do with real facts – the Christianity part (which is essential is totally missing).

With all said, Modern people want to have a partial truth and completely scratch out our modern civilization Christian origins. The Crisis which emerged is just a reflection of the great spiritual Chrisis and lack of faith in God that is more and more apparent this days.

 I've been lately more and more interested in Anthrophology and whether I learn a bit more I will share it here and hopefully it might be interesting to someone else too 🙂

God’s Power Will be with Us – A famour Christian Song performed in Bulgarian, Russian and Serbian Orthodox Churches

Friday, October 26th, 2012

Български Песнопения – Господи сил, с нами буди / Gospodi syl pomiluy nas – GODs POWER WILL BE WITH US (A Bulgarian Orthodox Church) song variant

Господи сил с нами буди – Gospod i sil s nami budi – GODs POWER WILL BE WITH US (Russian Orthodox Church) song variant

The Church lyrics in Modern Slavonic is:

Текст песни Господи сил с нами буди иного бо разве Тебе помощника в скорбех не имамы Господи сил помилуй нас Хвалите Бога во святых Его хвалите Его во утвержении силы Его Господи сил с нами буди Хвалите Его на силах Его хвалите Его по множеству велич, Хор Московского Сретенского монастыря:

Господи сил с нами буди,
иного бо разве Тебе помощника в скорбех не имамы:
Господи сил, помилуй нас.

Хвалите Бога во святых Его, хвалите Его во утвержении силы Его.
Господи сил с нами буди:

Хвалите Его на силах Его, хвалите Его по множеству величествия Его.
Господи сил с нами буди:

Хвалите Его во гласе трубнем, хвалите Его во псалтири и гуслех.
Господи сил с нами буди:

Хвалите Его в тимпане и лице, хвалите Его во струнах и органе.
Господи сил с нами буди:

Хвалите Его в кимвалех доброгласных, хвалите Его в кимвалех восклицания: всякое дыхание да хвалит Господа.
Господи сил с нами буди:

Хвалите Бога во святых Его, хвалите Его во утвержении силы Его.
Господи сил, с нами буди:

Слава: Господи, аще не быхом святыя Твоя имели молитвенники,
и благостыню Твою милующую нас:
како смели быхом Спасе, пети Тя,
Егоже славословят непрестанно ангели?
Сердцеведче, пощади души наша.

И ныне: Многая множества моих Богородице прегрешений,
к Тебе прибегох Чистая, спасения требуя.
Посети немощствующую мою душу,
и моли Сына Твоего и Бога нашего,
дати ми оставление, яже содеях лютых,
едина Благословенная.

Всесвятая Богородице, во время живота моего не остави мене,
человеческому предстательству не ввери мя:
но Сама заступи, и помилуй мя.

Все упование мое на Тя возлагаю, Мати Божия,
сохрани мя под кровом Твоим.

I don’t know if above Gospodi Sil s Nami Budit song which is in Church Slavonic – ( Ancient Bulgarian Language) has translation somewhere on the Internet but as far as I checked I couldn’t find any translation and hence I took some time trying to approximately translate, above included text I found on the Internet.

It is a bit hard for me and maybe I’m mistaken somewhere in the translation as I’m not understanding very well Church Slavonic but I hope the song will give a general idea, what this so beatiful song lyrics are approximately saying in modern English.


Text song the Gods Power will be with us, You we have as helper in our sorrows, Let God’s Power have mercy on us.
Praise him and and His Power, Praise Him becaues of his Great Mercies. – performed by Moscow’s Sretenski Monastery Church Choire

Gods Power will be with us … helper in our sorrows we have. God’s power will be with us
Oh Power / (force) of God, have mercy on us!

Praise (Glorify) the Lord in his holiness, praise him testifying his power.
God’s Power / (force) will be with us!

Glorify Him because of his power, Praise him because of his multitude of greatness-es.
Gods Power will be with us!

Praise (Glorify) Him with voice of trumpets, Praise him with Psalms and (pipes ?).
Gods Power will be with us!

Praise Him in (timpans and lices – not sure how this is translated – means other musical instruments?) – Praise him in strings and organs.
Gods Power will be with us!

Praise Him with cymbals and (good hearted?) voices, praise him, praise Him with exclamations: every living soul (exhalation) to glorify the Lord.
Gods Power will be with us:

Praise the Lord in all holiness, Praise Him in statement of his power.
Gods Power will be with us:

Glory: Oh Lord, If we do not have (byhom?) Your holy prayer books,
and the goodness of thy prayer books and the goodness of all saints who pray for us; what would we do oh Saviour, we who sing you.

You are glorified all time by Angels

You who glorify all the time Angels.
Seer of all hearts, have mercy on our souls.

And again: Many are my prayers oh Holy Theotokos / (Virgin Mary), I have come to you the most pure, asking (requiring) rescue.

Come to my infirm (weak) soul,
and pray Your Son and and Our Lord,
to grant me Forgiveness of sins,
Because I’m poor and week (in evil), You who are most Blessed among Mankind.

Oh you most Holy Theotokos, in my lifetime don’t leave me on a human mercy (hope) but you alone intercede on my behalf and Have Mercy on Me!

All my hopе I give to you, Oh Mother of God,
Rescue (Кееp) me under your Shelter / (Shroud).

God’s Power Will be With Us is a triumph song of Victory of the Holy Orthodox Christian faith and the Orthodox Christians over all evil that is in the post sin fallen world. It is a Victorious Chant stating God’s power is with all us Orthodox Christians.

It is an expression of the power that our Holy Orthodox Christian faith contains. Gods power will be with us is a well known for all Eastern Orthodox Slavonic Christians. It is being sing in most if not all Slavonic Eastern Orthodox Churches around the world i.e. – Bulgaria, Russia, Serbia

It is common that this very beautiful Ancient Church Slavonic song is being nowdays sung, by Orthodox Christian choires even in the Western World which so sadly is nowdays predominated by Roman Catholic and Protestant (denominations beliefs). Here is God’s power will be with us – as sung in Church Slavonicin a Roman Catholic Chapel

Orthodox Christian Chant – Gospodi sil s nami (Russe Znamenny) / Gospodi sil s nami budit

Господи cил c нами буди sung by – Мужской Хор Свято-Данилова Монастыря – Не Отврати Лица Твоего
6 – Господи сил с нами буди

Pojanje Koviljskih Monaha-Psalam 150 (Part of Gospodi sil s nami budit – Repetancance Great Lent Canon sing in Serbian Monasteries)

This Church chanting song is sing in the Great Lent Church period around all Slavonic Churches around the world. The spiritual deepness the song contains and spiritual joy is amazingly great for us Eastern Orthodox Christians; it is barely impossible to explain in words, but I hope by listening it the listener re-unites with our Christ = (Messiah) = Saviour and his Holy Apostolic Church – The Orthodox Church!

This Orthodox Song is also present, probably in Greek, Syriac, Jerusalem, Ethiopian,Coptic, Chinese and the rest of local Orthodox Church-es throughout the whole universe. If someone from other Orthodox Churches reading this post, can point me out to their Church variant of these glorious Church hymn I will be mostly thankful!

Glory be to the Father, The Son and The Holy Spirit now and Forever and Ever. For Gods Power – Christ’s Holy Spirit will be with us ever unto the Ages of Ages accordinly to the promise of our Lord Jesus in Holy Gospels.