IT人在工廠日記 – 飯店捉老鼠


URL block List for a China Company

1.  Introduction

To protect company network from malware, worm, virus, spam, etc in suspected malicious web sites, we need to define an URL block list (in next section), and setup to restrict those URLs in our network Firewall. This post will list out those suspected URLs, and we will submit this document to management review and approve.

2. URL Block List

2.1 Sports

2.1.1      General Suspected URL:


2.1.2 China Suspected URL:


  • Streaming Video:
    • General Suspected URL:


  • China Suspected URL:


  • Social Media
    • General Suspected URL:


  • China Suspected URL:


  • Software downloads
    • General Suspected URL:



  • China Suspected URL:


  • P2P sharing
    • General Suspected URL:


  • China Suspected URL:



  • Torrents
    • General Suspected URL:


  • China Suspected URL:


Reference Sites:

Introduction of ITIL v3 Framework


ITIL is the most widely adopted approach for IT Service Management in the world. It provides a practical, no-nonsense framework for identifying, planning, delivering and supporting IT services to the business.



ITIL advocates that IT services must be aligned to the needs of the business and underpin the core business processes. It provides guidance to organizations on how to use IT as a tool to facilitate business change, transformation and growth.

The ITIL best practices are currently detailed within five core publications which provide a systematic and professional approach to the management of IT services, enabling organizations to deliver appropriate services and continually ensure they are meeting business goals and delivering benefits.

The five core guides map the entire ITIL Service Lifecycle, beginning with the identification of customer needs and drivers of IT requirements, through to the design and implementation of the service into operation and finally, on to the monitoring and improvement phase of the service.

Adopting ITIL can offer users a huge range of benefits that include:

  • improved IT services
  • reduced costs
  • improved customer satisfaction through a more professional approach to service delivery
  • improved productivity
  • improved use of skills and experience
  • improved delivery of third party service.


ITIL has been adopted by thousands of organizations worldwide, such as NASA, the UK National Health Service (NHS), HSBC bank and Disney™. ITIL is also supported by quality services from a wide range of providers including examination institutes, accredited training providers and consultancies, software and tool vendors and well known service providers such as IBM, Telefonica, HP and British telecom (BT).

A comprehensive qualifications scheme offering a variety of training courses and certifications has been developed against the guidance. This scheme can help organizations to effectively implement ITIL, achieving success by ensuring that employees have the relevant knowledge, skills and techniques, but most importantly, ensuring the entire organization is using a common language and are fully invested in the process.

ITIL Best Practices also underpin the foundations of ISO/IEC 20000 (previously BS15000), the International Service Management Standard for organizational certification and compliance. Organizations can therefore implement ITIL to achieve organizational certification.

Open Source IT Configuration Management Tools

Open source configuration management tools make managing servers at scale easier, less time-consuming and more repeatable.

Configuration management tools provide automation, cloud orchestration, and remote management and execution that give IT greater control over its entire infrastructure. Beyond standardizing configuration on servers, the tools can install and maintain packages, upgrade or deploy new servers and manage a cloud infrastructure.

Without configuration management tools, IT administrators would manually deploy each VM needed in an OpenStack, Amazon Web Services, VMware ESXi or other environment. Instead of logging into each server to manually patch it, a systems administrator can remotely patch thousands of servers at the same time. The same goes for removing a user from servers.

“All of your server configuration is going to stay the same and consistent across your environment,” said Nitin Madhok, a systems developer and programmer on the infrastructure code team at Clemson University. “So, if you installed an application on one server, you could install that application on a dev, production, test or whatever environment it is in the same way, following the same steps.”

Companies can immediately fix security vulnerabilities such as Heartbleed on thousands of user-facing servers in under five minutes. LinkedIn manages more than 70,000 servers and can make a change on all of them in under a minute.

Chef, Puppet, Ansible and Salt are four major open source configuration management tools – each with distinct differences. Puppet and Chef are coded in Ruby, a less commonly known programming language among IT professionals. Salt and Ansible use the more common language, Python, and users only have to be familiar with YAML (yet another markup language) to operate them. Salt and Chef also use ZeroMQ protocol, which allows users to create complex communication systems with little effort.

Salt and Puppet use a daemon approach and must be installed on every server. This allows for a master-slave control architecture. Chef and Ansible are daemonless, so no software takes up resources on the VM to manage it. The open source tools do require open Port 22 on each VM, which could leave servers vulnerable to attack. Salt also has a Secure Socket Shell tool, called Salt SSH, which allows the user to configure it similarly to Ansible. Each of these open source configuration management tools also come in supported, purchased enterprise versions that offer additional modules or features.


Information Source:

How to protect you against Android phone loss/theft

How to protect you against Android phone loss/theft

(1) At Android smartphone
1. Select “Settings” icon, then “Location and security”
2. Select “Device administration”
3. Enable “Android Device Manager”
(2) At PC
1. Go to
2. Login your Android related Gmail account
3. Now you can LOCATE, RING or LOCK your phone or ERASE your phone’s data in case of theft or loss.

Common Feature of IT Service Management tool

Common Feature of IT Service Management Tool as below:

  • Fully configurable CMDB
  • HelpDesk and Incident Management
  • Service and Contract Management
  • Change Management
  • Configuration Management
  • Automatic SLA management
  • Automatic impact analysis
  • CSV import tool for all data
  • Consistency audit to check data quality
  • Data synchronization (data federation)


由即日起,香港中旅社為應付港人於中國內地遺失回鄉卡/證的情況,現可替港人即日辦妥出境證件(即臨時入出境通行證)。 因此,如在內地失卡,必須於當日下午3:30前到羅湖補卡中心代辦補領手續一般來說,可即日領取臨時入出境通行證返港,免遭滯留內地。如於當日黃昏及/或晚上才到羅湖補卡中心代辦補領手續則可於第二天中午12:30前領取臨時入出境通行證返港。
地址:羅湖中旅社補領中心 ─ 連廊2樓C4室 (即羅湖商業城對面)
查詢電話 : 852-2334-8833 或 86-755-8234-7136
費用:人民幣230-250元(如能提供證件相片2張,費用為人民幣 230元,否則需支付人民幣250元)
補領手續及時間由中旅社作最後的決定。返港後 , 必須到香港的中旅社辦理補領回鄉卡的手續。
中旅社亦提醒市民到內地前應影印身份證、回鄉卡及護照。如對以上有任何問題, 請致電 852-2334-8833 或 86-755-8234-7136作出查詢。


Refresh to display a web page using Python

Python Program Example 1.

If you’re going to need a refresh on the same tab, you’ll need selenium webdriver. After installing selenium using pip, you can use the following code:

from selenium import webdriver
from selenium.webdriver.common.keys import Keys
import time
driver = webdriver.Firefox()
while True:

If you are browsing a static page, you can pass a parameter in it and run, for example passing "pycon" to search as below script:

from selenium import webdriver
from selenium.webdriver.common.keys import Keys
driver = webdriver.Firefox()
assert "Python" in driver.title
elem = driver.find_element_by_name("q")
assert "No results found." not in driver.page_source

Python Program Example 2.

from link

A script will automatically refresh the page after every few seconds,so that my keyboard’s F5 button is spared. But still there is redundancy, one has to keep looking at the same thing again and again to check if any change has happened. So,I added few more lines to the script. Now whenever the result will be declared (or there will be any new notification) a song will start playing automatically.

Here is the resultant script:

import urllib
import time
import os
import pygame
uri = “”  #url where result will be declared
source = urllib.urlopen(uri).read()
while nw_source==source:
if flg:
time.sleep(5)  #refresh every 5 seconds
nw_source = urllib.urlopen(uri).read()
except IOError:
print “Error in reading url”
print cntr,” times refreshed”

pygame.init()“kar_chale _hum_vida.mp3″) #pass the path to the music file
while True:

Using Webdriver under Selenium:

WebDriver是主流Web应用自动化测试框架,具有清晰面向对象 API,能以最佳的方式与浏览器进行交互。


  • Mozilla Firefox
  • Google Chrome
  • Microsoft Internet Explorer
  • Opera
  • Safari
  • Apple iPhone
  • Android browsers

Selenium WebDriver 又称为 Selenium2。

Selenium 1 + WebDriver = Selenium 2


  1. 选择Python的版本。Python主流的有两个大的版本,2.7和3.5(请注意,从Python的3.5版本开始,不再支持Windows XP操作系统,Windows XP用户请安装3.4版本)。我们的例子将会选用面向未来的3.5版本。
  2. 在Windows安装Selenium2.0,有两种途径。使用pip命令行或者源码安装。以下两种方法,使用任何一个均可。推荐pip的方式。
    1. 方法一:pip命令行安装,运行 | cmd,打开命令行,-U其实就是--upgrade,升级安装。
      pip install -U selenium
    2. 方法二:源码解压安装,前往下载最新版的PyPI版本的Selenium,解压后执行
      python install

Source Information:

Selenium 3.0.1 出现的问题以及解决

3.0.1 更新以后,需要做两个操作:

  1. Geckodriver executable needs to be in PATH。Geckodirver的下载地址:

    WebDriverException:Message:'geckodriver'executable needs to be in Path

    geckodriver是一原生态的第三方浏览器,对于selenium3.x版本都会使用geckodriver来驱动firefox,所以需要下载geckodriver.exe。放置在Path 环境变量可以访问到的地方。例如 C:\python34

  2. 需要将火狐的安装路径放到path,然后重启(必须重启电脑)

    selenium.common.exceptions.WebDriverException: Message: 'geckodriver' executable needs to be in PATH.


Open Source IT Asset Management Software

Recently, I browsed a useful web blog about IT management, called “Capterra IT Management Blog” from link –> . It listed out three open source IT asset management software. They are useful, so I copy and share in it for your reference.

SysAid IT Asset Management


This free IT asset management solution has been around since 2002 and is available for both cloud and on-premise (Windows and Linux)


With SysAid’s asset management solution, users have access to all the standard features of licensed ITAM software, including the ability to view all software and hardware, as well as the manufacturer details of computers, printers, and other networked devices. Other benefits include automatic notifications of asset changes and the ability to create management reports.

SysAid’s IT Asset Management edition also offers a free, fully functioning IT Service Desk with ITSM capabilities for those interested.

This solution supports up to two administrators, 100 assets, and 100 end users, with an international online community for support.


Some reviews noted a lacking user-interface that may run too slow for some.

Asset Management System


This ITAM free and open source option is written in PHP and has been downloaded 77 times since its creation in early 2013.


This ITAM software solution offers a streamlined user experience with a dynamic dashboard for users to search through, add, update, and delete vendor details or categories. Users occupy two roles (lab operator and administrator), where they can add, update, delete stocks and assign any hardware or software to labs. Assets can also be assigned to others users for delegation.

This option is available for both Windows and Linux.


The last time Asset Management Software was updated was back in 2013 and there isn’t an active support community posting tickets or patches to improve potential flaws.



This free IT and asset management software uses a variety of languages, developed using PHP, and uses MySQL/MariaDB for the database, HTML for the Web pages, CSS for style sheets, and XML for report generation. In 2011, 1.2 million computers reported using this solution.


GLPI includes more than just a management system, also offering a service desk ITIL, license tracking, and software auditing. Through its asset management feature, users can collect an inventory of computers, printers, and other networked devices, as well as track equipment bookings, check equipment status, and manage contracts and documents related to inventory. GLPI can also generate reports for hardware, software, and networked items.

GLPI is also a multilingual solution, with more than 45 operating languages available.


Some reviews have noted installation difficulties, though users can also find support through the software’s forum.