Gospel. Culture. Technology. Music.

Category: Technology Page 15 of 17


Serious VNC 4.1.1 Vulnerability !!!

For all of you out there who may be running VNC, you need to be aware that back in May of this year, it was discovered that it is possible to login to VNC 4.1.1 without a password, even if one is set. A worm was unleashed today, like others similar to it in the past, that takes advantage of this vulnerability. RealVNC Version 4.1.2 fixes this issue, but most people have not upgraded and are now getting hit by this automated attack. I highly suggest upgrading right now because there are many worms out there taking advantage of this hole to launch spyware on machines. This has already happened to a few friends computers.

http://www.intelliadmin.com/blog/2006/0 … ncept.html
http://isc.sans.org/diary.php?storyid=1331
http://www.realvnc.com/

New Site Version

Well, someone finally figured out how to hack the comments on the site here, so I was forced to upgrade to the latest version. So here it is. It actually has some better features and they cleaned up some things that have been broken in it for a while (actually the problems were fixed in the newer code, I just didn’t want to go in and edit my code again for another upgrade). But it actually wasn’t that bad. Anyway, hopefully there won’t be any more spam messages in the comments area of various blogs now for overseas meds, viagra, and whatever else they decide to push onto the site. Quite annoying.

Oops … A Big Mistake I Made

Let me just advise all of you out there who care anything for linux to never change the groups for the entire /etc folder, including sub-folders. Yup, this had some serious repercussions that made it to where I could not execute the sudo command or SSH, amongest a host of other commands. And on top of that, I couldn’t get in to change the permissions because I had never set a password for root, so it wouldn’t let me “su” into the console. So what I finally wound up doing was copying my password for my user account to root, got in and changed permissions back, rebooted, and it was all good, minus having to totally reinstall SSH, Shoutcast, and resetting permissions on /etc/sudoers. Just thought I’d share with all of you to never change permissions on the /etc folder. Leave it alone.

Converting My Web Servers to Apache 2.2.3 and PHP 5.1.5

I’m currently in the process of moving several of my sites off of IIS and onto Apache. Currently, this site, http://forums.westerfunk.net/, www.carmanallen.com, and a couple of other sites already run on Apache, but the rest are still on IIS. Westerfunk.net is now running on the new version of Apache, but the rest are not. If you see errors on Westerfunk.net, that’s what’s happening.

Update 9.15.2006 12:15 pm

All sites (with the exception of www.courtney.westerfunk.net) have now been converted to php and apache.

Unified Linux Platform for Mobile Devices

Phone Makers to Create Unified Mobile Linux Platform – ITJungle.com

If this actually becomes reality, it could mean a huge world of change for mobile devices. Because of the fact that these platforms would be open-source, just as linksys device software is now open-source and can be altered to make the device do things it wasn’t originally designed to do (software-wise), this will make it possible to do the same thing with mobile phones. Who knows what the possibilities could be. I’m excited …

Medal of Honor Server Back Up and Running

Well, I started up my “Medal of Honor: Allied Assault” server again because I want an environment to play in. I haven’t had it up for over a year now, so if you have this game (for PC) and want to play, in the place you normally enter an IP address to connect to a server, enter MOHAA.WESTERFUNK.NET instead. I designed a MOD for it to where you practically have unlimited ammo, scopes on all weapons, and you run a little faster than normal. It’s pretty sweet, so hop in and have fun … click on the image to the right to pull up server stats (probably won’t see much for now since it’s a new server and not many people know about it).

Internet Monitoring Thwarts Terror Plot

What a great thing it is to find out that a major terror plot in Canada was thwarted. But guess what started the investigation: internet monitoring. This is a case-in-point example of why technological monitoring is so important. Everybody would have been screaming bloody murder as to why the authorities did not see this coming if it had been pulled off. And here is how they thwarted it. This must serve as a prime example of why technology monitoring is so important. However at the same time, I do believe there needs to be someone monitoring the monitors, setting it up in a similar fashion to our system of government. It’s called checks and balances, something this nation was founded upon. So we must monitor, but at the same time, it must be checked on so that it doesn’t spin out of control.

News links:

How Internet monitoring sparked a CSIS investigation into a suspected homegrown terror cell – The Toronto Star
17 Terror Suspects Arrested in Toronto – AP
Canada charges 17 in plot to blow up buildings – MSNBC.com

Recovering Data Off of a Hard Drive with Knoppix

I found this posted out on the net about how to copy data from one drive to another using Knoppix. I have simply copied and pasted the information from this link: http://www-128.ibm.com/developerworks/l … knopx.html

To download the ISO file for Knoppix (that you then burn to a CD), go here > www.knoppix.net

Getting started

If you want to run KDE or any other graphical desktop or window manager, you’ll want at least 96 MB of RAM and a Pentium equivalent or better. In text mode, without X, it needs 20 MB to be happy and will even run on an old 486. It will use your existing Linux swap file.

Boot options

After booting up the Knoppix CD, it will pause at a command prompt for 30 seconds, then continue booting. There are a large number of boot options; hit F2 to see them. For example, this is how I boot Knoppix 3.2 on one of my test systems:

knoppix lang=us knoppix wheelmouse knoppix desktop=icewm

The default keyboard mapping is German, so I always boot with knoppix lang=us. By default, Knoppix boots to the KDE desktop. knoppix 2 boots to text mode, without starting X. failsafe starts up with minimal hardware detection.

Knoppix runs entirely in memory, or if you want to sound “leet,” in a ramdisk. In fact you can see the ramdisk in the file tree. Remember, sometimes it will be slow, because it must fetch executables from the CD, which is slower than a hard drive. It can be installed to a hard disk, but that is a topic for another day.

Rescuing a non-booting Linux system

This is the most common scenario. Something goes haywire, and boom, no boot. No problem: boot up Knoppix and find all your local partitions nicely iconicized on the KDE desktop. (Or cruise the file tree to /mnt.) Click on the correct icon, and there are all your files. But they are wisely mounted read-only. Again, no problem: right-click the desktop icon to bring up a nice menu with a “Change read/write mode” option. This mounts the filesystem on the partition as read/write. Now you can edit any file.

The default user is knoppix. For operations that require root privileges, you need to su to root and assign a root password:

knoppix@ttyp0[knoppix]# su
root@ttyp0[knoppix]# passwd

To mount a filesystem read/write from the command line:

root@ttyp0[knoppix]# mount -t reiserfs -o rw /dev/hda5 /mnt/hda5

To unmount:

root@ttyp0[knoppix]# umount /mnt/hda5

If you get an error message “Could not unmount device, device is busy,” something is reading the filesystem. Close files and cd out of the filesystem.

How do you know what mountpoint and filesystem to specify? Just read /etc/fstab:

root@ttyp0[knoppix]# cat /etc/fstab

# Added by Knoppix
/dev/hda5 /mnt/hda5 reiserfs noauto,users,exec 0 0

Hardware detection

Before going on a mad config file editing spree, it often pays to examine hardware information. Knoppix excels at this, as it has the latest editions of Linux’s excellent hardware and system utilities: fdisk, lspci, iwconfig, ifconfig, dmesg, /proc, and so forth. (Checking hardware information is also handy for testing a system for Linux compatibility before you buy it. Sound cards, softmodems, and wireless NICs are especially troublesome; manufacturers often change the chipsets without changing the model numbers, and you need to know the chipsets to determine if Linux drivers are available. The Knoppix CD also contains a number of sound files, for quick sound testing, starting with “OpenMusic” on the welcome screen.)

* fdisk -l displays all partitions on all hard drives.
* lspci -v gives detailed information about every device and chipset connected to the PCI bus.
* cat /proc/cpuinfo tells exactly what CPU is installed.
* ifconfig displays, and also manipulates, network interface settings. Most commonly Ethernet cards and ppp, the modem interface.
* iwconfig is like ifconfig, but for wireless network cards.
* dmesg is interesting. man dmesg isn’t all that helpful if you’re not a kernel hacker. Just using dmesg | grep <device> is a useful troubleshooting and system discovery tool. To see everything, run dmesg with no options.

And of course KDE provides a nice GUI to see all this; go to System > Info Center.

Rescuing data files

Usually the first rescue chore is to copy data files off of the troubled drive. This is my favorite method when there are large numbers of files to copy: install a second hard drive, then boot Knoppix, then copy files from the old disk to the new disk. Even if you don’t have nice hot-swappable drives or removable drive cages, it takes just a couple of minutes to pop the case open and hook one up. Do you have a brand new blank drive, or an old one that needs to be wiped clean and reformatted? No problem, do the disk preparation from Knoppix.

Partitioning and formatting

First, install the second hard drive. Then boot Knoppix and open a root shell. If there are partitions already on the second disk, simply re-format whatever ones you need. Note that SCSI drives are designated sd, while IDE drives are hd. This command displays the existing disk partitions; be sure to use values appropriate for your system:

root@ttyp0[knoppix]# fdisk -l /dev/hdb

To format a disk partition:

root@ttyp0[knoppix]# mkfs.ext2 -c /dev/hdb1

This creates a plain-vanilla ext2 filesystem. -c checks for bad blocks. Of course, you can make it anything you like: ext3, ReiserFS, whatever:

root@ttyp0[knoppix]# mke2fs -j -c /dev/hdb1
root@ttyp0[knoppix]# mkreiserfs /dev/hdb1

What, no partitions? First, here’s how to create them the command-line way, with fdisk. It’s medium-safe to futz with fdisk, as changes are not written to disk until you give the command to do so. So, you can try different options and preview the partition table before committing to any changes. This sequence of commands creates a single partition:

root@ttyp0[knoppix]# fdisk /dev/hdb

Type “m” at any time to display a table of fdisk commands. Then, type “n” to create a new partition. Now, type “p” to create a primary partition. Hit Enter twice to accept the defaults. Or, if you don’t want to use the whole disk, hit Enter once to accept the default starting point, then select the size you want:

+1000M

Hit “p” at any time to preview the new partition table. When everything looks good, press “w” to write the changes to disk. By default, fdisk creates a “type 83” partition, which means Linux. To see a list of partition types, press “l”. To change the partition type, hit “t”. Want to delete a partition? Easy as pie: press “d” and follow the prompts.

QTParted

Even easier is firing up KDE and using QTParted (System > QTParted). QTParted creates, deletes, and non-destructively moves and resizes partitions (even NTFS). So, you can make room to copy your data without losing anything.

Copying files the GUI way

I like graphical file managers. It’s a lot simpler to drag and drop than to type out long command strings. Click on the icons on the KDE desktop that represent your source drive and the drive you want to copy them to. Each one opens in its own file manager, for fast and easy drag and drop. Be sure to make the destination drive writeable.

Copying files at the command line

Remember to create a directory to move files into:

# mkdir /mnt/hdb1/home/carla/backup
# cp -r /mnt/hda5/home/carla /mnt/hdb1/home/carla/backup

Cloning an entire drive

You’ll need two hard drives the same size, or a destination drive larger than the source drive. Make sure no partitions are mounted on either drive. In this example /dev/hda is the source drive, /dev/hdb is the destination drive. The dd command makes an exact, byte-for-byte copy, including the MBR (master boot record):

# dd if=/dev/hda of=/dev/hdb

Mounting confusion

Are you losing track of what’s mounted, and in what state? No problem, here comes /proc to the rescue:
# cat /proc/mounts

This displays all mounted filesystems, the filesystem types, read/write status, and other attributes. How many hard drives are on the system? One of these will tell you (and remember, SCSI drives are sd, IDE are hd):

# fdisk -l

or

# dmesg | grep hd

or

# dmesg | grep sd

Copying to CD

KDE and Knoppix make this easy. Assuming there is a CD writer on the system, simply right-click on the desktop icon for the partition containing your files, and you will see “Create Data CD with K3b.” Do File > New Project, drag and drop the files you want to copy, and there you go. K3b is very good at autodetecting and autoconfiguring your CD drives; it should do it all for you. If something goes awry, please refer to the developerWorks article “Burning CDs on Linux”, which also teaches how to burn CDs from the command line.

Copying to other media

Zip drives, floppy disks, and USB storage devices will be automatically recognized by Knoppix, and icons will be placed on the desktop. Simply make the drive you want to copy files to writeable, then drag and drop until it’s all done.

Copying over the network

You can configure Knoppix to connect to a network, just like any other Linux. Knoppix has its own graphical configuration utility: on the main menu find Knoppix > Network/Internet. Again Knoppix’s excellent hardware detection comes into play; it even works on wireless NICs (assuming it’s a wireless NIC that is supported in Linux!). Simply answer a series of questions, and you’re done.

It’s just as easy from the command line. As root, run:

# netcardconfig

Once your network settings are configured, there are several options for transferring files. cp is fine for locally mounted filesystems. Copying files over an untrusted network should be done with scp (secure copy), and in fact Knoppix won’t let you use anything else. scp uses ssh for encrypted file transfer and lets you move files without setting up NFS or Samba. You’ll need an ssh server running somewhere on the network to receive the files. This command copies an entire directory:

# scp -rp /mnt/hda5/home/carla 192.168.1.5:/home/carla/tmp

SSH quickstart

What, you have no ssh server? If you really do not yet have ssh installed, here is a quick-start guide to running SSH. But before using it for even routine remote administration tasks, you should study ssh in more depth. Note also that there have been a number of important security patches issued recently.

OpenSSH comes with all major Linux distributions, and yours should already have it. (To find out, type locate sshd.) If not, download and install it. It doesn’t need to be on a special machine; any Linux PC can run SSH. Start it up like so:

# /etc/init.d/ssh start

Then, all you need is for the same user to have accounts on both machines. Using root is easiest, but potentially dangerous. And, of course, you can create user accounts on Knoppix as needed, with useradd and passwd. Then run the scp command as in the example above, and there you go.

The first time you connect, you’ll get a “The authenticity of host X can’t be established…are you sure you want to continue connecting?” message. Answer “yes.” It will ask for the root password of the SSH server, and then you’re home free. To move files as a non-root user:

# scp -rp /mnt/hda5/home/carla carla@192.168.1.5:/home/carla/tmp

Open a root shell on the host system

This lets you operate on the host system, as though you were logged into it directly. Identify the partition the host system is on, then open a Knoppix root shell and mount it:

root@ttyp0[knoppix]# mount /dev/hda1 /mnt/hda1
root@ttyp0[knoppix]# chroot /mnt/hda1
root@Knoppix:/

Two-Tiered Internet?

Web inventor warns of ‘dark’ net – BBC.co.uk

“Recent attempts in the US to try to charge for different levels of online access web were not ‘part of the internet model,’ [Sir Tim] said in Edinburgh”

“‘What’s very important from my point of view is that there is one web.'”

“‘Anyone that tries to chop it into two will find that their piece looks very boring.'”

I can’t believe (well actually I can) companies would even conceive of such an idea, but apparently there are telecom companies within the US who desire this to become a reality. This would essentially involve a split in the internet where there would be two separate networks, one called the “open web” and the other known as the “private, stifled web” (as I call it). Sir Tim, the inventor of the concept of the web, highly advises companies against such a notion, and states this was never “part of the internet model”.

If this concept becomes a reality, it would make it to where telecom companies providing internet access to consumers would charge their customers a fee for access to certain sites (such as streaming video sites), thus limiting what you can access. The reason for this thinking is because of the massive proliferation of streaming media on the net such as TV shows and other high-bandwidth video streams. If there are a ton of people streaming shows at the same time, this can cause excess strain on the backbone of the access providers networks. And so to limit the amount of data being downloaded, they are considering making customers pay for access to certain sites as well as certain types of media. I really hope it does not come to that, mainly because it will stifle any further evolution of the internet into something even better than what it is now. There is legislation currently being introduced to keep this from ever happening (man I hope it passes), but for the sake of profit, there will always be forces attempting to stifle progress.

Maybe the telecom companies need to catch up with the times and either create larger backbone pipes or install more pipes than they currently have in order to diversify the traffic so that it is not all coming down the same few pipes? I don’t know, it seems like they could work out some better kind of data-flow architecture instead of making people pay for access to certain sites and certain types of media. It’s so frustrating that there are always people trying to make the internet, as well as software, solely proprietary in nature instead of allowing it all to be open-source. Seriously, figure out some other way to make money besides stifling the progress of the web …

SBC/AT&T – New Telco Station / New Cable

Several weeks ago, there was a new telco station that went up near my house, along with a new tower right next to 820 and 30. And then within the past couple of weeks, cable crews have been out in my neighborhood laying new cable. I wasn’t sure if it was the cable company (i.e. Charter Comm) or SBC/AT&T, but I’m very sure now. They appeared to lay the cable from the telco station into my neighborhood (though I wasn’t sure if that’s where it was actually coming from). I haven’t been able to tell who actually owned the new telco station until this morning. As I was driving into work, and went past the new station, there were three SBC trucks setting up equipment within the new station. So obviously, SBC owns the telco station, and so I’m very positive that VDSL (or ADSL2+) is getting much closer to coming to fruition at least within my neighborhood. I’m very excited. I don’t know what speeds they’ll be offering, but I’m sure it will be substantially faster than it is now. How cool …

Update 11:48 a.m. on April 7, 2006

AT&T U-Verse
It appears the initial maximum speeds will be 6 mbps down / 1 mbps up. That’s still significantly faster than it is now … sweetness. And maybe it will be more stable dern it!

Page 15 of 17

Powered by WordPress & Theme by Anders Norén