Education
AV / Education / Technology / Troubleshooting

Remove X Cursor in XBMC

by MadHatter on Sep 30, 2011 No Comments

I’ve found a few annoying issues while configuring my HTPC with XBMC – one being the X cursor re-appearing after long idle states.  The cursor will go away after restarting XBMC, but this is annoying to do several times a day.  The fix is quite simple – the steps are listed below.

sudo nano /etc/X11/xorg.conf

In the text editor – find the section of the file labeled Section “Device”.  The ending of this section is simply EndSection.  Add the following line before the EndSection statement:

Option    "HWCursor" "false"

Simply restart X either by restarting XBMC or the machine completely.  The cursor should now stay gone for good!

Education / Linux / Networking / Technology

Squid3 Transparent Proxy Setup

by MadHatter on Oct 15, 2010 No Comments

Introduction
Being a networking geek, I often try to figure out every aspect I can about different network technologies being used, how to configure them, and what benefits they have to provide when implemented. My home network/lab is a great place to test these technologies in a non-crucial environment. One such networking aspect I haven’t researched much is proxies. Sure, I’ve run into it with application installation that needs a connection configured, and had setup a CGI proxy in the past on a windows machine after my frustrations with my high school’s network blocking my once favorite social new site digg.com, but overall I hadn’t had much knowledge about why else proxies were implemented on a network, so I decided to play with Squid3 to educate myself.

Squid3
Squid3 works as a web-cache proxy which means that while you browse, the content you are retrieving can also be cached for faster retrieval on the machine running the proxy – based on a set of rules in the proxy’s configuration files. This is not to say that ALL content gets cached, due to the fact that most content you are retrieving is dynamic, and it wouldn’t make sense to cache it due to the fact that you would quickly be viewing outdated material. In fact, in most environments only a small amount of content gets cached – which is why a web-cache proxy becomes more effective with more users working behind it. With a one-user environment the speed increase given by the cached content may not even offset the costs of running the proxy. With a multiple user environment there is most likely a significant amount of overlap in the viewed content and leads to the web-cache loading more of the local cached content versus retrieving new material each time. Although the amount of users on such proxies are not limitless as, due to the nature of a web-cache proxy, it will have to perform many reads/writes to its drives to receive and deliver cached content – and without adequate hardware to handle these read/writes, the network will actually suffer in performance as it will be bottlenecked by the proxy’s speed. If you have more questions about what exactly squid is and how it works checkout Squid’s site.

With all of this being said, the decision to implement a proxy on your network will need to be carefully examined by the needs and amount of throughput of the network. Keep in mind that Squid can be majorly tweaked to fit the needs of the network – so looking at the configuration options available is not something to be ignored.
Okay, enough with the explanations, on to the fun part – installation and configuration!

Target Setup:
There are many ways to setup Squid. The most simple is re-directing all traffic to a Squid box on the local network through your software. This requires simply adding the Squid box to the network and directing the web applications on the clients as needed. But those of us administering larger networks know that redirecting client browsers is a pain, and look toward a more automated solution. This was the reason I chose to setup this Squid box as transparent. It is transparent in the sense that no changes will be needed on the client-side for any network settings or re-direction in order for the proxy to be implemented. The diagram below illustrates this setup:

Diagram created using Gliffy

For clients, they have the following settings:

IP Address: DHCP (in the 192.168.2.0 subnet)
Gateway: 192.168.2.1
DNS: whatever you want, doesn’t affect this setup as long as they are working DNS servers.

The running Squid3 box will simply pass all traffic on eth0 to eth1 and vis versa, but will intercept all traffic on port 80 and re-direct it to the port that Squid is running on. From here, Squid will work its magic in either delivering the cached content to the client or retrieving it and then caching as needed. The client will have no idea where the content is being delivered from, and should ideally only notice it is being received quickly.

Installation:
I completed the following steps on a machine running Ubuntu 10.04 with 2 NICs installed (eth0, eth1). We will assume eth0 will be the incoming line from the gateway, and eth1 is the outgoing line to switch which the clients access (demonstrated in diagram).

sudo apt-get install squid3

That was simple enough… Most of the work is completed in the configuration.

Configuration:
We need to first add a few lines to the squid configuration file to make the proxy transparent.

sudo nano /etc/squid3/squid.conf

Add the lines below to the configuration:

http_port 3128 transparent
acl localnet src 192.168.2.0/24
acl localhost src 127.0.0.1/255.255.255.255
http_access allow localnet
http_access allow localhost

This next line is optional – it changes the default size for Squid’s cache to 5000MB to be stored in /var/spool/squid3.

cache_dir ufs /var/spool/squid3 5000 16 256

After making the changes above, save the configuration file and restart squid3. If there are errors Squid should fail to start.

sudo /etc/init.d/squid3 restart

I found ebtables easier to configure the bridge to pass traffic accordingly than iptables. You can use whichever you’d like.
Install ebtables and enter the lines below to pass traffic through accordingly. The port at which Squid is set to run by default is 3128, but if you have changed this in the squid configuration make sure and make the change in the rule accordingly.

sudo apt-get install ebtables
sudo ebtables -t broute -A BROUTING -p IPv4 --ip-protocol 6 --ip-destination-port 80 -j redirect --redirect-target ACCEPT
sudo iptables -t nat -A PREROUTING -i br0 -p tcp --dport 80 -j REDIRECT --to-port 3128

Also, enable traffic to be passed through both IPv4 and IPv6 on the local machine by uncommenting the following lines in /etc/sysctl.conf

sudo nano /etc/sysctl.conf
(uncomment the following)
net.ipv4.ip_forward=1
net.ipv6.conf.all.forwarding=1

You will need to install the bridge-utils to configure the bridge within your /etc/network/interfaces file.

sudo apt-get install bridge-utils

After configured my /etc/network/interfaces filled looked like this:

auto lo
iface lo inet loopback

auto eth1
iface eth1 inet static
address 192.168.2.199
netmask 255.255.255.0
network 192.168.2.0
broadcast 192.168.2.255
gateway 192.168.2.1

auto br0
iface br0 inet static
address 192.168.2.200
netmask 255.255.255.0
network 192.168.2.0
broadcast 192.168.2.255
gateway 192.168.2.1
bridge-ports eth0 eth1

Save this file and either reboot the system or restart networking and squid3.

sudo /etc/init.d/networking restart
sudo /etc/init.d/squid3 restart

After this go to one of your client machines and browse the web for a few seconds. You can then tell if squid3 is working correctly by checking the logs:

tail /var/log/squid3/access.log

This should show you the requests as they are received by squid3. Make sure and check traffic on other ports as well to ensure that it is being passed through correctly.
If traffic is not being passed correctly or squid is not logging any requests a good step to take would be to set the client machine’s browser proxy settings to direct right to the proxy. See if browsing is now working correctly. If so, squid3 is working correctly but there is most likely an issue with the traffic passing rules on the machine the proxy is running on.

Conclusion:

These were all the steps I completed to get my transparent proxy running successfully. Obviously you can tweak to fit your needs. The other added benefit of running the proxy in the “transparent” mode is that if the box fails you can simply disconnect the cable from the gateway to the proxy and plug directly into the client switch and the network will continue to function (obviously without local caching enabled).

Hopefully this helps others out there attempting to complete a similar setup. If you notice any errors with this tutorial please let me know. Thanks for reading.

Cisco / Education / Linux / Networking / Technology

Cisco PIX 501 Quick Setup

by MadHatter on May 1, 2010 No Comments

I inherited a Cisco Pix 501 firewall recently and have to say I’m not near as educated on Cisco equipment yet as I feel I should be.  After a good amount of searching along the way I started getting the hang of things.  I had worked in Cisco’s Pix Device Manager (PDM) and found it to be more of a pain trying to navigate than to setup through command line.  So, for this tutorial I will focus only on the CLI for setup of the device.

pix501

Here is how I was able to get things setup.  Note that this is just a basic setup using the CLI with the following:

WAN: DHCP

LAN: Enable NAT, and enable DHCP

After configuration the firewall will be accessible at 192.168.3.1 (and netmask 255.255.255.0) and DHCP leases available will be 192.168.3.50 – 192.168.3.80.  You can change these accordingly while going through the commands.

First of all, you need to connect to the device using your Cisco console cable which is an RJ45 to DB9.  Connect the RJ45 end to the 501, and the DB9 end to a machine with the connector.  In my case this was a Linux machine running Ubuntu.  If you are on a Windows machine you can simply use HyperTerminal to connect. I issued the following commands to get connected to the 501:

Sudo apt-get install cu
cu -l  /dev/ttyS0 -s 9600

ttyS0 was what worked for me, but yours may need to be changed to ttyS1, etc. depending on your setup.

Once things are connected I issued the following commands:

First press no to the guided install (if you plan to follow the tutorial below).

enable

You will be prompted here for a password.  The Enter key is the default password.

config t

This will allow access to the configuration menu.  Press “?” to find all commands available.

username  USER password ***** privilege 15

enable  password ******

passwd  ******

Replace USER with the username you wish to create.  This allows you to create an administrator account for the system.

interface  ethernet0 auto

interface  ethernet1 100full

ip address  outside dhcp

Make sure your WAN connection is live when issuing the command above.  It will try to assign a DHCP address when it’s issued.

ip address  inside 192.168.3.1 255.255.255.0

show ip  address

The above command just shows the current setup.  I used it to double check I entered everything properly.

ip address  outside dhcp setroute

nat  (inside) 1 192.168.3.1 255.255.255.0

global  (outside) 1 interface

telnet  192.168.3.50

This was an optional command.  This allowed telnet access to the client at 192.168.3.50.  This was added so I didn’t need the console cable connected after the initial setup, and could merely telnet in from the client as needed.

no banner  exec

no banner  login

no banner  motd

The banner commands are also optional.  I wanted to cut out any extra information at logins.  You can leave these, or change them as you desire.

hostname  YOURHOST

Replace YOURHOST with the hostname you wish to give the 501.

domain  local

dhcpd  address 192.168.3.50-192.168.3.80 inside

dhcpd dns  4.2.2.1 4.2.2.2

These were test DNS servers I used during setup.  I believe they are Level3’s, and they are rather stable.  You can change to your local ISP’s DNS servers or others as desired.

dhcpd  lease 3600

dhcpd  ping_timeout 750

dhcpd  enable inside

The above command assigns the 501 as the DHCP server for the inside interface (LAN).  If you wish to use a different DHCP server or don’t care to enable DHCP, simply disregard this command.

access-list  ping_acl permit icmp any any

access-group  ping_acl in interface outside

These two commands are added to allow ping requests.  Ping is disabled by default on the 501 and annoyed me when trying to run diagnostics.  These are optional.

wr mem

This finalizes your setup by writing all changes to memory.
These are the commands I found to work for me – and don’t have this in production.  I don’t claim for this method of setup to be secure for your environment and highly recommend you study up on the device more before placing it in a production environment.  If anyone has some modifications or additions to this guide please feel free to contact me.  Hopefully this tutorial can serve as a first step in becoming familiar with setup for the Pix 501, thanks for reading.

Source Image: cisco.com

Bash / Education / Linux / Technology

Twitter Weather Forecasts Using Linux

by MadHatter on Mar 11, 2009 No Comments

twitter sh2

Twitter’s feature to allow updates from terminal allows for a lot of creative ways to use twitter. I used some already written scripts and commands and put it all together to receive weather forecasts for my area at 9am every day on my phone.  Example of SMS message sent to my phone “Forecast for: DES MOINES, IA    Today    Mainly clear and frigid – Low 10“  Here is how I did it:

First I used a written shell script and made output modifications so length would be under Twitter’s length limitations. The modified script is listed below:

Note: I take no credit for the original script. It was available online, and I modified it based on my needs. Dave Taylor is the original author, and offers a book full of shell scripts I recommend checking out! Page Here

#!/bin/sh
# weather - report weather forecast, including lat/long, for zip
# Dave Taylor - found at http://www.intuitive.com/wicked/showscript.cgi?063-weather.sh
# Edited for twitter use by MadHatter (maddhat.com)
llurl="http://www.census.gov/cgi-bin/gazetteer?city=&state=&zip="
wxurl="http://wwwa.accuweather.com"
wxurl="$wxurl/adcbin/public/local_index_print.asp?zipcode="

if [ "$1" = "-a" ] ; then
   size=999; shift
else
   size=5
fi

if [ $# -eq 0 ] ; then
   echo "Usage: $0 [-a] zipcode" >&2
   exit 1
fi

if [ $size -eq 5 ] ; then
   echo ""
   # get some information on the zipcode from the Census Bureau
   lynx -source "${llurl}$1" | \

   sed -n '/^<li><strong>/,/^Location:/p' | \

   sed 's/<[^>]*>//g;s/^ //g'

fi

# the weather forecast itself at accuweather.com

lynx -source "${wxurl}$1" | \
sed -n '/Start - Forecast Cell/,/End - Forecast Cell/p' | \
sed 's/<[^>]*>//g;s/^ [ ]*//g' | \
sed 's/10-Day AccuWeather.com//' | \
sed 's/Today/Today:/' | \
uniq | \
head -$size

exit 0

Save this as weather.sh in your home folder. Then open a text editor and create “tw.sh” saved to your home directory with the following contents:

Note: You need to replace the USER:PASSWORD with the username and password for the secondary twitter account.

#!/bin/sh
#tw.sh
curl -u USER:PASSWORD -d status="$*" http://twitter.com/statuses/update.xml

For this script to run correctly curl must be installed. For ubuntu the command is “sudo apt-get install curl

Now we have the necessary scripts created. To receive updates you will need to create a second twitter account of which to send updates. Make sure you follow this new account with your primary twitter account and turn on device updates if you are looking for update to your mobile device.

All that is left to get things up and running is to add the crontab entry. I added to my sudo crontab by the following “sudo crontab -e” and adding the following entry:

Note: This will run at 9am every day. You can edit yours however you’d like. For testing it may be a good idea to start with “* * * * *” to run every minute to ensure updates are working as planned. Replace “user” with your user name, as well as ZIPCODE with the zip code of the area you would like weather forecasts for.

0 9 * * * /home/user/tw.sh $(/home/user/weather.sh ZIPCODE)

Save the crontab entry. Check that it was added by typing “sudo crontab -l”. That’s all there is to it.

Some useful links for help and customization:

Twitter API, Cron.

Bash / Education / Linux / Technology / Troubleshooting

Testing Network Performance Using Iperf

by MadHatter on Mar 10, 2009 1 Comment

Just a quick post on a great tool for testing network performance. Iperf is a very slim tool that will measure TCP/UDP bandwidth performance. It is an available ubuntu package “iperf ” and also has Windows/OSX binaries available. I found a working mirror here. What makes Iperf a good test versus a simple SMB/CIFS transfer for bandwidth performance is that it works in memory versus being limited by hard drive and CPU limitations.

Now a quick guide to get things up and running. The guide will be for two Ubuntu machines, testing network performance between the two.

1.Install – Type the following in terminal “sudo apt-get install iperf ” for both machines

2.Server Setup – Decide upon a server machine and a client. On the server type the following in terminal “iperf -s ”. This will place iperf in server mode, and it will listen for incoming connections.

iperf server

3.Client Setup - On the client machine you have a lot of options to play around with regarding how you want to connect to the server. You can explore what each of these are by typing “iperf –-help ”. The following is a simple test between the server (192.168.2.104), and the client (192.168.2.103).

4.Testing - Type “iperf 192.168.2.104 -i 2” (replacing the IP here with the test server IP and then enter key to start testing. This will connect to the server running on 192.168.2.104 and have an interval of 2 seconds. There will then be 6 tests completed. This should give you all of the information you need regarding your connection speed between the two machines.

iperf client

This should be enough to get you started using iperf. Check out the man page here if you have any usage questions.

Education / Linux / Networking / Technology

Setup DNS Cache Server Using Dnsmasq and Ubuntu

by MadHatter on Oct 27, 2008 No Comments

dnsmasq

I’m always looking for ways to improve on my LAN, especially when it’s free. A friend suggested DNS caching to speed up browsing. I gave it a shot and was impressed with the results. I’m now saving at least 70ms for every DNS query (after it’s been cached the first time of course.) The installation is pretty simple, and takes only a couple of minutes. I’ve logged what I have done getting it running on an Ubuntu 8.04 machine:

Notes before starting: I didn’t need much for this system setup. The machine has a P4, with 512mb RAM. The NIC was only 100mbit, and the hard drive only 40GB. I chose a box to install this on that isn’t pegged with other processes. I don’t think you need to dedicate a whole box to this project if this is for a small LAN (mine is ~10 machines), but one that isn’t constantly being used for network tasks would be a good idea (not much of an incentive to run DNS locally if it doesn’t speed up the response time.) These are just my recommendations, and it will vary depending on the size of your LAN on what you would like to setup. There are many variables differ based on your setup.

As stated before, for this installation I’m using Ubuntu 8.04. I installed the server edition, but eventually installed the ubuntu-desktop packages, because I like having the GUI when working with experimental servers. Obviously, using the ubuntu-server edition will slim the machine down and be much more efficient.

1. Open Synaptic package manager and search for “dnsmasq”. Install both packages shown by right clicking “Mark for installation”.

2. Navigate to System > Administration > Networking to open the network configuration for the machine.

3. Click on the tab “DNS”. This is the list of name servers for the machine. You can keep the original name servers in the list but press “Add” on the side and add in “127.0.0.1″, and make sure it is at the top of the list. For your secondary name servers you may want to consider moving to opendns versus using your local ISP’s.

4. Once your 127.0.0.1 entry is at the top of the list you may press OK to exit the menu.

5. To start/stop/restart dnsmasq service use the following commands:

/etc/init.d/dnsmasq start
/etc/init.d/dnsmasq restart
/etc/init.d/dnsmasq stop

You will most likely need to restart the service after installation and the changes you’ve made. This will also let you the service is starting correctly.

6. Now it’s time to make sure it’s working. Type the “dig” command with the website of your choice and pay attention to the query time. The first time the DNS entry will be cached, and so the second time you try the dig command on the same site the response should be significantly lower. The format is $dig WEBSITE

Another way of testing is enabling logs to syslog so that each query will be logged. You can enable logging by removing the # at the line #log-queries in the file /etc/dnsmasq.conf You will need to restart dnsmasq for changes to take effect. Syslog can be viewed from System log viewer, or any text editor. After verifying that everything was working correctly, I added the # back into the config file so that it no longer logged queries.

7. After you’ve tested all is working correctly, make sure you change the primary DNS server on the client machines to the IP address of the server you have been working on. Here are pictures that show the primary name server being changed to the local machine just setup for DNS. The examples are for Ubuntu 8.04 and Windows XP:

ubuntudns
vistadns

So that’s it. Hopefully this speeds things up for you as it did for my LAN. Thanks for reading.

Education / Linux / Technology

Creating Backtrack 3 Live USB Drive

by MadHatter on Feb 1, 2008 1 Comment

bt3banner

Booting to live CDs seems to be sluggishly slow when compared to booting from a USB drive. I previously posted about creating a Live BackTrack 2 USB drive, and here is the instructions for the new BackTrack 3 Beta. They have a special release specifically for USB drives this time around so it’s getting easier as new versions are released. Keep in mind that BT3 is in Beta and may still have several bugs. If you would like to run the stable version try BT2. So here is my step by step tutorial on how to create a bootable USB drive running BackTrack 3.

Note:
-you should use at least a 2GB USB drive to make bootable. The boot files total around 946MB of space on the drive. You may be able to get by with a 1GB drive but it would be pushing it to the limit on space. Drives are getting cheaper and cheaper that it shouldn’t be a big pain to cough up the extra $5 for the 2GB alternative

1. Go to: http://www.remote-exploit.org/backtrack_download.html Choose the backtrack 3 beta the USB version (unless you want to create a bootable cd choose the CD version).

2. You will need something to extract the files from the RAR archive. WinRAR is my favorite.

3. Once you have a RAR extractor installed then extract all the folders to the destination drive (USB Drive). There should be two folders named “BT” and “Boot” along with a text file called “INSTALL.txt”.

4. After extracting the files power down unit and restart (make sure that boot order is changed so it boots from the USB drive first, and keep in mind that some older machines do not support USB boot, so you may need to use the CD version instead.)

5. the first menu you are presented with is the boot menu. The default is to boot into KDE. (you may want to change to a graphics safe environment if it does not work properly the first time on your system but I have yet to see a case where it doesn’t work properly at first boot).

6. Just wait and it will boot the rest of the way up and show the back track desktop. Click on the 2nd icon that says “System” that looks like an IC chip. Navigate to MEDIA > Your removable drive (names differ) > BOOT folder. Here you will find a file named “bootinst.sh.”

7. Open up “shell” by clicking on the 2nd icon on the left which looks like a monitor with a black screen. Drag “bootinst.sh” to the shell. Click “Paste”. Press ENTER

8. This will now give a warning screen that it will format the drive to boot this distro only. Make sure that the drive listed in that warning is the same as the drive you are browsing (which is shown in the location bar at the top) so that you don’t tamper with the computer’s other drives by mistake. Press ENTER when you are sure.

If task completes successfully your drive is now bootable! If you are having problems or have questions with any of these steps head over to the Back Track Forums.

If you would prefer using the stable BackTrack 2 here is my article pertaining to creating bootable USB drives for BT2: http://maddhat.com/?p=16

Education / Linux / Networking / Technology

Creating NAS In 10 Minutes

by MadHatter on Jan 28, 2008 No Comments

NASbanner

Network Attached Storage has become increasingly popular the last couple of months. Interest has only grown more since apple’s release of Time Capsule which is a NAS device that also has the capabilities to create incremental backups of computers on the network. NAS can be very useful for any home network with a lot of media. It also places less load on other computers on your home network. Being a technician I hear countless times how all the client wants is pictures from the machine and some home videos, etc. All of this media can be moved to a NAS device so that if a system goes down all can still be accessible from another machine quickly. Backups are also essential in that equation, but it can easily be achieved with an external Seagate drive or countless others. What I would like to discuss today is the use of this free NAS software (with TONS of features for sharing media) to get media shared in less than 10 minutes. This may be extremely useful at LAN parties for those trying to share content to one another (perhaps the latest 600mb patch of Battlefield 2!) Also, this method allows the computer to run the NAS software without disturbing the original OS. Just like any other linux live CD, FreeNAS (freeBSD based) has features that lets you boot from a CD or USB drive. If you need more information on NAS devices to see all the possible uses check out the wikipedia entry.
There are many different configuration options for getting it all up and running, but I will go into detail about that which I found to be the fastest. A few things to note before going through these steps:

-you do NOT need to remove all partitions on the machine you intend to setup as a NAS device. You may if you want to, but it doesn’t really matter unless you are performing a full installation or would like more storage space. You can leave everything intact, and there will be NO changes to the OS if you follow steps as I direct. If you stray from the path you could easily end up formatting the drive, but there are warnings before this would happen as well so don’t worry too much.

-you will need to know how to burn ISO’s onto a CD, just like any other linux distro.

-you do NOT need a lot of technical experience to get it up and running if you just follow this guide. Though the more knowledge you have about your computer hardware the better.
-you do NOT need know how to use linux, or BSD, or even know what they are. If you have hardware problems any time throughout this tutorial you could always hop over to the support forum and someone should be able to help you get on the right track.

-for default setup to work without changes you will need to already have an address such as 192.168.*1*.25. The *1* being the key factor there. Some routers by default are setup on different ones such as 192.168.0.1. It depends on the network.
Alright lets jump right into things. I will explain it step by step as all my other tutorials.

1. Download the ISO here and burn it to a CD.

2. Place the CD you just burned into the drive and boot up. You may want to have your keyboard and monitor hooked up to the machine to make sure your CD ROM drive has 1st boot priority. If it does not, simply go into your BIOS and change the boot order (there should be a button to hit such as F1, DEL, or F10).

3. Your CD should start booting the software automatically. Within about

2 minutes (if there are no errors) it should boot up for you and show the splash screen. You can press Enter and configure options (such as machine IP or connection to use such as wired or wireless) but it is up and running at that point. Note: the only thing your computer actually needs plugged in in the back is power and the data connection (which you would need none obviously if it is wireless).

4. On another machine on the same network open up your browser of choice and type “http://192.168.1.250″ into the address bar. This is the default HTTP control panel for FreeNAS.

5. Hit enter and you will be prompted for a username and password. Default username = admin. Default password = freenas.

6. Hit enter and you will now be at the main page. This is a status page and can give you some basic information about the system. Lets navigate to the left hand side and go to Disks > Management.

7. On the lower right side there is a + in a circle for you to add drives for it to recognize. Click to continue to the next screen.

NASdisk

8. You will need to choose your Disk (make sure and do NOT select your CD ROM drive) to setup. Find your hard drive on the list. Also make sure you select the format type of your drive (if the drive has windows installed on it you will choose NTFS. Click “Add” once completed. Repeat this process for any other hard drives installed in the machine if any.

9. Hit apply changes on the Disk Management screen. It should say “the changes have been applied successfully. If it does not you most likely made a mistake when configuring the disk.

10. Go to the Disks > Mount Point menu on the left side of the window.

11. We are now going to create a mount point for the drive. Click the button on the lower right to continue.

12. Choose your configured disk under the “disk” drop down menu and make sure you select Partition type 1. I’m going by the assumption that most users are going through these tasks with an NTFS formatted drive. Go to the drop down and select NTFS. Name and describe the drive as you wish (note that it is limited on the types of characters, it may be that it only allows spaces, numbers, and letters.)

13. Press the “Save” button and click “Apply Changes” on the following screen once you have configured all of your drives. If it says that all changes have been applied successfully the hard part is over and it is configured. Now we are going to verify, and setup a means by which your files are accessible over the network.

14. Go to Status > System on the left hand side. Look at the “Disk space usage” box at the bottom. It should show your configured drive there along with how much space has been filled on the drive. If all is there then the drive is configured properly and is reading correctly under FreeNAS.

NASdiskspace

15. For the sake of saving time I am going to assume you do not want any security on this box for the time being and will allow anonymous connections for sharing. You may configure them if you wish in the Access > Users and Groups menu. Lets go to the Services > CIFS/SMB menu on the left side.

16. Once in the menu you need to first enable the sharing service to run by clicking the checkbox in the upper right hand with the text “enable”.

17. Click the “Save and Restart” button at the bottom (note: this will just restart the service, not the computer).

18. After changes have been applied, go to the top and click on the “shares” tab.

19. Click the + button

20. Create a share name and comment. You may leave path blank. All other options should be okay by default. Hit the “Save” button and the “Apply Changes” button on the next screen.

21. Now close out of your browser and just open “My Computer”. Replace the text in the address bar to “\\192.168.1.250″ and hit enter. You should see your share listed below as a folder. Open and view, edit, save, delete your files just as if it was a locally connected drive.

NASaddress

Now a few closing notes. There are a lot of options we left blank, a lot of thing we could have changed with this system. Spend some time messing around with it, just be carefull of the “Format” menu. Because this is a live boot all changes you make will NOT be saved once the computer is powered down. You will need to reconfigure all of these settings as we have in this tutorial. After doing it a few times this should only take 5 minutes or less to reconfigure in the future. FreeNAS can also be installed as a full or embedded install. I will not cover this today but may in a future entry. If you are having any difficulties throughout the setup process head over to the support forum for help. Hope this gets you going on creating a NAS device for free.

Education / Technology

Simple Firefox Bookmarks Toolbar Cleanup Tip

by MadHatter on Dec 5, 2007 No Comments

Here is a real short tip that tidies up your bookmarks toolbar in Firefox but is surprisingly unknown. I decided to write this after noticing many friend of mine who would like to achieve the same look.

firefox

1. Add the site of your choice to your bookmarks toolbar folder.
2. Right click the icon for the selected link on the bookmarks toolbar and click on Properties
3. In the Properties menu you will see a “Name” label and text field. Simply clear the text field and press OK.

firefox1

You will now have a clean and uncluttered bookmark toolbar. Sorry this is incredibly obvious for some but still a worthy tip to share. I will hopefully have a full length article posted by the end of the week.

Education / Linux / Networking / Technology

Setup Remote Desktop in ubuntu 7.10

by MadHatter on Nov 20, 2007 1 Comment

This is an in-depth tutorial covering the simple act of setting up Remote Desktop in 7.10 and forward the ports on your router so you may access your ubuntu machine from anywhere. I find this handy when in a different city and needing to access a file on my local network. I merely plug my USB thumb drive into the computer, run my portable Ultra VNC Viewer, and connect. I also use it to work in Linux instead of windows (because it is setup to the same screen size as my laptop. I just full screen the VNC connection and work in ubuntu; however I do have to stand connection issues).

So I will go slowly and step by step through this procedure as well. 7.10 makes it EXTREMELY easy to get it up and running, so you should be able to get it up and running in 5 minutes or so.

1. Boot up ubuntu of course and login.

2. As shown in the picture, on the ubuntu menu, go to System > Preferences > Remote Desktop.

gotordp

3. This will bring you to the Preferences window. Check “Allow other users to view your desktop”

4. Check “Allow other users to control your desktop” if you want the user to be able to actually control the mouse and keyboard once logged in. If you are merely letting people login to view your desktop then you can leave it unchecked.

5. Uncheck “Ask for confirmation”. If you have this checked it will make a confirmation window popup every time a user tries to connect remotely. The local user will need to allow them to connect before they can begin their remote session. If there is no local user to confirm this, and you are on a trip and forgot to uncheck it… you sir are SOL.

6. Check “Require the user to enter this password” and enter in the password in the text box below. The remote user will be prompted to enter this password before they are given access to the remote machine. This is a MUST. Otherwise, anyone who connects to that address will be able to control your machine remotely as they please.

rdp

7. Click the close button to close the Preferences window. Your remote connection is now setup for your LAN and you may access that ubuntu machine from any other pc on your network without port forwarding.

For those of you familiar with port forwarding, don’t bother reading the next section because it’s merely a step by step. Basically, forward a port of your choice to port 5900 for the ubuntu machine you are setting Remote Desktop on.

8. Now for some simple router changes. First, we are going to need to gather some information. The gateway and the IP address of the ubuntu machine. This is easy to find out. First, lets open up our network connection by going to System > Administration > Network.

9. Click on the connection type you are using. In my case I am using a wired connection. I would suggest using a wired connection if you are planning to routinely use this machine remotely because it tends to be a lot more reliable than wireless.

10. This will bring up a window with your connection settings. If you are using DCHP then you can’t gather much from this. I recommend switching over to Static IP address (but beware, that this must be enabled in your router, but is usually already enabled by default). I’m not going to go in depth with a lot of router settings, so if you have questions about functions such as router access or static configuration, Google it!

ifconfig

11. Write down the IP Address of your machine, and also the Gateway address. We will need this soon.

12. Open up a web browser and type in http:// and your gateway after. For example http://192.168.1.1 this should bring up the login screen.

13. You should be able to login now. Make sure you have permission to edit your router. If you have another LAN administrator, check with them before logging in and making any changes.

14. This is a part that is different for everyone depending on your router type and model. I am using DD-WRT on a crappy wireless router. All you need to do is go to the section regarding port forwarding.

15. Once you navigate to this section, we have a port to add (to allow the outside connections to this computer on your LAN). The default VNC port is 5900. Your router may have different names for some of this, but it all should be relatively similar. My example is listed in the picture below. So, let me explain what it all means.

portforward

Application: A brief description of what you are forwarding so that you can quickly reference it. I just named it ubuntu because I know that port 5900 is VNC so I don’t need to know the application.

Port from: this is the port the machine not on your LAN will try to make a connection from. It is suggested to make it something that is not the normal 5900 because this is a dead giveaway for attackers. I just made this one 8000. (Be careful, some ports are reserved for certain applications, so if you aren’t sure, Google the port before you choose for sure).

Protocol: TCP and UDP. Can’t remember if VNC needs both, so just go ahead and click both.

IP Address: this is where you will enter in the IP address you previously wrote down. This tells the router what machine to make a connection with.

Port to: set this to 5900. This is the port that the remote desktop application will connect on.

Enable: obviously we want to enable this.

16. After making the necessary changes, you will need to save the new settings, and most likely restart the router for it to take effect. It is a good idea to log back in and make sure the settings saved correctly.

17. Alright, so now you have setup Remote Desktop on your machine, and forwarded the port on your router so you may access from the outside. So, how do you connect? Well… this is a complex question. It really depends on your connection, and if you are on a residential where the external IP changes every few hours or days. If it does then you will need to find a solution such as NO-IP that sets a name while it tracks changes in your IP, and changes the name to that. I won’t go in depth with that so ill just post this link if you need more information. http://www.no-ip.com For a temporary test, lets just use www.whatismyip.com

18. Copy paste your external IP (given from the link above) and :port number into your vnc viewer and test. For example 12.35.33.58:8000 will be your connection if “12.35.33.58″ is your external IP. NOTE** you cannot connect to your external IP from a machine in your LAN. You must test from a computer outside of your network for it to work. After all, this is what you set up the port forwarding for.

19. At this point, if you have a successful test, you are setup and good to work remotely on your ubuntu machine. If you cannot connect, you may want to check that your IP has not changed, and go through our configuration process once again. If you have any simple questions you may refer to the ubuntuforums (which has great user support) or try googling some troubleshooting options.

Whew, that was a little more in-depth than I wanted to get with this simple procedure, but I do want to give as much detail and help for new users as possible. Hopefully this helps one or two of you. Please check back for further Ubuntu 7.10 user tutorials in the near future.

Here is the VNC Viewer I use and enjoy. RealVNC is decent as well. http://www.uvnc.com/

Education / Linux / Networking / Technology

Cracking WEP – Some Words of Wisdom

by MadHatter on Nov 13, 2007 No Comments

wificards

Cracking WEP may be a little more difficult than you think. Yes, we’ve all seen the WHAX video of how to crack WEP in 10 minutes and said “yes I could do that if I had time to get the distro… but I have more important things to do.” Well, being a college student with no social life (during the week anyways), I have had the time to have some fun with cracking WEP. Of course, in a lab environment (using my own router to practice with…). Throughout my experimentation, being also new to Linux, I found a few things you may soon realize and should research before attempting to crack WEP that may either encourage you to continue with this activity or give up entirely (but let’s remember, that’s not how you solve problems : ).

Monitor Mode:
A lot of people new to this whole scene think that they can pickup any wireless card, pop in their super secret Linux distro they got from another “computer kid” and “crack the neighbors’ internet for downloading music!” First of all, those who are interested in WEP security and vulnerabilities for this purpose are idiotic and deserve to be caught and prosecuted. There are a lot of people who think that the term “hacker” is cool and buys them popularity points. These kids are easy to point out, and are easily exposed. Don’t get me wrong, I am on no soap box preaching to the naïve and ill informed underneath me…I don’t claim to have any extensive knowledge on this subject. I’m as lost as any other geek trying to get this security stuff figured out and trying to have a little fun with it and share my experiences.
Alright, back to the point I was trying to make before I went off rambling. Monitor mode. This is where the wireless card captures packets without associating with the AP. Monitor mode is only supported for certain cards, and I believe only certain chipsets, but I could be wrong on that one. My original card (Orinoco gold classic FCC ID#
IMRWLPCE2411R) was able to switch to this mode which was great to get started. Do a Google search and see if yours is supported by installing specific drivers or natively. If it doesn’t, you are probably out of luck. Don’t waste your time looking for a way to do it without monitor, in my opinion; you are better off spending that time finding the right card to get instead. I will talk about cards later on. This is usually the 1st issue where those new to WEP cracking get lost and trail off to their social bookmarking site instead.

Card support on OS and program:
This somewhat ties into the monitor mode issue in regards to having a working wireless card. There are a few ways to go about WEP cracking, but the fastest and most effective/popular method I have found is using the aircrack suite. With this you can do just about everything. You will need to capture the packets and use injection to make the process move along more quickly. So, you’ve got a card that supports monitor mode, great! Now is the other thing your card needs to be compatible with, aireplay (included in the aircrack suite). This is the application that will perform 802.11 packet injection. 95% of popular wireless cards are not compatible with this application. If you want to capture packets without injection, but be prepared to sit at that AP for 2 weeks to get enough IV’s for an attempt at cracking.

The other issue is OS support for your card. You may also be lucky enough to have a card that is natively supported in the distro that you choose to use for cracking. However, there are many that require patches, or special drivers. In fact, almost all of them do. Some distros are nice enough to include a patch for your (S-T-D for my Orinoco). Once again, if you are new to Linux, if you think you can figure it out go for it, but if you are running into this as well as the monitor mode and packet injection issue, head to the store, not the BackTrack2 forums for help.

Don’t know how to spoof a MAC? Learn or forget it!
 Not that I encourage any illegal activities, and I DO NOT, but to be a good security expert, you need to know what the attacker will do to be able to counter-act. MAC spoofing is a great way to stay anonymous. Now this is an easy thing to learn quickly, but if it’s forgotten or disregarded, then you aren’t really doing it properly. A great simple program I found for this purpose is macchanger. I simply type “macchanger -a eth1″ in my terminal before beginning my test cracking. Simple and effective. This is just kind of a general warning that if you don’t know what you are doing then learn before doing anything. I would love to hear the story of someone who used this knowledge for the wrong purpose and got caught because they didn’t know how to spoof a MAC.

How much are you willing to spend?
Is this just a “Saturday afternoon project” sort of thing? If so, and you are lucky enough to already have a supported card, great for you! If you are like the other 99% of us who had to troubleshoot, again, you may want to consider investing in the right card. I took this route, and just got a deal on eBay for a newer proxim 8470. There are also a few prism 2.5 cards with an amazing 300mW of radio output power. If you have the budget, I would highly recommend them! Also, and antenna is almost a must! These can be relatively cheap, but none the less, adds to your cost.

Do you know Linux?
If you don’t, well this is a great project to get started. However, it’s not exactly user friendly to get started! If you run into any snags you will need to troubleshoot. Following the YouTube video never works hehe. This is a great way to get more familiar with Linux. That is what I did, and I have loved the knowledge I’ve gained from it.

The monitor mode I spoke of earlier not supported with the windows drivers. You can buy an awesome adapter called AirPcap that is said to be great, and work swiftly with Cain. The catch: this adapter is $200. Yikes!

All of the other programs I have found in windows for WEP cracking really suck, and don’t work AT ALL. Like I said, the airPcap is the only one with a reputation of working well. Airsnort has a windows version, but I have tried that too and it didn’t work. Perhaps you can get it working though. I didn’t spend much time on the windows side to find out.

So that is my rant about some common issues with WEP encryption, kind of a heads up for hobbyists, as well as an outlet of frustration with my own experience. Perhaps I will crack a WEP cracking video tutorial once I get it all working correctly with my new card (which is on its way as we speak : ).

Once again let me say that I am no credible expert on this subject, merely a hobbyist and a geek wanting a new project. I’ve spent about a month involved in this topic, and thought it was a worthy entry to write. If I’m wrong on some of my facts, please correct me! Send me an email and I will make sure to change it. Thanks for reading.

Archives

© 2010 MaddHat.com. All Rights Reserved.
Powered by WordPress.

Designed by WPSHOWER