Ruckman.net

I was playing with my Clarkconnect box this morning and noticed that some of my favorite Linux command line tools were not installed.

What is Clarkconnect? According to their website: (LINK)
“ClarkConnect is a powerful and affordable Internet server and gateway solution. The software solution will give your organization enterprise-level server features at an affordable price.”

If you have ever installed anything on Linux you know that you can easily fall into the dependency trap at any time when installing new software.

To avoid the need to install 30 different dependencies so that you can install one program on Clarkconnect you problebly want to use a program like apt-get or yum. I prefer yum, but Clarkconnect comes with apt-get which is a little strange considering that it is based off Red Hat Enterprise Linux (RHEL).

I am using Clarkconnect 4.1 Community Edition. For the software repository I choose DAG since they have one of the largest collections of software for RHEL. In this case we want to match the version that Clarkconnect was coded from as closely as possible to make sure our software will work properly. We are going to use the RHEL 4 repo. (LINK)

If you follow the install directions on the DAG website you will notice that it will not work. And after fiddling with error messages I found that I had to craft my own source list file which I will give to you so you don’t have to deal with the same tortures I did.

NOTE: Watch for line wrap!

Log in as root using putty or any other ssh client.

Change directory to: /etc/apt/sources.list.d/

cd /etc/apt/sources.list.d/

Run:

rpm -Uhv http://apt.sw.be/packages/rpmforge-release/rpmforge-release-0.3.6-1.el4.rf.i386.rpm

Create or edit the file rpmforge.list in that directory.

vi rpmforge.list

In that file place the following information (Download this file):

# Name: RPMforge RPM Repository for Red Hat Enterprise 4 - dag
# URL: http://rpmforge.net/
rpm http://apt.sw.be redhat/el4/en/i386 dag

If you have never used vi before you may need to know a few basic commands.

a = append mode (Used to edit text)

ESC = command mode (Used to give vi commands)

:w (Save file command)

:q (Exit vi command)

Make sure you write your changes before exiting vi or you will lose your changes.

Run the following command to update your apt-get info:

apt-get update

You are now ready to install your software. In this case we are going to install yum because I like it, but if your happy with apt-get just install whatever other packages you like. The sky is the limit!

apt-get install yum

Since Clarkconnect uses apt-get for its updating process I prefer to use yum for installing third party packages so there is no chance for conflict due to the repos. With yum installed, it is now safe to remove the source list created for apt-get unless you plan to keep using it.

BONUS:

Some packages such as Bind cannot be found in the DAG repo because they are usually included with the base system. But not with Clarkconnect since it uses DNSMasq. If you rather have your own DNS server instead of relying on your ISP you can add the CentOS 4 repositories to your YUM configuration.

Change to the “/etc/yum.repos.d/” directory.

cd /etc/yum.repos.d/

Then create the file “CentOS-Base.repo” using vi or joe.

Add the following information to that file (This file has been modified):

NOTE: Watch for word wrap! (Download this file)

# CentOS-Base.repo
#
# This file uses a new mirrorlist system developed by Lance Davis for CentOS.
# The mirror system uses the connecting IP address of the client and the
# update status of each mirror to pick mirrors that are updated to and
# geographically close to the client. You should use this for CentOS updates
# unless you are manually picking other mirrors.
#
# If the mirrorlist= does not work for you, as a fall back you can try the
# remarked out baseurl= line instead.
#
#

[base]
name=CentOS-$releasever - Base
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os
baseurl=http://mirror.centos.org/centos/4/os/i386/
gpgcheck=1
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-centos4

#released updates
[update]
name=CentOS-$releasever - Updates
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates
baseurl=http://mirror.centos.org/centos/4/updates/i386/
gpgcheck=1
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-centos4

#packages used/produced in the build but not released
[addons]
name=CentOS-$releasever - Addons
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=addons
baseurl=http://mirror.centos.org/centos/4/addons/i386/
gpgcheck=1
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-centos4

#additional packages that may be useful
[extras]
name=CentOS-$releasever - Extras
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=extras
baseurl=http://mirror.centos.org/centos/4/extras/i386/
gpgcheck=1
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-centos4

#additional packages that extend functionality of existing packages
[centosplus]
name=CentOS-$releasever - Plus
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=centosplus
baseurl=http://mirror.centos.org/centos/4/centosplus/i386/
gpgcheck=1
enabled=0
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-centos4

#contrib - packages by Centos Users
[contrib]
name=CentOS-$releasever - Contrib
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=contrib
baseurl=http://mirror.centos.org/centos/4/contrib/i386/
gpgcheck=1
enabled=0
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-centos4

Remember, Bind and dnsmasq will fight for port 53 UDP. I went into the file “/etc/dnsmasq.conf” and added the statement:

port=40

This will assign dnsmasq to port 40 freeing up port 53 for bind. 40 is a unassigned port so it is ok to use it. The reason you reassign the port instead of disabling dnsmasq is because it controls the DHCP functionality. And if you wish to continue to use the web interface for DHCP configuration then you will need to keep this package installed and operating. DNS will operate wonderfully this way.

Enjoy!

Have you tried Windows Vista only to find that your productivity software isn’t fully compatible, your old software doesn’t work, your old hardware doesn’t work usually due to lack of drivers, and that your games actually run slower and more buggy than before? Are all of these problems worth having just for the “Areo effect”? I doubt it.

Have you tried MacOS, Linux, Unix, or BSD only to find that it is hard to administer for less than the tech savvy, most games don’t work, and wireless is virtually useless?If your looking for the ease of use of a Mac, the stability and speed of Linux, the looks of Vista, and the wide manufacturer support of Windows XP then I have the solution for you. Using all Freeware products, I will show you how to achieve the ultimate PC operating system.

(more…)

This article will walk you through setting up a securing your linux teamspeak server, and how to set it up to run as a service that can also run at boot time. Just downloading and running the software is a really bad idea as it is not set up for security. If a vulnerability ever developed in the Teamspeak software and you were attacked, a attacker could get permissions equal to what user you have it running as. I will show you how to set up teamspeak with rock solid security. I will also show you how to set it up so that it runs securely from boot.

NOTE: The software could change over time. This is a general walkthrough as of 5-17-2007 for Teamspeak RC2 Linux Server.

For offline viewing: Download this article

(more…)

Somehow I am reminded of a quote from the movie hackers which has a lot of George Orwell’s concepts from his book 1984.

“1984. Yeah right, Man, That’s a Typo. Orwell’s here now, he’s livin’ large.”

A recent white paper on Nokia Cellular phones not actually deleting your SMS messages after you delete them set off a few alarms in my head and some concerns for our privacy. You can read the paper HERE.

In short, if you connect to the phone and then pull a few .dat files off of it and then open them in a hex editor or use some Linux/Unix command line search tools you can recover all of your old deleted SMS messages. They are invisible to you and the phone, but they are there. This may even work on other phones. Makes me worry about my PPC6700 which has Windows Mobile 5 on it.

Why are they there? I’ll let you decide on that but I suggest you wait until you read a few more of my reminders below. You may have forgot some things in the past.

One thing you may have forgot is the index.dat files in windows. Unless you are a advanced user, like the advanced Nokia hacker, you cannot easily delete these files. These files are used by explorer as a database which runs as long as windows is active. It stores all of your search queries, web URLs, autocomplete, internet explorer history, cache, cookies, and recently opened files. These files remain even after a restart, and also after you clear any of your histories. They can be use to recover what you opened, what you looked up, and what you typed into forms even if you think it is erased. Why are these files there? Well, some people might say convenience and speed. But why does windows lock these files, and why is it so hard to delete them? Why are they hidden from the system? Everything is passed off as a feature to better help you live, but its true nature may be to invade your privacy.

What about the hidden code placed in Xerox printers not more than a couple years ago? You can find a article on it HERE. They found that color printers were adding a secret hidden code applied by adding yellow pixels around the page. They are so small the human eye can’t detect the anomaly. But computers or a special flashlight and magnifying glass can detect it and use it to track where the printout came from. It is a secret hidden barcode. The code was suppose to be a secret but they had no choice but to fess up after the code was discovered by the EFF (Electronic Frontier Foundation). It was discovered on printers from more than 10 years ago. That is a decade of use before it was discovered. What are they using now that we will find in another 10 years?

Not long ago, it was also discovered that Microsoft Windows had hidden special access codes built in to it for the NSA (National Security Agency). It was built into a Windows driver called ADVAPI.DLL which enables and controls a variety of security functions. There is a article on that HERE. Here is a small quote from that article:

“ADVAPI.DLL works closely with Microsoft Internet Explorer, but will only run cryptographic functions that the US governments allows Microsoft to export. That information is bad enough news, from a European point of view. Now, it turns out that ADVAPI will run special programmes inserted and controlled by NSA. As yet, no-one knows what these programmes are, or what they do.”

“Within the Microsoft organisation, access to Windows source code is said to be highly compartmentalized, making it easy for modifications to be inserted without the knowledge of even the respective product managers.”

This most likely means that the NSA can get access to your computer extremely easy invading your privacy and it also most likely means that your information although encrypted can be decrypted remotely before reaching its destination. Do you want your encrypted data read by anyone but who you want it read by? Another invasion of privacy? I think so!

I have also noticed a ton of traffic cameras appearing. Almost on every corner in our city there are traffic cameras pointing in all directions. I live in a slightly poor city (Toledo, OH) that should be doing things more important with its money. But the funds for these cameras came from somewhere.

You would think that these cameras are there to monitor traffic conditions, but I guarantee that they are not. I have seen them on intersections that get little to no traffic at all. So, traffic is not a problem at these intersections. Why are they there? They are there for surveillance on you and I. To watch us.

Does any of this ring a bell? Does the rantings of George Orwell come to mind? A book written and publish back in 1949 says it all. The date was just a typo.