Houston Linux Users Group


Workshops are held Every Wednesday from 6pm to 9pm in cPanel's offices at 3131 West Alabama. Experienced Linux users and administrators will be on hand to assist members with Linux installation, configuring, setup, networking, and basic training. In other words people just come and hang out.

Happy hour is held every Wednesday night starting at 9 p.m. See Claude Rubinson's page for details.

HLUG members can often be found on irc.freenode.net in the #hlug channel.


April 30, 2014

Pete Jamison

Job Opportunities

If you have a working knowledge of Linux server and/or Windows server operation (and networking or scripting would be plusses), take a look at the Houston Softlayer offerings at Softlayer's link to the IBM Employment page:

http://www.softlayer.com/careers

Softlayer is a major force in both physical and virtual server rental, second only to Google in number of servers currently under administration, and is now a division of IBM.

If your talents lean toward programming, specifically in Larry Wall's venerable PERL, give

http://cpanel.net/jobs-site

a look. Their Houston office has openings in support and in development.

by Pete (noreply@blogger.com) at April 30, 2014 01:15 AM

April 28, 2014

Pete Jamison

Various Stuffs And Things

First of all, you may notice that I've updated the meeting place in the banner above. Meetings of HLUG are now at the Houston HQ of the maker of a popular web hosting application, WHM/cPanel (many thanks to Hal-PC for their past support).

Second, I made last Wednesday's meeting of the group (these are weekly, 6-9pm) and was very impressed at the size and quality of the turnout. The program was on the Hugin Panorama Stitcher program for linux (they have a Sourceforge page), but it was also interesting in that although there was at least one "hobbyist" project going (a user was getting printer hookup help for a recent Ubuntu load), the level of programming/scripting discussion was high, at least to me. Only about half of the 14 or so attendees were cPanel veterans and a wide variety of IT experience was represented.

Third, I also discovered that the cPanel location is not only the host of HLUG now but of the local branch of PerlMongers, the group that does a lot of coding in that manner (Practical Extraction and Reporting Language). I'll get a link for them as soon as I figure out where the Houston Branch is located in the interwebs. ALSO - special thanks to the cPanel executive in attendance who sprung upon me the news that BackTrack (the famous security distro) is now rechristened as Kali Linux. This must have happened over the last 60 days... or maybe I've been distracted more than usual!

More to come - things are happening!

by Pete (noreply@blogger.com) at April 28, 2014 01:10 AM

March 27, 2014

Pete Jamison

I was only a bystander but here's what I saw...

So this guy says he's getting a bunch of unsolicited SMTP interrogations and it's filling up his logs and requiring him to check in a lot to make sure he's still got room in that directory so as not to strangle commands and crash the server. Could we "fix it"? Actually, no, since we don't manage his stuff, but we checked into it for him by asking another department with the clearance to see more that we can. "This guy" fears some kind of DDOS but our superiors point out that the incoming SMTP connection attempts aren't in amounts any greater that 200kb per second, and add to that the fact that the server operator admits that email isn't that active. I get onto the command line at one point and watch uptime, top, df and so on, noticing not much load or activity.

Apparently there's not much to any of this... except the fact that the guy's logs have been filling up and this effect took the server down at least once. The SMTP requests are coming from many obviously bogus IP's and not actually generating mail. BUT the connections must be logged, so /var/whatever is overloaded at some point and Crash. This looks to my inexperienced eyes like an unusual form of Denial Of Service.

A few of us came up with a strategy for the server operator. First, check in often if nothing else. Second, perhaps come up with a cron job or two that will archive or dump the affected logs based on size. Third, if he has some kind of web hosting control panel like Plesk, there's probably an app that's a front end to crontab or logrotate that would easily schedule size-based dumps as above.

And it came to a head on a weekend. That's the main reason we bought into the DDOS conspiracy theory (much skullduggery happens from Friday to Sunday), but the guy probably needed to set up rotation anyway. Serves him right, as well as us all. Also, he could be misconfigured in 15 other places, in addition to Mr. BogusIPs coming at him.

The moral of the story might be that any protocol activity on any server or application THAT MUST BE LOGGED can constitute a kind of vulnerability, since if not checked, the log directories involved would fill up at some point. And if you didn't throw bogus requests at your target in multi-gigabit-per-second amounts, you fly under the radar of either the server or the network outfits. It's an effective trick, until the target figures it out - or unless the target configured logrotate effectively in the first place.

EDIT: I should know better than to gravitate to conspiracy, particularly when I recall the quote "never attribute to deviousness what can be adequately explained by incompetence"... Another explanation for the above facts (pointed out by someone with more experience in these matters than me) is that, in configuring some DNS matter for email purposes, maybe somebody got one digit of an IP address wrong... and our "victim" is getting someone else's mail through no fault of his own. Think about it: 175 kbps or so, random IP's... yeah, maybe so. It would still be a clever ploy to deny service due to reboot inducement, but again, if one does logrotate right, the issue never comes up.

by Pete (noreply@blogger.com) at March 27, 2014 01:45 AM

November 04, 2013

Pete Jamison

Current Windows Routine featuring Your Pal, TRK! (edit 2.0 at bottom)

I have several computers in different configurations, OS situations and states of disrepair. For a particular Windows 7 computer, I just went through what's a kind of a weekend routine for cleanup. Here's my checklist for such a machine, useful not only to maintain system health but also to be familiar with the maintenance tools themselves:

1. backup any/all user-created or downloaded important files

2. run onboard utilities like Disk Cleanup, Defrag, MRT (Malicious SW Removal Tool from Microsoft, which takes a long time to run but what the heck), MS Security Essentials

3. run Window/Washer or CCleaner (crap cleaner?)-type third party products for unneeded file removal if you wish

4. run Spyware Blaster by brightfort.com (keep this program around to prevent unauthorized installers from running; it's not antivirus but an installation preventer that's active only at bootup)

And last but not least:

5. use trk with clamav (run commands "freshclam" and "clamscan")

The interesting thing this time around was that I presumed no special knowledge on the user's part and simply downloaded a new copy from the Trinity Rescue Kit download page and selected the self-burning .exe file for Windows. It recognized the onboard burner and asked for a blank, then burned and asked for reboot. Presto - we're a Linux box now (as the hardware reads the burned CD's OS rather than the HDD's OS). Although I had to remind myself of "freshclam" and "clamscan" by looking on the net from a different computer since the help section on the CLI didn't mention those, the run went without issue, taking less than ten seconds to update and less than ten seconds to scan.

I also use Malwarebytes on this particular machine, and should probably do a closer look for this blog on all of these tools. I just wanted to put down this much to record the minimum of my approach for Windows-world maintenance - and I should also repeat my presentation of years ago of running all these things on an intentionally-virus'd machine. That was fun.

-----

NOTE: an editor's addition is coming shortly, which will prove that I am not a complete MORON. The above results were obviously the ten-second results, not the LONG VERSION, which would be to run "updatetrk" and then get serious with "virusscan -a clam; virusscan -a fprot; virusscan -a bde; virusscan -a va" ... these commands update and run four different scanners (there's a fifth, Avast, which I left off since I don't have the free key for it yet) which in order are ClamAV, F-Prot, BitDefender and Vexira. They are running now; stay tuned! (this is gonna take awhile, running as they are in -uiv, or unbelievably insanely verbose mode)

-----

ANOTHER NOTE: Ok, it got a bit more complex. I started out with a clean Windows machine (I use Windows mainly as a movie viewer) but accidentally virus'd myself by getting curious, searching for a free windows version of Vexira, choosing one of the WRONG links (pretending to be genuine) on a search and pulling in about 130 ads. That was an opportunity to run Windows solutions and see if they worked. Malwarebytes actually got almost all of them (126, I think) and they were still gone upon reboot. Further scans by Security Essentials and the protection state of Spyware Blaster didn't note anything. But running the string of four scanners from TRK as mentioned above found an interesting imposition disguised as a legit autorun file. TRK placed it into the conveniently created and named file "TRK-INFECTED". For some reason I found trk's command line difficult to fathom and in desperation found the INFECTED directory and deleted the file using the GUI from another Linux box (but in retrospect the cli was simple). The offender had been rendered inoperative by having been compressed (if there were other changes made to 'anaesthetize' it I haven't discovered what they were via the documentation yet).

So there it is. TRK finds a bad guy - which onboard Windows scanners missed - and rendered it ready for deletion. Four of the five listed scanners were used, but I'm still after days waiting for the free Avast key to show up via email. A full list of all goodies on board (unique to) TRK is at the TrinityHome page (linked above) if you go to the Documentation, then TRK Specific link...and there's an "all commands" link at the bottom of that list on the left.

by Pete (noreply@blogger.com) at November 04, 2013 03:45 PM

September 26, 2013

Kojo Idrissa

HLUG: New Location! New Plans!!

Starting tonight (2013-09-25), The HLUG Linux Lab will be meeting at a new location:

cPanel

3131 West Alabama St

Houston, Texas 77098

Same time as always (6-9pm). BOLD new things coming down the pike! Go to http://www.houstonlinux.org for more information!

by HLUG Kojo (noreply@blogger.com) at September 26, 2013 01:54 AM

August 19, 2013

Pete Jamison

Going On The Offensive

Continuing with my current theme of best practice advocacy, allow me to openly attack a terrible and unintelligent tendency in computer users, from the novice to the expert. It is an appeal to laziness and an invitation to disaster: the resistance to the OPERATING SYSTEM RELOAD [I'm primarily speaking of the end user machine, but these comments can easily be applied to servers]. Why is an OS reload a good thing?

First, look at the benefits. IF one is prepared for it (with recovery or original system media or both) one gets, at the price of an hour or two, a brand new software load at no cost (which can boost performance by up to 5-10%). Or if you wish, hand the media to some tech and pay the fare and have somebody else do it.

Second, look at the protection. From hacks to lightning strikes to hardware failure to spilling beer into the tower on New Year's Eve, one is prepared for the worst. And a new copy of your system can fix dozens or even hundreds of problems you may not know were present.

Third, consider that in this era of cheapness, manufacturers are not as good at offering reload CDs/DVDs as standard equipment. They can come at extra cost, or often one is expected to get blank media and burn one's own copy with an onboard script, wizard or program; if one forgets to do this and remembers 6 months later, one can only back the system up in its condition at that time and not as brand-new. And a year after buying a computer, recovery media previously available may be discontinued.

Why are OS reloads resisted? For many reasons, none good. There's lack of preparation: to do a reload, one must be prepared to rebuild the whole system, from the base OS to additional drivers and applications, to the configuration of all of the above. If one has not documented any of this, one has work to do (that should have been already done). Then, there's the belief that it shouldn't have to be done more than once. This is uninformed; all system files become corrupt over time due to program interaction, electrical surges, disk location errors, lack of file system maintenance, accidental deletion and so forth. There are no doubt more reasons, but the point's been made.

The moral of the story is to remember that all file storage is somewhat risky. Online internet backup? Great, but there's some security risk there (better than nothing, though). Burning your user files to disk? Great, but the computer itself must be rebuilt with something. The main thing would be to save, build or burn an OS copy at the start. Buy the rebuild disk if you must - immediately. Have disks or installers for your needed apps as well, and special drivers for wireless capability, camera adapters, etc. burned to the same or other media.

All this is more than busy work. It's a free insurance policy. And the preservation of the system (and its value to your work) could be worth far more than the physical computer.

by Pete (noreply@blogger.com) at August 19, 2013 03:30 PM

August 18, 2013

Pete Jamison

In My Limited Experience...

In my limited experience with virtual computing instances, many people of all levels of technical competence miss what I consider the obvious. I could be wrong in how obvious these points are, but here they is:

1) If you have 20 virtual instances on one physical host, that host becomes 20 times more important than it was before. Other things being equal (OTBE), that's 19 more phone calls in the middle of the night than the case of only one, when a physical instance goes down. And these are computers. Go down they will. True, it's only the Administrator who gets those emails or calls, but what if that person is on vacation, doesn't answer the phone... or quits?

2) A virtual instance simulates various hardware components with files representing or standing in for them. This does not eliminate everything. This means that a FEW problems go away, like power supply or hardware-related ram failures (out-of-memory problems will still happen). Other things remain, like ALL the administration issues, jobs and potential worries. ALL OF THEM. Although it's virtual, it's still a computer.

3) I can foresee a day when virtual computers will be more stable and reliable than physical ones. We aren't there yet by any measure at all. Those who rush to virtual computing due to cost alone are slowly finding out that there's no magic bullet here.

4) It's just as easy to underbuild a virtual computer as it is to underbuild a physical one.

5) And as one is dealing with these virtual machines, add in all the other problems of networked arrangements like this ("the cloud" or "the fog"), like security issues, the it-all-goes-away-if-you-don't-pay-your-bill matter, the fact that virtuality does not constitute a backup (you still have to do that yourself unless you have a managed - EXPENSIVE - solution), etc., etc.

by Pete (noreply@blogger.com) at August 18, 2013 06:49 PM

August 05, 2013

Pete Jamison

And a simpler take on "exposure"...

Since my most recent piece on the NSA, there have been more stories of other agencies with data collection programs, plus one on the possibility of remote activation of cell phone microphones (recalling that possibility under certain conditions during the heyday of rotary phones). Whether computers or less complex vectors are involved, I'll repeat some observations I once took to be obvious...

First of all, we should remind ourselves not to do dumb things in general. Here's an article at Bankrate.com about what to do and not do:

Five Ways To Expose Yourself To Identity Theft

Secondly, remember the old movies and TV shows that depict really short telephone numbers and live operators who can overhear conversations? In principle, all communications systems can be party lines. If a conversation is to be private, keep it off of the system (whatever system takes control of the material away from you). And don't discuss it in restaurants or crowded elevators.

Thirdly, if an employer is dumb enough to disqualify you for a job or promotion due to internet remarks, perhaps they don't deserve you. On the other hand, if you're dumb enough to broadcast professionally damaging material about, connected to or from yourself, perhaps they were right to check.

Fourthly, the proper way to handle the legal aspects of information exposure is to start with the reconstitution of the Patriot Act, rolling back its more invasive aspects as mentioned in my earlier post, plus adding big penalties for official abuse of information discovered in "fishing expedition" fashion. The issues here do not concern a particular agency; the issues are about evidence collection as such.

Fifthly, remember that as above, it's not just the agency in the news right now that does information collection. Technology is getting more affordable all the time, such that state and local agencies, less-affluent crooks and even nosy neighbors can buy things with capabilities that were fantasies in 1960's spy movies.

So, don't blame the computer or the phone. We must keep track of what's possible to officials with bad judgement, what's possible in the enacting of bad law, and what's possible when you don't think before you act.

by Pete (noreply@blogger.com) at August 05, 2013 02:06 AM

June 13, 2013

Pete Jamison

Datamining: The NSA Is Not A Problem!

The recent developments regarding an NSA whistleblower who states concern over invasive practices regarding phone calls and other communications of Americans not accused of any crime deserve careful consideration. But don't make the mistake of blaming field agents - or even upper command - of the National Security Agency, the main cryptographic arm of the US Government. They don't make policy. The politicians do, via the most relevant law here, which is the Patriot act, passed during the previous Presidential administration.

The fix is obvious: keep the ability to do traditional "wiretapping" when backed up by a search warrant documenting probable cause. Rein in the newer blanket permissions that don't require probable cause. Bolster punishments for government abuse of gathered information, as in "fishing expeditions". Sure, it would be more convenient in doing search and seizure if lots of pre-gathered information were available, but that wouldn't be reasonable in the case of the innocent.

And remember what's known of the role of the NSA in helping win the cold war. These agents are soldiers, too. They've risked all and sometimes died just like soldiers who operate in the open, but could never receive the recognition that above-ground GI's get. I don't know of any problem with the whistleblower's argument (as I currently understand it) that we should be alarmed if basic freedoms are threatened, but the fix isn't to demonize operatives every bit as valuable as he. If the public gets clear on the value of our lives and persons, and the politicians don't give us the protections we and the constitution require, then we deal with the politicians, not the soldiers.

And the first thing I did in reaction to these events was not to gripe on Facebook or Twitter and not even to post this blog. It was to send $35 to the National Cryptologic Museum. This project works to build a new facility to preserve the history of the NSA, and is near the National Vigilance Park, which preserves listening post aircraft similar to those lost in service. If we forget the significance of our own heroic actions and those of our forefathers, the cost will be our souls.

by Pete (noreply@blogger.com) at June 13, 2013 02:16 AM

June 09, 2013

Pete Jamison

Hurricane Season!!

...which isn't just for the American South anymore, as NYC recently demonstrated. So along my usual lines of best practice suggestions, what would be prudent to think about under the conditions that began June 1st?...

OFFSITE BACKUP LOCATIONS - Yes, there's the net or the network or the cloud or the fog. But if data is pushed somewhere, is it being pushed only down the street where the same flood that hits you hits the data center? And if the data center is across the country or world, how much data creeps across the connection how slowly?

POWER CONDITIONING - Power is certainly a consideration when a blackout removes it. But when power is available, it could be "dirty", fluctuating in damaging patterns and amounts.

PHYSICAL PLANT ISSUES - How's the electricity situation at your site or data center? Is there a generator or secondary source? What about physical security, like the condition of the doors, gates, windows? How about the architecture and condition? What if the roof comes off? Does the place normally leak during heavy rain? (One might stop by sites during inclement weather for inspections).

LOCAL EQUIPMENT - Think about flashlights, flashlight batteries, first aid and storm kits, tools, etc. that might be good to stash around the workplace.

ALARM FAILURE - If power fails or a falling tree physically damages some asset, what's the backup plan? Email or text message communication generated by software will be problematic if the host machine itself can't operate. And is there a secondary plan for the phone contact tree?

GENERAL COMMUNICATIONS - Even if you have an old-style pulse phone in the place (they still work in storms due to their internal magneto), an old-style answering machine still needs AC power to work. And if it's a newer desk phone, it needs AC itself. Does everybody have chargers for their cell phones? Preferably in their cars?

STORED FUELS - As well as diesel or gasoline for the generator, are other fuels needed? Bottled gases or lubricants?

EMP - I don't expect nuclear attack, but other causes of electromagnetic problems are likely, such as sunspot activity or detonation of a transformer on top of a nearby telephone pole. As unlikely as it would be for most assets to need to have Faraday cage protection, some might benefit from that. Most, though, could be protected with less complex or expensive isolation or shielding.

-----

COMING ATTRACTIONS: As soon as I can, I'll get to some projects on which to report, such as recent looks at nMap, CrunchBang Linux and TRK's latest version.

by Pete (noreply@blogger.com) at June 09, 2013 04:14 AM

October 07, 2012

Pete Jamison

Guilty As Charged

I continually discover how many simple things that we in tech always tell other people to do... are still undone by us. So yet again, I am spurred to do another 'best practices' post. But this time, the inspiration came from within the ranks of the techies. I will mention no name in connection to any such foolishness exept my own. If we have good advice, we should take it ourselves.

BEST PRACTICES, version 34.09?

Change passwords regularly and keep a secure master list offline.

Don't use the same password for everything.

Don't be needlessly repititious in other areas, like calling a host the same thing as a domain name. That can confuse people as well as systems.

Do backups of all unique data regularly either offline or on an additional disk.

Don't do "secure" work from public sources like schools, libraries, restaurants or coffee shops. If you need to do that, use encryption on an additional computer that's cleaned often.

Run rootkit hunters, antivirus, antimalware, etc. regularly.

Update the operating system and all APPLICATIONS regularly.

If your activities are tied to a particular OS that's dependent on a particular set of hardware, keep important spare parts around.

Don't get rid of your laptop and desktop, attempting to do everything on your phone. It only takes one drop to the concrete, loss/theft or accidental dive into a public toilet to ruin your whole week. Particularly when there were no backups for 6 months.

Be discreet on social media; delete unused accounts.

Keep webmail accounts lean and backed up. Use more secure options when possible - like paid as opposed to free.

Turn off communications capability when not in use. This can include computers, routers, modems, terminal units, repeaters, gaming devices, etc. To leave everything on for two weeks is a prescription for trouble.

Don't click on a link if you don't know where it's going. And never respond to bank emails; call the bank.

Check your own history. Do web searches on yourself, and for old sites, see what archive.org has on you.

by Pete (noreply@blogger.com) at October 07, 2012 05:39 PM

October 01, 2012

Pete Jamison

How to say lots without revealing sensitive details...?

Hmm. Let's see if I can indicate what I'm working on without violating any agreements... Coming back into an actual, real Unix job after so long, I'm having to review Windows Server 03 and 08... yes, right. And for which there's actually a good rationale. Not only are many customers flying that product (although not as many as CentOS plus RHEL at our shop), but many server problems are conceptually the same. A reboot's a reboot, a password change is a password change, and a brute force annoyance is the same as well in all camps. And another thing's the same: the support surprise. I found out that we were supporting WinServer 2012 when we went into somebody's new build and saw that our build technician had provisioned it. NOBODY TOLD SUPPORT ABOUT IT. We just kinda found out. One or two other products have recently "appeared" on our plate like that. But there's all the things that aren't a surprise, and that the average tech should keep up with anyway: DNS, shell, awk, log locations for server OS's and control panel products, plus networking (and internally constructed "custom" networking). And one surprise is how useful nmap has become. It's almost a whole command family of its own and doesn't any longer have the reputation for instability that it shook during the last decade. It can do much more than find a port; their documentation book is on my buy list.

by Pete (noreply@blogger.com) at October 01, 2012 01:01 AM

August 28, 2012

Pete Jamison

SOME Customers Say The Darndest Things

So I have a new job at a help desk to be named later. It's good to be back in the swing of things and most customers are actually my teachers in a way, since they know far more about their systems than do I (being tech support on rented systems in a physical sense but not being an admin since I have no idea what they're doing, in an applications/productivity sense). And not only can they be teachers. Every so often there's that provider of the unexpected request... "Have you got the log of the file system check?" I'll give you a minute for that one to sink in. Actually, I'll give you three weeks.

by Pete (noreply@blogger.com) at August 28, 2012 02:47 AM

December 23, 2011

Pete Jamison

FOR MINT NEWBIES

I just turned a Windows guy onto Linux Mint and he's having considerable success with it, in spite of being a total novice at Linux. I just came up with a very few things that it might be helpful for a new Linux user to know, regardless of how easy recent distros have made things:

1. Watch the update symbol and do updates every time they're noted in the word balloon notice thingie. Updates are how security holes are controlled in the *nix world, both for the OS and for many applications.

2. Read the manual pages (man command in Terminal) on the commands su and sudo (super user). Some distributions restrict the root account, preferring that you operate as a regular user most of the time. When needed, elevate yourself using su or sudo, then giving the password requested, which will be either the user password or a separate one for 'root'.

3. Use the locate command to do really quick searches in case you lose a file. Remember that it uses a database, which is freshened up (as root) by invoking 'updatedb'.

4. Use apt-get to do fast updates from Terminal. The sequence is

apt-get update
apt-get upgrade
(y for yes to continue or to accept additional required updates)

Of course, the software updater app is there for you as well.

5. If an app, game, utility or other program is present in the distribution's software repository, apt-get is the command to use. It's simply

apt-get install (name of file)

6. Grab an outboard hard drive for backups. Remember that you'll need to reformat it in whatever file system your distro uses; the "format" command is easy to find in the GUI.

7. Speaking of GUI issues, you have choices that outfits like Mac and Windows don't give you. They only have one desktop environment, whereas Linux offers bushels of them. Gnome and KDE are the most common full-featured ones, while there are others like Enlightenment and FluxBox that cater to older and slower systems (requiring less resources to run).


Hope this helps!

by Pete (noreply@blogger.com) at December 23, 2011 09:23 PM

December 01, 2011

Pete Jamison

HOLY CRAP 2.0

So my buddy gets his computer broken into (not hacked - the attacker wasn't that capable) by someone we'll call The Bad Guy. The Bad Guy got a keystroke logger somewhere and sent it to my buddy as an email attachment, which was opened in Outlook (see alternative app/OS suggestions below). Then the Bad Guy spends the next three or four weeks getting info from the logger, collecting passwords, user names, account names and such. Then the Bad Guy hits my buddy all at once (probably during hours when my buddy was known to be off shift and sleeping). My buddy's websites are trashed, his email accounts are hijacked and deleted, and many subscriptions and memberships were cancelled since the attacker could now pose as the membership-holder.

If we leave out online banking fraud (which apparently has not occurred), this situation would be about as bad as it gets. Let's make a list of everything that the victim now has to do to pick up the pieces of his online presence and certain aspects of his personal life.

0. Obtain a different, non-compromised computer.
1. Set up new personal and business email accounts (probably at a paid provider as opposed to at some free service), then inform important contacts via telephone or web forms on their sites.
2. Set up new Facebook, MySpace, LinkdIn, Classmates.com or whatever pages and rebuild all contacts lists.
3. Find account numbers, financial transaction records or bills that prove my buddy's identity to the website hosting company. Re-establish access to the website and rebuild it from scratch (all files deleted and replaced by garbage).
4. Image the hard drive of the compromised computer for later reference and/or legal action if desired and possible. Wipe the compromised computer and rebuild from backups, from OS/driver CDs/DVDs if such exist, or by paying the computer maker or authorized repair place to do it.
5. Bring back all personally created documents and work from backups if such were done. Bring back all application programs from install CDs if possessed.

My readers know me as a Linux guy and will anticipate certain suggestions of mine, but let me think like a Windows guy for a bit. I'm confident that I can do this, and am motivated to do so since many of my colleagues spend most of their time in that world. Now, if I'm a Windows person, I would still need to change my ways somewhat. Let's see how adaptation is possible. My buddy is like most people in that he's only concerned with the work that he needs a computer to do, not with security issues on the machine itself. That's how the problem starts and here's a proposed new strategy:

1. Use the original desktop or laptop as the general use/everyday/casual computer. Get another computer for important stuff. And consider a third one, properly Frankensteined for gaming (let's be realistic here).
2. On the general use computer (and the other ones if they're Windows boxes) load an antivirus product like Norton, McAfee, free AVG or such. Load an anti-crapware product like Malwarebytes, AdAware or such. Load a third party cleanup program like Window Washer or the free CCleaner.
3. Update and manually run on a minimum weekly basis all of the programs I mentioned above. In many senses these programs are not automatic; they have to be operated by the user. Various automatic settings are sometimes included but when viruses are automatically found, they must then be deleted by user action (usually prompted by instructions that pop up - they're easy - follow them!) Windows Update also prompts you. Do all updates - they're free bugfixes and don't take much time.
4. If any of these antivirus or anti-crapware products find anything, get onto the other (Important Stuff) computer and see if you can still get into your accounts. If so, change the passwords, going down a roster of accounts that you've stashed for just such an emergency. You may not be acting in time unless you only log onto important stuff with the Important Stuff computer.
5. OPTIONAL - If you wish to investigate, keep the compromised computer in its compromised condition to be examined or for the hard drive to be copied (imaged) for future reference.
6. Rebuild the compromised computer from operating system and driver CDs/DVDs that you've archived in advance, either from the computer purchase or some backup scheme like Norton Ghost or a competitor of that product, or one of the Windows open source (free) backup products.
7. Consider making the Important Stuff computer an Apple Macintosh, or loading a box up with an easy Linux system like openSuse or Linux Mint, which is now available for free, fast download at

LINUXMINT.COM

You knew that was coming.

I understand that if you require Windows for work files or development, then you might not have the open source option. But just about anything web-based is child's play for a *NIX box. And the two Linux distributions I mentioned above have good, bright update indicators on their desktops (updates are how most security holes are dealt with in Linux) that'll make you pretty safe. Unless you've pissed off the Defense Intelligence Agency or the Russian mafia.

by Pete (noreply@blogger.com) at December 01, 2011 09:19 PM

September 30, 2011

Pete Jamison

Book Review: THE CUCKOO'S EGG by Clifford Stoll

It's the Reagan administration and although your government research job is unrelated to computer desktop and network maintenance, you've had several such duties deposited into your lap, which became several more. Now you're responsible for solving a summation problem in the accounting program that charges other departments for using time on your system (remember the earliest incarnations of 'time sharing'?). The issue is that there's a bit of time that's been used and no one's paid for it. Digging into the relevant sessions, you notice an account that's been used recently, but was set up for someone who departed for another job two years ago. Questioning of that person and others around him or her deletes the original owner from suspicion. You begin attempting to find out how the current user of that account figured out how to use it - and from where...

Clifford Stoll's classic story of involvement in serious espionage messes begins in this massively plausible way. It was recommended to me by an NT-era MCSE; I proceeded to enjoy the book in spite of myself. But although I'd heard from various (inaccurate) sources that it involved "viruses", I was at least a little surprised to read the following lines early in the story:

echo -n "WELCOME TO THE LBL UNIX-4 COMPUTER"
echo -n "PLEASE LOG IN NOW"
echo -n "LOGIN:"
read account_name
echo -n "ENTER YOUR PASSWORD:"
(stty -echo; \
read password; \
stty echo;\
echo "";\
echo $account_name $password >> /tmp/.pub)
echo "SORRY, TRY AGAIN."

This isn't a random vandalism attempt and not a program that's attempting to replicate over adjacent machines. Somewhat obviously, it's a password grabber that appends the grabbed string to a file and then allows the user to proceed to the real logger-inner. It's a purpose-built program to harvest logins for the sneak thief that's arrogated control of an old account to him, her or its self. It was placed there by whoever broke and entered.

Stoll made the commendable decision not to interfere with the sneak, but to observe the sneak's actions over time. Time revealed that although root was attained, backdoors were installed and files were read, not much time was spent actually reading the files. The sneak proceeded over the LAN to other computers and did the same. The sneak wasn't so much interested in the data (which was downloaded by him) but in the network - the connections over which he could travel to other destinations. And they weren't just unclassified science projects like Stoll's astronomy research post; they mostly included sensitive stuff. Stoll began consulting with the three-letter agencies and the plot thickened.

What follows is not only a story of network research in the days before the consumer internet (which is not a terribly large part of the story) but a common litany of woes regarding having to deal not only with spooks that aren't at liberty to say whether you're full of baloney or not, but with layers and layers of middle management that have no power to say 'yes', but plenty to say 'no'. Without giving much away, I'll say that Stoll laboriously traces the sneak out of the building, out of the organization, away from the West coast to New Jersey, over the transatlantic cable and, modem by modem (that's Modulator/DeModulator, junior) into a situation that begins to address diplomatic issues among countries both allied to us and... perhaps not.

There would be many morals here. The first one that occurs to me is not to let responsibility creep get you thrown into prison, let alone rooked out of a fair paycheck. Five stars out of four.

by Pete (noreply@blogger.com) at September 30, 2011 05:00 PM

June 09, 2011

Pete Jamison

Linux Links

Here's some of my favorite links on a favorite subject...

TRINITY RESCUE KIT -
A distribution specifically geared to repairing Windows installs.

DISTRO WATCH -
Follows new releases and updates of old standards.

LINUX QUESTIONS -
Volunteer organization that answers quandries and categorizes them for others to reference

CLONEZILLA -
a distribution recently noted in Linux Journal for effectiveness in backup and mass rollouts

LINUX JOURNAL -
A most valuable authority with a helpful website as well

BACKTRACK LINUX -
A distribution full of tools for penetration testing and data recovery, etc. etc.

FROZEN BUBBLE -
The only game you'll ever need!

by Pete (noreply@blogger.com) at June 09, 2011 12:09 AM

Here's a quote...

...that may express some of my thoughts on programming and on Linux well:


“It is not the strongest of the species that survives, nor the most intelligent that survives. It is the one that is the most adaptable to change.”

- Charles Darwin

by Pete (noreply@blogger.com) at June 09, 2011 12:07 AM

May 14, 2011

Pete Jamison

Got the call again...

And by that, I mean the call from the Windows User to the Computer Person to fix something undetermined. And she was cute, so one will agree and mentally review the steps involved in hopefully saving the day. It's a 2-yr-old-ish Vista laptop and this time, I'm not just doing updates but expecting the worst in the way of poorly written Russian adverts and so on. I'm picking it up on Thursday but forged ahead by downloading a new build of Trinity Rescue Kit.

TRK 3.4 is a Linux distro with a payload of tools aimed at Windows repair. The star of the show is a command-line version of ClamAV. I'm assuming viruses have set up housekeeping, so I'll give it the full treatment (boot from the TRK cd and go online for latest signatures, then run against HDD for three or four hours). But after that's done, the usual list will kick in:

0. Ideally, do backups as soon as one gets to a stable desktop (hope springs eternal)
1. Disk Cleanup and chkdisk (file integrity check)
2. Defrag
3. update and run the anti-junkware (Spyware Blaster, SuperAntiSpyware or whatever)
4. update and run any onboard brand-name Antivirus (or download AVG or something if there's nothing already there)
5. OS updates
6. browser updates
7. Flash update
8. Acrobat reader update
9. any other app updates available

That's the seat-of-the-pants list. Better lists exist; this one's probably all I'll have time for this week. Unless she's really persuasive.

RESULT: The laptop didn't even boot, so she let me have the carcass for parts and the effort (I got an HDD and some memory out of it) and she went with a new netbook. Good to reacquaint myself with TRK, though.

by Pete (noreply@blogger.com) at May 14, 2011 04:03 AM

May 13, 2011

Pete Jamison

Virtualization

The ability to generate software-only instances of an operating system (virtual systems) promises freedom from hardware concerns and an endless amount of no-cost capability, right? Not exactly, but it holds great promise in certain circumstances. Here's my fence-sitting take on the positives and negatives of this new technology.

POSITIVES:
1. Reduced electrical cost (less power supplies to feed)
2. Reduced equipment inventory and space
3. Reduced spare parts inventory and space
4. Simplified rebuild administration (ability to spawn new instances quickly)

NEGATIVES:
1. Heavier hardware requirements for remaining computers
2. Ability to run more systems = greater demands on the admin's time
3. Related to above: possible management denial that virtual machines need attention
4. Related to above: multiplicity of installs may lead to security holes

Reduced cost and space has been the main attention-getter. The more purely electronic and virtual an organization, the less material maintenance is needed on all fronts (not that one could totally get away from it). On the downside, an operation might need newer computers and networking to handle the throughput and ram demands. And responsibility creep might chase away admins who see more systems assigned to them while a manager might be tempted to overrule objections since the new machines (that require configuration, patching, security analysis, monitoring etc. etc.) are "only virtual". And if many instances of disparate OS's are forgotten about after a few rounds of testing, a break-in artist could find abandoned and unpatched opportunities for setting up shop.

I think the obvious conclusion is that whether or not virtualization works is a function of the skill of the administrator(s). To a lesser degree it's a function of whether or not the hardware STILL present can handle the loads. And we should all remember that if more systems are running on fewer devices, then backups (both software and spare turnkey machines) are rendered even more important than they've traditionally been, which is a lot.

by Pete (noreply@blogger.com) at May 13, 2011 08:24 PM

May 12, 2011

Pete Jamison

Virtualization

The ability to generate software-only instances of an operating system (virtual systems) promises freedom from hardware concerns and an endless amount of no-cost capability, right? Not exactly, but it holds great promise in certain circumstances. Here's my fence-sitting take on the positives and negatives of this new technology.

POSITIVES:
1. Reduced electrical cost (less power supplies to feed)
2. Reduced equipment inventory and space
3. Reduced spare parts inventory and space
4. Simplified rebuild administration (ability to spawn new instances quickly)

NEGATIVES:
1. Heavier hardware requirements for remaining computers
2. Ability to run more systems = greater demands on the admin's time
3. Related to above: possible management denial that virtual machines need attention
4. Related to above: multiplicity of installs may lead to security holes

Reduced cost and space has been the main attention-getter. The more purely electronic and virtual an organization, the less material maintenance is needed on all fronts (not that one could totally get away from it). On the downside, an operation might need newer computers and networking to handle the throughput and ram demands. And responsibility creep might chase away admins who see more systems assigned to them while a manager might be tempted to overrule objections since the new machines (that require configuration, patching, security analysis, monitoring etc. etc.) are "only virtual". And if many instances of disparate OS's are forgotten about after a few rounds of testing, a break-in artist could find abandoned and unpatched opportunities for setting up shop.

I think the obvious conclusion is that whether or not virtualization works is a function of the skill of the administrator(s). To a lesser degree it's a function of whether or not the hardware STILL present can handle the loads. And we should all remember that if more systems are running on fewer devices, then backups (both software and spare turnkey machines) are rendered even more important than they've traditionally been, which is a lot.

by Pete (noreply@blogger.com) at May 12, 2011 05:20 PM

November 09, 2010

Pete Jamison

Hardware Adventures

I just got a two-year-old off-lease Dell Optiplex GX520 (one of that boxy-looking line of desktops) and when it arrived I prepared to blow away the included build of WinXP for something else, since I already run that system for purely educational purposes and didn't need another instance of it. I got a surprise as I ran the system before erasing it. The DVD-ROM drive didn't work. So how to load a new system onto the box - not to mention finding the solution to the malfunction (assuming no flash drive load or network install)?

This is an important question for the open source community, inveterate OS reloaders that we are. The Optiplex line is huge and it appears to me that there might be a motherboard issue here that will be an issue in Linux loading - but I'm getting ahead of myself. Here's what happened as I examined XP performance and loaded (full disclosure here) Win7. [Again, for educational purposes! You can't criticize if you're not experienced.]

From an educational source I'd gotten the Win7 upgrade disc and it was to load on top of the XP load present on the 520. Remember, XP either didn't have a driver for the DVD-ROM or there was a plain hardware failure (a Dell driver CD was not provided with the purchase). I proceeded with the Win7 loading by using a USB outboard DVD burner (with proper BIOS setting for boot-from-disc) and then did the updates. The original inboard DVD-ROM still didn't work after a few reboots.

But after a few MORE reboots and the phone ringing in the other room, I returned to see a word balloon in the bottom right corner of the screen announcing a driver update from somewhere (presumably Windows/MS Update). I allowed it and the inboard transport instantly worked.

If a particular piece of software is needed for the box to see and run the ROM drive, this may indicate a need for the open source OS's to be amended accordingly. On the other hand, maybe there exists in the Linux, BSD and/or OSX worlds a generic driver that works just fine. I don't know. What I do know experimentally is that Win7 eventually recognized and updated the issue itself, without my consulting the Dell site for drivers... which I might still need to do for other issues.

I don't recommend staying away from Optiplexes. I'm just putting this your-mileage-may-vary note out there. It's very possible that the problem has already been solved by all concerned parties and there really aren't any reloading problems here. I'm just surprised that Win7 either knew what to do or figured it out. I hereby grudgingly give credit where credit is due.

(Update of 11/8)
So the driver still appears, goes away and then reappears. But the cause is now known. I looked up the Optiplex model on Dell's support site and it turns out that there is no official Windows 7 driver for this model's transport - but that doesn't keep Windows Update from trying. So I'll just continue to use the outboard unit for burning and trust in some programmer in Austin or somewhere to come through for me eventually...

by Pete (noreply@blogger.com) at November 09, 2010 03:35 AM

October 01, 2010

Pete Jamison

"A man's gotta know his limitations." - a famous Clint Eastwood character

Radio ads are now being heard in my area touting something called "Xfinity Home Security" from Comcast cable. The idea is that it would be really great to be able to control a home security system from your smart phone. I'm afraid this indicates that online convenience will soon prove more popular than security, even within the security products market - truly a new irony. If Comcast saw a potential market for such a thing, consider the possibilities...

Assume that the application security issues are solved (the code is secure). That leaves out any problems with the remote interface and the installed app at home. Let's also assume that the Internet Service Provider's servers are properly maintained and in secure configuration. And since this is an extension of ADT home security, we'll assume that there are no problems on their end (any and all physical and software interfaces). What does that leave? Well, at home, it leaves the thing that the (secure in this example) stuff is installed TO, namely the home computer. This is a computer not maintained by Comcast or by ADT or by the ISP (although their systems are possibly impeachable in other examples). This computer's Administrator Of Record is Joe Sixpack, probably with a few wife/kid computers on a $79 router. The last such computer that I looked at for somebody was as secure as a screen door on a submarine.

[Observe: To get into secure app XYZ on user's computer, obtain access to the base Operating System. Since this machine is running a series of security devices, assume 24/7 online stance. This gives you lots of time to run a... "password recovery program". Or to look for cached login info from OS to app. Bingo. You get into the secure app from the OS that the home user failed to configure correctly or patch regularly. This resembles the MANY examples of an outfit getting invaded through a telecommuter workstation left up and online.]

{Another aside: If you replaced the user machine in the above scheme with an appliance, that would eliminate my main objection. Not that appliances haven't had updating and hardening problems, though...}

The larger point? We from the Unix/open source side would not immediately have these problems since all the linking apps aren't available for Linux, Solaris or such. But the problem that remote access for home security poses is that it's not the systems that pose the biggest chance for failure. It's the judgment of the user. It's what the user has authorized to run locally. It's whether or not one should have remote access to things like history logs that record when a door was opened/closed over the last 60 days. Or streaming video in the garage or kitchen. Linux or OpenWhatever can solve lots of problems when replacing systems less secure, but it can't make the user smarter. This is our Limitation as open source advocates: open source can't fix everything. Not only must we evangelize about some system choice where possible; we must warn against giving out one's email address too much, or clicking on a strange web link, or opening that attachment. Those are problems in any system configuration, use or policy stance.

by Pete (noreply@blogger.com) at October 01, 2010 04:31 PM

September 27, 2010

Pete Jamison

User Experience Report: OpenSUSE LINUX 11.3

Briefly, here's how I've spent some of the last two days: on a 2004-vintage 2.7ghz Celeron (HP) with 3/4 gig of ram, I've kicked the tires on openSuse.org's latest offering and there's good news and bad.

On the bad side, around a half dozen reboots were required for all the hardware detection to appear to have completed satisfactorily. Also, in spite of the networking section getting out to the internet after a boot or two, the app that looks for updates still hasn't seemed to have found any. I'll try the many command-line options soon out of impatience.

On the good side, the interface is slick and many included apps perform acceptably well. Audio CD played back with no reconfiguration, startup chimes and confirm tones were present and consistent, reboot time sped up after a few instances (it might be saving last-known-good-state info in many places), and OpenOffice was pretty quick and stable even during first use setup.

Too early to tell, really, but at the moment it looks like I'd rate 11.3 as similar to other recent offerings from the Novell/SUSE camp: a worthy contender but needs polish. I've not had quite this many bumps even from recent Fedoras, let alone Linux Mint or other Ubuntu variants. Another thing: I'm covering the simple desktop stuff for a reason. If one wants to impress the Windows people who are coming over out of curiosity, the simple stuff has to work. I realize that I could use rpm or yum command lines and that it might be better to do so. But if an Updater Applet is right there in the tray waiting to be used, it should work. And in 11.2, it DID.

Next project will probably be to get the newer laptop thrown together and install BackTrack 4 to the HD and frolic through that famous and extensive tool collection. Oh, and the Celeron 2.7? Back to CentOS!

by Pete (noreply@blogger.com) at September 27, 2010 12:14 AM

September 23, 2010

Pete Jamison

This Is What I'm Talking About

Here's a quote from Chapter 5 of the Eric Raymond book (The Art Of Unix Programming) that I'm reading without actually being a programmer:

"In the following discussion, when we refer to “traditional Unix tools” we are intending the combination of grep(1), sed(1), awk(1), tr(1), and cut(1) for doing text searches and transformations. Perl and other scripting languages tend to have good native support for parsing the line-oriented formats that these tools encourage."

This is from the 'Data File Metaformats' heading in the chapter entitled "Textuality", touting the value of things being done as widely-understood text streams as opposed to the use of relatively more cryptic closed methods.

Simply referring to such a concept of "traditional Unix tools" helps reinforce what newcomers to Unix methodology are seeking to learn. This would also hold up in greater relief the point of contact between the Windows command line and Unix, as tools have been ported from one world to the other, and can be available for use in both.

by Pete (noreply@blogger.com) at September 23, 2010 05:42 PM

September 07, 2010

Kojo Idrissa

First Tuesday = Linux 101!

It's the first Tuesday of the month and THAT means Linux 101! Come to HAL-PC and learn from Charles Olsen, a member of the HLUG SIG and one of the hosts of the Mintcast podcast!


You KNOW you want to...

by HLUG Kojo (noreply@blogger.com) at September 07, 2010 06:33 PM

August 10, 2010

Pete Jamison

Some Resource Links For Yez

Dell Vostro V13 laptop (Ubuntu option available):
Click!

System76 desktop, laptop and server models w/Ubuntu:
Click!

Are you a business and want SUSE with support included (BYO hardware)?
Click!

Note: I hold no stock or other financial interest in any of these concerns BUT I WISH I DID.

by Pete (noreply@blogger.com) at August 10, 2010 05:23 PM

August 09, 2010

Pete Jamison

Kinda Linux But More Of An Open Source Posting (as usual lately)

...But linux IS involved! My past as a users' group president in Linux Land is not at all being denied here; I just digress lots. See what you think:

Our pals at LINUX JOURNAL put out this word about the OpenSolaris issue not long ago. It's not an alarmist article; it raises legit questions about whether Oracle values Unix dreadnought Sun's legacy or not. Well, aside from the decision whether or not to continue making certain code chunks widely available through OpenSolaris, Oracle seems to be trumpeting the virtues of the main event clearly enough.

Now there's this. The Illumos initiative may save the day.

My take on all this is that within the OpenSolaris orbit, projects like Nexenta were valuable to Solaris for general Unix PR, as well as for its own products. Nexenta in particular could get Linux people interested in toying with things like ZFS if only due to the Debian tools included, not the least of which is apt-get (and it works!! at least on SOME of my loads). This appeals to my if-it's-Unix-it's-cool ethic. The problem with continuation of the OpenSolaris project would be that Oracle might not be so forthcoming with the big section of proprietary code that's in OpenSolaris and that Oracle now owns. Illumos would solve that quandary if successful. I usually worry about distro forks, but this might be a good one - if one can even call it a fork.

ON A RARE PERSONAL NOTE: Some of you know that I work for an outfit that has a "boonies" location and a "Central" location and that I've been in the boonies for awhile. I AM NOW at Central! Thank you for your discretion.

by Pete (noreply@blogger.com) at August 09, 2010 10:48 AM

July 21, 2010

Kojo Idrissa

It's Wednesday!

That' means Linux Workshop at HAL-PC from 6-9pm. Bring your computer and learn about Linux!

Also, don't forget about Technology Bytes!

Technology Bytes:
8-10p CST 90.1FM on your radio. Or take your web browser or stream catcher to www.kpft.org or http://www.geekradio.com/

by HLUG Kojo (noreply@blogger.com) at July 21, 2010 07:28 PM

July 18, 2010

John Lightsey

GPG Key Transition

I'll be attending both DefCon and DebConf this year, so I'm figuring this is as good a time as any to get my GPG key updated to something stronger than 1024 bit DSA. I've put a transition statement online as seems to be recommended.

July 18, 2010 02:46 PM

July 15, 2010

Kojo Idrissa

O'Reilly Ebook Deal of the Day: "Python for Unix and Linux System Admin"

If you're reading this, you have SOME interest in Unix and/or Linux. At least, I hope so. So, how could you pass up this title for only $9.99?!? I couldn't. It helps that I also got "Learning Python" for $9.99 not too long ago.


Use discount code: DDPUX

Today only! Sorry I didn't get this up earlier.

by HLUG Kojo (noreply@blogger.com) at July 15, 2010 12:16 AM

July 06, 2010

Kojo Idrissa

Linux 101: TONIGHT!

It's the first Tuesday of the month and THAT means Linux 101! Come to HAL-PC and learn from Charles Olsen, a member of the HLUG SIG and one of the hosts of the Mintcast podcast!

It's the perfect place to start learning about Linux!

by HLUG Kojo (noreply@blogger.com) at July 06, 2010 07:57 PM

July 01, 2010

Kojo Idrissa

Ebook Deal of the Day – Only $9.99 Learning Python, 4th Ed.

Not a commercial, but I thought this book (and the last one I mentioned, Linux in a Nutshell) would be of interest to people who check out this site or the Houston Linux site.


Here's the book's page:
http://oreilly.com/catalog/9780596158071/

Python is a GREAT language, used in lots of places, including Google and NASA in Houston (Johnson Space Center)
Use discount code: DDPYT

TODAY (7/1/10) ONLY!!

by HLUG Kojo (noreply@blogger.com) at July 01, 2010 07:25 PM

June 29, 2010

Kojo Idrissa

O'Reilly e-book deal of the day: Linux in a Nutshell: $9.99

Go here:
http://oreilly.com/catalog/9780596154486/

Use discount code: DDLN6

Today only!

by HLUG Kojo (noreply@blogger.com) at June 29, 2010 07:36 PM

June 23, 2010

Pete Jamison

I GIVE UP (not)

I've been, in piecemeal fashion, giving a review of Eric Raymond's book "The Art Of Unix Programming" and I must confess that it's tough going for someone who codes as little as I do. I at this point only know some basic shell and basic HTML, and to get the most out of Raymond's work, one must code in something more heavyweight such as one of the C's or Perl or even OO things. Raymond, now, will be critical of object-orientation in places but even that would help since most points the book makes are universal (among programmers).

Here's the two places I've been using to read the book online:

faqs.org
catb.org

See? See? I can at least code that.

As Raymond says in one of the intro sections, the book can benefit people that can at least understand that the Unix tradition might have something to teach them. It's not much help if you want to know about kernel application programming interfaces or C programming specifics. Even if you skim the hard parts and only absorb the culture, it can help one understand the Unix/open source ethos, and would be particularly helpful if you're coming from the object-oriented world to a Unix-based project.

I'll keep reading it but for purposes of this blog will move on to other topics - no doubt returning to this one from time to time, if only to rip off another Ken Thompson quote from Raymond.

by Pete (noreply@blogger.com) at June 23, 2010 04:29 PM

May 31, 2010

Pete Jamison

Two Reviews (short)

In the middle of the other stuff I've promised here, lemme get two things off my chest: my experiences with the Mike Meyers "Passport" series study guide to the CompTIA Security+ certification exam, and a late experience with Fedora 12.

The Meyers series Security+ guide that I picked up used for about 3$ was worth a little more than that, considering that it came with a CD that had two practice exams (Windows-only reader, though). But although it knocked out the cobwebs regarding a few familiarity issues with me, my impression was that the questions (and perhaps the direction of the exam itself, which I've not yet taken) were so obvious that (on a test based solely on the book) one could get 75% without reading the book at all. I've switched to the Greg White book from McGraw-Hill for the current test (201); I'll give an impression of that one when possible.

The other issue I need to note: when downloading Fedora 13, I realized that I'd been doing it on a box with no burner. So I USB2'd an outboard Iomega and chose Brasero and then... stopped in my tracks about 5 minutes later. What's the matter with this picture? No reboot. No requests to install stuff. No error messages. Brasero didn't balk. NOTHING WENT WRONG. I burned the F13 install DVD while doing two other things and not paying attention. PLUS I used the full-install version of the DVD (not the live DVD or CD) to upgrade without disk wipe and there were no problems there, either. Not like a few years back when I trashed at least two installs that way.

People, Fedora is starting to work like a Mac. I'm sure many of you already experienced this or simply wonder what I'm behind about, but my job forces me to use... other stuff from You-Know-Who. So I've never had a lot of time to do testing. Way back when, many OS maintainers on the Linux side were criticized for having an attitude toward users that slammed those who wanted things to work and set up easier. Well, they seem to be getting the point at the Fedora Project, or were never in need of the point in the first place. My compliments to all concerned.

Back to the Eric Raymond book as soon as I get time.

by Pete (noreply@blogger.com) at May 31, 2010 05:12 PM

May 12, 2010

Kojo Idrissa

Wednesday Night is Tech Extravaganza in Houston!

Sorry, I've been away for awhile. But you know what hasn't gone ANYWHERE?

HOUSTON'S WEDNESDAY NIGHT TECH EXTRAVAGANZA!!!!!!!!

HLUG Linux Workshop: 6-9pm at HAL-PC.

Technology Bytes:
8-10p CST 90.1FM on your radio. Or take your web browser or stream catcher to www.kpft.org or http://www.geekradio.com/

by HLUG Kojo (noreply@blogger.com) at May 12, 2010 11:17 PM

April 24, 2010

Kojo Idrissa

4th Saturday HLUG: BASH the command line!

Hello all! I've been away for a bit due to illness and some other issues, but I'm BACK! Just in time to tell you about the next Saturday HLUG meeting. The focus on command line wizardry continues, delving further into the mysteries of the Bash shell. For this wizardry, there's no wand required!

2-4pm at HAL-PC. Where's that? It's right HERE!

by HLUG Kojo (noreply@blogger.com) at April 24, 2010 03:43 PM

April 10, 2010

Kojo Idrissa

2nd Saturday HLUG: Command Line POWNS you!!

2-4pm today is the standard 2nd Saturday HLUG meeting. We plan to have some examples of some compound
commands using scripting. Also, how to do a backup of a partition using the command line.

HOWEVER, there's a NEW SIG meeting on Saturdays (2nd/4th) from Noon-2pm that's going to focus primarily on Linux shell scripting/CLI. We are using the Linux Phrasebook by Scott Granneman as the guide for the SIG.

Come and enjoy!

by HLUG Kojo (noreply@blogger.com) at April 10, 2010 04:23 PM

April 07, 2010

Kojo Idrissa

I KNOW you didn't forget...

...that Wednesday night is Tech Night in Houston, did you? Linux Workshop at HAL-PC 6-9pm PLUS Technology Bytes on KPFT 90.1 FM or www.kpft.org from 8-10pm.

Consider yourself reminded.

by HLUG Kojo (noreply@blogger.com) at April 07, 2010 06:12 AM

March 31, 2010

Kojo Idrissa

Today is Document Freedom Day!

From their web site:
Document Freedom Day (DFD) is a global day for document liberation. It will be a day of grassroots effort to educate the public about the importance of Open Document Formats and Open Standards in general.


Go to http://documentfreedom.org/ to learn more. If you've ever had trouble opening a text document or spreadsheet or anything else because you created it in an older version of software (Word/Excel/WordPerfect/Lotus/Powerpoint etc), you understand the need for document freedom.

So, go to http://www.openoffice.org/ to learn more about a FREE (as in, you don't have to pay for at AND all the freedoms from the LGPL.

If you're STILL not clear on what all this "Document Freedom" stuff is about, there' still time to stop by the HLUG Linux Workshop (6-9pm tonight at HAL-PC) OR to call in to Technology Bytes tonight from 8-10pm on KPFT FM 90.1

You know you want to. :-) Documents want to be FREE!!

by HLUG Kojo (noreply@blogger.com) at March 31, 2010 11:45 PM

Quick Reminder: Wednesday Night Tech!

Linux Workshop at HAL-PC tonight. 6-9pm. Technology Bytes on KPFT 8-10pm.

by HLUG Kojo (noreply@blogger.com) at March 31, 2010 08:51 PM

March 27, 2010

Kojo Idrissa

4th Saturday HLUG: MORE Command Line Power of the Ancient Wizards!!

This afternoon we'll be continuing the CLI goodness that was started 2 weeks ago. Do you want MORE? Get it? More? It's a CLI command...

*crickets*

Ok, I'll MV on. Gonna end this post now. Keep it short. Sometimes LESS is MORE.
:-)

See you today at HAL-PC from 2-4pm.

by HLUG Kojo (noreply@blogger.com) at March 27, 2010 04:43 PM

March 24, 2010

Kojo Idrissa

Wednesday Night Tech Boogie!

Short post.

Tonight you should do two things:
1. Go to HAL-PC for the HLUG Linux Workshop to get all your Linux needs met. It's from 6-9pm, just like every other Wednesday. While you're there, talk to Rick about becoming a HAL-PC member.

2. Tune in to Technology Bytes on KPFT 90.1 FM from 8-10pm to get any other computer questions answered. Feel free to hop into their IRC channel to join the show within the show!

That is all!

by HLUG Kojo (noreply@blogger.com) at March 24, 2010 09:04 PM

March 17, 2010

Kojo Idrissa

St. Patrick's Day: Did you know he also loved Technology?

You should already know what Wednesday night in Houston means: HLUG's Linux Workshop at HAL-PC! 6-9pm. Get ALL your burning Linux questions answered! (and they DO burn, don't they?!?)

HAL-PC is here. If you have trouble getting into the building, call the main number at 713.993.3300.

ALSO! Don't forget to tune in to Technology Bytes, on KPFT 90.1 FM or over 'teh internets' tonight from 8-10 to get all your OTHER computing questions answered.

Don't drink too much green beer!

by HLUG Kojo (noreply@blogger.com) at March 17, 2010 11:28 PM

Pete Jamison

Review Preview #2

Another jewel from Eric Raymond's "The Art Of Unix Programming" ---

"Computer hardware was at that time more primitive than even people who were there to see it can now easily recall."

Preach it, brother.

by Pete (noreply@blogger.com) at March 17, 2010 06:03 PM

March 13, 2010

Kojo Idrissa

2nd Saturday HLUG: Command Line Power of the Ancient Wizards!!

Today the discussion will focus around the CLI (Command Line Interface) of Linux. It's going to be all about Shell Scripting. For those not aware, the command line (the thing that looks like a DOS prompt? No pictures, just text commands you have to type in) in Linux is called Bash (short for Bourne Again Shell), which is an improvement on the original Unix Shell. I'm not sure how much history Ron will go into today.

In any event, gaining True *nix Wizardry begins with a basic understanding of Shell scripting. There's a tremendous amount of flexibility, power and convenience that can be found at the CLI. Ron will start to unveil those mysteries today! It's like your first year at Hogwarts, or the Jedi Academy. Or something.

Another note, the rumor is the NEXT Saturday HLUG meeting (two weeks from today; 4th Saturday) will be for paid HAL-PC members only and may or may not include DOOR PRIZES. That's something HAL-PC SIGS have been famous for over the years. I've got a copy of Office 2003 Pro floating around, among other things, that I got as a HAL door prize. More details on that as they become available.

Expecto Patronum!!

by HLUG Kojo (noreply@blogger.com) at March 13, 2010 04:18 PM

March 11, 2010

Kojo Idrissa

Sorry for the March 10th blast!

I was editing/updating some things here and a lot of those posts got reposted en mass to the Houstonlinux.org blog. Sorry about that.

BUT, it does give you a chance to catch up on what you may have missed! :-)
*points at silver lining*

by HLUG Kojo (noreply@blogger.com) at March 11, 2010 09:56 AM

4th Saturday: Linux SIG takes on Social Networking!

Look, Linux folks ARE social! Stop by HAL-PC Saturday from 2-4pm and learn to network! From your linux box!

The subject is Social Networks the names are
1. FaceBook: Val
2. Meetup: Rick
3. Linked In: Jorid, Joey

What we do not have time for this week, can be continued
on the next meeting.

Ron


Kojo (that's me!) was supposed to discuss Twitter and LinkedIn, but won't be able to make the meeting this week. Next time!

by HLUG Kojo (noreply@blogger.com) at March 11, 2010 01:09 AM

What IS the HLUG Linux Workshop?

I'm glad you asked! The Wednesday Night Workshop (WNW...not to be confused with Neverwinter Nights...NWN) is where people with questions about, trouble with or interest in Linux get together to work it all out! Bring your computer/keyboard/mouse and we'll supply the monitor/power/network connection (wired and WiFi) and get things taken care of!

Trying to install Linux? We can help! Got Linux installed, but can't get a piece of hardware working? We can help! Need to get a certain piece of software installed or configured on your Linux install? We can help! Want to dump your other OS and replace it with Linux? We can help!

Wednesday nights, 6-9pm at HAL-PC Global HQ!! Followed by dinner...somewhere.

ALSO! Be sure to tune in to Technology Bytes Radio, ALSO Wednesday night from 8-10pm. And don't miss the Geek Gathering, this Friday at The Coffeegroundz!

by HLUG Kojo (noreply@blogger.com) at March 11, 2010 01:07 AM

HLUG Linux Workshop: It's already started!!

It's Wednesday night, so you should know the drill by now. Get thee to HAL-PC and partake of the Linux Workshop goodness! Get help with thine own vexing Linux questions! Assist others with issues that, verily, cause them to be vexed.

Basically, we're trying to avoid and eliminate all things "vexing". 6-9pm. Dinner/socializing afterwards, to be announced at the Workshop.

ALSO! Do NOT forget about Technology Bytes. 8-10pm on KPFT or live streamed over the internet(s), if you're not in the Houston area. Speaking of Technology Bytes, if you didn't attend their last Geek Gathering, here's what you missed. The lovely woman in the first picture is Victoria Leigh, model/photographer/makeup artist. The smiling man next to her is her husband. He works for Ubuntu, dealing with OpenOffice.org bugs. See what Linux can do for you? I'm just saying. Don't blame me, it's not like I didn't tell you! The Geek Gathering's are the first Friday of every month at The Coffeegroundz.

That is all.

by HLUG Kojo (noreply@blogger.com) at March 11, 2010 01:07 AM

2 views of last Saturday's Samba SIG

What'd you miss last Saturday?

Rick Archbald says:
W/o Rob't spotswood (sick), the Samba SIG didn't make much progress on
the mail server project. We did convince ourselves that KirraMail
doesn't install easily & isn't worth fighting w/ for having a 2nd mail
server on the network. We also discovered that the last release of
VMware 2.0 is useless. If we knew that either VBox or VMware would
save the complete state, including RAM, of a VM (this may be a
"stupid" question), then we could run Kirra in a VM, & have it have
some continuity.


Ron Lyle offers this view:
We built a vmware KerraMail mail server just to see if we could set up a mail server. The samba SIG went well and I found thanks to Rick, some Google special searches under UNIX (google/linux, google/gov, and google/bsd) We learned that vmware doesn't do snapshots and virtual box does.


They'll be back at it on the 3rd Saturday of the month. That's the 19th for those scoring at home.

by HLUG Kojo (noreply@blogger.com) at March 11, 2010 01:06 AM

Samba: TODAY from 2-4!!

The quest to build an ISP-grade mail server continues! Stop by HAL-PC to join in on the fun and learning! Tech up!!


- Posted using BlogPress from my iPhone

by HLUG Kojo (noreply@blogger.com) at March 11, 2010 12:58 AM

March 10, 2010

Pete Jamison

Review Preview: one of the most universal of truths...

(This is from Eric Raymond's The Art Of Unix Programming, which I'm currently reading.)

"The most basic argument for prototyping first is Kernighan & Plauger's:
90% of the functionality delivered now is better than 100% of it delivered never”.

by Pete (noreply@blogger.com) at March 10, 2010 02:52 PM

March 04, 2010

Pete Jamison

News Item

It appears that Oracle is being a good neighbor with respect to open source-ing some things, or rather continuing to (subsequent to the Sun acquisition). This story indicates that the OpenSolaris project will undergo basically no change and that a commitment is being made to its future. Certainly this will benefit Oracle by the encouraging of experimentation with file systems and software features now under its control (like ZFS, the combined file system and LVM) but I see the continuing maintenance and free availability of any decent (-nix-oid) system as a good thing. In the words of the nerd-rock band DEVO, "duty now for the future"!

by Pete (noreply@blogger.com) at March 04, 2010 02:51 PM

March 01, 2010

Pete Jamison

The Anti-Book-Review Times Two

Since I have two computing-related books to review and have not finished them yet, I'll let you in on the locations thereof. Both have online free versions in various places; here's some that I know about.

THE ART OF UNIX PROGRAMMING by Eric Raymond

Mr. Raymond has been around programming since way the hell back and offers this best-practices book that can do at least three things: document the early computing culture, acclimatize programmers to the Unix world that may have come from other environments and focus the efforts of other programmers who are Unix-native. Here's one of the book's many online homes:

Click HERE

NMAP NETWORK SCANNING
The Official Nmap Project Guide to Network Discovery and Security Scanning
by Gordon “Fyodor” Lyon

Living at the venerable nmap.org, this is a less-than-complete version (buy it to get everything) but this version is merely lacking in all examples and extended discussions. All the basics are here. The tool's free and the bad guys use it, too, so if you're a White Hat Wannabe like me, you have no choice but to get right with Nmap.

Click HERE

So now, let's see if I can finish these before you do - and before you scoop me on your blog.

by Pete (noreply@blogger.com) at March 01, 2010 09:48 PM

February 27, 2010

Kojo Idrissa

SAMBA SIG Updates

Here's what you missed last Saturday at the SAMBA SIG (and yes, I DO alternate my capitalization of "Samba". Sue me) We're continuing our goal of building an ISP-Grade mail server.

Today we got the spam script working and spammed our new server. Over a 100 MB
connection, it took about 14.5 minutes to send 10,000 messages. During that
time, CPU usage on the mail server shoot up to around 90%. However, even
during the storm, the webmail interface was still responsive. Nevertheless, it
showed that we need anti-spam measures.

In order to get the spam script running, we used another machine, then booted
with Knoppix 6.0.1 and installed sendmail (what the script requires). Knoppix
5.3.1 would not work with sendmail for some reason.

In the next meeting, we need to try to add some polish to our testing mail
server. The current list of items to address is:

1) Anti-spam measures and anti-virus measures. Current plans are to use
Amavis. It will be interesting to see what the load is on the server if we
repeat the spam storm with the measures in place.

2) Implement quotas. We can't have one user fill up the hard drive.

3) Change the squirrelmail url to something better and more standard, such as
webmail.samba.lan.

4) Install a list manager. Mailman has been suggested.

It is likely it will take more than one meeting to accomplish all this.


Join in in two weeks!

by HLUG Kojo (noreply@blogger.com) at February 27, 2010 12:51 AM

February 24, 2010

Kojo Idrissa

Wednesday Night Linux Workshop

Wednesday night means Linux Workshop at HAL-PC, 6-9pm.

Be there!!

- Posted using BlogPress from my iPhone (which runs a version of OS X, which is a *nix)

by HLUG Kojo (noreply@blogger.com) at February 24, 2010 11:34 PM

February 20, 2010

Kojo Idrissa

Samba SIG Updates: "In our last episode, our heroes..."

Here are the notes from the February first Saturday Samba SIG meeting. Remember, the third Saturday is THIS Saturday! 2-4pm at HAL-PC in SIG Room C.

Pardon the bad formatting, I'm in a bit of a time crunch. I'll try to beautify it later.


Today work continued on the mailserver. Robert attempted to set up three interfaces to manage the users without resorting to raw sql statement and got two of them working. GRSoft MailManager is working and is a web based front end. Ispwebadmin we never got working. The final one is a bash script by manu that, although limited, works just fine. While this one won't be used much, it does leave open the possibility for a mass setup of email accounts with a little hacking of the script.


We also got squirrelmail working too. Next up is one of two things, to be decided on in the coming two weeks:


1) Set up a test network with some kirramail servers to test out the postfix mail server and make sure everything is working.

2) Set up virus and spam filtering on the new mailserver. We've got a volunteer to be the evil spammer. He will try to counter our measures to block spam (on the test network). He will have the advantage on knowing what countermeasures we are using.



Come join in !!

by HLUG Kojo (noreply@blogger.com) at February 20, 2010 06:39 PM

December 29, 2009

Pete Jamison

Well, happy December and stuff!

First, some housekeeping details: you may have noticed that I don't update quite as often as in the past. I am no longer an officeholder at the Houston Area League of PC Users, but that organization continues improvement efforts and reorganization as we speak, or type (check their site for the latest).

Second, I continue to press onward with technological interests such as the open source movement, computer security, backup methodology, unusual internet content, publishing, et cetera.

Thirdly, I'll use this blog to prognosticate and pass on interesting tidbits to whomever reads this blog, as well as for my own use (as an online link repository, for example).

Upcoming topics here may include...

The Nmap book by the Nmap guy
BackTrack 4 final release changes and progress
Recent TRK changes and improvements
Adventures In Learning Perl (hopefully without attacking competing languages much)
Adventures In Deleted File Recovery (or Oops I Did It Again, and in a different oddball file format this time)

So stay tuned and let's see what I come up with.

by Pete (noreply@blogger.com) at December 29, 2009 06:20 PM