Archive for the ‘Tutorials’ Category
Raw, Encrypted Tunnel with OpenSSL and NetCat
I use netcat on my local network to transfer files very quickly without the overhead of a more complex protocol.
Just for those who don’t; here’s how:
on my home server, i transfer “myfile” on port “1024″ to the computer named “MacBook”
root@homeserver:~# nc MacBook 1024 < myfile
and on my mac, i receive “myfile”, listening on port 1024
MacBook:~ ejes$ nc -l 1024 >myfile
this works, and is fairly quick. if you need some validation that the file received is the original file, you can use md5 on Mac, and most BSDs;
MacBook:~ ejes$ md5 myfile MD5 (myfile) = 47f7f451e2e6d462a35a3d88b594e283
and md5sum on Linux.
root@homeserver:~# md5sum myfile 47f7f451e2e6d462a35a3d88b594e283 myfile
Sometimes, however, I need to send a file, quickly, ad-hoc across the big ol’ scary internet. this means that i’m sending “private” information across a “public” network. I hate doing that, because anything on the the internet is subject to snooping.
What can we do? Encrypt our transfer. Thankfully, OpenSSL has the ability to help us do that.
So, to repeat the same transfer as above, but encrypted. We setup our “listener first”, I’m listening on my mac, but the same command line would work in most BSD flavors:
MacBook:~ ejes$ nc -l 1024 | openssl enc -d -aes-256-cbc -out myfile enter aes-256-cbc decryption password:
and on the sending machine you need to use:
root@homeserver:~# openssl enc -e -aes-256-cbc -in built | nc MacBook 1024 enter aes-256-cbc encryption password: Verifying - enter aes-256-cbc encryption password:
Of course OpenSSL supports plenty other encryption methods than aes-256, so feel free to explore. list-cipher-commands should help.
root@homeserver:~# openssl list-cipher-commands aes-128-cbc aes-128-ecb aes-192-cbc aes-192-ecb aes-256-cbc aes-256-ecb base64 bf bf-cbc bf-cfb bf-ecb bf-ofb camellia-128-cbc camellia-128-ecb camellia-192-cbc camellia-192-ecb camellia-256-cbc camellia-256-ecb cast cast-cbc cast5-cbc cast5-cfb cast5-ecb cast5-ofb des des-cbc des-cfb des-ecb des-ede des-ede-cbc des-ede-cfb des-ede-ofb des-ede3 des-ede3-cbc des-ede3-cfb des-ede3-ofb des-ofb des3 desx rc2 rc2-40-cbc rc2-64-cbc rc2-cbc rc2-cfb rc2-ecb rc2-ofb rc4 rc4-40 seed seed-cbc seed-cfb seed-ecb seed-ofb zlib
ubuntu Headless Video Recoding with Handbreak CLI
I have a lot of movies. A lot. They are all in a digital format of some sort or another on my NAS server.
I like uniformity, that is, I like all my media in one format. I have an iPhone (which I also love) so, I’ve been leaning (sadly) toward mp4 for my library. Also, sadly, my library has already been coded mostly in XviD (the open source DivX.) So I need to convert my old “.avi” movies to “.mp4″. This is called “re-coding.”
When I was initially thinking of doing headless recoding I was going to use ffmepg. ffmpeg is amazing for doing things like this – and what it’s specifically designed for. I however have been using “HandBrake (http://handbrake.fr/)” on my Mac and I really like the simplicity and it does a very good job.
Why mess with a good thing?
I found out that HandBrake has a command line client (http://handbrake.fr/downloads2.php) which is available in all operating systems except, Linux. Ubuntu specifically.
Looking around I found that there are nightly “unsupported” development builds for Ubuntu, and since Handbrake is public software and any support you receive for it would be pure fluke; this unsupported version looked better and better.
More importantly there is an option to learn how to use this PPA (personal package archive) system that Ubuntu (https://launchpad.net/ubuntu/+ppas) has been tooting it’s horn over.
The “PPA” archive (available here: https://edge.launchpad.net/~stebbins/+archive/handbrake-snapshots) for Handbrake supports Maverick, Lucid, and Karmic – and since I can’t remember what my system is; I run a little lsb_release.
root@ubuntu:~# lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 10.04.1 LTS
Release: 10.04
Codename: lucid
root@ubuntu:~#
Look at that, I run Lucid (Ubuntu 10.04). It’s “supported.”
To add a PPA it’s actually very easy, you have to use a command called “add-apt-repository.” I didn’t have it at first:
root@ubuntu:~# add-apt-repository
add-apt-repository: command not found
root@ubuntu:~#
But that’s easily fixed by installing “python-software-properties”
root@ubuntu:~# apt-get install python-software-properties
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following NEW packages will be installed:
python-software-properties
0 upgraded, 1 newly installed, 0 to remove and 1 not upgraded.
Need to get 0B/30.8kB of archives.
After this operation, 1,126kB of additional disk space will be used.
Selecting previously deselected package python-software-properties.
(Reading database ... 54647 files and directories currently installed.)
Unpacking python-software-properties (from .../python-software-properties_0.75.10.1_all.deb) ...
Processing triggers for man-db ...
Setting up python-software-properties (0.75.10.1) ...
Processing triggers for python-central ...
root@ubuntu:~#
Then you can run, apt-add-repository with the correct repository information (found here: https://edge.launchpad.net/~stebbins/+archive/handbrake-snapshots):
root@ubuntu:~# apt-add-repository ppa:stebbins/handbrake-snapshots
Executing: gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring /etc/apt/secring.gpg --trustdb-name /etc/apt/trustdb.gpg --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/trusted.gpg --keyserver keyserver.ubuntu.com --recv 43D3A9F60C58A7169778E6FB8771ADB0816950D8
gpg: requesting key 816950D8 from hkp server keyserver.ubuntu.com
gpg: key 816950D8: "Launchpad HandBrake Snapshots" not changed
gpg: Total number processed: 1
gpg: unchanged: 1
root@ubuntu:~#
(since I already ran it my output above will not match yours)
Once that’s installed, you can quickly use - apt-get install handbrake-cli, to install it:
root@ubuntu:~# apt-get install handbrake-cli
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following NEW packages will be installed:
handbrake-cli
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 6,119kB of archives.
After this operation, 13.9MB of additional disk space will be used.
Get:1 http://ppa.launchpad.net/stebbins/handbrake-snapshots/ubuntu/ lucid/main handbrake-cli
svn3570ppa1~lucid1 [6,119kB]
Fetched 1,446kB in 7s (199kB/s)
Selecting previously deselected package handbrake-cli.
(Reading database ... 54665 files and directories currently installed.)
Unpacking handbrake-cli (from .../handbrake-cli_svn3570ppa1~lucid1_i386.deb) ...
Setting up handbrake-cli (svn3570ppa1~lucid1) ...
root@ubuntu:~#
Then you can simply use it:
root@ubuntu:~# HandBrakeCLI
Missing input device. Run HandBrakeCLI --help for syntax.
root@ubuntu:~#
Handbrake has a very good tutorial on how to use its command line client, and even has all the normal built in presets: http://trac.handbrake.fr/wiki/CLIGuide
GNU dnsmasq for OpenSolaris SPARC
I recently have been trying to migrate my FreeNAS server to a SPARC based system runing OpenSolaris. Mainly for the benefits of ZFS – but also to learn more about OpenSolaris and shellcode on SPARC.
In this light of learning more about OpenSolaris, I’ve been porting some of my lesser power hungry network applications to my little sparc pizzabox as well. Since the pizzabox server is a little underpowered I wanted to use some pertty trim services to keep it’s availablility up as a NAS.
The first service I thought about was dnsmasq, who on my OpenBSD system works as my DHCP and dynmaically updateable DNS server. I really like dnsmasq (http://www.thekelleys.org.uk/dnsmasq/doc.html), and have been using it as my primary dns/dhcp server for some time now – it’s fast, feature rich, easy to configure and cheap on resources. It’s perfect for the home user.
Now just to get in running on my sparc. After all the searching in the world, I couldn’t find any (trivial) dnsmasq on Solaris documentation.
This left me no choice:
I’m not afraid of compling source. Thankfully, DNSmasq 2.52 (http://www.thekelleys.org.uk/dnsmasq/dnsmasq-2.52.tar.gz) compiles cleanly on sparc – so this is the base I used. In order to compile and run make install properly, I had to change the “Makefile” to use “ginstall” instead of BSD install that is used by default on Solaris systems; the Makefile also uses “cc” instead of “gcc” so I symlinked my “gcc” binary from /usr/bin to /usr/bin/cc.
Once installed I had to deal with the silly Solaris SMF (Service Management Facility). In order to maintain some continuity across all my services I decded to build a nice smf xml for my dnsmasq as well. I just copied ssh’s, and modified it to support my newly compiled dnsmasq package. I also had to write a simple starup script since the SMF facility is just a fancy way of calling /lib/svc/method/ shell scripts who look suspcisouly like “init.d” type scripts.
Compiled, scripted and input into my smf (using svccfg import), my dnsmasq seems to starup great – my netbook got an ip, and it’s pingable by using “ping netbook” .
GREAT!
To save you wonderful internet users some headaches, I built a Solaris “.pkg” file for general consumption. (http://www.filehosting.org/file/details/143734/GNUdnsmsq.pkg)
I followed the instructions here (http://www.ibiblio.org/pub/packages/solaris/sparc/html/creating.solaris.packages.html ) for creaing the Solaris package, then used ”pkgtrans -s . GNUdnsmaq.pkg” to translate the package to a “.pkg” file.
Enjoy!
Virus Scanning for your FreeNAS
[edit: now has instructions for "embedded" freeBSD/freeNAS installations]
As you all know I love my freeNAS, it’s an excellent platform with all kinds of amazing features. The problem is that it’s still lacking in some little ways.
One way is “antivirus”
So, here’s my howto for anti virus for FreeNAS. If you have an “embedded” freeNAS, you may have to move all the installed files to your mounted drives and symlink them using a startup script. (i’ll cover this if there’s demand)
First, ssh to your NAS and get it’s release, mine looks like this:
freenas:~# uname -a FreeBSD freenas.local 7.2-RELEASE-p4 FreeBSD 7.2-RELEASE-p4 #0: Fri Oct 16 16:45:05 UTC 2009 root@vmbsd72i386:/usr/obj/freenas/usr/src/sys/FREENAS-i386 i386
This just tells me that i’m using 7.2-release. Then I go to the freebsd ftp site to find the packages. The main tree is here ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/
in the “packages-7.2-release” i can find the “security” directory, and finally clamav*.tbz.
ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-7.2-release/security/clamav-0.95.1.tbz
Now, download it, while you’re at it you should download all the archive libraries that it uses:
unzoo (ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-7.2-release/All/unzoo-4.4_2.tbz)
lha (ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-7.2-release/All/lha-1.14i_6.tbz)
arj (ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-7.2-release/All/arj-3.10.22_1.tbz)
arc (ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-7.2-release/All/arc-5.21o_1.tbz)
If you have an embedded version you must decompress each of these binaries into their own directory, I put them in my /mnt/default/opt directory structure and decompress each of them using tar, like this:
Ffirst clamav:
freenas:/mnt/default/opt/tmp# tar -xjf ../clamav-0.95.1.tbz freenas:/mnt/default/opt/tmp# tar -xjf ../unzoo-4.4_2.tbz freenas:/mnt/default/opt/tmp# tar -xjf ../lha-1.14i_6.tbz freenas:/mnt/default/opt/tmp# tar -xjf ../arj-3.10.22_1.tbz freenas:/mnt/default/opt/tmp# tar -xjf ../arc-5.21o_1.tbz
Now I have a mess in my directories, but it’s not really a mess, it’s the full distribution of clamav but not in the correct directories.
This is easy to fix, we can link each file to it’s proper place. I like using symbolic links (if you’re interested look in the man page for “ln”)
I copied all directories that I’ve just extracted, not including the package files (ones that look like like +COMMENT +DESC +INSTALL etc.) to my /mnt/default/opt directory. This is where I intend the executable files to run from:
freenas:/mnt/default/opt/tmp# ls +COMMENT +DESC bin lib sbin +CONTENTS +INSTALL etc libdata share +DEINSTALL +MTREE_DIRS include man freenas:/mnt/default/opt/tmp# rm -rf +*; #delete all +files. freenas:/mnt/default/opt/tmp# ls bin etc include lib libdata man sbin share freenas:/mnt/default/opt/tmp# mv * .. freenas:/mnt/default/opt/tmp# cd .. freenas:/mnt/default/opt# ls arc-5.21o_1.tbz include sbin arj-3.10.22_1.tbz lha-1.14i_6.tbz share bin lib tmp clamav-0.95.1.tbz libdata unzoo-4.4_2.tbz etc man freenas:/mnt/default/opt# rm *.tbz freenas:/mnt/default/opt# ls bin etc include lib libdata man sbin share tmp freenas:/mnt/default/opt#
Now comes the tricky part;
I created a list of files using “find .”. With this list I can build a script that will link them to the proper /usr/local directories with the “ln” tool. This is how I generated my “mksymlinks” script, it looks like this:
freenas:/mnt/default/opt# cat mksymlinks #!/bin/bash ln -sf /mnt/default/opt/. /usr/local/. ln -sf /mnt/default/opt/l /usr/local/l ln -sf /mnt/default/opt/tmp /usr/local/tmp ln -sf /mnt/default/opt/bin /usr/local/bin ln -sf /mnt/default/opt/bin/clamav-config /usr/local/bin/clamav-config ln -sf /mnt/default/opt/bin/clamconf /usr/local/bin/clamconf ln -sf /mnt/default/opt/bin/clamdtop /usr/local/bin/clamdtop ln -sf /mnt/default/opt/bin/clamscan /usr/local/bin/clamscan ln -sf /mnt/default/opt/bin/clamdscan /usr/local/bin/clamdscan ln -sf /mnt/default/opt/bin/freshclam /usr/local/bin/freshclam ln -sf /mnt/default/opt/bin/sigtool /usr/local/bin/sigtool ln -sf /mnt/default/opt/bin/arc /usr/local/bin/arc ln -sf /mnt/default/opt/bin/marc /usr/local/bin/marc ln -sf /mnt/default/opt/bin/arj /usr/local/bin/arj ln -sf /mnt/default/opt/bin/arj-register /usr/local/bin/arj-register ln -sf /mnt/default/opt/bin/arjdisp /usr/local/bin/arjdisp ln -sf /mnt/default/opt/bin/rearj /usr/local/bin/rearj ln -sf /mnt/default/opt/bin/lha /usr/local/bin/lha ln -sf /mnt/default/opt/bin/unzoo /usr/local/bin/unzoo ln -sf /mnt/default/opt/etc /usr/local/etc ln -sf /mnt/default/opt/etc/clamd.conf.default /usr/local/etc/clamd.conf.default ln -sf /mnt/default/opt/etc/freshclam.conf.default /usr/local/etc/freshclam.conf.default ln -sf /mnt/default/opt/etc/rc.d /usr/local/etc/rc.d ln -sf /mnt/default/opt/etc/rc.d/clamav-clamd /usr/local/etc/rc.d/clamav-clamd ln -sf /mnt/default/opt/etc/rc.d/clamav-freshclam /usr/local/etc/rc.d/clamav-freshclam ln -sf /mnt/default/opt/include /usr/local/include ln -sf /mnt/default/opt/include/clamav.h /usr/local/include/clamav.h ln -sf /mnt/default/opt/include/clamav-config.h /usr/local/include/clamav-config.h ln -sf /mnt/default/opt/lib /usr/local/lib ln -sf /mnt/default/opt/lib/libclamav.a /usr/local/lib/libclamav.a ln -sf /mnt/default/opt/lib/libclamav.la /usr/local/lib/libclamav.la ln -sf /mnt/default/opt/lib/libclamav.so /usr/local/lib/libclamav.so ln -sf /mnt/default/opt/lib/libclamav.so.6 /usr/local/lib/libclamav.so.6 ln -sf /mnt/default/opt/lib/libclamunrar.a /usr/local/lib/libclamunrar.a ln -sf /mnt/default/opt/lib/libclamunrar.la /usr/local/lib/libclamunrar.la ln -sf /mnt/default/opt/lib/libclamunrar.so /usr/local/lib/libclamunrar.so ln -sf /mnt/default/opt/lib/libclamunrar.so.6 /usr/local/lib/libclamunrar.so.6 ln -sf /mnt/default/opt/lib/libclamunrar_iface.a /usr/local/lib/libclamunrar_iface.a ln -sf /mnt/default/opt/lib/libclamunrar_iface.la /usr/local/lib/libclamunrar_iface.la ln -sf /mnt/default/opt/lib/libclamunrar_iface.so /usr/local/lib/libclamunrar_iface.so ln -sf /mnt/default/opt/lib/libclamunrar_iface.so.6 /usr/local/lib/libclamunrar_iface.so.6 ln -sf /mnt/default/opt/lib/arj /usr/local/lib/arj ln -sf /mnt/default/opt/lib/arj/arjcrypt.so /usr/local/lib/arj/arjcrypt.so ln -sf /mnt/default/opt/libdata /usr/local/libdata ln -sf /mnt/default/opt/libdata/pkgconfig /usr/local/libdata/pkgconfig ln -sf /mnt/default/opt/libdata/pkgconfig/libclamav.pc /usr/local/libdata/pkgconfig/libclamav.pc ln -sf /mnt/default/opt/man /usr/local/man ln -sf /mnt/default/opt/man/man1 /usr/local/man/man1 ln -sf /mnt/default/opt/man/man1/clamconf.1.gz /usr/local/man/man1/clamconf.1.gz ln -sf /mnt/default/opt/man/man1/clamscan.1.gz /usr/local/man/man1/clamscan.1.gz ln -sf /mnt/default/opt/man/man1/freshclam.1.gz /usr/local/man/man1/freshclam.1.gz ln -sf /mnt/default/opt/man/man1/sigtool.1.gz /usr/local/man/man1/sigtool.1.gz ln -sf /mnt/default/opt/man/man1/clamdscan.1.gz /usr/local/man/man1/clamdscan.1.gz ln -sf /mnt/default/opt/man/man1/clamdtop.1.gz /usr/local/man/man1/clamdtop.1.gz ln -sf /mnt/default/opt/man/man1/arc.1.gz /usr/local/man/man1/arc.1.gz ln -sf /mnt/default/opt/man/man1/arj-register.1.gz /usr/local/man/man1/arj-register.1.gz ln -sf /mnt/default/opt/man/man1/arj.1.gz /usr/local/man/man1/arj.1.gz ln -sf /mnt/default/opt/man/man1/arjdisp.1.gz /usr/local/man/man1/arjdisp.1.gz ln -sf /mnt/default/opt/man/man1/rearj.1.gz /usr/local/man/man1/rearj.1.gz ln -sf /mnt/default/opt/man/man1/unzoo.1.gz /usr/local/man/man1/unzoo.1.gz ln -sf /mnt/default/opt/man/man5 /usr/local/man/man5 ln -sf /mnt/default/opt/man/man5/clamd.conf.5.gz /usr/local/man/man5/clamd.conf.5.gz ln -sf /mnt/default/opt/man/man5/freshclam.conf.5.gz /usr/local/man/man5/freshclam.conf.5.gz ln -sf /mnt/default/opt/man/man8 /usr/local/man/man8 ln -sf /mnt/default/opt/man/man8/clamd.8.gz /usr/local/man/man8/clamd.8.gz ln -sf /mnt/default/opt/man/man8/clamav-milter.8.gz /usr/local/man/man8/clamav-milter.8.gz ln -sf /mnt/default/opt/man/ja /usr/local/man/ja ln -sf /mnt/default/opt/man/ja/man1 /usr/local/man/ja/man1 ln -sf /mnt/default/opt/man/ja/man1/lha.1.gz /usr/local/man/ja/man1/lha.1.gz ln -sf /mnt/default/opt/sbin /usr/local/sbin ln -sf /mnt/default/opt/sbin/clamd /usr/local/sbin/clamd ln -sf /mnt/default/opt/share /usr/local/share ln -sf /mnt/default/opt/share/doc /usr/local/share/doc ln -sf /mnt/default/opt/share/doc/clamav /usr/local/share/doc/clamav ln -sf /mnt/default/opt/share/doc/clamav/ChangeLog /usr/local/share/doc/clamav/ChangeLog ln -sf /mnt/default/opt/share/doc/clamav/NEWS /usr/local/share/doc/clamav/NEWS ln -sf /mnt/default/opt/share/doc/clamav/html /usr/local/share/doc/clamav/html ln -sf /mnt/default/opt/share/doc/clamav/html/clamdoc.css /usr/local/share/doc/clamav/html/clamdoc.css ln -sf /mnt/default/opt/share/doc/clamav/html/clamdoc.html /usr/local/share/doc/clamav/html/clamdoc.html ln -sf /mnt/default/opt/share/doc/clamav/html/contents.png /usr/local/share/doc/clamav/html/contents.png ln -sf /mnt/default/opt/share/doc/clamav/html/footnode.html /usr/local/share/doc/clamav/html/footnode.html ln -sf /mnt/default/opt/share/doc/clamav/html/img1.png /usr/local/share/doc/clamav/html/img1.png ln -sf /mnt/default/opt/share/doc/clamav/html/img2.png /usr/local/share/doc/clamav/html/img2.png ln -sf /mnt/default/opt/share/doc/clamav/html/img3.png /usr/local/share/doc/clamav/html/img3.png ln -sf /mnt/default/opt/share/doc/clamav/html/img4.png /usr/local/share/doc/clamav/html/img4.png ln -sf /mnt/default/opt/share/doc/clamav/html/index.html /usr/local/share/doc/clamav/html/index.html ln -sf /mnt/default/opt/share/doc/clamav/html/next.png /usr/local/share/doc/clamav/html/next.png ln -sf /mnt/default/opt/share/doc/clamav/html/next_g.png /usr/local/share/doc/clamav/html/next_g.png ln -sf /mnt/default/opt/share/doc/clamav/html/node1.html /usr/local/share/doc/clamav/html/node1.html ln -sf /mnt/default/opt/share/doc/clamav/html/node10.html /usr/local/share/doc/clamav/html/node10.html ln -sf /mnt/default/opt/share/doc/clamav/html/node11.html /usr/local/share/doc/clamav/html/node11.html ln -sf /mnt/default/opt/share/doc/clamav/html/node12.html /usr/local/share/doc/clamav/html/node12.html ln -sf /mnt/default/opt/share/doc/clamav/html/node13.html /usr/local/share/doc/clamav/html/node13.html ln -sf /mnt/default/opt/share/doc/clamav/html/node14.html /usr/local/share/doc/clamav/html/node14.html ln -sf /mnt/default/opt/share/doc/clamav/html/node15.html /usr/local/share/doc/clamav/html/node15.html ln -sf /mnt/default/opt/share/doc/clamav/html/node16.html /usr/local/share/doc/clamav/html/node16.html ln -sf /mnt/default/opt/share/doc/clamav/html/node17.html /usr/local/share/doc/clamav/html/node17.html ln -sf /mnt/default/opt/share/doc/clamav/html/node18.html /usr/local/share/doc/clamav/html/node18.html ln -sf /mnt/default/opt/share/doc/clamav/html/node19.html /usr/local/share/doc/clamav/html/node19.html ln -sf /mnt/default/opt/share/doc/clamav/html/node2.html /usr/local/share/doc/clamav/html/node2.html ln -sf /mnt/default/opt/share/doc/clamav/html/up.png /usr/local/share/doc/clamav/html/up.png ln -sf /mnt/default/opt/share/doc/clamav/html/node20.html /usr/local/share/doc/clamav/html/node20.html ln -sf /mnt/default/opt/share/doc/clamav/html/node21.html /usr/local/share/doc/clamav/html/node21.html ln -sf /mnt/default/opt/share/doc/clamav/html/node22.html /usr/local/share/doc/clamav/html/node22.html ln -sf /mnt/default/opt/share/doc/clamav/html/node23.html /usr/local/share/doc/clamav/html/node23.html ln -sf /mnt/default/opt/share/doc/clamav/html/node24.html /usr/local/share/doc/clamav/html/node24.html ln -sf /mnt/default/opt/share/doc/clamav/html/node25.html /usr/local/share/doc/clamav/html/node25.html ln -sf /mnt/default/opt/share/doc/clamav/html/node26.html /usr/local/share/doc/clamav/html/node26.html ln -sf /mnt/default/opt/share/doc/clamav/html/node27.html /usr/local/share/doc/clamav/html/node27.html ln -sf /mnt/default/opt/share/doc/clamav/html/node28.html /usr/local/share/doc/clamav/html/node28.html ln -sf /mnt/default/opt/share/doc/clamav/html/node29.html /usr/local/share/doc/clamav/html/node29.html ln -sf /mnt/default/opt/share/doc/clamav/html/node3.html /usr/local/share/doc/clamav/html/node3.html ln -sf /mnt/default/opt/share/doc/clamav/html/node30.html /usr/local/share/doc/clamav/html/node30.html ln -sf /mnt/default/opt/share/doc/clamav/html/node31.html /usr/local/share/doc/clamav/html/node31.html ln -sf /mnt/default/opt/share/doc/clamav/html/node32.html /usr/local/share/doc/c lamav/html/node32.html ln -sf /mnt/default/opt/share/doc/clamav/html/node33.html /usr/local/share/doc/clamav/html/node33.html ln -sf /mnt/default/opt/share/doc/clamav/html/node34.html /usr/local/share/doc/clamav/html/node34.html ln -sf /mnt/default/opt/share/doc/clamav/html/node35.html /usr/local/share/doc/clamav/html/node35.html ln -sf /mnt/default/opt/share/doc/clamav/html/node36.html /usr/local/share/doc/clamav/html/node36.html ln -sf /mnt/default/opt/share/doc/clamav/html/node37.html /usr/local/share/doc/clamav/html/node37.html ln -sf /mnt/default/opt/share/doc/clamav/html/node38.html /usr/local/share/doc/clamav/html/node38.html ln -sf /mnt/default/opt/share/doc/clamav/html/node39.html /usr/local/share/doc/clamav/html/node39.html ln -sf /mnt/default/opt/share/doc/clamav/html/node4.html /usr/local/share/doc/clamav/html/node4.html ln -sf /mnt/default/opt/share/doc/clamav/html/node40.html /usr/local/share/doc/clamav/html/node40.html ln -sf /mnt/default/opt/share/doc/clamav/html/node41.html /usr/local/share/doc/clamav/html/node41.html ln -sf /mnt/default/opt/share/doc/clamav/html/node42.html /usr/local/share/doc/clamav/html/node42.html ln -sf /mnt/default/opt/share/doc/clamav/html/node43.html /usr/local/share/doc/clamav/html/node43.html ln -sf /mnt/default/opt/share/doc/clamav/html/node44.html /usr/local/share/doc/clamav/html/node44.html ln -sf /mnt/default/opt/share/doc/clamav/html/node45.html /usr/local/share/doc/clamav/html/node45.html ln -sf /mnt/default/opt/share/doc/clamav/html/node46.html /usr/local/share/doc/clamav/html/node46.html ln -sf /mnt/default/opt/share/doc/clamav/html/node47.html /usr/local/share/doc/clamav/html/node47.html ln -sf /mnt/default/opt/share/doc/clamav/html/node48.html /usr/local/share/doc/clamav/html/node48.html ln -sf /mnt/default/opt/share/doc/clamav/html/node49.html /usr/local/share/doc/clamav/html/node49.html ln -sf /mnt/default/opt/share/doc/clamav/html/node5.html /usr/local/share/doc/clamav/html/node5.html ln -sf /mnt/default/opt/share/doc/clamav/html/node50.html /usr/local/share/doc/clamav/html/node50.html ln -sf /mnt/default/opt/share/doc/clamav/html/node51.html /usr/local/share/doc/clamav/html/node51.html ln -sf /mnt/default/opt/share/doc/clamav/html/node52.html /usr/local/share/doc/clamav/html/node52.html ln -sf /mnt/default/opt/share/doc/clamav/html/node53.html /usr/local/share/doc/clamav/html/node53.html ln -sf /mnt/default/opt/share/doc/clamav/html/node54.html /usr/local/share/doc/clamav/html/node54.html ln -sf /mnt/default/opt/share/doc/clamav/html/node55.html /usr/local/share/doc/clamav/html/node55.html ln -sf /mnt/default/opt/share/doc/clamav/html/node56.html /usr/local/share/doc/clamav/html/node56.html ln -sf /mnt/default/opt/share/doc/clamav/html/node57.html /usr/local/share/doc/clamav/html/node57.html ln -sf /mnt/default/opt/share/doc/clamav/html/node58.html /usr/local/share/doc/clamav/html/node58.html ln -sf /mnt/default/opt/share/doc/clamav/html/node59.html /usr/local/share/doc/clamav/html/node59.html ln -sf /mnt/default/opt/share/doc/clamav/html/node6.html /usr/local/share/doc/clamav/html/node6.html ln -sf /mnt/default/opt/share/doc/clamav/html/node60.html /usr/local/share/doc/clamav/html/node60.html ln -sf /mnt/default/opt/share/doc/clamav/html/node7.html /usr/local/share/doc/clamav/html/node7.html ln -sf /mnt/default/opt/share/doc/clamav/html/node8.html /usr/local/share/doc/clamav/html/node8.html ln -sf /mnt/default/opt/share/doc/clamav/html/node9.html /usr/local/share/doc/clamav/html/node9.html ln -sf /mnt/default/opt/share/doc/clamav/html/prev.png /usr/local/share/doc/clamav/html/prev.png ln -sf /mnt/default/opt/share/doc/clamav/html/prev_g.png /usr/local/share/doc/clamav/html/prev_g.png ln -sf /mnt/default/opt/share/doc/clamav/html/up_g.png /usr/local/share/doc/clamav/html/up_g.png ln -sf /mnt/default/opt/share/doc/arc /usr/local/share/doc/arc ln -sf /mnt/default/opt/share/doc/arc/Arc521.doc /usr/local/share/doc/arc/Arc521.doc ln -sf /mnt/default/opt/share/doc/arj /usr/local/share/doc/arj ln -sf /mnt/default/opt/share/doc/arj/COPYING /usr/local/share/doc/arj/COPYING ln -sf /mnt/default/opt/share/doc/arj/arjl.txt /usr/local/share/doc/arj/arjl.txt ln -sf /mnt/default/opt/share/doc/arj/arjs.txt /usr/local/share/doc/arj/arjs.txt ln -sf /mnt/default/opt/share/doc/arj/debug.txt /usr/local/share/doc/arj/debug.txt ln -sf /mnt/default/opt/share/doc/arj/history.txt /usr/local/share/doc/arj/history.txt ln -sf /mnt/default/opt/share/doc/arj/readme.txt /usr/local/share/doc/arj/readme.txt ln -sf /mnt/default/opt/share/doc/arj/unix.txt /usr/local/share/doc/arj/unix.txt freenas:/mnt/default/opt#
Make it executable:
freenas:/mnt/default/opt# chmod +x mksymlinks freenas:/mnt/default/opt#
Run it:
freenas:/mnt/default/opt# ./mksymlinks freenas:/mnt/default/opt#
If you have a full version installed then you can simply install them in the order above;
I do mine by command line, but you can use the “system | packages” menu on the FreeNAS WebGUI.
freenas:/mnt/default# pkg_add -v unzoo-4.4_2.tbz equested space: 67K bytes, free space: 808M bytes in /var/tmp/instmp.OrlWwG extract: Package name is unzoo-4.4_2 extract: CWD to /usr/local extract: /usr/local/bin/unzoo extract: /usr/local/man/man1/unzoo.1.gz extract: CWD to . Running mtree for unzoo-4.4_2.. mtree -U -f +MTREE_DIRS -d -e -p /usr/local >/dev/null Attempting to record package into /var/db/pkg/unzoo-4.4_2.. Package unzoo-4.4_2 registered in /var/db/pkg/unzoo-4.4_2 freenas:/mnt/default# pkg_add -v lha-1.14i_6.tbz Requested space: 135K bytes, free space: 807M bytes in /var/tmp/instmp.RpvEQj extract: Package name is lha-1.14i_6 extract: CWD to /usr/local extract: /usr/local/bin/lha extract: /usr/local/man/ja/man1/lha.1.gz extract: CWD to . Running mtree for lha-1.14i_6.. mtree -U -f +MTREE_DIRS -d -e -p /usr/local >/dev/null Attempting to record package into /var/db/pkg/lha-1.14i_6.. Package lha-1.14i_6 registered in /var/db/pkg/lha-1.14i_6 freenas:/mnt/default# pkg_add -v arj-3.10.22_1.tbz Requested space: 906K bytes, free space: 807M bytes in /var/tmp/instmp.jzBJSj extract: Package name is arj-3.10.22_1 extract: CWD to /usr/local extract: /usr/local/bin/arj extract: /usr/local/bin/arj-register extract: /usr/local/bin/arjdisp extract: /usr/local/bin/rearj extract: /usr/local/lib/arj/arjcrypt.so extract: /usr/local/man/man1/arj-register.1.gz extract: /usr/local/man/man1/arj.1.gz extract: /usr/local/man/man1/arjdisp.1.gz extract: /usr/local/man/man1/rearj.1.gz extract: /usr/local/share/doc/arj/COPYING extract: /usr/local/share/doc/arj/arjl.txt extract: /usr/local/share/doc/arj/arjs.txt extract: /usr/local/share/doc/arj/debug.txt extract: /usr/local/share/doc/arj/history.txt extract: /usr/local/share/doc/arj/readme.txt extract: /usr/local/share/doc/arj/unix.txt extract: CWD to . Running mtree for arj-3.10.22_1.. mtree -U -f +MTREE_DIRS -d -e -p /usr/local >/dev/null Attempting to record package into /var/db/pkg/arj-3.10.22_1.. Package arj-3.10.22_1 registered in /var/db/pkg/arj-3.10.22_1 freenas:/mnt/default# pkg_add -v arc-5.21o_1.tbz Requested space: 180K bytes, free space: 807M bytes in /var/tmp/instmp.0SwLN2 extract: Package name is arc-5.21o_1 extract: CWD to /usr/local extract: /usr/local/bin/arc extract: /usr/local/bin/marc extract: /usr/local/man/man1/arc.1.gz extract: /usr/local/share/doc/arc/Arc521.doc extract: CWD to . Running mtree for arc-5.21o_1.. mtree -U -f +MTREE_DIRS -d -e -p /usr/local >/dev/null Attempting to record package into /var/db/pkg/arc-5.21o_1.. Package arc-5.21o_1 registered in /var/db/pkg/arc-5.21o_1
And finally:
freenas:/mnt/default# pkg_add -v clamav-0.95.1.tbz Requested space: 5327K bytes, free space: 807M bytes in /var/tmp/instmp.CKrsuO Package 'clamav-0.95.1' depends on 'unzoo-4.4_2' with 'archivers/unzoo' origin. - already installed. Package 'clamav-0.95.1' depends on 'lha-1.14i_6' with 'archivers/lha' origin. - already installed. Package 'clamav-0.95.1' depends on 'arj-3.10.22_1' with 'archivers/arj' origin. - already installed. Package 'clamav-0.95.1' depends on 'arc-5.21o_1' with 'archivers/arc' origin. - already installed. Running pre-install for clamav-0.95.1.. => Added group "clamav". pw: unknown group `mail' => Added user "clamav". extract: Package name is clamav-0.95.1 extract: CWD to /usr/local extract: /usr/local/man/man1/clamconf.1.gz extract: /usr/local/man/man1/clamscan.1.gz extract: /usr/local/man/man1/freshclam.1.gz extract: /usr/local/man/man1/sigtool.1.gz extract: /usr/local/man/man1/clamdscan.1.gz extract: /usr/local/man/man1/clamdtop.1.gz extract: /usr/local/man/man5/clamd.conf.5.gz extract: /usr/local/man/man5/freshclam.conf.5.gz extract: /usr/local/man/man8/clamd.8.gz extract: /usr/local/man/man8/clamav-milter.8.gz extract: /usr/local/bin/clamav-config extract: /usr/local/bin/clamconf extract: /usr/local/bin/clamdtop extract: /usr/local/bin/clamscan extract: /usr/local/bin/clamdscan extract: /usr/local/bin/freshclam extract: /usr/local/bin/sigtool extract: /usr/local/sbin/clamd extract: /usr/local/include/clamav.h extract: /usr/local/include/clamav-config.h extract: /usr/local/lib/libclamav.a extract: /usr/local/lib/libclamav.la extract: /usr/local/lib/libclamav.so extract: /usr/local/lib/libclamav.so.6 extract: /usr/local/lib/libclamunrar.a extract: /usr/local/lib/libclamunrar.la extract: /usr/local/lib/libclamunrar.so extract: /usr/local/lib/libclamunrar.so.6 extract: /usr/local/lib/libclamunrar_iface.a extract: /usr/local/lib/libclamunrar_iface.la extract: /usr/local/lib/libclamunrar_iface.so extract: /usr/local/lib/libclamunrar_iface.so.6 extract: /usr/local/libdata/pkgconfig/libclamav.pc extract: /usr/local/etc/clamd.conf.default extract: execute '[ -f /usr/local/etc/clamd.conf ] || cp /usr/local/etc/clamd.conf.default /usr/local/etc/clamd.conf' extract: /usr/local/etc/freshclam.conf.default extract: execute '[ -f /usr/local/etc/freshclam.conf ] || cp /usr/local/etc/freshclam.conf.default /usr/local/etc/freshclam.conf' extract: execute '/sbin/ldconfig -m /usr/local/lib' extract: /usr/local/share/doc/clamav/ChangeLog extract: /usr/local/share/doc/clamav/NEWS extract: /usr/local/share/doc/clamav/html/clamdoc.css extract: /usr/local/share/doc/clamav/html/clamdoc.html extract: /usr/local/share/doc/clamav/html/contents.png extract: /usr/local/share/doc/clamav/html/footnode.html extract: /usr/local/share/doc/clamav/html/img1.png extract: /usr/local/share/doc/clamav/html/img2.png extract: /usr/local/share/doc/clamav/html/img3.png extract: /usr/local/share/doc/clamav/html/img4.png extract: /usr/local/share/doc/clamav/html/index.html extract: /usr/local/share/doc/clamav/html/next.png extract: /usr/local/share/doc/clamav/html/next_g.png extract: /usr/local/share/doc/clamav/html/node1.html extract: /usr/local/share/doc/clamav/html/node10.html extract: /usr/local/share/doc/clamav/html/node11.html extract: /usr/local/share/doc/clamav/html/node12.html extract: /usr/local/share/doc/clamav/html/node13.html extract: /usr/local/share/doc/clamav/html/node14.html extract: /usr/local/share/doc/clamav/html/node15.html extract: /usr/local/share/doc/clamav/html/node16.html extract: /usr/local/share/doc/clamav/html/node17.html extract: /usr/local/share/doc/clamav/html/node18.html extract: /usr/local/share/doc/clamav/html/node19.html extract: /usr/local/share/doc/clamav/html/node2.html extract: /usr/local/share/doc/clamav/html/up.png extract: /usr/local/share/doc/clamav/html/node20.html extract: /usr/local/share/doc/clamav/html/node21.html extract: /usr/local/share/doc/clamav/html/node22.html extract: /usr/local/share/doc/clamav/html/node23.html extract: /usr/local/share/doc/clamav/html/node24.html extract: /usr/local/share/doc/clamav/html/node25.html extract: /usr/local/share/doc/clamav/html/node26.html extract: /usr/local/share/doc/clamav/html/node27.html extract: /usr/local/share/doc/clamav/html/node28.html extract: /usr/local/share/doc/clamav/html/node29.html extract: /usr/local/share/doc/clamav/html/node3.html extract: /usr/local/share/doc/clamav/html/node30.html extract: /usr/local/share/doc/clamav/html/node31.html extract: /usr/local/share/doc/clamav/html/node32.html extract: /usr/local/share/doc/clamav/html/node33.html extract: /usr/local/share/doc/clamav/html/node34.html extract: /usr/local/share/doc/clamav/html/node35.html extract: /usr/local/share/doc/clamav/html/node36.html extract: /usr/local/share/doc/clamav/html/node37.html extract: /usr/local/share/doc/clamav/html/node38.html extract: /usr/local/share/doc/clamav/html/node39.html extract: /usr/local/share/doc/clamav/html/node4.html extract: /usr/local/share/doc/clamav/html/node40.html extract: /usr/local/share/doc/clamav/html/node41.html extract: /usr/local/share/doc/clamav/html/node42.html extract: /usr/local/share/doc/clamav/html/node43.html extract: /usr/local/share/doc/clamav/html/node44.html extract: /usr/local/share/doc/clamav/html/node45.html extract: /usr/local/share/doc/clamav/html/node46.html extract: /usr/local/share/doc/clamav/html/node47.html extract: /usr/local/share/doc/clamav/html/node48.html extract: /usr/local/share/doc/clamav/html/node49.html extract: /usr/local/share/doc/clamav/html/node5.html extract: /usr/local/share/doc/clamav/html/node50.html extract: /usr/local/share/doc/clamav/html/node51.html extract: /usr/local/share/doc/clamav/html/node52.html extract: /usr/local/share/doc/clamav/html/node53.html extract: /usr/local/share/doc/clamav/html/node54.html extract: /usr/local/share/doc/clamav/html/node55.html extract: /usr/local/share/doc/clamav/html/node56.html extract: /usr/local/share/doc/clamav/html/node57.html extract: /usr/local/share/doc/clamav/html/node58.html extract: /usr/local/share/doc/clamav/html/node59.html extract: /usr/local/share/doc/clamav/html/node6.html extract: /usr/local/share/doc/clamav/html/node60.html extract: /usr/local/share/doc/clamav/html/node7.html extract: /usr/local/share/doc/clamav/html/node8.html extract: /usr/local/share/doc/clamav/html/node9.html extract: /usr/local/share/doc/clamav/html/prev.png extract: /usr/local/share/doc/clamav/html/prev_g.png extract: /usr/local/share/doc/clamav/html/up_g.png extract: CWD to /usr/local extract: /usr/local/etc/rc.d/clamav-clamd extract: /usr/local/etc/rc.d/clamav-freshclam extract: CWD to . Running mtree for clamav-0.95.1.. mtree -U -f +MTREE_DIRS -d -e -p /usr/local >/dev/null Running post-install for clamav-0.95.1.. Attempting to record package into /var/db/pkg/clamav-0.95.1.. Trying to record dependency on package 'unzoo-4.4_2' with 'archivers/unzoo' origin. Trying to record dependency on package 'lha-1.14i_6' with 'archivers/lha' origin. Trying to record dependency on package 'arj-3.10.22_1' with 'archivers/arj' origin. Trying to record dependency on package 'arc-5.21o_1' with 'archivers/arc' origin. Package clamav-0.95.1 registered in /var/db/pkg/clamav-0.95.1
All Installed. Happy. Embedded versions should add the new “mksymlinks” script to the “System|Advanced|Command scripts” and make it a “PreInit” script:
Update your “clam” database using /usr/local/bin/freshclam and ta-da :) nice virus scanner.
freenas:/mnt/default# /usr/local/bin/freshclam
ClamAV update process started at Wed Dec 16 16:08:26 2009
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.95.1 Recommended version: 0.95.3
DON’T PANIC! Read http://www.clamav.net/support/faq
Downloading main.cvd [100%]
main.cvd updated (version: 51, sigs: 545035, f-level: 42, builder: sven)
Downloading daily.cvd [100%]
daily.cvd updated (version: 10187, sigs: 132586, f-level: 44, builder: arnaud)
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Current functionality level = 42, recommended = 44
DON’T PANIC! Read http://www.clamav.net/support/faq
Database updated (677621 signatures) from database.clamav.net (IP: 208.70.244.158)
WARNING: Clamd was NOT notified: Can’t connect to clamd through /var/run/clamav/clamd.sock
connect(): No such file or directory
I ignore all the errors, it’s because FreeBSDs ports are slightly behind the clam source tree. This isn’t an issue and they’re right “DON’T PANIC!” :)
You can also see that “clamd” is a “clam daemon”, I won’t be covering this here, but if others ask i’ll do a quick one on that too.
Now that my clam is installed, I have to create some CRON jobs.
The first one that I do is the update virus database. Instead of showing my screenshots, I’ll just tell you the command that I used.
/usr/local/bin/freshclam
It automatically logs to “/var/log/clam/freshclam.log” so you don’t need to give it any other info. It’s also worth noting that if the virus database is up to date “freshclam” returns “failure” to cron, and it will look like your cron job failed. Don’t panic, you can go to /var/db/clamav/ and delete the “cvd” files to force it to refresh.
Now I add weekly scan jobs to my “home” directories.
/usr/local/bin/clamscan -ri dir >dir/virusscan.log
I run this one per directory, at staggaring times throughout the day on Sunday. I tried to make sure that it doesn’t interfere with my backup routines.
That about covers it.
Back from the Dead – Fixing Drives in Linux
So as you all know I lost my NAS due to some disk errors.
Sadly, it was actually my flash adapter card (http://www.dealextreme.com/details.dx/sku.711) failed and this caused my FreeNAS to fail.
After much debugging – since this solid state drive seemed like a power supply failing: power turns off a couple seconds after being turned on, turning it on sometimes would do nothing until you unplugged the power supply then plug it back in. (http://hubpages.com/hub/How-to-Tell-When-Computer-Power-Supply-Is-Failing)
Anyway, after figuring it out, I put in an old unlocked X Box hard disk (15 Gb) and that’s now my boot drive. I used the newest version of FreeNAS which allows for a “full install” on a hard disk. (simply boot it up, and use the console menu to install)
Now that I’ve got my FreeNAS server up again, I still have a broken 500Gb drive to fix.
I took the 500Gb drive out and put it in my Ubuntu Linux lab server. I usually use this machine for any experiments that I’m doing and for virtual machines.
Canada computers and a few others have some pretty good deals on 1Tb drives right now. (I got mine for $90.00. http://www.canadacomputers.com/index.php?do=ShowProduct&cmd=pd&pid=024109&cid=HDD.443.877) So this is a good time to upgrade my drive.
I put it into my lab server, and dd’ed the drive to make a complete copy onto my new 1Tb drive.
Now I have a whole bitwise copy of my drive, now the fun part.
I don’t know UFS as well as I know FAT or EXT, so I was hoping to find a utility to help me with the restoration of this drive.
A quick google found me a utility called “testdisk”, (http://www.cgsecurity.org/wiki/TestDisk) and since I have a bitwise copy of my drive, I thought let’s give it a try.
Ran it, it took literally 1 hour to analyze the drive. It was so slow that I almost gave up. However, beer and a night of Simpsons let me relax and let it do its work.
I wish I’d taken screen shots for you, but I was thrilled to find out that it actually worked.
It recognized the UFS filesystem, GFI partition and all. It rewrote the partition table, and dropped me to a command prompt.
I installed “ufsutils” with apt-get install, and ran fsck.ufs on it. fsck did it usual “i found xxx fix?” and the drive was repaired.
I copied the data from the old 500Gb to the new 1Tb, and installed the new 1Tb drive into my FreeNAS server, added the drive, and ta-da it worked.
Back in business.
Now, the new version of FreeNAS has some neat new features that I discovered, the least of which is “/etc/rc.d/transmission blocklist-update” – which makes my old tutorial redundant, and I’ll write an update about that sometime soon :)
This week I’m going to reconfigure it – and I’ll probably write a little tutorial for you all who are interested.
In the meantime, I got my NAS back – and my movies.
Revisit Royale Noir
But, since i’ve been looking at the same page of posts for the last couple of weeks i thought i owe it to you to write something… anything, just to keep you (and me) on our toes.
Since this is something of a revisit but I think it’s quite catching and really a nice personal touch that many of us can use to make our windows boxes just a little more unique.
It’s called “Royale Noir”, a secret hidden XP theme that is only available using a special “luna.msstyles” visual settings file by Microsoft.
Installation is a snap, you just download the royale_noir.zip file that I literally stole from the old “istartedsomething” post (see: http://www.istartedsomething.com/uploads/royale_noir.zip) unzip it into a “royale noir” subdirectory in your “%WINDIR%\resources\themes\” folder, double click on the “luna.msstyles” file and select “Noir” from the colour scheme.
Beautiful.
Royal Noir Display Properties
Google Scripts without Google API
A client I just finished working with had a few applications where they would judge the deployment of a product (a piece of software for example) by using googles output.
They considered any search product with <100,000 results obscure, less than 1,000,000 moderate, 1,000,000 to 100,000,000 significant and greater than that still as broad.
They were doing this by hand.
Searching google and looking at the “Results x- x of about xxxx” section of google search, and using this output to judge the deployment, as I said.
The problem here is that they wanted to script this, but NOT by using google’s api (for legal reasons).
I therefore would have to find a way around.
The easiest way, I could think of, is just capturing the output of the search… But how?
The command line browser “lynx” in unix systems is amazing for this sort of thing. Lynx can render a simple html page and dump it as text (using the -dump parameter)
All I had to do then is wrap it in a nice script that would read the rendered output, and output something meaningful.
You can find the script in my script section called “googleit.py” and “deployment.py”
Tutorial: cvs server on FreeNAS
First, when I started to research if “cvs” would work on my FreeNAS I found a whole lot of links to cvsd… but I recall using cvs over ssh for many many projects. Couldn’t I run just cvs over ssh?
Yes You Can!!! And this makes cvs on FreeNAS easier than ever. Not much modification is required, and I am very happy to report that I’ve got mine working very well.
So let’s get into it shall we?
In order to get cvs working, we need the cvs binary. FreeNAS is a FreeBSD core underneath the covers. There are many many releases of FreeBSD so we should find out what release we have. We can do this by running uname on the command prompt of your FreeNAS.
Mine says:
nas:/mnt/default# uname -a FreeBSD nas.ejes.gotdns.org 6.4-RELEASE-p3 FreeBSD 6.4-RELEASE-p3 #0: Sat Apr 18 22:17:59 UTC 2009 root@vmbsd64i386:/usr/obj/freenas/usr/src/sys/FREENAS-i386 i386 nas:/mnt/default#
Now that I have the release number, I can simply browse the FreeBSD repository at ftp://ftp.freebsd.org (the 6.4 release is ftp://ftp.freebsd.org/pub/FreeBSD/releases/i386/6.4-RELEASE/6.4-RELEASE/packages/All/), and following the directory tree you can find most any other release.
Simply download the “cvs” binary cvs+ipv6-1.11.17_1.tbz (ftp://ftp.freebsd.org/pub/FreeBSD/releases/i386/6.4-RELEASE/6.4-RELEASE/packages/All/cvs+ipv6-1.11.17_1.tbz)
I used fetch on my system:
nas:/mnt/default# fetch ftp://ftp.freebsd.org/pub/FreeBSD/releases/i386/6.4-RELEASE/6.4-RELEASE/packages/All/cvs+ipv6-1.11.17_1.tbz cvs+ipv6-1.11.17_1.tbz
100% of 442 kB 266 kBps
Then, in the GUI, I added a group called “cvs”, I gave it the group id 2401 because port 2401 was the cvs server port (and I may want to use pserver one day).
The Group I used for my cvs
the user _cvs for myself
Thankfully a tbz file means a tar bzipped file. So we can use tar to extract the package from freeBSD i want all my cvs stuff in one place so i’m going to extract it to my /mnt/default/cvs/tmp directory.
nas:/mnt/default/cvs/tmp# tar -vxzf cvs+ipv6-1.11.17_1.tbz x +CONTENTS x +COMMENT x +DESC x +MTREE_DIRS x man/man1/cvs.1.gz x man/man5/cvs.5.gz x man/man8/cvsbug.8.gz x bin/cvs x bin/cvsbug x bin/rcs2log x share/cvs/contrib/README x share/cvs/contrib/check_cvs x share/cvs/contrib/clmerge x share/cvs/contrib/cln_hist x share/cvs/contrib/commit_prep x share/cvs/contrib/cvs2vendor x share/cvs/contrib/cvs_acls x share/cvs/contrib/cvscheck x share/cvs/contrib/cvscheck.man x share/cvs/contrib/debug_check_log x share/cvs/contrib/intro.doc x share/cvs/contrib/log x share/cvs/contrib/log_accum x share/cvs/contrib/mfpipe x share/cvs/contrib/pvcs2rcs x share/cvs/contrib/rcs-to-cvs x share/cvs/contrib/rcs2log x share/cvs/contrib/rcslock x share/cvs/contrib/sccs2rcs x info/cvs.info x info/cvs.info-1 x info/cvs.info-10 x info/cvs.info-2 x info/cvs.info-3 x info/cvs.info-4 x info/cvs.info-5 x info/cvs.info-6 x info/cvs.info-7 x info/cvs.info-8 x info/cvs.info-9 x info/cvsclient.info x info/cvsclient.info-1 x info/cvsclient.info-2 x info/cvsclient.info-3 nas:/mnt/default/cvs/tmp#
Go back and “Give full shell access to user.” to the _cvs user and log-in or “su _cvs” to become him.
Now we have to initialize the cvs root directory; mine is /mnt/default/cvs/root. Run cvs init, and we’re off.
nas:/mnt/default/cvs/tmp# su _cvs %cvs -d ~/root init %exit nas:/mnt/default# chown -R _cvs:cvs cvs nas:/mnt/default#
Everything should be functional, all we need to do now is add anyone we want to be able to access cvs, to the “cvs” group. I added “user” as a test.
On my OpenBSD terminal I setup a simple cvs system
$ CVS_RSH=ssh cvs -d:ext:_cvs@nas:/mnt/default/cvs/root checkout .
works! GREAT!! Add my user to the “cvs” group, remove “shell” access from _cvs done!
My Remote users have to set these settings:
CVS_RSH=ssh
CVSROOT=:ext:user@host:/mnt/default/cvs/root
CVSEDITOR=nano
Now I can import directories using: cvs import -m “comment” module_name committer start
Check them out on another machine using: cvs checkout module_name
Add files or directories: cvs add “file/directory”
And Commit my changes once they’re made: cvs commit
For example:
nas:/mnt/default# ssh user@192.168.0.2 user@192.168.0.2's password: Last login: Tue Aug 4 16:46:50 2009 from 192.168.0.3 OpenBSD 4.4 (GENERIC) #1021: Tue Aug 12 17:16:55 MDT 2008 Welcome to OpenBSD: The proactively secure Unix-like operating system. Please use the sendbug(1) utility to report bugs in the system. Before reporting a bug, please try to reproduce it with the latest version of the code. With bug reports, please try to ensure that enough information to reproduce the problem is enclosed, and if a known fix for it exists, include that as well. $ CVS_RSH=ssh; export CVS_RSH $ CVSROOT=:ext:user@192.168.0.3:/mnt/default/cvs/root; export CVSROOT $ CVSEDITOR=nano;export CVSEDITOR=nano $ mkdir src $ cd src $ mkdir testing $ cd testing $ touch a file $ ls a file $ cvs import -m "testing" test ejes start user@192.168.0.3's password: N test/a N test/file No conflicts created by this import $ mkdir new $ cvs add n $ touch new/more $ cd .. $ ls testing $ rm -rf testing/ $ cvs checkout test user@192.168.0.3's password: cvs checkout: Updating test U test/a U test/file $ cd test $ mkdir new $ touch new/more $ cvs add new user@192.168.0.3's password: ? new/more Directory /mnt/default/cvs/root/test/new added to the repository $ cvs add new/more user@192.168.0.3's password: cvs add: scheduling file `new/more' for addition cvs add: use 'cvs commit' to add this file permanently $ cvs commit cvs commit: Examining . cvs commit: Examining new user@192.168.0.3's password: RCS file: /mnt/default/cvs/root/test/new/more,v done Checking in new/more; /mnt/default/cvs/root/test/new/more,v <-- more initial revision: 1.1 done $
I call Phoney
leave a comment »
So today I was stumbling around on the internet, and found this kids site:
http://cyberfreax.in/2011/11/15/how-to-create-a-virus-2/
which features “how to create a virus” Who could help themselves but read?
It turns out that this kid is completely full of it. He tells you to copy this:
01100110011011110111001001101101011000010111010000
100000011000110011101001011100 0010000000101111010100010010111101011000
into a text file and rename it to something.exe and then run it.
Of course anyone with a bit of understanding on how the binary loader works would know that the loader wouldn’t recognize this as an executable program; ALL executable programs in windows start with either “MZ” or “PE”. These are the “magic numbers” that tell the binary loader that these are, in fact, executable.
There is a lot going on behind the scenes here so let me explain WHY this won’t work.
Inside of a regular “exe” program is a structure to help the operating system determine how to load this program. The structure looks like this (in C notation):
(info from: http://www.delorie.com/djgpp/doc/exe/)
struct EXE { unsigned short signature; /* == 0x5a4D */ unsigned short bytes_in_last_block; unsigned short blocks_in_file; unsigned short num_relocs; unsigned short header_paragraphs; unsigned short min_extra_paragraphs; unsigned short max_extra_paragraphs; unsigned short ss; unsigned short sp; unsigned short checksum; unsigned short ip; unsigned short cs; unsigned short reloc_table_offset; unsigned short overlay_number; };The first short integer ‘signature’ is always 5a4d in MZ executables (by far less complex than PE executables) this is how the loader knows that this is a valid executable.
The first 16-bit integer is the number of bytes in the last block, unless it’s set to zero, which means the whole last block (152 bytes) is used.
The next 16-bit integer is total number of blocks in the executable file, and if the previous short integer is not zero, that number of the last block is used.
The next short is the number of relocation entries in the header, and the next is the number of “paragraphs” in the header. Followed by the number of paragraphs of additional memory the program would need (that is, if there isn’t at least this many bytes free the loader will not try to load this program) most programmers know this as the BBS size. And finally, following that, is the maximum number of paragraphs of additional memory.
The next part is the relative value of the stack segment. This value is added to the segment the program is loaded into, and used to initialize the SS (stack segment) register.
The next value is the initial value of the SP (stack pointer) register. Then a word which is a checksum, which is usually not used.
The next is the initial value of the IP (instruction pointer) register, and then the CS (code segment) register (which is relative to the segment of the program loaded). Then the offset of the first relocation item in the file, and finally ending with the overlay number.
If you examine the “binary” that Srivathsan provided, obviously none of this structure “fits.”
So what IS Srivathsan trying to pull? Let’s take the binary, and bring it to a Binary-to-Ascii conversion site. I used this one:
http://www.roubaixinteractive.com/PlayGround/Binary_Conversion/Binary_To_Text.asp
I pasted the “binary”, and pressed “To Text” and it comes back with:
format c:\ /Q/X
Oh!! So he just encoded a “format” command and expected it to run.
This will NOT work.
So, what will work then?
There’s an older format, called “.COM” format that does still run in windows (XP tested). A Com file (http://en.wikipedia.org/wiki/COM_file) is far less complex, it contains no header information, no relocation and no far jumps.
So it looks to me like you CAN use a .COM file in this way. So now, to find some executable information you can place in this .com file.
To do this, I did a quick Google for “printable shellcode” and came back with a whole slew of stuff. I chose this (i got it here(http://r00tsecurity.org/forums/topic/12019-16-bit-printable-shellcode-hello-world/):
X5))%@IP5YI5Y@5P!%PAP[55!5e 5O!54(P^)7CC)7SZBBXPSRABCABCABCABCABCABCABCABCABCZ[XH+H*hello world!$
As you might suspect from the final string, this is simply a “hello world” program; in printable ASCII!!
So, all you have to do is copy the above code, paste it into a text file, and rename the .txt extension to .com and ‘ta-da’ instant executable binary.
Nice try http://cyberfreax.in LOL
Written by ejes
November 17, 2011 at 1:30 pm
Posted in Commentary, Hacking, Tutorials