January 2nd, 2012 admin
Well I just jumped through the hoops again installing a new tool, and as it took me quite a while, I thought I’d help the Internet at Large through it. Or at least make a few notes, as most of my own searches for information on this drew blanks. I even went to the lengths of translating a few obscure German posts in case they could help.
Anyway, munin, once you get it going, is actually quite cool. It provides you with a graphical look at your server performance, and you can customise which data you collect quite simply. I’m installing it on an Ubuntu server 11.04, with nginx and mysql. I’m expecting a big traffic spike in the near future, so I want to see how the machine is handling it, and which bits, if any, are struggling.
Posted in General IT, Linux, Security | 3 Comments »
October 18th, 2011 admin
My main work machine is still on Ubuntu 10.10. I had installed 11.04 on my spare laptop, but hated Unity so much I only ever booted into Gnome Classic. I was hoping things might get better with 11.10, but things are now very much worse. To the point where I’m looking around for other distributions. I suspect, like Linus Torvalds, I might start looking at XFCE.
Anyway, after upgrading my laptop to 11.10, I was disturbed to find it wouldn’t boot up: you just sit there looking at a message which says “Waiting for network configuration”. I’m fairly techy (and have a spare computer), so I was able to find the answer, which was to drop to a shell and move a bunch of files from /var/run to /run. But imagine a non-techy person trying to cope with this. Congratulations Ubuntu, you just lost market share. Read the rest of this entry »
Posted in General IT, Linux | 17 Comments »
August 20th, 2011 admin
This is a short post but it took me a while to figure it out, so I thought I’d post it. I have a long list of dates in a spreadsheet, and wanted to have Saturdays and Sundays formatted differently so that they stood out. I tried a number of things in Conditional Formatting, until I hit on this one.
Highlight the column you want to apply this to and bring up the Conditional Formatting dialog from the Format menu. Set a style in the Style dropdown (I chose 10% grey background for eg, and called it ‘greyed’. Change the other dropdown to “Formula Is”, and put this in the box:
OR(WEEKDAY(CELL(“contents”))=1, WEEKDAY(CELL(“contents”))=7)
That’s basically it. This works in LibreOffice and OpenOffice, and should also work in Excel too, as the functions are the same.
Posted in General IT | No Comments »
July 13th, 2011 admin
One of the problems of running a Samba share on Linux is that occasionally one of the Windows machines accessing it will get a virus, and infect all the files on the share. You can use one of the AV tools to do this of course, (Clam AV, AVG and Kaspersky all have them these days) but they’re pretty slow generally.
I noticed at one client that the virus was putting exe files into directories, with the same name as the containing directory eg.it would create the file /share/Software/Software.exe.
So the first thing to do is to see who is creating them. Here we go … Read the rest of this entry »
Posted in General IT, Linux, Security | No Comments »
March 23rd, 2011 admin
I have a main desktop on my home LAN, and a few notebooks, all running Ubuntu. I have a pretty slow Internet connection, so when a kernel update comes out it means running a 50Mb update on all of the machines. It struck me that this isn’t the most efficient way of doing things. I experimented with the apt-cacher package, but that had two problems: first it didn’t seem to work that well and often crashed on the main desktop; second, whenever I went outside my home LAN it didn’t work.
So I did the Linux thing, and made a quick and dirty script that works for me …
Read the rest of this entry »
Posted in General IT, Linux | No Comments »
January 14th, 2011 admin
On Ubuntu there is an option to create an encrypted directory in your home directory called ~/.Private, which is mounted at ~/Private. To set this up you need to issue two commands:
sudo apt-get install ecryptfs-utils
ecryptfs-setup-private
It asks you for a mount password. Log out and log back in again and everything you drop in the Private directory is encrypted and stored in the .Private directory, so that no-one can access your files if, for example, they log in to the machine in Single user mode, or take the hard disk out. So far so good.
But what happens when you move your encrypted files to a different machine? The instructions on this weren’t so clear, so I’m just writing down a step-by-step approach to help others who are unsure.
Read the rest of this entry »
Posted in General IT, Linux, Security | No Comments »
May 4th, 2010 admin
Just to remind myself as much as anything, as I’ve been through this a few times. ClamAV was complaining loudly in the logfiles about not having the most up to date ClamAV. I searched around and was pointed to the Debian Unstable repository to /etc/apt/sources.list (Read the whole article before you add this one …there is a better one)
After that, on running apt-get update, you get a message like this:
W: GPG error: http://volatile.debian.org etch/volatile Release: The following signatures couldn’t be verified because the public key is not available: NO_PUBKEY DFD993306D849617
So, take the pubkey number off the end and do this with it.
sudo gpg --keyserver subkeys.pgp.net --recv-keys DFD993306D849617
sudo gpg --armor --export DFD993306D849617 > new.key
sudo apt-key add new.key
I then got a message saying “The following packages have been kept back: clamav clamav-daemon clamav-freshclam”
By using
sudo aptitude dist-upgrade
(NB aptitude rather than apt-get) the new packages are downloaded. However they’re still not up to the level that ClamAV is telling me to upgrade to.
So, more searching. It turns out the most up to date Ubuntu Repositories are from this page … https://launchpad.net/~ubuntu-clamav/+archive/ppa. In my case the solution was to add these lines to my /etc/apt/sources.list
deb http://ppa.launchpad.net/ubuntu-clamav/ppa/ubuntu hardy main
deb-src http://ppa.launchpad.net/ubuntu-clamav/ppa/ubuntu hardy main
And then run through the pubkey process above, with the different pubkey id number. Later distros might get away with the add-apt-key command, but I was running hardy (8.04) on this particular server.
Posted in General IT, Linux, Security | No Comments »
April 7th, 2010 admin
Another fantastic illustration of how Linux ‘gets the job’ done. Although sometimes the operator (ahem) is sometimes a bit slow on the uptake.
Anyway, I had a Linksys WRT54G router in which the wireless unit had blown up after a power outage and surge. Gotta love the Philippines. I had dd-wrt on it, but decided to try out OpenWRT. Well lets just say that OpenWRT isn’t to my taste. I wanted something which worked more or less immediately, rather than poring over documentation trying to figure out how to get the WAN interface up via a command line.
So I dropped the router into a drawer until today, when I needed to use it for something (without the need for wireless). Well of course when I needed it, it wouldn’t boot. In fact I couldn’t even ping it. This is bad news.
I tracked down an internet post which mentioned that if I held the reset button while booting, the router would go into admin mode, which meant I could ping it. I did this and it worked. I read elsewhere that in order to flash it with tftp, I needed to do so when the ping response time was 100ms, before it dropped to 64ms. Exciting stuff. I set up the tftp flashing machine and tried, possibly 50 or 60 times, to flash back ddwrt. No luck. For reference, here is the one liner:
echo -e "binary\nrexmt 1\ntimeout 60\ntrace\nput ddwrt.bin\n" | tftp 192.168.1.1
I did an nmap scan of the router and found that port 23 was open, so I managed to telnet into it. I couldn’t connect the wan interface (as previously noted), but I had a command prompt. No SSH, no web interface. So how to get the ddwrt.bin file onto the router via telnet?
Here’s how: On my PC, at 192.168.1.50, I went to the directory which held the ddwrt.bin file. At the command prompt I typed
python -m SimpleHTTPServer
This serves up the current directory over HTTP, port 8080.
In my router telnet session I went to the /tmp directory (the only place with enough space for the file) and typed
wget http://192.168.1.50:8080/ddwrt.bin
After a few seconds, the file was there! Alright!
Still in the router, I did
mtd -r write dd-wrt.bin linux
The router whirred for a while, rebooted and … ddwrt was back, in all its web-interfacy autoconfigurating glory.
What a great trick with SimpleHTTPServer. Shame I wasted hours on the tftp approach. Incidentally, there’s a similar tool which will let people upload files to your computer via HTTP, called droopy.
Posted in General IT, Linux | No Comments »
March 16th, 2010 admin
Every now and then I come across something which makes me marvel at the flexibility of Linux. This is one of these things.
I play guitar, and I’d previously written a small script to act as a guitar tuner. I generated some .ogg files of the correct pitch and then wrote a script to loop through them in sequence. “Pretty good”, I thought, “Clever Me.”
Then a few days ago I came across this little gem of a script.
for n in E2 A2 D3 G3 B3 E4;do play -n synth 4 pluck $n repeat 2;done
That’s it. Sheer brilliance. Of course you’ll need to install the sox package first.
Posted in General IT, Linux | No Comments »
November 18th, 2009 admin
Captcha If You Can
I understand what captchas are for, and why we need them, but they seem to be getting out of control. I recently visited a site which had the captcha displayed here.
For the record the first word wasn’t ‘stirred’. I saw the option for an audio captcha and wondered how you pronounce ‘Ohehyahtah’. If that indeed was the second word. Too good to miss. I pressed the button and found that the audio captcha is just as bizzarrely impenetrable as the text. The mp3 file of it is here, and it reminded me strongly of an early David Lynch film]. Back to the text: after refreshing the words two or three times I was eventually able to get to the next stage.
The next stage involved typing a random string of letters into a box – approximately 200 characters. The web page did kindly suggest that I could cut and paste them into the box, which I did, but really, what this did was turn a quick attempt to give someone some feedback on their blog into a task akin to hacking into NASA.
Security shouldn’t be that hard. It should be as unobtrusive as possible. Roll on the next anti-bot paradigm.
Posted in General IT, Life, Security | No Comments »