Category: Tech

Remote wireless X clients

I’ve setup and old Pentium 100 Toshiba laptop with a wireless card and Debian as a “dumb-ish X terminal” at home over my 802.11b wireless network. It works rather well and very quiet. My girlfriend now has all the wonders that RedHat 9 brings, without having to lug a big heavy expensive power-hungry laptop around the house. Up until now I’d had a hacky ssh remote session thing running, but now I use XDMCP (X -probe IP) to login directly using gdm listening on the central box. A firewall attempts to protect the XDMCP and X11 services, with minimal privacy provided by WEP. I’ll have IPSEC implemented soon enough though.

I’m also working on a fail over redundant MySQL cluster setup at the moment and hope to write a quick HOWTO on it, covering Heartbeat and MySQL 4’s replication system. I’ll announce it here as usual.

23/6/2003 Add Comment

Cisco PIX with FreeS/WAN

I’ve written up some example configs to get a Cisco PIX working with FreeS/WAN over IPSEC with a pre-shared key. I’ll probably do one with RSA keys soon too.

Apparently there is an endian-ness problem with the Radeon drivers on powerpc when in dual monitor mode. I’ve managed to get Michel Daenzer and Ben Herrenschmidt’s attention (with the help of Simon Urbanek) so hopefully it’ll be fixed soon.

I spilt pineapple juice on my PowerBook. It’s sticky now and the speaker clicks.

16/6/2003 1 Comment

Evolution 1.3 for PowerPC

I built some Ximian Evolution debs for powerpc. The details are on my Debian page

9/6/2003 Add Comment

mac/arpwatcher firestorm preprocessor and PIX tomfoolery

I’m currently working on a preprocessor for the Firestorm NIDS to detect dodgy looking arp activity. So far it keeps track of hardware and protocol addresses in arp packets and alert if things change. It will soon monitor IP traffic too (and IPX/Appletalk etc. I guess) and detect a bunch of other ettercap style trickery.

I’m also working with some Cisco PIX firewalls to make them play nice with FreeS/WAN on Linux. I’ll put some example configs up here at some point. I’m going to take the Cisco VPN exam and be one step closer to a CCSP (I’m really not sure if this is a good or a bad thing career-wise). The original Cisco press VPN book has some serious problems with factual content. The authors seems to have little understanding of the underlying technology. I guess you don’t need to know it to parrot-type the Cisco commands in (or copy and paste them, as I often see) and charge 200 quid an hour, but it would be nice to be a bit professional about things.

My Mozilla/Galeon is broken on Debian unstable. Using gdb I found /usr/lib/mozilla/components/libimglib2.so to be the culprit, so just moved it out the way. I now have Galeon working with no images which suits me fine. In fact, as everything loads so quickly and is far less offensive to the eye, I may keep it this way permanently.

Program received signal SIGSEGV, Segmentation fault.
0x0de9de98 in NSGetModule () from/usr/lib/mozilla/components/libimglib2.so

28/5/2003 Add Comment

horribly ported

My port of that pptpd exploit to Linux was apparently so horrendous that it prompted ‘r4nc0rwh0r3’ of ‘blightninjas’ to take the time to do it properly. In my defence, the original code really sucked, and I myself only needed the testing part to work (which seemed to work for me). It also compiled fine for me with gcc 3.2.3 (worksforme(tm)). And I in no way proclaim myself to be a good C programmer! Anyway, my laziness and lameness was thoroughly ridiculed by them here. Find their own fixed version here. At least I got my name on Bugtraq. Roll on fame and the big dollar.

26/4/2003 Add Comment

PPTP vulnerability

A buffer overflow vulnerability has been found in the PoPToP PPTP server. The daemon is commonly run as root, therefore this can be pretty serious. A sample exploit was released for windows, and I’ve ported it to Linux (gcc). The problem on our own firewalls was mitigated because, although we have to run the crappy software to provide simple windows VPN access, we have some stack protection in our kernels.

22/4/2003 Add Comment

OpenGL

2D alife is fine, but add a whole new dimension, and you’re in a whole new dimension! I’m learning how to code some OpenGL (through the SDL libraries) so that I can make my bacteria and squiks dance on the Z too. The Radeon 9000 in this PowerBook is speeding the process up a good few tens of frames per second.

17/4/2003 Add Comment

PowerPC and Debian

I’ve moved architecture and Linux distro by upgrading to a PowerBook G4.

I think we’ve finally given up on try to get Macromedia Coldfusion MX anywhere near stable on our Linux distro. Macromedia are making us jump through a lot of troubleshooting hoops, I don’t even think we can reproduce the problem yet. We’re helping the client implement some Windows servers now instead. The only really difficult or unsolvable problems we have always involve closed source software. I really rather dislike working with it. Matt started documenting some of our ‘progress’, but I doubt the results we have are coherent enough for anyone to find useful.

8/4/2003 Add Comment

Firestorm elog support for Ethereal

I finally got a patch together to all Firestorm NIDS elog support to Ethereal. You can find the Ethereal patch and a screenshot within my downloads directory. I may put a couple of example elog files on there to play with too.

5/3/2003 Add Comment

DVD hack; firestorm; life.

My Daewoo DVD player’s region protection was quickly foiled with a few magical keypresses on the remote control thanks to the information at regionfreedvd.net. Nice chaps. When I opened up the secret menu, I got a message saying “YOU SHOULD NOT BE HERE”, hehe.

I’m just testing the final changes to my patch to add elog (Firestorm NIDS) support for the open source protocol analyser Ethereal, after which I’ll release it. Hopefully it will get added to Ethereal.

I’ll be making some of my old little Life programs available here soon, plus some recent tinkering I’ve been doing with a more advanced idea of evolution modelling. They are all in C and use the SDL libraries for the graphics.

2/3/2003 Add Comment

Galeon, Evolution and netstat…?

/usr/bin/galeon-bin
\_ [netstat ]

Wtf? Why is galeon running netsta? This happens in evolution too.

23/1/2003 Add Comment

Linux 2.5 Trials and Tribulations

I’ve been tinkering with Linux 2.5 recently and will be documenting my progress online . I’ve already run into a little problem with ORBit/Evolution and built an RPM to fix it, so read all about it.

6/1/2003 Add Comment