Hmm, time to disable Java for a while:
–jeroen
Archive for the ‘*nix’ Category
Time to disable Java for a while: Zero-Day Season is Not Over Yet
Posted by jpluimers on 2012/08/27
Posted in *nix, Apple, Chrome, Google, Linux, Mac, Mac OS X / OS X / MacOS, Mac OS X 10.4 Tiger, Mac OS X 10.5 Leopard, Mac OS X 10.6 Snow Leopard, Mac OS X 10.7 Lion, MacBook, MacBook-Air, MacBook-Pro, Power User | 3 Comments »
SSH tricks
Posted by jpluimers on 2012/08/24
SSH tricks
Recommended reading: SSH tricks
Quote:
SSH is a protocol for authenticating and encrypting remote shell sessions.
But, using SSH for just remote shell sessions ignores 90% of what it can do.
$ ssh home -L 80:reddit.com:80This article covers less common SSH use cases, such as:
- using passwordless, key-based login;
- setting up local per-host configurations;
- exporting a local service through a firewall;
- accessing a remote service through a firewall;
- executing commands remotely from scripts;
- transfering files to/from remote machines;
- mounting a filesystem through SSH; and
- triggering admin scripts from a phone.
–jeroen
via: SSH tricks.
Share this:
Posted in *nix, Apple, Cygwin, Endian, Internet, Mac OS X 10.5 Leopard, Mac OS X 10.6 Snow Leopard, Mac OS X 10.7 Lion, MacBook, MacBook-Air, MacBook-Pro, Power User | Leave a Comment »
Afscheid van UUCP | XS4ALL Weblog
Posted by jpluimers on 2012/08/20
No more UUCP at xs4all: Afscheid van UUCP | XS4ALL Weblog.
Boy, the first time I got UUCP working was a hell of a job (:
Back then it was the best way to copy files (including email) in a kind of system independent way.
The end of a remarkable time frame (:
–jeroen
Share this:
Posted in *nix, Internet, Linux, Power User | Leave a Comment »
Boot Linux GRUB or LILO Into Single User Mode
Posted by jpluimers on 2012/08/17
Sometimes when you are at a Linux site, there is no one available with the right credential information for doing emergency maintenance.
There is a way around it: boot your Linux in Single user mode. Then it will not ask for a password, and boot straight into the user root.
When you are lucky, your linux site:
- allows for console access
- boots through a boot loader like GRUB or LILO, which allows for speicifying the kernel boot parameters
Modern systems usually use GRUBand you can follow the steps in Read the rest of this entry »
Share this:
Posted in *nix, Linux, Power User | Leave a Comment »
OpenVPN connect to the same LAN (bridged mode) (via: The VPN Menu — Endian UTM Appliance v2.4 documentation)
Posted by jpluimers on 2012/08/03
Another research item:
Need to provide access through OpenVPN to the same LAN as where the OpenVPN server runs on.
This is unusual, and requires a bridged OpenVPN solution.
Jürgen Schmidt wrote a nice article on this in 2008.
Endian community edition seems to support this out of the box:
Server configuration
In this panel you can enable the OpenVPN server and define in which zone it should run.
OpenVPN server enabled
Click this to make sure the OpenVPN server is started.
Bridged
If you want to run the OpenVPN server in one of the existing zones check this box. ..
note:
If the OpenVPN server is not bridged you must set the
firewall rules in the VPN firewall to make sure clients
can access any zone - unless you do not want them to.VPN subnet
This option is only available if you disable bridged mode, which allows you to run the OpenVPN server in its own subnet that can be specified here.
Bridge to
If bridged mode has been selected here you can choose to which zone the OpenVPN server should be bridged.
Dynamic IP pool start address
The first possible IP address in the network of the selected zone that should be used for the OpenVPN clients.
Dynamic IP pool end address
The last possible IP address in the network of the selected zone that should be used for the OpenVPN clients.
–jeroen
via: The VPN Menu — Endian UTM Appliance v2.4 documentation.
Share this:
Posted in *nix, Endian, Linux, OpenVPN, Power User | Leave a Comment »
Tonido as alternative to DropBox (via: Bei sensiblen Daten lieber eigene Cloud-Lösung – c’t – PresseBox)
Posted by jpluimers on 2012/07/30
On the research list (wow, Google Translate is very accurate this time!): Tonido
More and more programs allow users to cut the cord of cloud providers like Google and Dropbox. The Tonido software is suitable for example for users who want to make sensitive customer or patient data accessible on multiple devices without outsourcing it to an external server. “Once you have installed Tonido on your PC and create an account, you can in the local network, but also on the move access to a PC or mobile devices on the complete data set”
Original German text from the mid December 2011 issue of c’t Magazin:
Immer mehr Programme ermöglichen es Anwendern, sich von Cloud-Anbietern wie Google oder Dropbox abzunabeln. Die Software Tonido eignet sich beispielsweise für Nutzer, die sensible Kunden- oder Patientendaten auf mehreren Geräten zugänglich machen wollen – ohne sie auf einen externen Server auszulagern. “Sobald man Tonido auf dem eigenen PC installiert und ein Konto angelegt hat, kann man im lokalen Netz, aber auch von unterwegs mit PC oder Mobilgeräten auf den kompletten Datenbestand zugreifen”
Thanks Noud van Kruysbergen for translating the German c’t article into Dutch.
–jeroen
via: Bei sensiblen Daten lieber eigene Cloud-Lösung – c’t – PresseBox.
Share this:
Posted in *nix, Linux, Mac, Mac OS X / OS X / MacOS, Mac OS X 10.5 Leopard, Mac OS X 10.6 Snow Leopard, Mac OS X 10.7 Lion, Power User, Windows, Windows 7, Windows 8, Windows Server 2003, Windows Server 2008, Windows Vista, Windows XP | Leave a Comment »
Asus RT N66U: steps to get “Tomato Backup Settings & Log to USB Drive Script – TomatoUSB” working on an Asus RT N66U @AustinStAubin
Posted by jpluimers on 2012/07/27
Below are some steps to get the Tomato Backup Settings & Log to USB Drive Script – TomatoUSB by Austin Saint Aubin working on an Asus RT N66U router.
I presume you are using a Windows system (hence the FAT/FAT32 formatting of the USB stick) for doing the edits and copying of files to an USB stick. Read the rest of this entry »
Share this:
Posted in *nix, ASUS RT-N66U, Internet, Network-and-equipment, Power User, TomatoUSB | Leave a Comment »
Addendum to Guide to “Install Tomato firmware on Asus RT-N66U / RT-N16 / RT-N12 B1 / RT-N12 C1 / RT-N10U router 韌體教學 | Moonlight Knight”
Posted by jpluimers on 2012/07/23
I had a bit different experience getting the Tomato Shibby firmware loaded on one of my Asus RT-N66U routers than the description from Guide to Install Tomato firmware on Asus RT-N66U nor this Video of the Asus Routers Rescue Mode Tutorial.
Somehow, the Asus Firmware Restoration Utility kept indicating “The wireless router is not in rescue mode”, no matter what I did.
This might be due to that I run VMware Workstation with some virtual LAN adapters on most of my machines.
Or not: the web-interface on the Asus RT N66U would not get into the firmware restoration mode either.
This worked though:
- pull the power plug on the RT N66U
- press and hold the reset button
- insert the power plug on the RT N66U
- wait for the power led to slowly blink
- release the reset button
- wait a few minutes for the modem to become stable
- in the mean time set your PC to these IPv4 settings: – host = 192.168.1.100 – mask = 255.255.255.0
- start your web-browser
- point your web-browser to http://192.168.1.1 (it will time out, don’t worry)
- press the power button to turn off the router
- wait a few seconds
- press the power button to turn on the router now your router gets into rescue mode
- refresh your browser so it goes to http://192.168.1.1 again
- upload your Tomato firmware
–jeroen
Share this:
Posted in *nix, ASUS RT-N66U, Internet, Network-and-equipment, Power User, TomatoUSB | 2 Comments »
Reference desktop client for the Google Authenticator (OS X, Windows, Linux) – via: mclamp/JAuth · GitHub
Posted by jpluimers on 2012/07/20
It runs on OS X, Windows and Linux:
JAuth is a reference desktop client for the google authenticator. Intended
as an alternative to the iPhone Google Authenticator app and similar.
And it comes with installers in addition to source code.
Interesting.
–jeroen
via: mclamp/JAuth · GitHub.
Share this:
Posted in *nix, Apple, Google, GoogleAuthenticator, Mac, Mac OS X / OS X / MacOS, Power User, Windows | Leave a Comment »
WiFi/WLAN security: for personal/PSK mode, choose WPA2 with AES and a strong password and SSID name. Don’t use TKIP or WPS PIN
Posted by jpluimers on 2012/07/20
To make WPA2 as secure as possible in PSK mode aka personal mode, make sure you don’t trap into the major WPA2 weaknesses:
- choosing weak passwords (anything less than about 15 characters is to easy to crack)
- choosing weak SSID names (as rainbow tables have been generated for popular SSID names)
- don’t use TKIP, but use AES as there is a WPA short packet spoofing based on TKIP that also affects WPA2
- don’t use WPS PIN, as there is a WPS PIN recovery also affecting WPA2
So this is what I did on my TomatoUSB flashed Asus RT N66U router:
- strong and different passwords for 2.4 Ghz and 5Ghz WiFi
- unique SSIDs for both the WiFi bands
- AES encryption
- no WPS PIN
Easy to setup: follow the WiKi here, using the basic link from the link list.
–jeroen
via:
- Wi-Fi Protected Access – Security – Wikipedia, the free encyclopedia.
- SG FAQ :: WPA2 TKIP or AES encryption ?.
Share this:
Posted in *nix, Internet, Power User, TomatoUSB | Leave a Comment »
The Wiert Corner - irregular stream of stuff 