So it’s been over two years since my last post.  Been very busy in my life and haven’t had time to do as much tinkering and computer stuff at home as I usually would.  That’s not to say I haven’t done anything, just haven’t documented it.  Here are a few things that happened in the last two years:

  1. I changed jobs, I now work in computer, network, and systems security full time.  I’m loving it!  Finally getting to really practice what I preach in the security field.  Georgetown was fun and a great time to grow my general systems experience, but I’m enjoying the focus on computer and network security.

  2. Got a new car, this actually happened about three years ago, but I never posted about it.  The Chevy Blazer was taken out by it’s imploding supercharger and deemed not worth my time, effort, and money to repair.  Given it was early 2009 and car dealers were giving away cars I got a great deal on a new 2009 VW Tiguan SE with AWD.  Still love the car and making small upgrades to it as the years go on to make it more mine.  I did actually stand up a page for that work here: My SUV Project (Tiguan).

  3. I made some network and computer upgrades at home as well.  I replace my original first generation MacBook Pro 15″ (Intel Core Duo 2Ghz) with a late 2010 model MacBook Pro 15″ (Intel i7 Dual Core) with HD display and 8GB of ram.  It’s currently triple booting MacOS X 10.6, Fedora 16, and Windows Ent 7.  I have a post on how to setup triple boot in the works.  I also upgrade my old Promise NS4300N 2TB NAS box with a new NetGear ReadyNAS Pro 6 12TB.  Much faster and a lot more storage plus so many options.  Finally I’ve kept the network up with technology and run full WiFI a/b/g 300mbps+ and GigE wired via NetGear WNDR4000 and assorted GigE switches paired with FiOS internet.  Finally I upgraded my workstation piece by piece to get it up to a Sandybridge i7 and 16GB ram so that I can build out a new HD+CableCard MythTV network using VMs, the NAS box, and the new Silicon Dust HD Prime. I’ll have a post later documenting my network general gear later as well as posts on how I setup MythTV.

  4. I’ve got a Barnes and Noble Nook Color as well.  It’s a great little device and hoping to take better advantage of it this coming year.  And yes, it’s rooted.  Running stock Nook Software but with the added benefit of sideloaded and standard android market apps too.

  5. And last but not least, still being a dad and husband working away enjoying watching the kids learn and grow (as I learn and grow).

 

I decided it was a little much having two “netbooks” around, so I sold my trusty Sharp MM20 (a netbook that came out before anyone heard of netbooks) to another MM20 owner with all the accessories.

So I’ve dedicated myself to the Acre Aspire One and it’s doing a great job.  One complaint was the horribly slow 16GB SSD drive that it came with.  It’s pitifully slow and loading a full blown Linux distro on it started showing its shortcomings.  Well this was solved by replacing the drive with a better performing RunCore based SSD drive.  Now the machine is quick and responsive.

I’ve loaded up Fedora 12 on the machine with “Desktop Effects” enabled, SELinux enforcing, and an encrypted hard drive via dm-crypt.  In truth, I notice no performance loss, it’s quick responsive and no stuttering.  Works great for Web Browsing, SSH sessions, and email.  That’s all I really need from a Netbook.  Oh and 5 hour battery life is no problem for this little 2.5lb machine.

So much for my concerted effort!

So small update, EeePC is gone, had to return it for work, but it was replaced with an Acer Aspire One.  I received the AOA110-1698.  This model comes with Linpus Linux Lite, 1GB Memory, 16GB SSD drive, and the 6 Cell big battery.  Linpus lite was fine, but I needed a full-blown Linux and it’s now running Fedora Core 10.  Even have SELinux running enabled on it as well as encrypted file systems.  Works very well, everything works except suspend to RAM right now.  Not too big a deal as hibernate (suspend to disk) works great.  Probably better to use that anyway, so that my battery lasts longer when I forget to plug it in when I get home.  Takes a little longer to get started up, but it runs reliably!  I’ll need to write a how-to on setting this up, just have to find time.

Next note, OpenSource world is looking good, just finished recruiting my last speaker so the Security Track is complete.  I really like the lineup this year; I’m happy with the track!

UPDATE: Suspend to RAM works very well now on the Aspire One, kernel update seems to have patched it.

Looks like I’ll have to do some cleanup on my blog.  Appears that the recent update to the software has caused misc  and †to show up in all the posts.  Ugh, this could take a while…

UPDATE: ok the  are taken care of, but the †are going to be a little more challenging.

UPDATE2: Ok, the †are now back to —

Well, I finally dumped the stock Xandros on the EeePC 1000 in favor of Fedora 9.  Must say I’m much happier, and it wasn’t too bad of an install.  I’ll write up details later, but the basics were download Fedora, install, reboot, download latest kernel, install (no net without it on the EeePC), reboot.  Yum update then reboot.  To get wireless working, had to download the driver from the card manufacturer, compile, install, and good to go.

Now there were some tricks and hoops involved (fixing the wireless card source, moving the updated kernel over with a USBkey, messing with a couple config files), but it wasn’t too bad.  Almost everything works, only thing not working yet is external displays, and that’s only because I haven’t gotten around to it.

Much happier now with a real firewall via IPTables, SELinux, and working English spell check!  Oh, and I went ahead and encrypted the file systems as well, why not.

Til I write my how-to, here are some useful links:

This thread contains most of the info you need:

http://fedoraforum.org/forum/showthread.php?t=195429

The wireless driver:

http://www.ralinktech.com/ralink/Home/Support/Linux.html

The Fedora EeePC wiki:

http://fedoraproject.org/wiki/EeePc

So been playing around more with my EeePC 1000.  Still really like it, but I’ve got two major complaints now besides the security issues I’ve mentioned before.

  1. There is NO English spellchecking installed for StarOffice.  The install of StarOffice includes spellchecking for Polish but apparently not English.  I’ve checked all over and that’s it, no English spell checking and no easy way to add it yet.  This is a major problem for me, I’m a terrible speller.
  2. The right shift key is too far to the right.  I’m a touch typist and key placement is important.  I’m used to having the right shift key and instead I hit the up arrow while typing.  I’ll probably solve this by remapping the shift key and the arrow key, but it’s a bad design.  Luckily it’s something I can work around, just annoying.

I really do need to find a solution to the spell check, or bite the bullet and do the Fedora install.

Ok, so I’ve had my new Eee PC 1000 for several days and am loving it.  But, I did find a few really glaring security issues.  So with a lot of research I’ve come up with a basic list of must do’s for any new Eee PC owner.

  1. Shutdown Samba and Portmap – These services are on by default and there are known security issues with the version of Samba that comes with the EeePC.  Here is how to make sure they are stopped and don’t come back on.  Be warned, if you do this you will not be able to share files with others from your computer, though you can access files on other computers:
    • First start up a terminal window by pressing Ctrl + Alt + T
    • Next issue the following commands:
    • sudo invoke-rc.d samba stop
    • sudo update-rc.d -f samba remove
    • sudo update-rc.d samba stop 20 0 1 2 3 4 5 6 .
    • sudo invoke-rc.d portmap stop
    • sudo update-rc.d -f portmap remove
    • sudo update-rc.d portmap stop 20 0 1 2 3 4 5 6.
    • Next edit the services file using the following commands:
    • sudo vim /usr/sbin/services.sh
    • Press the “i” key to begin edit mode
    • find the line:
      start-stop-daemon –start –quiet –oknodo –exec /sbin/portmap
      and comment it out like:
      #start-stop-daemon –start –quiet –oknodo –exec /sbin/portmap
    • find the line:
      /usr/sbin/invoke-rc.d samba start
      and comment it out like:
      #/usr/sbin/invoke-rc.d samba start
    • Press the “ESC” key, then press the “:” key, then type “wq” followed by pressing the enter key
  2. There is a webserver that runs on the EeePC any time you launch the anti-virus icon under settings.  It by default hides the content from the internet, but the webserver is still listening on the internet port.  To force the webserver to ONLY listen to your local machine (and not advertise to the rest of the world) do the following.
    • You need to edit the following file using the commands:
    • sudo vim /usr/lib/esets/webi/nginx/conf/nginx.conf
    • find the http {} section,  then the server {} section and
    • Press the “i” key to begin edit mode
    • change “listen 20032;” to “listen localhost:20032;”
    • Press the “ESC” key, then press the “:” key, then type “wq” followed by pressing the enter key
    • Reboot the computer as there is no clean way to stop the service.

Ok, so now the why part.

The EeePC (including my brand new one) ships with a old version of samba enabled to start on boot by default that has a known remote attack that can grant root priveleges.  That is VERY bad:

http://risesecurity.org/blog/entry/6/

Also the webserver that runs when you start up the anti-virus program on the EeePC is the legacy stable branch (one entire version behind current stable) and several revisions of that behind the current legacy stable revision:

http://nginx.net/CHANGES-0.5

The EeePc runs version 0.5.33 from November of 2007.  You’ll notice in the change log several fixed segfaults and other bugs, some of which could lead to security issues.  It’s best not to take chances and make sure it doesn’t report to non-localhost requests.

I just posted my review of my new EeePC 1000. This is the Linux version with the 10″ screen and 40GB worth of solid state drive. So far I like it, hardware is great, software is good, security sucks.

Go here to get the details.

Well it’s coming up, LinuxWorld Conference and Expo is only three weeks away.  I had the opportunity again to chair the Security Track, and though it was a rough year getting the session together (This is the first time since I’ve volunteered at LinuxWorld that it conflicted with BlackHat Las Vegas, perfect timing for the security track 😛 ) I think it’s a pretty well rounded track.

I’ve finished getting all my travel arrangements together and looking forward to San Francisco (nothing against Vegas, but I love the local food in San Francisco!).

If you haven’t done it yet, and are still interested in joing the fun out in San Francisco here is a code to get 20% off registration for LinuxWorld packages: PRC20 It’s a “Friend’s of the Program Committee” Special.  Here’s the link to the show:

I’ve been watching this for a while now, and took note of a recent ruling in a US court which said you have no expectations of privacy at the border when returning from international travel. This means that when you are returning from an international flight to the US you are not on US ground when you land, and you miss out on many of your constitutional protections, apparently. Border agents can take ALL your electronic devices and make copies of the data, they can compel you to login to your computer, they can request encryption keys, they can do all of this with out having a reason for suspicion. All those emails, love letters, family pictures, they can all become goverment property just because they feel like it. There are no formal rules regulating it either yet.

If you don’t think this is a problem, I suggest you invite the police to come into your home and search through all your records, all your receipts, all your drawers, everything. I’m sure they can find some little law somewhere you broke (got an illegal radar detector? Didn’t pay USE tax on those internet purchases? Maybe a bad cop finds some intimate photos of you and the wife and decides to earn some money on the side by blackmailing you, or just enjoy them personally), cross your fingers.

Right now there is little to NOTHING you can do about it. And this hasn’t received much attention from mainstream press yet, which is sad. It’s all done in the name of protecting against terrorist and child molesters, and it will likely help neither of those causes. What it does mean are your corporate secrets on those company laptops are now the Government’s. All those personal moments in email and photos are now the Government’s. Your new idea you haven’t gotten patented yet that was going to let you break into the big time? Yeah, gov’t has it now.

If you worry at all about this (which you should if you travel internationally) you should write your representatives. They could at least have the common courtesy of setting some regulations and limitations on it. Oh, and yes other Governments can do this too. Flying into the UK? Yes they can search you just the same. Think twice about your laptop, smartphone, pda, they hold a LOT of information.

Here is a good article talking about how you might be able to do to protect your “Intellectual Property” (I hate that term, but at least I’m using it for good, kinda). Schneier on Security

« Previous PageNext Page »

Copyright © 2015 · All Rights Reserved · Cafaro's Ramblings