#wordpress – Page 29 – Will Chatham's Blog

March 14, 2009

SWAT in 60 seconds

Q. What is SWAT?
A. It’s the “Samba Web Administration Tool”

Q. What can I use it for?
A. (shrug )Maybe to quickly setup a SAMBA server etc. 😉 from following my previous howto.
A2. It does have some good info even if you don’t use it for your SMB configuration.

We all know it’s best to use the command line interface (CLI) when learning something,
and most GUI tools don’t give you all the options anyway. However, it’s nice to have a GUI tool when you’re in a rush or you just want to try something new without digging for hours.

This article assumes you have already installed SAMBA. See my previous article if you haven’t.

According to the SWAT docs, it will overwrite you current SMB.conf,
so you may want to backup your current one first.

# Backup the current smb.conf
sudo cp --preserve=context /etc/samba/smb.conf /etc/samba/smb.conf.pre-swat

# Install the SWAT tool
sudo yum install -y samba-swat

# Set the service to launch and start it up
sudo vi /etc/xinetd.d/swat (change the disable from yes to no) sudo /sbin/service xinetd restart

# Browse to
http://localhost:901/

* Addtional Info:
http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/SWAT.html

March 14, 2009

SAMBA – Home Directory Shares Made Easy

Q. What is SAMBA?
A. “Samba is a Free Open Source Software suite that provides seamless file and print services to SMB/CIFS clients.”

Q. Where is SAMBA’s home?
A. http://www.samba.org

Q. Why did you bother writing this?
A. Several reasons, mostly to help myself and others.

Note: You may want to copy/paste this into a txt file for easier reading.

---------------------------------------------
This “entry level” guide will show you how to configure SAMBA in order to let users
browse their home folders under Linux via Windows.

Please note: I write these guides under RHEL/CentOS. However, they should work under any distribution. You still may need to tweak things a little. ;0)

I’m also assuming you have sudo rights. You shouldn’t work from root!

---------------------------------------------
If you’ve installed the default settings for SELinux, it will be in “Enforcing” mode.

# To check your SELinux status. (1 = Enforcing, 0 = Permissive)

[[code]]czozMDpcInNoZWxsJmd0OyAvdXNyL3NiaW4vZ2V0ZW5mb3JjZVwiO3tbJiomXX0=[[/code]]

# If you wish to change the state from Enforcing to Permissive temporarily

[[code]]czozNzpcInNoZWxsJmd0OyBzdWRvIC91c3Ivc2Jpbi9zZXRlbmZvcmNlIDBcIjt7WyYqJl19[[/code]]

If you wish to change it permanently between reboots, alter the /etc/selinux/config file to say Permissive
If you wish to keep using SELinux, I’ll provide the extra step to work with this guide,
other wise just ignore the SELinux “setsebool” command.

NOTE: Review the /etc/samba/smb.conf for addtional SELinux settings.
---------------------------------------------
# Install the SAMBA server.

[[code]]czozMjpcInNoZWxsJmd0OyBzdWRvIHl1bSBpbnN0YWxsIHNhbWJhXCI7e1smKiZdfQ==[[/code]]

# Add a user for testing the SMB/CIFS Shared Home directory.

[[code]]czo3MDpcInNoZWxsJmd0OyBzdWRvIC9zYmluL3VzZXJhZGQgc2FtYmF0ZXN0CnNoZWxsJmd0OyBzdWRvIHBhc3N3ZCBzYW1iYXRlc3R7WyYqJl19XCI7e1smKiZdfQ==[[/code]]

# Configure the user “sambatest” smb password.

[[code]]czozNzpcInNoZWxsJmd0OyBzdWRvIHNtYnBhc3N3ZCAtYSBzYW1iYXRlc3RcIjt7WyYqJl19[[/code]]

# Backup the /etc/samba/smb.conf file prior to any changes.
# Edit the smb.conf file and set your “workgroup” / “netbios name” if needed.

[[code]]czoxMTI6XCIKc2hlbGwmZ3Q7IGNkIC9ldGMvc2FtYmEKc2hlbGwmZ3Q7IHN1ZG8gY3AgLS1wcmVzZXJ2ZT1jb250ZXh0IHNtYi5jb257WyYqJl19ZiBzbWIuY29uZi5vcmcKc2hlbGwmZ3Q7IHN1ZG8gdmltIHNtYi5jb25mClwiO3tbJiomXX0=[[/code]]

workgroup = workgroup (this is Windows default group)
netbios name = CENTOS (don’t forget to uncomment this line)

# Set the SMB daemon to start on boot up. (for levels 2345)

 [[code]]czozNzpcInNoZWxsJmd0OyBzdWRvIC9zYmluL2Noa2NvbmZpZyBzbWQgb25cIjt7WyYqJl19[[/code]]

# Start the SAMBA daemon.

 [[code]]czozODpcInNoZWxsJmd0OyBzdWRvIC9zYmluL3NlcnZpY2Ugc21iIHN0YXJ0XCI7e1smKiZdfQ==[[/code]]

# OPTIONAL (if using SELinux)

[[code]]czo2MzpcInNoZWxsJmd0OyBzdWRvIC91c3Ivc2Jpbi9zZXRzZWJvb2wgLVAgc2FtYmFfZW5hYmxlX2hvbWVfZGlycyBvblwiO3tbJiomXX0=[[/code]]

---------------------------------------------
# You’ll want to edit your iptables/firewall rules to allow connections.
# I would recommend locking this down to local network hosts etc.
# I’ll assume your trusted hosts are on a 192.168.1.0/24 network.

[[code]]czoxMTY6XCIKc2hlbGwmZ3Q7IGNkIC9ldGMvc3lzY29uZmlnCnNoZWxsJmd0OyBzdWRvIGNwIC0tcHJlc2VydmU9Y29udGV4dCBpcHR7WyYqJl19YWJsZXMgaXB0YWJsZXMub3JnCnNoZWxsJmd0OyBzdWRvIHZpbSBpcHRhYmxlcwpcIjt7WyYqJl19[[/code]]

-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp -s 192.168.1.0/24 --dport 137 -j ACCEPT-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp -s 192.168.1.0/24 --dport 138 -j ACCEPT-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s 192.168.1.0/24 --dport 139 -j ACCEPT-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s 192.168.1.0/24 --dport 445 -j ACCEPT

---------------------------------------------
# From Windows, browse your “workgroup” network and you should now see “CENTOS”
# Simply log in with the account/smbpasswd you’ve created.

---------------------------------------------
Additional Info:

* Official Samba 3.2.x HOWTO and Reference – http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/

* SELinux Guide – http://docs.fedoraproject.org/selinux-user-guide/f10/en-US/
Copying / Moving files and retaining SELinux Contexts – See section “5.10. Maintaining SELinux Labels ”

* Dan Walsh’s SAMBA / SELinux info – http://danwalsh.livejournal.com/14195.html

* IPTables
– https://help.ubuntu.com/community/IptablesHowTo
– http://fedorasolved.org/Members/kanarip/iptables-howto

March 10, 2009

Hacking Experts Exchange

Over the years, Experts Exchange has become quite the repository of tech advice, where people go to ask questions, then the experts compete to give the best answer and win the asker’s vote. It’s a pretty slick system, I suppose, if you are an ‘expert’, and your goal in life is seeing your username at the top of a list on their site, or if you have a question and have been unable to find an answer to it on any of the completely free message boards across the internet.

Whatever your reason for paying the fee to join their site, you have probably run across one of their pages if you have been searching for answers to a technical problem online. Their search engine placement has been historically good for a wide variety of key words and phrases.

A Bit of History

You have also probably run across Expert Exchange’s efforts to protect their paid content from the casual observer. If you are like me, you have seen them at the top of a search results page, cussed them out in your head, then moved on to the next result. That is because you know they often seem to have people asking the exact same thing you are in search of, and they seem to have people who have provided answers/solutions, but when you go there you are asked to pay to see the answers. But being the freebie seeking geek you are, you haven’t ever signed up for their site.

I remember that it used to be they would obfuscate their experts’ answers to a question with Javascript. That worked for a few minutes, until Firefox gained popularity and it became really easy to turn off Javascript.

For a long time, I thought that they had ended up removing their experts’ answers altogether. However, I learned that Experts Exchange is using a simple visual cue to make you think this so that you won’t find the coveted content for which they take great lengths to protect (and charge you $12.95 a month for access to).

The Hack

The secret is, if you just keep scrolling down the page, you will see all the answers to the question at the top of the page! What they do to make you think there is nothing there is show several empty bars of “Expert Comment” and “Accepted Solution”, followed by a “Sign up to view this solution” section, making you think the content is hidden. Below that, you will see a ton of “footer links”, making you think you are at the bottom of the page. However, keep going, and you will find the hidden pot o’ gold.

Why would they do this? Because they need Google to be able to crawl their content so they can maintain the excellent search engine placement they usually have. If they only showed the question, and not the answers, they would have much less worthy text to index, so it really behooves them to have that text shown somewhere in plain view. Obfuscating it with Javascript or CSS will only end up hurting them because Google looks at those things as ‘trickery’ due to the fact that they can be used for keyword stuffing.

This isn’t to say I don’t advocate paying for their service. I actually had the company I used to work for pay the fee a few years ago, but didn’t find myself using it that much, so I didn’t ask them to renew it.

In summary, scroll scroll scroll your way to the bottom of the page when you find an Experts Exchange result while troubleshooting on the Internet.

March 3, 2009

Apple has new goodies……sort of

I’ve been waiting a LONG time on the new Mac-Mini refreshes, and I have to say I was surprised at the new versions. They’ve got a little kick to them this go around. However, if you bump the RAM up to at least 2GB and add the 3year warranty and a new keyboard, you are sitting at about $900.00

If you don’t care about the warranty and don’t need the keyboard, you can still get the 2GB of RAM and keep it down to $649.00.

Also, they released new Mac Pros and iMacs. I have to say I was impressed, that is, until I read a little more. Apple and I have a strange history: I love to support them and I love OSX. However, they always seem to just MISS my cup of tea, and I always think…”Well, I’ll wait for the next round”.

Let me explain. As you know (or don’t) Apple has pretty much switched from ATI to Intel to Nvidia for graphics. However, even with the brand new models, the BEST you can get (Nvidia wise) is a GeForce GT 130. If you are thinking “130…what the hell is that?”, read on.

Basically, as most of us know, the “best of the best” in the Nvidia world is the “GTX 2xx” series, and prior to that, it was the 9800 Series. Well, Nvidia has renamed their chip line on the 9600/9500 line to…you guessed it! “GT1xx” !!!!!!

If I’m right, it seems the GT 120 is a renamed 9500 and the GT130 is a renamed 9600! I can’t believe that even on the HIGH end Mac Pro, they DON’T offer at least ONE version of a GT280! However, they do seem to offer a ATI 48xx series, which is good, but as I said I LOVE Nvidia.

Now on the other hand, I’m always looking at this situation from the stand point of “what if I want to GAME and run everything with nice resolutions and AA etc”, and as most of us know…if you want to game with the big boys, just build a PC. Well, that still seems to be the case.

On the brighter side of things, these new Macs truly have some wonderful configurations and will be very good machines, especially for those people that just want to do everything but the high end gaming.

My advice:

If you’ve never had a Mac, and don’t care about gaming at all, but need a complete computer (monitor and all) I would go for the 1499.00 iMac, as it has a 24inch screen.
If you think you’ll game from time to time, I would go for the 1799.00 iMac and possibly upgrade the video card to the GT 130 or the ATI card.
If you’ve never owned a Mac and are happy with your current computer, but are curious about OSX and would like to just use the monitor, mouse, keyboard etc. that you have, then go for the entry Mac Mini and upgrade the RAM to at LEAST 2GB.

If you’re a hard core gamer and want to keep up with the latest games etc…just keep building PCs or check out the Dell XPS 630 for a great entry gaming rig that can upgraded as needed.

HTH.

March 2, 2009

Geeky Greats: Free Apps For Better Geekery

I am always on the hunt for applications which either improve my workflow, provide me with a free alternative to something I would otherwise have to pay for, or generally improve my geek stature. So without further ado, here is a short list of some of the apps I have found recently:

.htaccess Editor – This web-based tool allows you to quickly generate .htaccess files for your web site, without having to remember your way through vi or having to look up the sytnax when trying to do some basic user authentication.
InstallPad lets you create a list of applications you often find yourself installing when setting up someone’s Windows-based PC. Any application which can be directly downloaded from the Internet can be added to InstallPad. All you have to do is run the self-contained InstallPad executable file, and it will go grab all the apps from the Internet and install them for you. It’s a pretty slick way to set up Firefox, Thunderbird, and more, all with one double click for free.
Google Analytics Reporting Suite – A free Adobe Air-based application which runs from your desktop and allows you to quickly monitor all of your Analytics accounts through a very smooth interface, optimized to be less sucky than the clunky interface provided by Google. Requires Adobe Air, also a free app.
MailStore Home – I have written about this free tool before, and it still blows my mind so much that it deserves to be mentioned again. MailStore allows you to back up and archive your email accounts, whether they be in Outlook, Thunderbird, or GMail (or others). This tool saved my neck when my email accounts got too big for MozBackup to handle without crashing. Now, I can use MailStore and archive stuff to keep my inboxes streamlined, then backup the archived email with my favorite paid backup tool, Carbonite.
Tweet Deck – If you are a Twitter user, this is THE tool for keeping up with everything, posting, and more. Another free Adobe Air application, Tweet Deck runs from your desktop and has more bells and whistles than a elementary school band class.

February 27, 2009

Funny Quote

I came across a funny quote on Twitter yesterday:

“Anyone who thinks American Idol is a great show should be smacked upside the head with a Wal-Mart.”

February 24, 2009

RHEL and KVM Agenda

Well….as I posted not that long ago, Red Hat is changing the way they do business with Virtualization.

See the official news release here.

http://www.redhat.com/about/news/prarchive/2009/agenda.html

It seems they are serious about using KVM for their future, as they scooped up the parent company last Sept. and are gearing towards full swing in RHEL 5.4

http://www.qumranet.com/

😉

February 20, 2009

Black Hat DC 2009

I’m on my way back from the Black Hat DC 2009 briefings, and thought I’d give a brief synopsis of my experience there while waiting to catch a plane.

This was the first opportunity I’ve had to attend such a conference, and it was made possible by Alan over at StillSecureAfterAllTheseYears.com (yes, you made my year!). Being in the DC area, this smaller-brother version of the Black Hat Vegas conference is geared more towards the federal sector, which was perfect for me since that is where I work.

The conference was kicked off by Paul Kurtz (check it out here), former advisor to Presidents Clinton and Bush, and current candidate for President Obama’s Cyber-Czar position. He described the complex, if not disturbing, state of our country’s cyber-readiness in response to a “cyber Katrina” disaster.

It is a grim situation for which a lack of communication between the various parts of our cyber infrastructure are at fault. He likened it to the pilot training facility in Florida, which trained the pilots of the 9/11 attack, not passing along any info to the government about what was going on. The same thing, said Kurtz, is occuring with our country’s ISP’s. He didn’t really go into how to solve it in detail, but I was left fearing that an increase in communication between ISP’s and the government would only lead to more of a Big Brother scenario than we already have.

I chose to attend the Attack and Defense tract of briefings as opposed to the Reverse Engineering tract at Black Hat. All in all, I was not disappointed, though a few of the topics were very dry and very granular. Some of the other attendees I talked to were in agreement that the level of detail tended to get very specific, and thus less relevant to the majority of the people attending.

Still, I learned a lot in many of the briefings, including:

Blinded by Flash: Widespread Security Risks Flash Developers Don’t See (presentation here)
Dissecting Web Attacks (presentation here)
Windows Vista Security Internals (presentation here)

The best presentation I saw this week was by an independent hacker going by the name of Moxie Marlinspike, who’s presentation on New Techniques for Defeating SSL/TLS generated the most buzz amongst the conference attendees and the blogosphere.

Moxie demonstrated a method he devised using a tool he wrote called SSLStrip, which allows one to launch a man-in-the-middle attack on someone attempting to log onto a secure site by taking advantage of “positive feedback” techniques currently employed by modern web browsers, and making someone think they are on a secure web site. In actuality, they are on your version of the site, and once you have their login credentials captured, you send them on their way without knowing the difference.

Moxie had a 100% success rate of fooling people on the Tor network using this technique, collecting passwords for Paypal, Facebook, and other popular “secure logon” sites.

There were other good briefings, and I met a bunch of cool people. As I posted on Twitter during the conference, rubbing elbows with the DC securiy elite made me realize how quaint Asheville is. I hope to be able to attend more conferences of this genre, and the opportunity for learning is much greater than sitting in a training room listening to a teach drone on about a single subject.

February 19, 2009

Ubuntu Pocket Guide & Reference – FREE!

It seems Keir Thomas has released a nice little book “Ubuntu Pocket Guide and Reference” which can be purchased for under 10 clams. However, he has also released the PDF version free to the world.

I really like Ubuntu and not just because it’s one of the easiest distros to make everything work (I.E. non-free video drivers etc)…..it truly is a very nice distro in all ways. (especially for the new users)

So if you’re new to Linux and are trying out Ubuntu, head over and grab the free PDF. If you like it….buy it. While Linux kernels are free, we still need to support the guys writing about it. 🙂

Main links of note:

Ubuntu – http://www.ubuntu.com/
Ubuntu Guides – https://help.ubuntu.com/
Ubuntu Community Forums – http://ubuntuforums.org/

HTH.

February 16, 2009

Verizon Wireless Broadband – RHEL 5.x / CentOS 5.x

I’m using the UM175 model so your mileage may vary.

Note: Red Hat officially supports various DELL branded EVDO modems by default in 5.x (see release notes)

Insert the UM175 and make sure the system detects it.

Example:
shell>dmesg
usb 5-1: USB disconnect, address 3
usb 5-1: new full speed USB device using uhci_hcd and address 4
usb 5-1: configuration #1 chosen from 1 choice
cdc_acm 5-1:1.0: ttyACM0: USB ACM device <—— Note the cdc_acm driver was loaded for it and the device is under ttyACM0 (/dev/ttyACM0)

Unfortunately, I couldn’t figure out how to use NetworkManager under RHEL 5.3 (yet) so I reverted back to the standard “network” service instead.

Example: (You DO NOT need to do this if you’re NOT using NetworkManager)
shell> sudo /sbin/service NetworkManager stop
shell> sudo /sbin/chkconfig –level 2345 NetworkManager off
shell> sudo /sbin/chkconfig –level 2345 network on
shell> sudo /sbin/service network start

Then use the “system-config-network” utility (Under – SystemAdministrationNetwork )

1. Select the “Hardware” tab and click “New”

2. Select “Modem” as the hardware type.
Note: The above info from dmesg shows “ttyACM0”, this will NOT be listed in the “Modem Device” selection (at least under mine it wasn’t), so simply erase what’s there and type in “/dev/ttyACM0” (no quotes). I left everything else the same and clicked “OK”.

3. Select the “Devices” tab and click “New” this will start a Wizard.
* Select “Modem” and click Forward.
* Fill in “Phone Number” with “#777” (no quotes)
* Fill in “Provider Name” with whatever (I put Verizon)
* Fill in “Login Name” with “AREACODEYOURWIRELESS#@vzw3g.com” (no quotes)
* Fill in “Password” with “vzw” (no quotes)
* Click Forward and leave the defaults (DNS etc.)

4. Activate your new configuration (this will restart the network controls etc)

You may want/need to set various options under the ppp configuration (like auto start etc).

You should now be able to connect. Until someone posts how to get the NetworkManager working, you may want to create a shortcut of the “Network” applet on your Panel/Desktop. 🙂

Note: There are various ways to skin this cat. I just posted the easiest way I could for the general “Desktop” usage. ;0)