Posts by Pablo Endres

VMware Workstation linux kernel upgrade

After test driving the latest version of VMware Workstation: 6.5.0.  I must say that they fixed most of the small things that made it a pain in the … hard to work with or better described apt for more advanced users.  You get a straight forward RPM installation and everything just works!, you don’t have to patch it anymore.

I did just find a small problem after installing the latest Fedora 9 kernel upgrade to 2.6.27.x, as usual it didn’t start because the new kernel modules have to be built.  The GUI detected the problem, and tried to do it itself but I couldn’t find the reason why so I found two ways to make it work:

  • Reinstall the rpm
  • Use the following oneline:

TERM=dumb /usr/bin/vmware-modconfig –console –install-all

/etc/init.d/vmware restart

The old vmware-config.pl is gone or maybe just masked but it works as it should.

Changes to the data collection law in Germany

I’ve been living in Germany for a little more than a year now, and since then lots of things have really impressed me in the way privacy, digital rights, data collection, infomation security are managed in politics.

There have been some major attempts to create a state of surveillance protect the people and the institutions from hackers, terrorists in exchange for freedom and civil liberties.  Let’s take for example the Skype Trojan they intented to create and use out in the wild without warrants, the prohibition of “hacker tools” or the data collection law.

After giving a big fight, last week the court in Karlsruhe ruled that:

Data can only be collected when the stability or security of Germany or another country need to be defended and “life, limb, and freedom of German citizens” need to be protected (The Register)

I think this is a mayor advance, and I really hope this will be followed by action in the other controversial laws.

Certifications

Well after postponing it for quite a while I finally decided it was time to go down the certification path.  So there are a couple of questions that came to mind, I think I did my homework and these were my answers:

Why get certified?

Well it’s a way of proving that you know something to other people, in particular to potential new employers.  It is said that certs are a great way to boost your career or at least make a statement on where you want to steer yours to, i.e. if you take some CISCO certs, you probably what to pursue a the networking path; or if you take a security cert you’re showing that’s the way you want to go.

What certification should I get?

This was a hard one, there are lots of them out there.  So I took some notes and talked to people last year when I attended the RSA Conference 2007.  I also found a great website where they did some comparisons on with a lot of different variables.  After some thinking around I decided to start with Security+ and after that pursue OPSE and / or the well known CISSP.  So step 1 is done.

Other thoughts

A cert alone doesn’t make a good or complete professional, I know a couple of cert holders that don’t know squat and can’t solve a problem in their “area of expertise” even if their life depended on it.  One of those was and old colleague, he had a couple of the CISCO certs and said that he was an expert in networking but couldn’t understand the difference in the use of the POP3 (TCP 110) and webmail or HTTP (tcp 80), after that we just labeled him port 80.

Well officially as of last week I approved my Security+ exam and should continue down the cert road to get a couple more.

Hacking Linux Exposed

Well it’s official I’m a published writer!

About a week ago I finally got my copy from the editor of Hacking Linux Exposed 3rd Edition.  This was a really interesting project I worked on last year. The book was writen in collaboraton, and organized by ISECOM, so I got a chance to work with a lot of top notch guys and gals in the security / Linux area.

It’s a shame I couldn’t have some face time with them, but I hope we’ll meet somewhere along the line to match a face with the name.

I started out helping as a technical reviewer on the book, basically I got the chance to read the book in advance and give some feedback.  After some time major changes had to be made on some chapters, complete rewrites in some cases.  Pete Herzog asked me if I could help out with one of the chapters.

So to make a long story short, if your read chapter 14: Mail Services; that will be me.

I haven’t had time to read the published edition, but all the chapters I got to review were just great.

I can’t agree more with Pete Herzog when I wrote:

The book will help people focus on securing their Linux systems no matter what they do with it– desktop, services, coding workbench, wireless node, PBX, VOIP, etc. by hacking them, it just doesn’t waste your time with old exploits.

Have fun and get ready for a hell of a ride!

Opensource replacement for Visio

I’ve been looking actively for an open source replacement for Visio, the programs work but the main weakness is the lack of the “stencils” or figures to make the diagrams.  The artwork that I found is really lacking the help of a designer.

I checked out Dia 0.96.1 which I had used before and it works really good but as I stated before it lacks the artwork.  The good thing is that there is hope, as stated in it’s web site: “It is also possible to add support for new shapes by writing simple XML files, using a subset of SVG to draw the shape.”

Open Office Draw 2.4.1 is also suitable for the job.  I personally it is a little more limited than Dia for the job, but maybe it’s just my impression.  As a drawing tool it is more complex and give you more for your Money effort like object rotation, and other effect.

Kvio 1.6.3 is also a nice tool.  I have to say that it works really well.  It’s light and has good handling of stencils, they get extra points because it automatically finds and uses the Dia stencils.  The only thing I really don’t handle well yet is that all objects when placed on the sheet a TOO BIG.

Is there a chance that someone with good graphic skills opens an Open Source project to make some standard shapes or stencils that can be used by all  3 tools or any other tools that wants to use them.  If a momentum is created it is also possible to make the Vendors want to publish their shapes in this standard format.

Howto: UMTS Card Fedora 9

After a lot of fighting I finally got my UMTS card working with Fedora 9.

I have a T-Mobile Web’n’Walk II card which turns out to be a Option GEO201 by Qualcomm.  The main problem with this card is that someone had the wonderful idea of integrating a usb flash drive (so you don’t ever loose the drivers) with a usb gsm modem.

The main trick is to use a small program called usb_modeswitch which disables the flash drive and loads the modem’s driver.  So lets cut the chat and get it done:

  1. Go to http://www.draisberghof.de/usb_modeswitch/ and download the latest version of the file.
  2. Make sure you have  libusb + libusb-devel + lsusb installed$ sudo yum install libusb libusb-devel usbutils
  3. Unpack, build and install the usb_modeswitch.

    $ mkdir ~/tmp
    $ cd ~/tmp
    $ tar jxvf ~/Download/usb_modeswitch-0.9.4.tar.bz2  # or a newer version
    $ cd ~/tmp/usb_modeswitch-0.9.4
    $ ./compile.sh
    $ sudo install -m755 -o root usb_modeswitch /usr/sbin
    $ sudo install -m744 -o root usb_modeswitch.conf /etc/

  4. Now lets setup udev so it automagically runs usb_modeswitch when the card is inserted.  This gives us the plug ‘n play behaviour.  This we will do as root.

    $ /bin/su –
    # vi /etc/udev/rules.d/70-persistent-net.rules
    ####  => Insert the following text:

    #Globetrotter HSDPA Modem T-Mobile Web’n’Walk Express II
    #Bus 002 Device 003: ID 0af0:6701 Option
    #idVendor=05c6, idProduct=1000 are the infos of the flash drive
    #idVendor=0af0, idProduct=6701 are the infos of the HSDPA Modem

    SUBSYSTEM==”usb”, ATTR{idProduct}==”1000″, ATTR{idVendor}==”05c6″, RUN+=”/usr/sbin/usb_modeswitch”

  5. Make sure that the ” are correct, and that the copy paste doesn’t screw them up (got reports that it does)
  6. Setup the card using the network manager.  Here is my setup for T-Mobile in Germany

Note: The values I used for the udev script I got from running: # lsusb -v

Well hope that sets you up to go.  This should work with other Linux distributions as well

Thanks Per Lasse for the comments and corrections 😀

Updates:
11.12.2007: I upgraded my laptop to Fedora 10 and it works flawless
Tested it in Ubuntu 8.04 LTS and 8.10

Moved to WordPress

Hi after a long silence I finally got the time to catch up with the blogging.  So the best thing to do of course is update my software..

Well after upgrading from b2evolution 2.0.x to 2.4.x my hosting server started complaining about memory!!  I decided to try WordPress out just before moving to a better environment and it worked out great!  Well is was a pain moving all my post manually:  on the WordPress site there is a script that was supposed to take care of that, but it’s last upgrade is 1.9.

Well I’m back and writting again.

Authoring a blog

I’ve been trying for some years now to create a blog and really commit to writing it, not just to make a comment on the latest news or to just share a link but to share: my views, experience, to give my two cents to make the world a better place.

I got the idea from Rob, and if I remember correctly the original idea was to practice writing, share some hacks and stuff he had been doing. I followed his lead a couple of months later and instead of just working with the software he already had working I did it the “geeky way”: installed my own blog software on my server. Getting back on track to finishing the idea, it didn’t work! I just wasn’t disciplined enough to write periodically.

After working on a book last year (which I’m waiting to be published to gain my full bragging rights Hacking Linux Exposed 3rd Edition) I realized how much I enjoy writing. The hard part comes in what to write about, creating new content.
In a normal day in front of the computer I go through just to many blogs and news feeds (I really have to cut some off), I got my regulars (which include Schneier, Rothman, The Reg, Hoff, last but not least Scott Adams) that I really learn stuff from, got the news feeds. I have found that comments on those pages and post are in many cases even more influential that the original post.

I ran into an article in the last couple of days that really made me remember something I’ve been observing more and more over the last couple of years: the “blogspheare” is full of floggers!! People that comment and “re-fry” the news just for the hell of it, just for completeness. Creating content or authoring is not that simple (at least not for me), it requires thought, creativity, time and dedication. …

I just finished reading Bruce Schneier’s Secret and Lies and instead of making a bibliography or making extensive use of references throughout the book he wrote a chapter called “References”. In it he states the following:

The ideas in this book have been heavily influenced by the ideas and writings of others“,

I really couldn’t agree more. Are intellect, what we know and therefore a big part of who we are has been influenced and authored over the years by many people. There is a big difference between reasoning on ideas, concepts, or knowledge in a general sense; and the “copy paste culture” that has been going around inn schools since the beginning of times. The later has become more popular since the content is available in a digital form, the kids don’t have to retype and rephrase the contents of the encyclopedia like we did back in the day. They simple push ctrl+c ctrl+v, change the spacing and the homework is done. Teachers and tutors in the later school years have been fighting very hard to avoid this behavior, to the point that students are afraid of stating an opinion or concluding something because of the possibility of being tagged as “plagiarist”. The “copy paste culture” is evolving into a new mix: intellectually afraid students and a culture of “we think”; like referred to in the following story by William Davies.

The bottom line is that I will make an effort to publish every time I can and to avoid flogging whenever possible. (You were expecting something more intense right? Me too)

Fedora Counter

It’s no secret that I’m a Fedora User and advocate. I’ve been using Red Hat Linux since ’97 and Fedora since the change. So I just found a js with a counter for the release of Fedora 9 and set it up. There have been many changes over time, some versions I really didn’t like: Red Hat 9 or Fedora 4. I’m not sure of the details of why I just remember upgrading and downgrading a week later. I really have my hopes up for Fedora 9, the actual stable release (8) isn’t one of my favorite upgrades: it fixed some things and broke others. We’ll see what Fedora has in store for us. I’ll be posting a small review once I upgrade and the workarounds I use to get my box working just how I like it.

What is X in English please!

Reading through the Red Hat Magazine I found an article with something of a Dejavu: user awareness and “education”. I’ve read it, heard it and said it a billion times; if we can’t make the users aware of the risks that they are exposed to on a daily basis, of some basic concepts, we are all screwed!. I bet all of you have lived at least once to be sitting in an class room, auditorium, web cafe or any other place and the guy or gal next to you just smacks you with the most basic of questions: What is X? in English please! That’s the moment when one of two things happen:

  1. You turn around and look at him with anger and think what the hell is this specimen doing attending this class/talk/presentation/name it?
  2. You remember about that user awareness thing you’ve read about in so many articles and books before , give him a short answer and after it’s all over you try to break this poor soul the basics

As I stated before if we can’t make the users understand a bit of how a computer works, if we can’t help are colleagues, family & friends get the basic concepts of the machine and the network they have at fingers it’s a fight we cannot win. That is because the “bad guys” are going to target them and they are just to many. So when ever you get 5 minutes to work as a multiplier, to break some basics to your users, or better yet are in position to start program in the office do so. The world and all fellow security / technology savvy people will thank you.

Prev13456Next