Hacking Linux Exposed

Well it’s official I’m a published writer!

About a week ago I finally got my copy from the editor of Hacking Linux Exposed 3rd Edition.  This was a really interesting project I worked on last year. The book was writen in collaboraton, and organized by ISECOM, so I got a chance to work with a lot of top notch guys and gals in the security / Linux area.

It’s a shame I couldn’t have some face time with them, but I hope we’ll meet somewhere along the line to match a face with the name.

I started out helping as a technical reviewer on the book, basically I got the chance to read the book in advance and give some feedback.  After some time major changes had to be made on some chapters, complete rewrites in some cases.  Pete Herzog asked me if I could help out with one of the chapters.

So to make a long story short, if your read chapter 14: Mail Services; that will be me.

I haven’t had time to read the published edition, but all the chapters I got to review were just great.

I can’t agree more with Pete Herzog when I wrote:

The book will help people focus on securing their Linux systems no matter what they do with it– desktop, services, coding workbench, wireless node, PBX, VOIP, etc. by hacking them, it just doesn’t waste your time with old exploits.

Have fun and get ready for a hell of a ride!

Opensource replacement for Visio

I’ve been looking actively for an open source replacement for Visio, the programs work but the main weakness is the lack of the “stencils” or figures to make the diagrams.  The artwork that I found is really lacking the help of a designer.

I checked out Dia 0.96.1 which I had used before and it works really good but as I stated before it lacks the artwork.  The good thing is that there is hope, as stated in it’s web site: “It is also possible to add support for new shapes by writing simple XML files, using a subset of SVG to draw the shape.”

Open Office Draw 2.4.1 is also suitable for the job.  I personally it is a little more limited than Dia for the job, but maybe it’s just my impression.  As a drawing tool it is more complex and give you more for your Money effort like object rotation, and other effect.

Kvio 1.6.3 is also a nice tool.  I have to say that it works really well.  It’s light and has good handling of stencils, they get extra points because it automatically finds and uses the Dia stencils.  The only thing I really don’t handle well yet is that all objects when placed on the sheet a TOO BIG.

Is there a chance that someone with good graphic skills opens an Open Source project to make some standard shapes or stencils that can be used by all  3 tools or any other tools that wants to use them.  If a momentum is created it is also possible to make the Vendors want to publish their shapes in this standard format.

Howto: UMTS Card Fedora 9

After a lot of fighting I finally got my UMTS card working with Fedora 9.

I have a T-Mobile Web’n’Walk II card which turns out to be a Option GEO201 by Qualcomm.  The main problem with this card is that someone had the wonderful idea of integrating a usb flash drive (so you don’t ever loose the drivers) with a usb gsm modem.

The main trick is to use a small program called usb_modeswitch which disables the flash drive and loads the modem’s driver.  So lets cut the chat and get it done:

  1. Go to http://www.draisberghof.de/usb_modeswitch/ and download the latest version of the file.
  2. Make sure you have  libusb + libusb-devel + lsusb installed$ sudo yum install libusb libusb-devel usbutils
  3. Unpack, build and install the usb_modeswitch.

    $ mkdir ~/tmp
    $ cd ~/tmp
    $ tar jxvf ~/Download/usb_modeswitch-0.9.4.tar.bz2  # or a newer version
    $ cd ~/tmp/usb_modeswitch-0.9.4
    $ ./compile.sh
    $ sudo install -m755 -o root usb_modeswitch /usr/sbin
    $ sudo install -m744 -o root usb_modeswitch.conf /etc/

  4. Now lets setup udev so it automagically runs usb_modeswitch when the card is inserted.  This gives us the plug ‘n play behaviour.  This we will do as root.

    $ /bin/su –
    # vi /etc/udev/rules.d/70-persistent-net.rules
    ####  => Insert the following text:

    #Globetrotter HSDPA Modem T-Mobile Web’n’Walk Express II
    #Bus 002 Device 003: ID 0af0:6701 Option
    #idVendor=05c6, idProduct=1000 are the infos of the flash drive
    #idVendor=0af0, idProduct=6701 are the infos of the HSDPA Modem

    SUBSYSTEM==”usb”, ATTR{idProduct}==”1000″, ATTR{idVendor}==”05c6″, RUN+=”/usr/sbin/usb_modeswitch”

  5. Make sure that the ” are correct, and that the copy paste doesn’t screw them up (got reports that it does)
  6. Setup the card using the network manager.  Here is my setup for T-Mobile in Germany

Note: The values I used for the udev script I got from running: # lsusb -v

Well hope that sets you up to go.  This should work with other Linux distributions as well

Thanks Per Lasse for the comments and corrections 😀

11.12.2007: I upgraded my laptop to Fedora 10 and it works flawless
Tested it in Ubuntu 8.04 LTS and 8.10

Moved to WordPress

Hi after a long silence I finally got the time to catch up with the blogging.  So the best thing to do of course is update my software..

Well after upgrading from b2evolution 2.0.x to 2.4.x my hosting server started complaining about memory!!  I decided to try WordPress out just before moving to a better environment and it worked out great!  Well is was a pain moving all my post manually:  on the WordPress site there is a script that was supposed to take care of that, but it’s last upgrade is 1.9.

Well I’m back and writting again.

Authoring a blog

I’ve been trying for some years now to create a blog and really commit to writing it, not just to make a comment on the latest news or to just share a link but to share: my views, experience, to give my two cents to make the world a better place.

I got the idea from Rob, and if I remember correctly the original idea was to practice writing, share some hacks and stuff he had been doing. I followed his lead a couple of months later and instead of just working with the software he already had working I did it the “geeky way”: installed my own blog software on my server. Getting back on track to finishing the idea, it didn’t work! I just wasn’t disciplined enough to write periodically.

After working on a book last year (which I’m waiting to be published to gain my full bragging rights Hacking Linux Exposed 3rd Edition) I realized how much I enjoy writing. The hard part comes in what to write about, creating new content.
In a normal day in front of the computer I go through just to many blogs and news feeds (I really have to cut some off), I got my regulars (which include Schneier, Rothman, The Reg, Hoff, last but not least Scott Adams) that I really learn stuff from, got the news feeds. I have found that comments on those pages and post are in many cases even more influential that the original post.

I ran into an article in the last couple of days that really made me remember something I’ve been observing more and more over the last couple of years: the “blogspheare” is full of floggers!! People that comment and “re-fry” the news just for the hell of it, just for completeness. Creating content or authoring is not that simple (at least not for me), it requires thought, creativity, time and dedication. …

I just finished reading Bruce Schneier’s Secret and Lies and instead of making a bibliography or making extensive use of references throughout the book he wrote a chapter called “References”. In it he states the following:

The ideas in this book have been heavily influenced by the ideas and writings of others“,

I really couldn’t agree more. Are intellect, what we know and therefore a big part of who we are has been influenced and authored over the years by many people. There is a big difference between reasoning on ideas, concepts, or knowledge in a general sense; and the “copy paste culture” that has been going around inn schools since the beginning of times. The later has become more popular since the content is available in a digital form, the kids don’t have to retype and rephrase the contents of the encyclopedia like we did back in the day. They simple push ctrl+c ctrl+v, change the spacing and the homework is done. Teachers and tutors in the later school years have been fighting very hard to avoid this behavior, to the point that students are afraid of stating an opinion or concluding something because of the possibility of being tagged as “plagiarist”. The “copy paste culture” is evolving into a new mix: intellectually afraid students and a culture of “we think”; like referred to in the following story by William Davies.

The bottom line is that I will make an effort to publish every time I can and to avoid flogging whenever possible. (You were expecting something more intense right? Me too)

Fedora Counter

It’s no secret that I’m a Fedora User and advocate. I’ve been using Red Hat Linux since ’97 and Fedora since the change. So I just found a js with a counter for the release of Fedora 9 and set it up. There have been many changes over time, some versions I really didn’t like: Red Hat 9 or Fedora 4. I’m not sure of the details of why I just remember upgrading and downgrading a week later. I really have my hopes up for Fedora 9, the actual stable release (8) isn’t one of my favorite upgrades: it fixed some things and broke others. We’ll see what Fedora has in store for us. I’ll be posting a small review once I upgrade and the workarounds I use to get my box working just how I like it.

What is X in English please!

Reading through the Red Hat Magazine I found an article with something of a Dejavu: user awareness and “education”. I’ve read it, heard it and said it a billion times; if we can’t make the users aware of the risks that they are exposed to on a daily basis, of some basic concepts, we are all screwed!. I bet all of you have lived at least once to be sitting in an class room, auditorium, web cafe or any other place and the guy or gal next to you just smacks you with the most basic of questions: What is X? in English please! That’s the moment when one of two things happen:

  1. You turn around and look at him with anger and think what the hell is this specimen doing attending this class/talk/presentation/name it?
  2. You remember about that user awareness thing you’ve read about in so many articles and books before , give him a short answer and after it’s all over you try to break this poor soul the basics

As I stated before if we can’t make the users understand a bit of how a computer works, if we can’t help are colleagues, family & friends get the basic concepts of the machine and the network they have at fingers it’s a fight we cannot win. That is because the “bad guys” are going to target them and they are just to many. So when ever you get 5 minutes to work as a multiplier, to break some basics to your users, or better yet are in position to start program in the office do so. The world and all fellow security / technology savvy people will thank you.

AV Comparisson

About a year ago I went through the process of evaluating AV’s for the company I was working for.
What I did was the following:

  1. Setup some detection tests using Eicar and some “wild” viruses.
  2. I asked some vendors that I had short-listed (Symantec, Sophos, Panda, Fortinet) to provide fully fledged versions.
  3. For each of the vendors I looked up their listed vulnerabilities in the past year (ovdb) and the time it took them to issue and install an update.
  4. Compared the upgrade strategy: engine, threat DB, application; some vendors don’t automatically give you all of that.
  5. Used info from http://virusbtn.com to compare some results in time.
  6. Setup demos to see them in action, and test their reporting capabilities in real time.
  7. After all the technical work, of course $$$ came into play.

With the information I made a BIG table and put some weights on the items and let the best player win.


PS: For those who will ask, Sophos came out with the best results in our environment.