Of Penguins & Coffee

I’ve been trying a dozen different configurations of my 2x500GB SATA drives over the past few days involving switching between ACHI/IDE/RAID in my bios (This was after trying different things to solve my problems with Ubuntu Lucid Lynx) ; After each attempt I’ve reset the bios option, booted into a live CD, deleting partitions and rewriting partition tables left on the drives.

Now, however, I’ve been sitting with a /dev/mapper/nvidia_XXXXXXX1 that seems to be impossible to kill!

(more…)

Updates(26/3/10): Thought I’d give the liveCD another go (this time using the dailyx64 image and using unetbootin), thinking it must be something simple; so during boot i just kept pressing escape, before the splash screen came up. This got me around the splash screen issue and it seems as if everything is fine. Also, I found a matching bug report on launchpad, but no resolution as of yet. Guess we’ll have to wait and see.

Updates(25/3/10): With the greatest thanks to the guys at serverfault, I’ve still not been able to fix this issue, and will be lodging a bug report to launchpad whenever I get a chance

I’m a big Ubuntu fan; have been since my first Dapper Drake install, but I have never had such weirdness as I’ve had so far with Lucid.
I am at a loss to explain or even describe the trouble I’ve had with this.

(more…)

While working on an IDS Solution for a client, I came across Untangle, and I loved it so much that I pulled out an old box and loaded it up as my office firewall.

One thing that is lacking, from my perspective (at least in the ‘free’ edition) is the firewall interface; Untangle uses an IpTables based firewall, but doesn’t replicate the usual INPUT FOWARD OUTPUT rulebase. I think that in 90% of usecases for Untangle, this isnt a problem, but I found it a little bit alien to have portfowarding hidden in the Networking config pane, and firewall separatly.

(more…)

As part of the whole New Years Resolutions plan, I’m gonna get started on the OSS development thing.

The Gist: Cross Platform Mobile application to collect international data on cell reception.

The Gimmick: While services that do this exist, they assume even circular propagation of the signal. Granular reception maps that tell you where to head to to get more bars.

The Detail: Low level should be relatively simple; the Android, Blackberry and Iphone API stacks allow easy reading of the current cell ID, RSSI, and GPS Co-ords. Upload those three values over XML (or Something), Web service plugs that into a MySQL server, which is then aggregated, and displayed on the Web, and can be queried by the mobile app.
The Potential: While its unlikely that its going to ‘blow up’ since there is relatively little incentive for the end user, since the Applications are going to be free, there will be some that will install it for the sake of it. There is the opportunity to license the data gained service providers but the aggregated data will be made available online in open formats.

The Dream: Development of accurate localised RF propagation modelling for dirt cheap compared to professional surveying, so maybe people like AT&T and others could give better service in built up areas…

I’ll be keeping notes on the relevant Trac page

What do we think?

Recently the only additions I’ve been making to this blog are presumptious ‘
I’ll be doing this’ messages, and this is no excection.

I’ve been living and working in Athlone, Ireland for the past year and have really learnt alot and very much enjoyed myself, but however much I will miss the place, academia drags on; it sounds like a campaign slogan but I’m back in Queens for ‘TWO MORE YEARS…TWO MORE YEARS’

Anyway, as such i will be moving in to a house in Ebor St in Belfast with my long term partner and my little brother (in this economy who can blame him for grabbing coattails?) .

Now, while that will make for many personal and social changes, those are outside the scope of this blog; what it REALLY means is that for the first time, I’ll have a hackable (within partners aesthetic reasoning) house. Were planning on holding on the the place for 2 years so i can justify the investment.

This is the plan of things i want to set up, and I will be updating this page with some extra links and notes as i make them.

In no particular order

1. Shared media storage area for the whole house (probably using my MyBook) that will work with games consoles aswell as laptops/desktops internally and externally.
2. Shared calendars and timetables availiable.
3. Festival based alarm clock with dynamic alarm times based on respective timetables. (2)
4. VPN access for all housemates.
5. Some form of SFF pc in the living room to act as a Skype box attached to big-screen (My partner has ‘attentive’ parents that will be 3000  miles away, and mine will be about 500 miles away, i expect them to be in contact somehow, so it may as well make it as inexpensive as possible…)
6. Secure wireless (obv)
7. Centralised logging (syslog/snmp trap) across all ‘applicable’ machines, with some form of visualisation (mrtg)
8. X10 automation of (at least) lights, could be augmented by basic motion detectors and environmental montiors
9. Remote webcam (may turn this into a robotics/machine learning/machine vision project with the old eeepc and have a kinda roomba on steroids)

Its a big list and i dont expect to finish half of them, but what gets done will be documented here!

So, I love my lenovo tablet, so far through all the trails, tribulations, transcontinental visits, banging, bashing, bumping, swinging, twisting, scribbling, et al, its survived and become a near essential piece of my working and personal development.

Famous…Last…Words.

Appear back at the house last night after a fwe bevvies with the guys and loe and behold,

“Error 2100 – Hard drive initialization error”

The BIOS cant see the harddrive. But wait, lenovo built in that seemingly pointless blue button to do recover right? Recovery off the hard drive… That it cant see.

Anyway, enough of the problem, on to the solution. Starting from here and here

Lots of lovely corroborating evidence telling me unless your very…VERY lucky, your out of luck. (I have the Hitachi Hard drive, and had already reseated the drive in the bay).

Now, the X61 Tablet doesn’t have a optical drive. So what does Lenovo produce to solve this out-of-nowhere-disaster? A 30MB iso. In a format that cannot be booted from USB (please, correct me if I’m wrong)

Fortunately one of the guys in work (Thanks Mossey) had an external DVD burner. Borrowed that, grabbed the firmware update from here, burnt it to a DVDR (30MB wasted on a DVD!) and while praying, booted the machine.

It dropped into a lovely old-skool PCDOS display that, after some humming and haaing politely said “No firmware upgrade available”……

Fair enough, I’m one of those unlucky people, no worries, I’m sure i can just send in the harddrive for a replacement, only a few weeks…. But just to try it, i booted again, and magically, all back to  normal.

Now, maybe i just wasnt paying attention and the firmware DID get updated while i wasnt looking, but either way its a very strange “Success” message….

UPDATE: Problem got an awful lot worse but Lenovo treated me right, detailed here

Last week or there abouts, there was a big buzz around the interwebs revisiting Dan Kaminski’s OzymanDNS tool, a perl based toolkit for tunnelling TCP traffic over DNS requests (technically its TCP over SSL over DNS but whos counting) That was originally released mid-2004.

I never really found the true source of the new hype surrounding a “old” project (it may have been HAK5′s episode 504 that demonstrated the tool, mubix has put the write up in at room362)

I then found that it had since been reengineered by Andreas Gohr and wrote a brilliant write up on its setup and use and i think is the best example for any skill level.

Long story short, i gave it a go redirecting dns requests from my andrewbolster.info domain using my main development box at home as a “server” and tested it using my Asus EEEpc from a guest wireless access point in work, and it works. Its VERY slow, but it works.

But that left me with a problem; I turn off my dev box as often as I can (Dual core CPU, 3 internal HDDs, Cooling systems, 6GB ram, Fatty graphics card, etc, kinda draw a bit of juice) and i definatly dont want to leave it on if i’m going to be away from the house for weeks. So i turned to my brilliant Western Digital MyBook World edition.

Problem was the Perl in optware aswell as the one that ships with the device, had no compiled threads support, and on a less technical point, running cpan would max our CPU and memory on this tiny box, all taken up by the perl processes. Long story short, perl was not the way to go ( I would have recompiled Perl as per the write up on mybookworld.wikidot.com, but with perl performing as badly as it was with relativly simple “one time” processes, i didnt want to have that running 24/7/356 ).

Tracing back through the history led me to dns2tcp, originally written by Olivier Dembour in C, my favourite language for small systems (duh) and i found it to be hurrendously under-documented. So below is a quick blow by blow of what i did to get dns2tcp installed, running and client configured

If you do not have access to a hosted or internet assessible DNS server / BIND system, you are screwed; Some people will let you use theirs, and if you ask really nicely I’ll put in a redirect on mine, but i probably wont.

1. (Assuming you have a web interface to a internet facing DNS server) Add a “NS” name listing in your DNS settings that redirects to a server that DOES NOT RUN DNS. Example:
   I have the domain andrewbolster.info that has its own DNS settings, so when you go to blog.andrewbolster.info, it goes to a different machine than going to www.andrewbolster.info does.
   I have a DynDNS entry for my home network, eg iwant2gohomenow.dyndns.net that i use for accessing the MBWE from anywhere, i do not host a DNS server at home. So if im running my dns2tcp server at iwant2gohomenow.dyndns.net the entry I put in my andrewbolster.info (Dreamhost ) DNS configuration is this:

   Name: [ tunnel ].andrewbolster.info
   Type : [ NS ]
   Value: [ iwant2gohomenow.dyndns.org ]

   If i was going it command line style in BIND I’d add

   tunnel.andrewbolster.info      IN        NS        iwant2gohomenow.dyndns.net

   This basically mean that when you ask “What ip address does tunnel.andrewbolster.info have?”, the andrewbolster.info server says “pfft , i dunno, ask the guy at iwant2gohomenow.dyndns.org”.

   Unfortunatly, Theres nobody he can talk to there.

2. PORT FOWARDING IS A PAIN There, i said it, but fact is its good security. DNS operates on UDP port 53. In my case, the internal IP address of my MBWE is 192.168.1.3, and if your reading this far down then I assume you can port foward on a router. If not, this is a good guide .
3. If you havent already hacked your MBWE to shreds, this is a great place to start. For the below to work, the “server” to host the dns tunnel MUST have a ssh box (you can get it to redirect using multiple ressources below, but I leave that as an exercise for the reader)
4. Log on to the device that is going to be your server and make sure you have the build packages for your environment: in my case it was simply a case of
   

   ipkg install gcc

   For debian based, its

   apt-get install build-essential

5. Download the dns2tcp tarfile from dns2tcp and untar it  in a sensible place like /opt/src or /usr/src (tar -xvzf <tarfile> or gunzip -c <tarfile> | tar xvf – depending on your environment)
6. READ THE INSTALL AND README DOCUMENTS, I know they both suck, just read them.
7. This bit is (hopefully) easy; [ ./configure && make && make install ]  answer the questions it asks if it asks, and if it craps out and google cant help, and forums dont help, twitterme!
8. cd back to your home directory and replace the values entered with those that are appropriate to you:
   

   cat > ~/.dtf2tcpdrc << EOF
   listen = 192.168.1.3
   port = 53
   domain = tunnel.andrewbolster.info
   ressources = ssh:127.0.0.1:22
   EOF

   Yes, i know, resources is spelt wrong, but it works, ok?

9. Now test it with
   

   dns2tcpd -F -d2

   The -F keeps it in the foreground instead of daemonising it, and the -d2 is a debug flag to give just a bit more info.
   If it doesnt crap out, your good to move on to the client.

10. Do steps 4,5,and 7 on whatever client you are using
11. Same idea with the home directory file
    

    cat > ~/.dtf2tcprc << EOF
    domain = tunnel.andrewbolster.info
    ressource = ssh
    local_port = 2222
    debug_level = 1
    server = bolster.homelinux.net
    EOF

    The local_port is completly arbitrary but 2222 is my default for remove shells

12. Now for the test! Start dns2tcpc with
    

    dns2tcpc -d2

    And you should get no errors
    Now go to a different terminal and log into the server like this

    ssh testUser@localhost -p 2222

    Whats that you say? localhost? dns2tcp has opened up a port on your client system that connected to port 22 on the server, so your logging into the server, but my going thru the client port first.

13. If all goes well, you should have your normal user shell on the server, but if you fire up wireshark or some other traffic sniffer, you’ll see that there is only DNS traffic (assuming you done have FF or anything else running at the time)
14. Waaay, shell, fun, and everyone loves Lynx, but were not done yet. If your “server” ssh server has been updated in the past decade, it can also operate as a SOCKS proxy, so we can route “real” web surfing fun through DNS without any of that pesky deep packet inspection stuff because its all wrapped up in SSL.
    To fire up a SOCKS connection, execute

    ssh testUser@localhost -p 2222 -D 8888

    As with 2222, 8888 is arbitrary, but i use it for proxies.

15. At this point we have an arrangement where everything that gets sent to port 8888, gets sent on thru port 2222 on the client, that then gets encrypted and sent off as an obsfucated DNS query, and while that sounds interesting, its not really useful; Until you change your firefox proxy settings to localhost:8888 (dont forget to checkbox the socks)

ITS SLOW, I know, but then next time you miss a bus or a train or a plane and you are stuck in some god foresaken hell hole of a transit hub with only the expensive starbucks wifi to serve you, it is on your own conscious wether you use this too to accidentally GET AROUND PAYING FOR IT. Its illegal, how could you ever think about doing something like GETTING FREE INTERNET. I’m ashamed of you for even thinking about USING FREE TOOLS TO GET AROUND PROPRIATORY RESTRICTIONS TO THE FREE INTERNET. Go sit in the corner, the corner with the T-Mobile wireless access.

And, if you find this write-up useful or interesting, please a) repost it with credit b) comment
Also, big thanks to all the people whos tools I’ve used to demonstrate this, be sure to visit their websited and subscribe to their feeds.

Well, I’ve finally joined the washed masses in actually having my own domain. Lovely new years deal from DreamHost. 10 bucks for 2 years, brilliant. Thanks Lifehacker

Anyway, hope it all goes well.

Also, merry christmas and a happy new year to all. I got an XBox 360, and will eventually do a little write up on making it talk to my My Book World Edition

The Fuel gauge on the front of my MBWE is fairly useless, noone cares, so why not repurpose it as a speedometer?

first, stop it displaying the “fuel” Stolen from http://kyyhkynen.net/stuff/mybook/reduce_disk_usage.php

Disable the service that displays the disk usage with the leds in the front panel of your MBWE. Admit it, the feature is pretty much useless and because the service has to check the amount of free space on the disk(s), it is causing disk access.

In order to prevent the service from starting during boot, edit /etc/init.d/S15wdc-fuel-gauge. Comment out this line:

$FGD &

Then stop the service:

# /etc/init.d/S15wdc-fuel-gauge stop

Once all thats done, this is my script (The ultimate in lazy)

#!/bin/bashINITIAL_RX=`cat /sys/class/net/eth0/device/net:eth0/statistics/rx_bytes`sleep 10FINAL_RX=`cat /sys/class/net/eth0/device/net:eth0/statistics/rx_bytes`DELTA_RX=`expr $FINAL_RX - $INITIAL_RX`KBPS_RX=`expr $DELTA_RX / 10240 `

let "RESULT = $KBPS_RX / 3"echo $RESULT > "/sys/devices/platform/wdc-leds/leds:wdc-leds:fuel-gauge/brightness"

The 3 in there is the scaling factor between the kbps download and the number of lights on. Since I'm not often downloading any faster than about 400kbps, and when i am im not really worried about i

0 to 100: lights one led (5 o’clock)

100 to 150: lights two leds (5 and 7 o’clock)

150 to 200: lights three leds (5, 7 and 9 o’clock)

200 to 250: lights four leds (5, 7, 9 and 11 o’clock)

250 to 280ish: lights five leds (5, 7, 9, 11 and 1 o’clock)

280ish and more: lights all leds.

I have the whole thing running as a cronjob every 5 minutes, do that urself

So, gonna do a quick write up on my current setup.

Generic Wireless headphones (not used since i heard someone else on the channel )