Linux

Using Ubuntu Linux to spoof MAC address

Since MAC address authentication is based on the MAC address we need to change the MAC address to an address that is not in the list of allowed MAC addresses of the WiFi access point.
Usually the MAC address is fixed in hardware but most operating systems allow you to change the address.

To change the MAC address in Ubuntu Linux follow these steps:

  • use the command ifconfig wlan0 to look up your old IP address, write it down.
  • shut down WiFisudo su
    ifconfig wlan0 down
  • change the MAC address ifconfig wlan0 hw ether 00:11:22:33:44:55
  • start WiFi ifconfig wlan0 up

Taggings:

Enabling Java in Firefox 3.6

1. Since Firefox 3.6, the Java is treated just like all other plugins and no longer has a enable check box in Tools > Options > Content. We can enable or disable Java plugin (and also all plugins) via Tools > Add-ons > Plugins.

2. What if the Java plugin does not appear in Tools > Add-ons > Plugins (you can also checked it by typing about:plugins in the address bar). It means that you have to install Java (before you can use Java in your Firefox). Since Firefox 3.6 and later versions you need the Next-Generation Java™ Plug-In present in Java 6 U10 and later.
These are how you can do it in various operating system (taken from http://kb.mozillazine.org/Java):

On Mac OS X
You can use the Mac OS X Software Update feature to update Java.
Note: The Java Embedding Plugin is bundled with current Mac distributions of Mozilla browsers, including Firefox and SeaMonkey. This utility allows browsers other than Apple's Safari to use the most recent versions of Java on Mac OS X.

On Linux
1. Download the Linux version of the Java software.
2. When the download is finished, execute the .bin file as root and follow the prompts.
3. When the installation has completed, run this command in the plugins directory of your Firefox installation:
ln -s /your_path_here/java/j2re1.5.0/plugin/i386/ns7/libjavaplugin_oji.so libjavaplugin_oji.so
4. Firefox 3.6 and later need the Next-Generation Java Plug-In
See Manual Installation and Registration of Java Plug-in for Linux (at java.sun.com)
Run this command in the plugins directory of your Firefox installation to create a symbolic link to the Java plugin (replace xx with the current Java version):
ln -s /usr/your_path_here/java/jre1.6.0_xx/lib/i386/libnpjp2.so libnpjp2.so

On Solaris Intel
1. Install the Solaris Intel version of the Java JRE or SDK.
2. When the installation has completed, run this command in the plugins directory of your Firefox installation:
ln -s /your_path_here/jre/plugin/i386/ns610/libjavaplugin_oji.so .

On Windows
Automatic update: The Java Update feature automatically checks for updates in Windows 2000/XP/Vista at scheduled intervals and notifies you when an update is available so that you can install it. If you have administrative privileges, you can also check for updates yourself and install them from the Java Control Panel (Start -> Control Panel -> Java -> "Update" tab).

Manual install or update:
1. Go to Java.com and click on the Free Java Download button.
2. Click on the Download Now button to start the online installation.
3. Close and restart your browser after the installation is complete.
If you prefer an offline installation, go to the Java SE Downloads page (see above for links) select the Java SE Runtime Environment (JRE) and save the offline installer (e.g., "jre-6u10-windows-i586-p.exe" for JRE 6 Update 10) to any convenient location, close your browser and run the installer.

Important: Previous to JRE 6 Update 10, installing or updating to a newer Java version would add a new Java Runtime Environment (JRE) instead of replacing the existing version. For example, if you already have JRE 6 Update 7 installed and later install JRE 6 Update 10, you would end up with two JRE versions installed in separate directories. You can remove older Java versions via Windows Control Panel "Add or Remove Programs", to save disk space and because older versions often contain security vulnerabilities.

Starting with JRE 6 Update 10, future Java updates will patch the current version by default instead of adding an additional version. For example, if you previously installed JRE 6 Update 10 in the C:\Program Files\Java\jre6 directory, and in the future you install JRE 6 Update 14, the version 6u14 installer does not create a new directory. Instead, it updates the pre-existing "jre6" directory with the new 6u14 content (JRE Update 10 will no longer exist). This will prevent an accumulation of unused and potentially insecure older JRE versions.

Ubiquity - changes your Web using style

Ubiquity is an experiment into connecting the Web with language in an attempt to find new user interfaces that make it possible for everyone to do common Web tasks more quickly and easily. It's a Firefox extension, so it works on Macs, Windows, and Linux.With only a couple keystrokes, it lets you use language to instruct your browser. You can translate to and from most languages, add maps to your email, edit any page, twitter, check your calendar, search, email your friends, and much more. All without leaving the page you're on.Please take a look at the attached shortcut of the Web Browser!  

Taggings:

Combine BNBT tracker with GeoTool API

Basically, use database which GeoTool provides publicly to calculate the individual geographically coordinates for each downloading peer. These coordinates are going to be transmitted to the downloading client. This can be achieved by using the database API which the company MaxMind provides.There is a open source version of BitTorrent tracker available on the web which is written by C++ and totally compatible to the original BitTorrent tracker which is written by Python. When the tracker operates unter a Linux system, we can use the IPC(Inter Process Communication) technology like Shared Memory and synchronisation technology like Semaphores to enable the data exchange between the database API and the tracker.This means tracker sends coordinate requests and corresponding answers via shared memory, while semaphores are used for a synchronised access to shared memory.

Taggings:

Use PHP to extract textual information from DOCX and ODT documents

Actually this task appeared to be not that hard as I first thought. To make the task more real, I was working with Russian language, i.e. with CP1251.

So at first I tried to open the documents with simple Lister. The screenshot of the experiment is provided in the attachments. Both files, odt and docx, look like binary files from this point of view. But the most important detail to notice (and it's quite small I would say) is th letters "PK" in the beginning of the data. That actually means that both files are, somewhere deep in their soul, just a zip-archive, which extension was renamed either to odt or to docx.

If we open any of the files in Total Commander using Ctrl+PageDown (Open element under the cursor) we will get a structured content with some folders and XML documents. The screenshot of the experiment is provided in the attachments.

The content that we need is situated in the file content.xml (in ODT) and word/document.xml (in DOCX).

So, in order to extract textual information from ODT ot DOCX formats, we will have to use the standard ZipArchive class and some functions to work with it.
The source code is provided in the attachments. The solution works under PHP 5.2+ and requires php_zip.dll for Windows or --enable-zip key for Linux. In case of unavailability of ZipArchive (like old PHP or lack of libraries) one could use PclZip (http://www.phpconcept.net/pclzip/index.en.php) .

References:
www.msdn.microsoft.com/en-us/library/aa338205.aspx
http://www.i-rs.ru/content/download/1447/8162/file/OpenDocument-v1.0-os.pdf

Changing the root password of an iPhone / ipod Touch to secure the SSH connection

 To secure your SSH connection the password for "root" has to be modified. Please, regularly change this password. Start the Terminal of your Mac or Shell of your Linux computer. For Windows an SSH application such as Putty is necessary.    

  1. Then type the following line of code, but before replace the palceholder "ip.des.iph.one" with the IP address of your iPhone to create the initial SSH connection: ssh root@(ip.des.iph.one)
  2. The standard password for all iPhones is "alpine". Type password and confirm with Enter (Please note that several Unix systems handle backspaces as new input characters).
  3. To change the root password, type "passwd" now.
  4. Then the new password is requested: Type in the new password
  5. Retype the password to confirm it
  6. Disconnect from SSH by using "Exit" (Or stay connected, if you need the SSH connection for other tasks

(Note: For iPhone without installed SSH Server this series of steps is impossible and not necessary)  There is a legal issue that hampers the overall SSH usage: Only applications from the Apple "app store" are legal to be used on an iPhone. The SSH solution is often referred to illegal "Jailbreak" solutions which cannot be recommend from legal perspective ;)However, this issue should not be ignored for all iPhones using such SSH solutions. 

How to remote deploy a Web service to Apache Tomcat from within a Java program

1. Introduction to the problem:
There are various possible ways to solve the problem, some major requirements are however:

1. To write a software application
2. To make it transfer the Webservice over the Internet
3. A Servlet is to be copied to the Webapps directory of Tomcat

Some of the ways to solve the problem are:
1. Development of additional software for the server (beside of Tomcat) for the data transfer
2. Development of a Webservice to be placed inside Tomcat for the data transfer
3. Use of Tomcats WWW Management Interface for the data transfer

All three approaches are practicable.
However, the first two approaches require additional software which is to be installed beforehand. The third approach only needs a running Tomcat Application Server on the remote machine.

Therefore the way to go, which is described in this article is "just" to utilize Tomcats WWW Management Interface in software. This approach is very versatile, but has also many pitfalls, and various considerations are necessary. The proposed approach is suitable for one ore more webservices. If in the following only one is mentioned, it also means that more could be in place.

This article does not provide an exhaustive description for solving the problem, but is meant to give some guidance to avoid some of the major problems encountered by solving this task.

2. Requirements
There are two basic requirements:
- An already developed and packaged Webservice
- A properly set up server running Apache Tomcat

An introduction into Webservices would exceed the scope of this article, some previous knowledge is required. It should be noted however, that there are two major ways to use Webservices with the proposed approach. One is to create a Webservice (for example using JAX-WS) and pack it into a .war archive (this is a .jar archive renamed to .war) which is then to be deployed, the other is to use a dedicated Webservice engine (Apache Axis2 can be used with Tomcat) together with a Webservice, and these are then to be packed into a .war archve containing both, which is then to be deployed. For details on compatibility and packaging Webservices (for Axis2 you would package .aar files, these are .jar archives renamed to .aar) into an engine see its documentation.

[Note: The .jar files are incompatible with .zip!]

Another basic requirement is a running Apache Tomcat. For Linux as an OS this is a simple task: Only the login credentials are to be set. For MS-Windows there is some additional work necessary: As of Tomcat Version 6.0.18 the parameters "antiJARLocking" and "antiResourceLocking", both (!) must be set, otherwise an undeployment would fail. For details on configuration and possible drawbacks see the Apache documentation.

3. Compression (in Java)

To execute a tool like Jar (from the JDK) directly from Java issue the following code:

Process p1 = Runtime.getRuntime().exec("CommandLineToBeExecuted");

Don't forget to wait (!) until the command is finished:

BufferedReader input1 = new BufferedReader(new InputStreamReader(p1.getInputStream()));
String line1;
while ((line1 = input1.readLine()) != null) {/*Must wait for the program to finish*/}
input1.close();

4. Programmatically accessing Tomcats WWW Management Interface
Accessing a Web Interface programmatically means to execute "clicks" on links or to start a file upload from a software. Various APIs exist for accessing an interface over HTTP. In Java the java.net.HttpURLConnection is sufficient. As the upload address "http://TomcatHost:8080/manager/html/upload" is to be used. In general it is necessary "to repeat" what would be otherwise performed by a web browser.

The exact procedures would again exceed the scope of this article. However lots of sample code is available on the net. The following description outlines some adaptations necessary to work with Tomcat:

For uploading a .war archive
- Create an HttpURLConnection to the upload address
- Set several properties, some of which are
- "Log in"
# conn.setRequestProperty("Authorization", "Basic " + new BASE64Encoder().encode(loginString.getBytes())); //loginString has the format: "name:password"
- Make sure the "RequestMethod" is "POST"
# conn.setRequestMethod("POST");
- Assemble the data to be send; See various resources on the net.
- Make sure the Content-Disposition is something like that: "Content-Disposition: form-data; name=\"deployWar\";" + " filename=\"" + "foo.war" + "\"" + "\r\n"
Using something different than exactly "deployWar" may lead to failure
- For authentication the "BASE64Encoder" is necessary. The undocumented "sun.misc.BASE64Encoder" should not be used. However one could copy the files "BASE64Encoder" and "CharacterEncoder" from the OpenJDK sources to gain the same functionality.

For following or executing ("clicking") links the procedure is very similar, but
- Use "GET" instead of "POST"
- Don't use multipart content type any more
- Use the URL that is to be "clicked"

The execution of links gives lots of management possibilites. The most important are

List of running Servlets:
[http://TomcatHost:8080/manager/html/]

Undeployment:
[http://TomcatHost:8080/manager/undeploy?path=/foo]

With the latter the deployed Servlet can be undeployed.

Taggings:

Install D-Link DWL-650+ WLAN Device under Linux - Solution madwifi

Well, there is no perfect solution for WLAN-Devices with various Linux distributions. However I did find a solution that seems to work pretty well with the Fedora distribution and the DWL-650+ WLAN Device. The only two drivers that I did find (and are working somehow) are madwifi and acx. The acx firmware/driver works only with a Kernel 2.6.10 and higher and doesn’t seem to be stable at all (also the installation is a little tricky). Sometimes I am able to connect to a network sometimes not and therefore it is not the solution I was looking for. The madwifi drivers on the other hand did work without flaws and installation was also quite easy (on fedora you need kernel-devel and sharutils). With a nice GUI you have not to deal with all the config-files and can easily set up your wireless network.

For further details see: http://www.hauke-m.de/w-lan/madwifi/

Taggings:

Work with RDF - Solution Redland

The “Redland RDF Libraries” provide support for the Resource Description Framework (RDF). It provides basic functions as well as several bindings to different programming languages (for example: perl, python…). There are also packages for various Linux distributions and other operation systems available that make an installation quite easy (if all necessary additional libraries are already installed). However the Redland libraries provide the possibility to use BerkeleyDB or MYSQL as database storage as well as store the files temporary in the memory. These functions allow you to easily store, access, read or update your data via SPARQL (query language for RDF, similar to SQL) contained in the RDF files.

Taggings:

Don't Use SBS as the Default Gateway

After having issues with dropped internet connections, when a Small Business Server 2003 is used as the (default) gateway I started to do some quick research. However it didn't turn up anything too useful.

While Microsoft proposed using the SBS as the default gateway (with two NICs) as a viable solution, I wasn't so sure. If the server was compromised, it was game over. There was no second layer of security and the whole system didn't work as expected.

So instead of solving the problem (the security concerns couldn't be resolved anyway), I just mitigated it by using an old server as a Linux firewall. For easier handling I chose http://www.endian.com/en/community/ (no, I'm not affiliated with them, this is no hidden product placement) - one of a bunch of free (GPL) unified thread management [UTM] systems. It offers in- and outbound firewalls, proxies for HTTP, POP3, SMTP,... (with capabilites for spam detection, virus scanning,...), logging, VPN,...
So it definitely adds an additional layer of protection.

After deploying the system, the internet connection has been rock-solid until today.

Lesson learned: Think out of the box. By solving one problem (internet connection), one can probably archieve something else as well (better security).

Final note: Windows SBS2008 cannot be used as a default gateway any more. Probably because Microsoft wants to sell more ISA licenses, but it probably didn't work too well...

Taggings:

Pages

Subscribe to Linux