Debian Static IP config
Aug 14th
The first thing you have to do is become root,
su -
After that navigate to /etc/network
cd /etc/network
From here edit the file called interfaces(using vi or whatever editor you like)
# The loopback interface
auto lo
iface lo inet loopback
auto eth0
Here is the magic, update the eth0 interface from dhcp to static, then assign it the appropriate network values.
iface eth0 inet static
address 192.168.X.X
netmask 255.255.255.0
network 192.168.X.X
broadcast 192.168.X.X
gateway 192.168.X.X
Save the file. After you complete this the next step is to restart networking.
/etc/init.d/networking restart
After this your system will have your newly assigned IP address.
CA eTrust Definition 33.3.7051, WELL THANK YOU!
Aug 12th
CA eTrust released definition version 33.3.7051, what a mess. When this sucker hits your box it chooses random files and marks them as false positives and reacts however you set up your policy.(ie If you use the delete file option your %#@&ed) This doesn’t just affect your clients, oh no, it will behave the same on your servers. If you haven’t already, get the new definition to fix this(34.something). But seriously, isn’t anti virus software supposed to protect your machine, not F it up.
UPDATE: Apparently this has happened before.
Free Web Hosting Panel – DTC
Aug 9th
In a world so controlled by the internet, there are those of us looking to profit from it. There is a huge market for this, and subsequently there is a huge number of web hosts out there. In order to get any business you have to make your offering cheap, really cheap. Well this is tough to do if you have huge costs for re-occuring software like CPanel or some other commercial hosting panel. It is for this reason that I have tried a multitude of panels that are open source before finally arriving at the one I like, DTC.
Let me start by saying I had been using ISPConfig(version 2) and was very happy with the admin functions, however I feel the client functionality falls short. I didn’t like how many things I had to do for the clients or how many things the resellers had to do for them. This was to much involvement for me. That’s why I sought out to find a hosting panel that had all of this functionality.
I won’t bore you with the list of features that all hosting panels have, I will just tell you about the ones that I really liked. Lets start with webmail, Squirrel Mail is built in. That’s nice, and saves you some time. Now the good stuff. The clients manager their own DNS and subdomains. That was enough to get me to switch over. The console is really easy to add mailboxes and databases, and to navigate in general. The console doesn’t come with a file manager built right in so I used AjaXplorer and you will find it painfully easy to add the explorer to the list of links in the hosting panel. (Check the top of index.php) The bottom line with this panel is that its easy, the install is easy, it makes use of software you already know(MySql, BIND, Apache2, Postfix). Also a plus, if your running debian you can install it with apt. Did I say it was easy?
Link to software:
DTC Hosting Panel
Screenshot(go to the site for more):
Google Voice – Free Phenomenon
Aug 1st
How many phones do you have? You probably don’t need all of them(much like the 5 email address you no doubt maintain), so Google has created a way for you to use all of those numbers from one phone. Google voice not only does this for you, but it hooks you up with a free phone number in your area code. Using this number you can have all your phones ring at once , or you can have just one phone ring from it. Your choice. However you can forward all your other numbers to one central number and get all calls going to one phone. On top of that, Google also has a free transcription service. Miss a call? No problem, you’ll have an email with the message in it in just a few. Sweet? I think so.
Go Check it out
So Google voice is SIP based, which means your PBX can do some cool things with these numbers, read more about that here:
Nerd Vittles – Googlefied Messaging
Pocket PC Must Haves
Jul 13th
So I am now the user of a XV6700, a slightly dated phone. My first impression of the phone was good, after all it did everything I wanted it to: Email, Web, Text, and oh yea.. Calls. It wasn’t until my first car ride with the new phone that I realized its fatal flaw; you can make calls with your fingers on this thing. You have to use the stylus to get through the contacts, unless your fingers are tiny. Then came SPB Mobile Shell. This is the BEST app for finger friendly dialing on a Pocket PC. The windows mobile buttons are just to small. This software create several ways to access your contacts with your fingers and be able to dial on the fly just the way you want/need too. Here are some screen shots:
Here is SPB site, check it out.
http://www.spbsoftwarehouse.com/products/mobileshell/
Samba PDC/OpenLDAP just as good as Active Directory
Jul 4th
It’s no secret that Active Directory holds the market share for authentication, however it doesn’t have to. Some reasons that it has become the market leader are simplicity of setup(just about anybody can run dcpromo and follow the gui instructions), availability(everybody has a W2k3 box or two), and the fact that windows is the leading OS found on client machines. In fact, there are lots of Microsoft products that have become the de facto standard just because windows is so predominant in the market place. As Samba continues to develop, that could all change. The word to remember here is ‘could’, it’s not will. Let me explain what I mean.
Samba 3.X is the current stable release for Samba. Samba has come a long way since its humbler beginnings and it can service all of you domain needs. First off, Samba is a fully capable PDC. It functions in the NT domain manner, so its not a direct replacement for AD. Don’t hold that against it, it still services logon requests just fine, and it supports a variety of topologies. For most administrators, they are not going to accept a solution unless it has a fail over option. To service this need Samba introduced the ability to use OpenLDAP as a back end. Using OpenLDAP isn’t for the faint of heart, however once setup it allows for the use of a PDC/BDC setup with a synchronized backend. The synchonazation is achieved using OpenLDAP’s synchronization methods. So what other benefits does having OpenLDAP as a backend have? Well beside allowing huge scalability and the ability to failover, it allows for a multitude of per user settings that can’t be achieved using the standard tdb back end. What else can it do you ask? Since you are using OpenLDAP you can authenticate Linux and Unix clients to it using an LDAP client. This allows for Single Sign On from all platforms. What else can it do(yes there’s more!)? The same OpenLDAP back end can be used to support a RADIUS server. With a RADIUS server in place you can now have all of your network equipment and your VPN’s all authenticate to the same back end. There again, single sign on heaven. Does this sound familiar? Aren’t these the capabilities your organization needed that forced you to use AD? Yes, it can all be accomplished using a FREE software, Samba.
Now back to that word ‘could’. Samba/OpenLDAP can provide all of the solutions you need, but don’t expect to see this start popping up in your workplace. This setup is very possible but it is also extremely complex to setup. The OpenLDAP back end requires a lot of planning for the schema of the database so that your authentication will work for all clients access methods, but when done correctly it will work like a dream. Extremely scalable and effective, Samba/OpenLDAP might just be the right solution for you.
kinit: KRB5 error code 52 while getting initial credentials
Jul 3rd
Just a quick word about this error….
I had this happen trying to get a kerberos ticket on a HPUX 11.11 machine. Turns out the problem isn’t in the krb5.conf, it is the domain account your using. The domain account can only be in so many groups(unfortunatley I don’t know that number). For me, I created a new account in AD, added it to domain admins, ran the command again using the new account and I recieved a ticket. In my case, I was doing this so I could do a net ads join. I did run the command, also using the new account, and it worked perfectly.
Hope this helps somebody have a better day….
Samba Username Map Nightmares
Jul 3rd
Samba doesn’t recognize username map
After upgrading to samba 3.0 with AD intergration setup, I found out that my username map wasn’t working correctly. I read several online posts that said there was a bug or that Samba 3.0.8 didn’t accept the username map at all. This was a huge problem, however it turns out it was untrue. The real problem lies in the syntax. With version 2, you used this syntax:
unixid = username(windows)
With version 3, it says to use this syntax:
unixid = EXAMPLE\username
You have to include the Netbios username to make it work. I found that this wasn’t the answer either, but don’t worry, there is a fix.
What I found out was that you needed to add your FQDN as well.
unixid = EXAMPLE\username EXAMPLE.COM\username
I have a theory that the reason you need to do this is because the kerberos ticket is sent with a FQDN. I think that you have to add the name this way so that the ticket and the entry in the username map match.
This got it working for me, hope that it helps you.
Sending Email Attachments in Unix
Jul 3rd
Sending attachements can be done fairly easily using mailx. It will need to be used in combination with uuencode, and I recommend you convert it to MSDOS format to, being that it is likely you will be sending to a windows machine.
ux2dos syntax:
ux2dos “filename” > “filename1″
uuencode syntax:
uuencode “filename1″ “filename1″ > “filename2″
Mailx syntax:
mailx -r “FROM ADDRESS” -s “Subject” -m Adress@address.com < “FILENAME2″
So, here what this is actually doing. First, ux2dos just rights the content of the file to the screen in MSDOS format, that is why you need to redirect it to a file. Why use this command? Use it because when you try to open a txt file in MS Windows and its in UNIX format all the text is pushed together, if you use ux2dos, the spacing is correct. Now, uuencode “encrypts” the file into a bunch of crazy characters that will allow you to send it as an attachment. Finally, mailx syntax. The -r allows you to designate the from address. The -s is subject obviously. The -m removes the MIME headers, which is essential. If you exclude this the attachment will be in the body of the email, which is useless, because it will be unreadable characters. Finally, FILENAME2(your ux2dos and uuencoded file) will be inputed into the body. If you need to include a message you can append FILENAME2 with regular text and it will appear in the body. FILENAME2 will show up as an attachement.
NOTE: This way of mailing pretty much only works when opening the email using MS Outlook.
Google to Take over the Mobile Phone World as Well
Jul 3rd
http://code.google.com/android/what-is-android.html
As google continues to rapidly expand and seemingly take over the world while doing so, they will soon be dominating the cell phone market as well, but not how you might think. Google has begun to develop and Open Source operating system for your cell phone, called android. Why develop an open source(free) cell phone operating system? Oh I don’t know, how about the billions of dollars you could sell in ad space. Google saw opportunity when they created AdSense, and they are hoping to do it all over again with android. What is better yet is they have started a contest for the best app developed for the new Cell phone OS, effectively employing thousands of developers around the globe for free. There work will be contributed to the open source OS, and therefore free, helping it to develop into an OS with all of the sweetest applications on there for your use. There have already been many wonderful applications developed, one of them being a fantastic GPS software for you phone, even if you don’t have a GPS chip. Yea, sweet. So, take a look at the link and drop your jaw in Google’s genius, once again finding opportunity in an unlikely market for what used to be just a search engine company.