Archive for Open Source

Making Thunderbird Open Hyperlinks in Firefox on Ubuntu

This one was driving me nuts and I finally found a solution. For several weeks, Thunderbird has not been opening links I click on them. I found a solution here: http://ubuntuforums.org/showthread.php?t=502651

  1. Open Thunderbird version 2.0.0.14
  2. Go to the Edit menu
  3. Click on Preferences
  4. Click the Advanced tab
  5. Click the Config Editor button.
  6. An about:config window will open up.
  7. In the Filter box, enter network.protocol-handler.app.http
  8. If the editor is unable to locate it, create a new string and input network.protocol-handler.app.http.
  9. Enter firefox for the string value.
  10. Close out and restart Thunderbird.

Hyperlinks should now be available in your email!

Zotero, a research extension for Firefox

I stumbled upon an amazing research tool toady while I was searching for a download management Firefox extension today.  Zotero is more than just a download tool.  It is a literary reasearch tool which allows you to track web citations, bookmarks, and the like from within the browser.  I would traditionally create a Bookmark folder and dump links into it until I fealt I had enough to write a post.  However, with Zotero, all my notes, bookmarks, and files from the web are stored inside a project file that my browser stores.  I cannot comment enough on the professionalism that went into this extension.    Unlike the usual extensions that do little tricks for you (downloading YouTube videos for example) this one is an actual productivity tool.  I hope this is a sign that more professionals are seriously moving to open source software development.

Zotero can be found at http://www.zotero.org/

Hardy Heron Beta Testing

I am testing the Hardy Heron beta right now. I’ll spare a recap of the features that everyone else is talking about and delve into a UI change that I noticed right away. Instead of having a million boxes all over your screen when you are deleting, copying , and moving files, there is one that stacks all your active Nautilus progress bars together. This is more than likely a feature of the new Gnome release, but being the geeky sysadmin that I am, it was the first shiny thing that caught my eye. I still haven’t tested Brasero, but I will try to over the weekend. K3B is really getting to be overkill even though it has been my favorite recording software for the past six years. I will post more results when I can.

My Idea For How to Improve Ubuntu

For those not aware, Canonical now has a voting system setup for submitting your own ideas on how to improve Ubuntu, called Ubuntu Brainstorm. This is similar to the Dell IdeaStorm site that established Ubuntu as a distribution that Dell Computer needed to include purchase options for. Anyway, I have submitted an idea for community review and will include a link on the sidebar of this blog for your review.

My suggestion is providing a portal with tips, tricks, and directions for new and interested users. The idea may need some further documentation and thought, but I already have 64 votes as of this post. Feel free to check it out, and if you are at all interested, please consider voting for this idea.

I’ve finally found a decent IDS

OSSEC Logo

Linc Fessenden from the Linux Link Tech Show mentioned OSSEC a few weeks ago and recommended everyone check it out. According to the project’s about page:

OSSEC is a scalable, multi-platform, open source Host-based Intrusion Detection System (HIDS). It has a powerful correlation and analysis engine, integrating log analysis, file integrity checking, Windows registry monitoring, centralized policy enforcement, rootkit detection, real-time alerting and active response.

It runs on most operating systems, including Linux, OpenBSD, FreeBSD, MacOS, Solaris and Windows. A list with all supported platforms is available here.

After testing it out on several of my machines, I can officially say it’s exactly what I was looking for in an IDS: something lightweight, cross-platform, and well documented. My setup involved installing it as a local instance on every machine, rather than the centralized config. Viewing the logs for every machine in one place doesn’t really appeal to me. I just need something that will nag me and say, “Hey, Dummy! You misconfigured that install you attempted at 3am. Fix it!” The added benefit of receiving the alerts offsite is that the existing records are stored in my Gmail. Even if someone did manage to root a computer, the logs wouldn’t be on the box and the creator of the kit wouldn’t be able to bury his/her tracks.

My hope is to test the centralized configuration in the future, but for the moment there is no benefit.

This is absolutely what I was looking for in intrusion detection. Go check OSSEC out when you get a chance.

Lessons Learned – Sansa E260R

I just wanted to post a few notes regarding my experiences with the SanDisk Sansa E260R. Today, I attempted to play a SecurityNow! podcast and, low and behold, the Sansa rebooted for absolutely no reason. I thought nothing of it. The stoplight had turned green and I switched over to XM instead. At the next light , I looked down at the seat and the Sansa was stuck in some kind of loop. The SanDisk logo would pop up, then the Rhapsody logo, then it would restart. I held down the power button and it turned off after about a minute.

This afternoon, Recovery mode worked (Hold Switch On, REC + Power) and I copied the latest firmware to it. After unmounting the drive, I disconnected it from the USB cable. To my astonishment, the same results occurred: still rebooting.

It was time to search Google. Everything pointed to the firmware. Someone even suggested loading the firmware 3 times to see if it would take. It was almost time to give up when I found a small post suggesting dropping a blank file called sansa.fmt onto the recovery partition. After an unmount, the Sansa Recovery Mode formatted the drive and it booted normally, minus all the content, of course. At least I didn’t loose the device!

You say Tomato… I say Firmware.

I finally had the opportunity to load Tomato on my WRT54GS v.3 over the weekend and this is absolutely the best firmware I have come across to date. The interface is clean and offers something DD-WRT does not: realtime bandwidth monitoring from the web interface. Thus far, it has run very stable. There is also a noticeable difference in response times.

A little word of caution, though. After my installation, I HAD to reset the router (not power-cycle) via the reset switch. If you notice any issues of your password now working properly, the device more than likely just needs a reset. Another way around this problem is to restore your router to it’s factory defaults prior to the Tomato installation.

The Tomato firmware is available at http://www.polarcloud.com/tomato.

Using sFTP

Secure FTP is a method of encrypting a standard ftp connection.
I followed the FreshMeat tutorial written by John K Norden when implementing this service:

http://freshmeat.net/articles/view/1576/

“Why would you want to implement something like this?” someone may ask. It’s very simple. Once you have sftp and scp, you can implement encrypted offsite backup, provide a quick and secure method of receiving files from clients, and you never have to say you left your file at home again.

Advice Regarding Open Source Software

Open source software is constantly being put down for one reason or another by people with interests other than your own. Keep in mind, I am by no means a zealot and I reserve my Kumbayahs for the rare occasion that I can joke about them. I wear brand name shoes, still enjoy driving for no reason, and shop at retail stores that proabably oppress their labor in some way. I just wanted to take some time to express some of my opinions on a few of the excuses that have cropped up this year and lay them to waste before 2008.

Myth 1: Open source software is not secure because there aren’t as many people using it.

This notion made it to the top of my list because it bugs the hell out of me. Somehow, Joe Computer claims that because Windows has more users, it is more of a target. That being the case, if more people used open source, it would attract more bad guys and script kiddies. If Linux faced this kind of pressure, it would result in more viruses on Linux, right? Dead wrong! Let me dissect this one piece at a time. Windows has more users for now. That I can agree with, but the second part of this statement does not take into account that it is easier for a nefarious technologist to discover problems with proprietary software and keep them to themselves for fun and profit. Will the vendor discuss any problems with their product ahead of a patch? Never! That’s bad for their business model. The past few years have been riddled with incidents of what is known as zero-day exploits. With my sysadmin hat on, I like to explain these incidents as passing the time staring at virus scanners, hoping I unplugged it from the network in time. In simple terms, zero-day exploits mean we had no warning before the flaw was exploited. It defies the logic of open source to be exploited more regularly because the user base has grown. If a company / developer neglected its users, the users can move on to a product that is more secure.

Myth 2: Open source software is derived from communist/socialist/un-american thinking.

The GNU Public License was developed in the United States in a team led by an american lawyer and an american programmer. Red Hat, arguably the largest open source distributor is based in the Carolinas. Novell, a company in Utah, now owns SuSE Linux (Number 2 Linux distribution in the corporate world). BSD stands for Berkley Standard Distribution (That’s Berkley, California). Read the Cathedral and Bazaar by Eric S. Raymond before you make a decision on the political affiliations of programmers. It is sure to enlighten anyone on the fence about whether to use open source software.

Myth 3: There is no competition in open source software. Once you make a decision, you live and die by it.

There are more distributions than you could possibly imagine. There are hundreds of email clients, several web browsers, and more text editing options than anyone could possibly count. When someone comes up with a new idea, they post their source code and others build on it. Many programs are available across several distributions, making it very easy to replace your vendor for the OS and keep the programs. Several groups have nicknamed the open source method “co-opetition”.

Myth 4: This is an IT decision and it’s up to IT to figure this all out.

Computer users have a strong interest in influencing the decisions when it comes to software. Technology professionals can help in anyway they can, but keep in mind that they will not be the ones working day to day creating your data. We try every day to keep your computers running at their peak performance, but if you would prefer having a technician that can research and locate that last piece of the puzzle (the killer app for what you do) rather than someone who makes you put your work on hold while they have to cleanup the spyware and viruses, by all means, at least talk to them about Linux. Once you accept viruses and spyware are just a cost of doing business and that’s why someone’s paid to take care of the computers, you have accepted interruptions in your workflow, costs of safety precautions (antivirus/antispyware/time), and the stress related with losing data to malicious code.
I will be starting a forum soon entitled Technology Myths to accompany this post. Maybe, next year will be the “year of the desktop”.

Admin Tools Available on Ubuntu 7.10 (and other debian derivatives)

When I was strictly a windows admin, I spent a lot of time digging around try to find the perfect utilities to provide the little extras that make a system run properly. Things such as the AdminPak, almost anything on sysinternals, etc. made my job so much easier. I spent a little time digging through the Add/Remove Programs feature of Gutsy recently and am amazed at the magnitude of options for sys admins that are available now. These are the tools I have recently been working with in no particular order:

AptonCD

This tool will allow you to create and burn an iso of all the packages in your apt cache. The strongest benefit of being able to do this not waiting for updates to download on each machine. It is also helpful for any computers that may be isolated from the Internet for security reasons (i.e. the ones with personal files that should remain personal). While working in the corporate world, there was always that one machine hiding in a corner that no one else had updated in years. I was always the one crazy enough to touch it. Having a tool like this saves the time you would normally spend staring at a progress bar.

Disk Usage Analyzer

While harddrives seem to increase in capacity every few months, we can’t expect everyone to go out and grab a terrabyte all at once, right? Included by default in the past few Ubuntu releases, this application allows you to dig down into a harddrive and answer the all important question of where all that storage went that seemed like plenty 6 months ago. It works on pretty much anything mountable (including the thumbdrives that I constantly run out of room on).

Boot-up Manager

Remember how msconfig could turn a crawling 98 box into a racehorse again? Ubuntu has a tool called Boot-up Manager that provides similar capabilities. With it, you can control services and modify your startup and shutdown scripts. Very handy for experimenting with servers that don’t need to start all the time.

Gnome SSH Tunnel Manager

Tunnel, tunnel, tunnel. When in doubt as to your access, tunnel the traffic. gSTM allows you to store SSH tunnel configurations and enable these connections on the fly. This is ideal for remote administration of those insecure services we try our best to avoid making public (telnet, vnc, web, etc.).

Gmount-iso

Mounting an iso image has never been easier. Why would you mount an iso image? Because you can, of course!

Htop

The top command is very useful, but Htop adds a few features, such as a full path to the command that is running and graphical representations of resource usage.

GtkOrphan

Find all those extra packages that loom around after testing.

User Profile Editor

A tool to graphically configure all profile settings, with the ability to clone settings among users. This is an absolutely necessary tool for multi-user systems. Create a new profile and select Edit, an x-session pops up on the screen. Ideal for setting up menus for my daughter’s profile where she won;t need access to tools such as User Profile Editor.

In closing, I want to emphasize a piece of knowledge before I spend tons of time defending myself in comments. I know these packages exist for other distros. I know Gnome is responsible for some projects and most of the rest are sourceforge projects. I am just rather impressed by the recommendations my favorite distributor is choosing for their repositories lately.

P.S. The usual disclaimers about modding your own system apply. Do not complain if you some how break your system using these tools. Proceed with caution, sharp tools are these.