Saturday, July 28, 2007
Wednesday, July 25, 2007
I've got a couple ways of experimenting with it. One with an internal Shoutcast server, streaming to the nodes in the house. The second one involves taking advantage of an open spot on the Hak5Radio server (if those guys will tolerate it). I've been told to try a mixture of Southern Baptist Gospel and Leonard Cohen. (JK! Just checking if you guys are awake.)
Monday, July 23, 2007
Sunday, July 22, 2007
However, thanks to this page (sorry, I don't read Russian), I have the new work-around.For those interested, add the following as the second line in index.php: "ini_set('magic_quotes_runtime',0);". You may need to add it to the index.php in the config directory too.
If this helps, please pass it on.
Saturday, July 14, 2007
Wednesday, July 11, 2007
One thing not mentioned is that this technique can be employed to create a whole lot of evil. While outward facing SMTP servers are normally protected against this kind of abuse, internal Exchange servers usually aren't. More than one security manager that I've worked for has received periodic beat-your-admins messages from the Easter Bunny and Santa Claus. (Disclaimer: I rec'd permission to do this beforehand!)
Sunday, July 8, 2007
iptables -t nat -I WiFiDog_WIFI2Internet -i eth0 -m mark --mark 0x2 -p tcp --dport 80 -j REDIRECT --to-port 3128
I got quite frustrated in trying to script the table entry, post startup. So much so, that I attacked the source code and figured out the following, slightly buggy, patch:
iptables_do_command("-t nat -I WiFiDog_WIFI2Internet -i eth0 -m mark --mark 0x2 -p tcp --dport 80 -j REDIRECT --to-port 3128");
When you're building WiFiDog, after you've run the autogen script and before you run make, add the above to wifidog/src/fw_iptables.c, after the last line containing "TABLE_WIFIDOG_WIFI_TO_INTERNET". After running "make" and "make install", all you have to do is turn on transparency in your Squid box.
I said "slightly buggy" because, by itself, it prevents admin logins. I managed a work-around by adding a high-port listener to Apache (I was pressed for time). When I'm able to access the system again, I think that the fix would be to add another line, just before the one just added, that prevents redirection of traffic to the auth server.
I'll keep you posted. I'm annoyed enough that I'm looking at tweaking the source code.
Friday, July 6, 2007
I arrived home from work yesterday, to a house that had been without power for a little over an hour, to a wife with blood in her eye. Seems that when the power went out, a number of devices started complaining about lack of power: the burglar alarm, the smoke alarm, and a small unobstrusive UPS that I had snuck in during a long-running moratorium on hardware purchases.
"Make it stop." was all she said.
After the power came back, I quickly configured Nut (Mandriva had detected it during the install and had loaded it) and installed KNutClient. The bad news is that the beeper is hardwired (it won't turn off). The good news is that I now have another set of metrics to play with.
Now I just need to figure out how to explain that there's no feature to silence the beeper without losing the UPS entirely.
Hmmm... Maybe an upgrade to a better UPS might be possible?
Wednesday, July 4, 2007
Monday, July 2, 2007
It makes for slow going, enough so that I'm relying on spell checkers to catch my mistakes. If you've ever tried to do this, it can create some very silly sentences.
Please, if you see any weird spelling/grammar, point it out.