Technicalities of Technology

Grub error 15

2011-11-11T12:37:00.000-08:00

Generally it occurs when /boot and / are mounted on differant partations
FIx : install grub on /boot partation of your hard drive

installing wifi driver on fedora 16

2011-11-11T12:23:00.000-08:00

Getting gome3 and Fedora 16 was great but until i realized that it does not support wifi ( by default ) as againt Ubuntu .
so here's a smartest and quickest method to get wifi rolling on fedora 16

As a root(super) user enter the following four commands and then reboot to get WIFI Up and running

#rpm -ivh http://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-stable.noarch.rpm

#rpm -ivh http://download1.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-stable.noarch.rpm

#sudo yum update

#yum install kmod-wl

Using Gmail to fight SPAM

2009-01-24T11:30:00.000-08:00

The Problem

Spam is nothing but unsolicited mails being send to your inbox daily claiming to clear your depts or promising more hair on your scalp or blah blah blah..........

The Remedy

Although a lot of tools are available in the market for finghting this modern age plague of the mailing system like SpamAssassin and MailWasher but my personal favourite is Gmail and following are the reason's for it.

1. Gmail has a powerful spam filter that does a great job filtering out junk( for me it works to the extent of 99..99%)

2 It's FREE

The Trick

Google's free web based Gmail is both an e-mail client and e-mail host .Use gmail e-mail client feature to fetch mail from your another e-mail account so it will have to pass through Gmail's spam filter and hence your life will be much better with less spam.

Lock n Load

Here's a quick insight into the process.

Say i have an e-mail account as bogus@mydomain.com that get's bombard with spam now i will configure my gmail as a pop client for this account fetching mail from it and appling it's powerful spam filter on it hence getting rid of spam to a great extent.

1 . Create a Gmail account ( no problem if you already have one.....lolz)

2 Click on Gmail's settings and open Accounts Tab

3 Select Add another Gmail Account and after verification of your mail account (bogus@mydomain.com in my case) Gmail will start fetching messges from the account ) At this point Gmail Automatically Scan's for spam when it retrieves mail from the alternate account.

4 Now if you do not want the browser-based Gmail as your primary address co configure outlook or thunderbird to receive mail's from your Gmail account.

Now the only change you will notice is that now your mail is less spammy besides this there will be no other visible involvement of google.
Also if accidently some of your important mail have been marked as Spam then they can always be reterieved from the Spam folder.

DNS Round Robin

2009-01-15T23:18:00.000-08:00

Round robin DNS is a method of maintaining high-availability and fault tolerance with the help DNS server . RrD can also be thought as poor man's clustering in a very loose sense , though useful it has it's disadvantages also .For more on the topic refer to this wikipedia's page.

SCENARIO

Now please allow me to do some ASCII art

_
10.0.0.1 (web.example.com) | example.com
10.0.0.2 (web.example.com) |-------> DNS <<----->> Client
10.0.0.3 (web.example.com) |

(Wow what a magnificent piece of art )
As is depicted in the above diagram the DNS server has authority for example.com

I implemented Round robin DNS using bind9 and Ubuntu Server 8.10 but it can easily be implemented on any other Linux systems

IMPLEMENTATION

BEFORE

Before multiple duplicate servers for www.example.com we had just a single server for www.example.com and the zone file for example.com looked something like this.

Snippet from the zone file of example.com

www.example.com. IN A 10.0.0.1

AFTER

Now to share the load on the web server of example.com across three servers simply define the define multiple A records with the same name and different IPs in the zone file as in the example below.

www.example.com. IN A 10.0.0.1
www.example.com. IN A 10.0.0.2
www.example.com. IN A 10.0.0.3

The DNS will deliver all the IP addresses defined, the first IP address in the list will be in a default round robin (controlled by the rrset 'named.conf' directive). The WEB servers must all be exact replicas of each other in this scenario.

You can control the order of RR that BIND supplies in response to queries by use of a rrset-order option which works for any set of equal records. The default behaviour is defined to be random-cyclic - a random selection of the initial order thereafter cyclic (round-robin)

Install Fedora10 to a flash drive using windows

2009-01-12T11:32:00.000-08:00

Prerequisites for Creating a Live USB Fedora:

Windows host PC (Tested on Windows XP)
1GB+ USB flash drive
liveusb-creator-3.2.zip
Fedora10 Live iso image

Steps for creating a live Fedora USB

1) Format your pen drive with FAT file system

2) Download liveusb-creater

3) Extract liveusb-creator-3.2.zip to your PC

4) Navigate to the liveusb-creator-3.2 folder and click liveusb-creator.exe to launch the tool

Although the process of creating a fedora10 usb stick is straingforward from there yet a quick insight into the process goes as follows

a) Use existing live cd ( Browse to the Fedora10 live iso path) or alternatively Download Fedora10
b) Choose the persistant overlay size as per your requirement
c) Select target device to point to your pen-drive
d) Click Create Live USB to begin the creation process

After the completion of the above process restart your PC with your pen drive plugged in ( don't forget to modify your BIOS settings i:e making USB as the first boot device) .If all goes well you will be able to boot your Fedora10 from the pen drive.

Linux Wake on LAN

2008-12-11T09:02:00.000-08:00

WakeOnLan allows you to switch your PC without physically accessing it by sending a magic packet to it.For more information visit this Wikipedia's page

Check weather WOL is supported by your NIC

Downlad and install ethtool and then issue the command sudo ethtool eth0 { or what ever your ethernet device is and you will get something like this

linux@ubuntu:~$ sudo ethtool eth0
Settings for eth0:
Supported ports: [ TP ]
Supported link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
Supports auto-negotiation: Yes
Advertised link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
Advertised auto-negotiation: Yes
Speed: 100Mb/s
Duplex: Full
Port: Twisted Pair
PHYAD: 0
Transceiver: internal
Auto-negotiation: on
Supports Wake-on: pg
Wake-on: d
Current message level: 0x000000ff (255)
Link detected: yes

check out the line Supports Wake-on ( as highlighted above) if it contains a g flag the your NIC supports WOL

Enabling WOL

To enable WOL issue the command sudo ethtool -s eth0 wol g this can be verified by checking the Wake-on flag

linux@ubuntu:~$ sudo ethtool eth0
Settings for eth0:
Supported ports: [ TP ]
Supported link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
Supports auto-negotiation: Yes
Advertised link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
Advertised auto-negotiation: Yes
Speed: 100Mb/s
Duplex: Full
Port: Twisted Pair
PHYAD: 0
Transceiver: internal
Auto-negotiation: on
Supports Wake-on: pg
Wake-on: g
Current message level: 0x000000ff (255)
Link detected: yes

Note down the mac address of the machine

To get the mac address use the command sudo ifconfig eth0

linux@ubuntu:~$ sudo ifconfig eth0
eth0 Link encap:Ethernet HWaddr 00:1d:72:04:59:25 inet addr:192.168.155.6 Bcast:192.168.159.255 Mask:255.255.248.0 inet6 addr: fe80::21d:72ff:fe04:5925/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:14840 errors:0 dropped:0 overruns:0 frame:0 TX packets:2521 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:2362485 (2.3 MB) TX bytes:608765 (608.7 KB) Interrupt:16

Install wakeonlan package on a different machine

Install the wakeonlan package in the machine from where you need to send the magic packet to switch on your server.

Finally, Switch ON the machine remotely without physical access
When the server is not up, execute the following command from another machine which is connected to the same LAN. Once the magic packet is sent, the remote system will start to boot.

Enabling WOL across multiple reboots

The WOL feature has to be enabled manually after every reboot in order to avoid this problem just install the following script in /etc/rc.d directory by using chkconfig (Red hat or fedora) or update-rc.d (ubuntu or debian)

#!/bin/bash
DEV="eth0"
FEATURE="wol"
FLAG="g"
ETTOOL="ethtool"
$ETTOOL -s $DEV $FEATURE $FLAG
n=$?
if [ $n -eq 0 ]
then
echo "WOL enabled successfully "
else
echo "Cannot enable WOL"
fi

Say hello to TUX

2008-12-07T10:57:00.000-08:00

How many a times it has happened that many a people try Linux for some time and then dump it ? well if u ask me I'll say plenty of times.It all starts like this.
You are bored of using a proprietary OS over the ages and want to try something new also now a days tere is a lot of buzz about Linux , so it all boils down to you calling your (Geek) friend and asking him to install Linux on your PC ( although there is no need of any external f1(help) , any one can install Linux[Ubuntu] easily).
After the installation is finished you are all set to breathe free in the Open Source World so you try your Linux for some time and then you start feeling "Oh God my proprietary OS was better as it played all my videos ....or where is my i tunes...." and things like that and finally you handcuff yourself to the proprietary OS and probably never think of coming out of it.
Let me tell you there are open source alternates to almost any proprietary software on this planet , some of the popular open source software alternatives to proprietary softwares can be found on the sites

http://whdb.com/2008/the-top-50-proprietary-programs-that-drive-you-crazy-and-their-open-source-alternatives/

But how to get these working on your Linux(Ubuntu 8.10) box ? The following tutorials links prove handy in getting your favorite open source software up and running on your box

https://help.ubuntu.com/community/InstallingSoftware
http://linuxgator.org/forums/viewtopic.php?f=15&t=1067
http://www.ehow.com/how_2243216_install-software-linux-using-synaptic.html
http://simplyubuntu.wordpress.com/2006/06/27/a-beginners-guide-to-installing-programs-in-ubuntu/

Securing your Linux Box

2008-12-03T13:08:00.000-08:00

On fine day when i was working on my Ubuntu 8.10 system one of my friend ran up to me and told me that he was able to telnet into my machine( as he knew my user name and password) . I was stunned and had no words to say then i got upto the task of securing my box and the very first thing i did was running nmap ( a very popular portscanner )against my box and here's what i found.

linux@ubuntu:~$ nmap ubuntu
Starting Nmap 4.62 ( http://nmap.org ) at 2008-12-04 02:46 IST Interesting ports on ubuntu (127.0.1.1): Not shown: 1708 closed ports PORT STATE SERVICE
22/tcp open ssh
23/tcp open telnet
111/tcp open rpcbind
139/tcp open netbios-ssn
445/tcp open microsoft-ds
902/tcp open iss-realsecure
2049/tcp open nfs

Nmap done: 1 IP address (1 host up) scanned in 0.154 seconds

I was shocked at this surprising discovery as i was very vulnerable to attacks and intrusions and hence began the task of securing my box.
The first thing that came into my mind was iptables ( linux's inbuild firewall) so inserted simple iptables rules to block any unsolicited traffic on the above listed ports. which were as follows

sudo iptables -A INPUT --dport 23 -j DROP
sudo iptables -A INPUT --dport 111 -j DROP
sudo iptables -A INPUT --dport 139 -j DROP
sudo iptables -A INPUT --dport 445 -j DROP
sudo iptables -A INPUT --dport 902 -j DROP

delibrately i kept ssh and nfs open for remote administration and file sharing respectively.
But in the long run this thing proved inefficient as i kept on intalling services like apache ...etc and every time i did so i manually had to insert a new firewall rule to make my mashine secure.

So i once again sought help of the documentation and opened the man page of the iptables there it seemed to me as and ocean of knowledge the finally i got something interesting the state module which provides iptables to finetune the firewall based on the state of connections not on their source or destination port numbers. Hola i got what i was looking for .I immediately erected the following iptables rules.

sudo iptables -A INPUT -m state --state NEW,INVALID -j DROP

This finally got the job done for me but there was a problem in this whoe setup. I was unable to download anything from the DC++ hub ( forget any data I was not able to download any file list also) .So i went back to basics and studied the DC Protocol and there i got the solution for the problem.Got to my DC client and there I checked the firewall with manual port forward option and selected 7777 tcp and 7777 as udp ports to work with( not to mention 7 is my lucky number) and then keyed in the following commands to get my DC client working.

sudo iptables -I INPUT 1 -p tcp --dport 7777 -j ACCEPT
sudo iptables -I INPUT 1 -p udp ---dport 7777 -j ACCEPT

and there i was i got the job done ( well that was what i thought initially) but later i figured out that this was not perfect as others could ping me . I wanted to stop others pinging me while i could do anyting form my box i:e net surfing , using DC++ , FTP etc... so i finally erectd the set of rules( technical details delibrately omitted to make this post small). To achieve this you need to follow the following 2 steps.

1 . just copy the following lines and save it in a normal text file

# Generated by iptables-save v1.4.0 on Thu Dec 4 02:45:50 2008
*filter
:INPUT DROP [1773:224581]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [389800:258208271]
-A INPUT -p tcp -m tcp --dport 7777 -j ACCEPT
-A INPUT -p udp -m udp --dport 7777 -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
COMMIT
# Completed on Thu Dec 4 02:45:50 2008

2 . As a root user type in the following command iptables_restore < { path to the file in which you Saved the following lines }

There you have it a very safe and secure box which cannot be pinged also while you can do any thing from it.Remember to change your DC++ settings(as mentioned above) for your DC client to work.

Installing VMware Server on Ubuntu 8.10

2008-12-03T10:35:00.000-08:00

I got Ubuntu 8.10 installed the other day on my intel box ......wow what an experience ...I traditionally have been using Red Hat and Fedora Linux but this time around i decided to try some debian flavor and so there I was ready to Lock and Load with my Ubuntu 8.10 .After using it for a while my 1st love i:e Red Hat started calling me again and so all the ingredients where there calling for a nice vmware server installation. I simply downloaded Vmware Server from the official vmware website banked out some cash and obtained it's license.There i was a happy spirit ready to go .I installed gcc and kernel headers matching my running kernel version after which i began my installation of vmware and boy o boy what a pleasant sight it was but suddenly something odd happened and the installation crashed out suddenly despite the matching kernel version and the corresponding gcc .Then i learned this is the common problem faced by many of my friends so i decided to blog it down ..

1. Get vmware server 2.0 form the official vmware site as for my case i had chosen the tar ball above .deb as it world install on both red hat and debian flavous alike then cashed out it's licence.

2.Installed kernel headers which in my case was 2.6.27-7-generic (to do this use synaptic or apt-get )
Note : for finding your running kernel version use the command uname -a

3 Installed gcc matching my kernel i:e the one from which kernel was build.

4. Install other dependences like build-essential xinetd

5.Downloaded a patch needed for getting whole thing work which is available from http://www.insecure.ws/warehouse/vmware-update-2.6.27-5.5.7-2.tar.gz

Now that we have all of the dependencies and archives downloaded we can unpack them. In the same location where you downloaded the .tar.gz files (likely your home folder or Desktop), run the following command: tar -xvf vmware-update*.tar.gz and tar -xvf VMware-server*.tar.gz Installing VMware Server 2.0 + patchWe’ll now start the installation. First we need to install the core vmware application. We’ll then patch the configuration script, and configure the system. cd vmware-server-distrib/ sudo ./vmware-install.pl On my installation I used the defaults until it asked me if I’d like to run the vmware-config.pl configuration script. At this point select [no]. Once this has finished and you’ve quit at the configuration option, use these commands to patch the config: cd ../vmware-update*/ sudo ./runme.pl This script will patch the configuration and then again ask you to run the vmware-config.pl configuration script. This time around select [yes]. On my installation I selected the defaults for the remaining questions and my installation works fine