Steve's random ramblings and technical notes

Wednesday, October 27, 2004

Topologilinux - [Running Linux inside Windows]

Topologilinux 5.0.0
Topologilinux is a free Linux distribution designed to be run on top (or inside) of your existing MS Windows system. The main thing with Topologilinux is that it does not require any partitioning at all. (uses a single file as linux root system)

Tuesday, October 26, 2004

SD Road Hunting Regulations

SD Road Hunting Regulations
Hunters targeting public road rights-of-way during South Dakota's 2004 hunting seasons are reminded about the law regarding hunting from those public areas.
"In particular, knowing and understanding South Dakota's road hunting laws is important," said Game, Fish and Parks (GFP) Regional Law Enforcement Specialist Dale Gates of Pierre. "The department asks each hunter to carefully read and understand the laws so we can keep road hunting a viable tradition in our state."
The law currently allows a hunter to shoot at a small game bird, except mourning dove, that originates from within a road right-of-way but actually enters private land air space prior to the bird being shot at by the hunter. For waterfowl, the hunter must be within the right-of-way, and the bird(s) must be in the process of flying over the right-of-way. The hunter may retrieve a bird from private land as long as the hunter is unarmed and on foot.
In addition, if a person is road hunting, he or she must meet the following requirements:
* The person must park or stop their vehicle as far to the right-hand
side of the road as possible;
* If the person who discharges a firearm is more than 50 yards from
the vehicle, the doors on the side of the vehicle nearest the roadway must be closed, but the engine may remain running; and
* If the person who discharges a firearm is less than 50 yards from
the vehicle, all of the doors of the vehicle must be closed and the engine shall be turned off.
* The South Dakota Legislature also made it a Class 1 misdemeanor for
any person who, while hunting a road right-of-way, to negligently endanger another person, or put that person in fear of imminent serious bodily harm.
This law and other laws related to GFP are accessible on the State of South Dakota website at http://legis.state.sd.us/index.cfm. General information on hunting public road rights-of-way can be found on page 26 of the 2004 Hunting Handbook.
Questions on hunting and fishing laws can be directed to a person's local conservation officer or via the GFP website at wildinfo@state.sd.us.
-GFP-
PheasantCountry Forum thread here.

Monday, October 25, 2004

URL Encoder and Decoder

URL Decoder
Sometimes we get emails, even legitimate ones, that have URLs encoded with "%49" entities. In order to allow certain "bad" characters into a URL in a meaningful way, it is possible to encode them. For example, forward slashes, question marks, spaces, ampersands, etc. all have special meaning in a URL and can break it. But if GET data contains one of these characters, you need to be able to push it through a URL. In comes URL encoding and decoding. But you don't have to stop there. You can encode everything in the URL, and your browser will still manage to figure it out.
URL Encoder
When you construct a URL, usually with GET data, you must escape certain characters if present so the URL does not break and the server can parse it correctly. This page encodes URLs in case you need to use one without it being generated by a web server.


LFT - network (reverse) engineer's alternative traceroute

MAINNERVE - LFT - network (reverse) engineer's alternative traceroute
LFT, short for Layer Four Traceroute, is a sort of 'traceroute' that often works much faster (than the commonly-used Van Jacobson method) and goes through many configurations of packet-filter based firewalls. More importantly, LFT implements numerous other features including AS number lookups, loose source routing, netblock name lookups, et al.
What makes LFT unique? Rather than launching UDP probes in an attempt to elicit ICMP TIME_EXCEEDEDs from hosts in the path, LFT accomplishes substantively the same effect using TCP SYN or FIN probes. Then, LFT listens for TIME_EXCEEDED messages, TCP RESET, and various other interesting heuristics from firewalls or other gateways in the path. LFT also distinguishes between TCP-based protocols (source and destination), which make its statistics slightly more realistic, and gives a savvy user the ability to trace protocol routes, not just layer-3 (IP) hops.
To those who would ask the question "who did that first?" with regard to utilizing TCP for traceroute, the answer is "we don't know." However, LFT was first released to the pulic in 1998 under the name FFT.
LFT's engine continues to evolve and provide more and more useful data to network engineers and to anyone else that cares how IP data is being routed. With the advent of smarter firewalls, traffic engineering, QoS, and per-protocol packet forwarding, LFT has become an invaluable tool for many network managers worldwide.

Thursday, October 21, 2004

SourceForge.net: Project Info - cdpr

SourceForge.net: Project Info - cdpr

cdpr is used to decode a Cisco Disovery Protocol (CDP) packet, by default it will report the device ID, the IP Address (of the device), and the port number that the machine is connected to. Optionally it will decode the entire CDP packet.
With a properly configured web server, cdpr can also log the information to a file or database.

Ethereal: Capturing only Cisco Discovery Protocol (CDP) Packets.

Ethereal: Capturing only Cisco Discovery Protocol (CDP) Packets.: "Capturing only Cisco Discovery Protocol (CDP) Packets"

boils down to this filter (on one line)

ether[12:2] <= 1500 && ether[14:2] == 0xAAAA && ether[16:1] == 0x03 && ether[17:2] == 0x0000 && ether[19:1] == 0x0C && ether[20:2] == 0x2000

Wednesday, October 20, 2004

Caspian's Perl Class

Caspian's Perl Class - caspian.dotconf.net

Perl.com: The Source for Perl

Perl.com: The Source for Perl
THE resource for all things Perl

Software :: LogDog - Monitor and alert on syslogd messages - caspian.dotconf.net

Software :: LogDog - Monitor and alert on syslogd messages - caspian.dotconf.net
Logdog is a tool that monitors messages passing through syslogd and takes action based on key words and phrases. Logdog has a configuration file which allows you to specify a list of key words or phrases to alert on, and a list of commands that can be run when those words are encountered.
A sibling, SendEmail is a lightweight, completly command line based, SMTP email agent. If you have the need to send email from a command prompt this tool is perfect. It was designed to be used in bash scripts, Perl programs, and web sites, but it is also quite useful in many other contexts. SendEmail is written in Perl and is unique in that it requires NO SPECIAL MODULES. It has a straight forward interface, making it very easy to use. [This also works on Win32]

Tuesday, October 19, 2004

USA6x6.com :: A Concept Whose Time has Come! Specializing in 4x4 to 6x6 conversions, military and civilian beadlocks, MOG9 and Rockwell Axles.

USA6x6.com :: A Concept Whose Time has Come! Specializing in 4x4 to 6x6 conversions, military and civilian beadlocks, MOG9 and Rockwell Axles.
Here's their first conversion and a Concept-truck for the US military

I like the camper - four doors, six-wheel drive and all the comfort of homeā€¦
This is a small one from the usa6x6 site.

More info on the $780,000 "TrailMaster" is at the Revcon site.

Monday, October 18, 2004

GNUWin II online Version :: GNUWin -- Open your Windows !

GNUWin II online Version :: GNUWin -- Open your Windows !
Much like TheOpenCD but with more applications, GNUWin II includes numerous programs, completely free, which cover a wide spectrum of uses. The complete application list, sorted by type, is available here.

The software included in GNUWin is not shareware nor freeware, but original free software and Open Source software, for which the source code is available, and that is and will always be free (free both as in "free speech", and as in "free beer").

Most programs included in this CD are also available for free and Open Source operating systems, such as GNU/Linux, BSD, etc.

TheOpenCD

TheOpenCD
The OpenCD is a Best-of-Class collection of high quality Free and Open Source Software. The programs run in Windows and cover most common tasks such as word processing, presentations, e-mail, web browsing, image manipulation and others. Software can be nominated for inclusion on the disc. Nominations are discussed on the forum before any are approved or rejected.

Wednesday, October 13, 2004

X-Deep/32 X-Server

X-Deep/32 X-Server is an X Window Server for Windows NT/2000/9X/ME/XP that can be used to connect to host systems running UNIX, LINUX, IBM AIX, HP-UX, Sun Solaris or any other operating system that supports X Windows System, in a LAN environment or from a home PC connecting to office LAN via a Virtual Private Network (VPN).

Setting "su" restrictions for specific users

I got this from http://www.puschitz.com/Security.shtml and applied it on a local machine to prevent "certain users" from calling su.


Setting Up "su" Restrictions for "root"

NOTE: The pam_wheel module has changed!
The documentation about the pam_wheel module included in RH 7.2, 7.3, and 2.1AS is wrong. The pam_wheel module is not being used any more to restrict su to the root account only. As soon as you enable the pam_wheel module, only people in the wheel group will be able to su to root and to non-root accounts as well. That's why I'm not using it for restricting root access, since it automatically restricts non-root access as well.

The following restrictions should be setup:

Create the "root_members" group:

groupadd root_members

Add user accounts to the "root_members" group. E.g.:

usermod -G root_members $user_account

The /etc/pam.d/su file should read like:

auth sufficient /lib/security/pam_rootok.so

auth required /lib/security/pam_stack.so service=system-auth
auth sufficient /lib/security/pam_stack.so service=root-members
auth required /lib/security/pam_deny.so


account required /lib/security/pam_stack.so service=system-auth
password required /lib/security/pam_stack.so service=system-auth
session required /lib/security/pam_stack.so service=system-auth
session optional /lib/security/pam_xauth.so

The /etc/pam.d/root-members file, which is referenced in /etc/pam.d/su, should read like:

auth required /lib/security/pam_wheel.so use_uid group=root_members
auth required /lib/security/pam_listfile.so item=user sense=allow onerr=fail file=/etc/membergroups/root

The /etc/membergroups/root file, which is referenced in /etc/pam.d/root-members, should have only one entry. Note that you first have to create the directory /etc/membergroups. You can also put the file into another directory. You just need to change the path in /etc/pam.d/root-members.

root

Now you can test and check if only people in the "root_members" group can su to root.


Setting Up "login" Restrictions

This configuration file dictates the authentication scheme for the login application.

PAM module: pam_access.so

This module provides logdaemon-style login access control, based on login names and on host names, IP addresses, etc. This can be configured in /etc/security/access.conf, which will be covered later.

/lib/security/pam_access.so


Check login parameters in /etc/security/access.conf for all accounts

/etc/pam.d/login example

Using the example above, here is how the /etc/pam.d/login file might look like:

auth required /lib/security/pam_securetty.so
auth required /lib/security/pam_stack.so service=system-auth
auth required /lib/security/pam_nologin.so
account required /lib/security/pam_access.so
account required /lib/security/pam_stack.so service=system-auth
password required /lib/security/pam_stack.so service=system-auth
session required /lib/security/pam_stack.so service=system-auth
session optional /lib/security/pam_console.so

Friday, October 08, 2004

RegKing - Quick reg hacks to improve Pocket PC performance

RegKing
Contains a set of registry hacks for Pocket PC - including a hack to shorten the "wake-up" timeout to 60 seconds. This should help with battery life when the remiders wake up my iPaq and then run the battery dead...
---- The full list ----
Hacks for RegKing2002 (for Pocket PC 2002 devices)

* Makes Pocket IE pretend to be IE 5.5 - Should allow you to access secure websites like banking or brokerage houses. Right now most sites just check the browser's version and if it is less than 4.02 it does not allow you access. PIE by default reports IE 3.02 so you won't get access.
* Enables ClearType in all HTML Applications including AvantGo - Fixed in this release.
* Change AvantGo Channels to \Storage Card\AvantGo (must create directory, copy files and resync)
* Set Glyph Cache to 16384 - Makes graphics rendering faster
* Set Glyph Cache to 26384 - Makes graphics render faster
* Set TCPWindowSize to 65535 - Increase the buffer size for TCP/IP.
* Turn off ActiveX Controls in IE
* Turn off Scripting in IE
* Show JavaScript errors in Pocket Internet Explorer - Handy for web developers.
* Increase Font to 17 points - Requires Soft Reset.
* Increase Font to 16 points - Requires Soft Reset
* Increase Font to 15 points - Requires Soft Reset
* Decrease Font to 14 points - Requires Soft Reset
* Decrease Font to 13 points - Requires Soft Reset
* Decrease Font to 12 points - Requires Soft Reset
* Decrease Font to 11 points - Requires Soft Reset
* Makes the system display font bold - Requires Soft Reset
* Makes the system display font italic - Requires Soft Reset
* Change Font to Frutiger Linotype - the same font as Reader uses - Requires Soft Reset
* Turns on Battery Warning message when you insert a PC Card or CompactFlash Card - Requires Soft Reset
* Turns on Windows Animation - Requires Soft Reset
* Turn Menu Animation Off
* Wakeup Power-Off Timeout
* Set Letter Recognizer as Default
* Set Block Recognizer as Default
* Enable ClearType in All Applications
* Increase Fonts in Inbox
* Widen the Scroll Bars
* Narrow the Scroll Bars

Thursday, October 07, 2004

54G and No Wires! - Rasmus' Toys Page

54G and No Wires! - Rasmus' Toys Page
Good article about setting up a 3-way wireless bridge with the Linksys WRT54G (Satori code).
Shows output of "wl assoc" which includes RSSI (Receiver Signal Strength Indicator) measurement.

Linux Shell Scripting Tutorial - A Beginner's handbook

Linux Shell Scripting Tutorial - A Beginner's handbook
Linux Shell Scripting Tutorial v1.05r3
A Beginner's handbook

A nice souce for e-books (*nix-oriented and otherwise) is here.

Tuesday, October 05, 2004

Antenna Gain - Cheap

Psst! Wanna double your Wi-Fi range?...

Parabolic Template

Parabolic Template
Deep Dish Cylindrical Parabolic Template
This is a HowTo page for an easy-to-build parabolic antenna for wireless access points and routers like the Linksys WRT54G.
Another (very nice) implementation of this design is here.

This page is powered by Blogger. Isn't yours?