Archive for June, 2013

Testing your local network for open Windows shares from Linux router

Friday, June 28th, 2013

Windows sharing testing local network for open shared directories Samba Software logo

Whether you administrate local Windows network behind a DMZ router, It is useful to routinely scan from Linux router which Windows hosts on the network has enabled sharing? The reason is some Windows user might share something by mistake which is not supposed to be shared without even he realizes this.
 

 In case, where new Linux router is configured and Windows hosts behind it can't locate each other on network make sure you have in your firewall before any filtering (REJECT / DROP) firewall rules:

iptables -A INPUT -s 192.168.5.1/24 -m state --state NEW -p tcp --dport 137 -j ACCEPT
iptables -A INPUT  -s 192.168.5.1/24 -m state --state NEW -p tcp --dport 138 -j ACCEPT
iptables -A INPUT  -s 192.168.5.1/24 -m state --state NEW -p tcp --dport 139 -j ACCEPT
iptables -A INPUT  -s 192.168.5.1/24 -m state --state NEW -p tcp --dport 445 -j ACCEPT

iptables -A INPUT -s 0.0.0.0/24 -m state --state NEW -p tcp --dport 445 -j REJECT
iptables -A INPUT -s 0.0.0.0/24 -m state --state NEW -p tcp --dport 138 -j REJECT
iptables -A INPUT -s 0.0.0.0/24 -m state --state NEW -p tcp --dport 139 -j REJECT
iptables -A INPUT -s 0.0.0.0/24 -m state --state NEW -p tcp --dport 137 -j REJECT

(Qquickest way to place rules to exec on next boot is via /etc/rc.local)

Once set, to check all is fine with fwall rules:

router:~# iptables -L INPUT -n

Chain INPUT (policy ACCEPT)

target     prot opt source               destination         

ACCEPT     tcp  —  192.168.5.0/24       0.0.0.0/0           state NEW tcp dpt:137
ACCEPT     tcp  —  192.168.5.0/24       0.0.0.0/0           state NEW tcp dpt:138
ACCEPT     tcp  —  192.168.5.0/24       0.0.0.0/0           state NEW tcp dpt:139
ACCEPT     tcp  —  192.168.5.0/24       0.0.0.0/0           state NEW tcp dpt:445 
REJECT tcp — 0.0.0.0/24 0.0.0.0/0 state NEW tcp dpt:445 reject-with icmp-port-unreachable
REJECT tcp — 0.0.0.0/24 0.0.0.0/0 state NEW tcp dpt:138 reject-with icmp-port-unreachable
REJECT tcp — 0.0.0.0/24 0.0.0.0/0 state NEW tcp dpt:139 reject-with icmp-port-unreachable
REJECT tcp — 0.0.0.0/24 0.0.0.0/0 state NEW tcp dpt:137 reject-with icmp-port-unreachable

On CentOS / Fedora / Redhat router place below rules in /etc/sysconfig/iptablesdefault firewall configuration file for RPM based distros:

-A RH-Firewall-1-INPUT -s 192.168.1.0/24 -m state --state NEW -p tcp --dport 137 -j ACCEPT
-A RH-Firewall-1-INPUT -s 192.168.1.0/24 -m state --state NEW -p tcp --dport 138 -j ACCEPT
-A RH-Firewall-1-INPUT -s 192.168.1.0/24 -m state --state NEW -p tcp --dport 139 -j ACCEPT
-A RH-Firewall-1-INPUT -s 192.168.1.0/24 -m state --state NEW -p tcp --dport 445 -j ACCEPT
-A RH-Firewall-1-INPUT -s 0.0.0.0/24 -m state --state NEW -p tcp --dport 137 -j REJECT
-A RH-Firewall-1-INPUT -s 0.0.0.0/24 -m state --state NEW -p tcp --dport 138 -j REJECT
-A RH-Firewall-1-INPUT -s 0.0.0.0/24 -m state --state NEW -p tcp --dport 139 -j REJECT
-A RH-Firewall-1-INPUT -s 0.0.0.0/24 -m state --state NEW -p tcp --dport 445 -j REJECT

After that check lets say 192.168.5.0/24 whether Windows Samba shares ports are reachable:

 To check hosts with Sharing easiest way is to scan your network C class range with nmap for all ports through which Windows Samba shares communicate – i.e. check for open state TCP / UDP port numbers 139,137,139,445 list of samba used default ports is in  /etc/services

router:~# grep netbios /etc/services

netbios-ns 137/tcp # NETBIOS Name Service
netbios-ns 137/udp
netbios-dgm 138/tcp # NETBIOS Datagram Service
netbios-dgm 138/udp
netbios-ssn 139/tcp # NETBIOS session service
netbios-ssn 139/udp

Note that Port 445 microsoft-ds is not in /etc/services because it is not common used (only used whether Windows hosts are using Active Directory)

 
router:~# nmap 192.168.5.1-255 -p 139,137,139,445

Interesting ports on 192.168.5.23:

PORT    STATE    SERVICE
137/tcp filtered netbios-ns
139/tcp open     netbios-ssn
445/tcp open     microsoft-ds
MAC Address: 00:AA:4D:2F:4D:A2 (Giga-byte Technology Co.)


Interesting ports on 192.168.5.31:

PORT    STATE    SERVICE
137/tcp filtered netbios-ns
139/tcp open     netbios-ssn
445/tcp open     microsoft-ds
MAC Address: 3C:B9:2B:76:A6:08 (Unknown)
….
…..

 

 

PeaZip good Windows and Linux free software alternative to non-free WinRar and WinZip archiver tools

Thursday, June 27th, 2013

peazip extract rar and zip files Winrar Winzip good alternative program free windows linux freebsd graphic software

Until recently it was almost impossible to have Microsoft Windows without WinRar and WinZip archiver programs installed.
Though both can be used as trial versions for personal use for commercial use one had to purchase license. It is pretty annoying that each time you run Winrar you get reminded you're using its trial version. As I'm trying to substitute all non-free software with free software even whether I have to install or maintain Windows, just recently I found out about existence of PeaZip – Free Zip file utility / Free Rar Extractor.

Besides being open source software PeaZip and supports Windows it is also available prepackaged for Linux / BSD as well.
PeaZip supports unarchiving of 150 archive file types, and by installing it you save time otherwise spend in installing two separate tools on Windows. It can do plenty of other useful stuff for instance joining / splitting files ending in suffix (001, 002, 003) etc. as well as splitting archives in parts (…part1, …part2, …part3 …), create self-extracting (.exe) archives, do multiple archives at once.

Peazip Windows Linux rar zip archives create and extract supported basic formats screenshot

Here is list of  most popular archive file types supported to browse / test / archive / dearchive:

7z, bz, bz2, bzip2, tbz2, tbz, gz, gzip, tgz, tpz, tar, zip, zipx, z01, smzip, arj, cab, chm, chi, chq, chw, hxs, hxi, hxr, hxq, hxw, lit, cpio, deb, lzh, lha, rar, r01, 00, rpm, z, taz, tz, iso, jar, ear, war, lha, pet, pup, pak, pk3, pk4, slp, [Content], xpi, wim, u3p, lzma86, lzma, udf, xar, dmg, hfs, part1, split, swm, tpz, kmz, xz, txz, vhd, mslz, apm, mbr, fat, ntfs, exe, dll, sys, msi, msp, ods, ots, odm, oth, oxt, odb, odf, odg, otg, odp, otp, odt, ott, gnm, doc, dot, xls, xlt, ppt, pps, pot, docx, dotx, xlsx, xltx, swf, flv, quad, balz, zpaq, paq8f, paq8jd, paq8l, paq8o, lpaq1, lpaq5, lpaq8, ace, arc, wrc, 001, pea, cbz, cbr, cba, cb7, cbt …

Even better PeaZip has ports for both 32 and 64 bit Windows (XP / Vista / 7 and 8), Linux and *BSD. Official PeaZip download page is on Sourceforge here

peazip winrar winzip unarchive all in one unarchive windows linux freebsd program screenshot

Next time you need multi-format unarchive program on a new Windows install, give it a try.
PeaZip has good compitability with new versions of WinRar and WinZip archived files, so it is not very likely you will ever in future need these proprietary applications.
One note to make is during install as most software, it offers installing some useless stuff like "Free Smilies" and a Toolbar, make sure you don't click Next by mistake – ( un-tick them ) !

peazip-installation-process-registryreviver-offer

peazip install screenshot get the free smileys we love extension screenshot

For Linux users on PeaZip's website there is package in deb, rpm and tgz. Packages are available with builds for GNOME graphical environment with GTK2 lib or KDE QT.

I tried installing PeaZip  on my Debian 7 Wheezy downloading deb provided by Sourceforge, but install failed with error:

noah:~# dpkg -i peazip_5.0.LINUX.GTK2-2_all.deb
Selecting previously unselected package peazip.
(Reading database … 226682 files and directories currently installed.)
Unpacking peazip (from peazip_5.0.LINUX.GTK2-2_all.deb) …
dpkg: dependency problems prevent configuration of peazip:
 peazip depends on libgmp3c2; however:
  Package libgmp3c2 is not installed.

dpkg: error processing peazip (–install):
 dependency problems – leaving unconfigured
Errors were encountered while processing:
 peazip

In previous Debian release Squeeze there was package libgmp3c2 but it is no longer available from repos on Wheezy. Thus to install it on Wheezy I used Universal Linux .TGZ Package and just extracted it in root directory ( / ):

noah:~# cd /
noah:/# links http://sourceforge.net/projects/peazip/files/5.0/peazip-5.0.LINUX.GTK2.tgz/download
noah:~# tar -zxf peazip-5.0.LINUX.GTK2.tgz

To run it:

hipo@noah~:$ /usr/local/bin/peazip

PeaZip on Debian Gnu Linux screenshot rar unrar zip unzip archive dearchive ms windows and linux free instrument
PeaZip's archive / unarchive operation speed compared to CPU use and memory consumption is fast, though it eats a bit more ram than GNOME's default Archive ToolFile Roller.

Peazip rar zip archive unarchive windows linux program archiving zip file screenshot

Thanks God for PeaZip! Buy-buy forver to Winrar and Winzip 🙂

Check your GNU / Linux Desktop for all used “Evil” Non-free ( proprietary ) Software with VRMS

Wednesday, June 26th, 2013

Virtual Richard Stallman VRMS Check what non free software is on your GNU Linux system

If you want to be strict on using only Free Software (in a as in freedom sense), just like Richard Stallman. You will be happy to know there is a tool in Linux called Virtual Richard Stallman ( vrms – report of installed non-free software ) 🙂

On launch vrms simply lists, all software and software documentation installed on Debian GNU / Linux  that is not 100% free software licenses / GPL compatbile. This is software installed via non-free  package Debian repositories or somehow not sticking to the standards of Debian Free Software Guidelines. Of course living with 100% free software is only for the hard core free software evangelists and rarely there is someone who can use computer on daily basis without some bits of proprietary software like flashplugin-nonfree, Skype rar, unrar. I tried for a while living on only 100% free software but didn't succeeded cause some non-free software is still a must to be able to not detach from "Digital Society". Living on only free software is not easy especially if you want to have normal multimedia  stuff on Desktop. Anyways even if you don't plan to purge your non-free software vrms is useful to list what free-software is installed on PC.

noah:~# apt-cache show vrms|grep -i description

Description-en: virtual Richard M. Stallman
 The vrms program will analyze the set of currently-installed packages
 on a Debian-based system, and report all of the packages from the
 non-free and contrib trees which are currently installed.
 .

Install vmrs with:

noah:~# apt-get install --yes vrms

 

Reading package lists… Done
Building dependency tree      
Reading state information… Done
The following packages were automatically installed and are no longer required:
  liboggkate1 xulrunner-10.0
Use 'apt-get autoremove' to remove them.
The following NEW packages will be installed:
  vrms
0 upgraded, 1 newly installed, 0 to remove and 101 not upgraded.
Need to get 0 B/13.0 kB of archives.
After this operation, 102 kB of additional disk space will be used.
Retrieving bug reports… Done
Parsing Found/Fixed information… Done
Selecting previously unselected package vrms.
(Reading database … 226672 files and directories currently installed.)
Unpacking vrms (from …/apt/archives/vrms_1.16_all.deb) …
Processing triggers for man-db …
Setting up vrms (1.16) …

  Below is a list of all non-free software installed on my Debian 7 Thinkpad:

noah:~# vrms

                Non-free packages installed on noah

acroread                            Adobe Acrobat Reader: Portable Document Format file vi
acroread-data                       data files for acroread
acroread-dictionary-en              English dictionary for for acroread
acroread-escript                    Adobe EScript Plug-In
acroread-l10n-en                    English language package for acroread
firmware-iwlwifi                    Binary firmware for Intel PRO/Wireless 3945 and 802.11
frogatto-data                       2D platformer game starring a quixotic frog
mame                                Multiple Arcade Machine Emulator (MAME)
mame-tools                          Tools for MAME and MESS
mess                                Multi Emulator Super System (MESS)
mess-data                           Data files for the Multi Emulator Super System (MESS)
mozilla-acroread                    Adobe Acrobat(R) Reader plugin for mozilla / konqueror
nikto                               web server security scanner
opera                               Fast and secure web browser and Internet suite
rar                                 Archiver for .rar files
skype                               Skype
teamviewer                          TeamViewer (Remote Control Application)
unrar                               Unarchiver for .rar files (non-free version)
xmame-tools                         Transitional package for mame-tools

                Contrib packages installed on noah

cbedic                              Text-mode Bulgarian/English Dictionary
dosemu                              DOS Emulator for Linux
flashplugin-nonfree                 Adobe Flash Player – browser plugin
frogatto                            2D platformer game starring a quixotic frog
gnome-video-arcade                  Simple MAME frontend
mess-desktop-entries                Desktop entries for MESS ROMs
ttf-mscorefonts-installer           Installer for Microsoft TrueType core fonts
winetricks                          package manager for WINE to install software easily

     Contrib packages with status other than installed on noah

gxmame                              ( dei)  GTK XMame frontend

  19 non-free packages, 0.8% of 2531 installed packages.
  9 contrib packages, 0.4% of 2531 installed packages.

 

If you want to go the Stallman way and be a 100% Free Software user, Go free and purge all "evil" non-free software  🙂 issue:

# for i in $(vrms -q|grep -v 'Contrib packages'|grep -v 'Non-free'|awk '{ print $1 }' | awk 'NF'); \
do \
apt-get remove --yes $i; dpkg --purge $i; done

 

Workrave – Preverve health from RSI (Computer caused Repetitive Strain Injury) on Linux and Windows

Tuesday, June 25th, 2013

Prevent and heal repetitive strain injury RSI with workrave on Windows and Linux

Huge part of people professions nowadays includes being in front of PC Screen for almost a day. Staying on computer is addictive and even after job is done many people came back in front of the PC screen to play some games or just read something. Many might not know that this computer hanging is a costly thing as it slowly reflects negative our health and living balance. For geeky people who work in IT profession the threat is even bigger as we ITs tend to spend even more time in front of computers. The risk therefore for catching RSI (Repetitive Strain Injury), whether you have to deal with computers daily is very real.

For those who hear for RSI for first time, here is what it is as described in Wikipedia:
 

Repetitive strain injuries (RSIs) are "injuries to the musculoskeletal and nervous systems that may be caused by repetitive tasks, forceful exertions, vibrations, mechanical compression, or sustained or awkward positions"

For more on RSI check out Wikipedia Article here.

Thanksfully RSI is possible to reverse as well as prevent by giving regular breaks from computer screen on timely base and even can be configured to limit time you will spend on the PC. 

Just recently I found out about existence of  Workrave – program which helps you in reminding, when you have to give breaks from computer and makes you limit yourself on how long you use the PC.

Workrave is available for both Windows and Linux OS.

debian:~# apt-cache show workrave | grep -i description -A 3

Description-en: Repetitive Strain Injury prevention tool
 Workrave is a program that assists in the recovery and prevention of
 Repetitive Strain Injury (RSI). The program frequently alerts you to
 take micro-pauses, rest breaks and restricts you to your daily limit.

To give it a try on Debian / Ubuntu Linux, install with usual:

debian:~# apt-get install --yes workrave
...

Launch it by running:

hipo@debian:~$ workrave

or via GNOME menus:

Applications -> Universal Access -> Workrave

Once launched Workrave applet appears right on in GNOME main panel. Below is screenshot of it.
Workrave applet in Gnome debian Linux screenshot

Clicking on the sheep image, there are plenty of configuration menus from which to choose how Workrave will further behave. Its default behavior is quite agressive and suggests breaks too often so if you choose to follow default configuration you will quickly be bored and probably remove it from computer. Hence re-configuring Workrave to remind for breaks every one hour is a good timing in my opinion:

Configuring workrave to remind for breaks from computer every one hour screenshot

Workrave time for micro break screenshot

 

 

Workrave includes reminder with neck movement exercises, which if followed can severely de-stress and keep your neck healthy.

workrave prevent repetitive strain injury neck exercises screenshot gnu / linux

workrave prevent repetitive strain injury neck exercises screenshot gnu / linux and windows

The program has even statistics on how much breaks you take, how long it was used and various other interesting info, below is screenshot from statistics window:

Workrave usage statistics GNU Linux screenshot

 

FreeBSD Happy Birthday – FreeBSD OS turns 20 years old

Monday, June 24th, 2013

Happy Birrthday Freebsd / FreeBSD becomes 20 years old - Classic logo bsd avatar beastie mascot

On 19th of June FreeBSD had its 20 birthday! Its great joy for us the FreeBSD geeks 🙂
This is a bit outdated but as I'm a long years FreeBSD user I found myself obliged to mention the good news.

FreeBSD project was officially introduced for first time under the new name by David Greenman, Jordan Hubbard and Rod Grimes as fork of BSD (Berkley Software Distrbution 4.3).

Even more and less known is that big chunks of FreeBSD (kernel and userland) code are running on the shiny Mac OS X.

Below is mail which made up the name FreeBSD 🙂
 

To: interim@bsd.coe.montana.edu (Interim 0.1.5)
Subject: Re: “386BSD” trademark (fwd)
From: David Greenman <davidg@implode.rain.com>
Date: Sat, 19 Jun 93 17:26:02 -0700

> Okay folks.. taking new name suggestions.. we have:
>
> BSDFree86 – Rod, who is going with Jordans improved NON BSDI name..
> Free86BSD – Jordan, Rod likes this one two…
> – (F86BSD for short)
>
> vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
>                v                                                                     v
>                v          This is the hat to drop yours in!       v
>                v                                                                     v
>                vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv

How about just simply “FreeBSD”? No confusion, no fuss, seems like a good compromise to me. 🙂

-DG

FreeBSD Berkley Software Distrubution OS new logo happy birthday FreeBSD

Now 20 years after, FreeBSD itself had numerous forks very much in tradition of Free Software – most notable ones are of course BSD for desktop DragonFly BSD and PC-BSD.
As part of FreeBSD evolution nowadays FreeBSD kernel is ported for Debian Linux, i.e.:

debian:~# apt-cache show kfreebsd-source-8.1|grep -i description -A 2

Description: source code for kernel of FreeBSD 8.1 with Debian patches

 This package provides the source code for kernel of FreeBSD 8.1, base of

 a GNU/kFreeBSD system.

Description: source code for kernel of FreeBSD 8.1 with Debian patches

 This package provides the source code for kernel of FreeBSD 8.1, base of

 a GNU/kFreeBSD system.

 

 and can be run onas substitute for Linux kernel on most GNU / Linux distributions 
 

FreeBSD has unquestionably played key role over the last 20 yrs for development of Hacker Culture of Freedom and Free Software.

 Congrats and cheers to all FreeBSD users! 🙂  

PHP: Better Webhosting Security – Disable exec(), exec_shell(), system(), popen(), eval() … shell fork functions

Sunday, June 23rd, 2013

increase php security better php security by disabling fork shell system and eval functions

If you work as System Administrator of WebHosting company, you definitely know how often it is that some automated cracker scripts (working as worms) intrude through buggy old crappy custom coded sites or unupdated obsolete Joomla / WordPress etc. installs. and run themselves trying to harvest for other vulnerable hosts. By default PHP enables running commands via shell with PHP functions like exec();, shell_exec(); , system();. and those script kiddie scripts use mainly this functions to spawn shell via vulnerable PHP app. Then scripts use whether php curl support is installed (i.e. php5-curl) to download and replicate itself to next vulnerable hop.

With that said it is a must after installing new Linux based server for hosting to disable this functions, to save yourself from future hassles …
Earlier, I blogged how to disable PHP system system(); and exec(); functions to raise Apache security using suhosin however this method requires php suhosin being used.

Yesterday, I had to configure new web hosting server with Debian 7, so I tried installing suhosin to use it to protect PHP from having enabled dangerous system();, eval(); exec(); .
I remember disabling system(); using suhosin php extension was working fine on older Debian releases, however in Debian 6.0, php5-suhosin package was causing severe Apache crashes and probably that's why in latest Debian Wheezy 7.0, php suhosin extension is no longer available. Therefore using suhosin method to disable system();, exec(); and other fork functions is no longer possible in Debian.

Since, suhosin is no longer there, I decided to use conventional PHP method via php.ini.

Here is how to do it

Edit:

/etc/php5/apache2/php.ini

debian:~# vim /etc/php5/apache2/php.ini
And near end of file placed:

disable_functions =exec,passthru,shell_exec,system,proc_open,
popen,curl_exec, curl_multi_exec,parse_ini_file,show_source

allow_url_fopen Off
allow_url_include Off

It is good to explain few of above functions – shell_exec, proc_open, popen, allow_url_fopen, show_source  and allow_url_include.

Disabling shell_exec – disables from PHP scripts executing commands with bash slash ` `, i.e. `ls`. proc_open and popen allows reading files from file system.

show_source – makes possible also reading other PHP source files or can be used to display content of other files from fs.

To read newly placed config vars in php.ini usual apache restart is necessary:

debian:~# /etc/init.d/apache2 restart
[….] Restarting web server: apache2
. ok

Further on tо test whether system();, exec();, passthru(); … etc. are disabled. Make new PHP file with content:

<?php
error_reporting(E_ALL);
$disabled_functions = ini_get('disable_functions');
if ($disabled_functions!='')
{
    $arr = explode(',', $disabled_functions);
    sort($arr);
    echo 'Disabled Functions:
        ';
    for ($i=0; $i<count($arr); $i++)
    {
        echo $i.' - '.$arr[$i].'<br />';
    }
}
else
{
    echo 'No functions disabled';
}
?>

php show disabled functions screenshot improve php security by disabling shell spawn functions

Copy of above source code show_disabled_php_functions.php is here for download
. To test your Apache PHP configuration disabled functions download it with wget or curl and rename it to .php:

# cd /var/www # wget -q https://www.pc-freak.net/files/show_disabled_php_functions.php.txt
mv show_disabled_php_functions.php.txt show_disabled_php_functions.php

After disabling functions on those newly setup Debian hosting Apache webserver, I remembered, same functions were still active on another CentOS Linux server.

To disable it there as well, had to edit:

/etc/php.ini

[root@centos:~]# vim /etc/php.ini

And again place after last file line;

disable_functions =exec,passthru,shell_exec,system,proc_open,popen,
curl_exec, curl_multi_exec,parse_ini_file,show_source

allow_url_fopen Off
allow_url_include Off

Finally on CentOS host, had to restart Apache:

[root@centos:~]# /etc/init.d/httpd restart

For Security paranoids, there are plenty of other PHP functions to disable including, basic functions like ln, mv, mkdir, cp, cat etc.

Below is list of all functions to disable – only disable this whether you you're a PHP security freak and you're 100% some server hosted website will not use it:

disable_functions = "ln, cat, popen, pclose, posix_getpwuid, posix_getgrgid, posix_kill, parse_perms, system, dl, passthru, exec, shell_exec, popen, proc_close, proc_get_status, proc_nice, proc_open, escapeshellcmd, escapeshellarg, show_source, posix_mkfifo, mysql_list_dbs, get_current_user, getmyuid, pconnect, link, symlink, pcntl_exec, ini_alter, pfsockopen, leak, apache_child_terminate, posix_kill, posix_setpgid, posix_setsid, posix_setuid, proc_terminate, syslog, fpassthru, stream_select, socket_select, socket_create, socket_create_listen, socket_create_pair, socket_listen, socket_accept, socket_bind, socket_strerror, pcntl_fork, pcntl_signal, pcntl_waitpid, pcntl_wexitstatus, pcntl_wifexited, pcntl_wifsignaled, pcntl_wifstopped, pcntl_wstopsig, pcntl_wtermsig, openlog, apache_get_modules, apache_get_version, apache_getenv, apache_note, apache_setenv, virtual, chmod, file_upload, delete, deleted, edit, fwrite, cmd, rename, unlink, mkdir, mv, touch, cp, cd, pico"

Linux: Configure Midnight Commander to use mcedit instead of nano or vi text editor

Friday, June 21st, 2013

reverting mc text editor to mcedit fix problem with mcedit not working in linux

I use Midnight Commander console file manager on any UNIX like servers, since my early days as system administrator. mc comes with its own text editor mcedit which is often very handy for reading config files or pieces of source code. Many times I had to modify files which were spitting errors which I couldn't track in VIM, jor or whatever text editor had on server at hand and after checking file with mcedit I caught my config or source code mistake. I guess many other admins has similar nice experiences with mcedit Internal file editor of GNU Midnight Commander. Nowadays, I install mostly Debian Linux on new configured servers and using mc to navigate in file system is very useful. I prefer mc to open files for edit with F4 (Edit – kbd shortcut) with its default mcedit, however for some reasons most of Debian / Ubuntu and other Linuxes, nowadays has set global environment text editor to nano. I totally dislike this text editor and like changing mc always to use mcedit. This is done straight from MC menus by:

Pressing F9 -> Going to Options -> Configuration -> (Setting mark on) -> Use Inernal Edit
/code>

unix terminal file manager midnight commander configuration menu screenshot

linux console file manager midnight commander use internal edit menu unchecked screenshot

<

ClamTK Linux Desktop Anti-Virus program – Checking Windows mapped drives with ClamTK

Thursday, June 20th, 2013

Linux desktop graphical program to scan for-viruses ClamTK clamav frontend application

In general Linux has fame for being Virus Free Operating System. During the 13 last years as dedicated GNU / Linux user, I've seen Linux servers with binaries infected with Viruses, however the hosts, were severely messed hosts because noone updated them on time and script kiddy crackers has "hacked" multiple times. In lifetime one of my old testing computers got infected with Virus because of my mistake of running "suspicious" pre-compiled "cracker" software binaries with no MD5 verification and "questionable" websites…
I share this story because, I want to beat-up the Myth that Linux cannot have Viruses. It CAN but not very likely to happen 🙂

As a Desktop user over the last 10 years, even though I installed plenty of packages from third party sources and never happened to infect my computer with Virus – or at least if I infected I never knew it. A lot of popular MS-Windows Anti-Virus programs, has already ports for Linux. Just to mention few non-free Linux AV software providing install binaries;

  • Avast

  • BitDefender

  • AVG

  • Dr. Web

Though risk of Viruses on Linux is so tiny, it is useful to have ANTI-Virus Software to check files received from Skype, E-mails and onse downloaded with Browser. I always prefer so until now I used Clamav Antivirus to keep an eye periodically on my Desktop Linux host and servers running mail servers (those who run Mail Servers know how useful is Clamav in stopping tons of E-mail attached Malware Viruses and Trojans).

I use mostly Debian Linux, so on every new server or Desktop one of first things I did was to install it, i.e.:

# apt-get --yes install clamav
...

Before I knew Clamav AV for Windows has GUI, anyways till recently I didn't know if there is some kind of free software AV Graphical frontend for Linux. I just found out about ClamTK

Linux Free Antivirus ClamTk clamav Virus Scanner graphical frontend

ClamTK is available in most Linux distributions from default package repositories

On Debian and Ubuntu to install it run common:

debian:~# apt-get --yes clamtk
...

On Fedora and CentOS Linux to install:

[root@fedora ~]# yum -y install clamtk
...

Its best to run it as root superuser (or via sudo) to make ClamTK able read all files or mounts on system:

hipo@debian:~$ sudo clamtk

ClamTK is very simple to use and there are only few configuration options;
clamtk desktop linux free antivirus startup preferences

clamtk scan for viruses linux gui proxy

linux Anti-Virus Desktop graphics easy to use AntiVirus ClamTK preferences screenshot

ClamTK is very useful when used with mounted Samba Shared (Mapped) Windows drives to scan for Viruses and malware, i.e, after mounting share using cmd like:

# smbmount //192.168.2.28/projects /mnt/projects -o user=USERNAME

How to Reset Joomla admin Password from MySQL command line

Wednesday, June 19th, 2013

joomla logo how to reset admin password

It is very common thing for clients having Joomla based websites to forget their password. It is possible to reset password from jos_users table using PhpMyadmin. But it is much

# mysql -u root -p
Enter password:

Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 975975
Server version: 5.1.66-0+squeeze1 (Debian)

Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> USE joomla_site;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A

Database changed

mysql> UPDATE `jos_users` SET `password` = MD5( ‘new_password’ ) WHERE `jos_users`.`username` = “administrator” ;

Replace "new password", string with whatever new password is necessary
Change “administrator” or admin with joomla's admin username.

There you, go Joomla admin password is changed 🙂

Linux: 8 Console Music players / Listening mp3 music in text mode

Monday, June 17th, 2013

As most of computer geeks, music is very important to make up my day and bring me up from bad mood or boredom. I like doing things from console, so even though nowadays Linux Desktop is so convenient, I still often prefer playing my mp3s from command line. In that spirit its worthy share with newer Linux users about existence of few mp3 players I used over the years to play my MODs / XM / Wavs / Mp3 etc.in pure console:

1. First and maybe most used over the years is mpg123 and its clone mpg321

mpg321 debian gnu linux playing mp3 in console screenshot
mpg123 is first mp3 player I ever used in Linux with no graphical environment and even to this day I install it on every Linux Desktop I have to configure. Its small its handy and it plays well most of mp3 music. Historically there was some issues with licensing of mpg321 making it not 100% (GPL-ed free software). Therefore a clone of it was made mpg321.
mpg321 is also a good mp3 player, but in some encoded mp3s my experience shows mpg123 plays music better (with less glitches).

 Install both mpg321 and mpg123 on Debian and Ubuntu and rest of deb based Linuces is with trivial:

debian:~# apt-get install --yes mpg321 mpg123
...

2. MP3Blaster (More interactiveNcurses mp3 and ogg vorbis player)

mp3blaster console music mp3 player Debian linux wheezy gnome terminal screenshot

debian:~#  apt-cache show mp3blaster|grep -i -A 1 description

Description-en: Full-screen console mp3 and Ogg Vorbis player
 mp3blaster is an interactive text-based mp3 and Ogg Vorbis player with

Description-md5: 0f28b31112e54bf3e946048856a7b6ce
Tag: interface::text-mode, role::program, sound::mixer, sound::player,

root@noah:/home/hipo/Плот# apt-cache show mp3blaster|grep -i -A 1 description
Description-en: Full-screen console mp3 and Ogg Vorbis player
 mp3blaster is an interactive text-based mp3 and Ogg Vorbis player with

Description-md5: 0f28b31112e54bf3e946048856a7b6ce
Tag: interface::text-mode, role::program, sound::mixer, sound::player,

To install:

 

debian:~# apt-get install --yes mp3blaster
...

3. Open Cubic Player – Cubic Player rewrite for UNIX and Linux

listening mp3 mod xm in console and terminal opencubicplayer ocp gnu linux debian

Those who remember how we used to listen music in DOS (Disk Operating System) days, should certainly remember Cubic Player – IMHO it used to be best MSDOS music player to play CDAudio, midi, MODs, WAVES etc. sound formats. I was more than delighted to find out some few years ago, some geeky developers started project aiming to rewrite from scratch Cubic Player for UNIX OS-es. Open Cubic Player is nowadays reality stable and kicks ass. I warmly recommend it to everyone who want to play music from console or terminal! It simply kicks ass!!! 🙂

Install it with;

debian:~# apt-get install --yes opencubicplayer
...

4. Cmus C Music Player (mp3 / wav / aac / flac / ogg vorbis) console player

Cmus tiny console terminal gnu linux mp3 music player screenshot
debian:~# apt-cache show cmus|grep -i description -A 2

Description-en: lightweight ncurses audio player
 C* Music Player is a modular and very configurable ncurses-based audio player.
 It has some interesting features like configurable colorscheme, mp3 and ogg

Install it with:

debian:~# apt-get install --yes cmus
...

Cmus tiny console terminal gnu linux mp3 music player screenshot
5.Good old but gold Mplayer

noah:~# apt-cache show mplayer|grep -i description -A 2

Description: Ultimate Movie Player For Linux.
 It plays most mpeg, avi and asf files, supported by many native and win32
 DLL codecs. You can watch VCD, DVD and even DivX movies too. The other

Description-en: movie player for Unix-like systems
 MPlayer plays most MPEG, VOB, AVI, Ogg/OGM, VIVO,
 ASF/WMA/WMV, QT/MOV/MP4, FLI, RM, NuppelVideo, yuv4mpeg, FILM, RoQ, PVA files,

noah:~# apt-get install --yes mplayer

playing music in console and terminal mplayer play mp3 ogg and videos in linux console

 


7. herrie – Minimalistic console music player

herrie linux console music player
Other newer player I just recently heard of is Herrie.
I red quite positive things about it, installed it but never got into habit of using it.

8. MikMod – Portable tracked music player

mikmod-console-mod-xm-it-old-school-music-format-player-for-gnu-linux-and-freebsd

Talking about geek music and old school stuff it is impossible not to mention MikMod. Even 12 years after i saw it for first time I still use it often to play cool music from modarchive.org. Its my personal believe MikMod is a player for hard core coders and hackers 🙂

noah:~# apt-cache show mikmod|grep -i description -A 2

Description-en: Portable tracked music player
 Mikmod is a very portable tracked music player which supports a wide
 variety of module formats including compressed sample Impulse Tracker

I'll be glad to hear from others what was your favourite console sound player

noah:~# apt-get install --yes mikmod
...