I prefer to use Linux as my OS with a Windows VM for those things that I can't live without (i.e. MS Office, if I didn't have to share files with others, I'd make due with Google Docs or Open Office.). Lately, I've been using a Mac, not because I'm an Apple fan boy or hipster, but because it offered the best of both worlds, a UNIX command prompt and a local MS Office application.
Recently, I identified found a virus on a Windows laptop and set about the removal process. Normally, that's just format and re-install just to be sure (Nuke it from space, it's the only way to be sure...) That didn't work this time, which meant the virus had infected the MBR. I removed the drive and destroyed the partition map, created a new map, created the file system, destroyed and recreated the partition map and left the drive un-formatted from a Mac.
The virus reappeared immediately after the fresh installation, off the the network. Since the battery and power were removed from the laptop, it wasn't because it was resident in memory, thus, I'm thinking it's a BIOS virus, or some other non-volatile memory on the laptop. I'll flash the bios next...
The kicker it infected a fully patched Windows 7 64bit system with fully updated SEP 11 A/V installed. I suspect it was IE (the user used IE, but not anymore) with an unpatched flash, but I'm not sure. The virus identified was Simfraud-C.generic by Malwarebytes and Spybot S&D (and missed by SEP 11), however, all information I gleamed didn't indicate it would have behave the way this one did. I suspect some other nefarious bug...
...8 hours and $800 later (wife needed to work and a new laptop was in order), I realize that I sure do love Linux and when I can't get that, Mac OS X.
Monday, January 23, 2012
Thursday, January 5, 2012
Setting up OpenLDAP on Ubuntu
I spent some time setting up a new server at work to be the computation server for opensource alternatives to the normal applications we have. I thought it was the perfect time to migrate from NIS to LDAP.
I thought of using Microsoft Active Directory, however, that creates difficulties meeting end user needs due to politics. This is supposed to be an opensource server, thus OpenLDAP seems the option to go with here.
I set up an Ubuntu server and pretty much followed the instructions s in the Server Guide, however, there were hurdles getting it to actually function normally. I wanted it to use TLS for security reasons only. I changed the line in /etc/default/slapd to be:
SLAPD_SERVICES="ldap://127.0.0.1/ ldaps:/// ldapi:///
This allowed the server to listen on the network for TLS connections and allow non-encrypted connections if coming from the server itself. That was my biggest stumbling block as many references indicated that I needed to put the IP address or name of the server for the ldaps:/// entry. However, doing this, Ubuntu wouldn't listen on that port.
Also, following the instructions blindly results in a lot of extra stuff that you may not need, for instance, I really didn't want all the address book fields. I just wanted a replacement for NIS.
Now again, the online documentation for Ubuntu server was accurate enough to add the client successfully, but there were still a number of issues. Namely, I couldn't change the password, and newgrp didn't function as needed. installing libcap2-bin and using setcap to change newgrp itself soon fixed this problem.
The other issue was sudo, which seemed to know about ldap but still gave an non-helpful error. Installing nscd appeared to fix this issue.
Outside of a few minor tweaks, the only other thing I did was best practice security set up on the server and client. I have a functional LDAP server, and a client connected to it. Now, I can move on to the work group sharing options the users need as well as account provisioning...
I thought of using Microsoft Active Directory, however, that creates difficulties meeting end user needs due to politics. This is supposed to be an opensource server, thus OpenLDAP seems the option to go with here.
I set up an Ubuntu server and pretty much followed the instructions s in the Server Guide, however, there were hurdles getting it to actually function normally. I wanted it to use TLS for security reasons only. I changed the line in /etc/default/slapd to be:
SLAPD_SERVICES="ldap://127.0.0.1/ ldaps:/// ldapi:///
This allowed the server to listen on the network for TLS connections and allow non-encrypted connections if coming from the server itself. That was my biggest stumbling block as many references indicated that I needed to put the IP address or name of the server for the ldaps:/// entry. However, doing this, Ubuntu wouldn't listen on that port.
Also, following the instructions blindly results in a lot of extra stuff that you may not need, for instance, I really didn't want all the address book fields. I just wanted a replacement for NIS.
Now again, the online documentation for Ubuntu server was accurate enough to add the client successfully, but there were still a number of issues. Namely, I couldn't change the password, and newgrp didn't function as needed. installing libcap2-bin and using setcap to change newgrp itself soon fixed this problem.
The other issue was sudo, which seemed to know about ldap but still gave an non-helpful error. Installing nscd appeared to fix this issue.
Outside of a few minor tweaks, the only other thing I did was best practice security set up on the server and client. I have a functional LDAP server, and a client connected to it. Now, I can move on to the work group sharing options the users need as well as account provisioning...
Friday, December 30, 2011
Video Game Holidays
Spent a number of days over the holiday playing video games, not something I've done much of over the past few years (mostly since switching to a Mac.) I'm using my Xbox 360 and am starting to appreciate the purchase I made oh so long ago when it came out. Granted, I had to replace it with a new one recently (started having issues.)
I've mostly been playing Dragon Age: Origins, which I have to say has become my all time favorite game. I just completed it and I was a little sad to see it end even though I spent to 3am a couple of days ago trying to complete it.
I'm downloading Dragon Age: Awakenings as I type this, and I am hoping Dragon Age II is just as good...when I get to it.
I've mostly been playing Dragon Age: Origins, which I have to say has become my all time favorite game. I just completed it and I was a little sad to see it end even though I spent to 3am a couple of days ago trying to complete it.
I'm downloading Dragon Age: Awakenings as I type this, and I am hoping Dragon Age II is just as good...when I get to it.
Friday, December 2, 2011
Interesting Anecdote
It was rather timely that I read this InfoWorld Article recently. There are a lot of changes happening at work, and as a lot of new people start working, I think they would benefit from the anecdote.
Monday, October 24, 2011
Why the move?
I got tired of updating Wordpress, and really, for the majority of what I use my site for, Blogger is sufficient...at least for now.
We'll see how it goes...
We'll see how it goes...
Tuesday, October 11, 2011
Apple Mail and Gmail
I generally use the webmail interface to my Gmail account, but there are times when it's convenient to use Apple Mail. Google's recommended settings assume you want to use the delete function of the mail client to delete a label rather than delete the message. What this means is that when you delete a message, the label is removed and the message remains within All Mail and other labels.
I would rather that the message be deleted in the traditional sense. Gmail accomplishes this by removing all the labels (messages without labels are "trash"). Thus, in Preferences/Accounts, on the Gmail icon, and the Mailbox Behaviors button, I checked "Move deleted messages to the Trash mailbox" and "Store deleted messages on the server" and set "Permanently erase deleted messages when:" to never. Save the settings by exiting preferences.
But we're not quite done, you need to display your mailboxes in Apple Mail if you're not doing so already. In the Gmail folder list you should see a [Gmail] folder, expand it and you will see the default gmail folders (All Mail, Drafts, Important, Sent Mail, Spam, Trash, and Starred). Select the Trash folder and in under Apple Mail's Mailbox menu, select "Use this Mailbox For", and then select Trash.
Now, when you delete a message in Apple Mail, it is moved to Gmail's trash folder.
Of course, the downside, you have no way to "archive" your email now in the traditional sense of Gmail...
I would rather that the message be deleted in the traditional sense. Gmail accomplishes this by removing all the labels (messages without labels are "trash"). Thus, in Preferences/Accounts, on the Gmail icon, and the Mailbox Behaviors button, I checked "Move deleted messages to the Trash mailbox" and "Store deleted messages on the server" and set "Permanently erase deleted messages when:" to never. Save the settings by exiting preferences.
But we're not quite done, you need to display your mailboxes in Apple Mail if you're not doing so already. In the Gmail folder list you should see a [Gmail] folder, expand it and you will see the default gmail folders (All Mail, Drafts, Important, Sent Mail, Spam, Trash, and Starred). Select the Trash folder and in under Apple Mail's Mailbox menu, select "Use this Mailbox For", and then select Trash.
Now, when you delete a message in Apple Mail, it is moved to Gmail's trash folder.
Of course, the downside, you have no way to "archive" your email now in the traditional sense of Gmail...
Monday, August 22, 2011
Subscribe to:
Posts (Atom)