laneolson

Introducing… Lucy!

I’ve been a little behind on my posting for the past couple months. My time has been consumed by a few projects, better weather, and a little puppy named Lucy. We picked her up just about a month ago, she is a pure bred chocolate lab. This is my first puppy and I am surprised how much time they can eat up! I’m slowly getting into a routine now and am finding a few packets of spare time here and there. Hopefully I’ll be able to catch up on my posting again soon.

Read the full post for more pictures.

In other news I have a few projects in progress. The main one that isn’t work related is called Swatchee. It is a simple web app that generates syntax highlighting schemes for a variety of editors starting with vim, textmate, and notepad++. The app is based on jQuery, HTML5, and the Lithium framework for PHP. If you’re interested in testing or would like to lend a hand with development post a comment or send me an email at lane [at] laneolson [dot] ca.

Compiling PHP 5.3 on Ubuntu 9.10

This guide will outline how to compile PHP 5.3 from source for use with Apache. The instructions in this guide have been tested with Ubuntu 9.10 and should work on other debian based distros. This guide is a slight modification of the video guide on setting up Apache, PHP 5.3 with xdebug, MongoDB, and Lithium created by Jon Adams. Before proceeding with the instructions below you will need Apache installed on your computer. If you do not yet have apache you can follow my guide for setting up Apache on Ubuntu 9.10.

The first step for installing PHP 5.3 is to get the prerequisites. For this guide you will need the following libraries in order to compile php with the options that I use. If you have some custom libraries/extensions that you want included in your build of PHP, now is the time to install them if you haven’t already.

The following command will install the libraries that I will need:

sudo apt-get install libmcrypt-dev libxml2 libxml2-dev libbz2-dev libcurl4-gnutls-dev libjpeg62-dbg libpng12-dev libxslt1-dev libbz2-dev

Once our required libraries have been installed we can go to http://www.php.net/downloads.php and choose to download the latest 5.3.x build in tar.gz format. I chose to copy the download link and use wget to download it to the tmp directory, but you can do whatever you like.

cd /tmp

wget http://ca2.php.net/get/php-5.3.1.tar.gz/from/this/mirror

now untar the file and go into the directory

tar -xvf php-5.3.1.tar.gz
cd php-5.3.1

Now comes the fun part. Here we will run the configure script that says what kind of extensions we want php built with…

MultiBeast: The Ultimate Tool For Getting Your Hackintosh Up and Running

A tool called MultiBeast, that takes the hassle out of getting everything working on your Hackintosh, was released yesterday by tonymacx86. As the post says:

MultiBeast installs everything you need to get your system 100% in one convenient package including Bootloader, Graphics, Sound, Network, DSDT, Kernels, Extras, and Utilities.

This is great for those who have always wanted a Hackintosh but were too intimidated by the manual terminal work. MultiBeast provides a straight forward GUI for performing the grudging tasks of getting your hardware to work with OS X.

I have been a loyal reader of tonymacx86’s blog for the past few months since his guides have got me up and running with a Core i5 Hackintosh of my own. His guides are very thorough and easy to follow. The introduction of this tool makes things so much easier. Thanks tonymacx86!

Links:

• tonymacx86’s blog – guides and various p55 i5/i7 hackintosh information
• tonymacx86 forums
• MultiBeast Installer – The Ultimate tool for Hackintosh Post-Installation

Installing and Configuring Apache for Multiple Sites on Ubuntu

I like to run a local version of Apache on my laptop for various projects so I can bring them wherever I go and not have to worry about them being live or screwing anything up. Ubuntu makes it extremely easy to setup a LAMP server. All you have to do is run:

sudo tasksel

Then follow the onscreen instructions and choose “LAMP Server” when prompted to be up and running with Apache, MySQL, and PHP in mere minutes.

This is great for a user that just wants the standard versions of PHP or MySQL. However, I’m working on a project that requires PHP 5.3, and installing a LAMP server using tasksel installs PHP 5.2. I decided that I would just install Apache and PHP manually so that I could use PHP 5.3. This guide starts with my ideal Apache setup. This is kind of a personal preference of how I like Apache setup, others may prefer a different method. If you follow this guide directly you will end up with your web directory in your home folder, with two sites (http://sandbox.local/ and http://production.local/). Lets get started.

Installing Apache

Installing Apache is the easy part, simply use apt:

sudo apt-get install apache2 apache2-prefork-dev apache2-mpm-prefork

Let it do its thing and in a few minutes you should have Apache up and running. Once it is done you can test if it is working by opening a web browser and entering http://localhost/ in the address bar. You should get Apache’s default message that says “It works!”. Now that Apache is installed we can configure it to fit our needs…

Advanced Regular Expressions: Some Tools and an Example

I’ve found myself having to build a few somewhat complex (in my opinion) regular expressions over the last few days in order to index certain fields for Splunk. A good friend of mine pointed me in the direction of a regular expression testing tool a while ago and it has proved to be extremely useful. The tool, RegExr, gives a good overview of examples, special characters, and even community submitted regular expressions for you to use. Most importantly it lets you test your regular expression on a sample of user submitted text.

This is a great tool for Splunk. All you have to do is copy an event that you want to capture a custom field in, paste it in the tool, then work with the regular expression until it captures that data you need. One example of a regular expression that I built is this monster:

(http|https)://(([A-Za-z0-9\.\-]*)?\.)?(?<domain_name>[A-Za-z0-9\-]{3}[A-Za-z0-9\-]*\.([A-Za-z]{2}\.[A-Za-z]{2}|[A-Za-z]{2,3})|[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})

I’ll explain what this one does in a second, but you can probably guess by looking at it. With Splunk I am indexing all data that goes through the HTTP proxy on the firewall. Each event that Splunk indexes from the proxy includes the address processessed, right down to the file name. However, I’m more interested in pooling all of the events by domain name to get total amount of requests, time spent, etc by domain name. So, I needed a regular expression to extract the domain name; enter the mess of characters from above…

Critical Files on Dropbox: A Cautionary Tale

This weekend I had somewhat of an unsettling experience with Dropbox. Typically I keep my KeePass database stored within Dropbox so that it is automatically synchronized between all of my computers. I’ve felt quite confident that, because the file is synchronized to multiple computers, it is safe from being lost in the event of a hard drive failure or the like. I do make backups of the file but only around every month or so. I’m sure there are others that probably do the same thing as I do and I have a warning for those people… Backup your vital files (like password databases) somewhere else besides on the cloud. Here’s why:

I logged onto my computer late Friday night from my laptop. I decided I was going to login to one of my blogs and start writing a new article. Upon logging on I saw that faithful message from Dropbox in my notification area, “2 new files were synchronized successfully”. I proceeded to fire up KeePassX and type in my password and was greeted with the following error:

“The structure of the current database file is invalid. This can either happen if the user-supplied composite key is invalid or if the file is corrupted.”

At first, I had thought that I entered my password wrong. So I tried again, typing more carefully this time. Same error. Then I thought maybe there was an issue with my key file, so I restored one from backup and tried again. Same error. I’m sitting in front of my laptop in disbelief, wondering what the hell I’m going to do if I can’t access the hundreds of password in that file… some of which have no method of recovery…

Installing OpenVAS 3 on Ubuntu 9.10

This is a minor update to my previous post on how to install OpenVAS 2 on Ubuntu 9.04. Since that post there have been some changes. A new release of Ubuntu and a new version of OpenVAS. If you still prefer to use OpenVAS 2 then my previous instructions should work fine with Ubuntu 9.10. Those who would like to take advantage of OpenVAS 3 can expect the following new features:

• A new internal architecture of the modules
• NVT Meta Information that is free of arbitrary size limits
• IPv6 support
• WMI clients support
• Supports upcoming optional extensions:
  • OpenVAS Manager for storing and organizing scans on a central server in a
    SQL database
  • OpenVAS Administrator for User-, Feed- and Settings-Management
  • Greenbone Security Assistent for a web-based Vulnerability Management

You can read more about it on the official OpenVAS website. Now, lets get to the good stuff. The instructions below should get you up and running with OpenVAS 3 on Ubuntu 9.10…

Hyper-V Snapshots and Disk Space

I ran into a somewhat embarrassing problem the other day. Upon turning on my computer I found that my virtual machine on a test server running under Hyper-V was in a Paused-Critical state. A little further investigation showed that my disk space was critically low. I tried to wrap my head around how that could have possibly happened. After all, the only thing that was really on that machine was the Virtual Machine which I had allocated a large amount of disk space for.

The issue was with snapshots. I had been taking snapshots of the VM prior to applying service packs or installing risky software. After the procedure was successful I would delete the snapshot… or so I thought. I’m no Hyper-V guru, but from past experience with VMware products once a snapshot is deleted, it’s gone. This isn’t the case with Hyper-V. If you want to delete a snapshot, you have to delete it in the Hyper-V manager, then turn off the VM with the deleted snapshot and wait for it to merge.

I shut down the VM and the merging process began. However, I had created a few snapshots in the past that still hadn’t been merged. It looked like the merging process might take a while, so I let it run. However, the merging process could not complete because I didn’t have enough disk space! I found this quite ironic.

I am of disk space because I did not merge the snapshots into the vhd, but I cannot merge the snapshots because I am out of disk space. Does that seem odd to anyone else?

In order to fix this problem I had to dive into the config file. Luckily, I had another hard drive with around 30GB of freespace attached to the host. To fix the problem I shut down the VM and Hyper-V Services then went to the directory containing .avhd (snapshot) files. I moved one of the snapshot files to a temporary directory on the drive with the free space, then updated the snapshot entry in the config xml file for the VM to point to the new directory where I placed the snapshot file. After restarting the Hyper-V services and turning off the VM the merge was able to complete, albeit after 2 hours of waiting.

Mouse issues running an Ubuntu guest in VMware

I guess this isn’t exaclty an Ubuntu specific problem because I’m having issues with my mouse in Windows guest using VMware server as well. Anyways, I have found a fix to the problem I was having in Ubuntu. I have a few different VM’s that I use for testing and ever since I set them up I’ve been having the following mouse issues (even with VMware Tools installed):

• I often get a “shadow” mouse where I can see the Windows cursor and the Ubuntu cursor at the same time. This would make it difficult for me to know what I was clicking on.
• I usually have my Ubuntu VM at fullscreen on one monitor and Windows running in the other. In order to release the mouse from the VM I would have to hit Ctrl+Alt, which makes it tough to use the VM and Windows side-by-side. Also hitting Ctrl+Alt would exit the VM from fullscreen mode.
• The cursor would often flash in a seizure inducing way.

All of these issues can be easily fixed by installing the vmmouse driver. Which can be done with the following command:

sudo apt-get install xserver-xorg-input-vmmouse

After it is installed you can reboot or simply restart gdm with:

sudo /etc/init.d/gdm restart

You can now run the VM in fullscreen and seamlessly move the mouse in and out of the VM without having to press ctrl+alt all the time. It also fixes the other issues mentioned above.

Trend Micro WFBS 6.0 Common Fixes

In my last blog post I talked about an issue with Trend Micro WFBS not updating. I have been using Trend Micro Worry Free Business Security for almost a year now and have found it to be very easy to manage. However, no software is without faults, and this is especially true for anti-virus software. I have run into a few issues upgrading, installing, and re-installing Trend Micro WFBS. I’ve assembled this list to help some people that may run into the same issues as I have.

How to change the password for the Web Console if you are locked out

For some reason after I upgraded from WFBS 5.1 to 6.0 I was unable to login to the Web Console with my old password. Accessing the web console is pretty essential to managing WFBS so I had to find a way to reset it. Fortunately I had a backup of the ofcserver.ini file which contains an encrypted version of the web console password. I was able to replace the encrypted password in the new ini file with the one from the old file. You can reset your password by:

1. Stop the Trend Mico Master Service
2. Open up the ofcserver.ini (C:\Program Files\Trend Micro\Security Server\PCCSRV\Private\ofcserver.ini)
3. Find the line that starts with “Master_Pwd” and replacing it with this:

   Master_Pwd=!CRYPT!523DD5B28918ED6D2ED4C7DFFE949A638AA4D1C8B1D25440F37606AD23C793453C0043B1B483A2EADE21439233C

4. Save the file then Start the Trend Micro Master Service
5. Login to the Trend Micro WFBS web console, your password will be “P@$$w0rd!”.
6. You should now be able to login to the web console and set your password to whatever you like.