laneolson

Mouse issues running an Ubuntu guest in VMware

I guess this isn’t exaclty an Ubuntu specific problem because I’m having issues with my mouse in Windows guest using VMware server as well. Anyways, I have found a fix to the problem I was having in Ubuntu. I have a few different VM’s that I use for testing and ever since I set them up I’ve been having the following mouse issues (even with VMware Tools installed):

• I often get a “shadow” mouse where I can see the Windows cursor and the Ubuntu cursor at the same time. This would make it difficult for me to know what I was clicking on.
• I usually have my Ubuntu VM at fullscreen on one monitor and Windows running in the other. In order to release the mouse from the VM I would have to hit Ctrl+Alt, which makes it tough to use the VM and Windows side-by-side. Also hitting Ctrl+Alt would exit the VM from fullscreen mode.
• The cursor would often flash in a seizure inducing way.

All of these issues can be easily fixed by installing the vmmouse driver. Which can be done with the following command:

sudo apt-get install xserver-xorg-input-vmmouse

After it is installed you can reboot or simply restart gdm with:

sudo /etc/init.d/gdm restart

You can now run the VM in fullscreen and seamlessly move the mouse in and out of the VM without having to press ctrl+alt all the time. It also fixes the other issues mentioned above.

Trend Micro WFBS 6.0 Common Fixes

In my last blog post I talked about an issue with Trend Micro WFBS not updating. I have been using Trend Micro Worry Free Business Security for almost a year now and have found it to be very easy to manage. However, no software is without faults, and this is especially true for anti-virus software. I have run into a few issues upgrading, installing, and re-installing Trend Micro WFBS. I’ve assembled this list to help some people that may run into the same issues as I have.

How to change the password for the Web Console if you are locked out

For some reason after I upgraded from WFBS 5.1 to 6.0 I was unable to login to the Web Console with my old password. Accessing the web console is pretty essential to managing WFBS so I had to find a way to reset it. Fortunately I had a backup of the ofcserver.ini file which contains an encrypted version of the web console password. I was able to replace the encrypted password in the new ini file with the one from the old file. You can reset your password by:

1. Stop the Trend Mico Master Service
2. Open up the ofcserver.ini (C:\Program Files\Trend Micro\Security Server\PCCSRV\Private\ofcserver.ini)
3. Find the line that starts with “Master_Pwd” and replacing it with this:

   Master_Pwd=!CRYPT!523DD5B28918ED6D2ED4C7DFFE949A638AA4D1C8B1D25440F37606AD23C793453C0043B1B483A2EADE21439233C

4. Save the file then Start the Trend Micro Master Service
5. Login to the Trend Micro WFBS web console, your password will be “P@$$w0rd!”.
6. You should now be able to login to the web console and set your password to whatever you like.

Trend Micro WFBS Client Security Agent Will Not Update

I noticed today that my Trend Micro WFBS Client Security Agent has outdated virus pattern definitions. It has been almost a week since they were updated! I tried to manually update on both the server side and the client agent but had no luck. The Client would tell me the update was successful, but the pattern version would remain the same. On the server end when I went to manually update I would receive a HTTP Timeout. The Trend Micro knowledge base is less than helpful… Anyways, it’s a relatively easy fix for any one else having this issue. Heres how I fixed it.

1. Login to your WFBS server and go to the downloads folder in the PCCSRV folder (usually located at C:\Program Files\Trend Micro\PCCSRV\Download).
2. Find a file called server.ini and rename it to server.bak
3. Login to the WFBS web console and go to Updates > Manual
4. From the list of components to update choose Antivirus and hit Update Now
5. The WFBS server should now fetch the update files.
6. Once the updates have been fetched your clients should now update with the new patterns!

I’m not entirely sure what causes this to happen. I found that this solution worked for me after some trial and error. It may work for you, it may not!

Splunk with SSL and Password Protection Using Apache

Splunk is probably the greatest tool that I’ve found for managing pretty much any kind of data. Firewalls, switches, windows servers, software logs… the list goes on! The creators of Splunk generously offer a free version with a few limitations which is perfect for those of us who aren’t huge enterprises. Unfortunately, one of the limitations is the lack of some type of authentication which is pretty crucial if your logs contain sensitive data. I’ve configured my Splunk installation so that it requires authetication through an Apache proxy. I’ve also enabled SSL to allow for encryption of web traffic. The following guide outlines the steps I followed in order to do so on Ubuntu 9.04. This is mostly just a combination of the following guides into one:

• Splunk htaccess Authentication
• SSL Setup
• IPtables setup

I recommend viewing them for a more detailed explanation.

This guide assumes you have a fresh installation of Splunk but should work fine with an existing one. If you don’t have a Splunk installation yet, you can install it quite easily:

cd /opt
sudo wget 'http://www.splunk.com/index.php/download_track?file=3.4.10/linux/splunk-3.4.10-60883-Linux-i686.tgz&ac=&wget=true&name=wget&typed=releases'
sudo tar xvfz splunk-3.4.10-60883-Linux-i686.tgz
sudo splunk/bin/splunk start
sudo /opt/splunk/bin/splunk enable boot-start

Note: Make sure you obtain the latest release. The address in the above wget is probably not the most recent version.

You will also want to enable https on the Splunk installation. You can do this bygoing to http://127.0.0.1:8000/ and clicking the Admin link on the top right part of Splunk Web.

How To Install OpenVAS Vulnerability Scanner on Ubuntu 9.04

OpenVAS is a great open source alternative to Nessus, which in the recent years has closed its source. Nessus still remains free to home users but requires commercial users to purchase a Professional plugin feed to obtain the latest and greatest plugins. If your IT department is running on a low budget, or you just prefer to stick to open source then OpenVAS is the way to go! OpenVAS has readily available installation packages for several different flavours of linux (Gentoo, OpenSUSE, Slackware, etc.). As of writing this, I am not aware of any installation packages created for Ubuntu. However, I was able to compile OpenVAS from source quite easily on Ubuntu by performing the following steps. For a more in depth look at installing and configuring OpenVAS check out the OpenVAS Compendium.
Prerequisites
First we need to install all of the dependent packages:

sudo apt-get install build-essential libgnutls-dev libpcap0.8-dev bison libgtk2.0-dev
libglib2.0-dev libgpgme11-dev libssl-dev htmldoc

Note: libgtk2.0-dev is only required for the OpenVAS client. htmldoc is only required if you plan on exporting reports to PDF from the OpenVAS client.
Getting the Files
Once those packages have installed we need to download the files required for OpenVAS. The links below may be outdated, make sure you obtain the latest version.

cd /tmp
wget http://wald.intevation.org/frs/download.php/572/openvas-libraries-2.0.2.tar.gz
wget http://wald.intevation.org/frs/download.php/561/openvas-libnasl-2.0.1.tar.gz
wget http://wald.intevation.org/frs/download.php/562/openvas-server-2.0.1.tar.gz
wget http://wald.intevation.org/frs/download.php/576/openvas-plugins-1.0.6.tar.gz
wget http://wald.intevation.org/frs/download.php/575/openvas-client-2.0.3.tar.gz

Now that we have downloaded the required files we must sompile and install the packages in the following order:

openvas-libraries
openvas-libnasl
openvas-server
openvas-plugins

Install OpenVAS Libraries

Start by untarring the openvas-libraries and compiling/installing it:

tar -xvf openvas-libraries-2.0.2.tar.gz
cd openvas-libraries-2.0.2/
sudo ./configure
sudo make
sudo make install

Install OpenVAS libnasl
Next untar the openvas-libnasl and compile/install it:

cd ..
tar -xvf openvas-libnasl-2.0.1.tar.gz
cd openvas-libnasl-2.0.1/
sudo ./configure
sudo make
sudo make install

Install OpenVAS Server
Next untar the openvas-server and compile/install it:

cd ..
tar -xvf openvas-server-2.0.1.tar.gz
cd openvas-server-2.0.1/
sudo ./configure
sudo make
sudo make install

The OpenVAS libraries, libnasl, and server packages should now be installed. We now have to make sure that /usr/local/bin and /usr/local/sbin are in our PATH. We can do that by typing in:

echo ${PATH}

In the output from the above command you should see /usr/local/bin and /usr/local/sbin somewhere. If you don’t you will have to add those entries to the PATH environmental variable manually.
Install OpenVAS Plugins
Our next step is to compile/install the plugins:

cd ..
tar -xvf openvas-plugins-1.0.6.tar.gz
cd openvas-plugins-1.0.6/
sudo ./configure
sudo make
sudo make install

Note: The plugins may take a while to make… be patient.
Now we have to setup the symbolic links:

sudo ldconfig

Generate a Certificate
We are now ready to generate a certificate for our OpenVAS Server, make sure to enter values relevant to your location.

sudo openvas-mkcert

Create a User
Now we need to add a user:

sudo openvas-adduser

Enter a username and choose your authentication method. Hit ctrl-d when you are prompted for rules if you dont want any scanning restrictions.

sudo openvas-nvt-sync

And at last… the moment of truth! Start up the OpenVAS server daemon:

sudo openvasd -D

Install the OpenVAS Client
Now that the server is setup you can setup the client to run the scans:

cd ..
tar -xvf openvas-client-2.0.3.tar.gz
cd openvas-client-2.0.3/
sudo ./configure
sudo make
sudo make install
sudo OpenVAS-Client

The client can be installed on any computer that has access to the server. Once it is installed you just have to connect, setup a scan and you’re done! Stay tuned for another blog post on configuring scans with the OpenVAS Client.

Page Not Found When Posting or Editing WordPress Posts

Today I was copying over some old posts I had on another WordPress install and for some reason when I went to edit one of the posts I was redirected to a 404 error. I thought this was odd, so I tried to repost the item as a new post. I still received the 404 error! After some Googling I found this blog post which outlined some solutions to this problem. It appears that some people have had some luck using those solutions. However, none of them worked for me… even encoding the whole post into HTML entities!
It is indeed a problem with a security module in Apache. If you are as unlucky as I was to still have the problem after trying out the solutions in the blog post above, then you have the joy of tracking down the specific word that appears to be the problem. In my case, I was posting a code snippet from my post on Caching Data with CakePHP. For some reason mod_security was flagging my use of the word “settings”. Once I changed the variable names in the post it worked flawlessly.

Caching Data Queries in CakePHP

In a recent CMS project in CakePHP I was loading in some data from a model to use nearly on every page. This data is not updated very often, so I figured I would cache the query. The method of caching data I am going to outline can be done not just for queries… but for any kind of data really. Lets get started!
The Cache Function
CakePHP’s cache function is quite easy to use. The code snippet below shows how to use it.

1
2
3
4
5
6
7
8
9
10
11
$cache_name = ‘query’;
$cache_data = Cache::read($cache_name);
if (empty($cache_data))
{
$dataModel = $this->Model->find(’first’);
Cache::write($cache_name, $dataModel, array(’config’ => ‘File’, ‘duration’ => 7200));
}
else
{
$dataModel = $cache_data;
}

The code above attempts to read in the data from the cache, given the $cache_name. If the data is not found, the query is executed and then written to the cache. As you can see in the Cache::write I am using the File engine for caching, but you can use whichever you desire. I also set the duration to 7200 seconds (2 hours). If the cache data IS found then the query is skipped and the cache data is assigned to $dataModel. Pretty nifty eh?
I also believe that when you do a save operation on the Settings model Cake knows to automatically remove that cache data, so you don’t end up with out of sync info! If for some reason you want to manually delete the cached data you can use: Cache::delete($key) for a specific key, or Cache::clear() to delete everything in the cache.

Share Your CakePHP Core and Application Files Server Wide

If you are deploying several Cake applications server wide you may want to keep the Cake core in one central place so that it can be easily updated. In order to do this place the cake core directory somewhere on your server where is can be accessed. For example /usr/lib/php/cake. Then, when you create your applications open up your root index file and replace the following:

1
2
3
if (!defined(’CAKE_CORE_INCLUDE_PATH’)) {
define(’CAKE_CORE_INCLUDE_PATH’, ROOT);
}

with this:

1
2
3
if (!defined(’CAKE_CORE_INCLUDE_PATH’)) {
define(’CAKE_CORE_INCLUDE_PATH’, DS . ‘usr’ . DS . ‘lib’ . DS . ‘php’ . DS . ‘cake’);
}

You are now using the common cake core. When a new update comes out to the library, just replace the files in /usr/lib/php/cake with the new version!
If you want to go a step further and share some of your own models, views, controllers, behaviors, helpers, or components between applications you can use a similar technique. For example create a folder in ‘/usr/lib/php/models’ and put all your common models in that folder, then in your application open up bootstrap.php and add the following:

1
2
3
$modelPaths = array(
DS . ‘usr’ . DS . ‘lib’ . DS . ‘php’ . DS . ‘models’
);

Like I said the same thing can be done with views, controllers, helpers, behaviors or components. The cookbook says how! This is pretty handy for when you find a bug in a model and you have several applications using that model!

Tip: Build Forms Quicker in CakePHP

The form helper is great and has saved me many hours of manually coding form inputs. This article will show you how to use the $form->inputs() function to automagically build a form.

Beginning CakePHP: The MVC Mindset

The manual for CakePHP has a pretty basic explanation of what MVC is. This article will explain things in a little more detail because the MVC pattern is crucial when it comes to using CakePHP. If you are not familiar with the MVC design pattern, read on…