Well, we’re back … Finally!
I’m going to be doing a little clean-up here, in addition to working on a new web site! Wow. So, I’ll be pulling some things off here and adding some new things. I never realized how quickly this became cluttered with rubbish. So stay tuned. Okay?
Thanks!
=-=-=-=-=
Powered by Bilbo Blogger
For anyone who can get through the firewall to read this blog, this post is to let you all know that because we’re moving soon, I mean physically moving, and the servers will be taken down to move them, there’s a real good possibility that this domain will not be re-instituted at the new location. I don’t know if the ISP who handles my routing would be able to move the IP block to a different DSL circuit. Getting everything set-up again will take months to accomplish. So, I won’t be posting any more entries here.
All new entries will be found at: http://dispensationalthoughts.wordpress.com/ . Just copy & paste.
Thanks to those who have read. I hope you’ll continue to follow my blog at the other site.
=-=-=-=-=
Powered by Bilbo Blogger
Here’s something to think about. The U.S. Dollar before those bastard Progressives took over everything:
I left the images huge so you can get all the detail at first glance.
None of that Federal Reserve/Illuminati crap on this one.
However, if you really love the Illuminati, go get a motorcycle and join their bike gang.
If you love the Federal Reserve, sorry, they have no bike gang. Just go hang yourself. No one will miss you.
What a world we live in.
TTYL!
=-=-=-=-=
Powered by Bilbo Blogger
Gawd. Here we go again. IP – 65.19.167.132 Attempted to steal my password. A thief and a liar.
I guess the US Naval Research Labs, calling itself Hurricane Electric, 760 Mission Ct., Fremont, CA 94539, (510) 580-4100, thinks there’s something of value here on my silly little blog server. Something worth trying to log in and snatch my password.
Well. Guess what? There isn’t. Period.
See. This is proof positive that that Zika virus has been around a long time. Another brain-damaged, tiny-headed cretin has been hired by our Great and Terrible government, tasked with trying to steal passwords from my computer.
Maybe. Now, it’s not definite but, maybe, it’s one of those Chinese-people, who has hijacked that IP and is using it in an effort to hijack other IPs. Well, I don’t care. Tell you what. If you’re one of those Chinese persons, see, I’m watching a video that shows a bunch of Chinese guys making gold ingots. They look pretty heavy. Maybe 10 – 20 pounds. Give me one (leave it in the drop box … you know where it is), and I’ll give you your own account on this computer. I suppose that’s not as exciting as trying to break-in and steal the passwords. Right?
Now, have you ever read such a worthless bunch of crap as what you just read?
That’s an example of what you’d find here. Is cracking me really worth your time? Besides. I’m moving soon and I’ve not yet decided if maintaining this domain and these servers is really worth my while. This used to be fun but now, thanks in part to people like you (and my serious loss of interest in the Internet), it’s just become a royal pain in the ass, or PITA, for those of you who cannot communicate outside of acronyms.
I need a good picture for you. Give me a minute and I’ll see if I can find one.
How’s this one?
Oh. I forgot. I can upload one. Lemme see what I’ve got.
Imagine how you’d feel seeing this guy, sticking his head through your Mom’s basement window, watching you trying to steal my passwords.
Don’t laugh.
It could happen.
=-=-=-=-=
Powered by Bilbo Blogger
Really? So, did you have a massive brain-fart down in Scottsdale? All that hot sun dried-up all your brain cells?
User IP: 166.62.38.64
User hostname: ip-166-62-38-64.ip.secureserver.net
User location: Scottsdale, United States
Stupid chicken. Don’t even waste your time. I own the box & can pull the plug, in the unlikely event you got in.
Maybe you should go run another line, Pissant.
=-=-=-=-=
Powered by Bilbo Blogger
Suppose you want to download a whole slug of files from Sourceforge, or any other place that downloads like Sourceforge does.
What I mean by that is, does the site present you with a URL that looks something like this:
http://sourceforge.net/projects/notarealproject/files/subjecta/Sounds/lowsound.whatever/download
Notice how the end of the URL has a "download" suffix? The filename you want comes before that as: "lowsound.whatever".
Now, let’s suppose there are 100-files you want to download. Hey, they are part of the application you downloaded earlier, but weren’t included initially, for some reason.
Okay, here’s what you can do. First, make sure you have a good clipboard manager installed, like Parcellite, the lightweight GTK+ clipboard manager. Yes, this is for Linux. Anyone else, well as they say, YMMV.
Open a terminal session & create a directory to work in and change "cd dirname" to it.
Open a file with your favorite text editor (ed or nano) call it lowsound.urls.
Navigate your web browser to the Sourceforge site you’re interested in. Locate the files you want to download. Just right-click your mouse on each filename, copy & paste each one into your file (lowsound.urls). Be sure to start each file on a new line.
Save the file when you’re done.
Assign a shell variable to contain your URL list. Something like: URLS
Now, copy the files to the variable
URLS=`cat lowsound.urls`
Yes, that’s the grave accent "`"
Check it
echo $URLS
You should see a single line of space-separated URLs.
Now, if you run this command-line BASH script:
for u in $URLS; do wget $(echo $u | tr ‘\n’ ‘ ‘; echo "-O" | tr ‘\n’ ‘ ‘; echo $u | sed ‘s/\/download//’ | sed ‘s/.*\///’); done;
All those files will be downloaded & they will have the filenames they are supposed to have.
How it works.
The script parses each individual URL contained in $URLS and passes the results, as an argument, to the "WGET" program, which downloads & saves the files.
for u in $URLS – "u" is the number of URLs contained in $URLS.
$(echo $u | tr ‘\n’ ‘ ‘; echo "-O" | tr ‘\n’ ‘ ‘; echo $u | sed ‘s/\/download//’ | sed ‘s/.*\///’);
These four piped commands display the the individual URLS with the newlines at the end of each one converted into spaces. It next adds the "-O", with:
echo "-O" | tr ‘\n’ ‘ ‘
to the command as an argument for wget, instructing it to use a specific filename instead of just defaulting with whatever is at the end of the URL string.
Next, the URL is brought-up again with:
echo $u
which is piped through SED twice:
| sed ‘s/\/download//’
which substitutes the string "/download" for the NULL string. Finally, the URL is stripped down to the actual filename by:
| sed ‘s/.*\///’
leaving us with the actual filename of the source file we’re trying to download.
The ";" ends this iteration of the command.
Enclosing the set of commands in $( …) causes the generated string to be passed to WGET as it’s arguments.
The "for – do – done" construction causes the commands to be run against each URL contained in $URLS, until "u" equals zero.
=-=-=-=-=
Powered by Bilbo Blogger
CentOS 6
If you’re like me, you like testing software in a virtual machine, before committing it to your live system. That’s what I do with Oracle’s VirtualBox. Something you might have noticed is that the VirtualBox yum repository doesn’t work all that well with CentOS, (as it’s not really for CentOS in the first place). At least, that was the case for me. The manual way of keeping your VirtualBox and the extension pack installation is more annoying than it is anything else.
After searching for an automated way to perform updates, that didn’t demand my complete attention, and seeing that a lot of other users were looking for something that would do similar, I wrote this little script which, only requires you browse the download site with your browser and identify the major, minor and release numbers of the version you’re looking to get. That’s easy enough to do by just hovering your mouse over the link of the VirtualBox version you want. Run this script in a terminal window, plug-in the major, minor and release numbers when prompted, then go back to work while the script downloads and installs an updated VirtualBox for you. The script is heavily commented so it’s clear what I’m doing and why. Be sure to watch those end-of-lines. They might be wrapped in your browser. Check them carefully.
Anyhow, not meaning to be pragmatic, this little script works for me. Saves time. If it’s useful to you too, Dear Reader, then you’ve discovered why I posted it.
Just copy & paste the following into an ed or nano session (yeah, you can use vi, but only if you have six arms with three hands on each one), save the buffer as "InstallVirtualBox.sh", or whatever name you prefer, apply execute permissions and that’s it.
.
#!/bin/sh
#---------------------------------------------------------|
# |
# Install new VirtualBox version. |
# |
# This script will download and install both VirtualBox |
# and the corresponding extension pack into /opt |
# |
# This script assumes that the directory "/opt" exists, |
# and that the user has sufficient "sudo" privileges. |
# |
#---------------------------------------------------------|
# Initialize variables
MAJOR=
MINOR=
RELEASE=
VERSION=
VBOXDOWNLOAD=
#
# Gather version information
#
echo VirtualBox and Extension Pack Installer
echo Enter VirtualBox Major '(as in 5):'
read MAJOR
echo Enter Minor number '(as in 0.2):'
read MINOR
echo Enter Release number '(as 102096):'
read RELEASE
#
# Assign version for downloads
#
VERSION=$MAJOR.$MINOR-$RELEASE
VBOXDOWNLOAD="VirtualBox-$VERSION-Linux_x86.run"
#
# Wait for user to give the okay signal.
echo Press ENTER to download $VBOXDOWNLOAD
read
#
# Check to see if the requested file exists. If it does,
# skip the download/compile/install operation.
#
if ! test -f $VBOXDOWNLOAD
then
echo Downloading $VBOXDOWNLOAD
wget http://download.virtualbox.org/virtualbox/"$MAJOR.$MINOR"/"$VBOXDOWNLOAD"
chmod +x $VBOXDOWNLOAD
sudo ./$VBOXDOWNLOAD
echo Press ENTER to download Oracle_VM_VirtualBox_Extension_Pack-$VERSION.vbox-extpack
read
else
echo File Exists ... Skipping
fi
#
# Inform the user of the next operation and wait for the okay signal.
#
echo Press ENTER to download and install the Extension Pack
read
#
# Check to see if the requested file exists. If it does,
# skip the download/compile/install operation.
#
if ! test -f Oracle_VM_VirtualBox_Extension_Pack-$VERSION.vbox-extpack
then
wget http://download.virtualbox.org/virtualbox/"$MAJOR"."$MINOR"/Oracle_VM_VirtualBox_Extension_Pack-"$VERSION".vbox-extpack
sudo VBoxManage extpack install --replace ./Oracle_VM_VirtualBox_Extension_Pack-$VERSION.vbox-extpack
else
echo File Exists ... Skipping
fi
# VirtualBox and it's Extension Pack have been downloaded and installed.
# Let the user know all went well.
#
echo Operations successful. VirtualBox is ready to run
Remember #Ford’s nonsense commercials for the "foot operated liftgate" on their new whatever they are vehicles?
Yeah, so do I, and I can’t stand them.
Their vehicle has a foot activated hatchback, not any sort of "liftgate".
Now, I know the difference and for the rest of the world, in an effort to put an end to Madison Avenue propaganda, I offer up the following visual aid:
‘Nuff said.
As most everyone knows, services like Twitter and Facebook changed their APIs awhile back, effectively killing all the 3rd party client programs that we all loved using. The Fabina Socialist micromanagement has even infected the Internet, it would seem. Well, the Internet has an answer to that; for Facebook, at least, and it comes from one James Geboski. It’s called "purple-facebook", a protocol plugin that lets you chat on Facebook, using Pidgin, without having a memory-hogging browser window all the time. You can download it from: https://github.com/jgeboski/purple-facebook. Heh. I remembered how to construct an HTML link without looking it up. The coconut oil must be working.
Now, the plugin is written for the latest distros of, I believe from the comments on the wiki, the African distro (that’s Ubuntu, which sounds like the name of an African native tribe, for those of you who never got my "humor/sarcasm"). Well, being a server guy, raised on Red Hat, I run CentOS. In this case, CentOS 6.7. I ran into some issues building facebook-purple for my platform. I thought I’d post a question on the wiki, just to see if there was a quick answer.
No chance. I received an email response which reads:
"I can only assume the first error is from an old version of aclocal. As for the missing m4_esyscmd_s macro, it was introduced in autoconf-2.64, and CentOS 6 has autoconf-2.63. I really have no interest in supporting software, which was released over six years ago. I have added a check as of 7443c55, which checks for autoconf-2.64.
"You could try using ./configure with one of the release tarballs. However, it appears you are going to run into issues with json-glib being out of date as well."
If you’ve read any of my previous posts, you already know that one of my "hot button" issues is being told that the solution to my problem is to upgrade/change my distro. That’s not a solution; that’s a cop-out.
The first problem I encountered was a syntax error in the Makefile.am file. The first line looked like this:
ACLOCAL_AMFLAGS = -Im4
I changed it to this:
ACLOCAL_AMFLAGS = -I m4
which worked. I guess the CentOS version of aclocal is more pedantic than the African distro’s is. I did install autoconf-2.64 which fixed the missing macro m4_esyscmd_s error. I also installed automake-1.15 from source as well. CentOS doesn’t yet have these versions packaged, so I just compiled and installed them. I’ll work on srpms later.
The json-glib-0.14.0-1.fc16.i686 is sufficient. Be sure to install the -devel package too.
I’ll assume you’ve installed all the required development headers for the kernel, glib and glibc. At this point, the plugin should compile, from autogen.sh, and install the library in /usr/lib/purple-2.
Now, download, compile & install Pidgin. I used pidgin-2.10.11.
After running the .configure script, you’ll notice a lot of options that are not compiled in. Most of those are available on the CentOS, EPEL or RPMFORGE repos.
Here’s what I ended-up with:
pidgin 2.10.11
Build GTK+ 2.x UI…………. : yes
Build console UI………….. : yes
Build for X11…………….. : yes
Enable Gestures…………… : yes
Protocols to build dynamically : bonjour gg irc jabber msn myspace mxit novell oscar sametime silc simple yahoo zephyr
Protocols to link statically.. :
Build with GStreamer support.. : yes
Build with D-Bus support…… : yes
Build with voice and video…. : yes
D-Bus services directory…… : /usr/share/dbus-1/services
Build with GNU Libidn……… : yes
Build with NetworkManager….. : yes
SSL Library/Libraries……… : Mozilla NSS and GnuTLS
Build with Cyrus SASL support. : no
Use kerberos 4 with zephyr…. : no
Use external libzephyr…….. : no
Use external libgadu………. : no
Install pixmaps…………… : yes
Old tray icon compatibility… : no
Install translations………. : yes
Has you………………….. : yes
Use XScreenSaver Extension…. : yes
Use X Session Management…… : yes
Use startup notification…… : yes
Build with GtkSpell support… : yes
Build Unity integration plugin.: no
Build with plugin support….. : yes
Build with Mono support……. : no
Build with Perl support……. : yes
Build with Tcl support…….. : yes
Build with Tk support……… : yes
Print debugging messages…… : no
Pidgin will be installed in /usr/bin.
I then ran "make" and "sudo make install". After a few minutes of i686 crunching away, Pidgin with Facebook chat capabilities was installed and working.
Any questions? Contact me on ICQ at: 156413604 and I’ll try and help you out.
Today I had plans to work on my pickup truck. It has a leaking clutch slave cylinder. It leaks so badly that now, it pees hydraulic fluid on the ground, just sitting in the driveway. I’ve got to change that thing but, today, it’s raining, and who wants to work under a vehicle, in the rain?
Not me, that’s for sure. So, I thought I’d add a little to my blog. We’ll see if anyone of consequence is interested in what I’ve got to say today.
When you run your own little network in your basement or, scattered through your house, as in my case, and that network has Internet exposed servers running your personal web site, blog, DNS servers; you know, the usual stuff you might find at an ISP, the last things you want to contend with are the hordes of script kiddies, criminal Crackers, terrorist organizations, data miners, and belligerent government entities who seem to have made careers out of gobbling-up all your bandwidth with their scans, probes, attempts to break-in to your network, DoS attacks, trashing your web sites, data miners cataloging your network, and whatever the "Crack du jour" happens to be at the moment. There is, at least, a partial solution to these problems, and it comes courtesy of the Netfilter folks. I’m talking about Iptables, Xtables-addons, and Firewall Builder.
IPtables provides the framework for building comprehensive firewalls, and Xtables-addons provides the modules for the TARPIT and GeoIP targets. Firewall Builder is the best tool available for constructing the rule sets necessary to dispose of the vast majority of Internet Crackers and their ilk.
Now, if you know what I’m talking about here, and if you’re running Centos 5, you realize that not all of the tools are available to you. Or, are they?
When I noticed the number of crack attempts coming from places like Red China, Russia, North Korea, Eastern Europe, and Muslim countries in Asia and the Middle East, I started investigating ways to keep the hordes out.
I spent hours, days, and weeks using block lists if individual IPs and networks, which eventually became so large that, it took as long as 20-minutes for my firewall to reboot. Clearly, that was the wrong approach.
So, I kept hunting.
I read about GeoIP but that seemed to be more web server oriented, and more trouble to implement that I really wanted to contend with, and it didn’t protect the network from all the other cracking attempts out there.
The search continued.
Almost by accident, I stumbled upon Xtables-addons, and to my surprise, it had a GeoIP target. Unfortunately, there didn’t seem to be any packages available for Centos 5 with the latest iptables and kernels. I did find a compatible iptables and Xtables-addons packages on the OpenFusion repo. Still, they wouldn’t work with the latest Centos 5 kernels.
What to do?
I began with creating a VirtualBox VM using the latest Centos 5. I installed the repo files for OpenFusion and RPMForge . Well, that wouldn’t work because of my kernel. So I manually downloaded and installed the following:
iptables-1.4.3.2-2.of.el5.i386.rpm
iptables-devel-1.4.3.2-2.of.el5.i386.rpm
iptables-ipv6-1.4.3.2-2.of.el5.i386.rpm
xtables-addons-1.15-1.of.el5.i386.rpm
kernel-module-xtables-addons-2.6.18-128.1.6.el5-1.15-1.of.el5.i386.rpm
kernel-2.6.18-128.1.6.el5.centos.plus.i686.rpm
kernel-devel-2.6.18-128.1.6.el5.centos.plus.i686.rpm
I had to versionlock the kernel and then I modified menu.lst to make the 2.6.18-128 the default kernel to load. Then, after I configured the geoip module, downloaded and set-up it’s databases (from MaxMind GeoIP, be sure to select the legacy database), I rebooted the VM.
To my surprise, everything still worked. I was ecstatic. The possibility of regaining control of my bandwidth and hardening my little network was becoming an achievable goal.
Now, I had to replicate that configuration on a live server. Sometimes, what works in a VM, takes a dump on a live server. Fortunately, I’ve been collecting computers since 1979 and just happened to have an old Dell 2850 with 4-ethernet interfaces that wasn’t doing anything of value, so it became the firewall test bed.
That worked too. Now, to modify one of my working servers.
I started with a web/DNS server and the new configuration worked there as well. I added a few rules to it’s IPtables, geo-blocking China, to start. Then, I waited. Soon my screen was full of all manner of scans, probes, crack-attempts, DoS attacks that were being intercepted and dropped by the GeoIP module; and this was just from Red China!
So, I replicated the configuration on the primary firewall. Wow! I watched as more and more system resources and Internet bandwidth became available, as I added more countries to the geoip firewall rules. Make each country an individual rule as there’s a limit to how many a single rule can handle.
Having succeeded with GeoIP, I tested the TARPIT target on some IPs that constantly hammer on port 22 (ssh). We will let them waste their system resources thinking a TCP (the TARPIT target only works with TCP connections. Use the DROP target for UDP,) session is open when it’s not. Nobody seeking to utilize my network resources for legitimate purposes will be knocking on ports 22 and 23. Only someone with nefarious intentions will do that. Hence, I clear my nose in their general direction and TARPIT their connections.
Well, it looks like the rain has stopped, for the moment, at least. I think I’d better go get that slave cylinder replaced on my pickup, so I’ll close this for now. If any readers find this information useful: "You’re welcome."
Xtables-addons: http://xtables-addons.sourceforge.net/
Xtables-addons modules: http://xtables-addons.sourceforge.net/modules.php
Xtables-addons man page: http://dev.medozas.de/files/xtables/xtables-addons.8.html
MaxMind GeoIP: http://geolite.maxmind.com/download/geoip/database
CentOS: http://www.centos.org/
OpenFusion Repo: http://repo.openfusion.net/centos5-i386/
Centos Vault repo: http://vault.centos.org/5.4/centosplus/i386/RPMS/