Well Documented

Simply Solutions

Archive for the category “Linux”

Add a USB port to your WRT54Gv4

This slideshow requires JavaScript.

Chip designer have to think broadly if they want their product to be profitable. Often, they include features in their chips that aren’t implemented in a final product because they’re cost prohibitive or aren’t necessary. So when Linksys was forced to publish their API because they used software that was part of the GPL, that gave hackers full access to all the hardware in their products. Software like dd-wrt, OpenWrt, and others, added new features to the routers by replacing the proprietary and inaccessible firmware (the operating system running on the router) with open-source firmware.

A wonderful walk-through that is almost a perfect analog for this post is Void Main’s wiki article on USB modding a WRT54Gv3.

After installing dd-wrt on my router and confirming that it’s chipset ( Broadcom BCM5352) has an on-board USB 2.0 controller, I loosely followed this article to break out a single USB port (I felt two wasn’t necessary for a git server). USB is driven by a clean 5V DC power source, and the router is driven by a 12v DC ~1A power supply, so I built a circuit around a 7805 5V regulator that I pulled out of a stereo, some filtering capacitors and resistors to comply with the USB standard, and tapped the USB hub on the BCM5352 for the USB + and – channels. After that, I followed this walk-through to setup git on the router and ensure the files were kept on a thumb drive and not in local memory (which is 16MB and nowhere near large enough for file sharing).

Unfortunately, this project was done with time constraints because it did need to be implemented same-day to host files, so the photo documentation was sparse and is not exactly linear. Please post any questions you have and I’ll do my best to answer them.

There are hints on this process all over the place :

7805 USB power circuit

Evidence of a USB controller

Linksys WRT54Gv2 USB mod

Advertisements

Choosing a Strong Password

I’m sure you thought that your dog’s name was an easy thing to remember when checking your email on a daily basis. Unfortunately, this is exactly what hackers and social engineers are counting on. Your password should have absolutely nothing to do with you on a personal level. That means no birthday, middle name, pet name, favorite food, or anything like it. In today’s social networking world, you give up your personal information voluntarily., so don’t rely on it to remember your passwords. Let’s begin with a few common complaints about complex passwords and find some reasonable solutions:

“If I make the password too complicated, I’ll never be able to remember it.”

Write the password down in a “password book” and keep it in a secure location. Never store your passwords and account information digitally (in a file on your computer), otherwise your password might as well be public information, because a single successful attempt to breach your firewall and gain access to your filesystem would also mean easy access to your passwords. Once you’ve referenced the book for your passwords a few times, you’ll remember them as easily as your ex-girlfriend’s phone number (which I still can’t seem to forget). Don’t write it down on a yellow sticky note and place it on your monitor or under your keyboard either. These are common places for social engineers to look (consider the film Terminator and the keys under the sun visor). Not being able to check your email until you get home to look in your password book is much better than leaving your password in an easily accessible place. If you’re going to do that, you might as well print your emails out and leave them on your desk. Never use complete words in your password, even if they aren’t english words. If you absolutely insist on using a word to help you remember a password, consider L33t.

“One secure password is good enough for all of my accounts.”

The problem with this notion is that different accounts use different security protocols. Some of your accounts may not accept more than alphanumerics (letters and numbers). Some accounts may store passwords in insecure locations, leaving you vulnerable every time you sign on. The best safeguard against this is to select a unique password for each account you have.

“I’ll just rely on a password generator to create random passwords for me.”

Generating your own random passwords really is more secure, because it’s based on algorithms that you create. It doesn’t have to be overly complex either. Consider this method: Open a book or other analog document that isn’t personal to you and select every 15th character (or every 7th. This number is random, but generally depends on average sentence length), whether it be a letter, number, or punctuation. Perhaps a mathematics or programming book. Even a cook book would be sufficient. Do this between 12 and 24 times, until you’ve found a reasonable character set. This blog would not be considered a particularly good dataset because it lacks a decent mixture of numbers and punctuation. In the first 15 characters, only one punctuation character appears (hnnci.taie). The longer the selected character string, the greater the variation of the string, allowing you to select a password from within he character string. For example, in the character string “Eqi%v3FW4)saI,vhe%G”, you could select the first 8 characters, or the last 8, or the middle 10 if you desired. Keep in mind that longer passwords are inherently more secure.

“How could they even guess my password? It’s not posted on my Facebook account.”

One type of brute-force password-obtaining method works like a tumbler, working on each character in sequence from the beginning of the password to the end. Most accounts have a minimum character requirement of 6, so modern tumblers don’t bother testing string lengths shorter than 6. Depending on the tumbler method, it may start with the string “aaaaaa”, or “zzzzzz”, or some obscure string based on an algorithm designed to guess obvious passwords, such as by comparing it first to dictionary words. Assuming the first method, a tumbler would be able to break the password “aaaaaa” on the first try. If the tumbler varied string length before characters, any number of ‘a’s would still require very little time to break. If the tumbler attempted capitalization of each character first, the password “Aaaaaa” would be defeated on the second attempt, and the password “AAAAAA” on the seventh (or much later, depending on the algorithm used). If the password contains only lowercase alphabet characters, which insecure passwords often do (and modern tumbler often attempt these combinations first), then each character will be one of 26 possible characters. A string length of 6 means 26^6 attempts are required to exhaust all possible combinations, or approximately 300 million. This may seem like a large enough number, but anyone with access to multiple machines can reduce the time required significantly. An alphanumeric password jumps the attempts to 36^6, or approximately 2 billion combinations. Allowing for capitalization effectively doubles the alphabet to 52, requiring 62^6 attempts to break a 6 character password, or approximately 57 billion combinations. Adding special characters to this (punctuation is one type) increases this number to around 91 (depending on the password protocol), requiring over 560 billion attempts to exhaust all combinations. Since password length increases the attempts exponentially, a bare minimum of 8 is the safest. Thusly, 26^8 is around 208 billion, which quite a deal larger than 300 million, and an extremely secure password might utilize any of the 91 characters 8 times, requiring 4.7 trillion attempts to exhaust all possibilities. This is why “chuckles” is a bad choice.

To sum up: create a randomized password with a bare minimum of 8 characters and utilize capitalization, letters and numbers, and random special characters such as commas and hashes and asterisks. Create your own from texts so that even the source of the password is obscured. Never store your password anywhere digitally and do not write it down anywhere but in one secure location, preferably in a book which only you have access to.

Time a Compilation in Linux

Time is a part of the bash shell and is a very useful program. With it you can easily determine the time it takes your machine to complete any shell task. The syntax depends on the bash command.

for a simple command like cd, the syntax is:
time cd

for a series of commands separated by &&, the syntax is:
time { cd && ls; }

Timing the amount of time it takes to configure and build an application is probably the best example of this feature. For example:
time { ./configure && make depend && make; }

Another great example is using time with Locate to determine seek time. For example:
time locate manual.pdf

Access an Alcohol 120% Image on a Mac

This procedure is not for the light of heart. It involves using the popular linux program Wine to run another program called AnyToISO, which can then be used to convert the Alcohol 120% file images (extension .mdf and .mds) into an .iso image. The .iso image is then readily mountable on any system.

My current system is a MacBook Pro Intel running Mac OS 10.6.2. with Xcode 3.2.1. installed. You will need Xcode to compile Wine.

Download the latest Wine source by visiting this link. We’ll assume that you haven’t changed your default download location and that it downloaded to your Downloads folder. Launch the Terminal application using Spotlight and use it to change directories to your Downloads directory by typing:

cd ~/Downloads.

Extract the tarball by typing:

tar xvf wine-1.1.34.tar.bz2.

If it is a new version of Wine, the filename is obviously going to be different. Make changed accordingly. Change directories into the newly created directory by typing:

cd wine-.1.1.34.

We are going to build Wine from scratch. Wine’s wiki has a section on building for the intel Mac here. As the wiki indicates, we need to run a few exports to build Wine with minimal fuss. Cut and paste the following code into the terminal, making sure to hit enter afterwards.

export CFLAGS="-arch i386 -m32"
export CXXFLAGS="$CFLAGS"
export CPPFLAGS="-I/usr/X11/include"
export LDFLAGS="-L/usr/X11/lib"

Build the package by typing:
./configure
make depend && make

At this point I recommend downloading AnyToISO by clicking here. Change directories backwards by typing:

cd ..

Now run the newly downloaded executable with Wine by typing:

./wine-1.1.34/wine anytoiso.exe

Wine will eventually complain that Gecko isn’t installed. We don’t need it, so click on Cancel. The setup window will finally come up for AnyToIso converter. Click Next until you get to Install, then click Install, the finally Finish. The window that pops up won’t have any font displayed. It doesn’t matter. Click on the top right button with the folder icon on it and locate your .mdf file. Open it. Returning to the previous window, click on the botton left button with a disc and an arrow on it. It will show a progress bar which is converting your .mdf file into a .iso file in the same directory where you were.

Download Torrent Files on Mac OS X or Linux

Transmission

Well known already in the Linux community, Transmission provides lightweight torrent downloading capability and because it is open source, you know exactly what’s inside. No preservatives here!

Useful Terminal Commands

Every other person who uses or has used Linux or UNIX has written an article on useful commands. I want one too.

Launch the Terminal application by using Spotlight. If you’re using some flavor of Linux and you can’t find the terminal, you should seek another operating system.┬áTo save you the reading, I’ll list a few commands in order of their probable discovery and usefulness.

* I’ll give you just one warning: anything you do or change is permanent here. If you move or remove a directory which has files in it, they will not come back. The Terminal is powerful and with great power comes great danger.

Commands are entered at the prompt and typically accept delimiters/options and arguments. Any possible commands will be listed in blue.

man is probably the most useful command. It accepts the name of any command as it’s argument. Try manning man by typing man man. Read through the manual page. I recommend manning every command listed and experimenting with different options in order to better understand them.

pwd displays the current working directory, which is the directory which you are currently in.

ls lists the contents of the current directory. Consider ls -a -h -l ./, which lists the current directory, referred to by the dot and slash ./, with the format list -a for all, -h for human readable and -l for list. The same command can be accomplished in shorthand by typing ls -ahl. I find it important to know the origins of a command as well as the shorthand.

clear is a useful command for people who can’t stand clutter.

cd stands for change directory. You can cd into any directory in your current working directory or by typing cd and the name of the directory or folder. If you cd without any arguments, you will return to your home directory, which you can then use pwd to determine. If you wish to change to a specific directory, follow the command with the name of the directory exactly as it would appear from the root, which is /. Change to your root directory with cd /. You are now at the “beginning” of your file system. Navigate to /Volumes/Macintosh/Users/ and list the directory (ls). You’re in the directory one higher above your user directory. Navigate to your user directory from here. You will notice that /Volumes/Macintosh/Users/”User Name” is exactly the same directory as /Users/”User Name”. While in this directory, type pwd -P in order to show the “symbolic name” of the directory. The operating system utilizes a bit of trickery in order to make certain directories easier to access. If you would like to navigate backwards or upwards in a directory to the “parent directory,” use cd ..; that’s change directory dot dot. You can concatenate these commands as well. Consider cd ../..; that’s change directory dot dot slash dot dot.

mv stands for move. move can be used to move and rename files. If you wish to rename a file or directory, the first argument will be the old name and the second the new name. Consider: mv oldName newName. If the second argument is a directory, it will relocate the directory into the directory provided.

rm stands for remove. This deletes files permanently. You can remove directories with the option -r. You may also consider rmdir to remove directories.

mkdir stands for make directory.

touch can be used to create text files by giving the file name as the argument. Consider touch testfile.txt. touch has another primary purpose, which man should clear up.

vim is a powerful text editor. nano is a much simpler text editor. Man both of them and determine the differences for yourself.

Rip a Streaming File with Firefox

Download or launch Firefox 3.5 or newer and download Video DownloadHelper 4.6.4 or newer and follow the instructions.

Navigate to your favorite streaming site such as youtube.com and click the dropdown menu arrow to the right of the linked red, yellow and blue orbs. It will list what files are available on this site for download.

If the site is more ornery and causes the colored orbs to grey out and go inactive, consider this: load the page with the file in question but begin the download while the video is in the early stages of caching. This may trick the server into allowing the transfer.

Restore a Damaged GUID Partition Table Startup Disk on OS 10.6

If you’ve ever stuck the live CD of your favorite Linux flavor into your MacBook Pro, you’ve probably also booted to a lovely flashing folder icon afterwards and panicked. Fret not, the solution is simple!

Hold down the option key during boot. Select the Startup volume (the one farthest left) and boot. Go to System Preferences, Select Startup Disk. Select the hard disk farthest to the left again, or the disk which you wish to boot to, then select Restart.

You’ve just repaired the Header of the GPT and fixed your problem!

Post Navigation