Mounting and Sharing CD/DVD ISO Images with Ubuntu and Samba

This is a WIP, draft quality now:

If you plan on having more then 8 Loop devices (loop0 - loop7) you need to set an option in "/etc/modprobe.d/options" called "option loop max_loop=255", or whatever number you need, then reboot the system.

1. Copy the CD/DVD Images to a folder on your Ubuntu system hard disk
2. Mount the image with the following command:
• Syntax: mount -t iso9660 -o loop /path/to/image.iso /path/to/mountpoint
• Real example: mount -t iso9660 -o loop /opt/CDImages/Ubuntu-710.iso /mnt
3. Edit the samba config file:
• vi /etc/samba/smb.conf
4. Add the following lines:

[Sharename]
comment = Some descriptive comment or serial key
path = /mnt
valid users = testuser
available = yes
browseable = yes
public = yes
writeable = no

1. Now add a user that we will use for authentication
• useradd testuser
• usermod -s /bin/false testuser
2. Make sure you do NOT set a UNIX password for this account, we don't want people logging into the Linux box
3. DO set a password for samba
• smbpasswd -a testuser
4. restart the samba server
• /etc/init.d/samba restart
  

Now in your windows machine open windows explorer or my computer. In the address bar type \\servername OR \\svr.ip.add.res

NOTE this has change fro 10.04.1:

you need to modify your "/boot/grub/grub.cfg" and modify your menu entries to look like the follwing, note the "max_loop=128" part of the kernel line:

menuentry 'Ubuntu, with Linux 2.6.32-30-generic-pae' --class ubuntu --class gnu-linux --class gnu --class os {
recordfail
insmod ext2
set root='(hd0,1)'
search --no-floppy --fs-uuid --set 30c0ecfe-1708-4bec-b545-127d23466906
linux /vmlinuz-2.6.32-30-generic-pae root=/dev/mapper/Hostname-root ro quiet max_loop=128
initrd /initrd.img-2.6.32-30-generic-pae
}

First Gen Zune Firmware Update

I don't know anyone who has covered this topic on how to update your zune to the latest firmware. It's very simple, go to zune.net and get the new software front end. Once you have installed that over your old front end, plug in your first get Zune. It will automatically detect that you need to update your firmware. Once you tell it to begin, the process takes approx 8-10 minutes. That's it!

Compiling a Custom Kernel for Ubuntu

1. Install necessary packages:
1. apt-get install kernel-package libncurses5-dev fakeroot wget bzip2

1. Download the kernel sources from www.kernel.org
2. Extract them
   
3. ln -s linux-kernel-version linux
4. change directory into "linux"
   
5. Copy the current kernel's config:
1. cp /boot/config-`uname -r` ./.config
6. Start the GUI kernel configuration
1. make menuconfig
7. Save the config
8. Start the compile
1. make-kpkg clean
2. fakeroot make-kpkg --initrd --append-to-version=-custom kernel_image kernel_headers
9. After it's done compiling, which may take 30 minutes or much more you will have to .deb packages in the /usr/src directory, install them
   
1. dpkg -i kernel-image-2.6.23-custom_10.00.Custom_i386.deb
2. dpkg -i kernel-headers-2.6.23-custom_10.00.Custom_i386.deb
10. verify that the entries are in grub
1. vi /boot/grub/menu.lst
11. reboot
    

Regular Expression Generator for IP Addresses

Very useful if you want to match something for a particular range of IPs:
http://www.google.com/support/googleanalytics/bin/answer.py?hl=en&answer=55572

Sorting IP Addresses with Linux/Unix "sort"

Recently I was doing a site survey of all active IPs on our network. I used nmap for this function and dumped all responding IP addresses to a text file. I don't have to worry about PC's not responding to the ping due to a personal firewall since our PC's here do not have one turned on; they are all protected by our corporate firewall. To find all responding IP's I ran the following command line for nmap:

/usr/bin/nmap -n -sP xxx.xxx.xxx.xxx-xxx xxx.xxx.xxx.xxx-xxx >> /home/myUserName/IPdb/site1IPsUp.txt

I did this for several times a day, several days a week for a couple weeks to make sure I had gotten the most complete picture possible, then I tried to sort them...

IP addresses are a strange animal, they aren't really "numbers" per se due to multiple decimal points and they aren't really words, they are a sort of hybrid. Because of this using sort without so pretty specific command line arguments won't give you what you want, which is numerically proper sorting.

Also, nmap outputs a bunch of junk text which I'm not interested in at all, I want this removed and just want the IP addresses themselves. Since I've done this survey over and over again I'm going to have dozens of the same IP address show up in the file, I only want to see it listed once. After all is said and done this is the command line I finished with to give me the output I was looking for:

cat site1IPsUp.txt | grep -v Nmap | grep -v Starting | awk '{ print $2 }' | sort -u -n -t . -k 1,1 -k 2,2 -k 3,3 -k 4,4

From there I can do with it what I like. ;)

Enabling Windows 2000/XP "File and Printer Sharing" at the Command Line

I've searched high and low and there does not seem to be any way to enable Windows File and Printer Sharing without having someone actually perform the function of clicking the stupid check box. Yes, I've gone through the registry and even did the ol' regmon trick to see what windows was modifying, nothing was obvious. Recently this problem has cropped up again causing me to renew my search for an answer, and an answer I found!

The key here is a little program called "snetcfg" which allows you to add or remove services to the windows networking system. I'm assuming snetcfg stands for "service net configurator" or something like that. Now, this program in itself can't actually check that little box that we've been discussing rather we are going to leverage some of windows' default behaviors against it.

When windows installs a service it enables it by default, what we will be accomplishing with snetcfg is that we will be uninstalling the File and Printer Sharing service and then re-installing it. Once Windows has re-installed the service it enables it by default.

Here's how we do it:

1. Grab snetcfg.zip
2. The command line to uninstall Win2K File and Printer Sharing Service is:
1. snetcfg.exe -v -u MS_Server
3. The command line to re-install Win2K File and Printer Sharing Service is:
1. snetcfg.exe -l %windir%\Inf\NETSERV.INF -c s -i MS_Server

I've found Windows XP to be similar, you can just put these lines into a batch file and push it out via a domain login script.

Force Linux File System Check on Next Reboot

Sometimes you just want to have the system check itself nextime the system reboots, to do that:

As root type:

touch /forcefsck

On the next reboot the filesystem will see the empty file called "forcefsck" in the root partition, this will trigger a full scale disk check.

Force a Kernel Reboot the Not Nice Way

If you use Linux and rely on it every day there will be a day that comes where you will utterly screw yourself. What I mean is you can get a shell but nothing else works...and you're 1000 miles away. So how do you unscrew yourself?

echo 1 > /proc/sys/kernel/sysrq
echo b > /proc/sysrq-trigger

This sends a kernel message to reboot the machine. Now this is a horrible, horrible way to reboot, it's essentially like hitting the reset switch. It does not allow the system to unmount drives or run cleanup scripts, so once things are back up you may have some housekeeping to do.

Fixing the Microphone in Steam Games with Realtek HD Audio

With the release of Team Fortress 2 on steam I was eager to get back into first person shooters and besides I've always enjoyed Team Fortress Classic. In any case I went to use the in game voice chat with steam and ended up annoying the hell out of my team mates when my microphone spewed out static and looped back sounds from the game. This is what I did to fix it:

1. Downloaded the reference drivers from Realtek's website, to my computer.
2. Uninstalled my old drivers
3. Rebooted
4. Reinstalled my new reference drivers.
5. Opened the Windows Control Panel >> Sounds and Audio Devices
   
6. Click the "Volume" Tab
7. Clicked Advanced...
8. Clicked "Options" menu then selected "Properties"
9. Click the drop down list and selected "Realtek HDA Primary Input"
10. Selected the check mark on "Stereo Mix" to mute it
11. Saved the settings by closing it.
12. Opened the Realtek Control Panel (Windows Control Panel >> "Realtek Sound Effect Manager")
13. Clicked the "Mixer" tab
14. Under the "Record" section mute the "Stereo Mix" again
15. Done
    

Can't see a PC's Shared Files on a Windows Network?

Ever have one PC on your home windows network that you just can seem to access the shares? Well here's some things to check:

1. Make sure the Windows Firewall is off
2. On the Exceptions Tab of the Window Firewall, make sure "File and Printer Sharing" has a check.
3. Disable UPnP. This is found in Add/Remove Programs >> Add/Remove Windows Components >> Networking Services
4. In the registry: "HKey_Local Machine/System/CurrentControlSet/Control/LSA" change "restrictanonymous" from 1 to 0

After you've done all that you should be able to access all the shares on the previously unsharable machine.

SSH and DNS Tunneling with DD-WRT (SOCKS Proxy)

In my previous article "Punch through your corporate firewall..." I showed you how to leverage a server on the internet to forward your web traffic. I've found another way to tunnel your HTTP traffic using a cheap router and a firmware upgrade called DD-WRT. If you are interested you can check out their site and see if your router is supported by their firmware.

In any case this is what you have to do, I'm assuming that you've already flashed your router with the new firmware and are ready to go:

1. Open the DD-WRT administration page and enter your password.
   
2. Click the tab that says "Administration"
3. Click the sub-tab called "Management"
   
4. In the Management tab look for the item that says "Remote Access", inside the box you'll see "SSH Management", select "Enabled"
5. Change the SSH remote port to something other then "22" otherwise your router will constantly be bombarded by SSH attacks. I suggest something like "2345" or "6543".
6. Click "Save Settings" at the bottom of the page.
7. Now Click the sub-tab called "Services"
8. Scroll down until you see "Secure Shell"
9. In this box you want to "Enable" both "SSHd" and "Password Login"
10. Again change the port to whatever you chose before, it should be the same one.
11. Click "Save Settings" again.
12. Now Click the "Reboot Router" button.
13. When it comes back it should be ready.

Now for the PuTTY configuration on the windows side:

1. Download the PuTTY client
2. Run it
3. Type in the Internet address of your router
   
4. Enter the port number you want to connect to (i.e. 2345, 6543, etc...)
5. Make sure the SSH radio button is selected.
6. On the left, navigate down to Connection >> SSH >> Tunnels
7. In the "Source Port" box type in 10000
8. In the first set of radio Radio buttons select "Dynamic"
9. In the second set make sure "Auto" is selected
10. Click the "Add" button
11. Scroll all the way back up to "Session" and click it
12. Give the session something generic "Router Tunnel" is fine.
13. Click "Open" to start the session
14. At the username prompt enter "root", then your router's password (you changed it from the default, right?)

Ok now the tunnel is ready, now we configure FireFox:

1. Download and install FireFox, if you can't install anything you should get the thumb drive version which doesn't require installation
2. Start Firefox
3. Go to "Tools" >> "Options"
4. Click the "Advanced" Tab
5. Where it says "Configure how firefox connects to..." click the "Settings..." button
6. Select the "Manual Proxy Configuration" radio button
7. In the "SOCKS Host" box type in "localhost"
8. In the port information for the SOCKS Host type in "10000"
9. Make sure "Socks v5" radio button is selected
10. Clear out the "localhost,127.0.0.1" entries in the "No Proxy for" box
11. OK your way back to firefox browser window

Now we need to tunnel DNS lookups as well to keep our own DNS server perstine; so we'll tell firefox to pump these DNS lookups through the SOCKS proxy:

1. In the address bar type "about:config" and hit enter, this will give you FireFox's configuration guts.
2. In the filter type in "dns", this will cut down the options so you don't have to go shuffling through a bunch of crap
3. Look for the option "network.proxy.socks_remote_dns"
4. Double click it so the value changes to "true"
5. Hit the home button to now you're loading your pages through the proxy.

Enjoy!

Job taking too long to complete? "bg" it.

If you execute a command but it's taking a very long time to complete you'll be stuck waiting at an unresponsive command prompt.

To wrest control back you can do the following:

Press CTRL+Z to stop the job and get your command prompt back, then
type "bg" then enter to run the job in the background
To see the list of jobs you've backgrounded type: "jobs" then hit enter
To bring one of the listed jobs back to the command prompt you can type "fg" then the number of the job you with to bringforward.

Summary:

CTRL+Z then "bg"
"jobs" to see the list of jobs in the background
"fg" then # to bring a job back front.

Renaming Interfaces in Ubuntu (eth1 to eth0, eth2->eth1)

If you've moved your hard disk to a new machine or swapped out the Ethernet cards you'll find that your interfaces are no longer named what you expect. Instead you will find that your eth0 no longer shows up and that you now have an eth1, eth2, eth3 and so on. To fix this you need to do a few little things:

First thing is to make sure that Ubuntu "sees" your ethernet adapters by listing PCI devices with lspci:

$ sudo lspci

This should give you a listing sorta like this:

0000:00:00.0 Host bridge: Intel Corporation 82845G/GL[Brookdale-G]/GE/PE DRAM Controller/Host-Hub Interface (rev 01)
0000:00:02.0 VGA compatible controller: Intel Corporation 82845G/GL[Brookdale-G]/GE Chipset Integrated Graphics Device (rev 01)
0000:00:1d.0 USB Controller: Intel Corporation 82801DB/DBL/DBM (ICH4/ICH4-L/ICH4-M) USB UHCI Controller #1 (rev 01)
0000:00:1d.1 USB Controller: Intel Corporation 82801DB/DBL/DBM (ICH4/ICH4-L/ICH4-M) USB UHCI Controller #2 (rev 01)
0000:00:1d.7 USB Controller: Intel Corporation 82801DB/DBM (ICH4/ICH4-M) USB2 EHCI Controller (rev 01)
0000:00:1e.0 PCI bridge: Intel Corporation 82801 PCI Bridge (rev 81)
0000:00:1f.0 ISA bridge: Intel Corporation 82801DB/DBL (ICH4/ICH4-L) LPC Interface Bridge (rev 01)
0000:00:1f.1 IDE interface: Intel Corporation 82801DB (ICH4) IDE Controller (rev 01)
0000:00:1f.5 Multimedia audio controller: Intel Corporation 82801DB/DBL/DBM (ICH4/ICH4-L/ICH4-M) AC'97 Audio Controller (rev 01)
0000:05:04.0 Ethernet controller: 3Com Corporation 3c905C-TX/TX-M [Tornado] (rev 30)
0000:05:08.0 Ethernet controller: Intel Corporation 82801DB PRO/100 VM (LOM) Ethernet Controller (rev 81)

...as you can see I have multiple Ethernet cards, I want the 3Com ethernet card to be eth1 and the Intel on-board NIC to be eth0. Now that I know Ubuntu knows that these cards are there I need to see what ifconfig sees them as:

$ sudo ifconfig -a

eth1 Link encap:Ethernet HWaddr 00:0B:CD:97:A1:13
inet addr:xxx.xxx.200.80 Bcast:xxx.xxx.200.127 Mask:255.255.255.0
inet6 addr: fe80::20b:cdff:fe97:a113/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2771 errors:0 dropped:0 overruns:0 frame:0
TX packets:356 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:282405 (275.7 KiB) TX bytes:49995 (48.8 KiB)

eth2 Link encap:Ethernet HWaddr 00:01:02:C1:46:5B
inet6 addr: fe80::201:2ff:fec1:465b/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:81395 errors:0 dropped:0 overruns:1 frame:0
TX packets:55 errors:0 dropped:0 overruns:0 carrier:49
collisions:0 txqueuelen:1000
RX bytes:5994745 (5.7 MiB) TX bytes:17226 (16.8 KiB)
Interrupt:177 Base address:0x6000

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)

Okay it sees them both and has even reconfigured my network IPs on the wrong cards, we need to re-alias these cards so that they are detected properly and assigned the right names, this is done in the /etc/iftab (NOTE: if you do not seem to have an iftab file check below this section) file:

$ sudo vi /etc/iftab

# This file assigns persistent names to network interfaces.
# See iftab(5) for syntax.

eth0 mac 00:08:02:3a:da:bc arp 1

NOTE: If you don't have an /etc/iftab file then it's most likely you have anotehr file called /etc/udev/rules.d/70-persistent-net.rules. Inside it will look similar but more verbose. It will have your old network interfaces in place as well as your new ones with the eth2 and eth3 monikers. delete you old ones and replace the "eth2" and "eth3" with "eth0" and "eth1".


...ok, I see here that it has the MAC addres of my old ethernet card, so we are going to change it: Note in the previous step we listed the devices with ifconfig and it would show the "HWaddr" which is the MAC. We are going to add some new lines to /etc/iftab:

# This file assigns persistent names to network interfaces.
# See iftab(5) for syntax.

#eth0 mac 00:08:02:3a:da:bc arp 1
eth0 mac 00:0B:CD:97:A1:13 arp 1
eth1 mac 00:01:02:C1:46:5B arp 1

...now save the file. For good measure we are also going to add some aliases to the /etc/modprobe.d/aliases file, but first we need to know the module name that the kernel is using to access these ethernet cards:

$ sudo ethtool -i eth1

driver: e100
version: 3.4.14-k4-NAPI
firmware-version: N/A
bus-info: 0000:05:08.0

...note the driver name

$ sudo ethtool -i eth2

driver: 3c59x
version: LK1.1.19
firmware-version:
bus-info: 0000:05:04.0

...ok now that we know what the driver is, we are going to add the following lines to /etc/modprobe.d/aliases, these will be named based on what we expect the eth# to be once we reboot:

$ sudo vi /etc/modprob.d/aliases

alias eth0 e100
alias eth1 3c59x

That's done, next we need to modify the /etc/interfaces to add/modify the current, incorrect interfaces:

$ sudo vi /etc/network/interfaces

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto eth0
iface eth0 inet dhcp

auto eth1
iface eth1 inet dhcp

... Save the file and then REBOOT. Yes, I said reboot. Yes, I know this is not windows, just reboot like I said.

Once it comes back up you should be able to log in andrun ifconfig again, this time it should show your interfaces in the correct order!

Random Linux Commands I Keep Forgetting

Enable root account in Ubuntu:

$ sudo passwd root

...then set a new password

Disable the root account in Ubuntu:

$ sudo passwd -l root

...which removes and locks the root account.

Manually set the eth0 IP, netmask and Gateway:

$ sudo ifconfig eth0 IPADDRESS netmask 255.255.255.0 broadcast BROADCASTIP
$ sudo route add default gw DEFAULTGATEWAYIP

To make changes permanent edit /etc/network/interfaces or put the above commands in /etc/init.d/rc.local

Manually set the Duplex and Speed of an Interface:

$ sudo ethtool -s eth0 speed 100 duplex full autoneg off

To make permanent put the command in /etc/init.d/rc.local.

Punch Through Your Corporate Firewall So You Can Do Your Damn Job!

I'm a network security administrator and this job requires that lock things down to a point where I can't even do my own job (damn I'm good, and yes I do know about exclusions). The idea is to be able to "backdoor" the network policies and protections to do your job, the purpose is not to "surf anywhere you want on the net without getting caught". Network policies are there for a reason, to protect network and computer resources from morons doing stupid crap and loading up their PC's with spyware. This is what you'll need:

• A Linux machine on the outside which has unrestricted access
• Broadband connection (you do not want to be surfing at 56k)
• SSH configured properly to support SOCKS proxy forwarding
• PuTTY client for Windows
• FireFox Web Browser (I'll tell you why this is important later)
  

This is the procedure on how it's done:

On your Linux Box:

1. Log into your machine
2. Change to root
3. Edit /etc/ssh/sshd_config
4. Add or uncomment a line that says "AllowTcpForwarding yes"
5. Near the top you may want to add another listen port in case you do something stupid and block yourself. That's done by adding single lines like this:

Port 22
Port 8022
Port 22222

Now it will listen on ports 22, 8022 and 22222, save your config file and restart the SSHd. If you ware running your Linux machine on a home network behind a router make sure you forward these ports to your machine on the inside.

On the Windows Side of things:

1. Download the PuTTY client
2. Run it
3. Type in the Internet address of your server.
4. Enter the port number you want to connect to (ie 22, 8022, 22222)
5. Make sure the SSH radio button is selected.
6. On the left, navigate down to Connection >> SSH >> Tunnels
7. In the "Source Port" box type in 10000
8. In the first set of radio Radio buttons select "Dynamic"
9. In the second set make sure "Auto" is selected
10. Click the "Add" button
11. Scroll all the way back up to "Session" and click it
12. Give the session something generic "my connection" is fine.
13. Click "Open" to start the session
14. Enter your username and password.

If you successfully logged in, your tunnel is now active and waiting for you to use it! Now we need to configure a web browser to use this connection. I'll use Firefox as the example because it does everything well and gives me s little protection from smacktards out there.

1. Download and install FireFox, if you can't install anything you should get the thumb drive version which doesn't require installation
2. Start Firefox
3. Go to "Tools" >> "Options"
4. Click the "Advanced" Tab
5. Where it says "Configure how firefox connects to..." click the "Settings..." button
6. Select the "Manual Proxy Configuration" radio button
7. In the "SOCKS Host" box type in "localhost"
8. In the port information for the SOCKS Host type in "10000"
9. Make sure "Socks v5" radio button is selected
10. Clear out the "localhost,127.0.0.1" entries in the "No Proxy for" box
11. OK your way back to firefox browser window

Now we need to tunnel DNS lookups as well to keep our own DNS server perstine; so we'll tell firefox to pump these DNS lookups through the SOCKS proxy:

1. In the address bar type "about:config" and hit enter, this will give you FireFox's configuration guts.
2. In the filter type in "dns", this will cut down the options so you don't have to go shuffling through a bunch of crap
3. Look for the option "network.proxy.socks_remote_dns"
4. Double click it so the value changes to "true"
5. Hit the home button to now you're loading your pages through the proxy.

Enjoy being able to do your damn job!

How to Change the Default Text Editor in Ubuntu

As the user you want to make the change for type:

# update-alternatives --config editor

A small text based dialog will open, choose the appropriate editor and that's it!










Source: http://www.debianadmin.com/howto-change-default-editor-in-debian-etch.html

How to remove MSN Messenger from Windows XP Permanantly

Click Start >> Run...

Paste this line into the Run... box:

RunDll32 advpack.dll,LaunchINFSection %windir%\inf\msmsgs.inf,BLC.Remove

Now that annoying MSN messenger program is gone!

How to Diable Nero Burning ROM 7's Nero Scout

1. Open My Computer
2. Right-Click on Nero Scout
3. Uncheck "Enable Nero Scout"
4. Save Changes
   
5. Click Start >> Run...
6. Paste this line, (this is one line):

regsvr32 /u "%COMMONPROGRAMFILES%\Ahead\Lib\MediaLibraryNSE.dll"

Then reboot.