If you read one of my older posts, then you read that Truecrypt does not support encrypting the entire drive. I set out to see if it was possible just to encrypt the working home drive (I know it can be done, just didn't know how).
Well, a new version of Truecrypt just came out, version 6.1. And guess what? It still doesn't encrypt the whole system drive. Oh well...back to the drawing board.
To upgrade Truecrypt on the Acer Aspire one, follow Macles instructions for the older version, just use the new version of Truecrypt (i.e, replace the names with the newer version).
Great, so you got it going now what, right? Well time to follow these steps.
What you need:
1. A donwload of Truecrypt
2. An external drive or smb/cifs connection (to temporarily move your user directory).
3. Some time on your hands.
Great, now let's get to the good part.
Adjust user login
You want to login as root, this'll make it easier for you to move the user folder. To do this, you'll have to login as root. Here's a nce tip I found that'll allow you to be prompted with a login at boot:
http://snaprails.blogspot.com/2009/01/acer-aspire-one-linpus-password.html
Login as root
After you've made the above adjustements, you should login as root. This'll be self explanatory once you see the prompt.
Move the user folder
This made sense to me because I was already running low on space. Only about 1.7 GB free. My user folder was taking up about 1.4 GB, and I wanted to be able to utilize as much space as possible (keeping in mind to leave a little for the system should I want to modify anything that would take up space on the system.
1. Mount your external drive, or network drive
2. Transfer your user folder to the other drive. (So, copy then delete, or a straight move. I'm superstitious, so I do a copy and then a delete locally)
3. Clean up Trash so that you gain back the free space on your drive.
rm -rf /root/.local/share/Trash/files/*
rm -rf /root/.local/share/Trash/info/*
4. Fire up truecrypt
5. Click on Create Volume, and create a volume and place it where ever you want, as long as "user" has access to it. Choose whatever encryption method you want, and whatever password you want. When it asks for format choose ext2. I had originally chose none, and then was going to format using aufs, but only the /mnt/home directory needs it. The rest of the drive (including /home/user) is actually ext2. I had to then format it after using ext2. Go back to where you created the Truecrypt container (mine is along the lines of /home/encryptedcontainer.tc), and make sure that "user" has access to it:
-rw-rw---- 1 user user 3221225472 2009-06-02 15:05 encryptedcontainer.tc
You can accomplish this with:
chown -R user:user encryptedcontainer.tc
6. Ensure that it's created and that you can mount it.
7. Create a folder called "user" under /home NOTE: Any messages you get just click OK. Ensure that user has access to the folder: chown -R user:user /home/user
7. Once you've mounted your Truecrypt image, go ahead and transfer the data over to it. (Truecrypt will tell you where it's mounted to, usually /media/Truecrypt1)
8. Run the following to put "user" as owner on the contents:
chown -R user:user /media/Truecrypt1 .
NOTE: The "period" after the command. This will ensure that even the .name files will be adjusted (if you put *.* it may include "." and ".." which will effect the directory above it as well).
9. Ensure everything's been trasferred over, and that Truecrypt is good. Now dismount the file in Truecrypt.
Get Truecrypt to Startup and Mount at Boot
1. Now follow the instructions listed here:
http://ubuntuforums.org/archive/index.php/t-1014891.html
2. Save it, and reboot
3. You should now be prompted with 2 authentication windows
a. The first is to authenticate to the Truecrypt container. If you don't authenticate to it, the boot will loop, and you can't get into "user".
b. The second authentication screen is the gdm one which will allow you to actually login to your account.
Once you login, everything should be working fine. The only problem I've exprienced so far was with Jungledisk. I had to remove it, download it, and extract it again. I also had to remove the .junglediskinstance file. The encryption is seemless. You will not see jungledisk running in the taskbar, or top. If you run ps aux | grep jungledisk, you'll see it running where it mounted your container to /home/user.
The advantage of this setup is that:
1. The Acer Apsire One needs authentication now to get into it.
2. The "User" home folder is encrypted now.
The disadvantage of this setup is:
1. It takes a little longer to boot
2. If you forget your password, your SOL, and need to go back to your backup (still got that user folder you copied over?)
3. Someone can still login as root and see where your Truecrypt container is and attempt to brute force it. If the container uses the same password as your Linpus login, then a skilled user could crack your passwd file and use that to crack your password for Truecrypt.
Tuesday, June 2, 2009
jungledisk + Amazon S3 on Acer Aspire One
I was trying to get this working a while ago, and gave up. I managed to get far enough where I was able to get it to work only using root (sudo, or straight up root). Little did I know I was close to getting it working under "user" but gave up to soon. Eh, it happens...
At any rate, here's how to do it. This assumes that you already have an S3 account configured and downloaded Jungledisk.
1. After you've downloaded jungledisk, extract and untar it.
tar -xvzf jungledisk*
2. check the permissions on the contents. Pay attention to jungledisk and junglediskmonitor, and ensure that they look like below.
-rwxr-xr-x 1 user user 4394430 2009-04-28 11:17 jungledisk
-rwxr-xr-x 1 user user 9164367 2009-04-28 11:17 junglediskmonitor
3. Check /dev/fuse and make sure that the permissons on it are as follows:
crw-rw---- 1 root fuse 10, 229 2008-03-04 08:44 /dev/fuse
4. Next, add "user" to group "fuse" by issuing the following command:
sudo usermod -a -G fuse user
5. Ensure that you have the correct group memebership by issuing the following command, and making sure you see "fuse" in the list:
[user@localhost jungledisk]$ id user
uid=500(user) gid=500(user) groups=500(user),10(wheel),496(fuse)
6. Reboot, otherwise the changes to group membership will not take effect.
7. Go ahead and run junglediskmonitor, once you get back up and running and enter in the requested information.
This is a great addition to my Acer Aspire One using an 8GB SSD!
At any rate, here's how to do it. This assumes that you already have an S3 account configured and downloaded Jungledisk.
1. After you've downloaded jungledisk, extract and untar it.
tar -xvzf jungledisk*
2. check the permissions on the contents. Pay attention to jungledisk and junglediskmonitor, and ensure that they look like below.
-rwxr-xr-x 1 user user 4394430 2009-04-28 11:17 jungledisk
-rwxr-xr-x 1 user user 9164367 2009-04-28 11:17 junglediskmonitor
3. Check /dev/fuse and make sure that the permissons on it are as follows:
crw-rw---- 1 root fuse 10, 229 2008-03-04 08:44 /dev/fuse
4. Next, add "user" to group "fuse" by issuing the following command:
sudo usermod -a -G fuse user
5. Ensure that you have the correct group memebership by issuing the following command, and making sure you see "fuse" in the list:
[user@localhost jungledisk]$ id user
uid=500(user) gid=500(user) groups=500(user),10(wheel),496(fuse)
6. Reboot, otherwise the changes to group membership will not take effect.
7. Go ahead and run junglediskmonitor, once you get back up and running and enter in the requested information.
This is a great addition to my Acer Aspire One using an 8GB SSD!
Thursday, April 30, 2009
Truecrypt: Encrypt entre OS on Linux
Well, after much searching, and reading of tutorials, and running truecrypt --help, I could not find a way.
This pretty much solidifies the reason why (contrary to other posts on the 'net).
This pretty much solidifies the reason why (contrary to other posts on the 'net).
http://www.truecrypt.org/docs/?s=sys-encryption-supported-os
Notice *nix is not supported on the list.
Just so we're clear, with the current verson of Truecrypt (6.1a), you CANNOT encrypt the boot/system partition on Linux or Mac OS X for that matter.
I hope this helps out someone else.
Thursday, April 23, 2009
You have SSH, or FTP and want to save bandwidth?
If you have SSH or FTP open on your server (*nix), and are noticing bandwidth drops (probably in the evening if your State side), then check your logs (firewall, /var/log/messages, /var/log/secure, etc.).
In my case, I noticed a whole lot of brute force attempts. Nothing connecting successful, but lots of lots of connections. Sometimes thousands throughout the night.
Enough, I said. I then hit google to figure out what I could do about it. Denyhosts and Fail2Ban to the rescue! Denyhosts checks items in the secure log, and adds them to hosts.deny on the fly (it's scriptable, can be added to cron, and can be configured to send reports to you as well!). I use Denyhosts for SSH connections, I couldn't get it to work for FTP, though.
Here comes Fail2Ban. After some more searching, I found Fail2Ban. You can have Fail2Ban run a a wrapper to check whatever log you want, and look for certain items to then start the ban from. It works alot like Denyhosts - it will then add the "banned" IP addresses to hosts.deny. It can be added to cron as well, and can also send reports to an admin.
http://denyhosts.sourceforge.net/
http://www.fail2ban.org/wiki/index.php/Main_Page
My reports on attacks are a LOT shorter now (after an 'x' amount of failed attempts, they are permabanned), and my bandwidth in the evening is more normal now.
In my case, I noticed a whole lot of brute force attempts. Nothing connecting successful, but lots of lots of connections. Sometimes thousands throughout the night.
Enough, I said. I then hit google to figure out what I could do about it. Denyhosts and Fail2Ban to the rescue! Denyhosts checks items in the secure log, and adds them to hosts.deny on the fly (it's scriptable, can be added to cron, and can be configured to send reports to you as well!). I use Denyhosts for SSH connections, I couldn't get it to work for FTP, though.
Here comes Fail2Ban. After some more searching, I found Fail2Ban. You can have Fail2Ban run a a wrapper to check whatever log you want, and look for certain items to then start the ban from. It works alot like Denyhosts - it will then add the "banned" IP addresses to hosts.deny. It can be added to cron as well, and can also send reports to an admin.
http://denyhosts.sourceforge.net/
http://www.fail2ban.org/wiki/index.php/Main_Page
My reports on attacks are a LOT shorter now (after an 'x' amount of failed attempts, they are permabanned), and my bandwidth in the evening is more normal now.
Wednesday, April 1, 2009
Essential Applications for Acer Aspire One
Here's a list of essential applications (for me) on the Acer Aspire One (Linpus).
Thunderbird is an e-mail client, and has a lot of capabilities with it. It comes with an address book already, so you can ditch the Evolution like one on the Acer. I tried Evolution, and it was OK, but I updated something that wound up screwing up the OS. Lightning is the Sunbird Calendar, but integrated into Thunderbird. Think of it as the calendar in Outlook. Both combined make a really nice e-mail client.
Firefox 3
Out of the box, the AA1 comes with Firefox 2.x. You can follow macles site to upgrade to Firefox 3.x.
http://macles.blogspot.com/2008/07/installing-firefox-3-on-acer-aspire-one.html
Skype
We all know (or should know) what Skype is. But just in case....it's a client that allows you to video chat, VoIP, or text with other Skype members. You can also VoIP for a small price to landlines. Anyway, get it. It's nice. Just realize that video for Linux with Skype is relatively new, so your video may be a little dark or dropped frames when using wifi.
Gizmo
For those who don't know, Gizmo is a VoIP/IM client. It supports AIM, MSN, Yahoo, and some others. http://gizmo5.com/pc/ It's good to use if you're looking for a free VoIP client with integrated IM capibilities that will work with your VoIP account/PBX.
Truecrypt
I happen to have the 8GB SSD version of the AA1. I love it. Some people think it's not enough space. It's enough space as long as you don't do video editing, or heavy photo editing, or want more music than you can listen to on your netbook...but I digress. Truecrypt is an encryption application that allows you to encrypt files, directories, or the entire hard drive. More info is available here: http://www.truecrypt.org/. How to install it, here: http://macles.blogspot.com/2008/07/installing-truecrypt-on-acer-aspire-one.html
Jungledisk
So, ~6.5GB not enough for ya? Fine. Go get an Amazon S3 account. http://aws.amazon.com/s3/. And then get Jungledisk: http://www.jungledisk.com/. As you may have guessed, it allows you to use the "cloud" or Internet as storage. Amazon S3 allows you to store data on their servers. Jungledisk allows you to access your data like a drive from Linux, Windows, and Mac. And yes, it even works from a USB thumb drive. How much space you say? Unlimited (you get as much as you pay for - they charge for pulls/pushes/and storage). I got just shy of 1TB there. You want access via web? You can do an extra payment to Jungledisk and get webaccess to...
VLC
You wanna play all those "moviez" you got from your "friendz", or "songz" you got from your "friendz". Download VLC. It'll have all of the codecs you need. Here's how: http://macles.blogspot.com/2008/11/installing-vlc-09-on-aspire-one-linux.html
rdesktop
What was that? You want to remote into a Windows box, but you can't find Remote Desktop for Linux? Get rdesktop. Fn+F2 > terminal > sudo yum install rdesktop
NOTE: If you want sound you gotta do: aoss rdesktop blah, blah
vnc
Huh, what? You want to control Macs now? Picky, picky. K, terminal > sudo yum install vncviewer
ssh
Oh, so you heard you can do things in Linux encrypted like. Maybe you wanna check e-mail on another server with Pine, or getting terminal access to a box somewhere but encrypted. Yes it can be done: terminal > sudo yum install openssh-clients
telnet
Yeah, telnet's not on here. I still use it. If you want to too: sudo yum install telnet
tor
Tor allows for some basic anonymity. Layman's terms? It changes your IP address that everyone sees. So it'll make you seem like you're in Germany when you're really in Tokyo. How? sudo yum install tor
privoxy
You gotta use this and edit the config if you want to use tor while surfing the 'net. sudo yum install privoxy (it'll actually just update it). Please go here for editing config file (check the Privoxy section):http://www.torproject.org/docs/tor-doc-unix.html.en
torbutton
So you have tor, and privoxy. But you can't get them to work? Install the torbutton add-on to Firefox and restart Firefox. Then fireup tor: sudo service tor start ...and sudo service privoxy start. Now, go ahead, click on the bottom right of Firefox where it says "Tor Disabled"...watch it turn from red to green. Do it...do it...do it. Now go to www.whatismyip.com...look it's different...now you're masquerading with a different address. Check out Google, you may get a different splash page if your IP is from a non English-speaking country...have fun...
OK, so now you're all set right? Wrong. You forgot backups ::slaps forehead:: Backups, yes, backups....that thing you wish you did when you lose all of your data. In my humble opinion, you have two choices. aa1blinux which seems to be alright. You don't need to compile anything, and you can back up to an external drive (not a network drive). Macles made it: http://macles.blogspot.com/2008/12/acer-aspire-one-aa1backup.html
Or you can use PING: http://ping.windowsdream.com/ A little more difficult to use for basic users, but it works. I've backed up and restored lots of times successfully. The caveat? You gotta be turned off to back everything up and boot from an image (it's waaay eaiser if you have a USB optical drive). But it backs up everything. Even your BIOS. All into an image. Recovery is pretty easy once you get the hang of it as well. Plus, it works with networked drives (SMB).
Audacity
One day you get the itch to make a podcast. Or maybe you're an aspiring ghost hunter and what to use this little netbook to present to your client. An any rate, it's easy. sudo yum install audacity I don't think it's add's the LAME requirements for *.mp3 though. If not, then you have to compile from source. But that doesn't scare you, right? You have backups now.
Picasa
Wanna share your photos with loved ones? Have a Google account? Try Picasa, it's great. http://picasa.google.com/linux/ Download and follow their directions. It's pretty straight forward. Technical stuff: It's really installing in under Wine for it to work with Linux. It's neat and works.
Dia
If you're like me and like to diagram things: Blueprinting, Visio-ing, etc., then this is for you. It's small. It's like Visio, and it works. sudo yum install dia.
That's it, maybe I'll post how to get the others working that require more steps.
- Thunderbird & Lightning
- Firefox 3
- Skype
- Gizmo
- Truecrypt
- Jungledisk
- VLC
- rdesktop
- vnc
- ssh
- telnet
- tor
- privoxy (old version already there, just need to update it)
- torbutton (tor button one click thingy for Firefox)
- aa1blinux if you have an external drive, if not PING
- Audacity
- Picasa
- Dia
Thunderbird is an e-mail client, and has a lot of capabilities with it. It comes with an address book already, so you can ditch the Evolution like one on the Acer. I tried Evolution, and it was OK, but I updated something that wound up screwing up the OS. Lightning is the Sunbird Calendar, but integrated into Thunderbird. Think of it as the calendar in Outlook. Both combined make a really nice e-mail client.
Firefox 3
Out of the box, the AA1 comes with Firefox 2.x. You can follow macles site to upgrade to Firefox 3.x.
http://macles.blogspot.com/2008/07/installing-firefox-3-on-acer-aspire-one.html
Skype
We all know (or should know) what Skype is. But just in case....it's a client that allows you to video chat, VoIP, or text with other Skype members. You can also VoIP for a small price to landlines. Anyway, get it. It's nice. Just realize that video for Linux with Skype is relatively new, so your video may be a little dark or dropped frames when using wifi.
Gizmo
For those who don't know, Gizmo is a VoIP/IM client. It supports AIM, MSN, Yahoo, and some others. http://gizmo5.com/pc/ It's good to use if you're looking for a free VoIP client with integrated IM capibilities that will work with your VoIP account/PBX.
Truecrypt
I happen to have the 8GB SSD version of the AA1. I love it. Some people think it's not enough space. It's enough space as long as you don't do video editing, or heavy photo editing, or want more music than you can listen to on your netbook...but I digress. Truecrypt is an encryption application that allows you to encrypt files, directories, or the entire hard drive. More info is available here: http://www.truecrypt.org/. How to install it, here: http://macles.blogspot.com/2008/07/installing-truecrypt-on-acer-aspire-one.html
Jungledisk
So, ~6.5GB not enough for ya? Fine. Go get an Amazon S3 account. http://aws.amazon.com/s3/. And then get Jungledisk: http://www.jungledisk.com/. As you may have guessed, it allows you to use the "cloud" or Internet as storage. Amazon S3 allows you to store data on their servers. Jungledisk allows you to access your data like a drive from Linux, Windows, and Mac. And yes, it even works from a USB thumb drive. How much space you say? Unlimited (you get as much as you pay for - they charge for pulls/pushes/and storage). I got just shy of 1TB there. You want access via web? You can do an extra payment to Jungledisk and get webaccess to...
VLC
You wanna play all those "moviez" you got from your "friendz", or "songz" you got from your "friendz". Download VLC. It'll have all of the codecs you need. Here's how: http://macles.blogspot.com/2008/11/installing-vlc-09-on-aspire-one-linux.html
rdesktop
What was that? You want to remote into a Windows box, but you can't find Remote Desktop for Linux? Get rdesktop. Fn+F2 > terminal > sudo yum install rdesktop
NOTE: If you want sound you gotta do: aoss rdesktop blah, blah
vnc
Huh, what? You want to control Macs now? Picky, picky. K, terminal > sudo yum install vncviewer
ssh
Oh, so you heard you can do things in Linux encrypted like. Maybe you wanna check e-mail on another server with Pine, or getting terminal access to a box somewhere but encrypted. Yes it can be done: terminal > sudo yum install openssh-clients
telnet
Yeah, telnet's not on here. I still use it. If you want to too: sudo yum install telnet
tor
Tor allows for some basic anonymity. Layman's terms? It changes your IP address that everyone sees. So it'll make you seem like you're in Germany when you're really in Tokyo. How? sudo yum install tor
privoxy
You gotta use this and edit the config if you want to use tor while surfing the 'net. sudo yum install privoxy (it'll actually just update it). Please go here for editing config file (check the Privoxy section):http://www.torproject.org/docs/tor-doc-unix.html.en
torbutton
So you have tor, and privoxy. But you can't get them to work? Install the torbutton add-on to Firefox and restart Firefox. Then fireup tor: sudo service tor start ...and sudo service privoxy start. Now, go ahead, click on the bottom right of Firefox where it says "Tor Disabled"...watch it turn from red to green. Do it...do it...do it. Now go to www.whatismyip.com...look it's different...now you're masquerading with a different address. Check out Google, you may get a different splash page if your IP is from a non English-speaking country...have fun...
OK, so now you're all set right? Wrong. You forgot backups ::slaps forehead:: Backups, yes, backups....that thing you wish you did when you lose all of your data. In my humble opinion, you have two choices. aa1blinux which seems to be alright. You don't need to compile anything, and you can back up to an external drive (not a network drive). Macles made it: http://macles.blogspot.com/2008/12/acer-aspire-one-aa1backup.html
Or you can use PING: http://ping.windowsdream.com/ A little more difficult to use for basic users, but it works. I've backed up and restored lots of times successfully. The caveat? You gotta be turned off to back everything up and boot from an image (it's waaay eaiser if you have a USB optical drive). But it backs up everything. Even your BIOS. All into an image. Recovery is pretty easy once you get the hang of it as well. Plus, it works with networked drives (SMB).
Audacity
One day you get the itch to make a podcast. Or maybe you're an aspiring ghost hunter and what to use this little netbook to present to your client. An any rate, it's easy. sudo yum install audacity I don't think it's add's the LAME requirements for *.mp3 though. If not, then you have to compile from source. But that doesn't scare you, right? You have backups now.
Picasa
Wanna share your photos with loved ones? Have a Google account? Try Picasa, it's great. http://picasa.google.com/linux/ Download and follow their directions. It's pretty straight forward. Technical stuff: It's really installing in under Wine for it to work with Linux. It's neat and works.
Dia
If you're like me and like to diagram things: Blueprinting, Visio-ing, etc., then this is for you. It's small. It's like Visio, and it works. sudo yum install dia.
That's it, maybe I'll post how to get the others working that require more steps.
Monday, February 2, 2009
Port Report - 2000/XP/2003
Have you ever been in a situation where you have a server that's connecting to another server via a known port that you can track down, but for the life of you can't figure out what application is doing it?
I ran into a server where Surfcontrol now known as WebTrends was reporting that a connection was occurring to another server. There was a rule in Surfcontrol that was blocking the connection. Because of the multiple attempts per second being blocked, it caused the Surfcontrol app to go bonkers and consume loads of CPU resources. I did the usual of netstat -A, didn't see what was connecting to an http port. I checked services, msconfig, run in reg, and taskman. I couldn't identify what was attempting to connect...
PortReporter to the rescue. PortReporter is a small app that is available from Microsoft: http://support.microsoft.com/?id=837243.
You need to pass the WGA test to download it. After that:
- Unzip the application to a directory you can access, I made one called portreporter on the desktop
- Run pr-setup.exe
- Go to Services, and turn on the service called portreporter
- Go to C:\Program Files\port reporter\ and run port reporter
- Go to C:\Windows\system32\log files\port reporter\ and you will see your report here.
Happy port application hunting...
Saturday, January 31, 2009
Keylogging 'nix & Phrack
Checking out this: http://freeworld.thc.org/papers/writing-linux-kernel-keylogger.txt I feel dirty reading Phrack from outside of Phrack.org. It seems that Phrack isn't what it used to be. If you try looking for this article, you get whacked out results when clicking on the link, an article on OpenSSH. Same thing will happen if you drill down and connect from the issue number. Whack Phrack. Anyways...so another project I'm working on is how to compile the kernel keylogger..I'll let you know how it goes.
Old Hoax about Dells and Keyloggers
I ran into this interesting article. http://virus.org.ua/unix/keylog/klog.htm I don't know if it's true or not, but I'll be keeping an eye on this on some laptops that fall within this date range. According to here: http://virus.org.ua/unix/keylog/klog_files/ It looks like the pics were uploaded in '05, but the article was written in '07. So, I'm skeptical about it, but doing a little more digging I found this: http://www.engadget.com/2005/06/16/the-dell-keylogger-conspiracy-hoax/ So it looks like a hoax, but interesting. I thought I 'd share it. PS: Note the zipties on the HW Keylogger, think that'd be in a laptop?
Mac OS X - Dashboard, Widgets & 2600
I read an interesting article in 2600 about widgets in the Dashboard of Tiger/Leopard. Anywho, got me to thinking about something. I think I might make a lil something something. I'll let you know how it goes.
Subscribe to:
Posts (Atom)