tag:blogger.com,1999:blog-59703420295947052932024-03-13T22:28:01.217-07:00my32bitscomputer science, mobile programming, workarounds and solutionstaivohttp://www.blogger.com/profile/04547364082682046408noreply@blogger.comBlogger15125tag:blogger.com,1999:blog-5970342029594705293.post-41464238532172648062017-01-18T22:23:00.003-08:002017-01-18T22:32:28.458-08:00A UNIX command a day -- ucare<span style="color: #333333; font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><span style="background-color: white; font-family: "courier new" , "courier" , monospace;">sudo apt-get update && apt-get upgrade</span></span><br />
<span style="color: #333333; font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><span style="background-color: white;"><br /></span></span>
<span style="color: #333333; font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><span style="background-color: white;">How many times have you typed that, or called it up from command history?</span></span><br />
<span style="color: #333333; font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><span style="background-color: white;"><br /></span></span>
<span style="color: #333333; font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><span style="background-color: white;">There's a new utility I've discovered that, with one command, do better than that if you want a lean, clean system. And it claims to keep your Debian (Ubuntu) systems up to date and free from unused kernels, configurations, and cache. Here's what it does</span></span><br />
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span>
<br />
<ul style="background-color: white; color: #333333; margin: 0px 0px 20px 25px; padding: 0px;">
<li><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">Update all available packages</span></li>
<li><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">Update your Ubuntu system.</span></li>
<li><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">Download and install updates.</span></li>
<li><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">Check for the list of old Linux Kernels and uninstall them</span></li>
<li><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">Clear the apt cache folder</span></li>
<li><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">Uninstall packages that are obsolete and no longer needed</span></li>
<li><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">Uninstall orphaned packages</span></li>
<li><span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">Delete package settings (from software you have previously uninstalled)</span></li>
</ul>
<div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">To install:</span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;">sudo add-apt-repository ppa:utappia/stable</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;">sudo apt-get update</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;">sudo apt-get install ucaresystem-core</span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">To run:</span></div>
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;">sudo ucaresystem-core</span></div>
</div>
<div>
<br />
<div>
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;">Note that it may restart so if you're updating a server, plan for this.</span></div>
<br />
<div>
</div>
<br />
<div style="-webkit-text-stroke-width: 0px; color: black; font-family: "Times New Roman"; font-size: medium; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: normal; letter-spacing: normal; orphans: 2; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px;">
<div style="margin: 0px;">
<span style="font-family: "helvetica neue" , "arial" , "helvetica" , sans-serif;"><br /></span></div>
</div>
</div>
taivohttp://www.blogger.com/profile/04547364082682046408noreply@blogger.com0tag:blogger.com,1999:blog-5970342029594705293.post-83572327669157150532016-10-19T14:59:00.005-07:002016-10-19T15:01:35.223-07:00Powershell and 'net use' with ampersandSo I had to make a script to transfer some files over the network using Robocopy. And the password has an ampersand in it, so Robocopy parsed the password into a new command. D'oh!<br />
<br />
Some documents say prepend the & with ^ (^&). Some say surround in double quotes ("&"). The error message Powershell gives you is to wrap in double quotes. It even shows you an example! ("&")<br />
<br />
But it is wrong. In Powershell you have to wrap the ampersand in single quotes ('&').<br />
<br />
net use \\TO_DOMAIN_OR_IP\g$ /user:TODOMAIN\TOUSER pass'&'word<br />
robocopy c:\backups\folder\ \\TO_DOMAIN_OR_IP\c$\backups\ /Z /MIR<br />
<br />
Good luck!taivohttp://www.blogger.com/profile/04547364082682046408noreply@blogger.com0tag:blogger.com,1999:blog-5970342029594705293.post-66785661883435910562013-12-16T13:37:00.004-08:002013-12-16T13:37:41.099-08:00OSSEC Server System HardeningYour Intrusion Detection System is only as secure as the system it is build upon. From the official <a href="http://www.amazon.ca/gp/product/B001IKKE1Q/ref=as_li_tf_tl?ie=UTF8&camp=15121&creative=330641&creativeASIN=B001IKKE1Q&linkCode=as2&tag=my32bits-20">OSSEC Host-Based Intrusion Detection Guide</a><img alt="" border="0" height="1" src="http://ir-ca.amazon-adsystem.com/e/ir?t=my32bits-20&l=as2&o=15&a=B001IKKE1Q" style="border: none !important; margin: 0px !important;" width="1" />, the following are tips for hardening your server's OS:<br />
<br />
<blockquote class="tr_bq">
<br />
Some guidelines to remember for OSSEC HIDS server operating system hardening:
<br />
<ul class="itemizedlist">
<li class="first-listitem">
<div class="first-para" id="389-3">
The system must be dedicated to the OSSEC HIDS server and provide no other services to the network.</div>
</li>
<li class="listitem">
<div class="first-para" id="389-4">
Unnecessary software must never be installed on the server.</div>
</li>
<li class="listitem">
<div class="first-para" id="389-5">
All non-OSSEC HIDS ports must be blocked.</div>
</li>
<li class="listitem">
<div class="first-para" id="389-6">
If SSH access is required to the system, it must be restricted to other secure hosts.</div>
</li>
<li class="listitem">
<div class="first-para" id="389-7">
If used, the WUI must only be accessible from other secured hosts.</div>
</li>
<li class="listitem">
<div class="first-para" id="389-8">
The OSSEC HIDS server system must not be part of the main network authentication domain.</div>
</li>
<li class="listitem">
<div class="first-para" id="389-9">
All documented techniques for hardening the chosen operating system must be followed before installing the OSSEC HIDS.</div>
</li>
</ul>
<div class="para" id="389-10">
These suggestions are all intended as
preventative measures to reduce the risk of unauthorized access. They
also make rootkit and Trojan installation extremely difficult even
during a major incursion into your network.</div>
<div class="para" id="389-11">
There are many resources available for
system hardening. Thankfully, the OSSEC HIDS server does not run on
Windows platforms so system hardening is not complicated. Here are some
starting points for Linux system hardening:</div>
</blockquote>
<ul class="simple-list">
<li class="first-listitem"><blockquote>
<div class="first-para" id="389-12">
<a class="url" href="http://www.securityfocus.com/infocus/1539" target="_top">www.securityfocus.com/infocus/1539</a>
</div>
</blockquote>
</li>
<li class="listitem"><blockquote>
<div class="first-para" id="389-13">
<a class="url" href="http://www.ibm.com/developerworks/linux/library/l-seclnx1.html" target="_top">www.ibm.com/developerworks/linux/library/l-seclnx1.html</a>
</div>
</blockquote>
</li>
<li class="listitem"><blockquote>
<div class="first-para" id="389-14">
<a class="url" href="http://bastille-linux.sourceforge.net/" target="_top">http://bastille-linux.sourceforge.net/</a>
</div>
</blockquote>
</li>
</ul>
taivohttp://www.blogger.com/profile/04547364082682046408noreply@blogger.com0tag:blogger.com,1999:blog-5970342029594705293.post-67404254822987423432013-12-16T12:23:00.000-08:002013-12-16T13:24:15.219-08:00OSSEC RulesThere are a series of rules.xml files in /var/ossec/rules<br />
<br />
To customize rules, change only the local_rules.xml file.<br />
<br />
<blockquote class="tr_bq">
During the upgrade process, the scripts overwrite all rules files, except the <i class="emphasis">local_rules.xml</i> file.</blockquote>
<blockquote class="tr_bq">
Any user rule created to replace a preexisting OSSEC HIDS rule must contain the <i class="emphasis">overwrite="yes"</i> option within the rule.</blockquote>
<br />
Rules are applied as follows:<br />
-an Event is logged<br />
-Pre-Decoding is done on event <br />
-Decoding is done on event<br />
-Rule Matching is applied<br />
-Alerting is triggered, either to DB storage, to Email Alert, or to Active Response<br />
<br />
<h4>
Event</h4>
Sample logged event:<br />
<pre class="literallayout" id="295-3"> </pre>
<pre class="literallayout" id="295-3">Apr 14 17:32:06 linux_server sshd[1025]: Accepted password for dcid from
192.168.2.180 port 1618 ssh2</pre>
<pre class="literallayout" id="295-3"> </pre>
<h4>
Pre-Decoding</h4>
Extracts hostname, program_name, datestamp, and log message of event.<br />
<br />
<h4>
Decoding</h4>
Decoder options available:<br />
<br />
<table border="1" class="table" id="ch04table08"><tbody>
<tr valign="top"><td align="left" class="td"><div class="table-para" id="297-4">
<i class="emphasis">program_name</i>
</div>
</td><td align="left" class="td"><div class="table-para" id="297-5">
Executes the decoder if the <i class="emphasis">program_name</i> matches the syslog program name.</div>
</td>
</tr>
<tr valign="top">
<td align="left" class="td"><div class="table-para" id="297-6">
<i class="emphasis">prematch</i>
</div>
</td> <td align="left" class="td"><div class="table-para" id="297-7">
Executes the decoder if <i class="emphasis">prematch</i> matches any portion of the <i class="emphasis">log</i> field.</div>
<span class="beginpage"><a href="http://www.blogger.com/null" id="298" name="298"></a><a href="http://www.blogger.com/null" id="IDX-109" name="IDX-109"></a></span></td>
</tr>
<tr valign="top">
<td align="left" class="td"><div class="table-para" id="298-1">
<i class="emphasis">regex</i>
</div>
</td><td align="left" class="td"><div class="table-para" id="298-2">
Regular expression to specify where each field is.</div>
</td>
</tr>
<tr valign="top">
<td align="left" class="td"><div class="table-para" id="298-3">
<i class="emphasis">offset</i>
</div>
</td> <td align="left" class="td"><div class="table-para" id="298-4">
Attribute of regex. It can be <i class="emphasis">after_prematch</i> or <i class="emphasis">after_parent</i>. It essentially tells the regex where to start computing the expression.</div>
</td>
</tr>
<tr valign="top">
<td align="left" class="td"><div class="table-para" id="298-5">
<i class="emphasis">order</i>
</div>
</td><td align="left" class="td"><div class="table-para" id="298-6">
Order within the regular expression. It can be all the fields in the normalized event (<i class="emphasis">srcip, user</i>, <i class="emphasis">dstip, dstport, </i>etc.)</div>
</td>
</tr>
<tr valign="top">
<td align="left" class="td"><div class="table-para" id="298-7">
<i class="emphasis">parent</i>
</div>
</td> <td align="left" class="td"><div class="table-para" id="298-8">
Parent decoder that must be matched for this decoder to be called.</div>
</td></tr>
</tbody></table>
<br />
Example rule to extract user and srcip from sshd:<br />
<br />
<pre class="literallayout" id="300-5"><decoder name="sshd-test">
<program_name>sshd</program_name>
<regex>^Accepted \S+ for (\S+) from (\S+) port </regex>
<order>user, srcip</order>
</decoder></pre>
<br />
Extracts <span style="font-family: "Courier New",Courier,monospace;">dcid</span> as <span style="font-family: "Courier New",Courier,monospace;">user</span>, and <span style="font-family: "Courier New",Courier,monospace;">192.168.2.180</span><span style="font-family: "Courier New",Courier,monospace;"> </span>as <span style="font-family: "Courier New",Courier,monospace;">srcip</span> from sample event: <br />
<br />
<br />
<pre class="literallayout" id="299-2">Apr 14 17:32:06 linux_server sshd[1025]: Accepted password for dcid from
192.168.2.180 port 1618 ssh2</pre>
<br />
See /var/ossec/etc/decoder.xml for existing decoder examples.<br />
<br />
<h4>
Rule Matching </h4>
There are two kinds of OSSEC Rules: atomic and composite.<br />
<br />
<br />
<blockquote class="tr_bq">
<div class="first-para" id="375-2">
There are two types of OSSEC HIDS
rules: Atomic, which are based on single events without any correlation;
and Composite, which are based on multiple events.</div>
</blockquote>
<div class="first-para" id="375-2">
<br /></div>
Important note from manual:<br />
<br />
<blockquote class="tr_bq">
User-defined rules should range from 100,000 to 119,999. If you choose
any other ID, it might collide with the official ones from the OSSEC
HIDS project</blockquote>
<a href="http://www.ossec.net/doc/manual/rules-decoders/create-custom.html" target="_blank">Custom Decoders and Rules</a> <br />
<a href="http://www.ossec.net/doc/syntax/head_rules.html" target="_blank">OSSEC Rules syntax</a>.<br />
<a href="http://www.ossec.net/doc/manual/rules-decoders/rule-levels.html" target="_blank">Rule Alert levels</a><br />
<br />
<h4>
Alerting</h4>
<a href="http://www.ossec.net/doc/manual/output/index.html" target="_blank">OSSEC Output and Alert Options </a><br />
<br />
<a href="http://www.ossec.net/doc/manual/ar/index.html" target="_blank">Active Responses </a><br />
<br />taivohttp://www.blogger.com/profile/04547364082682046408noreply@blogger.com0tag:blogger.com,1999:blog-5970342029594705293.post-60542398987233798022013-12-16T10:29:00.000-08:002013-12-16T14:21:22.033-08:00OSSEC Agent ConfigurationThere are two files which manage configuration options, ossec.conf and agent.conf.<br />
<br />
ossec.conf is present on both server and agents, and agent.conf is a file you can create on the server to have configurations pushed out to clients, possibly based on agent host name or OS type.<br />
<br />
Default locations are /var/ossec/etc/ossec.conf, and /var/ossec/etc/shared/agent.conf<br />
<br />
<a href="http://www.ossec.net/doc/manual/agent/agent-configuration.html" target="_blank">Official Documentation is here.</a><br />
<br />
The OSSEC server manager only re-reads configuration files every few hours, so restarting the manager will push the configuration files more quickly. Once the configuration is pushed, run <span style="font-family: "Courier New", Courier, monospace;">agent_control </span>to ensure the configuration was pushed:<br />
<br />
<span style="font-family: "Courier New", Courier, monospace;">agent_control -i 002 #assuming 002 is the id of the agent</span> <br />
<br />
And then restart the agent remotely:<br />
<br />
<span style="font-family: "Courier New", Courier, monospace;">agent_control -R 002#assuming 002 is the id of the agent</span><br />
<span style="font-family: "Courier New", Courier, monospace;"><br /></span>
<span style="font-family: "Courier New", Courier, monospace;"><br /></span>
<span style="font-family: "Courier New", Courier, monospace;">Sample configuration sections:</span><br />
<h4>
File Integrity Monitoring</h4>
<pre><span class="nt"><agent_config os="Windows"></span>
<span class="nt"><syscheck></span>
<directories check_all="yes">C:\ossec_test</directories>
<scan_time>10am</scan_time>
<scan_day>friday</scan_day>
<frequency>360</frequency></pre>
<pre> <span class="nt"></</span><span class="nt"><span class="nt">syscheck</span>></span>
<span class="nt"></agent_config></span></pre>
<br />
<blockquote class="tr_bq">
<div class="first-para" id="390-6">
Note: All queries are recursive, so only the
directory must be specified. You do not need to specify all the files
within the directory to monitor the directory contents.</div>
</blockquote>
<br />
<br />
To run syscheck manually on all agents:<br />
<br />
<pre> /var/ossec/bin/agent_control -r -a </pre>
<br />
To run syscheck manually on agent 002:<br />
<pre> </pre>
<pre> /var/ossec/bin/agent_control -r -u 002 </pre>
<h4>
Rootkit Detection</h4>
<pre><span class="nt"><agent_config</span> <span class="na">name=</span><span class="s">"agent1"</span><span class="nt">></span>
<span class="nt"><rootcheck></span>
<span class="nt"><location></span>/var/log/my.log<span class="nt"></location></span>
<span class="nt"><log_format></span>syslog<span class="nt"></log_format></span>
<span class="nt"></</span><span class="nt"><span class="nt">rootcheck</span>></span>
<span class="nt"></agent_config></span></pre>
<h4>
Log Analysis</h4>
<br />
<pre><span class="nt"><agent_config os="Linux"></span>
<span class="nt"><localfile></span>
<span class="nt"><location></span>/var/log/my.log<span class="nt"></location></span>
<span class="nt"><log_format></span>syslog<span class="nt"></log_format></span>
<span class="nt"></localfile></span>
<span class="nt"></agent_config></span></pre>
taivohttp://www.blogger.com/profile/04547364082682046408noreply@blogger.com0tag:blogger.com,1999:blog-5970342029594705293.post-84852444982879919662013-12-12T15:08:00.001-08:002013-12-13T11:19:50.917-08:00OSSEC Installation Tutorial for File Integrity Montoring<h3>
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;">Intro </span></h3>
<br />
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;">We have used <a href="https://launchpad.net/osiris" target="_blank">Osiris File Integrity Monitor</a> for several years at work, to satisfy <a href="https://www.pcisecuritystandards.org/documents/PCI_DSS_v3.pdf" target="_blank">PCI DSS Section 11.5</a>. (<a href="https://www.pcisecuritystandards.org/" target="_blank">PCI Compliance</a>, or Payment Card Industry Compliance, is something your business has to achieve to process credit card payments, and includes rules your business must follow. See <a href="https://www.pcisecuritystandards.org/" target="_blank">here</a>.) It has worked well, but lately we have noticed Osiris processes running out-of-control and pinning the CPU on our production servers. We have used compensating controls to produce an <a href="http://en.wikipedia.org/wiki/Intrusion_detection_system" target="_blank">Intrusion Detection System</a>, as commercial packages such as <a href="http://en.wikipedia.org/wiki/Tripwire" target="_blank">Tripwire</a>, though very good, are very costly (like $30K/year). Osiris has not been under active development since 2007. I updated the fine open-source code and compiled new agents to install on Windows 7 computers, and have happily shared this with many people over the years who discover and decide to use this software. However old, it worked. But it's time to move on...</span><br />
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;"><br /></span>
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;">Still budget-constrained, our organization has decided to go with <a href="http://www.ossec.net/" target="_blank">OSSEC</a>. the Open Source SECurity Host-based Intrusion Detection System. We're just getting started with the File Integrity Monitoring part, but OSSEC also performs log analysis, policy monitoring, real-time alerting and active response. All big-ticket items in PCI Compliance. It will also do rootkit detection, which is a bonus.</span><br />
<br />
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;">Following are some notes on how to get your <a href="http://en.wikipedia.org/wiki/File_integrity_monitoring" target="_blank">File Integrity Monitoring (FIM)</a> set up. OSSEC server requires a *nix system, while client agents are available for PC/Linux/Mac/BSD/Solaris. </span><br />
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;"><br /></span>
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;">I will set up the OSSEC server on an Ubuntu Server 12.04 (LTS) VM running in VMPlayer, connected to my Windows 7 box. Our production environment is 100% Windows, so we will need a separate *nix server to use this software. Going forward, using OSSEC will be worth it as we use more features of OSSEC to satisfy our PCI Compliance needs.</span><br />
<br />
<h3>
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;">Instructions</span></h3>
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;">This tutorial assumes you are doing this on a Windows machine, and running the test VM on this machine.</span><br />
<br />
<h4>
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;">Prepare the VM</span></h4>
<br />
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;">Download the following files:</span><br />
<ul>
<li><span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;"><a href="https://my.vmware.com/web/vmware/free#desktop_end_user_computing/vmware_player/6_0" target="_blank">VMWare Player 6.0</a></span></li>
<li><a href="http://www.ubuntu.com/download/server" target="_blank"><span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;">Ubuntu Server 12.04 (LTS)</span></a></li>
<li><span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;"><a href="http://www.ossec.net/files/ossec-agent-win32-2.7.1.exe" target="_blank">OSSEC v2.7.1 agent</a> executable for Windows</span></li>
</ul>
<br />
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;">Download VMWare Player and Ubuntu Server iso.</span><br />
Install VMWare Player.<br />
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;">Open VMWare Player, create a new VM. Select Ubuntu, select the iso file you downloaded.</span><br />
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;">Boot into the Ubuntu VM.</span><br />
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;">Install gcc:</span><br />
<br />
<span style="font-family: "Courier New",Courier,monospace;"> sudo apt-get install gcc make </span><br />
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;"><br /></span>
<br />
<h4>
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;">Install OSSEC</span></h4>
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;"><br /></span>
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;">Get OSSEC:</span><br />
<br />
<span style="font-family: "Courier New",Courier,monospace;"> wget http://www.ossec.net/files/ossec-hids-2.7.1.tar.gz</span><br />
<span style="font-family: "Courier New",Courier,monospace;"> wget http://www.ossec.net/files/ossec-hids-2.7.1-checksum.txt</span><br />
<span style="font-family: "Courier New",Courier,monospace;"> wget http://www.ossec.net/files/ossec-agent-win32-2.7.1.exe </span><br />
<span style="font-family: "Courier New",Courier,monospace;"> wget http://www.ossec.net/files/ossec-agent-win32-2.7.1-checksum.txt</span><br />
<br />
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;">Unpack and verify file intergrity:</span><br />
<br />
<span style="font-family: "Courier New",Courier,monospace;"> cat ossec-hids-2.7.1-checksum.txt</span><br />
<span style="font-family: "Courier New",Courier,monospace;"> [this will show the MD5 and SHA1 hash values] </span><br />
<span style="font-family: "Courier New",Courier,monospace;"> sha1sum ossec-hids-2.7.1.tar.gz</span><br />
<span style="font-family: "Courier New",Courier,monospace;"> [this will show the SHA1 hash value of the file, can do same with md5sum] </span><br />
<span style="font-family: "Courier New",Courier,monospace;"> tar xzvf ossec-hids-2.7.1.tar.gz</span><br />
<br />
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;">Compile source:</span><br />
<br />
<span style="font-family: "Courier New",Courier,monospace;"> cd ossec-hids-2.7.1/</span><br />
<span style="font-family: "Courier New",Courier,monospace;"> sudo ./install.sh</span><br />
<br />
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;"><span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;">Once installed, run:</span></span><br />
<br />
<span style="font-family: "Courier New",Courier,monospace;"> /var/ossec/bin/./ossec-control start </span> <br />
<br />
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;">Accept the defaults, but enter your own email address and a valid smtp server. See bottom half of <a href="http://ryansechrest.com/2012/08/how-to-install-and-configure-ossec-to-monitor-the-integrity-of-your-website-server/2/" target="_blank">this page</a> if you are uncertain.</span><br />
<br />
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;">You can verify what's running with:</span><br />
<br />
<span style="font-family: "Courier New",Courier,monospace;"> /var/ossec/bin/ossec-control status</span><br />
<br />
<h4>
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;">Install OSSEC Agent</span></h4>
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;"> On the Windows host, run the downloaded ossec-agent-win32-2.7.1.exe</span><br />
<br />
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;">Once installed, run the app. It will ask for the server IP and key values.</span><br />
<br />
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;">Back on the Ubuntu server VM, you can get the IP with:</span><br />
<br />
<span style="font-family: "Courier New",Courier,monospace;"> ifconfig</span><br />
<br />
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;">There will be an IP listed under the "eth0" section, second line, 'inet addr:' Enter this in the "</span><span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;"><span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;">OSSEC Server IP"</span> input field in the OSSEC Agent Manager GUI on the Windows Host.</span><br />
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;"><br /></span>
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;">On the Ubuntu server VM:</span><br />
<br />
<span style="font-family: "Courier New",Courier,monospace;"> /var/ossec/bin/./manage-agents </span><br />
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;"><br /></span>
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;">Here you can List your Agents, Add/Delete Agents, and get existing Keys. </span><br />
<br />
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;">Select (A) Add an agent.</span><br />
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;">Give a descriptive name for the host Agent.</span><br />
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;">Give the IP of the host (in Windows, open Powershell and type:<span style="font-family: "Courier New",Courier,monospace;"> ipconfig. </span>Use the IPv4 Address that is listed under the section "Ethernet adapter VMWare Network Adapter VMnet1:").</span><br />
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;">Accept the default Agent ID.</span><br />
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;">Confirm.</span><br />
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;"><br /></span>
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;">Select (E) Extract key for an agent.</span><br />
<br />
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;">Enter this key into the "Authentication Key" input field in the OSSEC Agent Manager GUI on the Windows Host.</span><br />
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;"><br /></span>
<br />
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;">(Reference: <a href="http://www.ossec.net/doc/manual/agent/agent-management.html" target="_blank">OSSEC Manual, Working With Agents</a>)</span>
<br />
<h4>
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;">Edit ossec.conf</span></h4>
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;">On the Ubuntu server VM, copy then open the configuration file:</span><br />
<br />
<span style="font-family: "Courier New",Courier,monospace;"> sudo mv /var/ossec/etc/ossec.conf /var/ossec/etc/ossec-BACKUP.conf</span><br />
<span style="font-family: "Courier New",Courier,monospace;"> sudo vi /var/ossec/etc/ossec.conf</span><br />
<br />
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;">Below the <span style="font-family: "Courier New",Courier,monospace;"><global> </span>section, add:</span><br />
<br />
<span style="font-family: "Courier New",Courier,monospace;"><email_alerts></span><br />
<span style="font-family: "Courier New",Courier,monospace;"><email_to>YourEmailAddressHere</email_to></span><br />
<span style="font-family: "Courier New",Courier,monospace;"><rule_id>550, 553, 554</rule_id></span><br />
<span style="font-family: "Courier New",Courier,monospace;"><!-- monitor rules: 550 changes, 553 deleted, 554 added --></span><br />
<span style="font-family: "Courier New",Courier,monospace;"></email_alerts></span><br />
<br />
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;">In the <span style="font-family: "Courier New",Courier,monospace;"><syscheck> </span>section, you can enter types of files to ignore, for example:</span><br />
<br />
<span style="font-family: "Courier New",Courier,monospace;"><ignore type="sregex">.jpg$|.jpeg$</ignore></span><br />
<br />
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;">Read through the rest of the config file, it will be self-explanatory where to add directories to monitor or skip.</span><br />
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;"><br /></span>
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;">The rules to monitor changes (550) and deletions (553) are pre-defined. T<a href="http://www.ossec.net/doc/manual/syscheck/index.html#id8" target="_blank">o add the rule to create an alert for new files</a> (554):</span><br />
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;"><br /></span>
<span style="font-family: "Courier New",Courier,monospace;"> sudo vi /var/ossec/rules/local-rules.xml</span><br />
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;"><br /></span>
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;">Under <span style="font-family: "Courier New",Courier,monospace;"><rule id="100001" ...></span>, enter:</span><br />
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;"><br /></span>
<span style="font-family: "Courier New",Courier,monospace;"><rule id="554" level="7" overwrite="yes"></span><br />
<span style="font-family: "Courier New",Courier,monospace;"><category>ossec</category></span><br />
<span style="font-family: "Courier New",Courier,monospace;"><decoded_as>syscheck_new_entry</decoded_as></span><br />
<span style="font-family: "Courier New",Courier,monospace;"><description>Added file to system.</description></span><br />
<span style="font-family: "Courier New",Courier,monospace;"><group>syscheck,</group> </span><br />
<span style="font-family: "Courier New",Courier,monospace;"></rule></span><br />
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;"><br /></span>
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;">Restart OSSEC for rules to apply:</span><br />
<br />
<span style="font-family: "Courier New",Courier,monospace;"> /var/ossec/bin/ossec-control restart</span><br />
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;"><br /></span>
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;">Add firewall rules on Windows for UDP Port 1514.</span><br />
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;"><br /></span>
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;">IP Tables will be wide open on the Ubuntu server. To lock it down, <a href="https://www.digitalocean.com/community/articles/how-to-set-up-a-firewall-using-ip-tables-on-ubuntu-12-04" target="_blank">this is a nice summary</a> of what you can do. Before the final rule to block all remaning traffic, I added:</span><br />
<br />
<span style="font-family: "Courier New",Courier,monospace;">#allow pings:<br />sudo iptables -A INPUT -p icmp -j ACCEPT<br />#ossec port</span><br />
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;"><span style="font-family: "Courier New",Courier,monospace;">sudo iptables -A INPUT -p udp -–dport 1514 -j ACCEPT</span></span><br />
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;"><br /></span>
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;">Hook this up to scheduling and reporting, depending on your needs.</span><br />
<br />
<h4>
<span style="font-family: Arial,Helvetica,sans-serif;">More Info</span></h4>
<a href="http://tonyonsecurity.com/2012/10/09/ossec-agent-to-server-connection-issues/" target="_blank">Agent to Server Connection Issues</a><br />
<a href="http://www.ossec.net/doc/manual/output/index.html" target="_blank">Alert Options</a> <br />
<a href="https://groups.google.com/forum/#!forum/ossec-list" target="_blank">OSSEC Google Group</a><br />
<a href="http://www.ossec.net/doc/manual/syscheck/index.html" target="_blank">Syscheck File Integrity Monitoring</a><br />
<a href="http://www.amazon.ca/gp/product/B001IKKE1Q/ref=as_li_tf_tl?ie=UTF8&camp=15121&creative=330641&creativeASIN=B001IKKE1Q&linkCode=as2&tag=my32bits-20">OSSEC Host-Based Intrusion Detection Guide</a><img alt="" border="0" height="1" src="http://ir-ca.amazon-adsystem.com/e/ir?t=my32bits-20&l=as2&o=15&a=B001IKKE1Q" style="border: none !important; margin: 0px !important;" width="1" /><br />
<a href="http://www.ossec.net/doc/programs/agent_control.html#agent-control" target="_blank">Agent Control</a> <br />
<br />
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;">Happy Intrusion Detection and File Monitoring!</span><br />
<br />
<span style="font-family: "Helvetica Neue",Arial,Helvetica,sans-serif;"><br /></span>taivohttp://www.blogger.com/profile/04547364082682046408noreply@blogger.com0tag:blogger.com,1999:blog-5970342029594705293.post-81510391296233715762013-12-03T17:20:00.001-08:002013-12-12T15:09:15.397-08:00Skype Ubuntu Default BrowserI've got <a href="http://www.linuxmint.com/" target="_blank">Linux Mint Nadia</a>, which is basically <a href="http://www.ubuntu.com/" target="_blank">Ubuntu</a>, which is built on <a href="http://www.debian.org/" target="_blank">Debian</a>. Using the Desktop GUI I set my default browser, but <a href="http://www.skype.com/en/download-skype/skype-for-computer/" target="_blank">Skype</a> didn't seem to want to honour that request. So a quick check with <a href="http://linux.die.net/man/8/update-alternatives" target="_blank">update-alternatives</a> showed me the way.<br />
<br />
Just open a terminal and type in:<br />
<br />
<span style="font-family: Courier New, Courier, monospace;">$ sudo update-alternatives --config x-www-browser</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">There are 3 choices for the alternative x-www-browser (providing /usr/bin/x-www-browser).</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"> Selection Path Priority Status</span><br />
<span style="font-family: Courier New, Courier, monospace;">------------------------------------------------------------</span><br />
<span style="font-family: Courier New, Courier, monospace;"> 0 /usr/bin/epiphany-browser 85 auto mode</span><br />
<span style="font-family: Courier New, Courier, monospace;">* 1 /usr/bin/chromium-browser 40 manual mode</span><br />
<span style="font-family: Courier New, Courier, monospace;"> 2 /usr/bin/epiphany-browser 85 manual mode</span><br />
<span style="font-family: Courier New, Courier, monospace;"> 3 /usr/bin/firefox 40 manual mode</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">Press enter to keep the current choice[*], or type selection number: 2</span><br />
<br />
$<br />
<br />
It was set on Epiphany, I selected <a href="http://www.chromium.org/Home" target="_blank">Chromium</a>. You can select whatever you want. Skype will fall in line. Hope this helps.<br />
<br />taivohttp://www.blogger.com/profile/04547364082682046408noreply@blogger.com0tag:blogger.com,1999:blog-5970342029594705293.post-16760166865159385932013-09-08T11:49:00.001-07:002013-09-08T11:52:57.413-07:00Oracle JDK install on Ubuntu for Android Studio# Android Studio recommends Oracle JDK over Ubuntu default<br />
# Here are the steps to install Oracle JDK and make if default jvm<br />
<br />
# go download the JDK from Oracle, then unpack<br />
tar xzvf ~/Downloads/jdk-7u25-linux-x64.tar.gz<br />
<br />
# make jvm directory, if necessary<br />
sudo mkdir /usr/lib/jvm<br />
<br />
# move the JDK there<br />
sudo mv jdk1.7.0_25/ /usr/lib/jvm/<br />
<br />
# set permissions<br />
sudo chmod a+x /usr/bin/java<br />
sudo chmod a+x /usr/bin/javac<br />
sudo chmod a+x /usr/bin/javaws<br />
sudo chown -R root:root /usr/lib/jvm/jdk1.7.0<br />
<br />
# install with update-alternatives<br />
sudo update-alternatives --install /usr/bin/java java /usr/lib/jvm/jdk1.7.0_25/bin/java 1<br />
sudo update-alternatives --install /usr/bin/javac javac /usr/lib/jvm/jdk1.7.0_25/bin/javac 1<br />
sudo update-alternatives --install /usr/bin/javaws javaws /usr/lib/jvm/jdk1.7.0_25/bin/javaws 1<br />
<br />
# select the oracle java version for each command below<br />
sudo update-alternatives --config java<br />
sudo update-alternatives --config javac<br />
sudo update-alternatives --config javaws<br />
<br />
# make sure it worked<br />
java -version<br />
<div>
<br />
# make it work in firefox plugin<br />
sudo ln -s /usr/lib/jvm/jdk1.7.0/jre/lib/amd64/libnpjp2.so ~/.mozilla/plugins/<br />
# N.B. you can link libnpjp2.so to /usr/lib/firefox/plugins/ for a system wide installation<br />
# Src: <a href="http://askubuntu.com/questions/55848/how-do-i-install-oracle-java-jdk-7">http://askubuntu.com/questions/55848/how-do-i-install-oracle-java-jdk-7</a></div>
taivohttp://www.blogger.com/profile/04547364082682046408noreply@blogger.com0tag:blogger.com,1999:blog-5970342029594705293.post-72565585367322194012013-01-29T21:33:00.000-08:002013-02-06T19:14:29.148-08:00ADT Eclipse in Linux Mint 14Steps to install Android SDK and Eclipse on Linux Mint 14 Maya (which is built on Ubuntu 12.10) x64<br />
<br />
1. Download the <a href="http://developer.android.com/sdk/index.html#download" target="_blank">Android SDK</a>.<br />
2. Download <a href="http://www.eclipse.org/downloads/" target="_blank">Eclipse Juno for Mobile.</a><br />
[do following commands as <span style="font-family: "Courier New",Courier,monospace;">sudo</span>] <br />
3. Copy the tar files into /opt<br />
4. <span style="font-family: "Courier New",Courier,monospace;">tar xzvf [eclipseJuno.tgz]</span><br />
5. <span style="font-family: "Courier New",Courier,monospace;">chown -R <username:username> eclipse</span><br />
[where username is YOUR username]<br />
6. <span style="font-family: "Courier New",Courier,monospace;">tar xzvf [adt-bundle-linux-x86_64.tgz]</span><br />
7. <span style="font-family: "Courier New",Courier,monospace;">chown -R <username:username> </span><span style="font-family: "Courier New",Courier,monospace;"><span style="font-family: "Courier New",Courier,monospace;">adt-bundle-linux-x86_64</span> </span><br />
[where username is YOUR username]<br />
8. <span style="font-family: "Courier New",Courier,monospace;">cd /opt/</span><span style="font-family: "Courier New",Courier,monospace;"><span style="font-family: "Courier New",Courier,monospace;">adt-bundle-linux-x86_64/sdk</span>/tools</span><br />
9. <span style="font-family: "Courier New",Courier,monospace;">run Android SDK Manager with./android </span><br />
[get out of <span style="font-family: "Courier New",Courier,monospace;">sudo</span>]<br />
<br />
start eclipse<br />
Help > New Software > Add<br />
"adt" : https://dl-ssl.google.com/android/eclipse/<br />
<br />
select "Developer Tools" and install<br />
<br />
restart Eclipse,<br />
Window > Preferences > Android<br />
"/opt/<span style="font-family: "Courier New",Courier,monospace;"><span style="font-family: "Courier New",Courier,monospace;">adt-bundle-linux-x86_64"</span></span><br />
<br />
test.<br />
<br />
To add ADT tools to PATH, add the following to .profile, bashrc, or /etc/profile :<br />
<br />
<br />
<span style="font-family: "Courier New",Courier,monospace;">PATH="$PATH:/opt/</span><span style="font-family: "Courier New",Courier,monospace;"><span style="font-family: "Courier New",Courier,monospace;"><span style="font-family: "Courier New",Courier,monospace;">adt-bundle-linux-x86_64/sdk</span></span>/tools/:/opt/</span><span style="font-family: "Courier New",Courier,monospace;"><span style="font-family: "Courier New",Courier,monospace;"><span style="font-family: "Courier New",Courier,monospace;">adt-bundle-linux-x86_64/sdk</span></span>/platform-tools"</span><br />
<br />
Then dive into the <a href="http://developer.android.com/tools/index.html" target="_blank">Official Android Docs</a>!<br />
<br />
Thanks to <a href="http://blog.markloiseau.com/2012/07/install-eclipse-juno-and-android-sdk-on-ubuntu/" target="_blank">Mark Louiseau</a> for these instructions.taivohttp://www.blogger.com/profile/04547364082682046408noreply@blogger.com0tag:blogger.com,1999:blog-5970342029594705293.post-18358358396939229192012-07-09T16:19:00.002-07:002012-07-09T16:21:07.515-07:00SSH into EC2 server<span style="font-family: verdana, arial, sans-serif; font-size: 12px; line-height: 18px;">Here's how to mount a remote filesystem and use it as if it were local, using sshfs in bash to an EC2 server using a pem file (note: replaceable options in CAPS_AND_UNDERSCORES):</span><br />
<br />
<span style="font-family: 'Courier New', Courier, monospace;"><span style="font-size: 12px; line-height: 18px;">mkdir <MY_PATH></span><br style="font-size: 12px; line-height: 18px;" /><br style="font-size: 12px; line-height: 18px;" /><span style="font-size: 12px; line-height: 18px;">sshfs -o IdentityFile=<PATH_TO_PEM_FILE> EC2_USERNAME@<EC2_IP_OR_DOMAIN_NAME>:/<OPTIONAL_FOLDER_PATH> </span><span style="font-size: 12px; line-height: 18px;"><MY_PATH></span></span><br />
<span style="font-family: 'Courier New', Courier, monospace;"><span style="font-size: 12px; line-height: 18px;"><br /></span></span><br />
<span style="font-family: verdana, arial, sans-serif; font-size: 12px; line-height: 18px;">This will mount the remote filesystem to </span><span style="font-size: 12px; line-height: 18px;"><span style="font-family: 'Courier New', Courier, monospace;"><MY_PATH></span></span><span style="font-family: verdana, arial, sans-serif; font-size: 12px; line-height: 18px;"> and allow you to do your file transfers. Of course permissions still matter, so keep those in mind if you start having write-protect errors.</span><br />
<span style="font-family: verdana, arial, sans-serif;"><span style="font-size: 12px; line-height: 18px;"><br /></span></span><br />
<span style="background-color: white; font-family: verdana, arial, sans-serif; font-size: 12px; line-height: 18px;">To unmount from the remote filesystem:</span><br />
<br />
<span style="font-size: 12px; line-height: 18px;"><span style="font-family: 'Courier New', Courier, monospace;">umount <MY_PATH></span></span>taivohttp://www.blogger.com/profile/04547364082682046408noreply@blogger.com0tag:blogger.com,1999:blog-5970342029594705293.post-1421482959945734312012-06-29T09:49:00.000-07:002012-07-02T03:37:08.652-07:00jQuery Conference 2012 San FranciscoJohn Resig created something amazing 6 years ago.<br />
<br />
A javascript library that would reduce the pain of programming websites; that would on all browsers. Instead of writing and maintaining separate branches of code to run in different browsers, developers could write one version of their javascript that would <i>just work</i>.<br />
<br />
For anyone who's had to debug cross-browser issues, this was like showing us the path to <span style="font-family: "Courier New",Courier,monospace;">The Promised Land</span>.<br />
<br />
Throw in some syntactic sugar, add convenience methods, and add some pretty awesome tools to handle asynchronous programming challenges, and you have <i style="font-family: "Courier New",Courier,monospace;">jQuery</i> only 6 years later -- the de facto javascript library for every browser and every platform<br />
<br />
Today, I'm at the second day of <i style="font-family: "Courier New",Courier,monospace;">jQuery</i> Conference 2012 in San Francisco with 600 fellow coders. After a marathon day yesterday that went on until the hackathon ended at 10pm, here's some of the highlights:<br />
<br />
<ul>
<li><i style="font-family: "Courier New",Courier,monospace;">jQuery</i> 1.9 will be released in early 2013</li>
<li><i style="font-family: "Courier New",Courier,monospace;">jQuery </i>2.0 will be released in early 2013</li>
<li>what's the difference? Well, 2.0 no longer supports IE6, IE7 or IE8! It is promised to be smaller, faster, and smarter. Need to support IE6/7/8? Keep using 1.9. The API's will be identical, so you can simply conditionally load 1.9 or 2.0.</li>
<li>thanks to shorter codepaths to <span style="font-family: "Courier New",Courier,monospace;">querySelectorAll</span> and <span style="font-family: "Courier New",Courier,monospace;">matchesSelector</span>, the <i style="font-family: "Courier New",Courier,monospace;">Sizzle </i>selector engine has made a 5-10% improvement in overall speed, which is great, because that's where most time is spent.</li>
<li><i style="font-family: "Courier New",Courier,monospace;">Sizzle</i>'s<span style="font-family: "Courier New",Courier,monospace;"> find('#byId')</span> function has achieved a 300% improvement in speed! </li>
<li>might be wrong here, but I think that it's the node.js grunt build system that is used to slim down the <span style="font-family: "Courier New",Courier,monospace;">jQuery.js</span> file so you can removed modules that you don't use; anyways, documentation is in the README</li>
<li>on that note, there's some improved support for hand-rolling customized versions of <i style="font-family: "Courier New",Courier,monospace;">jQuery</i> so you can weed out what you don't need. Be sure to check out the alpha at <a href="http://jquerymobile.com/download-builder">http://jquerymobile.com/download-builder</a> to hand-roll your own <span style="font-family: "Courier New",Courier,monospace;">jQueryMoble.js</span> file. Modularity!</li>
<li><i style="font-family: "Courier New",Courier,monospace;">jQueryMobile</i> has faster listviews, and a new highly flexible popup <span style="font-family: "Courier New",Courier,monospace;">data-role</span></li>
<li><i style="font-family: "Courier New",Courier,monospace;">jQuery-ui</i> 1.9 will have an accordion, autocomplete, tabs, better menu items, tooltips, and a spinner (numerical chooser)</li>
</ul>
<br />
Finally, consider joining the <i style="font-family: "Courier New",Courier,monospace;">jQuery </i>Foundation. As we all know, free software isn't really free, and a buck or two from each of us 7,000,000 developers who visit <a href="http://jquery.org/">http://api.jquery.org</a> each month surely get a boost in their daily productivity at work, so why not give back a bit?<br />
<br />
Or, better yet, convince your boss to pay for it and plant a cool <i style="font-family: "Courier New",Courier,monospace;">jQuery </i>sponsor icon on your website.taivohttp://www.blogger.com/profile/04547364082682046408noreply@blogger.com0tag:blogger.com,1999:blog-5970342029594705293.post-1528120009996307772012-06-04T00:58:00.001-07:002012-06-04T00:58:07.348-07:00Lenovo W520 Thinkpad ReviewI bought this laptop a few months ago, mainly because of its full-sized keyboard and its reputation for quality. Here's some notes if you're considering one.<br />
<br />
First, a few details. I got a dual-drive RAID-ed model, with the second drive in the DVD drive bay. It's got a quad-core i7, and takes up to 32GB of RAM. Crazy. I ordered it with 4GB of RAM, and bumped it up to 16GB of RAM after purchase. 32GB is a crazy amount of memory, and those 8GB sticks are quite expensive right now. I did splurge for a 128GB SSD drive that fits into a peripheral mSata slot, once shipped to Canada it was about $200. I renstalled Windows 7 on it and it smokes.<br />
<br />
The biggest problem I have with Windows 7 on this machine is that it often fails to come out of sleep mode. I'll be moving to a Debian Linux very soon, though I'm not confident this problem will disappear.<br />
<br />
The biggest plus is that with the SSD, the battery lasts eight hours. The screen is great. The keyboard is awesome, though I can't understand why the lower left corner <i>Fn</i> and <i>Ctrl</i> keys are reversed (there is even a BIOS option to revert these to normal). Some sort of IBM legacy strangeness happening here. <br />
<br />
The weirdest feature is how much the battery sticks out of the back of the machine, a full inch. It hasn't really been a problem for me, but it is something to pay attention to when buying a sleeve or bag.<br />
<br />
The fan hardly ever comes on, and my hard drives hardly ever spin, because I'm working off the SSD the majority of the time. I've read complaints about fan noise and heat, but I have not experienced any of this. Quite the opposite, it's cool and quiet. (Disclosure: last laptop a Dell 6400 15.4", for about 7 years, and my only laptop. Loved it, replaced the mousepad and three keyboards, but it still works fine. Though it never bothered me the Dell got hot and the fan blew often.)<br />
<br />
In time, I imagine I'll replace the two RAID-ed spinning drives with SSDs, but I've put enough money into it for now. I feel like the capacity of this machine has me ready for another decade of laptop computing, and I am quite happy with my purchase.<br />
<br />
I have read some negative reviews of Lenovo products, and the W520 in particular, before I purchased it, so just wanted to put this out there. I'm not a fanboy or an employee, just a programmer who was looking for a kick-ass machine. In my opinion, the W520 is it.taivohttp://www.blogger.com/profile/04547364082682046408noreply@blogger.com0tag:blogger.com,1999:blog-5970342029594705293.post-53291298716757823522012-03-11T20:15:00.003-07:002012-03-11T20:27:09.551-07:00Thinkpad W520 x64 install USB3.0<b><u>Summary</u>:</b> <i>Steps to ThinkPad Windows7 clean install through USB3.0 port. </i><br />
<br />
I decided to upgrade laptops, and since I want to run a few VMs and I also want to see what all the SSD craze is all about, I ended up getting a ThinkPad W520. Quad core hyperthreaded to eight virtual cores with an Intel i7, capable of holding 32GB of RAM in 4 slots, and also able to hold an mSATA SSD drive to run your OS. Geek heaven, I'm sold. I upgrade the networking card, add bluetooth, and decide to forego the optical drive so I can have RAID 1 data protection (that's two mirrored hard drives, with one in a caddy where the DVD drive usually goes).<br />
<br />
I make the backup recovery disks with the ThinkVantage tool, and then I decide to test the backup, figuring I have no data to lose. Good thing, since the recovery utility seems to work but after using it I boot into a black screen. Re-attempts to use the recovery disk all end in black screen. My brand new ThinkPad is dead.<br />
<br />
No big deal, I think, I'll just do a clean install and forget about the Lenovo recovery partitions, since I'll dual boot this with Linux anyhow. So I burn Windows7 to a bootable USB, and during Windows install get "a CD/DVD drive device driver is missing" error. Most people who get this recreate their install DVD or USB, and it works the second time, so I think it must be a corrupted install disk. But every time I attempt to reinstall Windows7 from a fresh bootable USB key, I get the "CD/DVD drive device driver is missing" error. There is some talk of creating an x64 boot drive on a 32-bit machine. I download bootsect.exe and put it in the <a href="http://www.microsoftstore.com/store/msstore/html/pbPage.Help_Win7_usbdvd_dwnTool" target="_blank">Windows bootable USB tool</a> directory as advised, but still no luck.<br />
<br />
Others say to switch the USB port around if this fails until it works. See, most people have a combination of USB2.0 and USB3.0 ports on their machines. So if they get this error, they move the USB plug around until they hit a USB2.0 port, and the install proceeds swimmingly. Not the W520. All ports are USB3.0. And it turns out that the Windows7 installation disk does not have USB3.0 drivers.<br />
<br />
So after many hours of fiddling, I had to make a custom Windows install disk. Here's what worked for me:<br />
<br />
<ul>
<li>download the beta of <a href="http://www.rt7lite.com/downloads.html" target="_blank">RT Seven Lite</a> for your architecture. I am on x86 so 32-bit, although I am making x64 boot disk. </li>
<li>install RT7Lite</li>
<li>Lenovo has a <a href="http://download.lenovo.com/ibmdl/pub/pc/pccbbs/mobiles/8ay205ww.exe" target="_blank">USB3.0 driver</a> you'll need, and a <a href="http://download.lenovo.com/ibmdl/pub/pc/pccbbs/mobiles/8aw217ww.exe" target="_blank">WLAN driver</a>
(or maybe Ethernet if you're going to hard-wire your network
connection) that are the minimums you'll need. Run the <span style="font-family: "Courier New",Courier,monospace;">.exe</span> files, and accept the default folders of just
put them into the same folder you used just above. It will extract the
files, and then say done, with an option to install the drivers. Uncheck
the checkbox and click finish. </li>
<li>start up RT7Lite from your desktop. Click the "browse" button, point it to your Win7 ISO (if you only have an <span style="font-family: "Courier New",Courier,monospace;">IMG</span> file, rename it's extension to <span style="font-family: "Courier New",Courier,monospace;">.iso</span>), and then point it to a folder to store some temporary files in. Let it do it's stuff for a while. Then select the "Integration" checkbox. Click on the "Integration" button on the left, then select "Add" and add drivers. Now navigate to the folders that the two drivers you just downloaded and uncompressed are in. There should be two <span style="font-family: "Courier New",Courier,monospace;">.inf</span> files in the USB3.0 driver folder (<span style="font-family: "Courier New",Courier,monospace;">\x64\</span>), and two <span style="font-family: "Courier New",Courier,monospace;">.inf</span> files in the WLAN driver folder (<span style="font-family: "Courier New",Courier,monospace;">\Win7\S64\Drivers\</span>). "Add" the four files to RT7Lite. </li>
<li>click on the Apply button, then on Commit. Let the app do its magic. This takes a long time, and the progress hangs. Once it's done there will be a green checkmark next to the "Finished" stage.</li>
<li>at the end, click on the ISO-Bootable button on the left, and then
burn it to a medium. At this point, if you are on a 32-bit system, you will have to burn a DVD image, then hook up the DVD with some external wires which you can get for $20 from the computer shoppe. (This is what I did) A 32-bit system with the USB option fails at this point with an x64 warning. If you can do all this stuff on a 64-bit system, you can make the USB. 64-bit machiens can select Mode "USB Bootable", and select your connected USB Device. Click on USB button. </li>
<li>whichever option you choose, this will take a while.</li>
<li>meanwhile, <a href="http://download.lenovo.com/ibmdl/pub/pc/pccbbs/thinkvantage_en/systemupdate401-2011-07-25.exe" target="_blank">download the ThinkVantage System Update</a>. It will install all the driver updates you'll need. Just install and run this app once installation is complete, it is much easier than downloading drivers one at a time. </li>
</ul>
<br />
Now that I'm done, my boot time to home screen went from 1:10 to 0:45. This is a crude measurement since it includes login credentials time. <br />
<br />
Hope this helps.<br />
<br />
Still lost?<a href="http://lifehacker.com/5793427/how-to-create-a-custom-windows-installation-dvd-or-usb-install" target="_blank"> This blog</a> helped me.taivohttp://www.blogger.com/profile/04547364082682046408noreply@blogger.com2tag:blogger.com,1999:blog-5970342029594705293.post-12266217409981904582012-03-06T18:20:00.002-08:002012-03-11T20:27:58.389-07:00yii mobile - Part 1I'm working on a new project, <a href="http://www.pressimus.com/" target="_blank">Pressimus</a>, which is built on the <a href="http://www.yiiframework.com/" target="_blank">yii framework</a>.<br />
<br />
As a relatively young framework, yii documentation is a bit sparse, so I'm publishing this in hopes of helping others, and hopefully eliciting commentary to improve my design. So if you know better than me, please tell me!<br />
<br />
Without further ado...<br />
<br />
<b>yii mobile strategy</b><br />
<br />
There is a fair bit of planning and consideration in creating a mobile strategy for your site. I have done this for a mature website, which is a whole different ball of wax. Here we're going to start fresh, and if the question is "What should my mobile strategy be?", the answer is "it depends". Saying all websites are the same is like saying all houses are the same. They aren't.<br />
<br />
The main consideration is: mobile web, or native app? I'm going to concentrate on building a web version of a site now, but this is the biggest question you'll face. <a href="http://lmgtfy.com/?q=mobile+versus+native+app" target="_blank">Google it</a> to find reams of discussion.<br />
<br />
Taking a linear approach into the web app, you'll first want to know if your users are using a mobile device or not. A very simple regex-based approach is used by the yii extension <a href="http://www.yiiframework.com/extension/detectmobilebrowser/" target="_blank">detectmobilebrowser</a>.<br />
<br />
Simply add the following into the components array in <span style="font-family: "Courier New",Courier,monospace;">public_html/protected/config/main.php</span> file:<br />
<br />
<div style="font-family: "Courier New",Courier,monospace;">
'detectMobileBrowser' => array(</div>
<div style="font-family: "Courier New",Courier,monospace;">
'class' => 'application.extensions.yii-detectmobilebrowser.XDetectMobileBrowser',</div>
<div style="font-family: "Courier New",Courier,monospace;">
),</div>
<br />
Since I put the extension file <span style="font-family: "Courier New",Courier,monospace;">XDetectMobileBrowser.php</span> into the <span style="font-family: "Courier New",Courier,monospace;">public_html/protected/extensions/ folder</span> under its own folder, <span style="font-family: "Courier New",Courier,monospace;">yii-detectmobilebrowser</span>, I changed the classpath from the one listed on the extension's tutorial to <span style="font-family: "Courier New",Courier,monospace;">application.extensions.yii-detectmobilebrowser.XDetectMobileBrowser</span>.<br />
<br />
Then, in <span style="font-family: "Courier New",Courier,monospace;">controllers/SiteController.php</span>, I have added the detection call in the init() method:<br />
<br />
<div style="font-family: "Courier New",Courier,monospace;">
public function init(){</div>
<div style="font-family: "Courier New",Courier,monospace;">
if (Yii::app()->detectMobileBrowser->showMobile) {</div>
<div style="font-family: "Courier New",Courier,monospace;">
//$this->layout='//layouts/mobile';</div>
<div style="font-family: "Courier New",Courier,monospace;">
Yii::app()->session['isMobile'] = 1;</div>
<div style="font-family: "Courier New",Courier,monospace;">
} else {</div>
<div style="font-family: "Courier New",Courier,monospace;">
Yii::app()->session['isMobile'] = 0;</div>
<div style="font-family: "Courier New",Courier,monospace;">
}</div>
<div style="font-family: "Courier New",Courier,monospace;">
}</div>
<br />
<br />
<span style="font-size: x-small;"><span style="font-family: inherit;"><span style="font-size: small;">Now, you can draw this from your session variable.</span></span></span>
<span style="font-size: x-small;"><span style="font-family: inherit;"><span style="font-size: small;"> </span></span></span>
<span style="font-size: x-small;"><span style="font-family: inherit;"><span style="font-size: small;"> </span></span></span><br />
<br />
<span style="font-size: x-small;"><span style="font-family: inherit;"><span style="font-size: small;">Considerations at this point: </span></span></span>
<br />
<ol>
<li><span style="font-family: inherit;"><span style="font-size: small;">If you need to know more than a browser type (like screen size, resolution, camera support, etc.) then you can consider the <a href="http://wurfl.sourceforge.net/" target="_blank">WURFL</a> library, which has recently and <a href="http://drupal.org/node/1321338" target="_blank">controversially</a> become commercial. The incredible Apache Software Foundation (A has recently accepted an incubator called <a href="http://incubator.apache.org/projects/devicemap.html" target="_blank">DeviceMap</a> that will be a mobile browser capability detection library that will remain open source, and is probably the one you'll want to use and contribute to going forward, if you want to avoid the commercial licencing and associated fees. This one'll be done right, knowing the big brains behind the <a href="http://projects.apache.org/" target="_blank">ASF</a>. </span></span></li>
<li><span style="font-family: inherit;"><span style="font-size: small;">What should you do when a browser is mobile? Immediately connect to the mobile site? Go to a "choose preferred site version" screen? There are many permutations here: for example, what if a mobile site is a stripped-down version of the main site, and the user wants full-site functionality and you've forced them into the mobile site? I won't go one here but each site will have to carefully consider it's use cases here.</span></span></li>
</ol>
<br />
Next time: we'll create a yii mobile theme!taivohttp://www.blogger.com/profile/04547364082682046408noreply@blogger.com1tag:blogger.com,1999:blog-5970342029594705293.post-76563541877657129422012-03-04T10:22:00.000-08:002012-03-06T18:15:57.460-08:00Hello World!I work as a software developer. I have been educated as a computer scientist at <a href="http://www.ubc.ca/" target="_blank">UBC</a>.<br />
<br />
I often find myself going to the web for information, and hope this will do a bit to give back to the fantastic online developer community. When I think about Computer Science, I often think of an old REM lyric: "Standing on the shoulders of giants, leaves me tall". (Yes, I changed the last word.)<br />
<br />
So here goes, my first blog...taivohttp://www.blogger.com/profile/04547364082682046408noreply@blogger.com0