Planet TLLTS

You know, sometimes, just sometimes something fortuitous happens to me. This was one of those times.

I was contacted by my friends over at Pakt Publishing to review their new book on BackTrack. Of course I said sure. Hey, I am a Linux junkie after all! It had actually been quite a while since I had played with BackTrack and this gave me *just* the incentive I needed, but let me tell you a bit about the book…

The book is a “cookbook” style book which gives you “recipes” or guided examples of common problems/scenarios and their fixes. The book is well written, a good reference for a pro, and a great tutorial for the beginner, and by beginner I am assuming that the person *does* have Linux experience, just not BackTrack experience as some command line comfort is pretty much a necessity for this kind of work. The first 2 chapters start you out exactly the way they should, by installing and customizing the distribution. What they don’t tell you is it takes a good while to actually download the distro, but that is beside the point.

Once you actually get things running well, you can follow the book through some really decent examples from Information Gathering all the way through Forensics. The book covers all matter of subject matter and applications in between such as using NMAP, Nessus, Metaspolit, UCSniff and more. I mentioned that this was fortuitous for me and that was because one of the things the book covered was the Hydra program, and, as it turns out, that was the perfect tool for me to use in remediating some password synchronization issues across several hundred servers.

Anyone using a computer should have at least a basic understanding about keeping their valuable data safe, whether that data is for a multi-million dollar company or your own invaluable family photographs. This book goes to great efforts to not only explain how to detect, analyze and remedy such issues, but also gives important background about just how systems become vulnerable to begin with. If only for that reason alone, it’s worth the read. If you are actually a sysadmin, this information is a must. For $23 for the ebook version, it’s a no brainer. Good book. It helped me out and I’ll wager that if you give it a read it’ll do the same for you!

Recently I had to do some more email migrations, and I wanted to script them. But how do you take hundreds of migrations and run, say, 15 at a time, scripted, so you don’t beat up your mail server? Good question!

What I settled on was writing a bash script to call a certain number of background screen processes. I figured that way I could be sure that disconnecting from my session didn’t kill my processes, AND I could always jump into any screened process easily to see what was going on. It wasn’t as hard to get going as you might think and it worked brilliantly!

#!/bin/bash

while read command
do
if [ $(cat totalthreads.txt) -gt $(screen -ls | grep Socket | tail -n1 | cut -d' ' -f1 | sed -e 's/No/0/g') ]
then
echo $command
screen -d -m $command &
fi
while [ $(cat totalthreads.txt) -eq $(screen -ls | grep Socket | tail -n1 | cut -d' ' -f1 | sed -e 's/No/0/g') ]
do
sleep 60
done
while [ $(cat totalthreads.txt) -lt $(screen -ls | grep Socket | tail -n1 | cut -d' ' -f1 | sed -e 's/No/0/g') ]
do
sleep 60
done
done < commandlist.txt

So, what you see here is the entire shebang. What’s happening is all the commands I want to run, which in my case are imap copies but you could do anything really, are listed in a file called “commandlist.txt” individually, each on their own line. It looks like this:

copy this file to that file
copy file 2 to anotherfile 2
copy file 3 to anotherfile 3
copy file 4 to anotherfile 4

The script grabs the commands you want to run and checks a file called “totalthreads.txt”, which simply contains a number. This is the number of threads you want running at any given time. So, say I have 100 commands (copys in the example) I want to run, but only 20 at a time so I don’t eat up all my I.O. I would put all the commands in the commandlist.txt file and a “20″ in the totalthreads.txt file, then execute the script itself, which I called “threads.sh” (get it HERE). This script starts up 20 of the commands in the commandlist.txt file, each in their own screen session. When one of your processes ends, another will be started, maintaining that limit listed in the totalthreads.txt file, as long as their are enough commands in the commandlist.txt file to do so.

The nice part about this is it is the thread count is somewhat interactive. This means that if you notice you want more threads running, simply increase the number in the totalthreads.txt file and after a minute or two, you will see them increase. Conversely, if you want less, decrease the number and as processes finish, new threads will not be started until the number running is lower than the number in the totalthreads.txt file.

You would think that my lack of posts here lately meant I had simply dropped of the face of the earth, but that isn’t really so. I have just been extremely busy with the day to day problems facing me in RL, including how to squeeze >that< much more work into my overly busy day.

This particular recent purchase, the GeChic On-Lap 1301 13.3” Portable and USB powered Thin, Light, and Plug & Play LCD Monitor, has helped me do just that.

One of the things all high-end computer workers need to enable them to multitask better is more screen space. This has been researched and documented in a variety of different places. Well, what are you to do with your mobile workstation? You can buy one of those external USB screens, that’s what. Almost a no-brainer, right? The problem with that for a Linux user is the drivers. Most of these types of screens push video through USB, which means you have to have a working usb to video driver, not to mention video over usb is a little slow. Enter the GeChic!

The GeChic solves these problems by NOT usung usb for video, it actually has both a vga and a dvi input along with being usb powered. That’s right, no extra power cord, just plug in the usb cable and pick your input method and you are rockin’ and rollin’. This means it will work with literally ANY laptop or desktop which supports those types of video output, regardless of operating system or driver issues.

The unit itself is a little pricey at $200, however, it makes up for it’s few downsides by giving me my much needed screen space, in an attractive, easy and mobile form. I did say few downsides, and there are a couple other than the price. The first is the color. It just doesn’t want to color match my laptop’s LCD no matter how I seem to adjust it. The second is that using vga input the picture quality lacks a little. To be fair, dvi input is far superior to vga anyhow, and the vga problems could just as easily stem from my machine than from the monitor and I didn’t spend a whole lot of time messing with the settings on vga before just trying out dvi. Ymmv.

What I do like is that this is an attractive little lcd screen with a nice resolution of 1366×768. You can use it while physically attached to your laptop or it can sit standalone next to it in several positions with its included stand. To connect it to your laptop it has surprisingly strong suction cups that attach it’s swing-base to the top of your laptop and it can simply fold up or swing out for use. This allows you to also do neat things like show a presentation on the back of your laptop while you watch the front, etc..

No matter how you slice it, this little thing is mighty handy to have around and everyone who has seen it in action immediately wants one of their own. Boy, I wonder if I could get a kickback from NewEgg on this? Even at that price, I think we have a winner.

Yes, I know.. Long time since a post, but I have been waiting ’till I had something interesting to comment on

You should all know by now that Ubuntu 11.04 and Mint 11 are now out in the wild, and both are very nice IMHO. I have been a “Minty” guy now for quite sometime but I thought it would behoove me to at least try the new Ubuntu 11.04 and it’s Unity interface, so I stuck it on a netbook to test it out and I can say this: It doesn’t suck at all! In fact, I was pleasantly surprised. Compared to Gnome 3 (more on that later), Unity is quite usable.

That brings me to Mint 11. A beautiful distribution as I have come to expect. Not too much to say about it for those familiar with Mint except it’s a worthy successor in a long line of great releases. If you haven’t yet tried Mint, you are really doing yourself a disservice.

There are of course problems with everything. Mine was with my vpn connection. I use vpnc to connect to my works’ cisco vpn, and I have been doing so successfully now for many years. In fact, vpnc is my preferred method of connecting over any other client including the cisco client itself. It just works. It’s very easy to configure and use and it stays out of my way. That is until recently.

After I installed Mint 11 on my daily carry, I eventually needed to vpn into work and fix something. Well, I immediately noticed that ssh through vpnc would not connect. I could ping, http, rdesktop, whathaveyou, but no ssh. I looked at the routes, I looked at the tunnel, I looked at the verbose messages from vpnc. Nothing worked. If, however, I walked over to my other laptop that is running Mint 10 with the very same vpnc config, I got right through. This was quite perplexing. I eventually tried connecting with the Ubuntu 11.04 install, and I got the exact same results. I was grasping at straws. Maybe all new distributions were broken in this manner? The horror actually forced me to install Fedora 15 (sorry Fedora folks) and test that. To my surprise, F15′s vpnc+ssh worked just fine. This also gave me an opportunity to find out how dysfunctional and horrible an interface Gnome 3 is (KDE and Unity are gonna become big real soon I guarantee it).

As a last ditch effort to narrow things down, I decided to try a different ssh client. I tried both putty and dropbear. THEY WORKED! YAY! This meant I could go back to running the new Mint on my netbook. I fully intend to just try my own compile of ssh sometime in the future, or perhaps the package maintainers will catch wind of this and fix it (I did send some emails to Clem). Until then, I am happy that I can still use my beloved Mint and I can live temporarily with dropbear and / or putty for ssh through my vpn when I need it. I just hope this post gets around a bit so the other guy that uses vpnc+ssh to connect to his cisco vpn doesn’t think he’s going crazy like I did

OK, I am dating myself here but there used to be this show on when I was a kid, called the New Zoo Review, and for some reason the theme song was playing in repeat in my head while I was thinking about writing this review. That’s how the title comes about, and it’s been a wickedly long week, so that’s about as clever as I can muster right now.

I bought the Motorola Xoom wifi only tablet the day it came out because I have been wanting / looking for / dreaming of a device that *could* be android powered that would be a respectable netbook replacement for me. I wanted something with at least a 10 inch display, fast processor speed, decent storage and memory and significantly thinner and lighter than my netbook that I could use as a daily carry. What goes without saying, there, is that there needs to be functionality with all that I do.

Unfortunately, with the Xoom, this was not to be…

The Xoom is a very appealing looking device which appears to meet many of my basic needs quite well. It is thin and light. It has a beautiful and very functional touch display. The battery lasts quite long at around 2 days of use. It’s only everything after that that is a disappointment.

Let’s start with the price. This was $600 + tax for the wifi only version. I believe this to be a bit excessive, even if the device actually *did* deliver. That being said, I did, and would pay it again to the company that does it right, but there are a lot of disappointments with this tablet:

This tablet does not act as a usb mass storage device. You heard it right. When you jack this into your computer, you have to fumble around and try to find a utility program and/or drivers that do Media Transfer Protocol. I DO NOT understand why they would do this unless they are intentionally trying to irritate their customers. My Moto Droid (the original) could connect as usb mass storage, why can’t this??

This tablet will not charge via the usb cable. Again, what were they thinking. You have to use a needle thin charger plug that has every appearance of wanting to snap off at the slightest bump. Once I finally got the majority of my power and data needs consigned to a single USB cable, Xoom makes sure you have to carry another proprietary wall-wort.

Honeycomb is NOT ready for general use / release. As pretty as it is, the new android OS has lots of bugs. I cannot tell you how many times apps like facebook, gmail, email and the browser crashed on me in the week I used this tablet. The apps are beautiful when they work, but also lack important functionality. For instance, the email app doesn’t do filters. Also, I was particularly thrown back when I could not get my pandora app to run at all!! Ack!

I think the straw that breaks the camel’s back for me is lack of a cisco vpn client. Granted, this is not really the Xoom’s fault, but I need to be able to do some real work with my tablet and this is a HUGE hindrance for me. This one thing means I have to carry a netbook with me anyhow which was the point of getting a tablet in the first place.

Bottom line is if you are looking for some cool tech and do NOT neet to do work with it and / or can wait until they fix a bunch of things AND you have a spare $600 to shell out for said broken product, then run to your nearest store and buy one of these. If you are like me and need a small, slim, lightweight. functional tablet with more stable software and a decent vpn client to replace your netbook, then wait ’till the iPad 2′s are back in stock. Sorry android and Motorola, you lose on this one.

A friend asked me for a quick primer on how to set up a windows accessible share under RHEL 5, so I thought I would include it here for the benefit of anyone interested.

• sudo yum -y install samba
• sudo vim /etc/samba/smb.conf
• replace the file with something like so:

[global]
workgroup = SOMEWORKGROUPNAME
server string = SERVERHOSTNAME Samba Server Version %v
security = user
netbios name = CALLMESOMETHING
[data]
comment = my data share
path = /data
read only = no
writable = yes
guest ok = no
available = yes
valid users = USERNAME

• add a local user to the box: sudo useradd USERNAME
• add the local user to samba and give password: sudo smbpaswd -a USERNAME
• restart samba service: sudo service smb restart
• make sure samba starts at boot: sudo chkconfig smb on
• adjust your firewall settings if necessary

At this point you should be able to access the share at //servername/data.
Have fun!

This is somewhat of a reprisal of some thoughts I shared on a recent episode of the LinuxLink TechShow.

I have been asked many times about being a Linux admin. After a few years of walking the walk and being in on a lot of interviews, I have compiled a few mental notes and thought I would share…

• Get a cert.
  I have been doing Linux for a LONG time but I never had so many job offers until I got my RedHat cert and put it on LinkedIn. Once that happened I get, some weeks, upwards of 5 job offers per week. Seriously. These offers are also local – not like people are calling me to move out of state or even out of the area. The jobs are out there folks. Linux people are currently on the hot list. Just do it right and you should be a shoe in.
• Know your stuff.
  Here’s the deal. You MIGHT run into a company where you can snow them into thinking you are a serious Linux guy even though you don’t know how to tell what directory you are in on the command line, but it sure won’t be MY company. I ask potential candidates lots of questions – ones that I am convinced that anyone that *actually uses Linux* should know. Make sure that you do. You should know all kinds of common Linux things down absolutely cold and this includes things like common userland commands, problem diagnosis and resolutions. If you don’t know the fix to a problem, you should be able and prepared to demonstrate that you can quickly find the correct answer / resolution.
• Don’t rely on the gui.
  I used to think this was a given but after a dozen interviews it bears mentioning. You *cannot* correctly administer a hundred servers if you need to rely on gui tools. They may be handy in a pinch, but they are wildly inefficient. On the same tolkin, you should be familiar and comfortable with at least basic scripting. One of the questions I generally ask is if another administrator left your company, how would you change the root password on 100 servers in a hurry?
• Do be familiar with Desktop Linux.
  Although I think it’s extremely important to be command line savvy on the server end of things, I am also convinced that a Linux guy should be comfortable with using it on the desktop as well. It always strikes me as strange when I ask a Linux guy what kinds of computers he has at home and what he uses them for and he (or she – it’s just a figure of speech) says they have a windows laptop that they only use for browsing the web and email.
• At least feign interest.
  In my opinion, a Linux system administrator should be interested in Linux and system administration. Things like playing at home with different linux distributions, running your own home server, setting up , learning about and trying different Linux services are all big plusses.
• Don’t BS on your resume (or resume inflation).
  A friend of mine I work with and I have this theory that a person’s actual skill level with Linux is conversely proportionate to the size of their resume. Actually, this goes back to that “Know your stuff” rule as well. Put the relevant things you know on your resume and *actually know them*. Trust me, I will ask you technical questions about the things you list on your resume and I *will* find out if you are lying. Inflated resumes may impress H.R. people but not the people who actually have to weed through them.
• Shake hands like you mean it.
  When you come for an interview, if you offer to shake hands or take an offer to shake a hand, actually do it. Nothing weirds me out more than someone giving me one of those limp wristed, pantywaist, palm tickle handshakes. Grip my hand like you mean it and give it a good shake like you are happy to be there.
• Be genuine.
  Don’t try and be someone you are not during the interview. Be yourself, relax a little, be honest. Don’t be overly cocky, snarky, apologetic or overtly eager. Also, try and dress decently and speak well.

That’s all I can think of right now – Knock ‘em dead!

Nope, I am not talking about the curious little Madagascan primate, I am talking about the one from System 76!

It has been a while since I have done a review, but that doesn’t mean I haven’t been working one up At this past years Ohio Linux Fest I got to rub elbows with Carl Richell from System 76 who promised me the opportunity to review one of their masterpieces. After some killer anticipation, the unit arrived on my doorstep and it turned out to be their Lemur Ultra Thin laptop.

This lappy has a GORGEOUS 13″ display, a core-i3 proc, and the all the assorted (and working) ports, wifi, ethernet, sound, SUSPEND, etc., that you would come to expect. I did say working didn’t I? That’s important because, as retailer of Linux computers, it’s important to make the distinction that there is NO guesswork as to whether or not Linux will run on perfectly on it. It does

System 76 was nice enough to let me demo this thing for a long time, so it’s safe to say that I tested this thing out really well. I used it extensively at home to do my normal web surfing, video watching and music playing. I also used it for work where it was my portal for a bunch of system administration work, rdesktop and ssh sessions galore, plenty of terminals open with configuration scripts and php programming, connected through every kind of free and paid wifi you can think of, not to mention my work vpn. And a lot of that was all at the same time! This system performed more than admirably. I even used it at a work conference where I did splunk installs and testing without issue.

I am not sure what kinds of proprietary things that System 76 provides in its own packages, however everything in Ubuntu, the Linux distribution that System 76 ships with by default, runs perfectly. Then again, so did Mint 10, the other Linux distribution I installed and tested with. This left me with, literally, nothing whatsoever that didn’t meet my personal satisfaction

This laptop is very light, perfectly functional, very good looking and stunningly well designed and put together. It feels to me like a MacBook Air with a warp drive, and at literally half the price. In short, this is the laptop that I want to carry around (did I mention it’s light too)? I am hoping that Mrs. LincolnClaus is reading this. It would look great under the tree this year! I would gladly get rid of most of the rest of my laptop entourage to be able to carry one of these.

Hey, anyone want to buy a pristine condition used netbook? Or two?

I have this ISCSI volume mounted on a RHEL 5 system that is running out of space. How do you grow your mounted iscsi volume? Good question!

* Unmount the volume. In this case it was /dev/sdb1 for me.
umount /dev/sdb1

* Grow the volume size on your san/nas (however your san/nas does this).
In my case - "Hey SanAdmin, can you add another 100gb of space to $volume?"

* In order to resize, your server needs to see that there is more volume space available, so you need to “service iscsi restart”.
[root@nile ~]# service iscsi restart
Logging out of session [sid: 1, target: iqn.2001-05.com.equallogic:0-8a0906-4cb5c3602-e9b001184684cc04-nile-splunk-index-archive, portal: nnn.nnn.nnn.nnn,3260]
Logout of [sid: 1, target: iqn.2001-05.com.equallogic:0-8a0906-4cb5c3602-e9b001184684cc04-nile-splunk-index-archive, portal: nnn.nnn.nnn.nnn,3260]: successful
Stopping iSCSI daemon:
iscsid dead but pid file exists [ OK ]
Starting iSCSI daemon: [ OK ]
[ OK ]
Setting up iSCSI targets: Logging in to [iface: default, target: iqn.2001-05.com.equallogic:0-8a0906-4cb5c3602-e9b001184684cc04-nile-splunk-index-archive, portal: nnn.nnn.nnn.nnn,3260]
Login to [iface: default, target: iqn.2001-05.com.equallogic:0-8a0906-4cb5c3602-e9b001184684cc04-nile-splunk-index-archive, portal: nnn.nnn.nnn.nnn,3260]: successful
[ OK ]


* fdisk /dev/sdb and delete the old partition (yes, delete it).
fdisk /dev/sdb
Command (m for help): d
Selected partition 1

* Create a new bigger partition over top / in place of the original.
Command (m for help): n
Command action
e extended
p primary partition (1-4)
p
Partition number (1-4): 1
First cylinder (1-26109, default 1):
Using default value 1
Last cylinder or +size or +sizeM or +sizeK (1-26109, default 26109):
Using default value 26109

* Run e2fsck on the partition.
e2fsck -f /dev/sdb1


* Resize it.
resize2fs /dev/sdb1


* Finally, mount it back up!
mount -a (yes mine was listed in fstab)


As many of you know, RedHat released RHEL 6 recently. I just finally got a chance to install the production version and thought I would share some of my immediate notes:

RHEL 6 Installation Notes: (text/net install)

No boot.iso available. Must use the ENTIRE installation DVD to boot, even for a network install.

Press tab at the boot splash to enter extra parameters – “linux text askmethod” worked appropriately.

Askmethod prompts for URL rather than http or ftp and has you put the entire URL in one line instead of splitting into server / location like RHEL 5 did.

Installer does not ask for registration number – must be done through rhn_register *after* installation has completed.

Install does not ask you for “types” like RHEL 5 did (webserver, virtualization, development).

Post install does not have configuration menu where you can change authentication, firewall/selinux, system services, etc..

That’s about where I am with this right now. The install is reminiscent of RHEL 4 in a lot of ways. I am sure things will change and improve like they always do. The one clearly needed addition right now, though, as far as I am concerned is a boot/netinstall.iso image.