Posts Tagged ‘howto’

pixie dust

Thursday, February 2nd, 2012

we’ve booted backtrack off usb before, now that’s kinda
boring and installing backtrack onto the usb with unetbootin
is painfully slow and not the same as bootin strait off the
usb which is what we want in this case; not an install
but a fresh copy every boot

there is someone disagreeing in the back of the room, now
wouldn’t this be a lot more complicated? No sir. on the contrary
booting fresh every time makes work a lot simpler; you gain a
direct relationship to what you store where, and where you
access your data from

but there is another one in the front;you sir, you feel that
one would have to sacrifice many of the comforts such as all
any tools of the trade at hand and permanent local storage -
but at best this is a lazy roadblock to salvation; by booting
off of local storage we have local storage at hand in a more
practical format, be that even a microscopic carrier can be
removed and replaced with sufficient storage for everything
and then some

the medium can be embedded, destroyed or ingested, so
the impermiableness of accidentally recorded data and the
robustness, accessability and portability of removable storage
comes very much in hand upon situations that either require
inconspiciousness, anonymity, covertness, plausible deniability
or a high degree of reliability in day-to-day computing

the totalality of the system given to remaining only in memory
causes it to be independent of other storage for operations, and when
operations cease from loss of any exterior preconditions, the
system simply ceases. when preconditions reoccur – by powering on
and executing the first block – the system can be relied upon to
simply starts afresh, completely unperturbed by any previous history

should the need arise to patch the system; say some new app or
capability is called for where there is no time to rebuild,
a patch should be scripted always when there is certanity that
the capability will require a repeat performance. It is advised
to devise a patch which includes all dependencies.

thus the fresh system becomes more capable and more accessible
over time, just like an install. patches can then easily be
rolled into the system should they proove useful to others.

But how does one do it? Well, it’s easy but unfortunately
not as easy as overwriting the boot device; it’s just not
practical because partitioning is always an individual consideration

  • . there are often other files on the block device
  • . choice of filesystem and memory technology has much bearing
  • . the block device is larger or smaller than expected
  • instead, we allow any bootable partition scheme and any
    filesystem and memory technology, as long as the storage
    requirements of the system are met;

    here’s to clone how:

    cp -a boot/ apt/ casper/ gone/ preseed/ syslinux/ 
    syslinux /dev/partition
    mbr /dev/device
    

    but that’s fine, it’s been done and all, but even the ability to
    boot the system with precisely zilch local storage comes in
    handy, and for that we have pixie dust.

    pixie daemon and tiny ftp should be pointing a path
    exactly matching the dhcp-provided patch.. otherwise
    you will have worries!

    /etc/pxe.conf:

    interface=eth1
    service=X86PC,0,0,local,Local boot
    service=X86PC,0,0,pxelinux,PXELinux
    tftpdbase=/var/lib/tftpboot
    domain=truly.yours
    

    /etc/default/tftpd-hpa:
    TFTP_DIRECTORY=”/var/lib/tftpboot/”

    /etc/dnsmasq.conf:

    dhcp-boot=/var/lib/tftpboot/pxelinux,vulcano,10.10.10.86
    

    “high speed” tftp daemons and multicast can be found but it is
    advised to stick to tftpd-hpa and dnsmasq with no esoterics due
    to the sheer amount of variables introduced.

    /var/lib/tftpboot/pxelinux.cfg/default:

    # not strictly necessary but makes the menu pretty
    menu hshift 13
    menu width 49
    menu margin 8
    
    menu title BackTrackBoot
    default vesamenu.c32
    display f.txt
    timeout 600
    
    label local
    menu label Local Harddisk
    localboot 0
    
    menu begin bt
    menu title BackTrack 5
    # ok here comes the real shit
    label backtrack5
    menu label BackTrack R1
    kernel bt5/vmlinuz
    append boot=casper netboot=nfs nfsroot=vulcano:/mnt/bt5 initrd=bt5/initrd.gz text splash vga=791 file=/cdrom/preseed/custom.seed --
    menu end
    

    you’ll need to copy to tftpboot/bt5 the initrd.gz and vmlinuz from the backtrack ISO /casper folder (which you can mount -o loop -t iso9660 bt5.iso /mnt/bt5

    the rest of the files you provide to the bootee over NFS

    /etc/exports:

    /mnt/bt5 10.10.3.0/24(rw,sync,no_subtree_check) 10.10.10.0/24(rw,sync,no_subtree_check)
    mount -t iso9660 -o loop BT5R1-GNOME-32.iso /mnt/bt5
    

    add a http server with kickstart / preseed files for an ever more powerful setup,
    in which case you replace the file= stanza in the append line with
    url=http://host/path/to/preseed

    more on preseeds… maybe later.

    Now restart all dependent services:

    /etc/init.d/nfs-kernel-server restart
    /etc/init.d/tftpd-hpa restart
    /etc/init.d/apache2 restart
    /etc/init.d/pxe restart
    

    debugging this setup usually requires tracing the process that is failing, so:
    - dhcp options tracing (dnsmasq verbose and tcpdump / wireshark)
    - verbose pxe
    - verbose foreground tftpd-hpa : in.tftpd -v -v -L /var/lib/tftpboot

    oh noes, o cert my *sniff* cert

    Monday, September 26th, 2011

    papieren bitteI’m not going to tell you about DigiNotar, whose file of bankruptcy this month held shock for no one after recently having lost the keys to the grand vault, in which the government held much stock. Though I have many comments upon the sophistication of the player that so thoroughly owned the most trusted agencies of the digital age….

    The cracker hardly needed them skillz, considering it has been a challenge to keep that whole corrupt industry accountable. The trouble with the central authority system is that even if only one of the keys is compromised, the system is broken and gives no assurances whatsoever. No warning bells either. Just a sweet silent man in the middle, passing along all the best parts to his lover.

    It’s not a joke for the 300,000+ people who documentedly had their emails and facepalms compromised. We thought he was kind to give an interview and we wait in awe for his next move.

    I’m not going to mention the fatal flaws in certificate revocation that became embarrassingly apparent when the damage was done.
    What’s hardly the matter since this kind of thing is bound to crop up, that hole in TLS was deemed unexploitable – now there’s a Titanic if I ever saw one. Un sinkable. Too fat to die.
    cert failure

    SSL is an open book for those who dare to look, and it’s got more than a couple old bugs. It’s okay though, we can patch it, they will say. Dare to look the other way!
    Not that you need those anyway, since there are some really nice sslsnarfing techniques out there that entirely forgo attacks on SSL as “too inefficient”.

    But I say nay! Unacceptable. There is another way.. and we’re already doing it! We sign our own signatures and we back each other’s signatures.
    Now that’s business, something that the companies on your CA trusted list were painfully aware of when they laid down the law of the code and put themselves on the trust list. Yet still ca-cert is not on your trust list, and warning bells fly off on some of the most trustworthy sites- self-signed ones.

    Just don’t ask them why or how, or anything that isn’t directly relevant. Do you even know what is on your trust list? You might just be surprised at what you can find.

    # ls -al /etc/ssl/certs | wc -l
    479

    How many of these do you trust? How many of these should you trust? I’ll tell you: *none*.

    We should not be adding static lists of central signing authorities to our systems. This is a brittle and dangerous system. We knew this, but hackers have now thankfully demonstrated it.
    A better way is for every person (and by extension every browser) to keep their own list of signing certs, and to exchange these certs with their friends (automagically, if you like). Your friends lists can come out of a social network, any social network, and it will mean that any site that has been vetted by one or more of your friends will likely be safe for you to use as well. It’s even better than that, you can check certs from multiple friends and detect discrepancies.

    green padlock
    That, my friends, is called the Web of Trust, and is a design that is heading in the right direction. convergence.io is doing something similar already to a Firefox near you, while GPG has worked like this for three decades!

    It has to be simple. It has to be very simple. And it has to be chemically free of one word: ‘central’.

    One real easy way to do this on linux would be using git and signed manifests. I already do this in gone to assure that only files on a manifest signed by a trusted key get installed.

    security or privacy? both please!

    Monday, July 11th, 2011

    Hello readers, fellow bloggers, fell trolls… it’s been a while.

    Happy Wheel

    If you didn’t know that just following a link could lead to loss of your identity, virus infection and the unknowing participation in denial of service sieges, distribution of child pornography and letting attackers break through your company’s firewalls (not to mention immanentizing the eschaton), you could be forgiven for not paying attention to the happy happy field of information security.

    If you knew this rather distressing fact about the web of links, but thought you could defend with an up-to-date antivirus, a current browser and the avoidance of “shady” websites I would hate to prick your bubble by telling you regular honest websites are being used against us, browsers all have to run the all-singing-all-dancing-all-executing flash and jave and anti-virus is not only ineffective but doesn’t even target this type of attacks. Knowing these things might be a little distressing so I won’t tell you.

    At least my bank is secure, you say, it’s got SSL and everything! Well, you’d be twisting my arm into telling you, embarassedly, that SSL as implemented in browsers is very neatly broken, that all we needed was one of the Certified Trusted Authority Parties to go bad for us all to wake up with a butt-ache, but we now have not one but at least three such bad parties, not to mention all the MiM magic and DNS trickery that you don’t want to hear about anyway.

    I will tell you however that the only defense is two-pronged: not allowing websites to script – which is a pain – and damage containment, which is not exactly perfect.

    Let us say you already knew all of this, but no longer cared because there was an even greater danger on the web: the total breach of containment of privacy that is social media and tracking cookies which all want to integrate and track your every move through the web so that usage and mood patterns can be profiled, tracked, bought and sold. Doesn’t matter, right? You’re logged in to Facebook, Linkedin and Google+ and get all your links from there, so you have your own personal filter which only shows you stuff you care about, turning your blind eye towards anything you need to know that comes from left field, suckering you into giving away your privates every time you hit “like” or “add to friends list”.
    pacman ghost

    In a post-panopticlick world there is really only one lesson to be learned: care about your privacy, because noone else will give a damn. It’s not about whether you have anything to hide, it’s about the accumultion of your private info by crooks to use as they please!

    Oh and crooks include the great people at Facebook, Microsoft and Google, that’s why I recommend disabling all tracking features that come in the guise of “better speed” or “increased security”. Pictures below show how to do it in chromium and firefox.

    chromium dialog, how to disable google tracking

    Ok that was Goggle’s Chromium – note all the unchecked- checkboxen… disabling prefetch, malware blocklists and suggestion services, all of which are sending far too much data to Google’s scaredy-ass all seeing eye. Aaaand here’s Firefox:

    fuckfox prefetch prevention

    Mhm that’s pointing the browser at about:config, searching for prefetch and setting it to false. Yep.

    Those pictures show you how to find and set better privacy features in your browser. Safari users are up shit creek, but unlike the Internet Explorer users, they at least have a paddle! Great stuff, what next?

    Keep a “secure” browser to browse with that you don’t log into anything personal with.. and make this your default browser!

    What is a “secure” browser? Let’s talk a little about that without insulting anyone’s intelligence, shall we?
    First off, I’m putting the word “secure” in uhm qoutes, because uhm the browser will never be secure, be it ever so protected. Ok, moving on you want to be running noscript and or adblock and or disconnect and or noflash, depending on whether you are a Mac, Windows (but then you are at game over already) or Linux user with Firefox or Chromium (NOT IExploder, that shit is scary!).

    All of these tools make it so the sites you visit don’t get to run code on your machine. The end result is that sites are marginally less usable, but that popup popunder popver poopop ads and scary tracker/botnet/mal stuff doesn’t run automagically. Here are some links:
    noscript
    adblock
    disconnect
    Flashblock
    – Have you heard about sandboxing?

    java and flash denied in chromium Chromium is getting the right idea by killing java and flash from the get-go. This should be the default, but you have to make it so!

    You should definitely be cloaking your user-agent, as it is a useless yet very telling string your browser hoes out to all. Do this with the User-Agent Modifying Extension.

    Also, you may find Torbutton and Foxyproxy interesting, the real privacy is in bouncing your traffic thru things that wash it for you. Putty or any other decent ssh client will create a proxy for you:

    `ssh -D8080 me@myshellserver`

    and you can point your browser’s SOCKS proxy settings to localhost:8080 putting all your traffic through your shell server!

    sshnuke

    The best has yet to come mua ha ha ha.

    consolekit is evil

    Wednesday, December 1st, 2010

    … and hates me

    I should really tell you about the DLD seminar three weeks ago, or the PARANOIA security conference, or even just that Adobe should be considered harmful but things have been crazy and between this and electromagnetism I haven’t had the mind space. After the 6th of december, I promise I’l come back with pictures and relations and maybe even sounds (I have notes, don’t worry I’ll remember).

    On the other hand here’s a nasty hack to kill console-kit-daemon, which has a really nasty way of polluting the PID-space… and annoys me enough to warrant a public humiliation as well. What does it do, and why? Who cares what it does, it’s doing it poorly enough to catch attention to itself! So here’s how to kill it:

    root@wasp:/usr/sbin# dpkg -S console-kit-daemon
    consolekit: /usr/sbin/console-kit-daemon
    

    DON’T try to purge the package because that’s just one end of a really big ugly yarn of unneccessary dependency pain that I’d like to spare you…

    DON’T try to replace /usr/sbin/console-kit-daemon with your own stub… turns out dbus autostarts this “service”, and that approach will make dbus block your (ssh) session when you log in… not forever, but that’s even more annoying than the pid pollution.

    Instead, debian bug #544147 and #544483 clewed me in to the following hack:

    cp /usr/share/dbus-1/system-services/org.freedesktop.ConsoleKit.service \
      /usr/local/share/dbus-1/system-services/
    echo Exec=/bin/false >> /usr/local/share/dbus-1/system-services/org.freedesktop.ConsoleKit.service
    

    which is a two-liner, and would have been less ugly and easier to debug if it hadn’t been for the fine hubris of the freedesktop dudes…

    OSSEC to the rescue

    Wednesday, October 20th, 2010

    I’m not going to brag about being online for 16 years without being hacked. It simply wouldn’t be truthful and more to the point even if I convinced myself there is little you or I can do to verify the claim. Rather, I’d like to think that by being a little paranoid I’ve managed to avoid some badness. Actually even if you like to think so, it’s rather optimistic to believe in one’s own infallability. The infallability of computer systems? Don’t even get me started.

    Computer security is about turning that trend around, about saying OK where and how did the bad guy get in, lets kick him out and make sure it doesn’t happen again. It’s about fixing the problems before they become really bad. Security is also about not putting all your balls in one basket, not trusting your single point of failure, and being very picky about the things you trust. Because automated systems fail automatically, security is about putting youself in the loop too.

    If you haven’t read this year’s Verizon data breach report [1], the gist is basically that 2/3 hacks are from 3rd parties, that leakage usually occurs 3 minutes into the breach and that most attacks are still discovered by a third party. What more, almost all attacks were made on servers, most of the attacks aren’t even that difficult to do, they leave traces in the log files and the security holes are even easier to fix!

    Now if you’ve been paying attention to the Stuxnet infestation [2], the Microsoft hack[3] or the recent Depnet failure[4], there is no guarantee that your skilled and educated IT staff is on top of that stuff… because they’re too busy delivering the features you demand.

    The problem here is one of control. If you are an admin, you may know what you’ve done on any particular server and you might be on top of what your team has been doing, but the second someone gets in and starts changing things they shouldn’t have, the bets are off. Files get changed: logs get nuked, commands get replaced, databases get UPDATE’d.

    Let me tell it to you straight: a virus, worm, piece of malware is basically a really cool software update.

    What you need is an eventuality: something that leaves a central, verifiable audit log, checks a number of different sources, stores who logged in where how and monitors system integrity. You need something flexible, with 90% of the job already done for you, something that can deal with a bunch of computers on a bunch of different platforms at the same time, and while leaving you in the loop does this in a managable way, so you don’t get overblown by a zillion messages.

    You need something that can respond to its environment, something that sits on every host, something that can take action on its own.

    OSSEC[5] has this three-pronged approach that fits the bill: rootkit checks, file integrity and logfile watching.

    It does these things according to a configurable ruleset. The rules can run on all your computers (yup, windows boxes too) and report to a central OSSEC server securely. OSSEC is also able to respond to alerts, for example by blocking an attacker that is trying to guess the password repeatedly (an everyday occurance).

    What more, GPL open source makes it possible to audit and patch the code of OSSEC, and gracefully sidesteps the problem of vendor lock-in.

    Now that I’ve played with it and tuned it for sufficiently long, it’s started to compliment my IDS nicely and beats old approaches like tripwire, fail2ban[6]/sshguard[7] and logwatch[8]. Don’t get me wrong, OSSEC is not the silver bullet[9], then again nothing is and thus we must stay vigilant.

    So, with the advent of Week of OSSEC year 2 I took the opportunity to tell you about this fine piece of software, and to show you the real nugget: my debian install and update script for ossec which you can use standalone, or together with my budding and passably simple configuration system gone, which I will introduce another day in another post.

    0K out.

    References in all their undistractingly subscripted glory:
    [1] Verizon data breach report
    [2] Talk on stuxnet the SCADA worm by kwy
    [3] Microsoft confirms Russian pill-pusher attack on its network
    [4] Regjeringen utsatt for dataspionasje
    [5] OSSEC
    [6] Fail2ban
    [7] SSHguard
    [8] Logwatch
    [9] Abusing OSSEC

    pulse audio: an experiment in social engineering

    Tuesday, September 7th, 2010

    The title about sums up the sentiments on the topic in my department.
    What’s the use case for pulse audio?

    Apparently, pulse audio is:
    * configurationless consumer audio
    * something that sits between you and your sound
    * a replacement for ESD
    * necessary for normal printer(!) operation
    * cross-platform and works on windows
    * really really complex
    * the shit when you want less usability
    * the bomb when you want less security
    * not really competing with jack
    * really good at marketing itself
    * on by default in most current distros.

    The cure:
    apt-get remove –purge pulseaudio\*
    yum remove pulseaudio

    tune2fs and green disks

    Thursday, August 5th, 2010

    Hey folks,
    old news I’m sure, but if you get tempted into buying the new WD Caviar “Green Power” disks there is something you need to know about them: they fake 512-byte blocksizes while in reality having 4096-byte blocks! The move to 4K blocks is reasonable considering we just busted the 2 terabyte barrier, but the disk firmware is faking 512-byte blocks in the name of compatibility (read: so windows xp won’t shit itself).

    Unfortunately, running in bs512 mode makes the disk exactly 3x slower than it should be!
    The fix: line up your partitions at 4k boundries, so start partition one at block 64, 1024 or even 2048 (the win7 start block) not the default, 63, in most partitioning software. Start fdisk with the -u parameter and carefully specify the start block. In gparted you’ll have to unhook the “snap to cylinder boundries” checkbox, and then I suppose you could even move a partition to the right block, but expect this to take an inordinate amount of time!

    On a related note, fsck’ing an ext filesystem on boot is a drag, and fsck’ing 2TB file systems is a huge drag. Sure you should be running the fsck but it has a nasty tendency to happen on your workstation precisely when you can’t afford the extra 5 minute delay!

    I bump the default 10 mounts count to 0 (disabling mount count fscking) and auto-fsck my disks every 99 days, staggered so not all disks get checked on the same day. Do this with the tune2fs command:

    wasp:~# tune2fs -c 0 -i 99d /dev/sda1
    tune2fs 1.41.12 (17-May-2010)
    Setting maximal mount count to -1
    Setting interval between checks to 8553600 seconds
    

    out.

    PS I recently managed to achieve sustained throughputs of 110MB/s with these WD disks and properly aligned partitions:

    7516192768 bytes (7.5 GB) copied, 68.4392 s, 110 MB/s
    115+0 records in
    114+0 records out
    

    yes that’s disk-to-disk with ext4 and one large file, no fragmentation.

    PPS the defaults have nowadays changed to 120 days and 39 mounts, to which I say -1 mounts is better anyway!

    edit: Now that your files are aligned, you can specify a block size to mkfs as well, which might avoid unaligned fragments: mkfs.ext4 -b 4096 -L gigantor -O sparse_super /dev/sdb1

    PRADS 0.2.0 hits release

    Monday, June 21st, 2010

    PRADS – the Passive Realtime Asset Detection System has reached release with codename: “our two cents”.

    It’s been far too long since last release and many things have happened that we thought we would share with you.
    First off, PRADS has been rebuilt from scratch to handle high throughput and should work nicely on those fat pipes out there. This means it operates a little differently on the command line.
    Our tool is now quite easy to use and has support for many more signature methods.

    Changelog for prads 0.2.0-1
    * PRADS release 0.2.0
    * SYN,SYNACK,ACK,FIN,RST, IPv6, service, client, UDP, ICMP, ARP support
    * added and fixed many signatures
    * log to prads-asset.log
    * eat pcaps (-r file.pcap)
    * dump statistics on exit
    * wirefuzz script
    * prads2snort and other fun tools
    * better IPv6 support
    * better OS guessing
    * awesome memory usage and stability
    * l337 optimizations for high thruput
    * code refactoring, cleanups & bugfixes and more

    Quick start:
    root@machine# prads -D
    [*] Running prads 0.2.0
    [*] Using libpcap version 1.1.1
    [*] Using PCRE version 7.8 2008-09-05
    [*] OS checks enabled: SYN SYNACK RST FIN ACK
    [*] Service checks enabled: TCP-SERVER TCP-CLIENT UDP-SERVICES ARP
    [*] Device: eth0
    [*] Daemonizing...

    To see the raw asset log file:

    root@machine# tail -f /var/log/prads-asset.log
    asset,vlan,port,proto,service,[service-info],distance,discovered
    84.24.154.213,0,1268,6,ACK,[65392:118:1:0:.:A:Windows:XP],10,1277044697
    109.87.38.106,0,56393,6,ACK,[16425:114:1:0:.:A:Windows:XP],14,1277044697
    192.168.2.43,0,38359,6,SYN,[S4:64:1:60:M1460,S,T,N,W7:.:Linux:2.6 (newer, 7):link:ethernet/modem:uptime:2630hrs],0,1277044698
    192.168.2.43,0,48065,6,ACK,[54:64:1:0:N,N,T:ZAT:Linux:2.6:uptime:2630hrs],0,1277044697
    76.99.73.67,0,55834,6,ACK,[33069:48:1:0:N,N,T:AT:Linux:2.4(newer)/2.6:uptime:307hrs],16,1277044697
    65.191.159.39,0,48747,6,ACK,[259:114:1:0:N,N,T:AT:unknown:unknown:uptime:20hrs],14,1277044697

    Remember that ACK mode is and always will be rather unreliable.

    To get a better view of the detected systems, run the following command:

    prads-asset-report | less
    13 ------------------------------------------------------
    IP: 109.87.38.106
    OS: Windows Server 2008 (R2 Standard 64-bit) (60%) 1
    [..crop..]
    104 -----------------------------------------------------
    IP: 192.168.2.43
    OS: Linux 2.6 (newer, 7) (100%) 3
    MAC(s): 00:DE:AD:BE:EF:2F (2010/06/20 16:39:00)

    Port Service TCP-Application
    80 CLIENT Mozilla/5.0 (X11; U; Linux x86_64; en (US) AppleWebKit/533.4 (K
    HTML, like Gecko) Chrome/5.0.375.70
    80 CLIENT @www
    80 CLIENT Mozilla/5.0 (X11; U; Linux x86_64; en (US) AppleWebKit/533.4 (K
    HTML, like Gecko) Chrome/5.0.375.70
    443 CLIENT TLS 1.0 Client Hello
    443 CLIENT TLS 1.0 Client Hello
    3218 CLIENT rtorrent/0.8.6/0.12.6
    6667 CLIENT @irc
    6667 CLIENT @irc
    6667 CLIENT SSL 2.0 Client Hello
    50005 SERVER Bittorrent
    50005 SERVER Bittorrent

    Port Service UDP-Application
    53 CLIENT @domain
    53 CLIENT @domain
    123 CLIENT @ntp

    105 ------------------------------------------------------

    [..snip..]

    Packages are available for debian and ubuntu, for everyone else there is source.
    Get PRADS now!

    Report issues and feature requests to: http://github.com/gamelinux/prads/issues

    For suggestions, help, contributions and general banter go to the PRADS mailing list.

    kernel coolness, finally!

    Thursday, November 5th, 2009

    Many things worth blogging about are happening lately! In fact, so many things that there is not enough time to blog about them. Ah, where to begin!

    Quickly now:

    PRADS

    Ebf0 and myself had a lecture about our fine host detection application at Dagen@IFI (Institute for informatics, UiO). Presentation available here, at least until we upload it to the project website.

    We now know that our Proof of Concept is k00l and Ebf has started the high-performance C implementation.

    Kernel hacks

    Did you know you’re missing out on cool kernel features? Well, yes you are. Here are some of them:

    • grsecurity : Better security in linux! Fixes thousands of attack vectors for desktops and servers alike
    • compcache: compressed memory swap might sound counter intuitive, but memory is lightning fast compared to disk, and you can cram more apps into compressed memory!
    • nilfs: Every wished you hadn’t deleted that file 5 seconds ago? Or wasted an hour waiting for a fsck? Log structured file systems scream write performance. And NILFS aids in data recovery too, as it’ll take automatic snapshots of your data every synchronous write. Very sweet.
    • reiser4: Don’t get me started. This is still not reached mainline. Hans be damned. However, reiser4 is still the fastest file system around.
    • ++++ low-latency, preemptible, tickless system, loads of hardware support and lots more!

    The upshot?

    The -lied patchset is back!

    I now track Ubuntu karmic git and I provide i686 packages:

    Add the following to your /etc/apt/sources.list :

    deb http://www.cs.mcgill.ca/~kwysoc/debian/binary ./

    then install the package:

    # add the archive key:
    
    gpg --recv-key 089ac586 && gpg --armor --export 089ac586 | sudo apt-key add -
    
    # update package database:
    
    sudo apt-get update
    
    # install the kernel package
    
    sudo apt-get install linux-image-2.6.31.3-lied-grsec-dirty
    
    # check grub or lilo and then reboot into the kernel!
    

    amd64 binaries are coming as soon as I get a chance to compile them. For now grab the karmic git, the patchset and .config and roll your own :-)

    What else?

    Bifrost is coming along, and might be close to a release soon, and

    Multiframe needs a new client release (which I am w0rking on)

    oh and I’ve made an

    auto-migrate from ISC dhcpd to dnsmasq by script

    …with my quick and dirty perl f00 : dhcpd2dnsmasq.pl.

    Be mindful that it is best for those with a lot of host definitions, and does not support all the ISC syntax out there.

    The script is interesting because it consicely illustrates how to make a simple but powerful parser with the minimal amount of lines (and fuss) using the AND-OR Waterfall method.

    Honk and Drop me a comment if you like / hate / fake it~!

    xtend your battery so y ou can GO ALL NITE

    Monday, September 14th, 2009

    K3ep going all n1te just like all that sp4m c0ming in through your mailbox.10 watts, it's a new record!

    10 watts, it's a new record!

    From joke to revolver as we say, I’ve noted that many of you find hacking away from power sources quite useful. Here’s how to keep at it longer with low power.

    (more…)