Skip to main content

Posts

Showing posts from 2016

Using FreeDOS to admin computer hardware

FreeDOS just released version 1.2, a small upgrade in functionality, mostly to be compatible with modern hardware.

ArchLinux has an excellent wiki that is easily applied to other Linux distros. Here is their discussion on using FreeDOS to flash a system BIOS and, interestingly, creating bootable DOS images that are bigger than standard floppy disk sizes. It offers step-by-step instructions on how to create a bootable CD using your FreeDOS image.

There's no need to repeat the wiki article here. I'll add more info if I develop more sources.

If you need an updated DOS memory extender, check this out.

RESOURCES

FOSS DOS for 21st Century Hardware

FreeDOS

ArchLinux and FreeDOS

DOS4GW.EXE Version 2.01a and Alternative DOS Extenders





Upgrade Mageia5 to Mageia6

Back in the early days of Linux, the changes to the operating system were so dramatic that even when updating withing the same distro, in-place point release updates were problematic enough and it was always recommended that a major version release be done from scratch. There were just too many major changes to the underlying subsystems and package naming conventions. Doing an in-place update was just asking for trouble.

Modern distros have matured quite a bit even though there are occasionally some major subsystem changes being made. Yet it's never been easier to do an in-place major version upgrade.

I just did the upgrade on several Mageia5 systems and the results were consistent and satisfactory, not to mention simple.

Step 0.

Always backup critical information. Have a Mageia5 recovery disc on hand.

Read the Release Notes, the Documentation and the Errata for Mageia 6. Other than updated applications, the biggest changes are support for UEFI and the move to GRUB2. If you are up…

Here's the Linux Fix to disable WPAD ATTACKS

Do you use the internet? This Linux flaw could open you up to attack.

Study Highlights Serious Security Threat to Many Internet Users

"RIVERSIDE, Calif. (www.ucr.edu) — Researchers at the University of California, Riverside have identified a weakness in the Transmission Control Protocol (TCP) of all Linux operating systems since late 2012 that enables attackers to hijack users’ internet communications completely remotely."

tl;dr The FIX

Edit /etc/sysctl.conf to include this line:

net.ipv4.tcp_challenge_ack_limit = 999999999

Then execute this command as root to apply the fix.

# sysctl -p

If you need the Windows Fix:

How to Turn Off (Disable) Web Proxy Auto Discovery (WPAD) in Windows Server 2008 R2

Bootable USB device for Mageia 5

If you Google "create a bootable USB drive in Linux" most of the returns you get will tell you to use Rufus for Windows or for Linux.

The problem is that Mageia no longer provides unetbootin and instead provides their own tool, IsoDumper. Still in development, IsoDumper can only save as a disk image of the existing files, write an image file to the USB device, or format the USB device with a FAT, NTFS or EXT filesystem. It would be nice if Mageia provided a bootable FreeDOS image for you so that you could easily do BIOS and firmware updates since Linux has yet to produce a usable tool for that.

It's always good to know how to do that from the command line if the GUI tools are not available, so that's what we will do.

FREEDOS
You can get a USB image containing FreeDOS from this site. There are three different images depending on the size of your USB stick. Mine is 2GB, so I could choose either of the first two. I chose the second image.

Once downloaded, you need to un…

Kill the Upgrade to Windows 10

There are many people who, for whatever reason, don't want to upgrade  to Windows 10.

Microsoft admits this and outlines the way to do this on their support page. This is what you need to do:

Create a blank.reg file and put this in it:

Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Gwx]
"DisableGwx"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate]
"DisableOSUpgrade"=dword:00000001


Then run it by double-clicking on it.  Alternatively, you may manually add those keys to the registry yourself using regedit.

Or you can download this file which is the file you were told to create above. Please examine the downloaded file in a text editor to see that it matches the instructions above.

UPDATE

BY now, this should be old news and you will have been forced to update you Windows computer. Sorry.

Adding a Spellchecker to Leafpad

Leafpad is the text editor for the LXDE desktop environment. It does well for editing basic text files, but it lacks a spellchecker.

This is a hack to use the default-installed Hunspell to spell-check your text file.

To accomplish this, you need to save the text file, open it in Hunspell, close Hunspell and re-open the document in Leafpad.

This is accomplished by a script added to your .bashrc. I found this script in a recent Knoppix thread.

Add this to .bashrc:

lpad() { # uses leafpad to edit $1; on closing leafpad, # # # hunspell checks spelling; 
#on closing hunspell, leafpad shows corrected copy.
leafpad $1; aspell $1; leafpad $1 &
}

NOTE: You can also use this with ispell, but you'll need to invoke "ispell  -c".NOTE: I found the command line at the bottom of Hunspell to be misleading. For example, it says that pressing "I" is "Insert". It actually means "Accept  the  word,  capitalized as it is in the file, and update private dictionary.&quo…

Using a Blocklist File With Iptables

I read an interesting piece about securing servers written by Greg Bledsoe in LinuxJournal. I thought I would try it out and it turns out that it needed a few massages to make it run on my Mageia5 system.

There are two parts to his approach, a short script that runs as rc.local, which file does not exist in Mageia, but will be properly run if you create it in /etc/rc.d/rc.local.

#!/bin/sh
#/etc/rc.d/rc.local
# REF: http://www.linuxjournal.com/content/server-hardening?page=0,2
#create iptables blocklist rule and ipset hash
/usr/sbin/ipset create blocklist hash:net
/usr/sbin/iptables -I INPUT 1 -m set --match-set blocklist 
↪src -j DROP

This file owner should be root with 700 permissions.
Once you create it, you should execute it manually because that needs to be done before you run the script to collect the blocklists.
I put the blocklist collection script in /usr/local/bin. You will need to create the directory /usr/local/bin/tmp because the script wants to keep its temporary files there.

#!/…

ImageMagick Interim Fix

A vulnerability resides in ImageMagick, a widely used image-processing library that's supported by PHP, Ruby, NodeJS, Python, and about a dozen other languages. Many social media and blogging sites, as well as a large number of content management systems, directly or indirectly rely on ImageMagick-based processing so they can resize images uploaded by end users. According to developer and security researcher Ryan Huber, ImageMagick suffers from a vulnerability that allows malformed images to force a Web server to execute code of an attacker's choosing. Websites that use ImageMagick and allow users to upload images are at risk of attacks that could completely compromise their security.

Update your /etc/ImageMagick/policy.xml file so that it contains the code taken from http://imagetragick.com  and restart corresponding daemons.

You're safe now. The full fix is still being worked out.

And if you have the old version of ImageMagick (because you are on CentOS 5, for example) …

Creating a chroot Environment for Mageia

Creating CHROOT Environment
Mageia documents (link below) tell us how to set up a chroot environment in their Wiki.

We'll set up both a 32-bit and a 64-bit environment for the current release as well as the development branch, Cauldron, and eventually use them with schroot, a tool that makes managing chrooted environments much, much easier.

To summarize the steps to create a chroot using urpmi as follows:

Create a Mount Point
To create the mountpoint for the chroot environment for either or both 32- and 64-bit environments as well as Cauldron:
# mkdir -p /mnt/chroot/mageia32
# mkdir -p /mnr/chroot/mageia64
# mkdir -p /mnt/chroot/cauldron32
# mkdir -p /mnt/chroot/cauldron64

Mageia can use either package set with your native urpmi application to install packages in the chrooted environment.

32-bit chroot
For the 32-bit environment:

Add the repositories.
$ sudo urpmi.addmedia --distrib --urpmi-root /mnt/chroot/mageia32  --mirrorlist 'http://mirrors.mageia.org/api/mageia.5.i586.list'…

Installing and Configuring a Mediawiki wiki on Mageia5

I started a MediaWiki wiki for my hobby, to serve as a convenient place to collect and centralize all the bits of information that I find scattered about the internet.

Creating such a wiki can be a daunting task, but if broken down into small tasks, it can be done. The most difficulty I had was that there were no specific instructions for Mageia. The best general instructions I could find were from the Mediawiki site, but were  for Ubuntu. Mageia configures its default configurations slightly different.

I chose to tun the wiki and its associated webserver and database in a virtual machinate using VirtualBox, so we can tackle that first assuming that you already know how install and configure VirtualBox.

Installing A Minimal Mageia Base
During the installation, deselect all the pre-configured options, but do select the option to select individual packages. You will select a minimal install with no X11 or documentation, but with urpmi.

The remaining installation is pretty straightforwar…

Lying to Get the Job Done: Adventures in setarch and export

It says something about the power and flexibility Linux when you are provided a means to lie in order to get an application to execute. And by this, I mean using the setarch command and a few other tricks to fool an application created for an older system so it will run on more modern system architectures.

I'm occupying myself trying to install some old games and so far, it has been challenging. In the heady turn-of-the-Millineum days, Linux installers were all the rage, promoted by Loki, a company the developed the installers and produced Linux versions of then-popular games, but wound up in Chapter 7 bankruptcy. Even in the throes of  their demise they didn't forget the Linux gaming community and made their installers and the GPL source code available for the world to use. That would be great had not fewer and fewer servers carried the actual (now-old) files -- most of the links are dead -- and had not the development of Linux progressed so much. Many of their *.run…

Booting From an ISO image using GRUB

Sometimes, it's handy to use a specialized boot environment on your system. Examples include SpinRite, GParted, TRK, FalconFour's Ultimate Boot CD and others.
Typically, you have a CD or DVD of that environment, insert it and boot from that.

Assuming that your own system isn't borked, it is possible to use GRUB to load the ISO image and boot from that. Here's how . . .

The special software that allows you to boot from an ISO image on your drive is SYSLINUX. While it is a complete boot system, mostly noted for its ability to boot from MS-DOS and MS Windows FAT filesystems, it contains a program named MEMDISK.

NOTE: While I am focusing on Linux systems, SYSLINUX and MEMDISK have MS Windows  versions, so with a careful reading of the documents you can do the same thing on a MS Windows computer.
Intended primarily to allow you to boot legacy operating systems, it also allows you to boot from floppy disk images, hard drive images and ISO images.

To use it, copy MEMDISK fro…