coldtobi's blog

• Main
• Archives
• Albums
• Links
• Admin

• Blog and Website [94]
• DSL RAM [2]
• Electronics and Atmel AVR [11]
• fanctrl [3]
• General [8]
• German [1]
• La Fonera [22]
• Lifetype [17]
• Linux / Debian [33]
• Monetizing A Blog [8]
• my 2 cents [15]
• Netzfunde [18]
• Nice Links [1]
• solarpowerlog [2]
• Thecus N2100 [16]
• Tips and Tricks [18]

• N2M: parallel build dpkg-buildpackage and pdebuild
• Windows CE: Assertion failed in wincore.cpp line 1034
• CakePHP: Baking a Application in Minutes
• Enabling InnoDB support in debian (MySQL)
• Flattr.
• Pollin Net-IO PHP Library
• Link to safe

• RSS 0.90
• RSS 1.0
• RSS 2.0
• Atom

• Privacy Policy
• Disclosure Policy

End of being a Fonera.

After my La Fonera is now up since a long time, it is now time to migrate all the services it was running to a different machine on my network, and retire it.

(I have plans to recycle the hardware at a later point of time, but for now its time to plug the plug. It was a nice toy to play with, indeed.)

 (More)

Linux: Really using hardware random number generators.

A HW Random Number generator (HW RNG) helps programms a lot which needs some good entrophy, something especially on server systems is rare. Syntoms are slow key generation (ssl, ssh ... ) and poor performance when reading from /dev/random. 

However, soley having a HW RNG won't improve much -- this is what I learned today: I have a hifn 7955 based crypto accelerator in my NAS, but still poor /dev/random read rates. 

By coincident I learned that I looked at the wrong device -- the randoms by the hardware are available through /dev/hwrng. But how does other programms know that they should use this device instead of /dev/random? 

 (More)

Fun with spam

A Nigerian 411-type scam mail slipped through spamassassin.

Before moving it to its fate (aka SPAM folder), one line catched my eye:

(ii) Are you truly Dead OR Alive?

ROFL.

 (More)

Sending a email notification when pusing to git (sourceforge)

Whenever I push changes to solarpowerlog, I want that a notification mail is sent to a dedicated mailing list.

However, the documentation on sourceforge just says "you can do this", but finding docs about "how" is hard. 

So this is my try to document the procedure, in case this helps someone... The examples are the one for solarpowerlog, so be sure to edit them before applying.

Configure lighttp to simulate .htaccess rules (Deny From All)

Unfortunatly, lighhtpd does not support ".htaccess" rules directly. So if you want to use a script targeted for Apache, you have to implement your own rules.

Luckily, the most needed rule is to forbid the serving of a whole directory, the "Deny From All" rule.

This one can be emulated within the lighttpd.con -- but you have to list every affected directory.  A tedious task to find out every .htaccess contianing the rule and then adding the path to the configuration.

But this can be automated:

 (More)

WoW Money Laundering?

Today I want to share you a spam comment which was submitted some days ago. (I modified the comment and removed all external links. SPAM won't pay on this blog)

It seems that WoW has some reached some money laundery scheme, at least with "virtual money." I'm not playing the game, but it could also be that they (gold traders?) Use some victim as money mule to hide traces? Anti-Cheat detection prevention (you know, buying gold is considered cheating). I don't know, but I think it is an interesting development, and it might make sense to use caution. Especially if this is a way to launder real money, this can cause you real trouble (this could send someone to jail, worst case. IANAL! )

 (More)

Samba: No mount as user.

For security reasons (CVE-2009-2948) samba ceases to support setuid mount.cifs. Until at least a proper fix has been generated (saw patches for them, but at least in Debian they are not or defunc (Patches: http://archives.free.net.ph/message/20100326.142523.e959e38d.en.html, details of the problem http://www.samba.org/samba/security/CVE-2009-2948.html )

(IMHO the CVE is valid, but only makes sense in an multi-user enviorment and if you want to store your passwords in some files. Both are false for me. ) 

However, I need a working system. The other option is waiting until upstreams deciding what's better for me -- a security problem not touching my samba usage or no service at all. (Yes, I'm a little upset by this -- hitten cold by this "improvement" and finding out that they indeed choosen a way to "fix" it by disabling the execution at all. When I read the CVE notice from samba, it could also be done to disable the offending "information leaking" command options when run setuid... Well.)

Well *taking deep breath* lets stop ranting:

 (More)