HeX LiveCD 1.0.2 Christmas Release


Merry Christmas. HeX development team would like to present you HeX 1.0.2 - The Christmas Release!!!!! Grab it from :-

http://bsd.ipv6.la/hex-i386-1.0.2.iso
http://bsd.ipv6.la/hex-i386-1.0.2.iso.md5
http://bsd.ipv6.la/hex-i386-1.0.2.iso.sha256

Details of release announcement can be found at Hex googlegroup and geek00l’s blog

December 21st, 2007, posted by Kevin Foo (chfl4gs_)

FreeBSD, Project No Comments

Pictures you will never find in news after 50 years of independence

These were taken from a particular mail. They caught my attention.

The demolition of the Sri Maha Mariamman Temple in Kampung Karuppiah in Padang Jawa, Shah Alam

Demolished

Stand-off

4 Human rights lawyers arrested handcuffed and locked up for defending Hindu temple demolition

Mr.P.Uthayakumar, Mr.P.Waythamoorthy, Mr.Manoharan And Mr.Ganabatirau

Police Report lodged against Constable Hasrul

It is sad to see all these cases taken place in Malaysia. If you’d like to know more about demolition of Hindu temples in Malaysia, feel free to visit these sites. The more I read the more absurdity I sense.

http://kula.blogsome.com/2007/11/01/unrelenting-demolition-of-hindu-temples/

http://sagaladoola.blogspot.com/2007/11/pas-samy-hindu-temple-demolition.html

http://timesofindia.indiatimes.com/Hindu_temple_brought_down_in_Malaysia/articleshow/2511694.cms

http://www.westernresistance.com/blog/archives/002227.html

Anyhow, I’d like to wish all my fellow Hindus pals a happy and joyful Deepavali.

November 8th, 2007, posted by Kevin Foo (chfl4gs_)

Life, Misc 2 Comments

Custom OpenBSD 4.2 bootable CD


With the release of OpenBSD 4.2, you will find that cdrom42.fs was not provided in OpenBSD official ftp sites. However, it is relatively easy to custom build your own OpenBSD 4.2 bootable installer CD. I will show you the steps in making your own puffer fish El Torito. :-D

CREATE CD STRUCTURE
Create the OpenBSD bootable CD structure with this command,

%mkdir -p ~/OpenBSD/4.2/i386

DOWNLOAD OPENBSD FILES
Use ncftp or wget to download the necessary files off OpenBSD ftp site.

%cd ~/OpenBSD/4.2/i386 && ncftp ftp://ftp.jp.openbsd.org/pub/OpenBSD/4.2/i386
ncftp /OpenBSD/4.2/i386 > get *

Note : install42.iso is a bootable OpenBSD installer by itself. You should exclude that file.

CREATE CDROM42.FS
As this file is absent, creation of cdrom42.fs is required in order to make bootable OpenBSD iso. Bootable “El Torito” CDROMs usually use a boot loader. The loader will boot disk image located inside the iso9660 filesystem. This cdrom42.fs is the file that contains both boot loader and disk image. Not too worry. It is trivial.

Thanks to Rainer Krienke for creating a nice El Torito boot image extractor in PERL, called “geteltorito“. Grab a copy/make executable and extract El Torito boot image from the file cdemu42.iso with this simple command.

%geteltorito cdemu42.iso > cdrom42.fs
Booting catalog starts at sector: 29
Manufacturer of CD: Copyright (c) 2007 Theo
Image architecture: x86
Boot media type is: 2.88meg floppy
El Torito image starts at sector 30 and has 5760 sector(s) of 512 Bytes
Image has been written to stdout ....

CUSTOMIZATION
You can add whatever files you want them to be included. Just copy them to ~/OpenBSD/ . I normally will put stuff like ports.tar.gz, src.tar.gz, sys.tar.gz and etc.

CREATE OPENBSD BOOTABLE INSTALLER CD
mkisofs comes handy in creating our bootable CD. Just issue this command and wait for it to be generated.

%cd ~/OpenBSD && mkisofs -vrTJV "OpenBSD 4.2" -b 4.2/i386/cdrom42.fs -c boot.catalog
-o OpenBSD42.iso ~/OpenBSD/

Now you will have OpenBSD42.iso. Burn it to a blank CD-R and Volia! Do support the OpenBSD project. Buy CD/T-shirt. They look really cool!!

November 6th, 2007, posted by Kevin Foo (chfl4gs_)

Howto, OpenBSD No Comments

Hex LiveCD 1.0.1 Release

We are pleased to release Hex LiveCD 1.0.1 to address boot performance and javascript issue on firefox. This build should be perfect version for FreeBSD 6.2-stable based Hex LiveCD. We will go 7.x and unionfs (hopefully) for next release.

Download link:

http://bsd.ipv6.la/hex-i386-1.0.1.iso
http://bsd.ipv6.la/hex-i386-1.0.1.iso.md5
http://bsd.ipv6.la/hex-i386-1.0.1.iso.sha256

Please let us have your feedback if you tried it out.

Official site and details:
http://www.rawpacket.org/
http://groups.google.com/group/HeX-liveCD

October 26th, 2007, posted by Kevin Foo (chfl4gs_)

FreeBSD, Project No Comments

Hex LiveCD 1.0 Release

That’s right. Today is the big day for us at Rawpacket to release our Network Security Monitoring & Network Based Forensics Centric liveCD - HeX version 1.0 Release. See details on geek00l’s blog.

October 18th, 2007, posted by Kevin Foo (chfl4gs_)

FreeBSD, Project 2 Comments

Big day

Tomorrow is the big day. Everything was ready awaiting for geek00l’s announcement. Stay tunned!!!!

October 17th, 2007, posted by Kevin Foo (chfl4gs_)

Project 1 Comment

sapphire.xwings.net under DDOS attacked!

Our (xwings and I) poor, _soon_to_be_removed_ webserver box at Brickfields netmyne datacentre was under DDOS attacked this morning around 11:30am MYT. The box with 512MB of RAM running FreeBSD survived the attack. However, system resources were running extremely low. More than 100 instances of httpd were running! The system was extremely busy and lag. It barely responded to my ssh connection request.

My pf rule’s stateful tracking limit seemed to be too lenient and not suitable for the box with low system resource.

pass in quick on $netif inet proto tcp from any to ($netif) port {80, 443}
   \ keep state(source-track, max-src-states 100, max-src-nodes 999}

I have decided to head on to more aggressive approach, with use of pf max-src-conn-rate, table and filtering.

table  persist
block in quick on $netif from 
pass in quick on $netif inet proto tcp from any to ($netif) port {80, 443}
   \ keep state(max-src-conn 100, max-src-rate 15/5, overload  flush}

After stopping all httpd instances, I loaded new pf rule. pfctl -f /etc/pf.conf. It worked nicely. table was full of sons/daughters of bitch’s IP addresses.

pfctl -t dos -T show
221.194.136.38
220.181.19.176
72.232.190.82
61.135.162.18
202.190.250.2
64.26.63.19

Happy and back to sleep again. Grow up, kids! Shame on you. You couldn’t even kill a poor little box with 512MB of RAM! But thanks anyway for helping me to test area where I overlooked.

White Papers for Success
Decisions related to web hosting should be taken after going through the current web hosting review. Having an old record of past webhosting review magazines might help a bit. For services like ix web hosting and powweb however, one does not need to go through reviews.

September 15th, 2007, posted by Kevin Foo (chfl4gs_)

FreeBSD, Howto No Comments

Curbing Image/PDF spam : Realtime Black Lists

Another way of fighting images spam is by Realtime Black List lookup. This tactic is probably one of method which is inexpensive to server resource.

With postfix, you could just add reject_rbl_client images.rbl.msrbl.net to smtpd_client_restrictions section of postfix’s main.cf.

For instance:

smtpd_client_restrictions = permit_mynetworks,
    reject_rbl_client images.rbl.msrbl.net,
    ....

For qmail, you could just add -r images.rbl.msrbl.net as tcpserver option of your qmail smtp startup script.

Note : images.rbl.msrbl.net - Hosts found sending mail contaning spam images. Check out MSRBL for more info.

September 7th, 2007, posted by Kevin Foo (chfl4gs_)

FreeBSD, Howto, Linux No Comments

Curbing Image/PDF spam : Clamav

On my previous post, I have discussed some of the anti image/PDF spam. I have tried clamav with Sanesecurity’s phishing and scam signatures.

On FreeBSD, I downloaded update shell script by Dan Larsson and made a slight modification as I do not wish to install/use rsync on production servers just to download signature files. I have added these two lines to update shell script under “http_source_urls” and commented out “rsync_source_urls“.

http://download.mirror.msrbl.com/MSRBL-Images.hdb

http://download.mirror.msrbl.com/MSRBL-SPAM.ndb

http_source_urls="
   http://www.sanesecurity.com/clamav/phishsigs/phish.ndb.gz
   http://www.sanesecurity.com/clamav/scamsigs/scam.ndb.gz
   http://clamav.securiteinfo.com/vx.hdb.gz
   http://download.mirror.msrbl.com/MSRBL-SPAM.ndb
   http://download.mirror.msrbl.com/MSRBL-Images.hdb
   http://www.malware.com.br/cgi/submit?action=list_clamav,fetch_interval=86400,target_file=mbl.db

"#rsync_source_urls="
#   rsync://rsync.mirror.msrbl.com/msrbl/MSRBL-Images.hdb
#   rsync://rsync.mirror.msrbl.com/msrbl/MSRBL-SPAM.ndb
#"

Read the rest of this entry »

September 7th, 2007, posted by Kevin Foo (chfl4gs_)

FreeBSD, Howto, Linux No Comments

Curbing Image/PDF spam : SpamAssassin

spamassassin

A lot of spam image/PDFs were slipping through my office MXs since this spamming technique has gained its popularity and it was getting really out of hands. I have decided to put an end to this madness and experimented various tactics to curb image/PDF spam. Generally, this can be achieved with spam scoring from SpamAssassin or clamav via Sanesecurity’s Phishing and Scam Signatures for ClamAV.

On this post, I will share some of the tactics that I have tried with SpamAssassin. With SpamAssassin, fighting image/PDF spam was trivial.

Read the rest of this entry »

September 6th, 2007, posted by Kevin Foo (chfl4gs_)

FreeBSD, Howto, Linux No Comments

Previous Entries

Next Entries



Word of the Day



Article of the Day



This Day in History



Today's Birthday



In the News



Quotation of the Day