[Use Gmail as a Sendmail TLSv1/SSLv3 relay]

Thursday, November 13, 2014 9:41 PM

It is well known that it is possible to use a TLS/SSL mail relay to send mail and still have the benefit of checking it through web mail. But just how easy is that to do? Nearly impossible. lol

I needed it initally to test a function of a php mailer script. You can now follow these simple steps to make sure it works! lol

apt-get install sendmail
vi /etc/mail/authinfo

Authinfo is the most critical part of determining how to use the gmail SSL mail relay. It has been recently incorporated into subsequent options available to sendmail.cf, most importantly before puting it against m4. Simply configure /etc/mail/authinfo to correctly parse this new directive.

Authinfo:smtp.gmail.com "U:mkearney2255" "P:password" "M:LOGIN"
Connect:localhost.localdomain  RELAY
Connect:localhost.localdomain  RELAY
Connect:localhost              RELAY
Connect:127.0.0.1              RELAY
Connect:192.168.137.3          RELAY

For Ubuntu Linux the argument "M:LOGIN" is very important although there are options for different SSL ciphers. I would guess that they are there because the gmail relay will work with these settings whereas the live.com server will not work correctly; their specifications are exactly the same! lol Nothing else is required to relay mail from different applications to the local server. Next, you must add the following options to the file /etc/mail/sendmail.mc. Scroll all the way down to the bottom of the file and add:

MAILER_DEFINITIONS
define(`SMART_HOST', `smtp.gmail.com')
define(`RELAY_MAILER_ARGS', `TCP $h 587')dnl
define(`ESMTP_MAILER_ARGS', `TCP $h 587')dnl
define(`confAUTH_OPTIONS', `A p')dnl
TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
define(`confAUTH_OPTIONS', `A y p')dnl
FEATURE(`authinfo', `hash -o /etc/mail/authinfo.db')dnl
MAILER(`local')dnl
MAILER(`smtp')dnl

Now that sendmail.mc is complete run it against the default m4 configuration supplied by !!!apt-get!!! lol

m4 /etc/mail/sendmail.mc >/etc/mail/sendmail.cf

If you notice the FEATURE attribute supplies a perameter with the .db suffix, not the authinfo that we were working with. This is simply a way of telling them further apart. Run this command next to turn it into a different kind of data file:

makemap hash /etc/mail/authinfo < /etc/mail/authinfo
/etc/init.d/sendmail restart

That's it! Sendmail! to check on the status of the mail being sent if you are testing other relays, Ubuntu uses the syslog to log sendmail.

[Another Java Script Trend]

Tuesday, August 19, 2014 8:30:00 PM

There is another exciting java script trend I didn't know about. It envolves CSS much like the mouseover function that originally changed images and created an attractive look. (That I spent hours fighting) Execpt this effect changes the properties of the CSS document dynamically based on the current position of the scroll bar. This has not yet become inherent, like mouseover now is; but it likely will. A script like this begins by setting the .sticky instruction. This instruction has the ".top" ".height" and ".scrollTop" instructions available. So in a matter of finagling, you are subsequentially able to supply a simple CSS instruction based on the value of .sticky which oddly can be immediately returned by the browser in this example:

$(function(){ // document ready

		  if (!!$('.sticky').offset()) { // make sure ".sticky" element exists

		    var stickyTop = $('.sticky').offset().top; // returns number of .top

		    $(window).scroll(function(){ // scroll event
            var footerTop = $('.bottom').offset().top; // returns number of .top
		     var stickyHeight = $('.sticky').height();
              var limit = footerTop - stickyHeight;
                
                
                var windowTop = $(window).scrollTop(); // returns number of .scrollTop

		      if (stickyTop < windowTop){
				
				$('.sticky').css({ position: 'fixed', top: 0 });// CSS position:fixed
		      }
		      else {	$('.sticky').css('position','static'); // CSS position:static
		      }
              if (limit < windowTop) {
          var diff = limit - windowTop;
          $('.sticky').css({top: diff});  // CSS top:diff
              }     
		    });

		  }

		});

So, like this page you could have 3 defining CSS instructions depending on the postion of .sticky

$('.sticky').css({ position: 'fixed', top: 0 });

or

$('.sticky').css('position','static');

or 

$('.sticky').css({top: diff});

So, now that you know how cool that really is, I'm going to spend more time with it to find another way to present with the browser.

[More C# code]

Tuesday, June 10, 2014 10:55:00 PM

Is your audience a little slow? Are they low informaion voters? Ask Mr. Turtle! Mr.Turtle will take a picture of a selected area of the screen and convert with his pdf converter. Mr. Turtle will then send it back to you in an email. They can then easily print or view the selected pdf file. Mr. Turtle knows windows 7, windows 8 and windows 8.1.

This C# code was a little more difficult. It doesen't look all that great but it works well, I wish I could say the same for LinQ. hahah The primeval star was with me yet again, sun is very nice. lol The real turtle is on my Facebook video page. ++ Download the source code here:

MR. TURTLE

[Perl mongering]

Sunday, May 4, 2014 10:18:00 PM

As you know it in so much that it is true, PERL is alive and well. Spending the last few days with "oxwall", (www.oxwall.org) I was able to reverse engineer some of the PHP code assoicated with the content management system. It includes notably, a facebook like posting system related to the CMS. This would be an excellent replacement for "mojoportal" (www.mojoportal.com):



But if I wanted to do that, it would be useful to post statistics about the processor load, and the disk io wait state. This was really difficult to do and have it make sense at the same time. You could say that it's like riding a bycycle but unfortunately that's not true. yet. lol. Here is some PERL code I was working on:

#!/usr/bin/perl -w
##
## print iostat in an iframe
##
@months = qw(Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec);
@weekDays = qw(Sun Mon Tue Wed Thu Fri Sat Sun);
($second, $minute, $hour, $dayOfMonth, $month, $yearOffset, $dayOfWeek, $dayOfYear, $daylightSavings) = localtime();
$year = 1900 + $yearOffset;
$theTime = "$weekDays[$dayOfWeek] $months[$month] $dayOfMonth,$year,$hour:$minute:$second";
use lib qw( /usr/local/lib/perl );
print "Content-Type:text/html\n\n";
print 

$theTime
EOF
@result=`/usr/bin/iostat -x`;
my @results = split ' ', $result[2];
print join (' ', "$results[0]  ");
print join (' ', "$results[1] ");
print join (' ', "$results[4]\n");
my @resolute = split ' ', $result[3];
print join (' ', "          $resolute[0]  ");
print join (' ', "$resolute[3]\n");


print 

EOF


In that example, my trip to reno led to #france. Which led to Chinatown, Washington; DC. So split my @results from static $result which leaves me, $resolute. fine. heheh Here is the video:



[C# Multiple OS USB key]

Saturday, April 12, 2014 4:54:00 AM



Well, after some thought, I decided to make a windows installer. It works well, a little slow copying files might become confusing:

Download HERE:

I wrote it in C# !!! so much for windows macro code....

You can also download the source code HERE:

This is basically what it does in so many words:

        private void menu(string usb_key)
        {
            int Maxitem = 0;
            Maxitem = 50000;
            progressBar1.Maximum = 50000; // your loop max no. 
            progressBar1.Value = 0;

            for (int i = 0; i < Maxitem; i++)
                progressBar1.Value += 1;

            usb_key = usb_key.Replace("\\", " ");
            int selectedIndex = comboBox2.SelectedIndex;
            Object selectedItem = comboBox2.SelectedItem;
            string isofile = selectedItem.ToString().Replace(" ", "_");
            string usb_file = usb_key + "\\" + "ISO\\" + isofile + ".iso";
            File.Copy(label1.Text, @usb_file, true);
            if (selectedItem.ToString().Contains("XP"))
            {
                string path = @usb_key + "\\" + "multiboot\\menu\\" + "menu.lst";
                using (StreamWriter sw = File.AppendText(path))
                {
                    sw.WriteLine("");
                    sw.WriteLine("title Begin Install of Windows XP from Windows XP SP3 32 Bit.iso (Stage 1)");
                    sw.WriteLine("find --set-root /multiboot/ISOS/" + isofile + ".iso");
                    sw.WriteLine("map (hd0) (hd1)");
                    sw.WriteLine("map (hd1) (hd0)");
                    sw.WriteLine("map --mem /multiboot/ISOS/firadisk.img (fd0)");
                    sw.WriteLine("map --mem /multiboot/ISOS/firadisk.img (fd1)");
                    sw.WriteLine("map --mem /multiboot/ISOS/" + isofile + ".iso");
                    sw.WriteLine("map --hook");
                    sw.WriteLine("chainloader (0xff)/I386/SETUPLDR.BIN");
                    sw.WriteLine("");
                    sw.WriteLine("title Continue Windows XP Install from Windows XP SP3 32 Bit.iso (Stage 2)");
                    sw.WriteLine("find --set-root /multiboot/ISOS/" + isofile + ".iso");
                    sw.WriteLine("map (hd0) (hd1)");
                    sw.WriteLine("map (hd1) (hd0)");
                    sw.WriteLine("map --mem /multiboot/ISOS/" + isofile + ".iso");
                    sw.WriteLine("map --hook");
                    sw.WriteLine("chainloader (hd0)+1");
                    sw.WriteLine("");
                    sw.WriteLine("title Boot Windows XP - If fails, reboot with USB removed (Stage 3)");
                    sw.WriteLine("map (hd1) (hd0)");
                    sw.WriteLine("map (hd0) (hd1)");
                    sw.WriteLine("root (hd1,0)");
                    sw.WriteLine("find --set-root /ntldr");
                    sw.WriteLine("chainloader /ntldr");
                }
                MessageBox.Show("Done copying file.");
                progressBar1.Update();
                progressBar1.Refresh();
                progressBar1.Invalidate();

            }
            else
            {
                if (selectedItem.ToString().Contains("Vista"))
                {
 

That's not all. I also did this but for some reason or another format.com formatted my drive with fat32, not NTFS. So I called chkdsk to check the dirty bit and convert to make sure it was formatted as NTFS. As it turns out, there is no Win32 module that reports the actual progress of progress bar. Just a timer tick event that calls timer1_Tick.. fale. it's hella gay hehe

            Timer timer1 = new Timer();
            timer1.Enabled = true;
            timer1.Start();
            timer1.Interval = 1500;
            progressBar1.Maximum = 15;
            


                usb_key = usb_key.Replace("\\", " ");
                string checkPath = Environment.GetEnvironmentVariable("WINDIR") + @"\System32\chkdsk.exe";
                System.Diagnostics.Process Proc1 = new System.Diagnostics.Process();
                Proc1.StartInfo.FileName = @checkPath;
                Proc1.StartInfo.Arguments = " /f" + usb_key;
                Proc1.StartInfo.UseShellExecute = false;
                Proc1.StartInfo.CreateNoWindow = true;
                Proc1.StartInfo.WindowStyle = ProcessWindowStyle.Hidden;
                Proc1.Start();
                Proc1.WaitForExit();
                 
                string formatPath = Environment.GetEnvironmentVariable("WINDIR") + @"\System32\format.com";
                System.Diagnostics.Process Proc2 = new System.Diagnostics.Process();
                Proc2.StartInfo.FileName = @formatPath;
                Proc2.StartInfo.Arguments = usb_key + " /Y /FS:NTFS /V:SQUIRREL /Q";
                Proc2.StartInfo.UseShellExecute = false;
                Proc2.StartInfo.CreateNoWindow = true;
                Proc2.StartInfo.WindowStyle = ProcessWindowStyle.Hidden;
                Proc2.Start();
                Proc2.WaitForExit();

                string convertPath = Environment.GetEnvironmentVariable("WINDIR") + @"\System32\convert.exe";
                System.Diagnostics.Process Proc3 = new System.Diagnostics.Process();
                Proc3.StartInfo.FileName = @convertPath;
                Proc3.StartInfo.Arguments = usb_key + " /fs:ntfs";
                Proc3.StartInfo.UseShellExecute = false;
                Proc3.StartInfo.CreateNoWindow = true;
                Proc3.StartInfo.WindowStyle = ProcessWindowStyle.Hidden;
                Proc3.Start();
                Proc3.WaitForExit();

                Directory.CreateDirectory(usb_key + "\\multiboot");

                System.Diagnostics.Process Proc4 = new System.Diagnostics.Process();
                Proc4.StartInfo.FileName = @"syslinux.exe";
                Proc4.StartInfo.Arguments = "-maf -d /multiboot " + usb_key;
                Proc4.StartInfo.UseShellExecute = false;
                Proc4.StartInfo.CreateNoWindow = true;
                Proc4.StartInfo.WindowStyle = ProcessWindowStyle.Hidden;
                Proc4.Start();
                Proc4.WaitForExit();

                DirectoryCopy(".", @usb_key + "\\.", true);

                timer1.Tick += timer1_Tick;
                
            //idk. that would be cool if a loop ran the progress bar recursively. fale.

[Custom built Syslinux thumb drive for technicians]

Monday, March 31, 2014 7:30:00 PM

If you don't feel like reading a bunch of stuff and are curious, skip to this download with readme instructions. The zip file includes everything you need to create a syslinux USB windows installer.

With recent PC hardware improvements, it is now possible to boot an entire operating system with a USB thumb drive from the system BIOS. Since I have been out of the loop, a thumb drive can be made bootable.Syslinux is specialized in doing just that! There were improvements made recently that provide options to a module called chain.32. chain.32 fs excutes a reserved sector that contains a file. The suboption, ntldr specifies segment 0x2000 to include, ntldr (XP, 2003), bootmgr (Vista, 2008, 7) and grldr (Grub4DOS). You can find ntldr and bootmgr on the install disk. grldr only loads a subsystem called grub4dos that can be confusing to operating system installation programs rather than using syslinux options directly. I spent hours and hours with the chain.32 chainloader only to find out it requires the use of one contiguious partion, which leaves out a thumb drive with seperate install directories. So, it looks like for now you can use grldr with a .cfg file but you can't use just any grldr. This zip file contains one that includes addtional menu options. The file also includes the collection, "FiraDisk" which basically does some daft manuvering for you in grub4dos. This is not syslinux mind you, which does not allocate changes the new bootmgr and BCD windows installation files, which makes perfect sense. Unless you like ^M. lol but no other bootable USB software program is as adept as Syslinux. This is great for booting PXE.

#start Windows Install
LABEL Start Windows Install
MENU LABEL Start Windows Install
MENU INDENT 1
COM32 /HBCD/Boot/chain.c32 ntldr=/boot/grub/grldr
#end Windows Install
                        

This is the source code for the option in the loadable module chain.32:

/* 'fs' => we should lookup the syslinux partition number and use it */
	if (!strcmp(opt.drivename, "fs")) {
	    do {
		if (iter->abs_lba == fs_lba)
		    break;
	    } while (!pi_next(iter));
	    /* broken part structure or other problems */
	    if (iter->status) {
		error("Can't find myself on the drive I booted from.");
		goto bail;
	    }
	}                     
                        

So, I bought this drive for $20:

The 32 Gigabyte model, yes that's 32 gigabytes for $20; holds seven operating system install disks and other bootable ISO images, like Gparted live CD and Hiren's Boot CD with nearly 10 gigabytes left to spare.

You can automate the syslinux install to the thumb drive with windows software called "yumi". Download Yumi and add ISO images by selecting the correct thumb drive. However Yumi will only format the thumb drive with fat 32 which is really slow for a Windows 8.1 install. Find something to format the thumb drive with NTFS before running Yumi. Copy ISO images that grldr will read to the thumb drive in a directory called ISO on the root of the thumb drive and go to sleep or something. lol Copy the file other.cfg to the multiboot/menu/ directory. The .cfg files are hard to read but go for it. So is /boot/grub/Menu.lst. This was extremely difficult but you can change the values for MYISO and the Firadisk subsystem. For example, you can run unattended install files that specify a product key. Managing that, the files are named, auWin81.xml, auWin8.xml and au.xml. They are called by /boot/grub/Menu.lst FreeBSD unfortunately wont run, it needs ufs or some other file system to mount root and complete the install program; which isn't included.

If you're good with photoshop, (and I have been making buttons and other web images for 14 years! lol) Yumi runs in full 8 bit color mode when it brings up the boot screen. Here is my image for my new job:



Save your photoshop, ms paint or gimp file as a 8bit png file at 640x480. (.png) Then find yumi.png and delete it. Write your file and name it yumi.png. This will bring up your menu initially, but will display the software authors png on a secondary menu. A little confusing but this is what syslinux reads without getting to far into the menu.32 module. Be careful of editing the cfg menu files that the menu.32 module runs. This is similar to the module, chain.32 which requires exacting perameters. You may be able to change the names of MENU LABEL. And! Don't let any installation program choose anything auto_magically, it will likely leave the flash drive "RAW" by formating it. If this happens, and it did; use this program --> EaseUS Data Recovery to get the files back. WOW!

[Spanning addtional windows fixed]

Saturday, March 22, 2014 11:24:00 AM

I was cleaning all day yesterday. Nearly 12 hours trying to spot clean kitchen cabenets, the refridgerator and the stove. My hand muscle hurts. lol Anyway, I decided that spanning an addtional window was unacceptable for the new site. So I ceaned it up with another java script. Early on, java script had some characteristics which were such that they must be inline, a combination of two or more scripts tipically failed, and they could not be displayed with a src attribute. I thought whatever fixed this could be the answer to my spanning addtional windows. The script target.js excutes the class attribute "non-html". Then just specify the _top instruction. (_top doesn't work in target) Nothing else. Easy! yay. lol.

This can also be demonstrated by removing the reference to the jquery 1.7.1 library and index.html will not span addtional windows. This was because intitally I gave it an incorrect path. But I don't belive that. I forgot why I need the jquery 1.7.1 library. lol


[Acid for the rest of us] What?

Monday, March 19, 2014 3:56:00 PM

I discovered something interesting while finding the code to update frames to jquery. A simple experiment where I created a file, then pasted this into a file created on my computer. Although the pricise code that enables the navigation to float on the left resides within the browser, I placed both his file and my new file on the server. Both the files were identical in content but not in context. My new file failed while his file produced the floating navigation on the right. Initally, I discovered the discrepancy by removing the 1px border on the right in style.css. This caused the remainder of content containing the floating code in all the pages to fail. I replaced the 1px border and this also failed. I cleared firefox cache and restarted. I also launched the internet explorer browser which had never been used in several months. This also failed. Do you exist? hahahaah

Kind of dumb, but I put it against this on someone elses computer: http://diffchecker.com/xg5yx7t2

Using the new file from the zip archive now works on both internet explorer and firefox running on my computer.

Incidentally, the files that I downloaded cannot be found on Andrew Henderson's page. I put the file on the nova server for reference here: jquery-sticky-content.zip

Also, I made sure that there were no incorect refrences to things that don't exist, like the information contained in the header. lol However I still don't know why the file causes the browser to spawn an additional window by clicking on "FreeBSD DMZ" and not spawn addtional windows within that same window. hahaha Actually this is not so funny to think that a rogue company involved in the development of open source or universal code has code which is not so universal.

In conclusion, the file which was created on my computer, style.css can be seen here with a time delay of four hours and thrity one minutes:

http://www.student.nvcc.edu/home/mikearney2/time_test/time_test.htm

time_test.htm and andrew henderson's code are identical. However, style.css found in:

http://www.student.nvcc.edu/home/mikearney2/time_test/time_test.htm

is the modified file created on my computer/. The scripted language which the browser reads is identical in style.css This is now a detirment rather than something which could enable machine code to respose the contents of a file rather than the scripted language which it reads. Unfortunately, I can't remember how I created it. hahahah

And are you ready for this. It was because I forgot to remove the spaces in between the comment section. Or did I remove the spaces? lol I still don't know why it remains to be true that it spawns addtional windows. But I have a pretty good idea. heheh


kindle book - amazon.com

Saturday, March 15, 2014 5:38:00 PM
Product Details

Check out my Amazon.com page:

www.amazon.com/Demension-Door-Michael-Kearney-ebook/dp/B00IRMFSKA/

I wrote another book. I thought science fiction could only pick up where I left off. It's kind of short, I didn't want to make it boring. I drew the cover, just an update to many, many long hours drawing on the desk in high school. lol

I've also done a site redesign with twitter bootstrap v3.0.0 and Jquery 1.9.1 The navigation hovers nicely and draws the eye. If you want to know how I went about doing that, right click on your browser software and left click "view source". You can copy this information to the "clipboard" and paste it elsewhere. About 18 years ago, I tried to quantify the tangable mechanisms which allow the internet browser to deliver content without downloading additional software, linked closely with :"request for comment" One of those mechanisms remains to be "Java Script" seen here with the collection, "Jquery 1.9.1" I'm not entirely sure why it gained support other than to say that there were quite a few variations to replacing an image with the "mouseover" function several years ago. "Mouseover" is exlusive in this regard to providing a means to call addtional functions from the browser using standard "HTML" code. plus plus.

I also wrote a computer technician's guide book based on some of the information here, I just put it into perspective:

Check out my Amazon.com page:

www.amazon.com/Computer-Technicians-Quick-Michael-Kearney/dp/1492251585/

 


[home] Collect input output metrics with Ganglia io

Friday, August 23, 2013 3:03:00 PM

Get it here:

http://www.student.nvcc.edu/home/mikearney2/download/ganglia-3.0.7_io.tar

Or Here:
http://www.remnantone.com/pkgs/ganglia/modiostat.tar.gz

Provided that ganglia 3.1.x is already installed, it should just be a matter of running ./configure & make. Or you could get the gmetad binary and run gmond I/O. Here is a working example of gmond.conf I/O:

globals {                    
  daemonize = yes              
  setuid = yes             
  user = nobody              
  debug_level = 0               
  max_udp_msg_len = 1472        
  mute = no             
  deaf = no             
  host_dmax = 0 /*secs */ 
  cleanup_threshold = 300 /*secs */ 
  gexec = no             
} 

/* If a cluster attribute is specified, then all gmond hosts are wrapped inside 
 * of a &ltCLUSTER&gt tag.  If you do not specify a cluster tag, then all &ltHOSTS&gt will 
 * NOT be wrapped inside of a &ltCLUSTER&gt tag. */ 
cluster { 
  name = "Ubuntu" 
  owner = "planaxis" 
  latlong = "38.6581� N, 77.2500� W" 
  url = "http://www.planaxis.tk" 
} 

/* The host section describes attributes of the host, like the location */ 
host { 
  location = "unspecified" 
} 


/* You can specify as many tcp_accept_channels as you like to share 
   an xml description of the state of the cluster */ 
udp_send_channel {
  host = 127.0.0.1
  port = 8649
}
udp_recv_channel { 
  port = 8649
}

tcp_accept_channel {
  port = 8649
}


collection_group {
  collect_every = 10
  time_threshold = 120
  metric {
    name = "io_readtot"
  }
  metric {
    name = "io_readkbtot"
  }
  metric {
    name = "io_writetot"
  }
  metric {
    name = "io_writekbtot"
  }
  metric {
    name = "io_svctmax"
  }
  metric {
    name = "io_queuemax"
  }
  metric {
    name = "io_busymax"
  }
}

collection_group { 
  collect_every = 10 
  time_threshold = 300 
  metric { 
    name = "bytes_out" 
    value_threshold = 4096 
  } 
  metric { 
    name = "bytes_in" 
    value_threshold = 4096 
  } 
  metric { 
    name = "pkts_in" 
    value_threshold = 256 
  } 
  metric { 
    name = "pkts_out" 
    value_threshold = 256 
  } 
}

New Apache format

Friday, August 23, 2013 12:14:00 PM

3Apache has a new format for it's http server. The httpd.conf file remains similar but now uses the Include directive to separate files. This promotes two new programs to use with the new http server; a2enmod and a2dismod. These enable modules and disable modules, which are part of the httpd project. This new format could then easly be revised as part of the source code.

Once you install the module, the module will be available in the /etc/apache2/mods-available directory. You can use the a2enmod command to enable a module. You can use the a2dismod command to disable a module. Once you enable the module, the module will be available in the the /etc/apache2/mods-enabled directory although not part of the httpd.conf file at all. The format remains relatively the same in /etc/apache2/sites-enabled with 000-default. Here is a working example of httpd.conf 000-default.

&ltVirtualHost *:80&gt
ServerName 192.168.0.6
	ServerAdmin webmaster@localhost
DocumentRoot /usr/local/sbin/ganglia-3.0.7/web

	&ltDirectory /&gt
		Options FollowSymLinks
		AllowOverride None
	        Order allow,deny
                Allow from all
        &lt/Directory&gt
	&ltDirectory /var/www/&gt
		Options Indexes FollowSymLinks MultiViews
		AllowOverride None
		Order allow,deny
		allow from all
	&lt/Directory&gt

	ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
	&ltDirectory "/usr/lib/cgi-bin"&gt
		AllowOverride None
		Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
		Order allow,deny
		Allow from all
	&lt/Directory&gt

	ErrorLog ${APACHE_LOG_DIR}/error.log

	# Possible values include: debug, info, notice, warn, error, crit,
	# alert, emerg.
	LogLevel warn

	CustomLog ${APACHE_LOG_DIR}/access.log combined

    Alias /doc/ "/usr/share/doc/"
    &ltDirectory "/usr/share/doc/"&gt
        Options Indexes MultiViews FollowSymLinks
        AllowOverride None
        Order deny,allow
        Deny from all
        Allow from 127.0.0.0/255.0.0.0 ::1/128
    &lt/Directory&gt
&lt/VirtualHost&gt

&ltVirtualHost *:80&gt
ServerName planaxis.tk
ServerAlias *.planaxis.tk
ProxyPreserveHost On
ProxyVia Full
ProxyPass / http://192.168.0.1/
ProxyPassReverse / http://planaxis.tk
&lt/VirtualHost&gt

Postfix Web Mail SMTP Server

Friday, August 23, 2013 11:58:00 AM

Does your ISP block SMTP service? Many ISP's will block SMTP service as part of their sales package but you can now use the SMTP server of your favorite web mail service with postfix to eliminate errors. For example using a asp.net control here is main.cf:

relayhost = [smtp.lycos.com]:587
mynetworks_style = host
mynetworks = 192.168.0.1
#mynetworks = 127.0.0.0/8 192.168.0.0/24 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_password
smtp_sasl_security_options = noanonymous 
smtp_tls_CAfile = /etc/postfix/cacert.pem
smtp_use_tls = yes

And here is the exacting sasl_password hash format:

[smtp.lycos.com]:587 username:password

Using this format it will use postfix as a gateway, and your favorite web mail server as a legitamate smtp relay host.

 


Windows ICS
Wensday, December 26, 2012 8:15:00 PM

Firewalls are very complicated. You can develop your own through many unix variants. I have included some examples in the projects section to the right. BUT ! you have more than one computer and you want to share your internet connection. You could use your router provided by the internet service provider, but maybe you want to do something a little more complicated.

If you have a windows computer, it's very easy now a'days. Enable windows ICS with the advanced tab in windows explorer:




Then, configure any client workstations or servers to use the new router or "gateway" through windows internet conection sharing. (the address of the windows computer)


kindle book - amazon.com

Friday, September 8, 2012 12:24:00 AM
Product Details

Check out my Amazon.com page:

http://www.amazon.com/Cartier-ebook/dp/B00E5UMW66/

I wrote a novel! (60,000 words) It is from begining to end in light of what is written here.


Gparted, a modern partioning tool. 

Tuesday, November 22, 2011 3:36:00 AM

One such program was named "ghost". Ghost can now also duplicate the contents of a hard disk drive with the ext4 filesystem. However, using ghost to transfere the contents of an old hard disk to a larger hard disk will leave you with an identical partition on the larger disk; which does not utilize the unalocated space. Spending months in a lonely georgetown apartment, I discovered that Linux also has several caveats, namely it's undenialble equivocality. eg. For example, after a hot shower to stay warm becuase you have no heat you discover that

do-release-upgrade
Didn't work. But, 3.0 dmesg is nearly identical to previous versions; lets try the old:
sudo apt-get remove
This will return:
 previous installation interupted please run sudo dpkg --configure -a

Running sudo apt-get remove and dpkg --configure -a consecutively will resume do-release-upgrade. Most of linux can be found in the college catalogue, not in my repetuar; but Amazingly, A tool has reached the hands of linux technicians. GParted. It is well known that you can resize, copy, and move partitions on a fixed computer hard disk on windows but now you can do that on linux too.

So using ghost and gparted you can install and configure a new hard drive that uses all the unallocated space. Except for one thing. The genesis of the UUID. And to understand that, for example, evolution theorists serve nothing but to exemplfy the obvious. Why are all pre-historic cave paintings, strikingly similar? What is redshift? If something is nothing then nothing is impossible. Think about it seriously, nothing. Just nothing. ?????????

There are 340,282,366,920,938,463,463,374,607,431,768,211,456 possible UUIDs (16 to the 32nd power) respectively.

All partitions and devices have a unique UUID. They are generated by the make-filesystem utilities (mkfs.*) when you create the filesystem. To list all devices and partitions with their UUID, you can also use blkid. In /etc/fstab you prefix the device UUID with UUID= :

Except there is one more problem. You deleted the swap partition and made a new one at the end. The gparted livecd can't allocate the changes to EXT4-fs. Not true. lol Incedentally, that's precicsely where you come in. PUSH THE OFF BUTTON AND REBOOT. (eg. driving for miles in the middle of the night) Now you can mount -t ext4 /dev/sda and make the nessary changes to /etc/fstab by replacing the entry with the new UUID created by gparted livecd.


Droid 0.3 and Exchange Server 

Sunday, February 27, 2011 1:48:00 PM

Droid is here ! With advent of technology, google's android phone brings out all the possiblities. Namely, the ability to synch Microsoft Outlook with Exchange server. All you need is Exchange server right? Wrong ..

Connect with the android client under Settings > Accounts & Sync > Add Acount > Corporate

Enter your email address and or your username and password. Select use SSL and Accept any SSL certificate.

We all know that Microsoft is great when and if it works, not including Denial of Service. So, to protect your IIS server against Denial of Service you can use Apache mod_proxy. Keep in mind that Apache mod_proxy is independant of FreeBSD ipfw and natd. You can also use mod_security2 in conjunction with mod_proxy to protect against abnormal queries to the Exchange application it's self. Assuming you had compiled Apache with the ssl flags, (this is the only way to implement apache ssl) Edit /usr/local/apache2/conf/extra/httpd-ssl.conf:

	<VirtualHost _default_:443>
	#   General setup for the virtual host
	DocumentRoot "/usr/local/apache2/htdocs"
	ServerName droid.nvita.org
	ServerAdmin mkearney@nvita.org
	UseCanonicalName On
	ProxyVia Off
	ProxyPreserveHost On
	ProxyPass / http://192.168.0.3:99/
	ProxyPassReverse / http://droid.nvita.org:99/
	ErrorLog "/usr/local/apache2/logs/error_log"
	TransferLog "/usr/local/apache2/logs/access_log"

	SSLEngine on
	
	#   Server Certificate:
	SSLCertificateFile /usr/local/apache2/conf/CA/mail-server.crt
	
	#   Server Private Key:
	SSLCertificateKeyFile /usr/local/apache2/conf/CA/mail-server.key
#   Server Certificate Chain: SSLCertificateChainFile /usr/local/apache2/conf/CA/my-ca.crt
#   Certificate Authority (CA): SSLCACertificateFile /usr/local/apache2/conf/CA/my-ca.crt SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL <FilesMatch "\.(cgi|shtml|phtml|php)$">     SSLOptions +StdEnvVars </FilesMatch> <Directory "/usr/local/apache2/cgi-bin">     SSLOptions +StdEnvVars </Directory> BrowserMatch ".*MSIE.*" \          nokeepalive ssl-unclean-shutdown \          downgrade-1.0 force-response-1.0 CustomLog "/usr/local/apache2/logs/ssl_request_log" \           "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" </VirtualHost>

Now just set up IIS correctly to run the Exchange app pool under port 99 instead of the default which is port 80. Funny thing, the application responds to the root directory rather than it's anti-cedant, /Microsoft-Server-ActiveSync/ Also make sure all your DNS settings are correct.

It is highly unlikely that an attacker will get a compromised sniffer to sniff cleartext passwords on a leaf node of either the celluar network or your own, but in the case that they do, the communication between the server and the client; the android phone; is encrypted. If everything is correct you should see a similar query to the apllication Microsoft-Server-ActiveSync?

tail -f /usr/local/apache2/logs/access_log

69.171.176.64 - - [27/Feb/2011:12:46:34 -0500] "POST /Microsoft-Server-ActiveSync?Cmd=Ping&User=user&DeviceId=droid