My old Acer has finally gone ...

After almost 5 years wth me, my Acer laptop (Celeron) has been sold. Since it's arrival, it has mostly worked with Ubuntu in a partition, and Windows XP in another.

After some months, only Ubuntu, and until last month, Ubuntu 9.04. I bought a brand new one (thanks, Lon !!!) from Toshiba. And a friend of us asked me that laptop for his son. I told him to keep Ubuntu, for it is better, safer, and all the stuff we know about it.

- No, because he will have to learn lots of new concepts, and on.

And that is for studying only. After some words, I finally gave up, and had to start reinstalling Windows XP on it. Vista would not work well. My first problem was with drivers, since I didn't have them. Not that difficult, Acer's site is really a breeze. I downloaded almost 10 drivers and started a painful path of OS rebuilding. More than 8 reboots after, I had a fully functional Windows: sound, video and anything useful else. Typical. No Compiz, jelly windows, cube desktop, or many other useful stuffs. Hummm ... I mentioned it was only a Celeron with 1G ?

Office, Avira, hotfixes, all this stuff to be installed AFTER ending OS on Partition. More than 1:30 hours, My future ex-Acer is ready to serve someone else: a teenager ... (brrr).

One week after, all the system was compromised with "some" viruses. Now, after all that problems, he'll give Linux a chance. I'll let you know about it after.

Speed up your Internet in Ubuntu

Where I live, fast Internet is a dream for most users. So, I need to do something to make my Internet speed increase. We will read here how to make a good use of the advantages offered by a Linux Distro as Ubuntu.

The scenario
I am using a 3G modem. Unfortunately here it does not work as it should, being unstable and slow, most of time. Only 10% of the full contrated speed is guaranteed. It still is expensive, but for mobility, it is what it is. One other detail: I am always in the same sites. A great number the sites, but usually the same.

The solution
A proxy is the best way to make it go faster. According to wikipedia, a proxy is "a server (a computer system or an application program) that acts as a go-between for requests from clients seeking resources from other servers".

Thus, every web access will be requested to the proxy, and it will fetch it in Internet. This web page will remain a little in the system, because if it is requested again, some components will already be downloaded. That means that your browser will show the page faster.

We will see some changes to be made in proxy server, and some others in browser.

The Software
We'll be using Squid, a well-known proxy server, famous, free and widely used. This configuration is not difficult, but requires attention. You should know how to use vim.

Squid installation
As usual, installing a sofware in Ubuntu is a breeze. We will work using CLI, instead of GUI. I recommend you to copy the commands written here and paste them in BASH, to avoid typos.

First, let's assure that Ubuntu has informtion about the most recent packages. Open the CLI, and paste the following lines:

sudo aptitude update
sudo aptitude install squid

Remeber that if you want, you can dispose the whole squid configuration with the following lines:

sudo chattr -i /etc/squid/squid.conf.original
sudo rm /etc/squid/squid.conf.original
sudo aptitude purge squid

You need vim to be installed. If you are not sure about it, copy this line and paste it on Bash:

sudo aptitude install vim

Squid Configuration
First of all, let's do a backup copy of it's configuration file:

sudo cp /etc/squid/squid.conf /etc/squid/squid.conf.original
sudo chattr +i /etc/squid/squid.conf.original

Squid Configuration file has lots of comments. They are really helpful, but can be annoying sometimes. So we will "clean" it all:

sudo egrep -v "^$|^ *#" \
/etc/squid/squid.conf.original > /etc/squid/squid.conf

We must know the version of our software. This is how I can identify squid version:

sudo dpkg -p squid

Package: squid
Priority: optional
Section: web
Installed-Size: 1748
Maintainer: Ubuntu Core Developers
Architecture: i386
Version: 2.7.STABLE3-4.1ubuntu1
Replaces: squid-novm
Depends: libc6 (>= 2.4), libcomerr2 (>= 1.01), libdb4.7, libkrb53 (>= 1.6.dfsg.2), libldap-2.4-2 (>= 2.4.7), libpam0g (>= 0.99.7.1), netbase, adduser, logrotate (>= 3.5.4-1), squid-common (>= 2.7.STABLE3-4.1ubuntu1), lsb-base (>= 3.2-14), ssl-cert (>= 1.0-11ubuntu1)
Pre-Depends: debconf (>= 1.2.9) | debconf-2.0
Suggests: squidclient, squid-cgi, logcheck-database, resolvconf (>= 0.40), smbclient, winbind
Conflicts: sarg (<<>

This another way to do te same:

sudo dpkg -l | grep squid

In my system, this was the result:

ii squid 2.7.STABLE3-4.1ubuntu1 Internet object cache (WWW proxy cache)

Note that if your version is different, may ther be some differences.

Finally, let's start with the changes in Squid:

sudo vim /etc/squid/squid.conf -c ":set number"

I did the following changes:

...
35 icp_access deny all
36 http_port 127.0.0.1:3128
37 hierarchy_stoplist cgi-bin ?
...
48 extension_methods REPORT MERGE MKACTIVITY CHECKOUT
49 dns_nameservers 200.169.116.23 200.169.116.22
50 hosts_file /etc/hosts

Line 36 makes my Ubuntu more secure. In line 49 I stated both DNS IPs from my provider. acrescentei a linha 49, com os IPs do DNS do meu provedor. If you don't know about these IPs (they should be given by your ISP), you may see them in your Ubuntu system:

sudo cat /etc/resolv.conf

In my system, I had the following:

nameserver 200.255.121.39
nameserver 200.169.117.14

After these changes, we need to restart squid. So, let's do it:

sudo /etc/init.d/squid reload

To assure it is working, we can search the open ports. Squid uses port 3128:

sudo netstat -ltnp | grep -i squid

In my system:

tcp 0 0 127.0.0.1:3128 0.0.0.0:* OUÇA 3216/(squid)

What is bold in this line, is the same content of line 36 of squid's configuration file.

Browser configuration
The changes in our browser will be much easier. Let's do it in Firefox, which is already present in Ubuntu:






Let's first access Preferences, in edit menu.














After, we need to push Advanced button. In network tab, click on CONFIGURE.
















Do the same changes I did in this screen. Mine is in Brazilian Portuguese, but the fields are in the same place.











It is done. Proxy server installed and configured, and browser configured to talk to proxy server. In my computer, in about 8 days of use, I had the folowing use of HD:

sudo du -sh /var/spool/squid/
32M /var/spool/squid/

You should always control the space used by squid. If it increases too much, you can empty this cache. Type the following:

sudo squid -z

Don't forget to answer our poll, saying if this was useful, interesting or unuseful.

More security problems in Windows 7

In spite of the announced increase on security levels, a problem discovered in 2007 in Vista is still causing complications, this time on Windows 7. In 2007, Bruce Schneier points out the problem with the following:

Experts say that the fundamental problem that this highlights is that every stage in Vista's booting process works on blind faith that everything prior to it ran cleanly. The boot kit is therefore able to copy itself into the memory image even before Vista has booted and capture interrupt 13, which operating systems use for read access to sectors of hard drives, among other things.

Interestingly, 2 years after, Windows 7 keep almost the same problems. During HITB (Hack In The Box), wich is a security event, the researchers Vipin Kumar and Nitin Kumar demonstrate here how to gain control of a Windows 7 virtual machine, while during the boot.

It's a design problem," Vipin Kumar said, explaining the software exploits the Windows 7 assumption that the boot process is safe from attack. While VBootkit 2.0 shows how an attacker can take control of a Windows 7 computer, it's not necessarily a serious threat. For the attack to work, an attacker must have physical access to the victim's computer. The attack can not be done remotely.

Not only this, but Nitim says that there is nothing to be done, because this is a project problem, where is presumed that during the boot the OS is safe against attacks.

"There's no fix for this. It cannot be fixed. It's a design problem," Vipin Kumar said (..)

VBootKit 2.0 is only 3 Kb !!!

Reinstalling our best tools in Ubuntu 9.04

Finally, Ubuntu 9.04 is right on the way. Since 8.10 version, I have installed lots of tools, and now it is time to install this 9.04 pearl. But, of course I get worried of wasteing some of the tools I was allways making use of. Here I'll show what to do to get all them again.


Levantamento de Software Instalado
I have been using aptitude instead of apt-get for some time, for it is already in the system by the default, in any Debian variant, as Ubuntu is. Besides, aptitude records in log every action. This log file is /var/log/aptitude.log.

Thus, the folowing line will reveal back all tools that have been installed by aptitude, in Ubuntu:

sudo cat /var/log/aptitude | grep "\[INSTALAR\]" |\
cut -d" " -f2 > ~/Desktop/Inst.txt
sudo zcat /var/log/aptitude*gz | grep "\[INSTALAR\]" |\
cut -d" " -f2 >> ~/Desktop/Inst.txt

Consider the "\" by the end of 1st and 3rd lines. It tells BASH that the following line is the continuation of the actual line. Thus I can assure that there are only 2 lines of CLI code. Instead of having them typed, I strongly suggest you to copy and paste them both on BASH CLI.

A file Inst.txt will pop up in the Desktop, and in it a list of the installed files. This is the content of my file:

alien-arena
avant-window-navigator
build-essential
chromium
compizconfig-settings-manager
debian-keyring
dia
extremetuxracer
exuberant-ctags
fdutils
ffmpeg
flashplugin-nonfree
frozen-bubble
gdm-themes
gnochm
gnome-ppp
gpaint
hping2
htop
idle
iftop
imagemagick
ipcalc
iptraf
k3b
mozilla-plugin-vlc
mpg123
msttcorefonts
nmap
p7zip
python3
rails
rar
smplayer
sox
ssh
sun-java6-jre
swat
traceroute
transcode
tree
unrar
vim
virtualbox-ose
vlc
wireshark

I removed the dependencies, because they will automatically be installed, but you don't need to.

So, after installing the new Ubuntu version , I will be able to install my stuff with this following line:

aptitude install $(cat ~/Desktop/Inst.txt)

Of course, this only applies to packages installed via aptitude. tar.gz and other ways of installation usually does not apply, because they are not logged by aptitude log file.

The top 10 Linux commands on BASH, and more ...

I recognize I am an almost 100% Ubuntu user, either in home or working. But even with all the resources ready to use in a Ubuntu Desktop, and the usability it provides, I am frquently in a CLI (Command Line Interface).

Thus, almost with a new version of Ubuntu, the 9.04, I am searching for all the stuff I have installed in my 8.10, because I will probably reinstall them. Of course, registering this here will help others, and myself.

But, in the warmth of the battle, I questioned myself: what was the command I used the most ? "Googling" the web, I found a post written by MySurface, that shows a soberb pipeline :

history | awk '{CMD[$2]++;count++;}END { for (a in CMD)print CMD[a] " " CMD[a]/count*100 "% " a;}' | grep -v "./" | \
column -c3 -s " " -t | sort -nr | nl |  head -n10

Ok, great and terrible, Godzilla is a tiny and cute gecko, and so on. I assure you, it will not bite you, nor melt your CPU. What it will really do is to show the top ten commands you've issued in BASH. Copy it from here and paste on your console. The result in my root account was:

1 73 14.6% ls
2 37 7.4% ufw
3 37 7.4% cd
4 25 5% iptables
5 23 4.6% aptitude
6 18 3.6% ifconfig
7 14 2.8% man
8 13 2.6% tail
9 13 2.6% du
10 11 2.2% host

That means ls is my most used command: it represents 14.6% of all: it was issued 73 times, in different conditions. This pipeline researched my command history and gave me this results.

I have made a simple modification to see the whole list:

history | awk '{CMD[$2]++;count++;}END { for (a in CMD)print CMD[a] " " CMD[a]/count*100 "% " a;}' | grep -v "./" | \
column -c3 -s " " -t | sort -nr | nl |  less

In this case, press q to finish.

Conclusions
After that, I could see that:

• To have a better information, I should no use sudo for my administration tasks. Instead, I should login to root ($ sudo su -). Now every command issued by root account will be stored in its history. Guys on Ubuntu does warn that this may be harmful, that's why they provide a so complete sudo resource. So be advised: USE IT WITH CARE! :)
  
• Ubuntu default size for History File is 500 lines. I changed this to 1000 lines in ~root/.bashrc, adding the line HISTSIZE=1000 in this file.