was successfully added to your cart.

Category

Linux

Install Berkeley 4.8 db libs on Ubuntu 16.04

By | Crypto Mining, Linux | No Comments

sudo add-apt-repository ppa:bitcoin/bitcoin
sudo apt-get update
sudo apt-get install libdb4.8-dev libdb4.8++-dev

OR

wget http://download.oracle.com/berkeley-db/db-4.8.30.zip
unzip db-4.8.30.zip
cd db-4.8.30
cd build_unix/
../dist/configure --prefix=/usr/local --enable-cxx
make
make install

Also commonly fixes :
libdb_cxx headers missing ubuntu
found berkeley db other than 4.8, required for portable wallets
berkeley db 4.8 ubuntu

Install linux homebrew (brew) Ubuntu 16.04 LTS

By | Linux | No Comments

sudo apt-get install -y curl g++ gawk m4 make patch ruby tcl

PATH=~/.linuxbrew/bin:/usr/local/bin:/usr/bin:/bin
unset LD_LIBRARY_PATH PKG_CONFIG_PATH
yes | ruby -e "$(curl -fsSL https://raw.github.com/Linuxbrew/linuxbrew/go/install)"
brew doctor

brew install gcc --with-glibc
brew tap homebrew/dupes
brew install git
brew install coreutils findutils gawk gnu-sed gnu-which grep make ruby

PATH=$HOME/.linuxbrew/bin:$HOME/.linuxbrew/sbin
brew install hello && brew test hello; brew remove hello

Mail-In-A-Box and Gitlab Install Script Same Server

By | Linux | No Comments

apt-get update && apt-get dist-upgrade
curl -s https://mailinabox.email/setup.sh | sudo bash
curl https://packages.gitlab.com/install/repositories/gitlab/gitlab-ee/script.deb.sh | sudo bash
wget https://packages.gitlab.com/gitlab/gitlab-ee/packages/ubuntu/trusty/gitlab-ee_8.11.6-ee.0_amd64.deb/download
mv download download.deb
dpkg -i download.deb

DigitalOcean Block Storage Speed and Benchmarks

By | digitalocean, Linux | No Comments

Here are some simple stats from the new block storage available over at DigitalOcean.  Tested on a 1gb droplet.

hdparm -t /dev/sda Reads

Timing buffered disk reads: 536 MB in  3.01 seconds = 178.15 MB/sec

Timing buffered disk reads: 586 MB in  3.01 seconds = 194.63 MB/sec

Timing buffered disk reads: 574 MB in  3.00 seconds = 191.32 MB/sec

hdparm -T /dev/sda Cached Reads

Timing cached reads:   15090 MB in  2.00 seconds = 7551.96 MB/sec

Timing cached reads:   15056 MB in  2.00 seconds = 7535.53 MB/sec

Timing cached reads:   14810 MB in  2.00 seconds = 7411.46 MB/sec

time sh -c "dd if=/dev/sda of=ddfile bs=8k count=1000000 && sync"; rm ddfile Writes

8192000000 bytes (8.2 GB) copied, 49.4442 s, 166 MB/s

real 0m49.523s

user 0m0.348s

sys 0m12.384s

daily driver

What’s your daily driver? |A Mac/PC/Linux Operating System Shootout

By | Configurations, Linux | No Comments

Linux Distro of Choice (GNOME Ubuntu 16.04) – best home desktop experience on Linux today.  Competes with LinuxMint, but without all the mintyness.
http://cdimage.ubuntu.com/ubuntu-gnome/daily-live/pending/

Windows Distro of Choice: Windows 10 Enterprise, Available with FreeBiz Spark MSDN Access

Mac Distro of Choice : Hackintosh 10.11.4 / Clover Bootloader

What’s your daily driver?

pihole with rasberry debian in 5 minutes

By | pihole | No Comments

pi-hole adblocking in 5 minutes on debian 8.4

install debian 8.4, setup a root password and first user
login to debian and run updates
Set your IP to a fixed IP that you will use as your pihole. You only need one ethernet adapter as this dns server will sit on the network just as any other device.

super su into root
run
pihole command
Make note of your ip’s used during the setup.
–add additional sources if needed
Reboot the machine.

Now goto your browser and try to reach the machine at
http://ipofmachine/admin

You should see the admin panel, if not someting went wrong.

Now goto your router, and configure it to point at the new DNS server that is availabe on your network.
Confirm piHole is working by verifying the stats are updating in the admin panel.

Customize your adblock lists by copying the default adlists.default to adlists.list. adlists.default will be regenerated automatically, so only the changes in adlists.list will remain saved.

Uncomment the lines of additional lists like xxx that you like.

Run pihole -g to update your adblock lists.

Now setup DNS on WAN https://community.ubnt.com/t5/EdgeMAX/Change-WAN-DNS-Server/td-p/977885
Enable DNSCrypt https://github.com/pi-hole/pi-hole/wiki/DNSCrypt

Install necessary system packages and reboot

sudo apt-get update
sudo apt-get -y install build-essential tcpdump dnsutils libsodium-dev
sudo apt-get -y install locate bash-completion
sudo reboot
Build DNSCrypt from the sources

mkdir -p dnsproxy
cd dnsproxy
wget http://download.dnscrypt.org/dnscrypt-proxy/dnscrypt-proxy-1.6.1.tar.gz
tar -xf dnscrypt-proxy-1.6.1.tar.gz
cd dnscrypt-proxy-1.6.1
sudo ldconfig
./configure
make
sudo make install
Configure the system

Preparing resolv.conf:

sudo mv /etc/resolv.conf /etc/resol.conf.ORIG
sudo nano /etc/resolv.conf
Then paste and save the following:

nameserver 127.0.0.1#40
nameserver 127.0.0.1#41 (if adding a second resolver)
Lock resolv.conf file

sudo chattr +i /etc/resolv.conf
Starts DNSProxy in daemon mode automatically

sudo nano /etc/systemd/system/multi-user.target.wants/dnscrypt-proxy.service
sudo nano /etc/systemd/system/multi-user.target.wants/dnscrypt-proxy-backup.service (if adding a second resolver)
And paste this content:

[Unit] Description=Secure connection between your computer and DNS resolver
After=network.target network-online.target
[Service] Type=forking
Restart=always
RestartSec=5
PIDFile=/var/run/dnscrypt-proxy.pid
ExecStart=/usr/local/sbin/dnscrypt-proxy –daemonize \
-a 127.0.0.1:40 \
-R dnscrypt.eu-dk \
-E \
–edns-payload-size=4096 \
-p /var/run/dnscrypt-proxy.pid
[Install] WantedBy=multi-user.target
Change the port to 41 and use a different resolver on the backup

Then reboot the RPI

sudo reboot

Test DNSCrypt

sudo journalctl -u dnscrypt-proxy
You should have a similar output:

Feb 26 22:13:43 raspberrypi dnscrypt-proxy[6130]: [INFO] + DNS Security Extensions are supported
Feb 26 22:13:43 raspberrypi dnscrypt-proxy[6130]: [INFO] + Provider supposedly doesn’t keep logs
Feb 26 22:13:43 raspberrypi dnscrypt-proxy[6130]: [NOTICE] Starting dnscrypt-proxy 1.6.1
Feb 26 22:13:43 raspberrypi dnscrypt-proxy[6130]: [INFO] Ephemeral keys enabled – generating a new seed
Feb 26 22:13:43 raspberrypi dnscrypt-proxy[6130]: [INFO] Done
Feb 26 22:13:43 raspberrypi dnscrypt-proxy[6130]: [INFO] Server certificate #808464433 received
Feb 26 22:13:43 raspberrypi dnscrypt-proxy[6130]: [INFO] This certificate is valid
Feb 26 22:13:43 raspberrypi dnscrypt-proxy[6130]: [INFO] Chosen certificate #808464433 is valid from [2015-09-11] to [2016-09-10] Feb 26 22:13:43 raspberrypi dnscrypt-proxy[6130]: [INFO] Server key fingerprint is 164E:1AD6:4356:777D:2019:F2F9:D389:2DDB:BC75:8AF0:9172:8E0C:A874:10C7:3BE8:423B
Feb 26 22:13:43 raspberrypi dnscrypt-proxy[6130]: [NOTICE] Proxying from 127.0.0.1:40 to 77.66.84.233:443
The last line is important and should look something like the above!

Change your DNSMasq config

Change DNS resolver in DNSMasq config

sudo nano /etc/dnsmasq.d/01-pihole.conf
Edit this section and point to dnscrypt-proxy

# Add other name servers here, with domain specs if they are for
# non-public domains.
server=127.0.0.1#40
server=127.0.0.1#41 (if adding a second resolver)
Reboot your Pihole

sudo reboot

suggested hardware :

Voila!

Untangle Firewall Mini ITX Zotac Zbox ID91 Review

By | Linux, Sample Work | No Comments

Untangle is a firewall and gateway server that is one of the best on the market today.FullSizeRender

The Zotac Zbox ID91 is a Mini ITX PC.

Americans may not be so familiar with the Zotac brand but they offer a wide variety of integrated PC’s that are usual for both home media servers and powerful business machines.

I purchased the ID91 on Amazon for $350.99 – additionally you will need to add a Hard Drive and Memory (DDR3 SO-DIMM)

If you don’t want to deal with hassle of installing a hard drive or memory, the ID91 Plus is available with a 500GB (Non-SSD) hard drive.

The ID91 is based on the H81 Express platform.  Sporting Dual Gigabit Ethernet ports this model is perfect for anyone wanting to run a Linux Firewall or Gateway.

For the mission of a home based ad-blocking gateway – I chose the ID91 as it comes with a i3 4130T(dual-core, 2.9 Ghz) processor.

Additionally I added a Kingston Digital 60GB SSD – $54.99 and 4GB of DDR3 – CT2KIT25664BF160B -$43.24 memory.  Plenty enough power to handle Untangle with a fiber (400MB connection) to home.

This configuration is sufficient to handle a VERY fast connection.  We are talking Fiber speeds without a problem, I am currently on a 400mb connection without any slowdown with a full Untangle configuration.

Total Cost = $449.22

Installation:

  1. Unbox your ID91
  2. Install Memory + SSD
  3. Hookup monitor, keyboard, mouse.
  4. Boot via Untangle USB – I had to use the traditional ISO to get it to work properly, this can be found here.
  5. Install with default configuration options – you will easily be able to identify incoming wan and outgoing network adapters by plugging them in during the installation process.  Once plugged in you will get a green light in the Untangle installer.  I would recommend you mark your ports at this time, to designate incoming (WAN) and outgoing (LAN).
  6. Plug in your wires –
  7. Connect to your device at the default address of 192.168.2.1 with your username and password set during the installation.
  8. Add services as required to your network, by default Untangle will handle DHCP and NAT.  I highly recommend adding the Web Filter and Ad-Blocking.
  9. Spend some time learning the new interface, you will soon see you’re time has paid off – and Untangle is really the perfect firewall for the SOHO/Home environment.

Enjoy the internet now without Facebook ad’s – Pre-roll ads on YouTube – and the protection of a real firewall.

Untangle has earned it’s place in my favorite pieces of software, days after the initial installation I have not had to restart the box or fiddle – things just work, and these days it’s hard to find software that just works this well out of the box.

ThinkPad x201 Ubuntu 10.04 Lucid Lynx Wireless

By | Linux | No Comments

The ThinkPad x201 is a great platform for Ubuntu 10.04.  The default installation contains an outdated version of the Thinkpad BGN wireless drivers.  After first boot you can see networks(not all available), and connect to some – but in general this will give you difficulties.  The recommendation is to first update your installation via-Ethernet to automatically download the patch.  Upon restart, you will have a fully functional Ubuntu installation.

This is where and how it was solved:
https://bugs.launchpad.net/ubuntu/lucid/+source/linux/+bug/567016

Add jail shelled FTP/SSH user on CentOS / Plesk

By | Interest, Linux | 4 Comments

The process of adding a new FTP user with SSH access to a Plesk / CentOS server is more difficult than it needs to be.  Plesk will only allow you to add WebUsers to your domains which have FTP accounts, not full SSH accounts.  Here is the quick and dirty. We want our new user to be in chroot jail and to inherit the same permissions as another user on the system.  The user will be restricted to the top level directory you define (for example httpdocs in this case).

Login as Root:

1.  cat /etc/passwd/ | grep 'anyusername'

This will return:

[cci]anyusername:x:10009:2524::/var/www/vhosts/anydomain.com:/bin/bash[/cci]

The first set of numbers after “:x:” is the UID or User Identifier.  We will use this in the next command to copy the same permissions.

2.useradd -u 10009 -o -d /var/www/vhosts/anydomain.com/httpdocs/ -g psaserv -s /usr/local/psa/bin/chrootsh newusername

Replace “anydomain.com” with your domain, and “newusername” with the new user you would like to add.

3.passwd newusername

Gives the user a password.

4. usermod -s /bin/bash newusername

Boom! Done.

Extras:
For an in-depth discussion on working with rssh, chroot, and users – see UnixCraft

Settings Wireless Region Linux – Channel 13 Backtrack 4

By | Linux, Sample Work | No Comments

One of the most recent problems I stumbled upon while running Backtrack, or any other linux distro for that matter is setting the region on a wireless card.  The typical procedure is :

iwconfig wlan0 channel 13

And commonly you will get

error for wireless regquest ''set frequency''
(8b04)
set failed on device wlan0 ; invalid arugment

There is an easy fix for this that will allow you to change the region mode your wireless adapter is in.

iw reg set FR
iw reg set US

More on IW here.

References:

Channel

Center Frequency

Frequency Spread

1

2412 MHz

2399.5 MHz – 2424.5 MHz

2

2417 MHz

2404.5 MHz – 2429.5 MHz

3

2422 MHz

2409.5 MHz – 2434.5 MHz

4

2427 MHz

2414.5 MHz – 2439.5 MHz

5

2432 MHz

2419.5 MHz – 2444.5 MHz

6

2437 MHz

2424.5 MHz – 2449.5 MHz

7

2442 MHz

2429.5 MHz – 2454.5 MHz

8

2447 MHz

2434.5 MHz – 2459.5 MHz

9

2452 MHz

2439.5 MHz – 2464.5 MHz

10

2457 MHz

2444.5 MHz – 2469.5 MHz

11

2462 MHz

2449.5 MHz – 2474.5 MHz

12

2467 MHz

2454.5 MHz – 2479.5 MHz

13

2472 MHz

2459.5 MHz – 2484.5 MHz