Category

Sample Work

Run your Own Mail Server just like Hillary Clinton

By | Sample Work | No Comments

https://mailinabox.email

Now in development over one year and with no signs of stopping in site – one of the best mail servers around is Mail-in-a-Box.  Z-Push support and Encryption as a blown out feature and is a much needed improvement over the aging iRedMail.  Make sure you have considerable hard drive space as the secure backups will eat a VPS in a few days.  Bare Metal is what real men use anyway.

Follow along on Github too

Untangle Firewall Mini ITX Zotac Zbox ID91 Review

By | Linux, Sample Work | No Comments

Untangle is a firewall and gateway server that is one of the best on the market today.FullSizeRender

The Zotac Zbox ID91 is a Mini ITX PC.

Americans may not be so familiar with the Zotac brand but they offer a wide variety of integrated PC’s that are usual for both home media servers and powerful business machines.

I purchased the ID91 on Amazon for $350.99 – additionally you will need to add a Hard Drive and Memory (DDR3 SO-DIMM)

If you don’t want to deal with hassle of installing a hard drive or memory, the ID91 Plus is available with a 500GB (Non-SSD) hard drive.

The ID91 is based on the H81 Express platform.  Sporting Dual Gigabit Ethernet ports this model is perfect for anyone wanting to run a Linux Firewall or Gateway.

For the mission of a home based ad-blocking gateway – I chose the ID91 as it comes with a i3 4130T(dual-core, 2.9 Ghz) processor.

Additionally I added a Kingston Digital 60GB SSD – $54.99 and 4GB of DDR3 – CT2KIT25664BF160B -$43.24 memory.  Plenty enough power to handle Untangle with a fiber (400MB connection) to home.

This configuration is sufficient to handle a VERY fast connection.  We are talking Fiber speeds without a problem, I am currently on a 400mb connection without any slowdown with a full Untangle configuration.

Total Cost = $449.22

Installation:

  1. Unbox your ID91
  2. Install Memory + SSD
  3. Hookup monitor, keyboard, mouse.
  4. Boot via Untangle USB – I had to use the traditional ISO to get it to work properly, this can be found here.
  5. Install with default configuration options – you will easily be able to identify incoming wan and outgoing network adapters by plugging them in during the installation process.  Once plugged in you will get a green light in the Untangle installer.  I would recommend you mark your ports at this time, to designate incoming (WAN) and outgoing (LAN).
  6. Plug in your wires –
  7. Connect to your device at the default address of 192.168.2.1 with your username and password set during the installation.
  8. Add services as required to your network, by default Untangle will handle DHCP and NAT.  I highly recommend adding the Web Filter and Ad-Blocking.
  9. Spend some time learning the new interface, you will soon see you’re time has paid off – and Untangle is really the perfect firewall for the SOHO/Home environment.

Enjoy the internet now without Facebook ad’s – Pre-roll ads on YouTube – and the protection of a real firewall.

Untangle has earned it’s place in my favorite pieces of software, days after the initial installation I have not had to restart the box or fiddle – things just work, and these days it’s hard to find software that just works this well out of the box.

My Favorite Backup Method DD BZIP SSH Script

By | Featured, Sample Work | No Comments

Backup today can be a PITA.  It takes too long, and too much work to automate.  That’s what makes this single line backup script one of my favorites. It creates a compressed DD image a remote server in the form of a BZ2 archive. This command is run locally from the machine you want to backup.

Let’s begin:
First, create your file
nano xf

Inside xf, paste the following:

#!/bin/bash
dd if=/dev/vda1 of=/dev/stdout bs=1M | bzip2 | ssh root@myhost.com "cat - > /home/backups/Live.img.bz2"

Let’s break this down, so you can create your own command!

First, start by doing a df -a to determine the name of your disk, replacing /dev/vda1 with the disk you want to backup.

Second, change root@myhost.com to your remote server. For best practices you should exchange SSH keys so there is no password prompt. See this tutorial here to exchange keys.

Finally, change /home/backups/Live.img.bz2 to the destination directory and filename you would like on the remote server.

Run the script in a shell to test, and finally automate.

Be sure to make your script executable by running chmod +x after creation. To run in the background, install apt-get install nohup. This will allow you to start your backup script in the background, allowing it plenty of time to execute. nohup ./scriptname & will run the script as a daemon.

vsftpd Ubuntu 12.04 Install and Add Secure User

By | Sample Work | No Comments

60 Second Install. 3 – 2 – 1 – GO!

sudo apt-get install vsftpd

sudo nano /etc/vsftpd.conf

Uncomment the Following:

write_enable=YES
local_umask=022

Add to end of the file:


# the list of users to give access
userlist_file=/etc/vsftpd.userlist
# this list is on
userlist_enable=YES
# It is not a list of users to deny ftp access
userlist_deny=NO

Setup the user, replace /path/to/your/dir

useradd -d /path/to/your/dir -s /usr/sbin/nologin ftpuser
passwd ftpuser
chown -R ftpuser /path/to/your/dir
chmod 775 /path/to/your/dir

Add new user to vsftpd

nano /etc/vsftpd.userlist

Add “ftpuser” to this file

nano /etc/shells

Add “/usr/sbin/nologin” to this file

addgroup ftpusers

sudo usermod -Gftpusers ftpuser

service vsftpd restart

BONUS:

You can chroot users by uncommenting this section of vsftpd.conf file:

chroot_local_user=YES
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd.chroot_list

Add “ftpuser” to this file

nano /etc/vsftpd.chroot

Questions?  Hit up the comments.

 

Delete Specific Messages in Postfix Queue

By | Sample Work | No Comments

With this simple command you can delete specific messages that are in your Postfix queue.  In this case of a spam attack this is an invaluable command, as you can cleanup the queue of the offending messages.

Enter any text string and this command will hunt the messages and delete them.

First, check what is in the queue with:

mailq

Then run the command, making sure to change REPLACEME to the string you search and delete messages for.

mailq | tail -n +2 | awk 'BEGIN { RS = "" } / REPLACEME/ { print $1 }' | tr -d '*!' | postsuper -d -

ProfitBricks VPS Review – Speed Test vs. Linode

By | Sample Work | No Comments

The new IaaS (Infastructure as a Service) provider ProfitBricks is currently running it’s operations out of Las Vegas, Nevada and Berlin, Germany. Two Datacenters with incredible performance. Below are some real world tests to show you how they stack up against the competition.
In the Left Corner we have ProfitBricks running 2 core with 8GB of Ram.
In the Right Corner we have our control, Linode. This is a 4096 Machine (4GB Ram) with a 4 Core processor config.

Read More

Install ioncube Loader Nginx php-FPM

By | Sample Work | No Comments

Install ioncube Loader Nginx php-FPM

For x64:

wget http://downloads2.ioncube.com/loader_downloads/ioncube_loaders_lin_x86-64.tar.gz
tar xfvz ioncube_loaders_lin_x86-64.tar.gz

For x86:

wget http://downloads2.ioncube.com/loader_downloads/ioncube_loaders_lin_x86.tar.gz
tar xfvz ioncube_loaders_lin_x86.tar.gz

Proceed as follows:

cp ioncube/ioncube_loader_lin_5.3.so /usr/lib/php5/20090626/ioncube.so

Now edit to match:

nano /etc/php5/conf.d/ioncube.ini

Perfect Server in 5 minutes – Virtualmin + Nginx + ProfitBricks

By | Featured, Sample Work | No Comments

In this quick tutorial, I will show you how to setup a perfect VPS system with infinitely expandable storage and capacity from the new hosting provider ProfitBricks.

Background: VPS speed is somewhat of a commodity these days, and is not only increasingly hard to come by – but hard to customize. I was in search of a new VPS host that would allow me to customize all three dimensions of a host – memory, cpu, and storage. Amazon has created an incredibly complex system for what should be a stupid simple task. Most providers, Linode included do not allow you to scale resources independently, but rather makes you choose – fast, good, and cheap. Luckily – ProfitBricks is here to solve the problem. I can create as many disks as I would like, as many servers and CPU’s, and choose exactly how much RAM. Now add in the fact that ProfitBricks performance is currently topping EngineYard, Amazon, and Linode — it’s time to give it a try!

Compounding the problem my cPanel license is up for renewal, and I am rather dissatisfied with the experience. The admin panel feels old and clunky with too many configuration options for very little gain. I spent multiple times recompiling Apache tinkering with php options rather than focusing on the work at hand. Control Panels should make life easier, not harder. Virtualmin was always on my short list and I have tried earlier versions – however the lack of Nginx support was the Achilles heel for me. As of today, they have solved this problem and Virtualmin natively support Nginx! Bravo.

Once Virtualmin is installed you can use the GUI to create, format, and mount additional storage drives created in the ProfitBricks data center designer interface. This makes handling all this new capacity, like multi-terabyte additional storage a breeze to handle.

To begin, create and account with ProfitBricks and use the Datacenter Designer to create an internet connection, server, and storage. The free demo brick will do just fine. Once you have logged in as root begin the routine:

1. Set your hostname

echo "jupiter" >; /etc/hostname
hostname -F /etc/hostname

2. Update host file

127.0.0.1 localhost.localdomain localhost
12.34.56.78 jupiter.example.com jupiter

3. Set timezone
dpkg-reconfigure tzdata

4. (Optional) Add Additional Repo’s : DotDeb will keep you using the most up-to-date LEMP stack

echo 'deb http://packages.dotdeb.org stable all' >;>; /etc/apt/sources.list.d/DotDeb.list
echo 'deb-src http://packages.dotdeb.org stable all' >;>; /etc/apt/sources.list.d/DotDeb.list
wget http://www.dotdeb.org/dotdeb.gpg cat dotdeb.gpg | sudo apt-key add -
rm dotdeb.gpg

5. Update and Upgrade

apt-get update
apt-get dist-upgrade

4. Reboot
reboot

5. Download Virtualmin
wget http://software.virtualmin.com/gpl/scripts/install.sh

Make the script executable:
chmod u+x install.sh

Run the install script:
/bin/sh install.sh

When it’s finished, all you need to do is open a browser and go to port 10000 on the server:

https://yourdomain.com:10000

Walk through the install process, configuring options as required. Remember to turn off BIND in System Settings – >; Features and Plugins

Time to install NGINX:

Shutdown and disable Apache
/etc/init.d/apache2 stop ; update-rc.d apache2 remove
Install Nginx:
apt-get install nginx
Start Nginx:
/etc/init.d/nginx start
Install Virtualmin Nginx Plugin:
apt-get install webmin-virtualmin-nginx webmin-virtualmin-nginx-ssl

Before you continue, fix the broken SSL implementation:

Fix Broken SSL Argument:

nano /usr/share/webmin/virtualmin-nginx-ssl/virtual_feature.pl

Change line 152 to >> &virtual_server::find_matching_certificate($d);

Now-

Login to virtualmin as root (https://ipaddress:10000)

1.  Go to System Settings ->; Features and Plugins
2.  Un-check the “Apache website” , “SSL website” and “DAV Login”, “Mailman”, “Protected web directories”, “AWstats reporting” and “Subversion repositories” features.
Check the “Nginx website”, then click “Save”.

Due to a small bug you cannot select “Nginx Website” and “Nginx SSL Website” at the same time. So go back and select “Nginx SSL Website” after enabling “Nginx Website”.

Go to the System Information page and click Refresh system information in the top right.

Verify that running appears next to Nginx in the Status section.

It’s also a good idea to click on System Settings ->; Re-Check Configuration after everything is done to ensure it’s work properly

Now you can add Nginx sites using the Create Virtual Server link as you would with Apache. The only thing different is “Enable Nginx” needs to be checked in the features section.

BONUS FEATURE:

Here are some of the best utilities for your server!

Don’t forget to install these great addons!

apt-get install bmon htop aria2

bmon – monitor your bandwidth on each adapter

htop – enhanced Top

aria2c – download magnet files or multi-threaded gets

88plug re-launches the Antiques Diva

By | Featured, Sample Work | No Comments

88plug is proud to announce the release of the Antiques Diva.

“The Antiques Diva® is the nom de plume for Toma Clark Haines, an American expat living in Europe whose life story has been liberally sprinkled with Cinderella dust. As a child growing up in Oklahoma, Toma dreamed of global adventures. While other kids drew houses with picket fences, Toma drew gondolas with men in striped shirts. After studying abroad in London in university, Toma returned home on the range to marry her college sweetheart. After saying “I do,” she immediately began whispering in his ear words of far-away places and before long her dream became his. When a serendipitous opportunity arose, offering them a chance to live and work in Europe, they moved to Paris for 5 years and then Amsterdam for 4. Along with her husband and well-traveled pet Catpuccino, Toma currently resides in Berlin nearby Brandenberg Gate and the Reichstag. ”

See the combined Store and Blog here:

www.antiquesdiva.com

 

 

HTML 5 Video Converter

By | Sample Work | No Comments

The best free and open source available for all you HTML 5 video needs(which include multiple format conversions) can easily be done with Miro Video Converter. There is little additional information available from the site, but this tool does exactly what the box says:

Convert to:
Theora
WebM
MP4 Video
MP3 (Audio Only)

Get it Here

Although the application is 32 bit, you can run multiple instances to max out your CPU. Also included are profiles for Android and Apple devices as well.

MySQL error /usr/libexec/mysqld: unknown option ‘–skip-bdb’

By | Sample Work | One Comment

MySQL version 5.1.47 failing to start after upgrade?  Here is the brief:

Problem: tail -f /var/log/mysqld.log

/usr/libexec/mysqld: unknown option '--skip-bdb'

After poking around for a quick solution, nobody seemed to release that the bdb dependncy is no longer used in /etc/my.cnf configuration file.

Old my.cnf:


[mysqld]
set-variable=local-infile=0
query-cache-type = 1
query-cache-size = 6M

datadir=/var/lib/mysql
#socket=/usr/libexec/mysqld
socket=/var/lib/mysql/mysql.sock
user=mysql
# Default to using old password format for compatibility with mysql 3.x
# clients (those using the mysqlclient10 compatibility package).
old_passwords=1

skip-bdb

set-variable = innodb_buffer_pool_size=2M
set-variable = innodb_additional_mem_pool_size=500K
set-variable = innodb_log_buffer_size=500K
set-variable = innodb_thread_concurrency=2
[mysqld_safe]
log-error=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid
skip-bdb

set-variable = innodb_buffer_pool_size=2M
set-variable = innodb_additional_mem_pool_size=500K
set-variable = innodb_log_buffer_size=500K
set-variable = innodb_thread_concurrency=2

New:

[mysqld]
set-variable=local-infile=0
query-cache-type = 1
query-cache-size = 6M

datadir=/var/lib/mysql
#socket=/usr/libexec/mysqld
socket=/var/lib/mysql/mysql.sock
user=mysql
# Default to using old password format for compatibility with mysql 3.x
# clients (those using the mysqlclient10 compatibility package).
old_passwords=1

#skip-bdb

set-variable = innodb_buffer_pool_size=2M
set-variable = innodb_additional_mem_pool_size=500K
set-variable = innodb_log_buffer_size=500K
set-variable = innodb_thread_concurrency=2
[mysqld_safe]
log-error=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid
#skip-bdb

set-variable = innodb_buffer_pool_size=2M
set-variable = innodb_additional_mem_pool_size=500K
set-variable = innodb_log_buffer_size=500K
set-variable = innodb_thread_concurrency=2

Settings Wireless Region Linux – Channel 13 Backtrack 4

By | Linux, Sample Work | No Comments

One of the most recent problems I stumbled upon while running Backtrack, or any other linux distro for that matter is setting the region on a wireless card.  The typical procedure is :

iwconfig wlan0 channel 13

And commonly you will get

error for wireless regquest ''set frequency''
(8b04)
set failed on device wlan0 ; invalid arugment

There is an easy fix for this that will allow you to change the region mode your wireless adapter is in.

iw reg set FR
iw reg set US

More on IW here.

References:

Channel

Center Frequency

Frequency Spread

1

2412 MHz

2399.5 MHz – 2424.5 MHz

2

2417 MHz

2404.5 MHz – 2429.5 MHz

3

2422 MHz

2409.5 MHz – 2434.5 MHz

4

2427 MHz

2414.5 MHz – 2439.5 MHz

5

2432 MHz

2419.5 MHz – 2444.5 MHz

6

2437 MHz

2424.5 MHz – 2449.5 MHz

7

2442 MHz

2429.5 MHz – 2454.5 MHz

8

2447 MHz

2434.5 MHz – 2459.5 MHz

9

2452 MHz

2439.5 MHz – 2464.5 MHz

10

2457 MHz

2444.5 MHz – 2469.5 MHz

11

2462 MHz

2449.5 MHz – 2474.5 MHz

12

2467 MHz

2454.5 MHz – 2479.5 MHz

13

2472 MHz

2459.5 MHz – 2484.5 MHz

Acer Aspire 3690 Broadcom Wireless 43xx Ubuntu 9.10 Karmic

By | Interest, Sample Work | No Comments

Issue : After installing Ubuntu 9.10 wireless and wired networking are either working sporadicly or not at all.  The most vanilla solution you will find.

Target : Acer Aspire 3690-2159

OS : ubuntu-9.10-desktop-i386

Hardware : Broadcom 4318 Wireless Adapter

Ensure your wireless switch is turned on in the front before reading step 1.

1.  Install Ubuntu 9.10

2.  Plug in active internet connection the Wired ethernet

3.  Run update-manager

4.  Restart after Kernel update

5.  Now with internet still plugged in, goto System>Administration>Hardware Drivers

6.  Select the Broadcom B43 wireless drive and click activate.

7.  Type in your administrator password

8.  Restart

et Voila.

The Perfect Bag – Consulting

By | Sample Work | No Comments

Supporting multiple operating systems on all types of different hardware configurations seems to be a daunting task, however in my daily routine I find that a perfect balance in the bag can really make this job a lot easier.

What’s in the bag!

-320GB External USB Hard Drive – 7200 RPM/SATA/USB
(2 screws to open external exclosure)

-Macbook (2.1Ghz C2D, 3GB Ram, 320 GB 7200 RPM HD)
Parallels running Windows 7 and Ubuntu 9.04

-Headphones

-Small Screwdriver Set

-USB Charger – large/mini usb for Blackberry

-iPhone w Charger
Jailbroken w/SSH

-Dual USB charger, with miniUSB

-Sprint Unlocked Blackberry 9630 Tour

-8GB USB Key

-3FT Firewire Cable

What do I need?
Well, I would one day like to be able to replace the Macbook with a well partitioned netbook.