24 March, 2008

Logitech Cordless Rumblepad II - 2.4GHz USB


My gamepad of choice for my emulation-gaming ;P with:
  • rumble-function
  • frequency-jumping
  • 100 hours of battery capacity
This pad should outwin my current gamepad setup by a long-shot.

(My current setup being: 2 x "USB-to-PSone" 1m. adaptor-cables)


I've always liked Logitech's accessory product-line. I also have a laser laptop-mouse from them, with an undisputable response-time. Another reason for preferring Logitech accessories is because they use Human Interaction Device drivers (USB-HID), so they usually work flawlessly in Linux ;D

Logitech-link for Rumblepad II: http://www.logitech.com/



Update 13.04.2008:

2 x Rumblepad II are on their way! ^_^

23 March, 2008

"The trinity of the table"

A french expression regarding wine, bread and cheese.

I'm not a big fan of the first, but I love the two latter. Maybe I just haven't found a bouquet that suits my taste? My general description of wine would simply be: "acid-water". Basically, I don't like acidic taste. But as they say, taste becomes better with age. So who knows? Maybe I'll grow to like wine some day.

18 March, 2008

Kino i morgen!



Gleder meg ;P

Oppdatering 20.03.2008:

SJEFSfilm XD dødsmorsom.

15 March, 2008

Security focus: Securing Linux

Security focus published two articles on securing Linux systems. But the cool bit, is that they refer a lot to my favourite distribution, coincidence? ;P (Got Slack?)

http://www.securityfocus.com/infocus/1419

http://www.securityfocus.com/infocus/1420

(Originally written in 2000, these articles sadly address quite a lot of deprecated security issues, but a few are still applicable.)

But still, after several years, the biggest real threat seems to be brute-forcing techniques. It just changes modus operandi, and counter-measures are following quickly. To be more specific, de-centralized criminal hacker behaviour is beginning to be a major issue online, mainly because of the many homes that have 24/7 broadband connections, giving the blackhats more reliable inter-connected botnets to 'play' with...

09 March, 2008

SSH, domains, crypto...

Finally, I've acquired a location to set up a desktop computer as a domain-gateway for my personal LAN/WAN/WiFi-connections! Sw33t! My earlier conclusion to carry an USB memory dongle was a good idea. I got so many notifications about brute-force attack-attempts running SSH-blockage rules on my firewall, so I decided to drop them all together.


Using private-key authentication with a passphrase, proved to be MUCH better. Nearly any excessive bandwidth-overhead, nor serious lagging (which was the main problems when running SSH firewall rules for brute-force attack tracking and blocking. It was basically too CPU intensive to be useful).

Regarding the key-authentication, both the generation of keys, and re-configuring of the SSH server to accept the keys was pretty straightforward. So now I'm enjoying fully secured SSHv2 sessions.

But again, I decided against utilizing some parts of my plans, like using 256bit
AES cipher, instead of the intended 448bit Blowfish cipher, as it would be overkill with regards to the processing power available on the desktop machine I'm going to use ;P (Pentium-III 1st gen. 800Mhz). From what I know, Norwegian government-sections use 256bit AES, so it will more than suffice for my uses. Less is more.

I also set up a basic, free static hostname (with wildcards) to reach my public gateway-machine, and a secondary hostname for dynamic http-forwarding to the web-server hosted on the domain.

Good luck to the ones wanting to crack these streams! ;D

More computer equipment.

CNet 54 Mbps 802.11g Wireless USB Dongle, for my desktop-computer@home.


Sunsway ST Lab USB 2.0 Pocket Hub 4P (bus powered), for my PS3.

And at last, my sound will be digitally processed ;P

Creative SoundBlaster X-Fi Extreme Audio, is on the way!

CNet PCI 54 Mbps 802.11g Wireless (RaLink chip), for my Linux gateway!

And finally, CNet Directional Antenna 6dBi 2.4 Ghz RP-SMA connector, to get better range and coverage of the WLAN@home.

My next tech-project ;D




eMagic 2,5" SATA USB-cabinet (yeah, ugly as f***, but it was all I could find that accepted 2,5" SATA drives), and a brand new 250GB SATA HD from Western Digital.


My project is to make some different kinds of recovery-images of my 40GB SATA HD drive from my PS3, then, install my new 250GB WD HD in the eMagic USB-cabinet, connect it to my computer and transfer the image-data to it for installation back into the PS3, approx. 200GB left to "play" with ;P

06 March, 2008

Elonex ONE

Linux UMPC from UK :)

Ultra small form factor, Linux based OS, under £100! (just above 1.000 NOK)

http://www.elonexone.co.uk/index.html

04 March, 2008

Første Linux-innlegg denne mnd, ;P

Kom på at jeg har skrevet relativt lite om Linux i det siste...til å være meg, er dette heller unormalt XD Men etter å ha lest artikkel på hardware.no om den første Linux kjernen som kom ut i år, ble jeg ivrig igjen.

http://www.hardware.no/artikler/aarets_forste_linux-kjerne/47816

Artikkelen trekker frem punkter som at 2.6.24-kjernen nå har bedre støtte for flere forskjellige prosessorer, og at koden for 32- og 64-bit databehandling nå er forent i samme kildekode.

Til sammen ble kodeendringene i denne utgivelsen på rundt 300.000 linjer, laget av 950 forskjellige utviklere fra
130 forskjellige selskaper rundt om i verden. ^_^

03 March, 2008

Slackware software repository

Once I've set up my static IP, and gotten either a Dynamic DNS address or a static domain-name, I've thought of setting up a basic FTP housing a repository of my private generated/pre-built vanilla Slackware software packages ;) address coming soon!

Packages should work on any vanilla/unmodified versions of Slackware Linux 12.0.

Any requirements are added in 'slack-required' files in the packages, making 'slapt-get' able to find, download and install requirements so the software included should work out-of-the-box.

Any non-standard requirements are present in the repository.

Extending your laptop battery life on Linux

Phoronix has an interesting article on using PowerTOP from Intel and your graphics card control-panel utility to extend the battery-power lifespan. PowerTOP analyzes the system it runs on, and from the results, it recommends and even configures the system-changes and power consumption features needed to utilize the battery-capacity in an optimized fashion, like avoiding idle wake-up calls in hardware and such.

http://www.phoronix.com/scan.php?page=article&item=ubuntu_battery_life&num=1

My notebook's battery has already seen it's last days. But I'll be buying a new one soon, and then I'll be experimenting with this to see if I can extend beyond the 2 hours specified in the manual (that is to say: running the machine with Windows XP with all features turned on).

Demystifying Denial-of-Service attacks

Interesting article uncovering the various ways of performing Denial-of-Service attacks through advanced networking.

http://www.securityfocus.com/infocus/1853

02 March, 2008

Securing PHP

I already have a machine with SSL/TLS-ready Apache running, now I need to be able to secure PHP, my favourite scripting language ;)

This useful little tutorial uses chroot and mod_security to achieve this.


http://www.securityfocus.com/infocus/1706

I'm testing this in combination with PHP scripting, to make my web-2.0 applications more secure, and when I'm satisfied with my setup of secured backends, I'll start using PHP in combination with Javascript and AJAX to make my apps more dynamic with regards to user-input and interaction. My whole point of this personal adventure is to maybe develop a content-management system that is a little more resistant to cross-site scripting and SQL-injections.

This is made possible by holding the apache-server and the PHP-backend in a chroot-jail, additionally secured by using mod_security as a web-firewall and not allowing HTTP headers with direct script execution and SQL manipulation.

As web-security gets more and more focus, I'm inspired to do my part in contributing to safer and more worry-free web environments. I'm not a programming guru, nor am I a security expert, but I understand the principles and concepts, so I just want to do my part as best as I can ;)

SSH port forwarding

SSH port forwarding (or: tunnelling encrypted connections).

http://www.securityfocus.com/infocus/1816

MASQUERADE / NAT

I knew this was some kind of unfinished technology, it somehow felt...like it wasn't a fully standardized method of implementation. Every time I've had more and more experience using this, I've always found new ways of using it, and alternative methods to boot. I don't fully understand the concept of complex protocol transmission yet, but my job let's me see the usage of NAT in WAN deployment.

This is the current, most widely used method of setting up transmission backbones from a large customer-base from within an ISP with limited IP ranges.

Or from my own setup @ my mom's place: forcing a medium-sized LAN to share an Internet access with 2 dynamic, restrictive IP addresses (one of which is switched between two internal cabled LANs, and the other serves as the Internet access for the wireless LAN) and one static, fully public, NAT'ed point-to-point IP address to serve my private DMZ.

Caveats using NAT

In computer networking, network address translation (NAT, also known as network masquerading, native address translation or IP masquerading) is a technique of transceiving network traffic through a router that involves re-writing the source and/or destination IP addresses and usually also the TCP/UDP port numbers of IP packets as they pass through.


[...] there are quite a lot of minor caveats with using NAT. The main problem is certain protocols and applications which may not work at all. Hopefully, these applications are not too common in the networks that you administer, and in such case, it should cause no huge problems.

The second and smaller problem is applications and protocols which will only work partially. These protocols are more common than the ones that will not work at all, which is quite unfortunate, but there isn't very much we can do about it as it seems. If complex protocols continue to be built, this is a problem we will have to continue living with. Especially if the protocols aren't standardized.

The third, and largest problem, in my point of view, is the fact that the user who sits behind a NAT server to get out on the internet will not be able to run his own server. It could be done, of course, but it takes a lot more time and work to set this up. In companies, this is probably preferred over having tons of servers run by different employees that are reachable from the Internet, without any supervision. However, when it comes to home users, this should be avoided to the very last. You should never as an Internet service provider NAT your customers from a private IP range to a public IP. It will cause you more trouble than it is worth having to deal with, and there will always be one or another client which will want this or that protocol to work flawlessly. When it doesn't, you will be called down upon.

As one last note on the caveats of NAT, it should be mentioned that NAT is actually just a hack more or less. NAT was a solution that was worked out while the IANA and other organisations noted that the Internet grew exponentially, and that the IP addresses would soon be in shortage. NAT was and is a short term solution to the problem of the IPv4 (Yes, IP which we have talked about before is a short version of IPv4 which stands for Internet Protocol version 4). The long term solution to the IPv4 address shortage is the IPv6 protocol, which also solves a ton of other problems. IPv6 has 128 bits assigned to their addresses, while IPv4 only have 32 bits used for IP addresses. This is an incredible increase in address space. It may seem like ridiculous to have enough IP addresses to set one IP address for every atom in our planet, but on the other hand, noone expected the IPv4 address range to be too small either.

The only grieveance for me in this sense, is the loss of opportunity to serve. I cannot set up SSH, Apache or any other form of server-application to establish outgoing connections based on incoming requests through this NAT setup. So, that's why I had to acquire a point-to-point IP address and route it manually to my DMZ. The problem I have now, is the lack of cabled internals in our house. I had to devise a hybrid LAN on both cabled and wireless connections to achieve my goal.

01 March, 2008

Distribuert Wardriving ^_^

Online liste over usikrede og sikrede WiFi-LAN ;P Genialt!

http://www.dinside.no/php/art.php?id=512387

http://www.wigle.net/