Thursday 24 January 2008

Data Execution Prevention problems

After converting physical machine to VMware virtual machine, I had problems opening display properties. Data execution prevention prevented some features.
Changing settings under system properties --> advanced--> data execution prevention and allowing application did not help.
So I edited boot.ini and disabled DEP via adding /noexecute=AlwaysOff .
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=AlwaysOff

A detailed description of the Data Execution Prevention (DEP) feature in Windows XP Service Pack 2, Windows XP Tablet PC Edition 2005, and Windows Server 2003
http://support.microsoft.com/kb/875352

Tuesday 22 January 2008

Fedora 6 make music via Rosegarden and CT 670

Rosegarden is free software digital audio workstation. It has MIDI and audio playback.
So I connected my Casio CT 670 keyboard, and played midi files via Rosegarden.
Keyboard has 4 channel so I also use software synth (qynth) for having more channels. But If you want to have good sound via software synth you have to have good sound card (asio drive prefered).

Install Rosegarden
yum install qjackctl fluidsyth fluid-soundfont qsynth rosegarden4

run
qjackctl -> this is for connecting qynth your midi device and rosegarden
qsynth --> software synth, you can find soundfonts from internet
rosegarden

Tuesday 15 January 2008

Boot problem Solaris i386

I got below from http://blogs.sun.com/tdh/entry/grub_error_17_cannot_mount and I used this for fixing problem.

"error 17, cannot mount selected partition"

1. Boot into Solaris Safeboot mode. You can get access at the Grub menu, usually the 2nd option. Note: I had to use the DVD install media to do this.
2. Mount the found Solaris partition on /a Safeboot will usually find the slice on the disk with Solaris and ask if you want it to mount on /a. Select Yes.
3. Move /a/dev, /a/devices, and /a/etc/path_to_inst to another name (I just append .orig) and then create new directories, (mkdir) /a/dev and /a/devices, and touch /a/etc/path_to_inst. I did not do this step.
4. Run "devfsadm -r /a" to rebuild the device tree.
5. Edit /a/boot/solaris/bootenv.rc and modify the line with "setprop bootpath '/pci@0,0....' to match the path you'll find mounted for /a (i.e. run a 'df -k' command, and you should see /a mounted from /dev/dsk/c1d0s0 or something, then run 'ls -l /dev/dsk/c1d0s0' or whatever your device listed was, and you should see the actual link point to ../../devices/pci@0,0/...) The path to bootpath you want should be the hard disk which is mounted as /a and you just need to find the expanded /devices/pci@0,0/... path and put that in the bootenv.rc file on the Solaris root filesystem on the hard disk (sans the /devices/ prefix of course). This is a key step.
6. Now run "bootadm update-archive -v -R /a" to rebuild the boot-archive on /a.
7. Make sure to edit /etc/vfstab
8. run a 'touch /a/reconfigure'
9. Run "cd /; sync; sync; sync; umount /a" And I skipped this one.
10. and finally reboot.

Saturday 12 January 2008

dd for windows

Find exe and usage info
http://www.chrysocome.net/dd
I use it for copying image file to usb disk.

Configuration and Troubleshooting of 3510

Look documentation in http://sunsolve.sun.com

Verifying STMS (mpxio) Health
Troubleshooting Fibre Channel Devices from the OS
How to verify HBA Connectivity
Troubleshooting Sun StorEdge[TM] 33x0/351x Configurations
Troubleshooting Sun StorEdge[TM] 33x0/351x Hardware
Troubleshooting Sun StorEdge[TM] 351x Cabling

"Can't Connect to Sun StorEdge[TM] array via Ethernet."

sccli Library database update error

Disable mpxio

/kernel/drv/fp.conf
change line to yes.
mpxio-disable="yes";
reboot server

Configuration steps Sun Storage 3510

Os Solaris 10 i386
Server Sun Fire X4100 M2
Storage SUN StorEdge 3510


sccli> show disks
h Id Size Speed LD Status IDs Rev
----------------------------------------------------------------------------
2(3) 6 279.40GB 200MB NONE FRMT SEAGATE ST330055FSUN300G 0691
S/N 14T0VB9R
WWNN 2000001862817790
2(3) 7 279.40GB 200MB NONE FRMT SEAGATE ST330055FSUN300G 0691
S/N 14T0VE2D
WWNN 2000001862817673
2(3) 8 279.40GB 200MB NONE FRMT SEAGATE ST330055FSUN300G 0691
S/N 10T0PZNQ
WWNN 2000001862811CF3
2(3) 9 279.40GB 200MB NONE FRMT SEAGATE ST330055FSUN300G 0691
S/N 14T0PQYD
WWNN 2000001862817416
2(3) 10 279.40GB 200MB NONE FRMT SEAGATE ST330055FSUN300G 0691
S/N 10T0NHYW
WWNN 2000001862811D30
2(3) 11 279.40GB 200MB GLOBAL STAND-BY SEAGATE ST330055FSUN300G 0691
S/N 14T0QYAG
WWNN 2000001862817F59

I used disk 6 to 10 create logical drive RAID5 configuration.


sccli> create logical-drive RAID5 2.6-10
sccli: created logical drive 72BE98D8

now status

sccli> show disks
Ch Id Size Speed LD Status IDs Rev
----------------------------------------------------------------------------
2(3) 6 279.40GB 200MB ld0 ONLINE SEAGATE ST330055FSUN300G 0691
S/N 14T0VB9R
WWNN 2000001862817790
2(3) 7 279.40GB 200MB ld0 ONLINE SEAGATE ST330055FSUN300G 0691
S/N 14T0VE2D
WWNN 2000001862817673
2(3) 8 279.40GB 200MB ld0 ONLINE SEAGATE ST330055FSUN300G 0691
S/N 10T0PZNQ
WWNN 2000001862811CF3
2(3) 9 279.40GB 200MB ld0 ONLINE SEAGATE ST330055FSUN300G 0691
S/N 14T0PQYD
WWNN 2000001862817416
2(3) 10 279.40GB 200MB ld0 ONLINE SEAGATE ST330055FSUN300G 0691
S/N 10T0NHYW
WWNN 2000001862811D30
2(3) 11 279.40GB 200MB GLOBAL STAND-BY SEAGATE ST330055FSUN300G 0691
S/N 14T0QYAG
WWNN 2000001862817F59

Check logical drive now

sccli> show ld
LD LD-ID Size Assigned Type Disks Spare Failed Status
------------------------------------------------------------------------
ld0 72BE98D8 1.09TB Primary RAID5 5 1 0 Good I
Write-Policy Default StripeSize 128KB


Create logical volume

sccli> create lv ld0 primary
sccli: created logical volume 391D4ADF
sccli> show lv
LV LV-ID Size Assigned Write-Policy LDs
-----------------------------------------------------------------
lv0 391D4ADF 1.09TB Primary Default 1 ld0

Create map

sccli> show channels
Ch Type Media Speed Width PID / SID
--------------------------------------------
0 Host FC(L) 2G Serial 40 / N/A
1 Host FC(L) N/A Serial N/A / 42
2 DRV+RCC FC(L) 2G Serial 14 / 15
3 DRV+RCC FC(L) 2G Serial 14 / 15
4 Host FC(L) 2G Serial 44 / N/A
5 Host FC(L) N/A Serial N/A / 46
6 Host LAN N/A Serial N/A / N/A

3510 use channel 0 and pid 40 and channel 4 pid 44 here.


sccli> map lv0 0.40.0
sccli: mapping lv0-00 to 0.40.0
sccli> show map
Ch Tgt LUN ld/lv ID-Partition Assigned Filter Map
---------------------------------------------------------------------
0 40 0 lv0 391D4ADF-00 Primary

I recommend disabling mpxio if you are facing problems.


sccli> map lv0 4.44.0
sccli: mapping lv0-00 to 4.44.0

sccli> show map
Ch Tgt LUN ld/lv ID-Partition Assigned Filter Map
---------------------------------------------------------------------
0 40 0 lv0 391D4ADF-00 Primary
4 44 0 lv0 391D4ADF-00 Primary

Be sure devices are connected now. If you have problem in this step and for the rest of them, I highly recommend check configuration of 3510 .

#luxadm -e port
/devices/pci@0,0/pci10de,5d@e/pci1077,143@0/fp@0,0:devctl CONNECTED
/devices/pci@0,0/pci10de,5d@e/pci1077,143@0,1/fp@0,0:devctl NOT CONNECTED
/devices/pci@0,0/pci10de,5d@d/pci1077,143@0/fp@0,0:devctl CONNECTED
/devices/pci@0,0/pci10de,5d@d/pci1077,143@0,1/fp@0,0:devctl NOT CONNECTED


And see that disk devices are ok.

#luxadm -e dump_map /devices/pci@0,0/pci10de,5d@e/pci1077,143@0/fp@0,0:devctl
Pos Port_ID Hard_Addr Port WWN Node WWN Type
0 a7 0 216000c0ff8b5125 206000c0ff0b5125 0x0 (Disk device)
1 1 0 2100001b3202e7c4 2000001b3202e7c4 0x1f (Unknown Type,Host Bus Adapter)

and

#luxadm -e dump_map /devices/pci@0,0/pci10de,5d@d/pci1077,143@0/fp@0,0:devctl
Pos Port_ID Hard_Addr Port WWN Node WWN Type
0 a5 0 226000c0ffab5125 206000c0ff0b5125 0x0 (Disk device)
1 1 0 2100001b3202dc8f 2000001b3202dc8f 0x1f (Unknown Type,Host Bus Adapter)


Now check that they are connected and configured, if not configure them

#cfgadm -al
Ap_Id Type Receptacle Occupant Condition
c3 scsi-bus connected configured unknown
c3::dsk/c3t2d0 disk connected configured unknown
c4 fc-private connected configured unknown
c4::226000c0ffab5125 disk connected configured unusable
c5 fc-private connected configured unknown
c5::216000c0ff8b5125 disk connected configured unusable
c6 fc connected unconfigured unknown
c7 fc connected unconfigured unknown

and run devfsadm command to build device tree. and see them with format command.

Friday 4 January 2008

Fedora WPA wpa_supplicant

Operating system ; Fedora Linux 6
Wireless Card ; Dlink D520 atheros based wireless pci card

For enabling wpa install wpa_supplicant*.rpm

edit /etc/wpa_supplicant/wpa_supplicant.conf


ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=wheel
#
# home network; allow all valid ciphers
network={
ssid="yourssid"
scan_ssid=1
key_mgmt=WPA-PSK
psk="yourpassword"
}

And add line to /etc/rc.local for starting at boot time run the commands for starting wpa
wpa_supplicant -B -c/etc/wpa_supplicant.conf -iath0 -Dmadwifi &
dhclient ath0

So WPA

Use WPA, if your wireless modem supports.
For cracking WPA, attacker has to do dictionary attack. If you use complex password, it is nearly impossible to hack WPA, if your password is not in the dictionary.
Also for cracking WPA, attacker has to catch handshake data, there are some ways to force handshake . But again the reason above, it is really hard to hack WPA wireless network.

What about 128 bit WEP

For best data collection I use --ivs --channel and --bssid options for airdump.
I collect about 300000 ivs. Collection time for ivs depends traffic for the wireless network.
And again it took about a second to find the key I used.

For more security with WEP use dynamic key provisioning. 128 bit key or more. Then the attacker has to collect more data to hack your network.
Also use MAC filter and disable SSID Broadcast. But do not forget it is possible to change mac address and find your hidden SSID for an attacker.

Wednesday 2 January 2008

Risky WEP 64 bit

This is for testing purpose and it is about my home network. I highly recommend not to access networks you do are not allowed to. This could be illegal for some countries.

I have HP Pavilion dv6000 series (dv6699ea)
I use BackTrack distro live cd (http://distrowatch.com/table.php?distribution=backtrack)
I configured my wireless adsl modem 64 bit key.

After booting linux,
dv6699ea has ipw3945 wireless. You have to start wireless for this version:
cd /usr/src/drivers/ipw3945-1.2.0/ && ./load
aircrack support certain wireless cards please check it
http://www.aircrack-ng.org

Dump from wireless interface
bt ~ # airodump-ng eth1 --write test1

After collecting enough
bt ~ # aircrack-ng test1.ivs

It takes about less than a second to find keys for 64 bit.
So never use 64bit WEP wireless adsl  modem.

I also tried
 atheros based Dlink D520 in Fedora 6
and U.S. Robotics USB Adapter USR805422 in Windows XP.  It worked.