Thursday, November 10, 2011 at 11:53 Just a small post with the instructions on upgrading Splunk on Ubuntu Linux.
First download the Splunk update. The Splunk website also gives you the wget command, which you can use directly on the Linux commandline.
Sunday, March 6, 2011 at 14:58 
Last week, I acquired a small netbook @ work for testing purposes (HP Mini 5103). You don't want to know how handy a second laptop is when you're testing authentication environments.
For flexibility purposes I installed a dual-boot with Microsoft Windows 7 Enterprise and Ubuntu Linux v10.10 from a USB Flashdrive (1, 2), erasing all the preinstalled HP/McAfee crap. This all worked like a charm, up to the installtion of Wireshark in Ubuntu. Starting the sniffer application resulted in an empty list of network adapters. No network adapters mean no capturing capabilities.
This was probably related to the lack of rights while starting the application. Running it from the terminal with sudo resulted in some weird error regarding a display-thingy (which is still the main reason why Linux isn't penetrating the desktop market).
While searching the Interwebs, I found the following solution. Which, after some alterations to the commands, the following worked for me;
In a terminal session, execute these commands:
sudo addgroup –quiet –system wireshark (this command simply didn't work in my case)
sudo chown root:wireshark /usr/bin/dumpcap
sudo setcap cap_net_raw,cap_net_admin=eip /usr/bin/dumpcap
usermod -a -G wireshark <my user name>
Reconfigure the Wireshark Common package and answer ‘Yes’ to the question ‘Should non-superusers be able to capture packets?
sudo dpkg-reconfigure wireshark-common (I needed to add the sudo part on this command)
After rebooting the laptop, Wireshark started normally with all the network interfaces available for capturing traffic.
UPDATE: I did a reinstall of the OS, and this time Wireshark started 'properly' from the Terminal application by typing (without the quotes) 'sudo wireshark'.
Tuesday, March 24, 2009 at 19:13 .... for me at this moment (and probably for most others).
I'm still in the fase of migrating my Windows server to a more 'reliable' Operating System. The new server should cover the following basic functionalities:
Up till now I've tried several Linux distros (Ubuntu 7, Ubuntu 8, and CentOS 5), and none of them are that easy to configure.
It seems that NFS isn't that easy to configure, since Apple OSX requires some special features (standards anyone??). Especially when you want some sort of user authentication. Just do a search on Linux, NFS and Apple OSX.
So after NFS didn't really work, I tried SMB for filesharing. While CentOS has some GUI to configure the shares, it lacks the interface of permissions for users...
You create users within the Linux environment, and if you wanna connect to a Samba share you need to configure additional users (in a different userdatabase).
This can be done by synchronization, but you need to do some scripting etc.
So far I've managed to install a working SSH server (with x509 authentication) and a Webserver.
When I compare this with Windows.... Well, there's no real comparison. Windows has a real central user database (not talking about the Active Directory here, but the local user database). And every service I need can talk to this database, and every service recognizes this database. No need to start 'hacking' some configuration files to make it work.
Well, as long as there's no new (read:better) interface of configuring those services and combining them with a shared user database ....
Recommendations can be left in the comments (if there are any)......
Saturday, May 10, 2008 at 12:15 Ever since I went 'Apple', the urge of moving away from Microsoft Windows operating systems is getting bigger and bigger. A couple of weeks ago I installed a two Ubuntu servers (v7.x) at work. Mainly for testing , and educational purposes.
The installation went extremely smooth on old Compaq ML370 server hardware. So, as a test I tried to install Adobe Coldfusion MX (Coldfusion 8 ) on the Ubuntu server (with Apache, and MySQL).
There are several postings on the Internet suggesting that it should be possible. Even though Ubuntu isn't on the supported platforms list for Adobe Coldfusion MX.
Adobe, Apache2, Coldfusion, Linux, ubuntu in Linux, Operating Systems, Software, Tips'n Tricks Friday, April 25, 2008 at 16:23 As of yesterday, the latest Ubuntu release 'Hardy Heron' is available for download (both client and server). Every time a major Linux distri(bution) hits 'the shelves', the Linux community roars. With each release (Ubuntu or whatever flavor) the Linux community gets closer, and closer to Windows.
Even though the OS itself is getting better and better. It still lacks the support of decent major software like Adobe Creative Suite, etc. It's missing the software people use in every day (business)life.
Sure, there a million different ways of running Microsoft Office or Adobe Photoshop on a Linux OS, but these require a commercial piece of software (CrossOver) , or in depth knowledge of the OS to make it work (Wine in some cases). Two things that shouldn't be required. Not if you're used to Windows (or Apple's OSX). And even if you find a 'substitute' it's most likely to have an awful user experience.
The average housewife won't use Linux, because her friends all use Windows. All those nice little Windows programs, which makes life easier (or a living hell with all the mal/spyware out there). So if the Linux community wants to make a difference they need to create some sort of critical mass (by their selves, or by Microsoft screwing up) to get the attention of the 'normal' user. But in a community where there's no real (commercial) business model, it's gonna be damn hard.
Microsoft created this critical mass by playing (probably) the best marketing trick in the world; Release Windows 95, and turn a blind eye to those who use a pirated copy at home. The home users create demand on the workfloor, so businesses start to use it on their workstations. Soon everyone was addicted. And now it's damn hard to beat the addiction.
B.t.w., Apple is doing it a lot better. They created a nice and stable OS (just like the average Linux desktop distribution), BUT the OS has ALL the relevant drivers for the hardware used. ALSO they have a complete (and cheap) software suite (iLife and iWork), which is more than enough for the average family. No need to search the caverns of the Internet for software, and they look and feel the same as the OS.
So, I guess that my conclusion is that the OS is nearing perfection, but it (Linux in general) lacks good and decent third party software (and a good marketing machine :) )
In the mean time; I'm gonna upgrade my Linux (mail, web, and ssh) servers at work to 'Hardy Heron'.
Tuesday, April 8, 2008 at 14:33 Well, that was another morning well spent....
A couple off weeks ago I started experimenting with FreeRADIUS on Ubuntu server (v6.06.2 TLS). Mainly because I needed to test some things for work. So I used VMWare to experiment. The networking part was set-up as Bridged.
Today, I wanted to test with iperf (a tool for network performance testing). So I launched the virtual machine, but there was no network connectivity. ifconfig showed that eth1 didn't received an IP adres.
So I ran every possible test there was;
This resulted in the following;
Listening on LPF/eth1/00:0c:29:68:e3:eb
Sending on LPF/eth1/00:0c:29:68:e3:eb
Sending on Socket/fallback
DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 8
DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 12
The "DHCPDISCOVER" messages continue about 4 times, then the message:
No DHCPOFFERS received.
No working leases in persistent database - sleeping.
After this I ran Wireshark on my server to see if DHCP request were coming in.... And you might have guessed; No DHCP request were reaching the DHCP server. So the problem was work PC related.... As a matter of fact, I had the Cisco VPN client running..... Which didn't allow the DHCP request broadcast.
Shutting the VPN client down solved the DHCP problem. After the virtual machine worked I could reinitiate the VPN.
Mental note to myself: do NOT boot/restart the virtual machines when the VPN is up.
Cisco VPN client, DHCPDISCOVER, FreeRADIUS, dhcp, firewall, iperf, ubuntu, vmware in Annoying, Operating Systems, Software 