Eddie Lim’s Blog @ lucifernet.com

centos5

Decided to compile my old apache webserver with mod_secure and found out some dependency problem on centos 5, the liblua-5.1.so which hasn’t include on the original package of centos has made my life miserable.

After google awhile and i found a good repo site which solved my problem, I just love yum and apt-get, don’t you guys think so, it makes your life easier without  those configure; make; make install thingy it has been always good for those lazy System Admin like me.

Firstly you need to impor GPG key from http://www.jasonlitka.com/yum-repository/

rpm –import http://www.jasonlitka.com/media/RPM-GPG-KEY-jlitka

Then vi or nano or whatever editor the /etc/yum.repos.d/utterramblings.repo

put :-

[utterramblings]
name=Jason’s Utter Ramblings Repo
baseurl=http://www.jasonlitka.com/media/EL$releasever/$basearch/
enabled=1
gpgcheck=1
gpgkey=http://www.jasonlitka.com/media/RPM-GPG-KEY-jlitka

if you have yum priority installed like mine, put priority=1 after the last sentence.

For you information, this repo is compatible with RHEL4,RHEL5, and Centos 4,5, and provides x86 and i386 platform.

if you like his this, visit http://www.jasonlitka.com for more detail.

Until now, the WPA security version known as ‘WPA2 (AES encryption) with 802.1x authentication’ was considered as one of most secure WiFi deployments by most wireless security experts. This is due to the resilience of this version to brute force dictionary attacks that can possibly cause intrusion into WPA/WPA2 PSK deployments

Also, the version is free from the TKIP vulnerability that is present on WPA TKIP deployments and can be used to launch potential attacks. However, with the newly discovered “Hole 196” vulnerability, this version now too is exposed to practical security problems.

To learn more about the “Hole 196” vulnerability, you need to wait for the live demo of the same entitled “WPA Too?!”, which is scheduled at BlackHat Arsenal on July 29 and at Defcon 18 on July 31 in Las Vegas. Let’s see how it goes…

That’s why using WPA2 CCMP is not enough, using WPA2 enterprise with openradius authentication via SSL or TLS is the most secure one.

I am doing this guide for my own reference on how to remove a failed hard drive from a Linux RAID1 array (software RAID), and how to add a new hard disk to the RAID1 array without losing data.

It may work for you but i did not guarantee it, because i am getting it from another link

1 Preliminary Note

In this example I have two hard drives, /dev/sda and /dev/sdb, with the partitions /dev/sda1 and /dev/sda2 as well as /dev/sdb1 and /dev/sdb2.

/dev/sda1 and /dev/sdb1 make up the RAID1 array /dev/md0.

/dev/sda2 and /dev/sdb2 make up the RAID1 array /dev/md1.

/dev/sda1 + /dev/sdb1 = /dev/md0

/dev/sda2 + /dev/sdb2 = /dev/md1

/dev/sdb has failed, and we want to replace it.

2 How Do I Tell If A Hard Disk Has Failed?

If a disk has failed, you will probably find a lot of error messages in the log files, e.g. /var/log/messages or /var/log/syslog.

You can also run

cat /proc/mdstat

and instead of the string [UU] you will see [U_] if you have a degraded RAID1 array.

3 Removing The Failed Disk

To remove /dev/sdb, we will mark /dev/sdb1 and /dev/sdb2 as failed and remove them from their respective RAID arrays (/dev/md0 and /dev/md1).

First we mark /dev/sdb1 as failed:

mdadm –manage /dev/md0 –fail /dev/sdb1

The output of

cat /proc/mdstat

should look like this:

server1:~# cat /proc/mdstat
Personalities : [linear] [multipath] [raid0] [raid1] [raid5] [raid4] [raid6] [raid10]
md0 : active raid1 sda1[0] sdb1[2](F)
24418688 blocks [2/1] [U_]

md1 : active raid1 sda2[0] sdb2[1]
24418688 blocks [2/2] [UU]

unused devices: <none>

Then we remove /dev/sdb1 from /dev/md0:

mdadm –manage /dev/md0 –remove /dev/sdb1

The output should be like this:

server1:~# mdadm –manage /dev/md0 –remove /dev/sdb1
mdadm: hot removed /dev/sdb1

And

cat /proc/mdstat

should show this:

server1:~# cat /proc/mdstat
Personalities : [linear] [multipath] [raid0] [raid1] [raid5] [raid4] [raid6] [raid10]
md0 : active raid1 sda1[0]
24418688 blocks [2/1] [U_]

md1 : active raid1 sda2[0] sdb2[1]
24418688 blocks [2/2] [UU]

unused devices: <none>

Now we do the same steps again for /dev/sdb2 (which is part of /dev/md1):

mdadm –manage /dev/md1 –fail /dev/sdb2

cat /proc/mdstat

server1:~# cat /proc/mdstat
Personalities : [linear] [multipath] [raid0] [raid1] [raid5] [raid4] [raid6] [raid10]
md0 : active raid1 sda1[0]
24418688 blocks [2/1] [U_]

md1 : active raid1 sda2[0] sdb2[2](F)
24418688 blocks [2/1] [U_]

unused devices: <none>

mdadm –manage /dev/md1 –remove /dev/sdb2

server1:~# mdadm –manage /dev/md1 –remove /dev/sdb2
mdadm: hot removed /dev/sdb2

cat /proc/mdstat

server1:~# cat /proc/mdstat
Personalities : [linear] [multipath] [raid0] [raid1] [raid5] [raid4] [raid6] [raid10]
md0 : active raid1 sda1[0]
24418688 blocks [2/1] [U_]

md1 : active raid1 sda2[0]
24418688 blocks [2/1] [U_]

unused devices: <none>

Then power down the system:

shutdown -h now

and replace the old /dev/sdb hard drive with a new one (it must have at least the same size as the old one – if it’s only a few MB smaller than the old one then rebuilding the arrays will fail).

4 Adding The New Hard Disk

After you have changed the hard disk /dev/sdb, boot the system.

The first thing we must do now is to create the exact same partitioning as on /dev/sda. We can do this with one simple command:

sfdisk -d /dev/sda | sfdisk /dev/sdb

You can run

fdisk -l

to check if both hard drives have the same partitioning now.

Next we add /dev/sdb1 to /dev/md0 and /dev/sdb2 to /dev/md1:

mdadm –manage /dev/md0 –add /dev/sdb1

server1:~# mdadm –manage /dev/md0 –add /dev/sdb1
mdadm: re-added /dev/sdb1

mdadm –manage /dev/md1 –add /dev/sdb2

server1:~# mdadm –manage /dev/md1 –add /dev/sdb2
mdadm: re-added /dev/sdb2

Now both arays (/dev/md0 and /dev/md1) will be synchronized. Run

cat /proc/mdstat

to see when it’s finished.

During the synchronization the output will look like this:

server1:~# cat /proc/mdstat
Personalities : [linear] [multipath] [raid0] [raid1] [raid5] [raid4] [raid6] [raid10]
md0 : active raid1 sda1[0] sdb1[1]
24418688 blocks [2/1] [U_]
[=>...................]  recovery =  9.9% (2423168/24418688) finish=2.8min speed=127535K/sec

md1 : active raid1 sda2[0] sdb2[1]
24418688 blocks [2/1] [U_]
[=>...................]  recovery =  6.4% (1572096/24418688) finish=1.9min speed=196512K/sec

unused devices: <none>

When the synchronization is finished, the output will look like this:

server1:~# cat /proc/mdstat
Personalities : [linear] [multipath] [raid0] [raid1] [raid5] [raid4] [raid6] [raid10]
md0 : active raid1 sda1[0] sdb1[1]
24418688 blocks [2/2] [UU]

md1 : active raid1 sda2[0] sdb2[1]
24418688 blocks [2/2] [UU]

unused devices: <none>

That’s it, you have successfully replaced /dev/sdb!

Original link : - http://www.howtoforge.org/replacing_hard_disks_in_a_raid1_array (by falko)

Has been amazed by Thai’s adverts for long long time,

below is another wonderful ads by them, which posted by my friend in facebook.

Below is my favourite online show HAK5, this episod they are talking about VPN that using google account :-

After watching this, the GBRIDGE is actually @ http://www.gbridge.com/

this software will enable the function of sharing, VNC, VPN whatever u stated, it is not running on industrial IPSEC VPN, but it serves what it should be achieved.

My friend post a link @ facebook to warn others to beware of the prank used by some syndicates to transfer your money out from your account

detail is at below link :-

http://ubisoft.biz/dc/2010/06/scam-using-bukit-aman-phone-line.html

just wondering how they manage to transfer your money by just doing such prank call to malaysia people.

So beware of this number  03-26163822 and claim that he is Inspector Liew from Bukit Aman, and 00852-65207072 Inspector Wong Kuan that claimed to be a HK police.

this inspecter liew from bukit aman claim to have a handphone number of 016-3901947.

so beware of all these, is a SCAM !!!

After days of research in googling, found many post that uses ACR30U in linux environment, the USB smartcard device uses the PCSCD in linux in order to read the card.

Here is the driver for it after so many days googling :-

http://www.acs.com.hk/drivers/eng/ACx30U_driver_Lnx_100_P.zip

just do a make; make install and it will dump the driver into /usr/local/pcsc/drivers/

Full path of the driver would be in /usr/local/pcsc/drivers/acsAcr30.bundle/

A new domain name of lucifernet.com is pointing back to this page to support the growing numbers of visitors on my site

There is a tutorial on how to setup your Symbian phone to use WPA2-AES PEAP-TLS

Since I’ve setup a wireless network through my freeradius, i would like all my devices to able to logon to my wireless AP

Below is the link :-

https://securehomes.esat.kuleuven.be/~decockd/wiki/bin/view.cgi/Symbian/EduRoam