Howto - Disk Wiper, delete private data securely before selling your pc

 

We really seem to live in an online world today and our pcs generally hold a lot of private information, in fact more than we probably realise. The scary thing is that when we get rid of a pc, do we bother to remove the data on the harddrive? If we do, do we use the normal operating system delete, clear it out the recycle bin and hope for the best? Or maybe we are more cautious and we format the disk. Well surprise surprise, the data is still there. Some free tools from the Internet can recover your personal information. This is even more serious for a business that handles sensitive information! So what can one do? Well I found a nifty tool called DBAN that you can write to a CD/DVD. It is a self contained boot disk and will securely delete your data from your disk. It does this by writing random data to the entire disk, you can select the number of times. It’s a great tool to ensure your privacy and that of your business.

Howto install Jira plugins using Jira on JBoss

I must say most of the documentation on Atlassian’s web site refers to the installation of plugins on the Jira standalone installation. So it took some time to determine exactly what to do with when trying to install a plugin with our installation that is running on JBoss. The process is as follows: Download the plugin jar, copy it to: atlassian-jira-enterprise-3.13.2/webapp/WEB-INF/lib/, this is your jira build directory. Build the war file by executing ./build.sh in the atlassian-jira-enterprise-3.13.2 directory. This will build a new war file. Copy this into your JBoss deploy folder e.g. jboss-4.2.3.GA/server/all/deploy/ and restart JBoss.  The new war will not lose your existing projects that were running with the previous war file.

Howto determine linux / unix directory size

This is actually relatively simple, just run du -h /home/joe, this will give you the directory size of joe's home directory. The -h is a useful switch not only for du but also for ls, it provides the size output in a human readable format, that is in MB and G, not 473987523094, enjoy!

Google bookmarks

Probably one of the most under-advertised and useful Google tools is Google bookmarks, the idea is you have access to your Internet Favourites / Bookmarks at any PC. Are you frustrated by having lost your favourites/bookmarks when re-installing your PC or changing computers? Well stop using the browser store for this purpose. Download the google toolbar and sign up for Google bookmarks by clicking on the blue star on the Google tool bar. If you already have a Google account then just sign in with that, else register. Then when you want to bookmark something, click on the star and it will turn yellow. There after you can go to the bookmarked site by clicking on the star. When you lose your pc, no problem just install the Google toolbar and sign in and your bookmarks are back!

 

Hyperic custom monitoring

As per my recent post, Hyperic has some nice tutorials on setting up custom monitoring. There tutorial shows you how to monitor a server that processes invoices. You basically configure hyperic to execute a script at a certain time interval. The script that they write in the tutorial monitors files moving in and out of a unix directory as the system processes invoices in their example. We used a similar script to monitor our transactions based on entries in our database. The metrics are all imported into Hyperic and from there you can set up the regular alerting and graphing etc. This is very nifty. To see the tutorial go search for hyperic invoice script using the Google search on my blog.

Need a tracking system - What about Jira or RT?

Do you have a development team and want to keep track of the tasks that they are busy with. Well the company I work for uses Jira and RT. RT is a great tool for the support desk. It integrates with our support email address nicely. When a customer sends a message to your support email address, it automatically goes into the RT system. The customer gets a response email that contains a reference number that they can use for tracking purposes. Any replies to support with the tracking number by the customer appends it to the existing issue in RT. The support consultants log into the RT system via a web browser and see their allocated tickets which they work on resolving. The best thing about RT is no call is lost and one can ensure that the help desk resolves all queries and to ensure that they are adequately distributed to the team.

 

Jira is more for developers where one can log and assign the development tasks to them. It contains various issue types such as “bug” , “new feature”, “task” etc. The beauty about Jira is that it is very customisable allowing you to have customised input fields for issue types, custom issue types and workflows you choose. You can even use it for HR functions like leave capturing, claims etc. It contains various plugins for software repository management tools like svn. Greenhopper is also a nice plugin for Extreme Programming. Use the search on my blog to find more info on these products. Have fun!

Howto do a reverse search on bash commands executed

Bash allows you to find commands that you executed in the past based on a search string. Use control r and then type the command that you are looking for in your history. If you want to see the last rpm commands you used without going through the whole list then “control r” rpm, this will give your last rpm command. Now use your cursor to see other rpm commands you entered.

Howto send attachments from a unix / linux server

The best way to send a file from a Unix / Linux server as an email attachment is to use mutt. If it’s not installed use yum to install it yum install mutt. Then it’s very straight forward mutt –a attachment –s subject name@emailserver.com < /dev/null . That’s it, as simple as that.

Stop the ESET email trailer

By default the ESET antivirus appends a message to all your sent emails saying that it was scanned by the ESET anti-virus. To remove this feature right click on the ESET logo in the system tray – click email protection – under “append tag messages to sent email” change the option to “infected email only” or “never”.

 

Windows Live Messenger with a non hotmail / msn email address

I am having problems with my windows live messenger. I don't use a msn or hotmail address, this itself does not pose a problem with other Internet contacts using Windows Live Messenger. The problem occurs adding contacts I have who connect using LCS, the corporate edition. They are able to add external cotacts if they have hotmail/msn email addresses. However they were unable to get me working or visa-versa. I add the contact successfully, but they never appear online, even though they are online! I have seen the post on the Microsoft site saying they need to add me as joeblogs(gmail.com)@msn.com. The funny thing is that this worked once and then the organisation upgraded their clients and we were back to square one. Any ideas??

Hyperic versus Zenoss

The company I work for wanted to be able to effectively monitor our servers and so I initially looked into Zenoss and found that setting it up was quite a mission. I then came across Hyperic which has both a commercial and community release. Zenoss typically uses snmp, whilst Hyperic uses a Hyperic agent. Whilst the agent solution can have its disadvantages, Hyperic is miles easier to set up and configure. I think this is an excellent product and you should check it out. It monitors a lot more than the OS, including JBoss, Apache, MySQL etc. The auto discovery functionality is great and so is the alerting capabilities. There is no time wasted in working out how to configure the product. In addition there are excellent video tutorials on the Hyperic site.

SSH Howto Quickguide

Don’t make the mistake of thinking that because you have SSH installed, that you have a secure system. Some work needs to be done to ensure that your server is in top shape. They main weakness with the default SSH installation is the fact that password authentication is allowed. This only gives it one advantage over Telnet, the fact that when your password goes over the net it is encrypted. This does not stop someone from guessing your password especially those users that have weak passwords. As such SSH with key authentication should be used. To do this follow these easy steps.

1. With putty create a key pair using Putty key-gen
2. Copy the openssh public key in the putty window and save your putty private and public key
3. On the server create a .ssh directory in the user’s home directory
4. Create an authorized_keys file in the .ssh directory
5. Paste the public key that you copied during the key generation into the authorized_keys file
6. Save the authorized_keys file
7. Make sure that the permissions on the user’s .ssh directory are appropriately secure, this is done as follows: chmod –R 700 .ssh, if you are root ensure that the user you are setting up owns the .ssh directory chown –R user:user /home/user/.ssh
8. In /etc/ssh/sshd_config set: PasswordAuthentication no
9. In the sshd_config file, set up a list of allowed users by uncommenting AllowUsers and specifying the users separated by a space eg AllowUsers Fred Joe
10. Ensure PermitRootLogin is commented out
11. Restart sshd, service sshd restart
12. Associate your private key with your putty saved session for your server.
13. Connect to the server. Any errors will be found in /var/log/secure.

SVN and svnsync error.

For a long time I had a error with svn that I was unable to resolve and have finally gotten to the bottom of it. I was trying to set up a mirror of our repository using svnsync. I followed the instructions as per the manual. I created the mirror repository and modified the repository hooks as per the manual so that svnsync could make the necessary repo version changes. However I kept getting the error:

 

svnsync: DAV request failed; it's possible that the repository's pre-revprop-change hook either failed or is non-existent

svnsync: At least one property change failed; repository is unchanged

svnsync: Error setting property 'sync-lock':

Revprop change blocked by pre-revprop-change hook (exit code 255) with no output.

 

After lots of googling I was unable to find a solution to the problem. It then occurred to me that this was a SELINUX configuration error. The SELINUX template for apache does not allow the apache user to write to the svn repository directory. To check whether SELINUX is running, type getenforce on RedHat. If it is active it will display “enforcing”.

__________ Information from ESET Smart Security, version of virus signature database 3776 (20090119) __________

The message was checked by ESET Smart Security.

http://www.eset.com

X-Server - Xming lightwieght and works nicely

I recently had a problem with Cygwin X-server that gave funny errors about unable to connect to server localhost:11.0, server refused connection. This seemed to be Cygwin related since when I downloaded Xming the problem was sorted out. This is using X11 forwarding with ssh via putty. In addition I used exceed X server that gave a problem with my Adobe LiveCyle installation. When the Adobe LiveCycle X-Configurator opened a second window, the message kept flashing. Xming once again handled this properly.

__________ Information from ESET Smart Security, version of virus signature database 3776 (20090119) __________

The message was checked by ESET Smart Security.

http://www.eset.com