Skip to content
Jun 20 10

Wireshark Build Version on Arch Linux

by john

Just some notes on getting the latest development version of Wireshark running on Arch Linux. I'm going to install it with a prefix of /opt so it doesn't interfere with the current 'stable' release that is already installed via pacman.

Download the latest build

Extract it.

Prerequisites:
# pacman -S python-geoip

read more...

Jun 8 10

Suspend on Thinkpad and Arch Linux

by john

Figure I should make some notes on what I've done to get Arch running on my Thinkpad. I've made so many changes without any notes. Oops.

This is what I did to get my laptop to suspend when closing the lid. Found the instructions at http://wiki.archlinux.org/index.php/Lenovo_Thinkpad_X300#Suspend_.2F_Hibernate

# pacman -S uswsusp

Test suspending:
# /usr/sbin/s2ram -f

Then install acpid

# pacman -S acpid

Add it to /etc/rc.conf DAEMONS section before hal.

# nano /etc/acpi/handler.sh

Note: In above link it says to edit default.sh. That file doesn't exist. It's now handler.sh

Change the 'button/lid' section like this:

button/lid)
#echo "LID switched!">/dev/tty5
;;

to

button/lid)
/usr/sbin/s2ram -f
echo "LID switched!">/dev/tty5
;;

May 26 10

Pleasure Craft Operators Card

by john

Walking out of Canadian Tire this weekend and there was a display for getting your Pleasure Craft Operators Card. The girl says that I can try writing the exam for $63 and I only pay if I pass. After explaining that I haven't read any of the required materials, have almost no boating experience, she says most people pass it without studying.

15 minutes later I've written and passed the exam with only 3 questions wrong out of 36.

What is wrong with this picture? How the hell is this kind of useless exam making boating safer? What a complete and total joke.

See you on the water.

May 26 10

Passed my GSNA

by john

Had to renew my GSNA (GIAC Systems and Network Auditor) certification this morning.

Did the 4 hour exam in about 2:15.

90%!! WOOT!!!

May 13 10

OpenSUSE 11.3 Countdown

by john

Countdown

May 3 10

Joined LOPSA

by john

LOPSA

The League of Professional System Administrators (LOPSA) had a booth at LinuxFest this year. I spoke for a while with one of their volunteers and was impressed with what he had to say. Basically it came down to the fact that Doctors, Lawyers, etc all have professional organizations to represent them with governments and other bodies. Why don't we have such a thing for all of us System Administrators/Network Admins/Security Admins and the myriad of other titles we get when working in IT?

I decided to join them. If you're any sort of System Administrator I'd recommend doing the same thing. It's only $50US a year.

Join today

May 3 10

Operation Repo is fake?? WTF?

by john

Operation Repo is this supposed 'reality' show about this group of repo people in California. Some of the stories are absolutely hilarious. Guess what? The show is a total fake! It's all scripted reenactments of real repo cases but of course its overly hyped and the guys are constantly getting into physical confrontations, etc which violates the laws that repo men operate under in the State of California. Bummer. I don't think I can watch that show anymore.

http://en.wikipedia.org/wiki/Operation_Repo

Apr 30 10

wavee.com a scam?

by john

Found a link to an auction site called wavee.com.

I took a look at it today and the site seems pretty legit and there are, at what first appears to be, some amazing deals like 13.3" Macbooks selling for $70, Nokia N900 unlocked phones for $7.00. I couldn't believe what I was seeing. How could this company be making any money? Now I figured it out.

First off here's how the auctions work:

The items are listed on the site for 48 hours and start at $0.00.
Each bid puts the price up by 1 cent.
When the auction gets down to 20 seconds left and somebody bids again, the countdown goes back to 20 seconds.

Here's how they're making their money:
Each bid costs 75 cents. That's the profit!

As an example, if a Macbook goes for (to make the math easier) $100 that is 10,000 bids at $0.75 each! That's $7500 for the company. Nice profit.

They do auction off bid packages with more bidding credits that seem to go for pretty cheap but again the company is already making money on the packages when they sell them.

It also looks like the same group of people always win the auctions so I think if you didn't get in on day one with this site you're pretty much screwed. I'd say stay away from this site.

Has anybody here had any luck with wavee.com?

UPDATE: Been thinking about it and actually it's not that bad. For example, I just watched a Nokia N900 go for about $5.00US. So that's basically $375 for bidding for the company plus $5 for the item and $7 for shipping. Now if there was 4 people who bid on the item and they each bid an equal amount of times the item only cost the winner $93.75 bidding +$12 for the item with shipping. Not a bad deal. Although it's gotta suck for those people who didn't win and spent $94 each just for the privilege of bidding. I'll keep my eye on it.

Apr 8 10

Running Wireshark as non-root user on OpenSUSE

by john

If you run Wireshark as root you are opening yourself up to some serious security risks. Best to run it as your regular user. But that's a heck of a lot more difficult then it sounds.

Here's the fix. I got the information from these sites -

http://wiki.wireshark.org/CaptureSetup/CapturePrivileges

http://packetlife.net/blog/2010/mar/19/sniffing-wireshark-non-root-user/

NOTE: I installed the latest SVN release of Wireshark from source using './configure --prefix=/opt', make, make install so that it wouldn't interfere with my already installed version of Wireshark. I also made the following changes to the current install of dumpcap under /usr/bin.

Add 'file_caps=1' to your kernel options in /boot/grub/menu.lst
Reboot

# groupadd wireshark
# usermod -G wireshark jholbrook
# chgrp wireshark /opt/bin/*
# chmod 750 /opt/bin/dumpcap
# setcap cap_net_raw,cap_net_admin=eip /opt/bin/dumpcap
# getcap /opt/bin/dumpcap
/opt/bin/dumpcap = cap_net_admin,cap_net_raw+eip

Then as a regular user I can now run Wireshark and see all my network interfaces.
$ /opt/bin/wireshark

Mar 15 10

Going wireless

by john

Finally decided to bite the bullet and set up a wireless AP at my home.

Picked up the Buffalo WHR-HP-G300N.

Being a geek, I decided I didn't want to use the default firmware. I did try it for a bit but it was really ugly. Decided to try installing DD-WRT on it instead. For those who don't know what DD-WRT is:

DD-WRT is a Linux based alternative OpenSource firmware suitable for a great variety of WLAN routers and embedded systems. The main emphasis lies on providing the easiest possible handling while at the same time supporting a great number of functionalities within the framework of the respective hardware platform used.

So I read some of the docs and figured I had to do a hard reset on the device and then try uploading the proper firmware using TFTP. I tried to get it to upload about 60 different ways with no luck. Then I came across a post on the DD-WRT forums. Turns out I could upload the firmware right from the default web interface upload tool! Duh! 2 minutes later I had it working with DD-WRT.

Wanna know what's really cool? Turns out that Buffalo is going to use DD-WRT as the default firmware on several of their models including the one I bought. Awesome stuff.

Too bad this Open Source 'thing' isn't going to catch on, ain't it?