- Oct 16, 2006 by the_angry_angel
- Geek
Tripwire is another one of those things which I've been meaning to play with for a long time. Ideally you should install it at the same time as rkhunter and chkrootkit, before you let your box loose on the global intarweb (precautions are a good thing). Unfortunately for various reasons I've not ever done it. I'm a fool, as it's pretty simple.
- Install it using your package manager. By default Etchs package will ask if you want to run the bundled twinstall.sh script. You should answer yes, and follow the instructions to create a site and local password. Obviously make them secure.
- Create the initial database (this may take some time). You may wish to run this now, or after creating your own policy. It will depends on your system.
tripwire --init
- Edit the human readable policy file to adjust the configuration. The default file will be found in /etc/tripwire/twpol.txt
- Update the policy tripwire looks at:
tripwire --update-policy /etc/tripwire/twpol.txt
You may need to run this twice to pick up the new policy file. - Run a quick
tripwire --check
You should notice that there are no errors reported, if all is well.
Don't forget when you update any packages, or add any new packages, to run an update to pickup the new files and add them to the database
tripwire --update
- Oct 13, 2006 by the_angry_angel
- Geek
Literally a few minutes ago this little beauty arrived in my hot sweaty hands. After unpacking the box my initial thought was "wow, this is small". I've used USB hard drives in the past, but this is a nice compact one. It's of a good weight, and clearly well put together. As usual it comes with the plastic protection strips on the ends.
Interface and power are somewhat standard; its entirely powered by USB, and comes with the relevant cable (which is a little short imho). Nevertheless it actually has a socket on the unit for an external power source. This isn't included, and it isn't clear if this is for future expansion or simple re-use of the internals.
By default it comes formatted as FAT32, with around 74.5GB of usable space, which is ideal for use between various operating systems - as I intend for it to be used.
The performance of the unit isn't blindingly fast, but at the end of the day it's what you pay for; a USB hard drive. It takes a little over 10 minutes to do a 12GB copy of around 3500 files and 250 folders. As for sound, you can just about hear it over the sound of my desktop machine if you listen for it. And barely over my keyboard as I type.
Now all I need to do is perfect the backup routine...
- Oct 10, 2006 by the_angry_angel
- Geek
I've recently been trying to decide how best to backup my systems, now that I really cannot live with the thought of having to re-rip all of my music. My first thought was the rather obvious, tried and tested system of a cheap tape drive from ebay attached to my Debian Etch box. Unfortunately looking at the prices of the size tapes I'd be after, and the thought that restoring and backing up can take some time, I started looking for alternatives.
We provide online backup services at work, and they do work quite well. No native linux daemon though. So that left me with the "new fangled" and potentially risky USB hard drive option. Chris suggested that I bring a large disk with me, so I can return with various bits and pieces for work when I'm next in his direction. As such I've ended up biting the bullet and I've gone for a Freecom 80GB 2.5" Mobile Hard Drive.
It should be small enough to take with me to places, compatible enough to actually beable to use on various machines of differing OS', and hopefully will be enough disk space to keep me going for a while. At least as a primary backup device.
Now all I need to do is get my arse in gear and do a regular backup once it arrives....
- Oct 10, 2006 by the_angry_angel
- Geek
As if on cue, here's another rant about ajax.
Over the last day I've been using RoundCube, and as much as I like the pretty simple and well thought about GUI, the obtrusive and obligatory ajax action divs are really starting to get on my tits. Certainly I'd like to know when something is being done by the application, but it shouldn't be as obtrusive as putting a brick in front of my front door. Bear with the analogy; it's not particularly in the way, but I feel like I have to step over it to stop tripping over. Whilst that's fine for the first few times, after that it gets to be a chore.
And here lies the delicate balance zen of HCI.
- Oct 09, 2006 by the_angry_angel
- Geek and Unix-like
Having broken my non-production mail server a few days ago, I decided it was about time to actually get around to fixing it. I don't intend using it as my primary mail server, but more as a mirror of my ISP's account - at least until I have a private colocated box again, on a decent line that can handle my mail. Some how I don't think my home line (read: me) will be happy with all of the various mailing lists coming at it.
Anyway, I decided tonight would be a good time to fix it. Amy's off dancing with her mum, and other than wanting to play some games, it seemed like an ideal time. Having never actually used Exim4, Courier, and SpamAssassin it seemed like an ideal thing to waffle on about.
- Install what you need. As usual apt-get is king.
apt-get install exim4-daemon-heavy courier-imap spamassassin spamc sa-exim
Obviously accept all the various dependancies, and select multiple files for exim4, and internet site. Otherwise leave as default. - Make your Maildir (I prefer this over mbox), using courier's maildirmake command
maildirmake ~/Maildir/
- Append the following to /etc/exim4/update-exim4.conf.conf
dc_localdelivery='maildir_home'
- Edit /etc/default/spamassassin, and set ENABLE = 1
- Generate the new config
update-exim4.conf
and if that went through without any errors, check eximexim4 -bV
and then restart/etc/init.d/exim4 start
- Test Exim is working, just to make sure
exim4 -bt user@localhost
exim4 -v AnExternalMailAccount@Domain.TLD
From: user@localhost
To: AnExternalMailAccount@Domain.TLD
Subject: Test
Test
.
- If you want to be particularly shitty and reject exe's, com's, bat's, etc. then add the following to /etc/exim4/conf.d/acl/40_exim4-config_check_data, before the final line, "accept"
deny message = Serious MIME defect detected ($demime_reason)
demime = *
condition = ${if >{$demime_errorlevel}{2}{1}{0}}
deny message = This server will not accept certain file attachments. \
Please resend it as a compressed archive.
demime = bat:btm:cmd:com:cpl:dll:exe:lnk:msi:pif:prf:reg:scr:vbs
- Edit /etc/exim4/sa-exim.conf, and change the line
SAEximRunCond: 0
toSAEximRunCond: 1
- Now lets add support for virtual domains, in the old fashioned way.
mkdir /etc/exim4/virtual
- Create a set of file, one for each of your domains.
touch /etc/exim4/virtual/yourdomain.tld
- In each file, add the various aliases. The format is localpart: localuser@localhost. Wildcards are accepted.
postmaster : user@localhost
The usual Exim magic entries can be present in these files. For instanceuser : :fail: $local_part Does not exist
postmaster : :blackhole:
- Now to get those virtual domains working, edit /etc/exim4/conf.d/main/01_exim4-config_listmacrosdefs, and replace the local_domains line with
domainlist local_domains = @:localhost:dsearch;/etc/exim4/virtual
What this should do is look up the contents of /etc/exim4/virtual. Any valid domain in here will be accepted by the server. - Create /etc/exim4/conf.d/router/350_exim4-config_vdom_aliases, and add
vdom_aliases:
driver = redirect
allow_defer
allow_fail
domains = dsearch;/etc/exim4/virtual
data = ${expand:${lookup{$local_part}lsearch*@{/etc/exim4/virtual/$domain}}}
retry_use_local_part
pipe_transport = address_pipe
file_transport = address_file
no_more
This gets the actual aliases working. - Re-generate the configuration
update-exim4.conf
- Restart Exim, if all went well
/etc/init.d/exim4 restart
Courier requires no real configuration. Woohoo. I'll have to SSL it at some point but seeing as its currently only within my physical network, I'll change that at a later date.
One thing to finally remember is to create the Maildir in /etc/skel, and possibly .forward, which can apparently contain user defined filtering rules (and can be surprisingly powerful);
if $h_X-Spam-Status: CONTAINS "Yes" or $h_X-Spam-Flag: CONTAINS "Yes"
then
save Maildir/.Junk/
finish
endif
Having gotten past the hard bit, its was time to play with RoundCube. As with most PHP scripts (yes, I know I've been trying to get rid of them, not add more), all you need to do is read INSTALL. Its very straight forward. As for how RoundCube works... I'm not entirely sure if I like it. The interface is pretty good, but I have to say its not quite as slick as Outlook Web Access (which if you ignore the whole IE-only-proprietory-experience thing, isnt too bad), Zimbra or Hula, and its missing some features; but it's definately getting there. Most certainly much better than Horde IMP or Squirrelmail by a long shot. I'll give it a few weeks / days, and see how things go.
