linux poison RSS
linux poison Email

How to block flash videos using Squid proxy Server

A popular request is to block certain content types from being served to clients. Squid currently can not do "content inspection" to decide on the file type based on the contents, but it is able to block HTTP replies based on the servers' content MIME Type reply.

The MIME Type reply is generally set correctly so browsers are able to pass the reply to the correct module (image, text, html, flash, music, mpeg, etc.)

One popular example is to block flash video, used by sites such as Youtube.
The MIME type for such content is "video/x-flv". Creating an ACL to block this is easy.

First, create an ACL which matches the MIME type in question:
acl deny_rep_mime_flashvideo rep_mime_type video/x-flv
Then create a HTTP Reply ACL which denies any replies with that MIME type:
http_reply_access deny deny_rep_mime_flashvideo
This has been verified to block Youtube flash video content.

If the content is blocked the following similar line will be seen in access.log:

1282485682.146    903 TCP_DENIED_REPLY/403 3143 GET - DIRECT/ text/html

And on browser, you can see ...

Read more

Enable Surround Sound system (5:1) in Ubuntu

To enable 5:1 surround sound system for your Ubuntu, go to terminal and open the file (/etc/pulse/daemon.conf) using your editor and change the line:

$ sudo gedit /etc/pulse/daemon.conf
; default-sample-channels = 2

to say

default-sample-channels = 6

After you reboot, test your sound using: speaker-test -Dplug:surround51 -c6 -l1 -twav

Read more

How to Hide data (Steganography) into image file - OutGuess

OutGuess is a universal steganographic tool that allows the insertion of hidden information into the redundant bits of data sources. The nature of the data source is irrelevant to the core of OutGuess. The program relies on data specific handlers that will extract redundant bits and write them back after modification. In this version the PNM and JPEG image formats are supported.

This process will allow us to store information of any kind within an image. This can be useful if you intend to send confidential information (such as a text document or a spreadsheet) to a person and do not want such information to be intercepted by someone else (such as the mail provider, a spy, police, etc. ..) We will use the technique of steganography to hide information within the image.

OutGuess Installation:
Ubuntu user can install OutGuess using Synaptic package manager or can install using command:
sudo apt-get install outguess

Data Embedding using OutGues:
Now here is how you do it: you need a text file (in this example we call it "hidden.txt" ) and a picture ( we call it "input.jpg" ) after that you issue the following command to hide your data ("hidden.txt") into the image file.

$ outguess -k "my_passwd" -d hidden.txt input.jpg out.jpg
Reading input.jpg....
JPEG compression quality set to 75
Extracting usable bits:   43283 bits
Correctable message size: 24627 bits, 56.90%
Encoded 'hidden.txt': 1128 bits, 141 bytes
Finding best embedding...
    0:   587(50.6%)[52.0%], bias    68(0.12), saved:    -2, total:  1.36%
   15:   550(47.4%)[48.8%], bias    73(0.13), saved:     1, total:  1.27%
   41:   585(50.4%)[51.9%], bias    32(0.05), saved:    -2, total:  1.35%
  198:   540(46.6%)[47.9%], bias    50(0.09), saved:     3, total:  1.25%
198, 590: Embedding data: 1128 in 43283
Bits embedded: 1160, changed: 540(46.6%)[47.9%], bias: 50, tot: 43059, skip: 41899
Foiling statistics: corrections: 174, failed: 187, offset: 158.255556 +- 316.069419
Total bits changed: 590 (change 540 + bias 50)
Storing bitmap into data...
Writing out.jpg....

Data Retrieval
You can retrieve data from an image in the following way:
$ outguess -k "my_passwd" -r out.jpg hidden.txt
Reading out.jpg....
Extracting usable bits:   43283 bits
Steg retrieve: seed: 198, len: 141

Read more

Script to add multimedia support to Ubuntu

Ubuntu Multimedia Support Script will add Medibuntu repository and clipgrab ppa and will install the complete multimedia support.

It will install:
- Java Support
- Flash Player Plugin
- Gstreamer Codecs
- w32codecs
- Non-free extra codecs

NOTE: Before continuing, please make sure that all default repositories (exspecially partners' ones) and updates are enabled.

1) Download the script - here
2) Right-click the script you will use, go to proprieties and to the Permissions tab. Select Allow executing as program.Close the window.
3) Now left-click on the script and run it in terminal.
Read more

The biggest and best collection of wallpapers for Ubuntu

Read more

Configuring a Squid Server to authenticate from MySQL database

Install squid using your distro package management system or using source.
Make sure squid is compiled with --enable-basic-auth-helpers=DB option.

Creating MySQL db/table to hold user credentials
mysql> create database squid;
mysql> grant select on squid.* to someuser@localhost identified by 'your_passwd';

Create table 'passwd' in 'squid' db.
mysql> CREATE TABLE `passwd` (
  `user` varchar(32) NOT NULL default '',
  `password` varchar(35) NOT NULL default '',
  `enabled` tinyint(1) NOT NULL default '1',
  `fullname` varchar(60) default NULL,
  `comment` varchar(60) default NULL,
  PRIMARY KEY  (`user`)
Populate the table with some test data, eg
mysql> insert into passwd values('Nikesh','test',1,'Test User','for testing purpose');
Squid Configuration File
Edit squid.conf so that authentication against MySQL db works

auth_param basic program /usr/local/squid/libexec/squid_db_auth --user someuser --password your_passwd --plaintext --persist
auth_param basic children 5
auth_param basic realm Web-Proxy
auth_param basic credentialsttl 1 minute
auth_param basic casesensitive off

acl db-auth proxy_auth REQUIRED
http_access allow db-auth
http_access allow localhost
http_access deny all

Other squid related articles - here
Read more

How to Fix broken package script - Ubuntu

When a command in the package script returns error for some reason and the script exits with error, the package management system aborts their action and ends up with partially installed packages. When a package contains bugs in its removal scripts, the package may become impossible to remove and quite nasty.

For the package script problem of "package_name", you should look for:
You edit the offending part of the script from the root:
by prepending it with "#" or,
by appending it with "|| true". 
Then configures all partially installed packages by: # dpkg --configure -a
Read more

Creating Fancy and Stylish Screenshots with Screenie

Screenie a small tool to allow you to compose a fancy and stylish screen-shots. It is cross-platform (for Linux, Windows and Mac OS X) and very easy to use. You will have an impressive screen-shot in just one minute!

Screenie Installation:
Ubuntu user can install using synaptic package manger to search and install Screenie

To run,  go to Applications> Graphics> screenie, this with open up three windows: Intructions, screenie-qt and Parameters.

 * The Instructions Windows provides very basic information about using the Screenie.
 * The main window is screenie-qt, where you need to drag and drop the images / screenshots that required makeup (At most we can use three).
 * The Parameters window can be used to change the configuration of the images. For example, distance, angle, opacity, etc.

Below is the example:
Read more

How to free Linux Kernel page cache and/or inode and dentry caches

Kernels 2.6.16 and newer provide a mechanism to have the kernel drop the page cache and/or inode and dentry caches on command, which can help free up a lot of memory.

Writing to this will cause the kernel to drop clean caches, dentries and inodes from memory, causing that memory to become free.

To free pagecache:
echo 1 > /proc/sys/vm/drop_caches

To free dentries and inodes:
echo 2 > /proc/sys/vm/drop_caches

To free pagecache, dentries and inodes:
echo 3 > /proc/sys/vm/drop_caches

As this is a non-destructive operation, and dirty objects are not free-able, the user should run "sync" first in order to make sure all cached objects are freed.
Read more

How to Make Windows Faster than Linux

If you're using Windows and want to make it faster, follow these steps below:

1. Defragment the hard three times a day

2. Remove the antivirus (much consumption)

3. Disable Automatic Updates

4. RAM Upgrade

5. Buy a new CPU

6. Downgrade to Windows 95

7. Wait for Windows 9

More information here
Read more

Real-time Bandwidth monitoring tool - Bmon

bmon is a portable bandwidth monitor and rate estimator. It supports various input methods for different architectures. Various output modes exist, including an interactive curses interface, lightweight HTML output, and simple ASCII output. Statistics may be distributed over a network using multicast or unicast and collected at some point to generate a summary of statistics for a set of nodes.

Install bmon
For Ubuntu or Debian systems, either click this link or run the following command in a terminal
$ sudo apt-get install bmon
Using bmon:
Open a terminal and enter the command "bmon" and you should see the following output

Vnstat is the other alternate to bmon - here
Read more

Ubuntu Naming Convention

Each Ubuntu release is named in two ways. The official name is the year and month combined, separated by a period. The release made in April 2010 was named 10.04, for example.

Releases also have nicknames, decided upon by Mark Shuttleworth, and humorously derived from types of animals. 8.04 has the nickname Hardy Heron. 8.10 is called Intrepid Ibex. Sometimes the animal component is dropped in formal conversation 8.04 is referred to simply as “Ubuntu Hardy”, or just “Hardy”.

Version    number Nickname    Updated until
4.10          Warty Warthog          April 2006
5.04          Hoary Hedgehog        October 2006
5.10          Breezy Badger           April 2007
6.06          LTS 1 Dapper Drake June 2009
6.10          Edgy Eft                     April 2008
7.04          Feisty Fawn               October 2008
7.10          Gutsy Gibbon            April 2009
8.04          LTS Hardy Heron     April 2011
8.10          Intrepid Ibex             April 2010
9.04         Jaunty Jackalope       October 2010
Read more

Graphical network connections viewer for Linux - Netactview

Netactview is a graphical network connections viewer for Linux, similar in functionality with Netstat. It includes features like process information, host name retrieval, automatic refresh and sorting. It has a fully featured GTK 2 graphical interface.

 * Shows all udp, tcp, udp6 and tcp6 network connections in an automatically refreshed list.
 * The presented information includes protocol names, addresses, ports and connection states along with host names and process information.
 * The connections list can be sorted by any of its columns.
 * Refresh rates ranging from 1/16 to 4 seconds, or no automatic refresh can be selected.
 * Connections can be seen for 3 seconds after they are closed giving you the chance to spot connections that last very little time.
 * The unestablished connections can be filtered out.
 * Multiple connections list snapshots can be saved in a formatted text file.

Ubuntu packages (Ubuntu 6.06 or newer)
Standard PC (x86): netactview_0.5.1-1_i386.deb
64bit PC (amd64): netactview_0.5.1-1_amd64.deb

In the standard Ubuntu distribution and other distributions based on Gnome opening the .deb package should start the Gdebi package installer. Gdebi will install the package and all its dependencies.
In KDE based distributions, like Kubuntu, you will have to install Gdebi and open the package with it.

Read more

Linux kernel error levels (Value, Name and Meanings)

Error level value      Error level name      Meaning
0 KERN_EMERG system is unusable
1 KERN_ALERT action must be taken immediately
2 KERN_CRIT critical conditions
3 KERN_ERR error conditions
4 KERN_WARNING warning conditions
5 KERN_NOTICE normal but significant condition
6 KERN_INFO informational
7 KERN_DEBUG debug-level messages
Read more

Check your Ubuntu for Non-free packages - vrms (Virtual Richard M Stallman)

In the early 1980's Richard M. Stallman created the GNU project, whose goal was to provide the world with a Free Operating System (with the word "Free" with the same meaning as in "Freedom").

Since then, a lot of Free Software was developed and entire operating systems based only on Free Software were created. Unfortunately, some data is still stored in a format that is proprietary, secret and non-standard, made by corporations that want to retain control over the users of the software that generates such data.

The vrms program provides the facility for users of Debian-based Operating Systems (like Ubuntu Linux) to detect if their systems have any non-free software installed, so that the users can keep their computer "pure", without non-free software.

vrms can be installed using Synaptic Package Manager:

To execute it, just type "vrms" in the terminal and you will get the list of 'non-free' software installed on your system. For each program from 'non-free' installed, vrms displays an explanation of why it is non-free, if one is available. This explanation is usually from a list included in the vrms package itself, but other packages can provide additional lists of explanations, too.

So if you want a completely free (as in freedom!) operating system, you can use Use/ Install gNewsense instead of Ubuntu or others.
Read more

How to Securely Wipe a Hard Drive - Darik's Boot and Nuke ("DBAN")

Darik's Boot and Nuke ("DBAN") is a self-contained boot disk that securely wipes the hard disks of most computers. DBAN will automatically and completely delete the contents of any hard disk that it can detect, which makes it an appropriate utility for bulk or emergency data destruction.

DBAN is a means of ensuring due diligence in computer recycling, a way of preventing identity theft if you want to sell a computer, and a good way to totally clean a Microsoft Windows installation of viruses and spyware. DBAN prevents or thoroughly hinders all known techniques of hard disk forensic analysis.

DBAN is a free software product that can be used at home or in a business at zero cost.

DBAN has all available drivers for SCSI disks and drivers for IDE, PATA, and SATA disks.
DBAN supports all Microsoft platforms and securely destroys FAT, VFAT, and NTFS filesytems and  all unix platforms and securely destroys ReiserFS, EXT2, EXT3, EXT4, and UFS filesystems.

DBAN 2.2.6 Beta for CD-R and DVD-R media.
(Burn this file to a blank disc and boot the computer with it. Do not unzip this file.)
Burn this downloaded ISO file to a CD and boot off that CD (you need to configure your BISO settings to boot from the CD first). Follow the prompts and select your appropriate configuration options.

DBAN is easy to use and very secure, using multiple methods including the Gutmann method and the Mersenne twister.

The autonuke option from the first screen will automatically run through all detected disks, securely wiping them, so be careful with it.

Read more

Modify Images in Linux - Mogrify

The  Mogrify program is a member of the ImageMagick suite of tool, use the mogrify program to re-size an image, blur, crop, despeckle, dither, draw on, flip, join, re-sample, and much more. This tool is similiar to convert except that the original image file is overwritten (unless you change the file suffix with the -format option) with any changes you request.

Imagemagick Mogrify is an easy to use, ligte, command prompt tool and capable of editting most of the image types.

Using Mogrify:
If you want to transform all the .tiff images in a directory to .jpg, you can do it with a single command:
mogrify -format jpeg *.tiff

Create thumbnails using this command:
mogrify -geometry 120x120 *.jpg

To reduce the size of any given image, use this command:
mogrify -resize 50% *.jpg

You can resize all your JPEG images in a folder to a maximum dimension of 256x256 with this command:
mogrify -resize 256x256 *.jpg

Convert PNG images to the JPEG format:
mogrify -format jpg *.png

Rotate an Image using this command
mogrify -rotate "-90" test.jpg

Reduce Colours of any given image using this command
mogrify -colors 2 test.jpg

Monochrome the given image using this command
mogrify -monochrome test.jpg

Add Borders to given image using this command
mogrify -border 2x4 test.jpg

Add Annotate to Image using this command
mogrify -comment 'My holiday highlight' test.jpg

Add some more Decorative Border using this command
mogrify -frame 20x20 test.jpeg

For more information about the ImageMagick project, visit
Run ‘mogrify -help’ to get a summary of the mogrify command options.
Read more

How to enable Autologin to Linux console using mingetty

The mingetty program is a lightweight, minimalist getty program foruse only on virtual consoles. Mingetty is not suitable for serial lines (you should use the mgetty program instead for that purpose)

If you got the mingetty program, your /etc/inittab file will look like ....
1:2345:respawn:/sbin/mingetty --noclear tty1
2:2345:respawn:/sbin/mingetty tty2
3:2345:respawn:/sbin/mingetty tty3
4:2345:respawn:/sbin/mingetty tty4
5:2345:respawn:/sbin/mingetty tty5
6:2345:respawn:/sbin/mingetty tty6
The first field says that this is the line for /dev/tty1. The second field says that it applies to run levels 2, 3, 4, and 5. The third field means that the command should be run again, after it exits (so that one can log in, log out, and then log in again). The last field is the command that runs mingetty on the first virtual terminal.

The above series of lines also use the "respawn" option to keep six mingetty processes running on the system. If someone tries to kill one of these processes as root, the process will simply be respawned. Only critical processes are set up in this way to keep them safe from anything else happening on the system.

If you're curious about these processes, check them out on the running system using command

$ ps -ef | grep getty

Now to enable the auto loging for a particular user, edit the /etc/inittab file and identify the terminal on which you want user to have auto login ...
1:12345:respawn:/sbin/mingetty --noclear --autologin username tty1
Reboot the system after making above changes and insure that init has spawned the new version of mingetty, and if all is well, will automatically log you on to the console.
Read more

Lightweight Monitoring Tool for Servers and Embedded System - Monitorix

Monitorix is a free, open source, lightweight system monitoring tool designed to monitorize as many services as possible. At this time it monitors from the CPU load and temperatures to the users using the system. Network devices activity, network services demand and even the devices' interrupt activity are also monitored, and more.

The current status of any corporate server with Monitorix installed can be accessed via a web browser.
Monitorix has been designed to be used under production UNIX/Linux servers, but due its simplicity and small size you may also use it to monitor embedded devices.

Monitorix is under GPLv2 licensing and available for download on the project homepage as source code and in numerous packages. Rpm based system (RedHat / Fedora / Centos / Opensuse) can install Monitorix using command:
rpm -ivh monitorix-1.4.2-1.noarch.rpm
Configuration of Monitorix:
Before starting the monitorix daemon, be sure to adjust the /etc/monitorix.conf to your liking. For a complete list of options and features, see the man page for monitor.conf.

our $TITLE = "Linux Poison";                                 # your company name
our $HOSTNAME = ""; # hostname of this server
our $OSTYPE = "Linux-SuSE";                 # choose your OS type (see below)
our $SAMBAVER = "3";                         # Samba version (2 or 3)
our $MULTIHOST = "N";                 # Enable multihost feature
our $MULTIHOST_FOOTER = "Y";         # (multihost) display URL in image
our $MULTIHOST_IMGPERLINE = "2";         # (multihost) # of images per line
our $REPORT_LANG = "en";                         # Report language
our $THEME_COLOR = "black";                 # Default is "black", none is "white"
our $REFRESH_RATE = "150";                 # Web stats' refresh rate in seconds
our $ENABLE_CROND_MAIL = "Y";         # Error messages are sent by crond

Common settings to tweak here include company name, hostname, and theme color.
Finally you'll be able to start Monitorix with: # service monitorix start

To view your system stats, make sure your webserver is running and browse to [http://localhost/monitorix] to see the data.

Read more

Sending Mail through command line on Linux

Read mail or send mail to other users. The mail utility allows you to compose, send, receive, forward, and reply to mail. mail has two main modes: compose mode, in which you create a message, and command mode, in which you manage your mail.

While mail is a powerful utility, it can be tricky for a novice user. It is most commonly seen nowadays in scripts. Most Linux distributions include several utilities that are richer in features and much easier to use: mailers built into browsers such as Mozilla and Firefox, graphical mail programs distributed with GNOME (Evolution) and KDE (Kmail), and the terminal-based, full-screen utilities pine and elm. The GNU Emacs editor can also send and receive mail.

Below is the mail command through with you can send mail to any given user ...

mail -s "System Log"

This command sends a message to the user nikesh, with a subject line of "System Log" and the text of the message read from the system logfile /var/log/messages.

Below are few other command line option that you can use with the mail command ...

-s    Specify subject on command line.
-c    Send carbon copies to list of users.
-b    Send blind carbon copies to list. List should be a comma-separated list of names.
-f    Read in the contents of your mbox for processing; when you quit, mail writes undeleted messages back to this file.
-i    Ignore tty interrupt signals. This is particularly useful when using mail on noisy phone lines.
Read more

Linux Filesystem Benchmark using Blogbench

Blogbench is a portable filesystem benchmark that tries to reproduce the load of a real-world busy file server. It stresses the filesystem with multiple threads performing random reads, writes, and rewrites in order to get a realistic idea of the scalability and the concurrency a system can handle.

It stresses the filesystem with multiple threads performing random reads, writes and rewrites in order to get a realistic idea of the scalability and the concurrency a system can handle.

Download blogbench from here and type the following command to compile and install blogbench

# tar xvzf blogbench-1.1.tar.gz
# cd blogbench-1.1
# ./configure
# make
# make install

Using Blogbench:
The minimal way to run the test is to just give the path to an *empty* and writable directory:
# blogbench -d /path/to/the/directory
Blogbench will start the required threads and the test will run during 5 minutes. A final "score" will then be given as an indication of read and write performance.

Read more

Top like utility to monitor Network - sntop

Simple network top (sntop) is a curses-based console utility in the spirit of top that polls network hosts at a regular interval to determine their connectivity and displays the results in a pretty format. Advanced features are supported, such as automatic HTML generation of results, secure terminal mode, execution of an external file on connectivity changes, a daemon mode, and user/system configure files.

sntop uses fping (ping is supported, too) to determine connectivity of hosts, specified in a config file, on a regular interval. the results are displayed in a top-like format.

Installation and Configuration:
Download sntop from here and type the following command to install sntop

# tar xvzf sntop-x.y.z.tar.gz
# cd sntop-x.y.z
# ./configure
# make
# make install

you should now edit the system conf file (or remove it), which is by default in /etc:
$ vi /etc/sntoprc

Each user can use their own config file, look at the man pages to figure out how to add servers to the configuration file.
$ cp /etc/sntoprc ~/.sntoprc
$ vi ~/.sntoprc

sntop is placed in /usr/local/bin by default

Read more

Linux Announcement from Linus Torvalds .... 1991

This is always fun to read, even it it’s old news, Here’s the very first Linux announcement:

From: torvalds@klaava.Helsinki.FI (Linus Benedict Torvalds)
Newsgroups: comp.os.minix
Subject: What would you like to see most in minix?
Summary: small poll for my new operating system
Message-ID: <1991Aug25.205708.9541@klaava.Helsinki.FI>
Date: 25 Aug 91 20:57:08 GMT
Organization: University of Helsinki

Hello everybody out there using minix -

I’m doing a (free) operating system (just a hobby, won’t be big and
professional like gnu) for 386(486) AT clones. This has been brewing
since april, and is starting to get ready. I’d like any feedback on
things people like/dislike in minix, as my OS resembles it somewhat
(same physical layout of the file-system (due to practical reasons)
among other things).

I’ve currently ported bash(1.08) and gcc(1.40), and things seem to work.
This implies that I’ll get something practical within a few months, and
I’d like to know what features most people would want. Any suggestions
are welcome, but I won’t promise I’ll implement them :-)

Linus (

PS. Yes – it’s free of any minix code, and it has a multi-threaded fs.
It is NOT protable (uses 386 task switching etc), and it probably never
will support anything other than AT-harddisks, as that’s all I have :-(.
Read more

Disk Information Utility - di

di is a disk information utility, displaying everything that df does and more. It features the ability to display your disk usage in whatever format you desire/prefer/are used to. It is designed to be highly portable across many platforms.

di Displays usage information on mounted filesystems.  Block values are reported in a human readable format.  If the user or group has a disk quota, the values reported are adjusted according the quotas that apply to the user.
If file is specified, the usage information for the partition on  which file is located is printed.

Debian / Ubuntu Linux:

Read more

Gentoo lost and Fedora is losing to OpenSuSe

If Linux distributions were stocks and you an investor you wish you’d have invested in OpenSuSe at least according to Google Insights.

Read more

Get all the required Process Information and Statistics - Psinfo

Psinfo shows process information and statistics using the kernel /proc interface.
This information includes:
 Process state, environment, arguments and flags
 CPU usage
 I/O usage
 Virtual memory status

psinfo is useful for providing a detailed view of the current state of an application when diagnosing issues or performance problems.

psinfo requires Linux kernel 2.6.0 or greater.
Download psinfo from here and compile and install it using following command:

# make
# make install

psinfo can be run as an orindary user but certain features (environment, executable, current working directory and root directory) require root rights and are marked n/a in output otherwise.

Read more
Related Posts with Thumbnails