Archive for Linux

openoffice and word docs on nfs shares

Having solved the issue of mounting novell volumes using ncpmount, the next hurdle I face is the annoying bug that openoffice does not allow you to update word docs if you have file locking set to auto.
You can set file locking to no which means that other users can also open that same file on that share. This is not a desirable outcome. Openoffice are aware of this but do not seem to be addressing the issue.
Having built a new kernel from scratch I can confirm that it seems to be an application issue. With this in mind I have decided to remove my open office apps from my laptop and install staroffice. Hopefully this version will not have the same problem.

ncpmount use gutsy proposed instead of feisty fawn

A colleague pointed out the following solution for ncpmount.
Instead of using feisty configure synapatic to use gutsy proposed (packages that haven’t found their way into the distribution i.e well tested beta, with a new april release they will appear in 8.04) and gutsy backport (latest versions that are not being proposed to appear in gutsy but will appear in 8.04)
Open Synaptics Package Manager
Click Settings – Repositories
Click the Updates Tab
Check/enable the pre-released (gutsy proposed)
Check/enable Unsupported-updates(gutsy-backports)
Even though this is beta s/w it is far more desirable solution than using the feisty fawn repositories as you are getting later versions rather than older versions which reduces your security risk/exposure.
A big thank you to Eugene for this tip.

A solution for ncpmount errors using Ubuntu gutsy

If you use ncpmount to mount novell servers you may have noticed that it does not work with ubuntu 7.10 (gutsy).
Ncpfs 2.2.6.4 that ships with gutsy is the problem as it causes an invalid server response message to be generated by the Novell server. The solution is to force the version to 2.2.6.3 which ships with feisty.
You need to add feisty repositories to source.lst and run apt-get update twice
repositories to add
deb http://ie.archive.ubuntu.com/ubuntu/ feisty universe
deb-src http://ie.archive.ubuntu.com/ubuntu/ feisty universe
deb http://ie.archive.ubuntu.com/ubuntu/ feisty-updates universe
deb-src http://ie.archive.ubuntu.com/ubuntu/ feisty-updates universe
you then need to load synaptic package manager search for ncpfs and force the version to 2.2.6.3. I would also recommend that you lock this version so it can’t be updated

Securing an embedded Linux platform

Hadi Nahari and Jim Ready have written an excellent article which outlines an approach for securing an embedded Linux platform. It came as a surpise to learn that 70% of new semiconductor devices are Linux-enabled; this high growth rate is accompanied by inevitable security risks, hence the requirement for hardware-based trusted and secure computing environments. Their article offers practical guidelines.
Employ a secure flavor of Linux

Bad news for SCO – Novell is the owner of Unix and Unixware copyright.

Some good news for a change on the SCO debacle regarding their claim that they own the Unix copyright and therefore parts of Linux.
A judge in the U.S. has found that Novell is the owner of the Unix and UnixWare copyrights. He also dismissed SCO’s charges of slander and breach of contract. The judge also ruled that SCO owes Novell for SCO’s licensing revenue from Sun and Microsoft.
Network World Article

IPv6 Tabloid Headlines

I am used to reading tabloid headlines about security and the internet. IPv6 has now become the latest victim to this particular type of sensationalist journalism. The Register reports on a potential flaw in IPv6 which if we are to believe could mean the end of the world.
IPv6 supports an extension header concept called the Type 0 Routing Header (RH0), which allows computers to tell IPv6 routers to send data by a specific route. My 3rd year datacomms students would tell you that this is known as strict source routing it is also supported in IPv4 in the TOS field of the header.
So what’s the fuss about? Well during a presentation at the CanSecWest conference on 18 April, researchers Philippe Biondi and Arnaud Ebalard pointed out that RH0 support allows attackers to amplify denial-of-service attacks on IPv6 infrastructure by a factor of at least 80.
“In rough terms, it makes everything we thought was bad, a thousand times worse,” Paul Vixie, president of the Internet Systems Consortium, said in an email interview with SecurityFocus. “It can be exploited by any greedy Estonian teenager with a $300 Linux machine.”
Now this is bad piece of PR on several fronts, a basic networking property is being hyped and Estonia is being bashed.
Could a greedy capitalistic American Kid attempt this?
Is Paul Vixie stating that only the Estonians have the ability to use IPv6?
Well I have news for you Paul, you better add Irish graduates to your list of potential list of IPv6 network hackers as they know how it functions.

Carrier Grade Linux gathering momentum

TIPPINST – A number of companies are starting to ship Carrier Grade versions of their realtime operating systems, the latest to do is FSMlabs who have registered their version with the ODSL. AS the name implies Carrier Grade Linux specifications adhere to the characteristics required by carrier-grade applications. Carrier Grade Linux complies to recognized standards such as the Linux Standard Base. The effort is aligned with existing forums and communities such as the Service Availability Forum.
Eventhough companies are adhering to a common standard they are going to great lengths to differeniate their products from a performance point of view
Until now carrier grade linux has focussed on the control plane and left companies such as Windriver to handle the data plane.
Control plane traffic is typically queued in multiple priority queues since it is not processed “on the fly” like data plane traffic. Examples of control plane include
•Protection against DoS attacks at infrastructure routers and switches
•QoS control for packets that are destined to the control plane of routers or switches
Hemant Trivedi at Commsdesign believes that integration of the control and data plane is essential if 10Gbs plus speeds are to be achieved. FSMlabs agree with Hermant and have this objective firmly in mind.
Network processors in the future will also have to achieve both control and data plane handling, this requires high speed low jitter solutions.

Microsoft to support Linux

TIPPINST-Microsoft are bowing to the inevitable and will be supporting linux using their virtual server product. The have also been working quiet closing with Sun so as to support their solaris product.
Link

Skype base station – the next killer broadband product

TIPPINST – Now that it looks like that Upperchurch will soon have broadband, my focus has turned towards how skype VOIP can be integrated into the average household with the minimum fuss.
To my surprise the product I need is not yet available. A number of companies have developed skype/analog phones or gateways with usb connectors so as to use skype. The bottom line however is that you must have your gateway connected to a pc running skype. This is not very practical. What is needed is a wireless product that does the following:
Base station communicates using wirless to your broadband router. The base station would have a linux micro kernel with skype preloaded.
The Base station should also have a analog phone line input.
The handset would be cordless and the user can select either to use analog or skype. Siemens have a handset in test development that already does this the Giga handset M34. You still require a pc however.
This simple product would have a siginficant impact on your phone bill. This would be an interesting project for some one out there.

SimpleScalar – An Open Source Simulator for Academics

I am currently experimenting with SimpleScalar which I why I have been updating my site for the past few days.
SimpleScalar can emulate the Alpha, PISA, ARM, and x86 instruction sets. The tool set includes a machine definition infrastructure that permits most architectural details to be separated from simulator implementations. All of the simulators distributed with the current release of SimpleScalar can run programs from any of the above listed instruction sets. Complex instruction set emulation (e.g., x86) can be implemented with or without microcode, making the SimpleScalar tools particularly useful for modeling CISC instruction sets.
SimpleScalar was created by Todd Austin. Development began while he was a Ph.D. student at the University of Wisconsin in Madison. Early versions of the tool set included contributions by Doug Burger and Guri Sohi. Today, SimpleScalar is developed and supported by SimpleScalar LLC.
According to Bill Yuricks website on Computer Architecture web sites
“in 2000 more than one third of all papers published in top computer architecture conferences used the SimpleScalar tools to evaluate their designs”
It was this comment that prompted me to have a look at the tool.
SimpleScalar LLC distribute their software under an open source model, trusting that the users will license the software that they use. The software is free for academic and research use.
The tool set is distributed with all source code, making it possible for users extend SimpleScalar, and to adapt existing models to their own ideas.
SimpleScalar Tool Set