Oh yeah, I had a blog…

I just remembered that I had a blog… 😛 It`s been more than 2 months that I didn`t write here anything. There is a reason for that : ) I just didn`t feel like writing something.

So what happened in these 2 months? Not so much. The two major updates are: I got a new motorcycle and I switched at home from Gentoo to Ubuntu

I think I will prepare two major threads for the two major changes I mentioned above. Why and how. However, it`s not gonna happen now. 😛 I`m just too lazy for this.

Anyway, it looks like I will start to update my blog more often, so bear with me if you are still around. 

Funny Bruce Schneier facts.

I just saw these, they made me laugh a lot : )

“Bruce Schneier is not balding, you just can`t see the encrypted portions of his hair.”

“Once Bruce Schneier was kidnapped and taken out of the country. His
kidnappers got picked up and charged with a violation of US
cryptography export laws.”

“Bruce Schneier doesn`t need a radio. He can just listens to `cat
/dev/random >/dev/audio` to find out what`s going on anywhere in the
world.”

“Bruce Schneier is a proof that one way functions do not exist.”

“There are no prime numbers, just numbers Bruce Schneier hasn`t bothered to factor yet.”

“Bruce Schneier`s secure handshake is so strong, you won`t be able to exchange keys with anyone else for days.”

and the classic: “Bruce Schneier knows Alice and Bob`s shared secret.”

openwrt on Linksys WRT54G v2.0

For a looong time I had a WRT54G. For those who don`t know, this is a Linksys router with a linux based firmware. And the folks in Linksys were nice enough to give the source code for the firmware (not like some other vendors!) and the community came up with two major alternatives: openwrt and dd-wrt.

I played with openwrt so I won`t cover dd-wrt. Maybe another blog entry… 😛

Instead of describing stuff, I prepared my installation and configuration notes as a bash command line utility, so that next time I install the openwrt, I can copy paste my stuff to a shell and customize it the same way.

Some of the things will not work for you if you copy paste it, because I deleted some private stuff. ; )

Openwrt imports your Linksys configurations from the original linksys firmware installation. That is automatic, so it`s not covered here! Rest of the things are below.

# Documentation: http://wiki.openwrt.org/

# Installation:
# Downloaded newest whiterussian version from: http://downloads.openwrt.org/whiterussian/newest/default/
# Filename: openwrt-wrt54g-squashfs.bin
# Pushed from the web interface of Linksys default router firmware.

# Changed the root password for the first telnet connection.

passwd

# rebooted, once it reboots it disables the telnet and enables the ssh.
But for some reason the telnet was still there (did not enable to
login) I had to go and disable from /etc/init.d/

mv /etc/init.d/S50telnet /etc/init.d/s50telnet

# It ported every config that I had. Except the wireless LAN didnot work.
# I had to install: nas – 3.90.37-17 – Proprietary Broadcom WPA Authenticator/Supplicant

ipkg install nas

# I wanted to log my routers activity remotely. So I configured syslog
to log it remotely. Of course, I first set up remote logging on my
central log server. (not covered here)
# Change the IP 1.2.3.4 to your remote logging IP

nvram set log_ipaddr=1.2.3.4
nvram commit

# Default iptables rules do not allow to LOG the traffic. So I needed
to install the module for that: iptables-mod-extra – 1.3.3-2 – Other
extra Iptables (IPv4) extensions

ipkg install iptables-mod-extra

# I really didn`t like the idea that the web config was running plain text on port 80, So I disabled it.

mv /etc/init.d/S50httpd /etc/init.d/s50httpd

# I configured some firewall rules in /etc/firewall.user

### copy start ###
echo ” — Go configure your own firewall! —”

### copy end ###

# The date of the box was couple of thousand hours late, so I needed an
ntp client. I installed: ntpclient – 2003_194-2 – NTP client for
setting system time from NTP servers.
# And configured to run at the boot.


ipkg install ntpclient
######## copy start #######
cat > /etc/init.d/S60ntpclient <
#!/bin/sh
/usr/sbin/ntpclient -c 1 -s -h pool.ntp.org &
EOF
######## copy end #######

Sharing Free software and some rtorrent

So as we all know, we now have a “Turkish National Operating System” called Pardus. (in turkish) It`s a Linux distribution not based on any other previous distribution, and with installer, config engine, package management, etc… mainly written by the developers of the Pardus project.

It has a very good turkish language support. It can be installed very quickly and easily on most of the systems. Overall it gives a good working environment for most turkish speaking computer literate person.

I like the project. I like the idea that something “popular” is at last developed by my fellow citizens. I even like the idea that the project is funded by my government. (This is very criticized, but I like it) For the year 2006 the project got a lot of attention nationwide and worldwide. The iso image of the distribution`s 2007 release has been downloaded more than 80.000 times in one month according to one of the developers. (Link is in turkish but believe me ; ) )

The bandwidth of the developing countries is always a major problem. So I decided to share some of my bandwidth with Pardus and some few other distros that I like by putting their torrents online. Especially when I`m not at home, I feel that my bandwidth is wasted by not being used. So I decided to setup on of my headless machines as a torrent client.

Since no gui was the major requirement, I wanted to go with rtorrent. This is a ncurses based torrent client and library. (LibTorrent is a BitTorrent library written in C++ for *nix, with a
focus on high performance and good code. The library differentiates
itself from other implementations by transfering directly from file
pages to the network stack. On high-bandwidth connections it is able to
seed at 3 times the speed of the official client.)

Since this would run on the network 24/7 I had some bandwidth concerns. Especially for the weekdays, I didn`t want rtorrent to use all my bandwidth and leave my main internet activity sluggish. So I came up with a timeline of my habits.

Mainly I wake up, get ready to go to work, and browse some morning mail, news, weather between 8-10 am. Then I come back home, eat, browse web, play WoW, download stupid youtube videos, etc… then go to sleep; between 5pm and 1am. (OK OK sometimes 3am 😛 )

Fortunately rtorrent has a great scheduler. Al I had to do for this is to create a .rtorrent.rc file under my home directory and add these lines in it.

schedule = Gece_limitsiz,01:00:00,24:00:00,upload_rate=37
schedule = Sabah_limitli,08:00:00,24:00:00,upload_rate=5
schedule = Sabah_limitsiz,10:00:00,24:00:00,upload_rate=37
schedule = Gunduz_limitli,16:00:00,24:00:00,upload_rate=5

Each line above creates a schedule. Let`s go by example:

schedule = Gece_limitsiz,01:00:00,24:00:00,upload_rate=37

This means create a schedule named: Gece_limitsiz (meaning Night_unlimited in turkish) which will trigger at 1 am and will sleep for 24 hours and each time it runs it will limit the upload to 37 K/s. Pretty straightforward right? : ) So next, is the one that triggers ar 8 am, and limits my upload to 5 K/s, and so on…

You can do many tricks with schedule command. Here is another good use of it. This trick is from the default rtorrent config file.

schedule = watch_directory,5,5,load_start=/home/someuser/torrent/watch/*.torrent

This one will schedule the trigger that looks for a torrent file in the directory specified (in our case: /home/someuser/torrent/watch and every file that ends with .torrent) every 5 secs. All you have to do, id to drop your torrent file to this directory each time you wanted to share/download a new torrent.

port_range = 17000-17050

This time we want to specify whic ports will our torrent client will run on. I chose 17000-17050 since this whole range was not used by any application on my rtorrent box. (Don`t forget to forward your ports to this box if you have a firewall or masquerading device in front of you!) (Note: bittorrent clients usually require one port for each torrent that you are sharing.)

Some other nice features are, being able to create symbolic links for the state of the downloads, Stop sharing a torrent after certain ratio, and many more. And the latest version adds the encryption that everybody was waiting for some time ; )

Overall, I really liked rtorrent. It`s fast, small, stable, extensible, requires minimum interaction, and does its job really well!

This how much Washington`s Metro system sucks…

Yet another example. I came yesterday from Turkey, I landed on Dulles Airport, I took the Washington Flyer Coach to West Falls Church metro station. I took the Orange line and I got off at the Rosslyn station to switch to Blue Line.

It`s around 5pm. It`s considered “rush hour” and we are charged more for that… And all we want is service from WMATA for that money. Nothing else…

18 minutes… I waited 18 minutes for a freaking fucking Blue line. We had, 3 Orange line trains, 1 NO PASSENGER train (meaning empty), and at the end of the 18th minute, the blue line arrives… The train has only 4 cars! It`s packed. There is NO WAY anyone can get in or out! Keep in mind that, I`ve been traveling since 5 am GMT+2…

I looked at the next 3 trains. 2 Orange and a blue line in the next 11 minutes… I said Fuck it, I`m taking a cab… Not worth waiting 30 mins for a blue line in a heavily urine smelling metro station!

That`s why I`m riding to work instead of taking the most stupid metro in the world. Rain or Shine… 

Sunumum şekilleniyor.

Bilgi`de vereceğim sunum yavaş yavaş şekillenmeye başladı.

Sunumumun konusunu Büyük Şirketler, Güvenlik ve Özgür Yazılım olarak belirledim.
Bize ayrılan 1 saatin ilk 30 dakikasında Kıvılcım özgür yazılımlarla güvenlik konusunu işleyecek. İkinci yarıda da bir 30 dakika büyük şirketlerin özgür yazılıma bakışları, özgür yazılımlarla ticari yazılımların büyük şirketlerde nasıl ortak yaşadıklarını, güvenlik dalından örneklerle anlatmaya çalışacağım.

Sunumun şu anki outline`ı ise aşağıdaki gibi gözüküyor:

  • Büyük Şirket tanımı
  • Büyük Şirketlerin gereksinimleri, yazılımlardan beklentileri.
  • Büyük Şirketlerdeki güvenlik sorunları
  • Serbest yazılım ve güvenlik
  • Örnekler
  • Sorular / Cevaplar


Asıl eğlence ise sanırım workshoplar olacak. 3/4 Mart Cumartesi/Pazar günleri saat 13:30 – 17:00 arasi iki workshopımız olacak. Bu çalışmalar ile ilgili herhangi bir hazırlık henüz yapmadım. Daha çok ilgilenenlerden gelen isteklere göre yön vermeye çalışacağız.

Ayrıca belki bir süprizimiz olacak. Onunla ilgili çalışmalarımız devam ediyor ; ) Yakında bir açıklama yapabilirim!

(English speakers: This is about the presentation and the workshop that I`m going to give in Turkey, since the presentation will be in turkish… ; ) )

I`m going to Turkey!

I`m heading to Turkey next week. I`ll be giving a presentation on Free Software and Information Security, and a workshop on Saturday and Sunday on the same topic.

The workshop will be a more hands on stuff, and the presentation on more security concepts and achieving your security goal using free software.

Anyway, it`s always nice to go back home! Woot!