4/04/2013

CentOS 6.4 VirtualBox VM won't boot up after doing an update/upgrade!!!

Often times, I employ a CentOS VirtualBox virtual machine (VM) as a development, testing and staging environment, I love the flexibility of virtual environments for testing and development work before moving my work to production environments.

Recently I ran a yum update and yum upgrade on a CentOS 6.4 VM and subsequently rebooted it, only to be greeted by a blank screen following bootup. A quick search of virtual TTY terminals yielded a login prompt.

Search of the usual logs (/var/log/messages and /var/log/dmesg) did not yield anything useful, however, the /var/log/Xorg.0.log displayed some interesting messages. Of particular interest were;

"... (EE) Failed to load module "vboxvideo" (module requirement mismatch, 0)"
... (EE) No drivers available."
Fatal server error:"
... no screens found"

A bit of Google revealed "http://www.centos.org/modules/newbb/print.php?form=1&topic_id=41799&forum=55&order=ASC&start=0" So I followed suit and backed up the /etc/X11/xorg.conf file and rebooted :) All is well...
2 comments:
Labels: , , , , , , ,

3/28/2013

Snort 2.9 on CentOS 6.3 (continued) with Barnyard2

This is a continuation of the post on installing Snort 2.9 on CentOS 6.4 (http://nkush.blogspot.com.au/2013/03/snort-29-on-centos-63.html). This post installs Barnyard2 on the host.

Barnyard is an output system for Snort. If effectively allows better snort performance by enabling Snort to produce binary output which is then processed by Barnyard.

Barnyard processes the binary Snort output files (unified2 binary) and stores the processed data into a database back-end, for example MySQL. The advantage of using Barnyard instead of the database output from Snort is that Barnyard is able to "cache" the data in case the database is unavailable.

Barnyard is able to be executed in three modes, this example employs the continual mode with bookmarking. A bookmark (waldo) file is employed to keep track of the progress of Barnyard processing. In case of Barnyard failure, it can resume where it left off based on the bookmark file.

Installation:

  1. Install and configure MySQL
    1. yum -y install mysql mysql-server mysql-devel mysql-bench
    2. service mysqld start
    3. /usr/bin/mysql_secure_installation
  2. Download and install Barnyard2 from http://securixlive.com/barnyard2/download.php
    1. wget http://securixlive.com/download/barnyard2/barnyard2-1.9.tar.gz
    2. tar zxvf barnyard2-1.9.tar.gz
    3. cd barnyard2-1.9
    4. ./configure --with-mysql --with-mysql-libraries=/usr/lib64/mysql/
    5. make
    6. make install
  3. Configure Barnyard to process Snort output
    1. Change Snort config to output to the unified file format
      1. output unified2: filename merged.log, limit 128, mpls_event_types, vlan_event_types
    2. Change the Barnyard config (/usr/local/etc/barnyard2.conf)
      1. config logdir: /var/log/barnyard2
      2. config hostname:    localhost
      3. config interface:    ethX
      4. config daemon
      5. config set_gid:nnnn
      6. config set_uid:nnnn
      7. config show_year
      8. config umask: 066
      9. config waldo_file: /var/log/snort/barnyard2.waldo
      10. input unified2
      11. output database: log, mysql, user=snort password=password dbname=barnyard2 host=localhost
  4. Create the MySQL database for Barnyard
    1. mysqladmin -u root -p create barnyard2
    2. mysql -u root -p -D barnyard2 < ./schemas/create_mysql
  5. Grant privileges to database
    1. mysql -u root -p
    2. GRANT ALL PRIVILEGES ON barnyard2.* TO snort@localhost WITH GRANT OPTION;
    3. SET PASSWORD FOR snort@localhost=PASSWORD('password');
  6. Prepare Barnyard2
    1. touch /var/log/snort/barnyard2.waldo
    2. chown -R snort:snort /var/log/snort
  7. Run Barnyard then Snort
    1. barnyard2 -c /usr/local/etc/barnyard2.conf -d /var/log/snort/ -w /var/log/snort/barnyard2.waldo -f merged.log -u snort -g snort -D
    2. snort -c /etc/snort/snort.conf -i eth4 -u snort -g snort -D

If all goes well then you should see events being logged into your event table in the barnyard2 database.

Errors:
  1. ERROR: unable to find mysqlclient library (libmysqlclient.*)
    1. ./configure --with-mysql-libraries=/usr/lib64/mysql/
  2. ERROR: Unable to open directory '' (No such
     file or directory)
    ERROR: Unable to find the next spool file!
    1.  Ensure that the waldo file is specified (by the -w option included as a command line argument or in the config file)
  3. WARNING: Can't extract timestamp extension from 'alert'using base ''
    1. Ensure that the unified2 file is specified (by the -f option included as a command line argument or in the config file)
  4. FATAL ERROR: Absdir is not a subset of the logdir
    1.  Ensure that the logdir is configured in the Barnyard configuration file
  5. FATAL ERROR: database: mysql_error: Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (2)
    1. Ensure that the MySQL service/daemon is running
4 comments:
Labels: , , , , , , ,

3/16/2013

Snort 2.9 on CentOS 6.3

Snort is a signature based network intrusion detection system (NIDS) which has become a defacto standard for NIDS. In addition to being used as a NIDS, Snort may also be used as a simple network traffic packet sniffer or logger.

A number of Snort dynamic preprocessors are available which enables the development of rules to attack detection.

Snort is an open source product and available for most popular network operating systems. Snort rules are also available commercially from Sourcefire.

The following instruction detail the installation of Snort 2.9.4 on a CentOS 6.3 64bit host. The installation instructions include the installation of Snort rules available to registered Snort users, as well as third party rules available from EmergingThreats.

Installation:
  1. Install dependencies
    1. yum -y update 
    2. yum -y install gcc flex bison wget make
    3. yum -y install zlib zlib-devel
    4. yum -y install libpcap libpcap-devel
    5. yum -y install pcre pcre-devel
    6. rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm #(or rpm -Uvh http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm for 32 bit machines) 
    7. yum -y update
    8. yum -y install libdnet libdnet-devel
  2. Download and install DAQ
    1. cd /root/
    2. wget http://www.snort.org/downloads/2216 -O daq-2.0.0.tar.gz
    3. tar zxvf daq-2.0.0.tar.gz
    4. cd daq-2.0.0
    5. ./configure
    6. make
    7. make install
  3. Download and install Snort
    1. wget http://www.snort.org/downloads/2225 -O snort-2.9.4.1.tar.gz
    2. tar zxvf snort-2.9.4.1.tar.gz
    3. cd snort-2.9.4.1
    4. ./configure --enable-sourcefire
    5. make
    6. make install
  4. Download and install Snort Rules
    1. mkdir -p /etc/snort/rules
    2. mkdir -p /var/log/snort 
    3. cd /etc/snort
    4. Manually download the rules file to /etc/snort/ (You need to be signed in to get the registered user rules). In this case it was snortrules-snapshot-2940.tar.gz
    5. tar zxvf snortrules-snapshot-2940.tar.gz
    6. mv ./etc/* /etc/snort/
    7. rmdir /etc/snort/etc
  5. OPTIONAL: Download and install Emerging Threats rules
    1. wget http://rules.emergingthreats.net/open/snort-2.9.0/emerging.rules.tar.gz -O emerging.rules.tar.gz
    2. tar zxvf emerging.rules.tar.gz
  6. Create Snort accounts
    1. groupadd snort
    2. useradd snort -g snort -d /var/log/snort -s /sbin/nologin -m
    3. chown -R snort:snort /etc/snort
    4. chown -R snort:snort /var/log/snort 
  7. Edit the Snort configuration file
    1. vi /etc/snort/snort.conf
      1. ipvar HOME_NET x.x.x.x/x/
      2. ipvar EXTERNAL_NET !$HOME_NET
      3. var RULE_PATH rules
      4. var SO_RULE_PATH so_rules
      5. var PREPROC_RULE_PATH preproc_rules
      6. var WHITE_LIST_PATH rules
      7. var BLACK_LIST_PATH rules 
      8. OPTIONAL: include $RULES_PATH/emerging.conf
  8. Test the Snort installation
    1. snort -u snort -g snort -c /etc/snort/snort.conf -T
    2. If all goes well you should see this
Snort successfully validated the configuration!
Snort exiting

I plan to have a subsequent blog post to record instructions for installing and configuring barnyard, oinkmaster and BASE. Instructions in a previous post using an older version of Snort and CentOS can be found at http://nkush.blogspot.com.au/2011/10/installing-snort-2912-on-centos-57.html

References
  1. http://fedoraproject.org/wiki/EPEL
  2. http://snort.org/docs
  3. http://nkush.blogspot.com.au/2011/10/installing-snort-2912-on-centos-57.html
Common Errors:
  1. ERROR: /etc/snort/snort.conf(253) Could not stat dynamic module path "/usr/local/lib/snort_dynamicrules": No such file or directory.
    1. mkdir -p /usr/local/lib/snort_dynamicrules
  2. ERROR: /etc/snort/snort.conf(511) => Unable to open address file /etc/snort/rules/white_list.rules, Error: No such file or directory
    1.  touch /etc/snort/rules/white_list.rules
  3. ERROR: /etc/snort/snort.conf(511) => Unable to open address file /etc/snort/rules/black_list.rules, Error: No such file or directory
    1. touch /etc/snort/rules/black_list.rules

4 comments:

3/03/2013

Installing and Configuring OpenVPN 2.3 on Microsoft Windows Small Business Server 2003

My previous posts (http://nkush.blogspot.com.au/2012/08/installing-openvpn-22-on-centos-63-64bit.html and http://nkush.blogspot.com.au/2011/10/installing-openvpn-22-on-centos-57.html) have been on installing OpenVPN on Linux.

This post is slightly different as it installs and configures OpenVPN on a Microsoft Windows Small Business Server (SBS). The SBS installation is also different from the previous write-ups since this configuration uses Ethernet bridging instead of tunneling.

Although SBS comes with Layer2 Tunneling Protocol (L2TP) and Point-to-point Tunelling Protocol (PPTP) for Virtual Private Network (VPN), some users may want to use an Secure Sockets Layer (SSL) based VPN such as OpenVPN. The default installation location, i.e. C:\Program Files\OpenVPN\ is used in the instructions below

Installation:
  1. Before downloading and installing OpenVPN, the server needs to have IP forwarding enabled. This is trivial in *nix based systems, but requires a hack in the Windows registry. Edit the parameters and set IPEnableRouter to 1
    1. HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\IPEnableRouter
    2. Reboot the server to ensure the changes made above take effect
  2. Download and install the OpenVPN application[1] from http://openvpn.net/index.php/open-source/downloads.html
  3. Open a command prompt and change to the default installation directory
    1. Start> Run> cmd
    2. cd C:\Program Files\OpenVPN
  4. Ensure that the path C:\Program Files\OpenVPN\bin\ is added to the system environment PATH
    1. set PATH=%PATH%;C:\Program Files\OpenVPN\bin\
  5. Copy the file C:\Program Files\OpenVPN\easy-rsa\vars.bat.sample to C:\Program Files\OpenVPN\easy-rsa\vars.bat
    1. cd C:\Program Files\OpenVPN\easy-rsa\
    2. copy vars.bat.sample vars.bat OR run the init-config.bat script
  6. Edit the file (edit) and change the following
    1. Since key lengths less than 2048 are not recommended[2], change the key size to be 4096
      1. set KEY_SIZE=4096
    2. Configure the following
      1. KEY_COUNTRY
      2. KEY_PROVINCE
      3. KEY_CITY
      4. KEY_ORG
      5. KEY_EMAIL
      6. KEY_CN
      7. KEY_NAME
      8. KEY_OU
      9. PKCS11_MODULE_PATH
      10. PKCS11_PIN
  7. Setup environment variables by executing the vars.bat script
  8. Initialise the keys directory and empty the keys database and serial number by executing clean-all.bat. WARNING: this will delete any existing keys
  9. Create certificate for the certificate authority (CA), this will generate the certificate signing request, the CA certificate (ca.crt) and CA key (ca.key).
    1. build-ca.bat
  10. Create the Diffie Hellman files. These files are used for the key exchange to ensure the confidentiality over an insecure channel. Based on the length of the key used (KEY_SIZE) it may take a while
    1. build-dh.bat
  11. Create the server certificate and key and commit them
    1. build-key-server.bat <SERVER-NAME>
  12. Create user machine certificates and keys and commit them (one for each user/machine)
    1. build-key.bat <USER-MACHINE>
    2. Note: when generating individual user/machine certificate and keys ensure that the common names are unique and for maintenance reasons, its easier if you match the user/machine and the common name
  13. Copy the server configuration file to the configuration directory
    1. cd C:\Program Files\OpenVPN\sample-config
    2. copy server.ovpn ..\config\
  14. Edit the server config file. You may use the full path of the certificates and keys, or copy them into the same directory as your configuration file.
    1. cd  C:\Program Files\OpenVPN\config
    2. edit server.ovpn
      1. port 1194
      2. proto udp
      3. dev tap
      4. dev-node MyTap
      6. ca ca.crt
      7. cert <SERVER-NAME>.crt
      8. key <SERVER-NAME>.key
      9. dh dh<KEY_SIZE>.pem
      10. ifconfig-pool-persist ipp.txt
      11. server-bridge 10.8.0.4 255.255.255.0 10.8.0.50 10.8.0.100
      12. push "route <LAN-NETWORK> <LAN-NETMASK>"
      13. keepalive 10 120
      14. comp-lzo
      15. max-clients 5
      16. status openvpn-status.log
      17. log-append  openvpn.log
      18. verb 3
      19. mute 5
  15. Change the TAP adapter 
    1. Rename to suit the configured name above, in the case of this example "MyTap"
    2. Set a static IPv4 address of 10.8.0.4 (or whatever is specified in 14.11 in the server-bridge setting
  16. Start the OpenVPN service and check the logs for any errors
Routing changes:
  1. You may also need to make routing changes. Depending on your router the settings may differ, but the basic requirement is to add a static route to the VPN tunnel network, i.e. 10.8.0.0/24 to the OpenVPN server.
  2. If the server does not have a WAN IP address and is located behind a router performing NAT, then port forwarding rules should be implemeneted to port formward traffic on UDP port 1194 to the VPN server.
Client Configuration:

  1. client
  2. dev tap
  3. proto udp
  4. remote <SERVER-WAN> 1194
  5. resolv-retry infinite
  6. nobind
  7. persist-key
  8. persist-tun
  9. ca ca.crt
  10. cert <USER-MACHINE>.crt
  11. key <USER-MACHINE>.key
  12. comp-lzo
  13. verb 3
  14. route-method exe
  15. route-delay 5
Note: SBS running as the Domain Controller (DC) only allows Terminal Services to run in Administration mode, i.e. only two concurrent Remote Desktop Protocol (RDP) sessions, and one local console session. It does not run in Application mode, which allows additional licenses to be installed

References:
  1. http://openvpn.net/index.php/open-source/downloads.html
  2. http://csrc.nist.gov/publications/nistpubs/800-131A/sp800-131A.pdf
1 comment:
Labels: , , , , , ,

10/22/2012

! LaTeX Error: File `algorithm2e.sty' not found.

During yet another LaTeX project on my MacBook, I added some algorithms to my paper. After checking a couple of examples online, and discussing with a colleage I decided to go with algorithm2e over others such as algorithm, algorithmic, algorithmicx, program and pseudocode[1].

However I got the following error "! LaTeX Error: File `algorithm2e.sty' not found." Since I am using macport, to resolve this I needed to install the texlive-science package by executing sudo port install texlive-science, and all was good again.

References:

  1. http://en.wikibooks.org/wiki/LaTeX/Algorithms_and_Pseudocode
1 comment:
Labels: , , , , , , , , ,

8/17/2012

Using QUT Secure Access Service (SAS) on Ubuntu

QUT SAS allows QUT students and staff remote access to QUT resources securely. Unix and Unix-like operating systems such as Linux are not supported. The instruction on the QUT ITServices are pretty clear [1]. But I have duplicated some of it here for my reference. I tested the configuration on Ubuntu.

Install VPNC
    1. sudo apt-get install vpnc
Download or create the configuration file
The configuration file can be specified on the command line when executing vpnc, or /etc/vpnc/default.conf and /etc/vpnc.conf will be used. If you only using a single VPNC connection, then save the configuration file as /etc/vpnc.conf
Sample configuration file /etc/vpnc.conf. A sample configuration file is provided below. If you do not have a configuration and simple execute vpnc, you can still establish a connection by supplying the correct input at the prompts.
    1. https://secure.qut.edu.au/itservices/qut/qutservices/qutnetwork/qutsas/off-campus.conf
    2. Edit the configuration file to suit your credentials
Connecting and disconnection
Connecting is done by executing the vpnc command. You can explicity specify the configuration file to use at the command line. If no configuration files are specified and the default configuration files (/etc/vpnc.conf and /etc/vpnc/default.conf) are unavailable, then the application will prompt for input.
  1. /usr/sbin/vpnc /home/users/kush/qut-sas.conf #(connect)
  2. /usr/sbin/vpnc-disconnect #(disconnect)
Sample configuration file
IPSec gateway sas.qut.edu.au
IPSec ID qut
IPSec secret qutaccess
# student number
Xauth username nXXXXXXX
# password
Xauth password XXXXXXXX

Reference:
  1. https://secure.qut.edu.au/itservices/qut/qutservices/qutnetwork/qutsas/
No comments:

8/10/2012

Connecting to OpenVPN from a Mac using Tunnelblink

To connect to an OpenVPN server you need an appropriate OpenVPN client installed to establish the SSL link. For Apple Mac OS X systems, TunnelBlick (http://code.google.com/p/tunnelblick/) is a good graphical user interface. At the time of this blog the current latest stable version of TunnelBlick available was 3.2.7. These instructions were executed on an Apple iMac running Mac OS X 10.7.4. As with all other posts on this blog, the purpose of this post is not to provide a tutorial, but instead to documents the steps taken, for my own benefit.

Download and install Tunnelblink

  1. Download the latest stable version of TunnelBlick (3.2.7).
  2. Click on the downloaded dmg package file to mount it.
  3. Once the Tunnelblink window is open double-click the Tunnelblink.app icon
  4. A warning may be displayed to indicate that the package may be unsafe as it was downloaded, continue by clicking the "Open" button
  5. Enter the system administrator credentials to start the install
  6. Once installation is completed, the installation succeeded window will be displayed, click the "Quit" button
  7. Close the Tunnelblink window, and eject the dmg package
  8. Start the Tunnelblink GUI by going to Applications and clicking Tunnelblink.app
  9. You should see a Tunnelblink icon up the top
The first time you start the Tunnelblink application
  1. A warning may be displayed to indicate that the package may be unsafe as it was downloaded, continue by clicking "Open" button
  2. When prompted, click on the "I have configuration files" button
Setting up the OpenVPN connection
  1. Then click on "OpenVPN Configuration(s)" button
  2. Select the "Create Tunnelblick VPN Configuration" button to generate a configuration based on your OpenVPN configuration files
  3. Take a note of the instructions in the dialog box and Click the "Done" button
  4. You may be prompted for automatic updates
    1. To prevent your system details (although it is anonymous) from being transmitted, uncheck the "Include anonymous system profile" 
    2. Then click on "Check Automatically" button to enable automatic checking of updates
  5. You should have a directory called "Empty Tunnelblick VPN Configuration" on your desktop
  6. Get the CA certificate (ca.crt), your private key (I used MACHINE.key as an example) and certificate (e.g. MACHINE.crt) and your client configuration file (this may be something like client.ovpn or client.conf). These should be provided by your network administrator.
    1. ca.crt
    2. MACHINE.crt
    3. MACHINE.key
    4. client-config.ovpn
  7. Copy or move the files above into the directory on your desktop
  8. Rename the directory into something meaningful with a .tblk extension, e.g. Office-VPN.tblk
  9. When prompted to add the .tblk extension click on the "Add" button, you should see the directory icon change to a Tunnelblink icon
  10. Double-click the renamed directory to install the configuration
  11. When prompted to continue the installation click the "Only Me" button
  12. Enter the system administrator credentials to complete the install
  13. Once installed, click the "OK button"
Changing DNS settings
  1. Right click on the Tunnelblink icon up the top
  2. Select VPN Details, then select the VPN connection you wish to edit, e.g. "Office-VPN"
  3. Select the "Settings" option on the middle of the window
  4. Change the "Set DNS/WINS" option to suit, e.g. You may want to disable DNS changes to be pushed through from the VPN tunnel, thus to use your existing nameserver configuration select "Do not set nameserver"
Connecting to the VPN

  1. Once Tunnelblink has been installed and the configuration completed
  2. Right click the Tunnelblink icon up the top
  3. You should see the VPN connection, e.g. "Connect Office-VPN", select it to connect

Disconnecting from the VPN

  1. Once the VPN connection has been established and you wish to disconnect
  2. Right click the Tunnelblink icon up the top
  3. You should see the VPN connection, e.g. "Disconnect Office-VPN", select it to disconnect
Here is a sample client configuration file for reference, substitute the SERVER, PORT and MACHINE as appropriate
client
dev tun
proto udp
remote SERVER PORT
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert MACHINE.crt
key MACHINE.key
comp-lzo
verb 3
; the following lines are needed for Windows Vista, 7 and 8 machines, not needed for Windows XP
route-method exe
route-delay 2


References:

  1. http://code.google.com/p/tunnelblick/
No comments:
Labels: , , , , , , ,

8/08/2012

Installing OpenVPN 2.2 on CentOS 6.3 64bit

This post is just an update of a previous post that used CentOS 5.7 and OpenVPN 2.2 (http://nkush.blogspot.com.au/2011/10/installing-openvpn-22-on-centos-57.html). The basic instructions are the same, however this post uses some newer packages which may have been relocated to new URLs. Again this blog and the posts are mostly for my own reference and not intended as step-by-step instuctions for other systems/network administrators

Install RPMForge or RepoForge as it's now known[1]
  1. wget http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm
  2. rpm -ivh rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm
  3. yum update
Install and set-up the OpenVPN Server[2]
  1. yum -y install openvpn 
  2. cd /etc/openvpn/
  3. cp /usr/share/doc/openvpn-*/sample-config-files/server.conf .
  4. mkdir -p /etc/openvpn/easy-rsa/keys
  5. cd /etc/openvpn/easy-rsa
  6. cp -rf /usr/share/doc/openvpn-2.2.0/easy-rsa/2.0/* .
  7. chmod o+x,g+x clean-all, build-* vars whichopensslcnf pkitool inherit-inter list-crl revoke-full sign-req
 Set-up the OpenVPN Server environment, keys and certificates
  1. vi /etc/openvpn/easy-rsa/vars
    1. Also consider setting the key length using KEY_SIZE variable, 1024 is the default 2048 is better, but slows down the TLS, but I am paranoid and use 4096 bit keys
    2. Set the country (KEY_COUNTRY), state (KEY_PROVINCE), locality (KEY_CITY), organisation name (KEY_ORG), and support email (KEY_EMAIL)
    3. I used  PKCS11_MODULE_PATH=/ and a random PIN value
  2. Create a link to the openssl config file as openssl.cnf
    1. ln -s /etc/openvpn/easy-rsa/openssl-1.0.0.cnf /etc/openvpn/easy-rsa/openssl.cnf   
  3. Create certificate for the server
    1. ./build-key-server NAME_OF_SERVER
    2. Answer the questions and commit the certificate into the database
  4. Create the Diffie Hellman files
    1. These files are used for the actual key exchange to ensure the confidentiality over an insecure channel. Based on the length of the key used (KEY_SIZE) it may take a while.
    2. ./build-dh
  5. Create the certificate for each client
    1. ./build-key CLIENT
  6. Edit the server configuration file 
    1. vi /etc/openvpn/server.conf
    2. Check/change
      1. local
      2. proto
      3. dev
      4. port
      5. ca
      6. cert
      7. key
      8. dh
      9. max-clients
      10. user
      11. group
      12. log-append
      13. verb
  7. Start everything
    1. /etc/rc.d/init/openvpn start
    2. chkconfig --level 235 openvpn on
Future post may include instructions on configuration of client as well as set-up of firewall rules for specific topologies (time permitting)

References
  1. http://wiki.centos.org/AdditionalResources/Repositories/RPMForge/#head-f0c3ecee3dbb407e4eed79a56ec0ae92d1398e01
  2. http://nkush.blogspot.com.au/2011/10/installing-openvpn-22-on-centos-57.htm 
5 comments:
Labels: , , , , , , , , ,

7/26/2012

Change Apple Mac OS X Software Update Service (SUS) address

Apple IU Software Update service allows uses to keep their Mac OS X machines updated with the latest software updates and security patched. In some controlled environments, the update servers are specified in the user profile. Sometimes there may be delays in the server updates, or problems with the local update server and users may desire to connect to Apple's services directly. Here's are some instructions that users may find useful. Please note that to make configuration changes you will need Administrative privileges on your Mac.

Users should also note that where a URL for the update catalog is not specified, network administrators may have implemented transparent update redirection by manipulating DNS entries on a local server for URLs such as; http://swscan.apple.com, http://swquery.apple.com, http://swdownload.apple.com, http://swcdn.apple.com

Check the SUS server settings
To check you current SUS settings, issue the following command from a terminal;
  1. /usr/libexec/PlistBuddy -c Print /Library/Preferences/com.apple.SoftwareUpdate.plist
  2. /usr/libexec/PlistBuddy -c Print ~/Library/Preferences/com.apple.SoftwareUpdate.plist
The above commands would produce an output similar to the following;

Dict {
    LastAttemptSystemVersion = 10.7.2 (11C74)
    LastRecommendedUpdatesAvailable = 0
    RecommendedUpdates = Array {
    }
    CatalogURL = http://XXX.XXX.XXX.XX:8088/index.sucatalog
    LastResultCode = 2
    ScheduleFrequency = 1
    LastUpdatesAvailable = 0
    LastAttemptDate = Thu Jul 26 10:37:51 EST 2012
    LastSuccessfulDate = Thu Jul 26 10:37:51 EST 2012
}

Change the SUS server settings back to Apple's default
Delete the CatalogURL entry by issuing the following command to force the IU software update to connect to Apple's URL

  1. defaults delete /Library/Preferences/com.apple.SoftwareUpdate CatalogURL

To change the SUS server
To change the SUS server to any other value issue the following command from a terminal;
  1. defaults write com.apple.SoftwareUpdate CatalogURL 'http://SERVER:PORT/index.sucatalog'
References
  1. http://support.apple.com/kb/HT3923
2 comments:
Labels: , , , , , ,

7/25/2012

How to install Springer Lecture Notes in Computer Science (LNCS) style for MiKTeK on Windows 7

Following on from my previous post... I had the same issue when working on my Microsoft Windows desktop at home, i.e. got the following error "! LaTeX Error: File `llncs.cls' not found.". So had to download the "llncs2e.zip" file yet again from "http://www.springer.com/computer/lncs?SGWID=0-164-6-793341-0/"
  1. Dowload and extract llncs2e.zip
  2. Create a directory called splncs in C:\Program Files\MiKTeX 2.?\bibtex\bst
  3. Move the extracted file splncs.bst, splncs_srt.bst, and splncs03.bst into the new directory C:\Program Files\MiKTeX 2.9\bibtex\bst\splncs
  4. Move the extracted directory ?? into C:\Program Files\MiKTeX 2.9\tex\latex
  5. Rebuild the filename database by Miktek - Maintenance - Settings, and click on the "Refresh FNDB" button (this may take a while depending on your computer)
1 comment:
Labels: , , , , , , , , , ,
Subscribe to: Posts (Atom)