Jun 30, 2008

Looking For A Secure VPN Solution? Try OpenVPN.

I have been wanting to setup a secure VPN solution on my home network for a while now. Also, one of my "company goals" this year was to evaluate a secure corporate VPN solution for my company. I figured, why not kill two birds with one stone!

So I started looking around at all sorts of options. The first one I tried was called Adito, which is a web-based SSL VPN server based on the old Open Source version of SSL-Explorer that is now no longer free. Adito wasn't really what I was looking for though, as it was more like a Citrix Webapps server. You login to a web page that has plugins that allow you to access your network resources through it. I wanted something a little more transparent, that gave you the feeling that you were literally jacked in at your home or office.

openvpnEnter OpenVPN. OpenVPN allowed me to connect into my home network using a secure SSL tunnel, and access network resources from outside the network. I could RDP, or SSH into my other computers. I could browse network file shares. You name it!

Here is a description of OpenVPN from their website:

OpenVPN is a full-featured open source SSL VPN solution that accommodates a wide range of configurations, including remote access, site-to-site VPNs, Wi-Fi security, and enterprise-scale remote access solutions with load balancing, failover, and fine-grained access-controls. Starting with the fundamental premise that complexity is the enemy of security, OpenVPN offers a cost-effective, lightweight alternative to other VPN technologies that is well-targeted for the SME and enterprise markets.


If you want to set it up for yourself, there are many tutorials out there. I for one, have it running on Windows 2000 server, and I used this tutorial to set it up: (Win2k OpenVPN). I chose that method because it was the easiest way to do it.

You can also run it on Linux as well. I found this tutorial for running it on Ubuntu, but I found the routing part a little difficult to get working. (Ubuntu OpenVPN Tutorial)

(If you know of a more comprehensive how-to for Ubuntu, hit me up in the comments)

Installation is really easy too. For Windows (Client and Server) you can install the OpenVPN Gui. For Ubuntu, you just run:

sudo apt-get install openvpn


If you are looking for a way to tie OpenVPN into your Active Directory, I found this tutorial on authenticating OpenVPN with AD.

What VPN solution do you use? Do you have a favorite that is easier, or more secure that OpenVPN? Let me know in the comments.

Jun 17, 2008

Need Storage? Got an Old Junkie System? Why Not Make a NAS?

One of the perks of being in the IT business is that you have to constantly upgrade systems as the technology gets better to keep up with the latest software. What happens to the old systems after an upgrade? Well, if you lease your systems then the oldies most likely go back to the leasing company, but if you buy your systems like my company (and many others) those systems go off to be donated or recycled. Well, sometimes there are some decent machines that are getting ready to go out, and if you are in IT you get first dibs. That is exactly what happened recently at my company.

We had about, oh I don't know, 20 or so systems getting ready to go off to the recycling company. My boss okayed us taking home some of the better machines so we could work on certs or whatever. I of course grabbed one, and turned it into my home Ubuntu VMWare GSX server, but that is neither here nor there. I also grabbed another one and decided to turn it into a NAS.

You see, when I first started, my team had our very own "music" server where we stored all of our music files so we could listen to them at work, and share them. It was just a plain old file server running on an old beaten down box. It finally crashed, and we never brought it up again. I figured, why not bring it back? Plus I wanted to play with a free NAS server OS based on FreeBSD called FreeNAS. That is exactly what I did!

If you have never heard of FreeNAS, here is what the About page at FreeNAS.org has to say:

freenasFreeNAS is a free NAS (Network-Attached Storage) server, supporting: CIFS (samba), FTP, NFS, AFP, RSYNC, iSCSI protocols, S.M.A.R.T., local user authentication, Software RAID (0,1,5) with a Full WEB configuration interface. FreeNAS takes less than 32MB once installed on Compact Flash, hard drive or USB key.


I took the machine, and threw in two more hard drives to max out my IDE connections (one was reserved for the CD Rom). I grabbed an old 512MB flash drive to install FreeNAS on, and I was off. I configured the three drives into a software RAID 5 array using the FreeNAS GUI, then shared it out using CIFS.

FreeNAS was actually pretty easy to setup and configure with one minor exception. When I tried to mount my new RAID array, I kept getting a error - retry message. I searched all over Google and couldn't really find a fix for it. Luckily I know enough Unix commands to get myself into trouble, so I dropped to a shell on the server and started poking around. I was finally able to get my share to mount by going into /mnt and creating my mount point manually. I wanted the mount point to be called "music" so naturally I typed the following in the shell:

mkdir music

After that I was able to mount my RAID array in with no problem. I guess the webGUI is having problems creating new directories. Another issue I saw was that the Active Directory settings didn't seem to work. So I wasn't able to allow Windows authentication. Not that big of a concern for a cheesy music file server, but it does count it out of the running for production file sharing.

All in all, not a bad OS. Also not a bad way to take advantage of an old system, and some spare drives. Have you used FreeNAS? What about a different NAS OS? Got any tips you want to share for a FreeNAS n00b? I'd love to hear about it in the comments.

Jun 15, 2008

What To Do With Those Old AOL CD's

I haven't stopped by good old KipKay.com for a while, and thought I would drop in to see what that dude was up to. If you don't know who Kip Kay is, he is a real life MacGyver and has his own channel on Metacafe.

I have posted some of his stuff before. One of my favorites is his 10 dollar flashlight mod that makes it as powerful as a $100 dollar flashlight the police use.

Today I bring you one of his videos that shows you one way you can recycle your old AOL cd's, and turn them into something fun... Like a party! Check it out:



Have you done something like this? Have any other ideas on what to use those AOL cds for? Hit me up in the comments!

Jun 13, 2008

Quick Tip: How To Take A Simple Screen Shot

I am posting this because one of my coworkers keeps saying that I need to post this. Before I do, let me give you a little background. I had a user that was getting a strange error when trying to launch a program in Citrix.

Naturally, one of the best ways for diagnosing someone's computer problem is to have them take a screen shot and send it to you. Well, this user couldn't figure out how to take the requested screen shot per se, so she did the next best thing... She whipped out her digital camera and took a picture of her computer screen! Don't believe me? Check it out:


Screen Shot
There are third part tools that can take screen shots and pretty them up for you for presentations and what not, but if your systems administrator needs you to take a screen shot, you don't have to get all fancy. For the simple screen shot in windows there are two basic ways of doing it. One is for full screen, and one is for the active windows only. To take a screen shot of the full screen, all you have to do is press CTRL + Print Screen, then open up mspaint, word, email or whatever and paste! Bam! You will have a picture of your entire screen! If you only want to take a screen shot of a single window, click on the windows to make it active, then press ALT + Print Screen.

It is pretty simple people. No need to purchase a digital camera to get the support you need from your systems administrator.

Jun 12, 2008

Google Docs Being Used to Host Spam

This just in from my old company, Websense. The security research group has discovered that much like spammers using Blogger to host spam sites pedaling stuff like viagra, and other stuff to enlarge your junk, they are now turning to Google docs to do the same thing.

It all starts with the standard email spam. You know the ones I'm talking about! The ones for free lottery, or as mentioned above, viagra pills etc. In the links in these emails, instead of pointing to legit websites, these links are pointing to bogus docs on Google docs!

Here is a screen shot of a spam doc from The Websense Blog:

Google Docs Spam
Here is what Websense Security Researcher Chris Astacio has to say:

We expect to see more and more spammers taking advantage of free services to host spam, phishing, and malicious sites, since the captchas that previously deterred them from creating free accounts has become less effective.
If you want to get up to date security alerts from the experts at Websense Security Labs, you can sign up for them here: (Websense Security Labs)

Jun 10, 2008

Got a Website You Hate? Why Not Trash It?

I don't mean literally boys and girls. I don't want you going out hacking websites then coming back saying, El Di Pablo told me to do it! I am going to clear the air right now, and let everyone know that if you f#%@ up someones website, and you get caught, you are on your own!

That being said, there are more harmless ways to take out your aggression. This little website gem I am about to mention is one of those harmless methods. It sort of reminds me of those noisemakers you used to be able to buy for your car that made missile and gun sounds so you could pretend to blow up the dumb ass in the next car over.

The same silly principal goes with this website. If there is a rival blogger, or perhaps you just have something against Digg, you could completely trash their site, without doing any real damage.

The website is called Net Disaster. This is what the creators of the site have to say:

Netdisaster is a web filter; it's a fun toy only. The user chooses a target website. Netdisaster overlays an animation that simulates the destruction of the target-site by a disaster. The animation can go on automatically, or via mouse-control.


Here is a video of me "pruning" plime.com:



I am fairly certain one could spend hours waisting away on this site. Don't believe me? Try it yourself. In fact, I dare you to do it to Bauer-Power! If you do jack up my site using Net Disaster, be sure to record it, and upload it to your favorite video site like Youtube. Be sure to post a link to your video jacking up Bauer-Power in the comments. If one of them is exceptionally good, I will post it on my blog! If you are a blog writer yourself, I will post it plus add a little plug for your site! So get creative people!

Jun 9, 2008

Just when you think users can't get any dumber...

Before I begin, I think it is ridiculous that people are actually able to sell Ubuntu on Amazon, let alone that people are actually dumb enough to buy it! When I saw that people are listing Ubuntu on Amazon I almost fell out of my chair! Ubuntu is FREE people! Even if you want "professional" CD's mailed to you all you have to do is request them from Ubuntu.com and they mail them to you for free. If you don't want to wait you can of course do what 99.9% of the world does and download the iso images! I digress.

So, anyway, I found out that one particular user had a problem with Ubuntu, and decided that he should of course warn other people about installing Ubuntu themselves. If you don't believe this is real, you can check out the real review here: (Stupid Ubuntu Review)

If you are lazy, you can just read the review from my screenshot (Click on the image to make it larger):

Stupid Ubuntu Review
Do you think this was real? Do you think someone posted it just to be funny? Let me know what you think in the comments.

Jun 6, 2008

New Linux Distro on The Horizon for Schitzos

Today is one of those days at work where everything has slowed down to a crawl. The boss is out, and there are no fires to fight, which makes for a good day of surfing the interweb for interesting junk.

I am a StumbleUpon fool on these types of days. Just when I feel like I have seen the entire internet, it brings me to some place new. One of the things it brought me to today was the home of a new Linux distribution site aimed at (from the looks of things) conspiracy theorists, or maybe even governmental subversionists. The project is aptly named Paranoid Linux.

Here is a quote from Canadian Blogger Cory Doctorow from the Paranoid Linux website:

Bauer-Power Linux TuxParanoid Linux is an operating system that assumes that its operator is under assault from the government (it was intended for use by Chinese and Syrian dissidents), and it does everything it can to keep your communications and documents a secret. It even throws up a bunch of "chaff" communications that are supposed to disguise the fact that you're doing anything covert. So while you're receiving a political message one character at a time, ParanoidLinux is pretending to surf the Web and fill in questionnaires and flirt in chat-rooms. Meanwhile, one in every five hundred characters you receive is your real message, a needle buried in a huge haystack.
Now don't get too excited. They just started their project on May 17th, so they really don't have too much to look at right now, not even a beta to download. If you have some coding skills, they could probably use some help getting this thing off the ground. If you are interested, you can check out their IRC channel.

I am pretty interested to see how this thing goes. I have subscribed to their RSS feed to try and keep up to date on the distro. You can too by subscribing here: (Paranoid Linux RSS)

Better yet, why not just subscribe to Bauer-Power, and I will let you know when something good comes out of their project ;-)

Google's Answer to The Vista Gadget Bar

A few months back I mentioned the Thoosje's Sidebar which ads a gadget bar to your Windows XP machine just like Vista. Well it turns out that Google has answered the call for a cool gadget bar too with Google Desktop!



Google Desktop's bar is way cooler that Thoosje's because of all the gadgets that are available for it. Plus more and more are becoming available all the time! Thooseje's only really had a handful, and most of theirs came with it. If you want more gadgets, just click on the Google desktop menu in your task bar, and select add gadgets. Then you get a list of tons of different cool gadgets you can add to your gadget bar:

Google Gadgets
Of course Google Desktop still comes with its famous Google Desktop search which indexes all of your files, folders, and email for ease of finding your junk.

Have you tried the Google Desktop Gadget bar yet? Do you have any favorite gadgets you want to recommend? Hit me up in the comments!

Jun 5, 2008

A Really Cool Disk Burning Program and ISO Creator

I found a neat little tool yesterday in my interweb travels that makes creating ISO images from CD's and DVD's (DVD's through Vista Only) really easy. Not to mention, burning them back to disk again. This utility I'm talking about is of course called ISO Recorder.

That doesn't sound terribly special to be sure, as CD/DVD burners are a dime a dozen. The cool thing about this one is how light weight it is. Everything is done through Windows using your right click.

For instance, you want to copy a CD to an ISO image? Just go to your CD drive, right click on it and BAM! You can create an image from the CD.


ISO RecorderNow lets say you already have an ISO, now you want to burn it right? Just right click on the ISO, and BAM! Copy the Image to CD!

ISO Recorder
From the ISO Recorder website:

ISO Recorder is a tool (power toy) for Windows XP, 2003 and now Windows Vista, that allows (depending on the Windows version) to burn CD and DVD images (DVD support is only available on Windows Vista), copy disks, make images of the existing data CDs and DVDs and create ISO images from a content of a disk folder.


Sure there are tons of tools out there, but this one is nice because it is so light weight, and easy to use. I have written about burners in the past, but I am always interested in new ones. What burners/ISO creators do you use? Let me know in the comments.

Jun 4, 2008

Quick Wipe Hard Drive's Using Lysol

Have you ever needed to quickly blank a hard drive? Now I'm not talking about for security purposes, for that I like using DBAN. No I'm just talking about one quick wipe down to erase the drive? I do, especially when I really want to test a disk image. I want no previous instances of anything on the drive, to really be sure my image is perfect.

Well, at my school they have a really old, yet effective program, called Lysol. I tried Googling it, and I couldn't find any place to download it. I did find some forums where people mentioned it, but no place for download. Well, it's time to rectify that! I obtained a CD ISO of the program, and I am making it available for everyone here!


Lysol Hard DriveLysol is pretty friggin' awesome. It will wipe a drive in about 5 seconds! That's right, only 5 seconds! (like I said, this is not good for security wipes). The iso itself is less than 3MB in size. It is small, but very effective. Now if you or your friends are looking for a quick disk wiper, then send them on over here to Bauer-Power!

[EDIT 6/5/2008] - You know I was just thinking today that this could be very useful if you already used full hard disk encryption. Lets say you have a fully encrypted laptop with all sorts of illegal downloads or whatever. If the FBI busts in with a warrant, you might be forced to give up the password to decrypt the drive. Now, if you had a few minutes you could possibly pop in this sucka, and do a quick wipe. The quick format, mixed with the disk encryption would probably make it impossible to recover anything. I don't know, just a thought. What's your opinion? Hit me up in the comments.



Twitter Delicious Facebook Digg Stumbleupon Favorites More

 
Design by Free WordPress Themes | Bloggerized by Lasantha - Premium Blogger Themes | stopping spam