Winterm Hacking update

It has been a long time since I posted any new information on my winterm hacking progress. Well it has finally been picked back up and the results are excellent. I'll go through the process and hurdles I faced so hopefully other can benefit from my experience.

Since the Athena TK3350 I have only had 128mb of ram it was almost impossible to boot from a usb cd/dvd drive. So the first hurdle was how to get a new 4gb compact flash card loaded with an uncompressed OS. When you boot from a cd/dvd/usb flash drive, most times (Especially with linux live images) there is a compressed file system. In my case I was using SliTaz linux which is a 30mb distro with a graphic desktop and a web browser. When trying to boot directly from cd/dvd or usb I would recieve errors about running out of swap space.

To get past these first hurdles the solution was simple. Use a more modern system with beefier resources to create the uncompressed cf image. So I booted the SliTaz cd then plugged in my compact flash card to a usb adapter. Once the desktop was loaded all I needed to do was start the slitaz installer which was under the main program menu >> Slitax installer.

I then had to tell the installer to show all drives then I picked my usb drive from the drop down menu. After a few seconds I had an uncompressed copy of slitaz on the new 4gb cf drive.

!First Boot!

The first boot had some major issues, first errors about unable to find sda1 (problem from the installer not offering options to change boot device name) and some DMA errors.

Fixing the sda1 issue.

This was pretty easy and straight forward. Plug the cf back into the usb adapter and open /boot/grub/menu.1st and change sda1 to hda1

!Second Boot!

The second boot was a bit more exciting new messages where popping up, but I still got several errors that prevented the desktop from loading. The error that caught my eye first was all the DMA errors. After reading through some forums I found that I could go two different routes. 1. Re-compile the kernel with the appropriate DMA options, not an option for me. 2. use boot parameters to change DMA settings. This was the only option for me since I did not want to waste a ton of time on this project. Since many thin clients use a cf to ide adapter they do not use an 80pin connector like most new hard drives. So the system could not boot using DMA options of modern systems. So after more searching I found this tid bit to disable DMA (Or at least downgrade it)

My menu.1st now looks like this.

title SliTaz GNU/Linux (cooking) (Kernel vmlinuz-2.6.30.6-slitaz)

root (hd0,0)

kernel /boot/vmlinuz-2.6.30.6-slitaz root=/dev/hda1 ide-core.nodma=0.0 ide-core.nodma-0.1 vga=normal

Notice the ide-core.nodma=0.0 ide-core.nodma=0.1 This is the key to getting many linux ditros to boot from compact flash cards.

!Final Boot!

At last with all the little items fixed the system was off to a real boot. SliTaz booted and I was able to answer questions about how I wanted the system setup. Since everything is uncompressed these settings where saved and each boot afterwards will take off without a hitch.

What now?

Now that I have a running system its time to put it to use. Keeping in mind the limited resources this system would be good for several projects.

1. Internet radio station. This system could sustain a few connections from listeners before it became over loaded.

2. Network attached storage. Originally i wanted to install freenas but its minimal requirements are a little over what this system has (533mhzcpu 128mb ram) however a stipped down linux os (text mode only) with samba running would provide a general storage server.

3. tiny web server. plenty of space to host a web site, but it would only be able to handle a small amount of traffic at a time.

4. Kid computer. Since resources are low this would make a decent first time computer for a child. Its limited space would mean less chance of junk being downloaded and running linux means no viruses or malware.

5. LTSP, this system can function very well as a thin client for linux terminal service project. connected to a decent server this device would be capable of performing most tasks of modern computer systems.

So there you have it the general steps needed to turn trash into something usable. I plan on running the shoutcast radio server on this machine in the near future. So stay tuned for the audio / video amazement jeitv will bring. (Or not!)

Things I want to do this winter....or probably won't.

Hack Lab.

It seams not a single person I talk to knows what a hack lab is, or why anyone would want to have one. Many see it as a way of teaching people how to break the law, or spread information that should not be shared.

However this is not the case for me. Its more of a way for me to learn from others and help others learn from me. Over the years I have kept up with a lot of stuff I never get to use, and a hack lab is the easiest and safest way to put those skills to practice.

What is a hack lab realy?

A hack lab is a small (or large) dedicated network complete with servers, switches, and whatever networking equipment you want to play with. Hack labs are usually not connected to the Internet to keep activity from leaking into the public networks.

A hack lab is setup like a game, one hack lab may focus on web application security where players are responsible for finding holes and security problems. Another hack lab may require files to be found and passwords cracked.

As text to many this may sound dull and boring, but a hack labs main purpose is to educate those playing. Each person thinks differently and may take alternate routes to the same goal. A hack lab may show that using a tool like wireshark is much faster then using tcpdump. Or that john the ripper is quicker at cracking zip files then a proprietary application.

What would my hack lab be like?

I have always had a fascination with wireless security and how people take most security as a hassle instead of a way to protect their files. So my hack lab would focus on these areas. An access point would be setup using a basic "WEP" based protection and possibly a MAC address filtering list. Players would then be tasked with gaining access to the wireless access point using several methods and collecting information. After accessing the wireless network they would need to keep other players at bay while not alerting the owner of the wireless network. So switching mac list, or encryption to WPA/WPA2 would not be an option.

Once into the network they would then have to gain access to a file server containing a protected data file. This file would be protected using methods that even hospitals have been known to use.

It sounds like a quick lab, but in reality it could take several hours if not an entire day to complete. Once finished players would be asked to explain how they obtained access to each section of the network and propose solutions to keep attackers out. As an extended game the newly secured network could then be attacked. However, the use of wpa/wpa2 would greatly increase the amount of time it would take to gain access to just the wireless section of the network.

This lab is just a basic example, there are even hack labs online you can play, or download and play. Most of them focus on security since thats the biggest problem facing any computer user, and of course its the funnest.

Online radio/web show.

When I was living in Quincy I had a small web show, it wasn't much but it was fun when I could do it. Many years ago I had a very small radio show online. I have always liked interacting with people and making things that entertain even if its just a hand full. And with the updates to some of the software I have been using, a live show would be pretty fun. I may eventually try to do another show, but it will require a lot of planning and content provided by listeners/viewers. Perhaps I'll start over the winter if i'm not swamped by work.

Lastly I'd like to get my business back up and running. After two weeks of being open we started to get a steady stream of customers, but scheduling problems and the city wanting another $100/$200 for a permit or re-zoning killed us quick. But we plan to move to a new location. Once done pricing will be cut way below local competition and we hope to build our business back up and beyond.

A town choking itself to extinction

Small towns are often seen as tourist attractions, tid-bits of the past mixed with modern day stores. However, what happens when a town refuses to change, refuses to better itself or build on its existing assets?

Over the past 30 years the town I live in has went from a decent bustling small city to an almost dead ghost town. If it wasn't for Wal-Mart I think this town would be almost completely empty. The mall (if you can call it that) has more junk in it then merchandise, main street has very little to stop and even consider looking at, and the people running the city seam to be living in another world. A few months back I spoke to a man who said Keokuk was fine, and that people needed to stop whining about how the economy has made things worse. His solution to the lack of jobs and stores was to shop elsewhere and work elsewhere while at the same time living here. To me this just seams like a moot point. How can a city thrive if everyone has houses here but does all their living in surrounding areas.

Travel 50 miles in any direction and you'll see towns that are doing much better. Why? Because the majority of people have the same idea as the man I talked to. While Ft. Madison, Burlington, and Quincy grow, Keokuk falls deeper and deeper into becoming a ghost town.

Recently the city chamber put out a survey to find out what Keokuk residents feel about how the city has been doing so far. I can only imagine what the final results from these surveys will be. Lets take a look at some of the points Keokuk simply refuses or is unable to take care of.

1. Shopping is limited to a very few places. These places are mostly large chain stores that put very little to no money back into the community. The jobs they generate are minimum wage jobs that have been filled by a large number of elderly who can no longer live on their retirement pensions.

2. Teen / kid related activity is almost zero. Several arcades have opened and shortly after closed due to vandalism, bullies, or lack of funds. Skate N Challenge had great ideas but closed due to too many bullies and not enough people spending money. Who wants to let their kids hang out somewhere they'll be ostracized and possibly harmed. K-town underground is rumored to have closed because of child pornography taking place by the owners. Even if not true, the place was a dump. A dark room in a basement with over priced junk food and no real activities to do. All attempts at getting a skate part put in have ended with each one being closed from complaints of more vandalism and bullying.

3. Many locally owned stores along main closed shortly after Wal-Mart opening, however the large chain store remains while dozens of local business still remain empty. More the likely several of the workers of those local stores had to go work for Wal-Mart just to keep making a living.

4. Keokuk has started (for what seams like the dozenth time in 10 years) a "Buy Local" campaign to urge people to buy from local business. The only problem with that is there is nothing of use you can buy from local businesses. Need diapers? Chain stores. Need parts for your vehicle? Chain stores are your choice. Need Medication? Chain stores. Groceries can be purchased from local farmers market, but for everything aside from the basic vegetables and eggs your once again looking at taking a trip to a chain store.

5. Keokuk offers almost zero help for small businesses to start. Quincy has the Business and Technology center to allow new business to grow at a lower cost. If you located a block and a half off main or less you will also need to get a permit or have almost every aspect of your new business ok'd by the "Main street group".

These are just a few of the problems others and myself have seen around the area but little has been done in decades to fix these problems. This doesn't include streets, schools closing, and a rise in drug problems.

Keokuk could really benefit from looking at surrounding areas for ideas. Just because a building is old does not make it "History". We seen exactly what happens when a "Historic" building is let sit with the "Green Tambourine". Now they want to make the underground tunnels that many of the city citizens knew existed, into a tourist attraction. This was brought up years ago before and the city responded with the high costs and insurance liability problems. So these problems have subsided now? I think not. The city will waste tons of money on cleanup only to close the tunnels off from the public leaving a big lot with nothing but a hole in it. It won't be long before many other parts of Main street follow and with each one a new empty lot will emerge. More then likely staying empty for years.

Surrounding areas would have knocked down these troublesome building and put effort forth to fill them with new buildings and new business. Even offering rental space at a lower cost for the first 3-5 years would probably get more businesses to open. $600-$1200 is the average cost of an average location on main. Add in the fact that Keokuk has very little money being spent already and your looking at another business waiting to close from lack of money coming in.

Eventually Keokuk will get the hint that his is small town USA, not a big city. The people here worked hard for years in factories and now all they have to look towards for employment is a greeter or cashier.

Many may be thinking "If you don't like it move"! Well I'm excepting offers for jobs paying 45k or more per year and I'll be happy to oblige. Till then i'm in the same boat as the rest, not enough money to stay and not enough money to leave.

My early years.

Computers have come a long way since I first began using them. In fact my first computer was an Tandy Color II. It had a green screen, and programs had to be saved to cassette tapes. The program cartridges where about an inch thick and literally had to be slammed into the slot in order to work. Needless to say this was not the computer that started my love of technology. In fact my mother used it more then I did.

The first computer that got me really going on was a gateway solo 2100 laptop. 233mhz cpu, with 32mb of ram and a 2gb hard drive. I wasn't going to be taking over the world with this system, but I did come up with some pretty interesting projects using it. My first ever true "hack" or "project" was a floppy disk that bypassed the windows 95/98 login screen and took you right to the desktop. This was done by loading system files from the floppy but using config files on the systems hard drive. It was popular on IRC for about a week before completely abandoned due to simply being able to press cancel at the login screen.

My second project was a bit more complex and useful. A bash script that allowed anyone to view ifilms.com paid videos for free. At that time ifilms was one of the webs first video sites. This project was put on antionline.com but lost after I stopped updating my free website.

As years passed I came up with other little projects, none of them really worth keeping around for to long. It wasn't till I started work at a small ISP (Interlink L.C.) that I started trying to come up with new projects. Most of them consisted of scripts to automate tasks, such as parsing log files and hunting down user activity. Once wifi became popular I created a few scripts to quickly change hardware MAC addresses for gaining access to wireless towers without having to have an actual account on them. Although working for the company I already had free access. But these where proof of concepts, which got me fired for being a security threat then shortly after re-hired once one of the managers was let go.

A few years back I created a script for Yahoo Live! which allowed people to view any live cam without having to be in the same chat room with the user. This was mostly created as a way for users to view more then the 4-5 cams they could by default. Sadly once it was finished the site closed down due to the economy.

Now days I spend my time piddling around with php, mysql, and different tools for sniffing and manipulating network traffic. Although I have not created anything of interest in a long time. The old days still ring in my head just waiting for an opportunity to once again create something neat. Perhaps the new business will push me in a direction to create such a tool. Who knows.

It seams the days of tinkering are almost gone though. Sneaking through alleys listening to phone conversations, or using my old palm pilot to telnet into systems from unsuspecting phone lines are but a funny memory. But as technology grows and more people embrace it, I feel more fun is yet to be had and more projects yet to be created.

Only time can tell. Who knows maybe my children will pickup where I leave off.

Can open source replace your office servers?

When http://www.networxpc.com decided to startup the first thing we talked about was providing small businesses with open source alternatives. What we found was surprising and a bit annoying at the same time.

Not only did we easily find alternatives for almost every single Microsoft based server in the small business sector, but we also found alternatives that worked better with more features.

Here is a small run down of what can be fairly easily replaced with open source software. And yes Networx pc supports them all.

• Microsoft exchange (Alternative offers a great web interface, desktop app, or even use Outlook)
• File server (No surprise since Linux and open source have been doing this since day 1)
• Active Directory with or without roaming profiles (This was a big surprise for me, people spend thousands on MS based AD servers, and a similar alternative is available for free)
• Backup server (No matter if its a single file or an entire drive the Open Source community has this one under wraps with very easy and stable setup)
• Groupware (Sharing information is big in most businesses. weather its calendars, notes, files, or documents. We found several alternatives that leave customers asking "Why did I spend so much on our solution?")

A big reason many of these "Alternatives" are not used is because most IT based businesses can't see any way to make money on them. However, if you look outside the mid west you will find dozens possibly hundreds of businesses making very good money from supporting open source. The money doesn't come from selling some junk software that needs constant hand holding. Instead it comes from offering support and configuration of the system and selling of hardware the system will run on.

Not only does this make customers happy, but the business providing the support has far less out of pocket expense getting a customer setup then a similar business using proprietary software. The servers themselves are also more cost effective due to no longer needed constant updating and rebooting, or an anti-virus solution to protect the server from rouge malware.

With all of this said let me assure you that open source may not be the right solution for every situation. Some businesses rely very heavy on Microsoft or system specific software and possibly hardware. With time these businesses may get an alternative that suits them. But for now its best to take great care and do plenty of research before implementing any open source system.

We see great potential for what we offer, and we hope our customers will to.

Jeff L. Richtman

V.P. Networx PC LLC

Visit our site

Island Paradise Fishing Helper.

Its a nice day outside and you want to go out and do something, but your Island Paradise game needs tending. What do you do?

Let it fish for you. In a span of about 10 hours of no interaction our little app was able to catch around 700-800 coins worth of fish and junk (Wood, Cans, boots etc) All by fishing for you.

How it works:

The script sits watching your island for several images. First the whirl pool, this is where fishing begins. Once the script find a whirl pool it move the mouse over to click on it. This throws down the net. It then automatically click the Save button for you. The script also click the "Skip" button on most boxes that pop-up. So no interruptions caused by wanting you to play other games, or notify your friends of you catch.

Once time has expired and a fish pops up. The script will move the mouse over to click on the new fish. All without you doing anything.

Bugs:

Its not perfect just yet. With glitches in the game and problems with facebook the script can move your island over to one side of the other, making it only possible to catch fish in one area.

Anything under the save button such as land, grass or even your avatar will make the save feature no longer work. Since it is looking for an exact pixel match in the image.

Other windows that may pop up such as Windows updates, or third party software can also cause problems as the script continues to run no matter what is on the screen.

Conclusion:

Its for these reasons why we are not actually releasing the little program for download. We don't want people complaining about damage done to their data. There is little worse then a rouge mouse clicking on random things.

If you would like to try it out however, please contact either myself or kat. If you don't know how please email webmaster at jeicrash dot net and I'll send you a copy.

You will need Autohotkey in order for the script to work, I will not be giving out compiled exe's of this script.

The work rant!!!!!!!!

----Hello professor would you like to play a game------(Its from Wargames DUH)

#no Joshua I need to rant. (Joshua is the name of the system prof. Falken built)

---Proceed-----

Boy really wish I hadn't been woken up today twice for work related questions. I have a full time job where I work 8 hours a day 5 days a week. At my job I don't have to do much. I fix computers, make systems work so we can sell them, manage 60+ websites and email accounts for each, do service calls whenever and where ever needed, keep track of weeks of work in my head when I don't have time to get it written down into the work calendar, fix printers even though I have never been trained (Its all guess work and somehow it always gets fixed). Talk to customers and make them happy when their systems are not fixed when said due to me not being in the office. And a few other things, but still not much.....RIGHT?????

Aside from that I also maintain a few sites outside of work that I started way before beginning my current full time job. These sites can take another 40 hours a week out of me so as you can tell my weekends are pretty precious to me. And on top of that this weekend one of my kids (I have two) wasn't feeling so hot, So I took a day off work to be home with him. Barely any contact related to work on Friday. But Saturday morning I get two calls pertaining to work. One to ask me for help on a blackberry cell phone (I own one that does not make me support) the other to ask if a system from Friday was done (I wasn't there call the tech who was).

So here is what I am going to do from now on since I know this is bound to happen again.

First time: I'll help the person with whatever I can then let work know I need an additional $75.00 added to my paycheck for that week.

Second time: I'll get rid of my work phone and get a personal phone. This will remove any need to think that since I have a work phone I should be obligated to work at anytime.

Third time. I'll simply hand in my 30 day resignation letter and worry about finding work elsewhere.

The real sad thing is I never get away from work. And I don't think anyone really does. No matter what your profession or area of expertise people are always going to bother you. Like when someone find out a person is a doctor its never "Hi nice to meet you." its always "Can I ask you a question?" Same for us geeks, we just don't have to look at strange rashes.

Most times I can't even goto family gatherings without being piled with questions. Wouldn't be a problem if I had my own company and I could simply say "Wait till Monday and come see me, I'll give you a good deal on whatever part/service you need" Instead I have to spend my time fixing peoples stuff then waiting for payment if I ever get it. In a year on average at my $15/hr rate I probably give away a few thousand dollars of free help. Many times I don't mind because its on my terms. But when I get calls related to work on days I don't work it irritates me. Firstly because if I do decide to do the work I might "MIGHT" get my base hourly rate from my job for it. Otherwise its free or they will get invoiced the $75/hr and I get nothing. Secondly I usually get into work 8:30am - 8:45am and most days don't take lunch and work till 5pm so by the weekend on a good week I have put in my 40hrs. This means weekend work is overtime, and even at that pay its not worth my time or my families time for me to work even more.

Lately I have lost interest in my job, too much work and not enough incentive. I get paid an hourly rate, no benefits, no paid vacation, and no bonuses. I am A+ certified which to me means nothing but to the IT industry means an average pay of $15/hr and currently working on NET+ and Security+ certifications. I have a solid 14 years of experience in my skill set. I work on Windows, Mac, and LINUX.

In the past I have done data recovery for FBI agents investigating an Ebay scam. I have taught college classes as a substitute teacher at the Quincy Vatterotte college. Spent countless hours teaching the elderly how to use computers for free. Been referred to more then one time as a companies "Star" technician, Goto guy, hacking deviant, even fired by one company as a security threat only to be hired again later at higher pay. I have collected (And sadly lost) hundreds of letters from happy customers and three letters of recommendation two from the same employer.

I have a nack for figuring out problems, probably why I like metal puzzles. I have installed windows on machines with no floppy, usb, cd-rom, or network card without actually installing the operating system while hooked up to another system. Written countless linux bash scripts to automate tasks, parse logs, filter traffic. Built dozens of specialized servers for just about every task imaginable. And learned more pointless but useful stuff then anyone I have met so far.

I don't know jack about Microsoft Server editions but I am learning. It has never been a need since everything Microsoft server does I have always used Linux. Including roaming profiles, ldap user authentication, samba file servers, print servers, network monitoring and access restriction. etc.

So basically at this point I should either be running my own business or working for much higher pay. Instead I'm an entry level tech making entry level wages. And this weekend crap is getting on my nerves. A person can only play dumb for so long before they get tired of it. This geeks has had enough and in the next following months I'll be seriously deciding weather its worth it to continue the work I am doing or look for something more suited for my skill level and pay grade.

----End of line----(Its from TRON if you don't know)

Hello from Internet land

Welly Welly Welly Welly Well My little lovelies. Its been a long time and no fun since I have done anything fun on the Internet. Lately I have been spending nights of long trying to get things sorted for what will hopefully become a new source of income. And as ideas smash around inside my little head I get a feeling way down in my gutty wutts that this time year after I could be a free man. At least free from working for "The man". Instead yours truly will be "The man". With much help and appreciation from a former co-worker and now business partner. Things are looking good this far. No tats or yarns about failure for these two chaps. No, instead much thinking of alike, and a feeling of accomplishing ones goals this lads been thinking lately.

Here's to a grand ol' 2010 and hopes that 2012 is not the real end to us all, Because as many of you may know or will learn very shortly. It can take up-to 5 years before one sees profits of green from a new venture such as this. And I don't want it cut short by some unwanted kick to the yarballs from old father time and faithful Nostradamus predictions and what not.

Instead I'm hoping year after this time I may be able to actually say I am stable. Well financially at least. Mentally will probably never happen.

Cheers and all that pip.

weekend of code starting Feb 5th.

For a long time I have tried to think of projects I can do to keep busy and make something useful in the process. Usually projects get put aside due to money, or time, or life. So now starts a new project. Weekend of code, which will be me and possibly others coding different thing over the weekends. Projects will range from websites to autohotkey scripts to just about anything I feel I can do. I'll be updating my twitter and facebook accounts during the entire process to keep everyone informed. And will try to get a blog up sunday night between doing laundry and taking out the trash of what all I accomplished or did not accomplish during the weekend. And if anything useful comes from it I may even post the code for other to use and better upon.

ATT wants to cut the land line.

Read several articles on this today. And I have to say, the only other thing more scary then a large company deciding when something should be no longer used, is the ipod credit card swipe.

Not to mention its getting a bit old seeing multi-million+ dollar companies trying to push their ideas onto the rest of the world.

Heres a few things that need to be done before landlines are cut.

1. world wide replacement of all copper lines and upgraded to IP based systems (At phone companies expense).

2. Migration of all current copper line users to phone based systems at the same or lower price.

3. Survey of how many users city, state, and world wide who still depend on copper lines.

sure cell phone are great, and dial-up should no longer be needed in todays age. But this is not the case in many smaller areas. Take Iowa, Illinois, and Missouri for perfect examples. A vast majority of people are still using landlines and dial-up Internet service mostly because large Telco's will not put out the money to upgrade their equipment in these areas.

I personally no longer use landlines, but just about all of my neighbors do. bleh. alwell.

Its time to sit back and wait for the industry to change yet again, just because some large company doesn't want to spend the money the right way.

blah blah blah.