2012. március 28., szerda

ATI open source driver power management + solve Compiz flickering

Hi!
I think a lot of people are using ATI (sorry, AMD) cards in their PC, notebook, this post is for those users.

There are two drivers for ATI cards in Linux. The first is the open source driver provided by xorg, the second is the closed source fglrx driver. The system contains and uses the open source driver by default, it's OK for the most users (especially for the beginners). It can handle Compiz Fusion and has a good performance for the basic graphical operations. I use this driver on my Pinguy OS.

The advanced users can download the closed source drivers from AMD's website as a .run file, but you need additional packages e.g build-essential (development tools) and the kernel-headers package. If all of the dependencies are present, the .run file compiles the fglrx module and installs it to its place.
 
I read and article in the X.org wiki, which said that there are power profiles which we can use to control the VGA's performance and power consumption. My card's fan was very loud so I decided to try all the profiles and choose which is appropriate for me.
 
I installed Fedora before (but I formatted and installed other systems for educational purposes) and the Compiz-flickering problem occured. This means that when I rotated the cube or moved a window the screen was flickering which was very annoying. I didn't install the fglrx driver, so the open source one was in use. I couldn't solve it, but when I read the wiki article and varied between the power profiles (on Pinguy OS of course) I could reproduce the flickering problem. So the problem was: my card was in the "low" power profile. I went back to "high", the problem was solved.
 
I wrote a script that you can use to change the driver from a user-friendly interface. You can download it here.

So, if you have the compiz flickering problem, or just want to use power profiles, I can suggest my script. There is a description in it (copied from X.org wiki and translated to hungarian) so if you hesitate, you will get answer to your questions from my script. 



2012. január 20., péntek

FreeBSD

Respect!

I thought I would like to learn an other Unix-based system in addition to Linux. I chose FreeBSD.

There are three main BSDs: FreeBSD, OpenBSD, NetBSD. I chose FreeBSD because a lot people use it so its user camp is bigger than the others. There are BSDs based on FreeBSD such as GhostBSD and PC-BSD but I wanted to build a BSD-from-scratch :)
The system is great! I love it! I wouldn't like to partition my main HDD so I used my "new" 200GB IDE drive and I plugged off my main HDD's cable :)

The package management is similar to Gentoo's pkg-management. There is a system called ports in BSD, which allows you to customize each package you want to install, and ports can handle dependencies. It has a very great advantage: All the packages are compiled on your system, so the packages will be fully optimized to your system, which means performance increase.

I installed xorg, gnome, firefox, sudo in approximately 3 hours. There were problems with my graphical card, because there are no drivers from AMD to FreeBSD and compiz was not working with the original xorg drivers. I tried everything I could, with no success.

So I formatted the drive and installed it to my home-server :) (this will be the next article)

If you are an advanced Linux user, try BSDs, they are great! :)


Arch Linux - No graphical acceleration after kernel upgrade

Hi!

I wanted to try my own kernel with BFS scheduler but after loading my kernel there was no graphical acceleration. I couldn't use compiz, and the emerald window decorator was not working.

I found a package in AUR named Catalyst-hook and that package solved my problem. 
AUR: Arch User Repository. You have to download a file called PKGBUILD and that file will do all the jobs you need (compiles the package on your computer, so you cannot download pkg-s from AUR). 

This stuff re-created the fglrx module on my computer, and all the things are working like a charm!

When I wanted to compile the new module, the PKGBUILD file was wrong. It was pointing to a link I could never reach, so there were problems during the compiling. Fortunately I had an older version of Catalyst and I modified the PKGBUILD file, but there is an md5 checksum check in the compiling process and the new and the old file's checksum is (as we know) not equal. I created a new md5 value, pasted it to the PKGBUILD file and it worked!

Then I got a package with .pkg.tar.xz extension, I installed it with sudo pacman -U mypackage.pkg.tar.xz and that's it! Reboot, and we are happy!


2012. január 2., hétfő

Protect yourself from computerized crimes

Hello!
I watched an interesting movie on NatGeo about credit card stoling and I thought I write some lines about protecting yourself from computerized crimes.

First of all, protect your wireless network if you have. We cannot speak only about internet connection stolen (and if you have a fast internet connection you cannot recognize if someone steals your net) but the crackeris also in your internal private network and can do an nmap scan to indentify live host and can steal, modify, destroy your data with a help of an exploit. Also can see with your webcamera, do a screenshot, listen to your microphone, execute commands and programs, and last but not least can set up a backdoor for future hacking. Set up firewalls and install a good antivirus to avoid these things. It's 2 minutes to scan a network and hack a Windows XP machine without any protection.

Don't use your Windows computer in network without protection. I highlighted Windows, because Linux, BSD, MacOSX systems don't have much virus. But on these systems you have to set up a firewall. There are so good firewalls included in these systems, but on Windows I suggest a 3rd party firewall.

Keep your system up to date! It's very important, because with a system update the creators can close backdoors and reduce vulnerabilities. The cracker could enter your system before the system update, but after the vulnerability is not present, so the cracker cannot crack.
Try to be invisible! If you have a good router, or you are using DD-WRT you can set that your router don't reply to ICMP echo (ping) requests. So you are invisible to a simple ping scan.

Be paranoid! I give an example: The MSN virus. You received a message from your MSN partner infected by an MSN virus. He/she gave a link to watch or download, and your are infected, too. Maybe with this thing you are a part of a botnet. Don't open a message came from unknown source. Delete it! Maybe it can contain a virus.

Don't follow links saying: There is a good job in XY or buy cheap viagra. These are hoax advertisements. 

Don't get your passwords remembered at public places for ex. internet café, or McDonalds. Start a private browsing.

I said it before, but use strong passwords. A good password is long,  contains uppercase, lowercase, numbers and special characters. The dictionary words or well-known combinations are wrong ( for ex. asdasd asdf, cat, dog, etcetera).

When I got new ideas, I will extend my article :)



A little ALSA configuration in Arch Linux

 Hi!

I got a task at school that I had to make some benchmark about my computer's MIPS and FLOPS values. I thought I make it on my 64bit Arch Linux. When I searched for applications for benchmarking I listened to music.

Few days ago I set up the ALSA sound system's parameters because the music was scratching and it was very annoying. The solution was: Reduce the output volume in the alsamixer menu. I did the job, but at the next system startup (now) the values went back to the previous. I did some search, and got the solution (thanks to Arch Linux Wiki page):

sudo alsactl -f /var/lib/alsa/asound.state store

After the command execution I opened the /etc/rc.conf file and wrote alsa to the startup daemons, after crond. We are happy now, the values are stored. 


2011. augusztus 29., hétfő

About wireless networks

Hello everybody!

This post is about wireless networks, and their protections.

The typical user, after buying a new router, go home, plug in, and it works. But it's wrong, because the default setting is for wireless networks is the no protection. (Open wifi). It means, that everybody can connect to your network ("steal the internet"), and the advanced hackers can break into your personal computer, steal passwords, save keystrokes, steal your important data etc.

To avoid this, some clever engineers developed the encryption and authentication for the IEEE 802.11 networks. The rest of the article I'll write from the encryptions, because I think it is known by everybody.

WEP: Wired Equivalent Protection. It's so deprecated, a WEP key can be cracked in about two minutes. After collecting a number of valuable data, we can crack the key with a statistical attack. However we can use a dictionary attack, but if we got enough data, the cracking is 100% precise. In a clientless WEP network we have to create our own packages to reinvest it to the network, and the router will send back a lot of valuable data.

WPA/WPA2: Nowadays the best protection to our WLAN's. It gives a big protection, if I remember correctly, we cannot attack a clientless WPA/WPA2 network. In this protection method we cannot use statistical attack, but dictionary attack. We must deauthenticate a connected client to get the "handshake" from the router, what we can crack with dictionary attack, rainbow-table attack, or brute force attack (but I don't suggest this, if you want to crack WPA, because with a strong password it takes ages to crack it)

The ideal protection for our Wireless network:
  • Disable SSID broadcast! The person, who wants to connect must know the SSID. (In aircrack-ng we can see only the length of the SSID)
  • Use authentication and encryption! WPA2-PSK TKIP+AES is the best.
  • Use strong passwords! Mixed with lowercase, uppercase, numbers, special characters. My password's length is 14, mixed with them.
  • Modify the router's access page's username and password to your own.
  • Only permit to login to the access page from your personal computer.
  • Use MAC filtering! Permit your own devices' MAC, disable the others.
  • If we don't want to manage our router from remote networks, disable remote access.
  • Reduce TX power, so you can access your WLAN in your house, but not on the street.
  • If you use DD-WRT, disable info site+anonymous ping request.
  • If you use DD-WRT, and don't want to use remote console access, disable telnet and ssh. But if you want it, I suggest ssh, but modify the default port number to  >10000. (a light portscan don't go up to 10000)
  • If you use ssh, limit its access to avoid Denial of Service and bruteforce attack.
I hope I wrote everything :-D. Greetings to my network knowledge teacher :-). If you use these points to protect your wifi, it takes a very long time to crack it, so the hacker will stop cracking and go away =).

If you liked this post, feel free to hit the Like button, and if you want it, I'll make an article about aircrack-ng.

Bye!

2011. július 15., péntek

Android phone filetransfer over Wifi

Hey!

I don't like to plug my phone to my computer for filetransfer purposes, if you don't like, too, this post is for you :)

We can access our phone's SD card over Wifi, with the SwiFTP application. We can conclude that this program makes an FTP server from our phone :)

It's a free app, you can download it from market. I have been using it since I've got my phone.

After the installation, we are on the setup screen, we can set every things for the FTP server :)

So:
  • Username: The username for the FTP server
  • Password: The password for the FTP server
  • Port number: The default port number is 2121, you can modify it if you want.
  • Stay within folder (e.g /sdcard): the FTP server's root directory, you shouldn't modify it.
  • Accept connections from wifi: The phone is accessible over wifi
  • Accept connections from net proxy: If you want to access your phone from an "outside network"
  • Keep phone awake (full CPU speed): This option prevents phone from sleep, and CPU is on maximum clock signal.
After the set-up, press Save. :) It drops back to the main screen, and after pressing start, the FTP server is working, there's an icon on the notification bar. You can access your new server from TotalCommander etc. The phone shows on the Wifi URL section the ftp://<yourphonesip>:port stringYou can copy, paste, move, etc :)

Peace :)