can’t open [...]]]> After the new release of slitaz cooking, version 20110531, it added new software packages, such as cherokee and nginx, etc. As the latest version of a testing release, testing environment is the best place for its living. However, I got 2 errors when doing tazpkg upgrade, the error messages are same as below:

can’t open ‘libdnet/receipt’
can’t open ‘snort/receipt’

To simply fix this issue, just fix it by installing the outdated software packages manually. For example type:

tazpkg get-install libdnet
tazpkg get-install snort

It is suggested clear the tazpkg cache and re-run the package list, below are the commands to complete the task easily.

tazpkg -cc
tazpkg recharge

N.B. : This article helps people build [...]]]> Nowadays there is a new comer on web server market – cherokee, they said they won the benchmark and security measurement, plus a graphic admin interface for easy maintenance. It is a good choice with Slitaz to hold a web server, because both are small, young and growing.

N.B. : This article helps people build cherokee in Slitaz stable or people who want to try the latest version of cherokee. For people who using cooking release please direct install cherokee by using tazpkg get-install cherokee.

Before install Cherokee, a Slitaz system must be ready. Other Linux distro sure works, too

A. Install the development packages
We need start installing development packages, libraries and 3rd party packages in order to compile our little toy.

tazpkg get-install slitaz-toolchain

It will continue to install the missing packages if any. When you saw the following question, just enter “No” to continue

Do you want Bash for /bin/sh (yes/No) ? :

B. Install other packages
Continue install the following packages after the previous steps finished.

binutils
python
libsasl-modules
libsasl
libldap
libkrb5
libkr5support
libcomerr3
cyrus-sasl
cyrus-sasl-dev
openssl
openssl-dev
gettext
php
php-openssl
php-mysql
php-pear
php-gd
mysql
mysql-dev
ffmpeg
ffmpeg-dev
zlib
zlib-dev

C. Install 3rd party package, geoip (C Library version)
Download the geoip in the official site, http://www.maxmind.com/app/api. After un-tar the tarball file, execute the following code, default is installed in /usr/local/lib.

./configure
make
make check
make install

D. Compile and Install Cherokee
Everything is ready and we start to build-up our toy. Type the following to compile

./configure –localstatedir=/var \
–prefix=/usr/local \
–sysconfdir=/etc \
–with-wwwroot=/var/www \
–with-wwwuser=www \
–with-wwwgroup=www
make
make install

All installation files will be placed under /usr/local. To execute Cherokee, execute the following command.

/usr/local/sbin/cherokee

Same way to run the admin mode, but sure execute cherokee-admin instead.

作為一般家用伺服器, Slitaz 提供了與其他 distro 無異既軟件, php, apache, mysql, samba 等. 但它只需要 1GB 空間與最少 64mb RAM 甚至更少, 曾經網上討論過差不多 16mb RAM 仍可運作. 當 1GB RAM 已是標準配置既時代, 要運行暢順當然無問題. 其實作為伺服器, 主要就是為其他機器或人提供服務，對 RAM 及硬碟要求低正可將多出既資源回饋給所運行既服務提高負載率。

講返正題，因為 Slitaz 本身既 snort 並不支援 mysql，所以需要自行下載安裝程式。

先下載所需程式: (可在 Google 尋找) Snort 主程式及 Snort rules – http://www.snort.org jpgraph Adodb [...]]]> 有留意本欄既讀者都知道, Slitaz 是筆者喜愛既 distro 之一, 原因好簡單 — 硬件要求低.

作為一般家用伺服器, Slitaz 提供了與其他 distro 無異既軟件, php, apache, mysql, samba 等. 但它只需要 1GB 空間與最少 64mb RAM 甚至更少, 曾經網上討論過差不多 16mb RAM 仍可運作. 當 1GB RAM 已是標準配置既時代, 要運行暢順當然無問題. 其實作為伺服器, 主要就是為其他機器或人提供服務，對 RAM 及硬碟要求低正可將多出既資源回饋給所運行既服務提高負載率。

講返正題，因為 Slitaz 本身既 snort 並不支援 mysql，所以需要自行下載安裝程式。

先下載所需程式: (可在 Google 尋找)
Snort 主程式及 Snort rules – http://www.snort.org
jpgraph
Adodb
Base
Barnyard2 (可選擇安裝與否)

1. 先安裝 Slitaz, 步驟太簡單不重複了
2. 使用 tazpkg get-install 安裝下列套件
   - apache2
   - php, php-cli, php-apache, php-mysql, mysql
   - mysql-dev, libpcap, nmap, php-gd, php-pear, slitaz-toolschain
3. 解壓 jpgraph 並將檔案抄至 /var/www/jpgraph
   - tar -zxvf jpgraph.tar.gz
   - copy jpgraph/src /var/www/jpgraph
4. 解壓 barnyard2 並進行安裝
   - tar -xzvf barnyard2.tar.gz
   - cd barnyard2
   - ./configure withmysql
   - make
   - make install
   - cp etc/barnyard2.conf /usr/local/snort/etc
   - mkdir /var/log/barnyard2
   - 編輯 /usr/local/snort/etc/barnyard2.conf, 修改下列設定:
   config reference_file: /usr/local/snort/etc/reference.config
   config classification_file: /usr/local/snort/etc/classification.config
   config gen_file: /usr/local/snort/etc/genmsg.map
   config sid_file: /usr/local/snort/etc/sidmsg.map
   config hostname: localhost
   config interface: eth1
   output database: log, mysql, user=SNORT_USER password=SNORT_PASSWORD dbname=snort \ host=localhost
5. 解壓 snort 檔案, 並進行手動安裝, 最後將完成編譯後的 etc 及 rules 兩個目綠抄至 /opt
   - tar -zxvf snort.tar.gz
   - ./configurate -with-mysql –prefix=/opt
   - make
   - make install
   - copy etc rules folders into /opt
6. 建立獨立帳戶執行 snort
   - addgroup snort
   - adduse snort
7. 使用 mysql 建立資料庫儲存資料, 並將資料庫建立使用者權限
8. 修改 snort 設定檔
   - vi /opt/snort/etc/snort.conf
9. 將 snort rules 抄至 /opt
10. 測試 snort 設定
11. 解壓 adodb 檔案, 抄至網頁目綠內
12. 解壓 base 檔案, 抄至網頁目綠內

Please click the following link for English version
Compiling snort in Slitaz

With less than 1GB after installed in hard drive, it provides common server packages, including apache, php, mysql, samba, sure it contains [...]]]> I always like to use Slitaz running server, because of the benefit from it’s tiny size and low hardware requirement. More resources can be reserved for server service in compare with other distro.

With less than 1GB after installed in hard drive, it provides common server packages, including apache, php, mysql, samba, sure it contains a X windows. However, I need admit that it still missing some advanced features comparing with great distros like Ubuntu, Debian and Red Hat. One of the feature is IDS.

Although official package already provided snort, it just supports log file output instead of supporting database. To enjoy such advanced feature, we need download the tarball and install by ourselves. This article is to demonstrate the installation step-by-step. Please sit back and enjoy.

Pre-requirement: (Please prepare the following programs source)

• Snort
• jpgraph
• adodb
• Base
• Barnyard2 (Optional), by referring David Gullett’s setup guide, this tiny program can improve the efficiency of Snort

Step-by-step:

1. Install Slitaz, very simple
2. Install official packages by using tazpkg get-install
   - apache2
   - php, php-cli, php-apache, php-mysql, mysql
   - mysql-dev, libpcap, nmap, php-gd, php-pear, slitaz-toolschain
3. Untar jpgraph
   - tar -zxvf jpgraph.tar.gz
   - copy jpgraph/src /var/www/jpgraph
4. Untar barnyard2
   - tar -xzvf barnyard2.tar.gz
   - cd barnyard2
   - ./configure withmysql
   - make
   - make install
   - cp etc/barnyard2.conf /usr/local/snort/etc
   - mkdir /var/log/barnyard2
   - edit /usr/local/snort/etc/barnyard2.conf
   - change the following settings: 

   config reference_file: /usr/local/snort/etc/reference.config
   config classification_file: /usr/local/snort/etc/classification.config
   config gen_file: /usr/local/snort/etc/genmsg.map
   config sid_file: /usr/local/snort/etc/sidmsg.map
   config hostname: localhost
   config interface: eth1
   output database: log, mysql, user=SNORT_USER password=SNORT_PASSWORD dbname=snort \
   host=localhost

5. Untar snort tarball
   - tar -zxvf snort.tar.gz
   - ./configurate -with-mysql –prefix=/opt
   - make
   - make install
   - copy etc rules folders into /opt
6. Create user account for running snort
   - addgroup snort
   - adduse snort
7. Create mysql database
   - grant access right to snort account
8. Edit snort config file
   - vi /opt/snort/etc/snort.conf
9. Copy snort rules to /opt
10. Test snort config
11. Install adodb
    - untar downloaded file
    - copy file in web directory
12. Install base
    - untar downloaded file
    - copy file to web directory

中文版可到這裡 (Please click the following link for chinese version)
Slitaz 自己手動安裝 snort

ERROR: Failed to find LibVersion() function in … snort_dynamicrules/lib_sfdynamic_example_rule.so

原來解決方法很簡單, 只要將 snort_dynamicrules 目錄內包含 “example” 字眼既檔案移除就可解決.

To solve the above error, just remove all files named “example” in snort_dynamicrules.

儲存後重新啟動 privoxy 便可

As privoxy is cool apps on blocking web banner [...]]]> 自從使用了 privoxy 攔截廣告後, 大部份常去既網站都已經冇廣告顯示. 不過近日發現某大討論區內仍有廣告出現, 所以貼出此文去更新 privoxy 既規則. 開啟 default.action, 並更改如下設定:

• 在 {-handle-as-image}, 改為
  /.*\.(js|php|css|.?html?|.asp?)
• 在 {+block{Path matches generic block pattern.}}, 加入
  /(.*/)?houseads.js
  /(.*/)?aeiou
• 在 {+block{Might be a web-bug.} +handle-as-empty-document -handle-as-image}, 加入
  .overture.com
• 在 Site-specific block-as-image patterns 的 Banner farms 內， 加入
  .yimg.com/(.*/)?a/

儲存後重新啟動 privoxy 便可

As privoxy is cool apps on blocking web banner or ads, but it also need update regularly because of more and more ads coming out. The following settings are fitting for blocking ads in a popular Hong Kong forum.

In default action:

• Modify to “/.*\.(js|php|css|.?html?|.asp?)” without quotation mark in {-handle-as-image} section
• Add “/(.*/)?houseads.js” and “/(.*/)?aeiou” in {+block{Path matches generic block pattern.}}
• Add “.overture.com” in {+block{Might be a web-bug.} +handle-as-empty-document -handle-as-image}
• Add “.yimg.com/(.*/)?a/” in Banner farms of Site-specific block-as-image patterns

Remember effective the settings after restart privoxy service.

PS3 除了是一部電玩外, 其實它可以被視為一部電腦, XBox 360亦然. 當中, PS3 已可安裝 Linux 作業系統. 美軍所訂購既 PS3 正正是為了利用它們建立一部 “超級電腦”. 可能會有人懷疑為什麼用 PS3 而棄用一般電腦, 說穿了是因為錢作怪. PS3 既運算能力其實不底, 一部 1u 大細 2 粒 3.2Ghz CPU 伺服器大約 US$8K, 但擁有差不多 3.2Ghz CPU 既 PS3 卻是大約 US$300, 這樣成本便大大降低. 而且測試過 PS3 所用既 CPU 為一般 CPU [...]]]> 據外電報導, 美軍訂購了 2200 部 PS3 遊戲機, 而該批遊戲機會在聖誔節前付運. 大家都可能覺得奇怪, 為何美軍會訂購遊戲機, 是否因為要將遊戲當成模擬訓練? 非也, 其實那批遊戲機其實另有用途.

PS3 除了是一部電玩外, 其實它可以被視為一部電腦, XBox 360亦然. 當中, PS3 已可安裝 Linux 作業系統. 美軍所訂購既 PS3 正正是為了利用它們建立一部 “超級電腦”. 可能會有人懷疑為什麼用 PS3 而棄用一般電腦, 說穿了是因為錢作怪. PS3 既運算能力其實不底, 一部 1u 大細 2 粒 3.2Ghz CPU 伺服器大約 US$8K, 但擁有差不多 3.2Ghz CPU 既 PS3 卻是大約 US$300, 這樣成本便大大降低. 而且測試過 PS3 所用既 CPU 為一般 CPU 運算能力既 75%. 計算成本就明顯瞭解當中既意義.

當一般 netbook / Atom desktop 興起既時候, 唔知會唔會有人買一部 PS3 作為自己既 desktop 呢?

原文出處:
http://blogs.zdnet.com/storage/?p=721&tag=nl.e539

參考文章: URL [...]]]> 在基本篇介紹了怎樣安裝及增加基本設定, 在這一篇則介紹如果進一步使用 regular expression 去增加一些進階既設定. 因為 privoxy 本身依賴 regular expressions, 所以要參考 squidguard 方法, 到 URL Blacklist.com 下載分類網址, 其實主要使用其中幾個分類內的 expressions 檔 — ads, malware, 及 porn. 可因應需要更改, 注意以下設定與 URL Blacklist.com 所提供的有少少分別.

1. 在 default.action 中將 Generic block patterns by path 段落 comment 為失效, 只保留 phpads(new)
2. 加入下列各行:
   /(ads/|ad/|banner/|sponsor/|event.ng/|Advertisement/|advertisement/|adverts/)
   /(cgi-bin/nph-adclick\.exe|ads/media/images/|smartbanner/|\.com/ads/banners/|apfbanners/|Realmedia/ads/|realmedia/ads/|event\.ng/)
   /(pics/banner/|viewcgi?pool=|clicktrack|hittrack|images\.go2net\.com/go2net/ads/|\.com/banners/|\.com/httpads/|\.com/advertising/|ads/adview\.php\?)
   /^(ads\.|ad\.|adserver\.|k5ads\.)
   /[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+/search\?q=[0-9]
   /(adultos|adultsight|adultsite|adultsonly|adultweb|blow-job|bondage|centerfold|cumshot|cyberlust|cybercore|hardcore|incest|masturbat|obscene|pedophil|pedofil|playmate|pornstar|sexdream|showgirl|softcore|striptease|penis|vagina)
3. 重新啟動 privoxy 令新設定生效

參考文章:
URL Blacklist.com

安裝篇: (Windows)

Linux 平台方面, 因為要由 compile [...]]]> 近日對網絡安全既興趣越來越大, 所以都開始諗一諗點做. 近日發現到一個細小既 proxy server – privoxy, 佢既好處在於除了支援 linux 之外, 仲支援 windows 及其他平台. 有興趣就去 http://www.privoxy.org 研究一下. 佢本身除了係 proxy server 之外, 最緊要佢有 content filtering 既功能, 可以有效阻擋廣告及不良網站. 而且, 軟件作者都好好心機, 軟件完全零設定, 安裝完便可立即使用. 當然, 進一步既設定及優化軟件對安全性同防止誤報有幫助. 以下會用 windows 平台做示範, 各位有興趣都可以試一下或互相討論一下.

安裝篇: (Windows)

1. 到官方網址下載
2. 安裝軟件包
3. 最新版已經支援 windows 服務, 在安裝後到 C:\Program Files\Privoxy, 執行 privoxy –install 便可
4. 之後可以在服務中, 選擇自動啟動或者手動執行

Linux 平台方面, 因為要由 compile 講起, 所以有機會至再開文詳講.

基本設定篇:

1. 到 config.txt / config 修改 SSL by-pass, 基於安全考慮
   forward   :443   .
   *** 記往後面會有一點
2. 將香港政府既網址加入白名單, 開啟 default.action, 並到 Exceptions for academia and non-profits 段
   加入 .gov.hk

完成後重新啟動 privoxy, 新設定便會生效. 如果想進一步加強 privoxy 既 content filtering 功能, 請參考進階篇.