Posts Tagged ‘non’

The American Dream Film – How American Economy works

Thursday, March 7th, 2013

money-as-debt-iii-american-dream-and-how-economy-works-american-way

All of us Americans strive for the American Dream,and this film shows you why your dream is getting farther and farther away.

Do you know how your money is created?

Or how banking works?

Why did housing prices skyrocket and then plunge?Do you really know what the Federal Reserve System is and how it affects you every single day?

The movie is pretty much similar in spirit to Money as Debt and to American Debt Explained for Dummies. Just like every movie there is a high element of manipulation in the movie. But anyways the general things explained are sadly very true. The trend of Borrowing to generate new money was embraced by Western European civilization and now is slowly starting to be adopted by Eastern Civilization and Ex-communist countries and newest members of EU like Bulgaria, Romania etc. A whole bunch of nations are pursueing after the "American Dream", non realizing they're destroying there national country and sovereignty and selling their citizens to Private Banking self-issuing structures like America's Federal Reserve. By taking the loans, in case of dying or unabling to pay the loan this loan is transferred to relatives and by taking loans those who do so leave a bad heritage to future generations. Hopefully those watching this little video will take moral and keep their ass away from credits. Enjoy 🙂


 

The American Dream Film-Full Length

How to harden Linux Security and imprpove network efficiency on Kernel sysctl Level to Stop SYN flood

Friday, July 8th, 2011

Power up Linux and protect against DDoS with sysctl var optimization

Some long time ago I’ve written an article Optimizing Linux tcp/ip networking

In the article I’ve examined a number of Linux kernel sysctl variables, which significantly improve the way TCP/IP networking is handled by a non router Linux based servers.

As the time progresses I’ve been continuing to read materials on blogs and internet sites on various tips and anti Denial of Service rules which one could apply on newly installed hosting (Apache/MySql/Qmail/Proxy) server to improve webserver responce times and tighten the overall security level.

In my quest for sysctl 😉 I found a few more handy sysctl variables apart from the old ones I incorporate on every Linux server I adminstrate.
The sysctl variables improves the overall network handling efficiency and protects about common SYN/ACK Denial of service attacks.

Here are the extra sysctl variables I started incorporating just recently:

############ IPv4 Sysctl Settings ################
#Enable ExecShield protection (randomize virtual assigned space to protect against many exploits)
kernel.randomize_va_space = 1
#Increase the number of PIDs processes could assign this is very needed especially on more powerful servers
kernel.pid_max = 65536
# Prevent against the common 'syn flood attack'
net.ipv4.tcp_syncookies = 1
# Controls the use of TCP syncookies two is generally a better idea, though you might experiment
#net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_synack_retries = 2
##################################################
#
############## IPv6 Sysctl Settings ################
# Number of Router Solicitations to send until assuming no routers are present.
net.ipv6.conf.default.router_solicitations = 0
# Accept Router Preference in RA? Again not necessery if the server is not a router
net.ipv6.conf.default.accept_ra_rtr_pref = 0
# Learn Prefix Information in Router Advertisement (Unnecessery) for non-routers
net.ipv6.conf.default.accept_ra_pinfo = 0
# disable accept of hop limit settings from other routers (could be used for DoS)
net.ipv6.conf.default.accept_ra_defrtr = 0
# disable ipv6 global unicasts server assignments
net.ipv6.conf.default.autoconf = 0
# neighbor solicitations to send out per address (better if disabled)
net.ipv6.conf.default.dad_transmits = 0
# disable assigning more than 1 address per network interface
net.ipv6.conf.default.max_addresses = 1
#####################################################

 

To use this settings paste the above sysctl variables in /etc/sysctl.conf and ask sysctl command to read and apply the newly added conf settings:

server:~# sysctl -p
...

Hopefully you should not get errors while applying the sysctl settings, if you get some errors, it’s possible some of the variable is differently named (depending on the Linux kernel version) or the Linux distribution on which sysctl’s are implemented.

For some convenience I’ve created unified sysctl variables /etc/sysct.conf containing the newly variables I started implementing to servers with the ones I already exlpained in my previous post Optimizing Linux TCP/IP Networking

Here is the optimized / hardened sysctl.conf file for download

I use this exact sysctl.conf these days on both Linux hosting / VPS / Mail servers etc. as well as on my personal notebook 😉

Here is also the the complete content of above’s sysctl.conf file, just in case if somebody wants to directly copy/paste it in his /etc/sysctl.conf

# Sysctl kernel variables to improve network performance and protect against common Denial of Service attacks
# It's possible that not all of the variables are working on all Linux distributions, test to make sure
# Some of the variables might need a slight modification to match server hardware, however in most cases it should be fine
# variables list compiled by hip0
### https://www.pc-freak.net
#### date 08.07.2011
############ IPv4 Sysctl Kernel Settings ################
net.ipv4.ip_forward = 0
# ( Turn off IP Forwarding )
net.ipv4.conf.default.rp_filter = 1
# ( Control Source route verification )
net.ipv4.conf.default.accept_redirects = 0
# ( Disable ICMP redirects )
net.ipv4.conf.all.accept_redirects = 0
# ( same as above )
net.ipv4.conf.default.accept_source_route = 0
# ( Disable IP source routing )
net.ipv4.conf.all.accept_source_route = 0
# ( - || - )net.ipv4.tcp_fin_timeout = 40
# ( Decrease FIN timeout ) - Useful on busy/high load server
net.ipv4.tcp_keepalive_time = 4000
# ( keepalive tcp timeout )
net.core.rmem_default = 786426
# Receive memory stack size ( a good idea to increase it if your server receives big files )
##net.ipv4.tcp_rmem = "4096 87380 4194304"
net.core.wmem_default = 8388608
#( Reserved Memory per connection )
net.core.wmem_max = 8388608
net.core.optmem_max = 40960
# ( maximum amount of option memory buffers )
# tcp reordering, increase max buckets, increase the amount of backlost
net.ipv4.tcp_max_tw_buckets = 360000
net.ipv4.tcp_reordering = 5
##net.core.hot_list_length = 256
net.core.netdev_max_backlog = 1024
#Enable ExecShield protection (randomize virtual assigned space to protect against many exploits)
kernel.randomize_va_space = 1
#Increase the number of PIDs processes could assign this is very needed especially on more powerful servers
kernel.pid_max = 65536
# Prevent against the common 'syn flood attack'net.ipv4.tcp_syncookies = 1
# Controls the use of TCP syncookies two is generally a better idea, though you might experiment
#net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_synack_retries = 2
###################################################
############## IPv6 Sysctl Settings ################
# Number of Router Solicitations to send until assuming no routers are present.
net.ipv6.conf.default.router_solicitations = 0
# Accept Router Preference in RA? Again not necessery if the server is not a router
net.ipv6.conf.default.accept_ra_rtr_pref = 0
# Learn Prefix Information in Router Advertisement (Unnecessery) for non-routersnet.
ipv6.conf.default.accept_ra_pinfo = 0
# disable accept of hop limit settings from other routers (could be used for DoS)
net.ipv6.conf.default.accept_ra_defrtr = 0
# disable ipv6 global unicasts server assignmentsnet.
ipv6.conf.default.autoconf = 0
# neighbor solicitations to send out per address (better if disabled)
net.ipv6.conf.default.dad_transmits = 0
# disable assigning more than 1 address per network interfacenet.
ipv6.conf.default.max_addresses = 1
#####################################################
# Reboot if kernel panic
kernel.panic = 20

These sysctl settings will tweaken the Linux kernel default network settings performance and you will notice the improvements in website responsiveness immediately in some cases implementing this kernel level goodies will make the server perform better and the system load might decrease even 😉

This optimizations on a kernel level are not only handy for servers, their implementation on Linux Desktop should also have a positive influence on the way the network behaves and could improve significantly the responce times of opening pages in Firefox/Opera/Epiphany Torrent downloads etc.

Hope this kernel tweakenings are helpful to someone.
Cheers 😉

Why I never liked Mandrake Linux / Mankdrake Linux has took its name from an 1930s comics Mandrake the Magician

Wednesday, May 9th, 2012

I never liked Mandrake Linux, since day 1 I saw it.
Historically Mandrake Linux was one of the best Linux distributions available for free download in the "Linux scene" some 10 to 12 years ago.

Mandrake was simple gui oriented and trendy. It also one the Linux distribution with the most simplified installer program and generally a lot of GUI software for easy configuration and use by the end user.

Though it's outside nice look, still for me it was like an "intuition" that Mandrake is not so good as it appeared.

Now many years later I found by chance that Mandrake has been sued to change their Operating System name with another, due to a law suit requit by the copyright holders of Mandrake The Magician comics. "Mandrake the Magician" used to be a very popular before the Second World war in the 1930's.

Mandrake the Magician Comics Magazine from 1930's Cover, Mandrake the Black Magic Magician

It obviously not a co-incidence that the Mandrake names was after this comics and not the mandrake herb plants available in Europe, Africa and Asia. This is clear in Mandrake Linux distro earlier mascot, you see below:

Mandrake Linux old distribution logo, magician penguin

Later on they changed Mandrake's logo to loose the connection with Mandrake The Magician and used another new crafted logo:

Mandrake GNU Linux newer logo
Its quite stunning nowdays magician obsession, has so heavily infiltrated our lives that even something like a Free Softwre Linux distribution might have some kind of reference to magician and occult stuff (I saw this from the position of being Christian) …

Later due to the name copyright infringement Mandrake Linux was renamed first to Mandragora Linux.
Instead of putting some nice name non related to occultism or magic stuff the French commercian company behind Mandrake rename it to another non-Christian name Mandragora.
Interestingly the newer name Mandragora as one can read in wikipedia means:
 

Mandragora (demon), in occultism

Well apparently, someone from the head developers of this Linux distribution has a severe obsession with magic and occultism.

Later MandrakeSoft (The French Company behind Mandrake Linux) renamed finally the distribution to Mandriva under the influence of the merger of Mandrake with the Brazillian company Connectiva this put also an over to the legal dispute copyright infringement dispute with Hearst Corporation (owning the rights of Mandrake the Magician).

Having in mind all fact on current Mandriva "dark names history", I think it is better we Christians avoid it …

How to test if USB Camera is working with Cheese on GNU / Linux

Friday, December 23rd, 2011

I just bought an USB Camera (my notebook doesn't include an embedded camera). The camera is some infamous brand chineese name Eilondo
and on the camera all that is written is SUPER USB2.0 1.3 mega pixel

I bought exactly this camera because I was said by the shop reseller that the camera works without any driver installations on Windows XP and Windows Vista

On my Debian Squeeze GNU / Linux it was detected in dmesg without any troubles, here is how the camera got detected in my kernel log :

debian:~# dmesg |tail -n 10
[25385.734932] usb 2-1: USB disconnect, address 4
[25388.905049] usb 2-1: new high speed USB device using ehci_hcd and address 5
[25389.050753] usb 2-1: New USB device found, idVendor=1e4e, idProduct=0102
[25389.050757] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=0
[25389.050760] usb 2-1: Product: USB2.0 Camera
[25389.050762] usb 2-1: Manufacturer: Etron Technology, Inc.
[25389.050936] usb 2-1: configuration #1 chosen from 1 choice
[25389.056056] uvcvideo: Found UVC 1.00 device USB2.0 Camera (1e4e:0102)
[25389.058242] uvcvideo: UVC non compliance - GET_DEF(PROBE) not supported. Enabling workaround.
[25389.059113] input: USB2.0 Camera as /devices/pci0000:00/0000:00:1d.7/usb2/2-1/2-1:1.0/input/input26

I was troubled by the message uvcvideo: UVC non compliance – GET_DEF(PROBE) not supported. Enabling workaround. , and hence looked for an application to test if the camera can recored properly.

While checking in packages available in Software Center , I found a plenty of programs under the search keyword Camera
I however decided to test it using just one application Cheese A tool to take pictures and videos from your webcam which I've seen to be quite popular among Liunx users.
Cheese is part of GNOME Desktop, so that was another reason I decided to give it a try. I was pleasently surprised about how good these tiny but functional proggie is.

To run Cheese in GNOME I nagivated to the menus:

Applications -> Sound & Video -> Cheese Webcam Booth

Just in case if Cheese is not installed, installing it with apt:

debian:~# apt-get install cheese

Cheese has capabilities to take pictures, a consequential photos take up, as well as create Video movies.

Cheese take camera testing tool Debian GNU Linux

The program has support to apply 12 Effects / (Masks) to add some fun to the pictures or video snapshots.

Test Video Camera on Debian Linux Cheese Effects

Probably the best thing about Cheese is its simplistic interface, which for me personally is a main criterion to evaluate a program quality ;).

Pingus – A Lemmings like arcade game for GNU / Linux and FreeBSD (Free Lemmings Clone)

Monday, January 2nd, 2012

Some might remember Psychosis Lemmings that we used to enjoy back in the glorious days of DOS 😉 I remember Lemmings used to be among the played game in one line with other top arcades like Dangerous Dave, Commander Keen, Xenon etc.
The game used to be quite unique for the time and it was quite cool that it worked on quite old machines lime my old 8086 XT with 640kb of memory. It even supported two player mode! 😉

Lemmings arcade screenshot

I was happy to find out actually Lemmings remake is available in the Free Software OS realm . These Lemmings clone game is called Pingus
Instead of governing a group of lemmings which had to move to an exit door by making a save path using various tools and combination of team member character skills, the main heroes in Pingus are cute little penguins 😉

Screenshot Pingus, Lemmings game clone for Linux and FreeBSD

Pingus is built on TOP of SDL libraries and has a combination of awesome graphics and enjoyable music soundtrack and as a game play is a way better than its original predecessor.
If i have to to rank this game I would put it among the best 20 free software games ever produced for Linux / BSD.

ScreenShot Pingus on Debian Linux

pingus is available for almost all kind of Linux distritubions as well as is included in the FreeBSD port tree:

On Debian its available as a package ready to be installed with aptitude or apt by issuing:

debian:~# aptitude install pingus

For FreeBSD pingus is installed via ports tree, by running cmds:

freebsd# cd /usr/ports/games/pingus
freebsd# make install && make install clean

By default pingus will run in a Windowed mode, to run the game in fullscreen you will have to run it with the -f switch via terminal, or by pressing ALT+F2 in GNOME and typing:

$ pingus -f

The game is quite hard to complete in that resembling the lemmings. It has an embedded Mapeditor , by which new levels can be easily constructed and sent to the game developers (in that way helping the game development).

Pingus is also multi-platform, licensed under GPL2 and is also ported for Mac OSX and MS Windows, allowing others non free software users enjoy.
Pingus Windows and MacOS X binary as well as source can be downloaded here

Pingus Lemmings like Free Software Game for Linux BSD level screenshot

Playing Pingus has few benefits, one is it can be nice to kill some boredom (for sysadmins) or / and bring some good past gaming memories. It's also good for developing some elder people strategic thinking as well as very suitable for little children to help develop their intellectual (thinking) in solving complex consequential tasks. Pingus could also be beneficial for teens to develop organizational and math skills.

Cleaning Packard Bell Hera GL laptop running Windows XP from Viruses and Spyware (Viruses / Spyware which can make CD drive and Wireless seem unworking)

Tuesday, December 13th, 2011

Packard Bell Hera GL Fixing Broken RaLink Wireless

Yesterday, one (girl)friend of mine brought me one Packard Bell notebook, which had a 2 years old Windows installed on it.
As one can imagine Windows XP on it is full of Spyware and Viruses. Besides the software problems the notebook had some hardware problems with the CD / DVD which is not reading CD / DVDs at all.

Initially I thought, the CD unable to read problems are caused by the infected Windows, however even restarting the PC with a bootable Hirens BootCD and a Whoppix liveCD and trying to boot from it failed this convinced me its a CD / DVD combo drive hardware failure.

By the way, I’ve just recently found out about Nixory – Is a nice Free Software Open Source AntiSpyware tool for Firefox, IE and Chrome.

Nixory Windows XP Screenshot

I hope it will get a sharp development and soon, when some friend asks me to fix his stupid non free-Windows PC, I would not have to use a trial version of Malware Bytes but directly use only Nixory

Anyways after using Nixory, MalwareBytes and Avira and thoroughfully scanned the system in Safe Mode and found and deleted some 15 Spyware / Viruses and tampered a bit with the Wireless Driver settings all the notebook devices started working fine again.

The wireless had also one really odd problem on this Packard BellHera GL, even though the notebook wireless antenna was capable of detecting all the wireless networks it couldn’t properly connect to any of it but failed to get proper IP addresses.
Partially the unable to grab an IP via wireless router dhcp server got fixed by using the Wireless restart Button (located on the Notebook corpus).
However even after cleaning up the Virus and Spyware the Wireless Networks connectivity problems on this Packard Bell continued, until I changed also few settings in the Control PanelI never thought Viruses / Spyware infected can have some bad impact on Wireless Card and CD drive make them unsusable though they showed like working correctly in Windows Control Panel -> System ??

In the meantime I reinstalled the Wireless Driver for the notebook, the Wireless card on the notebook was showing up itself under the name of Ralink 802.11n Wireless Lan Card in Windows Device Manager

After re-installing the wireless driver I had to also change few settings for the Wireless Network Connection using the menus Properties -> Configure -> Extended; therein everywhere for each Value I make it be Enable and for Power Saving Mode , I’ve choose the Value option of CAM

After a system reboot, everything started working finally fine. One last thing to add is that before I fixed the Ralink wireless to work under Windows, I tried to use a Bootable Linux LiveCD but even there the wireless was failing to connect to the wireless networks (maybe this shit wireless device has some issues with its Linux drivers).