Archive December 2008

How-To: Windows Live Messenger and Webcam through OpenBSD and PF

December 31, 2008 in Computer, How-To, Security, Software, Unix, Windows

bsd1 Windows Live Messaging is cool! All the others just suck! – At least that’s what almost everyone I know tells me. I mean… it has nice features, but it uses such a complex protocol that I don’t even want to think about security.

During the Christmas time I visited my family and one evening I wanted to talk to a cousine using MSN and my Dell XPS M1530′s Webcam, but HELL this crappy SoHo router I was connecting through made it impossible to get a picture of her on my screen or to send her mine. Back home we wanted to try again… I know it worked before, but it wasn’t reliable. Sometimes it worked, sometimes not. Mhhh…. I set up my OpenBSD 4.2′s PF “firewall” about a year ago:

rdr on $ext_if proto tcp from any      to ($ext_if) port 5190 10.1.16.11
rdr on $ext_if proto tcp from any      to ($ext_if) port 1863 10.1.16.11
rdr on $ext_if proto tcp from any      to ($ext_if) port 6891:6901 10.1.16.11
rdr on $ext_if proto udp from any      to ($ext_if) port 5190 10.1.16.11
rdr on $ext_if proto udp from any      to ($ext_if) port 1863 10.1.16.11
rdr on $ext_if proto udp from any      to ($ext_if) port 6891:6901 10.1.16.11

Actually I thought that’s it (according to portforward.com), but it seems like it isn’t. I then googled around a bit… found a lot of outdated information and then came across a few newer posts which stated that UPNP is important for the full Live Messenger “experience”.

O.K. another short google: MiniUPNPd. Runs on most BSDs and even supports Linux’s iptables. So I downloaded and installed it according to the INSTALL file included in the tarball. In short, just do: make, make install, add rdr-anchor miniupnpd and anchor miniupnpd to your pf.conf, reload pf.conf, setup miniupnpd.conf or start with miniupnpd -i <yourextif> -a <yourinternalip>. That’s it.

To test if it’s working I found http://www.microsoft.com/windows/using/tools/igd/default.mspx (GRML! requires Windows, Internet Explorer and admin privileges) to be pretty useful. The UPNP test passed successfully. Aaaaand… et voilà she could see me and I could see her.

BUT the price of this is decreased security. Any crappy program could now modify my firewall ruleset!!! I am not going to write about UPNP security (just because I am not very familiarly with it), so if you’re curious read this post. But on the other hand, if you already have malware on your computer that wants to open ports in your firewall… you have other problems.

P.S. i know that’s the FreeBSD devil in the upper left, but I haven’t found anything better……..

Goodbye George

December 30, 2008 in Daily Life, Funny Stuff

Only three weeks left until Obama’s inauguration. It’s time for jokes

SILENCE! I KILL YOU!

December 30, 2008 in Funny Stuff

SIIIIIILENCE! I KILL YOU! I know it’s old and I’m pretty sure you’ve all already seen it, but I just watched Jeff Dunham’s Very Christmas Special and now feel like I should watch Achmed The Dead Terrorist again

Merry Christmas and Happy Holidays

December 24, 2008 in Daily Life

Christmas Tree 2008 I don’t know how many readers I have at the moment, but I just wanted to wish you all a merry christmas, happy holidays and – if I don’t find the time to blog betweeen christmas and new year – a happy new year!

I’ll be back from holidays on December 30th the earliest.

Happy unpacking

P.S. before you ask: Yes, that’s my christmas tree… hopefully santa brings me a better camera

Blogging about this blog – The Second: Added myself to Google & Co

December 15, 2008 in Daily Life

Gooood evening ladies and gentlemen. Just wanted to inform you that I’ve decided to make this blog public last weekend and added it to Google.
The old one (although it was pretty successful ya know) and this one have been private until now. They were never indexed nor were they added on any public searchengines.

Added to Google on Saturday there are now (Monday) at least eight different sites indexing me: Google, MSN, Yahoo, Moreoverbot, RSS-Suchmaschiene, BlogPulseLive, Bloggsi, Twingly and maybe others. Interesting!

Now I just have to get a better ranking. So link me, add me, track me, whatever… !!!

My new WebGallery & Lightroom Plugins

December 15, 2008 in Daily Life, Equipment, My Photos, Photography

Today I talked to a friend via MSN and wanted to show her some of the photos I captured on a Christmas party I was at yesterday.
I had to dig out the best shots and send them one by one over the MSN network. A couple of hours later I thought to myself: Well… if you would have already restored your WebGallery you could have just sent her a link to the photos :/ So I decided to restore my WebGallery. I just want to inform you that and how I did it with this post Read more…

How-To: Run Xen in Ubuntu Intrepid without compiling a Kernel by yourself

December 12, 2008 in Computer, How-To, Unix

Update2: Switch from Xen to KVM. How and why.

Update: Also read my Article about current Virtualization Techniques

I got some strange errors when I tried to run OpenSolaris on Hardy as a HVM domain. These errors were fixed in 3.3, but Ubuntu Hardy doesn’t have Xen 3.3 and there were no backports at that time (don’t know if there are ones now) so I upgraded to Ubuntu Intrepid an then noticed that Canonical has dropped Xen Dom0 support. Great! Why the heck did they drop Xen? Because KVM is cooler? Or because they didn’t want to blame themselves by releasing another totally buggy self-patched Dom0 kernel? I mean they didn’t even manage to provide a working one later on so the community had to…and thats a LTS release? WTF?

O.K. well… You want Xen 3.3 with it’s improvements? You don’t want to switch the distro? You don’t want to compile on your own? Here’s how I did it with Ubuntu Intrepid:
I used the Xen 3.3 Hypervisor and Utils coming with Intrepid and then stole a Dom0 kernel from Debian. Debian has linux-image-2.6.26-1-xen-amd64 and linux-modules-2.6.26-1-xen-amd64. I installed both packages and by now everything works great.

O.K. I called this post How-To so here comes how to install the Debian packages on Ubuntu. I will only show you how to install them by hand, you could also add the Debian repos to your sources.list and use pinning.

wget http://ftp.de.debian.org/debian/pool/main/l/linux-2.6/linux-modules-2.6.26-1-xen-amd64_2.6.26-10_amd64.deb
wget http://ftp.de.debian.org/debian/pool/main/l/linux-2.6/linux-image-2.6.26-1-xen-amd64_2.6.26-10_amd64.deb
sudo dpkg -i linux-modules-2.6.26-1-xen-amd64_2.6.26-10_amd64.deb
sudo dpkg -i linux-image-2.6.26-1-xen-amd64_2.6.26-10_amd64.deb
wget http://ftp.de.debian.org/debian/pool/main/l/linux-2.6/linux-modules-2.6.26-1-xen-amd64_2.6.26-12_amd64.deb
wget http://ftp.de.debian.org/debian/pool/main/l/linux-2.6/linux-image-2.6.26-1-xen-amd64_2.6.26-12_amd64.deb
sudo dpkg -i linux-modules-2.6.26-1-xen-amd64_2.6.26-12_amd64.deb
sudo dpkg -i linux-image-2.6.26-1-xen-amd64_2.6.26-12_amd64.deb

Or find the latest using these links: modules kernel
That’s it. There are no other depends. Just reboot. The new kernel should now be the default one. But keep in mind that this is just a workaround.

If I should ever reinstall this Xen-Server: I WILL NOT USE UBUNTU ANYMORE! All these annoying stupid errors… Maybe Debian or CentOS. I mean… I like Ubuntu, it’s a great beginner distro and even lets the nerds control everything they want, but what Canonical delivered the last few months just sucks. All these annoying bugs they added by patching arround: Non-working sound, A buggy KDE4. O.K. you could say that’s all desktop related stuff, but on my server for example I had some very strange XFS errors with the Ubuntu-Server kernel that just disappeared with the (also newer, maybe that’s the point) Debian kernel.