Accessing Samba shares from Windows 7 client.

I was getting the following messages in my samba logs when I would try to access a samba 3.0.33 share on CentOS 5.4 from a Windows 7 Enterprise client:

[2010/03/04 14:07:12, 0] lib/util_sock.c:read_data(534)
read_data: read failure for 4 bytes to client 172.18.31.155. Error = Connection reset by peer

I tried adding the following to my /etc/samba/smb.conf global configuration, but it did not seem to work.

client ntlmv2 auth = yes

I got the same kind of messages.

I ended up having to change the Windows 7 local security policy by modifying the “LAN Manager authentication level”, the “Minimum session security for NTLM SSP based (including secure RPC) clients”, and the “Minimum session security for NTLM SSP based (including secure RPC) servers” policies.

I used the following procedure:

Control Panel -> System and Security -> Administrative Tools -> Local Security Policy

From the Local Security Policy, I went into “Security Options” and then looked under the “Network security” policies.

From here, I set the new policies.

Network security: LAN Manager authentication level
Send LM & NTML responses

Network security: Minimum session security for NTLM SSP based (including secure RPC) clients
Uncheck “Require 128-bit encryption.”

Network security: Minimum session security for NTLM SSP based (including secure RPC) servers
Uncheck “Require 128-bit encryption.”

I am hoping to figure out the issue with samba not accepting ntlmv2 authentication, so I can set the client policies back to the default.

Update AIDE (Advanced Intrusion Detection Environment) configuration.

To update an AIDE database:

To check the filesystem against the current AIDE database:
aide –check

Modify the /etc/aide.conf configuration file with any changes.

Put new AIDE database into use:
cd /var/lib/aide
cp -p aide.db.new.gz aide.db.gz

Run check again to see if changes provide the expected result.
aide –check

Install 64 bit java plugin in linux.

I used this method for installing the latest java plugin on a CentOS 5.4 system.

Download latest java (jre-6u18-linux-x64.bin) from java.com.
I installed all my java versions in /usr/java. This is where I save the bin file downloaded.
cd /usr/java
chmod 744 jre-6u18-linux-x64.bin
To install java:
./jre-6u18-linux-x64.bin

To install the plugin into your latest version of firefox:
cd /usr/lib64/firefox-3.0.16.
mkdir plugins #I had to create this directory.
ln -s /usr/java/jre1.6.0_18/lib/amd64/libnpjp2.so

Restart firefox.

Manually import RedHat public keys.

To install the public release key:

rpm –import /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release

This allows you to install from the local source. For me, I had copied all the packages from the RHEL5 CDs to a directory to use “yum localinstall.” Importing the key as outlined above enabled me to install the packages without getting the following error:

warning: rpmts_HdrFromFdno: Header V3 DSA signature: NOKEY, key ID 37017186

Accessing linux virtual terminal in VMWare.

If you have linux running in VMware Workstation and want to access one of the virtual terminals, you need to hit CTRL-ALT-SPACE and then let go of the SPACE (while continuing to hold the CTRL-ATL) and hit the virtual terminal you want to access (one of the function keys (F1-F12).

Using xinetd directives to manage two instances of the same service on different interfaces.

I used the following configuration to use different xinetd directives for a service depending on which interface the connection was initiated on. In the following example, my LAN interface has IP address 192.168.0.1, and my Internet interface has IP address 10.10.10.10. I used procedures very similar to these to configure to use two different sets of directives for an SMTP server on a system running RHEL5.

The first thing I did was create a new entry in the /etc/services file. I will use telnet as an example.

vi /etc/services

telnetnew 23/tcp

Create new service configuation file:

vi /etc/xinetd.d/telnetnew

service telnetnew
{
disable = no
flags = REUSE
wait = no
user = root
server = /usr/sbin/in.telnetd
socket_type = stream
protocol = tcp
log_on_failure += USERID
log_on_success += USERID
only_from = 192.168.0.0/24
instances = 100
bind = 192.168.0.1
}

Modify the existing /etc/xinetd.d/telnet configuration file with new directives:

vi /etc/xinetd.d/telnet

no_access = 192.168.0.0/24
instances = 1
bind = 10.10.10.10

Create the new service and enable it:

chkconfig –add telnetnew
chkconfig telnetnew on

Reload xinetd to implement the new configuration and the start the new service.

service xinetd reload

This configuration will enable only one telnet connection from the Internet and 100 from the LAN segment. I used this type of configuration for an SMTP server to reduced the number of connections from the Internet.

How to hard reset a Blackberry Curve 8320.

Options
Security Options
General Settings
Press the menu button.
Select Wipe Handheld.
You will prompted to enter “blackberry” to confirm.

How to unlock a Blackberry Curve 8320

Once you have obtained an unlock code from your carrier or other means, do the following:

Options
Advanced Options
Sim Card
Enter MEPD
Note: You will see nothing change on the screen.
Enter MEP2
Note: You will see nothing on the screen, until you hit the Enter key.
Enter the code you obtained.

At the top of the screen, you should see “SIM Card Security Disabled.”

Snow Leopard remove toolbar icon.

To remove an icon from toolbar (top of the screen) hold down the “command” button and drag the icon to the Trash.

Compile Thunderbird 3.0 on CentOS 5.4 (64 bit) With Enigmail 1.0.0.

I used the following procedures to install Thunderbird 3.0 with the Enigmail add-on to send encrypted email. I found myself needing to do this when I upgraded Thunderbird via yum from the CentOS repository. Instead of going back to the older version, I decided move ahead since I had also had trouble with the 64 bit version of Thunderbird when using the Enigmail add-on. Also, I liked the changes made from Thunderbird 2.0 to 3.0 that I saw in Fedora. Note: I found that I needed to remove the old Enigmail add-on before upgrading. Then after following the steps below, I installed the latest Enigmail add-on.

# yum –disablerepo=rpmforge install cvs zip gcc-c++ glib2-devel gtk2-devel fontconfig-devel libnotify-devel libIDL-devel alsa-lib-devel libXt-devel freetype-devel pkgconfig dbus-glib-devel curl-devel autoconf213 xorg-x11-proto-devel libX11-devel libXau-devel libXext-devel

The following was installed from the rpmforge repository.
# yum install mercurial
# cd /usr/local/src
# wget ftp://ftp.mozilla.org/pub/mozilla.org/thunderbird/releases/3.0/source/thunderbird-3.0.source.tar.bz2

# tar -xjvf thunderbird-3.0rc2.source.tar.bz2
# cd comm-1.9.1/
# vi .mozconfig

ac_add_options –prefix=/usr/local/thunderbird
ac_add_options –disable-tests
ac_add_options –disable-debug
ac_add_options –enable-crypto
ac_add_options –enable-optimize
ac_add_options –enable-static
ac_add_options –enable-static-mail
ac_add_options –enable-application=mail
mk_add_options MOZ_CO_PROJECT=mail

# make -f client.mk configure
# make -C mozilla tier_base
# make -C mozilla tier_nspr
# make -C mozilla tier_js
# make export
# make -C mozilla/modules/libreg
# make -C mozilla/xpcom/string
# make -C mozilla/xpcom
# make -C mozilla/xpcom/obsolete
# cd mailnews/extensions/
# wget http://www.mozilla-enigmail.org/download/source/enigmail-1.0.0.tar.gz
# tar -zxvf enigmail-1.0.0.tar.gz
# cd enigmail/
# ./makemake -r
# make
# cd /usr/local/src/comm-1.9.1
# make -f client.mk build
# gmake install

Return top

INFORMATION