Category Archives: Nerd Stuff

Reminder – iPod Touch Giveaway

iPod-Touch-slim If you haven’t heard by now, TipsFor.us is giving away a brand new iPod Touch 8 GB.

There are multiple ways to enter the drawing, so be sure to take advantage of all of them in order to increase your chances of winning.

The contest ends on Sunday, July 12.

Good luck! The unopened iPod package has been sitting on my desk for over a week now. I’d love nothing more than to tear open the box and claim it for my own! Instead, I must continue to show great restraint and give it away to one of you lucky readers.

Don’t miss this opportunity to win this lovely gadget – the giveaway ends in one week!

TipsFor.us Giveaway – Win an iPod Touch 8 GB

Important: this contest is valid for USA residents only. Our apologies to our readers outside the US.

iPod Touch

TipsFor.us is giving away a brand new iPod Touch! It’s beautiful.

This lovely gadget has 8 GB of storage – enough for roughly 1,750 songs, 10,000 photos, or 10 hours of video. It has a glorious 3.5-inch widescreen multi-touch display with 480-by-320-pixel resolution.

The iPod Touch is far more than just a music player. You can view photos, watch movies and YouTube, surf the web, check e-mail, play games, browse the App Store, and even read Amazon Kindle books. See all features here.

Feeling adventurous? You can also install Skype/Fring on your new iPod Touch to make calls and send text messages.

Did we mention that it’s beautiful? Just look at it.

iPod Touch4

HOW TO ENTER

There are several ways to enter, but only one of them is required.

rss-button-smallAll you have to do to enter is subscribe to TipsFor.us, either via e-mail updates or through our RSS feed. We have just added a code word to the bottom of our articles. The code word is only visible in the e-mail or RSS feed, so you have to subscribe. If you don’t already use an RSS reader, we suggest Google Reader.

Once you see the code word – and you will see it, complete this short entry form, which includes a few questions about your technology interests. No personally identifying information will be shared with outside parties for any reason.

The entry form includes a place to enter the correct code word. Without it, your entry will be deleted. One lucky entrant will be chosen at random.

Earn Additional Entries

Not satisfied with just one entry? Good for you! Here are two additional opportunities to increase your chances of winning.

1. Join our Facebook fan page – Become a fan of TipsFor.us on Facebook and earn one additional entry. If you are already a fan, then your additional entry is already counted.

2. Blog it – Post an entry on your blog with a link to this promotion and earn one additional entry. We will count trackbacks/pingbacks as additional entries. If a trackback/pingback does not show up, simply leave a comment below with a link to your blog post.

Contest Rules

This contest is open until Sunday, July 12 at 11:59 PM. Winning entrant will be chosen at random. The winner will be notified by e-mail on Monday, July 13 and will have 48 hours to respond before a new winner is selected. Open to US residents only. This prize is not exchangeable for cash value.

Thanks for reading, and good luck!

Securing a Linux Server: SSH and Brute-Force Attacks

If you have a web server, then you are the target of many possible attacks. *ANY* port you have open on that server can be exploited, so you if you value your uptime and your data, you need to secure it. This article focuses on locking down your SSH configuration and user permissions.

If you’ve had your server online for a while without locking down your SSH configuration, have a look at this file: /var/log/secure and see if you’ve got a lot of connection attempts.

This is what a brute-force attack looks like:

[prompt]$ sudo less /var/log/secure
May 31 22:42:12 yourdomain sshd[25711]: Failed password for invalid user alberto from 190.2.35.25
port 32976 ssh2
May 31 22:42:12 yourdomain sshd[25712]: Connection closed by 190.2.35.25
May 31 22:46:11 yourdomain sshd[25714]: Connection closed by 190.2.35.25
May 31 22:56:46 yourdomain sshd[25717]: Invalid user neil from 190.2.35.25
May 31 22:57:10 yourdomain sshd[25717]: reverse mapping checking getaddrinfo for customer-static.someisp.com failed - POSSIBLE BREAK-IN ATTEMPT!

Using Geobytes (or a similar IP address locator), I can see that some hacker-bot in Argentina was guessing both usernames (e.g. alberto, neil) and passwords every few seconds. F*#K!!

The Solution

Here’s what the solution to this problem entails:

  1. Add users for each person accessing the server.
  2. Create a password for those users.
  3. Fly to Argentina and show Sancho I got something for his punk-ass. Just kidding… are you still paying attention?
  4. Add the necessary user(s) to the sudoers file. You don’t want anyone to have direct root access, so this file defines who gets sudo privileges.
  5. Create a public/private ssh key to use in logins.
  6. Install the public key(s) on the server. This will enable the server to recognize the owner of the private key (i.e. you).
  7. Turn off Password Authentication
  8. Disable Root Access

Creating an SSH Key on your Desktop Machine

Keys come in pairs: a public key and a private key. You’ll keep your private key on your machine (in a secure place), the public key you upload to the servers you want to connect to.

You can use different algorithms to generate the key; this shows you how to do it using the DSA algorithm, which is considered more secure (as of this writing).

Open your Terminal and type the following, then just press enter for the default file location. (OS X users can just open their Terminal. Windows users will have to use Cygwin or Putty).

* Do a man ssh-keygen on your machine to see if you require different options to create a dsa key.


[prompt]$ ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/Users/youruser/.ssh/id_dsa):

Type a passphrase (twice).


Enter passphrase (empty for no passphrase):
Enter same passphrase again:

And now you get something like this output:


Your identification has been saved in /Users/youruser/.ssh/test.
Your public key has been saved in /Users/youruser/.ssh/test.pub.
The key fingerprint is:
12:34:56:78:01:23:ab:a7:42:2b:46:5a:3f:fc:4c:ca youruser@ComputerName
The key's randomart image is:


+--[ DSA 1024]----+
| o o++o |
| o+ . oo.. |
|++.o .. |
|*o. + . . |
|+. . * S |
| E o . |
| |
| |
| |
+-----------------+

The ASCII art thing is a new feature, allowing folks to visually identify different keys.

For more information about SSH on OS X, please refer to Dave Dribin’s excellent blog:
ssh-agent on Mac OS X 10.5 (Leopard)

Back on your Web Server

Now that you’ve created your public and private key on your desktop machine, you need to head over to your web server and make some changes.

1. Log into your web server and create users

If you are still logging in as the root user, you need to create other users:

Create a user:
adduser your_username
Create a password for the user:
passwd your_username

Test logging in as this user now. From your desktop machine, try
ssh your_username@your_webserver.com

2. Give One User Sudo Privileges

Now that you have a user other than the root user, you should lock down the root user and push root privileges to the sudo command. The goal here will to disable root logins entirely.

You will need to switch to the root account to perform the following. You can either login as the root account from your desktop machine, or switch to the root account by using the Switch User command (su):
[prompt]$su - root

You grant sudo privileges to your users by editing the sudoers file… but you can’t simply edit that file. You must use the visudo command. This is a very special variant of the VI text editor which is designed for a single purpose: to edit the sudoers file. The security of your entire server can be compromised by this single file, so the visudo command ensures that any editing of this file never allows it to be in a state where its permissions could be compromised.

Other than that, the visudo program works like the VI program — it’s a text editor, but you should familiarize yourself with the editor before messing with your sudoers file.

WARNING: You can lockout ALL users from your machine if your fat fingers or VI ignorance corrupt this file!!! If you are at all unsure of your VI abilities, please review our article: VI Overview.

The goal in editing this file is the addition of a single line of text:
your_poweruser_name ALL=(ALL) ALL

There are a lot of other custom modifications you can make to this file to allow certain users access to individual functions, but that’s a more advanced topic.

Save the file, but DO NOT CLOSE THIS WINDOW. If you made a mistake, you need access to this file in order to fix it. I recommend leaving this window open until you’ve got EVERYTHING locked down and you’ve verified that it works.

Again, go back to your desktop machine and test that you can still login using a password. Once you’re in, try using the sudo command and make sure that you an use it to execute commands.

Add Your Public Key to the Web Server

In a new window, login to your web server from your desktop machine. You should still be prompted for your password.

See if you’ve already got a .ssh directory in your user’s home directory:
[prompt]$ ls -Gal

If you don’t have it, create it:
[prompt]$ mkdir .ssh

Now, move into that directory:
[prompt]$ cd .ssh

If you don’t already have a file named authorized_keys, you need to create it (again, you can use the VI text editor)

You need to paste your entire public key from your desktop machine into this file on the web server. IT MUST FIT ON ONE LINE. SSH expects each key to occupy a single line.

*In VI, you can hit ESC then type :set nu to see line numbers.

Once you’ve pasted in your key, save the file and adjust the permissions:

[prompt]$ chmod 644 ~/.ssh/authorized_keys
[prompt]$ chmod 755 ~/.ssh

Remember:
1. Each public key occupies ONE LINE in the authorized_keys file.
2. The authorized_keys file must be read-only for the group and others: 644.
3. The .ssh directory can’t be group writable: 755

Disable Password Logins

The goal here is to disallow random hackers guessing at passwords by disabling password logins entirely. Logins will be verified via keys, and we change how SSH behaves by editing the /etc/ssh/sshd_config file.

Make the following edits to the /etc/ssh/sshd_confg file e.g. by typing sudo vi /etc/ssh/sshd_config

Uncomment the PasswordAuthentication line to
PasswordAuthentication no

And change the line for PermitRootLogin to:
PermitRootLogin no

Then reload the conf:
[prompt]$ sudo /etc/init.d/sshd condrestart

WARNING: KEEP THAT WINDOW OPEN. Open a new window, then try to login as your user once again. You shouldn’t be prompted for your password… you should be prompted for your passphrase — this is the passphrase you created when you created your key.

Try switching to the root account after logging in:
[prompt]$ su - root

And finally, attempt to login as the root user from your desktop. It should fail.

Summary

Congratulations! If you’ve gotten this far, you’ve taken some big steps in securing your server.

Once you’ve verified that all of this stuff works, you can close the login windows. If something did not work, LEAVE THOSE WINDOWS OPEN and call a friend — find someone who knows Linux system administration to help you out. This is even more important if you don’t have physical access to your server.

Links

Here’s an article I referenced while writing this:
http://www.webmasterworld.com/linux/3285421.htm

Install Warcraft 3 on Ubuntu Linux – A Visual Guide

warcraft3-lichWarcraft 3 may be far from the hottest new game out there, but it’s still one of the most fun games I’ve ever played. And thanks to advancements in the WINE project, it’s also easy to install and run on the Linux operating system. Plus, it doesn’t require massive hardware just to run decently.

I remember trying to get my Warcraft 3 Battle Chest running in Linux a few years ago and ran into several problems. Now, it’s practically a point-and-click experience.

While these directions are specific to Ubuntu, most any other Linux variant should be similar. I tested these instructions on both Ubuntu 8.04 LTS and the current version 9.04. All the screenshots are from Ubuntu 9.04 Jaunty,

The main system specifications I used are quite modest ancient indeed, but Warcraft 3 ran fine anyway.

  • Processor – AMD Athlon XP 2400+ (2.0 GHz)
  • RAM – 1 GB PC2100 (266 MHz)
  • Video Card – Nvidia GeForce 7600 GS (512 MB)

1. Video Drivers

ubuntu-hardware-driversIt goes without saying that in order to play most video games, you need video acceleration. Fortunately, the last few releases of Ubuntu have all offered a convenient way to install proprietary video drivers.

To install most common video drivers, go to System → Administration → Hardware Drivers. You can see if you already have a proprietary video driver in use, or if there is one available to install.

Ubuntu found and installed a driver for my Nvidia card just fine. I don’t own any ATI video cards, so I cannot offer any help there. If you run into any trouble, take a look at the Ubuntu Guide.

To see if you have video acceleration enabled, fire up a Terminal and type:

glxinfo | grep direct

If the direct rendering response is Yes, then you’re in business.

2.  Install WINE

WINE is a translation layer with a somewhat-humorous full name of Wine Is Not (an) Emulator. No matter what you call it, WINE provides an easy way to run a growing number of Windows applications on Linux and other POSIX-compatible operating systems.

Installing WINE on Ubuntu is as simple as launching a Terminal and typing:

sudo apt-get install wine

synaptic-wineAlternatively, you can launch the Synaptic Package Manager (System → Administration) and search for wine. Just add a check next to the wine package, then click the Apply button to download and install.

Following these instructions will install the latest stable release of WINE. On Ubuntu 9.04, the current stable WINE release is version 1.01. To find out which version you have installed, launch a Terminal and type:

wine --version

I found that both version 1.0 and 1.0.1 worked well for running Warcraft 3. If you want to install a more-recent Beta version, follow the instructions on the WineHQ site.

wine-configuration-alsaOnce WINE is installed, go ahead and launch it (Applications → Wine → Configure Wine). The default settings should be fine, but I do suggest that you take a look at the Audio settings and ensure that a suitable sound driver is selected.

I suggest sticking with the ALSA driver by default. If the sound is garbled or doesn’t work well, try switching to the older OSS driver.

Click OK to save your settings. Now it’s time to install Warcraft 3.

3. Game Installation

This may come as a shock, but installing Warcraft 3 on Linux is practically no different from installing it on Windows. You will need a copy of the game and valid serial numbers. If you don’t have it, the Battle Chest is pretty cheap.

warcraft3-discPop in the CD for Reign of Chaos. You should see an icon for the disc load on your desktop. Double-click that disc icon to view the contents. Find the file called install.exe and open it. It should open automatically with WINE and start the installation process.

From there, install the game just as you would on a Windows system, including choosing an installation path of C:\Program File\Warcraft III. Yes, WINE handles that for you automatically.

warcraft3-install-directoryAllow the game to install as usual. If you have The Frozen Throne expansion pack, install it as well. Do not play the game yet!

Update Patch

Recent Warcraft 3 game updates have removed the requirement to run with the original disc in the drive. Therefore, unless you’re just a glutton for punishment, I suggest downloading and installing the latest game patch instead of hunting for a No-CD crack.

Here’s a direct link to the patch page. The current game update (as of this writing) is 1.23a. Once it downloads, just double-click to install. It should open with WINE and install just like on a Windows machine.

blizzard-updater

Note: once the Blizzard Updater finishes patching the game, it will try to launch Warcraft III automatically. If the game crashes or freezes, don’t worry. We’ll fix that in the post-installation below.

4. Post-Installation

On my system, the game froze upon first launch. The reason is that it tries (and fails) to play the opening cinematic video. We can easily work around this issue by renaming the Movies folder.

wine-browse-cGo to Applications → Wine → Browse C:\ Drive. Pretend that you’re on Windows now and continue to Program Files → Warcraft III. Rename the Movies folder to something else, such as _Movies.

As you might suspect, this is only a workaround and not a true fix. It prevents any in-game cinematic videos from playing, but does not affect game-play in any way. You can still watch those videos at any time by opening them in something like Totem or VLC.

Try launching the game now. You’ll find it under Applications → Wine → Warcraft III.

Visual Effects

Here’s another minor issue you might run into. When you launch the game, it runs fine, but you still see the horizontal Ubuntu panels across the top and bottom. Annoying, huh?

ubuntu-visual-effectsIt’s easy enough to fix. On my system, I found that they were caused by having some visual effects enabled in Ubuntu. As nice as the eye candy may be, try disabling it before launching Warcraft III.

Navigate to System → Preferences → Appearance and switch to the Visual Effects tab. Set the level to None. When you launch the game again, the panels should be gone.

Create Launcher

Now that the game is installed and working, let’s create a launcher for it.

Right-click on your desktop and Create Launcher. Here are some parameters:

  • Type – Application
  • Name – Whatever you want
  • Command – “/home/your-username/.wine/drive_c/Program Files/Warcraft III/Frozen Throne.exe”

The command is simply the full path to the Warcraft III executable file (in quotes). You can also add some options at the end of the command, after the quotes. For instance, you may get better performance by adding an opengl option, like this:

"/home/your-username/.wine/drive_c/Program Files/Warcraft III/Frozen Throne.exe" -opengl

You can stack the options. For instance, if you want to require opengl AND make the game run in its own window, try this:

"/home/habibbijan/.wine/drive_c/Program Files/Warcraft III/Frozen Throne.exe" -opengl -window

Icons

If you’re looking for a couple of good icons to use with your launcher, feast your eyes on these.

Warcraft 3 icons.zip

Game Screenshots

For your viewing pleasure, here’s are a few screenshots of Warcraft III running on Ubuntu. I ran the game in window mode instead of full-screen to prove that it does work on Linux. Yeah, I enjoy Skibi’s Castle a lot.

Image 1:

Image 2:

Image 3:

Image 4:

Image 5:

Have fun! If you have any additional tips for running Warcraft III on Linux, let us know in the comments.

Weekend Fun – Drive Yourself Crazy Playing Red Square

Looking to kill a few minutes of time at the end of the workday while still appearing busy? Try the maddeningly frustrating yet addictive game called Red Square.

Red Square – mikemiller.net

Red Square - NormalAs it game, it doesn’t get much simpler than this. All you do is click a red square once and hang on for dear life! That’s right, it’s a bit like bull riding.

Once you click the red square, the blue shapes will start moving automatically around the screen. The object of the game is to avoid conflict – if the red square runs into the wall or a blue shape, the game ends.

The first time you play, I bet you don’t even last one second (no sexual innuendo intended).

After three or four games, you’ll start getting the hang of it, but then you’ll notice that as the seconds tick by, the blue shapes start moving faster and faster. If you manage to make it past twelve seconds, it becomes a game of sheer adrenaline as you desperately try to keep the red square out of harm’s way.

A Few Tips on Increasing Your Score

First of all, avoid all sharp, jerky movements. Those only end in trouble. Keep the mouse movement slow and steady. Next, sit as far back from your monitor as you can. I found that the farther away I got, the easier it became to keep track of all the blue shapes.

Most importantly, don’t focus on the red square! Try not to even look at the square if you can. Instead, you should focus on the movements of the blue blocks. Look for the patterns that they create as they bounce off the walls to get an idea of where they will head next. Keep an eye on the wide rectangle especially – it covers a lot of area as it sweeps across the screen. I found that if I kept at least half my focus on the wide rectangle, avoiding the other blocks was easier.

Red Square - 19508Finally, I suggest that you keep the red square moving at all times. My first plan of action was to find sanctuary zones and keep the block still, but that didn’t last long. When I tried to keep the square moving in a kind of dance around the trajectories of the blue blocks, my “alive time” improved tremendously.

Here’s my personal best time so far: 19.508 seconds. What’s your best record? Let us know in the comments!

Get Paragon Drive Backup Personal for Free (Giveaway of the Day)

Paragon Drive Backup Icon If you’ve tried the free Express version of Paragon Drive Backup (see our visual guide), how would you like to get your hot little hands on its commercial sibling – the Personal edition?

For a very limited time, you can grab a free copy of Drive Backup 9 Personal (normally $40) for FREE.

Paragon Drive Backup 9 Personal – Giveaway of the Day

Act fast if you want it since this offer is only available for a total of 24 hours.

Free alternatives

Did you miss this deal? No sweat, there are other free options for hard disk backup and restoration available.

Option 1 – Drive Backup Express (tutorial – same software, fewer bells and whistles)

Option 2 – Macrium Reflect Free Edition (tutorial)

Option 3 – Driveimage XML (tutorial)

Option 4 – ntfsclone (tutorial)

Good luck!