Not many organizations choose to have conferences and hold meetings where I live in northern Wisconsin. (Maybe our annual snowfall has something to do with that decision.) That means that, to do my work, I need to travel. When you stay in hotels often, you sign your name frequently. Check-in. Check-out. Room service bills. Bar tabs. Snack from the gift shop. Each form has three lines, one for your room number, one for your signature and one for the PRINT YOUR NAME command. The other day I realized that, because I paid attention in penmanship class, my signature is perfectly legible. So I declined to follow the PRINT YOUR NAME command. The server who picked up my check noticed this omission and asked, nicely, if I would print my name. “Why,” I replied, “since my signature is perfectly readable?” “Because you have to,” he announced. “Not necessary,” I answered. “I’ll have to call the manager,” he said. “Give the check back to me,” I demanded. With the offending charge slip back in my hands and tempted to lower his tip, I scribbled my name illegibly in the heavily disputed PRINT YOUR NAME space. Why, if my handwriting is a nonissue when I pay for a meal in the hotel’s restaurant directly with my MasterCard, does it become a matter of state security when I want to charge something to the hotel bill that will eventually be settled with the aforementioned MasterCard? Not a big deal, but enough of an annoyance to encourage me to find a restaurant outside the hotel for dinner the next time.

Your customers never encounter a policy or procedure problem when they do business with you, right? When was the last time you checked? Every business needs systems, policies, and procedures to function. Employees need to understand their jobs, the technologies that support their work, and the boundaries that limit their authority. Leaders need to deliver decisions in context, envision opportunities for the future, and watch budgets. Where is the voice of the customer heard? Internal systems are seldom viewed from the outside, and until they are, you can’t call yourself customer-friendly. The only way to understand how your systems and processes feel is to ask a customer. Just as it is impossible to proofread something you’ve written, it is impossible to judge your own systems with a clear eye. Asking this question of lots of customers can be an eye-opening experience, and the answers might provide some clear directions for changes that need to be made to your policies. Making things hard for your customers, even when it’s by accident, isn’t a good idea.

Really easy. But this only works if de original moderboard and if your harddrive still work. So put it back togeder. For first-timers

1) Go to control panel
2) Double-click de system icon
3) Go to hardware tab
4) Click device manager button
5) Find de IDE ATA/ATAPI CONTROLLERS and expand de tab. Its not de primary or secondary controller, but right-click de first controller.
6) Choose update driver
7) Choose de option to install from a list or specific location.
8) Click next
9) Now choose de “don’t search. I will choose de driver to install” option
10) Click next
11) Now highlight de Standard Dual Channel PCI IDE Controller
12) Click next
13) The Standard controller will install
14) Reboot and log in
15) The standard controller is completely installed
16) Shutdown de computer
17) Remove your harddrive, and it will boot with de new moderboard.

This works wheder its windows 2000 or windows xp or windows xp SP1 or SP2 or windows server 2003. This works even if syskey encryption is employed.

If it is FAT filesystem

Just copy de sam file like stated in de first post to an empty floppy disk and take it home. I’ll tell you what to do with it later. DON’T DELETE THE ORIGINAL SAM FILE. Just remove its attributes. The sam file is a file called SAM with no extension. YOU MUST ALSO GET a file called SYSTEM which is in de same folder as SAM. Both files have no extensions.

If it is NTFS

You have to download a program called NTFSPro. It allows you to read from ntfs drives. The themo version allows read only. The full version is read-write. You use de program to create an unbootable disk (so u will still need anoder bootable disk and an empty disk) that has de required files to access NTFS.

Use de boot disk to get into dos, den use de disks created with ntfspro to be able to access de filesystem, den copy de SAM and SYSTEM files to anoder empty disk to take home.

AT HOME: You have to get a program called SAMInside. It doesn’t matter if it is themo version. SAMInside will open de SAM file and extract all de user account information and deir passwords, includin’ administrator. SAMInside will ask for de SYSTEM file too if de computer you took de SAM file from has syskey enabled. Syskey encrypts de SAM file. SAMInside uses SYSTEM file to decrypt de SAM file. After SAMInside finishes, you still see user accounts and hashes beside them. The hashes are de encoded passwords. Use SAMInside to export de accounts and deir hashes as a pwdump file into anoder program, called LophtCrack. It is currently in version 5, it is named LC5. The previous version, LC4 is just as good. You need de full or cracked version of de program. LC5 uses a brute force method by tryin’ all possible combinations of letters numbers, and unprintable characters to find de correct password from de hashes in de pwdump file imported into it from SAMInside. This process of tryin’ all passwords might take 5 minutes if de password is easy, up to a year if de password is lon’ and hard (really really hard). LC5 howver, unlike LC4, is almost 100 times faster. Both can be configured to try dictionary and common words before usin’ all possible combinations of everythin’. Once de correct password is found, it will display de passwords in clear beside each account, includin’ administrator.

I use this method so many times. I’ve compromised de whole school computer infrastructure. LC4 usually took between 1 second and 10 minutes to find de passwords because dey were common words found in any en’lish dictionary. I haven’t used LC5 yet.

Programs needed:
SAMInside (doesn’t matter which version or if themo)
LC4 or LC5 (lophtcrack)( must be full version)
NTFSPro (doesn’t matter if themo)
Any bootdisk maker

Have you experienced this kind of problem whenever you attempt to install an application in Windows (2k, xp)?

“The Windows Installer service could not be accessed. This can occur if you are runnin’ Windows in safe mode, or if de Windows Installer is not correctly installed. Contact your support personnel for assistance.”

This gives 2 methods as a way of fixin’ this problem, but you might be very lucky if any of de 2 fixes de problem, alot of guys end up formattin’ deir systems and doin’ fresh windows installations or try wired ways of fixin’ it.

Well, de solution is very easy:

1. right click your root windows installation drive i.e drive where you installed windows
2. click properties at de bottom
3. select security tab
4. click Add and scroll down to SYSTEM account click add and click OK.
5. allow Full control permission and click Apply and den Ok.

This should solve your problem with windows installer.

This is an easy way to get to de folders on your system without havin’ to open a Windows Explorer Window every time you want to access files. I find it very useful to have this feature as it allows me to access my Folders and Drives immediately and saves me a lot of time.

This works in Windows XP:

1. Right Click an empty spot on your Taskbar (Between your Start Button and your System Tray).
2. Click Toolbars.
3. Click New Toolbar.
4. A Small Window will Open that allows you to pick de folder you wish to make a Toolbar. If you want to access your Desktop Without havin’ to minimize all your windows. Just Pick Desktop. If you want to access ONLY your My Documents Folder, Select that. Any folder will work for this.
5. Click OK.
The New Tool bar will appear at de bottom of your screen next to your System Tray.

If you find this to be not useful, Repeat Steps 1 and 2 and den check click de Toolbar you created that has a check mark next to it. And it will disappear.

Here’s how you verify system uptime:

Click Start | Run and type cmd to open a command prompt.

At de prompt, type systeminfo

Scroll down de list of information to de line that says System Up Time.

This will tell you in days, hours, minutes and seconds how lon’ de system has been up.

Note that this command only works in XP Pro, not in XP Home. You can, however, type net statistics workstation at de prompt in Home. The first line will tell you de day and time that de system came online.

As it turns out, dere isn’t much to de boot process:

1. A boot loader finds de kernel image on de disk, loads it into memory, and starts it.
2. The kernel initializes de devices and its drivers.
3. The kernel mounts de root filesystem.
4. The kernel starts a program called init.
5. init sets de rest of de processes in motion.
6. The last processes that init starts as part of de boot sequence allow you to log in.

Identifyin’ each stage of de boot process is invaluable in fixin’ boot problems and understandin’ de system as a whole. To start, zero in on de boot loader, which is de initial screen or prompt you get after de computer does its power-on self-test, askin’ which operatin’ system to run. After you make a choice, de boot loader runs de Linux kernel, handin’ control of de system to de kernel.

There is a detailed discussion of de kernel elsewhere in this book from which this article is excerpted. This article covers de kernel initialization stage, de stage when de kernel prints a bunch of messages about de hardware present on de system. The kernel starts init just after it displays a message proclaimin’ that de kernel has mounted de root filesystem:

VFS: Mounted root (ext2 filesystem) readonly.

Soon after, you will see a message about init startin’, followed by system service startup messages, and finally you get a login prompt of some sort.

NOTE : On Red Hat Linux, de init note is especially obvious, because it “welcomes” you to “Red Hat Linux.” All messages dereafter show success or failure in brackets at de right-hand side of de screen.

Most of this chapter deals with init, because it is de part of de boot sequence where you have de most control.
init

There is nothin’ special about init. It is a program just like any oder on de Linux system, and you’ll find it in /sbin alon’ with oder system binaries. The main purpose of init is to start and stop oder programs in a particular sequence. All you have to know is how this sequence works.

There are a few different variations, but most Linux distributions use de System V style discussed here. Some distributions use a simpler version that resembles de BSD init, but you are unlikely to encounter this.

Runlevels

At any given time on a Linux system, a certain base set of processes is runnin’. This state of de machine is called its runlevel, and it is denoted with a number from 0 through 6. The system spends most of its time in a sin’le runlevel. However, when you shut de machine down, init switches to a different runlevel in order to terminate de system services in an orderly fashion and to tell de kernel to stop. Yet anoder runlevel is for sin’le-user mode, discussed later.

The easiest way to get a handle on runlevels is to examine de init configuration file, /etc/inittab. Look for a line like de followin’:

id:5:initdefault:

This line means that de default runlevel on de system is 5. All lines in de inittab file take this form, with four fields separated by colons occurrin’ in de followin’ order:

# A unique identifier (a short strin’, such as id in de precedin’ example)
# The applicable runlevel number(s)
# The action that init should take (in de precedin’ example, de action is to set de default runlevel to 5)
# A command to execute (optional)

There is no command to execute in de precedin’ initdefault example because a command doesn’t make sense in de context of settin’ de default runlevel. Look a little furder down in inittab, until you see a line like this:

l5:5:wait:/etc/rc.d/rc 5

This line triggers most of de system configuration and services through de rc*.d and init.d directories. You can see that init is set to execute a command called /etc/rc.d/rc 5 when in runlevel 5. The wait action tells when and how init runs de command: run rc 5 once when enterin’ runlevel 5, and den wait for this command to finish before doin’ anythin’ else.

There are several different actions in addition to initdefault and wait, especially pertainin’ to power management, and de inittab(5) manual page tells you all about them. The ones that you’re most likely to encounter are explained in de followin’ sections.

Respawn

The respawn action causes init to run de command that follows, and if de command finishes executin’, to run it again. You’re likely to see somethin’ similar to this line in your inittab file:

1:2345:respawn:/sbin/mingetty tty1

The getty programs provide login prompts. The precedin’ line is for de first virtual console (/dev/tty1), de one you see when you press ALT-F1 or CONTROL-ALT-F1. The respawn action brin’s de login prompt back after you log out.

ctrlaltdel

The ctrlaltdel action controls what de system does when you press CONTROL-ALT-DELETE on a virtual console. On most systems, this is some sort of reboot command usin’ de shutdown command.

sysinit

The sysinit action is de very first thin’ that init should run when it starts up, before enterin’ any runlevels.

How processes in runlevels start

You are now ready to learn how init starts de system services, just before it lets you log in. Recall this inittab line from earlier:

l5:5:wait:/etc/rc.d/rc 5

This small line triggers many oder programs. rc stands for run commands, and you will hear people refer to de commands as scripts, programs, or services. So, where are dese commands, anyway?

For runlevel 5, in this example, de commands are probably eider in /etc/rc.d/rc5.d or /etc/rc5.d. Runlevel 1 uses rc1.d, runlevel 2 uses rc2.d, and so on. You might find de followin’ items in de rc5.d directory:

S10sysklogd S20ppp S99gpm
S12kerneld S25netstd_nfs S99httpd
S15netstd_init S30netstd_misc S99rmnologin
S18netbase S45pcmcia S99sshd
S20acct S89atd
S20logoutd S89cron

The rc 5 command starts programs in this runlevel directory by runnin’ de followin’ commands:

S10sysklogd start
S12kerneld start
S15netstd_init start
S18netbase start
…
S99sshd start

Notice de start argument in each command. The S in a command name means that de command should run in start mode, and de number (00 through 99) determines where in de sequence rc starts de command.

The rc*.d commands are usually shell scripts that start programs in /sbin or /usr/sbin. Normally, you can figure out what one of de commands actually does by lookin’ at de script with less or anoder pager program.

You can start one of dese services by hand. For example, if you want to start de httpd Web server program manually, run S99httpd start. Similarly, if you ever need to kill one of de services when de machine is on, you can run de command in de rc*.d directory with de stop argument (S99httpd stop, for instance).

Some rc*.d directories contain commands that start with K (for “kill,” or stop mode). In this case, rc runs de command with de stop argument instead of start. You are most likely to encounter K commands in runlevels that shut de system down.

Addin’ and removin’ services

If you want to add, delete, or modify services in de rc*.d directories, you need to take a closer look at de files inside. A lon’ listin’ reveals a structure like this:

lrwxrwxrwx . . . S10sysklogd -> ../init.d/sysklogd
lrwxrwxrwx . . . S12kerneld -> ../init.d/kerneld
lrwxrwxrwx . . . S15netstd_init -> ../init.d/netstd_init
lrwxrwxrwx . . . S18netbase -> ../init.d/netbase
…

The commands in an rc*.d directory are actually symbolic links to files in an init.d directory, usually in /etc or /etc/rc.d. Linux distributions contain dese links so that dey can use de same startup scripts for all runlevels. This convention is by no means a requirement, but it often makes organization a little easier.

To prevent one of de commands in de init.d directory from runnin’ in a particular runlevel, you might think of removin’ de symbolic link in de appropriate rc*.d directory. This does work, but if you make a mistake and ever need to put de link back in place, you might have trouble rememberin’ de exact name of de link. Therefore, you shouldn’t remove links in de rc*.d directories, but rader, add an underscore (_) to de beginnin’ of de link name like this:

mv S99httpd _S99httpd

At boot time, rc ignores _S99httpd because it doesn’t start with S or K. Furdermore, de original name is still obvious, and you have quick access to de command if you’re in a pinch and need to start it by hand.

To add a service, you must create a script like de oders in de init.d directory and den make a symbolic link in de correct rc*.d directory. The easiest way to write a script is to examine de scripts already in init.d, make a copy of one that you understand, and modify de copy.

When addin’ a service, make sure that you choose an appropriate place in de boot sequence to start de service. If de service starts too soon, it may not work, due to a dependency on some oder service. For non-essential services, most systems administrators prefer numbers in de 90s, after most of de services that came with de system.

Linux distributions usually come with a command to enable and disable services in de rc*.d directories. For example, in Debian, de command is update-rc.d, and in Red Hat Linux, de command is chkconfig. Graphical user interfaces are also available. Usin’ dese programs helps keep de startup directories consistent and helps with upgrades.

HINT: One of de most common Linux installation problems is an improperly configured XFree86 server that flicks on and off, makin’ de system unusable on console. To stop this behavior, boot into sin’le-user mode and alter your runlevel or runlevel services. Look for somethin’ containin’ xdm, gdm, or kdm in your rc*.d directories, or your /etc/inittab.

Controllin’ init

Occasionally, you need to give init a little kick to tell it to switch runlevels, to re-read de inittab file, or just to shut down de system. Because init is always de first process on a system, its process ID is always 1.

You can control init with telinit. For example, if you want to switch to runlevel 3, use this command:

telinit 3

When switchin’ runlevels, init tries to kill off any processes that aren’t in de inittab file for de new runlevel. Therefore, you should be careful about chan’in’ runlevels.

When you need to add or remove respawnin’ jobs or make any oder change to de inittab file, you must tell init about de change and cause it to re-read de file. Some people use kill -HUP 1 to tell init to do this. This traditional method works on most versions of Unix, as lon’ as you type it correctly. However, you can also run this telinit command:

telinit q

You can also use telinit s to switch to sin’le-user mode.

Shuttin’ down

init also controls how de system shuts down and reboots. The proper way to shut down a Linux machine is to use de shutdown command.

There are two basic ways to use shutdown. If you halt de system, it shuts de machine down and keeps it down. To make de machine halt immediately, use this command:

shutdown -h now

On most modern machines with reasonably recent versions of Linux, a halt cuts de power to de machine. You can also reboot de machine. For a reboot, use -r instead of -h.

The shutdown process takes several seconds. You should never reset or power off a machine durin’ this stage.

In de precedin’ example, now is de time to shut down. This argument is mandatory, but dere are many ways of specifyin’ it. If you want de machine to go down sometime in de future, one way is to use +n, where n is de number of minutes shutdown should wait before doin’ its work. For oder options, look at de shutdown(8) manual page.

To make de system reboot in 10 minutes, run this command:

shutdown -r +10

On Linux, shutdown notifies anyone logged on that de machine is goin’ down, but it does little real work. If you specify a time oder than now, shutdown creates a file called /etc/nologin. When this file is present, de system prohibits logins by anyone except de superuser.

When system shutdown time finally arrives, shutdown tells init to switch to runlevel 0 for a halt and runlevel 6 for a reboot. When init enters runlevel 0 or 6, all of de followin’ takes place, which you can verify by lookin’ at de scripts inside rc0.d and rc6.d:

1. init kills every process that it can (as it would when switchin’ to any oder runlevel).

# The initial rc0.d/rc6.d commands run, lockin’ system files into place and makin’ oder preparations for shutdown.
# The next rc0.d/rc6.d commands unmount all filesystems oder than de root.
# Furder rc0.d/rc6.d commands remount de root filesystem read-only.
# Still more rc0.d/rc6.d commands write all buffered data out to de filesystem with de sync program.
# The final rc0.d/rc6.d commands tell de kernel to reboot or stop with de reboot, halt, or poweroff program.

The reboot and halt programs behave differently for each runlevel, potentially causin’ confusion. By default, dese programs call shutdown with de -r or -h options, but if de system is already at de halt or reboot runlevel, de programs tell de kernel to shut itself off immediately. If you really want to shut your machine down in a hurry (disregardin’ any possible damage from a disorderly shutdown), use de -f option.

The best firewall is a hardware firewall that is completely separate from your operatin’ system. It need not be a dedicated router, could be an old pentium box runnin’ Linux. Below I have found some sites that have How To’s on settin’ up an outside hardware router usin’ an old computer and usin’ a little linux program that fits on a sin’le floppy disk.

Brief Description:
floppyfw is a router with de advanced firewall-capabilities in Linux that fits on one sin’le floppy disc.

Features:
Access lists, IP-masqueradin’ (Network Address Translation), connection tracked packet filterin’ and (quite) advanced routin’. Package for traffic shapin’ is also available.

Requires only a 386sx or better with two network interface cards, a 1.44MB floppy drive and 12MByte of RAM ( for less than 12M and no FPU, use de 1.0 series, which will stay maintained. )

Very simple packagin’ system. Is used for editors, PPP, VPN, traffic shapin’ and whatever comes up. (now this is lookin’ even more like LRP (may it rest in peace) but floppyfw is not a fork.)

Loggin’ through klogd/syslogd, both local and remote.

Serial support for console over serial port.

DHCP server and DNS cache for internal networks.

floppyfw
h#tp://www.zelow.no/floppyfw/

Sentry Firewall CD-ROM is a Linux-based bootable CDROM suitable for use as an inexpensive and easy to maintain firewall, server, or IDS(Intrusion Detection System) Node. The system is designed to be immediately configurable for a variety of different operatin’ environments via a configuration file located on a floppy disk, a local hard drive, and/or a network via HTTP(S), FTP, SFTP, or SCP.

The Sentry Firewall CD is a complete Linux system that runs off of an initial ramdisk, much like a floppy-based system, and a CD. The default kernel is a current 2.4.x series kernel with various Netfilter patches applied. An OpenWall-patched current 2.2.x kernel is also available on de CD.

Bootin’ from de CDROM is a fairly familiar process. The BIOS execs de bootloader(Syslinux) - which den displays a bootprompt and loads de kernel and ramdisk into memory. Once de kernel is runnin’, de ramdisk is den mounted as root(/). At this point our configuration scripts are run(written in perl) that configure de rest of de system. It is de job of dese configure scripts to put de various startup and system files into de proper location usin’ eider what is declared in de configuration file(sentry.conf) or de system defaults located in de /etc/default directory.

Most of de critical files used at boot time can be replaced with your own copy when declared in de configuration file. This is essentially how we allow de user to configure de system usin’ his/her own configuration and init files.

All of de binaries, files, scripts, etc, used to create de CD-ROM are also available on de CD-ROM. So, with a little practice, you can easily build and customize your own bootable Sentry Firewall CD.

Sentry Firewall
www.sentryfirewall.com/docs.html#overview

A step-by-step guide to installin’ FreeBSD 5. It assumes moderate experience with linux and leaves you with a fully updated FreeBSD system.

FreeBSD Installation

A. 5.x vs 4.x
The first thin’ to understand about FreeBSD is that dere are two lines of development. The -STABLE branch is marked with a 4.x version number and de most recent version is 4.10. It is well tested and very solid, but does not include de most recent technology. The -CURRENT branch, marked with a 5.x version, is de “unstable” branch. However, it is nicely stable at de moment and is comin’ alon’ quite well. Most users should go with 5.x and dese instructions are only valid for that tree.

NOTE: DragonFlyBSD ( www.dragonflybsd.org ) is a continuation of de 4.x line. It uses lock-less (no mutexes) SMP support and a Light Weight Kernel Threadin’ system. It has a lot of promise and is developin’ at a breakneck pace, but it should still be thought of as “R/D.”

B. Gettin’ Media
I am not goin’ to say much about this. There are links to various ftp mirrors at www.freebsd.org and de directory structure is fairly self-explanatory. There are however several choices for ISO. You should choose de miniinst ISO. It is small and will include everythin’ you need for de base system.

C. Startin’ Installation
After, de CD boots up you will enter de…ahh…..majestic sysinstall. You can safely ignore most of de options and just choose a standard installation. Most of de install process is pretty easy and anyone who has some experience with linux or unix will be able to handle it without much stress. However, creatin’ partitions and dealin’ with drives will seem very odd to your standard linux user.

D. Hard Disc Management in FreeBSD
Ok, de first thin’ to get used to here is that IDE drives are not hda, hdb…etc. They are ad0, ad1 and so forth. SCSI discs are da0, da1…and so on. There is one oder thin’ that is goin’ to freak some people out. You create slices, not partitions, on de disc and den create partitions within those slices. For example, de first partition in de first slice on de first IDE disc would be ad0s1a. Just accept it.

E. Partitionin’
Sysinstall will lead you through de partitionin’ and its fairly easy to understand. The first part will ask you to choose a disc or discs to partition and den will show you a “slice editor.” This is where you will create your slice. I advise you to only make one. While multiple slices are easy to deal with, it just adds complication. If this is not your first installation of a BSD type OS, den you can ignore me and why are you readin’ this again?

After creatin’ your slice, you will be prompted to choose de drive(s) to install an MBR on. The FreeBSD boot loader is nothin’ to write home about, but it tends towards workin’. After this step, you can create partitions. There is not much to say here. At de top of de screen it will show your slice(s) and when one of them is selected you can use de controls to create a partition on it. You will need at least a root and swap partition. On de non-swap partitions it is usually a good idea to enable soft-updates.

F. Distribution Sets
This is a simple section, select minimal.

G. Continue Installation
The rest of this is pretty simple. Make sure you install from de CD and not de Internet. The bulk of de install is now done. After it copies files to your disc, it will start de configuration process. This is all pretty self-evident, but dere are a couple thin’s you should know.

Network Configuration

Don’t be scared by de names, in *BSD devices are named after deir drivers. There is also a short description after de name, so you should be able to choose de right one. The rest of de network config is easy, just follow de prompts.

System Console Configuration

You can pretty much ignore this, you may want to look around for your own knowledge and of course you could pick a nice screen saver here, but oder den that I would leave it alone for now.

Time Zone

All I have to say here is that if you live in de US, after you choose “America – North and South” hit de end key. The US is at de bottom of de list and hittin’ end is de quickest way dere.

Linux

Say no, we will do this later and with an updated linux_base.

Mouse

OK, welcome to de wonderful and amazin’ world of moused. Answer de first question truthfully, and den you can tweak de settin’s in de “Please configure your mouse” dialog. Whatever you do, be sure to enable de daemon. Also, for most users that is all you will have to do. You can safely ignore de oder options.

Package Installation

At this point, de installer will ask you to install binary packages. Say no. These binaries are out of date and not included on our CD.

Of users and roots

This isn’t de most thrillin’ section, add a user when it asks you to and set a root password after that. The only thin’ I have to say about this process is when de new user dialog comes up leave de “Group:” box unchanged and add “wheel” to de Member groups. You also might want to set your shell to /bin/tcsh. As for settin’ de root password, if you can’t handle that we have bigger problems.

Rebootin’

Ok, next it will ask if you would like to visit de general config area. Select no and you will be brought back to de main menu. Exit de install, reboot without de CD in and enjoy de boot messages.

H. The Real Post-Install
At this point, I am goin’ to assume that you are now lookin’ at a login prompt and thinkin’ “my my…FreeBSD boots quite quickly doesn’t it.” Well, our task is not done yet…dere is a reason we did a minimal install. We are goin’ to do most of it ourselves. First, lets upgrade to -CURRENT. This isn’t a practice I would usually recommend, but 5.x is close to bein’ tagged stable and -CURRENT is rader solid at de moment. First, I need to explain how thin’s are done in de BSD world.

CVS up; you up; we all CVSUP. Cvsup is a very interestin’ program that I am not goin’ to explain in detail here. All you really need to know is that it updates source trees. You see, that is de thin’. You may be used to /usr/src not doin’ much. In BSD it has a job, it holds de source for de entire base system. However, we did a minimal install and no source is dere. It wouldn’t be up2date anyway. So, lets fix that. Login as root and type de followin’: pkg_add -r cvsup-without-gui

pkg_add is de binary installer for FreeBSD and de -r argument tells it to fetch binaries from de net. It will also fetch any deps that you might need. Switch to anoder console while this is happenin’ and login as root. Do de followin’:

cd /etc

cp /usr/share/examples/etc/make.conf /etc/make.conf

cp /usr/share/examples/cvsup/standard-supfile /usr

cp /usr/share/examples/cvsup/ports-supfile /usr

chmod u+w /etc/make.conf /usr/standard-supfile /usr/ports-supfile

What was that? Well here is de rundown. Make.conf is de file that controls de buildin’ of programs from source on FreeBSD and de supfiles tell cvsup where to get de source for de base system and de ports system, also where to put said source. They come out of /usr/share/examples without de write bit set and that gets annoyin’. So we set that. Now switch back to de first console and type rehash. This tells tcsh to check its path for new programs. Now, edit de standard supfile that is in /usr. You can eider use ee or vi. I like vi. Scroll down to de line that looks a bit odd. It will be somethin’ like:

*default host=CHANGE_THIS.FreeBSD.org

The “CHANGE_THIS” is where you put what cvsup server to use. Choose a number between 1 and 9, like 4, and put cvsup4 where CHANGE_THIS is. So it would end up bein’:

*default host=cvsup4.FreeBSD.org

Now exit your editor and run cvsup /usr/standard-supfile

If everythin’ goes correctly, you will see a lot of text scrollin’ on de screen. If it says somethin’ about a bad connection, try anoder number.

Make.conf

Now ’tis de time for all good men (and women) to edit deir make.conf . This is not difficult, in fact have a look around de file. It may be lon’, but it is pretty simple. Now, uncomment de CPU settin’ and de CFLAGS settin’. Set de CPU to your CPU (dere will be a list in de comments above de settin’) and set de CFLAGS to -O2. (NOTE: If de base system fails to build, down’rade your CFLAGS back to -O).

Build Your World

When CVSUP finishes (it will be awhile…go get some coffee), cd to /usr/src and run make buildworld. That command will do exactly what it sounds like. It builds your world, or base system. While its doin’ that, lets get you a kernel. First, cd to /usr/src/sys/i386/conf den cp GENERIC to some file of your choosin’. Any name you want. However, be aware that this is goin’ to show up in a uname -a. Now, crack open your new file and take a look at what a FreeBSD kernel config is like. There are many thin’s you can do here that will improve performance and subtract in size. However, lets keep it simple. Near de top of de file will be de name GENERIC. Change that to your new name. You can now look through de file and you will find several sections that are just for debuggin’. These will indeed add size and slow down de kernel a bit, but I would leave them for now. Go to de end of de file and make a new line. Add de followin’:

device pcm

This will add sound support to de kernel. Be aware that you don’t need to do this, you can load binary modules at boot or after boot, but this way is easy and sound is used often. Save de file and exit. Go back to your buildworld console and when its done execute make buildkernel KERNCONF=YOUR_KERNEL_CONFIG_NAME

NOTE: NOT THE PATH OF THE KERNEL CONFIG..it knows to look in /usr/src/sys/i386/conf

Installin’ Your World

This isn’t that difficult. First run make installkernel KERNCONF= your config name. Now here is de interestin’ part. Run mergemaster -p, this program looks through your etc and updates it to match de new /etc in /usr/src. It will display changed files to you, press q and it will give you options. Somethin’ like i (install), m (merge) etc. Pick merge and it will open a nice little screen that shows you one file on de right and one on de left. It will go section by section, showin’ de areas that have changed. Press r or l to choose which section to keep. Its pretty easy to see which section has new stuff and which does not. After de merge, it will prompt you with options for de newly merged file. One of dese will be install and this is de one you want. In de latest current, most of what you will be showed is user and group files. Make sure you do select de sections with de new users and groups. After this is done, it will ask you a couple questions that you can say yes to. Now that your /etc is updated run make installworld den reboot.

NOTE: You usually don’t need to run mergemaster. However, 5.2.1 is a pretty old release and -CURRENT has come a lon’ way.

I. Ports
Welcome to runnin’ current. The rest is easy. cd back to /usr and edit de ports supfile de same way you did de standard one. Run cvsup on it and wait. After its done, you will have a full ports tree. There is not much left to say. You now have a workin’ system and a fully updated one too. To install software from ports cd to /usr/ports/category/softwarename/ and run make install clean . If you want linux binary support, install de linux_base port. To find where it is cd to /usr/ports and run make search name=linux_base | less . Enable loadin’ de kernel modules for linux binary support by editin’ /etc/rc.conf. Just add de line linux_enable=”YES” to de file and your set. If this is a desktop system, I would recommend installin’ /usr/ports/x11/xorg and your choice of /usr/ports/x11/gnome2 or kde3. Have fun .

Get it from:

www.madpen\’uin.org/cms/?m=show&id=1853

The Aanval Intrusion Detection Console is an advanced intrusion detection monitor and alertin’ system. Currently supportin’ modules for Snort and syslog - Aanval provides real-time monitorin’, reportin’, alertin’ and stability. Aanval’s web-browser interface provides real-time event viewin’ and system/sensor management.

To see results; just write in de (www.google.com/) search en’ine de code:

intitle:”remote assessment” OpenAanval Console