The following will allow you to view your Zoneminder stills from the previous blog post on most web browsers including an iPhone. You need the stylesheet and expand settings if you plan on viewing stills through an iPhone without having to double-tap the image on every refresh. The php variable following ?time= is necessary to prevent Safari from displaying cached images.

Create a file called webcam1.php:

Create a file called style.css or append the following to your current stylesheet:

This bash script will get the latest Zoneminder webcam images using inotifywait and copy it to a local or remote folder every 5 seconds. Implement this script when streaming is unnecessary and you don't want to expose your Zoneminder systems to the internet (low bandwidth monitoring and low disk space archival).

Notes: You must have inotify-tools installed: yum install inotify-tools. I use sshfs to automatically mount remote system folders.

Upgrade your Inspiron 530/530s BIOS revision to at least 1.0.12 to enable support for up to 8GB of RAM (more virtual machines). Don't upgrade your BIOS to 1.0.18, as too many complaints currently exist for it, I used 1.0.15. Before running a BIOS update, be sure your machine is plugged into a decent battery backup unit or you could brick your motherboard.

I was converting several of my testbed systems over to VMware ESXi 4.0 and ran into an issue where two of the ESXi servers were reporting one core per socket with one logical processor, even though they were Core 2 Quad's.

ESXi's "Summary" page returns -
Processor Sockets: 1
Cores Per Socket: 1
Logical Processors: 1

To allow VMware ESXi 4.0 to see the correct number of processors for Dell Inspiron 530 systems:

1. Hold "F2" during boot for the Setup menu.
2. Select "Advanced BIOS Features."
3. Press Enter at "CPU Feature."
4. Ensure "Limit CPUID Value" is set to Disabled (Disabled By Default).

ESXi's "Summary" page should now report -
Processor Sockets: 1
Cores Per Socket: 4
Logical Processors: 4

OS: CentOS 5.3 i386
Kernel: 2.6.18-128.1.10.el5PAE

KeePassX is a useful tool for any individual with numerous accounts, and critical for systems administration where 20+ character passwords are changed often. These instructions will allow you to run KeePassX 0.4.0 in a CentOS 5.3 X Windows Environment.

1) Remove qt-devel to prevent conflicts:

sudo yum remove qt-devel

2) Install required packages:

sudo yum install kernel-headers gcc-c++ libXtst-devel libXi-devel libXfixes-devel

3) Add the bleeding edge ATrpms repo, then install qt44 related packages:

sudo yum install qt44 qt44-X11 qt44-devel

OR

3) Download the RPMs from ftp.pbone.net. WARNING: If you don't trust the package, don't install it or review the code before installing with a rpm2cpio packagename | cpio -idmv.

4) Download the latest version of KeePassX from http://keepassx.sourceforge.net.

5) Verify the package's sha1sum:

sha1sum keepassx-0.4.0.tar.gz

6) Extract the package contents:

tar xvfz keepassx-0.4.0.tar.gz

7) Change your directory to the keepassx-0.4.0 folder:

cd keepassx-0.4.0

8) Configure and install:

sudo qmake-qt44
sudo make
sudo make install

After a successful installation, you will find KeePassX listed in your Gnome menu - Applications | Accessories | KeePassX.

I tried using other flash drives in my keychain prior to purchasing the Lacie itsaKey, but those other cheap, plastic flash drives couldn't withstand all the jostling that happens in a pocket. While the itsaKey, iamaKey, and PassKey flash drives are more expensive than normal flash drives, they're durable and worth the price.

The 8 GB itsaKey holds more than enough data for my pentesting needs. Having Backtrack connected to a keychain is so useful, when it's not convenient to carry a laptop. I'm hoping Lacie comes out with more designs in the near future, because my flash key collection needs to grow.

After uninstalling ISPConfig, you may notice hundreds to thousands of e-mails in your /var/mail files.

These e-mails will contain two messages:

AND

To resolve these spam/bounce/annoying e-mails -- remove the .mailsize.rc files from your /httpdroot/webx/user/username folder:

Change /var/www/ to your httpdroot folder -

Restart postfix:

service postfix restart

After uninstalling ISPConfig 2.2.23, your httpd services may fail during startup.

To resolve this issue:

vi /etc/httpd/httpd.conf

/ispconfig_log

Comment out the two lines below ispconfig_log by putting a # symbol in front:

Then write quit the file:

:wq!

Attempt to restart your httpd services:

service httpd restart

The httpd service should start correctly :

Verify that your websites are up and running.

No surprise here, internal breaches from disgruntled employees and human stupidity are worrisome for security professionals around the world. There's so many attack vectors to consider when an individual has physical and virtual access to systems sitting in your company's LAN.

Become an Infosec Nazi, if you aren't already (for your peace of mind):

• Time to lock Administrative permissions down to core staffers (no installation privileges for end-users).
• Block Facebook, Myspace, and other social networking sites on the router.
• No USB drives/CDR/DVDR allowed on premises.
• Configure all systems to not use bluetooth and USB.
• Encrypt your vital data using Truecrypt or PGP.
• Ensure copies of encrypted vital data are in offline systems.
• Probe with Nessus/BackTrack for systems running unwanted services and unusual open ports on a regular basis

Operating System:
BackTrack 4 Beta (This issue seems to be a regular problem on Debian based systems including Ubuntu)

Symptoms:
Grey screen with a black X for the mouse cursor
During boot process or from dmesg: Activating swapfile swap [fail]
Cannot delete folders and files related to X11 in /mnt/sdb2/changes/tmp (BackTrack) or /tmp (Debian/Ubuntu) because of a "Stale NFS file handle.":

Warning: Be sure to make a backup of your important files prior to running any of these commands.

To resolve this issue in BackTrack4 Beta (or Debian based system) without reformatting and restoring your original BackTrack4 Beta boot partition:

Identify your persistent partition:

fdisk -l

Attempt to unmount your persistent partition (mine was /dev/sdb2):

umount /dev/sdb2

If BackTrack reports that it is unable to unmount the folder, because various processes are in use -- find processes that are being used by the partition:

fuser -m /dev/sdb2

Attempt to gracefully kill processes found from the fuser command:

kill processid

If graceful kill didn't work:

kill -9 processid

You should now be able to unmount the partition:

umount /dev/sdb2

If you formatted the partition as ext3, run the e2fsck.ext3 command to check and repair your file system:

e2fsck.ext3 -f /dev/sdb2

At this point, you will need to keep pressing y, and allow e2fsck to repair and remove files as needed.

OR If you don't care to read what is being repaired and removed:

e2fsck.ext3 -fy /dev/sdb2

Restart your system when e2fsck is done, and you should be back in business.