Monday, October 1, 2007

Properly securing SSH.

If you are like me you work in a corporate environment and SSH is needed not just by you but several other Administrators or Application Administrators so shutting down or changing the SSH port isn't applicable. You're in luck, after much research and a lot of brain storming I think I've came up with a very good result. If you've ever checked your system logs (/var/log/secure) you may have noticed copious amounts of SSH failed login attempts this may be why you're searching for new tactics to circumvent the SSH brute-force attempts.

The first thing we'll do is setup iptables rules, if you're running a Red Hat box; vi /etc/sysconfig/iptables and insert the following. Don't forget to add/remove the services you need to be opened.
# resides in /etc/sysconfig/iptables
# Written by Nate Dobbs for NS1 and NS2
# If tables need to be flushed execute
# /usr/sbin/iptables_flush.pl
# Firewall Rules
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT DROP [0:0]
# Handle loopback addresses
-A INPUT -i lo -j ACCEPT
-A OUTPUT -o lo -j ACCEPT
# Disallow ICMP requests from the world
-A INPUT -p icmp -j DROP
# Allow ICMP pings to the world, drop all others
-A OUTPUT -p icmp -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -m state --state ESTABLISHED,RELATED -j ACCEPT
# Allow outbound packets if state related, and inbound if established
-A OUTPUT -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
-A INPUT -m state --state ESTABLISHED -j ACCEPT
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
# Drop stealth scans
-A INPUT -p tcp ! --syn -m state --state NEW -j DROP
-A INPUT -i eth0 -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -j DROP
-A INPUT -i eth0 -p tcp -m tcp --tcp-flags SYN,FIN SYN,FIN -j DROP
-A INPUT -i eth0 -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -j DROP
-A INPUT -i eth0 -p tcp -m tcp --tcp-flags FIN,RST FIN,RST -j DROP
-A INPUT -i eth0 -p tcp -m tcp --tcp-flags ACK,FIN FIN -j DROP
-A INPUT -i eth0 -p tcp -m tcp --tcp-flags ACK,URG URG -j DROP
# open ports for some services
# open ssh
-A INPUT -p tcp -i eth0 --dport 22 -j ACCEPT
-A INPUT -p udp -i eth0 --dport 22 -j ACCEPT
# open DNS
-A INPUT -p tcp -i eth0 --dport 53 -j ACCEPT
-A INPUT -p udp -i eth0 --dport 53 -j ACCEPT
# Open Webmin
-A INPUT -p tcp -i eth0 --dport 10000 -j ACCEPT
-A INPUT -p udp -i eth0 --dport 10000 -j ACCEPT
# Define policy - DROP
-P INPUT DROP
-P OUTPUT DROP
-P FORWARD DROP
COMMIT




You may have noticed the iptables flush script I have defined in the comment section of the code I will include this as well.
#!/usr/bin/perl -w
# This is a IPTABLES flushing script
# Written by Nate Dobbs
# Feel free to redistribute and or modify at-will
# Please give all props to original author/s!
# Declare Vars
print "Welcome to the IPTABLES-Flush script!\n"

$_ = ;
chomp $_;
$_ = "Y" if (length($_) == 0);

if ($_ =~ /[Yy]/) {
print "Starting the IPTABLES-FLUSHING process!\n";
}
else {
print "Aborting script..\n";
}


$iptables = "/sbin/iptables";

%iptables_hash = (

reset_policy => "
$IPTABLES -P INPUT ACCEPT;
$IPTABLES -P FORWARD ACCEPT;
$IPTABLES -P OUTPUT ACCEPT",
reset_policy_mangle => "
$IPTABLES -t mangle -P PREROUTING ACCEPT;
$IPTABLES -t mangle -P POSTROUTING ACCEPT;
$IPTABLES -t mangle -P INPUT ACCEPT;
$IPTABLES -t mangle -P OUTPUT ACCEPT;
$IPTABLES -t mangle -P FORWARD ACCEPT",
reset_policy_nat => "
$IPTABLES -F;
$IPTABLES -t nat -F;
$IPTABLES -t mangle -F",
reset_all_non_default_chains => "
$IPTABLES -X;
$IPTABLES -t nat -X;
$IPTABLES -t mangle -X"
);

print "Resetting policies\n\n";
system (%iptables_hash {'reset_policy'});
sleep 5
print "done!\n";

print "Resetting mangle policy's\n\n";
system (%iptables_hash {'reset_policy_mangle'});
sleep 5
print "done!\n";

print "Resetting NAT policy's\n";
system (%iptables_hash {'reset_policy_nat'});
sleep 5
print "done...\n";

print "And finally flushing all non-default chains\n";
system (%iptables_hash {'reset_all_non_default_chains'});
print "Script is completed\n";
exit


Now that we've got proper iptables rules it's time to edit /etc/hosts.deny; add the following.
ALL: ALL

Now edit /etc/hosts.allow and allow each IP or a entire subnet of allowed "trusted users" you will have to literally allow access to each service that is open with the iptables such as named, httpd etc. You can use ALL: ALL if you need unlimited access to a particular server. I would just recommend allowing access to your services such as ssh on a domain-trusted basis.
named: ALL
httpd: ALL
ssh: .yourdomain.com # the period in front of the domain is ESSENTIAL!

Don't forget to setup iptables for boot-time init
chkconfig --level 345 iptables on

Now restart your services
service iptables restart

iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere
DROP icmp -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere state ESTABLISHED
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
DROP tcp -- anywhere anywhere tcp flags:!SYN,RST,ACK/SYN state NEW
DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/NONE
DROP tcp -- anywhere anywhere tcp flags:FIN,SYN/FIN,SYN
DROP tcp -- anywhere anywhere tcp flags:SYN,RST/SYN,RST
DROP tcp -- anywhere anywhere tcp flags:FIN,RST/FIN,RST
DROP tcp -- anywhere anywhere tcp flags:FIN,ACK/FIN
DROP tcp -- anywhere anywhere tcp flags:ACK,URG/URG
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
ACCEPT udp -- anywhere anywhere udp dpt:ssh
ACCEPT tcp -- anywhere anywhere tcp dpt:domain
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT tcp -- anywhere anywhere tcp dpt:10000
ACCEPT udp -- anywhere anywhere udp dpt:10000

Chain FORWARD (policy DROP)
target prot opt source destination

Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere state NEW,RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere state NEW,RELATED,ESTABLISHED



Thursday, May 10, 2007

Installing Citrix on Linux (Ubuntu)

I've recently installed Citrix v10.0 on my laptop running Ubuntu Feisty 7.4. I've heard this was a very daunting task, I only experienced one issue and this was resolved very quickly after a google search. I'm going to spare the screenshots for security purposes, I think it'd be pretty taboo to post pictures of me logging into a secure site, eh?

1.) Download Citrix v10.0
2.) $sudo apt-get install libxaw6 libmotif3
3.)
$sudo tar xvfz en.linuxx86.tar.gz
4.)
$sudo ./setupwfc

# Now we're at the Citrix Installation
Citrix Presentation Server Client 10.0 setup.
Select a setup option:

1. Install Citrix Presentation Server Client 10.0
2. Remove Citrix Presentation Server Client 10.0
3. Quit Citrix Presentation Server Client 10.0 setup

Enter option number 1-3 [1]:1
  • Enter 1. Install Citrix Presentation Server Client 10.0
  • Please enter the directory in which Citrix
    Presentation Server Client is to be installed.

    [default /usr/lib/ICAClient] or type "quit"
    to abandon the installation: /usr/lib/ICAClient
  • You can choose to enter different folder. I choose: /usr/lib/ICAClient
  • You have chosen to install Citrix Presentation Server
    Client 10.0 in /usr/lib/ICAClient
Proceed with installation? [default n]: y
  • Enter: Y to continue
  • CITRIX(R) LICENSE AGREEMENT

    Use of this component is subject to the Citrix license
    covering the Citrix product(s) with which you will be
    using this component. This component is only
    licensed for use with such Citrix product(s).

    CTX_code EP_T_A34320

    Select an option:

    1. I accept
    2. I do not accept
    Enter option number 1-2 [2]: 1


Installation proceeding...

Checking available disk space ...

Disk space available 588136 K
Disk space required 4964 K


Continuing ...
Creating directory /usr/lib/ICAClient
Core package...
Setting file permissions...
Integrating with browsers...
Browsers found.

Found entries in browser configuration(s) from an earlier
installation. Do you want these entries to point to the
new installation? [default y]: y
  • Enter: y to integrate with your Mozilla Firefox browser
  • Integration complete.

    Found KDE or GNOME desktop entries from an earlier
    installation. Do you want these entries to point to
    the new installation? [default y]: y
  • Enter: y to make sure your Citrix Client install in Gnome or KDE
  • Enter: 3. Quit Citrix Pesentation Server Client 10.0 setup
  • $cd /usr/lib/ICAClient
  • $sudo ./wfcmgr

Next you'll see an UGLY font provided by Citrix, if you would like to change this; DL this script
    • Run $chmod +x citrix-icaclient-10-ubuntu
    •  export ICAROOT=/usr/lib/ICAClient
    •  sudo bash citrix-icaclient-10-ubuntu

citrix.sh Version 0.7
Patching Citrix ICAClient 10.0 on Ubuntu 7.04,
continue [y/N] ?: y
Using ICAROOT=/usr/lib/ICAClient
patching file nls/en/UTF-8/Wfcmgr
patching file nls/en/Wfcmgr
DONE
    Citrix ICAClient 10 for Ubuntu 7.04
  • Close and open your Mozilla Firefox browser to make sure it loads the proper Citrix plugins.
  • Connect to your Citrix Server and choose your application.
  • Once prompted enter “/usr/lib/wfica” to open your application if required Chose "always use this app for this type of file".
Generally we would be finished by now; but I ran into some issues with the Thawte certificate, so I did this; I found out that Stanford University offers a root cert available for DL, (THANKS STANFORD!) do this if you get this error.

1.) cd /usr/lib/ICAClient/keystore/cacerts
2.) sudo wget www2.slac.stanford.edu/computing/windows/services/citrix/
downloads/ThawteRoot.crt

Friday, May 4, 2007

Peer-to-peer and Bit-Torrent Security concerns.

I was inspired to write this blog when a friend emailed me asking questions about his safety when using Bit-torrent clients. This really depends on what type of security you're asking about, there are several different ways. By the way, this friend is a VERY tech-savy person and a pure genius for that matter, the reason I was compelled to write this is because it's a very common question that most people don't bother researching or take into consideration.

Q: Am I safe from Virus'?
A: BitTorrent is a much safer service than other peer-to-peer networks because of how it functions. While other peer-to-peer services allow a certain degree of access to a shared folder or someone’s hard drive, BitTorrent users cannot share anything outside of the desired file type that is in an open BitTorrent window.

Due to the fact that you are only downloading segments of the file as opposed to the full thing, it also makes it incredibly difficult (if not impossible) to transmit viruses through the BitTorrent system. There are a number of people who are opposed to peer-to-peer technologies because of possible security concerns, however, virtually none of these concerns are found in the BitTorrent service.


Q: Is using Bit-torrent software Illegal?
A: No, you can infact make it illegal by downloading pirated software/movies/music. Many software developers prefer Bit-Torrent because seeders can share it's bandwidth to lessen the load on their servers. Thus increasing download speeds for everyone.

Q: How do I protect myself from the MPAA/RIAA?
A: This is a very interested question, for one the best way is NOT TO DOWNLOAD ILLEGAL FILES. But of course there are some ways of protecting yourself. The main thing I recommend is the installation/use of Peer Guardian, this application is only available for Windows' Platform ATM. If you're a *NIX user I recommend checking out MoBlock.

Link to PeerGuardian
Link to MoBlock

Please note that MoBlock actually ties in/initiates new IPTABLES rules, so make sure you have access to your terminal (especially if you want to put this on your Linux router the new rules could flush your existing NAT rules).

There are ways to keep yourself safe, support the cause and never violate your own morals,
* I DO NOT CONDONE ILLEGAL ACTIVITIES*

Monday, April 30, 2007

Beryl - More than just eye candy!

I officially installed Beryl on my Ubuntu machine, I must say I'm pretty surprised by the sheer beauty of this window manager! It's much smoother than Vista's 'Aero' window manager, while moving things around, flipping 'cube' around rapidly and the wobbly screens I notice no lag at all. While on Vista I felt a lot of jerkiness and overall poor performance. Pretty sad IMHO
My machine is as follows (posted in another forum);

AMD FX-55 OC'd 2.9ghz
ASUS A8N-SLI Deluxe

Zalman 110mm Heatsink
2gb Corsair XMS TWINX DDR 400
74gb Seagate Barracuda
15kRPM U320 SCSI
eVA 7900 GTO -OC'd clock and RAM 700/800

20.1" Samsung widescreen LCD 205BW
Razer Copperhead 2k DPI
gaming mouse
Razer Tarantula Gaming Keyboard
ThermalTake TSUNAMI DreamTower

ThermalTake 480w Purepower Silent PSU
Xfi 7.1 sound

Klipsh 5.1 pro-media speakers

18582 3dmarks with 3dma
rk05
Still need to OC my RAM, I will post the new 05 '06 scores.

CPU Idles at 35*C max load so far has reached 44*C
GPU idles at 38*C max 50*C

My machine is pretty beefy; but this isn't the reason the performance is so well, I had vista on this machine for a short time to give it a run. I had tremendous issues with drivers and overall system performance, shame on you Microsoft, XP is better than Vista ATM!

I upgraded to Ubuntu Feisty Fawn, after the first initial reboot GDM wouldn't start I checked dmesg and noticed that Feisty Fawn is shipped with older nvidia drivers, so I pointed to my previously installed (newer) drivers and BAM GDM is up again! Now for the install/configuration of Beryl.

Install Beryl in Ubuntu Feisty

sudo apt-get install beryl emerald-themes

Pressed ALT+F2 and typed beryl-manager

Now it's up and running wo0t, added to the start menu and I'm good to go. One thing, You can't game while running the Beryl window manager, there is an option to switch back to your default window manager (I do this while gaming) then I switch back, it's pretty seamless and very rapid while changing.

Here are some screenshots of Beryl in action!









Tuesday, April 24, 2007

Putting Linux on my Linksys WRT54G V5 router.

I've been pondering about doing this for some time; putting Linux on my Linksys router. Some people may say I'm crazy with my recent all-out switch to Linux. I can't stress how much this means to me, just to get away from the proprietary chains, Microsoft products are crap; it takes years to get a platform that's decent, by the time it's actually stable and usable there is another platform that's being launched. Nothing like Vista, I don't think I've ever saw Microsoft this aggressive.

I don't know about you but I don't want to be a forced Beta Tester, especially when I'm not being paid. I recently got a laptop for free from a friend of mine, he purchased this laptop used about a year ago, since then it's been giving him nothing but trouble. I have tried several times to diagnose the issues, once I even formatted it, with no luck. Needless to say he bought a new Laptop with x64 XP, it's very nice.

I took this laptop home and attempted to install Gentoo, after 2 days of compiling I gained a lot of interest in Kubuntu. I currently have a Ubunutu gaming-box which serves as my main machine. Well I needed wireless, I have a few Linksys routers/ap's lying around the house these days so I whipped one out and attempted to install it on my domain. To my dismay Linksys doesn't make it so easy, the router isn't compatible with other routers, not even using uplink and disabling DHCP.

So what else to do, > INSTALL DD-WRT!! The v5 access points are not as friendly; the community refers to these as 'neutered' because they have half of the cache and RAM as their big brothers v4, 3, 2 and 1. I started to gather some information about which packages I need etc to get this working.

First I reset the routers' factory settings, then I joined the Administration tab > Firmware Upgrade. Proceeded with the upgrade, screen went white and I hard-rebooted the router. Now I connect to the routers' IP VIA HTTP once again and now I see I'm in management mode, I proceed with the install of the Linux Prep package.

Now the fun begins, after one more reboot the router is basically in a limbo mode; generally if I were using a Windows box I would just download the TFTP client that Linksys has available for download that would have saved a few quick steps, here is what I had to do;

# cd /home/misconfig/
tftp 192.168.1.1
tftp>binary
tftp>trace
tftp>rexmt 1
tftp>put dd-wrt.v23_micro_generic.bin

From this point on I saw the writing of these raw binary files VIA the shell so, I started to get pretty excited. After about 10 seconds nothing was moving so I hard-rebooted once more. Now I was able to connect to the web-interface and setup my new Access Point! LINUX FTW!! Now I'm not limited to any default settings, I now have full access to customize whatever I feel.

I'm officially volunteering for children!

I've recently signed up to volunteer for a church that helps unprivileged children I had to fill out a waiver to prove I'm not a weirdo. I should be getting a call anytime soon to setup a time that I can come in on a weekly basis and do some computer tech stuff for the children. The Church offers a computer lab complete with a t1 connection, Microsoft Office and a crew of adults willing to help them research/do their homework.

I'm pretty excited to do this; not only will I be able to teach children and really show my passion for computers, I will be the designated 'web Nazi'. From what I know so far I'm going to administer the network, this includes building, installing and keeping the domain machines up but also keep the network secure. I have to filter the websites with poor content to keep the children safe, not only do I know copious amounts of websites that should be blocked but I'm great at researching it.

I have so many project idea's I can do to benefit the organization as a whole with little to no budget at all. I've been building a few machines I've had lying around for a bit, I plan on making them all dedicated servers i.e print, fax, firewall, router and A good ol' squid web-proxy! My God I'm so excited, it feels good to help people out; everyone should try it!

Monday, April 23, 2007

New server!

Well, the domains are in the process of migrating to a new home; this machine is substantially beefier than the current (old server). So far http://theindy.net is already migrated, DNS info changed and up and running on the new box! So I still have 5 domains to switch over; thank God for CPanel this is the most innovative thing for any admin to use.

I just manage the security of the box so far I need to setup my new IPTABLES rules, so I wrote a new NAT script and I'm going to put it in effect after the migration is complete. The only ports that will be open are the ones vital to running the domains, just like the old box. I keep a constant eye on the box with a IDS/brute-force script.

My next project will involve writing a Perl script and using CRON to execute the script; what I'm going to do is make a 'dictionary file' and fill it with some of my favorite quotes/messages. This script will be executed VIA CRON every 24 hours to change the servers MOTD, something simple and not really needed but it'll be a fun little project.

I started really getting into PERL about a week ago, so far I'm really catching on I'm actually starting to understand the scripting language and it's getting easier for me to accomplish things. My goal is to become very fluent with PERL for the simple fact that it makes a well-rounded *NIX admin. It definitly helps with the job, keeps things automated so you have less to worry about! I'll post the migration; we have to work around the domain's so we don't interrupt their process, I'm assuming these domains will be migrated sometime around 2-3 am Friday or Saturday.

Friday, April 20, 2007

Various Linux projects.

Today I decided to login to the webserver to add my user ID to the group 'wheel'. As always I started to check the system logs; there is always copious amounts of brute-force attempts being processed by bots/script kiddies. Fortunately I know better than to use ssh v1 and to allow root logins VIA SSH, (thanks sudo and su).

I installed a brute-force application, this automatically creates a cron job to scan /var/log/secure every 8 minutes and detect brute-force attacks, once a threat is detected it automatically bans the IP and sends me an email. I need to get around to making keys for SSH accounts, instead of using the passwd method, I'm also going to change the SSH broadcast port but I need to contact my Developer and Content Manager before I go drastically changing stuff.

I found out that CPANEL rewrites my iptable rules every day; I don't know why they do this but it's definitly a pain. So I ended up writing a shell script to execute iptables-save < /etc/rc.d/iptables.save and I assigned it to crontab to execute every hour. So now my iptables will always be refreshed without me having to worry about CPANEL messing things up.

The servers / partition is getting quite full, this isn't really a bad thing; let's us know that we're really expanding!

root@trx [/etc/rc.d]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/sda3 72G 62G 6.2G 91% /
/dev/sda1 99M 17M 78M 18% /boot
/dev/shm 474M 0 474M 0% /dev/shm
/usr/tmpDSK 485M 11M 449M 3% /tmp
/tmp 485M 11M 449M 3% /var/tmp
/tmp 485M 11M 449M 3% /tmp
/var/tmp 485M 11M 449M 3% /var/tmp

This may mean more servers pretty soon; or least an update to the front-end server, I need to get a RAID array going soon but this is going to have to wait a few months until revenue picks up. I also installed all of the security updates from the YUM repository today as well, so the server is up-to-par for a week or so :).

I got a new laptop yesterday (well new to me) it had all kinds of .DLL errors with XP and the screen would flicker when you would try to adjust it. So I took the bezel off and found the wire that was getting pinched, solved that problem. Now Gentoo is compiling on the machine, hopefully by the time I get home the kernel is ready to go; it's a slower machine I've seen Gentoo take 3 days to compile! So far I have, Ubuntu 6.10 (edgy), Slackware 10.1, Gentoo 2006.1 and Fedora-4 boxes to manage.

I love it, completely rid of M$ except for work, I recently got Citrix working on my Desktop at home I can stream Outlook on my linux box, so fun! Now I just have to work on my smb mount from the RAID box and setup a FreeSWAN VPN server.




Monday, April 16, 2007

Cedega mini-review.

So Cedega with engine 6.0 is officially installed now; it was a pretty straightforward but I did run into some issues that delayed my playing of games. Once I installed Cedega, I proceeded with the install I'll post some screenshots as I go on.

After Cedega was installed, I ran the diagnostic tests to see if my system was beefy enough to run Cedega; I would have been pretty surprised if it couldn't. Cedega was pretty straight-forward
with the install;

I don't think they could make it any simpler than what it already is. They have a HUGE games repository, once you enter your games disk; it'll automagically detect the game and give you installation notes, after the game is installed it'll give you tips about playing/configuring the game to run at max performance.

At this point Cedega is waiting for me to get started. Since it's basically the only game I play anymore I was pretty excited to get started with World of Warcraft. I put the disk in and wait for Ubuntu to auto-mount the volume, I hear the DVD-ROM spin up and I see Cedega begin to setup a folder for WoW also automatically detected the installation .exe for me.

At this point I'm nearly ready to run around the house screaming, SOMEONE PINCH ME; is the WoW installer actually up on my Linux box? I proceed with the install (a very long one if I may add) of WoW; I finally get everything installed, I proceed with the patches, the patches will install just as you were on a Windows box; you log into the game the patch will automatically start to download; it's a very simple process for the end-user.

WoW is INSTALLED, patches are upgraded I would normally be ready to play, since I have Burning Crusades; I wanted to get that working before I ran into the game servers. Thankfully the installation and patching of BC was just as simple as installing the normal game so I'm ready to play WoW right? I proceed to login and I select my character.

Once I selected my character the game would begin to load albeit I kept getting stuck at the loading page and it wouldn't go anywhere no matter how long I waited. I started to search through the Cedega forums with no luck. After hours of editing settings I decided to revert back to engine 5.2.x WoW worked! It was working with the older engine but my frame rates were pretty low and the game crashed when I tried to update my video resolution. I jumped into the IRC channel on server freenode #Cedega. I was talking with the users asking for suggestions and just shooting the breeze for a bit, there is a person that helped me out by the handle of CyD.

He asked for the specs of my machine; I dumped them into the IRC chat almost instantly he noticed I didn't have the most recent driver version for my Nvidia card, BRILLIANT CyD; I didn't think of it since I installed my drivers VIA Ubuntu repository, come to find out the current driver (9775). I downloaded the proper driver version and updated it accordingly, after this I set WoW back to the 6.0 engine and logged in again. What do you know; that fixed it I'm now playing WoW with high frame rates and res at 1680x1050, sound works flawlessly as well!

The only thing I've noticed about the game is; I get some artifacts when flying from Stormwind to Darkshire, the landing point has lines almost as if it's displaying the flight patch on small black lines. I'll screenshot it later if anyone is interested.
I have all of my games working so far, Battlefield 2, BF2 Special Forceds, Oblivion, WoW, Guild wars, Guild Wars Factions, Starcraft and Starcraft Broodwar. I see no reason why anyone would have an excuse to stay with a windows machine; come on people, make the switch you will NOT look back.



Friday, April 13, 2007

The full-blown switch to Linux.

As most of you already know; I'm an avid gamer, unfortunately to be up-to-par with modern hardware/games you've got to own a windows box. I have decided to break the proprietary chains of Microsoft, I've always been a *NIX kind of guy; albeit gaming has made that difficult, thanks to winex and Cedega!

I went home yesterday and removed my u320 SCSI drive from my machine and proceeded to slap in a 250GB sATA drive that I haven't used since I bought it a year ago. After installing my new HDD I proceeded with my fresh install of, you guessed it.. UBUNTU!

I've always been an avid Slackware/BSD and Gentoo user, I have heard a lot about Ubuntu's quick installation and ease of use so I say why not; let's forget the other distro's for now and give it a try.

The installation was by far simple as it can get, boot into a live CD > click on an icon that say's install, I know the server version has an instant LAMP server icon as well. After the install I finally booted into my brand new Ubuntu box.

I ran into a lot of issues, the device manager had found ALL of my drivers, as I was pretty astonished, but I was having a hell of a time getting the Nvidia drivers install for my 7900 GTO, I couldn't exit the X server no matter which init I tried or even crashing the X server would bring it right back up again.

I decided to install from the repositories and use apt to update my xorg.conf file as well, I got my ALSA working fine, with surround sound support, drivers install with my widescreen res going. I have not installed Cedega, I didn't get started on my Ubuntu install until a little later last night.

I have subscribed with Transgaming and downloaded the debian package of the Cedega_small_6.0. I'm off to install it tonight I got Teamspeak working as well, albeit my USB headset it's setup correctly yet, so I've got to figure that one out, I think I know exactly what I need to do to correct it.

I will post screenshots after the Cedega install/games install to let everyone know just how well this is working. Wish me luck!


Monday, April 2, 2007

About me:

First of all, I'd like to thank everyone that takes the time to read my little blog. There are a lot of people that blog in this world; it's been a very addicting/popular trend for almost a decade. It's quite strange that you may have stumbled here by fluke! Let me introduce myself;

My name is Nate I've been an avid PC user for 12 years now, I first started with PC's when I was 10 year's old programming Q-Basic on a Pentium 133mHZ machine. Since then I've had a passion for technology as a whole.

Sometimes it sucks being the 'resident computer guy' generally the only time I'm contacted is to fix things; it's not so bad considering there is ALWAYS money to be made. I'm 22 years old, single after a 4-year relationship that didn't turn out so well so now I'm just riding the wind per se.

I'm an avid Open Source promoter I was introduced to Linux (Slackware) in the year 2000 by a good internet friend of mine (thanks lekse!) ever since I've concentrated on various linux distro's and projects. I've gained a lot of knowledge about software/hardware in the past 7 years to know I want my career to be focused upon *NIX.

What does misconfiguration mean? When I was first starting to use Linux; I was always running into a lot of issues that my friend lekse had to drag my butt out of, it was ALWAYS some stupid syntax error of some sort within the configuration files that would cause the kernel to panic, the application to not want to function.

That's about all I have for now; I'm at work and it's getting busy so check back for more random shit I have to offer!