Blog is on hold until my book titled, “The Ultimate Open Source Small Business & Home Computing Security Guide to the World” is written and published

After all my research for the blog I decided to write and publish a book on Home Computing Security. After all, with all the projects I have completed and posted on the blog I should just have to tweak things a bit and the chapters will write themselves. All I should need to do is learn how to self-publish a book and watch the money pour in. I found out the hard way that this thinking was completely wrong.

Writing a book is one of the most difficult, and rewarding endeavors I have ever embarked upon. I find myself working on one thing or another from the time I wake up till the time I go to sleep. To keep the book current with today’s ever changing technology I am studying new hardware and reworking every chapter how-to over and over again as hardware, techniques and Operating Systems change.  I am constantly upgrading, studying, and surfing the internet for the best answers to present to my potential book readers.

I am writing authors everywhere to get permission to quote material from their web sites, books, and magazines that I have found useful for the book.  All of this is very time consuming.  I had to round up someone skilled in artwork, an editor, and a test audience for the book.  As I write I have address every feedback I get over and over again.  I had to take classes, buy books and magazines and study self-publishing.  Many questions about book writing had to be answered and addressed.  For example, originally I had a long “Forward” at the beginning of the book, but after study a Forward is what someone else writes about you.  The Forward had to be redone and broken apart into a Preface and an Introduction.  The book is in constant flux as I find a good tip, article or book that gives me a better approach to a  paragraph or chapter.  I am reworking the how-to sections over and over again each time tweaking this and that.  I had to learn how to generate a Table’s of Content’s and a Index automatically.  I am not a Microsoft Word 2010 expert but I an learning many of its advanced features. I don’t have the budget to pay someone to format the book.

To keep progress moving along on the book I cannot afford to take time to keep the blog updated.  I apologize to my blog readers but the information I put on the blog has been freely given and does not put bread on table.  I have resisted putting advertisements and other money making schemes up on the blog to keep it non-commercial for your easy reading benefit.  My blog has no pop-ups or hidden links that take you to some web site you did not intend to surf to making me money as many blogs do.
The blog will come alive again in 2012 when book is complete and in print. A few of the things I have learned, the number of pages must be divisible by 48, and computer books need over 300 pages to sell.


Originally the book was going to be full of general computer tips and security measures for the home computer user.  But I had to narrow the focus for two reasons, the book was getting to long for my limited budget to publish, and the books I am reading about self-publishing said I  will need a narrow focus to sell books.  To write over 400 pages strictly about home computing security is quite an undertaking.  I presently have well over 400 pages but I have to rework the projects and perform many more rewrites to get the book ready for publishing.  These project/chapters take a lot of work and many hours/weeks to write so stay tuned.  I think you will find the book very interesting and essential to anyone who exposes their household computers and mobile devices to the internet, a dangerous place to be!

See you in 2012 and if you buy my book I will keep this blog free and open without advertising to annoy you.

The Captain.

KeePass Password Safe Debian/Ubuntu package works in Ubuntu 11.04!

Sometimes good things come to those who procrastinate. Six months ago I promised a local university that I would investigate setting up travel bootable USB drives where half of the drive was encrypted with TrueCrypt and the other half was bootable into Ubuntu Linux. This would enable the corporate/government/individual traveler to safely carry confidential information like passwords, documents, etc. and bring them up on any computer booting off of their USB drive. I never had time to look into the project till now.

My individual goal was I want to be able to view my double encrypted KeePass password file in Ubuntu off my USB drive. My thought is to place the encrypted KeePass pasword file in the TrueCrypt encrypted section of the USB drive. This would provide double encryption for a traveling password file… making it double the work for a cracker to get at those passwords if my/our USB drive is lost or stolen.

The project is in the works. Turns out KeePass now has a Debian/Ubuntu package that works so the first portion of this project is done. To use your KeePass password file in Ubuntu do the following:

# sudo su -
# apt-add-repository ppa:jtaylor/keepass
# apt-get update
# apt-get upgrade
# apt-get install keepass2

Copy the KeePass password file into Ubuntu and bring it up. Everything worked great! If you don’t use KeePass you can obtain it at http://keepass.info/.

The ultimate computer build begins, starting with the new Logitech MK550 keyboard and mouse combo

The first purchase has been made on the 2011/2012 ultimate computer I blogged about in the past. I started with the keyboard and mouse combination. This was because I could try it out in my current home network/computer configuration without too much hassle. My wife and I chose the Logitech MK550 Combo because of its good reviews and its ergonomic design. I took my wife to Best Buy and had her try out all the keyboards and she liked the feel of the Logitech MK550 the best. Is curves up slightly in the center; unlike some of the ergonomic keyboards that really curve up in the center requiring some getting used to. This is a more natural position for the hands and should help prevent carpel tunnel syndrome.

The keyboard has a nice feel. It is padded in the front where you can rest your wrists. My keyboards in the past provided a cheap plastic piece for this purpose. There is also the usual extra keys that do all kinds of wonderful things that you will have to learn about from the limited manual.

Install the latest software to from Logitech. Don’t use the disk provided with the combo. My SetPoint disk was at version 6.1. The software at Logitech was at version 6.3. Always surf to the manufactures web site to get the latest and greatest drivers and software for any new device.

My problem was making the new keyboard work with my DVI switch so I could use the keyboard with all my computers. I could not figure out how to do this. The keyboard operates off of Logitech’s Unifying technology. You plug a very small USB transmitter into a USB port and that transmitter sync’s up with your keyboard and mouse. I tried moving the transmitter to other computers to no avail. It would only sync up on the original computer. I purchased more of the Unifying Receivers from Logitech with the thought of and plugging them into my other computers and then using the keyboard and mouse combo with all my computers. This worked somewhat after many hours of experimentation. In hindsight, if you install Logitech’s software on all your computers, then move the transmitter around as needed… syncing everything up you will be good to go without the added expense. In my case having the extra transmitters plugged in ready to switch over to with a few mouse clicks is better.

The manual states that one keyboard/mouse combo will only work with one unifying receiver at time. But what does that really mean? My hope was to cut one computer off, cut another computer on and have the keyboard/mouse combo work (sync up to the new receiver automatically). This did not happen. There is little help in the small manual provided and searching Logitech’s web site was not much help. I finally determined that you have to run the Logitech “Unifying” software “Start > All Programs > Logitech > Unifying > Logitech Unifying Software” on each computer you switch to that has a “Unifying Receiver”. The easiest way I found was click on the “Advanced…” button and then the “Un-pair” button for the keyboard and mouse. Then use the “Pair a New Device” to re-sync the keyboard and mouse to the new receiver. You sync up the combo by cutting off each device (keyboard and mouse, up to six devices) one at a time and cutting them back on. While this in inconvenient it is a solution. The problem is you will have to have another keyboard/mouse combo hooked to each computer to sync everything up so you can use the MX550.

Recycle your failed hard drives and obsolete CD’s and DVD’s, save the environment! How to properly sanitize a hard drive without software and a sledge hammer.

After searching everywhere on the internet I found http://www.freeharddriverecycling.com/ that says there will recycle a failed hard drive properly. They also accept CD’s and DVD’s. Now I don’t have to feel guilty about all my obsolete CD’s and DVD’s ending up in the local dump polluting our world. The companies name is “Back Thru The Future” based out of Franklin, NJ. Their web site points out:

---

Each hard drive contains approximately one pound of aluminum Recycling one hard drive saves enough energy to:

• light a 100 watt bulb for 134 hours, or
• run your television for 102 hours or
• the energy equivalent of 1.5 gallons of gasoline

Recycling aluminum is 95% more energy efficient than producing aluminum from ore Recycling aluminum results in 95% less air pollution and 97% less water pollution than producing aluminum from ore. The following information on CD’s and DVD’s:

• A CD/DVD is considered a class 7 recyclable plastic
• To manufacture a pound of plastic (30 CD’s per pound), it requires 300 cubic feet of natural gas, 2 cups of crude oil and 24 gallons of water
• It is estimated that AOL alone has distributed more than 2 billion CDs. That is the natural gas equivalent of heating 200,000 homes for 1 year
• It is estimated that it will take over 1 million years for a CD to completely decompose in a landfill

---

Back Thru the Future Microcomputers, Inc. is not Better Business Bureau Accredited. It has no BBB rating. It also has 0 complaints registered against it in the last 3 years. I asked the company about that and their reply was, “The National Association for Information Destruction http://www.naidonline.org/ is the association we belong to that can vouch for the integrity of our company.”

There is also http://www.harddriveshredding.com/ where you can pay to have them maintain detailed, auditable records of your entire hard drive destruction process. In my case I will go the free route.

Below is what their web site has to say about the company:

Founded in 1990, Back Thru the Future is one of the oldest computer recycling companies in the US. It was one of the first electronic recyclers to receive both US EPA and State DEP registration as a qualified electronic recycler and we were the first electronic recycling facility in the country to receive the National Association for Information Destruction (NAID) certification as an AAA certified secure destruction facility. We were a member of both the NAID and ARMA committees that established their industry guidelines for the destruction of electronic media. We were a member of the State of NJ stakeholder committee that helped develop NJ’s new e-scrap regulations.

If you are 100% confident that your drives no longer contain sensitive data and you are looking to dispose of the drives in the most environmentally friendly fashion, look no further. The materials used in the manufacture of hard drives are valuable recyclable materials. We have developed a sophisticated materials sorting system that allows us to recapture 100% of the hard drives component materials.

Simply box your drives up, write “HD” on the container and ship to the address below. For quantities in excess of 1000 we will pay the cost of transportation.

But that is the tricky question. How can I/we be 100% confident our home drive no longer contains sensitive data? Normally we could use software to erase everything on the drive. It will take more than 5 full days to sanitize a 1 terabyte capacity hard drive using DOD specification overwrite software… but that would be OK. But in this case the drive has completely failed. It cannot be sanitized that way. If we take a sledge hammer to the drive or drill holes in it will they then accept the drive for recycling? Do they have a recommended method for the “home” computer user to sanitize a drive that can no longer be written to?

I called “Back Thru the Future” and asked them what is the best way to sanitize a hard drive for a home user? They said that soaking a hard drive in water overnight will completely sanitize a hard drive. I had never heard of that. So I did a ton of research on the internet. This is what I found about soaking a drive in water:

The PC technician at http://askbobrankin.com/how_to_destroy_a_hard_drive.html says it would damage the hard drive to the point where you couldn't just pop it into a computer and get it working, but the data would still be recoverable. One PC technician says that one of their clients dropped their laptop into their swimming pool. They sent the drive to DriveSavers (which I assume to be http://www.drivesaversdatarecovery.com/), and they were able to recover all of the information on the drive.

To actually destroy a drive through physical means, you'll either need to melt the drive platters or at least sand down the surfaces.

After reading everything I could find about physically destroying a hard drive the only sure method that I could find is what Bob Rankin said, I will have to destroy the platter surfaces. So I set out to take the drive apart and sand down the platter surfaces. The screws holding the drive together are Torx head screws which are characterized by a 6-point star pattern. No problem I thought, I have all kinds of bit sets in the house. After examining all my bit sets the smallest Torx bit I could come up with was a T10 which was too big to fit the screw. I went to the Black and Decker outlet and the smallest Torx they had was a T10. I then went to Sears with the hard drive in hand and discovered that a Torx T9 was the tool that was needed. I could have purchased one Torx T-10 driver for $4.00 but I decided that the 10 piece Precision Craftsman Screwdriver set which was on sale for $21.00 was a better option. This set is a very nice with a Torx T8 and T7 for working on computers and hard drives. Plus if you break any of the Screwdrivers in the set the have the Craftsman lifetime guarantee.

The sledge hammer approach would also work but that would make packaging the drive in box the new drive came in and recycling difficult. Remember we are trying to save the environment… if you care nothing for the environment just smash the drive in to pieces and throw it in the trash… but being an environmentalist I ask you not do that and use the method I described above. I am also packaging all my obsolete DVD’s and CD’s with the drive to send to them also.

Degraded NVIDEA Mirror, is running a redundant home RAID setup worth the cost?

Unequivocally YES! In these days of cheap hard drives and motherboards that support RAID, why risk an important home computer to hard drive failure? In all my years of home computing the component that fails most often in my custom built computers is the hard drive. Makes sense if you think about it. The hard drive is the most mechanical device in the computer. It has spinning platters, read write heads moving around, data being written and read constantly, etc.

Yesterday my wife screamed down there was a problem with the computer. I came up expecting the usual boot up problem, but instead I saw the error message “Degraded NVIDEA Mirror” flashing in RED on the screen. In the life of this computer I had never seen this message before. I groaned… I had just rebuilt this computer from scratch about 10 months ago and everything on it was purring along perfectly. Not to mention the 10 Linux virtual environments I have installed and updated. My wife has tasted what real computing power can mean working from home and she loves working on this computer. It took me an entire evening to get her working on the old backup computer and I slept on how to attack this latest computing disaster.

First off be careful what you read out on the internet. I surfed in my one virtual Operating Systems using Tor to all kinds of questionable web sites and see what others had to say about this problem. I saw crazy solutions from testing the RAM to unplugging one drive at a time and rebooting. While testing memory is never a bad idea, just unplugging drives and rebooting might be. What happens to the RAID configuration in the scenario? Suppose it got corrupted somehow? Or you corrupted the drive that has not failed? I did not want to RISK that.

I implemented the following successful plan:

1. Originally, I set this home computer up as a RAID 1 mirror buying two cheap refurbished drives. So in theory, if the mirror was degraded I should still be able to boot off of the drive that was still working. If I got the computer booted, I would back up everything and create a system image using, “Start > Control Panel > Backup and Restore > Create a System Image”. The system booted and the backup was successful to my 2TB USB drive.
2. Next, I Download all the latest tools from from my hard disk manufacturer (in my case Seagate). I had two refurbished Seagate Barracuda 750 GB drives in the mirror. If the mirror was degraded then the most likely problem was one of the hard drives.
3. I installed Seagate SeaTools in Windows but it would not run. I burnt a copy of the latest bootable SeaTools DOS utilities to CD. If you don’t use CD/DVD-RW disks you should consider them. They save a bit of money keeping up with all the latest releases. About every 6 months I have to update all my diagnostic bootable CD’s to troubleshoot the latest PC hardware disasters.
4. I booted the SeaTools CD and tried to look at the hard drives. SeaTools was only displaying one hard drive. I wondered how I was going to figure out which drive has failed? I thought to take the computer apart and see if one of the drives was not spinning by feeling the drives during startup. Both drives were spinning… dead end.
5. I went back into SeaTools and wonderfully it was displaying both drives. I quickly tested both drives and one drive failed all tests and eventually died completely… but not before I wrote down the serial number from the SeaTools diagnostics. In hind sight I could have just written down the serial number of the good drive and pulled the one that SeaTools could not see.
6. I pulled the drive out noting the serial number and put it aside. I went to Seagate’s web site to see if the drive was under warranty, it was not.
7. I ordered another refurbished drive from Newegg.com for a mere $40. The Seagage Barracuda 750GB drive comes with a 16MB cache or 32MB cache. Always get the bigger cache. Because I run a mirror I did not purchase any sort of extended warranty. From my experience refurbished drives are a roll of the dice. I’ve had pretty good luck with them lasting 4 or more years… which puts them just outside any sort of warranty I could purchase.
8. Upon arrival, I put the drive in the computer and used SeaTools to run diagnostic tests on the new drive.
9. I then rebuilt the mirror, and booted the computer up to see it running as good as new.
10. I opened up the failed driver and sanded the platters to destroy my data. I then sent the drive off with some CD’s and DVD’s to be properly recycled. See my blog entry http://thecaptainslatest.blogspot.com/2011/09/recycle-your-failed-hard-drives-and.html.

The moral of the story is running a RAID 1 mirror saved me weeks of work rebuilding a computer at a cost of about $60 per drive originally. You have to ask yourself… how much is your time worth? RUN RAID 1, 5 or 10 at home! If you can afford it RAID 10 is optimal (best of both worlds). It yields close to the performance of RAID 0, has the benefits of the redundancy of RAID 1… without the performance hit of RAID 5. I called ASUS to see if their motherboards could run RAID 10 on two drives and did not get an answer (the technician had no idea what I was talking about). The standard RAID 10 configuration takes a minimum of 4 drives. I will be building a new computer soon, capable of supporting RAID 10, so I will let you know.

If you wish to read about the various RAID levels the wiki https://secure.wikimedia.org/wikipedia/en/wiki/Standard_RAID_levels and https://secure.wikimedia.org/wikipedia/en/wiki/RAID_10#RAID_10_.28RAID_1.2B0.29 are a excellent places to start. In summary from the link above with a few words added:

• RAID 0 strips the data over multiple hard drives. RAID 0 would be a good choice if you have 2 hard drives of different sizes. RAID 0 will give a minimal boost in the performance of the system. Bear in mind that a set of two disks is roughly half as reliable as a single disk.
• RAID 1 creates an exact copy (or mirror) of a set of data on two or more disks. To maximize performance benefits of RAID 1, independent disk controllers are recommended, one for each disk. RAID 1 should be implemented on two identical drives but does not have to be. When reading, both disks can be accessed independently and requested sectors can be split evenly between the disks. For the usual mirror of two disks, this would, in theory, double the transfer rate when reading. When writing, the array performs like a single disk, as all mirrors must be written with the data. How the data is read is dependent on the controller.
• RAID 5 uses block-level striping with parity data distributed across all member disks. RAID 5 has achieved popularity because of its low cost of redundancy. A minimum of three disks is required for a complete RAID 5 configuration. RAID 5 implementations suffer from poor performance when faced with a workload which includes many writes which are smaller than the capacity of a single stripe. This is because parity must be updated on each write, requiring read-modify-write sequences for both the data block and the parity block. The read performance of RAID 5 is almost as good as RAID 0 for the same number of disks. Except for the parity blocks, the distribution of data over the drives follows the same pattern as RAID 0. The reason RAID 5 is slightly slower is that the disks must skip over the parity blocks.
• RAID 10 is a stripe of mirrors. RAID 10 requires a minimum of 4 drives. Linux "RAID 10" can be implemented with as few as two disks. In most cases RAID 10 provides better throughput and latency than all other RAID levels except RAID 0 (which wins in throughput). It is the preferable RAID level for I/O-intensive applications such as database, email, and web servers, as well as for any other use requiring high disk performance. As in RAID 1, all but one drive from each RAID 1 set can fail without damaging the data. So in a 4 drive configuration 2 drives can fail as long as they are not the mirror of the other. If a failed drive is not replaced, the single working hard drive in the set then becomes a single point of failure for the entire array. Some RAID 10 vendors address this problem by supporting a "hot spare" drive, which automatically replaces and rebuilds a failed drive in the array.

Adding Polipo caching web proxy in Ubuntu to speed up browsing using Tor

First step is apply the Ubuntu updates as root:

# apt-get update
# apt-get upgrade
# apt-get dist-upgrade

See my entry, “Adding Polipo caching web proxy in Fedora to speed up browsing using Tor” as reference. Now get Polipo:

# apt-get install polipo

Much of the following is taken from the work done in Fedora setting up the Polipo caching web proxy. There were a few differences setting up Polipo between Fedora and Ubuntu but not many. One difference was the “polipo” service was configured to start automatically by just installing the package.

Setup the configuration file recommended by Tor:

# cd /etc/polipo
# mv config config.orig

Copy the recommended configuration file from Tor at https://gitweb.torproject.org/torbrowser.git/blob_plain/HEAD:/build-scripts/config/polipo.conf to /etc/polipo directory. There is some good information about setting up Polipo with Tor at http://www.pps.jussieu.fr/~jch/software/polipo/tor.html. The main thing in the file to setup Tor with Polipo is

# Uncomment this if you want to use a parent SOCKS proxy:

socksParentProxy = "localhost:9050"
socksProxyType = socks5

# chmod 644 config

Because I want Polipo to run as a daemon I added the following to the /etc/polipo/config file copied into the /etc/polipo directory above:

### Setup Polipo to run as a Daemon
### *****************************
daemonise = true
pidFile = /var/run/polipo/polipo.pid

Now if you go to /etc/init.d and type “./polipo start”

In Ubuntu the daemon will start automatically on the next reboot. You can look at the services using:

# service –-status-all

The only tool I could find for Ubuntu to configuring services is:

# apt-get install sysv-rc-conf
# sysv-rc.conf

So now we have Polipo installed, configured, and running automatically at start up. We now need to setup our browser (Firefox) to use the proxy to access the Tor network. Right click on the “Torbuttown > select Preferences > Proxy Settings”. Set your configuration up like below:

When done click on the “Test Settings” button and you should get:

If you want disk caching, the default Tor configuration had the following set:

# If diskCacheRoot is an empty string, no disk cache is used.
# Uncomment this if you want to disable the on-disk cache:

diskCacheRoot = ""

From the Polipo manul, “The on-disk cache consists in a filesystem subtree rooted at a location defined by the variable
diskCacheRoot, by default "/var/cache/polipo/". This directory should normally be writeable, readable and seekable by the user running Polipo.” So just comment out this line and caching will be enabled by default.

# diskCacheRoot = ""

You can check later to see if disk caching is actually taking place by looking at the /var/cache/polipo directory.

[root@localhost polipo]# ll /var/cache
drwxr-x---. 115 polipo polipo 4096 Sep 12 21:43 polipo

Be advised that the default Tor config also sets:

# Uncomment this if there's only one user using this instance of Polipo:

cacheIsShared = false

So if you have more than one user you might want to stick with the Tor setting of having no disk cache or comment the above out and see if everything works OK.

Getting an intermittent ISP connection fixed! You will eventually get the problem solved with these simple steps.

My wife recently started working from home. When working from home it is amazing how dependent your life becomes on your Internet Service Provider (ISP). Where before you could live with an occasional outage you now need 24/7 support and an uninterrupted connection to the internet. I have been happy with my ISP, and really went the whole nine yards with them these past few months trying to get our intermittent connection outage problems resolved. Many times I thought of trying other companies, only to read about even worse horror stories with the other ISP providers.

Employers who send their employees home to work really need to think about helping their home working employees with potential ISP issues. Their voice in an ISP battle would hold a lot more weight than our lone voices. Employer contracted IT departments do not seem to understand the mechanics behind VPN connections into work networks and the problems employees have. The security concerns this lack of IT department knowledge brings to mind for the company in question (and its sensitive data), I can only wonder… perhaps none. In our case the companies technical support had no clue why our VPN connection could not pick up where it left off after a connection loss to the ISP. My wife would have to completely shut everything down… and log in again costing her valuable time. The companies final response was, “get the ISP to quit dropping your connection...” yes that is true… but some help from them dealing with the ISP would have been greatly appreciated.

The company IT department said it was not possible to use multiple monitors with the VPN software. I knew this had to be wrong because it is the Operating System that allows the use of multiple monitors… not the applications running on the operating system. For the companies IT departments benefit, if they were to ever read my blog… if you are using Jupiter Networks software for VPN connections you can spread the monitor viewing screen across both monitors by clicking on the Window’s Explorer middle icon in the upper right corner… spread the window across both monitors… and then maximize the window… shazam… the user can now use two monitors. Something that the the IT contract department help desk at a multi-billion dollar corporation said was not possible to my wife. Here is my shameless promotion, read my upcoming book “The Ultimate Home Computing and Security Guide to the World” for other useful tricks and tips.

Everything used to be free for service issues with my ISP. I did not know that had changed since my last service call and it cost me $80 before I learned that costly lesson. Most ISP’s now charge for service calls unless you pay a monthly service fee. That service fee now runs me $3 extra per month on my bill. Well worth it once you understand that most of the ISP technicians have minimal training and experience… it can take MANY visits to solve your home connection problems. The technicians test equipment, while expensive and will do the job, is useless without trained personnel to use it. So plan on many calls and visits from untrained ISP technicians (using that title loosely) to solve your problem. In my case three visits and about 20 calls… and many hours of my valuable time.

In the Cable companies defense, from my own life’s experience I worked for years in the Air Force and for one of the top three US banks in a huge data center. On both jobs I/we had all the expensive equipment to analyze any problem in cabling but little or no training on how to use it. In the Air Force the (old guard) did not want to admit they could not use the Time Domain Reflectometer http://en.wikipedia.org/wiki/Time-domain_reflectometer to locate faults in the metallic cables in the airplanes. More than once I would be instructed to change the connectors by cutting the wire an re-splicing the cables. This is very bad because shortening a cable in a plane can cost millions of dollars in labor and work, once the wires become too short to splice anymore. But the Air Force would rather pay millions than provide proper training for personnel in the thousands of dollars. As a Senior Airman I argued more than once for use of the TDR’s as a troubleshooting tool (which would sit back in the shop on the shelf). Even as a Staff Sergeant I could not change the culture. A shop chief has total authority… whose knowledge is many times 15 years too old and does not want to admit how modern day technology has improved on the the old way of doing things.

I encountered the same type of thing in the civilian world. My experience at a major data center of a US bank had us leaving all the advanced Fluke cable analysis equipment on the shelf and doing stupid stuff like pulling new cable and throwing out the old, perfectly good cable, without determining what the real problem was. My influence helped change that culture a bit and eventually the data center personnel learned how reference and use some of the equipment... Even though we never got the corporate paid for training we needed. So seeing the cable companies lack of training in its personnel is not new to me. Cheap, inexperienced, untrained employees somehow makes more sense to management in today’s technical world… both in corporate America and in the military.

If you are experiencing intermittent outages with your ISP just give in to the fact that you don’t know more than the technical support person you are talking to in some foreign country. The problem has to be your home computer Network Interface Card (NIC), your home router, or your cable modem. The first thing to do is go to your nearest cable service provider office and rent one of their cable modems. My cable modem was of superior quality to the rented ISP cable modem technology but this modem was obviously the problem to any technician. All the ISP technical support personnel know is a few simple steps with the rented cable modem to solve your problem. Most of the time it will be unplug the power from the modem… wait 10 seconds… and like magic this will solve you problem (almost never will this solve your fundamental problem… but for the technician it will get you off the telephone!). Yes you may become reconnected with the internet but these untrained people have NOT solved your fundamental problem… only postponed the inevitable… having an unknowledgeable ISP technician visit your home which will have to come at your time and expense!

Now your ISP will all say your state of the art advanced router is causing the problem. You will have to take your router out of the loop and connect your computer directly to the cable modem exposing your computer to all kinds of internet attacks. Record each loss of signal to the internet using the ISP cable modem and call your ISP every time it happens. You have to become a thorn in their side!

Your ISP will now point to your computer’s Network Interface Card (NIC) as causing the problem. Hopefully you have the luxury of a second computer to connect it’s NIC card the ISP’s cable modem and start noting the outages…. again with the second computer. Call you ISP and tell them the intermittent outage problem is happening using a second computer using a second NIC card! Eventually your ISP will yield to another technician visit… you may finally get one skilled in the use of their equipment.

The first technician blamed my splitters. While cheap splitters can be the problem I did not think they had a clue because I had a perfectly good internet connection for years on those same splitters. Observe the DB gain as the technician looks at on your TV’s to see if they are pulling the wool over your eyes. Since we are not cable technicians we are looking for an increase in DB and assume life is good.

The second technician checked the noise on the lines. Cable TV/Internet is a closed network and all connections must be secure. This requires more than a finger turn on the TV and cable modem connections. I had noise on two of my connections which the technician easily corrected with the turn of wrench... my bad for not giving them the final turn with a wrench. Finger tight is not enough with cable connections. Finally I saw correct use of a cable analyzer.

But noise was not the problem either. The intermittent outages continued. After many more calls to the ISP a third technician was dispatched. This guy really knew how to use the cable analysis equipment. I guess they were tired of hearing from me and dispatched their top dog. He changed the splitters the original technician replaced. He then went out to the pole and determined my local squirrels had been chewing on the line leading into the house. There was water in the line causing the intermittent outages as the wind blew. He replaced the cable from the pole to the house and checked the DB on the TV explaining everything to me… problem finally fixed. After he was done we had a flawless connection to the internet. No more listening to my wife stomp on the floor screaming and stomping on the floor… life is good. Based on our experience you will have to beat you ISP over the head many 20 times to get their top level support. A huge expense for them due to their lack of training personnel and outsourcing their help desks. This is the new reality in America…

I quickly switched back to my router for security… and then to my home modern modem to quit paying rent. I finally has to use REVO UNINSTALL to remove all my wife Jupiter Networks software and reinstall it so she can work from home in bliss. So here is my bullet point list for dealing with an ISP:

• Go get a ISP rental modem.
• Sign up for your ISP’s service plan costing you $3.00 per month.
• Note every network outage, call your ISP at least twice daily, preferably during an outage.
• Take your router out of the loop and hook your NIC directly to the rented cable modem.
• If you have a second computer hook that directly to the cable modem and note every outage… continuing to call your ISP.
• Explain to each technician exactly what the previous technician looked at, said, and did.
• Be patient, it is not the technicians fault if there was not trained properly. Eventually you will get the top dog!

Adding Polipo caching web proxy in Fedora Linux to speed up browsing using Tor

Tor recommends using the Polipo proxy to connect to the Tor network. If you are like me, I always thought of a proxy as the evil middle man that companies/schools set up to limit access to the internet, and track everything that students/employees are doing with their browsers. So I was curious how implementing an individual proxy in one Linux environment could benefit my web surfing.

Under a proxy type of setup, when a client tries to access the Internet from a Web browser the web page request goes to the proxy server. The proxy server then makes the request to the Internet. This server can act as a filter both to and from the internet… and it can log all activity both ways. This is very useful finding students/employees using their computer improperly.

So how can a proxy benefit individual web surfing? The Polipo proxy was designed with the individual in mind. It was built with a focus on individual users, or use a small office. It has limited capabilities for filtering but its focus is actually on performance. It caches your internet activity and communicates with web servers as optimally as possible. You can read about Polipo at http://www.pps.jussieu.fr/~jch/software/polipo/. From the web page here are some reasons to consider using Polipo with Tor:

Polipo has some features that are, as far as I know, unique among currently available proxies:

• Polipo will use HTTP/1.1 pipelining if it believes that the remote server supports it, whether the incoming requests are pipelined or come in simultaneously on multiple connections (this is more than the simple usage of persistent connections, which is done by e.g. Squid);
• Polipo will cache the initial segment of an instance if the download has been interrupted, and, if necessary, complete it later using Range requests;
• Polipo will upgrade client requests to HTTP/1.1 even if they come in as HTTP/1.0, and up- or downgrade server replies to the client's capabilities (this may involve conversion to or from the HTTP/1.1 chunked encoding);
• Polipo has complete support for IPv6 (except for scoped (link-local) addresses).
• Polipo can optionally use a technique known as Poor Man's Multiplexing to reduce latency even further.
• Since it can speak the SOCKS protocol, Polipo can be used together with the tor anonymising network.
• Since it can speak both IPv4 and IPv6, Polipo can be used as a bridge between the IPv4 and IPv6 Internets: to allow an IPv6-only host to access IPv4 servers or vice versa.

In short, Polipo uses a plethora of techniques to make web browsing (seem) faster.

After reading the manual I decided to set it up. First thing I did was:

# yum install polipo

====================================================================
Package             Arch              Version                        Repository           Size
====================================================================
Installing:
polipo              i686              1.0.4.1-3.fc15                 fedora              198 k

Transaction Summary
====================================================================
Install       1 Package(s)

Total download size: 198 k
Installed size: 545 k
Is this ok [y/N]: y

---

Now setup the configuration file recommended by Tor:

# cd /etc/polipo
# mv config config.orig

I then copied the recommended configuration file from Tor at https://gitweb.torproject.org/torbrowser.git/blob_plain/HEAD:/build-scripts/config/polipo.conf to /etc/polipo directory.

# chmod 644 config

Because I want Polipo to run as a daemon I added the following to the /etc/polipo/config file copied into the /etc/polipo directory above:

### Configuration from Fedora RPM
### *****************************
daemonise = true
pidFile = /var/run/polipo/polipo.pid

Now if you go to /etc/init.d and type “./polipo restart” you will get the following:

[root@localhost init.d]# ./polipo restart
Stopping polipo:                                           [FAILED]
Starting polipo:                                           [  OK  ]
[root@localhost init.d]# ps -ef | grep polipo | grep –v grep
polipo    2019     1  0 00:03 ?        00:00:00 /usr/bin/polipo -c /etc/polipo/config

Now we want the daemon to start automatically on the next reboot. You can see it is not starting automatically by typing:

# serviceconf

Type the following at the command line to get it starting automatically:

# chkconfig polipo on

So now we have Polipo installed, configured, and running automatically at start up. We now need to setup our browser (Firefox) to use the proxy to access the Tor network. Go into Firefox and setup the Proxies:

 

And then test everything as seen in the above screen shots. The final steps are to tweak the /etc/polipo/config file for a few final updates (personal preferences). I first looked at the memory settings.

From the Polipo manual, “Unless set explicitly, both chunkLowMark and chunkCriticalMark are computed automatically from chunkHighMark.” I checked to see if we might want to adjust this and the default configuration from Tor has it set to:

chunkHighMark = 67108864

Which is higher than the recommended values in the Polipo sample config of:

# Uncomment this if you've got plenty of memory:

# chunkHighMark = 50331648
# objectHighMark = 16384

So I have to assume this is more than adequate. Second I wanted to use disk caching. From the manual, “The on-disk cache consists in a filesystem subtree rooted at a location defined by the variable diskCacheRoot, by default /var/cache/polipo/.” The default Tor configuration had the following set:

# If diskCacheRoot is an empty string, no disk cache is used.
# Uncomment this if you want to disable the on-disk cache:

diskCacheRoot = ""

So I commented this out. Please be advised that the default Tor config also sets:

# Uncomment this if there's only one user using this instance of Polipo:

cacheIsShared = false

So if you have more than one user you might want to stick with the Tor setting of having no disk cache. Another thing I check on was the logging. I found this in the manual, “The variable logFile defaults to empty if daemonise is false, and to ‘/var/log/polipo’ otherwise. So there was no reason to uncomment the following:

# logFile = /var/log/polipo

I did not want the this log file to grow and grow unchecked. But not to worry. Upon install Polipo puts the following entry in the /etc/logrotate.d directory:

/var/log/polipo {
    create 0640 polipo polipo
    missingok
    notifempty
    delaycompress
    postrotate
/sbin/chkconfig polipo && /sbin/service polipo reload 2>/dev/null >/dev/null || :
    endscript
}

In a future project I will get all this working in Ubuntu. Read my upcoming book “The Ultimate Home Computing Guide to the Galaxy” to get all these up-to-date home computing tips and much, much more… in one read. I will be shamelessly promoting it in all my upcoming blog entries. If you are tired of all the other computer reference books out there glossing over topics and not giving you all the useful details… the captain is out there!

https://help.ubuntu.com/community/Polipo

https://trac.torproject.org/projects/tor/wiki/doc/SupportPrograms

Using Tor Network to Cloak Your Browser Activity (surf anonymously) in a virtual environment… and adding HTTPS Everywhere for even more security.

I have blogged about using the Tor network in the past… but sometimes blog entries are worth repeating and expanding upon. The inadequate PC World article titled “Tor Network Cloaks Your Browsing”, in their September, 2011 issue, while a decent article, cried out to be expanded upon. Tor (acronym of “The Onion Router”) is free and open source software that helps users remain anonymous on the Internet.

Please understand that telecom companies, search engines, retail companies, governments, etc. track your internet activity. This information is used to record your IP address, where you live, what you like (are looking at), who you have been talking to, what you type (search for), etc. This information is a gold mine for businesses storing this data to target their advertising. Google, for example, has entire server farms storing the search information on millions of “open surfers” worldwide. When you visit a Web page, your browser submits a request for the data on that page and returns it to your home PC. When you receive a Web page like this “out in the open” it exposes your IP address, the URL of the website, and the contents of the site, among other information to third parties. For example, when you visit Amazon.com you will see advertisements based on what you purchased and looked at on your previous visits. At Google.com, Bing.com, Dogpile.com, etc. you will see advertisements based on your past search engine activity.

From wiki, “On May 26, 2011, President Barack Obama signed a four-year extension of three key provisions in the USA PATRIOT Act: [2] roving wiretaps, searches of business records (the "library records provision"), and conducting surveillance of "lone wolves" — individuals suspected of terrorist-related activities not linked to terrorist groups.” Thanks to this invasion of privacy NSA can still track your internet activity using Tor. But most of the rest or world, and unscrupulous individuals, cannot.

I’ve have tried to explain this insidious invasion of our internet privacy to friends and family and the response I get is, “let them track me… I’m not doing anything wrong on the Internet.” What they don’t understand is snoopers and deceitful crackers use this open information to steal your identity and target their scams. Also the US government can subpoena this information from any business that tracks your internet activity… anytime (can you say the George Bush/Obama Patriot Act still in place). This information that you freely provide to criminals and governments can be used to cost you your life (in some countries), many thousands of dollars in litigation, years of frustration getting back your identity, ruin your credit, and destroy your life as you know it. But if you spend a few hours following the captain (for free) I will show you how to protect yourself somewhat. No technique is perfect and some crackers/governments will have a work around to anything (NSA for example). But you will be safe from most of the rest of the world… which is a lot more secure than “open surfing” exposing you home PC to criminals everywhere! You can read about Tor’s limitations at https://www.torproject.org/download/download.html.en#Warning

From September, 2011 PC World, “For true privacy while surfing the Web, you need to encrypt the data that you exchange with websites and mask where the data is coming from. Enter the Tor Network, a free service maintained by the nonprofit Tor Project and a worldwide network of volunteers who are dedicated to keeping the Internet free and private. With the Tor Network’s servers, your request enters the Tor Network via and entry point known as a relay. Most relays are servers running a copy of the Tor software, which encrypts the request and sends it through a random series of server relays to confuse surveillance and frustrate anyone monitoring your Internet activity.

As your request passes through nodes, layers of encryption strip off, until your request hits an exit relay and returns to the Internet to request data from the Web page that you are trying to visit. Even if the server hosting that Web page logs your search queries or IP, the data isn’t associated with your name or home computer. Backtracking the request to your location is much more difficult, too, because after the server dispatches the relevant data, the data bounces back through the Tor network before arriving at your home PC.

Tor is free, and hackers, privacy enthusiasts, and Egyptian and Iranian dissidents have used it with great success to elude government surveillance.” This is where PC World drops the ball. They say little about how to install Tor or how to take other measures to ensure your security. PC World also does not go into much detail on Tor’s limitations… but the Captain is here to help!

Tor is only the fist step toward internet surfing privacy. You should do all your web surfing using “virtual” environments. Go get VMWare Player  (currently at version 3.1.4, released March 29, 2011), or Virtualbox (currently at version 4.1.2, released August 15, 2011) and install one or the other. Then go get an operating system like Fedora, openSUSE, Ubuntu, Linux Mint, or even and old Windows XP disk and install that as virtual environment to surf in using the Tor network. Having a virtual XP environment is also and excellent place to install all that questionable FREE software that everyone loves to try! This added measure of protection insulates your PC against cookies, spyware, viruses, etc. that we get many ways… the most prevalent being from visiting questionable web sites that search engines present, and we blindly click on with no regard for our PC security.

Use “Network Address Translation (NAT)” for your virtual OS. You can check if you are using NAT in VMware Player by right clicking on the virtual OS and selecting “Virtual Machine Settings…” You will see “Network Adapter   NAT”. Even if a “cracker” tracks you back through the Tor network (doubtful) they will land in your virtual Operating System and not on your home computer where all your valuable data is stored. But adding virtual surfing is still NOT enough.

To use virtualization you will need a computer powerful enough run all your applications. See my blog entry titled, “Building the ultimate home computer for virtualization and gaming, don’t scrimp on the components! This baby should scream!” This project was started March 29, 2011 and was just completed September 6, 2011. The motherboard selected is ASUS Maximus IV Extreme-Z and is on the bleeding edge of technology. It also costs a whopping $349. I am letting the technology age another month or two to get more user reviews and feedback on this new technology. In the next few months, god willing, this baby will be built and “the captain” will blog all about it.

From the Tor website, “Tor can't solve all anonymity problems. It focuses only on protecting the transport of data. You need to use protocol-specific support software if you don't want the sites you visit to see your identifying information. For example, you can use Torbutton while browsing the web to withhold some information about your computer's configuration. Also, to protect your anonymity, be smart. Don't provide your name or other revealing information in web forms. Be aware that, like all anonymizing networks that are fast enough for web browsing, Tor does not provide protection against end-to-end timing attacks: If your attacker can watch the traffic coming out of your computer, and also the traffic arriving at your chosen destination, he can use statistical analysis to discover that they are part of the same circuit.”

To get real privacy you can integrate other applications with Tor. There is a gold mine of information about how to do this on the Tor Wiki at https://trac.torproject.org/projects/tor/wiki. The application I integrate with Tor is the “Electronic Frontier Foundation, HTTPS Everywhere.” From their web site, “HTTPS Everywhere is a Firefox extension produced as a collaboration between The Tor Project and the Electronic Frontier Foundation. It encrypts your communications with a number of major websites.”

---

How to install and setup Tor in Ubuntu 11.04 for surfing the internet securely

Installing VMware or Virtualbox, and loading up a virtual OS is beyond the scope of this project. See previous blog entries to learn how to do this. One of the most user friendly virtual Operating Systems I am running is Ubuntu so I am using that to setup Tor and HTTPS Everywhere in Firefox.

General Firefox setup:

1. Login to Ubuntu and apply all the latest updates as root. “$ sudo su –”; “# apt-get update”; “# apt-get upgrade”; “# apt-get dist-upgrade”. Make sure the Firefox browser is updated to the latest version by clicking on “Help > About Firefox”.
2. Add the Firefox browser to the Desktop and to the panel by clicking on “Applications > Internet > Right click on Firefox > Click on (Add this launcher to panel) and click on (Add this launcher to desktop)”.
3. In Firefox click on “Edit > Preferences > Check the Always ask me where to save files” and change the home page. I use my web site at http://users.wowway.com/~captainkirk/ which is also where you can get all the links to free software I recommend.

Method 1 for permanently installing Tor and having it available in Firefox with one click

This method will automatically show the Tor button when you start Firefox. Most of these directions are taken from https://www.torproject.org/docs/debian.html.en#ubuntu and slightly modified for the blog.

• Type “# apt-get install tor tor-geoipdb” as root. Note that this might not always give you the latest stable Tor version, but you will receive important security fixes. To make sure that you're running the latest stable version of Tor, continue on.
• Type “$ lsb_release -c or cat /etc/debian_version” and note the release. Ubuntu 11.04 is "natty".

- Debian unstable (sid) is "sid"
- Debian testing is "wheezy"
- Debian 6.0 (squeeze) is "squeeze"
- Debian 5.0 (lenny) is "lenny"
- Ubuntu 11.04 is "natty"
- Ubuntu 10.10 or Trisquel 4.5 is "maverick"
- Ubuntu 10.04 or Trisquel 4.0 is "lucid"
- Ubuntu 9.10 or Trisquel 3.5 is "karmic"
- Ubuntu 8.04 is "hardy"

• Then as root add this line to your /etc/apt/sources.list file: “deb http://deb.torproject.org/torproject.org <DISTRIBUTION> main” where you put the codename of your distribution (i.e. natty, lenny, sid, maverick or whatever it is) in place of <DISTRIBUTION>. After backing up “# cd /etc/apt; cp –p sources.list sources.list.orig” add the following to the bottom of the /etc/apt/sources.list file:

## Add the Tor Project repository.
deb http://deb.torproject.org/torproject.org natty main

• Then add the gpg key used to sign the packages by running the following commands at your command prompt. NOTE: This should be done by the user ID you are using to surf the internet and NOT as root. Type:

$ gpg --keyserver keys.gnupg.net --recv 886DDD89
gpg: directory `/home/username/.gnupg' created
gpg: new configuration file `/home/username/.gnupg/gpg.conf' created
gpg: WARNING: options in `/home/username/.gnupg/gpg.conf' are not yet active during this run
gpg: keyring `/home/username/.gnupg/secring.gpg' created
gpg: keyring `/home/username/.gnupg/pubring.gpg' created
gpg: requesting key 886DDD89 from hkp server keys.gnupg.net
gpg: /home/username/.gnupg/trustdb.gpg: trustdb created
gpg: key 886DDD89: public key "deb.torproject.org archive signing key" imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg:               imported: 1  (RSA: 1)
$ gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | sudo apt-key add -
OK

• Now (as root) refresh your sources and install Tor by running the following commands (as root) at your command prompt:

# apt-get update
Ign http://extras.ubuntu.com natty InRelease
Ign http://security.ubuntu.com natty-security InRelease            
Ign http://us.archive.ubuntu.com natty InRelease                    
Ign http://us.archive.ubuntu.com natty-updates InRelease            
Get:1 http://deb.torproject.org natty InRelease [2,756 B]           
Hit http://security.ubuntu.com natty-security Release.gpg           
Hit http://extras.ubuntu.com natty Release.gpg                      
Hit http://us.archive.ubuntu.com natty Release.gpg                            
Hit http://security.ubuntu.com natty-security Release
and so on...
# apt-get install tor tor-geoipdb
Reading package lists... Done
Building dependency tree      
Reading state information... Done
The following packages were automatically installed and are no longer required:
  linux-headers-2.6.38-8-generic polipo linux-headers-2.6.38-8 socat
  libreadline5
Use 'apt-get autoremove' to remove them.
Suggested packages:
  mixmaster xul-ext-torbutton tor-arm
The following packages will be upgraded:
  tor tor-geoipdb
and so on...

• Startup Firefox and browse to “https://www.torproject.org/torbutton/index.html.en” and click on Install Stable: Click to install from this website. Click on “Allow” and “Install Now”. You will see “Torbutton will be installed after you restart Firefox.” Click on “Restart Now”.
• When you start Firefox you will see the Tor button with an “X” on it, “Toggle Tor for status”. Click on it and you are using Tor to surf the internet safely in a virtual Ubuntu environment.
• You can verify that Tor button is installed by clicking on “Tools > Add-ons > Extensions”. You will see “Torbutton 1.4.2”.
• If you want Tor enabled every time you start Firefox like I do “Right click on the Tor button > Select Preferences… > Click on the Security Settings tab > Click on the lower Startup tab > Click on the On browser startup, set Tor state to Tor”.
• Net click on the “Shutdown” tab and check “Clear cookies during any browser shutdown”.
• Now surf to https://check.torproject.org/?lang=en-US&small=1 and you will see a web page displaying, “Congratulations. Your browser is configured to use Tor. The web page will also display something like, “Your IP address appears to be: 78.31.70.182 or 199.48.147.40”. This tells you your IP address is masked and you are surfing through a Tor server relay.

Method 2 for running Firefox in Ubuntu without installing the packages:

1. Login to Ubuntu and “# mkdir Tor”.
2. Surf to the download page at Tor and click on “Linux, BSD, & UNIX” button and download either the 32bit or 64bit version to the Tor directory… depending on your hardware.
3. Directions for installation from Tor, “Download the architecture-appropriate file above, save it somewhere, then open a terminal window and do the following:
   ”$ cd Tor”; “$ tar -xvzf tor-browser-gnu-linux-i686-2.2.32-2-dev-LANG.tar.gz or tor-browser-gnu-linux-x86_64-2.2.32-2-dev-LANG.tar.gz” (where LANG is the language listed in the filename).
4. “$ cd tor-browser_en-US”; “$ mv * ..”; “$ mv .* ..”; “$ cd ..”; “$ rmdir tor-browser_en-US”.
5. Either open a terminal window and “$ cd Tor” or double click on the directory, then execute the ./start-tor-browser script. This will launch Vidalia and connect to Tor, it will also launch Firefox. Do not unpack or run TBB as root.
6. You should see “Connected to the Tor network!” dialog box pop up and later Firefox will run and display the web page, “Congratulations. Your browser is configured to use Tor.” The web page will also display something like, “Your IP address appears to be: 78.31.70.x or 199.48.147.40”. This tells you your IP address is masked.
7. Check you real PC IP address in windows by clicking on “Start > Run > cmd > and typing ifconfig” and compare that IP to the virtual IP displayed on the Tor web page. The ifconfig command should display an IP like 192.168.1.x which is vastly different than the Tor address of 78.31.70.182.
8. In Firefox click on “Tools > Add-ons > Extensions” and you will see “Torbutton 1.4.1, Torbutton will be updated after your restart Aurora.” Click on “Restart now” and the Congratulations page will reappear. Click on “Tools > Add-ons > Extensions” again you should see Torbutton 1.4.2.
9. You will also see funny looking icon on the upper right side of Firefox that looks like a green acorn. When you move the cursor over this icon it should say “Tor enabled”.
10. One problem with this installation is the next time Ubuntu is started and you run Firefox you will not see the Tor button. You have to run the script again to use Tor.

I did not add the the third option using the development branch of Tor because we are not here to help diagnose problems with the Tor network. But you can if you want. Go to bottom of blog entry to read about installing HTTPS Everywhere.

---

How to install and setup Tor in Fedora 15 for surfing the internet securely

Some of the following is taken from the Tor web site at https://www.torproject.org/docs/rpms.html.en

Do not use the packages in the native repositories. They are frequently out of date. That means you'll be missing stability and security fixes.

I first apply all the latest updates like I did in Ubuntu by typing (# yum update). If run without any packages, update will update every currently installed packages. If for some reason a package does not apply use the GUI and uncheck that package. I always have problems applying kernel-PAE-2.6.38.6-26.rc1.fc15_2.6.40.3-0.fc15.i686.drpm because VMware Player does not allocate enough space the / (root) partition. I keep hoping VMware will fix this problem but it has existed since I have been using Fedora in VMware.

Transaction Check Error: unknown error 13191497 encountered while manipulating package kernel-PAE-2.6.40.3-0.fc15.i686. The following screen shot shows how to get the updates applied using the GUI:

Make sure the Firefox browser is updated to the latest version by clicking on “Help > About Firefox”.

Running the Tor client on Linux/BSD/Unix

Note that these are the installation instructions for running a Tor client. The easiest way to do this is to simply download the and install the latest Tor Browser Bundle.

Step One: Download and Install Tor

The latest release of Tor can be found on the download page. Tor has packages for Debian, Red Hat, Gentoo, *BSD, etc. there too. If you're using Ubuntu, follow my directions above to use Tor’s deb repository. Similarly, CentOS / Fedora / OpenSUSE users should use Tor’s rpm repository instead.

If you're building from source (not recommended by the captain), first install libevent, and make sure you have openssl and zlib (including the -devel packages if applicable). Then run:

# tar xzf tor-0.2.2.32.tar.gz; cd tor-0.2.2.32
#./configure && make

Now you can run tor as src/or/tor, or you can run make install (as root if necessary) to install it into /usr/local/, and then you can start it just by running tor. I did not try this.

Tor comes configured as a client by default. It uses a built-in default configuration file, and most people won't need to change any of the settings.

To install Tor from a package repository (recommended by the captain):

You'll need to set up our package repository before you can fetch Tor. Using yum in Fedora, in /etc/yum.repos.d/, create a file called torproject.repo. Edit this file with the following information:

[torproject]
name=Tor and Vidalia
enabled=1
autorefresh=0
baseurl=http://deb.torproject.org/torproject.org/rpm/DISTRIBUTION/
type=rpm-md
gpgcheck=1
gpgkey=http://deb.torproject.org/torproject.org/rpm/RPM-GPG-KEY-torproject.org

If you wish to track the stable releases of Tor, you should substitute DISTRIBUTION with one of the following: centos4, centos5, fc13, fc14, suse

To track experimental releases, substitute DISTRIBUTION with one of these: centos4-experimental, centos5-experimental, fc13-experimental, fc14-experimental, suse-experimental

# yum install tor

Running Transaction
  Installing : fedora-usermgmt-default-fedora-setup-0.11-1406.fc15.noarch         1/7
  Installing : fedora-usermgmt-core-0.11-1406.fc15.noarch                               2/7
  Installing : fedora-usermgmt-shadow-utils-0.11-1406.fc15.noarch                    3/7
  Installing : fedora-usermgmt-0.11-1406.fc15.noarch                                      4/7
  Installing : tor-systemd-0.2.1.30-1501.fc15.noarch                                       5/7
  Installing : tor-core-0.2.1.30-1501.fc15.i686                                                6/7
  Installing : tor-0.2.1.30-1501.fc15.i686                                                       7/7

Installed:
  tor.i686 0:0.2.1.30-1501.fc15                                                                 

Dependency Installed:
  fedora-usermgmt.noarch 0:0.11-1406.fc15                                                       
  fedora-usermgmt-core.noarch 0:0.11-1406.fc15                                                  
  fedora-usermgmt-default-fedora-setup.noarch 0:0.11-1406.fc15                                  
  fedora-usermgmt-shadow-utils.noarch 0:0.11-1406.fc15                                          
  tor-core.i686 0:0.2.1.30-1501.fc15                                                            
  tor-systemd.noarch 0:0.2.1.30-1501.fc15                                                       

Complete!

Although this looks like it will work it did not completely get everything working. For example, you will probably also want Vidalia Control Panel for Tor, especially if you want to setup Tor as a Relay. This the Tor GUI configuration tool.

# yum install vidalia

To start Tor manually:

# service tor start

If you want the Tor service to start automatically like I do:

# chkconfig tor on

I had a few problems getting the “Tor” service to start automatically, (# chkconfig -–level 5 tor) did not start Tor at run level 5. You can check to see if Tor is running after a reboot by using:

# system-config-services or serviceconf

Using (# chkconfig –-list) will only show SysV services only.

---

Now that Tor is installed, running and set to start automatically. Move on to step two of the "Tor on Linux/Unix" instructions.

Tor had this footnote on their web site which did not apply to my installation: The DNS name deb.torproject.org is actually a set of independent servers in a DNS round-robin configuration. If for some reason you cannot use it, you might be able to access one of the individual servers instead. Try deb-master.torproject.org, mirror.netcologne.de or tor.mirror.youam.de.

Step Two: Configure your applications to use Tor

After installing Tor, you need to configure your applications to use them. The first step is to set up web browsing.

You should use Tor with Firefox and Torbutton, for best safety. Simply install the Torbutton plugin, restart your Firefox, and you're all set. You will see Install Stable: click to install from this web site. Firefox will prompt you and click on “Allow > Install Now > Restart Now”. Next right click on the Torbutton select “Preferences > Security Settings tab > Startup > check the On browser startup, set Tor state to: Tor. The Click on the Shutdown tab and select “Clear cookies during any browser shutdown”.

Browse to https://check.torproject.org/ to check that everything is running.

If you plan to run Firefox on a different computer than Tor, see the FAQ entry for running Tor on a different computer.

To Torify other applications that support SOCKS proxies, just point them at Tor's SOCKS port (127.0.0.1 port 9050). See this FAQ entry for why this may be dangerous. For applications that support neither SOCKS nor HTTP, take a look at torsocks or socat.

For information on how to Torify other applications, check out the Torify HOWTO.

Install HTTPS Everwhere:

To install HTTPS Everywhere simply browse to “https://www.eff.org/https-everywhere” and click on “Click here” to install the latest 1.0.1 version. Once installed you should see “HTTPS-Everywhere 1.0.1” when you click on “Tools > Add-ons > Extensions”.

With these simple steps you have now taken some huge steps in protecting your home PC from attack while doing all your questionable internet search activity. By “questionable” I mean doing research on whatever you are looking into using the search engines like way I do to find things like the latest and greatest information on computer hardware. I click on many links that I have no idea where I am going. It also keeps criminals, search engines, governments, etc. from tracking internet activity! It is not foolproof but with these simple steps you are doing more that 99% of the users out there. Who are criminals going to target… you or the other easy 99%?

 

Stay safe my friend.

Dropbox / Skydrive, or both? Fedora 15 is out! VMWare Player still at 3.14 as of 8/14/11…

Work in progress…

I have not forgotten about this post. I am still planning to check out Dropbox for Linux. Unfortunately it is not on my certification test… that it my priority… see previous blog entry. Did check VMware… still at 3.14 as of August 14, 2011.

Fedora 15 went into VMware no problem except for the same kernel update problem because of too little disk space. See previous blog posts.

If any of you have Time and Chaos I developed a script to copy all the tilde ~ files to regular file name you can store on the Microsoft SkyDrive. It makes backing up your my contact, tasks, schedule information easy.

Dropbox.com - Sync up to 2GB FREE of your files online on all your computers, and smartphones simultaneously. Dropbox support Windows, Mac, iOS, Android BlackBerry, and more. May, 2011 PC World.

Skydrive.live.com – Microsoft Live Skydrive offers 25 GB Free online storage for sharing files FREE. It also attempts to integrate your documents, photos, videos and email. I use it across my windows systems which makes sharing a few important files between Desktop’s and Laptops easy.

Even though Dropbox.com only offers up 2GB free is does so with my Linux environments and someday my mobile devices. This could come in very handy when I am on the road with all these devices. So it is a project I will take on to get a closer look inside Dropbox.

Setting your PC’s hardware clock using a Linux Virtual Environment and Network Time Protocol (NTP) Server or Client, the fastest an most accurate way to set your computers software and hardware clocks.

Have not posted a PC/Linux tip in a while so I figured I had better get something up on the blog. Been busy studying and getting the Linux+ certification. I should be done with that in the next few weeks so expect some good stuff coming on the blog. I have some really cool volunteer projects at the local universities working with those masters students that will benefit us all. One is setting up a bootable double encrypted USB drive for that Keypass traveling password file. And the other is setting up SSH to VPN into your secure (locked down) home network. I have blogged about how to lock down your home network in the past.

First off Unix time, or POSIX time, is a system for describing points in time: it is the number of seconds elapsed since midnight UTC on the morning of January 1, 1970, not counting leap seconds.

In my studies for the certification I had to learn about Network Time Protocol (NTP). So I decided to setup a NTP Linux server not really thinking about how this would aid me with the time drift on the hardware clocks on my home computers and my traveling laptop.

Taken from http://fedoraproject.org/wiki/Docs/Drafts/AdministrationGuide/Servers/NTP The Network Time Protocol (NTP) allows the computer to synchronize the clock to that of an external authoritative time source and provide the accurate time to clients on the local network. Fedora provides this functionality through the ntpd server. The ntpd daemon and associated utilities are provided by the ntp rpm package. My old solution to resetting the clock on my home PC’s was to go to:

http://www.time.gov

look at the current time… and then manually type it in using the GUI, trying to hit the seconds correctly. I do this every few months. I also have one PC that eats motherboard batteries like candy and being lazy I have to set the clock every time I boot it… until it annoys me so much I take it apart and replace the battery on the motherboard. Some of my Linux environments are virtual using VMware Player so I was not even sure I could set the hardware clock using them. Turns out I/you can so read on.

My first dilemma was the timezone was wrong in most of my new Linux environments. The default 3.14 VMware install is with Los Angles as the timezone default. So I needed to change that. You can do this easily using the GNOME or KDE GUI but usually a server is not running a GUI interface. So an admin will need to set it from the command line. The first thing I found is there is a bunch of documentation out there (and in my books) about setting a symbolic link from /etc/localtime to the timezone you want. I recommend against this. The /etc/localtime is a binary file probably copied by the tools the various distributions provide from /usr/share/zoneinfo. Having been a UNIX administrator I have worked in too many shops making liberal use of symbolic links. Eventually it gets very confusing. Using the tools to set up the timezone as a binary file is a better solution… or just copying the file from /usr/share/zoneinfo in after backing up the current file. Test it first with a symbolic link.

In Ubuntu type the following:

# dpkg-reconfigure tzdata

or,

# tzconfig

Which sets the text file /etc/timezone and copies the binary configuration file from /usr/share/zoneinfo to /etc/localtime. The /etc/timezone is used by Debian and its derivatives.

---

In Fedora for the X-Windows interface type:

# system-config-date

In Red Hat on the internet it said to type the following:

# redhat-config-date

It sets the timezone in /etc/sysconfig/clock.

In Red Had and Fedora, if you just need to temporarily change the timezone to test an application type the following for the ASCII text interface type:

# tzselect

The tzselect program asks the user for information about the current location, and outputs the resulting timezone description to standard output. The output is suitable as a value for the TZ environment variable. For example, the program output, “You can make this change permanent for yourself by appending the line “TZ='America/Detroit'; export TZ” to the file '.profile' in your home directory; then log out and log in again.

---

Below is an example of a manual way to set the timezone:

# cat /usr/share/zoneinfo/Canada/Pacific > /etc/localtime

This overwrites/updates your /etc/localtime file. If you want to test it first create a symbolic link:

# mv /etc/localtime /etc/localtime.bk
# ln -s /usr/share/zoneinfo/Canada/Pacific /etc/localtime

and then change the /etc/sysconfig/clock in Fedora or the /etc/timezone in Ubuntu.

Now just type “date” and you should see that the timezone has been updated. Once you have the timezone set correctly it is time to update the date/time to an NTP server. Every flavor of Linux I have tested has some public servers already preconfigured. If you have the IP address of a close public NTP server you don’t have to setup a NTP server to update your system clock. For example, type the following command three times to set the software clock:

# ntpdate -u 128.233.154.245

And then update the hardware clock using the following:

# hwclock [options], or hwclock –systohc

# hwclock --systohc
# date
Wed Aug 10 16:01:17 EDT 2011

Set the hardware clock based on the software clock by using the –-systohc option. Set the software clock based on the hardware clock by using the –-hctosys option.

You can set the software clock manually using the following syntax:

# date [-u|-—utc|-—universal] [MMDDhhmm[[CC]YY][.ss]]

---

Installing a NTP server

If you are like me I have no NTP server on my home network, I could not find a NTP server address from my ISP, so I setup a NTP server to see what NTP would recommend as the best IP to use to set the time on my computer. In Fedora, to find out weather the "NTP" is present in the system or not, the following will display the full name of the package if installed and then install the package if it is not already installed:

# rpm -qa ntp
# yum install ntp-doc      To install the NTP documentation
# yum install ntp            To install the package, if already installed you will see:
Package ntp-4.2.6p3-4.fc15.i686 already installed and latest version
Nothing to do

To install NTP in Ubuntu and Debian:

# apt-get install ntp
# apt-get install ntp-doc

---

Configuring and setting up a initial NTP Server

Some of the following is taken from:

http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch24_:_The_NTP_Server

with my own needs inserted. To get the nearest address of an NTP server we have to start the server, wait a few minutes and see what it picks as our best NTP public server.

# service ntpd start
Starting ntpd (via systemctl): [ OK ]

To test whether the NTP process is running use the command:

# pgrep ntpd
602

You should get a response of plain old process ID numbers. One problem you may encounter is if the time on the local server is very different from that of its primary time server your NTP daemon will eventually terminate itself leaving an error message in the /var/log/messages file. Because we are looking for the IP you will have to set the time manually by going to http://www.time.gov and try again. If you know the IP then you can run the ntpdate -u command to force your server to become instantly synchronized with its NTP servers before starting the NTP daemon for the first time. The ntpdate command doesn't run continuously in the background, you will still have to run the ntpd daemon to get continuous NTP updates.

Taken from “Linux+ Complete Study Guide written by Roderick W. Smith”:

The server to which you are synchronized (a.k.a. has the best connection time is denoted by an asterizk (*), other servers with good times are indicated by plus signs (+), and most other symbols (such as x and –) denote servers that have been discarded from consideration for various reasons. You can obtain a server list by passing the –p to ntpq –p, without entering interactive mode.

# ntpq -p
remote refid st t when poll reach delay offset jitter
==============================================================================
*mirror 128.233.154.245 2 u 1 64 1 51.250 -12.376 0.269
conquest.kjsl.c 69.36.224.15 2 u - 64 1 72.761 -1.436 2.505
i4.fwwds.com 24.56.178.140 2 u 1 64 1 49.595 7.041 0.416
name3.glorb.com 198.60.22.240 2 u - 64 1 72.486 2.936 0.366

Once you have the best server denoted by (* –> 128.233.154.245) write down the IP address and then manually sync your time to that server. The ntpdate command should be run three times to synchronize your host’s software clock to the NTP server time, but it must be run while the ntpd process is stopped. So you'll have to stop ntpd, run ntpdate and then start ntpd again.

[root@localhost etc]# service ntpd stop
Stopping ntpd (via systemctl): [ OK ]

# ntpdate -u 128.233.154.245
10 Aug 15:59:48 ntpdate[2132]: adjust time server 128.233.154.245 offset 0.006014 sec
# ntpdate -u 128.233.154.245
10 Aug 16:00:00 ntpdate[2133]: adjust time server 128.233.154.245 offset -0.000184 sec
# ntpdate -u 128.233.154.245
10 Aug 16:00:09 ntpdate[2134]: adjust time server 128.233.154.245 offset 0.000183 sec

Or if getting the time correct to nearest microsecond is not important using the BEST server you could just update it to the NTP pool using:

# ntpdate -b pool.ntp.org
14 Aug 03:27:43 ntpdate[4739]: step time server 68.0.14.76 offset -0.044081 sec

Taken from http://fedoraproject.org/wiki/Docs/Drafts/AdministrationGuide/Servers/NTP Admonition("Note","pool.ntp.org is the project that manages a cluster of publicly available time servers across the world. Its clever DNS round-robin setup greatly reduces the load on individual time servers and aids in reducing the bandwidth cost for the operators and users by utilizing pgeodns data. It is likely that the response to the ntpdate command above will come from the geographically close time server.")

# service ntpd start
Starting ntpd (via systemctl): [ OK ]

So for a brief review:

/usr/share/zoneinfo directory contains multiple subdirectories and files that are used for selecting the time zone for most Linux computers.

/etc/localtime is used to store the time zone that is selected for the Linux computer.

/etc/timezone is a secondary file in Debian Linux that is used to store text-mode zone data.

/etc/sysconfig/clock file is a secondary file in Fedora Linux that is used to store text-mode zone data.

---

Setting up NTP to start at boot

The -–add option adds a new service for management by chkconfig. When a new service is added, chkconfig ensures that the service has either a start or a kill entry in every runlevel. If any runlevel is missing such an entry, chkconfig creates the appropriate entry as specified by the default values in the init script. I don’t believe it was necessary to add the NTPD service in Fedora but I list it here in case other flavors of Linux may need this step.

# chkconfig -–add ntpd

I wanted the ntpd service in Fedora to only be started at levels 3 and 5.

# chkconfig --level 345 ntpd off
Note: Forwarding request to 'systemctl disable ntpd.service'.
rm '/etc/systemd/system/multi-user.target.wants/ntpd.service'
# chkconfig --level 35 ntpd on
Note: Forwarding request to 'systemctl enable ntpd.service'.
ln -s '/lib/systemd/system/ntpd.service' '/etc/systemd/system/multi-user.target.wants/ntpd.service'

You can also use the following for the current run level:

# chkconfig ntpd on
Note: Forwarding request to 'systemctl enable ntpd.service'.

The “ntsysv” is another utility for configuring services to start and stop. But in Fedora it does not list “ntpd” as a configurable service. To be honest, I have more to learn about the Linux startup process. I put print statements in the /etc/rc.d/init.d/ntpd startup file and the script was not even called during startup. This is very different than the UNIX systems I am used to. Linux is beginning to look like Windows starting programs from hidden places. Once again if/when I figure this out I will update the blog.

---

NTP without Automatic update via crontab

But suppose you don’t want a daemon running the background consuming valuable system resources like on a laptop. There is much documentation online about using the ntpdate command but on the man page for “ntpdate” it says the following:

Disclaimer:  The  functionality of this program is now available in the ntpd program. See the -q command line option in the ntpd - Network Time Protocol  (NTP)  daemon  page. After a suitable period of mourning, the ntpdate program is to be retired from this distribution.

When you read the “ntpd” man page it says the following: With the -q option ntpd operates as in continuous mode, but exits just after setting the clock for the first time with the configured servers. So I performed the following experiment to understand what this meant:

[root@localhost etc]# date -u 08142004
Sun Aug 14 20:04:00 UTC 2011
[root@localhost etc]# date
Sun Aug 14 16:04:03 EDT 2011
[root@localhost etc]# ntpd -4 -q
[root@localhost etc]# date
Sun Aug 14 16:05:28 EDT 2011
[root@localhost etc]# /usr/sbin/ntpdate -4 -b pool.ntp.org
14 Aug 21:14:00 ntpdate[3421]: step time server 64.113.32.10 offset 18342.096682 sec
[root@localhost etc]# /usr/sbin/ntpdate -4 -b pool.ntp.org
14 Aug 21:14:16 ntpdate[3424]: step time server 64.113.32.10 offset 0.000402 sec
[root@localhost etc]# date
Sun Aug 14 21:14:24 EDT 2011

Try as I might I could not get “ntpd” to set the time using the –q option. If I discover how to do so I will update this blog entry. My guess is as the description implies it will only sync the first time it is run… or within a certain error factor which I don’t know how to override. So I used the following crontab to update the system’s time using “ntpdate”:

# -4     Force DNS resolution of following host  names  on  the  command
#         line to the IPv4 namespace.
# -b     Force the time to be stepped using  the  settimeofday()  system
#         call,  rather  than slewed (default) using the adjtime() system
#         call. This option should be used when  called  from  a  startup
#         file at boot time. Update /etc/logrotate.conf to rotate the log.
00 12 * * * /usr/sbin/ntpdate -4 -b pool.ntp.org 2>&1 >> /var/log/ntp.log

# Copy the software time to the hardware clock:
15 12 * * * /sbin/hwclock --systohc 2>&1 >> /var/log/ntp.log

We can never configure a log file and leave it unattended. The “logrotate” utility is excellent for taking care of this administration function. There is a good article at http://www.thegeekstuff.com/2010/07/logrotate-examples/.

# cp –p /etc/logrotate.conf /etc/logrotate.conf.orig

Add the following to the /etc/logrotate.conf:

# system-specific logs may be also be configured here.
# Rotate the Network Time Daemon log file.
/var/log/ntp.log {
    weekly
    copytruncate
    notifempty
    missingok
    size 100k
    rotate 9
}

Then test your changes:

[root@localhost etc]# logrotate -s /tmp/logrotate.out /etc/logrotate.conf
[root@localhost etc]# cat /tmp/logrotate.out
logrotate state -- version 2
"/var/log/yum.log" 2011-8-14
"/var/log/boot.log" 2011-8-14
"/var/log/sssd/*.log" 2011-8-14
"/var/log/dracut.log" 2011-8-14
"/var/log/wtmp" 2011-8-14
"/var/log/spooler" 2011-8-14
"/var/log/btmp" 2011-8-14
"/var/log/maillog" 2011-8-14
"/var/log/ntp.log" 2011-8-14
"/var/log/wpa_supplicant.log" 2011-8-14
"/var/log/secure" 2011-8-14
"/var/log/ppp/connect-errors" 2011-8-14
"/var/log/messages" 2011-8-14
"/var/log/cron" 2011-8-14
"/var/account/pacct" 2011-8-14

Logger makes entries in the system log. Add the following script if it does not already exist:

$ cat /etc/cron.daily/logrotate
#!/bin/sh

/usr/sbin/logrotate /etc/logrotate.conf
EXITVALUE=$?
if [ $EXITVALUE != 0 ]; then
    /usr/bin/logger -t logrotate "ALERT exited abnormally with [$EXITVALUE]"
fi
exit 0

---

NTP Troubleshooting and Logging

I was getting some errors messages logged by “ntpd” in /var/log/messages. So to break them out and make sure the server was doing what it was supposed to be doing I modified the /etc/ntp.conf file.

cd /etc
# cp -p ntp.conf  ntp.conf.orig

By default “ntpd” will log all messages to the /var/log/messages file. So if you are having problems with NTP you might want to have your NTP messages consolidated in a separate file rather than sift through /var/log/messages. Add the following to the /etc/ntp.conf file:

# Specify the location of an alternate log file to be used instead of the default system syslog(3) facility.
logfile /var/log/ntp.log

There are many other options and a good read on them can be found at:

http://www.gsp.com/cgi-bin/man.cgi?section=5&topic=ntp.conf.

NOTE: I can’t vouch for if this site is safe or not. Surf to it in an expendable virtual environment. For example, the following also might be useful from the site:

statsdir directory_path
Indicates the full path of a directory where statistics files should be created (see below). This keyword allows the (otherwise constant) filegen filename prefix to be modified for file generation sets, which is useful for handling statistics logs.

After “ntpd” is running you can look at information using the “ntpq” interactive command. To see what these variables entail look at file:///usr/share/doc/ntp-4.2.6p3/html/ntpq.html#pe or http://doc.ntp.org/.

ntpq> rv
associd=0 status=0613 leap_none, sync_ntp, 1 event, spike_detect,
version="ntpd 4.2.6p3@1.2290-o Fri May  6 16:27:05 UTC 2011 (1)",
processor="i686", system="Linux/2.6.38.6-26.rc1.fc15.i686.PAE", leap=00,
stratum=3, precision=-19, rootdelay=80.783, rootdisp=1070.755,
refid=67.18.187.111,
reftime=d1f2d82b.07d5b3fa  Sun, Aug 14 2011 19:26:35.030,
clock=d1f2d8d1.dc787018  Sun, Aug 14 2011 19:29:21.861, peer=13214, tc=8,
mintc=3, offset=6.612, frequency=-45.820, sys_jitter=4.852,
clk_jitter=14.962, clk_wander=2.744

ntpq> peers
     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
+cheezum.mattnor 208.66.175.36    2 u  193  256    1   72.987    0.320   2.464
-w1-wdc.ipv4.got 10.0.77.54       4 u   64  256    7   35.891    2.098   0.519
+mail.freerip.co 67.18.187.111    3 u   69  256    7  113.455    1.004   4.690
*199.4.29.166    64.90.182.55     2 u  133  256    3   40.712    5.705   0.401

ntpq> associations

ind assid status  conf reach auth condition  last_event cnt
===========================================================
  1 13214  945a   yes   yes  none candidate    sys_peer  5
  2 13215  9314   yes   yes  none   outlyer   reachable  1
  3 13216  9414   yes   yes  none candidate   reachable  1
  4 13217  963a   yes   yes  none  sys.peer    sys_peer  3

ntpq> pstatus 13214
associd=13214 status=945a conf, reach, sel_candidate, 5 events, sys_peer,
srcadr=cheezum.mattnordhoff.net, srcport=123, dstadr=192.168.26.134,
dstport=123, leap=00, stratum=2, precision=-20, rootdelay=28.717,
rootdisp=16.663, refid=208.66.175.36,
reftime=d1f2dcf5.995ffb09  Sun, Aug 14 2011 19:47:01.599,
rec=d1f2dd22.32f8895b  Sun, Aug 14 2011 19:47:46.199, reach=007,
unreach=0, hmode=3, pmode=4, hpoll=8, ppoll=8, headway=0, flash=00 ok,
keyid=0, offset=0.320, delay=72.987, dispersion=5.957, jitter=2.298,
xleave=0.164,
filtdelay=    73.94   73.29   77.64   78.72   77.99   78.59   78.57   72.99,
filtoffset=    2.84    0.84    2.35    2.69    2.82    2.84    3.15    0.32,
filtdisp=      0.00    4.08    7.82    7.85    7.88    7.91    7.94    7.97