Posts tagged Linux
Recently, I had to install the CheckPoint SecureClient on my notebook, which is currently running Windows 7 (ok, a linux guys running Windows 7 is something completely different, but let’s talk about that later). In any case, I’ve gone into the CheckPoint website, looking for SecureClient, and got a really funny Seinfeld flash-back:
This kinda reminded me of this:
Last night I met with a friend of mine, Mr. Doron Ofek. For those of you not familiar with the Open Source market in Israel, Doron is the one person most affiliated with RedHat in Israel, as Doron championed the adaptation of RedHat Linux servers in various enterprises and government offices in Israel. Doron is currently heavily involved in the OpenMoko project and its adaptation and promotion in Israel.
We spent a great deal of time last night, talking about the various aspects of Open Source training in Israel – as both us provide various training services to this market sector. While I’m mostly focused on Asterisk Training, Doron is focused on Linux and XEN training. Both of us have some our training routes knee deep in Israel’s computer/IT training companies, namely Matrix, Hi-Tech College and John Bryce. We both talked about our discontent with their inability to promote and market Open Source training courses, simply because they have no idea what these are.
For example, while Hi-Tech college were incapable of signing up a single person for an Asterisk Bootcamp course, I had signed up 10 people to a my first bootcamp – without any marketing or sales budget, simply by putting out the word in the right places. Now, Hi-Tech college has a list of over 5000 people who studied Linux and other Open Source and networking subjects in their college – should have they been able to gather up at least 10 people as well (less then 0.5% of their entire customer base)? the answer is a definite yes, why were they unable to do so? simply because they have no idea what Asterisk is, how it can be marketed, how it can sold and how the customer should be approached.
Doron had indicated a similar issue with both John Bryce and Matrix – however, due to other reasons. However, Doron had managed to sell quite a few training courses for Linux on his own – without any help from the big boys – how did that happen? how is it possible that Doron and I succeeded where the other colleges had failed? how can that be? – then we both realized why eventually, proprietary software will die and the Open Source movement, over the course of time, will simply negate the presence of proprietary software – simply because Open Source people provide for better marketing strategies and methodologies.
Did we learn how to do marketing on school? are we marketing people by nature? the answer is NO – we learned how to market our belief in the Open Source initiative over the course of time. We championed Open Source in various enterprises, events, public speakings and other places. We were the “soap box” speaker at Hide Park’s Speakers Corner, we were that crazy man on the street screaming: “The world is coming to an end, repent!” (well, you know what I mean) – but all in all, as time progressed we learned how to market the Open Source initiative and our belief – the large enterprises are stuck in their own belief and stagnant marketing strategies and plans. As time progressed, the various “champions” left the large enterprises, simply because they got fed up with the wrongful methodology of these and followed their own path – and doing so with moderate success.
In my belief, as time will progress, the large enterprises will surely migrate to the Open Source, and I won’t be surprised if within a period of 5-6 years Microsoft will be shipping out a version of Windows that is based on the Linux Kernel – or another Open Source distibution methodology. Call me crazy, call me chaotic, call me a dreamer – but mark my words – this will happen.
The Open Source movement had been in existence since the 60′s, and we can surely find its roots somewhere along the hippie culture and movement. While Free-Love had transcended to Free-Code, or to be more exact – Free-Knowledge, the question of the sources for your Open Source is still questionable. Comparing it with the Sixties, it’s easy to compare the various “Free-Love” movements with the various “Open Source Paradigms” of today. While GPL, BSD, MPL, ZPL and others preach for Open Source adaptation – each one took a different path.
While the paths differ, but the end result is more or less the same, all suffer from a serious lack – a bad reputation. While in the early 2000, Open Source usually meant – highly stable, state of the art technology, increased ROI, lowered TCO and most importantly for many – COOL. Coming 2008, Open Source is starting to get a bad rep, due to the ever increasing simplicity of entering the Open Source world.
I started using Linux somewhere around 1994. My first Linux distribution was a Slackware, with a kernel of 1.0.28 – I needed 99 floppy disks in order to install the system, and it took me a few hours to do so. However, I can’t forget my amazement at seeing the X-Windows environment booting up, and more than that, being completely overwhelmed with the fact that I have a fully functional UNIX environment in my house, just like the one I had in my Army office. Now, I basically had no one to teach me this new environment, so, I had to take my UNIX skills (Solaris and AIX) and adopt to Slackware Linux – it took me a few weeks to get around, but I got around and stuck to it ever since.
Now, let’s jump 14 years forward in time. The year is 2008, a graphic based environment for Linux is no longer a myth and it is getting better and better by the day. People are starting to adopt Linux beyond the academic and the ISP market sectors, slowly integrating Linux based distributions (Mandriva, Ubutnu) on to their desktops and notebooks. Linux is become simple and appealing to everybody.
When something becomes easy to use, people make good use of it – a good example is the Asterisk project. Projects such as TrixBox (AKA: AsteriskAtHome), PBXinaFlash, AsteriskNOW and others had made Asterisk into a simple installation product, that can be installed and managed by any half-decent sysadmin. Problem is, while a half-decent sysadmin will do a fair job of maintaining the system, a shitty sysadmin will crap everything to hell. But hell, that is true for almost anything related to computers or technology – there’s nothing new here! Well, there is nothing new and everything is now new. People who were more or less selling shoes 3 years, then 2 years decided to sell ISP routers, then a year ago started selling IP phones, are now selling Asterisk based systems – using these distibutions, while having no idea what they are selling or promoting. For these people, Asterisk is nothing more beyond FreePBX – once encountering deeper issues, will simply abandon the customer – leaving the Open Source product with a bad rap with the, now disappointed, customer.
I want to believe that other places in the world are different, I want to believe that Israel will reach a point in time when this doesn’t happen – however, I guess that only time will tell and I surely hope this will change in Israel.
After seeing well too many movies about the US and after visiting the US for a few times, many people tend to disrespect the FBI in the USA. While I have much respect for most law enforcement agencies, wherever these are located in the world, I must admit, that the latest warning from the FBI regarding Asterisk borderlines pure hystria and complete misunderstanding of the actual issue.
On Dec 8th, the FBI had issued the following warning:
New Technique Utilizing Private Branch Exchange (PBX) Systems To Conduct Vishing Attacks
The FBI has received information concerning a new technique used to conduct vishingi attacks. The recent attacks were conducted by hackers exploiting a security vulnerability in Asterisk software. Asterisk is free and widely used software developed to integrate PBXii systems with Voice over Internet Protocol (VoIP), digital Internet voice calling services; however, early versions of the Asterisk software are known to have a vulnerability. The vulnerability can be exploited by cyber criminals to use the system as an auto dialer, generating thousands of vishing telephone calls to consumers within one hour.
Now, after a full weekend of frenzy trying to understand the cryptic warning the IC3 had issues, it was gathered that it is referring to an old time bug, related to Asterisk distributions prior to 1.4.18. Being familiar with the particular bug and the exploitation method – I can say this: They surely have no idea what they are talking about!
The exploitation of the bug requires several pre-requirements:
- A certain IAX2 configuration has to be deployed
- A certain version of Asterisk must be used
- A certain form of dialplan has to be existing
- You Asterisk server needs to be available on the Internet
Now, even when these 4 are met, the exploitation isn’t all that simple and that straight forward. So, in other words, if you are not utilizing any of the above, you can rest assured that your system is fine. In any case, any system is as secured as the dumbest user (in our case developer/sysamdin) who uses it.
As you probably already learned from a previous post, I’ve switched to Mandriva from my previous FedoraCore distro, running on my home PC and my old ThinkPad T42 notebook.
Recently, I’ve signed up with Cellcom, an Israeli cellular provider for data connection only. I’ve received a Sierra AirCard 880E, which installs easily on Windows and on MacOSX, however, Linux was a little tricky. While reading several sources around the internet, dealing mainly with some shell based scripts – Mandriva is different – simply requires a bit to know the Mandriva framework in order to get it working right.
Step 1: Know where your AirCard is
As the AirCard is inserted to the computer, Mandriva will automatically load the respected kernel module and will automatically assign the /dev/ttyUSB0 device to it.
Step 2: Mandriva Control Center
In the Mandriva control center, launch the network configuartion tool for creating a new connection. Here’s the trick, you need to create a “POTS” connection, not a 3G/EDGE connection. The reason is that the EDGE/3G functionality is maintained by the AirCard itself, Linux has nothing to do it.
Step 3: Configure your connection
I named my connection as Cellcom and setup the following as my dial-in number: *99# – this is very important. Select PAP/CHAP as your login type and set both the username and password to be “cellcom”.
From this point onwards, you should be just fine and up on the network in no time