Installing OSSEC 3.7.0 on Debian 11 (Bullseye) How-To

Now that version 3.7.0 has been released I took another deep dive into how this is compiled from Source, as usual I brought this onto me because I like testing this for when I have to push it into other systems that are not directly supported by the available packages.

For OSSEC 3.7.0 a package was added to the previous requirement list which can be found below:

apt install wget build-essential libpcre2-dev zlib1g-dev inotify-tools libevent-dev libssl-dev libsystemd-dev

To download and decompress run:

wget -qO- https://github.com/ossec/ossec-hids/archive/3.7.0.tar.gz | tar -zxvf

And finally run the install.sh file, again for my case I use local as I pull the logs using NXLog.

Have fun!

Installing OSSEC 3.6.0 on Debian 10 (Buster) How-To

Because this always catches me by surprise when I need to do it, and while I don't do it often it is always this that bothers me the most, so here is how to install OSSEC 3.6.0 as a local agent on a Debian 10 OS, has worked the same for x64 and ARM systems so far.

First get those packages in line, I usually run a minimalist version of Debian so these may not come with your current installation. 

apt install wget build-essential libpcre2-dev zlib1g-dev inotify-tools libevent-dev libssl-dev

With that out of the way pull the package for OSSEC 3.6.0:

wget https://github.com/ossec/ossec-hids/archive/3.6.0.tar.gz

Unpack the newly downloaded .tar.gz

tar -zxvf 3.6.0.tar.gz

Go into the folder, search for install.sh and run it then do local, again this should also work for other modes of OSSEC but I usually do local and pull logs through other methods.

Have fun!

Recovering damaged videos with untrunc

This is more for personal reference but I know someone somewhere will need this and I want to have it here as a light house because this was a pain to figure out.

There is an application called untrunc which can help recover a damaged video file as long as you have another file that was produced by the same device, in my case I am recording playthroughs and this is happening because the hard drive is giving out on me for random reasons, I can't ask much from a hard drive that has been in use for more than 8 years.

untrunc can be found here: https://github.com/ponchio/untrunc in its original form and an improved version here: https://github.com/anthwlock/untrunc

The one from anthwlock is the one that worked for me, the one from ponchio would not compile no matter what I did, for reference this was done both in Debian 9 and 10.

Once I followed the steps from anthwlock I had it installed, I added it to /usr/bin and I ran first the following command:

untrunc -v (good video) (bad video) because as it was the thing would not go through, I did not understand why though so -v told me that there was an issue with consistency, because the first video was larger than the second, how did I go around this? By using -a and -s so it looks something like this:

untrunc -a -s (good video) (bad video)

You may get a ton of prompts telling you if it's OK to continue, go ahead and from there you should be able to recover the damn thing, go at it, edit it and have fun!

Learning Ansible and Vagrant or why I really need to put myself to date

For some time, I have heard Ansible this, Vagrant that, Docker and Kubernetes, Cassandra, and a bunch of other names of applications, services (or micro-services, whatever that is), APIs and whatnot, these are all foreign to me and come surprisingly fast to me in a time when I'm trying to pick up coding again because I want to try my hand again at doing something interesting.

I have learned first that I keep doing things the wrong way as I go through the Ansible from Beginner to Pro by Michael Heap (which by the way needs some revisioning as I find some of the wording confusing as hell) when doing development and provisioning of my environment.

So let me backtrack here and explain what I’m talking about, some years ago I used to work at a company that handled auto parts for the entire country and our plans of expansion were putting a real strain on our current inventory system (something built in Access 2010) so the company needed something different, enter me as a Junior Programmer to figure things out together with my boss, we handled it the best we could but in the end we did not manage to push the project through and parted ways with the company.

From my tenure there I learned a lot about PHP, jQuery and MySQL together with Linux, but I was still lacking in many ways the knowledge I needed to do what the company needed (I was Junior anyway, but you get my drift, you want to eat the entire world). As time has gone by I have kept up with programming through different methods, either building Bash or Python scripts, a small website to keep track of something very specific or some random requirement from a friend.

About a year ago I decided to get back into the whole thing now that I have figured out how to really handle my free time and through the magic of Humble Bundle I have acquired about forty to fifty or so books (of which I have used maybe one or two, I am behind on reading but I’m doing my best to keep up) which lately include Web Development (I mentioned previously this as I was interested in the whole Static Sites thing).

For this whole purpose I wanted a server, a real rack-mounted server, which now sits on my desk (and works as a nice extension of it) that I got for cheap (thanks eBay!). At this point in time the PowerEdge 1850 has been partially upgraded (still waiting for other parts), has the highest version of ESXi it can handle (which is 4.1 update 4) and has been tested out to see how it performs and for the price I spent I can’t complain, it does a very good job and frees my laptop from the hassle of having a test environment on the same machine I use for other stuff. My problem was that I needed to handle the deployment and installation of the machines and I did not want to go through the whole damn hassle of replicating everything item by item, so I went and looked through the books I see the Ansible thing and I think, well, better give it a shot (I know I could try Docker and containers but bear with me as I struggle to figure out most of the stuff I have to get up to date with!).

So far trying Ansible and Vagrant have been as usual a very mixed bag of results, Ansible was easy to install, Vagrant not so much and it was throwing a fit due to the version of VirtualBox I had installed so I had to download everything from the respective websites and install it on my laptop, after figuring that out I got to work on some playbooks and provisioning, when I saw how it worked and what it did I was shocked, I had thought about this same idea a couple of years ago and even thought about how to do it, I knew there had to be an easy way to deploy virtual machines and then push a script or something to install all the stuff it needed before it could get to work, little did I know that such a thing existed in the form of Ansible (not dissing or ignoring Chef or Puppet, Ansible is what I have at hand and that’s what I’ll work with).

My other problem with Ansible is the way playbooks are coded, at first it felt a bit esoteric but once I understood the logic I figured out that it was more of a be very careful of how you write stuff otherwise it won’t work approach than anything else, frustrating at first but once you get the hang of it the thing seems pretty obvious what you have to do and how to do it. Also, there seems to be a considerable number of playbooks available to go through, so I’ll have to give them a check once I am done with this book and get everything setup the way I want it.

Figuring out Node.JS with Debian, a never ending journey

Many years ago I decided to switch over to Linux as my personal OS, in particular because I did not feel like buying a computer every so often and also because I did not have the money to upgrade to a considerably new machine (nowadays I still don't have the spare money to do that but from time to time I find parts that I either use to upgrade what I have or store them to build something better).

I played around with many Linux Distros (ranging from Fedora and Ubuntu to Debian and Mandriva) but ended up landing on Debian 5, to my luck Debian 6 was released a few days after I switched over to Linux and I could finally get some of the issues out of the way for some basic stuff that I needed back then (namely Dropbox), from there on I have worked with Linux at home for what would now be 7 years but I had played with the idea of working around with Linux since 2004 during which I found it quite complicated (I believe it was Mandrake that I was trying back then and eventually Slackware but neither seemed compelling to me).

From time to time I keep finding the odd Linux error which has a solution somewhere on the internet, in other instances I am confused and must work on compiling something to make either an old package work or some obscure program run on my machine.

Another thing I have learned during my tenure with Linux has been web programming (PHP and MySQL) and some scripting with Python mostly but also some Bash, these have helped me a lot on previous jobs and I have come to notice that knowing these I could put them into more practical use than whatever my work is requiring of me, such as getting a small website up and running to have presence on the internet aside from the blogs and YouTube account I currently handle, by chance I found some Web Programming books on Humble Bundle and a book caught my attention immediately, Working with Static Sites by Raymond Camden and Brian Rinaldi. If memory does not fail me static sites are a thing of the past, but I was very intrigued on trying this out and I have not been disappointed so far as my curiosity with Node.JS, ReactJS and other modern languages continues to intrigue and elude me (as I do not currently hold a position which requires me coding all the time I am not up to date with much of the things web related).

I found a problem when starting some of the tests, I decided to install Node directly from a repository and when updating or installing new packages through npm it would not work, intrigued as to why I would need sudo all the time I started looking around and found that this was an issue in how npm was handling everything and that nvm was the solution for my problem.

After downloading the latest version of nvm and easily installing it I proceeded to update npm to the latest version (npm install -g npm <-- This intrigues me, the fact that there is no command to directly update npm amuses me), finally installed harp (which was throwing a fit about a bunch of stuff not working and node-sass not installing because using sudo would break it and not using sudo would tell me there was an error during the process).

After I had done this I noticed it would not work, intrigued I checked one of my virtual machines, repeated the latest steps and got it to work without an issue, went back to my machine and remembered that I had installed through a repository so I removed it manually from the sources.list file and removed the package, with this I could finally get harp to work and show me the initial website from the default template.

Slitaz = Life Saver

Well it has been quite a while since I wrote on this blog and that is probably because I never found the special need to do so, be it for whatever reason.

Today I had the chance to toy around with a Toshiba Laptop built somewhere around ´99 or 2000, Pentium III Proc @ 450 MHz and 64 MB of SDRAM, which I tried upgrading but didn´t work, and a superior 6 GB HDD. This, laughable as it may seem to some, was my perfect choice for a school laptop, as I need to write a lot and my old T60 is gone now, forever, which left me with my bare hands... yeah, no.

So I was playing around with this thing and I tried different Distros in it with no success, Debian 6 and 7 RC 2 were not working at all, as a matter of fact I couldn´t connect to the wireless network as it uses WPA and the Debian installer only allows WEP; PuppyLinux was just doing bad, probably because the video card ranges somewhere around 2 to 4 MB, maybe even less; I wasn´t doing DSL, I didn´t do DSL; Knoppix was also out of the question; Crux, which is a Distro I learned about from K. Mandla, wasn´t working either and I have no other laptop at hand to do the whole "transfer this to the faster one then finish the fight on the slower one", too much hassle and not enough resources; then came SliTaz and everything somehow changed.

You see, with all the other Distros I wasn´t getting anywhere, at all, and the furthest I managed to get through was with Debian 6 but yet again that didn´t go far with the PCMCIA Wireless Card, take note that this laptop has no internal wireless or ethernet, keyword, NO, ETHERNET.

BOOM, HEADSHOT!

Back to SliTaz. I give it a try, at first I´m not sure why it won´t boot in some modes, then I discover it is because of the video card, so I just let it roll and get to console, good, this thing boots at blazing 8 to 5 seconds, I am impressed but I need to find a way to get this working on the hard drive itself and get rid of the CD thing.

So I look around for instructions and find that it was easier than I expected, no compiling was required and only some slight tweaking here and there, including formatting the hard drive and what not, did everything for me. Copy this and move it here, mount that, unpack this, everything goes smooth even though I have to work with Vi, nothing against it but man I´d rather have Nano anyday.

So the thing boots, IT BOOTS, but it goes into this horrible twisted screen that could be a surrealist painting. It kinda looked alive but I wasn´t sure... so in the end the video was still screwed up.

Solution?

Console mode. By adding a single screen=text to grub it all worked juuuuuuust as I needed it, this whole adventure actually started because I needed a system that would run a console system not a GUI based system so this is what I got in the end and this is what I wanted, it was a win-win situation for everyone as the guy who put it in the office wasn´t really looking forward to seeing it coming back.

eMachines keeps trolling me after so many years

I have been doing IT for some 7 years now, like I've mentioned a couple of times, in different fields which range from Call Center Technical Support, the cheapo and fancy version, up to personal support to customers and companies that range between your mom and pops business up to the thousands of employees Corporation, and never have I personally found something as disgusting or annoying as an eMachines Desktop.

Yes I get the point about building affordable systems for the common user but for the love of whatever it is that you praise do it right man and I am dead serious here.

All this comes here for one reason. Two days ago I bought this old L7VMM MOBO from the guy that gives me the old computers I refurbish and let me tell you that these two last days have been terror and horror to me but also they have provoked me to look for answers to things I had previously learned and with that I had forgotten since I never used them.

I couldn't quite remember how to format a PC from a floppy, yes I am serious about the floppy thing and I have a bunch of them stored in a box, and it has been a while since I saw a FAT32 Partition in something that isn't a USB drive. That said it's also been years since I've seen a K7 in use, an AMD Duron @ 650 MHz to be precise, and I wanted to put it to use since... well the codename of the processor is "Spitfire" and using a computer with a CPU named like that sounds killer although it turned out to be a complete bummer.

How did all of this really start?

First off I placed everything in a case, that ironically states outside that it uses a P3 Celeron 600MHz CPU and that this PC NEVER goes obsolete...

Next, I try booting straight from the HDD with no luck and I start working around with it. Then I notice, in horror, that this is one of those PC's that for the life of me won't boot up from the CD-Drive and I am not sure why this is even happening but it has me terrified.

My first alternative turned out to be a Windows 98 boot floppy with CD-ROM support, because maybe you don't know it but back in the day some things weren't supported like CD-ROM drives or Floppy Drives and USB was non-existent.

As mentioned further above it had been a while since I saw a full partition of FAT32 and from there on it just went downhill. I got the CD recognized and I ran the WINNT exe to get the installation going but at first it wouldn't do it mentioning something about not enough swap space. Some ten minutes later I figured that I had to delete the NTFS partition that was occupying 99% of the hard drive... yeah I kept forgetting how the commands work.

Next stop was trying WINNT and it partially worked, then died on me, then worked, then died again, then I decided to go for Nomad, the codename for a 4GB hard drive I got laying around holding Debian 6, and it went into a deep coma state that could only be prevented if I went into the recovery state which meant I had to mess around with it a lot more than I wished for it, openSUSE laughed at me too or cried, not sure at this point, but it didn't work, Windows XP from another machine didn't work either and I've had it with this PC that will only run floppy systems, nothing bad with them but if I try and sell it to the normal customer I won't get much out of it.

Then there's the suspicion that the CPU may be damaged but I have no way to prove this since yet again I have no way to load Hirens or any other tool to test this out, RAM is also an option but that would give me a whole different bunch of errors and from what I've read, seen and understood it seems the culprit is the motherboard which has to be flashed immediately after being bought because of buggy software on the BIOS ROM which can only be done inside of Windows.

Level of Patience, almost null.

One more alternative before I give away and ask for my 10 bucks back... Windows 98 2nd Edition. May work, may not work, I don't know and I don't care but I am not letting this bad boy go out without a battle.

And in the end that also failed... that sums it up after I saw Windows 98 getting stuck several times during the installation and having to force the "restart" physically. At this point I am pretty sure the culprit is the processor and well there's nothing much I can do about this except return it and get my money back and buy a soda or something.

If you ever want to play DVDs on Debian Squeeze

Here's how you do it!

# &lt;-- Are comments. You can actually copy all of this, below the sources.list link that needs to be added, into a bash script and it'll theoretically run.

#Add this to the /etc/apt/sources.list

deb http://www.debian-multimedia.org squeeze main

#After doing that go into the console and use the following commands

sudo aptitude install update

sudo aptitude install debian-multimedia-keyring

#Update list then install libdvdcss2

sudo aptitude install libdvdcss2

#Don't forget to upgrade!

sudo aptitude upgrade

#You're good to go!

If you got any issues with it let me know with a comment on this post since this all worked fine for me.

Me and Bluetooth

Some will actually bash me for saying this but I despise Bluetooth.

I've never liked it, never actually have owned that many things with Bluetooth anyway aside from a headset and a couple of phones here and there.

Last experience I had was back when I was using Windows 7 and it occurred to me to get a Bluetooth dongle for my ear-piece so I could chat while I was playing or writing. Back then it sounded like a cool ideas, which it was actually up until the installation.

Apparently the program that I got back then with the dongle had some sort of data license which only allowed me to do so much with it and I had to pay some such amount of money to use it.

I was not paying a single cent, why?

Because I already bought the damn thing, most phones have it integrated for the love of god, or whatever entity or thing you believe in, why do I need to pay an additional amount of money?

I forgot about it, completely, and it just occurred to me the other day to try it out with Debian thinking, what's the worst that could happen. Worst thing that happened was that it took a bit to sync with my phone and ear-piece but aside from that I had no problem at all and most importantly I didn't pay a single cent for it. Now isn't that great?

I'll personally have to thank the volunteers at Debian for this one and for actually peeking my interest again into Bluetooth technology.

Cheers!

We got a live one!

I like to play with old hardware and I'm talking dirty here, I'm talking old school.

For some time I had this Coppermine that was giving me issues due to the fact that the thing fried at some point, incredibly the bastard kept on working.

Then Mr. Da Kid was ever so kind to provide me with the old brain and heart of Lavos, now Neo Lavos, which was a tiny Celeron Mendocino. Unfortunately I like to play around with things way too much and in between fighting to release the tiny thing from the socket and trying to put in a new one, which wasn't compatible by the way, I broke the socket bed... again don't ask me how it broke in two but it happened.

This left me without a computer to do my evil deeds, and I do like to make evil deeds with old hardware because it feels like you're making an effort to make the thing work and it becomes a challenge which ultimately leads to satisfaction, but let us forget about masturbatory geek fantasies and let us go back to square one.

I'm without a test computer... until today.

Back on friday I got around to do some stuff and one of them was getting a Socket 775 MOBO for a desktop I'm building for myself and I was also looking for a test environment which could be anything from Pentium 3 to Pentium-Not, AKA 386/486 land, but I hadn't had much luck, with either, until someone pointed out an old swap meet that handles that kind of stuff.

In I go and five minutes later and some bargaining I got this tiny, tiny for the 90's, ATX Motherboard with what I was told was a Pentium II processor of unidentified source since the BIOS lacks any useful information.

Not only did I have to rebuild the desktop from scratch, since I had to take everything off including the power supply unit, I had to reset the CMOS to get video working since it simply wouldn't bulge. Once finished it was the turn of Debian 6 to do its magic which took some noble two hours to fully install, fully means installing Base and SSH.

My biggest surprise was getting to know what kind of processor I was running on this little beast. Turns out the thing is running with an AMD K6-2 3D Now! processor which is fine with me as I had the chance to work with a K6 and many members of the AMD family many, many, years ago and I honestly can't complain.

This is how the thing ended up looking like (I'll take a screenshot later of how that looks inside):
1 x 128MB PC 133 RAM stick.
10 GB Seagate HDD (Won't boot the 40GB which leads me to believe this motherboard has issues going in for the big guys)
CD-RW/DVD-ROM (Which I had given up for dead but apparently works just fine!)
Floppy and Zip Drives (Floppy is going straight into MOBO and Zip Drive is through USB since I lost my internal 100-Zip Drive)
AMD K6-2 3D Now! Processor @ 350 Mhz
PSU @ 300 watts

Great projects are coming for this little one but that is for another time.
-Vico

And we're better off now!

Last tuesday drew the final line with Windows 7 and the Microsoft Windows line in general. I've used Windows during my entire life and I've transitioned from Windows 3.1 up to Windows 7, learning a fair amount of tricks, but I've grown tired of bloatware and in general Windows tendency to lose compatibility between versions.

Yeah I'm probably an old dog, not that old though, but those are the little details that piss me off... and the drivers which is what took me to fly into Linux and say good bye to Windows.

This bad boy over here is an IBM/Lenovo T61 running an Intel Centrino Core Duo at 2.0 Ghz, 2 GB of DDR2 PC-6700 and a 500GB Hard Drive, which I got from somewhere else. Even though modest in this time and year, considering these were built back in '05. Interestingly this machine had issues running Windows XP, I somehow felt there was something wrong, and even though I went for Windows 7 it still felt the same way and it wasn't until at work, while trying to fix a T500 I had been assigned, I realized that the T60/61/500 line had SERIOUS problems with driver compatibility. So bad it was that if you tried to format the computer with a Windows XP CD it wouldn't let you and if you didn't have the recovery discs then you were in for an ugly ride until you yet again realize you have to mess around with the BIOS to get it working and then after the install is done you have to mess with it again... not cool Microsoft/IBM/Lenovo. And I'm not going to talk about my experience with Windows Vista and the T500, believe me I have NOTHING good to say about it.

So it all comes down to this, Linux. I had intended to do this transition earlier but for X or Y reason I just wouldn't, OK I procrastinated, but in the end it is a change I don't regret at all. In comparation Debian 6 "Squeeze" is running way smoother with the Gnome interface at a noble 300~ MB when it has completely finished booting up into the Desktop, after 30 seconds, which in no way was happening with either XP or 7. Oh joy, Windows Security Updates, Windows Driver Updates, Windows Something Updates, sorry what's that? 300MB patches? Windows Genuine Advantage Mathingy? Resource Hogs at the turn of every corner?

Things like that always made me cringe in terror but fortunately that's all in the past and if I ever need to run anything I just go for WINE or fire up the Virtual Machine which contains an original version of Windows XP. And for those telling me that's not true remember that all branded PC's contain a label with the key and I'm using mine for the VM XP so Microsoft can go and kiss my ass with their retarded policies.

And as a final note the only issue I had with Linux was the Wireless Driver which took me around 5 minutes to find, which unfortunately with Windows XP was a whole different story because the property drivers are NOT included in the installation disc which literally consists of most components in the laptop except for the motherboard, monitor, keyboard, mouse and the USB hubs... aside from those it could vary and if you weren't using a Windows XP SP3 CD then you weren't going to find the Hard Drive, EVER, since there were no SATA drivers included or if you found 'em it was minimal.

Yes Microsoft, quite a joyful time I had with your operating systems...