Roundcube and Poppassd hang solution with centos 6

Posted on September 15, 2013
Filed Under Uncategorized | Leave a Comment

Just a quick post so the search engines may find it…to solve this problem for others.

Using the Passwd plugin with Roundcube open source webmail, and using the poppassd service to allow users to change their email password, if there is a problem with the password i.e violates the system limits for passwords such as too short or contains a dictionary word etc, roundcube appears to just hang. Actually the passwd utility changed with centos 6 I think and the output format changed slightly. It outputs 2 lines instead of one with a successful update. So the line that was looking the success code 200 was never found, although it appears in the second line of output. At any rate the code is changed to skip a line before the check and appears to work well now.

The file I modified the poppassd.php driver file,  thats included in   the roundcube plugins directory “roundcube/plugins/password/drivers”.

here is the code:

You can download this file ,zipped here.

<?php

/**
* Poppassd Password Driver
*
* Driver to change passwords via Poppassd/Courierpassd
*
* @version 2.0
* @author Philip Weir
* Modified by Lloyd Kirk, Gulf Coast Information Systems to fix “hang” with centos 6+
*
*/

class rcube_poppassd_password
{
function format_error_result($code, $line)
{
if (preg_match(‘/^\d\d\d\s+(\S.*)\s*$/’, $line, $matches)) {
return array(‘code’ => $code, ‘message’ => $matches[1]);
} else {
return $code;
}
}

function save($curpass, $passwd)
{
$rcmail = rcmail::get_instance();
//    include(‘Net/Socket.php’);
$poppassd = new Net_Socket();

$result = $poppassd->connect($rcmail->config->get(‘password_pop_host’), $rcmail->config->get(‘password_pop_port’), null);
if (PEAR::isError($result)) {
return $this->format_error_result(PASSWORD_CONNECT_ERROR, $result->getMessage());
}
else {
$result = $poppassd->readLine();
if(!preg_match(‘/^2\d\d/’, $result)) {
$poppassd->disconnect();
return $this->format_error_result(PASSWORD_ERROR, $result);
}
else {
$poppassd->writeLine(“user “. $_SESSION[‘username’]);
$result = $poppassd->readLine();
if(!preg_match(‘/^[23]\d\d/’, $result) ) {
$poppassd->disconnect();
return $this->format_error_result(PASSWORD_CONNECT_ERROR, $result);
}
else {
$poppassd->writeLine(“pass “. $curpass);
$result = $poppassd->readLine();
if(!preg_match(‘/^[23]\d\d/’, $result) ) {
$poppassd->disconnect();
return $this->format_error_result(PASSWORD_ERROR, $result);
}
else {
$poppassd->writeLine(“newpass “. $passwd);
$result = $poppassd->readLine();
if (preg_match(‘/^5\d\d/’, $result)){
$poppassd->disconnect();
return $this->format_error_result(PASSWORD_ERROR, $result);
}
$poppassd->writeLine(“quit”);
$result = $poppassd->readLine();
$result = $poppassd->readLine();
$poppassd->disconnect();
if (!preg_match(‘/^2\d\d/’, $result))
return $this->format_error_result(PASSWORD_ERROR, $result);
else
return PASSWORD_SUCCESS;
}
}
}
}
}
}

 

Share on Facebook

Lightning Protection

Posted on June 25, 2013
Filed Under Amateur Radio | Leave a Comment

Last summer we took a direct lightning hit on my dipole antenna. The antenna was tied between two trees with the midpoint about 7 feet above the ground. Needless to say, we suffered major damage to appliances,computers,networking equipment and TV’s.

Oddly enough it did NOT hit my 50 foot tower located about 40 feet away. Nor did it hit the two story house next to the antenna.  The feedline came down from the dipole and I had wrapped it around the water spigot and then brought it around the house to the window where my shack “was” located on the ground floor.  Thankfully? Most of the discharge, I assumed arced to ground via the water pipe. The feedline between the spigot and antenna was essentially vaporized.

 

 

spigot

 

 

 

 

 

Of course the antenna itself was fried.

dipolecenterfeedline

 

 

 

 

 

Now I have added the following grounding to my house:

lightninghalo

 

 

 

 
Now the first question I have.. Assuming I have my feedline grounded at the top and bottom of the tower, and a polyphaser surge protector installed and grounded at the base of the tower, can I run the coax along the ground (or buried) around the house on the side away from the SVC ground, ground it again at the surface below the bulkhead which is located on the second floor, and run it up to the bulkhead.  The bulkhead is connected to the halo perimeter ground via copper flashing. The intent is to have a single common ground/entry to the shack. Where everything is connected, AC surge protector ground, Coaxial grounds etc. I suppose I could install another polyphaser on the feedline at the bulkhead too.

OR

Should I run it to the SVC GND side, make a bulkhead there for the cable,phone and Amateur gear, and then run it over to the shacks bulkhead?

I am somewhat worried about feedline loss but would rather be safe than sorry later. 🙂

I believe most of my damage last time actually came thru the feedline into the scanner it was plugged into. Thankfully it wasn’t connect at the time to my HF rig.  From there I assume it went everywhere via the AC power outlet.

Another minor question I have… On the right hand side of the house above is another water spigot, should I connect the perimeter ground to that spigot? Or would that possibly cause more problems?

Update:

I have received the two Alpha Delta TT3G50 coaxial surge protectors and the 16 50v MOV (for my rotor controller cable). Will be spending some time mounting the TT3G50’s at the base of my tower in an enclosure. And I will be routing the feedlines from there around to the shack. At which point another bulkhead will be placed. Would like to find a cheap source for some 1.5 or 2 inch copper strap/flashing.  After this is done it will pretty much complete my safeguards. I will be adding a couple more ground  ing radials at the base of my tower.  I will at some time,  ground the distant ends of the tower guy wires.  I need to move two of those that are anchored to trees and build their own anchors.

I remain concerned about a few items.
First, the tower is placed fairly close to the house and very close to our big TV in the living room. I am VERY concerned with any induced voltages (EMP) effects that a direct strike on the tower might provide.  Diverting as much energy as I can to the ground is a good start. But I can’t really put the TV in a Faraday cage. I guess endpoint surge protection devices are about all I can do. Of course the “correct” option would be to relocate the tower to a more distant location…

Secondly, we already have taken at least two hits to nearby trees that caused (EMP) or Ground Potential Rise damage. (surge).

My lack of endpoint surge devices allowed that to occur. (Now pretty much anything that comes into the house has some form of protection for surges).  I am considering some lightning protection for at least one of our trees.  Since these trees are much taller than our house or for that matter my tower, I feel it might be prudent to “protect” them so they hopefully can survive more hits.  One tree was killed. The latest strike did blow a stripe of bark off in a couple of places but the tree looks like it was not significantly damaged. Time will tell.

Third, I have lost much of my initial security camera system/DVR to the surges.  If I am going to replace them I will need to provide some form of protection on the camera video and power runs. Seems like whenever I lost a camera I also lost the video input on the DVR to which it was connected.

Last, I am considering a whole home AC protector at the main service panel. As far as I know to date we have not suffered any damage from INCOMING AC surges..but statistically most surge damages are caused by AC/Telco lines coming into the home.

I continue to be amazed that people think improving the grounding, installation of lightning protection systems will actually “attract” lightning.  If a stepped leader gets close enough to be “attracted” to my grounding system .. thats  GREAT!
Its going to hit anyway. At least this way I have some control on where the immense energy goes… I prefer it go to the Earth and not inside my home. I know that we will suffer some damage (likely) in the event of a direct hit.  But we can hopefully, minimize the damage to our home and electronics.

 

 

Share on Facebook

Antique Baby carriage.

Posted on June 1, 2013
Filed Under Uncategorized | Leave a Comment

I spotted this carriage in a consignment shop.  Posting this with pictures to allow others to perhaps help identify its  make/year. I emailed photos to several online websites dedicated to vintage strollers or Prams as they are called. One said it was a “Parade Stroller” from around 1880.

Additional emails indicate this is from around 1876.
On this page is a similar item..very similar including the fully elliptical suspension. Tha one was made by F.A Whitney.

One person in a email indicated it might be made by “Ludlow”. I have been,as yet, unable to find references to Ludlow.

 

SAMSUNG SAMSUNG SAMSUNG SAMSUNG SAMSUNG SAMSUNG SAMSUNG

Share on Facebook

Low Hanging Fruit

Posted on May 25, 2012
Filed Under Security | Leave a Comment

Have you ever picked an Apple or a Peach?  Did you climb the tree to find just that perfect one? Or more likely just grab one that was hanging low?

If you have a wireless network at home…ask yourself…am I the low hanging fruit?

Are you providing free Wi-Fi?

This is about protecting your network…and why you should.  Certainly you do not want some outsider reading your emails and files on your computer…or perusing your photographs.

Rest easy, I won’t be talking about that aspect. And frankly that has nothing to do with protecting your network access directly.

This is about someone using your wireless network to access the internet..and why you should care.

Here is a short example.  Pretend you live in an apartment complex and have a wireless network.  Your neighbor has for whatever reason elected to not have internet.  So when he turns on his laptop up pops your network as being available…and assuming that you have not attempted to secure it with a password he can readily connect and surf away. You might not even care…you wont even notice.

A couple of things you might care about… any computer on your network that accesses the internet “appears” to come from your Internet Protocol address (I.P.).  That is the address most websites and mail servers record when you visit a site or send an email.

Secondly.. most internet providers now use a tiered payment structure.  Basically that means that after you use the internet over a specific amount…they charge you extra.

So if your neighbor is only checking their email or normal day to day web surfing you will never know and it won’t really cause you any problems. Put that into the “harmless” category.

But if they watch a lot of Netflix, YouTube, Hulu or other video services…it could cause you to exceed your monthly bandwidth. You get some small amount tacked on your bill. For example AT&T caps DSL usage at 150 gb. If you exceed that they charge you $10 for every 50 gb.

You might notice that.

What if your neighbor is not so innocent.  What if he decides to share some illegal movies or songs via one of the common file sharing sites. What if he shares some child pornography?

The legal system kicks in….warrants are served..if needed…and the Internet provider identifies YOU because it came from your internet address.  This is not fiction, it has happened, and it will happen again.

After your computers are seized and hopefully no traces of said files are found…a bright person..”might” and I stress that word, determine that your wireless network is not secure and the possibility that you are not guilty.

Much simpler to secure it don’t you think?

There are three types of wireless networks in regards to security.

1. No security. – “Open”: The ultimate in low hanging fruit.

2. WEP (Short for Wired Equivalent Privacy): Better than “open” … barely.

3. WPA /WPA2 (Wi-Fi Protected Access): The best.

Using WEP/WPA2  will stop 99% of unauthorized people from using your network.

However you should ALWAYS use WPA/WPA2. Not just because its best..but to move you higher up in the tree.

You want to make it difficult to access your network.

When you are bored Google “Cracking WEP”. You will find quickly that programs are available, for free to crack your password on your network.  In best case..in less than 30 seconds. It won’t matter if you follow good password practices such as using letters,number,punctuation etc. The WEP method is defective. Some of these programs are listed below.
I have recorded a short video of cracking a test routers WEP key..see link below.

Sadly many older wireless routers may not support the newer WPA method. Worse some wireless routers use WEP by default. Newer routers tend to use WPA by default.

Remember use WPA. If you cant use WPA use the WEP method….but realize that wont stop a determined individual. It will stop most people.

The security of a WPA/WPA2 network provides you with far greater privacy. Only because it takes longer to “crack”.  It could take years to crack. However in some cases only  days and in some cases hours. That is primarily due to poor password choices.

How many of you have a wireless network named linksys, or netgear or 2wirexxx or motorola or belkin?

All brands or routers are affected. This doesn’t mean the router is bad, the security protocol is weak or defective.

Most routers come with a “default” name and the home user just puts in a passphrase. The WPA protocol uses that name and password and some significant number crunching to encrypt your network.  That means the name is part of the key.  And its simply amazing how many home DSL wireless networks simply use their phone number for the passphrase… LOW FRUIT.

You should never use the default SSID (Network name) and a phone number. Change your network name to something else, preferably a LONG name.

And in this case DO use a complex password. Not just numbers, and not your kids name.

This will indeed stop most people. Unless someone has a reason to target your network…its simply not worth the effort to crack especially if someone else has a easier to access network. Let them be the low fruit for the picking.

There is ONE serious exception to the WPA methods. Some routers have a feature called Wi-Fi Protected Setup WPS.  This is not really a security protocol but a semi secure method to allowing a connection.  Its a simpler way of configuring your computer to connect to a WPA network.  For example, your router may have a WPS button. Basically in simplified form… A pin code can be entered and the router then tells your computer what passphase to use. This PIN is much shorter than the passphrase, and is usually printed on the router itself.

What if I told you that there is software…freely available …to send all possible combinations of that code to your router…and at some point your router is simply going to tell me the passphrase?

And because of a fundamental flaw..in the WPS system…it really is two smaller sections of the PIN to crack.  That means it can guess rapidly the first half thus eliminating a huge section of possible codes to try. LOW HANGING FRUIT.

This completely bypasses the WPA2 cracking difficulty.

Router manufactures can’t fix this because the protocol is defective, however they have modified the routers so it may take longer to go thru the possible combinations….a day or two….instead of 5-10 hours…

In simple words. Always use WPA2 encryption and if your router supports the WPS simplified setup, find out where to disable that function.

If you can not disable it; Get another router. You really do not want to be the fruit thats picked.

Tools used to crack networks.

This list is not exhaustive and they are readily available via a google search.
Some are available via linux repositories.

Reaver  Easily crack the WPS pin and gets the passphrase.
Aircrack-ng: A suite of tools used among other things to capture data from Wi-Fi networks, Easily crack WEP encrypted networks.
Pyrit: A python text based GUI used to scan for networks, crack networks. It utilizes among other things the Aircrack suite and reaver (both of which are command line tools).
Backtrack: A complete penetration distribution, overkill for just cracking Wi-Fi, but includes the aircrack-ng suite of tools.

There are other tools using dictionaries, rainbow keys not listed here.

Click here to see a demonstration of cracking a WEP key using the Wifite tool. 2:16 in duration.
(Note that I am cracking a test router of my own.)

If that video does not convince you to never use or count on WEP to protect your network enjoy getting picked…

Share on Facebook

The VIP program, or the death of Mafia Wars…

Posted on March 7, 2012
Filed Under MafiaWars | 2 Comments

I am one of 20 million players of the huge time sink “Mafia Wars” from Zynga. I play it on facebook. I love playing it, I love the interaction with other “clansmen” or our “Family”.  We help each other progress thru the game, we fight alongside each other during one of our many “wars”. This isn’t an attempt to explain how to play the game…if you are reading this..then you already know about that.  It is about the changes in the game.

When I started playing years ago. It was fun. Not very complex. The goal generally was to become a strong fighter. Some players would rather complete all the progressions in the game and not fight as much. I prefer to fight my way thru.

Then…. Zynga began to become money hungry.

I dont fault that. They are a business after all..with the goal to hook suckers such as myself into playing the game and hope I will spend money to expedite my progression toward the ultimate fighter.

And it worked, at least to a small degree. I am a little fish now in a big pond with big spenders.

It is difficult to beat some people that are willing to spend literally thousands of dollars on a game.  But they are few and we are many.. So I still find that I win most of the time….

That will be changing soon I fear, if Zynga implements the VIP program they are testing.

Players, including myself are seeing these popups:

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

This one bothers me. If more than 501 of your mafia are armed….and ONLY vip members can have that…then regular players just cant win.  Basically it will force EVERYONE to join if they want the famous LEVEL PLAYING FIELD that Zynga always states when they rollback an account that unfairly took advantage of a game glitch or cheat.
The rest of the VIP offer  isn’t “too” bad. Getting a few RP is cool. Getting access to the reallocation is very cool. I use that every chance I can to reallocate some of my health skill points to attack or defense skill points.

I can’t speak for all players. I know that its not in my budget to “have” to spend this extra money in the game just to even the play.  And if it turns out, as I am afraid it will, that you end up fighting against VIP members with 700,800,1000 mafia members equipment strength versus my 501…. The game wont be fun if you cant win at least sometimes. So I will simply quit.

Surely some players WILL decide, and be able to invest in the game making Zynga happy. But I suspect millions will simply walk away, to find cheaper entertainment elsewhere.

I hope Zynga re-evaluates this proposal.  For that matter, they should simply say…ok Mafia Wars makes plenty of money already…lets just make it work better and faster. An quit trying to tempt us into spending more of our hard earned money.

Besides any other time they tried “offers” it usually didnt work out well for them.

Best of luck to you all if they roll this out on to us.

 

Share on Facebook
« go backkeep looking »
  • Older Stuff