BFD, iptables, updated rules, and pure-ftpd

I had to setup and secure the new server I am using for my business over the last week. In doing so, I setup BFD to protect the server from automated attacks. It's important to have some sort of automated system to block "brute force," or automated attacks.

Script kiddies (no..not hackers) like to use tools they didn't write with shiny GUIs to try and guess the user name and password of an account on the system. They do this by running programs that guess different passwords for a user name rapidly.

Restarting the sound system in Ubuntu

There is a really annoying bug that crops up sometimes in which you will get an error message similar to "xine was unable to initialize any audio drivers" or in KDE 4.2 "The audio playback device HDA Intel (AD198x Analog) does not work. Falling back to ."

To fix this, I would normally reboot, but I found a page that specified how to restart the sound system. The instructions, unfortunately did not work for me, and I could not post a follow up.

First run:

$ lsof | grep pcm

Akonadi server process not registered at D-Bus

If you're using Kubuntu with KDE 4.2 and keep getting an error when akonadi starts up, which lists "Akonadi server process not registered at D-Bus" as the first error, try the following:

$ sudo aa-complain mysqld-akonadi
$ sudo /etc/init.d/apparmor reload

Kubuntu uses apparmor to block certain actions on the system. The new akonadi system KDE uses attempts one of these actions. The commands above simply tells apparmor to log the action rather than block it.

Then, use:

$ akonadictl stop

to stop the service, then

$ akonadictl start

KDE 4.2 so far

KDE 4.2 was released for Kubuntu on the 27th of January, 2009. This was a big deal because the 4.0 release, typically the "ready" release, was not so ready, and a bunch of nerdy types were not very happy about it. Being a software developer, I understand that a complete re-write, as 4.0 was, will have it's problems.

I use Kubuntu at work 10 hours a day/ 4 days a week, as well as at home, and I took the brave step of upgrading in a production environment, after testing at home first on a similar configuration.

The importance of full duplex

I am not a network guru by any means, but I do troubleshoot well, or so I've been told.

A perplexing problem involving HP 3000 connectivity has, hopefully, come to a close today as a vendor recognized an unusual number of errors on a port on one of our switches. This port just happened to be where our netequalizer unit plugged into. Because the netequalizer unit uses a custom Debian variant (yay!) I was able to login and look at the interfaces.

Topics: 

You can now watch the inauguration using Linux and Silverlight

You can now use the Firefox plugin at http://www.go-mono.com/moonlight and the link at http://www.pic2009.org/page/content/live to stream the inauguration. This plugin was created in part by Microsoft engineers volunteering for the mono project.

Ubuntu kiosk edition v1.0

Updated 05/24/2011: Click here for the newest kiosk build based on Ubuntu 10.04.1.

Updated 04/08/2010: I have posted the new version of a kiosk build based on Ubuntu 9.10 here.

Updated 03/16/2010: I am working on a kiosk build using 9.10. This should be posted soon.

One of my projects at my current employer was to use Ubuntu as a public kiosk after our Windows kiosks started prompting users for credit card information. After building the image up on a test machine, I used the excellent remastersys project to build an image to use for future maintenance. I am making this image available here.

This is a live CD that is currently built on Ubuntu 8.04.1 LTS and has most of the extra software removed, such as the games and unnecessary utilities, and is suitable for both wired and wireless kiosks. Please read on for notes and implementation.