ABOUT
Visit BalaBit site
Posts Tagged ‘linux’
CzP @ FOSDEM 2013
This year I was a bit more lucky than last year, so I not just prepared for FOSDEM but actually could fly to Brussels and participate. And not just FOSDEM but an “after party”, a very interesting brain storming session in Antwerp called Monitoring Love.
On the first day I participated mostly ARM related presentations and visited various Linux distributions, BSDs, software and hardware projects in the exhibition area. Maybe I’m following Linux on ARM too closely, but the ARM related talks did not provide too much new information to me. On the other hand the exhibition area was great filled with many interesting people to meet.
Here are just a few pictures from openSUSE, Fedora and *BSD:
The second day there were a lot more presentations related to my professional interests. And this was also the day, when I gave my presentation. At the end I visited the exhibition area again.
There was a presentation about the past two years of systemd. One of the topics was how many core Linux components were replaced by systemd. One of these is syslog, and I was glad to learn, that while syslog is being removed from default installs, syslog-ng still has many uses. It’s replaced only on standalone desktops and it will stay so.
Next I attended a couple of presentations dealing with upstream – downstream relations and the complexity of dealing with different distributions and many different versions of related softwares. My presentation was also related to this topic: how to be a good upstream project – from the point of syslog-ng. The best part came right after my presentation: talking to guys who actually work on packaging syslog-ng for various Linux distributions, who I never met in person before, but exchanged many e-mails with.
Before leaving towards Antwerp I visited the exhibition floor once more. As it was end of day two, it was a lot less crowded. This gave me a chance to take some pictures about some interesting projects: a six legged robot and also a humanoid. I read the handout from the makers of the humanoid robot only at home: they are looking for developers. It made me think again that I should refresh my coding knowledge and extend it with some python 
The next two days I spent in Antwerp at the Inuits HQ at the Monitoring Love brainstorming. I met many interesting people here, researchers, developers, sysadmins, devops. Some became quite enthusiastic hearing about the possibilities of syslog-ng’s patterndb technology. The most often heard abbreviation during the two days was AMQP. The freshly released syslog-ng 3.4 has support for an AMQP destination. It will be even more supported in the upcoming 3.5 version along with many other interesting new features. You can follow syslog-ng development at https://github.com/balabit
Small is beautiful
A few weeks ago I was at the annual FSF conference in Budapest. I was helping at the BalaBit stand and also the organizer of the openSUSE stand. To attract more visitors to the openSUSE stand, I asked people to bring interesting machines running openSUSE. As Linux gaming lags a bit behind other platforms, we had a big machine running the freshly released native Linux port of Steam on openSUSE. The rest of the machines were miniature. As I’m still receiving questions about these mini machines, here is a short summary of my experiences with them.
The smallest one was the Raspberry Pi. It’s an ARM system on chip (SoC) based machine, barely larger than a credit card. Actually it’s just a board, there is no case or power supply, as it can be powered from a micro USB port, just as most modern mobile phones. It comes with a Debian based OS and focuses on education and programming, but of course, it’s a perfect machine for all kinds of hobby projects. It can play full HD movies and simple 3D games, so there are also XBMC images available. The openSUSE port is at the moment quite limited, as the upstream kernel does not support video output yet, but it will hopefully change soon.
The next one is CuBox, which a complete machine with its 4x4x4cm size. It’s also an ARM based machine, but with a more modern SoC. It can also play Full HD movies, but also has an eSATA and a gigabit Ethernet port, making it a perfect candidate for a NAS system. It has the usual ARM problem of not having all drivers upstreamed yet, so openSUSE and most other distributions are missing a few features which are other way supported by the hardware. I’m using it now with ArchLinux, as I read about it quite a lot relating to syslog-ng (it’s one of the distros, where syslog-ng is installed by default) and it serves now me as an NFS server. The HDD in my laptop is small and slow, so I’m testing if running virtual machines from NFS solves my problems. Results are quite promising. And unlike a traditional NAS system, it can easily be extended with additional software.
The strongest mini machine at the stand was a FitPC3. It’s an x86 machine based on an AMD APU. It’s barely larger than a 3.5” HDD, but has a huge selection of ports. It can comes pre-installed with Windows or LinuxMint, but it’s easy to replace it with openSUSE. And in my experiences it’s worth to do the change, as it feels to run faster and I had less media playback issues.
Actually media playback is an issue with all of these low powered machines. They have acceleration for many codecs and are able to playback high bitrate movies without problems, which caused problems even for high end machines a few years ago. But once a given codec is not accelerated, there is no CPU power to decode it in a timely manner, resulting sometimes in 0.1 FPS video playback…
Last, but not least I need to mention the EFIKA smartbook. It’s no more available, but still many people were asking about it. The machine is based on a Freescale SoC and extremely thin and light. It comes preinstalled with an ancient version of Ubuntu, but also runs Debian and one can hack also openSUSE on it, but there is no accelerated 3D or video playback there. One can use it for a full working day from batteries. Next to openSUSE ARM hacking I use the machine as an audio player, as it has an excellent headphones output.
A couple of firewalls: from pfSense to Zorp
For years I was using miniature PowerPC and ARM machines as gateway for my SoHo network. A normal Linux install using openSUSE or Debian, with iptables, proxies, sometimes an IDS or even a torrent server to seed openSUSE alpha/beta/release CDs. While it was fun, these machines were never intended to do this job, additional Ethernet interfaces were on USB, could not keep up with today’s broadband speed increase, and did not like the near 7/24 operation. Now I got a chance to try a machine, designed to be run 7/24, passive cooling and multiple Ethernet ports, so a real gw machine, an eBox 3310mx instead of some nice hacks.
As a FreeBSD maniac, the first firewall distribution I tested on the machine was pfSense. In addition to being a flexible and powerful firewall and routing platform, it can be extended with many add-on packages for IDS (Snort), VoIP, caching proxy (squid), etc. All these arrive with convenient and uniform web interface extensions to the base web GUI.
Using pfSense I had some mixed results. The machine is based on the Vortex86 SoC, which also includes an Ethernet port. In theory FreeBSD is supported, in practice it did not work, only the additional two Ethernet ports. On the other hand, this was the fastest networking stack on the machine: I often measured faster downloads than theoretical maximum on my ADSL line.
As I also wanted to test a three Ethernet setup, so I also downloaded a Linux based firewall distribution. I was recommended to try ZeroShell, but after a few hours I gave up on installation. Then I tried IPCop, a simple, easy to use firewall distribution. Still it had many more features and yet easier to use than my SoHo router box. It has some nice graphs, traffic shaping, VPN connections, a lot more flexible firewall and logs about network activity. On the other hand, while there was support for the on chip Ethernet, its speed was less than optimal.
The best Linux experience I had on the machine was using it with Debian. Installation was quick and easy. Network speed was close to theoretical maximum on each interface. And as it’s a general purpose distribution, I could easily add NAS functionality using USB hard drives and necessary software.
Talking about Debian, I have some good news for you: Zorp GPL packages are available for Debian, as it was announced on the Zorp mailing list recently. This makes installation of Zorp GPL a lot more easy on many different versions of Debian and Ubuntu. Still not as easy as the web GUI based firewall distributions I tested, but thanks to its proxy based architecture, it can provide a lot stricter and fine tuned protection than any others I tested. For details on how to get started read announcement or the maintainers blog.
Learning SCB: the fun way
Learning a new and complex software, like SCB, is difficult, even if it has a fantastic documentation. I started learning SCB this way, reading the docs from page one. Then I learned, that we have just finished preparing a brand new e-learning based training material, which also includes webex consultations and an exam at the end (commercial, available for customers and partners, register here). And instead of using rdesktop from my laptop, I got a chance to use a real thin client to access servers through SCB: a small PC which fits in a hand.
Of course, course using the e-learning training does not mean, that one does not need to read documentation. But it means, that not all documentation needs to be read. Each chapter gives a good overview of an important aspect of SCB and at the end there are pointers to further reading in the administrators guide. One can find there additional details if necessary.
There are also some screen casts of SCB, so one can see how to use the software even without starting it. And as setting up a good test environment is often difficult, these examples are more life like than a simple test environment with one or two connections.
While learning SCB I met with a friend who is specialized in miniaturized computers. When he found, what I’m doing, he pulled out something looking like a power supply out from his pocket, just a little smaller. Looking at it more closely, it turned out, that it’s a complete computer, which can be used for many things, but used primarily as a thin client.
SCB was running as a virtual machine on my laptop, and I could also simply use rdesktop or ssh from it to create connections through SCB. But using a separate machine as client has some advantages other than being fun. I could do four eyes authentication while watching what happens on the client side. Or follow in real time what is happening on the screen of the thin client using the Audit Player.
It’s still difficult for me to believe the size of the machine. Even my ARM systems are larger in size, but it’s an x86. The machine is using a Vortex86 system on chip, which is somewhere between i486 and i586. This of course means, that not all Linux distributions run on it, but I have seen XP on it and used Debian to build a thin client.
The machine is powered using a standard USB cable, has Ethernet, video, audio, three USB pots and an SD card slot. It boots from USB or an SD card, which is emulated as an IDE HDD. There are no moving parts inside, so it’s completely silent. It has VESA mounting holes, so it can easily be attached to the back of modern LCD monitors. This way it is not visible at all, or takes any precious desk space.
If you are interested in, how your thin client infrastructure could be secured and audited, please read our SCB thin client white paper.
Finding e-books: Project Gutenberg & Co.
Reading PDF files on my e-book reader is not much fun. Well, it’s possible, but very-very slow, so my original aim of reading technical documentation on the e-book reader instead of the screen did not succeed. I am looking for content in epub format, which renders at a reasonable speed on the device. There is a catch: I’m not looking for warez The Internet is full with that, but as I’m running (SuSE) Linux and FreeBSD, I also try to stay clean and free on the content side.
High end audio meets Linux
This weekend I visited Heed Audio‘s partner day. For those, who don’t know it: Heed is a Hungarian company, just like BalaBit, but with a different focus: high end audio. They introduced a new USB 2.0 based DAC. As usual, I had my laptop with me – with Linux running on it. I asked, if I could test the new DAC from Linux, as if I ever have a chance to buy one, I’ll use it from Linux. It turned out, that it was already tested from Mac and Windows, but not yet from Linux, so my test was very welcome. I did not have to install any new drivers, just connect it and use it. Actually, it wasn’t this smooth, as there was a problem between keyboard and chair: I forgot, that sound is muted by default on my machine and it took a couple of minutes, before I realized it So I was the first to test it from Linux, and it sounded great!
Linux tablet? Maybe next year…
A few weeks ago I described my first experiences with a Linux based tablet: http://czanik.blogs.balabit.com/2012/03/the-new-ipad-why-i-dont-want-it/ Of course I also tested the freshly released Windows 8 preview. Both were a kind of disappointing as soon as I started apps not designed for tablet environments. So I planned to test Gnome3 and KDE Active Plasma, as both are planned with tablet users in mind.
syslog-ng at Linux Open Administration Days
First of all, I’d like to thank the LOADays crew for the wonderful event. It was one of the best Linux events I have ever attended both as a speaker and a visitor. We got everything for a perfect conference: 100+ people focused on Linux system administration and also fuel for sysadmins: beer and pizza If you are interested in Linux, open source and system administration, you should definitely come next year and join Linux administrators from all around Europe.
Cinnamon, Linux tablet, LinuxDevices
For a long time I was a KDE user, but around 4.5 it became too fancy for me and was in my way instead of helping my work. So I switched to Gnome 2. It provided me with a sometimes over simplified, but convenient and consistent GUI. Then suddenly Gnome 3 destroyed the whole thing with a completely redesigned interface. Also, pulse audio became mandatory with Gnome, which has a noticeable impact on sound quality (I have above the average good ears and headphones )
