Tag Archives: Debian

VMWare Workstation 6.5

I have just upgraded WMWare from version 6.04 to 6.5, and I have to say that it has very nice new features.

The first surprising thing was the file I downloaded. It is now not anymore a tar.gz archive but a .bundle file.

After downloading, as root, just make it executable or start it with sh :

% sh VMware-Workstation-6.5.0-118166.x86_64.bundle

It now starts a graphic installer, that takes care of everything. All the compilation process is now hidden to the user.

I was expecting the compilation to fail and that I would have to look for a patch to run on my edge Linux kernel. Indeed, I just compiled 2.6.26 kernel (64 bits) a few days ago.

But nothing like that. the process went smoothly.

However, I was still prudent. Even after a compiling, previous versions almost always required some patch to get full networking to work.

So I gave a try and launch one of my virtual machines. Surprise : all worked out of the box !

For the first time, I even did not need any vmware-any-any patch or any network patched vmmon and vmnet modules to get wifi networking operational.

I also quickly noticed some very nice and fancy features :

  • 3D graphics support
  • more devices supported : fingerprint reader device, audio driver for Vista, …
  • a graphical virtual network settings editor : this utility had been for ages on the Windows version and finally will make your easier on Linux

At last, but not least, the Unity display mode.

Though I am not a Mac user, I believe this can be compared to VMWare Fusion. Anyway, it allows you to display the virtual machines programs within your X session.

Look at this screenshot :

VMWare Workstation 6.5 and Unity

The result is quite spectacular. On my Gnome desktop, I am now able to display some windows from Windows XP and Windows Vista.

Well, this is not yet perfectly smooth or artifact free, but this is already really usable and responsive enough to be used intensively.

Another limit is the operating system support. So far, among my virtual machines, I was able to do it with Windows systems but not Open Solaris for instance.

There must have been more improvements, more or less visible, that I am not aware of. I won’t go for a full review.

I just wanted to insist that if you are a VMWare user,  you really should consider to upgrade for the complete support of the latest kernel and the Unity feature.

It seems that VMWare has listened to the Linux users, or at least is taking it more seriously. Not that they are nice, but the competitors are close (Virtual box, KVM, Xen…) !

How-to : Mod-security 2 set-up for Apache 2

Mod-security is a security proxy for Apache. It adds a frontal layer filtering unwanted clients, malformed packets and malicious requests.

It is especially usefull if your website is dynamic, involving php, sql, javascript, etc. With such a complex environment, as you can never be sure that your website is not vulnerable or up-to-date enough, something like mod-security provides an interesting extra-security layer.
Continue reading

The SSL/SSH disaster

Due to the recent security hole discovered in Debian, which has also concerned various distributions – of course including Ubuntu – for 2 years, I simply closed all my SSH and OpenVPN accesses.

I have had no time so far to check all the keys on my server. I prefer to stay on the safe side, though I have some reason to believe that my keys might not be so vulnerable : I generated them a long time ago, maybe before the Debian maintainer sad mistake.

It is going to be pretty easy now, for those who are motivated, to get access to the ssh server running keys generated during the 2 last years…

I recommend this article which summarize pretty well the situation. You may also use this tool, which checks if your keys are vulnerable :

$  perl dowkd.pl file ~/.ssh/*.pub

It find it funny to think that I chose to use certificates for security (avoiding brute force attacks).
What’s less funny is the pure disaster for the reputation of Debian.

I already noticed in the past that some companies switched their servers from Debian to Red Hat because of such security problems. They claimed about some security holes being patch much too slowly and about the lack of official support to rely on in such a crisis.
This kind of news is not going to enforce trust from companies.

I myself will think twice in the future about what system to use when I design my networks.

Totem : black screen issue affecting all your XVideo output

I confirm the black screen issue with Totem.

Actually it changes the contrast for all the environment, and of course using Mplayer or the gstreamer test program just after also gave back a black screen.

Therefore I had been convinced it was a driver issue (reporting a bug to Nvidia and posting on this forum), until I find the contrast setting of Totem was the cause of all that mess.

Note that I am right now using Debian Lenny.

How to connect to a Cisco device using the serial port on Linux

Using the serial port is still necessary to manage some devices, when it is reseted to factory defaults. It could be also a security choice…

Nowadays many computers – and especially laptops don’t have anymore a built-in serial port. Not a problem, there are many cheap serial-usb converters like this.

As an alternative to the Hyperterminal of Microsoft, there is Minicom on Linux.

It is very easy to install and configure :

$ apt-get install minicom lrzsz

Before going further, you need to know what is the corresponding Linux device for the port where you plugged the router. As I used an usb adapter, my device was /dev/ttyUSB0. Otherwise, it will probably be one of the /dev/ttyS* devices.
Checking the dmesg output while you plug the device will give you the right device to use.

Now start minicom this way to edit the configuration :

$ minicom -s

In the menu, select Serial Port Configuration and :

  • press A and update the serial port path with the one you found in dmesg
  • press E and then C to change the speed to 9600
  • press F to switch off the hardware flow control
  • select Save the configuration as… and name it as, let’s say, “cisco”

You should be able to connect right now. Next time, just start Minicom like this :

$ minicom cisco

That’s it !

PulseAudio on Debian Testing

I just replaced ESD by the new sound server Pulseaudio.

Pulseaudio brings up some great improvements and is already chipped by Fedora 8.

Getting it to work on my Debian Testing was very easy :

$ aptitude install pulseaudio pulseaudio-esound-compat pulseaudio-module-gconf pulseaudio-module-hal pulseaudio-module-jack pulseaudio-module-x11 pulseaudio-module-zeroconf pulseaudio-utils libasound2-plugins

However there were two issues to face : no more sound with Flash and Skype.

To solve the flash issue, you have to download and set up this package (more information or sources on this page).

Concerning the Skype problem, you have to create – or edit if existing – an /etc/asound.conf file as follows :

pcm.card0 {
type hw
card 0
}

pcm.dmixer {
type dmix
ipc_key 1025
slave {
pcm "hw:0,0"
period_time 0
period_size 2048
buffer_size 32768
rate 48000
}
bindings {
0 0
1 1
}
}

pcm.skype {
type asym

playback.pcm "dmixer"
capture.pcm "card0"
}

pcm.!default {
type plug
slave.pcm "skype"
}

Then, restart alsa-utils :

$ /etc/init.d/alsa-utils restart

Finally, just select “skype” as sound device in the Skype preferences and it should work. I hope it will help !