CPU and memory is not quite big, but Ubuntu Linux still works good enough.

This model has changeable «multiport» module on the cover, with WiFi and Bluetooth modules available (some time ago; for now such spare module is rare thing). I bought my Evo with WiFi module, just to found that it works BAD under Windows, and almost not supported in Linux.

But, good news was that «multiport» connector is just USB interface. So, I (with help of my friend with soldering skill mutch better than my) was able to place USB type-A female connector on laptop cover.

Next logical step was to use polyurethane glue to put pieces of 50mm (2″) ‘loops’ part of velcro hooks-and-loops fastener to the cover surface, and ‘hooks’ pieces on various usb devices I’m using.

On this photo you could see how my laptop looks now. There are D-Link USB hub, in which WiFi card (TP-Link) and wireless mouse (Logitech ‘Nano’ series) are connected. Also there are two spare sockets on hub (there are extender n one of them), usually used for attaching memory sticks, card readers and 4G-modem when I need them.

Про самостоятельную сборку пропатченного wpa_supplicant все написано по ссылке на юбунтовский ЛанчПад. Добавлю только, что при сборке в Ubuntu Karmic пришлось добавить следующие пакеты: build-essential quilt debhelper libpcsclite-dev libssl-dev libdbus-1-dev libnl-dev.

Вот бинарник пропатченного (добавлено usleep(100000) wpa_supplicant версии 0.6.9-3ubuntu1 для Ubuntu Karmic Koala i386. Должен находится в /sbin.

Добавлено: после тестирования в моем случае убедился, что патч решает проблему, и запостил баг в апстрим.

Розничные цены на модемы (точнее, комплекты модем+SIM-карта) операторы занижают, а модемы привязывают к своим сетям. Незалоченные модемы в питерской рознице продаются дороже раза в два.

Однако, порыв в инете, понимаю, что прогноз по разлочке по обоим вариантам в целом позитивный, так что в ближайшее время буду брать. Скорее всего от МТС — ценник самый дешевый, 900р., у остальных по 1150р.

PS: кстати, «обежал» — это я не от желания побегать. Просто по телефону решить этот вопрос оказалось нереально. У МТС, например, принципиально не связывают по телефону с конкретным центром обслуживания.. Короче, ОПСОСы — они такие и есть.

Notes:

• Does not apply to voltage-signalling or dumb UPSes such as the older BackUPS models.
• In a future release of apcupsd this procedure will be replaced by a daemon operation.
• Do not run the recalibration command more than once or twice per year as discharging these kinds of batteries tends to shorten their life span.
• While recalibrating you should supply a load of about 30 to 35% but not more than 50%. You can determine the load by looking at the output of the apcaccess status command while apcupsd is running.

The trick was simple — all steps described in VirtualBox User Manual, see chapter 9.9.

I done such steps:

(pathtovboxprogramfolder)\VBoxManage internalcommands listpartitions -rawdisk \\.\PhysicalDrive0

which gives:

Number Type StartCHS EndCHS Size (MiB) Start (Sect)
1 0x07 0 /1 /1 694 /239/63 5131 63
5 0x83 695 /1 /1 1023/239/63 9856 10508463
6 0x82 1023/1 /1 1023/239/63 1026 30693663
7 0x07 1023/1 /1 1023/239/63 136611 32795343

Partitions Ubuntu VM needs access are 5 (root fs) and 6 (swap). Next command makes special .vmdk file for such partitions:

(pathtovboxprogramfolder)\VBoxManage internalcommands createrawvmdk -filename (pathtovboxdisksfolder>)\raw5and6.vmdk -rawdisk \\.\PhysicalDrive0 -partitions 5,6

And, for last, this .vmdk file could be registered with VirtualBox «Virtual Disk Manager» and used for VM.

Wifi coverage is everywhere in the building, so I could write it right now. The whole event is very well organized and very interesting, so thanks to Sun Microsystems!

SSH-1.99-OpenSSH_3.8.1p1 Gentoo-8.2.4

It is obvious that as on of security measures it is good idea to may harder for attacker to gain any information about system we protect; for example, well-known Linux Iptables Tutorial says: «The best thing to do, is to give as little material as possible for the attacker to get a proper fingerprint on.» I could imagine only one reason for such unsecure behaviour of SSH service: to allow collect statistic information. But if you are admin of this host, you know what OS is there. If you are not, it’s not your business, right?

In most OSes and distros there is no command-line or config file option to turn off such verbosity. So, at first, there are the one way to do this: get sshd source, patch it, compile it, and install it. And you should do this after each security update.

But we could apply the simple patch right on the sshd binary executable, because we know exactly what to change. SSH daemon is written in C, so all the text strings are plain text strings, starting at fixed offset fron begin of file are ended by zero-byte. We could easily modyfy such string, if it is unique in binary file an if new text will be no longer than original one. At the and we will put a zero byte, it will be interpreted as the end.

What exactly would we like our SSH to answer? Theoretcally, it should be anything starting with ‘SSH’, but in practice there are some restrictions. There are different ssh server implementations, and many clients use that banner string to recognize specific servers with specific bugs (i.e, if you have Putty (ssh client), look to «Connection»>»SSH»>»Bugs» screen in settings window). This topic on commercial SSH implementation forum states that minimal safe string would be ‘SSH-2.0-0′. My own expirience is limited, but there was no problem with such banner string.

Searching for tool, my first look was at unix utility ’sed’, but it is wrong tool for this job. As sed documentation says:

Specifically, use awk or perl if you need to: (…) handle binary data (control characters). (perl: binmode)

So, I use perl one-liner (look at ‘perlrun’ for more explanation):

PERLIO=':raw'; export PERLIO; perl -pi.bak -e 's{(OpenSSH)_([^\x00]+Debian)}{$1\x00$2}' /usr/sbin/sshd

.

So, the source is right here:

< ?php /*
Plugin Name: MNR Mask Wordpress Version
Plugin URI: http://melnikov.net.ru/
Description: Replaces WordPress version all the output (except admin panel).
Author: Anton Melnikov
Version: 0.1
Author URI: http://melnikov.net.ru/mnr-mask-wpversion/
License: GPL */
function mnr_maskWpVersion() {
		global $wp_version;
		if(  ! ereg( '/wp-admin/', $_SERVER['SCRIPT_FILENAME'])   ){
			$wp_version = '9.1.1';
		}
}
add_action('init', 'mnr_maskWpVersion', 1);
?>

The logic: if user runs script from /wp-admin/ folder, hi is authorized Wordpress backend user (otherwise script will gives out redirect and quits); Wordpress backend depends on $wp_version value, so we leave it as is. It is needed in two functions at least:

• wp-admin/includes/update.php, function wp_update_plugins()
• wp-admin/includes/upgrade.php, function wp_check_mysql_version()

, but there are more of them.

Any script not from /wp-admin/ folder could be started by unauthorized user and it seems we could gives out any fake version number without the risk of backend problems. In case some automated processes are sensitive to format of strings with this version number (http headers used for feed requests/answers, etc), it is formatted as real version number in this plugin — three dot-separated digits, ‘9.1.1′ in my example. You could change it for what you like.

The plugin is of alfa quality, it definitly needs more testing. If you have bug or some idea, feel free to write it right here.