The Perfect Power Switch

December 23, 2012  by Gjkozick
Home // Hack@Home

With highly customized servers, one of the problems I have is figuring out how to turn them on. To put my servers into the cabinet, I mount them straight onto MDF. I could pull a power switch out of an old case, but at this point, I've run out of them, and I want something that looks a little more standard and professional.

 

 

Here, you can see my board. This particular system uses an AMD Fusion chip with 8 GB of RAM. It's a Mini ITX board, built to be small and sweet; also, it has virtualization support.

 

The Power Switch

 

 

I looked around a lot and didn't exactly find what I was looking for. Radio Shack used to stock a lot of electrical components, but lately they pretty much just sell cellphones. At the local electronics specialty store, I cound a few packs of SPDIF cables, old-school cables that used to be used by CD-ROM's to send digital audio. They have the right connectors to plug into the system headers.

I cut the cable in half and mounted a switch on the rough end. I soldered the switch on and used some electrical tape to finish it off.

 

Mounting the Switch

The final step was to attach the switch to the board with an "L" bracket and some plastic cable holders. The final step, is to plug it in to the motherboard headers.

 

 




Turn Your Flash Drive Into a Super Secure Storage Device

December 3, 2012  by Gjkozick
Home // Tech

Data breeches and thefts are a big buzz word in Tech right now. Many of these errors were caused by people running around with important information on flash drives and hard disks. Here are some easy and free steps that you can take to protect your data on the go.

 

 

Preparing our drive



For this article, I’m going to use a Kingston 16 GB full-metal flash drive. I like this one because there are no moving parts to break off and it can easily mount on a key ring. Normally, any data that you save to this drive is going to be in the clear. Anyone who finds your lost drive can read whatever’s on it. Through this tutorial, we’re going to make a secure file container that’s protected against unauthorized use.




You could use Microsoft’s BitLocker, or buy a fancy flash drive with built-in encryption, but all you really need is a freely available program called Truecrypt. We can trust Truecrypt because it’s open source. Its code is freely available, so we know what’s in it and what it does. It doesn’t contain back doors and is safe and secure.

Download and install Truecrypt. Once its installed, plug in your flash drive and we’re good to go. From the dropdown menu, select Tools and then Traveler Disk Setup. This option will extract the files needed to mount your flash drive on any computer, so you don’t actually have to have Truecrypt already installed on that machine to access your data. Enter the drive letter of your flash drive and then select “Start Truecrypt” from the list of AutoRun options; then click “create”.



Now, we have the program information on our flash drive, but we need to create an encrypted file container to store our data. This is a file-based disk image that’s mounted by Truecrypt and appears like any of the drive on your computer. You can drag and drop files onto it, just like a hard drive, however they’re stored within an encrypted file system. If you don’t have the password to mount the Truecrypt volume, you can’t read the files that are stored on it.

 

 

Creating our encrypted file volume

From the Tools menu once again, select “Volume Creation Wizard”. You can encrypt whole drives and partitions, but for this exercise, it’s easiest to create an “Encrypted File Container”. Select this option and click Next >.

Go ahead and click “Standard TrueCrypt Volume”. Navigate to your flash drive’s folder and enter a file name to save as. I set it to “FileContainer”, you can name it whatever you want. Be sneaky if you want; then click Next >.



The next part is a little tricky, you need to select an Encryption Algorithm and a Hash Algorithm. You can even use multiple layers of encryption. If you’re encrypting a file system, I’d stick with AES, it’ll be good enough without a performance hit. For our flash drive, this isn’t as important. For our example, we’ll use “Serpent-AES” and then “SHA-512” as our Hash Algorithm.



Next, we need a volume size. It’s a 16 GB flash drive, I’m going to set the volume as 14 GB. Next, it will ask for a password. This is the master password that you enter when you want to mount your drive. Make it something strong and secure.

Next, it will create and format your encrypted file container partition. You’ll be asked to move your mouse around randomly. This will induce some randomness into the generation of the encryption keys. Do this, and it will proceed with the format operation.



Once complete and mounted within Truecrypt, you can drag and drop files onto your drive like any other hard drive on your system; only now, they’re stored securely in your encrypted drive container instead of in the clear.




Hack@Home Part 2: My Second Server Cabinet

November 29, 2012  by Gjkozick
Home // Hack@Home

Introduction


Welcome to my homebrew series. I wanted to share some of my experiences modding my personal equipment. Last time, I built my first server cabinet, patched in my local PC’s through a patch panel, and created an uplink to my cable modem.

 

 

My Second Mission


My original server cabinet had room for two server boards and networking gear. For the next phase of my expansion, I need something a little bigger. We recently moved to some new property and I have a barn in my backyard. I plan on running power and Ethernet out to it to make it a LAN Party\Man-Cave. I also do some web hosting and need server space to fiddle and learn on.
I’m going to start renovating my barn later this spring, but I was bored and felt the need to move forward on something, so I started working on my second server cabinet. Later phases will include running power to my barn from the house, putting in a level floor, and running lighting, network, power, and seating.

 

The Specs


This time, I decided that I’d expand the cabinet to four (4) server boards, up from two (2). To do this, I’m running with a total size of about 36” by 24”. Approximately 4” each for the four server shelves, plus space for a 24-port gigabit switch and a patch panel.
I started off with 2x2’s for the outside frame, and 1x2’s for the inside shelves. Required equipment includes:

Table Saw
Cordless Driver
Corded Driver
3 Gallon Air Compressor
Nail gun
Dremel

 

 

I used my nail gun to make the initial structure, and then drive in a large screw on each side to make sure the structure is secure. Once the outer shell is done, I proceeded to nail down the shelves. I used “L Brackets” to create shelves at 4” intervals, which I’ve determined is the optimum height for each server board. Next, I’ll start working on the finishing the exterior with plywood and paint the exterior.




Adobe Reader XI Deployement Woes

October 24, 2012  by Gjkozick
Home // Tech

Reader XI


Adobe recently released their Adobe Reader XI (That’s 11 for you people who don’t jive with the roman numerals). Their latest installer appears to be a mess. Apparently there was some data breach hacking incident. The Reader XI installer comes with a new install NAG that asks you to import or “use default” for trusted certificates. It might be possible to bypass this with their Customization Wizard, but that hasn’t been released yet.

 

What’s a NAG?


A Nag is an annoying window that makes silent installation and customization difficult. Usually, you can get around this with installation switches, group policy, or reg edits. In this case, I have not found a corresponding registry entry, and the installer is poorly documented.

 

First let’s try the executable installer


Like last update, I tried the executable installer first, using this command line to install the product (yes, I renamed the executable, I have no love for underscores in program names, I like them simpler):

ar1100.exe /msi EULA_ACCEPT=YES /qn /norestart

 

It installed the product, but now all my computers get this annoying dialog box when they start up every day. So this method is a fail, I don’t want the first person who sits in front of the machine to have to click through this, and I’m sure as hell not walking in front of all thousand computers in all of our locations to click through this box and make it go away.

MsiExec.exe /a ar1100.msi EULA_ACCEPT=YES /qn /lv C:\ar1100.log /norestart


So on to our second option. I tried the enterprise MSI. It also installed more or less fine, however the EULA_ACCEPT=YES public property on the command line seemed to have no effect. It prompted for the EULA, but not the certificates. The other odd thing I noticed is that the installer arbitrarily decided to make the root drive of the installation my Z: drive instead of my C: drive. I had no switching to indicate such, but it decided to install all its files into the base Z: drive.

Still trying to find an appropriate solution, if you know of one, let me know. Until then, I guess I’m going to wait on deployment until the Customization Wizard comes out. This version seems to be a little rough and rushed out the door; thanks Adobe.




Hack@Home Part 1: My Personal Server Rack

September 12, 2012  by Gjkozick
Home // Hack@Home

We moved to a new place. One of my first computer projects would be to setup and configure my office and LAN. Being that we're going to stay here a while, I needed to do things right.

 

My office includes two desktops, a laptop, and a network attached printer. My desktop and my wife's desktop are used for work and play, and then I have a work laptop connected to my desktop with a KVM. I use VPN a lot an like to run it on a separate machien so that I have all my work software local and so that I can still web browse on my main desktop while connected to work.

The first step was to install network jacks in the wall. My office is in the basement and the back of the drywall is still exposed, so this would be pretty easy. I installed a 4-jack plate near my computer and a 2-jack plate near by wife's computer. I also ran another cable up to my TV in the living room for my WAP. I ran the cables to an unoccupied corner of my basement.

 

In order to house the patch panel and my servers, I built a homebrew server cabinet out of 2x2's, 1x2's, and some plywood. My home network includes two physical servers. The first is my firewall. I'm using Astaro Gateway on an older AMD64 board. It has three interfacs. A main interface going to my cable modem and two Intel Gigabit nics going to the internal network. I'm really just using one at the moment. The gateway functions as a firewall and maintains a Site-2-Site VPN to another network location.

My second "server" is running VMWare ESXi, which I use for learning and for test projects. I have two windows servers which have some storage and active directory; and then I have a third server running Ubuntu which I use as an external name server. I prefer using Bind9 to Microsoft for my external authoritative DNS.

My next computer project is to set up my barn as a Man Cave \ LAN Party HQ, which will mean running power and networking out to it. It's fairly big and stays cool in the summer. Not sure I'll be able to do that until next spring due to money and time.