Sep 16, 2011

Firefox: Java plugin for Firefox does not work...

Do you have a problem with getting the java plugin running on your linux?
First a site, which checks, if your plugins are installed and up to date:
https://www.mozilla.org/en-US/plugincheck/
You should get something like:

But how to add java into this list?
There are many tutorials out there:
  • link jdk1.6.0_23/jre/plugin/i386/ns7/libjavaplugin_oji.so
  • or copy some other libs...
But this will only result in no plugin or a crashing firefox, when you visit a website, which starts this plugin.
The only way to get the plugin running is:
  1. delete all java-lib/plugins in .mozilla/plugins
  2. create a link to YOUR-JRE/lib/i386/libnpjp2.so
    (do not copy!!!!)
Thats all...
Just check via https://www.mozilla.org/en-US/plugincheck/ again:

Posted by at No comments:
Labels: ,

Sep 2, 2011

Oracle 11g Database Express Edition released

After the beta phase Oracle Database Express Edition 11g Release 2 was released:

Free to develop, deploy, and distribute

Oracle Database Express Edition 11g Release 2 (Oracle Database XE) is an entry-level, small-footprint database based on the Oracle Database 11g Release 2 code base.  It's free to develop, deploy, and distribute; fast to download; and simple to administer.
The installation is only for the following operating systems supported:
  • Oracle Enterprise Linux 4 Update 7
  • Oracle Enterprise Linux 5 Update 2
  • Red Hat Enterprise Linux 4 Update 7
  • Red Hat Enterprise Linux 5 Update 2
  • SUSE Linux Enterprise Server 10 SP2
  • SUSE Linux Enterprise Server 11
(only RPM-based 64 bit distributions).

Here some important license statements:
  • If Oracle Database XE is installed on a computer with more than one CPU
    (including dual-core CPUs), then it will consume, at most, processing
    resources equivalent to one CPU.
  • Only one installation of Oracle Database XE can be performed on a single computer.
  • The maximum amount of user data in an Oracle Database XE database cannot exceed 11 gigabytes.
  • The maximum amount of RAM that an Oracle Database XE database uses cannot exceed 1 gigabyte, even if more is available.
If you are interested in features which are not included with Oracle Database XE take a look here:
  • ...
  • Flashback Database
  • ...
  • Oracle Active Data Guard
  • Oracle Total Recall
  • ...
  • Oracle Real Application Clusters
  • In-Memory Database Cache
  • Oracle Diagnostic Pack
  • Oracle Partitioning
  • ...
  • Advanced Replication
  • ...
Posted by at No comments:
Labels: , ,

Aug 13, 2011

Google+ games: privacy and sharing information about played games

I read about Google+ games and i knew:
Today we’re starting to gradually roll out games in Google+. We look
forward to making them fully available to everyone in Google+ soon.
and this evening there is a new icon:

and clicking on this four connected points showed the following:


Ok. Let's go: I clicked the blue "play" button and got:


I followed the "Learn more" link:


Who can see that you're playing games


Games on Google+ are social. Information such as the games you play
and your accomplishments within the game (such as high scores and
levels) may be visible to other Google+ users.

Google+ won’t publish your gameplay information to the stream without
your consent. You get to choose when to share updates from games (and
the people you share with). So how do people see that you've played a
particular game?

In “Featured Games”

If you’re looking at the "Featured games" area, you might see the number
of people in your circles who have recently played a game, along with a
photo of a recent player. Click on played recently to bring up a box that shows who those people are.

Within Games

When you play a game, you’re consenting to share information such as
your name and profile picture with the game developer. This lets
developers design better social games.

Additionally, a game may involve multiple players in a single match
(such as a poker table). In these situations, the other players in the
room can see and interact with each other during gameplay.

Some games allow you to partner up with (or work against) another
player, such as a neighbor, ally, or an enemy/rival. These games use
your circles to suggest people to interact with. You could show up as a
suggestion to another player to become an ally or to challenge.

This sounds fair, so let's start playing one:


And then just play...

Posted by at No comments:
Labels: , ,

Jul 30, 2011

Linux VPN Client: disconnect every 600s (10min)

You are trying to connect to a Cisco Pix or Cisco ASA with a Linux PC and the connection disconnects after 10 minutes?
You tried
You found after googling around the following hints:
  • rekeying problem (not implemented for Linux)
  • missing open ports in your firewall (500 UDP, 4500 UDP, 10000 UDP)
  • write a automatic restart script
  • set MTU size on tun0 below 1300
  • disable dead pear detection (--dpd-idle 0)
    this is done via port 500
  • ...
None of this tips worked. And now?
Let's take a look at the debug messages from vpnc:
vpnc -no-detach --debug 2 profile0
after 10 minutes:
S7.2 QM_packet2 send_receive
S7.3 QM_packet2 validate type
vpnc: no response from target
Anything learned? The connection is dead again with no response from target...
Where are this response packets? Let's take a look at wireshark:


Hmmm
Dst Port 500...
Let's try the following:
vpnc --no-detach --debug 2 --dh dh5 gip2
and voila: no disconnects anymore...

Why?
Read this link:
The Diffie-Hellman Group 5 feature enables group 5
on all platforms that support crypto images. Group 5 specifies the
1536-bit Diffie-Hellman group, which is a method of establishing a
shared key over an insecure medium.

So my advise:
If your VPN disconnects after some minutes, try some of the cli-options of vpnc. Or ask your administrator, which Diffie-Hellman group is configured...

Here the cli-option (via vpnc --long-help)
Usage: vpnc [--version] [--print-config] [--help] [--long-help] [options] [config files]

Options:
--gateway <ip/hostname>
IP/name of your IPSec gateway
conf-variable: IPSec gateway <ip/hostname>

--id <ASCII string>
your group name
conf-variable: IPSec ID <ASCII string>

(configfile only option)
your group password (cleartext)
conf-variable: IPSec secret <ASCII string>

(configfile only option)
your group password (obfuscated)
conf-variable: IPSec obfuscated secret <hex string>

--username <ASCII string>
your username
conf-variable: Xauth username <ASCII string>

(configfile only option)
your password (cleartext)
conf-variable: Xauth password <ASCII string>

(configfile only option)
your password (obfuscated)
conf-variable: Xauth obfuscated password <hex string>

--domain <ASCII string>
(NT-) Domain name for authentication
conf-variable: Domain <ASCII string>

--xauth-inter
enable interactive extended authentication (for challenge response auth)

--dpd-idle
conf-variable: Xauth interactive

--vendor <cisco/netscreen>
vendor of your IPSec gateway
Default: cisco
conf-variable: Vendor <cisco/netscreen>

--natt-mode <natt/none/force-natt/cisco-udp>
Which NAT-Traversal Method to use:
* natt -- NAT-T as defined in RFC3947
* none -- disable use of any NAT-T method
* force-natt -- always use NAT-T encapsulation even
without presence of a NAT device
(useful if the OS captures all ESP traffic)
* cisco-udp -- Cisco proprietary UDP encapsulation, commonly over Port 10000
Note: cisco-tcp encapsulation is not yet supported
Default: natt
conf-variable: NAT Traversal Mode <natt/none/force-natt/cisco-udp>

--script <command>
command is executed using system() to configure the interface,
routing and so on. Device name, IP, etc. are passed using enviroment
variables, see README. This script is executed right after ISAKMP is
done, but before tunneling is enabled. It is called when vpnc
terminates, too
Default: /etc/vpnc/vpnc-script
conf-variable: Script <command>

--dh <dh1/dh2/dh5>
name of the IKE DH Group
Default: dh2
conf-variable: IKE DH Group <dh1/dh2/dh5>

--pfs <nopfs/dh1/dh2/dh5/server>
Diffie-Hellman group to use for PFS
Default: server
conf-variable: Perfect Forward Secrecy <nopfs/dh1/dh2/dh5/server>

--enable-1des
enables weak single DES encryption
conf-variable: Enable Single DES

--enable-no-encryption
enables using no encryption for data traffic (key exchanged must be encrypted)
conf-variable: Enable no encryption

--application-version <ASCII string>
Application Version to report. Note: Default string is generated at runtime.
Default: Cisco Systems VPN Client 0.5.3:Linux
conf-variable: Application version <ASCII string>

--ifname <ASCII string>
visible name of the TUN/TAP interface
conf-variable: Interface name <ASCII string>

--ifmode <tun/tap>
mode of TUN/TAP interface:
* tun: virtual point to point interface (default)
* tap: virtual ethernet interface
Default: tun
conf-variable: Interface mode <tun/tap>

--debug <0/1/2/3/99>
Show verbose debug messages
* 0: Do not print debug information.
* 1: Print minimal debug information.
* 2: Show statemachine and packet/payload type information.
* 3: Dump everything exluding authentication data.
* 99: Dump everything INCLUDING AUTHENTICATION data (e.g. PASSWORDS).
conf-variable: Debug <0/1/2/3/99>

--no-detach
Don't detach from the console after login
conf-variable: No Detach

Report bugs to vpnc@unix-ag.uni-kl.de












Posted by at 1 comment:
Labels: , , ,
Subscribe to: Posts (Atom)