Sunday, 28 February 2010

Full Circle Magazine #34 Available!

This month marks the 34th issue of Full Circle, along with the new and improved companion Full Circle Podcast!  Now, along with your magazine, you’ve got an extra 40 minutes of auditory Full Circle goodness.

Mount ISO images without the command line

Or, 'how to check your newly mastered DVD-iso image is good before you burn it and waste your blank media.'

Everybody knows I hate typing hieroglyphics at the command line. Any opportunity to avoid the terminal session, I take it....

Thursday, 25 February 2010

Full Circle Podcast Episode #1 is up

Full Circle is a free, independent, magazine dedicated to the Ubuntu family of Linux operating systems. Each month, it contains helpful how-to articles and reader submitted stories.

The resurrected companion podcast is now available featuring yours truly, Ed Hewitt and Dave Wilkins.
Episode #1: Stop Wine-ing and Go Native!
Hosted at:
http://fullcirclemagazine.org/2010/02/24/full-circle-podcast-1-stop-wine-ing-and-go-native/

Wednesday, 24 February 2010

Partition Magician

If you've waded through the previous post, Scouting the Upgrade Trail, this is the coda to the flippant one-liner about choosing a partitioning scheme.

Decide what disk partitions you actually need; my main reason is to separate programs from data, within that, separate my documents from the music collection from video. It makes backing up easier and searching for content a breeze.

None of this is gospel, but it is the scheme I've adopted since Hardy Heron...

Tuesday, 23 February 2010

Scouting the Upgrade Trail

It's upgrade time. We all know the sensible way to do this is to upgrade sequentially through the version numbers (yawn). However, Ubuntu 9.10 will only perform the in-place upgrade over 9.04 and nothing earlier. If you're still an Ubuntu Badger, Heron or Ibex, you have little choice but to clean-install. Maybe, like me, the time has come to upgrade the hard drive and start-over from scratch with a new file-system and software stack. The in-place upgrade is one thing, a clean install something else. True, there are lots of “Top Ten things to do after installing Operating-System-X” articles around; many give good advice on exactly which repositories to update, recommended programs, codecs, UI tweaks. This list aims to go back to first principles; what to do before you start, during and after...

Sunday, 21 February 2010

What Makes a Digital Messiah?

Expectations were high in January, when a guy called Steve stood up in San Francisco and announced a new kind of sanitary towel (according the product name). Expectations worthy of a new digital messiah; after almost two years of hype and speculation, it seems we'd be satisfied with nothing less. Just one look at the shiny-shiny tablet (cue heavenly choir) and the pundits declared we're in the future. We're in Star Trek. Uh-oh.

Saturday, 20 February 2010

How-to: Preserve Your Anonymity using TOR

Recently Google CEO Eric Schmidt declared the death of privacy on the internet and dismissed concerns saying “...if you have something that you don't want anyone to know, maybe you shouldn't be doing it in the first place.” [CNBC: “Inside the Mind of Google” special http://insidegoogle.cnbc.com/ ]. So now we know. Private equals secret equals bad. Like the pro-surveillance advocates say, privacy's only function is to obscure lawbreaking: “if you've done nothing wrong, you've got nothing to worry about.” Right?
Wrong...

Review: Linux Mint 7 ‘Gloria’ (re-post)

Original article: 13/09/2009 appeared in Full Circle Magazine #31
Derivatives have gotten a bad name since the financial credit-crunch and banking meltdown. There is one derivative, however that looks rather a good investment: Linux Mint 7, codenamed Gloria. Mint 7 is a Linux distribution derived from Debian via Ubuntu – in this release Ubuntu 9.04 Jaunty...

Review: WebHTTrack website copier and offline browser (re-post)

Original article: 02/09/2008 appeared in Full Circle Magazine #26
It was a simple job, creating a website using the tools and free hosting on Google Sites. Trouble is, there's no site backup tool and I don't like leaving the only copy of my precious pages sitting in 'the cloud.' Now imagine you're taking over a website project, or migrating to a new ISP or server; maybe you need to manage rising web-traffic by creating a 'mirror' of you main site. Maybe you're going out and about with no web connection, but need to take some content with you. All the tools I know are commercial, 'industrial strength' or non-Linux. Which is where the WebHTTrack utility comes in...

Opinion: The Lure of Instant-On (re-post)

Original article: 28/08/2008
In this installment, the Professor and Alter cross swords over the necessity of windows or indeed, worktops. Sorry, Splashback. Err, Splashtop.

Opinion: How many distros is too many? (re-post)

Original article: 09/08/08 appeared in Full circle Magazine #18
In this installment, the Professor re-educates the young Padewan, Alter, in answer of the question 'how many distros is too many?'

My Opinion: Is this the Year...? (re-post)

Original article: 09/08/08 appeared in Full Circle Magazine #17
Bios: check
Memory: check
Reality: check?

Is this the year...?


Review: Google Sites (free option)

Original Article: 30/08/08
Web 2.0 must be maturing; there's a plethora of on-line tools for building web-sites. Since the dial-up FTP connection to one of my free webspaces finally expired, I thought I would give one of them a try: Google Sites. We're not exactly  overwhelmed with web-page building tools for Linux and those we have go way too technical (Quanta Plus) or flaky (Anjuta). Now this isn't an exhaustive test of every Google Sites facility and it's just the free option.

Review: Asus Eee PC 701 mini-notebook (re-post)

Original Article 20/06/08 appeared on Everything Express
It's the machine that's responsible for opening up a new market segment betwen the business notebook and the ultra-portable One-Laptop-Per-Child (OLPC) at a price-point that makes it attractive for education and business and the casual user.

We've had ten of them on test to use and abuse, break, build and reconfigure. This is how we got on...

Review: Linux Mint 5 - 'Elyssa' gets better (re-post)

Original Article: 26/08/2008 appeared in Full Circle Magazine #17
Although it's not one of the core 'Buntu distributions, we've given Mint a fair share of coverage in the magazine this year; Linux Mint 4.0 'Daryna' was Flavour of the Month in Issue #10, with the follow-up comparison to Unbuntu in Issue #11, both favourable write-ups by Mr Clipsham that we won't repeat here. But now release 5.0 is out named 'Elyssa'

Linux How-to: Create a Separate Home Partition (re-post)

Original Article 06/04/2008: Cover:  Full Circle Magazine Issue #15
If you ran the default installation of Ubuntu, using the 'guided' partitioning option, you probably have two partitions on your hard drive; an Ubuntu system partition and a swap partition. Which is fine until you get into running regular backups. Then the Ubuntu 8.04 upgrade. Or a disaster to recover. Suddenly, having  all your data and programs living on one partition seems like a bad idea.

Opinion: What is Web 2.0? (re-post)

'Two-point-oh! or Two-point-less?'

Original Article: 06/04/2008 appeared in Full Circle Magazine Issue #13
Some of you might be thinking it's a little late to ask that question. Web 2.0 has been around as a concept since the dot-com bust around 2001 and a practical reality for around two years. It's been hyped, dismissed, delivered, condemned, rejected, re-launched, branded, marketed and abused in all the media. Several times over.

Now you're thinking 'what an ass, it's far longer than/less than that.' So which 'web 2.0' are we talking about, using and developing? Can we agree a definition? Is it working? Is it worth it?

How-to: Switch from IE to Firefox

Original Article: 06/04/2008 appeared on Everything Express
If you've never used Internet Explorer, all I can say is 'go in peace, my friend, you live a charmed life...' If, however, good old 'IE,' is the only browser you've ever known, you may need a little encouragement to get to grips with Firefox, a web-browser so good, it forced the boys-from-Redmond to play catch-up on features like tabbed browsing and produce the decent,  but still inferior version which is IE version 7.

How to: Understand IP addresses (re-post)

Original Article: 03/04/2008
You've got Ubuntu; you've got broadband and a router; you've got at least one PC on-line. Congratulations. Now change whatever Ubuntu set up for you and hey -  you're now a network administrator! On top of that surprise, you need to know some things about networks and addresses, otherwise getting and staying on-line becomes a hit-and-miss affair. Put a machine on any network using TCP/IP and it will need an IP address, otherwise it can't send or receive network traffic.
There goes the first alert – too many acronyms...

Linux How to: Configure Firestarter firewall front-end (re-post)

Original Article: 17/03/08
Call me a heretic, but I happen to believe that if Tux had intended man to type, he wouldn't have given us Gnome and KDE! I don't think that disqualifies me as a hardcore Linux user, I just have better things to do than endlessly type command strings (badly). My reluctance to use a terminal applies especially to my firewall...




One of the great features included in Linux by default is the IPtables software firewall which does a good job of protecting the PC from unwanted intrusions whilst on-line. Sadly, its' command-lines are complex and even experienced Linux users can struggle to configure it. So I looked around for a friendly graphical interface as a front-end to configure the built-in IPtables/IPchains utilities for me. There are good ones around - FireHOL, Firestarter, Firewall Builder, KMyFirewall, Guarddog, Shorewall - and much debate as to which is best, but I chose Firestarter. Please remember throughout this, Firestarter is the configuration tool, NOT the firewall itself. It is only as good as the information you feed it.  

Installation
Firestarter is contained in most repositories so you can install through Synaptic Package Manager, or if you really must, by running: sudo apt-get install firestarter in a terminal.  

We're off to see the wizard...
Running System > Administration > Firestarter
for the first time launches the Set-up Wizard. Before you say 'wizards are for wimps, Linux doesn't need them,' this one is good. Although I still can't tell if the Firestarter mascot is some kind of mutant-penguin or a chicken. As Firestarter is a system administration tool, it will ask for the root password on launch. First it will detect your network devices; you select one for firewall configuration from a drop down menu. Modem users get the option to enable the firewall on dial-out. The Wizard will also want to know if you are using static or dynamic IP addresses (how your PC identifies itself to your network and the internet). If you connect to the internet through a router, it's most likely assigning your PC's network address dynamically through DCHP, unless you or your Linux buddy explicitly set up static addresses. If you leave all that to your service provider, they will be assigning DCHP addresses for you. The firewall needs to know this in order to set some base rules for internet traffic - otherwise you'll be blocked from everything!

Usefully, right-clicking the Network Manager icon in the desktop panel gives you a Connection Information pane identifying your active network device and current IP addresses, but not the address mode for static or DCHP – you need to open Network Manager itself to find this (System > Administration > Network).

Next, the Firestarter wizard asks if you want to set-up Internet Connection Sharing. If the PC you're configuring is the firewall for your entire network and your other computers connect to the Internet through this one, then you want to enable this and select the network hub or switch that device that connects them. All this kit is 'behind' the firewall and is different from the router or modem used to connect to the Internet which will be 'in front' of the firewall.

The final step is to check the “start firewall now” box and click on Save. Once you've completed the Wizard, Firestarter will launch into the main application window, which consists of three tabs: Status, Events, and Policy. The user interface has a toolbar of big shiny buttons for common tasks and a full menubar for all the operations. It's very easy. Really. It is.
 
Status Status shows whether your firewall is active, disabled, or locked-down and displays information about your network devices, the traffic that has passed through them (Sent/Received) and current activity. You can click on "Active connections" for a list of all currently connected machines, with the source and destination addresses, the service being used and what application invoked it. Some should be familiar names, like your e-mail , web browser and messaging client. Firestarter has three states:
  • Active: firewall is running and applying rules to all connections.
  • Stopped: firewall is turned off, so all connections are allowed through.
  • Locked: firewall will disallow all connections in and out. Useful in the event of a security breach should you need to lock the firewall and disable the network entirely.
Changing state is a simple one-click operation if you use the toggle buttons on the toolbar to Start/Stop and Lock/Unlock.  

Events The Events tab will list blocked events. Don't be alarmed at everything listed here; generally only the entries in red represent a threat as far as the firewall can tell. These are the connection attempts that are targeted at ports used by important system services. You may decide, with your superior Mark-I human brain to allow a blocked connection as safe; select the blocked connection, right-click and select Allow from the pull down menu.  

About Policy
First, some terminology: Firestarter works through policies. A policy is just a term for a set of firewall rules. You get a default policy, to which you add your individual user policy. You define various rules and conditions for inbound and outbound traffic, applied to hosts (computers) or connection ports. Firestarter provides a basic, safe and user-friendly policy by default to allow normal internet usage such as web-browsing and e-mail on the secured hosts, but blocks any attempts to access network services from the outside, shielding the local network. The default Firestarter policy is essentially:
  • Unsolicited inbound connections from the Internet to the firewall or client hosts are always blocked.
  • The firewall host is freely allowed to establish new outbound connections.
  • All client machines are allowed to establish new outbound connections to the Internet, but not to the firewall host.
  • Inbound traffic from the Internet in response to requests from the firewall or clients is allowed through the firewall.
The good (or bad) news is you can amend policies to be as simple or as complex as you want. You can also set the firewall to be permissive or restrictive (more on that later).

Create your own Policy
Firestarter policyIf you want to create new policy rules, make sure which policy (inbound or outbound) you want in the Editing selection drop-down. The Policy tab is split; the upper pane is for Hosts and the lower pane is for Services and/or Ports.

To make a new policy, right-click in the appropriate pane, then click the Add Rule button on the toolbar . For example, to enable your LAN, add the network IP addresses, something like 192.168.1.1/24. It's entirely up to you what rules you want to enact, but best enable them one at a time so you can test things individually.

To edit an existing policy select the appropriate policy in the window, right click and select "Remove Rule" to delete the rule and "Edit rule" to modify the rule. The Edit Rule dialog box enables you to define IP addresses, domain names or network names – your choice – then pokes this information into the IPTables config files in the background when you confirm it by clicking the '+ Add' button.
 
Black-list or White-list
You can change the operating mode of the firewall when you select Editing > Outbound traffic. This gives you a choice of options;
  • Permissive: permit all traffic except whatever you define as black-listed in your user rules. This is the default, open-access setting.
  • Restrictive: block all traffic except whatever you define as white-listed in your user rules. This is the high-security setting for the extremely worried system administrator. Or possibly parents.
Firestarter Preferences
When you quit, all your policy rules are in effect. Your firewall will be active when you boot regardless of whether you have Firestarter open. In order to have Firestarter active in every session, you need to go to Preferences > Initial settings. On the Interface tab, check the box for 'Enable tray icon' and 'Minimize to tray on window close'. This will dock the Firestarter icon in your desktop panel and notify you to Firewall events as they happen. When Firestarter blocks a connection, the tray icon will turn red. Some other options are:  

ICMP Filtering:
ICMP stands for Internet Control Message Protocol - we knew that, right? When you set-up your network, you probably ran some tests by 'pinging' message packets to other machines on the network or on the internet to make sure you have a connection. Just like sonar in submarines. Outsiders may also be able to 'ping' your network address and confirm it is a live target. Firestarter allows you to set filters to block Echo Request (pings outbound) and Echo Reply (response to pings inbound). Disabling replies will stop your machine from responding to incoming requests, this silence effectively saying “nobody home” at your network address. I always leave open the ability to ping an outside machine as its the most basic networking test I know. Other options such as Traceroute are low risk and can be useful, so I leave them enabled.

ToS Filtering: Type of Service filtering will allow you to set which types of applications receive priority in network traffic. For example, if your computer acts as both workstation and server, you might want to set workstation processes as a priority over server processes such as HTTP from other users or applications on your network; Firestarter allows you to prioritize connections, as well; using the "throughput" option allows the most traffic through the firewall, while "reliability" reduces the transfer rate in favor of a more dependable connection.  

Further Reading
The Firestarter manual lives at Community Ubuntu Documentation, https://help.ubuntu.com/community/Firestarter.

Linux How-to: Incremental Backups using Tar (re-post)

Original Article: 27/03/2008
I won't go through the catalogue of computer disasters I've had to recover, but lets just say there's no substitute for a sound backup strategy. Let's assume you've created a full system backup as your baseline, using a tool such as Partimage to create a snapshot of your Ubuntu installation. You need to go incremental...

Linux How to: Backup Ubuntu using Partimage (re-post)

Original Article: 20/03/2008
First, some words of advice: never underestimate the need for a backup copy of your system and data. You never know when you'll lose a hard drive, whether it's electrical spike or failure, fire, flood, burglary, or just some idiot dropping a heavy object on the computer case while the hard drive is writing -  who, me?

Review: Wiki on a Stick (re-post)

Original article: 06/04/2008  appeared in Full circle Magazine #12
It's time to confess; I'm a PC junkie. I travel around the country a lot between  clients, friends, family. I usually take one of the three laptops, or I get stuck using various nasty client machines. There's a regular chunk of material I regularly use, not to mention a stack of bookmarked url's. I also maintain several web-sites for myself and others that I'm migrating away from Dreamweaver templates...

I decided a while ago that what I need is a cross between a content management system, electronic post-it notes and web-page editor. Something portable, compact, cross-platform, free to run client-side, publish to web and structure how I like. Or put another way, a Joomla-Tomboy-Quanta-Evolution hybrid. Hmm...

Linux How-to: Configure a Dial-up Modem (Re-post)

Original Article 27/02/08
What to do when you need to get on-line, but wireless broadband isn't available or isn't allowed? Having one web space only accessible via verified dial up link, not to mention the lack of broadband at my parents place, I had to dust off the dial-up modem in the laptop. Then I remembered that Linux has never been great with dial-up modems; they are an ancient, diverse and unfashionable category of hardware, built on perverse layers of software, chipsets, hardware abstractions and drivers.

JVC Mini Reloaded (re-post)

or 'what we used before the Asus Eee PC'

Original post 15/02/08 appeared in Full Circle Magazine Issue #14
Around December 2005, I decided I had to take action before the heavy Dell 5150 laptop I lugged around did permanent damage to my spine. My final candidate for an ultra-lightweight, fully functional mini notebook was the JVC MP-XV841. Extremely compact at 9.2 by 7.0 by 1.5 inches, it’s not much bigger than a hardback book and lightweight at 3.2 pounds. The delivery spec (bottom) was better than the laptop I was using daily.

Friday, 19 February 2010

The Catling Pages Return

Getting with the 21st century; a new blog on a decent platform, no hand-crafting HTML, code, forms and DIV tags!

We're on Blogspot care of Google. A full review will follow later.