Two years ago I wrote an article about connecting openswan to checkpoint.

Here is a new example of connecting openswan to a sonicwall device.

ipsec.conf:

conn sonicwall
type=tunnel
# left=%defaultroute
left=serverip
leftsubnet=10.0.0.0/24
leftid=@macofserver #same on both ends
# leftxauthclient=yes
right=ipfosonicdevice
rightsubnet=192.168.0.0/24
# rightxauthserver=yes
rightid=@macsonicwall #add it as optional on the sonicwall interface
keyingtries=0
pfs=no
aggrmode=yes
auto=add
auth=esp
keyexchange=ike
esp=3des-sha1
ike=3des-sha1
authby=secret
# xauth=yes

ipsec.secrets:
@macofserver @macsonicwall : PSK "sasgSFgdasfg"

Start/Stop/Debugging:

ipsec setup --start
ipsec setup --stop
ipsec setup --restart


#after changes are made apply them
ipsec auto --replace sonicwall

#when debugging, it exists when it works
ipsec whack --name sonicwall --initiate

#after it works
ipsec auto --up sonicwall

Debug for phase1 and 2:
tcpdump -i eth0:0 host ipfosonicdevice
Logs:
tail -f /var/log/secure

References:
http://www.pelagodesign.com/blog/2009/05/18/ubuntu-linux-how-to-setup-a-vpn-connection-to-a-sonicwall-router-using-openswan-and-pre-shared-keys-psk/
http://www.sonicwall.com/downloads/SonicOS_Enhanced_to_Openswan_Using_GroupVPN_with_XAUTH.pdf

I just tried a Linksys WRT54GL. It’s nice, but what if you have to add hotspot services on it.
I have installed Coova for fun.
A common scenario is to have anonymous clients accessing it with all kind of systems, all kind of software and, of-course, viruses trojans.
So, just to be prepared you want to allow access only to a few ports: 80 (http), 443 (https), 5222 (jabber), 5050 (yahoo messenger), 1863 (MSN), etc.

All you have to do is to add the following two lines in /etc/firewall.user below “Allow SSH on the WAN interface” section:
iptables -A forwarding_rule -i br0 -m multiport --dports 80,443,5222,5050,1863 -j ACCEPT
iptables -A forwarding_rule -i br0 -j DROP

Now restart the firewall:
/etc/init.d/S35firewall restart
Test.

That’s all.

I don’t own a new computer so I have to use an old tecra A3 with an old HDD but a very good screen 15″ with a huge resolution: 1400×1050.

Because the hard drive is so slow Adobe Reader 9 starts in several seconds after I double click the pdf file.
So, if you have to read docs this a little bit annoying to have to wait a lot just to start Adobe.
After Reader is loaded the pdf file is loaded quite faster…

So I have googled a bit and I have found a few software apps to speed up adobe reader at start up.
But. Why to install another piece of software when you can do it yourself?!?

Here is how if you only want to read docs, no search, no other stuff:

Go to C:\Program Files\Adobe\Reader 9.0\Reader\ and create a directory “old” or “backup”.
Move the following directories in it: plug_ins, plug_ins3d and SPPlugins.

Start Adobe Reader. How is it? Mine it starts in lass than a second.

Here is how if you want to read docs and you want “Comment and markup” toolbar to be available:
Move all plugin dirs as you read before, but, keep in the plug_ins dir the following files:
AcroForm.api
AcroSign.prc
Annots.api
EScript.api
IA32.api
Search.api
Search5.api
weblink.api

Start Adobe Reader, read your books, educate yourself.

HTH and enjoy.

Later edit:
You can use PDF-XChange Viewer to view, markup text or add comments to your pdf files.

I use three tools to keep my windows patched/updated:
- apup[1], faster than windows update;
- sumo[2], to have latest versions of your installed programs;
- secunia PSI[3], personal security inspector, to know if your programs are exosed to risk(s).

Your default installation should include an Antivirus, antispyware and a sandbox (sandboxie[4]) to play with untrusted applications.

Links:
[1] – http://www.autopatcher.com/forums/index.php?showtopic=89
[2] – http://www.kcsoftwares.com/?sumo
[3] – http://secunia.com/vulnerability_scanning/personal/
[4] – http://www.sandboxie.com/index.php?DownloadSandboxie

Have fun!

This can be a bullshit. It might not work for you, but it worth to try this.

When you are in a hurry and you don’t have time, or simply you don’t want to buy a DVI-VGA adapter, just try to use the on board card. It could work.

Here is how.

Go to BIOS and try to enable the on board video card. Some motherboards can do this, some not. Try to allocate some memory to it.
Connect a second monitor or a video projector to it, just to be sure you get some image on it.
Reboot in windows and check what you can get.
Verify in Device Manager and if you have two video cards you are close to get some image on both displays.
I got both there but i got an “Error 10″ regarding missing IRQ.
One of my colleagues suggested to set it as primary display in BIOS.
After it was set as primary it worked just fine.

The bad:
- the driver in use is the driver from the on board video card
- you cannot span the image over displays

Tested with an asrock motherboard (intel based video card) and a nvidia based video card.

Just try it and give me some feedback.