Protect Web Directories using .htacess

STEP 1:	Configuration of .htaccess file.
	First we must create was is known as the .htaccess authentication file. This file is the key to providing who has access to the files in the directory and what types of operations they are allowed to perform within the directory. This tutorial will restrict who is able to view (GET) files from the directory and upload (POST) files into the directory. For more elaborate security measures, check out Apache's web site. Open your favorite editor (Windows®, Notepad works well) or telnet into your web server and use a Unix editor like vi. Using the text below as a guideline, create a text file where /var/www/html/private/ is the absolute path of the directory where you would like to store your authentication usernames/passwords and My Private Directory is the name you would like for the authentication window. AuthUserFile /var/www/html/private/.htpasswd AuthGroupFile /dev/null AuthName "My Private Directory" AuthType Basic <Limit GET POST> require valid-user </Limit> Note: the absolute path to the .htpasswd file is very important. If unsure about this path, ask your hosting provider or telnet into the server and from the directory you want to keep your usernames/passwords, type pwd at the shell prompt. Note: the .htaccess file also protects subdirectories of the directory in which it is placed. Save this file as .htaccess. The .htaccess file needs to be placed inside the directory you would like protected. If the file was created on your local workstation, ftp the file into the directory you want protected. If a Unix editor like vi was used, use the mv command to move the file to the required directory.
STEP 2:	Configuration of the .htpasswd file
	Second we must create the .htpasswd file. This file contains the usernames and passwords of those individuals who we authorize access to our directory, and subdirectories. In order to create this file you must telnet into your server. Go to the directory, using the cd command, you specified your AuthUserFile (in this example, we specified /var/www/html/private/). Type htpasswd -c .htpasswd username to create the .htpasswd file and add "username" to list of authorized users. The program will initially prompt you for a password and then ask you to verify it. To add new users, use the same command without the -c switch. For example, to add the user foo, type htpasswd .htpasswd foo. To delete users, open the .htpasswd file, using your favorite unix editor, like vi, and delete the row(s) associated with the specific user(s) that you want to remove.
TEST	Test your configuration
	Open your browser and type the URL and path to the directory where you placed the .htaccess file. For example, if you placed the .htaccess file in a subdirectory called private that is contained within your web directory, then you would type <http://www.mydomain.com/private/>. If you were successful, you should get a dialog box prompting you for a username and password.
MISC	Troubleshooting your configuration
	The most common mistake is not using the correct path to the .htpasswd file in step one above. To be certain that you are using the correct absolute path, follow these steps: Telnet into your server. Use the change directory command, cd, to access the directory where your .htpasswd file is located. Use the list files command with the <all contents> and <long format> options (ls -la) to be sure your .htpasswd file is present. Use the print working directory command (pwd) to display the absolute path to your .htpasswd file. This path should be identical to the path listed in Step 1 (/var/www/html/private/ in the example above).   Another common mistake is misconfiguration of the Apache config file. If you have a hosting provider, contact technical support to verify that they allow their users to use .htaccess authentication. If you host your own server, open your Apache config file using your favorite editor (in RedHat® Linux 7.1, the file can be found in /etc/httpd/conf/httpd.conf). Scroll down the file and make sure the AllowOverride option is set to All. If you are still having problems, there are a variety of free password protection scripts written in perl that may be suitable for your needs. Adapted from

eth0_rename in ethernet card

While Upgrading the Systrem with same hard disk but different system a problem eth0_rename in the name of Ethernet  card occurred. Solution : Remove the old records from
/etc/udev/rules.d/70-persistent-net.rules

Reset windows password using linux live CD

Reset Windows 7 passwords with Linux Ubuntu

(Applicable to older windows ver. too )

Have you experienced the tragedy of forgotten passwords to log into your windows 7? prior to re-install can be tried by using the tools on ubuntu linux system whose name chntpw, the main requirement is that you understand a little about Linux and the CLI have a LiveCD Linux Ubuntu (any version).

Steps you can do is:

1. Booting the PC / laptop using the Ubuntu Linux LiveCD
2. Select Menu Run Ubuntu Linux without installation.
3. On the Desktop in the Places menu Select Windows to the System Drive can be mounted so.
4. Update the repository with: root@ubuntu: apt-get update
5. Install the package chntpw way: root@ubuntu: apt-get install chntpw and let the installation process to complete.
6. Log into the CLI in Application – Accessories – Terminal and select: / Windows/System32/config following manner:

root@ubuntu: cd/media/[name of the windows partition/Drive C:]/Windows/System32/config

7. View user who is in her windows by running:

root@ubuntu:/media/187823A87823839A/Windows/System32/config# chntpw -l SAM

chntpw version 0.99.5 070923 (decade), (c) Petter N Hagen
Hive name (from header): <SystemRootSystem32ConfigSAM>
ROOT KEY at offset: 0×001020 * Subkey indexing type is: 666c
Page at 0xf000 is not 'hbin', assuming file contains garbage at end
File size 262144 [40000] bytes, containing 6 pages (+ 1 headerpage)
Used for data: 247/52256 blocks/bytes, unused: 9/4896 blocks/bytes.

* SAM policy limits:
Failed logins before lockout is: 0
Minimum password length : 0
Password history count : 0
| RID -|———- Username ————| Admin? |- Lock? –|
| 01f4 | Administrator | ADMIN | *dis/lock* |
| 01f5 | Guest | | dis/lock |
| 03e8 | totti | ADMIN | *dis/lock* |

In the top menu for the user Administrator and Totti in the status dis / lock -disable/lock, never to be edited please is enabled by selecting the first number four on the menu:

- – – – User Edit Menu:
1 – Clear (blank) user password
2 – Edit (set new) user password (careful with this on XP or Vista)
3 – Promote user (make user an administrator)
4 – Unlock and enable user account [seems locked ]
q – Quit editing user, back to user select

after that it commands the road: chntpw SAM-u Administrator to change the administrator password.

root@ubuntu:/media/187823A87823839A/Windows/System32/config# chntpw -u Administrator SAM
chntpw version 0.99.5 070923 (decade), (c) Petter N Hagen
Hive name (from header): <SystemRootSystem32ConfigSAM>
ROOT KEY at offset: 0×001020 * Subkey indexing type is: 666c
Page at 0xf000 is not 'hbin', assuming file contains garbage at end
File size 262144 [40000] bytes, containing 6 pages (+ 1 headerpage)
Used for data: 247/52256 blocks/bytes, unused: 9/4896 blocks/bytes.

* SAM policy limits:
Failed logins before lockout is: 0
Minimum password length : 0
Password history count : 0
| RID -|———- Username ————| Admin? |- Lock? –|
| 01f4 | Administrator | ADMIN | *BLANK* |
| 01f5 | Guest | | dis/lock |
| 03e8 | totti | ADMIN | |

———————> SYSKEY CHECK <———————– SYSTEM SecureBoot : -1 -> Not Set (not installed, good!)
SAM AccountF : 0 -> off
SECURITY PolSecretEncryptionKey: -1 -> Not Set (OK if this is NT4)
Syskey not installed!

RID : 0500 [01f4]
Username: Administrator
fullname:
comment : Built-in account for administering the computer/domain
homedir :

User is member of 1 groups:
00000220 = Administrators (which has 2 members)

Account bits: 0×0210 =
[ ] Disabled | [ ] Homedir req. | [ ] Passwd not req. |
[ ] Temp. duplicate | [X] Normal account | [ ] NMS account |
[ ] Domain trust ac | [ ] Wks trust act. | [ ] Srv trust act |
[X] Pwd don't expir | [ ] Auto lockout | [ ] (unknown 0×08) |
[ ] (unknown 0×10) | [ ] (unknown 0×20) | [ ] (unknown 0×40) |

Failed login count: 0, while max tries is: 0
Total login count: 4
** No NT MD4 hash found. This user probably has a BLANK password!
** No LANMAN hash found either. Sorry, cannot change. Try login with no password!

- – – – User Edit Menu:
1 – Clear (blank) user password
2 – Edit (set new) user password (careful with this on XP or Vista)
3 – Promote user (make user an administrator)
(4 – Unlock and enable user account) [seems unlocked already]
q – Quit editing user, back to user select

Please select whether to clear the password or create a new passwd.

Please select whether to clear the password or create a new passwd.

Once completed please exit and unmount the windows partition had been hand-picked by Places and restart the PC and go into Windows it, please go to the windows with a new password or no password, here I select blankpassword.

IPP printer configuration in windows

The steps outlined here should allow you to connect Windows 2000 or XP to a printer hosted by CUPS running on any Linux distribution.  My original instructions for connecting Windows 2000/Debain are included at the bottom of this page and may still apply to old versions of CUPS.

Windows XP / Fedora CUPS

There are two ways to configure a printer under Windows XP so that it works with CUPS:

• As a Postscript capable printer.  This allows your Windows XP machine to print to your normal printer queue with no printer-specific configuration.
• As a printer with a particular Windows XP driver.  On Fedora some additional configuration of CUPS is required, on other Linux/Unix systems it may work out of the box.

Common Steps

Share the CUPS Printer

One thing both of these options have in common is the requirement that the printer queues you create are shared.  In Fedora do this in the "Printer configuration" tool (from System Settings -> Printing) by selecting the printer queue, followed by "Action -> Sharing...".

Under other versions of Linux/Unix you may have to edit the CUPS configuration files directly, see Granting permission later in this document.

Hostname lookup

Another common step is to ensure that hostname broadcast by CUPS is accessible from the Windows XP machine.  If your CUPS machine is accessible using a name rather than just an IP address then you don't need to do anything for this step.  If the CUPS machine is not accessible via it's hostname then you need to set a mapping between the CUPS hostname and its IP address in the Windows hosts file.  Under WindowsXP the host file is in C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS, in Win2k replace WINDOWS with WINNT.  The format is simple:

 # Example hosts entry 192.168.0.3 rock 

Under some CUPS server configurations you will be able to use the IP address instead of the hostname, but often only a hostname will work.

Postscript Printing

To use a printer queue as a Postscript printer requires a Windows XP Postscript printer driver, such as the built-in MS Publisher Imagesetter or this freely available one from Adobe.

Built-in MS Publisher Imagesetter

To use the MS Publisher Imagesetter driver, use "Add Printer" to add a new network printer, select "Connect to a printer on the Internet..." and enter the URL for your printer queue (e.g. http://rock:631/printers/Epson).  When prompted for a driver select a Manufacturer of "Generic" and the Printer "MS Publisher Imagesetter".

Adobe Driver

To use the Adobe driver simply run the installer, select "Network Printer", enter the URL of your printer queue (should be of the form http://hostname:631/printers/PrinterName), and then select "yes" when prompted.  You can either use the "Generic PostScript Printer" option, or "Browse" for the printer specific PPD file created by CUPS (located in /etc/cups/ppd/PrinterQueueName.ppd on the Linux machine).

Using a Printer Driver

If you have a Windows XP printer driver available for your printer you can use this instead of the Postscript driver.  In some configurations you can use the existing printer queue, and just select the correct printer driver in Windows. 

Under Fedora, and possibly other systems, CUPS needs to be configured to accept printer data that is already in its native form.  There are two different approaches that can be used: either add a raw printer queue, or alter the CUPS configuration files with a text editor.

Add a raw queue

Adding a raw printer queue can be easily done through Fedora's "Printer configuration" tool (from System Settings -> Printing).  To do this select the "Generic" drop down when you reach the "Printer model" step of the wizard, then select "Raw Print Queue".  When Fedora prompts you to print a test page, say "No".  This printer queue will only be useful to those machines configured with a printer driver, and can not be used by applications running on Fedora.  (Also remember to share the queue!)

In Windows XP use "Add Printer" to add a new network printer, selecting "Connect to a printer on the Internet", and using a URL of http://hostname:631/printers/RawPrinterQueueName.  Select the printer driver for this printer as you would for a locally connected printer.

Modify CUPS Configuration

If you don't wish to create a raw printer queue then you can instead make the following changes to your CUPS mime.types and mime.convs configuration files.  Both of these files contain a commented out option starting with "#application/octet-stream".  Enable these options by removing the "#", and then restart CUPS.

Windows 2000 / Debian

These were the steps that I took to connect my printer, hosted under Debian, to my Windows 2000 machine.  This environment is no longer available to me for testing, so I'm not able to vouch that each of these steps is absolutely required.

Create a class

The major configuration change I had to make under CUPS was adding a class.  Based on feedback I've received it seems that only older combinations of CUPS and Windows require this (e.g. Debian Woody and Windows 2000), and newer versions do not.

I could not make Win2K talk to my printer directly, but it was able to work with a class that held that printer.  To do this go to the CUPS admin screen on the Unix machine(e.g. http://localhost:631/admin) and select "Add Class".  Enter a name, location and description as prompted and select continue.  Next select the printer you wish to share as a member of this group.  Select continue to save the class.

Granting permission

For an IPP client to be able to connect to CUPS it must have permission.  On Debian systems, and probably others, the default is for only local connections (i.e. those from 127.0.0.1) to be allowed.  To allow connections from across the network alter the <Location> directive in the cupsd.conf file (found in /etc/cups/).  For example to enable both local connections, and those from clients in the 192.168.0.* range use:

 <Location /> Order Deny,Allow Deny From All Allow From 127.0.0.1 Allow From 192.168.0.* </Location> 

To give permission for all clients from all network connections replace 192.168.0.* with All.

Win2k Configuration

I had two major problems setting up things on the Windows 2000 machine: getting Windows to see the Linux host and using the correct URL. 

In theory Windows should be able to connect to an IP address, however I never managed to get this to work, but it could successfully use a hostname.  To set a mapping between your CUPS hostname and its IP address you need to put an entry in the Windows hosts file.  Under Win2k the host file is: C:\WINNT\SYSTEM32\DRIVERS\ETC\HOSTS.  The format is simple:

 # Example hosts entry 192.168.0.3 rock 

Now you can set up the new network printer.  In the Control Panel select "Add Printer", "Network Printer", and then "Connect to printer on the Internet or your intranet".  The URL I use is:

 http://rock:631/classes/Home 

Replace 'rock' with the hostname of your Linux server, and replace 'Home' with the name of the class that you defined earlier.

Depending on your configuration of CUPS you will probably be prompted to install a printer driver for the network printer.  Doing this is the final step, after that you should be able to print from Windows directly to a CUPS printer using IPP!

Reinstall WIndows Fax and Picture viewer

In any case you lost  windows fax and picture viewer  in windows you can use following steps

Click on "Run" on start menu.


STEP 1:
When the little box pops up, type this in the white part of the box:

regsvr32 /u %windir%\system32\shimgvw.dll

A menu shows it was completed

If you get error message like "LoadLibrary("C:\WINDOWS\system32\shimgvw.dll") failed - The specified module could not be found."
It means that the dll file "shimgvw.dll" is either corrupted or not available.You should find it from another computer inside "c:\windows\system32" and paste to your system 32  OR  download it from here  http://www.dlldump.com/download-dll-files.php/dllfiles/S/shimgvw.dll/download.html and paste to your system32 folder.


STEP 2:
Click on Start, then Run... and type in:

regsvr32 /i %windir%\system32\shimgvw.dll

A menu shows it was completed

This should reinstall the Windows Fax and Picture Viewer on your computer.
(You may have to reboot after this for it to work.)

Stream audio in Bluetooth Headset using Dongle

Purpose: To play your audio such as MP3's and movie output through a Bluetooth-connected audio headset.

Scenario: You are too lazy to plug in a cable to your PC. You want to walk around your house without a long cable after you. You want to look cool to your mates. You want to psyche out your non-tech parents by listening to music without any audio device or cables attached to you. Problem is, very few Linux apps have direct support for directing sound to any other device.

Solution: Redirect all audio using the PulseAudio Server on Ubuntu

Pros:

• You are cable free! You can walk around the house (as far as the range of your Bluetooth adapter goes) and listen to music/movies.
• If your headset also has a mic, you can use that too for VOIP apps and the like.

Cons:

• A Bluetooth headset is generally more expensive than a cabled one.
• Most headset batteries only last four hours in continuous use before needing a recharge (though the TDK unit I have plugs into mini-USB to recharge and can still be used whilst recharging, which is convenient).
• Audio quality is generally not as good as a dedicated cabled headset.
• For those headsets that have battery-saving functions when idle, some are known to clip the start of the audio playback when turning back on (my set causes Ubuntu to wait until it's up and running before streaming the audio, thus no clipping).
• There are some known issues with using this method with 32-bit Skype under 64-bit Ubuntu, which I won't go into detail here (since I don't use Skype). Refer to the Ubuntu Forums for more details about it.
• At least on my headset, there is an ever-so-slight delay in audio sync when watching video.

These instructions should be adaptable to other distributions.

1. Fire up/install Ubuntu as normal.
2. Plug in or enable your Bluetooth adapter. Your Bluetooth adapter will be automatically detected and drivers loaded - there is nothing for you to do manually here.
3. If you have NEVER used Bluetooth on your Ubuntu setup before, then go to the next step, otherwise skip to Step 11 because you're probably already setup properly.
4. Get into a terminal.
5. Verify that your Bluetooth adapter is running with:

Code:

 $ hciconfig -a 

If you get details about hci0 listed including manufacturer's name, then your adapter is working.
.
6. Type in the following to edit your Bluetooth configuration file:

Code:

 $ sudo gedit /etc/bluetooth/hcid.conf 

This will bring up the Bluetooth configuration into the GEdit text editor.
.
7. Near the top of the file you will see the following:

Code:

 # HCId options options { 	# Automatically initialize new devices 	autoinit yes;  	# Security Manager mode 	#   none - Security manager disabled 	#   auto - Use local PIN for incoming connections 	#   user - Always ask user for a PIN 	# 	security user; 

Change the security user line to security auto
.
8. A few lines beneath this is a section that reads as follows:

Code:

 	# Default PIN code for incoming connections 	passkey "1234"; 

Change the 1234 to something else, eg: 4493. This is the pin number required for other Bluetooth devices to connect to you and it would be insecure to leave it at the default.
.
9. Save and exit.
10. Now restart Bluetooth by typing in:

Code:

 $ sudo /etc/init.d/bluetooth restart 

When you do this, an informational bubble will appear in your task bar saying <hostname>-0 Device has been made connectable, eg: if your PC's name is "gordon", the message would say "gordon-0 Device has been made connectable".
.
11. Turn on your Bluetooth headset, but don't go into pairing mode just yet.
12. In your terminal, type in the following:

Code:

 $ hcitool scan 

Your PC will now scan for local Bluetooth devices and your headset should appear in the resulting list after a few seconds (along with anyone's Bluetooth-enabled mobile phones that are in range). The output will look something like:

Code:

 $ hcitool scan Scanning ... 	00:11:22:AA:BB:CC	Nokia N95 	00:33:44:DD:EE:FF	BT81 $ 

In this example, my PC has found my Nokia mobile phone and my Bluetooth headset and shown me the MAC addresses for both of them.

NOTE: If your headset does NOT appear, you probably already have it paired with something else, like your mobile phone. In this case, switch the headset to pairing mode and then run the scan again.
.
13. Highlight and copy the MAC address of the headset to the clipboard using your mouse and CTRL + SHIFT + C.
14. Now type in:

Code:

 sudo gedit ~/.asoundrc 

Note the period before "asoundrc". This will create a new hidden text file called .asoundrc in the root of your Home directory and open GEdit so you can add to it. The file is hidden because of the leading period.
.
15. In the text editor, type in the following, replacing the MAC address with the one you copied earlier (paste with CTRL + V):

Code:

 pcm.bluetooth {   type bluetooth   device 00:33:44:DD:EE:FF   profile "auto" } 

NOTE: Depending on your distro, you may find that the word "Bluetooth" is reserved. If, when you get to Step 23, you hear anything BUT the audio you are playing, change the "pcm.bluetooth" bit above into something else, eg: "pcm.btheadset" and try your audio again. Remember then to change every typed reference in this guide from "bluetooth" to "btheadset".
.
16. Save and exit.
17. Now type in:

Code:

 $ sudo hciconfig hci0 voice 0x0060 $ sudo modprobe snd_bt_sco $ sudo modprobe sco 

This will enable sound on your adapter and load the modules necessary to carry bluetooth audio. Note that the two modprobe lines will only enable Bluetooth audio temporarily until you reboot. If you would like to load the drivers automatically on each boot, only add the two modprobe lines above to the end of the /etc/modules file (sudo gedit /etc/modules).
.
18. Now we need to tell PulseAudio that your Bluetooth headset exists:

Code:

 $ pactl load-module module-alsa-sink device=bluetooth $ pactl load-module module-alsa-source device=bluetooth 

Note that this enables your Bluetooth headset for PulseAudio only temporarily. To enable it permanently, create a new file using gedit ~/.pulse/default.pa and paste the two lines above into it and then save. NOTE: I've just noticed this tends to break PulseAudio because the bonding of your headset needs to have occured before issuing the above commands, or PulseAudio refuses to start upon reboot. Don't create this file (or delete/rename if you've already created it) and PulseAudio works fine again. To keep using your Bluetooth headset, move the file you created to your Desktop and make it executable. Once your Desktop has loaded and you've paired your headset, then execute the file by double-clicking on it to notify PulseAudio about the headset.
19. We're almost ready to pair with the headset and hear some basic audio, but before we do that, do a right-mouse click on the Bluetooth icon in your system tray and choose "Preferences".
20. Now click on the Services tab and ensure Audio Service is enabled. If not, check the box and then close the window.
21. Now type in:

Code:

 $ sudo cat /proc/asound/cards 

...and you should see output similar to the following:

Code:

 0 [Intel          ]: HDA-Intel - HDA Intel                       HDA Intel at 0xea400000 irq 22  1 [Headset        ]: Bluetooth SCO - BT Headset                       BT Headset 1 

This shows us that the system is ready to use the Bluetooth headset as device 1 (but we haven't paired it yet, so technically it won't be able to use it just yet).
.
22. The best way to trigger a pairing is to provoke the unit into a response as the normal methods don't always work. Switch your headset into pairing mode (refer to your headset's manual).
23. While the headset it in pairing mode, type in the following:

Code:

 $ aplay -D bluetooth -f s16_le /usr/share/sounds/login.wav 

This will attempt direct communication with your headset, and within a second or so, an information bubble will appear under the Bluetooth icon in the system tray asking you for the PIN number to access the headset. Click on the button to enter the PIN and then type it in. For most headsets, the PIN is 0000, but refer to your headset's manual.

Ubuntu should soon after confirm that it has "bonded" with the headset and you should suddenly hear the familiar Ubuntu login sound play through your headset! Hooray! We have sound!

Unfortunately only aplay will play anything through your headset. All other sounds are still coming through your speakers. Unless the application in question can redirect audio to another detected device, it will always play through the standard-out, so applications such as Totem and Rhythmbox will still output via your speakers and not give a hoot about your Bluetooth headset. To fix this, we need to make use of the PulseAudio Server which can redirect output to another device.
.
24. The PulseAudio Server is already installed by default in Ubuntu Hardy, so we just need to install some tools to manipulate it. Go back to your terminal and type in the following:

Code:

 $ sudo apt-get install paprefs paman padevchooser 

This will install the PulseAudio Preferences app, the PulseAudio Manager app and the PulseAudio Device Chooser app.


25. Once installed, go to the System->Preferences->Sound. The Sound prefs window will appear.
26. Under the Devices tab, change the "Sound playback" option for Sound Events, Music and Movies, and Audio Conferencing from "Autodetect" to "PulseAudio Sound Server".
27. Click Close.
28. Play something, be it an MP3 or video to ensure that your audio still works in general through your speakers. This confirms PulseAudio is working in general.
29. Now go to Applications->Sound & Video->PulseAudio Device Chooser. This will add a black microphone jack icon to your system tray.
30. Do a left-click on the jack icon and a menu appears. In this menu, choose "Manager". A new window appears.
31. If it's not already connected, click on the "Connect" button to connect to your local PulseAudio server. When connected, you will see details about it listed.
32. Click on the Devices tab. Under "Sinks" you should see an entry for "alsa_output.bluetooth". This is picked up directly from your .asoundrc file.
33. Now go to the Sample Cache tab. At the bottom is a "Playback on" drop-down. Choose Bluetooth from this list and click on the Play button. You should hear the Ubuntu login sound through your speakers. This proves to us that PulseAudio can play through your Bluetooth headset (but this is NOT the redirection - this is just a test).
34. Close the PulseAudio Manager.
35. Do another left-click on the mic jack icon in your system tray.
36. Go to "Default Sink" and then choose "Other" from the sub-menu. A window appears.
37. In this window, type in "alsa_output.bluetooth" and click OK.
38. Play a sound from somewhere, eg: MP3 or movie in Totem. You should now hear your audio coming through your Bluetooth headset!
39. To switch back to your speakers, simply click on the mic jack icon again, choose "Default Sink" and choose "Default" from the sub-menu. The next audio stream played will go back through your speakers.
40. To make the PulseAudio Device Chooser start automatically on startup, click on the mic jack icon again, choose Preferences from the menu and then click on "Start applet on Session Login" in the window.
41. Enjoy!

Convert image files to text

Optical Character Recognition With Tesseract OCR On Ubuntu

This document describes how to set up Tesseract OCR on Ubuntu 7.04. OCR means "Optical Character Recognition". The resulting system will be able to convert images with embedded text to text files. Tesseract is licensed under the Apache License v2.0.

This howto is meant as a practical guide; it does not cover the theoretical backgrounds. They are treated in a lot of other documents in the web.

This document comes without warranty of any kind! I want to say that this is not the only way of setting up such a system. There are many ways of achieving this goal but this is the way I take. I do not issue any guarantee that this will work for you!

 

1 Preparation

Set up a basic Ubuntu  system and update it.

Get scanned images or scan documents yourself.

If you use a scanner, be sure that it is supported by sane. A list of supported devices is vailable at http://www.sane-project.org/.

 

2 Get Imagemagick

The current version of tesseract provided in the Ubuntu repositories supports only uncompressed and G3-compressed tiff files.

To ensure, that tesseract is able to process your images, you should convert them to uncompressed tiff.

Since conversions with Gimp to uncompressed tiff were unusable, I used the convert tool, which is supplied by the Imagemagick package.

Install Imagemagick from the Ubuntu repositories with the Synaptic Package Manager.

 

3 Get Tesseract

Install the packages tesseract-ocr and tesseract-ocr-eng (for english) from the Ubuntu repositories with the Synaptic Package Manager.

 

4 Prepare Images

To get the best results from tesseract, you have to optimize the images. I recommend the use of images with a minimum resolution of about 200dpi.

I used Gimp for the following steps 4.1 - 4.3.

 

4.1 Cleaning

Remove any non-alphanumeric content from the image to prevent tesseract from producing chaotic text blocks.

That can be done easily with the erase-tool within Gimp.

 

4.2 Threshold

Convert the image to RGB or Greyscale mode.

Within gimp:

Image - Mode - RGB or Grayscale

Use the threshold function to reduce biased lighting and remove fragments. Move the sliders to define the delimitation of bright and dark areas. Have a look at the preview while you are doing this to see the effects on the image.

Within Gimp:

Tools - Color Tools - Threshold

 

4.3 Black And White

To improve the text recognition, we reduce the colors to black an white by switching the image to indexed mode.

Within Gimp:

Image - Mode - Indexed

Be sure to turn off dithering.

Save the image after this step.

 

5 Convert To Tiff

Now you have to convert the image to uncompressed tiff.

convert %source_file% %destination_file%

e.g.:

convert document.jpg document.tif

if you encounter problems, then use

convert newtext.jpg -flatten -monochrome newtext.tif

6 Use Tesseract

At this point all preparations are completed, so you can start using tesseract.

tesseract %tiff_file% %name_for_resulting_files%

e.g.:

tesseract document.tif result

Tesseract adds the file extensions for the resulting files itself. In this example tesseract would create result.txt, result.map and result.raw .

Modified and Rewritten from http://www.howtoforge.com/ocr_with_tesseract_on_ubuntu704

Configuring exim4 in Ubuntu to use GMail for SMTP

I wanted to route the mail through GMail SMTP servers since that would improve reliability. Turns out there is an indeed a way to make exim, the default MTA in debain/ubuntu to route all mail through GMail SMTP servers. Second round of trawling the interwebs started I managed to get a working setup without much trouble. But I had to piece together the content from separate sources. Here is how I did it.

Step 1

Run dpkg-reconfigure exim4-config

• Choose mail sent by smarthost; received via SMTP or fetchmail
• Type System Mail Name: e.g. company.com
• Type IP Adresses to listen on for incoming SMTP connections: 127.0.0.1
• Leave Other destinations for which mail is accepted blank
• Leave Machines to relay mail for: blank
• Type Machine handling outgoing mail for this host (smarthost): smtp.gmail.com::587
• Choose NO, don’t hide local mail name in outgoing mail.
• Chose NO, don’t keep number of DNS-queries minimal (Dial-on-Demand).
• Choose mbox
• Choose NO, split configuration into small files
• Mail for postmaster. Leaving blank will not cause any problems though it is not recommended

Step 2

• Open the file /etc/exim4/exim4.conf.template
• Find the line .ifdef DCconfig_smarthost DCconfig_satellite and add the following in that section
  

   send_via_gmail:        driver = manualroute        domains = ! +local_domains        transport = gmail_smtp        route_list = * smtp.gmail.com 

  
  If you have any other smarthost defined with “domains = ! +local_domains” remove that smarthost.
  
  
• Find the “begin authenticators”. In that section add the following
  

   gmail_login:        driver = plaintext        public_name = LOGIN        client_send = : yourname@gmail.com : YourGmailPassword 

  
  Make sure you have no other authenticators with the same public_name (LOGIN). Comment them out if needed (Thanks Jakub for reminding me)
  
  
• Find the comment  “transport/30_exim4-config_remote_smtp_smarthost”. In that section add
  

   gmail_smtp:        driver = smtp        port = 587        hosts_require_auth = $host_address        hosts_require_tls = $host_address 

Step 3

• Run update-exim4.conf
• Do /etc/init.d/exim4 restart

That should be it. You can test by using the command line mail client.

• Run mail user@example.com
• Give a subject and press enter
• Type something and press enter
• Type a single . (dot) and press enter
• Press enter for a blank CC:

This was on an Ubuntu server. I believe that this instructions will also work on Debain without any need for modifications.

Change apache2 web directory

You want /etc/apache2/sites-available/default (assuming you want to
adjust the default site for your server). Replace the "/var/www" with
the path to your website. It can get a lot more complex than this but
that's the easy way.

For peace of mind, it might not be a bad idea to backup the original
file before you start making changes. After you're done I think you
need to restart apache - apache2 -k restart.

Checking webserver vulnerabilities

Checking Webserver Vulnerabilities using Nikto

Nikto is a web server scanner which performs comprehensive tests against web servers for multiple items, including over 3500 potentially dangerous files/CGIs, versions on over 900 servers, and version specific problems on over 250 servers.

Scan items and plugins are frequently updated and can be automatically updated (if desired).

Nikto is built on LibWhisker and can run any platform which has a Perl environment, and supports SSL, proxies, host authentication, IDS evasion and more.

Nikto not only checks for CGI vulnerabilities but does so in an evasive manner, so as to elude intrusion detection systems. It comes with thorough documentation which should be carefully reviewed prior to running the program. If you have Web servers serving up CGI scripts, Nikto can be an excellent resource for checking the security of these servers.

Installation:
OpenSuSe user can install nikto using "1-click" installer - here
Ubuntu / Debian: $ sudo apt-get install nikto

Using Nikto:
The most basic Nikto scan requires simply a host to target, since port 80 is assumed if none is specified. The host can either be an IP or a hostname of a machine, and is specified using the -h (-host) option. This will scan the IP 192.168.1.2 on TCP port 80: nikto -h 192.168.1.2

To check on a different port, specify the port number with the -p (-port) option. This will scan the IP 192.168.0.1 on TCP port 443:  

nikto -h 192.168.1.2 -p 443

Hosts, ports and protocols may also be specified by using a full URL syntax, and it will be scanned:

nikto -h https://192.168.0.1:443/

Updating
Nikto can be automatically updated, To update to the latest plugins and databases, simply run Nikto with the -update command: nikto -update

 

Mount windows share from Linux

Samba can be used to allow connectivity between Linux and Windows. Samba can be used to share printers, share directories, connect to an windows domain, and many other useful features.

In order to mount your samba share to your Linux client open up the /etc/fstab file and insert the following line into this file

//192.168.10.5/e$ /mnt/winshare cifs credentials=/etc/accessfile 0 0

Now create a new file: /etc/accessfile with following contents

username=tendydon
password=some_password

Save the above file and restart your Linux client (or type command mount -a), after restart you should now able to access the share content from the samba server e$ of 192.168.10.5 under /mnt/winshare directory.

This is preferred over having passwords in plaintext in a shared file, such as /etc/fstab. Be sure to protect any credentials file properly and also note that there should not be any extra space in this file.

It there are any space in this credentials file you might get the following error on trying to mount the file system

mount error(13): Permission denied
Refer to the mount.cifs(8) manual page (e.g.man mount.cifs)