Links
- My Non-Geek Blog
- Bits O' News
- Reloader-Man
- Texas Hunter
- Jeff's Website
- Nicky's Blog
- Stripper-Mom
- Homestar Runner
- Joe Cartoon
- Twink Schiff
- The Onion
- Merriam-Webster
- Froogle
Archives
My Geek-Blog!!
Saturday, December 17, 2005
HP PSC2410 ... printing on dark paper
Just some notes, mostly for myself, but hopefully useful to others to ...
I was trying to use my HP PSC2410 printer to print on very dark (chocolate-brown) card stock, from my Apple PowerBook laptop. I used Powerpoint to layout the text and graphics, then in the print menu, I had to do a lot of twiddling -- otherwise the dark paper would confuse the printer and it would claim to be jammed or out of paper.
In Powerpoint I set it for "US Letter" ... which it considered 7.5x10in (landscape mode)
In Printer Options, I set the following:
* under "Paper Handling": click on "Use documents paper size: Borderless photo 8.5x11in." (No, this does not appear to jive with what Powerpoint thinks, but this is what I found that works)
* under "Borderless Printing": click on "Print borderless" (i.e. turn it on)
* under "Paper Type/Quality":
** on the "Paper" tab: select "Paper Type" as "HP Premium Plus Photo", select "Quality" as "Best", select "Color" as "ColorSmart III", and select "Source" as "Upper Tray"
** on the "Digital Photo" tab: turn all the fancy options off, or set the sliders all the way to the left (which should say "Off")
I was trying to use my HP PSC2410 printer to print on very dark (chocolate-brown) card stock, from my Apple PowerBook laptop. I used Powerpoint to layout the text and graphics, then in the print menu, I had to do a lot of twiddling -- otherwise the dark paper would confuse the printer and it would claim to be jammed or out of paper.
In Powerpoint I set it for "US Letter" ... which it considered 7.5x10in (landscape mode)
In Printer Options, I set the following:
* under "Paper Handling": click on "Use documents paper size: Borderless photo 8.5x11in." (No, this does not appear to jive with what Powerpoint thinks, but this is what I found that works)
* under "Borderless Printing": click on "Print borderless" (i.e. turn it on)
* under "Paper Type/Quality":
** on the "Paper" tab: select "Paper Type" as "HP Premium Plus Photo", select "Quality" as "Best", select "Color" as "ColorSmart III", and select "Source" as "Upper Tray"
** on the "Digital Photo" tab: turn all the fancy options off, or set the sliders all the way to the left (which should say "Off")
Friday, August 05, 2005
The details
The details of what my log-watch system:
1. mkfifo /tmp/log_fifo
2. edit /etc/syslog.conf and add:
*.info;authpriv.none |/tmp/log_fifo
3. edit /etc/sysconfig/iptables and add a new table called "BADGUYS"
a. in the "filter" section (at the top):
:BADGUYS - [0:0]
b. in the INPUT table:
-A INPUT --in-interface eth+ --jump BADGUYS
c. in the BADGUYS table (add this at the bottom):
-A BADGUYS --in-interface eth+ --source 169.254.0.0/16 --jump DROP
or some other "bad" IP address.
3. service syslog restart
4. run my logmonitor script which watches the /tmp/log_fifo "file" (more on this later)
By default, the logmonitor wakes up whenever a new entry appears in the log_fifo -- i.e. every time a login fails, but also every time any other crap goes into the log file. Every 5 minutes, it also wakes up and checks if any of the banned IP addresses has expired -- right now a ban is for 12 hours. I think the overhead on the system is minimal, and it catches script kiddies after 3 failed attempts, not 50.
1. mkfifo /tmp/log_fifo
2. edit /etc/syslog.conf and add:
*.info;authpriv.none |/tmp/log_fifo
3. edit /etc/sysconfig/iptables and add a new table called "BADGUYS"
a. in the "filter" section (at the top):
:BADGUYS - [0:0]
b. in the INPUT table:
-A INPUT --in-interface eth+ --jump BADGUYS
c. in the BADGUYS table (add this at the bottom):
-A BADGUYS --in-interface eth+ --source 169.254.0.0/16 --jump DROP
or some other "bad" IP address.
3. service syslog restart
4. run my logmonitor script which watches the /tmp/log_fifo "file" (more on this later)
By default, the logmonitor wakes up whenever a new entry appears in the log_fifo -- i.e. every time a login fails, but also every time any other crap goes into the log file. Every 5 minutes, it also wakes up and checks if any of the banned IP addresses has expired -- right now a ban is for 12 hours. I think the overhead on the system is minimal, and it catches script kiddies after 3 failed attempts, not 50.
Geek blog
Every now and then I tend to "geek out" and so I figured I'd start a blog to post my progress.
The latest thing I've been hacking on is a security system for my computer ... there are lots of script kiddies out there now, and if you turn on a brand-new computer, they say it will be "rooted" or compromised within minutes. In my own computer's logs, I'm seeing 2-10 brute-force attempts to login by random machines. Generally, these are very easy to detect:
Basically, they're just trying random passwords into widely-used usernames -- admin, betty, bob, joe. But they also try it a few times at each of 50 different usernames, so they could slowly figure out a correct combination.
My approach has been to give them 3 tries to get in, then I start dropping all their packets -- it's as if my computer never sees them again. If it is a legit user, they'll probably get their password right in 3 tries, so it isn't a big inconvenience to real users.
The latest thing I've been hacking on is a security system for my computer ... there are lots of script kiddies out there now, and if you turn on a brand-new computer, they say it will be "rooted" or compromised within minutes. In my own computer's logs, I'm seeing 2-10 brute-force attempts to login by random machines. Generally, these are very easy to detect:
Jul 31 23:03:35 192 sshd[32563]: Illegal user admin from 200.220.192.86
Jul 31 23:03:35 192 sshd(pam_unix)[32563]: check pass; user unknown
Jul 31 23:03:35 192 sshd(pam_unix)[32563]: authentication failure; logname=
uid=0 euid=0 tty=NODEVssh ruser= rhost=nagios.nqt.com.br
Jul 31 23:03:37 192 sshd[32563]: Failed password for illegal user admin from
200.220.192.86 port 52533 ssh2
Jul 31 23:03:39 192 sshd[32565]: Illegal user admin from 200.220.192.86
Jul 31 23:03:39 192 sshd(pam_unix)[32565]: check pass; user unknown
Jul 31 23:03:39 192 sshd(pam_unix)[32565]: authentication failure; logname=
uid=0 euid=0 tty=NODEVssh ruser= rhost=nagios.nqt.com.br
Basically, they're just trying random passwords into widely-used usernames -- admin, betty, bob, joe. But they also try it a few times at each of 50 different usernames, so they could slowly figure out a correct combination.
My approach has been to give them 3 tries to get in, then I start dropping all their packets -- it's as if my computer never sees them again. If it is a legit user, they'll probably get their password right in 3 tries, so it isn't a big inconvenience to real users.
