LinOSX TechnoMash

I’ve been watching Macs for about 3 years now with a bit of envy. Apple, a few weeks ago, released the Mac Mini – “The most affordable Mac ever”. Within the first two weeks, Apple dropped the price of the memory, bluetooth, and wireless options. This made the Mac Mini even more enticing.

I began looking into picking one up as a toy. I’ve never used a Mac in my life. I’ve absolved myself of Windows about 3 years ago 100%, even at work. The only Windows applications I use are Quicken 2004 and the occasional Visio diagram that I get emailed to me.

Well, last Saturday, I went out and bought a Mac Mini. I bought the standard $499 model as a little box to just get started on. I had heard that the Minis were a bit under powered but I figured, it won’t be my primary machine, just a play-thing for my “Digital Lifestyle”, i.e. digital pictures, digital music, and digital video.

Well, the $499 Mini comes with 1 Firewire, 2 USB, 1 DVI ( with VGA adapter ), 56K modem, audio output, 10/100 ethernet, 40GB HD, 256MB RAM, DVD-ROM/CDRW, and a security slot so no one walks away with this sleek little Mac. the Mini also doesn’t come with a mouse or keyboard. This was perfectly ok with me as I prefer to use my ergonomic keyboard and mouse rather than the Mac Keyboard and Mouse. I opted not to get the 80GB HD, Bluetooth, or the DVD Rewriteable as I already have one on my Fedora Core 3 PC.

I spent the first three or four days configuring and just getting comfortable with the Mac. Being a Linux user, the first place I concentrated was getting familiar with all the keyboard shortcuts. I also had to install Firefox. Safari isn’t bad but I found it to be a little slow in rendering pages as compared to FireFox (I’m not too crazy about the fact that I can’t synchronize my Firefox bookmarks to the .Mac service with isync).

I also needed to install OpenOffice. To do this, I had to first download and install the Mac OS X 11 Kit ( ). After installing the X11 kit, running OpenOffice was a no brainer.

I then went about installing Fink. The goial of Fink is to modify existing Unix software to work on Darwin/OS X. Another no brainer. Once Fink was installed, I had to manually run the configuration script. Upon completion, I ran apt-get to get the MySQL and Postgres client applications installed. I had to be able to SQL to my Linux from my Mini. No problems at all!

More to come …

I finally modified the script slightly to keep a list of the “bad” IP addresses in a text file. Please feel free to modify the script any way you like and I’d really appreciate any modifications anyone might have.

#!/bin/sh
# $Author: pankaj $
# $Date: 2005/01/27 18:58:27 $
# $Revision: 1.2 $
#
# This is a simple script to parse /var/log/secure for ssh hacking attempts and block the whole subnet
# It might be a little overzealous but so what
#
#
for i in `grep 'Failed password' /var/log/secure | egrep -v '|' | awk '{print \$11 \$13}' | cut -d ':' -f 4| cut -d '.' -f 1-3 | uniq | egrep -v '172.20.16'`
do
BLOCK=${i}.0/24
echo "Blocking ${i}.0"
echo "${i}.0" >> /usr/local/share/blocked/ipaddresses.txt
done

mv /usr/local/share/blocked/ipaddresses.txt /tmp/ipaddresses.txt
cat /tmp/ipaddresses.txt | sort | uniq > /usr/local/share/blocked/ipaddresses.txt
rm -f /tmp/ipaddresses.txt
#
#/sbin/iptables --flush

for i in `cat /usr/local/share/blocked/ipaddresses.txt | sort | uniq`
do
/sbin/iptables -I INPUT -s ${i}/24 -j DROP
done
#/etc/init.d/iptables restart

# $Log: blocksshhacks.sh,v $
# Revision 1.2  2005/01/27 18:58:27  pankaj
# *** empty log message ***

Ok, I admit it, this script is horrible, even for a quick hack. Duplicate address constantly get processed every hour since they’re already in the log file. I’m going to look into doing this in a slightly smarter fashion before a specific ip address is blocked 48 or 72 times….