Linux: Compiz Grid Plugin

After working on a few projects in windows, I finally moved my primary workstation back to Linux (RHEL 6.6).

Out of the box everything worked fine, only one thing was missing, the ability to place a window were I needed it. In Windows 7  you can drag a full screen window to the left or right side of the screen and Win-7 will auto-re-size to that side but only half of the screen. Moving the window to the top of the screen makes the window full screen again.

Sadly, this option is not an available default in Linux. You can drag a window to a different desktop, you can double click the header of a window to have it maximize to full screen or back to default size. I wanted some sort of ability that Win-7 had.

SOLUTION – Compiz

Compiz Grid gives you 9 options to place your window using your numeric key pad and unlike Win-7, this will work on multiple monitor setups for each monitor. That means you can have 18 small windows quickly placed in dual monitor mode! Windows only allows the far left side of the left monitor and the far right side of the right monitor.

You cannot move the window with your mouse because that would kill the ability to drag a window to another workspace (don’t worry, Linux has plenty or work-a-rounds but I’m happy with this solution). If you already have compiz installed to do the “cool” cube thing that Windows users ask to see. Then you are already ahead of the game and depending on the version of Gnome you have, this should work flawlessly. I am only going to go into details for how to do this for RHEL 6.6 with Gnome 2.28.2 but with a few pointers from your favorite LUG (Linux User Group), you should be able to do this from the command line interface (CLI) with no problem using zypper, apt-get, yum, yast or even using a GUI software installer.

There is 2 additional packages for  that need to be installed in order for this to work.
You may have to enable 3rd part packages in order to get these.

$sudo yum install :
  1. compiz-fusion.x86_64 0.8.2-8.el6
  2. compiz-fusion-extras.x86_64 0.8.2-6.el6

These are the 64 bit versions “x86” with out the “_64” is for 32 bit systems.

Once packages are installed:Grid for CCSM

  1.  open the Compiz Configuration Settings Manager (CCSM)
  2. Scroll to the bottom
  3. Enable Grid as seen in this picture

Now give any window focus and hit these combination of keys.

The numbers must be from the numeric keypad!

  •  Ctrl+Alt+7 (window goes to top left corner)
  •  Ctrl+Alt+8 (window goes to fills top or 1/3rd center)
  •  Ctrl+Alt+9 (window goes to files top right corner)
  •  Ctrl+Alt+4 (window goes to fills left side)
  • Ctrl+Alt+5 (maximize window)
  • Ctrl+Alt+6 (window goes fills right)
  •  Ctrl+Alt+1 (window goes to bottom left corner)
  • Ctrl+Alt+2 (window goes to fills bottom or 1/3rd center)
  •  Ctrl+Alt+3 (window goes to bottom right corner)

Press the same keys more than once in a row on the same window to get different sizing options. Basically the same directions in a game that you might be playing using the numeric keypad and it does not matter if number locks is on or not.

Thank you and good luck – Adam M. Erickson

Elements Used in a Data Warehouse

Many Business Intelligence solutions are based on the use of a data warehouse. Here is a view of the components of a data warehouse both logically and physically.  Data Warehouse Elements

The data warehouse consists of several different elements:

  • The source can come from legacy systems that are usually an operational system used by the corporation or external data sources,
  • The data staging area is where data is processed (normalized and some history is stored) and moved to the presentation server.
  • The presentation server takes the data, organizes it and stores is for future quires and reports
  • The last step is the end user data access point, currently one of the most popular forms to access data is through a web page and mobile applications.

You can download the visio drawing I created here –>data-warehouse-elements.vsd

Qualitative risk assessment of RFID

Below is a short qualitative risk assessment of RFID (Radio Frequency Identification) I have pieced together.  In order to highlight strengths, weaknesses and benefits.

May it help you come to a conclusion on how would you deploy this technology while minimizing its risks?

Category Risk Impact Probability Affects
Customer QoS for customers declines because decrease in staff Medium Low Customers, Company rep.
Customer Customers may be dissatisfied with change Medium Medium Company rep, customers
Fraud Scale to RFID Fraud Low High inventory
Fraud Hackers making there own RFID tags High Low Revenue, company rep, emp trust
Inventory Management Mis-tagged or no RFID tag High Medium Inventory, revenue
Employees Adaptability Very High High Employee trust
Employees Lose or trust Medium Medium Employee loyalty
Employees strike Low Low Company rep, employee loyalty, revenue
Employees Productivity to meet new expectations Medium Low Inventory, company rep, customer loyalty
Pricing Lack or pricing from no supervision of ID creator Low Medium Revenue, company rep.
Pricing Inconsistencies Medium Medium revenue
Pricing Scanners not scanning all items Low Low Inventory, revenue
Inventory Management Mis-counts or stock and poor inventory control Medium Low Inventory control
Technical Issues RFID not functioning Very High Medium Data, company rep, employee trust, customer trust.
Technical Issues RFID limitations Medium Low data
Technical Issues Lack of knowledge for RFID or when system goes down High Medium Customer loyalty, company rep.
Technical Issues Designing Standards and processes Medium Medium Employee trust
Inventory Management RFID supplies not delivered on time Low High Inventory, customers, inventory
Inventory Management Lack of knowledge for RFID inventory processing Medium Low Employee, company rep.

 

Srength:

  • Become a leader through technology
  • Improve process flow
  • Customer satisfaction by adding value to customer services

Weaknesses:

  • Lack of technical support knowledge
  • RFID tagging on devices and produce
  • Major inventory fluctuations
  • Internal fraud
  • Damage to reputation of RFID is not effective

Benefits

  • Better real time data and additional data to make assumptions by
  • Possible opening to new market segments

Cost would be on schedule and worth the cost if all negative risks had a contingency plan. Costs can be fixed in the system and validated during pilot program to ensure cost consistency.

 

Reference:

Amber Russell, Curt Ireton, Damon Mulligan, Jan Bondoc, Tyler Rudolph. (November 2009). Risk Management Plan. RFID Implementation for Fresh Foods. Retrieved from http:// www.curtireton.com/Assets/Fresh_Foods_Risk.pdf

 

 

Enhance VIM

While VI has been used for years, in current Linus & iOS systems a lot of people have resorted to using Vim.

There are a lot of tricks to Vim that can make it easier to use. Some may not be active by default and I wanted a chance to introduce some of them to you. One in general that I have found very useful.

set background=dark

Lets start by making sure that you have the packaged “vim-enhanced” installed on your system. Use one of these steps from a terminal prompt to install it.

Mint/Ubuntu (Debian) sudo apt-get install vim-enhanced

Fedora (redhat, centOS) sudo yum -y install vim-enhanced

OpenSuse (Suse) sudo zypper install  vim-enhanced 

If one of these does not work or your operating systems is different, there are several other options for installing packages. Try the GUI option as well.

The best way to modify settings in Vim is to have the .vimrc file (Vim Run Command file) in your home directory.

cp etc/vimrc  ~/.vimrc

Open the file,

vim ~/.vimrc

From here you can fix all sorts of text editor effects in Vim.

Just remove the ” from the comment in order to use it.

The one that made a difference for me was.

set background=dark

This is a GREAT setting if you are working in Vim and have a dark background.

It will change what you see from this:

Vim background not set.

“set background=dark

To this:

Vim

set background=dark

set background=dark

Making it very easy to see commenting, now there are several ways to change the config file and in the last image you can read some of the ones in the file we copied (cp) over.

Besides being able to read things better know I also like it when the cursor is in t he same place from the last time I was in the file. Another on on the top of the list is the ability to scroll the cursor with me mouse.

Play around with the file, you can always delete it and start from the beginning again if you mess it up to bad.[/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]

Open Source Software in Digital Forensics

The purpose of this research paper is to research information on open source digital forensic tools that are assess-able for free, usually online. To review types of digital forensic tools available and what they do. The basic definition of what open source and digital forensics is will be defined, and how Open Source Software (OSS) digital forensic tools can help accomplished data retrieval. The pros and cons of why OSS should be considering as a viable digital forensic tool-set is also covered.

Digital Forensics and Incident Response and Tools

Digital forensics and Incident Response (DFIR) is the method of investigating and analyzing data information for the purpose of presenting, an ordered report that shows a chain of evidence to find out what happened on a computer and who was responsible, to a court of law. SearchSecurity. (September 2004). DFIR is being more commonly used as more and more people use computers in their daily life, from smart phones, game stations, and laptops. DFIR can help convict anyone of any crime that involved a computer, wither it is prostitution, child pornography or a white collar crime like embezzlement.

DFIR Tools are the free and proprietary applications used by DFIR experts to retrieve the results to hand over to the legal system. They allow investigators the ability to examine the contents of the hard drive without making changes to the data held within. Information that is retrieved can come from deleted files, encrypted, or damaged files SearchSecurity. (September 2004).

Open Source Software

Open Source

Some things are priceless.

Open Source Software (OSS) is a set of practices used to collaborate with software source code that has been made freely available through copywriting laws. It is also commonly known as FOSS (Free Open Source Software), although most OSS is free, not all is but for this research paper I will be covering mostly the free version of OSS. Individuals separated can come from diverse cultural, corporate boundaries, language and other characteristics in order to work together to create complex, non-proprietary software. Software is open sourced when it is free to redistribute, the source code is redistributed with it as well as in compiled mode. The open source licensing was created to make the source code of a program readily available to anyone that requests it. By making the source code available for anyone, it helps in developing stable software because the whole community is able to create changes and redistribute their own version of the software. Open source software protects the original author of the software, does not discriminate in anyway on how it can be used, cannot be specific to a product or software, cannot restrict other software and has to be technology neutral (open source, n.d.). There are several variants of the open source licensing contract that can be reviewed at opensource.org (http://www.opensource.org/licenses/category).

Some of the more widely known open source licenses cover the GNU(Graphic environment of sever Linux desktops), Mozilla (Firefox, Thunderbird), MIT, BSD (like Unix), and Eclipse (Eclipse IDE). Because of the lack of dependency on software vendors, open source software allows the software to transform and morph into potentially anything the users and developers need the software to do. It gives users the freedom to use it when they want, how they want and on their own terms.

Why OSS DFIR Tools

Open Source digital forensic tools addresses specific gap in forensic capabilities of proprietary DFIR tools.  The tools range for analyzing memory dumps, disks, network traces, cell phones, and memory images from game consoles. Besides the fact that some of the tools focus on one specific area of digital forensics of the incident response building, make them invaluable to some investigators who find the complete packaging of some DFIR proprietary tools cumbersome and lacking in some areas.

Financially, companies and governments are always looking for ways to cut budget costs that is the same for DFIR investigators trying to find work. An investigator using DFIR tools can offer a lower price to customers than a person that has to forward the expensive cost of proprietary tools to the customer. Even law enforcement that has an easier time justifying expenses to budget reports in other departments like traffic enforcement, and drug trafficking. Because of the high cost involved in proprietary applications, the follow up cost for updates may be neglected, leaving the software antiquated and not viable in future investigations.

Legally procedures for finding digital evidence need to be defended in court as being testable, published under peer review, show the possible error rate, and are marginally accepted in the relevant scientific community. Because proprietary tools are closed source and the companies offering the tools do not what to acknowledge mistakes in their software, it makes a case all by itself for choosing OSS digital forensic tools during investigation. OSS allows the source code to be evaluated, tested and error rates to be traced. OSS tools are also greatly accepted by the DFIR community (Carrier, 2002). As Brian Carrier, (Carrier, 2002) reported, “The digital forensic market should not be approached in the same way that other software markets are. The goal of a digital forensic tool should not be market domination by keeping procedural techniques secret.” While Carrier may be a little bias since he developed most of the code in Sleuth Kit, Autopsy, and mac-robber, his experience in digital forensic just proves the fact that it is important to keep OSS DGIR tools in mind.

Counterproductive to this paper, it is important to note that there usually is a larger learning curve when dealing with OSS DFIR tools since some run from command prompts and from Nix (Linux, Unix, BSD) operating systems. Also since they usually focus on one component of DFIR, it requires several different applications that need to be tied together to build a report. Because some of the tools take a lot of time to college and arrange data for a report it is sometimes better to use in a lab then in the field.

Conclusion

While open source digital forensic  tools are abound, and you can take advantage of all of them while  avoiding paying fees for commercial products, there are several good commercial tools that are available also. Because digital forensics is such a vast field of study, it is important to not rely on just one set of tools and to research and test other methods to discover and fight anti-forensics.

Good luck with any future digital forensic test cases you attempt, please make sure that it is done ethically and legally.

More information on OSS DFIR tools can be found at sites like IEEE, open source references at the National Institute of Technology (NIST), the National Software Reference Library (NSRL) form NIST, and government studies and college studies on OSS alternatives in DFIR. Additionally there is a growing amount of information from personal websites and OSS developers on DFIR that may be useful. I totally agree with Schneier (2010), that we, “would encorage everybody to download and learn the tools not just because they can do forensics but because most of them can also be used for other things such as finding things in memory and hard drives that should not be there which many AV tools cannot do and to help put systems back together again.”


Future Note: I plan to compare and contrast some of the more common tools that I will continue to study.References

References

Carrier B, (2012). Slueth Kit. Retrieved 4/15/2012. From http://www.sleuthkit.org/sleuthkit/index.php

Cmihai. (October 2007). UNIX System Administration: Solaris, AIX, HP-UX, Tru64, BSD. Retrieved 4/27/2012, from http://blog.boreas.ro/2007/10/digital-forensic-tools-imaging.html

DFF (n.d.) Open Source Digital Investigation Framework. Retrieved 4/17/2012, from http://www.digital-forensic.org/

Forristal, J., Shipley G.. January 8, 2001. Vulnerability Assessment Scanners. Network Computing. http://www.nwc.com

LinuxLinks (n.d.) 6 of the Best Free Linux Digital Forensics Tools, retrieved 4/5/201. From http://www.linuxlinks.com/article/20110115103656314/DigitalForensics.html

Nikkel, B. (June 2012) Practical Computer Forensics using Open Source tools, retrieved 4/23/2012, from www.digitalforensics.ch/nikkel08.pdf

Open Source. (n.d.) The Open Source Definition. Open Source Initiative. Retrieved from http://www.opensource.org/docs/osd

Open Source Digital Forensics (n.d.) Tools, retrieved 4/5/2012 

Schneier B.. (December 2010), Open Source Digital Forensics. Retrieved 4/6/2012. From

SearchSecurity. (September 2004). computer forensics (cyberforensics). Retrieved 5/4/2012. From http://searchsecurity.techtarget.com/definition/computer-forensics

[/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]