Category Archives: IT

Wrong user connecting to samba share

Our home network includes 2 servers in the basement. Both run Ubuntu 10.04 (Lucid) server. The older is primarily used as a web server. The newer is used mainly for NAS. When I’m completely happy with the new server I’ll add a web server, transfer our websites, then retire the old server. Both run Samba 3.4.7

The Samba server on the new server worked fine but I was using quick and dirty shares like this:

[storage]
force user = root
writeable = yes
path = /storage
write list = steven

Using ‘force user = root’ is pretty sloppy but it works if I am the only user and I can’t be bothered sorting out linux permissions on the server. After a few days I needed to fix up the samba permissions so our other windows PCs could access the samba shares for file sharing and backing up. So I needed to:

  • make sure the unix users have the correct directory and file permissions
  • the corresponding samba users exist and have the same passwords
  • the Windows hosts and users are set up correctly
  • that is, Linux user <=> Samba user <=> Windows user

All went ok except for one thing: one of the other PCs always (or mostly) connected to the samba server as me. This was a problem because I wanted write access for myself for all the samba shares but I wanted the other PC to have read only access to some of the shares (videos, music etc) but write access to others (eg backup). The samba log reported that the correct host was connecting but the incorrect user. If I deleted my Samba user then the PC would connect to the correct Samba user. Then when I recreated my samba user the PC would again connect as me, which is the incorrect user for that PC.

I tried many fixes, such as

  • created new windows users on various windows PCs – all were able to access the samba shares
  • reinstalled Samba and changed the password backend from smbpasswd to tdbsam
  • at the same time I was sometimes having trouble browsing the shares from all Windows boxes so I disabled the WINS server and instead configured all network IPs manually using hosts/lmhosts files.

At last today I figured it out. Of course the problem was with Windows rather than with Samba or Linux. At some stage I must have logged in to my samba user from the other PC and windows remembered that username and password. Despite numerous restarts and logouts and occassionally connecting to the correct samba user (when mine was not available) windows remembered my username and used it when possible. The solution was “to delete stored user names and passwords“.

Ransomware Trojan

On Saturday the boys’ PC got a bad virus, specifically a type of malware called Trojan.Ransomware. ‘Ransomware’ refers to the technique of holding a PC hostage until a ransom is paid. In practice it is more subtle than it sounds. In our case the PC boots to the normal Windows 7 login screen. When a user enters their credentials they get a full screen error message:

System process at address OxE4783995 have just crashed,
please follow these steps to deactivate it from your system.
1. Call one of the following numbers:
0088213090413
00261221000186
0037190100546
0088213240069
0025270701161
00263778289408
2. Wait for the answer and write down your deactivation key
3. Enter the deactivation keyreceived by phone, click “Next” to continue

Of course this is a bogus error message, but what is the point of making you call these numbers? Well apparently they are international premium service numbers which attract very high charges. You get a recorded message saying hold the line, during which time  you get charged for the wait. Somehow the scammer benefits financially.

During my googling I discovered many variations but this guy seemed the closest. I also found a solution  but it didn’t work for me. I got into windows recovery mode and tried making the suggested registry edits but the changes made by our trojan were quite different. Also it had not created a new user with a numerical username (eg C:\users\Michael\22997148\22997148.EXE). I found some information about related trojans that make multiple registry changes similar to what I was finding but after a while I decided it was easier to reinstall Windows 7 – I’d only rebuilt this PC a few weeks ago so there was not much software on it yet. Luckily I’d used a system partition and a data partition so I could leave the docs, music etc untouched.

Ubuntu server with a lightweight GUI

It would be nice to configure and maintain our home webserver from the command line but I just don’t have the time. I don’t do enough of it to become proficient – I only rebuild our web/storage server every couple of years and I don’t do a whole lot to it between rebuilds.

In the past I have attempted it but I always end up installing Webmin and maintaining it headless from another PC on our home network. And recently I’ve given up altogether and installed a lightweight GUI as well.

The Lubuntu lightweight desktop can be installed onto other Ubuntu versions such as Ubuntu server. My last build went like this:

1) Install Ubuntu server 10.04 LTS (Lucid Lynx) Include LAMP + Postfix + Samba during setup

2) Install Lubuntu desktop

the add-apt-repository command requires Python so first:

sudo apt-get install python-software-properties

then add the Lubuntu repo and install:

sudo add-apt-repository ppa:lubuntu-desktop/ppa
sudo apt-get update
sudo apt-get install --no-install-recommends lubuntu-desktop

3) Install Webmin (using APT)

Webmin is not part of the Ubuntu repos so it must be added manually. Edit the APT sources list so that Webmin will be installed and kept current. The file should be here:

/etc/apt/sources.list

add this line:

deb http://download.webmin.com/download/repository sarge contrib

As root enter these commands:

cd /root
wget http://www.webmin.com/jcameron-key.asc
apt-key add jcameron-key.asc

now install Webmin:

apt-get update
apt-get install webmin

Our home network

For a number of years I have networked our home PCs. I did it for the usual reasons: to share devices like printers and storage, and resources like internet access and media files. I think my enthusiasm peaked in about 2002 while I was doing a Cisco networking subject at UTS. But over the last few years I have tried to take a more pragmatic approach. I stick with regular consumer hardware and software and I try not to indulge my IT excesses. If I can justify it I still like to configure things manually but I no longer collect junk for repair and improvement.

Our current network comprises:

  • 3 PCs running Win XP +SP3,
  • 1 web/storage server running Ubuntu 9.04
  • 1 laptop running Win XP +SP3
  • 1 PS3
  • 2 mobile phones with wifi

The PS3, laptop and 1 PC connect wirelessly. 2 PCs and the server use fast ethernet cables. I also incorporate an 8-port switch for ease of cabling and to accomodate workbench projects.

Until last week I was using a Dynalink RTA1025w wireless modem/router connected to Exetel dynalinkADSL2. It had performed well for a few years but in recent months our net access was getting flaky. Everything still worked and it synched at 12 Mbps but anything that required a consistent connection seemed slower. I had a look inside the Dynalink and sure enough some caps were swollen. I replaced them but it only lasted for a day after surgery. Maybe my soldering was sloppy or maybe it was just a very cheap PCB.

speedstream_0To maintain our net access while I decided what to do I installed a Siemens Speedstream 4200 ADSL modem. I have two of these in the workshop. They are very simple WAN/LAN modems with only 1 LAN port and used to be given away by Optus and Telstra as part of broadband package deals. Many people immediately replaced them with a multiport modem/router so there are lots of these sitting around in unused condition. It performed really well. It’s abililty to route is almost non-existent but it is a great little modem. For a weekend we just had the Speedstream plus the switch operating with our wired PCs and there was a clear improvement over the recent performance of the Dynalink.

I decided to keep the Speedstream and add a separate wireless router. A few months ago my Mumrt-n11_0 got a laptop and I suggested they add a wireless router to their cable modem. I picked the ASUS RT-N11 and it proved to be good value, easy to set up and reliable. So I bought another for us.

Here is what I did:

  • installed the latest generic firmware on the Speedstream. Optus and Telstra both produced firmware for use with this modem but I didn’t want any provider-specific features or settings confusing my setup. Firmware and lots of info about this modem is available from http://www.modemsupport.com.au/ [This site seems to be down at the moment, 18 May 2013, so try this for more info: http://shadow.sentry.org/~trev/4200.html]
  • here are some instructions for bridging the Optus version
  • put the Speedstream into bridge mode, so that all incoming packets are just sent to the Asus router. (Note that while in bridge mode the web configuration utility is not available so if you want to leave bridge mode you need to reset the modem to factory defaults and start configuration from scratch). I found a few different procedures for entering bridge mode. I read this whirlpool post but ended up following this HOWTO written by Jacob Comber. Except that my modem with generic firmware has IP 192.168.1.1 and not Telstra’s version with 10.0.0.1 That made things a little easier later because all the devices on my LAN have manually set IPs in the 192.168 subnet.
  • After setting the modem to bridge mode I just connected the RT-N11 to the modem and to my PC and went through the router’s web setup utility.

For the record this is how to return the 4200 to factory defaults:

  1. Using the tip of a ballpoint pen or unfolded paperclip, press and hold the Reset button located on the bottom of the modem. The pwr LED will blink red once, indicating that the reset has begun.
  2. Continue depressing the Reset button for four seconds or until the pwr LED begins to blink alternating red-to-green.
  3. Release the Reset button.

Postscript

In October 2012 to improve wifi coverage and to give me more control I bought an ASUS RT-N16 to replace the RT-N11, which I’ll keep as a spare.