Jan 312015
 

So the openjdk in most linux distros has now been upgraded to v1.8. This has a good bug fix regarding the whole SSLv3 Poodle vulnerability.

This has one problem. The Dell DRAC remote management cards installed in a lot of Dell servers relies on SSLv3 to operate. Without this, you can get into the web interface – but when you get an error stating Error when reading from SSL socket connection and no further.

drac-ssl-error

Thankfully, it is simple to re-enable SSLv3 to allow the connection to succeed.

Open up /usr/lib/jvm/*/jre/lib/security/java.security in your favourite editor as root, and change the following line:
jdk.tls.disabledAlgorithms=SSLv3

to

jdk.tls.disabledAlgorithms=

This enables SSLv3 to all java applications – however it exposes yourself to the MITM attack as defined in CVE-2014-3566. I suggest having a read of the CVE to understand if you want to leave this setting as default on your system or disable it again afterwards.

Jul 062014
 

Recently, I’ve been looking at backup solutions to replace TSM. In my opinion, TSM is great for VERY large organisations, but versions beyond TSMv5 seem to be much more bloated than useful in smaller installs. There are a number of backup ‘solutions’ for Linux, however none seem to have a permanent and consistent state without doing various bits of magic.

I’ve moved all of this onto its own page so I can update things easier as the scripts evolve with feedback / ideas.

Mar 232014
 

I noticed recently that images I’d generated for the WD N600 / N750 weren’t booting properly. It seems from r39891 built on the 13th March that something changed causing the image to never actually work on the router after being flashed.

I spent a bit of time yesterday debugging this and now as of r40004 things are back in order and working correctly.

Sorry if this caught anyone out!

Sep 262013
 

After starting the wiki page on the WD N600 about 3 months ago, and posting about it in the OpenWRT forums, I’m proud to announce that OpenWRT is now supported on the WD N600.

I installed the luci web interface, configured it up and installed some basic tools, and the following is still available:

Filesystem                Size      Used Available Use% Mounted on
rootfs                   12.5M      1.2M     11.3M   9% /
/dev/root                 1.8M      1.8M         0 100% /rom
tmpfs                    61.7M    880.0K     60.9M   1% /tmp
/dev/mtdblock7           12.5M      1.2M     11.3M   9% /overlay
overlayfs:/overlay       12.5M      1.2M     11.3M   9% /
tmpfs                   512.0K         0    512.0K   0% /dev

Its quite a capable CPU:
# cat /proc/cpuinfo
system type : Atheros AR9344 rev 2
machine : WD My Net N600
processor : 0
cpu model : MIPS 74Kc V4.12
BogoMIPS : 278.93
wait instruction : yes
microsecond timers : yes
tlb_entries : 32
extra interrupt vector : yes
hardware watchpoint : yes, count: 4, address/irw mask: [0x0000, 0x0ff8, 0x0ff8, 0x0ff8]
isa : mips1 mips2 mips32r1 mips32r2
ASEs implemented : mips16 dsp dsp2
shadow register sets : 1
kscratch registers : 0
core : 0
VCED exceptions : not available
VCEI exceptions : not available

# dmesg | grep MHz
[ 0.000000] Clocks: CPU:560.000MHz, DDR:480.000MHz, AHB:240.000MHz, Ref:40.000MHz

See the wiki page for installation instructions!

EDIT: It seems there are some issues with previous builds that can cause wifi to drop out after periods of time. I’ve built r38259 of OpenWRT Barrier Breaker (trunk) that in theory is patched to stop this from happening. Testing is still ongoing and feedback is appreciated…

Download it here:
openwrt-ar71xx-generic-mynet-n600-squashfs-sysupgrade.bin – Updated to r38362 on 11/Oct/2013