Archive

Articles taggués ‘Mac OS X’

Simple Tor Setup on Mac OS X

01/02/2023 Comments off

Source: kremalicious.com – 

There’re many reasons you might want to browse anonymously which can be accomplished by using Tor. The setup instructions on Tor’s website are quite scattered and outdated so here’re some steps to setup Tor on OS X with a simple automated script at the end.

I’m using OS X Yosemite (10.10) for the following instructions but it should work on almost any OS X version.

Tor Browser

The most simple way to surf anonymously with Tor is to just grab the Tor Browser bundle.

But it’s based on a super old version of Firefox. And there might be more you want to do anonymously on your machine than just browsing the web, like accessing resources via the Terminal or any other app. Or just use the browser you’re used to.

For this you need to have Tor installed on your system and additionally set specific Proxy values in your network preferences after you’ve started Tor.

Install Tor

Contrary to the weirdly outdated install instructions on Tor’s website (hey, remember Macports?), installing Tor on Mac OS X is super simple with Homebrew.

In your Terminal execute:

brew install tor

Then you can start it up by running:

tor

Congratulations, you now have Tor running on your system. But none of your network traffic is routed through it yet.

In order for all your system traffic being routed through Tor you need to adjust your system’s network proxy settings whih you can either do visually in the System Preferences or programmatically via OS X’s builtin networksetup.

Set network proxy settings via System Preferences

You can do this under System Preferences > Network and creating a specific Tor network location for it:

  1. From Location dropdown at the top, select Edit Locations…
  2. Create a new location by hitting the plus button and name it Tor. Hitting Done will select the new location which is now ready to be configured
  3. Go to Advanced > Proxies and activate SOCKS Proxy and add those values:
  • SOCKS proxy server: localhost
  • Port: 9050

tor-osx-proxy

After hitting OK & Apply at the initial network screen, you can easily switch to this newly created location from your menu bar under  > Location whenever you start up Tor.

Switching to the Tor location routes all network traffic on your system through Tor. Note that you have to repeat those steps for every other network interface if you use, say, Wi-Fi and Ethernet interchangeably.

Lire la suite…

Categories: Réseau, Système Tags: , , ,

HowTo: Make Ubuntu a Perfect Mac File Server and Time Machine Volume

31/01/2023 Comments off

ubuntu time machineFor quite some time I use my Ubuntu machine as a file and backup server for all Macs in my network which is perfectly accessible from the Finder in Mac OS X. There are some instructions available in the web for this task but all failed in my case so I wrote my own tutorial with all the steps needed for it to work properly.

So here’s my little Tutorial for connecting Mac OS X Leopard with Ubuntu and using your Ubuntu machine as a backup volume for Time Machine but all steps can be reproduced on every Linux box and they work with Mac OS X 10.4 Tiger too. At the end of this tutorial you will have a server which shows up in the Finder sidebar and behaves just like a Mac server when accessing it from your Macs. To be perfectly integrated with Mac OS X we’re going to use Apple’s Filing Protocol (AFP) for network and file sharing.

Although this Tutorial involves using the Terminal in Ubuntu and looks a bit geeky it’s very easy even for beginners. I have tried to explain all steps and Terminal commands so you may learn a bit about the Terminal too. At the end of the article you can download my Server Displays icon pack quickly made by me with custom icons for a Mac, Ubuntu and Windows server.

Personally I use a fresh installation of Ubuntu 8.04 Hardy Heron Desktop version (32bit on one machine, 64bit on the other) and Mac OS X Leopard (10.5.3 and later) to connect to them. On my Ubuntu boxes there’s no other file sharing protocol like samba (Windows sharing) or NFS activated.

Rumors are Apple will add some undocumented AFP commands with the Mac OS X 10.5.6 update which therefor won’t be supported by the current Netatalk package (and maybe never will). So be sure to check the latest comments on this article when the 10.5.6 update is out to see if this rumor is true and if there are problems caused by that.

Here are the steps involved in setting up your Ubuntu box as a Mac file server:

  1. Modify and install Netatalk (Open Source AFP implementation)
  2. Configure Netatalk
  3. Configure shared volumes (and Time Machine volume)
  4. Install Avahi (Open Source Bonjour implementation)
  5. Configure Avahi and advertise services
  6. Configure TimeMachine
  7. Conclusion, Problems and more informations
  8. Downloading and using the Server Display Icons
  9. Translations Of This Article

Lire la suite…

Categories: Système Tags: , , ,

How to Protect Yourself from NSA Attacks on 1024-bit DH

29/12/2022 Comments off

nsa attacksWhen NSA gets you worrying

In a post on Wednesday, researchers Alex Halderman and Nadia Heninger presented compelling research suggesting that the NSA has developed the capability to decrypt a large number of HTTPS, SSH, and VPN connections using an attack on common implementations of the Diffie-Hellman key exchange algorithm with 1024-bit primes. Earlier in the year, they were part of a research group that published a study of the Logjam attack, which leveraged overlooked and outdated code to enforce “export-grade” (downgraded, 512-bit) parameters for Diffie-Hellman. By performing a cost analysis of the algorithm with stronger 1024-bit parameters and comparing that with what we know of the NSA “black budget” (and reading between the lines of several leaked documents about NSA interception capabilities) they concluded that it’s likely NSA has been breaking 1024-bit Diffie-Hellman for some time now.

The good news is, in the time since this research was originally published, the major browser vendors (IE, Chrome, and Firefox) have removed support for 512-bit Diffie-Hellman, addressing the biggest vulnerability. However, 1024-bit Diffie-Hellman remains supported for the forseeable future despite its vulnerability to NSA surveillance. In this post, we present some practical tips to protect yourself from the surveillance machine, whether you’re using a web browser, an SSH client, or VPN software.

Disclaimer: This is not a complete guide, and not all software is covered.

Web Browser

To make sure you’re using the strongest crypto, you have to look at the encryption algorithms (or cipher suites) that your browser supports. There’s an excellent tool, How’s My SSL?, that will test your browser’s cipher suite support. The relevant area of the page is the bottom, Given Cipher Suites. You want to make sure that you don’t see the text “_DHE_” in the list of ciphersuites – although the Elliptic Curve variant of Diffie-Hellman, represented by suites with “_ECDHE_” is okay. It is important to note that there is a trade-off here: removing your clients support for “_DHE_” ciphers will eliminate the risk of this attack, but it may also remove Forward Secrecy support altogether for some sites. Here’s how to remove those “_DHE_” cipher suites if you still have them:

Firefox

(tested with 40.0.3)

Open a new tab, enter “about:config” into the location bar and hit the “Enter” key. If you get a warning page, click “I’ll be careful, I promise!” This will bring you to the Firefox configuration settings. In the search bar up top, type “.dhe_” and hit the “Enter” key. This should result in two settings being displayed: “security.ssl3.dhe_rsa_aes_128_sha” and “security.ssl3.dhe_rsa_aes_256_sha”. Double-click both of them to change the value from “true” to “false”.

ff

Now, if you refresh the How’s My SSL page, the “_DHE_” ciphersuites should be gone!

Lire la suite…

Convert HTML Page To a PDF Using Open Source Tool

10/12/2022 Comments off

Source: nixCraft

Do you need a simple open source cross-platform command line tool that converts web pages and HTML to a PDF file? Look no further, try wkhtmltopdf.

From the project home page:

Simple shell utility to convert html to pdf using the webkit rendering engine, and qt. Searching the web, I have found several command line tools that allow you to convert a HTML-document to a PDF-document, however they all seem to use their own, and rather incomplete rendering engine, resulting in poor quality. Recently QT 4.4 was released with a WebKit widget (WebKit is the engine of Apples Safari, which is a fork of the KDE KHtml), and making a good tool became very easy.

Software features

  1. Cross platform.
  2. Open source.
  3. Convert any web pages into PDF documents using webkit.
  4. You can add headers and footers.
  5. TOC generation.
  6. Batch mode conversions.
  7. Can run on Linux server with an XServer (the X11 client libs must be installed).
  8. Can be directly used by PHP or Python via bindings to libwkhtmltox.

A note about Debian / Ubuntu Linux user

You can install wkhtmltopdf using apt-get command:
$ sudo apt-get install wkhtmltopdf
$ sudo ln -s /usr/bin/wkhtmltopdf /usr/local/bin/html2pdf

Sample outputs:

[sudo] password for vivek:
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following NEW packages will be installed:
  wkhtmltopdf
0 upgraded, 1 newly installed, 0 to remove and 10 not upgraded.
Need to get 116 kB of archives.
After this operation, 303 kB of additional disk space will be used.
Get:1 http://debian.osuosl.org/debian/ squeeze/main wkhtmltopdf amd64 0.9.9-1 [116 kB]
Fetched 116 kB in 2s (49.4 kB/s)
Selecting previously deselected package wkhtmltopdf.
(Reading database ... 274164 files and directories currently installed.)
Unpacking wkhtmltopdf (from .../wkhtmltopdf_0.9.9-1_amd64.deb) ...
Processing triggers for man-db ...
Setting up wkhtmltopdf (0.9.9-1) ...

Lire la suite…

Categories: Logiciel Tags:

How to Prevent & Disable Mac OS X From Sleeping From the Command Line Terminal Application

04/12/2022 Comments off

Source: nixCraft

I’m running a process to complete backup and covert images in Mac OS X laptop. I do not wish to disable sleep manually from my OS X power options (Energy Saver). How do I temporarily prevent a Mac from sleeping while my process is still active in Mac OS X Unix operating systems? How can I prevent the system from sleeping temporarily from the command prompt?

You can use the caffeinate command. This command creates assertions to alter system sleep behavior. If no assertion flags are specified, caffeinate creates an assertion to prevent idle sleep.

Another option is to use the pmset command to manipulate power management settings.

caffeinate-osx-demo

Syntax

The syntax is:

caffeinate
caffeinate [options]
caffeinate [options] command

Lire la suite…

Categories: Système Tags: , ,