ffmpegx requires Rosetta to install?

Posted on February 9, 2011 by

Not exactly.

Apparently a non-universal version of gnutar was bundled with the app, you can work around this by going into the terminal and doing the following:

cp /usr/bin/gnutar  /Applications/ffmpegX.app/Contents/Resources/
Posted in Mac | Leave a comment

Repost: Installing SSHBlack on MacOS X 10.4

Posted on February 9, 2011 by
This was originally posted in July 2007 and has been rescued from my old WordPress sql dump file.

Like many Mac OS X users I have punched a hole in my firewall to allow remote ssh access to my home machine.  One day, I was working on my (ancient) computer and noticed there was a pretty heavy spike in CPU usage, as well as incoming network traffic.  After some brief searching, I found I was under an ssh brute force attack.  Now, these attacks are very common to any Internet facing ssh server.   However, given the load my tired old G4 450 is under, I want every cpu cycle I can get.  A quick google search turned up sshblack, a nifty perl script that will look at yoursshd log files and ban attacking IP addresses.  Browsing through the documentation only showed config examples for linux & FreeBSD, but I figured it had to be possible to use this on OS X.  I’ve used Tiger’s built in firewall, ipfw, in the past so I figured that would be included in our block/unblock rules.

After a few minutes I found the magic bullet:

my($ADDRULE) = '/sbin/ipfw add deny all from ipaddress to any';
my($DELRULE) = 'ipfw delete `ipfw show | grep ipaddress | awk \'{ print $1 }\'`'

(The delrule should be all on one line, unfortunately, it is wrapping on my display.  It should copy & paste ok though….)
We also have to change the log to monitor to:

my($LOG) = '/var/log/secure.log';

The included documentation explains the other user parameters of the script.

Next I wanted to get it to launch at startup.  I probably could have just thrown a quick “/usr/local/bin/sshblack28.pl &” entry into /etc/rc.local, but this is OS X, so why not take advantage of Tiger’s launchd?  Using Lingon I was able to create a Launch Daemon to handle the loading at startup very quickly. [Edit: It appears Lingon is no longer free] You can copy plist file below.  (You’ll need to save it to a text file named sshblack.plist and move it to /Library/LaunchDaemons, and you might also need to modify the program arguments string to point to your path to the sshblack file. )

So there it is, my instructions on how to setup sshblack on OS X.  Clear as mud, eh?  The real key is getting the add & delete rules setup properly.  As a disclaimer, its been a while since I actually installed this so my memory may be very fuzzy at this point.  Anyhoo, hopefully this will help *someone* out there…

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
 <key>Label</key>
 <string>sshblack</string>
 <key>ProgramArguments</key>
 <array>
 <string>/usr/local/bin/sshblackv28.pl</string>
 </array>
 <key>RunAtLoad</key>
 <true/>
 <key>ServiceDescription</key>
 <string>Monitors /var/log/secure.log for ssh brute force attacks</string>
</dict>
</plist>
Posted in Mac | Leave a comment

Running psshutdown as a non-interactive user

Posted on December 20, 2010 by

ProTip:  when using psshutdown as a non-interactive user, be sure to add the unadvertised -accepteula switch to the arguments.

Posted in Windows | Leave a comment