Author: Hidden User

VSFTPD Error “500 OOPS: reading non-root config file”

After setting up a new Linux server I kept getting the following error whenever I tried to upload something with the VSFTPD ftp service:

500 OOPS: reading non-root config file

It turns out that I had the following setting in the /etc/vsftpd/vsftpd.conf file:

user_config_dir=/etc/vsftpd/virtual_users

I commented out that setting and restarted the vsftpd service and the problem went away. I then checked to make sure I had spelled the “user_config_dir” directory name correctly and it turns out that I had created the directory with the name “virtual_user” without the “s” at the end. So that error appears to be caused by the “user_config_dir” not being present or accessible to the VSFTPD service. If you get this error make sure the directory you specify for the “user_config_dir” exists and is accessible.

How to Enable Open Directory Debugging

By default the MacOS X Open Directory debugging log file is disabled. You can temporarily reenable it by running the following command in the Terminal app:

sudo killall -USR1 DirectoryService

After you reboot, debugging will be disabled again. If you want to enable Open Directory debugging so that it stays enabled across reboots, run the following command in the Terminal app:

touch /Library/Preferences/DirectoryService/.DSLogAtStart

To disable debugging again just delete that file:

sudo rm /Library/Preferences/DirectoryService/.DSLogAtStart

The debugging log file is located at:

/Library/Logs/DirectoryService/DirectoryService.debug.log

Declassified NSA Document Which Reveals the Story Behind the Discovery of TEMPEST

The NSA recently declassified a document which revels the story behind how the United States first discovered the security threat of TEMPEST. TEMPEST is defined in Wikipedia as:

TEMPEST is a codename referring to investigations and studies of compromising emanations (CE). Compromising emanations are defined as unintentional intelligence-bearing signals which, if intercepted and analyzed, disclose the information transmitted, received, handled, or otherwise processed by any information-processing equipment.

The concept of TEMPEST is fairly simple. Basically every electronic device emits an electrical transmission while in use. These electrical transmissions are similar to radio waves in that you can build something that can receive and process these transmissions like how a car radio receives a radio station’s broadcast. Every electronic device due to the way the electronic components are laid out in the device emit unique signals. So if you can find a similar electornic device you could map out what signal a device emits for any action performed on that device. For example, say when you press the “W” key on your keyboard it sends a signal through your keyboard wire to your computer and this signal has a frequency of 1Hz. Then when you press the “Y” key on your keyboard the signal sent though the keyboard wire is 2Hz.  Then someone in theory who already knows that the particular model of keyboard that you are using has this signal behavior could stand somewhere near your desk and determine what you are typing on your keyboard based on the electrical signals traveling through the air which are being emitted from the wire going from your keyboard to your computer. Now these electrical signals being given off by devices are usually VERY weak and a person would have to be standing very close to receive and decode them so you are relatively safe in this regard but it is something to consider if you are processing extremely sensitive information. Supposivly there are techniques to pull these electrical signals from power lines since in theory if your computer is plugged into the power outlet in your wall then the electrical signals from your computer are being leaked into the power line.

Here is a direct link to the NSA TEMPEST document: http://www.nsa.gov/public/pdf/tempest.pdf

A copy of the NSA document is also available on this web server at this link: nsa_tempest_a_signal_problem

How to Check if an Apache Module Has Been Loaded

Sometimes it is useful in the Apache configuration httpd.conf file to only apply configuration settings if a particular module has already been loaded. Or it is useful to load settings in the event an Apache module has not been loaded. Here is how to handle both cases:

<IfModule module_identifier>
  # do these Apache settings if the module has already been loaded
</IfModule>
<IfModule !module_identifier>
  # do these Apache settings if the module has NOT already been loaded
</IfModule>

Here are some examples:

<IfModule !php5_module>
  # If the PHP5 module has NOT already been loaded, load it
  LoadModule php5_module modules/libphp5.so
</IfModule>
<IfModule php5_module>
  # If the PHP5 module has already been loaded, then do these settings
  AddHandler php5-script .php
  AddType text/html .php
  DirectoryIndex index.php
</IfModule>

The module_identifier argument can be either the module identifier or the file name of the module, at the time it was compiled. For example, rewrite_module is the identifier and mod_rewrite.c is the file name. If a module consists of several source files, use the name of the file containing the string STANDARD20_MODULE_STUFF. You can read more about the <IfModule> Apache directive in the Apache documentation.