Migrate Plex Server - Ubuntu

 To migrate your Plex server to a new Ubuntu server, you can follow these steps:

1. Set up the new Ubuntu server:

Install Ubuntu on the new server and ensure that it is up to date with the latest updates and packages.

2. Install Plex Media Server:

On the new Ubuntu server, download and install the Plex Media Server package. You can obtain the latest version from the Plex website.

$ wget https://downloads.plex.tv/plex-media-server-new-version.deb
$ sudo dpkg -i plex-media-server-new-version.deb

Replace “new-version” with the actual version number you downloaded.

3. Stop the Plex Media Server service:

Use the following command to stop the Plex Media Server service:

$ sudo service plexmediaserver stop

4. Copy Plex data directory:

On the old Ubuntu server, locate the Plex Media Server data directory. The default directory is /var/lib/plexmediaserver/Library/Application Support/Plex Media Server/. Copy the entire directory to a temporary location.

$ sudo cp -R /var/lib/plexmediaserver/Library/Application\ Support/Plex\ Media\ Server/ /path/to/temp/location/

Replace /path/to/temp/location/ with the path to your temporary location.

5. Transfer data to the new server:

Copy the Plex Media Server data directory from the temporary location on the old server to the corresponding location on the new server.

$ scp -r /path/to/temp/location/Plex\ Media\ Server/ new-server-ip:/var/lib/plexmediaserver/Library/Application\ Support/

Replace new-server-ip with the IP address of the new server.

6. Set ownership and permissions:

On the new server, set the ownership and permissions for the copied Plex data directory.

$ sudo chown -R plex:plex /var/lib/plexmediaserver/Library/Application\ Support/Plex\ Media\ Server/
$ sudo chmod -R 755 /var/lib/plexmediaserver/Library/Application\ Support/Plex\ Media\ Server/

7. Start the Plex Media Server service:

Finally, start the Plex Media Server service on the new server.

$ sudo service plexmediaserver start

8. Verify and update settings:

Access the Plex web interface on the new server and ensure that all your media libraries, settings, and metadata are intact. Make any necessary updates or adjustments.

That’s it! Your Plex server should now be migrated to the new Ubuntu server. Remember to update any firewall or router settings, if necessary, to allow access to the new server.

Read More

Boot Ubuntu Server 22.04 LTS from USB SSD on Raspberry Pi 4

This is a guide for configuring Raspberry Pi4 to boot Ubuntu from external USB SSD drive instead of SD card. SSD drives are much faster than SD cards, more reliable and now lower cost than SD cards for larger memory sizes.Instructions for Ubuntu server 22.04 LTS are provided. Note that earlier versions of Ubuntu are much more difficult to configure for using external SSDs so I recommend using this latest Ubuntu release.

Requirements

Hardware used in this guide

• Raspberry Pi 4 with 8GB RAM
• 32GB micro SD card
• Kingston A400 120GB SSD
• StarTech SATA to USB adapter
• Eluteng SATA to USB adapter
• Adequate Power Supply due to additional SSD power consumption. (3.5A recommended)

Software used:

• Windows 10 or Windows 11 PC however guide will be similar for MAC and Linux Users.
• Raspberry Pi Imager (Balena Etcher is also a good tool for writing to SD cards)

NOTE: It turns out that there are a lot of SATA to USB adapters that do not work correctly when used to boot the Raspberry Pi. After many lost hours trying to get an incompatible cable to work I found this great resource on this topic with a database of know working cables.

James Chambers’ blog was also a great resource for writing other parts of this guide.

1. Upgrade bootloader firmware on Raspberry Pi 4

You need to make sure that the your Raspberry Pi 4 is running the latest bootloader firmware available. USB boot feature was enabled on the Pi 4 bootloader in the fall of 2020.

1. Use Raspberry Pi Imager V1.6 to install Raspberry Pi OS (lite version without desktop is best) on SD card
2. Copy empty text file called ssh.txt onto the system-boot partition of the SD card. Remove SD card from PC and insert into Raspberry Pi
3. SSH into Pi
   Default user: pi
   default password: raspberry
4. Make sure you have the latest kernal updates. This will take several minutes
   sudo apt update && sudo apt full-upgrade -y
5. Restart Pi to apply updates
   sudo reboot
6. SSH into Pi
7. Your Pi may currently be configured to use critical or stable bootloader releases. Normally I configure it to use the stable releases. Open file and change the FIRMWARE_RELEASE_STATUS entry to stable.
   sudo nano /etc/default/rpi-eeprom-update
8. Check bootloader firmware version
   sudo rpi-eeprom-update

If bootloader is out of date you will see something like this:

BCM2711 detected
Dedicated VL805 EEPROM detected
*** UPDATE AVAILABLE ***
BOOTLOADER: update available
CURRENT: Thu 16 Apr 17:11:26 UTC 2020 (1587057086)
 LATEST: Thu  3 Sep 12:11:43 UTC 2020 (1599135103)
 FW DIR: /lib/firmware/raspberrypi/bootloader/stable
VL805: update available
CURRENT: 000137ad
 LATEST: 000138a1

If bootloader is up to date you will see something like this:

pi@raspberrypi:~ $ sudo rpi-eeprom-update
BCM2711 detected
Dedicated VL805 EEPROM detected
BOOTLOADER: up-to-date
CURRENT: Thu  3 Sep 12:11:43 UTC 2020 (1599135103)
 LATEST: Thu  3 Sep 12:11:43 UTC 2020 (1599135103)
 FW DIR: /lib/firmware/raspberrypi/bootloader/critical
VL805: up-to-date
CURRENT: 000138a1
 LATEST: 000138a1

7. Update bootloader if it is out of date
   sudo rpi-eeprom-update -a
8. Restart Pi to apply updates
   sudo reboot 
9. Check to see if update was applied
   sudo rpi-eeprom-update

2. Select Boot Device Preference

The default boot setting on our Pi is likely to boot off of SDcard only. We are going to change this so it cycles between trying to boot from SDcard first and then from external USB drive if SD card boot fails.

SSH into the Pi OS installation that you used to upgrade the bootloader in step 1.

1. run raspi-config utility
   sudo raspi-config
2. Select option 6 Advanced Options
3. Select option A6 Boot Order
4. Select option B1 USB Boot
   You should get pop up window that says “USB device is default boot device”
5. select ok
6. select finish and select Yes when asked if you would like to reboot now.
   the Pi should reboot like normal. Start SSH session to confirm
7. shutdown Pi
   sudo shutdown now

3. Install Ubuntu Server 22.04 LTS on USB 3.0 SSD

USB booting Ubuntu Server 22.04 LTS is very simple now with the latest Pi bootloader.

1. Connect SSD to PC via SATA->USB cable
2. Download Ubuntu Server 22.04 LTS 64bit
   https://ubuntu.com/download/raspberry-pi
3. Use Raspberry Pi Imager V1.6 or Balena Etcher to write Ubuntu Server 22.04 LTS on the external SSD.
   Be very careful when selecting the drive number that you choose the correct external drive and not your internal computer hardrive!
4. Connect the SSD to the USB3 port(blue) on the Pi4.
5. Make sure SDcard used previously to update the bootloader has been remove
6. Power up the Pi. If everything is good the USB boot should work.
7. SSH into Pi to confirm boot
   Default user: ubuntu
   default password: ubuntu

Read More

Advantages Disadvantages of using Proxy vs VPN vs TOR vs TOR and VPN together.

 What makes you truly anonymous and leaves next to no trace on the internet? In this post, I will discuss the advantages and disadvantages of Proxy vs VPN vs TOR vs TOR and VPN together.

The 

Internet is a huge and gravely important part of our life these days. It is not anymore so simple “I will find your IP address (and DoS you)” and thus anonymity has become more complex as surveillance became more probing than ever. As more and more things are connected to the ‘Web’, you can potentially expose more info, exploit more, protect more, or plunder more than ever. It is very important to be able to monitor and surveillance effectively and at the same time, it is very important to be able to bypass surveillance and monitoring. Why that’s an entirely different philosophical discussion and I will simply leave that to the user's imagination. Understanding Proxy vs VPN vs TOR vs TOR and VPN together is important as these are the main methods used for anonymity.

If you are wondering how you can browse the web anonymously, you will be happy to know that there are numerous different methods guaranteeing that nobody is ever going to track you down and threaten you digitally. However, not all of these methods are equally effective and qualitative and this is what has led us to this article.

In this article, I will discuss the pros and cons of using methods like:

1. Proxy,
2. VPN
3. TOR and
4. TOR and VPN together.

This article will benefit you greatly if you are a mafia Whistle-blower or a dissident living under a regime in which it would be very dangerous to be caught performing a certain activity (such as writing political blogs) and such.

What is a Proxy?

A proxy directs your traffic via another computer instead of your own. While there are public and private proxy servers, only private proxies, usually paid, provide any type of stability or reliability.

SOCKS vs HTTP Proxy

A SOCKS server is a general purpose proxy server that establishes a TCP connection to another server on behalf of a client, then routes all the traffic back and forth between the client and the server. It works for any kind of network protocol on any port. SOCKS Version 5 adds additional support for security and UDP. The SOCKS server does not interpret the network traffic between client and server in any way, and is often used because clients are behind a firewall and are not permitted to establish TCP connections to servers outside the firewall unless they do it through the SOCKS server. Most web browsers for example can be configured to talk to a web server via a SOCKS server. Because the client must first make a connection to the SOCKS server and tell it the host it wants to connect to, the client must be “SOCKS enabled.” On Windows, it is possible to “shim” the TCP stack so that all client software is SOCKS enabled. A free SOCKS shim is available from Hummingbird at http://www.hummingbird.com/products/nc/socks/index.html.

An HTTP proxy is similar, and may be used for the same purpose when clients are behind a firewall and are prevented from making outgoing TCP connections to servers outside the firewall. However, unlike the SOCKS server, an HTTP proxy does understand and interpret the network traffic that passes between the client and downstream server, namely the HTTP protocol. Because of this the HTTP proxy can ONLY be used to handle HTTP traffic, but it can be very smart about how it does it. In particular, it can recognize often repeated requests and cache the replies to improve performance. Many ISPs use HTTP proxies regardless of how the browser is configured because they simply route all traffic on port 80 through the proxy server.

Proxy advantages

1. Proxies are like a Web Filter. The proxy settings are applied to your internet browser whether you’re using MSIE, Chrome, Safari, Firefox, etc.
2. When browsing the internet through a proxy server, all benefits with that server are used, for example, (Security, Speed, and Geographic Location).
3. The proxy will only secure traffic via the internet browser using the proxy server settings.

Proxy disadvantages

1. The primary proxy protocols in use today are SOCKS and HTTP/HTTPS. SOCKS and HTTP proxies provide no encryption, whereas HTTPS proxies offer the same level of encryption as any SSL website.
2. Proxies were not designed to protect all of your Internet traffic, usually only the browser.
3. Many proxies pass the user’s original IP address to the destination site, making them unsuitable for security or privacy conscious users.
4. Proxies must be configured separately for each application (email, browser, third-party apps) and some applications may not support them.

What is a VPN?

A Virtual Private Network is a network connection that enables you to create a secure connection to another location, thereby allowing you to appear as if you were in another place. Your computer creates an encrypted virtual tunnel to the VPN server and all of your browsing appears as if it is coming from the VPN server. All of the Internet traffic goes through this encrypted tunnel, keeping your data from being exposed to eavesdroppers between your computer and the VPN server.

Unlike a Proxy, a VPN service provider(Virtual Private Network) encrypts all of your traffic, replacing your ISP and routing ALL traffic through the VPN server, including all programs and applications. This also will use all benefits of the VPN server such as (Speed, Geopgraphic Location, and Security).
The VPN can be easily connected or disconnected with the click of a button.

VPN advantages

1. Fast – generally speaking you will see very little slowdown to your raw internet connection speeds when using a VPN service
2. Location spoofing is very easy – most VPN providers offer servers in many locations worldwide. Because connections are fast, VPN is ideal for streaming geo-restricted media content
3. Ideal for P2P filesharing – while many providers prohibit it, many are set up with filesharing in mind

VPN disadvantages

It is imperative that you choose a quality VPN service that does not store data or communications logs. In the event that a government agency demands the VPN provider to reveal logs, users would be exposed. Furthermore, it is important that the VPN service implements proper load balancing and server randomization so that users always connect to a different VPN server.

1. The VPN provider can see your internet activity – and in many countries is required by law to keep records of it, which may be handed over to the authorities or to copyright lawyers.
2. VPNs are also vulnerable to server raids by the police, in an effort to obtain the information they may contain. This is why it is vital to choose a provider who keeps no logs (and is in a position to keep this promise). Of course, even when a VPN provider promises to keep no logs, you must trust them to keep their word …
3. Costs money (although typically under $10 a month, or less if you buy in bulk)

What is Tor?

Tor is free software for enabling anonymous communication. The name is an acronym derived from the original software project name The Onion Router. Tor directs Internet traffic through a free, worldwide, volunteer network consisting of more than six thousand relays to conceal a user’s location and usage from anyone conducting network surveillance or traffic analysis. Using Tor makes it more difficult for Internet activity to be traced back to the user: this includes “visits to Web sites, online posts, instant messages, and other communication forms”. Tor’s use is intended to protect the personal privacy of users, as well as their freedom and ability to conduct confidential communication by keeping their Internet activities from being monitored.

Onion routing is implemented by encryption in the application layer of a communication protocol stack, nested like the layers of an onion. Tor encrypts the data, including the destination IP address, multiple times and sends it through a virtual circuit comprising successive, randomly selected Tor relays. Each relay decrypts a layer of encryption to reveal only the next relay in the circuit in order to pass the remaining encrypted data on to it. The final relay decrypts the innermost layer of encryption and sends the original data to its destination without revealing, or even knowing, the source IP address. Because the routing of the communication is partly concealed at every hop in the Tor circuit, this method eliminates any single point at which the communicating peers can be determined through network surveillance that relies upon knowing its source and destination. It is a decentralized system that allows users to connect through a network of relays rather than making a direct connection. The benefit of this method is that your IP address is hidden from the sites you visit by bouncing your connection from server to server at random, in essence, losing the trail.

Tor advantages

1. No-one can trace you to external IPs visited
2. Distributed network – almost impossible to shut down or attack in a meaningful way
3. Free

Tor disadvantages

While your data is encrypted along each of the relay nodes, the final connection point at the last relay in the chain can be compromised if the requested site does not use SSL. Tor has a known drawback of substantially slowing down your browsing because of the numerous hops your data is relayed through. For those concerned with the prying eyes of the government, Tor was created in conjunction with the U.S. Navy and is still used by many government agencies. Because Tor has been widely used by political dissidents, journalists, and even criminals, many governments are watchful of Tor users. This could potentially lead to you being earmarked as a criminal type and having all of your online activity monitored.

1. Very slow – because your data is randomly bounced through a number of nodes, each of which could be anywhere in the world, using Tor can be painfully slow.
2. Not suitable for P2P filesharing – while there is no way to stop you from using BitTorrent over Tor (and people do it) it is a) very slow, and b) very bad form as it slows down the entire network for every other user, for some of whom access to the internet via Tor may be of critical and possibly life threatening importance.
3. While it can, at a pinch, be used for location spoofing, Tor is a very fiddly and inefficient way to go about it. In addition to this, the slowness of Tor means that using the service to stream geo-restricted media services is unfeasible.

Tor and VPN together

The two can be used in conjunction with one another for an added layer of security, however this will dramatically slow down service due to Tor’s method of randomly sending the connection through many servers throughout the world. However, it is imperative to use a VPN so your data is encrypted in that a VPN is used to keep data secure. A VPN provider that does not keep logs is equally important.

The great advantage of Tor is that you do not need to trust anyone – your internet use is completely anonymised. However it is very slow, and largely as a consequence of this, it is not suitable for many of the most popular activities people want to use VPN for, such as filesharing and streaming geo-restricted media content.

As long as a trustworthy no logs VPN provider is used, then VPN is a very secure, consumer oriented privacy solution that provides much greater performance and flexibility than Tor can offer.

It should be noted that with either method users will suffer the combined speed hit of using both services together. There’s two variations of it:

Tor through VPN

In this configuration you connect first to your VPN server, and then to the Tor network, before accessing the internet:

Your computer -> VPN -> Tor -> internet

This is what happens when you use the Tor Browser (less safe) or Whonix (more safe) while connected to a VPN server, and means that your apparent IP on the internet is that of the Tor exit node.

Tor through VPN advantages

1. Your ISP will not know that you are using Tor (although they will know that you are using VPN)
2. If your traffic is being monitored by a malicious Tor exit node then it less likely that your VPN provider will keep logs than your ISP. It therefore provides an additional level of privacy, but not anonymity.

Tor through VPN disadvantages

1. A malicious Tor exit node will still be able to monitor your internet activity and trace it back to your VPN provider. Good VPN providers promise to keep no logs of users’ activities, and use shared IP addresses. If these promises are kept then this will provide a very effective second layer of protection, but it does rely entirely on trusting your VPN provider (as does regular VPN use).
2. Tor exit nodes are often blocked.

So basically, this configuration hides Tor use from your ISP, and if using a trustworthy logless VPN service can provide a meaningful extra layer of security. Unfortunately there is no way of ever guaranteeing that a VPN provider is 100 per cent trustworthy, and even the best of them can be compelled by a subpoena or court order to start real-time logging of an individual’s actions (although this would require that law enforcement is actively seeking that individual).

Journalist and whistleblowers who are only concerned about law enforcement in their own country, and are not facing an adversary with an international reach, should find this setup very effective if using an overseas VPN provider, but should remember that some governments are not above taking extra-legal measures to obtain the information they want.

VPN through Tor

This involves connecting first to Tor, and then through a VPN server to the internet:

Your computer -> encrypt with VPN -> Tor -> VPN -> internet

This setup requires you to configure your VPN client to work with Tor, and the only VPN providers we know of to support this are the excellent AirVPN and BolehVPN. Your apparent IP on the internet is that of the VPN server.

VPN through Tor advantages

1. Because you connect to the VPN server through Tor, the VPN provider cannot ‘see’ your real IP address – only that of the Tor exit node. When combined with an anonymous payment method (such as properly mixed Bitcoins) made anonymously over Tor, this means the VPN provider has no way of identifying you, even if it did keep logs.
2. Protection from malicious Tor exit nodes, as data is encrypted by the VPN client before entering (and exiting) the Tor network (although the data is encrypted, your ISP will be able to see that it is heading towards a Tor node).
3. Bypasses any blocks on Tor exit nodes.
4. Allows you to choose server location (great for geo-spoofing).

VPN through Tor disadvantages

1. None really, apart from the speed hit, and that setup can be a little more complex.
2. Slightly more vulnerable to global end-to-end timing attack.
3. To access Tor hidden services you need to run the Tor browser. This introduces yet another layer of obfuscation, but will slow the connection down even further.

As you can see, this is by far the better configuration. With care, you can maintain true anonymity while benefiting from the extra layer of protection afforded by using VPN (with the side-benefit of not suffering from blocked Tor exit nodes.)

Conclusion

In conclusion, a proxy server is completely browser based, and is not as compatible with certain web pages that use non-browser technology. However, a VPN will work with ALL internet based services, but will offer less choice on which applications will get run through your ISP, as with the VPN, everything is routed through that server when connected.

Having all that in mind, if you are a mafia Whistle-blower, or a dissident living under regime in which it would be very dangerous to be caught performing certain activity (such as writing political blogs), then VPN through Tor is the ultimate safest solution as at that point you are almost certainly going via solid encryption and will help you browse the web absolutely anonymously. Yes, Even it means you need to spend a few coins more, the result you get will be stellar and it is worth it!

Just remember that there is no such thing as a 100% guarantee of anonymity, whichever route you take. There are always, at least potentially, loopholes in any security arrangement, and individuals often give their true identifies away through patterns of behaviors such browsing pattern, super cookies, unguarded comments made while on-line, or any other number of simple and not-so-simple mistakes. But as far as I’ve researched, there’s no match for VPN through Tor at this point. I personally use PrivateInternetAccess for VPN service as they are yet to be proven otherwise. Instruction for setting up PIA can be found here.

Do you think otherwise? Let us know via comment section.

Read More

affcat

Notes

affcat outputs the contents of an image file to stdout. Image files that are not raw but are recognized by AFF will be output in raw format. Missing pages will not be padded, but the fact that they are missing will be noted on STDERR.

Part of Afflib

Help Text

afcat version 3.7.1
usage: afcat [options] infile [... more infiles]
options:
    -s name --- Just output segment name
    -p ###  --- just output data page number ###
    -S ###  --- Just output data sector ### (assumes 512-byte sectors). Sector #0 is first
    -q      --- quiet; don't print to STDERR if a page is skipped
    -n      --- noisy; tell when pages are skipped.
    -l      --- List all of the segment names
    -L      --- List segment names, lengths, and args
    -d      --- debug. Print the page numbers to stderr as data goes to stdout
    -b      --- Output BADFALG for bad blocks (default is NULLs)
    -v      --- Just print the version number and exit.
    -r offset:count --- seek to offset and output count characters in each file; may be repeated

Example Usage

Note: there is some confustion about the file name. If you look at the help text it is referred to as afcat. However in both the github library and kali, the file name is affcat.

Below stolen from: opensourceforu

Afcat is a command-line utility that prints the various contents of an AFF image file. Basic usage is afcat <options> <AFF file name>. Some of the useful options are:

-p <nnn> — Output data of page number <nnn>.
-S <nnn> — Output data of sector <nnn> (sector size 512 bytes).
-l — Output all segment names.
-L — Output all segment names, arg and segment length.

Example: Invoking Afcat on the AFF file /tmp/image.aff with the -L option prints an output as shown below

Links

1. afflib github page
2. opensourceforu

Read More