UPDATE 8/13/2008: Ok, figured out that the webserver running on port 20032 is used for the virus scanner user interface. It doesn’t start on boot, only once you click on the icon to configure the virus scanner. It appears to only allow access from localhost to the program though the webserver does respond from any IP.
———————————————————–
Ok, I finally received my EeePC 1000 this week and have had some time to play around with it. Have to say I love the hardware, very well made. This thing is loaded. Though the default Xandros OS is nice and well integrated with the hardware, it’s not going to meet my needs in the long run; I’ll be upgrading to Fedora or Ubuntu in the near future.
I know there was some discussion on if the EeePC 1000 was too expensive or had lost the meaning of what being an EeePC is, but I have to say it’s just what I was looking for. To give some background, I commute to work, and like to have a small light laptop with me in case of emergency work while I’m between home, job, or out traveling. Something simple that can provide net access, a browser, and a command line. For the past 4 years that has been my Sharp MM20 laptop. It had reasonable support for Linux and has worked very well for me. But it’s 4 years old, and that odd ball for a processor, the Transmeta Efficeon, is being left behind by Linux. The non-upgradeable 512MB of memory wasn’t helping either. So I’ve been searching for a replacement, and for almost 1/3 the cost of my original MM20, I’ve got a more functional, just a little larger and little heavier, laptop. That’s what I was looking for.
Here are the two plus my Mac Book Pro together
Hardware:
So, with that said, here is what you get with the EeePC 1000:
- Intel 1.6Ghz Atom CPU – Seems to be quick enough, much better than the old Transmetta Efficeon
- 1GB DDR2 400Mhz Main Memory
- 10.2″ 1024×600 LCD – Excellent brightness, looks great
- Intel GMA 950 based graphics controller – So far, seems snappy
- RaLink RT2790 Wireless 802.11n – Excellent Linux support, opensource driver, and connects at N speeds with WPA2 no problem
- Atheros Corp, L1e Gigabit Ethernet Adapter – Ok, it says Gigabit in lspci but it’s not, still it works
- One 8GB SSD ( mounted as / ), one 32GB SSD (mounted as /home)
- Bluetooth 2.0
- MultiTouch Touchpad
- 1.3MPixel Webcam, dual microphones, stereo speakers.
- 3 x USB 2.0 ports, VGA port, Audio IN/OUT port, SDHC Card reader
- 6 Cell Li-Ion Battery
I can’t complain about the hardware, that’s really what I bought this for. It meets every need that I had, hardware wise. Might have been nice if it was a little thinner and lighter, but that would have raised the cost. So far, the battery run time is incredible. I’ve left the latop sitting on my desk all day with all wireless on, Ethernet connected, using it every once in a while lightly, and it’s still got 50% charge left. That’s insane! Perfect travel laptop.
Software:
I decided to try living with the default Xandros Linux that comes with the EeePC for a few days. I also figured it would give me time to collect all the information I would need to do a fully working install of Fedora or Ubuntu. Ignoring the security issues, which I will talk about later, I have to say the basic setup is pretty nice. Everything works, things are pretty clearly labeled, and it’s easy to navigate around. I really do like how well they integrated in the hardware functionality, I’ve never had a Linux laptop work this well. It’s clearly designed for someone with much less Linux experience, but that’s there target audience. A list of software pre-installed can be easily found on the web. My minor gripes about the default Linux install are the following:
- The default install of xorg was set to 16 bit and not 24 bit. I like my millions of colors (vs ~65K)
- FileManager disappeared on me, though I found a way to replace it online and there are alternate means of accessing it
- Could use more software to install through the Add/Remove Software system
- Needs more mouse control, less speed more acceleration. Hard to hit small targets.
- Since it’s multi-touch, why can’t double finger tap act as a right click like on Mac OS X?
Security:
Security being an interest of mine, I was curious to see what was setup by default on the Xandros OS for EeePC. This is where I confirmed that I’ll be loading my own Linux on this. I found a couple of issues and some good points. First the good points:
- Most services are turned off by default
- It comes with a virus scanner to scan your documents and such.
Now the bad points:
- Default user name of “user” with sudo (root) no-password required access
- Default to instant login, though this can be changed via the Personalization icon under settings
- No ipchains/iptables compiled into the kernel, NO FIREWALL!
- Yes, it does have a virus scanner, but we’re on Linux, I would rather have a firewall!
- Broken updates, see below
- Several open ports by default, bad
Here are the results of the nmap test:
Starting Nmap 4.20 ( http://insecure.org ) at 2008-08-12 13:51 EDT
Interesting ports on xxx.xxx.xxx.xxx:
Not shown: 65531 closed ports
PORT STATE SERVICE
111/tcp open rpcbind
139/tcp open netbios-ssn
445/tcp open microsoft-ds
20032/tcp open unknown
So we have rpcbind, netbios-ssn, and microsft-ds open. Netbios-ssn and microsoft-ds are a big no no, even though it’s samba that’s providing the service (yes nmbd and smbd Samba daemons are started by default) so less likely to fall to the standard script kiddies, it’s a big sign that says “Hello!!! Try to HACK ME!!!” when connected to the internet directly. I know they do this for convenience to improve the ability to file share with the EeePC, but why can’t these be off unless a user actively chooses to share? Oh, and by default the laptop is part of “Workgroup” just like any other out of the box Windows system. As for rpcbind, it’s up and running but no services are listed at the open ports.
Now port 20032 is interesting, according to netstat this is the nginx.conf program. This is some form of web-server namely “nginx/0.5.33”. Why on earth is there a web-server running on the EeePC (Answer found it’s mentioned in the update at the top)? I haven’t dug through the file system to find out what it is serving, but this is another one that makes me nervous. Since there is no firewall, I’m going to have to see what I can do with host.allow/deny or just disabling the services from starting in the first place.
As for the broken updates, most seem to work fine, but one “Asus Update System Update” download fails. Based on what I’ve found, apparently there are files missing on ASUS servers. Funny thing is they don’t seem to believe people who try to tell them they are missing. Hopefully that will get resolved soon.
Personally, I’m not impressed with the security of the default Xandros Linux. There are open ports that just shouldn’t be open and the lack of a firewall is very frustrating.
Conclusion:
I think this laptop is going to be a great companion for the near future. Once I get my own Linux distro installed and gain back a little more control, things should be good. Though the pre-installed version of Linux is functionally very nice, I just found too many drawbacks to use it, not the least of which were the security issues. The hardware more than makes up for it, so all is good!