APLawrence.com -  Resources for Unix and Linux Systems, Bloggers and the self-employed
RSS Feeds RSS Feeds

Return to Index

April 2005

GPL, GPL 3: Tech Words of the Day 
- Disregarding SCO's nonsense about it all being unconstitutional and similar nonsense about opposition to copyright, the GPL has long needed work.
How to respond to a Security Incident  by Michael Desrosiers
- The first thing that an organization needs to understand is exactly what constitutes an incident, what incidents are reportable and what actions they need to take when an incident occurs. The purpose of an incident response plan is to respond, investigate and report any abnormal activities that deviate from approved or expected practices on your organization's information system resources. Your plan should include a description of a security violation, a security incident and an example of when a technical vulnerability causes or could cause one or the other.
User Agent for Firefox 
- The reason for wanting to change this is that some website (like your bank) insists that you must use Internet Explorer and refuses to play if your browser doesn't announce itself as such
Drupal: Tech Words of the Day 
- I don't like this sort of thing because I like to do things *my* way, and because as soon as a security problem becomes known it will be exploited against you.
Pro Perl 
- This is an excellent Perl book. I really like the author's way of explaining concepts with clear and to-the-point examples. Unlike the Camel Book, which is full of Perl insider references and puns, Peter Wainwright explains things clearly and illustrates with practical examples.
Secondary MX: Tech Words of the Day 
- Great idea, but the spammers soon realized that many secondary mail servers don't have spam or virus filters
Mounting USB Drive  by anonymous
- Mounting USB Drive I saw the article on mounting a CDROM on SCO Unix, would it be the same with a usb drive? I need to mount a usb drive on a Sco box.
Looking for Barcode vendors, that work with Linux  by Bruce Garlock
- I cannot seem to google any vendors that have linux based bar coding solutions
Adobe Acrobat Reader ver.7 for Linux (beta)  by bruceg
- Where do you find Acrobat Reader for Linux? They do have it, though it's not always easy to find.
Lids: Tech Words of the Day 
- Under the most restrictive circumstances, this means that not even root can do anything that Lids has been configured not to allow.
clever bash tricks  by dhart
- One thing that has always bothered me is having to type in long pathnames. I guess I should have read the documentation since there is indeed a better way
- Subversion describes itself as "a compelling replacement for CVS" but is not just for CVS users.
- Let me just say this: I don't see the point of firing up another GUI inside a perfectly good GUI that I already have.
- Nmap DOES try more than once, but in my testing, it's not unusual for it to miss things. That's probably helpful now and then if someone is scanning you with malicious intent.
Apache Security 
- I rather hoped this was better than it is. Don't get me wrong, it's not bad, and it's probably worth having, but it could have been a lot better. First complaint: the index is lousy. Several times I wanted to go back and review something that I had read about in an earlier chapter, but was unable to find what I wanted with the index and had to resort to flipping through pages. Second, some of the material just is not explained well: if you are not already quite expert at Apache, you will find parts of this very confusing. Of course, that's a bit unfair: you really can't expect a book dedicated to Apache security to spend a lot of time explaining basics.
- Disks are mechanical devices and storage is quite fuzzy, so weak images of previous data are still present after a simple overwrite. Hence 'shred'.
- I recently had a confusing issue with trying to install an updated kernel on a machine I could only reach remotely.
- Would you think that these are all the same thing? Well, you could get some techy argument here and there.
- Does it change the fact that SCO screwed their own goose regularly over the past decade and more, culminating in the utter stupidity they are embroiled in now?
- /proc has become a maze of twisty passages with no real organization. Sysfs is supposed to be a structured representation of the kernel device model.
SCO 5.0.7 DVD-RAM usage  by jbaker
- I'd suggest using Microlite or Lonetar for this. You aren't really verifying with that anyway if you are using stock cpio and the Supertars are far better products - see for example the recent review of Edge at /Reviews/backupedge21.html (similar features are available in the Lonetar product).
- Ahh, the shell gets such disrespect nowadays. With all the GUI filesystem browsers available now, "tree" may not even be installed on your Linux box anymore.
Security begins at home 
- But often you have to dig through a lot of detail to figure out just how the flaw would be exploited, and even then it's not always easy for a non-technical user to figure out.
debugging, debugger  
- Sometimes, program bugs are failures of knowledge: we don't understand the language we are using or some structure or hardware that our programs are using.
- An application needs a certain library, your system either doesn't have it or has the wrong version, so it can't be installed until you resolve the dependency.
Petals Around The Rose  
- I'm not a big fan of recreational puzzles today - maybe because I do too much real problem solving and troubleshooting.
- There are several ways to make "if - then" decisions in shell scripts. The most direct is the "if -then" construct itself:
host, dig  
- dig does have more power than host, but the need for that power doesn't come up all that often and host is both easier to use and more direct with its output.
Apple OSX Tiger  by bruceg
- What are the advantages and disadvantages of an IPU (in place upgrade) vs. a fresh install?
PATH, command  
- If PATH doesn't include ".", running a program you can see right in front of your nose with "ls" is going to generate a "command not found" message.
g++ not working 
- How not to ask a technical question - hint: you need to say a little more than 'it doesn't work'.
Netscape 8 beta for win32 is out  by bruceg
- Renders pages much faster than Firefox, Mozialla, or IE on the same XP machine
Microsoft search accused of bias 
- msn search: I've tested MSN against Google before and have noticed that for searches where articles here are in the top ten, they are always lower at MSN, and sometimes not on the first page at all. But that's hardly statistically significant. The same charge has been made against Ivan's samples, saying that they are too small to be meaningful.
- RFC 1630 defines URI's and RFC 1738 defines URL's. According to RFC 1630, a URL is a type of URI, so 1738 is just further explanation. The other type is a URN, which is supposed to be more consistent, and is actually just more confusing (in my opinion, of course). Don't even get me started about URC's: what the heck is "URC's are thought of as collections of metadata about some data" supposed to mean? The more people try to explain this the more confusing it gets.
- People pay very little attention to the security that the verification phase does offer, and will happily ignore any SSL error.
Silence on the Wire 
- This is billed as a security book, and yes, that is its focus, but that isn't why you should read it. First: this is ultra-heavy geek territory, but it's not necessarily computer geeks only. What I mean is that although this is all computer and networking related, any general engineering geek-type will probably enjoy it. It is emphatically NOT about buffer overflows and the like; it's about the really esoteric stuff, and therefor interesting even if you aren't that interested in deep level security topics.
Magic Sysrq 
- The "Magic Sysrequest key" is Alt (left or right Alt key) and Sysrq (up there under Print Screen, next to F12 on most keyboards). To use it, you need to have it enabled in your kernel (CONFIG_MAGIC_SYSRQ). It usually is; if you have a file called '/proc/sys/kernel/sysrq' you have this. To ENABLE the magic functions, you need a "1" in that file. If it has 0, Alt-SysRq just returns you to the previous console you were using.
Loglevel (configuring syslog) 
- Syslog is a wonderful thing. In theory, it lets an administrator fully control where and how messages get logged. Of course, the first requirement is that the program you wish to control uses syslog for logging, but even assuming that it does, it can still be difficult to get what you want.
DNS problems at Network Solutions 
- I had several people mention that they couldn't reach aplawrence.com yesterday
sendmail domain masquerading  by dhart
- Mail from host 'redhat' is being relayed through smtp.conservent.com, which rejects the email since it has no reverse DNS path to redhat.alliedstorage.com. I don't want to make a record for redhat.alliedstorage.net. I do want to make email from redhat.alliedstorage.com appear to come from alliedstorage.com so that smtp.conservent.com won't reject it.
./bashrc doesn't run automatically  by dhart
- my customer has played with webmin and did something to logins so that some users .bashrc doesn't get executed.
AIX Operating System Hardening Procedures & Security Guide  by Michael Desrosiers
- Some security packages address the problem by stripping all (or nearly all) network services and then instruct you to be careful about what you add to the system. That's a great approach but requires that you "get your hands on" the system before anyone laye rs anything onto it and you understand what you're adding to the system when you add it back in. These are two conditions that do not apply at many sites.\xa0 The approach here is different. We will consider services offered by the AIX 5.1 operating system, try to explain what each does, note the risks involved with each and make recommendations about what one ought to do to mitigate the risk.