September 13, 2007 Computerworld —Exploit code appears for Microsoft Agent bug “It took less than 24 hours for attackers to crank out proof-of-concept code targeting the one critical vulnerability disclosed — and patched — Tuesday morning by Microsoft, security researchers warned.” Ouch. A Day One exploit. Hopefully, Microsoft’s distribution of their updated Agent patches via Windows Update will be speedier than the bad guy’s spreading of their exploit.
Archive | 2007
September 2007 Microsoft patches on their way…
The SANS Internet Storm Center presents an overview of the September 2007 Microsoft patches and their status: several “remote code exploit” issues with Office, Messenger, the Crystal Reports bundled in Visual Studio and the Microsoft Services for UNIX. Exploits are in the wild for some of these, so plan on patching soon!
A List Apart: Articles: Suckerfish Dropdowns
In the great “Suckerfish Dropdowns” article on A List Apart, authors Patrick Griffiths and Dan Webb observe “The more you use and develop with browsers such as Mozilla the more you realize how pathetic Internet Explorer can be when it comes to web standards. ” Amen, brother!
Seacoast LUG Notes, 10-Sept-2007, Ben Scott on RAID and LVM
Twelve people attended last night’s session of the Seacoast Linux User Group, a chapter of the Greater New Hampshire Linux User Group, held as usual on the second Monday of the month at the UNH Durham campus, Morse Hall room 301.
Ben Scott had presented “RAID and LVM” and he had lots of information, and attendees had lots of questions, comments and war stories. There was plenty of participation, and Ben was still going strong when I had to
excuse myself at 10 PM. Ben had some good tables in HTML and diagrams in SVG to show the concepts, and used the network to log into his home machine and the GNHLUG web server Liberty to demonstrate the command line and GUI tools used to manage and maintain LVM and RAID. Side discussions included disaster recovery, pros and cons to reliability, redundancy and downtime, and the use of SMART interfaces on hard disk
drives. I’m sure everyone learned something. I certainly did.
Thanks to Ben for the presentation and Rob for hosting the meeting.
Seacoast LUG 10-Sept-2007: Ben Scott on RAID and LVM
- What : RAID and LVM storage management
- Date : Mon 10 Sep 2007 (TONIGHT)
- Time : 7 PM to 9 PM
- Where: Room 301, Morse Hall, UNH, Durham, NH
For the September 2007 SLUG/Seacoast/UNH/Durham meeting, Ben Scott
will be speaking on storage management using RAID and LVM.
=== About the presentation ===
RAID (Redundant Array of Independent Disks) and LVM (Logical Volume
Manager) let you do more with your disks than create partitions and
filesystems. With RAID, you can combine disks to make larger
filesystems, and/or add redundancy to help protect against disk
failure. LVM takes that a step further, by letting you create
arbitrary Logical Volumes (to hold filesystems), which can be easily
reallocated, resized, moved, and copied (snapshots).
Ben will be talking about some of the concepts, review the tools and
techniques available, and (hopefully) doing a live demonstration of
some of the things you can do. The specifics will be flexible, in
response to attendee demand.
=== About the speaker ===
Ben is a local Linux user, enthusiast, and advocate. He handles the
care and feeding of the GNHLUG Internet server, and is a GNHLUG
Bored^W Board Member.
=== About SLUG ===
SLUG is the Seacoast Linux User Group, and is a chapter of GNHLUG,
the Greater NH Linux User Group. Rob Anderson is the SLUG
coordinator. SLUG meets the second Monday of every month, same time,
same place. You can find out more about SLUG and GNHLUG at the
http://slug.gnhlug.org/ and http://www.gnhlug.org/ websites.
Meetings take place starting at 7:00 PM. Meetings are open to all.
The meeting proper ends around 9ish, but it’s not uncommon to find
hangers-on there until 10 or later. They take place in Room 301 (the
third floor conference room), of Morse Hall, at the University of New
Hampshire, in Durham.
Schedules Direct supplies TV/cable schedules for MythTV users
“Schedules Direct is a non-profit organization that provides raw U.S./Canadian tv listing data to Free and Open Source Applications. Those applications then use the data to provide things like PVR functionality, search tools, and private channel grids.” Recently, the Tribune Media Services company Zap2It decided to discontinue their free service that had provided TV/cable schedules to home hobbiests. Schedules Direct was formed by advocates for the various home-brewed PVRs to step in and supply the content. After negotiations with a number of vendors, they ended up back with TMS as their supplier. In a matter of weeks, the Schedules Direct crew managed to set up the infrastructure to provide a 10-day trial membership, a paid subscription service ($15/3 months initially, with a goal of $20/year or less once they establish the viability of the service) and a working infrastructure. Users of MythTV need to upgrade to the most recent (v 0.20.2 or later) version and change their configuration to use the new service. I switched over the weekend, confirmed I could read the new schedules, and paid up for the first three months. What a great example of the community coming together to supply their own needs.
GNHLUG has had several MythTV meetings, and I anticipate more in the future. Jarod Wilson presented a very popular session at the Merrimack Valley Linux User Group last year, and that lead to an effort by Jarod and maddog and others to run a series of MythTV installfests at NHTI.
WordPress › Blog » WordPress 2.2.3
WordPress › Blog » WordPress 2.2.3: “2.2.3 is a security and bug-fix release for the 2.2 series. Since this is a security release, we suggest you upgrade immediately. Two of the fixes are high priority.” Get patching!
As usual, the upgrade was pretty simple, following the step-by-step guidance available on the site.
Man takes pry bar to self-check till
Heard on Wait-Wait-Don’t-Tell-Me: the Seattle Post-Intelligencer reports “Man takes pry bar to self-check till.” Haven’t we all wanted to?
DLSLUG Notes, 6-Sept-2007: ATTACK of the Nifties!!!
Bill McGonigle hosted the September meeting the Dartmouth – Lake Sunapee Linux User Group, held as usual on the first Thursday of the month, but at a different location: the Dartmouth Regional Technology Center. Seven members attended.
The night was announced as “Nifties:” short presentations that hope to elicit from the audience just that reaction. Everyone present had something to show off:
I showed the S5 (Simple Standards-Based Slide Show System) developed by Eric Meyer of CSS fame. S5 used standards-compliant CSS, JavaScript and XHTML to generate a slide show with keyboard shortcuts, drop-down slide lists, handout and slideshow formats, additional notes and more. Free as in speech, free as in beer. Nifty!
Bill McGonigle showed off pfSense, following up on a blog entry he had written. pfSense is a spin-off of monowall, the xBSD-based firewall program. Bill talked about how to configure it off a read-only CR, with a small (512 Mb) USB fob holding the configuration file, running diskless on an older computer. The web interface was pretty slick, rich and intuitive, and exposed a huge number of options. Nifty!
Adam showed off some work he had been doing with WebSphere Community Edition (aka Apache Geronimo) and a commercial add-on that provided VT-400 terminal emulation via Java and a browser, to access some legacy machines he needs to maintain. Nifty!
I mentioned that TheOpenCD September 2007 edition was out and available via BitTorrent. We talked about some of the neat software on the disk. PDFCreator seemed most popular, but OpenOffice and WinSCP got good mentions, too. Nifty.
We did NOT mention the OpenEducationCD, a spin-off project, but that got mention at last week’s GNHLUG Board of Director’s meeting.
We talked quite a bit about the OLPC project and I showed off one of the videos available on the RedHat site to great acclaim. Not just “Nifty!” but “I want to work there!!!” There are more videos here, here and here.
Many interesting side discussions, too. Sorry if you missed it; it was a fun night.
I, Cringely . The Pulpit . The Puppet Master | PBS
I, Cringely . The Pulpit . The Puppet Master | PBS blogs, “Steve [Jobs] has a love-hate relationship with, well, everyone.” Interesting anecdotes from talking with Bill Gates and Steve Jobs.