Ohio LinuxFest

Linux.com has an article on an upcoming Ohio LinuxFest put on by their own corporation. There's a lot to be learned by reading what others have learned in putting on a conference…

Linux and open source software users in the Buckeye State who want to network with several hundred of their colleagues will get the chance when Ohio LinuxFest 2006 gets underway later this month. The one-day conference, to be held on Saturday, September 30, at the Greater Columbus Convention Center in downtown Columbus, features presentations, exhibits, an after-conference party, and a special appearance by some live penguins.

MerriLUG September 2006: File Carving at Home or Office

On the GNHLUG-Announce list, Jim Kuzdrall announces the Septempber MerriLUG meeting, “File Carving at Home or Office”

  • Who : Andy Bair, Winning Team, 2006 File Carving Challenge
  • What : Unscramble randomized data sectors or packets back to files
  • Where: Martha's Exchange
  • Day : Thur 21 September **Next Week**
  • Time : 6:00 PM for grub, 7:30 PM for discussion

    :: Overview

    Want to undelete some Linux disk files? Piece together fragments of a deleted file? Recover a Windows disk where both FATS are destroyed or missing? Extract files from a network capture? MerriLUG presents Andy Bair with a new and effective approach to file carving that could be used to accomplish these tasks.

    Andy Bair (and teammates Klayton Monroe and Jay Smith) won the 2006 File Carving Challenge. The winners developed new tools and techniques which accurately extracted files from a 50MB disk image of containing JPEG, ZIP, HTML, Text, and Microsoft Office files.

    Andy's talk will explain the contest, contest data sample, methodology, and tools. There will be examples and a question-answer
    session. You might want to build a script to automate his method for your purposes (or entice him to do so). Get contest information at http://www.dfrws.org/2006/challenge/. Get a preview of the team's methodology, updated results and additional information at
    http://www.korelogic.com/Resources/Projects/dfrws_challenge_2006/.

    >>> RSVP to Jim Kuzdrall for dinner to assure adequate seating. Driving directions

Python Reads SourceSafe

Picking up an example presented in 1998 for using COM Automation on SourceSafe from Visual FoxPro, I created the same example in Python with just as little code. Using Mark Hammond's Win32All to supply the Win32 and COM support, the following code will list all the files in a particular SourceSafe project and their version numbers.


import win32com.client

SSafe=win32com.client.Dispatch("SourceSafe")
SSafe.Open("c:\Projects\VSSPath\srcsafe.ini","troche","secret")

Root=SSafe.VSSItem("$/MyClient/MyProject")
VSSItems=Root.Items

print VSSItems.Count
for loNode in VSSItems:
	print loNode.Name, loNode.VersionNumber

Subversion new version, SourceSafe conversion

OSNews reports Subversion 1.4.0 Released. “This is a feature release of Subversion [Updated link], featuring BDB 4.4 and repository auto-recovery support, a new tool for synchronizing repositories (svnsync), major speed enhancements in the versioned filesystem and the working copy, and of course the usual host of bugfixes and minor enhancements. Additionally, check this article on how to Set up Subversion and websvn on Debian.”

Good timing! I've been using subversion for the past year on a web development project with another (remote) developer, and have enjoyed the power and flexibility of the tool, as well as some of the cool add-ons, clients and scriptability.

Now, it's time to consider moving existing projects out of Visual SourceSafe and into subversion. The folks at Pumacode offer an vss2svn tool that runs as a native Windows executable, written in Perl and C, with the source available under an open license. Pumacode tried an interesting tactic to convert the VSS repositories: rather than interogate the VSS binary to retrieve files, it reads the repository files directly and interprets the results from there. There are some advantages where older versions might be corrupted, or to retrieve files flagged as deleted, which they say VSS will not allow.

On a 2 Ghz Pentium-M with a gig of RAM, it took about 2 hours to process my current VSS repository, which consists of forty thousand files and around 1.4 Gb of disk space. (The authors of vss2svn caution that it's better to convert the entire repository than to risk further corruption by pruning it first; leave that task to subversion post conversion.) This generated a dump file of 850+ Mb. Transferring that to the Linux box with a new repository took a few minutes, and loading the data about 20 minutes. Using RapidSVN from the Windows box, I was able to browse the subversion repository and confirm that files and folders and log history comments look about right. I'll confirm by checking out projects of interest and diff'ing them against the current development copies.

I had anticipated a different tack, using COM Automation to drive VSS, as I described in Essential SourceSafe. As a learning project, I had proposed using Python to browse the repository via COM Automation and use the excellent Python-svn bindings to migrate portions of a VSS repository to subversion. I still plan to try that, and to compare-and-contrast the results between the two techniques, while I learn a little more Python.

MythTV links

SlashDot misses the mark completely with in inaccurately-titled and summarized pointer to a great Tom’s Hardware story on MythTV. There’s nearly nothing in the story about the Microsoft media device, nor does there have to be. The MM is a plug-in-and-work device that locks you into their choices, their protocols and few extensions. MythTV is for the do-it-yourself tinkerer who wants to do lots more. This one’s been on my to-do list for way too long.

The comments on the Slashdot article are much more worthwhile than the post. Set your threshhold high and you’ll see the moderated posts. A pointer to Jarod Wilson’s installation guide was worth the browsing. Jarod integrates the great documentation on the MythTV site with his own experiences.

BFD Brute Force Detection vs. script kiddies

Tired of the abuse I'm getting on one of the servers exposed to the Internet, I've installed APF, the Advanced Policy Firewall, and BFD, Brute Force Detection on the machine. Webhostgear.com has easy-to-follow installation instructions for APF and BFD respectively.

While plain vanilla iptables was enough to protect the machine from most routine attacks, incessant attempts at logging in to a couple of well-known services on well-known ports was filling the logs and consuming an extrodinary amount of the bandwidth. Now, a script kiddie attempting 13,000 logins will find the machine no longer responding on that IP address.

Interesting technology. BFD uses a script run as a timed job to parse logs, pick up repeats, and bans them by scriping a command line and submitting it to APF. APF also uses the excellent DShield.org list of known problemmatic machines and networks. Very cool. While BFD comes with a set of scripts to parse common exploits, it didn't have one for my ftp server. I'm not sure I've grokked what's needed to set up my own script of rules, but as I couldn't find one on Google, I'll give it a shot, and share my results back to the community once I've got it working.

NeoOffice/J 2.x free public beta

NeoOffice: OpenOffice.org native for Mac OS X. “The NeoOffice project has released the first free public beta of its upcoming 2.0 software. NeoOffice is a port of the OpenOffice.org codebase to native Mac OS X APIs and toolkits. The result is an office suite that is integrated with OS X core functionality.” Link via LXer

Cool! I've enjoyed NeoOffice/J in the 1.x version and look forward to seeing a 2.x release. OpenOffice.org 2.x has been my primary office suite for a while now on Windows and Linux, including some pretty intense collaboration with Windows users.

Word 2000 Zero Day Exploit.

eWEEK.com Messaging and Collaboration is reporting Microsoft Confirms New Word Zero-Day Attack. “Malicious attackers are exploiting a new, undocumented flaw in Word 2000 to load back-door Trojans on Windows machines.” … “Security alerts aggregator Secunia rates the flaw as “extremely critical” and urged Word users to avoid opening Word documents from untrusted sources.”

Powered by WordPress. Designed by Woo Themes

This work by Ted Roche is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 United States.