Archive for December, 2005

Another mythweb php error

Saturday, December 31st, 2005

So after installing the php-pcre package, I restart httpd and reload the mythweb page and find another error message. Very similar to the first, but slightly different. “Fatal error: Call to undefined function session_name() in /var/www/html/mythweb/includes/init.php on line 48” (At least we’ve made it to line 48…) Anyway, yes… there’s a php-session package and no […]

Mythtv mythweb error

Saturday, December 31st, 2005

After the Mandriva 2006 upgrade I’ve still been looking to find if there is anything ‘not quite right’…. anyway, I’ve run into an issue with mythweb. Mythweb is a web-based interface for the mythtv backend. It basically let’s you browse listings, schedule recordings, see what’s scheduled, etc. For me it’s kind of like checking one […]

WMF exploit unofficial patch

Saturday, December 31st, 2005

Sans is talking about the unofficial patch for the WMF vulnerability. One of their handlers has helped with it to extend it to work on XP SP 1 and Windows 2000. They’ve also looked at the patch thoroughly and it sounds as though it’s very well done.    Send article as PDF   

NEW exploit for the WMF vulnerability

Saturday, December 31st, 2005

Just when you thought we had a good understanding of the recent zero-day WMF (Windows metafile exploit) it’s worse. Sans is reporting on a new variation on the exploit released today. They have gone to yellow (again) to warn people. Here are some details. This exploit was “made by the folks at metasploit and xfocus, […]

Network Security guide for the home or small business network – Part 19 – What about when you’re not on your home network?

Saturday, December 31st, 2005

When you’re not at your home network is probably one of those times you should be more on your guard. Wireless access points are very common and a greatly useful thing, but there are some steps you should take to protect yourself, your pc and the data stored there. First it’s worth having a personal […]

WMF exploit through indexing software

Saturday, December 31st, 2005

One of the vectors that has been mentioned early on is the infection of a system through the WMF exploit even when the exploited file was downloaded through a dos command shell. At first this seemed absurd, but it appeared that Google Desktop search was indexing files dynamically and once the file was downloaded it […]

New IM worm using WMF vulnerability

Saturday, December 31st, 2005

There is news this morning of a new twist in the WMF vulnerability (it was only a matter of time.) There are reports of an instant messenger worm using the vulnerability to spread. Currently incidents.org is reporting that the worm is spreading through the MSN messenger IM network and contains a malformed WMF file called […]

Third Party WMF patch

Saturday, December 31st, 2005

The F-secure blog is reporting on a third party patch for the WMF exploit. I have not tested it, it seems to come from a knowledgable source though. As I’m writing this though, the thought strikes me that a really nasty trick would be a claimed fix that actually exploited the vulnerability. It pays to […]

OpenVPN series

Saturday, December 31st, 2005

After the Hamachi article I wanted to do a series on OpenVPN. I’ve used it before, but not since the 1.x days…. it’s now at version 2.0.5 and has quite a bit more flexibility. When I first used it, it was pretty much a point-to-point vpn solution. You could set up routing to see the […]

Flightgear scenery objects

Saturday, December 31st, 2005

So, I’ve spent a bit of time talking about flightgear. Here are a couple extra resources that I want to “bookmark” here. There is a Good unofficial how-to here. (Mostly linux flightgear oriented. Also, the flightgear scenery is available here. The link is to a grid covered world map. Clicking on a grid quadrant downloads […]

Google
 
Web www.averyjparker.com