Computer Tips -Tech Info

Author: Avery

  • Kdirstat to track space hogs

    I’m putting this under the Windows tech support category because I’ve used this on a boot cd before to do the same for Windows as I’m about to describe for Linux. I need to clean up and organize my hard drive(s). But when it comes to actually deleting things you really do want to get the biggest bang for the buck and go after the biggest files first. I remember an old Windows 95 utility I think it was called space Hog or something like that (more space 95??) Anyway, it would scan the disc and show the files sorted by size. Under linux (KDE desktop), there’s a similar (in many ways better) utility called kdirstat.

    (more…)

  • WMF exploit situation summary…

    Since there’s been quite a bit of flux the last couple of days I thought I’d try to “reset” the situation and give a general overview of where we stand now with regards to the recent WMF zero-day exploit.

    1st there is a vulnerability in the way Windows renders WMF (Windows MetaFile) image files that makes possible an exploitable buffer overflow allowing remote execution. There are at least two exploits for this vulnerability and it is not necessary for the wmf to have a name ending in .wmf (it could masquerade as jpg for instance.) The specially crafted WMF could be in a web page, email (html email), or other document. There are many possible vectors of entry for this.

    (more…)

  • WMF Exploit — it’s worse…

    This is going to be a rough start to the new year for IT staff and computer users….

    There’s coverage at Incidents.org, the sunbeltblog and f-secure of the latest twist in what will likely be a BIG mess to clean up. It looks like there’s a someone spamming emails to tons of addresses with a specially crafted image (uses the WMF exploit.) It’s also a slightly different variant of the exploit.

    (more…)

  • On Demand book publishing – iUniverse

    The last entry in this series I looked at lulu.com which offers on-demand book publishing for those looking to publish their own book. The level of entry at lulu.com is nothing, no setup fee and they take fixed cost plus 20% of your profit which all told is not a bad deal.

    This time around I’m looking at iUniverse.com which is backed by Barnes & Noble. They do charge to get started. The cheapest of their packages is $299 for those that aren’t interested in distribution of their work. (Just making it available through the iUniverse.com store.)

    (more…)

  • Network Security guide for the home or small business network – Part 20 heterogeneous networks

    One thing I’ve already mentioned in this serious is using alternative programs like Mozilla Firefox instead of Internet Explorer, or Thunderbird, Eduora instead of Outlook Express. Even if you’re not using alternative software as your primary web browser, email program there are advantages to having networks with mixed software, operating systems and even mixed network hardware. Back when the blaster worm hit, there were stories of businesses paralyzed when every Windows XP machine in the place (read – EVERY machine in the place) could not stay up long enough to download a fix. In order to get a fix they had to get online to find out about it and it was crashing within 30 seconds of booting.

    (more…)

  • Happy New Year

    I hope that you all enjoy a very Happy New Year. I probably should have had this post go out at 00:00 GMT, but… I thought I’d post it using the server local time….

  • Another mythweb php error

    So after installing the php-pcre package, I restart httpd and reload the mythweb page and find another error message. Very similar to the first, but slightly different. “Fatal error: Call to undefined function session_name() in /var/www/html/mythweb/includes/init.php on line 48” (At least we’ve made it to line 48…) Anyway, yes… there’s a php-session package and no it’s not installed (yet.) I’m a bit puzzled as to why 1) these two packages were not installed in the upgrade. 2) why mythweb didn’t see those as prerequisites… Anyway….

    (more…)

  • Mythtv mythweb error

    After the Mandriva 2006 upgrade I’ve still been looking to find if there is anything ‘not quite right’…. anyway, I’ve run into an issue with mythweb. Mythweb is a web-based interface for the mythtv backend. It basically let’s you browse listings, schedule recordings, see what’s scheduled, etc. For me it’s kind of like checking one of the sites that has tv guide info. It’s even better because it’s local to the machine and let’s me go ahead and set recordings up. (And there are no obnoxious ads, or logins to remember…) Anyway, after the upgrade, the main page is throwing up this message… Fatal error: Call to undefined function preg_replace() in /var/www/html/mythweb/config/conf.php on line 29

    (more…)

  • WMF exploit unofficial patch

    Sans is talking about the unofficial patch for the WMF vulnerability. One of their handlers has helped with it to extend it to work on XP SP 1 and Windows 2000. They’ve also looked at the patch thoroughly and it sounds as though it’s very well done.

    (more…)

  • NEW exploit for the WMF vulnerability

    Just when you thought we had a good understanding of the recent zero-day WMF (Windows metafile exploit) it’s worse. Sans is reporting on a new variation on the exploit released today. They have gone to yellow (again) to warn people. Here are some details. This exploit was “made by the folks at metasploit and xfocus, together with a anonymous source.”

    (more…)