Computer Tips -Tech Info

Category: Tech Support

  • WMF exploit situation summary…

    Since there’s been quite a bit of flux the last couple of days I thought I’d try to “reset” the situation and give a general overview of where we stand now with regards to the recent WMF zero-day exploit.

    1st there is a vulnerability in the way Windows renders WMF (Windows MetaFile) image files that makes possible an exploitable buffer overflow allowing remote execution. There are at least two exploits for this vulnerability and it is not necessary for the wmf to have a name ending in .wmf (it could masquerade as jpg for instance.) The specially crafted WMF could be in a web page, email (html email), or other document. There are many possible vectors of entry for this.

    (more…)

  • Another mythweb php error

    So after installing the php-pcre package, I restart httpd and reload the mythweb page and find another error message. Very similar to the first, but slightly different. “Fatal error: Call to undefined function session_name() in /var/www/html/mythweb/includes/init.php on line 48” (At least we’ve made it to line 48…) Anyway, yes… there’s a php-session package and no it’s not installed (yet.) I’m a bit puzzled as to why 1) these two packages were not installed in the upgrade. 2) why mythweb didn’t see those as prerequisites… Anyway….

    (more…)

  • Mythtv mythweb error

    After the Mandriva 2006 upgrade I’ve still been looking to find if there is anything ‘not quite right’…. anyway, I’ve run into an issue with mythweb. Mythweb is a web-based interface for the mythtv backend. It basically let’s you browse listings, schedule recordings, see what’s scheduled, etc. For me it’s kind of like checking one of the sites that has tv guide info. It’s even better because it’s local to the machine and let’s me go ahead and set recordings up. (And there are no obnoxious ads, or logins to remember…) Anyway, after the upgrade, the main page is throwing up this message… Fatal error: Call to undefined function preg_replace() in /var/www/html/mythweb/config/conf.php on line 29

    (more…)

  • OpenVPN series

    After the Hamachi article I wanted to do a series on OpenVPN. I’ve used it before, but not since the 1.x days…. it’s now at version 2.0.5 and has quite a bit more flexibility. When I first used it, it was pretty much a point-to-point vpn solution. You could set up routing to see the rest of the network and for the network to see the vpn client, but only one client could connect to one server. What this meant is that multiple tap or tun devices were needed on the server, one for each remote vpn client. Also, multiple openvpn processes and multiple openvpn ports.

    From my understanding this setup wasn’t necessary under the 2.x series.

    (more…)

  • Flightgear scenery objects

    So, I’ve spent a bit of time talking about flightgear. Here are a couple extra resources that I want to “bookmark” here. There is a Good unofficial how-to here. (Mostly linux flightgear oriented. Also, the flightgear scenery is available here. The link is to a grid covered world map. Clicking on a grid quadrant downloads scenery for that quadrant.

    (more…)

  • Scheduling tasks in linux kcron

    I don’t know if kcron deserves a seperate entry for scheduling tasks under linux. Cron is what I typed on last time and it’s the daemon that controls scheduled tasks. The method for scheduling tasks that I went through last time is for the command line. Like many things in linux, there are other ways to get the job done. In this case, one way through the graphical interface is kcron…

    (more…)

  • Mythtv remote frontend

    So, when I did the laptop upgrade I formated the root partition which means that working mythtv frontend was erased and it had to be set up from scratch. I had been running version 0.16 of mythtv on all the systems, but finding rpms for that older version looked challenging, so…. I went ahead with the upgrade to 0.18.1 on the desktop first. All went fairly smoothly using Thac’s rpms of mythtv.

    (more…)

  • Linux Livecd Download

    This should probably go in the Windows tech support category too… but, as I’ve talked about before I’ve spent a good amount of time using different linux livecd’s. I’ve even made a few livecd’s of my own with Mandrake (now mandriva) linux, using the mklivecd scripts. One of the nice things about a livecd is that it’s self contained, portable and relatively secure (any compromise should be able ot be undone by rebooting.) There are linux livecds customized for just about every conceivable use. The ones I did varied from booting to an image slideshow to a full cooker based desktop.

    (more…)

  • Lotus Notes WMF vulnerability

    This is really the same zero-day wmf vulnerability, but there is a twist. It’s been found that Lotus Notes v. 6.x and up are vulnerable to the Windows Meta File (WMF) exploit that’s making the rounds. Probably not surprising given that there are reports of many vectors of attack, not JUST the web browser. What makes this one noteworthy is that it is vulnerable EVEN WITH THE regsvr32 WORKAROUND. The only other solution that’s been reported thus far is DEP (Data Execution Protection) with supported DEP hardware.

    (more…)

  • Scheduling tasks in linux cron

    Windows has scheduled tasks which most people are only halfway aware of. Linux has very powerful scheduling capabilities coming from it’s unix heritage. cron is the daemon that deals with scheduled tasks under most linux distributions. There are a couple ways that you can schedule cron tasks. The first is from the command line.

    (more…)