SANS has a story on another local kernel vulnerability for linux. I’ve got to say that I typically haven’t looked as much at “local” vulnerabilities on this site as I have talked about remote vulnerabilities. Usually local vulnerabilities are flaws that allow a user that’s already logged into a system to escalate their user rights to control the system. So, IF you allow logins for various users, you definitely need to pay attention to local vulnerabilities.
Category: Linux Tech Support
-
Open Source NTFS driver for linux with Read and Write support
Linux has full support for so many file systems. Fat32, which is the filesystem of the Win98 and ME systems has had full read-write support as long as I can remember, but NTFS has not. In fact, NTFS has had read-only support in the main open source driver, but NO write support. (Or at least VERY limited and risky write support.) There was the captive ntfs project which used Windows own NTFS driver, but…. it looks like we’re getting very close to a true open source, read write NTFS driver for linux (and really, for any other OS that wants to implement it.)
-
VMWare server 1.0 final release
I’ve been keeping an install of Vmware virtual Server through their beta and Release Candidate phase and have seen several places that they’ve released the 1.0 version today. This release is free (as in no charge.) Although support is available….
-
Converting MPG video to dv files
I don’t know much about the dv format, except that it is a standard format that many camcorders use. For this reason, many video editors (such as kino for linux) prefer to see files coming in dv format. The problem I ran into is that the new handycam dvd puts images in .VOB files (which are really MPG). So, I found this handy script… that runs on Mac or Linux and is called mpeg2dv. It does the trick and is public domain. The only requirement I can see is ffmpeg.
-
Thinclient PXES from 2x and thinstation
I have spent about a week with the 2x page open in one of my browsers. I’ve been trying to get to know PXES’ new incarnation. For background. PXES was hosted on sourceforge.net and was an attempt at making a multi-protocol thin-client boot distribution…. In other words, among the files released were iso images that you could use to boot up and select to be a thinclient for rdp, vnc, xdm, nx (compressed and optionally encrypted x), citrix, etc. What was really interesting to me is that you could also customize your disc to only connect to a specific protocol (or hard code a disc to only be a client to a specific server address.)
-
Rsync for easy (and quick) backups
I’ve got to say, I haven’t spent ENOUGH time with rsync to really be fluent in how I could put it to use…. A week or so ago I was reading this list of essential Linux software by a guy that moved from Mac OS X to linux because he detested the DRM that was being shoved down his throat. Anyway, one of his essentials was rsync for backups. Which got me thinking. Why didn’t I use rsync for backups. At one point in time I used unison, but for some reason had stopped and was in need of reorganizing my home backup strategy anyway. I found a few interesting approaches.
-
Denyhosts as an added defence to ssh server
A couple days ago I had a brief article on the vandals banging away at the door of my ssh server. Like I said, I’ve, at times, been fairly smug abou the futility of their actions, but…. the persistance concerns me. Let me be more specific, I keep a fairly tight ssh server setup (don’t allow version 1, only have specific users allowed, use privilige seperation, deny root login, and keep it updated whenever there is a problem with a running version.) But, when you see a single IP making THOUSANDS of attempts to log in, you start thinking…. what if they were to hit on the right username and try a thousand combinations of passwords with that username. Hmmmm… disturbing. So, I wound up setting up denyhosts and thought I’d share a bit more about it here.
-
Fasten your seatbelts – Browser vulnerability a day to be announced in July
I hope there aren’t too many browser developers that have planned on taking July off….. I ran across browserfun.blogspot.com where it is planned to release information on a web browser vulnerability EACH DAY for the month of July. This comes to us from HD Moore of Metasploit. Judging from This securityfocus article, most of the vulnerabilities may just lead to a browser crash, but some seem to be remote code execution vulnerabilities. Microsoft Internet Explorer is where they found most of them, but other browsers were NOT immune and did find at least one remotely exploitable vulnerability to gain remote access for each browser tested.
-
Vandals banging on the door of ssh….
Sometimes I wish I wasn’t curious about things…. The other night I was working on something on the testbox in the back room and saw the switch lights flickering fairly actively between the server and the internet gateway. At first I thought maybe it was some mail coming in, but it was awfully persistent. So, I started nosing around. I saw that sshd was showing up in the process list and on checking /var/log/messages…. found hundreds of ongoing attempts to break in through the ssh server. (sigh….) Now, there was a time when I’ve kind of snickered when I’ve seen these futile attempts, because I have a VERY short list of allowed ssh users. (AllowUsers username can be set in /etc/ssh/sshd_config) But, this was fairly persistent and there was more variety to the usernames than I’m used to seeing.
-
New User Guides for Ubuntu, Fedora, Mandriva
As I was searching online this weekend for something ubuntu related… I ran across this nice reference Wiki…. ubuntuguide.org. They’ve got a good Ubuntu new user guide and also a few things Mandriva and Fedora related. The site is done wiki style so you should be able to collaborate if you have suggestions (although they require login it appears due to wiki-vandalism.) Anyway, looks like a good guide, fairly new-user friendly.