Computer Tips -Tech Info

Tag: UPDATE

  • Is something up with ordb.org?

    I’ve noticed several times in the last week a server of mine that is using postfix has rejected messages due to a failure in the lookup at relays.ordb.org. At first, I thought this was just a false positive in the database at ordb… but this morning I finally “caught it” while it was happening and went to pull up the ordb.org web page. It took…. 30-45 seconds and then proceeding to do a search on the rejected IP took another stretch. In looking at the logs it appears that there may be blanket rejections if the ordb.org check times out.

    Here’s the postfix config setting….
    smtpd_client_restrictions = permit_mynetworks,reject_rbl_client relays.ordb.org

    (more…)

  • Being cautious on the web…

    Incidents.org is reporting on the defacement of a security related web site (winsnort.com). They say they usually decline to comment on those because the attention is what the defacers thrive on. However, it does pay to keep your browser updated and antivirus current. What’s more…. Several days ago there was the news that the President of Iran now has a blog (which is ironic in many ways given the restrictions they place on internet use….) But… anyway, I figured he is getting his propaganda tool our and ready in advance of the UN showdown over the nuclear program. Well, it turns out that some have noticed an interesting gift from the visit to Mr. Ahmadinejad’s site….

    (more…)

  • Exploits a plenty – IE / Excel (Firefox?)

    There are a number of vulnerabilities that are currently unpatched, but have working publicly known exploits for Excel (*2) and Internet Explorer (2 vulnerabilities here as well.) Proof of Concept code has been released for both the Excel and Internet Explorer vulnerabilities. This means, with the code publicly available, it won’t be long before it’s bundled into other malware delivery structures…. You might look at alternative browsers, BUT…. be forewarned that one of these vulnerabilities appears to work on a fully patched install of Mozilla-Firefox. (According to Sans – the Secunia code doesn’t – but the full disclosure exploit code does affect Firefox.) I’ve seen word of early 1.5.0.5 builds being available – I wonder if that will be modified to fix this issue?

    (more…)

  • Real VNC 4.1.1 vulnerability – Remote Access without password

    This is one worth checking out anybody using vnc for remote administration. It looks as though intelliadmin has come across a vulnerability in Real VNC 4 (the slashdot post I saw suggested “any machine running VNC 4.1”) I haven’t tested yet, so I don’t know if this ONLY affects REALVNC’s implementation or is broader. They have a proof of concept page which attempts to connect to the ip of the browser at the vnc port and display a screenshot. The site is getting slashdotted at the moment, so revisit this page and link until you get a chance to test out your VNC serving machines.

    (more…)

  • Manual Trackbacks

    Sometime over the last 2 or 3 days trackback pings stopped working for me. I didn’t notice until today. I think the hexblog may have been the first one to choke the queue, but I’ve spent the evening going back and sending trackbacks manually. There’s a manual pinger at http://www.aylwardfamily.com/content/tbping.asp which is tedious for a couple dozen entries, but it does work.

    (more…)

  • Dell recalling 35,000 notebook batteries

    Ouch, Dell is recalling 35,000 notebook batteries that were shipped between October 5rd and 13th of this year. They were made in China or Japan and “pose a risk of fire.” There is a web-site setup by Dell on the issue… here.

    They also suggest

    “Batteries subject to recall should not be used while awaiting a replacement battery pack from Dell, it says.”

    (more…)