GnomixLand :: Manuali, immagini, fotografie e tanto altro a portata di un click

"Un'altro update per PCBSD"
Stò seguendo l'evoluzione di questo sistema operativo e mi sono accorto che il 26 ottobre scorso è stato rilasciato un'altro aggiornamento che introduce alcune novità che vanno sempre nella direzione della facilità d'uso.
http://www.ziobudda.net/Admin/redir_news.php?id=24886

"Finalmente il nuovo Kernel Linux"
Con quasi un mese di ritardo arriva il Kernel Linux 2.6.14, release stabile e definitiva di questa versione; importanti i cambiamenti apportati...
http://www.ziobudda.net/Admin/redir_news.php?id=24883

MALWARE DRM, SONY UFFICIALMENTE DENUNCIATA L'associazione italiana per le liberta' digitali ALCEI non ha intenzione di lasciar correre la clamorosa vicenda del rootkit installato da Sony sui computer dei suoi clienti. Altre scoperte gettano nuove ombre sul colosso nipponico
URL: http://punto-informatico.it/pi.asp?i=56024

FREEBSD 6 PENSA IN GRANDE
La nuova versione del noto sistema operativo open source introduce nuove funzionalita' di classe enterprise e migliora il supporto al multi-threading, spremendo piu' a fondo le performance dei sistemi multipocessore
URL: http://punto-informatico.it/pi.asp?i=56018

FALLE IN FLASH PLAYER E QUICKTIME
In alcune versioni dei celebri player di Apple e Macromedia si celano alcune vulnerabilita' di sicurezza che potrebbero esporre gli utenti a seri rischi. I bug sono stati corretti nelle piu' recenti release dei due programmi
URL: http://punto-informatico.it/pi.asp?i=56034

TELECOM CONDANNATA PER SERVIZI NON RICHIESTI Non si possono fatturare servizi che non siano stati voluti dall'utente. Lo stabilisce una sentenza che potrebbe rendere la vita piu' facile ai consumatori. Che si dicono soddisfatti
URL: http://punto-informatico.it/pi.asp?i=56040

SI AVVICINA LINUX DAY 2005
Gli eventi che si terranno in nome del Pinguino in alcune citta' saranno trasmessi in streaming. Per l'edizione di quest'anno e' prevista anche la partecipazione di FSF Europe
URL: http://punto-informatico.it/pi.asp?i=56026

10 Things I Hate About (U)NIX
UNIX was a terrific workhorse for its time, but eventually the old nag needs to be put out to pasture. David Chisnall argues that it's time to retire UNIX in favor of modern systems with a lot more horsepower.
http://www.informit.com/articles/article.asp?p=424451&rl=1

Account Information Databases in Samba-3
Samba-3 implements a new capability to work concurrently with multiple account backends. The possible new combinations of password backends allows Samba-3 a degree of flexibility and scalability that previously could be achieved only with MS Windows Active Directory (ADS). This chapter describes the new functionality and how to get the most out of it.
http://www.informit.com/articles/article.asp?p=422302

A Taste of Java's I/O Package: Streams, Files, and So Much More The Java platform includes a number of packages that are concerned with the movement of data into and out of programs. These packages differ in the kinds of abstractions they provide for dealing with I/O (input/output). This chapter covers primarily the stream-based model of the java.io package.
http://www.informit.com/articles/article.asp?p=417997

Cisco ASA and PIX Firewall Logging
Cisco firewalls and security appliances can be configured to generate an audit trail of messages describing their activities. Firewall logs can be collected and analyzed to determine what types of traffic have been permitted or denied, what users have accessed various resources, and so on. This chapter presents the tasks that are necessary to begin generating and collecting logging messages.
http://www.informit.com/articles/article.asp?p=424447

Mac OS X
Vendor: Apple Computer
A vulnerability was reported in the Mac OS X kernel. A local user may be able to obtain kernel memory.
Impact: Disclosure of system information
Alert: http://securitytracker.com/alerts/2005/Oct/1015127.html

Keychain Access
Vendor: Apple Computer
A vulnerability was reported in the Mac OS X Keychain Access application. The system may display a password.
Impact: Disclosure of authentication information
Alert: http://securitytracker.com/alerts/2005/Oct/1015126.html

phpBB
Vendor: phpBB Group
Several vulnerabilities were reported in phpBB. A remote user can execute arbitrary code on the target system. A remote user can also inject SQL commands and conduct cross-site scripting attacks.
Impact: Disclosure of authentication information
Alert: http://securitytracker.com/alerts/2005/Oct/1015121.html

QuickTime
Vendor: Apple Computer
Several vulnerabilities were reported in Apple QuickTime Player. A remote user can cause arbitrary code to be executed on the target user's system.
Impact: Denial of service via network
Alert: http://securitytracker.com/alerts/2005/Nov/1015152.html

F-Prot Antivirus
Vendor: FRISK Software International
A vulnerability was reported in F-Prot Antivirus. A remote user can send malicious content that will bypass the scanning engine.
Impact: Host/resource access via network
Alert: http://securitytracker.com/alerts/2005/Nov/1015148.html

F-Secure Anti-Virus
Vendor: F-Secure
A vulnerability was reported in F-Secure Anti-Virus for Microsoft Exchange. A remote user may be able to view files on the target system.
Impact: Disclosure of system information
Alert: http://securitytracker.com/alerts/2005/Nov/1015143.html

F-Secure Internet Gatekeeper
Vendor: F-Secure
A vulnerability was reported in F-Secure Internet Gatekeeper. A remote user may be able to view files on the target system.
Impact: Disclosure of system information
Alert: http://securitytracker.com/alerts/2005/Nov/1015142.html

NetBSD
Vendor: NetBSD
Some vulnerabilities were reported in NetBSD. A local user may be able to deny service or potentially obtain elevated privileges.
Impact: Denial of service via local system
Alert: http://securitytracker.com/alerts/2005/Nov/1015132.html

Php
Vendor: PHP Group
A vulnerability was reported in PHP in the parse_str() function. A remote user may be able to turn the register_globals directive on.
Impact: Modification of system information
Alert: http://securitytracker.com/alerts/2005/Nov/1015131.html

Php
Vendor: PHP Group
A vulnerability was reported in PHP in phpinfo(). A remote user can conduct cross-site scripting attacks.
Impact: Disclosure of authentication information
Alert: http://securitytracker.com/alerts/2005/Nov/1015130.html

Php
Vendor: PHP Group
A vulnerability was reported in Php. A remote user may be able to overwrite variables to potentially execute arbitrary code on the target system.
Impact: Execution of arbitrary code via network
Alert: http://securitytracker.com/alerts/2005/Nov/1015129.html

ROOTKIT-ARMED WORM ATTACKING AIM
A worm spreading through America Online's Instant Messenger (AIM) network carries a dangerous rootkit, code designed to hide a hacker's work from anti-virus scanners, a security firm warned Friday.
http://www.net-security.org/news.php?id=9330

THE "SONY ROOTKIT" CASE
There's been some recent developments in digital rights management systems (DRM) that have security implications. Some DRM systems have started to use rootkit technology.
http://www.net-security.org/news.php?id=9342

SHOUT GOES OUT OVER PHP SECURITY BUGS
Security researchers have identified numerous new vulnerabilities in PHP - the popular, open source web development environment.
http://www.net-security.org/news.php?id=9347

ORACLE WORM PROOF-OF-CONCEPT
The worm uses the UTL_TCP package to scan for remote Oracle databases on the same local network.
http://www.net-security.org/news.php?id=9364

MANAGING SAMBA: WINDOWS NETWORK ID BASICS Linux administrators are keen to learn how better to manage Samba and how to meet the growing demand of network security and audit-ability.
http://www.net-security.org/news.php?id=9367

WHAT E-MAIL HACKERS KNOW THAT YOU DON'T
This document outlines how hackers are exploiting vulnerabilities in e-mail systems, and describes the widely available hacking tools they use.
http://www.net-security.org/news.php?id=9377

BASIC IPTABLES
This document will serve as a basic how-to on using iptables.
http://www.net-security.org/news.php?id=9382

MICROSOFT PATCHES BREAK SOME WEB SITES
Bulletins removed "unsafe functionality" and change how the browser handles ActiveX controls.
http://www.net-security.org/news.php?id=9384

WebDAV on Apache2
http://newsvac.newsforge.com/article.pl?sid=05/11/05/0526239&from=rss
WebDAV is a way of making parts of your webserver writable to certain clients. There are obvious reasons why you might want to do this, such as making it easy to update a website, and less obvious reasons, such as sharing Calendar data, or sychronising your bookmarks in Firefox, or to supply a small amount of password protected web space for people to share documents.

Weekly Report on Viruses and Intruders
http://newsvac.newsforge.com/article.pl?sid=05/11/07/046258&from=rss
LogError writes "This report explores the Mitglieder Trojan (FK, FL, FN and FM) and the Bagle.FN Worm."

"Eciadsl: far funzionare IPM Dataway e Alice"
Un brevissimo articolo sulla configurazione dei driver Eci per far funzionare un IPM Dataway con Alice.
http://www.ziobudda.net/Admin/redir_news.php?id=24908

"Grave falla per Macromedia Flash Player, aggiornare subito!"
Una grave vulnerabilità è stata scoperta dai ricercatori eEye all'interno di Macromedia Flash Player. Un update della versione 7 del player e l'upgrade alla versione 8, immune dal problema, sono disponibili sul sito Macromedia.
http://www.ziobudda.net/Admin/redir_news.php?id=24896
Also - http://www.alground.com/news/news.php?page=413
Also - http://www.techworld.com/security/news/index.cfm?RSS&NewsID=4740

SQL SERVER E VISUAL STUDIO, NEXT GENERATION Ieri dalla ribalta di San Francisco i vertici di Microsoft hanno ufficialmente lanciato sul mercato le nuove e a lungo attese versioni 2005 di Visual Studio e SQL Server. Annunciato anche BizTalk Server 2006
URL: http://punto-informatico.it/pi.asp?i=56070

MOZILLA, PREMI A CHI ESTENDE FIREFOX
Per accrescere uno dei patrimoni piu' preziosi di Firefox, le estensioni, Mozilla Corp ha lanciato un contest. Le migliori saranno premiate. Tutti i dettagli
URL: http://punto-informatico.it/pi.asp?i=56078

LINUX BERSAGLIO DI UN WORM BUCA-PHP
Un worm cerca di propagarsi in rete sfruttando una vulnerabilita' del famoso linguaggio di scripting open source. Gia' avvistata una variante con altri due exploit
URL: http://punto-informatico.it/pi.asp?i=56052
Also - http://nl.internet.com/ct.html?rtr=on&s=1,20gi,1,avmv,l6tj,85jl,7pty
Also - http://www.theregister.co.uk/2005/11/07/linux_worm/

RETURN OF THE BSDS
"The clocks have fallen back, the leaves are hitting the ground and new BSD releases are on the Net..."
http://nl.internet.com/ct.html?rtr=on&s=1,20gk,1,5n7s,2xoe,85jl,7pty

CROSSOVER OFFICE 5.0
"If you've been in 'wait and see' mode with CrossOver Office, this is the release that should push you toward it..."
http://nl.internet.com/ct.html?rtr=on&s=1,20gk,1,czom,g09i,85jl,7pty

DEBUGGING SIMULATED HARDWARE ON LINUX [PARTS 1 & 2] "Why would anybody want to simulate hardware when developing a device driver? This article lays out the problem and proposes an approach to solve it..."
http://nl.internet.com/ct.html?rtr=on&s=1,20gk,1,5kv3,abb8,85jl,7pty

REPLACING PROPRIETARY ANTI-VIRUS SOFTWARE "One of the major software programs we should be using every day, is a virus scanner. This single piece of software can be found on almost every PC in the world..."
http://nl.internet.com/ct.html?rtr=on&s=1,20gk,1,5rid,568c,85jl,7pty

MICROSOFT: OPEN SOURCE NOT THAT OPEN
"According to experts, the dominant operating systems in the data center by the end of the decade will be Windows and Linux--and Microsoft is getting ready for that standoff by learning from the competition..."
http://nl.internet.com/ct.html?rtr=on&s=1,20gk,1,ai5l,1uom,85jl,7pty

Implementing MVC in PHP: The Controller
The most popular "proper" way to build a web application seems to be to use the Model-View-Controller design pattern. While it sounds complex, the concepts are sound and the ease of development it provides are compelling. Joe Stump shows how the Controller part of MVC works by developing a working version in PHP 5.
http://www.onlamp.com/pub/a/php/2005/11/03/mvc_controller.html

Speeding up Linux Using hdparm
Instantly double the I/O performance of your disks or, in some cases, show 6 to 10 times your existing throughput!
http://www.linuxdevcenter.com/pub/a/linux/2000/06/29/hdparm.html

Testing Web Apps Effectively with twill
You have just finished your beautiful web application, with lots of pages, links, forms, and buttons; you have spent weeks making sure that everything works fine, that it handles the special cases correctly, that the user cannot crash your system no matter what she does.
http://www.onlamp.com/pub/a/python/2005/11/03/twill.html

VULNERABILITIES & EXPLOITS
Title: Apple sounds alarm over QuickTime flaws
Source: CNet
Date Written: 2005-11-04
Date Collected: 2005-11-07
Apple Computer issued an alert on November 3, 2005 detailing four vulnerabilities in QuickTime media player. "Three of the vulnerabilities can launch malicious code that allows an attacker to snoop on users," said Thomas Kristensen, chief technology officer of security software company Secunia. "The other vulnerability is a DOS attack that will only work in a few cases and crash the media player when it tries to open a file." Secunia has rated the flaws, which affect QuickTime versions 6.5.2 and 7.0.1 for Mac OS X and some versions for Microsoft Windows, as "highly critical." Apple issued an update, QuickTime 7.0.3, to fix the four flaws on Oct. 12, 2005.
http://news.com.com/Apple+sounds+alarm+over+QuickTime+flaws/2100-1002_3-5933117.html?part=rss&tag=5933117&subj=news

CLI Magic: sudo voodoo
http://os.newsforge.com/article.pl?sid=05/11/07/1548208&from=rss
Sudo is a handy little tool that is of value to both system administrators and common folks like us. What does it do? It allows you to temporarily assume the permissions of another user, up to and including root. If you belong to the camp that says you should only have root privileges at the time they are needed, sudo makes your life a little easier by making it easier to shape-shift between the permissions for a mere mortal and those of the super user.

One-click installation with Klik
http://software.newsforge.com/article.pl?sid=05/10/27/1949248&from=rss
Simplifying software installation is a popular pastime for Linux developers. It has given us useful tools like Synaptic, YUM, checkinstall, and autopackage. A new kid on the block, Klik, approaches the problem differently, by avoiding the installation altogether.

"LINUXDAY: boicottiamo il logo, ecco il sito della protesta."
Premesso che non è nostra intenzione mettere in discussione l'intero lavoro del comitato organizzatore il quale sicuramente si è prodigato a favore del Linux Day e ne tantomeno quello di boicottare il Linux Day a cui partecipiamo entusiasti. Invece con quest'azione mirata al solo logo ci poniamo di affrontare il problema che è spesso presente nella comunità linux italiana di irrigidirsi su determinate posizioni e volerle imporle o propagandare come le uniche possibili piuttosto che concepire la diffusione e l'educazione come un processo evolutivo in cui ognuno è anche libero di assumere posizioni diverse, non necessariamente sbagliate, in cui la convergenza è frutto del dialogo piuttosto che dell'aderenza ad un'unica visione.
http://www.ziobudda.net/Admin/redir_news.php?id=24920

"SHA-1 e MD5? Troppo insicuri, però..."
Incominciano a mostrare la corda ma non hanno alternative evidenti: è questo, in sostanza, il giudizio che gli esperti che hanno partecipato al Cryptographic Hash Workshop dello statunitense National Institute of Standards and Technology (NIST).
http://www.ziobudda.net/Admin/redir_news.php?id=24914

P2P, GROKSTER CHIUDE PER SEMPRE I BATTENTI Un accordo con le major porta alla chiusura definitiva della celebre piattaforma. Dopo tre anni di battaglia legale l'industria dei contenuti ottiene quella che definisce una vittoria storica. E ora parla di P2P legale
URL: http://punto-informatico.it/pi.asp?i=56107

MS ANTISPYWARE? CHIAMATELO DEFENDER
Il giovane tool antispyware di Microsoft, attualmente disponibile in versione beta, cambiera' presto il proprio nome e, con l'occasione, introdurra' una nuova interfaccia e nuove funzionalita'. Fara' parte di Windows Vista
URL: http://punto-informatico.it/pi.asp?i=56095
Also - http://www.theregister.co.uk/2005/11/07/windows_defender/

CREDEVO FOSSE UNA PATCH, E INVECE...
Un cavallo di Troia. È cio' che si cela in una falsa patch per Windows il cui link viene diffuso attraverso un finto advisory di sicurezza di Microsoft. Si sospetta che il trojan possa essere utilizzato per creare una rete di PC zombie
URL: http://punto-informatico.it/pi.asp?i=56091

LE MODIFICHE AL CODICE DELL'AMMINISTRAZIONE DIGITALE Entreranno in vigore dal prossimo primo gennaio: esperti e legali sono al lavoro per approfondire gli aspetti tecnici della revolution amministrativa. Ecco come ci si sta muovendo
URL: http://punto-informatico.it/pi.asp?i=56104

FREE SOFTWARE MAGAZINE: SECRET STANDARDS "In the free-wheeling world of free software, we are accustomed to free standards, published freely, defined by freely distributable (if not necessarily freely-modifiable) standards documents..."
http://nl.internet.com/ct.html?rtr=on&s=1,20jy,1,6rfp,h6d2,85jl,7pty

VIRTUAL HOSTING WITH PROFTPD AND MYSQL (INCL. QUOTA) "This document describes how to install a Proftpd server that uses virtual users from a MySQL database instead of real system users..."
http://nl.internet.com/ct.html?rtr=on&s=1,20jy,1,kwwu,kvbw,85jl,7pty

VULNERABILITIES & EXPLOITS
Title: Sony DRM patch could crash PCs
Source: Techworld
Date Written: 2005-11-07
Date Collected: 2005-11-08
Mark Russinovich, the researcher who discovered the so-called "Sony rootkit", says Sony's patch to make its copy-protection software visible to users has a small chance of crashing computers. Russinovich doubts Sony's commitment to quality service, arguing that whoever wrote the patch had little experience writing Windows drivers. Russinovich has also discovered that the software, called XCP (Extended Copy Protection), communicates with the Sony website. Sony assures users that it gathers no information from computers using XCP.
http://www.techworld.com/security/news/index.cfm?RSS&NewsID=4733

CIVIL & CONSUMER ISSUES
Title: Sony faces police investigation into DRM code
Source: Techworld
Date Written: 2005-11-08
Date Collected: 2005-11-08
ALCEI-EFI (Association for Freedom in Electronic Interactive Communications - Electronic Frontiers Italy) has filed a complaint with Colonel Umberto Rapetto of the Guardia di Finanza, head of Italy's cybercrime investigations unit, requesting a criminal investigation of Sony BMG for its use of copy-protection software that acts as a rootkit. ALCEI-EFI alleges that the software damages computers and contains malicious features forbidden under Italian law. First 4 Internet, developer of the Sony software, says use of rootkit features was necessary to prevent users from working around the copy-protection. Computer Associates has classified the Sony copy-protection as a form of spyware.
http://www.techworld.com/security/news/index.cfm?RSS&NewsID=4745

"Micro$oft ammette la sconfitta!!"
Non ho parole. Leggere per credere...
http://www.ziobudda.net/Admin/redir_news.php?id=24940

"Ingres, un database open alla riscossa"
Computer Associates tenta di infondere nuova vita al proprio database open source trasformando il reparto che lo sviluppa in una società autonoma finanziata, in buona parte, da una società di capital venture. Ingres risorgerà dalle ceneri?
http://www.ziobudda.net/Admin/redir_news.php?id=24937

"FlickrFS"
Dopo il GMailFS ecco il filesystem FUSE per Flickr, adesso sarà possibile aggiungere nuove immagini copiandole direttamente dalla shell!
http://www.ziobudda.net/Admin/redir_news.php?id=24934

"LOOP da Ubuntu"
lista di applicazioni OpenSource per Windows, direttamente da quelli di Ubuntu
http://www.ziobudda.net/Admin/redir_news.php?id=24963

"Cominciano i Corsi Freelabs.it"
Dopo un mese dall'apertura del sito, i corsi sono iniziati! Per chi non lo sapesse, Freelabs.it organizza Corsi Online Grautiti per chiunque voglia imparare la programmazione, a usare linux, o a fare banner, hardware, grafica... Vieni anche tu, potrai insegnare o solamente partecipare ai corsi! E' Gratis!
http://www.ziobudda.net/Admin/redir_news.php?id=24961

"[OT] In Italia il furto di identità passa dal cestino!"
Social engineering:nella pattumiera dell'italiano tutto il necéssaire per i ladri d'identità. Sono allarmanti i dati emersi da una ricerca condotta da Experian sui furti di identità che avvengono anche rovistando nei rifiuti.
http://www.ziobudda.net/Admin/redir_news.php?id=24956

"CREATIVE COMMONS ITALIA 2005"
Le licenze Creative Commons e la realtà italiana: situazione, problemi e opportunità. Torino, sabato 19 novembre 2005.
http://www.ziobudda.net/Admin/redir_news.php?id=24951

"Informatica forense"
In rete si trova poca roba, sopra-tutto in italiano, sull'informatica forense. Il link rimanda ad una pagina di un "professore" di UniBO il quale tratta l'argomento.
http://www.ziobudda.net/Admin/redir_news.php?id=24945

IL GIOCOSO PINGUINO DI CEDEGA 5.0
La nuova versione del noto software per Linux consente di far girare su Linux alcune centinaia di giochi per Windows, tra cui gli ultimi capitoli di Battlefield e Dungeon Siege. Ecco le novita'
URL: http://punto-informatico.it/pi.asp?i=56126

MICROSOFT SISTEMA DUE FALLE CRITICHE
Questo mese la softwarehouse ha pubblicato un solo bollettino contenente le patch per tre vulnerabilita' di Windows, due delle quali valutate della massima gravita'
URL: http://punto-informatico.it/pi.asp?i=56113

IL DRM SONY AIUTA UN TROJAN? BUFERA SULL'AZIENDA Partita una class action negli Stati Uniti mentre su Sony piove la denuncia dei consumatori europei. Intanto gli esperti di sicurezza avvertono: gira un trojan che si maschera grazie al rootkit del colosso giapponese
URL: http://punto-informatico.it/pi.asp?i=56151

UN BIDONE LE ADSL 4 MEGABIT?
Lente, troppo lente. Una valanga di proteste, nei forum, nei newsgroup, per e-mail a Punto Informatico. I provider riconoscono il problema e promettono soluzioni a breve. P2P tra incudine e martello
URL: http://punto-informatico.it/pi.asp?i=56172

DAL SOCIAL NETWORKING ALLO SPAM TRASVERSALE di Pietro Morelli - Ovvero come le piattaforme che tramite Internet danno corpo a nuove relazioni sociali, offrendo opportunita' per moltissimi utenti, possano talvolta trasformarsi in un problemaccio per la mailbox
URL: http://punto-informatico.it/pi.asp?i=56159

CAD, ACCESSIBILITA' VERA E DIRITTI
di L. Spallino (webimpossibile.net) - I ritocchi al Codice dell'Amministrazione Digitale devono tener conto della concreta possibilita' per il cittadino di accedere alla PA attraverso gli strumenti telematici. Chi vigila chi?
URL: http://punto-informatico.it/pi.asp?i=56154

Tentativo di phishing nel nome di Google Il tentativo dei malintenzionati di appropriarsi di numeri di carte di credito e dei dati personali degli utenti non conosce soste e sempre più fantasiosi sono i sistemi tentati: prima i falsi siti di Ebay, poi di Paypal, delle banche OnLine, del Banco Posta ed ora è la volta anche di Google.
http://www.alground.com/news/news.php?page=415

Microsoft: rilasciata la prima patch critica di Novembre Il bollettino di sicurezza Microsoft MS05-053 segnala il rilascio di una patch per correggere una vulnerabilità considerata critiche che affligge i sistemi operativi Windows 2000, XP e Windows Server 2003
http://www.alground.com/news/news.php?page=414

Proposta per it.comp.os.linux.slackware
Vorrei portare all'attenzione degli interessati la rdf per la creazione del gruppo di discussione it.comp.os.linux.slackware. Chiunque ne fosse interessato puo' leggerla all'indirizzo e mandare suggerimenti e/o contributi all'indirizzo email che compare nell'rdf stessa, nelle prime righe.
http://www.webalice.it/eli_enri/rdf.txt

Linux worm overrated
The latest and greatest Linux worm isn't the most elegant or fastest spreading worm, or even one that's difficult to stop, but it still offers a warning for Web developers and administrators everywhere.
http://www.securityfocus.com/columnists/368

Creating a Sysprep Image Library for Virtual PC
Author: Mitch Tulloch
Summary: This article examines how to use Sysprep to create a library of operating system images which you can then use to deploy virtual machines on Microsoft Virtual PC for testing purposes. Such a library can help you save valuable time when creating test networks using Virtual PC.
Link: http://www.WindowsNetworking.com/articles_tutorials/Creating-Sysprep-Image-Library-Virtual-PC.html

Shells for Sale! (Part 3)
Author: Don Parker
Summary: We have seen over the past two articles, both the planning and the first steps taken in a practice hack, for the purpose of accumulating exploited computers. In this final part we will see the conclusion of what a semi-skilled hack would look like. Lastly, we will also see how our hacker John, is also quickly caught trying to sell his wares.
Link: http://www.WindowSecurity.com/articles/Shells-Sale-Part3.html

Windows Server Hacks: Shadowing Remote Desktop Sessions Shadowing Terminal Services sessions is a cool feature of Windows Server 2003 that lets you remotely control the desktop session of another Terminal Services user. But it's easier said than done. How to do it? Mitch Tulloch, author of "Windows Server Hacks," gives you step-by-step instructions.
http://www.windowsdevcenter.com/pub/a/windows/2005/11/08/shadowing-remote-desktop-sessions.html

Beware of Network Sniffers
Network sniffing is harder than most people think, but that doesn't mean it's not a threat. Mitch Tulloch, author of Windows Server Hacks, tells you the truth about sniffing dangers, and shows you how to protect your network.
http://www.windowsdevcenter.com/pub/a/windows/2005/11/01/beware-of-network-sniffers.html

ANALYSIS: IS THIS THE DAWN OF THE LINUX WORMS?
"The Luppi worm is blazing a trail with great potential for attackers. We might learn a lot about how secure Linux systems are in the next few months..."
http://nl.internet.com/ct.html?rtr=on&s=1,20tl,1,hjwn,cuvq,85jl,7pty

OPEN SOURCE DATABASE WARS BEGIN
"Web 2.0 start-ups have a hidden vulnerability. They all rely on the same database, mySQL..."
http://nl.internet.com/ct.html?rtr=on&s=1,20q2,1,clb0,9mun,85jl,7pty

INSTALLING OPENOFFICE.ORG 2.0 FOR DEBIAN "The OOo group released 2.0 in rpm format only. Needless to say, this has some non-rpm GNU/Linux users up in arms..."
http://nl.internet.com/ct.html?rtr=on&s=1,20q2,1,9kiq,ednp,85jl,7pty

HOW A LINUX DISTRO SAVED HARD DISK DATA
"Our search-and-rescue expert is back to share how he recovered a master boot record and reclaimed lost data..."
http://nl.internet.com/ct.html?rtr=on&s=1,20q2,1,eyxw,bnfs,85jl,7pty

-STABLE: LINUX 2.6.14.1
"We (the -stable team) are announcing the release of the 2.6.14.1 kernel..."
http://nl.internet.com/ct.html?rtr=on&s=1,20q2,1,aewk,7zsn,85jl,7pty

A YEAR WITHOUT (MS) WINDOWS: COMPLETING THE CONVERSION OF A WINDOWS USER "Many people aspire to run a pure GNU/Linux environment, but often complain that some device or program is stopping them..."
http://nl.internet.com/ct.html?rtr=on&s=1,20tj,1,jpy0,lue3,85jl,7pty

MALWARE
Title: Lupper worm targets Linux systems
Source: NetworkWorld
Date Written: 2005-11-08
Date Collected: 2005-11-09
The Linux.Plupii worm, also known as Lupper, affects Linux systems and spreads by “exploiting Web servers hosting vulnerable PHP/CGI programming language scripts”. The worm, a derivative of the Linux/Slapper and BSD/Scalper worms, is only rated a medium or low threat, however, and has not spread much. Users should update Linux anti-virus software and patches.
http://www.networkworld.com/news/2005/110805-lupper-worm.html?fsrc=netflash-rss

MALWARE
Title: Trojan Attacks Microsoft Image Rendering Flaw
Source: EWeek.com
Date Written: 2005-11-10
Date Collected: 2005-11-10
A Trojan has been spotted in the wild attacking Windows users via the image rendering flaws recently patched by Microsoft Corp., according to anti-virus vendor Trend Micro Inc. The Trojan is called TROJ_EMFSPLOIT.A and crashes the "explorer.exe" file, making the taskbar disappear. The attack is considered very disruptive because “explorer.exe” is required by the Windows Graphical Shell. Trend Micro said the exploit is a "proof-of-concept Trojan" that uses the Graphics Rendering Engine vulnerability patched by Microsoft on November 8, 2005, but could be exploited using any software that displays images, including Microsoft Outlook and Microsoft Word. Users could be at risk by browsing to a site rigged with malicious image files or by displaying images in e-mail preview window.
http://www.eweek.com/article2/0,1895,1885050,00.asp

MALWARE
Title: Sony DRM code hijacked by Trojan
Source: Techworld
Date Written: 2005-11-10
Date Collected: 2005-11-10
A Trojan horse that uses Sony’s controversial digital rights management (DRM) software has surfaced. The Troj/Stinx-E malware arrives via email, in a message with an attached picture. Opening the picture copies a file to the hard disk using the "$sys$" prefix used by Sony’s DRM program, which hides the file on any system already loaded with the Sony software. Chances of infection are low for most computer users, but the malware is yet another discomfiting development for Sony, which has been under fire since the disclosure of its use of rootkit techniques for DRM.
http://www.techworld.com/security/news/index.cfm?NewsID=4771

TECHNOLOGY
Title: History's Worst Software Bugs
Source: Wired News
Date Written: 2005-11-08
Date Collected: 2005-11-09
The Wired News “list of the 10 worst software bugs of all time … so far”. In chronological order the list follows. The July 28, 1962 Mariner I space probe. A flight software bug occurred when a written formula was improperly transcribed into code. The rocket's trajectory was therefore miscalculated, and the rocket was destroyed over the ocean. In 1982 a Soviet gas pipeline explosion “reportedly the largest non-nuclear explosion in the planet's history”. From 1985 to1987 the Therac-25 medical accelerator, a radiation therapy device, malfunctioned and killed several patients. From1988 to1996 the Kerberos Random Number Generator is not truly random, and it was possible to easily break into computers using Kerberos authentication. On January 15, 1990 AT&T suffered a network outage from a network crash and reboot, leaving 60 thousand people without long distance service. In 1993 a silicon error caused Intel's Pentium chip to “make mistakes when dividing floating-point numbers that occur within a specific range”. A “public relations nightmare”, it “ultimately costs Intel $475 million”. During 1995/1996 the "blue screen of death" occurs in Windows computers when a malformed "ping" packet is received from anywhere on the internet. On June 4, 1996 the Ariane 5 rocket’s engines “trigger a bug in an arithmetic routine inside the rocket's flight computer”, causing the rocket to explode 40 seconds after launch. In November 2000, therapy planning software miscalculates the dosage of radiation for patients and 8 die, while the doctors involved, “who were legally required to double-check the computer's calculations by hand, are indicted for murder”.
http://www.wired.com/news/technology/bugs/0,2924,69355,00.html?tw=rss.TOP

VULNERABILITIES & EXPLOITS
Title: Flash, bang, wallop - you're own3d
Source: The Register
Date Written: 2005-11-08
Date Collected: 2005-11-09
A flaw in Macromedia's Flash Player could allow attacks against computers running the popular application. The critical security bug, discovered by Fang Xing of eEye Digital Security and also, separately, by Bernhard Mueller of SEC Consult, affects Flash Player 6.x and 7.x. The vulnerability “stems from a failure to reject malformed SWF files as invalid”. Users are urged to upgrade to Flash Player 8 or to apply the security updates Macromedia has issued.
http://www.theregister.co.uk/2005/11/08/flash_security_bug/

VULNERABILITIES & EXPLOITS
Title: Microsoft warns of flaw in newer Windows versions
Source: C-Net (Reuters)
Date Written: 2005-11-08
Date Collected: 2005-11-09
A critical security flaw in Windows XP, Windows Server and an updated version of Windows 2000 makes users vulnerable to malicious software code embedded into digital images. Simply viewing a digital image containing code exploiting the flaw could allow a hacker to take control of a PC. Users are urges to install the patch Microsoft issued as part of its monthly security update and to avoid suspicious e-mail attachments or unfamiliar links.
http://today.reuters.com/news/newsarticle.aspx?type=technologyNews&storyid=2005-11-08T222025Z_01_FLE879815_RTRUKOC_0_US-MICROSOFT-SECURITY.xml

VULNERABILITIES & EXPLOITS
Title: Security Expert Pokes More Holes in Oracle Patch
Source: EWeek.com
Date Written: 2005-11-09
Date Collected: 2005-11-10
David Litchfield of Next Generation Security Software Ltd., a noted security expert who has been critical of Oracle in the past, posted a warning on the Bugtraq security discussion list claiming that Oracle's October 2005 Critical Patch Update failed to install software components on some Oracle systems. A problem with the script that installs the patch “prevents updated PL/SQL software packages that fix the vulnerability from being copied to the system running Oracle.” Attackers could use the hole to elevate low-level database accounts to database administrator accounts, which could be done remotely if the database is exposed to the Internet. Litchfield recommends running the script manually, which installs the patch correctly. Oracle did not comment on the matter.
http://www.eweek.com/article2/0,1759,1884609,00.asp?kc=EWRSS03119TX1K0000594

VULNERABILITIES & EXPLOITS
Title: Sony takes second stab at DRM patch
Source: Search Security
Date Written: 2005-11-09
Date Collected: 2005-11-10
Sony BMG Music Entertainment Inc. issued another patch for its digital rights management (DRM) system November 8, 2005, but comments made by Sony Global Digital Business President Thomas Hesse on National Public Radio have intensified the public outcry. Claiming that most “people don't even know what a rootkit is, so why should they care about it?" Hesse has worried IT professionals, who say Sony's excusing the use of rootkit technology is truly unsettling. Sony faces at least one legal action: a class-action lawsuit has been filed on behalf of California consumers who may have been harmed by the use of rootkit technology on Sony CDs. Another class-action lawsuit, this one nationwide, is expected to be filed in a New York court for all U.S. consumers who have purchased such CDs from Sony.
http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1144105,00.html

New approaches to Linux package management http://software.newsforge.com/article.pl?sid=05/10/31/1949225&from=rss
Traditional Linux package management systems such as RPM, Debian's dpkg, and Slackware's pkgtool present several problems for users. Users who want optimized packages often have problems finding them, different package repositories have conflicting naming conventions, and binary packages are often not available for packages in a timely fashion. However, for users willing to stray from the beaten path, there are alternatives. Two projects have taken up the challenge of making a package management system that overcomes these shortcomings.

10 Seconds Guide to Bash Scripting
http://newsvac.newsforge.com/article.pl?sid=05/11/11/0345216&from=rss
Anonymous Reader writes "This is an excellent article on bash scripting aptly named - '10 seconds guide to bash scripting'. And it takes just 10 seconds too. The author of the article writes.... "First let me clarify that this is not going to be a detailed study of shell scripting, but as the name of the post indicates, it will be a quick reference to the syntax used in scripting for the bash shell. So if you are expecting the former, then you should buy yourself a good book on shell scripting . ;) So let's move on to the guide. Start your stop watch now."

Linux: Secure as You Want It to Be
http://newsvac.newsforge.com/article.pl?sid=05/11/11/0316258&from=rss
Yes, Linux will be attacked more often in the days ahead, but far fewer attacks will get through than do on Windows

Expanding Exposure: The Decreasing Time Between Web Application Vulnerability and Exploitation It discusses how web applications are unique in the small amount of time required to develop an exploit against a published vulnerability (demonstrated in 2 lines of sed). It can be downloaded from:
http://www.owasp.org/docroot/owasp/misc/webapp-oswap.doc

"Realizzare un server casalingo con Gentoo: parte 3"
In questa ultima puntata dedicata alla realizzazione di un server casalingo basato su Gentoo Linux ci si occuperà dell'installazione di VNC per poter accedere in modo agevole da remoto, verrà poi installato un comodo server ftp e si descriverà la procedura per sostituire un disco difettoso
http://www.ziobudda.net/Admin/redir_news.php?id=24981

"Adesso a GNU/Linux le aziende comprano e regalano i brevetti"
Questa potrbbe be essere la domanda spontanea dopo la nascita di Open Invention Network (OIN), una società nata unicamente per acquisire brevetti e rilasciarli royalty-free per promuovere GNU/Linux e l'OSS.
http://www.ziobudda.net/Admin/redir_news.php?id=24977

"MiniHDo con Ubuntu"
Iniziano a comparire i miniHD USB con Linux preinstallato. Un gadget davvero carino. Peccato che in italia non lo si trovi.
http://www.ziobudda.net/Admin/redir_news.php?id=24973

"Sony: DRM anche per Mac"
un utente mac ha scoperto che il player mac dei cd incriminati installa un modulo del kernel che fa le stesse cose del rootkit per windows.
http://www.ziobudda.net/Admin/redir_news.php?id=24969

** OPENOFFICE SFIDA OFFICE **
La suite open source è matura per sostituire quella di Microsoft?
http://www.zeusnews.it/news.php?cod=4432

La rivoluzione Nintendo? La consolle più economica Il prezzo della nuova misteriosa consolle della Nintendo sarà assolutamente competitivo, probabilmente di almeno 100 dollari inferiore alle concorrenti. Ad affermarlo è stato il vice presidente esecutivo della divisione marketing di Nintendo, Reggie Fils-Aime, intervistato dal corrispondente Chris Morris della CNN/Money.
http://www.alground.com/news/news.php?page=417

Sony BMG sospende la produzione dei CD con tecnologia XCP A seguito della scoperta di ieri del primo virus in grado di sfruttare il sistema di protezione XCP di Sony BMG, Sony BMG sospende la produzione di CD che utilizzano il nuovo sistema di protezione.
http://www.alground.com/news/news.php?page=418

Hacking IIS6 with Metabase Explorer
Mucking about in version 6 of the IIS metabase is a lot easier than in earlier versions. But try it, and you may end up with metabase corruption and other woes. Mitch Tulloch, author of Windows Server Hacks, shows you how to hack the IIS6 metabase with Metabase Explorer.
http://www.windowsdevcenter.com/pub/a/windows/2005/10/25/hacking-iis6-with-metabase-explorer.html

FREE SOFTWARE MAGAZINE: PATENTS KILL
"The cost of such a machine is insane (I have no other word for it); at the hospital, they are already thinking about upgrading it because only three years after the purchase, it’s already obsolete..."
http://nl.internet.com/ct.html?rtr=on&s=1,20xm,1,al5n,lymf,85jl,7pty

FIREFOX 1.5 RC 2 RELEASED
"Firefox 1.5 RC 2 is available for our testing community, Web site and Web application developers, and our Extension developers..."
http://nl.internet.com/ct.html?rtr=on&s=1,20xm,1,446d,5cio,85jl,7pty

I'M FINALLY LEARNING PROCMAIL
"The truth is, I never learned much about email, nor really ever wanted to. I've been using it since the 1980s, and for most of that time, it just worked..."
http://nl.internet.com/ct.html?rtr=on&s=1,20xm,1,c3gn,i2vg,85jl,7pty

C++ Preprocessor: Always Assert Your Code Is Right
Learn how to use asserts to debug C++ easily, and see that not all macros are evil.
http://www.devarticles.com/c/a/Cplusplus/C-plus-plus-Preprocessor-Always-Assert-Your-Code-Is-Right/

Write a Robots.txt File
In this article, Clint shows you how to build a Robots.txt and be sure it works correctly to optimize for search spiders.
http://www.seochat.com/c/a/Search-Engine-Optimization-Help/Write-a-Robotstxt-File/

TECHNOLOGY
Title: Giants team to make VoIP work with firewalls
Source: Techworld
Date Written: 2005-11-11
Date Collected: 2005-11-11
Microsoft and Cisco have teamed up to integrate Interactive Connectivity Establishment (ICE) standard with Microsoft software, allowing VoIP (Voice over IP) phones to work across firewalls and NATs (Network Address Translator). NATs are popular for protecting business networks, since they hide a computer's true IP address from outside systems. However, this also makes VoIP calls to parties outside an intranet impossible, slowing adoption of VoIP. ICE uses a number of protocols, including Simple Traversal of UDP through NAT, Traversal Using Relay NAT, and Realm Specific IP, to make VoIP connections across the NAT.
http://www.techworld.com/security/news/index.cfm?RSS&NewsID=4776

NewsForge presents free OpenOffice.org training videos http://business.newsforge.com/article.pl?sid=05/11/09/2044220&from=rss
Massachusetts is trying to convert all computerized state documents to the open document format (odt). We think this is a fine idea. One concern that's been expressed about this move (at least by Microsoft) is that training employees to use OpenOffice.org 2.0 or other software that uses non-proprietary file formats (in place of Microsoft Office) will be time-consuming and costly. But what if basic OpenOffice.org training materials were available online for free? As a public service for Commonwealth of Massachusetts employees (and everyone else), NewsForge is presenting -- absolutely free of charge -- 11 OpenOffice.org training videos as part of this article. They're excerpts from the video CD that comes with NewsForge Editor-in-Chief Robin 'Roblimo' Miller's upcoming book, Point & Click OpenOffice.org!, which will be available in December from all major booksellers. But we wanted you to have access to these videos now instead of waiting until the book is available, so here th ey are.

Reusing existing OpenSSH v4 connections
http://newsvac.newsforge.com/article.pl?sid=05/11/12/042223&from=rss
I've recently learnt of an interesting new features of OpenSSH v4 which allows you to reuse open connections when connecting to the same host more than once. If you regularly have multiple open connections to a single host this is a big timesaver.

g00d reading! 'n' bye
Security News MainTainer:

The Jackal a.k.a. jAcKallO < jackal [at] capitanlug.it >

(AreaSessantuno Inside) / (SpiPPolatori Collaborator) (HackerAlliance Member) / (Socio fondatore del CapitanLUG.iT) (Daily DisInfo CreaTor & MainTainer) / (Security News MainTainer)