continue reading.....

Filed under: security hacks

It’s been a few weeks since [Dan Kaminsky] announced the nature of the DNS vulnerability and allowed 30 days of non-disclosure for patches to be applied before details of the exploit went public. Unfortunately, the details were leaked early and it didn’t take long for a functional exploit to be released into the wild. Since then, many ISPs have taken steps to prevent their users from falling victim to the attack, and BIND, the widely-used DNS protocol implementation, was updated to minimize the threat. Even then, there were reports of a version of the attack being actively used on AT&T’s DNS servers.

Mac OSX uses a BIND implementation but as of yet, Apple has not released a patch updating the system (Microsoft, on the other hand, patched this up on July 8). As a result, machines running OSX are at risk of being exploited. Individual users are less likely to be targeted, since the attacks are directed towards servers, but it’s not a smart idea to leave this vulnerability open. [Glenn Fleishman] has published a way to update BIND on OSX manually, rather than waiting on Apple to patch it themselves. It requires Xcode and a bit of terminal work, but it’s a relatively painless update. When we tried it, the “make test” step skipped a few tests and told us to run “bin/tests/system/ifconfig.sh up”. That allowed us to re-run the tests and continue the update without further interruption. [Fleischman] warns that people who manually update BIND may break the official update, but he will update his instructions when it happens with any possible workarounds. Unfortunately, this fix only works for 10.5 but alternative, yet less effective methods may work for 10.4 and earlier.

If you’d like to know if your preferred DNS servers are vulnerable or not, you can use the DNS checker tool from Doxpara. As an alternative to your ISP’s DNS servers, you can use OpenDNS, which many prefer for its security features and configuration options.

Read | Permalink | Email this | Linking Blogs | Comments

continue reading.....

I’ve been using OpenBSD 4.2 for a few months now on the $15 Laptop (Compaq Armada 7770dmt), and I’m leaving it on the hard drive for now. It does run better with 144 MB of RAM. I may even upgrade the OS to the current version 4.3. OpenBSD with X is nowhere near as fast as the fastest Linux systems, but the added security and overall quality keeps me using it. However, I’m considering swapping out the hard drive (to retain my OpenBSD installation) and trying Debian again.

continue reading.....

The following 10 items are guidelines more than rules, that I have learned over the years doing intensive work on the IT infrastructure. These guidelines are mostly common sense and can be helpful for anybody who administers an IT system, including Linux/Windows Administrator, Network Administrator and DBA.

Read more: 10 Ultimate Rules for Effective System Administration

Copyright © nixCraft. All Rights Reserved. Support nixCraft when you shop at amazon. Thanks!

continue reading.....

continue reading.....

continue reading.....

continue reading.....

iDefense Security Advisory 07.30.08: SAP MaxDB dbmsrv Untrusted Execution Path Vulnerability

continue reading.....

Over the past few years, I have heard a lot of noise about how great it would be to see KDE coming to Windows world. Despite this happening on its own, it really means little with the exception of perhaps one application – amaroK.

continue reading.....

In the UK, private water delivery companies see bottled water as a direct competitor for their product, tap water.

continue reading.....

In the UK, private water delivery companies see bottled water as a direct competitor for their product, tap water.

continue reading.....

Bzzz…. bzzz…… bzzz…… That’s not the sound of bees. It’s the buzz surrounding new, open source Twitter competitor identi.ca. Creator Evan Prodromou sat down at OSCON in front of Linux.com’s video camera and explained what identi.ca is all abo…

continue reading.....

Launched yesterday, and available now in Debian “experimental,” KDE 4.1 is what 4.0 should have been, one reviewer finds. With some 70,000 software changes since 4.0 launched at Google HQ last Jan., is KDE 4.1 about to usher in the future of the Linux desktop? The first RC1 release of KDE 4.0 appeared nearly a year ago. The full major 4.0 version was then officially launched at Google headquarters on Jan. 18. Then, team KDE really got busy, implementing a roadmap that called for minor releases each month. Those releases, in turn, culminated with the release of KDE 4.1 yesterday.

continue reading.....

[~] Greetz : Me93fg & Mr.SaFa7

continue reading.....

Secunia Research: Blue Coat K9 Web Protection "Referer" Header Buffer Overflow

continue reading.....

Secunia Research: Blue Coat K9 Web Protection Response Handling Buffer Overflows

continue reading.....

[oCERT-2008-009] libxslt heap overflow

continue reading.....

Filed under: peripherals hacks, news

A Microsoft research team has delivered a prototype called the UnMouse that could really be a big hit. This unit is a mouse pad sized sensor that is multitouch and pressure sensitive. It is flexible and thin enough to roll up. The article mentions that the construction of the device is “dirt cheap”. This is very exciting; is this the next mouse?

The idea of having low cost multitouch input is very enticing. While there are many ways to do multitouch right now, most are limited by their large size due to projector/camera setups or high cost such as the iPhone. A portable (fits in your laptop bag) pressure sensitive multitouch input device is something that a lot of people have been craving for a while.

Just imagine the uses. Audio engineers could create new interfaces on the fly. You could draw a key map on piece of paper and just lay it on top. Graphic designers could use different sized and shaped brushes. Gamers could make their own ergonomically comfortable gaming layouts. How about covering one in Velcro and attaching buttons to it?

Read | Permalink | Email this | Linking Blogs | Comments

continue reading.....

Even the most casual observer of the linux-kernel mailing must have noticed that, in the shadow of the firmware flame war, there is also a heated discussion over the management of security issues. There have also been some attempts to turn this local battle into a multi-list, regional conflict. Finding the right way to deal with security problems is difficult for any project, and the kernel is no exception. Whether this discussion will lead to any changes remains to be seen, but it does at least provide a clear view of where the disagreements are.

continue reading.....

Dana Epp: The "Mojave Experiment" – It’s about friggin time!

continue reading.....

The Register: Citizens’s panel demands policing for DNA database

continue reading.....

Computer World: Hackers shut down Neosploit attack kit "Run out of business by lower-priced rivals, says RSA"

continue reading.....

Columbia Tribue: Banks teach online customers bad habits

continue reading.....

Network World: DNS attack writer a victim of his own creation

continue reading.....

The Register: Microsoft to kill Windows with ‘web-centric’ Midori?

continue reading.....

Computer World: Hotels to spy on Olympics guests, says U.S. senator "claims Chinese authorities forced foreign-owned hotels to install eavesdropping equipment"

continue reading.....

MSNBC: Can’t sleep? Blame all those glowing gadgets "Eyes are more sensitive to lights on the blue side of the spectrum"

continue reading.....

SANS: Serious 0-Day Flaw in Oracle WebLogic Server and WebLogic Express — Workaround Released

continue reading.....

Katherine Heigl regularly speaks up about sexism in Hollywood. For that, she is labeled ungrateful and her career has been declared dead.

continue reading.....

Katherine Heigl regularly speaks up about sexism in Hollywood. For that, she is labeled ungrateful and her career has been declared dead.

continue reading.....