Sep 30

Posted in Uncategorized | | No Comments »
Sep 27

Mondo Rescue is a GPL disaster recovery solution. It supports Linux (i386, x86_64, ia64) and FreeBSD (i386). It’s packaged for multiple distributions (RedHat, RHEL, SuSE, SLES, Mandriva, Debian, Gentoo).

It supports tapes, disks, network and CD/DVD as backup media, multiple filesystems, LVM, software and hardware Raid.
Homepage
http://www.mondorescue.org/

Posted in Administrator, Project of Month | | No Comments »
Sep 27

Don’t panic if you deleted /etc/fstab by mistake you can recover it from /proc by the following this way :

cat /proc/mounts > /etc/fstab
chmod 644 /etc/fstab

The “proc” filesystem, which is /proc/mounts, is used to handle sytem configuration parameters, it is a virtual filesystem.

Posted in Administrator, Open Source, Security, Uncategorized | | 1 Comment »
Sep 24

sr-firefox3.jpg From the “time to update” files:

Mozilla has issued four security advisories as part of its Firefox 3.0.2 and 2.0.0.17 updates, two of which are labelled as critical.

MFSA 2008-41 details a privilege escalation issue by way of the XPCnativeWrapper. The flaw could potentially have allowed a maliciously crafted XSLT to create/run scripts that don’t get validated.

MFSA 2008-42 is an advisory that is seemingly common with Mozilla, it’s a “Crashes with evidence of memory corruption” issue. The interesting part this time around (for me at least) is that some of these crashes were reported by Apple to Mozilla. The Mozilla advisory notes that, “Drew Yao of Apple Product Security reported two crashes in Mozilla image rendering code.”  Good to hear the Apple is sharing security information with Mozilla (and vice versa).

On the less critical but still interesting security side is a flaw titled “forced mouse drag.” MFSA 2008-40 explained that:
Mozilla developer Paul Nickerson reported a variant of a click-hijacking vulnerability discovered in Internet Explorer by Liu Die Yu. The vulnerability allowed an attacker to move the content window while the mouse was being clicked, causing an item to be dragged rather than clicked-on. This issue could potentially be used to force a user to download a file or perform other drag-and-drop actions.

Posted in Security | | 1 Comment »
Sep 20

There are many times that client are having dynamic ip address (assigned by DHCP server) and in this cases it’s hard to set any rules on bases of ip address as, you would not know what ip address the client machine be getting, in such case we could use mac based ACL’s to set up any rules on that particular machine.

# vi /etc/squid/squid.conf

Look for acl section and append ACL as follows:

acl mac1 arp 00:11:22:70:44:90 acl mac2 arp 00:11:22:33:44:55 http_access allow mac1 http_access allow mac2 http_access deny

all Save and close the file. Restart squid server:

# /etc/init.d/squid restart

Posted in Administrator, Firewall, Linux Distribution, Network, QoS | | No Comments »
Sep 20

Ever needed to umount a device or file system or needed to umount your portable USB drive
but you can’t as you keep getting a “Device is busy” error.

You cannot umount a file system that has open files, file handles, or if the file system is currently in use. not knowing what is using the device or what is keeping it busy can be extremely frustrating.
fuser to the rescue.
fuser will tell you what processes are using a file system and keeping it busy, fuser will also allow you to kill the processes that are preventing you from umounting the filesystem or device.
Lets say it is your usb memory stick on /dev/sda1 that you cannot umount.
Type
fuser -v /dev/sda1will show you what and who is locking your device.
Then type
fuser -km /dev/sda1
to kill all the processes that are locking up and keeping your device busy.
then you will be able to umount your device without any errors.

fuser will also tell you what process or user is accesing a specific file.
Type fuser -v /filename eg
fuser -v /home/gbloody/filename.txt
and if you wanted to kill the process that is locking up the file, simply type
fuser -km /home/gbloody/filename.txt

Posted in Administrator, Linux Distribution, Security | | No Comments »
Sep 20

Last month Dell XPS M1330 has failed me. This time, no amount of technical knowledge can solve the problem–I’ve been hit by the defective NVIDIA GPU issue.  my laptop screen started to freeze up and automatically reboot. This happened seven times in five hours . Now my laptop refuses to boot at all–or, more accurately, boots with these beautiful vertical lines (see below). And no, plugging in an external monitor does NOT fix the issue. This is a video card problem, not a monitor problem. I should note that I am extremely reliant on my laptop–it is my primary computer (I’m almost like a Mac person in that way… perhaps I should take the hint and switch to a Mac?). Thus, I have incurred considerable cost in work time trying to remedy this issue stuck without a computer.

An early indication of failure?

The current state of my machine. Unusable.

Some Background on the Issue
In early July, NVIDIA informed stockholders of the problem:

…the company just informed investors that “significant quantities” of previous-generation graphics chips have been failing at “higher than normal rates,” and that it’s lowering its Q2 estimates due to pricing pressure. NVIDIA will be taking a $150M to $250M charge against earnings next quarter to cover the cost of repairing and replacing the affected chips, but didn’t Read the rest of this entry »

Posted in Uncategorized | | 3 Comments »
Sep 20


For those of you who don’t know, Vyatta is an open source network appliance that functions as a router, firewall, and VPN device, all running on a customized version of Debian Linux. I have been following the progress of Vyatta for over a year now, and things are looking very promising. The latest release is called VC4 (Vyatta Community edition) and it includes a bunch of useful new features:

  • New command shell allows you to modify Linux settings and network settings from one common interface
  • Redesign of routing protocol offers greatly improved stability and performance
  • Role-based user access
  • Equal-cost multi-path routing
  • Remote access VPN
  • Support for IP tunneling protocols
  • PPPoE support, commonly used with DSL connections
  • WAN load balancing of outbound traffic across two or more WAN-facing interfaces
  • Quality of Service policies provide congestion management and traffic conditioning

As you can see, a lot of exciting changes have been made in the short six months since the previous release. The routing improvements are related to the change from XORP to Quagga. The added QoS capabilities will make Vyatta a good fit for VoIP deployments. The only negative to this release is that Vyatta had to temporarily remove the GUI web-interface until they can integrate it, which is scheduled for July, 2008. Overall, Vyatta is becoming a a compelling option for replacing some of your over-priced network equipment. Read the rest of this entry »

Posted in Firewall, Linux Distribution, Network, Open Source, QoS, Security | | No Comments »