Home     Chat     Forums     IPTV Archive

Discontinued Security Support for Debian 4.0

Posted January 22, 2010 – 01:00 in: Nullamatix, syndicated

Debian Linux Logo One year after the release of Debian GNU/Linux 5.0 alias ‘lenny’ and nearly three years after the release of Debian GNU/Linux 4.0 alias ‘etch’ the security support for the old distribution (4.0 alias ‘etch’) is coming to an end next month. The Debian project is proud to be able to support its old distribution for such a long time and even for one year after a new version has been released.

Debian Security Advisory DSA-1975-1

Security Support for Debian GNU/Linux 4.0 to be discontinued on February 15th

http://www.debian.org/security/ – Stefan Fritsch – January 20, 2010

The Debian project has released Debian GNU/Linux 5.0 alias ‘lenny’ on the 14th of February 2009. Users and Distributors have been given a one-year timeframe to upgrade their old installations to the current stable release. Hence, the security support for the old release of 4.0 is going to end in February 2010 as previously announced. Previously announced security updates for the old release will continue to be available on security.debian.org.

Security Updates for Lenny

The Debian Security Team provides security updates for the current distribution via . Security updates for the old distribution are also provided for one year after the new distribution has been released or until the current distribution is superseded, whatever happens first.

For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debi...@lists.debian.org
Package info: apt-cache show
and http://packages.debian.org/

See Also:

  No Comments  |  Tags:

Opening An Elevated Command Prompt Window

Posted January 19, 2010 – 00:00 in: Silivrenion, syndicated

There are many parts of Windows that are useful for the power user, but none so useful and important as opening an elevated privilege command prompt window!

Windows, by default, does not run programs as administrator in Vista and 7. This is for the user’s protection, and is controlled by User Account Control. You can, fortunately, bypass these restrictions via several different methods:


Method 1
  1. Click on Vista Start button.
  2. Locate the Command Prompt menu item (buried deep inside Accessories under All Programs or appear on program access history).
  3. Right click on Command Prompt.
  4. On the pop-up right click context menu, select “Run as Administrator”.
Method 2
  1. Click on Vista Start button.
  2. Click on Run.
  3. Type in “Cmd” (without quotes) in the Open textbox.
  4. You should see “This task will be created with administrative privileges”.
  5. Click on OK or press Enter.
Method 3
  1. Press the Win keyboard key or click on Vista Start button.
  2. Type cmd into the Start Search textbox.
  3. Press Ctrl+Shift+Enter keyboard shortcut. Ctrl-Shift-Enter is the general keyboard shortcut that triggers elevation to “Run as Administrator”.
  4. Press Alt+C or press Continue to confirm the UAC elevation warning prompt.

Via Silivrenion from The Silver Onion

  No Comments  |  Tags:

Use Trillian Astra to Simplify Messaging

Posted January 17, 2010 – 23:40 in: Silivrenion, syndicated


Oh, Trillian. I remember when you were just a wee toddler, now you’re all big and grown up now! Trillian has always been one of the popular choices for instant messaging clients, however with the advent of Trillian Astra in late 2009, Cerulean Studios has nearly reinvented the game once more and provided a better client that we all needed.

Supporting a metric character-map ton of protocols (Astra, AIM, Yahoo!, ICQ, Windows Live (MSN), MySpaceIM, GoogleTalk, Jabber/XMPP, Facebook, Twitter, Skype, Bonjour, IRC, POP/IMAP, etc,) Trillian is no little client. This newer version offers better looks, better reliability, and a host of features that would take forever to list.
If you are currently using multiple clients to connect to your various messaging networks, Trillian just might convince you to consolidate into one, simple client.
Oh, and did I mention Trillian supports Web and iPhone? Windows client is default, and Mac OS X is on the way.

Via Silivrenion from The Silver Onion

  No Comments  |  Tags:

New Tool: IP Range to CIDR

Posted January 17, 2010 – 23:40 in: Nullamatix, syndicated

IP Range to CIDR Screen Shot At least twice a week I find myself visiting ip2cidr.com, the IP to CIDR converter. Since the owner/author of the site hasn’t release the source code, and I love a challenge, I developed my own version. The guys at the job find the tool useful, and after a few minor bug fixes, I’ve made the IP Range to CIDR tool available for use here at Nullamatix.com.

Using IP to CIDR

The tool is very easy to use. The first text input field is the first IP address or start of the range. The second text input field is the second IP address or end of the range. For instance, supplying 172.0.0.0 in the first field and 192.168.255.255 in the second field will produce: 

192.0.0.0/9
192.128.0.0/11
192.160.0.0/13
192.168.0.0/16
172.0.0.0/6
176.0.0.0/4

172.16.0.0 and 172.17.255.255 will produce: 

172.16.0.0/15

I’ll eventually implement on-the-fly htaccess, null route, and iptables policy generation.

IPtables Drop Policies

In addition to the new IP Range to CIDR tool, I’ve also added drop lists for ThePlanet, Softlayer, APNIC, and Amazon, courtesy of robtex.com. While looking over firewall and httpd access logs, malicious attacks and comment spam seem to originate from these sources the most. If there’s a network or company you’d like me to add, just submit a comment to this post.

See Also:

  No Comments  |  Tags:

Save Power with Windows 7 Power Management Diagnostics

Posted January 15, 2010 – 23:00 in: Silivrenion, syndicated


Have you been wondering if your laptop or desktop uses more power than it needs to? Well, wonder no more! Windows 7 includes a utility for generating a report of potential energy hogging systems within your computer.

Simply open a Command Prompt window as Administrator, and enter the following command:

powercfg -energy

Windows 7 will take about a minute and a half to analyze power usage and provide an HTML report of possible issues that could be drawing more power than necessary. By default, the report is placed in C:\Windows\System32\energy-report.html, however you can change the output location with the flag -output on the command above, no carats.

Via Silivrenion from The Silver Onion

  No Comments  |  Tags:

Solution: chown: invalid user: www-data:www-data

Posted January 10, 2010 – 21:20 in: Nullamatix, syndicated

light_logo_170px Ran into this issue after getting rid of the www-data user and group. The solution is simple and doesn’t involve adding the account/group, assuming the objective is to run Lighttpd as a different user (not www-data). If the intention is to run Lighttpd with the www-data account, simply add the account. Otherwise, keep reading…

The Issue

[599][nullamatix ~]:# aptitude install package-x
Reading package lists... Done
Building dependency tree
Reading state information... Done
Reading extended state information
Initializing package states... Done
Reading task descriptions... Done
The following NEW packages will be installed:
  package-x
The following partially installed packages will be configured:
  lighttpd lighttpd-mod-magnet
0 packages upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 220kB of archives. After unpacking 1028kB will be used.
Writing extended state information... Done
Get:1 http://ftp.us.debian.org lenny/main package-x [220kB]
Fetched 220kB in 0s (446kB/s)
Preconfiguring packages ...
Selecting previously deselected package package-x.
(Reading database ... 23009 files and directories currently installed.)
Unpacking package-x (from .../package-x_i386.deb) ...
Processing triggers for man-db ...
Setting up lighttpd (1.4.25-1) ...
chown: invalid user: `www-data:www-data'
dpkg: error processing lighttpd (--configure):
 subprocess post-installation script returned error exit status 1
dpkg: dependency problems prevent configuration of lighttpd-mod-magnet:
 lighttpd-mod-magnet depends on lighttpd (= 1.4.25-1); however:
  Package lighttpd is not configured yet.
dpkg: error processing lighttpd-mod-magnet (--configure):
 dependency problems - leaving unconfigured
Setting up package-x (lenny3) ...
Adding group `package-x' (GID 119) ...
Done.
Adding system user `package-x' (UID 117) ...
Adding new user `package-x' (UID 117) with group `package-x' ...
Not creating home directory `/var/run/package-x.
Starting package-x: package-x.
Errors were encountered while processing:
 lighttpd
 lighttpd-mod-magnet
E: Sub-process /usr/bin/dpkg returned an error code (1)
A package failed to install.  Trying to recover:
Setting up lighttpd (1.4.25-1) ...
chown: invalid user: `www-data:www-data'
dpkg: error processing lighttpd (--configure):
 subprocess post-installation script returned error exit status 1
dpkg: dependency problems prevent configuration of lighttpd-mod-magnet:
 lighttpd-mod-magnet depends on lighttpd (= 1.4.25-1); however:
  Package lighttpd is not configured yet.
dpkg: error processing lighttpd-mod-magnet (--configure):
 dependency problems - leaving unconfigured
Errors were encountered while processing:
 lighttpd
 lighttpd-mod-magnet
Reading package lists... Done
Building dependency tree
Reading state information... Done
Reading extended state information
Initializing package states... Done
Writing extended state information... Done
Reading task descriptions... Done         

[600][nullamatix ~]:#

The Solution

Open the Lighttpd postint file and replace www-data with the correct username:group. 

[600][nullamatix ~]:# /var/lib/dpkg/info/lighttpd.postinst

There were 2 lines for this particular instance:

# old original
# chown www-data:www-data /var/log/lighttpd /var/run/lighttpd
# chown www-data:www-data /var/cache/lighttpd /var/cache/lighttpd/compress /var/cache/lighttpd/uploads

# new replacement
chown custom-user:custom-group /var/log/lighttpd /var/run/lighttpd
chown custom-user:custom-group /var/cache/lighttpd /var/cache/lighttpd/compress /var/cache/lighttpd/uploads

Save the changes and exit. Now, assuming custom-user and custom-group exist, tell dpkg to reconfigure the packages. The -a flag tells dpkg to reconfigure, “all unpacked but unconfigured packages.”

[601][nullamatix ~]:# dpkg --configure -a
Setting up lighttpd (1.4.25-1) ...
Starting web server: lighttpd.
Setting up lighttpd-mod-magnet (1.4.25-1) ...
[602][nullamatix ~]:#

That’s it, problem solved…

See Also:

  No Comments  |  Tags:

CES 2010: Pass or Fail?

Posted January 10, 2010 – 21:20 in: dhp1080, syndicated

While I didn’t get a chance to go to the show the year, I did cover a lot of stories over at ConnectReviews. There were plenty of cool things to see, as there are every year, but to be honest, I’m a bit disappointed. First things first. Let’s start with the buzzwords for this year in technology: 3D and slate/tablet.

You might ask, "What’s wrong with these?". Well quite simply, they’re unimportant and regressive. 3D consumer TVs have been around for years, and tablets have been around even longer. So why make a big deal about them now? Beats me.

Last year, CES featured Blu-ray players, netbooks, and all sorts of other nifty new gadgets. Being into technology, these new(ish) releases interested me and made me want to purchase them when they were released. I have no such desire for 3D TVs and tablet PCs.

Let’s take a closer look at 3D TV. First and foremost, the picture quality is degraded when you move to 3D. Certain parts of the screen might seem to "pop out", but others will be degraded in quality because of how the picture is created. Not to mention you have to wear obnoxious glasses while watching. Typically I like to be comfortable while watching TV, and that does not include wearing 3D glasses.

As far as tablet/slate computers are concerned, I don’t see why. Apple’s upcoming iSlate might change my mind because of their genius marketing, but I can think of few instances where a tablet computer trumps a typical laptop or netbook. It’s not hard to imagine that it’s faster to type than to write by hand. The only time that I’d really rather write by hand is when diagrams are necessary. However, I don’t want to shell out $600+ for something a piece of paper has been accomplishing for thousands of years.

All in all, CES’s major offerings this year left me wanting a bit more. Don’t get me wrong, there was still plenty of interesting stuff this year, but the major focus was well outside of my interests. I guess there’s always next year.

Via dhp1080 from 1080degrees

  No Comments  |  Tags:

Hide WordPress Update Nag Without a Plugin

Posted January 7, 2010 – 20:20 in: Nullamatix, syndicated

For those who don’t know, WordPress 2.9.1 was released a couple days ago. As a result, the “WordPress 2.9.1 is available! Please update now.” nag is plastered at the top of the admin interface. Since installing yet another unnecessary WordPress plug-in for something so simple seems pointless, I came up with a quick and easy to implement WordPress hack. Don’t even bother continuing unless you’re comfortable editing a core WordPress file.

Locating the “hook”

[874][nullamatix.com http]:# grep -lir 'update_nag' wp-admin/
wp-admin/includes/update.php
[875][nullamatix.com http]:# vim wp-admin/includes/update.php

Removing the “hook”

Once update.php is open, find this line (around 135 or so): 

add_action( 'admin_notices', 'update_nag', 3 );

Then, just make the line a comment; either of the following will work:

// add_action( 'admin_notices', 'update_nag', 3 );
/* add_action( 'admin_notices', 'update_nag', 3 ); */

Save the changes and check out the admin panel. Ta-da, no more WordPress update nag and we didn’t even have to worry about some silly plug-in…

Wat? No Updates?

Wrong. There are still a number of ways to tell whether or not WordPress needs an update. Here are a few:

  • Check the footer of the admin interface (Get Version 2.9.1)
  • Check the “Right Now” box in the admin dashboard
  • Subscribe to the WordPress “Releases” category RSS feed

WordPress Security Updates Only

Unrelated, but still worth mentioning, Steve Taylor asked the following question on the wp-hackers mailing list today,

I can’t find any information on this, but out of curiosity, is it possible to get *just* security fixes for old WP version? So, say when 3.0 comes out and it jumps up from 2.9.4, would there be a “2.9.5″ for the security fixes? My guess is no, but I thought I’d check.

That is a fantastic idea. On my production Debian servers, *only* the security repos are enabled so *only* the security updates are applied. Why couldn’t this also work for WordPress? For me, updating WordPress is a royal pain in the ass due to the core fixes hacks/edits. As a result, WordPress gets updated once every four or five major releases, with the exception of manually applied security patches (of course). But a security-updates only feature for WordPress? Count me in. Hell, I’ll even help with patching the older branches if necessary.

To some, security patches are more of a concern than a “Trash Can” (wait, wat?) feature for posts/comments. I’ll save that rant for another post. Fckin WordPress trash can, geez…

Potential Search Terms

Remove the WordPress Update Nag Without a Plugin
Remove the WordPress Update Message Without a Plugin
Get rid of the WordPress Update Message Without a Plugin
Get rid of the WordPress Update Nag Without a Plugin
WordPress Update Nag Admin Hack

See Also:

  No Comments  |  Tags:

Subject: ShmooCon Slugs – Ride Sharing

Posted December 29, 2009 – 17:00 in: Nullamatix, syndicated

From: Rob Fuller
To: pen-...@securityfocus.com
Date: Sun, 27 Dec 2009 20:29:11 -0500
Subject: ShmooCon Slugs – Ride Sharing

ShmooCon Slugs was created to help facilitate people getting together
for rides to ShmooCon 2010. http://shmooslugs.pbworks.com/

We already have two on the board, one from Atlanta and one from Toronto.

Please tweet, email, blog this, since it only works if everyone knows about it.


Rob Fuller | Mubix
Room362.com | Hak5.org | TheAcademyPro.com

More Info:
http://shmooslugs.pbworks.com/Looking-for-Riders
http://shmooslugs.pbworks.com/Looking-for-Drivers

More From Nullamatix.com:

  No Comments  |  Tags:

Invalid Packets From the DoD

Posted December 28, 2009 – 16:40 in: Nullamatix, syndicated

The firewall policies on Nullamatix.com DROP invalid connection attempts. Specifically, if an attempt to start a new tcp connection is not a syn packet, the packet is rejected. This morning I noticed a few dropped connection attempts from an unusual source, The U.S. Department of Defense. Here are the logs:

Dec 27 05:00:38: SRC=140.32.107.150 PROTO=TCP SPT=53175 DPT=80
Dec 27 05:01:53: SRC=140.32.107.150 PROTO=TCP SPT=53175 DPT=80
Dec 27 05:03:08: SRC=140.32.107.150 PROTO=TCP SPT=53175 DPT=80
Dec 27 05:04:23: SRC=140.32.107.150 PROTO=TCP SPT=53175 DPT=80
Dec 27 05:05:38: SRC=140.32.107.150 PROTO=TCP SPT=53175 DPT=80
Dec 27 05:06:53: SRC=140.32.107.150 PROTO=TCP SPT=53175 DPT=80
Dec 27 05:09:23: SRC=140.32.107.150 PROTO=TCP SPT=53175 DPT=80
Dec 18 09:25:19: SRC=140.32.107.150 PROTO=TCP SPT=11601 DPT=80
Dec 18 09:26:34: SRC=140.32.107.150 PROTO=TCP SPT=11601 DPT=80
Dec 18 09:27:49: SRC=140.32.107.150 PROTO=TCP SPT=11601 DPT=80
Dec 18 09:29:04: SRC=140.32.107.150 PROTO=TCP SPT=11601 DPT=80
Dec 18 09:30:19: SRC=140.32.107.150 PROTO=TCP SPT=11601 DPT=80
Dec 18 09:31:34: SRC=140.32.107.150 PROTO=TCP SPT=11601 DPT=80
Dec 18 09:32:49: SRC=140.32.107.150 PROTO=TCP SPT=11601 DPT=80
Dec 18 09:34:04: SRC=140.32.107.150 PROTO=TCP SPT=11601 DPT=80

What’s really interesting are the lack of Lighttpd logs. Based on the logs I have, that IP has never made a legitimate visit to any of the sites hosted on this server. So what’s the DoD up to? I don’t mind them visiting at all, but why the invalid connection attempts? If someone at the DoD wants some information about this server, all they have to do is ask.

Whois Information for 140.32.107.150

OrgName:    DoD Network Information Center
OrgID:      DNIC
Address:    3990 E. Broad Street
City:       Columbus
StateProv:  OH
PostalCode: 43218
Country:    US

NetRange:   140.32.0.0 - 140.32.255.255
CIDR:       140.32.0.0/16
NetName:    SUM-DET-5
NetHandle:  NET-140-32-0-0-1
Parent:     NET-140-0-0-0-0
NetType:    Direct Assignment
NameServer: NS1.ARL.ARMY.MIL
NameServer: NS1.NOSC.MIL
NameServer: NS1.HPCMO.HPC.MIL
Comment:
RegDate:    1990-04-08
Updated:    2007-08-23

OrgTechHandle: MIL-HSTMST-ARIN
OrgTechName:   Network DoD
OrgTechPhone:  +1-800-365-3642
OrgTechEmail:  HOST...@nic.mil

OrgTechHandle: REGIS10-ARIN
OrgTechName:   Registration
OrgTechPhone:  +1-800-365-3642
OrgTechEmail:  REGI...@nic.mil

See Also:

  No Comments  |  Tags: