Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Topics - Diana

Pages: [1] 2
1
2004 / Personal Security
« on: February 02, 2004, 07:18:11 PM »
Hi all,

I"m starting the thread in the hopes that it will grow over time. If it disappears from the main page, I may bring it back with new information now and then. For now, I'm going to post a couple of links for those who wish to read.

Article about the European Unions digital signature requirements for doing business there

Repost of link to GnuPG for personal sig info

see ya,

2
2003 / Server outage
« on: December 14, 2003, 10:33:51 AM »
Hi All,

The server rolled over last night sometime around 2:00 am. It was never down in the sense that the power was off...it was always on...but, we were mailbombed to the extent that the server couldn't open any more connections.

My sheepish face peeks up here, but part of this was my fault. Last week I attempted to wrap sendmail in a program called TCPWrapper. This wrapper program intercepts connections it is set to listen for, then reads two special files..hosts.allow and hosts.deny to see if those connections are allowed. I created a HUGE hosts.deny file of spammer machines. This worked!...tons of spam never got into the machine.

This was working for several days...Yayy!!..smile.gif until last night sad.gif

Turns out that sendmail in it's original config would only accept 12 simultaneous connections and after that gracefully ask all other sendmail connections to wait. This only affected sendmail and is a transparent thing to the end user cause it doesn't deny mail...only asks the sender to wait.

When I wrapped sendmail, it seems to have lost the ability to count. It started accepting ALL connections as asked. When the mailbomb started, sendmail opened so many connections that it used up all the file nodes for the whole machine...meaning no more processes at all could be run. This caused all server processes to halt.

We rebooted the machine and it came back up as it should. Within ten minutes the mailbombers found us again and it fell over again. This time I already had shell access so I was able to kill sendmail. This gave back all those processes and the server regained its feet without needing a second reboot. yippee!..(I'm so easy to please...if the spammers would just leave me alone..smile.gif )

So, I returned the sendmail configuration to its original settings, removing the wrapper process. I dumped all the sendmail connections that were hung and dumped the /tmp directory. By dumping the tmp directory, I may have yet again disrupted the board because PHP runs the board and it places stuff there as it needs..including session files. If you were uncerimoneously dropped or saw strange anomylies this morning, I'm sorry...but all is well now.

I'm researching new machines to replace this stalwart but aging horse. I thank you for your patience.

see ya,

3
2003 / E-bay scammer reveals techniques
« on: September 26, 2003, 05:02:46 PM »

4
2003 / OT: Humor, the SWEN virus and more
« on: September 22, 2003, 09:10:53 PM »
Help!
I installed some Microsoft Updates I received in the mail, and now my system doesn't work properly.

First I got a "Microsoft Critical Update" message which had a patch for Windows XP, Internet Explorer and Outlook Express. I thought "great!" But when I installed the patch, my anti-virus program became disabled, and the system began to behave strangely.

The second message I got said that I might have been infected with a virus/worm and that I just received in the mail and that I needed to install another patch to remove it. But when I clicked on the executable attachment in the messages (just like Microsoft said that I was supposed to), my computer began sending messages to other people and monitoring the newsgroups. I didn't want it to do that an so I tried to shutdown, but it wouldn't let me!

The third message I received said that my system was probably infected by the previous two attachments I had just installed, and that the only way to clean my system was to reinstall Windows. In this message, Microsoft was even nice enough to attach a "Reinstall Helper." All I had to do was to get my Windows CDs and start the "Reinstall Helper" and the reinstallation would go twice as fast.

When I started the "Reinstall Helper," it told me to scratch onto the back of all of my Windows XP CD's this product code (using a sharp metal KEY): XP1032-BOGUS81.  Then it told me to put the CD in and the reinstall would start automatically, but nothing happened!

Then the fourth message I got from the "Microsoft Update Center" told me that the previous three messages were totally bogus and that I had installed three of the worst viruses/worms in Internet history. They even called me a dumb-ass! A hand came out of the computer and slapped me in the face several time. They made me cry. Then they told me that the only way to remove the viruses was to download and execute the next message in my mailbox.

The fifth message I received said that it contained the "Microsoft Automatic Worm Cleaner v. 6.0." The message said that all I had to do was to install the cleaner, and all of the viruses I had downloaded would be erased. And so I double-clicked the attachment, and this is what I saw:

Microsoft Automatic Worm Cleaner v. 6.0.
        Trojan
 ...activated
 ...accessing partition table
 ...cleaning...wiped

 ...accessing IDE track 0 startup-block
 ...low-level format done

 ...accessing CMOS data block
 ...clearing

 ...finished

  ALL VIRUSES AND WORMS DELETED
  press any key to not continue...

Now I can't start my computer. Can anyone help me!

(attributed to Gary Peterson who posted this in an Earthlink newsgroup)


***********************
How to tell the sex of a fly

A woman walked into the kitchen to find her husband stalking around with a fly swatter.

"What are you doing?" She asked.

"Hunting Flies" He responded.

"Oh. Killing any?" She asked.

"Yep, 3 males, 2 Females," he replied.

Intrigued, she asked. "How can you tell?"

>>


>>


>>


>>


He responded, "3 were on a beer can, 2 were on the phone."

5
2003 / OT: But, Important to all Internet users
« on: September 19, 2003, 03:01:33 PM »
Hi all,

Since the beginning of this week, a serious issue has developed. It is rather technical, so to make it short, Verisign, the company that maintains the Root DNS servers for the whole internet, has created a "wildcard" entry that makes it seem that every possible domain actually exists. Domains that are not registered yet now resolve to a Verisign website. In essence, they have hijacked a large part Internet for their own purposes.

Previous to this action, mistyping a domain name or inadvertantly putting one in that doesn't exist used to return a proper error page...or at least one you had control over through your browser. This is no longer the case.

An even worse thing has happened on the insides of the Internet though, one that most people will be unaware of. By creating this wildcard, all DNS reverse lookups now find a "valid" domain. Many mail servers use this reverse lookup function to determine the validity of the e-mail. See, spammers often use non-existent domains in their e-mail headers to hide their origins. Now, when a reverse lookup is performed, the domain will resolve and the mail gets through the SPAM filters. Network admins and software writers are banding together to fight this at the software level, but more needs to be done.

The benefits to Verisign are HUGE. They will make money off of this "hijacking". They are supposed to be the overseers of the .com and .net domains and as such, they shouldn't mis-use their powers..but they have.

I'm asking all who care to take a moment and sign one or two petitions. Both are at petitionsonline.com but they were started by different people

First: This one here

and: The Second here

Here is a Discussion of the issues

or even more Here at Slashdot

I realize that online petitions probably don't do much if any good, but this is an important issue. I would also ask that anyone who has an 800 number to their ISP, call them and let them know that you are aware of the issues, even if you don't completely understand them. With a loud enough outcry, we may be able to get Verisign to back down. As a good news entry here, Verisign was sued in an Orlando, Florida this morning. I'm keeping my fingers crossed that the judge will see how important this is to the welfare of the Internet and its free nature.

Thanks for reading. (I really need a soapbox smiley...snuffysbluff...I need you..smile.gif )

see ya,

edited to fix link to second petition. Seems that the second link is actually the most important petition since it's getting the most activity.

6
2003 / OT: If Florida counts a one nickel five times -
« on: August 26, 2003, 01:30:29 PM »
Read this and weep

Taxing LANS/WANS

The subject line refers to a joke that made its rounds here in Florida.
You would ask someone if they've seen the new Florida state quarter. They rightfully say no...it's not out yet...so you hand them a nickle. Puzzlement appears on their face and they say.."that's not a quarter". You reply: Just turn it over five times.

(whew..what a day.. wacko.gif )

7
2003 / There's no hope left
« on: July 15, 2003, 06:42:01 PM »
From Reuters News Wire

Microsoft Wins Homeland Security Contract

Jul 15, 5:35 pm ET

WASHINGTON (Reuters) - The Department of Homeland Security said on Tuesday it has awarded a five-year, $90 million enterprise agreement to Microsoft Corp (MSFT.O) to become the department's primary technology provider.

Under the contract, Microsoft will supply desktop and server software to the newly created department, which has merged parts of 22 different agencies into one entity.

The agreement delivers licensing coverage for about 140,000 desktops and will help the department to establish a common computing environment, Homeland Security said in a statement.

Dell Marketing LP. was selected as the reseller, to provide the day-to-day management of the enterprise agreement, it said.

8
2003 / Linksys New Wireless-B Media Adaptor
« on: July 14, 2003, 07:05:46 PM »
LINKSYS EXTENDS WIRELESS FUNCTIONALITY TO THE TELEVISION AND
STEREO WITH NEW WIRELESS-B MEDIA ADAPTER

New Wireless Adapter Converges Home Networking and Consumer
Electronics

IRVINE, Calif. - July 14, 2003 - Linksys®, a division of Cisco
Systems, Inc., and the leading global manufacturer of broadband,
wireless, and networking hardware for home and Small Office/Home
Office (SOHO) environments, today announced a new wireless
multimedia product called the Wireless-B Media Adapter (WMA11B)
that allows users to enjoy digital music and pictures stored on
their PC to view and play on their TV and stereo system. This is
the first in a line of new Wireless Home products from Linksys.

In spite of the high growth and fast acceptance of MP3 players,
Internet-delivered music, and digital cameras, the average home
entertainment system is still designed for analog input. The new
Linksys Wireless-B Media Adapter bridges the analog and digital
worlds using 802.11b wireless networking to deliver digital
content to conventional TVs and home stereos.

The Wireless-B Media Adapter sits by the television and stereo
and connects to them using standard A/V or S-Video cables. Then
it connects to your home network by Wireless-B (802.11b)
wireless networking, or if users prefer, it can be connected via
standard 10/100 Ethernet cabling. The media adapter also works
in peer-to-peer mode (direct connection between the media
adapter and wired or wireless enabled computer) so no Internet
service is required.

Listen to your digital music collection through your stereo
system

The media adapter enables the user to stream MP3 and play WMA
music files on the home TV and stereo system. Users can set the
adapter to play songs individually, by directory, or create M3U
or ASX playlist files. Linksys is also working to include
playlist support from popular music providers and music services
such as the RHAPSODY digital music service from Listen.com® and
MusicMatch®. Users can also set up their own play lists by
album, song title, genre and much more. Other convenient options
include Repeat and Shuffle. Music is selected through the TV
menu screen and the easy to use remote control.

Browse your digital pictures on your television InfoTrends
Research predicts that by the end of the year, 60% of Internet-
connected households will own a digital camera (over 26 million
homes). The Linksys Media Adapter provides a more convenient way
for this growing group of users to view pictures. Using the
included remote control and the user-friendly menus on a TV,
users can browse through the digital pictures on their wireless-
enabled computer by folder, filename, or thumbnail. Pictures can
be viewed one at a time, or through an automatically created
slideshow of all the pictures in a given folder. The Media
Adapter utilizes Intel's XScale™ architecture PXA250
application processor not only to decode digital music files,
but also to support popular picture formats: JPG, GIF, TIF and
BMP. The remote control's zoom button enables close-up details
in the pictures being viewed. For added entertainment, streaming
digital music can also be played at the same time the pictures
are being displayed.

"Linksys is innovating products that extend the network beyond
traditional applications such as internet, file and resource
sharing for which home networks were developed. The result is a
new line of Wireless Home products that add on to the home
network to provide connectivity and access to other devices
around the home," said Mike Wagner, Director of Marketing at
Linksys. "The wireless media adapter, our first Wireless Home
product, not only brings together consumer electronics and home
networking but also provides users the ability to do more with
the networks they have installed."

Pricing and Availability

The Wireless-B Media Adapter comes complete with an Infrared
Remote Control with 2 AAA batteries, three-lead Audio/Video
cable, S-Video cable, Ethernet cable, power adapter, setup CD-
ROM and installation guide. The WMA11B is immediately available
through retail, online resellers, distributors and direct
response for an estimated street price of $199.

9
2003 / OT: Holiday Funnies
« on: July 03, 2003, 01:51:23 PM »
Children As Pets - The Cat Years        
(Author Unknown)

I just realized that while children are dogs - loyal and affectionate
- teenagers are cats.  It's so easy to be a dog owner. You feed it,
train it, boss it around. It puts it's head on your knee and gazes at
you as if you were a Rembrandt painting. It bounds indoors with
enthusiasm when you call it.

Then around age 13, your adoring little puppy turns into a big old
cat. When you tell it to come inside, it looks amazed, as if
wondering who died and made you emperor. Instead of dogging
your doorsteps, it disappears. You won't see it again until it gets
hungry-then it pauses on its sprint through the kitchen long
enough to turn its nose up at whatever you're serving.

When you reach out to ruffle its head, in that old affectionate
gesture, it twists away from you, then gives you a blank stare,
as if trying to remember where it has seen you before.  You,
not realizing that the dog is now a cat, think something must
be desperately wrong with it. It seems so antisocial, so distant,
sort of depressed. It won't go on family outings.

Since you're the one who raised it, taught it to fetch and stay
and sit on command, you assume that you did something wrong.
Flooded with guilt and fear, you redouble your efforts to make your
pet behave.  Only now you're dealing with a cat, so everything that
worked before now produces the opposite of the desired result. Call
it, and it runs away. Tell it to sit, and it jumps on the counter. The
more you go toward it, wringing your hands, the more it moves away.

Instead of continuing to act like a dog owner, you can learn to
behave like a cat owner. Put a dish of food near the door, and let
it come to you. But remember that a cat needs your help and your
affection too. Sit still, and it will come, seeking that warm,
comforting lap it has not entirely forgotten. Be there to open the door
for it.

One day your grown-up child will walk into the kitchen, give you a
big kiss and say, "You've been on your feet all day. Let me get those
dishes for you."

Then you'll realize your cat is a dog again.

10
2003 / OT: Friday Funnies
« on: June 06, 2003, 08:26:56 PM »
The Substitute Organist

The minister was preoccupied with thoughts of how he was going to, after the worship service, ask the congregation to come up with more money than they were expecting for repairs to the church building. Therefore, he was annoyed to find that the regular organist was sick and a substitute had been brought in at the last minute.

The substitute wanted to know what to play. "Here's a copy of the service," he said impatiently. "But you'll have to think of something to play after I make the announcement about the finances." During the service, the minister paused and said, "Brothers and Sisters, we are in great difficulty; the roof repairs cost twice as much as we expected, and we need $4,000 more. Any of you who can pledge $100 or more, please stand up." At that moment, the substitute organist played "The Star-Spangled Banner."

And that is how the substitute became the regular organist!
 biggrin.gif

11
2003 / OT: Earth picture taken from Mars
« on: May 23, 2003, 10:48:47 AM »
This picture was taken by the Mars Global Surveyor camera on May 8th. This site shows and describes the techniques used.

Malin Space Science Systems

Edit in response to Gary:

I had a bit of trouble at first, the link from the news stories was broken. I found the picture by going to the root of the site: http://www.msss.com/ and taking their links. I pasted the first link above from the actual page so I had hoped it would work for everyone. It's worth the effort to go the long way though. smile.gif

(me thinks their site is experiencing technical difficulties)

12
2003 / OT: M$ iLoo
« on: May 13, 2003, 08:16:29 AM »
*grin..I love good humor. April fools came late this year.

http://www.msnbc.com/news/912835.asp

13
2003 / OT: My early Mother\'s Day gift. :)
« on: May 09, 2003, 09:27:00 PM »
Hi all,

You should see what I got just a couple of hours ago. We were out to dinner and came home to find this:

 Baby Picture 1   Baby Picture 2   Baby Picture 3   Baby Picture 4

She was expected this year so no great surprise, but it's always a treat.        She doesn't have a name yet though.

Edit: She does have a name now. Everyone, meet Gidget    

see ya,
 
 [ 05-09-2003, 10:36 PM: Message edited by: Diana ]

14
2003 / It was Me! and a Yippie!
« on: May 08, 2003, 02:34:00 AM »
*grin,

If you notice the "lights" blink out for a few seconds around 3:20 am, I'm sorry, I just had to do it. I checked to see how many people were connected and picked a time when it looked really quiet.

I restarted the apache server and we now have a brand new PHP installed.

I tell you this because it will be a big boast for the new Invision board installation.

The yippie! is because it took me 12-13 hours to get it right *grin..but I got two machines done. I can sleep now.

see ya,

15
2003 / Mozilla/Netscape users take note
« on: April 22, 2003, 07:02:00 PM »
I don't know yet to what extent this may apply on the Mac platform, but since the exploit seems to be based on basic Internet protocols, it may affect us all no matter what operating system.

Mozilla Browser Cross Domain Violation Vulnerability
BugTraq ID: 7363
Remote: Yes
Date Published: Apr 16 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/7363
Summary:

Mozilla is an open source web browser available for a number of platforms, including Microsoft Windows and Linux.

A problem has been reported in Mozilla that could allow access to information in other browser windows. The vulnerability exists because Mozilla does not properly sanitize links when transferring documents from one domain to another. Specifically, malicious HTML code is not sanitized from the 'onclick' property.

Upon the execution of code through the 'onclick' property, a violation in browser security zone policy would occur that allows the original web site to view the contents of web pages in other browser windows.

This problem would require a user visiting a web page that has been designed to present malicious dialog boxes. This type of attack would most commonly occur through social engineering.

Other browsers based on the Mozilla codebase are vulnerable to this issue.

see ya,
 
 [ 04-22-2003, 09:28 PM: Message edited by: Diana ]

Pages: [1] 2