Search Site

Feed Section

Friday, October 29, 2010

Linux/Unix Horror Stories for Halloween

Posted: 29 Oct 2010 03:37 AM PDT

This time of year, posting Halloween-related articles has been an informal tradition here at TechSource. For those of you who missed our old Halloween posts, here is a recap:


For this Halloween season, I decided to post a few old but entertaining and somewhat educational Linux/Unix horror stories that were compiled by Anatoly Ivasyuk. Actually, Anatoly has created an entire page filled with Unix-related horror stories and I just picked a few interesting entries to share with you all. Don't worry, I will provide you the link to the complete horror stories page right after my choices. Enjoy!


From: bill@chaos.cs.umn.edu ( bill pociengel )
Organization: University of Minnesota

After a real bad crash (tm) and having been an admin (on an RS/6000)
for less than a month (honest it wasn't my fault, yea right stupid)
we got to test our backup by doing:
# cd /
# rm -rf *
ohhhhhhhh sh*t i hope those tapes are good.

Ya know it's kinda funny (in a perverse way) to watch the system just
slowly go away.
--------------------------------------------------------------------


From: robjohn@ocdis01.UUCP (Contractor Bob Johnson)
Organization: Tinker Air Force Base, Oklahoma

Cleaning out an old directory, I did 'rm *', then noticed several files
that began with dot (.profile, etc) still there. So, in a fit of obtuse
brilliance, I typed...

rm -rf .* &

By the time I got it stopped, it had chewed through 3 filesystems which
all had to be restored from tape (.* expands to ../*, and the -r makes
it keep walking up the directory tree). Live and learn...
--------------------------------------------------------------------


From: samuel@cs.ubc.ca (Stephen Samuel)
Organization: University of British Columbia, Canada

Some time ago, I was editing our cron file to remove core more than a day
old. Unfortunately, thru recursing into VI sessions, I ended up saving an
intermediate (wron) version of this file with an extra '-o' in it.

find / -name core -o -atime +1 -exec /bin/rm {} \;

The cute thing about this is that it leaves ALL core files intact, and
removes any OTHER file that hasn't been accessed in the last 24 hours.

Although the script ran at 4AM, I was the first person to notice this,
in the early afternoon.. I started to get curious when I noticed that
SOME man pages were missing, while others were. Up till then, I was pleased
to see that we finally had some free disk space. Then I started to notice
the pattern.

Really unpleasant was the fact that no system backups had taken place all
summer (and this was a research lab).

The only saving grace is that most of the really active files had been
accessed in the previous day (thank god I didn't do this on a saturday).
I was also lucky that I'd used tar the previous day, as well.

I still felt sick having to tell people in the lab what happened.
--------------------------------------------------------------------


From: weave@bach.udel.edu (Ken Weaverling)
Organization: University of Delaware

A friend of mine called me up saying he no longer could log into his
system. I asked him what he had done recently, and found out that he
thought that all executable programs in /bin /usr/bin /etc and so on
should be owned by bin, since they were all binaries! So he had
chown'ed them all.
--------------------------------------------------------------------


From: hirai@cc.swarthmore.edu (Eiji Hirai)
Organization: Information Services, Swarthmore College, Swarthmore, PA, USA

I wanted to create a second swap partition on another disk and made the
partition start at sector 0 of the disk! (which sounded ok at the time since
all other regular 'a' partitions started on sector 0) Every time I rebooted,
fsck would complain about missing partition tables - I initially suspected
that the disk was bad but I later realized that swapping was overwriting the
partition table. I had lost an unknown percentage of the financial data for
the institution that I was working for at the time, right when they were
being audited! Yikes! Anyway, we were able to recover the data and life
returned to normal but I did wonder at the time whether I could still keep
my job there.
--------------------------------------------------------------------


More Linux/Unix horror stories can be found HERE.



If you have a Linux/Unix horror story to share, feel free to write it down on our comment section.

Bookmark and Share
Posted by z0ltrix at 12:11 PM 0 comments

Thursday, October 28, 2010

[HowtoForge] Newsletter 10/28/2010

HowtoForge Newsletter 10/28/2010
================================

*** The ISPConfig 3 Manual is finally available (in PDF format)! ***
====================================================================

On nearly 300 pages, it covers the concept behind ISPConfig (admin, resellers, clients), explains how to install and update ISPConfig 3, includes a reference for all forms and form fields in ISPConfig together with examples of valid inputs, and provides tutorials for the most common tasks in ISPConfig 3. It also lines out how to make your server more secure and comes with a troubleshooting section at the end.

Version 1.0 for ISPConfig 3.0.3 (Date: 09/30/2010)
Author: Falko Timme
299 pages

The manual can be downloaded from these two links:

http://www.ispconfig.org/ispconfig-3/ispconfig-3-manual/
http://www.howtoforge.com/download-the-ispconfig-3-manual
********************************************************************


New HOWTOs:
===========

* How To Make An Ubuntu 10.10 Desktop Resemble A Mac (With Elementary, Docky & Gloobus-Preview)
* Enabling Compiz Fusion On An Ubuntu 10.10 Desktop (NVIDIA GeForce 8200)
* The Perfect Desktop - Kubuntu 10.10
* Putting Varnish In Front Of Apache On Ubuntu/Debian
* How To Integrate ClamAV (Through mod_clamav) Into ProFTPd For Virus Scanning On Ubuntu 10.04
* OpenSUSE 11.3 Samba Standalone Server With tdbsam Backend

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

How To Make An Ubuntu 10.10 Desktop Resemble A Mac (With Elementary, Docky & Gloobus-Preview)
=============================================================================================

This article shows how you can change the appearance of your Ubuntu 10.10 desktop so that it resembles a Mac. This can be achieved with the help of Elementary, Docky, and Gloobus-Preview. Elementary is a project that provides a popular icon set and GTK theme; Docky is an interactive dock (like the one you know from a Mac) that provides easy access to some of the files, folders, and applications on your computer, and more; and Gloobus-Preview is an extension for the Gnome Desktop Environment designed to enable a full screen preview of any kind of file or directory.

You can find the document here:
-------------------------------
http://www.howtoforge.com/how-to-make-an-ubuntu-10.10-desktop-resemble-a-mac-with-elementary-docky-and-gloobus-preview


Enabling Compiz Fusion On An Ubuntu 10.10 Desktop (NVIDIA GeForce 8200)
=======================================================================

This tutorial shows how you can enable Compiz Fusion on an Ubuntu 10.10 (Maverick Meerkat) desktop (the system must have a 3D-capable graphics card - I'm using an NVIDIA GeForce 8200 here). With Compiz Fusion you can use beautiful 3D effects like wobbly windows or a desktop cube on your desktop.

You can find the document here:
-------------------------------
http://www.howtoforge.com/enabling-compiz-fusion-on-an-ubuntu-10.10-desktop-nvidia-geforce-8200


The Perfect Desktop - Kubuntu 10.10
===================================

This tutorial shows how you can set up a Kubuntu 10.10 desktop that is a full-fledged replacement for a Windows desktop, i.e. that has all the software that people need to do the things they do on their Windows desktops. The advantages are clear: you get a secure system without DRM restrictions that works even on old hardware, and the best thing is: all software comes free of charge. Kubuntu 10.10 is derived from Ubuntu 10.10 (Maverick Meerkat) and uses the KDE desktop instead of the GNOME desktop.

You can find the document here:
-------------------------------
http://www.howtoforge.com/the-perfect-desktop-kubuntu-10.10


Putting Varnish In Front Of Apache On Ubuntu/Debian
===================================================

Varnish is an open source "web accelerator" which you can use to speed up your website. It can cache certain static elements, such as images or javascript but you can also use it for other purposes such as Loadbalancing or some additional security. In this tutorial we will focus on the latter one. In this mode, Varnish will stop incomplete HTTP requests from reaching your Apache webserver.

You can find the document here:
-------------------------------
http://www.howtoforge.com/putting-varnish-in-front-of-apache-on-ubuntu-debian


How To Integrate ClamAV (Through mod_clamav) Into ProFTPd For Virus Scanning On Ubuntu 10.04
============================================================================================

This tutorial explains how you can integrate ClamAV into ProFTPd for virus scanning on an Ubuntu 10.04 system. This is achieved through mod_clamav. In the end, whenever a file gets uploaded through ProFTPd, ClamAV will check the file and delete it if it is malware.

You can find the document here:
-------------------------------
http://www.howtoforge.com/how-to-integrate-clamav-through-mod_clamav-into-proftpd-for-virus-scanning-on-ubuntu-10.04


OpenSUSE 11.3 Samba Standalone Server With tdbsam Backend
=========================================================

This tutorial explains the installation of a Samba fileserver on OpenSUSE 11.3 and how to configure it to share files over the SMB protocol as well as how to add users. Samba is configured as a standalone server, not as a domain controller. In the resulting setup, every user has his own home directory accessible via the SMB protocol and all users have a shared directory with read-/write access.

You can find the document here:
-------------------------------
http://www.howtoforge.com/opensuse-11.3-samba-standalone-server-with-tdbsam-backend


++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

You can now support HowtoForge by becoming a subscriber:

HowtoForge Subscription
=======================

*** New! We now accept RBS WorldPay payments in addition to PayPal. ***

For a monthly fee of 5 EUR or 25 EUR for half a year, you can become a HowtoForge supporter and help us cover our costs (servers, bandwidth, etc.) and support ISPConfig development. In return, you receive the following benefits:

1. Download the ISPConfig 3 Manual (from http://www.howtoforge.com/download-the-ispconfig-3-manual).
2. Access the whole HowtoForge web site without any ads.
3. Download the results of our tutorials as VMware images (where available) (a list of downloadable VMware images is available here: http://www.howtoforge.com/list-of-downloadable-vmware-images).
4. Download our tutorials as PDF files.
5. View our tutorials as printer-friendly pages.
6. You will be marked as a "HowtoForge Supporter" in your forum posts.
7. Plus, you support the ISPConfig development.

If you have the free VMware Server or Player installed, you can import our VMware images and start playing around with the results of our tutorials immediately. It's a great way to track down problems with your own setup or simply to save time. ;-)

More details can be found on http://www.howtoforge.com/subscription.

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Best Regards,

Your HowtoForge Team
Email: info@howtoforge.com
URL: http://www.howtoforge.com

To unsubscribe or update your records, click here: http://newsletter.howtoforge.com/howtoforge/user/update.php?email=matrixunix.ubuntu@blogger.com&code=d8531959c7da2982ec3a7f8f82a13961

Bookmark and Share
Posted by z0ltrix at 5:06 AM 0 comments

Wednesday, October 27, 2010

Hacking Damn Vulnerable Linux

Posted: 27 Oct 2010 03:54 AM PDT

If you can't exploit it, you can't secure it. I don't know if that quote has been said before, but if you are deeply interested about computer security or ethical hacking, that should be your main mantra. To fully learn how to secure a computer program, you must know how to break it and find vulnerabilities. In relation to this, there is a unique Linux distribution that is primarily created to help teach you about software security, its name is Damn Vulnerable Linux (DVL).

Damn Vulnerable Linux is a Slackware-based distro that is intentionally loaded with broken, ill-configured, outdated, and exploitable software for educational purposes. It is a 1.8GB live DVD that features easily breakable versions of Apache, MySQL, PHP, and FTP and SSH daemons. It also includes a good number of tools to help users compile, debug, and break applications running on these services such as GCC, GDB, NASM, strace, ELF Shell, DDD, LDasm, LIDa, etc. You can install Damn Vulnerable Linux natively on a PC, boot it from a USB flash drive, or install it using any virtualization software.

Perhaps the world's most insecure operating system (way worse than Windows), DVL will help harness your skills in reverse code engineering, buffer overflows, shellcode development, Web exploitation, SQL injection, and more. Thorsten Schneider of the International Institute for Training, Assessment, and Certification (IITAC) and Secure Software Engineering (S²e) originally created DVL as a training system used during his university lectures.

According to Schneider, the sole aim of DVL is to give users as many security tools and training options as possible. It is developed by people with remarkable black hat backgrounds, which include contributions from community members of ReverseEngineering.net and Crackmes.de. DVL provides vast amount of tutorials and break-in exercises that may contain solutions and exploits.


The tutorials are divided into three parts. The first part is all about binary exploitation, buffer overflows, format string vulnerabilities, or shellcodes. The next portion is about Web exploitation like SQL injection, path retrieval, and Web site insecurity. The last part includes reverse code engineering and copy protection analysis.

Damn Vulnerable Linux is continuously updated with more tools, training material and lessons. The author also has plans to extend DVL into a hacking wargame. Now that sounds exciting. If you are into hacking or if you simply want to learn more about computer security, then you should include DVL in your armory of hacking tools.

Bookmark and Share
Posted by z0ltrix at 12:09 PM 0 comments

Tuesday, October 26, 2010

The $100.00 (USD) Coolest Linux Workspace Contest Winner

Posted: 26 Oct 2010 01:06 AM PDT

The month-long voting is over so it is about time to announce the winner of our $100.00 (USD) coolest Linux workspace contest. The people have spoken, and from our five finalists only one has emerged victorious.

We would like to congratulate Brian (a.k.a. brainstem) for his winning entry and for receiving the $100 cash prize.

Thank you for all those who submitted their entries and for those of you who participated in the voting process.

We are planning to do more contests soon, so stay tuned. Hopefully, we can increase the prize money to make it more exciting.

Once again, thank you and congrats Brian!

Bookmark and Share
Posted by z0ltrix at 12:11 PM 0 comments

Monday, October 25, 2010

Weekly Ten (10-25-2010)

Posted: 25 Oct 2010 07:19 AM PDT

Latest News, Blogs, Tips, and Reviews that I find Interesting and Useful:


1. The mysterious processor behind China's first homegrown supercomputer
The majority of today's supercomputers follow a tested and reliable template. Hundreds, thousands, and occasionally tens of thousands of processors are clustered together to work in congress.
More @ SmartPlanet

2. London Stock Exchange smashes world record trade speed with Linux
The London Stock Exchange has said its new Linux-based system is delivering world record networking speed, with 126 microsecond trading times.
More @ ComputerWorld

3. Bringing ultra high-speed broadband to Stanford homes
Earlier this year we announced our plans to build and test ultra-high speed broadband networks in a small number of American communities. Since then, a team of Google engineers has been hard at work experimenting with new fiber optic technologies. And following a series of tests we've run on Google's campus, we're excited to announce the next step in our project.
More @ Googleblog

4. Lightsaber color selector

More @ HackaDay

5. A new way to rock: Ars reviews Rock Band 3
Rock Band 3 is a major leap forward for what was already an innovative series, and once again Harmonix proves itself to be the leader in rhythm games. Rock Band 3 won't just let you pretend to play instruments, it will teach you how to play them. The keyboard isn't just a cute peripheral, it's a working MIDI controller.
More @ ArsTechnica

6. Internet Population Nears 2 Billion
The number of Internet users is expected to hit the two billion mark by the end of the year with most of the growth coming from developing countries, according to the latest report of the International Telecommunication Union (ITU).
More @ PCWorld

7. The Many Ways of Capturing the Moment With Linux
Just like doing almost anything in Linux, something as simple as snapping a screen cap means you get to pick from a variety of applications designed to get that image from screen to file with just the right combination of whistles and bells -- or lack thereof -- along the way. Remember, though, that it's not always easy to interchange them between distros.
More @ LinuxInsider

8. Google catches giant Gingerbread man, mounts on front lawn

More @ Engadget

9. Austria's first 'bionic' man dies
An Austrian man who became the first person outside the US to wear thought-powered "bionic" arms has died from injuries sustained in a car crash, the hospital where he was treated said.
More @ smh.com.au

10. Top 10 Important Blunders of Ancient Science
One of the most tempting mistakes in studying history is to judge the past by modern standards. Nowhere is this more easily seen than in the contributions of ancient science. When we laugh at geocentric cosmology, or the theory of four elements, we fail to realize that, while the theories were certainly wrong, they still advanced scientific knowledge. This list explores 10 such contributions.
More @ Listverse

5 (More) Free and Open Source CRM Software

Posted: 25 Oct 2010 01:18 AM PDT

5 (More) Free and Open Source CRM Software: We have already featured here several free and open-source CRM software but due to popular demand, we will showcase five more CRM tools. As I've already explained before, CRM software is used for effectively managing a company's interactions with clients and possible customers by organizing, automating, and synchronizing business processes.

Without further delay, here are 5 more free and open-source Customer Relationship Management (CRM) software (in no particular order):


Dolibarr
Dolibarr is an ERP/CRM software designed for small and medium companies, foundations or freelancers. Although loaded with features for Enterprise Resource Planning (ERP) and Customer Relationship Management (CRM), it also includes features for different activities. Dolibarr is highly modular and is known by its easy installation process and ease of use despite the vast number of features that can be activated by way of modules. Written in PHP and uses MySQL databases, it works with all PHP configurations without having the need to install additional PHP modules.


ERP5
Based on Python and Zope, ERP5 is a high quality and full-featured free and open-source ERP/CRM/MRP/SCM/PDM used by numerous businesses and government agencies. It utilizes the Unified Business Model introduced by Smets and Carvalho. The UBM abstraction is dependent on 5 generic concepts, specifically Node, Resource, Movement, Item and Path. Because of this unification, a usual ERP5 implementation only consists of 20 to 30 tables compared to ERP based on traditional enterprise modeling that needs up to tens of thousands of tables since they have to piece together different elements.


epesiBIM
epesiBIM is a web-based Customer Relationship Management (CRM) multiuser application that has a main goal of providing functionality greater than what's offered on usual CRM software. It is based on epesi framework that provides a collection of libraries and modules for rapid development of new modules. Since it has a modular design, it can be easily customized and modified to match your processes and workflow. epesiBIM is made to work on any operating system with http server with php 5.x and MySQL or PostgreSQL database server.


JFire
From its project website, JFire is described as a comprehensive, free and powerful open-source ERP solution with a high degree of flexibility. It also has a broad range of ready-to-use features for business analysis, customer relationship management (CRM), and many more. JFire is written entirely in Java and is based on the technologies Java EE 5 (formerly J2EE), JDO 2, and Eclipse RCP 3. As a result, both client and server can be easily extended and offers greater flexibility, requiring only relatively low efforts when customizing it for specific sectors or companies needs.


Sugar Community Edition
Sugar Community Edition is a complete Customer Relationship Management (CRM) software for small to large businesses. It provides features for sales automation, marketing campaigns, support cases, project management, and calendaring among others. Sugar Community Edition offers modules that represent a specific functional aspect of CRM like Accounts, Activities, Leads, and Opportunities. SugarCRM is considered as one of the most widely used CRM software in the world with more than 250,000 community members, 25,000 developers, and over 850 extension projects.

Bookmark and Share
Posted by z0ltrix at 12:08 PM 0 comments
Subscribe to: Posts (Atom)