My good friend Alec Muffett has blogged an article from SecurityFocus about the vulnerability of default Linux system installs to, what he neatly call, "The triumphant return of: main(){while(1)fork();}".
It’s sad to see that many Linux distros (Debian being the notable exception) still ship with bad defaults that don’t prevent a non-privileged user fork-bombing a box. Certainly something that needs to be addressed as it’s all part of the “defence in depth” that any system needs.
Thanks to those nice folks at Planet Linux Australia for adding my blog to the many that they aggregate there.
Nice work guys. Keep the penguin flying! 🙂
I’ve been asked if I’d like to speak at the LCA 2005 pre-main conference Linux Clustering Mini-Conference about VPAC’s experience with clustering.
I’ve agreed. Now I just need to conquer my terror of public speaking!
The NASDAQ has added The SCO Group to its "List
of Non-Compliant Companies" as a delinquent filer, with the entry:
SCO Group, Inc. (The) Delinquent
(10/31/2004 10K) SCM 2/16/2005Affected Issue(s): SCOXE
You've got to admit that there's something nicely satisfactory to a company that makes such crazy claims reaping its whirlwind.
Found this really useful information on what to look for before a drive fails when you’re using the SMART monitoring tools under Linux.
The summary: If you start seeing ECC errors being reported – make sure you’ve got good backups! Do this even if the drive seems OK.
Given SCO’s potential de-listing from the NASDAQ because of failing to file a 10-K annual report on time (or indeed, within the 14 day delay period they requested) someone at Groklaw has done this wonderful skit based on the Monty Python Dead Parrot sketch.
Absolutely wonderful!
Andrew Cowie has written an interesting article about Gentoo Linux over at Linux Journal.
Now, I too have a confession to make. Ladies and Gentlemen, I use Gentoo. Thank you.
Actually, that’s not the complete truth, I currently use Gentoo (my workstation at work), Mandrake (my workstation at home, at least until I get some time to upgrade it to Gentoo), Redhat 7.3 and Fedora Core 3 (the clusters at work) and soon, SuSE (the latest cluster due to arrive shortly). I’ve also played with Ubuntu which was pretty nice, but they’re a GNOME based distribution and I’m a die-hard KDE user.
They’re all good for various tasks, and I’ve found that for what *I* want, which is to have the latest KDE, the minimum of cruft and a large selection of packages, it is the best. Oh, and there are no new releases as there are with distros like Redhat, Mandrake, etc, you do rolling updates in the same way as Debian.
For those folks who need to do computer security stuff, whether that’s as a sysadmin or as a consultant, there’s a nice Knoppix based Live CD called Auditor that you can run on your laptop or system without needing to install it.
It’s also handy if you’re doing WiFi stuff such as site surveys..
OK – so way back when SCO sent a letter to Lehman Brothers claiming ownership of a set of files in the Linux kernel and that they were never intended to be redistributed but were to be strictly controlled.
Asides from the fact that it’s likely that AT&T USL forfeited copyright on anything in V32 UNIX by distributing without any copyright notices it looks like there is even less that SCO can claim any sort of control over.
Now that the BSD settlement is public there are some interesting discrepancies to note between what SCO claim and what the settlement (which bound any successors in interest) says. This defined 3 categories of files, those that were “restricted” from further distribution (Exhibit A files), those that were USL UNIX derived but “may be freely reproduced and redistributed by others without payment of any royalties or fees and without execution of any license agreement with USL and/or the University” as long as they included the USL copyrights (Exhibit B files) and files derived from the BSD Net2 release and included in USL’s UNIX (Exhibit C files).
SCO claims to own an allegedly “copyrighted” ABI contained in errno.h, signal.h, stat.h, ctype.h, ioctl.h, ipc.h, acct.h, a.out.h, ecoff.h and bsderrno.h (yes, really, the BSD errno.h, not USL’s!).
So lets go through them..
Continue reading
This looks interesting, Helix Incident Response & Forensics live CD is a variant of the Knoppix live CD customised for computer forensics and incident response.