Re: Series 2 Tivo Setup Help PLEASE

2009-07-06 Thread Joe 
Could you use a Tomato flashed router, configure in client mode, and 
then you would have an ethernet port as close to the Tivo as you want. I 
have been Tivo free for over a year and it's great. Mythbuntu is much 
better.

Lisa Kachold wrote:
> Hi!  My Series 2 Tivo requires a phone line to do guided setup.
>
> http://tivocommunity.com/tivo-vb/showthread.php?t=406951
>
> After that I can configure the Wireless USB Adapter in Networking, but 
> unfortunately with my OS Tivo Version, I supposedly MUST (according to 
> Tivo) have the phone.
>
> I did see a few old posts about using Windows XP Hyperterm and a NULL 
> modem connection from PC to rj11. 
>
> http://www.b-lan.com/otto/tivo3xp/
>
> I have a serial null modem cable, but...
>
> a) I don't have any Serial connection on my Vista
> b) I have pppd on linux
> c) I don't have a rj11 adapter (could go to radio shack?)
>
> and some for getting around the Guided Setup via a dialout hack using 
> ",401# with a ethernet DHCP connection:
>
> http://everything2.com/title/How%2520to%2520setup%2520a%2520TiVo%2520without%2520a%2520phone%2520line
>
> d) I have only a Wireless USB - not an ethernet one.
>
>
> 1) Anyone have a house with a hardwired phone line and a full boat 
> cable I can do setup with?  (Takes about 5 hours via phone line)?
>
> 2) Other suggestions?
>
> -- 
> (623)239-3392 Skype: obn0sis
> (503)754-4452 www.obnosis.com 
>
>
>
>
>
> 
>
> ---
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

Re: Series 2 Tivo Setup Help PLEASE

2009-07-06 Thread Lisa Kachold 
Yes, I built a few MythTv's.  Easy to do.

I wanted a Tivo for $50.00.

On Mon, Jul 6, 2009 at 6:56 AM, Joe  wrote:

> Could you use a Tomato flashed router, configure in client mode, and
> then you would have an ethernet port as close to the Tivo as you want. I
> have been Tivo free for over a year and it's great. Mythbuntu is much
> better.
>
> Lisa Kachold wrote:
> > Hi!  My Series 2 Tivo requires a phone line to do guided setup.
> >
> > http://tivocommunity.com/tivo-vb/showthread.php?t=406951
> >
> > After that I can configure the Wireless USB Adapter in Networking, but
> > unfortunately with my OS Tivo Version, I supposedly MUST (according to
> > Tivo) have the phone.
> >
> > I did see a few old posts about using Windows XP Hyperterm and a NULL
> > modem connection from PC to rj11.
> >
> > http://www.b-lan.com/otto/tivo3xp/
> >
> > I have a serial null modem cable, but...
> >
> > a) I don't have any Serial connection on my Vista
> > b) I have pppd on linux
> > c) I don't have a rj11 adapter (could go to radio shack?)
> >
> > and some for getting around the Guided Setup via a dialout hack using
> > ",401# with a ethernet DHCP connection:
> >
> >
> http://everything2.com/title/How%2520to%2520setup%2520a%2520TiVo%2520without%2520a%2520phone%2520line
> >
> > d) I have only a Wireless USB - not an ethernet one.
> >
> >
> > 1) Anyone have a house with a hardwired phone line and a full boat
> > cable I can do setup with?  (Takes about 5 hours via phone line)?
> >
> > 2) Other suggestions?
> >
> > --
> > (623)239-3392 Skype: obn0sis
> > (503)754-4452 www.obnosis.com 
> >
> >
> >
> >
> >
> > 
> >
> > ---
> > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> > To subscribe, unsubscribe, or to change your mail settings:
> > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> ---
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>



-- 
(623)239-3392 Skype: obn0sis
(503)754-4452 www.obnosis.com
---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

Tracking file storage space use

2009-07-06 Thread Alan Dayley 
I have a server running Red Hat Enterprise Linux 5.  It's running very
well but lately we have been running out of disk space on occasion.
The truth is we need more storage and that solution is coming.  In the
mean time, I need to figure out where all the space is being consumed.

Every once in a while I can see 3-5GB get consumed in about a day.
Then, when I warn everyone we are running out, this space suddenly
comes free.  I think a user is eating the space and then freeing it up
when my warning goes out.  But none of the users will admit to this
behavior.  That's not a big deal because, whether a user or not, I'd
like to know what or who is eating this space and then releasing it.

The server is running SAMBA shares for /home and other directores,
Bugzilla with MySQL on the database, TWiki, Subversion, CVS and ftp
services.  Tracking each of these individually may be a bear.  I was
thinking there may be a tool that tracks recent usage from the file
system level.

What tools can I use to get a handle on this issue and increase my
knowledge about disk usage?

Alan
---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

Re: Tracking file storage space use

2009-07-06 Thread Eric Shubert 
Alan Dayley wrote:
> I have a server running Red Hat Enterprise Linux 5.  It's running very
> well but lately we have been running out of disk space on occasion.
> The truth is we need more storage and that solution is coming.  In the
> mean time, I need to figure out where all the space is being consumed.
> 
> Every once in a while I can see 3-5GB get consumed in about a day.
> Then, when I warn everyone we are running out, this space suddenly
> comes free.  I think a user is eating the space and then freeing it up
> when my warning goes out.  But none of the users will admit to this
> behavior.  That's not a big deal because, whether a user or not, I'd
> like to know what or who is eating this space and then releasing it.
> 
> The server is running SAMBA shares for /home and other directores,
> Bugzilla with MySQL on the database, TWiki, Subversion, CVS and ftp
> services.  Tracking each of these individually may be a bear.  I was
> thinking there may be a tool that tracks recent usage from the file
> system level.
> 
> What tools can I use to get a handle on this issue and increase my
> knowledge about disk usage?
> 
> Alan

I would think that a periodic find command could suffice. You could 
write a find command that would "find all of the files over 1 gig that 
were created in the last 24 hours", then put it in cron.daily/. You can 
tailor the find command to suit your situation.

-- 
-Eric 'shubes'

---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

Re: Tracking file storage space use

2009-07-06 Thread Ryan Rix 
On Mon 6 July 2009 9:19:09 am Eric Shubert wrote:
>
> I would think that a periodic find command could suffice. You could
> write a find command that would "find all of the files over 1 gig that
> were created in the last 24 hours", then put it in cron.daily/. You can
> tailor the find command to suit your situation.

Unless it's a TON of smaller files (torrents, etc?)
---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

Re: Tracking file storage space use

2009-07-06 Thread kitepi...@kitepilot.com 
du . -h --max-depth=1
Along with other scripts and/or operator...   :)
ET 

PS: You may want to get rid of the '-h' for scripts... 

 


Eric Shubert writes: 

> Alan Dayley wrote:
>> I have a server running Red Hat Enterprise Linux 5.  It's running very
>> well but lately we have been running out of disk space on occasion.
>> The truth is we need more storage and that solution is coming.  In the
>> mean time, I need to figure out where all the space is being consumed. 
>> 
>> Every once in a while I can see 3-5GB get consumed in about a day.
>> Then, when I warn everyone we are running out, this space suddenly
>> comes free.  I think a user is eating the space and then freeing it up
>> when my warning goes out.  But none of the users will admit to this
>> behavior.  That's not a big deal because, whether a user or not, I'd
>> like to know what or who is eating this space and then releasing it. 
>> 
>> The server is running SAMBA shares for /home and other directores,
>> Bugzilla with MySQL on the database, TWiki, Subversion, CVS and ftp
>> services.  Tracking each of these individually may be a bear.  I was
>> thinking there may be a tool that tracks recent usage from the file
>> system level. 
>> 
>> What tools can I use to get a handle on this issue and increase my
>> knowledge about disk usage? 
>> 
>> Alan
> 
> I would think that a periodic find command could suffice. You could 
> write a find command that would "find all of the files over 1 gig that 
> were created in the last 24 hours", then put it in cron.daily/. You can 
> tailor the find command to suit your situation. 
> 
> -- 
> -Eric 'shubes' 
> 
> ---
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

Re: Series 2 Tivo Setup Help PLEASE

2009-07-06 Thread Stephen 
there is also the LinuxMCE project. which looks very cool.

On Mon, Jul 6, 2009 at 9:01 AM, Lisa Kachold wrote:
> Yes, I built a few MythTv's.  Easy to do.
>
> I wanted a Tivo for $50.00.
>
> On Mon, Jul 6, 2009 at 6:56 AM, Joe  wrote:
>>
>> Could you use a Tomato flashed router, configure in client mode, and
>> then you would have an ethernet port as close to the Tivo as you want. I
>> have been Tivo free for over a year and it's great. Mythbuntu is much
>> better.
>>
>> Lisa Kachold wrote:
>> > Hi!  My Series 2 Tivo requires a phone line to do guided setup.
>> >
>> > http://tivocommunity.com/tivo-vb/showthread.php?t=406951
>> >
>> > After that I can configure the Wireless USB Adapter in Networking, but
>> > unfortunately with my OS Tivo Version, I supposedly MUST (according to
>> > Tivo) have the phone.
>> >
>> > I did see a few old posts about using Windows XP Hyperterm and a NULL
>> > modem connection from PC to rj11.
>> >
>> > http://www.b-lan.com/otto/tivo3xp/
>> >
>> > I have a serial null modem cable, but...
>> >
>> > a) I don't have any Serial connection on my Vista
>> > b) I have pppd on linux
>> > c) I don't have a rj11 adapter (could go to radio shack?)
>> >
>> > and some for getting around the Guided Setup via a dialout hack using
>> > ",401# with a ethernet DHCP connection:
>> >
>> >
>> > http://everything2.com/title/How%2520to%2520setup%2520a%2520TiVo%2520without%2520a%2520phone%2520line
>> >
>> > d) I have only a Wireless USB - not an ethernet one.
>> >
>> >
>> > 1) Anyone have a house with a hardwired phone line and a full boat
>> > cable I can do setup with?  (Takes about 5 hours via phone line)?
>> >
>> > 2) Other suggestions?
>> >
>> > --
>> > (623)239-3392 Skype: obn0sis
>> > (503)754-4452 www.obnosis.com 
>> >
>> >
>> >
>> >
>> >
>> > 
>> >
>> > ---
>> > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
>> > To subscribe, unsubscribe, or to change your mail settings:
>> > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>> ---
>> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
>> To subscribe, unsubscribe, or to change your mail settings:
>> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
>
>
> --
> (623)239-3392 Skype: obn0sis
> (503)754-4452 www.obnosis.com
>
>
>
>
>
>
> ---
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>



-- 
A mouse trap, placed on top of your alarm clock, will prevent you from
rolling over and going back to sleep after you hit the snooze button.

Stephen
---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

Bar Camp Phoenix Reminder

2009-07-06 Thread Derek Neighbors 
What:
BarCamp Phoenix
(As stolen from BarCampNYC, as copied from...) BarCamp is an ad-hoc
un-conference born from the desire for people to share and learn in an
open environment. It is an intense event with discussions, demos and
interaction from attendees. All attendees must give a demo, a session,
or help with one.

Anyone with something to contribute or with the desire to learn is
welcome and invited to join.

When you come, be prepared to share with barcampers. When you leave,
be prepared to share it with the world.


When:
Saturday August 29, 2009 from 9:30am - 5:00pm

Where:
Gangplank
325 East Elliot Suite 34
Chandler, Arizona 85225


Website: http://barcamp.org/BarCampPhoenix

--
Derek Neighbors
---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

DRUPAL-SA-CORE-2009-007

2009-07-06 Thread Ryan Rix 
Multiple issues, time for an update, all you Drupal users!

Cross-site scripting

The Forum module does not correctly handle certain arguments obtained from the 
URL. By enticing a suitably privileged user to visit a specially crafted URL, 
a malicious user is able to insert arbitrary HTML and script code into forum 
pages. Such a cross-site scripting attack may lead to the malicious user 
gaining administrative access. Wikipedia has more information about cross-site 
scripting (XSS).

This issue affects Drupal 6.x only

http://drupal.org/node/507572

Ryan
---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

Re: Series 2 Tivo Setup Help PLEASE

2009-07-06 Thread Michael Butash 
I've used linuxmce, quirky/broken is my best way to describe it.  Spent
a considerable amount of time trying to make it work for home
automation, finally gave up and just spent some cash for windoze-based
HA software (homeseer).  It uses myth on the backend, you're probably
better off using myth direct via it's own front-end.  

I rather like/recommend xbox media center (on a hacked xbox or linux),
but I don't DVR anything, just watch locally downloaded files.  Who
needs icky commercials when teh interwebs provide such great
commercial-free content...

-mb


On Mon, 2009-07-06 at 09:41 -0700, Stephen wrote:
> there is also the LinuxMCE project. which looks very cool.
> 
> On Mon, Jul 6, 2009 at 9:01 AM, Lisa Kachold wrote:
> > Yes, I built a few MythTv's.  Easy to do.
> >
> > I wanted a Tivo for $50.00.
> >
> > On Mon, Jul 6, 2009 at 6:56 AM, Joe  wrote:
> >>
> >> Could you use a Tomato flashed router, configure in client mode, and
> >> then you would have an ethernet port as close to the Tivo as you want. I
> >> have been Tivo free for over a year and it's great. Mythbuntu is much
> >> better.
> >>
> >> Lisa Kachold wrote:
> >> > Hi!  My Series 2 Tivo requires a phone line to do guided setup.
> >> >
> >> > http://tivocommunity.com/tivo-vb/showthread.php?t=406951
> >> >
> >> > After that I can configure the Wireless USB Adapter in Networking, but
> >> > unfortunately with my OS Tivo Version, I supposedly MUST (according to
> >> > Tivo) have the phone.
> >> >
> >> > I did see a few old posts about using Windows XP Hyperterm and a NULL
> >> > modem connection from PC to rj11.
> >> >
> >> > http://www.b-lan.com/otto/tivo3xp/
> >> >
> >> > I have a serial null modem cable, but...
> >> >
> >> > a) I don't have any Serial connection on my Vista
> >> > b) I have pppd on linux
> >> > c) I don't have a rj11 adapter (could go to radio shack?)
> >> >
> >> > and some for getting around the Guided Setup via a dialout hack using
> >> > ",401# with a ethernet DHCP connection:
> >> >
> >> >
> >> > http://everything2.com/title/How%2520to%2520setup%2520a%2520TiVo%2520without%2520a%2520phone%2520line
> >> >
> >> > d) I have only a Wireless USB - not an ethernet one.
> >> >
> >> >
> >> > 1) Anyone have a house with a hardwired phone line and a full boat
> >> > cable I can do setup with?  (Takes about 5 hours via phone line)?
> >> >
> >> > 2) Other suggestions?
> >> >
> >> > --
> >> > (623)239-3392 Skype: obn0sis
> >> > (503)754-4452 www.obnosis.com 
> >> >
> >> >
> >> >
> >> >
> >> >
> >> > 
> >> >
> >> > ---
> >> > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> >> > To subscribe, unsubscribe, or to change your mail settings:
> >> > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> >> ---
> >> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> >> To subscribe, unsubscribe, or to change your mail settings:
> >> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> >
> >
> >
> > --
> > (623)239-3392 Skype: obn0sis
> > (503)754-4452 www.obnosis.com
> >
> >
> >
> >
> >
> >
> > ---
> > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> > To subscribe, unsubscribe, or to change your mail settings:
> > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> >
> 
> 
> 

---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

Re: Series 2 Tivo Setup Help PLEASE

2009-07-06 Thread Lisa Kachold 
On Mon, Jul 6, 2009 at 12:19 PM, Michael Butash  wrote:

> I've used linuxmce, quirky/broken is my best way to describe it.  Spent
> a considerable amount of time trying to make it work for home
> automation, finally gave up and just spent some cash for windoze-based
> HA software (homeseer).  It uses myth on the backend, you're probably
> better off using myth direct via it's own front-end.
>
> I rather like/recommend xbox media center (on a hacked xbox or linux),
> but I don't DVR anything, just watch locally downloaded files.  Who
> needs icky commercials when teh interwebs provide such great
> commercial-free content...


I didn't get to actually use the MythTv's I built .

But the tuner card cost more than my Tivo.

>
>
> -mb
>
>
> On Mon, 2009-07-06 at 09:41 -0700, Stephen wrote:
> > there is also the LinuxMCE project. which looks very cool.
> >
> > On Mon, Jul 6, 2009 at 9:01 AM, Lisa Kachold
> wrote:
> > > Yes, I built a few MythTv's.  Easy to do.
> > >
> > > I wanted a Tivo for $50.00.
> > >
> > > On Mon, Jul 6, 2009 at 6:56 AM, Joe  wrote:
> > >>
> > >> Could you use a Tomato flashed router, configure in client mode, and
> > >> then you would have an ethernet port as close to the Tivo as you want.
> I
> > >> have been Tivo free for over a year and it's great. Mythbuntu is much
> > >> better.
> > >>
> > >> Lisa Kachold wrote:
> > >> > Hi!  My Series 2 Tivo requires a phone line to do guided setup.
> > >> >
> > >> > http://tivocommunity.com/tivo-vb/showthread.php?t=406951
> > >> >
> > >> > After that I can configure the Wireless USB Adapter in Networking,
> but
> > >> > unfortunately with my OS Tivo Version, I supposedly MUST (according
> to
> > >> > Tivo) have the phone.
> > >> >
> > >> > I did see a few old posts about using Windows XP Hyperterm and a
> NULL
> > >> > modem connection from PC to rj11.
> > >> >
> > >> > http://www.b-lan.com/otto/tivo3xp/
> > >> >
> > >> > I have a serial null modem cable, but...
> > >> >
> > >> > a) I don't have any Serial connection on my Vista
> > >> > b) I have pppd on linux
> > >> > c) I don't have a rj11 adapter (could go to radio shack?)
> > >> >
> > >> > and some for getting around the Guided Setup via a dialout hack
> using
> > >> > ",401# with a ethernet DHCP connection:
> > >> >
> > >> >
> > >> >
> http://everything2.com/title/How%2520to%2520setup%2520a%2520TiVo%2520without%2520a%2520phone%2520line
> > >> >
> > >> > d) I have only a Wireless USB - not an ethernet one.
> > >> >
> > >> >
> > >> > 1) Anyone have a house with a hardwired phone line and a full boat
> > >> > cable I can do setup with?  (Takes about 5 hours via phone line)?
> > >> >
> > >> > 2) Other suggestions?
> > >> >
> > >> > --
> > >> > (623)239-3392 Skype: obn0sis
> > >> > (503)754-4452 www.obnosis.com 
> > >> >
> > >> >
> > >> >
> > >> >
> > >> >
> > >> >
> 
> > >> >
> > >> > ---
> > >> > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> > >> > To subscribe, unsubscribe, or to change your mail settings:
> > >> > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> > >> ---
> > >> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> > >> To subscribe, unsubscribe, or to change your mail settings:
> > >> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> > >
> > >
> > >
> > > --
> > > (623)239-3392 Skype: obn0sis
> > > (503)754-4452 www.obnosis.com
> > >
> > >
> > >
> > >
> > >
> > >
> > > ---
> > > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> > > To subscribe, unsubscribe, or to change your mail settings:
> > > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> > >
> >
> >
> >
>
> ---
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>



-- 
(623)239-3392 Skype: obn0sis
(503)754-4452 www.obnosis.com
---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

Re: DRUPAL-SA-CORE-2009-007

2009-07-06 Thread Lisa Kachold 
WE don't run forums on the PLUG site Ryan.

There are a great many exploits in all manner of Drupal 4,5,6 modules and we
fairly well know them for the PLUG site.


On Mon, Jul 6, 2009 at 10:43 AM, Ryan Rix  wrote:

> Multiple issues, time for an update, all you Drupal users!
>
> Cross-site scripting
>
> The Forum module does not correctly handle certain arguments obtained from
> the
> URL. By enticing a suitably privileged user to visit a specially crafted
> URL,
> a malicious user is able to insert arbitrary HTML and script code into
> forum
> pages. Such a cross-site scripting attack may lead to the malicious user
> gaining administrative access. Wikipedia has more information about
> cross-site
> scripting (XSS).
>
> This issue affects Drupal 6.x only
>
> http://drupal.org/node/507572
>
> Ryan
> ---
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>



-- 
(623)239-3392 Skype: obn0sis
(503)754-4452 www.obnosis.com
---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

Re: DRUPAL-SA-CORE-2009-007

2009-07-06 Thread Stephen 
i think this is for all the others of us running drupal as much as for
the plug drupal

but both bits of info was great.

On Mon, Jul 6, 2009 at 1:20 PM, Lisa Kachold wrote:
> WE don't run forums on the PLUG site Ryan.
>
> There are a great many exploits in all manner of Drupal 4,5,6 modules and we
> fairly well know them for the PLUG site.
>
>
> On Mon, Jul 6, 2009 at 10:43 AM, Ryan Rix  wrote:
>>
>> Multiple issues, time for an update, all you Drupal users!
>>
>> Cross-site scripting
>>
>> The Forum module does not correctly handle certain arguments obtained from
>> the
>> URL. By enticing a suitably privileged user to visit a specially crafted
>> URL,
>> a malicious user is able to insert arbitrary HTML and script code into
>> forum
>> pages. Such a cross-site scripting attack may lead to the malicious user
>> gaining administrative access. Wikipedia has more information about
>> cross-site
>> scripting (XSS).
>>
>> This issue affects Drupal 6.x only
>>
>> http://drupal.org/node/507572
>>
>> Ryan
>> ---
>> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
>> To subscribe, unsubscribe, or to change your mail settings:
>> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
>
>
> --
> (623)239-3392 Skype: obn0sis
> (503)754-4452 www.obnosis.com
>
>
>
>
>
>
> ---
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>



-- 
A mouse trap, placed on top of your alarm clock, will prevent you from
rolling over and going back to sleep after you hit the snooze button.

Stephen
---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

Re: Series 2 Tivo Setup Help PLEASE

2009-07-06 Thread Stephen 
but if i cannibalize the x box my son will cry... and i cant afford to
replace it quite yet :-)

but i want to... boy do i want to...

On Mon, Jul 6, 2009 at 12:19 PM, Michael Butash wrote:
> I've used linuxmce, quirky/broken is my best way to describe it.  Spent
> a considerable amount of time trying to make it work for home
> automation, finally gave up and just spent some cash for windoze-based
> HA software (homeseer).  It uses myth on the backend, you're probably
> better off using myth direct via it's own front-end.
>
> I rather like/recommend xbox media center (on a hacked xbox or linux),
> but I don't DVR anything, just watch locally downloaded files.  Who
> needs icky commercials when teh interwebs provide such great
> commercial-free content...
>
> -mb
>
>
> On Mon, 2009-07-06 at 09:41 -0700, Stephen wrote:
>> there is also the LinuxMCE project. which looks very cool.
>>
>> On Mon, Jul 6, 2009 at 9:01 AM, Lisa Kachold wrote:
>> > Yes, I built a few MythTv's.  Easy to do.
>> >
>> > I wanted a Tivo for $50.00.
>> >
>> > On Mon, Jul 6, 2009 at 6:56 AM, Joe  wrote:
>> >>
>> >> Could you use a Tomato flashed router, configure in client mode, and
>> >> then you would have an ethernet port as close to the Tivo as you want. I
>> >> have been Tivo free for over a year and it's great. Mythbuntu is much
>> >> better.
>> >>
>> >> Lisa Kachold wrote:
>> >> > Hi!  My Series 2 Tivo requires a phone line to do guided setup.
>> >> >
>> >> > http://tivocommunity.com/tivo-vb/showthread.php?t=406951
>> >> >
>> >> > After that I can configure the Wireless USB Adapter in Networking, but
>> >> > unfortunately with my OS Tivo Version, I supposedly MUST (according to
>> >> > Tivo) have the phone.
>> >> >
>> >> > I did see a few old posts about using Windows XP Hyperterm and a NULL
>> >> > modem connection from PC to rj11.
>> >> >
>> >> > http://www.b-lan.com/otto/tivo3xp/
>> >> >
>> >> > I have a serial null modem cable, but...
>> >> >
>> >> > a) I don't have any Serial connection on my Vista
>> >> > b) I have pppd on linux
>> >> > c) I don't have a rj11 adapter (could go to radio shack?)
>> >> >
>> >> > and some for getting around the Guided Setup via a dialout hack using
>> >> > ",401# with a ethernet DHCP connection:
>> >> >
>> >> >
>> >> > http://everything2.com/title/How%2520to%2520setup%2520a%2520TiVo%2520without%2520a%2520phone%2520line
>> >> >
>> >> > d) I have only a Wireless USB - not an ethernet one.
>> >> >
>> >> >
>> >> > 1) Anyone have a house with a hardwired phone line and a full boat
>> >> > cable I can do setup with?  (Takes about 5 hours via phone line)?
>> >> >
>> >> > 2) Other suggestions?
>> >> >
>> >> > --
>> >> > (623)239-3392 Skype: obn0sis
>> >> > (503)754-4452 www.obnosis.com 
>> >> >
>> >> >
>> >> >
>> >> >
>> >> >
>> >> > 
>> >> >
>> >> > ---
>> >> > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
>> >> > To subscribe, unsubscribe, or to change your mail settings:
>> >> > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>> >> ---
>> >> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
>> >> To subscribe, unsubscribe, or to change your mail settings:
>> >> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>> >
>> >
>> >
>> > --
>> > (623)239-3392 Skype: obn0sis
>> > (503)754-4452 www.obnosis.com
>> >
>> >
>> >
>> >
>> >
>> >
>> > ---
>> > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
>> > To subscribe, unsubscribe, or to change your mail settings:
>> > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>> >
>>
>>
>>
>
> ---
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>



-- 
A mouse trap, placed on top of your alarm clock, will prevent you from
rolling over and going back to sleep after you hit the snooze button.

Stephen
---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

Re: DRUPAL-SA-CORE-2009-007

2009-07-06 Thread Ryan Rix 
On Mon 6 July 2009 1:20:39 pm Lisa Kachold wrote:
> WE don't run forums on the PLUG site Ryan.
>
> There are a great many exploits in all manner of Drupal 4,5,6 modules and
> we fairly well know them for the PLUG site.
>

WE don't but others may ;) If it was something that would affect the actual 
PLUG I would have probably just sent you and Hans a mail offlist.

No worries, just putting the info out there
Ryan
---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

Re: DRUPAL-SA-CORE-2009-007

2009-07-06 Thread Lisa Kachold 
Yes, and those are just the known issues.

Run sql injection tools and tests and see where one gets?

There really are a great many problems and potential issues (due to failure
to install correctly) and php/mysql web system.

On Mon, Jul 6, 2009 at 1:22 PM, Stephen  wrote:

> i think this is for all the others of us running drupal as much as for
> the plug drupal
>
> but both bits of info was great.
>
> On Mon, Jul 6, 2009 at 1:20 PM, Lisa Kachold
> wrote:
> > WE don't run forums on the PLUG site Ryan.
> >
> > There are a great many exploits in all manner of Drupal 4,5,6 modules and
> we
> > fairly well know them for the PLUG site.
> >
> >
> > On Mon, Jul 6, 2009 at 10:43 AM, Ryan Rix 
> wrote:
> >>
> >> Multiple issues, time for an update, all you Drupal users!
> >>
> >> Cross-site scripting
> >>
> >> The Forum module does not correctly handle certain arguments obtained
> from
> >> the
> >> URL. By enticing a suitably privileged user to visit a specially crafted
> >> URL,
> >> a malicious user is able to insert arbitrary HTML and script code into
> >> forum
> >> pages. Such a cross-site scripting attack may lead to the malicious user
> >> gaining administrative access. Wikipedia has more information about
> >> cross-site
> >> scripting (XSS).
> >>
> >> This issue affects Drupal 6.x only
> >>
> >> http://drupal.org/node/507572
> >>
> >> Ryan
> >> ---
> >> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> >> To subscribe, unsubscribe, or to change your mail settings:
> >> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> >
> >
> >
> > --
> > (623)239-3392 Skype: obn0sis
> > (503)754-4452 www.obnosis.com
> >
> >
> >
> >
> >
> >
> > ---
> > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> > To subscribe, unsubscribe, or to change your mail settings:
> > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> >
>
>
>
> --
> A mouse trap, placed on top of your alarm clock, will prevent you from
> rolling over and going back to sleep after you hit the snooze button.
>
> Stephen
> ---
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>



-- 
(623)239-3392 Skype: obn0sis
(503)754-4452 www.obnosis.com
---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

Re: DRUPAL-SA-CORE-2009-007

2009-07-06 Thread Ryan Rix 
On Mon 6 July 2009 1:38:33 pm Lisa Kachold wrote:
> Yes, and those are just the known issues.
>
> Run sql injection tools and tests and see where one gets?
>
> There really are a great many problems and potential issues (due to failure
> to install correctly) and php/mysql web system.
>
> On Mon, Jul 6, 2009 at 1:22 PM, Stephen  wrote:
> > i think this is for all the others of us running drupal as much as for
> > the plug drupal
> >
> > but both bits of info was great.

Lisa,

And not everyone who runs Drupal may keep up on SA's, or be major security 
experts, so it can't really hurt for me to post one or two every once in a 
while.

Or am I wrong in saying this?

Ryan
---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

Re: Series 2 Tivo Setup Help PLEASE

2009-07-06 Thread Michael Butash 
Honestly, my hacked xbox was simply the best investment as a media
player ever, plus it still plays games.  Even better, it rips the games
to HD, or readily accepts them via ftp pushed iso's.  I still use it to
this day (7yr later), where im begrudgingly migrating to xbmc on linux
for 720p and higher res (xbox's 700mhz p3 doesn't cut the mustard for
h.264 video).

With software hacks, makes for one heck of a powerful media player for a
$50 used xbox, and just stream media from a simple file share.

I suppose this also presumes you hoard your own media, but I've only
ever found Tivo's more cumbersome to use than xbmc.  Commercials make me
irritable, and since media cartels mandated no automagical
commercial-skipping to kill their revenue/brainwashing, they seem...
pointless.

-mb


> but if i cannibalize the x box my son will cry... and i cant afford to
> replace it quite yet :-)
> 
> but i want to... boy do i want to...
> 
> On Mon, Jul 6, 2009 at 12:19 PM, Michael Butash wrote:
> > I've used linuxmce, quirky/broken is my best way to describe it.  Spent
> > a considerable amount of time trying to make it work for home
> > automation, finally gave up and just spent some cash for windoze-based
> > HA software (homeseer).  It uses myth on the backend, you're probably
> > better off using myth direct via it's own front-end.
> >
> > I rather like/recommend xbox media center (on a hacked xbox or linux),
> > but I don't DVR anything, just watch locally downloaded files.  Who
> > needs icky commercials when teh interwebs provide such great
> > commercial-free content...
> >
> > -mb
> >
> >
> > On Mon, 2009-07-06 at 09:41 -0700, Stephen wrote:
> >> there is also the LinuxMCE project. which looks very cool.
> >>
> >> On Mon, Jul 6, 2009 at 9:01 AM, Lisa Kachold 
> >> wrote:
> >> > Yes, I built a few MythTv's.  Easy to do.
> >> >
> >> > I wanted a Tivo for $50.00.
> >> >
> >> > On Mon, Jul 6, 2009 at 6:56 AM, Joe  wrote:
> >> >>
> >> >> Could you use a Tomato flashed router, configure in client mode, and
> >> >> then you would have an ethernet port as close to the Tivo as you want. I
> >> >> have been Tivo free for over a year and it's great. Mythbuntu is much
> >> >> better.
> >> >>
> >> >> Lisa Kachold wrote:
> >> >> > Hi!  My Series 2 Tivo requires a phone line to do guided setup.
> >> >> >
> >> >> > http://tivocommunity.com/tivo-vb/showthread.php?t=406951
> >> >> >
> >> >> > After that I can configure the Wireless USB Adapter in Networking, but
> >> >> > unfortunately with my OS Tivo Version, I supposedly MUST (according to
> >> >> > Tivo) have the phone.
> >> >> >
> >> >> > I did see a few old posts about using Windows XP Hyperterm and a NULL
> >> >> > modem connection from PC to rj11.
> >> >> >
> >> >> > http://www.b-lan.com/otto/tivo3xp/
> >> >> >
> >> >> > I have a serial null modem cable, but...
> >> >> >
> >> >> > a) I don't have any Serial connection on my Vista
> >> >> > b) I have pppd on linux
> >> >> > c) I don't have a rj11 adapter (could go to radio shack?)
> >> >> >
> >> >> > and some for getting around the Guided Setup via a dialout hack using
> >> >> > ",401# with a ethernet DHCP connection:
> >> >> >
> >> >> >
> >> >> > http://everything2.com/title/How%2520to%2520setup%2520a%2520TiVo%2520without%2520a%2520phone%2520line
> >> >> >
> >> >> > d) I have only a Wireless USB - not an ethernet one.
> >> >> >
> >> >> >
> >> >> > 1) Anyone have a house with a hardwired phone line and a full boat
> >> >> > cable I can do setup with?  (Takes about 5 hours via phone line)?
> >> >> >
> >> >> > 2) Other suggestions?
> >> >> >
> >> >> > --
> >> >> > (623)239-3392 Skype: obn0sis
> >> >> > (503)754-4452 www.obnosis.com 
> >> >> >
> >> >> >
> >> >> >
> >> >> >
> >> >> >
> >> >> > 
> >> >> >
> >> >> > ---
> >> >> > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> >> >> > To subscribe, unsubscribe, or to change your mail settings:
> >> >> > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> >> >> ---
> >> >> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> >> >> To subscribe, unsubscribe, or to change your mail settings:
> >> >> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> >> >
> >> >
> >> >
> >> > --
> >> > (623)239-3392 Skype: obn0sis
> >> > (503)754-4452 www.obnosis.com
> >> >
> >> >
> >> >
> >> >
> >> >
> >> >
> >> > ---
> >> > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> >> > To subscribe, unsubscribe, or to change your mail settings:
> >> > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> >> >
> >>
> >>
> >>
> >
> > ---
> > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> > To subscribe, unsubscribe, or

Re: DRUPAL-SA-CORE-2009-007

2009-07-06 Thread Lisa Kachold 
On Mon, Jul 6, 2009 at 1:45 PM, Ryan Rix  wrote:

> On Mon 6 July 2009 1:38:33 pm Lisa Kachold wrote:
> > Yes, and those are just the known issues.
> >
> > Run sql injection tools and tests and see where one gets?
> >
> > There really are a great many problems and potential issues (due to
> failure
> > to install correctly) and php/mysql web system.
> >
> > On Mon, Jul 6, 2009 at 1:22 PM, Stephen  wrote:
> > > i think this is for all the others of us running drupal as much as for
> > > the plug drupal
> > >
> > > but both bits of info was great.
>
> Lisa,
>
> And not everyone who runs Drupal may keep up on SA's, or be major security
> experts, so it can't really hurt for me to post one or two every once in a
> while.
>
> Or am I wrong in saying this?


No, post them all!

Better yet Ryan, since you communicate so well, with a great technical
grasp, write a full report, or how about a nice LinuxJournal article?

They would accept your submissions, I am sure.

>
>
> Ryan
> ---
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>



-- 
(623)239-3392 Skype: obn0sis
(503)754-4452 www.obnosis.com
---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

Re: Series 2 Tivo Setup Help PLEASE

2009-07-06 Thread Lisa Kachold 
On Mon, Jul 6, 2009 at 1:53 PM, Michael Butash  wrote:

> Honestly, my hacked xbox was simply the best investment as a media
> player ever, plus it still plays games.  Even better, it rips the games
> to HD, or readily accepts them via ftp pushed iso's.  I still use it to
> this day (7yr later), where im begrudgingly migrating to xbmc on linux
> for 720p and higher res (xbox's 700mhz p3 doesn't cut the mustard for
> h.264 video).
>
> With software hacks, makes for one heck of a powerful media player for a
> $50 used xbox, and just stream media from a simple file share.
>
> I suppose this also presumes you hoard your own media, but I've only
> ever found Tivo's more cumbersome to use than xbmc.  Commercials make me
> irritable, and since media cartels mandated no automagical
> commercial-skipping to kill their revenue/brainwashing, they seem...
> pointless.


http://forum.ecoustics.com/bbs/messages/34579/127787.html

>
>
> -mb
>
>
> > but if i cannibalize the x box my son will cry... and i cant afford to
> > replace it quite yet :-)
> >
> > but i want to... boy do i want to...
> >
> > On Mon, Jul 6, 2009 at 12:19 PM, Michael Butash
> wrote:
> > > I've used linuxmce, quirky/broken is my best way to describe it.  Spent
> > > a considerable amount of time trying to make it work for home
> > > automation, finally gave up and just spent some cash for windoze-based
> > > HA software (homeseer).  It uses myth on the backend, you're probably
> > > better off using myth direct via it's own front-end.
> > >
> > > I rather like/recommend xbox media center (on a hacked xbox or linux),
> > > but I don't DVR anything, just watch locally downloaded files.  Who
> > > needs icky commercials when teh interwebs provide such great
> > > commercial-free content...
> > >
> > > -mb
> > >
> > >
> > > On Mon, 2009-07-06 at 09:41 -0700, Stephen wrote:
> > >> there is also the LinuxMCE project. which looks very cool.
> > >>
> > >> On Mon, Jul 6, 2009 at 9:01 AM, Lisa Kachold
> wrote:
> > >> > Yes, I built a few MythTv's.  Easy to do.
> > >> >
> > >> > I wanted a Tivo for $50.00.
> > >> >
> > >> > On Mon, Jul 6, 2009 at 6:56 AM, Joe  wrote:
> > >> >>
> > >> >> Could you use a Tomato flashed router, configure in client mode,
> and
> > >> >> then you would have an ethernet port as close to the Tivo as you
> want. I
> > >> >> have been Tivo free for over a year and it's great. Mythbuntu is
> much
> > >> >> better.
> > >> >>
> > >> >> Lisa Kachold wrote:
> > >> >> > Hi!  My Series 2 Tivo requires a phone line to do guided setup.
> > >> >> >
> > >> >> > http://tivocommunity.com/tivo-vb/showthread.php?t=406951
> > >> >> >
> > >> >> > After that I can configure the Wireless USB Adapter in
> Networking, but
> > >> >> > unfortunately with my OS Tivo Version, I supposedly MUST
> (according to
> > >> >> > Tivo) have the phone.
> > >> >> >
> > >> >> > I did see a few old posts about using Windows XP Hyperterm and a
> NULL
> > >> >> > modem connection from PC to rj11.
> > >> >> >
> > >> >> > http://www.b-lan.com/otto/tivo3xp/
> > >> >> >
> > >> >> > I have a serial null modem cable, but...
> > >> >> >
> > >> >> > a) I don't have any Serial connection on my Vista
> > >> >> > b) I have pppd on linux
> > >> >> > c) I don't have a rj11 adapter (could go to radio shack?)
> > >> >> >
> > >> >> > and some for getting around the Guided Setup via a dialout hack
> using
> > >> >> > ",401# with a ethernet DHCP connection:
> > >> >> >
> > >> >> >
> > >> >> >
> http://everything2.com/title/How%2520to%2520setup%2520a%2520TiVo%2520without%2520a%2520phone%2520line
> > >> >> >
> > >> >> > d) I have only a Wireless USB - not an ethernet one.
> > >> >> >
> > >> >> >
> > >> >> > 1) Anyone have a house with a hardwired phone line and a full
> boat
> > >> >> > cable I can do setup with?  (Takes about 5 hours via phone line)?
> > >> >> >
> > >> >> > 2) Other suggestions?
> > >> >> >
> > >> >> > --
> > >> >> > (623)239-3392 Skype: obn0sis
> > >> >> > (503)754-4452 www.obnosis.com 
> > >> >> >
> > >> >> >
> > >> >> >
> > >> >> >
> > >> >> >
> > >> >> >
> 
> > >> >> >
> > >> >> > ---
> > >> >> > PLUG-discuss mailing list -
> PLUG-discuss@lists.plug.phoenix.az.us
> > >> >> > To subscribe, unsubscribe, or to change your mail settings:
> > >> >> > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> > >> >> ---
> > >> >> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> > >> >> To subscribe, unsubscribe, or to change your mail settings:
> > >> >> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> > >> >
> > >> >
> > >> >
> > >> > --
> > >> > (623)239-3392 Skype: obn0sis
> > >> > (503)754-4452 www.obnosis.com
> > >> >
> > >> >
> > >> >
> > >> >
> > >> >
> > >> >
> > >> > ---
> > >> > PLUG-discuss mai

Re: Tracking file storage space use

2009-07-06 Thread JD Austin 
using 'du -h /home' you can find out who is the space hog

On 7/6/09, Alan Dayley  wrote:
> I have a server running Red Hat Enterprise Linux 5.  It's running very
> well but lately we have been running out of disk space on occasion.
> The truth is we need more storage and that solution is coming.  In the
> mean time, I need to figure out where all the space is being consumed.
>
> Every once in a while I can see 3-5GB get consumed in about a day.
> Then, when I warn everyone we are running out, this space suddenly
> comes free.  I think a user is eating the space and then freeing it up
> when my warning goes out.  But none of the users will admit to this
> behavior.  That's not a big deal because, whether a user or not, I'd
> like to know what or who is eating this space and then releasing it.
>
> The server is running SAMBA shares for /home and other directores,
> Bugzilla with MySQL on the database, TWiki, Subversion, CVS and ftp
> services.  Tracking each of these individually may be a bear.  I was
> thinking there may be a tool that tracks recent usage from the file
> system level.
>
> What tools can I use to get a handle on this issue and increase my
> knowledge about disk usage?
>
> Alan
> ---
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>


-- 
--
JD Austin
Twin Geckos Technology Services LLC
j...@twingeckos.com
480.288.8195x201
http://www.twingeckos.com
---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

RE: Tracking file storage space use

2009-07-06 Thread Bob Elzer 
I found this perl script in Linux Journal. What's great is it creates a web
page, that everyone can look at, and see who the disk hogs are.

Article http://www.linuxjournal.com/article/2416

Linux Gazette http://linuxgazette.net/issue18/disk_hog.html better picture
of web page generated at the end.



-Original Message-
From: plug-discuss-boun...@lists.plug.phoenix.az.us
[mailto:plug-discuss-boun...@lists.plug.phoenix.az.us] On Behalf Of Eric
Shubert
Sent: Monday, July 06, 2009 9:19 AM
To: plug-discuss@lists.plug.phoenix.az.us
Subject: Re: Tracking file storage space use

Alan Dayley wrote:
> I have a server running Red Hat Enterprise Linux 5.  It's running very 
> well but lately we have been running out of disk space on occasion.
> The truth is we need more storage and that solution is coming.  In the 
> mean time, I need to figure out where all the space is being consumed.
> 
> Every once in a while I can see 3-5GB get consumed in about a day.
> Then, when I warn everyone we are running out, this space suddenly 
> comes free.  I think a user is eating the space and then freeing it up 
> when my warning goes out.  But none of the users will admit to this 
> behavior.  That's not a big deal because, whether a user or not, I'd 
> like to know what or who is eating this space and then releasing it.
> 
> The server is running SAMBA shares for /home and other directores, 
> Bugzilla with MySQL on the database, TWiki, Subversion, CVS and ftp 
> services.  Tracking each of these individually may be a bear.  I was 
> thinking there may be a tool that tracks recent usage from the file 
> system level.
> 
> What tools can I use to get a handle on this issue and increase my 
> knowledge about disk usage?
> 
> Alan

I would think that a periodic find command could suffice. You could write a
find command that would "find all of the files over 1 gig that were created
in the last 24 hours", then put it in cron.daily/. You can tailor the find
command to suit your situation.

--
-Eric 'shubes'

---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

RE: DRUPAL-SA-CORE-2009-007

2009-07-06 Thread Bob Elzer 
Did she just give you homework to do on your summer vacation ?
 

  _  

From: plug-discuss-boun...@lists.plug.phoenix.az.us
[mailto:plug-discuss-boun...@lists.plug.phoenix.az.us] On Behalf Of Lisa
Kachold
Sent: Monday, July 06, 2009 1:55 PM
To: Main PLUG discussion list
Subject: Re: DRUPAL-SA-CORE-2009-007




On Mon, Jul 6, 2009 at 1:45 PM, Ryan Rix  wrote:


On Mon 6 July 2009 1:38:33 pm Lisa Kachold wrote:
> Yes, and those are just the known issues.
>
> Run sql injection tools and tests and see where one gets?
>
> There really are a great many problems and potential issues (due to
failure
> to install correctly) and php/mysql web system.
>
> On Mon, Jul 6, 2009 at 1:22 PM, Stephen  wrote:
> > i think this is for all the others of us running drupal as much as for
> > the plug drupal
> >
> > but both bits of info was great.


Lisa,

And not everyone who runs Drupal may keep up on SA's, or be major security
experts, so it can't really hurt for me to post one or two every once in a
while.

Or am I wrong in saying this?


No, post them all!

Better yet Ryan, since you communicate so well, with a great technical
grasp, write a full report, or how about a nice LinuxJournal article?

They would accept your submissions, I am sure. 




Ryan
---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss





-- 
(623)239-3392 Skype: obn0sis
(503)754-4452 www.obnosis.com






---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

Re: DRUPAL-SA-CORE-2009-007

2009-07-06 Thread Stephen 
Yes Yes she did.

On Mon, Jul 6, 2009 at 2:14 PM, Bob Elzer wrote:
> Did she just give you homework to do on your summer vacation ?
>
> 
> From: plug-discuss-boun...@lists.plug.phoenix.az.us
> [mailto:plug-discuss-boun...@lists.plug.phoenix.az.us] On Behalf Of Lisa
> Kachold
> Sent: Monday, July 06, 2009 1:55 PM
> To: Main PLUG discussion list
> Subject: Re: DRUPAL-SA-CORE-2009-007
>
-- 
A mouse trap, placed on top of your alarm clock, will prevent you from
rolling over and going back to sleep after you hit the snooze button.

Stephen
---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

Re: Tracking file storage space use

2009-07-06 Thread Alan Dayley 
Good input, everyone,  Thanks.

I'll try the script over the next few days.

Alan

On Mon, Jul 6, 2009 at 2:05 PM, Bob Elzer wrote:
> I found this perl script in Linux Journal. What's great is it creates a web
> page, that everyone can look at, and see who the disk hogs are.
>
> Article http://www.linuxjournal.com/article/2416
>
> Linux Gazette http://linuxgazette.net/issue18/disk_hog.html better picture
> of web page generated at the end.
>
>
>
> -Original Message-
> From: plug-discuss-boun...@lists.plug.phoenix.az.us
> [mailto:plug-discuss-boun...@lists.plug.phoenix.az.us] On Behalf Of Eric
> Shubert
> Sent: Monday, July 06, 2009 9:19 AM
> To: plug-discuss@lists.plug.phoenix.az.us
> Subject: Re: Tracking file storage space use
>
> Alan Dayley wrote:
>> I have a server running Red Hat Enterprise Linux 5.  It's running very
>> well but lately we have been running out of disk space on occasion.
>> The truth is we need more storage and that solution is coming.  In the
>> mean time, I need to figure out where all the space is being consumed.
>>
>> Every once in a while I can see 3-5GB get consumed in about a day.
>> Then, when I warn everyone we are running out, this space suddenly
>> comes free.  I think a user is eating the space and then freeing it up
>> when my warning goes out.  But none of the users will admit to this
>> behavior.  That's not a big deal because, whether a user or not, I'd
>> like to know what or who is eating this space and then releasing it.
>>
>> The server is running SAMBA shares for /home and other directores,
>> Bugzilla with MySQL on the database, TWiki, Subversion, CVS and ftp
>> services.  Tracking each of these individually may be a bear.  I was
>> thinking there may be a tool that tracks recent usage from the file
>> system level.
>>
>> What tools can I use to get a handle on this issue and increase my
>> knowledge about disk usage?
>>
>> Alan
>
> I would think that a periodic find command could suffice. You could write a
> find command that would "find all of the files over 1 gig that were created
> in the last 24 hours", then put it in cron.daily/. You can tailor the find
> command to suit your situation.
>
> --
> -Eric 'shubes'
>
> ---
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
> ---
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

Re: Tracking file storage space use

2009-07-06 Thread Michael Butash 
I would tend to think based on what you're saying you have log files
that are rampantly filling, and then logrotate kicks in, compresses, and
all of your space comes back.  See anything odd in in /var/log/messages
or daemon?  Just about anything misconfigured can cause rampant log
filling.  I had this with a wireless module bug recently in ubuntu
overrunning my /var partition with incessant log chatter.

Is it all one flat partition or do you separate out things
like /var /usr or ...?  If so, it should tell you pretty quickly with a
df -kh where data is collecting.  If it's monolithic, check /var/log
with ls -lahS /var and then /var/log.  I'll bet it's in there unless
you're using some kind of temp space elsewhere.  

This kind of thing is a good reason to split off certain file
hierarchies like /var, /var/log, and /usr/local where stuff tends to
collect and/or runneth over.  A full root with one monolithic partition
can make for a single-user mode bad day.

-mb


On Mon, 2009-07-06 at 09:01 -0700, Alan Dayley wrote:
> I have a server running Red Hat Enterprise Linux 5.  It's running very
> well but lately we have been running out of disk space on occasion.
> The truth is we need more storage and that solution is coming.  In the
> mean time, I need to figure out where all the space is being consumed.
> 
> Every once in a while I can see 3-5GB get consumed in about a day.
> Then, when I warn everyone we are running out, this space suddenly
> comes free.  I think a user is eating the space and then freeing it up
> when my warning goes out.  But none of the users will admit to this
> behavior.  That's not a big deal because, whether a user or not, I'd
> like to know what or who is eating this space and then releasing it.
> 
> The server is running SAMBA shares for /home and other directores,
> Bugzilla with MySQL on the database, TWiki, Subversion, CVS and ftp
> services.  Tracking each of these individually may be a bear.  I was
> thinking there may be a tool that tracks recent usage from the file
> system level.
> 
> What tools can I use to get a handle on this issue and increase my
> knowledge about disk usage?
> 
> Alan
> ---
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> 

---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

RE: Tracking file storage space use

2009-07-06 Thread Bob Elzer 
> This kind of thing is a good reason to split off certain file hierarchies
like /var, /var/log, and /usr/local  > where stuff tends to collect and/or
runneth over.  A full root with one monolithic partition can make for a  
> single-user mode bad day.

If you split them off, don't you wind up making them smaller and thus they
tend to run out of space more often.

When you start splitting, something gets smaller, thus less time to react.

I find, something like hobbit combined with diskhog works well. Hobbit will
tell me when a partition is starting to run low on space (I can set the
percentage). Then diskhog, will tell me where the most space is being used
and by who.

Before I implemented this at one company, I heard the stories how they were
always calling the admin at night because they had already run out of space.

Once I added these, I always got a warning ahead of time, and they never ran
out of space again.


-Original Message-
From: plug-discuss-boun...@lists.plug.phoenix.az.us
[mailto:plug-discuss-boun...@lists.plug.phoenix.az.us] On Behalf Of Michael
Butash
Sent: Monday, July 06, 2009 4:44 PM
To: Main PLUG discussion list
Subject: Re: Tracking file storage space use

I would tend to think based on what you're saying you have log files that
are rampantly filling, and then logrotate kicks in, compresses, and all of
your space comes back.  See anything odd in in /var/log/messages or daemon?
Just about anything misconfigured can cause rampant log filling.  I had this
with a wireless module bug recently in ubuntu overrunning my /var partition
with incessant log chatter.

Is it all one flat partition or do you separate out things like /var /usr or
...?  If so, it should tell you pretty quickly with a df -kh where data is
collecting.  If it's monolithic, check /var/log with ls -lahS /var and then
/var/log.  I'll bet it's in there unless you're using some kind of temp
space elsewhere.  

This kind of thing is a good reason to split off certain file hierarchies
like /var, /var/log, and /usr/local where stuff tends to collect and/or
runneth over.  A full root with one monolithic partition can make for a
single-user mode bad day.

-mb


On Mon, 2009-07-06 at 09:01 -0700, Alan Dayley wrote:
> I have a server running Red Hat Enterprise Linux 5.  It's running very 
> well but lately we have been running out of disk space on occasion.
> The truth is we need more storage and that solution is coming.  In the 
> mean time, I need to figure out where all the space is being consumed.
> 
> Every once in a while I can see 3-5GB get consumed in about a day.
> Then, when I warn everyone we are running out, this space suddenly 
> comes free.  I think a user is eating the space and then freeing it up 
> when my warning goes out.  But none of the users will admit to this 
> behavior.  That's not a big deal because, whether a user or not, I'd 
> like to know what or who is eating this space and then releasing it.
> 
> The server is running SAMBA shares for /home and other directores, 
> Bugzilla with MySQL on the database, TWiki, Subversion, CVS and ftp 
> services.  Tracking each of these individually may be a bear.  I was 
> thinking there may be a tool that tracks recent usage from the file 
> system level.
> 
> What tools can I use to get a handle on this issue and increase my 
> knowledge about disk usage?
> 
> Alan
> ---
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> 

---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

OT: Var-log.com is for SALE!

2009-07-06 Thread Lisa Kachold 
I want it!

http://www.sedo.com/search/details.php4?domain=var-log.com&partnerid=14460&language=e&et_cid=25&et_lid=65

-- 
(623)239-3392 Skype: obn0sis
(503)754-4452 www.obnosis.com
---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

Re: [Owasp-phoenix] Phoenix-OWASP July Meeting - TUES JULY 7 2009 6:30 PM

2009-07-06 Thread AZ RUNE 
YEAAH!!! MY BOSS GAVE ME TIME OFF I WILL BE THERE, THERE IS A
(insert chosen diety here)!

Brian
arizona.r...@gmail.com

On Thu, Jul 2, 2009 at 4:55 PM, Lisa Kachold wrote:
>
> Scott White, penetration Tester from Secure State, will give a tutorial on
> Advanced SQL Injection techniques. Expect to learn how hackers
> systematically attack databases and underlying operating systems using
> nothing but a web browser as their attack tool.
>
> http://www.owasp.org/index.php/Phoenix
>
> Executrain 3600 E University Dr # A1400 Phoenix, AZ 85034 The entrance is on
> the West side of the building. Look for the suite number on the door.
>
> --
> Adam Muntner, CISSP
> Managing Partner
> QuietMove, Inc.
> http://www.quietmove.com
>
> cellular: 1(602) 793-5969
> office: 1(866) 894-0459
> fax: 1(866) 272-8194
>
>
> ___
> Owasp-phoenix mailing list
> owasp-phoe...@lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-phoenix
>
>
> --
> (503)754-4452 wiki.obnosis.com
> scientology.obnosis.com
>
>
>
>
>
> ---
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
---
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss