[SLUG] Annodex
Title: Annodex Some information on Annodex which we saw recently; this is a CSIRO blurb: http://www.ict.csiro.au/topic/Apr05.htm#video Cheers, Jill. -- Jill Rowling, System Administrator Eng. Systems Dept, Aristocrat Technologies Australia Level 2, 55 Mentmore Ave Rosebery NSW 2018 Phone: (02) 9697-4484, Fax: (02) 9667-3160 -- -- IMPORTANT NOTICES This email (including any documents referred to in, or attached, to this email) may contain information that is personal, confidential or the subject of copyright or other proprietary rights in favour of Aristocrat, its affiliates or third parties. This email is intended only for the named addressee. Any privacy, confidence, copyright or other proprietary rights in favour of Aristocrat, its affiliates or third parties, is not lost because this email was sent to you by mistake. If you received this email by mistake you should: (i) not copy, disclose, distribute or otherwise use it, or its contents, without the consent of Aristocrat or the owner of the relevant rights; (ii) let us know of the mistake by reply email or by telephone (+61 2 9413 6300); and (iii) delete it from your system and destroy all copies. Any personal information contained in this email must be handled in accordance with applicable privacy laws. Electronic and internet communications can be interfered with or affected by viruses and other defects. As a result, such communications may not be successfully received or, if received, may cause interference with the integrity of receiving, processing or related systems (including hardware, software and data or information on, or using, that hardware or software). Aristocrat gives no assurances in relation to these matters. If you have any doubts about the veracity or integrity of any electronic communication we appear to have sent you, please call +61 2 9413 6300 for clarification. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Annodex
On Mon, 2005-04-04 at 16:01 +1000, Rowling, Jill wrote: Some information on Annodex which we saw recently; this is a CSIRO blurb: http://www.ict.csiro.au/topic/Apr05.htm#video Annodex is awesome technology - done in Sydney by SLUGgers. Conrad, Sylvia and Andre have done a fantastic job. Hopefully we'll be seeing more and more of it in the next few years! http://www.annodex.net/ for anyone that doesn't know what annodex is yet. J. -- Jan Schmidt [EMAIL PROTECTED] -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Annodex
Jan Schmidt wrote:
On Mon, 2005-04-04 at 16:01 +1000, Rowling, Jill wrote:
Some information on Annodex which we saw recently; this is a CSIRO
blurb:
http://www.ict.csiro.au/topic/Apr05.htm#video
Annodex is awesome technology -
Maybe!
The fine print is
1) for 512Mb ADSL lines,
2) It is alpha code,
3) requires glibc 2.3
--
Terry Collins {:-)}}} email: terryc at woa.com.au www:
http://www.woa.com.au
Wombat Outdoor Adventures Bicycles, Computers, GIS, Printing,
Publishing
People without trees are like fish without clean water
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Annodex
Terry Collins wrote about this thread... Some information on Annodex which we saw recently; this is a CSIRO http://www.ict.csiro.au/topic/Apr05.htm#video Annodex is awesome technology - Maybe! The fine print is 1) for 512Mb ADSL lines, 2) It is alpha code, 3) requires glibc 2.3 Not maybe at all! It is awesome technology as users with this plugin and a normal browser can do things with video that we have till now we have only been able to do with text e.g. hyperlink and search. Whether you or I can use it or not on our home dialup is irrelevant. It does not detract from the fact that it's new and useful technology that will be used increasingly in the future [watch out for Winodex, coing soon :-) ]. Did people think that HTML wasn't awesome technology or useful when most users were using BBS's and plain text? Sure the HTML added lots to the overhead of a download but it provided awesome features that now we take for granted as we click around the planet. Mike -- Michael Lake Chemistry, Materials Forensic Science, UTS Ph: 9514 1725 Fx: 9514 1460 [pls ignore idiot lawyer's msg below] -- UTS CRICOS Provider Code: 00099F DISCLAIMER: This email message and any accompanying attachments may contain confidential information. If you are not the intended recipient, do not read, use, disseminate, distribute or copy this message or attachments. If you have received this message in error, please notify the sender immediately and delete this message. Any views expressed in this message are those of the individual sender, except where the sender expressly, and with authority, states them to be the views the University of Technology Sydney. Before opening any attachments, please check them for viruses and defects. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Annodex
On Mon, 2005-04-04 at 16:31 +1000, Terry Collins wrote: Jan Schmidt wrote: On Mon, 2005-04-04 at 16:01 +1000, Rowling, Jill wrote: Some information on Annodex which we saw recently; this is a CSIRO blurb: http://www.ict.csiro.au/topic/Apr05.htm#video Annodex is awesome technology - Maybe! The fine print is 1) for 512Mb ADSL lines, 2) It is alpha code, 3) requires glibc 2.3 Sounds like you're confusing Annodex the media indexing, annotating and accessing technology with the Annodex firefox plugin. The latter one _is_ alpha code and requires a recent glibc - whether you need ADSL depends on what media you access with it (for audio streams a dialup line will do, for video you almost always need bandwidth, Annodex or not). J. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] apache mail vulnerability ? phisihing mail attack
RH73, Postfix 2.1.5, Apache/1.3.27 (Unix) (Red-Hat/Linux) mod_gzip/1.3.26.1a mod_python/2.7.8 Python/1.5.2 mod_ssl/2.8.12 OpenSSL/0.9.6b DAV/1.0.3 PHP/4.3.4 mod_perl/1.26 mod_throttle/3.1.2 I have Postfix with amavisd-new and clamav, identified malware is 'quarantined' to mail account 'infected' for later deletion; few days ago, some 23,000 phishing emails were attempted to be sent from my server, it seems, user 'apache' created them I looked at the first and last few, they all appeared to be same phishing email, typical header follows: have I got a 'bad' web mailform ..? that someone exploited.. or ..? looking at maillog, it started at about 9:17 on April 1; looking at web log, I can't find any suspicious action at that time any suggestions ? typical mail header: -- Return-Path: X-Original-To: infected Delivered-To: [EMAIL PROTECTED] Received: from localhost (koala.sbt.net.au [127.0.0.1]) by koala.sbt.net.au (Postfix) with ESMTP id 1E1A42386D6 for infected; Fri, 1 Apr 2005 09:18:07 +1000 (EST) X-Envelope-From: [EMAIL PROTECTED] X-Envelope-To: [EMAIL PROTECTED] X-Quarantine-Id: virus-20050401-091806-07295-06-24 Received: by koala.sbt.net.au (Postfix, from userid 48) id 13FE22386C6; Fri, 1 Apr 2005 09:17:54 +1000 (EST) To: [EMAIL PROTECTED] Subject: Final Notice - Avoid service cancellation From: [EMAIL PROTECTED] [EMAIL PROTECTED] Content-Type: text/html Message-Id: [EMAIL PROTECTED] Date: Fri, 1 Apr 2005 09:17:54 +1000 (EST) X-Amavis-Alert: INFECTED, message contains virus: HTML.Phishing.Auction-3 -- # grep 13FE22386C6 /var/log/maillog Apr 1 09:17:54 koala postfix/pickup[7290]: 13FE22386C6: uid=48 from=apache Apr 1 09:17:54 koala postfix/cleanup[8026]: 13FE22386C6: message-id=2005033123 [EMAIL PROTECTED] Apr 1 09:17:54 koala postfix/qmgr[1490]: 13FE22386C6: from=[EMAIL PROTECTED], size=3881, nrcpt=1 (queue active) Apr 1 09:18:07 koala postfix/cleanup[8076]: 1E1A42386D6: message-id=2005033123 [EMAIL PROTECTED] Apr 1 09:18:07 koala amavis[7295]: (07295-06-24) Blocked INFECTED (HTML.Phishin g.Auction-3), - [EMAIL PROTECTED], quarantine: virus-20050401-091806- 07295-06-24, Message-ID: [EMAIL PROTECTED], Hits: -, 727 ms Apr 1 09:18:07 koala postfix/lmtp[8020]: 13FE22386C6: to=[EMAIL PROTECTED] m, relay=127.0.0.1[127.0.0.1], delay=13, status=sent (250 2.7.1 Ok, discarded, id=07295-06-24 - VIRUS: HTML.Phishing.Auction-3) Apr 1 09:18:07 koala postfix/qmgr[1490]: 13FE22386C6: removed ='[EMAIL PROTECTED]' email address is the default sender for web/php generated emails --- excerpt from pflogsumm /var/log/maillog: Senders by message count 24848 [EMAIL PROTECTED] 24378 from= Recipients by message count --- 24107 [EMAIL PROTECTED] -- Voytek -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Annodex
Not maybe at all! It is awesome technology Well maybe it is maybe it isn't but when I visit the site and click on the Install Linux (Intel x86) Firefox Browser Extension (alpha-test release) whilst running firefox 1.01 on Linux, nothing happens... :-( P. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] apache mail vulnerability ? phisihing mail attack
Check your version of OpenSSL, but my guess is that you have been rootkitted thru it - Slapper virus, (or was it Slammer, one was for SSL the other was for M$SQL.) Time for an upgrade methinks :) Voytek wrote: RH73, Postfix 2.1.5, Apache/1.3.27 (Unix) (Red-Hat/Linux) mod_gzip/1.3.26.1a mod_python/2.7.8 Python/1.5.2 mod_ssl/2.8.12 OpenSSL/0.9.6b DAV/1.0.3 PHP/4.3.4 mod_perl/1.26 mod_throttle/3.1.2 I have Postfix with amavisd-new and clamav, identified malware is 'quarantined' to mail account 'infected' for later deletion; few days ago, some 23,000 phishing emails were attempted to be sent from my server, it seems, user 'apache' created them I looked at the first and last few, they all appeared to be same phishing email, typical header follows: have I got a 'bad' web mailform ..? that someone exploited.. or ..? looking at maillog, it started at about 9:17 on April 1; looking at web log, I can't find any suspicious action at that time any suggestions ? typical mail header: -- Return-Path: X-Original-To: infected Delivered-To: [EMAIL PROTECTED] Received: from localhost (koala.sbt.net.au [127.0.0.1]) by koala.sbt.net.au (Postfix) with ESMTP id 1E1A42386D6 for infected; Fri, 1 Apr 2005 09:18:07 +1000 (EST) X-Envelope-From: [EMAIL PROTECTED] X-Envelope-To: [EMAIL PROTECTED] X-Quarantine-Id: virus-20050401-091806-07295-06-24 Received: by koala.sbt.net.au (Postfix, from userid 48) id 13FE22386C6; Fri, 1 Apr 2005 09:17:54 +1000 (EST) To: [EMAIL PROTECTED] Subject: Final Notice - Avoid service cancellation From: [EMAIL PROTECTED] [EMAIL PROTECTED] Content-Type: text/html Message-Id: [EMAIL PROTECTED] Date: Fri, 1 Apr 2005 09:17:54 +1000 (EST) X-Amavis-Alert: INFECTED, message contains virus: HTML.Phishing.Auction-3 -- # grep 13FE22386C6 /var/log/maillog Apr 1 09:17:54 koala postfix/pickup[7290]: 13FE22386C6: uid=48 from=apache Apr 1 09:17:54 koala postfix/cleanup[8026]: 13FE22386C6: message-id=2005033123 [EMAIL PROTECTED] Apr 1 09:17:54 koala postfix/qmgr[1490]: 13FE22386C6: from=[EMAIL PROTECTED], size=3881, nrcpt=1 (queue active) Apr 1 09:18:07 koala postfix/cleanup[8076]: 1E1A42386D6: message-id=2005033123 [EMAIL PROTECTED] Apr 1 09:18:07 koala amavis[7295]: (07295-06-24) Blocked INFECTED (HTML.Phishin g.Auction-3), - [EMAIL PROTECTED], quarantine: virus-20050401-091806- 07295-06-24, Message-ID: [EMAIL PROTECTED], Hits: -, 727 ms Apr 1 09:18:07 koala postfix/lmtp[8020]: 13FE22386C6: to=[EMAIL PROTECTED] m, relay=127.0.0.1[127.0.0.1], delay=13, status=sent (250 2.7.1 Ok, discarded, id=07295-06-24 - VIRUS: HTML.Phishing.Auction-3) Apr 1 09:18:07 koala postfix/qmgr[1490]: 13FE22386C6: removed ='[EMAIL PROTECTED]' email address is the default sender for web/php generated emails --- excerpt from pflogsumm /var/log/maillog: Senders by message count 24848 [EMAIL PROTECTED] 24378 from= Recipients by message count --- 24107 [EMAIL PROTECTED] -- Howard. LANNet Computing Associates - Your Linux people http://lannet.com.au -- When you just want a system that works, you choose Linux; When you want a system that just works, you choose Microsoft. -- Flatter government, not fatter government; Get rid of the Australian states. begin:vcard fn:Howard Lowndes n:Lowndes;Howard org:LANNet Computing Associates adr:;;PO Box 1174;Lavington;NSW;2641;Australia email;internet:howard [AT] lowndes [DOT] name tel;work:02 6040 0222 tel;fax:02 6040 0222 tel;cell:0419 464 430 note:I am heartily sick and tired of telemarketers, therefore I do not answer phone calls which do not present Caller Line Identification, they get flicked to voicemail. I apologise if this inconveniences you, and I respect your right to not identify yourself, but I also ask that you respect my right to not answer your call if you choose not to identify yourself. Try dialing 1832 (#32# from mobiles) before the number, to present Caller Line Identification. x-mozilla-html:FALSE url:http://www.lannet.com.au version:2.1 end:vcard -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] upgrading openssl, any gotchas ?
I have RH73 with # openssl version OpenSSL 0.9.6b [engine] 9 Jul 2001 yum tells me: # yum update openssl Gathering package information from servers Getting headers from: Red Hat Linux 7.3 base Getting headers from: Fedora Legacy utilities for Red Hat Linux 7.3 Getting headers from: Red Hat Linux 7.3 updates Finding updated packages Downloading needed headers openssl is installed and the latest version. I have downloaded `openssl-0.9.7f.tar.gz' from openssl.org can I just install that 'on top' of my current openssl ? -- Voytek -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Annodex
Peter Rundle wrote:
whilst running firefox 1.01 on Linux, nothing happens... :-(
locate glibc and note the version.
--
Terry Collins {:-)}}} email: terryc at woa.com.au www:
http://www.woa.com.au
Wombat Outdoor Adventures Bicycles, Computers, GIS, Printing,
Publishing
People without trees are like fish without clean water
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] upgrading openssl, any gotchas ?
Voytek wrote: I have RH73 with # openssl version OpenSSL 0.9.6b [engine] 9 Jul 2001 yum tells me: # yum update openssl Gathering package information from servers Getting headers from: Red Hat Linux 7.3 base Getting headers from: Fedora Legacy utilities for Red Hat Linux 7.3 Getting headers from: Red Hat Linux 7.3 updates Finding updated packages Downloading needed headers openssl is installed and the latest version. I have downloaded `openssl-0.9.7f.tar.gz' from openssl.org can I just install that 'on top' of my current openssl ? All support for most legacy versions of RH is at fedoralegacy.org. You might want to check out http://fedoralegacy.org/updates/RH7.3/ for the maintained packages of RH7.3, there is one that relates to OpenSSL from nearly a year ago. Note that RH7.2 and RH8.0 are no longer supported either by RH or FL, so my earlier remarks about an upgrade being due are still pertinent. -- Howard. LANNet Computing Associates - Your Linux people http://lannet.com.au -- When you just want a system that works, you choose Linux; When you want a system that just works, you choose Microsoft. -- Flatter government, not fatter government; Get rid of the Australian states. begin:vcard fn:Howard Lowndes n:Lowndes;Howard org:LANNet Computing Associates adr:;;PO Box 1174;Lavington;NSW;2641;Australia email;internet:howard [AT] lowndes [DOT] name tel;work:02 6040 0222 tel;fax:02 6040 0222 tel;cell:0419 464 430 note:I am heartily sick and tired of telemarketers, therefore I do not answer phone calls which do not present Caller Line Identification, they get flicked to voicemail. I apologise if this inconveniences you, and I respect your right to not identify yourself, but I also ask that you respect my right to not answer your call if you choose not to identify yourself. Try dialing 1832 (#32# from mobiles) before the number, to present Caller Line Identification. x-mozilla-html:FALSE url:http://www.lannet.com.au version:2.1 end:vcard -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Speaking of wireless...
On Mon, 4 Apr 2005 02:31 pm, Michael Fox wrote: Interesting article; http://www.tomsnetworking.com/Sections-article111-page1.php Extract; Millions of wireless access points are spread across the US and the world. About 70% percent of these access points are unprotectedwide open to access by anyone who happens to drive by. The other 30% are protected by WEP (Wired Equivalent Privacy) and a small handful are protected by the new WPA (Wi-Fi Protected Access) standard. I'd believe those stats too. I work 6 floors up in Pitt St (between Bathurst and Park Sts if anyone wants to know) and I can use 3 different, totally open WiFi networks that are not mine :) Thanks to 'Gill' (SSID) I recently downloaded the next release candidate for Kubuntu and some up-coming episodes of Stargate Atlantis :P War drive the CBD sometime - it's just plain scarey! There are 2 other networks I can see but the S/N ratio is pretty low and they are secured anyway (one is WEP, the other WPA as best I can make out - both use MAC level filtering by the look of thinngs too). James -- Health is merely the slowest possible rate at which one can die. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] Excellent Live-CD for security audit
Visit the site below. http://www.remote-exploit.org/ Download a copy of Auditor Security Collection ISO. Very nice. As mentioned in that wireless article I posted yesterday. I am now testing it on a Dell laptop with USB wireless 802.11g key. Although my battery is fubar :( -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Speaking of wireless...
On Apr 5, 2005 8:11 AM, James Gray [EMAIL PROTECTED] wrote: I'd believe those stats too. I work 6 floors up in Pitt St (between Bathurst and Park Sts if anyone wants to know) and I can use 3 different, totally open WiFi networks that are not mine :) Thanks to 'Gill' (SSID) I recently downloaded the next release candidate for Kubuntu and some up-coming episodes of Stargate Atlantis :P War drive the CBD sometime - it's just plain scarey! Nice. Drive around most suburbs. I found several in my area (and could even get to the router running the adsl link as people left default passwords on the equipment) I am about to hook up my WRT to a private nic on my linux box. Then configure VPN server and disable WEP and WPA on WRT. So people will think wow unsecure. But will get no further then my linux box nic, and then i can use it and vpn authenticate and get onto the internal of my network (otherside of firewalled linux box/nic). Think I need another WRT :) -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Speaking of wireless...
On Tue, 2005-04-05 at 10:03 +1000, Michael Fox wrote: I am about to hook up my WRT to a private nic on my linux box. Then configure VPN server and disable WEP and WPA on WRT. So people will think wow unsecure. But will get no further then my linux box nic, and then i can use it and vpn authenticate and get onto the internal of my network (otherside of firewalled linux box/nic). I've done this for years and still think it's the best way to go. Open wireless, VPN required to do anything useful. Administratively neat and functional. -- I can promise you that we will follow policies which will, over a period of time, bring down the foreign debt . . . our first priority in Government economically will be to tackle the current account deficit. --John Howard (Doorstop interview, Debt Truck Launch, 20 September 1995) The Truth: Foreign debt was $361 billion at the end of September 2003, an increase of 90 percent on the September 1995 level. The current account deficit was $11.9 billion at the end of September 2003, an increase of 112.5 per cent on the September 1995 level. --Australian Bureau of Statistics (ABS@, Time Series Spreadsheets (Balance of Payments and Investment Position, Australia 5302.0, Reserve Bank of Australia (H) Bulletin, Current Account)) -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Speaking of wireless...
On Apr 5, 2005 10:18 AM, Craige McWhirter [EMAIL PROTECTED] wrote: I've done this for years and still think it's the best way to go. Open wireless, VPN required to do anything useful. Administratively neat and functional. Yeah i reckon its the best idea also. That way my wireless lan can still be used by public and non public. What VPN server you running on linux. What sort of setup? This is the bit I am going to need to research to configure. Should be fun though. The WRT in my garage is covering the entire house with reasonable signal in some bad spots. I figure I might get another one to cover a bit more, not to mention use it to have an external omni or something. Wife is probably not overly impressed, but hey I am sure as long as it works she will be happy. Especially if its not a huge expense. I just found out lastnight my Draytek 2600Ge WPA implementation doesn't work with my Powerbook, so an even better reason to implement the VPN setup. I think it will rock. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Speaking of wireless...
On Tue, 5 Apr 2005 10:03 am, Michael Fox wrote: On Apr 5, 2005 8:11 AM, James Gray [EMAIL PROTECTED] wrote: I'd believe those stats too. I work 6 floors up in Pitt St (between Bathurst and Park Sts if anyone wants to know) and I can use 3 different, totally open WiFi networks that are not mine :) Thanks to 'Gill' (SSID) I recently downloaded the next release candidate for Kubuntu and some up-coming episodes of Stargate Atlantis :P War drive the CBD sometime - it's just plain scarey! Nice. Drive around most suburbs. I found several in my area (and could even get to the router running the adsl link as people left default passwords on the equipment) I am about to hook up my WRT to a private nic on my linux box. Then configure VPN server and disable WEP and WPA on WRT. So people will think wow unsecure. But will get no further then my linux box nic, and then i can use it and vpn authenticate and get onto the internal of my network (otherside of firewalled linux box/nic). Think I need another WRT :) Sounds similar to what I do at home: put the access point in its own DMZ with separate subnet (10.66.6.x - the '666' was intentional) then just firewall the MAC addresses I have, and run IPsec (VPN essentially) between wireless devices and the Linux box. (In keeping with sigmonster's religious theme...) James 2:12 No one comes to the LAN except by IPsec and lo, if I catch a stray MAC address, thou shalt be severely firewalled. ;) James -- Hail to the sun god He sure is a fun god Ra! Ra! Ra! -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] USB Netgear WG111 Wireless woes
It would appear my Netgear WG111 is not working on this security collection Live CD. Which is a bit of a shame. [EMAIL PROTECTED] lsusb Bus 001 Device 004: ID 0846:4240 NetGear, Inc. And found the following post on another site. [http://prism54.org/forums/viewtopic.php?t=1289highlight=wg111] WG111v2, (lsusb=3887) people are working on it; softmac. USB-IS`s: 0x846:0x4240. I am a little confused if my model is supported or not. If its not guess I will have to take this auditor security collection Live CD home and see if my wifes Compaq with minipci Senao wireless card will work with it out of the box. The tools on this Live CD look very good. Thanks -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] upgrading openssl, any gotchas ?
On Tue, 5 Apr 2005 09:09:31 +1000 (EST) Voytek [EMAIL PROTECTED] wrote: I have RH73 with # openssl version OpenSSL 0.9.6b [engine] 9 Jul 2001 OK, its pretty safe to assume that if this machine has been connected to the internet for anything more that about 15 seconds it has been fully compromised and rootkitted. The safest way to get the machine back on the net is to pull all your data off it and reinstall from scratch. Do not reinstall RH7.3. Reinstall something recent (ie a distro released with the last 6 months) and apply all security updates before you connect it to the internet again. I have downloaded `openssl-0.9.7f.tar.gz' from openssl.org can I just install that 'on top' of my current openssl ? Your machine is already compromised. There is probably already a root kit installed. Fixing openssl now is like closing the stable door after the horse has bolted. Erik -- +---+ Erik de Castro Lopo [EMAIL PROTECTED] (Yes it's valid) +---+ Hundreds of thousands of people couldn't care less about Kylix and what it runs on. It's there for the dying breed of die-hard Pascal fanatics who missed their 20 year window to migrate to C and C++. -- Kaz Kylheku in comp.os.linux.development.apps -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] USB Netgear WG111 Wireless woes
Hi, You can find an almost-working driver for prism 54 usb devices here: http://jbnote.free.fr/prism54usb/ Not sure how you would integrate the code on to the Live-CD, but maybe its a pointer in the right direction. Rob. On Apr 5, 2005 10:34 AM, Michael Fox [EMAIL PROTECTED] wrote: It would appear my Netgear WG111 is not working on this security collection Live CD. Which is a bit of a shame. [EMAIL PROTECTED] lsusb Bus 001 Device 004: ID 0846:4240 NetGear, Inc. And found the following post on another site. [http://prism54.org/forums/viewtopic.php?t=1289highlight=wg111] WG111v2, (lsusb=3887) people are working on it; softmac. USB-IS`s: 0x846:0x4240. I am a little confused if my model is supported or not. If its not guess I will have to take this auditor security collection Live CD home and see if my wifes Compaq with minipci Senao wireless card will work with it out of the box. The tools on this Live CD look very good. Thanks -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html -- Rob Sharp -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] USB Netgear WG111 Wireless woes
On Apr 5, 2005 11:10 AM, Rob Sharp [EMAIL PROTECTED] wrote: You can find an almost-working driver for prism 54 usb devices here: http://jbnote.free.fr/prism54usb/ Not sure how you would integrate the code on to the Live-CD, but maybe its a pointer in the right direction. Think I will take the CD home with me and see if it detects/drives my wifes Senao minipci card on her Compaq notebook. Just curious to see kismet working and aircrack break my WEP key at home. And if so how long it will take. Thanks -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] upgrading openssl, any gotchas ?
On Tue, Apr 05, 2005 at 10:50:55AM +1000, Erik de Castro Lopo wrote: On Tue, 5 Apr 2005 09:09:31 +1000 (EST) Voytek [EMAIL PROTECTED] wrote: I have RH73 with # openssl version OpenSSL 0.9.6b [engine] 9 Jul 2001 OK, its pretty safe to assume that if this machine has been connected to the internet for anything more that about 15 seconds it has been fully compromised and rootkitted. Not necessarily. Redhat/fedora backport security fixes and don't change the release number. Note Voytek's mail: # yum update openssl Gathering package information from servers Getting headers from: Red Hat Linux 7.3 base Getting headers from: Fedora Legacy utilities for Red Hat Linux 7.3 ^^^ So I think he's ok. That said, Voytek, I'd follow Howards advice and upgrade. Legacy support will only so much longer -- 7.2 is already gone, 7.3 can't be far behind. Matt PS. You didn't tell us exactly why you wanted to upgrade openssl. If it's to satisfy some other packages requirements, let us know. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] apache mail vulnerability ? phisihing mail attack
On Tue, Apr 05, 2005 at 08:15:04AM +1000, Howard Lowndes wrote: Check your version of OpenSSL, but my guess is that you have been rootkitted thru it - Slapper virus, (or was it Slammer, one was for SSL the other was for M$SQL.) Time for an upgrade methinks :) Voytek wrote: RH73, Postfix 2.1.5, Apache/1.3.27 (Unix) (Red-Hat/Linux) mod_gzip/1.3.26.1a mod_python/2.7.8 Python/1.5.2 mod_ssl/2.8.12 OpenSSL/0.9.6b DAV/1.0.3 PHP/4.3.4 mod_perl/1.26 mod_throttle/3.1.2 It could have been almost any of those. mod_python, php, ssl have certainly had security bugs. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Annodex
On Tue, Apr 05, 2005 at 10:42:37AM +1000, Peter Rundle wrote: The colours on the video window display are all messed up I just get green pink bars like some physco test pattern. :-( I can hear the sound track and see the static images properly however :-) Welcome to alpha software land... so I'm thinking maybe not, at least for this version and my 'puter anyway. Agreed there are things to be fixed. Annodex highlights one of the great things about open source for me though, and has me hooked trying to write an app that makes it easier to mark up audio files. The idea of marking up different parts of audio represents something exciting for me - musical examples for lectures and field recordings comes to mind. In trying to code something (and I am a complete amateur at this) I've managed to learn about xml, gstreamer, python bindings to C libraries and so on. I also know Conrad and Claudia so I'm biased, but that makes it fun too. 2c worth - probably should have moved it to chat. Denis -- Lecturer in Music Department of Contemporary Music Studies Macquarie University NSW 2109 Australia, ph: +61 (0)2 9850 6787, fax: 9850 6593 http://www.ccms.mq.edu.au -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] upgrading openssl, any gotchas ?
On Tue, 5 Apr 2005 12:00:52 +1000 matthew hannigan [EMAIL PROTECTED] wrote: On Tue, Apr 05, 2005 at 10:50:55AM +1000, Erik de Castro Lopo wrote: On Tue, 5 Apr 2005 09:09:31 +1000 (EST) Voytek [EMAIL PROTECTED] wrote: I have RH73 with # openssl version OpenSSL 0.9.6b [engine] 9 Jul 2001 OK, its pretty safe to assume that if this machine has been connected to the internet for anything more that about 15 seconds it has been fully compromised and rootkitted. Not necessarily. Redhat/fedora backport security fixes and don't change the release number. So even though the package is dated Jull 2001 it might still be patched? Ok. PS. You didn't tell us exactly why you wanted to upgrade openssl. If it's to satisfy some other packages requirements, let us know. Its because he already has good evidence that his machine has been compromised or at the very least is being used to relay spam and that its prbably not the MTA's fault. Erik -- +---+ Erik de Castro Lopo [EMAIL PROTECTED] (Yes it's valid) +---+ Open source is an intellectual-property destroyer. I can't imagine something that could be worse than this for the software business and the intellectual-property business. -- Jim Allchin, Microsoft -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Annodex
On Tue, Apr 05, 2005 at 12:21:25PM +1000, Denis Crowdy wrote: I also know Conrad and Claudia so I'm biased, but that makes it fun too. Silvia Silvia - obviously don't know her that well... Denis -- Lecturer in Music Department of Contemporary Music Studies Macquarie University NSW 2109 Australia, ph: +61 (0)2 9850 6787, fax: 9850 6593 http://www.ccms.mq.edu.au -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Excellent Live-CD for security audit
There are a couple of other good live cds and floppy distros that fit into this category. The first place you'd want to check out when searching for live cds is http://www.livecdlist.com/index.php?pick=Allsort=Purposesm=0 It's a very comprehensive list of livecds, sortable by purpose, size, name, etc. I've used the following two security livecds quite a bit, and I highly recommend them. Knoppix-STD (Security Tools Distribution) http://www.knoppix-std.org/ Trinux http://www.trinux.org/ Lindsay On Tue, 2005-04-05 at 10:09 +1000, Michael Fox wrote: Visit the site below. http://www.remote-exploit.org/ Download a copy of Auditor Security Collection ISO. Very nice. As mentioned in that wireless article I posted yesterday. I am now testing it on a Dell laptop with USB wireless 802.11g key. Although my battery is fubar :( -- http://holmwood.id.au/~lindsay -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] Wine setup
I have a windows based CD that I would like to install and use with Wine. The setup.exe prog crashes. What's the best way to proceed? is there anyway to extract and install without using the setup.exe program? Thanks for help. Alan -- Alan L Tyree http://www2.austlii.edu.au/~alan Tel: +61 2 4782 2670 Mobile: +61 405 084 990 Fax: +61 2 4782 7092 -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Wine setup
On Tue, 2005-04-05 at 13:09 +1000, Alan L Tyree wrote: I have a windows based CD that I would like to install and use with Wine. The setup.exe prog crashes. What's the best way to proceed? is there anyway to extract and install without using the setup.exe program? There's a number of ways; it's highly dependent on how the setup.exe program works. However, I happened to be looking into something for entirely separate reasons just last night and discovered this: http://support.microsoft.com/default.aspx?scid=kb;en-us;257718 Which might help you out. IIRC, the MSI installer program (instmsi.exe) does run under wine, so getting an MSI file should be enough to get you up and running. All that said, there might be an easier way depending on your app. What wine version? What program? What type of installer is it? (nullsoft, installshield, etc). HTH, James. -- My love burns for you A Thermonuclear rose Now lets go make out -- http://www.solardeathray.com/rose.html signature.asc Description: This is a digitally signed message part -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Wine setup
On Tue, 05 Apr 2005 14:09:06 +1000 James Gregory [EMAIL PROTECTED] wrote: On Tue, 2005-04-05 at 13:09 +1000, Alan L Tyree wrote: I have a windows based CD that I would like to install and use with Wine. The setup.exe prog crashes. What's the best way to proceed? is there anyway to extract and install without using the setup.exe program? There's a number of ways; it's highly dependent on how the setup.exe program works. However, I happened to be looking into something for entirely separate reasons just last night and discovered this: http://support.microsoft.com/default.aspx?scid=kb;en-us;257718 Which might help you out. IIRC, the MSI installer program (instmsi.exe) does run under wine, so getting an MSI file should be enough to get you up and running. Wine 20050310 in Debian Sarge. The disk is a legal thing from LexisNexis (we had some discussions about it earlier). Thanks. I'll give the other stuff a try and see what happens. Cheers, Alan All that said, there might be an easier way depending on your app. What wine version? What program? What type of installer is it? (nullsoft, installshield, etc). HTH, James. -- My love burns for you A Thermonuclear rose Now lets go make out -- http://www.solardeathray.com/rose.html -- Alan L Tyree http://www2.austlii.edu.au/~alan Tel: +61 2 4782 2670 Mobile: +61 405 084 990 Fax: +61 2 4782 7092 -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Wine setup
On Tue, 05 Apr 2005 14:09:06 +1000 James Gregory [EMAIL PROTECTED] wrote: On Tue, 2005-04-05 at 13:09 +1000, Alan L Tyree wrote: I have a windows based CD that I would like to install and use with Wine. The setup.exe prog crashes. What's the best way to proceed? is there anyway to extract and install without using the setup.exe program? There's a number of ways; it's highly dependent on how the setup.exe program works. However, I happened to be looking into something for entirely separate reasons just last night and discovered this: http://support.microsoft.com/default.aspx?scid=kb;en-us;257718 Which might help you out. IIRC, the MSI installer program (instmsi.exe) does run under wine, so getting an MSI file should be enough to get you up and running. All that said, there might be an easier way depending on your app. What wine version? What program? What type of installer is it? (nullsoft, installshield, etc). I don't know what kind of installer it is: here is a list of the files: [EMAIL PROTECTED]:~$ ls /cdrom browser.ex_ butterworths installer butt.ico bviews.ex_ bworth.txt change.txt comdlg16.ocx compobj.dll copy of products.lst copyrigh.txt cspictur.vbx ctl3dv2.dll custom.dct dao2516.dll dwordexp.dll fewin386.dll fewinsrv.dll foliobmp.dll folioenu.lex foliohlp.ini foliottl.dll foliowmf.dll frascgen.ini frascii.dll frascii.ini frnfo31.dll hitlist.dll hitlist.ini idmext.dll idpwpb20.dll idpwrn20.dll install.txt laingdb.dll libstub.dll lname.ini micutil.dll msg.txt nfo nwpmgr.ex_ nwsetup.exe oc25.dll ole2conv.dll ole2disp.dll ole2.dll ole2nls.dll ole2prox.dll ole2.reg picviews.ex_ pringrpo.ex_ products.bak products.lst pubmgr.ex_ qpro200.dll readme.txt refhlp.txt rights rightsmn.dll runner.ex_ scp.dll seargrpo.ex_ setup.exe setup.ini stdole.tlb stkit416.dll stkit432.dll storage.dll techhlp.txt threed16.ocx toascgen.ini toascii.dll toascii.ini tonfo31.dll toolbelt.dll tortf.dll towp52.dll towp60.dll towp60.ini typelib.dll update.txt vaen21.olb vb40016.dll vbascrol.vbx ver.dll views.ini vshare.386 wksetup.ex_ wscript.ex_ wwordexp.dll HTH, James. -- My love burns for you A Thermonuclear rose Now lets go make out -- http://www.solardeathray.com/rose.html -- Alan L Tyree http://www2.austlii.edu.au/~alan Tel: +61 2 4782 2670 Mobile: +61 405 084 990 Fax: +61 2 4782 7092 -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Wine setup
On Tue, 2005-04-05 at 14:39 +1000, Alan L Tyree wrote: On Tue, 05 Apr 2005 14:09:06 +1000 James Gregory [EMAIL PROTECTED] wrote: On Tue, 2005-04-05 at 13:09 +1000, Alan L Tyree wrote: I have a windows based CD that I would like to install and use with Wine. The setup.exe prog crashes. What's the best way to proceed? is there anyway to extract and install without using the setup.exe program? There's a number of ways; it's highly dependent on how the setup.exe program works. However, I happened to be looking into something for entirely separate reasons just last night and discovered this: http://support.microsoft.com/default.aspx?scid=kb;en-us;257718 Which might help you out. IIRC, the MSI installer program (instmsi.exe) does run under wine, so getting an MSI file should be enough to get you up and running. All that said, there might be an easier way depending on your app. What wine version? What program? What type of installer is it? (nullsoft, installshield, etc). I don't know what kind of installer it is: here is a list of the files: [EMAIL PROTECTED]:~$ ls /cdrom setup.exe stdole.tlb Those two files make me suspect that it's InstallShield (which is pretty likely; it's very common). InstallShield installers don't work properly right now because of some issues with type-marshalling (the .tlb file is the giveaway; that's the marshalled types) and dcom. Fortunately it's a common problem, so there are some partial solutions. I believe if you install dcom98 in your fake windows partition from the .exe available here: http://www.microsoft.com/downloads/details.aspx?FamilyID=08b1ac1b-7a11-43e8-b59d-0867f9bdda66DisplayLang=en and copy a stdole32.tlb file from a 'real' windows partition (presumably to somewhere under 'windows' in your fake windows directory; you'll need to check up on that), it will work. If you search for 'installshield wine' on google, you'll find a bunch of useful information on it. The other option is a utility called 'i6comp', which is floating around. It just extracts the files from an InstallShield installer. It is in turn a windows application, but will run out of the box with wine. The other option is preferable though, because it will actually set the various registry entries your program will need. It's likely you'll need to do extra tinkering if you go down the i6comp route. HTH, James. -- My love burns for you A Thermonuclear rose Now lets go make out -- http://www.solardeathray.com/rose.html signature.asc Description: This is a digitally signed message part -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
