Tue, Jan 31, 2006 11:04 pm
QF File Found After Crash
A user sent an email message with a substantial number of large attachments,
which exhausted the free space in the /var partition of a Linux
email server, which was running low on space because of other large messages
queued on the system and some large log files. That particular message
proved to be the proverbial last straw on the camel's back. The system crashed
and rebooted. In addition to the df file containing the message's body and
attachments, I found a QF file, instead of the normal qf file, in the
/var/spool/mqueue directory. The qf file contains the message's headers and
other information.
# ls -lh *fk0PJ0eqI021438
-rw------- 1 root smmsp 49M Jan 25 14:04 dfk0PJ0eqI021438
-rw------- 1 root smmsp 948 Jan 25 14:04 Qfk0PJ0eqI021438
After clearing space on the partition, I didn't see the message associated
with the two files when I used the mailq
command, apparently
because there was a QF file rather than a qf file.
So I renamed the Qf file changing the "Qf" to "qf" and then sent the message
with sendmail -v -qIk0PJ0eqI021438
. You can have sendmail
manually process a queue by using a "-qI" option followed by the queue ID,
which is the sequence of letters and digits after the "qf" in the filename.
Adding a "-v" as well provides verbose information on what is happening as
the queued message is processed.
The message was then processed by the server. It was addressed to two
hotmail.com addresses. The hotmail server didn't like its size either, though,
and rejected it. Apparently, though Microsoft now offers 250 MB of free
storage with their free hotmail.com accounts, there is a limit on the size of
any individual email message and the Hotmail email server regarded a 49 MB
message as too large and bounced it back to the sender.
[root@example mqueue]# sendmail -v -qIk0PJ0eqI021438
Running /var/spool/mqueue/k0PJ0eqI021438 (sequence 1 of 1)
<mollychanged2@hotmail.com>,<danielchanged2@hotmail.com>... Connecting to mx1.hotmail.com. via esmtp...
220 bay0-mc1-f16.bay0.hotmail.com Sending unsolicited commercial or bulk e-mail
to Microsoft's computer network is prohibited. Other restrictions are found at http://privacy.msn.com/Anti-spam/. Violations will result in use of equipment located in California and other states. Tue, 31 Jan 2006 19:19:37 -0800
>>> EHLO example.com
250-bay0-mc1-f16.bay0.hotmail.com (3.1.0.18) Hello [192.168.0.26]
250-SIZE 29696000
250-PIPELINING
250-8bitmime
250-BINARYMIME
250-CHUNKING
250-AUTH LOGIN
250-AUTH=LOGIN
250 OK
>>> MAIL From:<laura3@example.com> SIZE=51191604
552 Message size exceeds fixed maximum message size
Service unavailable
<laura3@example.com>... Connecting to local...
<laura3@example.com>... Sent
Closing connection to mx1.hotmail.com.
>>> QUIT
221 bay0-mc1-f16.bay0.hotmail.com Service closing transmission channel
References:
-
[Chapter 23] 23.3 A Bogus qf File (V8 only): Qf
-
Hotmail to offer 250MB of free storage
By Jim Hu
Staff Writer, CNET News.com
Published: June 23, 2004
[/network/email/sendmail]
permanent link
Tue, Jan 31, 2006 9:51 pm
Messages File Too Large
I needed to make some more free space in the /var partition on
a Linux system and found that the largest file in /var/log was the
messages file, which had grown to 75 MB, because it was no longer
being rotated. I moved the current messages file to another partition
and then used
/etc/init.d/syslog restart
, which restarts
syslogd, which was the process that had the messages file open. Restarting
syslogd leads to the creation of a new messages file
[/os/unix/syslog]
permanent link
Tue, Jan 31, 2006 9:16 pm
PowerPoint Animation Schemes Grayed Out
If you find that the entries under "Animation Schemes" in Microsoft PowerPoint
2003 are grayed out, you may need to change a PowerPoint option setting. For
instance, if you click on "Slide Show" and select "Animation Schemes", but see
that the Animation Schemes entries are
unavailable, i.e. they are grayed out, then the "New animation effects" option
may be set to "disabled". To re-enable the Animation Schemes effects, within
PowerPoint, click on "Tools", then "Options" and then make sure that "New
animation effects", under "Disable new features", is not checked.
[ More
Info ]
[/os/windows/office/powerpoint]
permanent link
Tue, Jan 31, 2006 9:00 pm
Windows Security Center.AntiVirusOverride
If you run
Spybot Search &
Destroy 1.4 and find that it detects
Windows Security
Center.AntiVirusOverride
, that is not necessarily anything to
worry about and, in fact, you may want to deselect this item as one
that Spybot will "fix".
[ More Info ]
[/security/spyware/spybot]
permanent link
Fri, Jan 27, 2006 2:34 pm
File Export
I wanted to view the files within an
MSI file, i.e. a
.msi
file. I found a VBScript, called
File Export
at
Export File List to Excel From MSI Using VBScript, which will
create an Excel spreadsheet, i.e. a .xls file that lists the contents of
an MSI file.
' File Export v 1.0
' Export File Table from a given MSI Database to an Excel Spreadsheet
' J.Loomes Nov 2000
Option Explicit
Const msiOpenDatabaseModeReadOnly = 0
On Error Resume Next
Dim installer : Set installer = Nothing
Dim szMSI
szMSI = InputBox("Enter MSI File (including full path)", "Select MSI", "")
DIM folder : folder = InputBox("Enter Folder to Write Table to...", "Select Export Folder","")
Set installer = Wscript.CreateObject("WindowsInstaller.Installer") : CheckError
Dim database : Set database = installer.OpenDatabase(szMSI, msiOpenDatabaseModeReadOnly) : CheckError
Dim table, view, record
table = "File"
Set view = database.OpenView("SELECT 'Name' FROM _Tables")
view.Execute : CheckError
Do
Set record = view.Fetch : CheckError
If record Is Nothing Then Exit Do
Export table, folder : CheckError
Loop
Set view = Nothing
Export table, folder : CheckError
Wscript.Quit(0)
Sub Export(table, folder)
Dim file :file = table & ".xls"
database.Export table, folder, file
End Sub
Sub CheckError
Dim message, errRec
If Err = 0 Then Exit Sub
message = Err.Source & " " & Hex(Err) & ": " & Err.Description
If Not installer Is Nothing Then
Set errRec = installer.LastErrorRecord
If Not errRec Is Nothing Then message = message & vbNewLine & errRec.FormatText
End If
Wscript.Echo message
Wscript.Quit 2
End Sub
If saved as File-Export.vbs, the script can be run by double-clicking on it in
Windows Explorer or typing File-Export.vbs
, or cscript
/nologo File-Export.vbs
.
The script will prompt for the MSI file to process. Enter the full path to the
file and the filename at the prompt. Make sure you type it correctly as
you may see no error message and no output otherwise.
You will then be prompted for the export folder. A file named File.xls will be
created in the directory you specify.
An examination of the MSI file contained within the whoami_setup.exe setup file
for Microsoft's Windows 2000 Resource Kit utility
Whoami,
produced this File.xls, which can be
viewed here.
If you would like further information on how an
MSI file is structured,
see
Inside the MSI file format by
Rob Mensching.
References:
-
File Extension Details for .MSI
FilExt - The File Extension Source
-
Export File List to Excel From MSI Using VBScript
By John Loomes
December 7, 2000
-
Whoami
Microsoft Corporation
March 8, 2001
-
Inside the MSI file format
Rob Mensching's blog
November 25, 2003
[/os/windows/msi]
permanent link
Wed, Jan 25, 2006 8:04 pm
Google and Government Control
MSNBC.com has an article today titled
Google Vs. the Government
where David Vise, author of 'The Google Story', discusses how Google has dealt with
censorship in China and the recent attempt by the U.S. government to monitor what
U.S. citizens are searching for on the Internet by demanding that search engine
companies turn over massivive amounts of search records to the government, ostensibly
so the government can protect children from pornography. China and Singapore also
claim they must control their citizenry's web browsing to protect citizens from
pornography.
The interview with David Vise also mentions that the former chef for the Grateful
Dead was the executive chef for Google for awhile, but has since left to start
his own restaurant.
References:
-
Google Vs. the Government
MSNBC.com
Date: January 25, 2006
-
Internet Filtering in Singapore in 2004-2005: A Country Study
-
Censorshipo in Singapore
From Wikipedia, the free encyclopedia
-
Internet Censorhip - China
[/network/web/search]
permanent link
Tue, Jan 24, 2006 9:04 pm
Environmental Impact of Hardware Disposal
Most people blithely dispose of old electronic equipment without any thought
to the environmental impact. But, if such equipment ends up in a landfill
or an incinerator, toxic chemicals can be released into the environment.
Electronic equipment, such as computers and monitors, may contain lead,
mercury, cadmium, and hexavalent chromium. A Cathode Ray Tube (CRT) monitor
may contain 4 to 5 pounds of lead4. Even the newer flat panel Liquid
Crystal Display (LCD) monitors will contain hazardous materials, though they
don't need the large amounts of lead required in the heavier CRT monitors,
which require the lead to shield the user from X-ray radiation generated by the
monitor. Mercury and lead have long been known to cause neurological damage.
Some have speculated that the lead in wine storage vessels, food, and plumbing
used by the Roman ruling classes was a major contributing factor in the
downfall of the Roman empire. Though the Romans were aware of the serious
health problems that could be caused by lead, they used it for many
purposes and didn't consider the long-term implications of everyday
use. Modern Americans use 10 times as much lead per person per year than the
ancient Romans did before the downfall of Rome5.
Mercury, too, can have devastating effects on the human body. Many may
be familiar with the Mad Hatter in Lewis Carroll's
Alice in Wonderland.
The reason madness was associated with hatters is that mercury was commonly
used in the fur, felt, and hat industries of a few centuries ago7.
When Lewis Carroll published Alice in Wonderland in 1865, mercury was
widely used in the creation of the felt hats worn in England at that time and
the phrase "mad as a hatter had been in common use for almost
3 decades. The effects of mercury poisoning on hatters included erratic,
flamboyant behavior, excessive drooling, mood swings, and various debilities.
A hatter might developer what were known as "hatter's shakes", which were
characterized by severe and uncontrollable muscular tremors and twitching
limbs. Hatters with advanced cases of mercury poisoning sufferred from
hallucinations and other psychotic symptoms8.
Of the other harzardous substances in computers,
hexavalent chromium (trivalent Chromium is actually an important
component of a human diet) has been shown to cause high blood pressure, iron-poor
blood, liver disease, and nerve and brain damage in animals. The movie
Erin Brockovich is based on a true story of how Ms. Brockovich brought
to public attention the environmental contamination in the town of Hinkley in
the Mojave Desert resulting from the use of hexavalent chromium as an
anti-corrosive in the cooling tower of a gas compressor station in the town.
Residents of the town had been experiencing an array of health problems, such
as liver, heart, respiratory and reproductive failure, Hodgkin disease,
frequent miscarriages, and cancers of the brain, kidney, breast, uterus,
and gastrointestinal systems at an alarming rate. As a result of Ms.
Brockovich's actions, the town's residents were successful in seeking damages
from PG&E, which was responsible for the gas compressor station9.
But no amount of money can bring a loved one back from the dead or restore
lives ruined by devastating health problems.
Cadmium, also found in computers, is a known carcinogen and chronic exposure
to dust or fumes containing cadmium can irreversibly damage the lungs. Eating
food or drinking water contaminated with high levels of cadmium severely
irritates the stomach, causing vomiting and diarrhea. An accumulation of
cadmium in the body can lead to kidney failure. Cadmium stays in the body
a long time and can build up in the body to dangerous levels through many years
of low level exposure10. For further information on the health risks
posed by exposure to cadmium, see the
Cadmium
entry at the Corrosion Doctors
website.
So, if you don't want to contaminate your own or
someone else's air or water, you should not just dump your outdated computers,
monitors, and other electronic equipment in the trash.
The Your Planet section of an article,
Is Your Computer Killing You?, lists a number of alternatives
to simply throwing the equipment in the trash. An 800 number, 1-800-CLEANUP,
is listed for state-specific information for the U.S. on how to safely
discard such equipment. You can also visit
Earth 911 for general
recycling information as well as information specifically related to the
disposal of cell phones and computers.
The
InformationWeek article also lists steps you can take to minimize health
problems, such as carpal tunnel syndrome and eyestrain, associated with
prolonged computer use.
Some computer manufacturers, such as
Dell, have their own recycling programs. Dell will recycle your unwanted
PC or computer electronics for a flat fee per item. If you buy a new Dell
desktop or laptop, you can select the free recycling option at the time of
purchase to recycle your old PC and monitor.
References:
-
Is Your Computer Killing You?
By Lee Hamrick
Small Business Pipeline
January 18, 2006
-
Earth 911
-
Dell Recycling
-
Disposal of Old Computer Equipment
A Mounting Environmental Problem
By Michael J. Meyer, Waleed Abu El Ella, and Ronald M. Young
The CPA Journal
A Publication of the New York State Society of CPAs
-
Lead Poisoning: A Historical Perspective
By Jack Lewis
EPA Journal - May 1985
United States Environmental Protection
Agnecy (EPA)
-
Lead in history
Corrosion Doctors
-
Mercury Toxicology
Corrosion Doctors
-
Mad as a hatter
Corrosion Doctors
-
Chromium health and environment
Corrosion Doctors
-
Cadmium health and environment
Corrosion Doctors
[/hardware/recycling]
permanent link
Tue, Jan 24, 2006 7:40 am
GCN Interview of Vinton Cerf
Vinton Cerf is often referred to as the “father of the Internet”,
though he modestly declines the title, crediting Bob Kahn with starting the
internetting project at
DARPA
in late 1972 or early 1973. He later joined with Bob Kahn to work on network
ideas after joining the Stanford University faculty. But Mr. Cerf
certainly is one of the fathers of the Internet.
Government Computer News (GCN) has an
interview with Mr. Cerf, who now works for
Google, at
The search
continues. In it he states, when asked what Internet developments
have most impressed him over the years, that "The massive sharing of
information among individuals who offer their expertise and knowledge
has been stunning in its scope." I think that is the most important
benefit of the Internet. I've benefitted enormously from the information
others have been willing to freely share on the Internet and I hope that
information I provide will also benefit others.
I believe the impact of the Internet will be comparable to the impact
the invention of the printing press had on civilization in helping to
eradicate ignorance and disseminate knowledge. Just as the printing
press sparked the Reformation and the Enlightenment, the Internet will
spark new ways of looking at the world. The Internet, though at last
enjoying wide popularity, is still in its infancy and its full impact
has not yet been realized.
Reference:
-
The search
continues
By Brad Grimes
GCN Staff
January 23, 2006
[/network/Internet]
permanent link
Mon, Jan 23, 2006 11:12 pm
CDT Asks FTC to Stop Adware Developer 180solutions
The Center for Democracy and Technology (CDT), a nonprofit technology group, has
asked the U.S. Federal Trade Commission (FTC) to stop 180solutions, Inc. from
distributing software deployed using "deceptive and unfair" methods to generate
pop-up ads.
180solutions develops adware products such as Zango Search Assistant and Seekmo Search
Assistant, which generate pop-up ads. Like most adware distributors, the company
asserts that users have consented to be bombarded with such ads.
The CDT asserts that 180solutions isn't aggressive enough in policing its distribution
partners. Often adware/spyware developers will rely on other companies or individuals
to distribute their products. Some of those distribution partners will use surreptitious
means to install the adware on a system. When confronted about such nefarious practices,
the developer can blame the distributor and claim it doesn't countenance such
practices. The CDT cites CJB Management, Inc., which provides free web hosting services,
as an example of how a 180solutions distributor misleads consumers who visit CJB
websites. People who visit CJB websites are notified to expect advertising, but
aren't told software will be installed on their systems that continuously monitors
their Internet activities in order to send targetted ads to them.
References:
-
Group Asks FTC to Stop Software Developer
By Anick Jesdanun AP Internet Writer
January 23, 2006
[/security/spyware]
permanent link
Fri, Jan 20, 2006 8:03 pm
Internet Explorer JavaScript Support
JavaScript
is often used to create dynamic webpages. However, when designing webpages
you can't be certain that all users will visit your webpages with a browser
capable of handling JavaScript code. Very old browsers or text-only browsers
won't process the JavaScript code. Or an Internet Explorer user may have
JavaScript support disabled. You can include code on a webpage to test
whether JavaScript is supported and enabled.
[ More
Info ]
[/network/web/browser/javascript]
permanent link
Wed, Jan 18, 2006 1:07 pm
Network Solutions DNS Outage on January 18, 2006
A short while ago I found that I couldn't access my website. I then
discovered that I couldn't retrieve IP addresses for any of my domain
names for which I have
DNS
service from
Network Solutions.
Network Solutions is probably the largest domain name registrar in the world.
I've been using
GoDaddy primarily for
registering domain names for quite some time, since their service is as good
or better than Network Solutions service and they are a lot cheaper, but I still
have some domain names registered with Network Solutions.
At the Internet Storm Center (ISC), I found
a posting from
Swa Frantzen at 2006-01-18 17:14:32 UTC regarding reports that Network Solutionsworldnic DNS servers are not responding to name queries. Network Solutions
name servers have names of the form nsxx.worldnic.com, where xx is some number.
I called the Network Solutions customer support number. I heard a recorded
message stating that they are experiencing a widespread outage and are working
diligently to resolve the problem, which is their highest priority at the
moment. There was no estimated time for restoring service.
The 24 x 7 Network Solutions support numbers are as follows:
In the U.S. and Canada call:
1.888.642.9675 (General Support)
1.866.391.HELP (Technical Assistance)
Outside the U.S. call:
1.570.708.8788
I first noticed the problem at noon US
EST. At 12:55 PM EST, the
problem was resolved. I could then successfully lookup IP addresses for
domain names hosted with Network Solutions. I don't know when the problem
first started, but it appears to have taken at least an hour to resolve
(I'm presuming I didn't see it at the exact moment it started).
[/network/dns]
permanent link
Wed, Jan 18, 2006 11:09 am
Auotmatically Starting Apache When the Server Reboots
If you wish to have the Apache web server software start
automatically when a Solaris 2.7 system reboots, you can
create a script with root ownership in /etc/rc3.d. Start the script's file name
with Sxx where xx is a number not already being used in a filename
for an existing script in the directory. For instance, if you
have S34dhcp already in the /etc/rc3.d directory, you shouldn't
use S34httpd, but you could use S88httpd, if S88 wasn't already used
as the start of some other script name. The text that comes after the Sxx
part of the name is arbitrary. You could call it S88httpd, or S88apache, or
whatever else you choose.
You then need only the following line in the file to have Apache start
automatically, presuming apachectl is located in /usr/local/apache2/bin.
/usr/local/apache2/bin/apachectl start
You can then change the permissions on the file to make it executable, though
I found Apache was still started with permission settings of 644, i.e.
"-rw-r--r--".
chmod 744 /etc/rc3.d/S88httpd
[/os/unix/solaris]
permanent link
Tue, Jan 17, 2006 9:57 pm
Allowing Authenticated Senders From Otherwise Blocked IP Addresses
I had a user who uses
Verizon's wireless broadband service report that he could not send email
from his laptop. I had Outlook on his laptop configured to use sender
authentication when sending email, i.e. I had "My outgoing server (SMTP)
requires authentication" and "Use same settings as my incoming mail server"
checked for his email account properties. Yet when Outlook attempted to send
email, he would see messages similar to the following:
Task 'rberry1@moonpoint.com - Sending' reported error (0x800CCC78) : 'Unable
to send the message. Please verify the e-mail address in your account
properties.
The server responded: 550 5.7.1 Mail from 70.195.76.138 refused - see
http://www.dnsbl.us.sorbs.net/'
The IP address assigned to his laptop by the Verizon network was in a range
listed on the Spam and Open Relay Blocking
System (SORBS) blocklist as being a dynamically assigned address range.
I would expect a fair amount of spam to come from spammers using infected
home users' systems as spam distribution points with most home users having
dynamically assigned IP addresses, so I wanted to keep the SORBS blocklist in
place on the server, but I did need to allow the user to send email through
the server.
In order to allow the user to send email via the email server, but keep
the SORBS blocklist, I maintained the sender authentication on his system,
but modified /etc/mail/sendmail.mc on the email server. I "uncommented" the
delay_checks line in the sendmail.mc file as below:
Original line
dnl FEATURE(delay_checks)dnl
New line
FEATURE(delay_checks)dnl
I then regenerated the sendmail.cf file and restarted sendmail with the
following commands:
m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
/etc/init.d/sendmail restart
I was then able to send from his laptop while connected to the Verizon
broadband wireless service without a problem.
The delay_checks feature
delays checks of the IP address of the sender against blocklists, aka
blacklists, until after sender authentication. If sender authentication
succeeds the presence of the sender's IP address on a blocklist won't
matter. His email will still be accepted.
References:
-
Anti-UBE FEATUREs in Sendmail 8.10/8.11
[/network/email/sendmail]
permanent link
Mon, Jan 16, 2006 12:01 pm
Burst Versus Apple
Last year,
Burst.Com, got
Microsoft to agree to settle
Burst's patent and antitrust suit against Microsoft for $60 million.
Microsoft agreed to license Burst's technology. Burst then threatened
Apple with litigation. In turn,
Apple is attempting to have Burst patents for audio and video software
declared invalid. Burst claims that its patents apply to
Apple's popular iPod player and iTunes software and service.
References:
-
Jobs' Apple Locks Horns With Burst.com
By Chris Noon
January 9, 2006
-
Win Some, Lose Some
By Robert X. Cringely
January 12, 2006
-
Burst.com vs Microsoft
September 9, 2004
-
Bursts's lawsuit against Microsoft
By BurstInvestors.com
-
Burst.Com, Inc.: Company Snapshot
By the Winthrop Corporation
-
BRST.PK: Summary for Burst.Com Inc.
Stock Price
[/software/patents]
permanent link
Thu, Jan 12, 2006 12:47 am
Controlling a Windows System from a Linux System
If you need to remotely control a Windows system from a Linux or Unix system,
you can use
rdesktop. Rdesktop is an
open source client for Windows NT Terminal Server and Windows 2000/2003 Terminal
Services, capable of communicating with a Windows system using the Remote Desktop
Protocol (RDP).
With rdesktop you get an X Window display on your Linux/Unix system that looks
very similar to what you would see if you were sitting at the Windows system. It
works much like Windows remote desktop software that allows you to control one Windows
system with another.
If you are using a Linux system, rdesktop may already be present. You can check
by issuing the command rdesktop
. If it isn't present,
installing rdesktop is easy. Download the file from
www.rdesktop.org,
SourceForge.net:rdesktop, or
here and then
issue the following commands on your Linux
or Unix system, subsituting the particular version number you have downloaded:
tar -xvzf rdesktop-1.4.1.tar.gz
cd rdesktop-1.4.1
./configure
make
make install
You can then run the software with the rdesktop
command. E.g., if I wanted
to connect to a Windows system with IP address 192.168.0.3, I could issue the command
rdesktop 192.168.0.3
. If the Windows system is behind a firewall, you
will need to open TCP port 3389.
I often boot a Windows system with a Knoppix Linux
Live CD when I am working at
a site, so that I can be sure that I am working on a secure system rather than a
system that may have been compromised by viruses, trojans, spyware, etc. If I need
to access a server at the site, such as a Windows Small Business Server (SBS) 2003
server, I can still access it from the system booted into Knoppix Linux with a Live CD
by using rdesktop. Knoppix Linux comes with rdesktop, but you may have another
Linux Live CD, which doesn't already provide rdesktop. Since you are booting from a
Live CD and can't alter its contents, you need to specify a directory that is
stored in memory rather than on the CD when
you are installing rdesktop. You can do so by using "--prefix" to specify the
directory into which you wish to install it. Otherwise, you will get the following
error when you attempt to install it.
$ make install
mkdir -p /usr/local/bin
mkdir: cannot create directory `/usr/local/bin': Permission denied
make: *** [installbin] Error 1
To eliminate the problem, you can use the following commands after you have downloaded
the software into a virtual disk Live CDs will typically set up in memory. Suppose
you have /ramdisk/tmp as such an area and you have made that your working directory.
tar -xvzf rdesktop-1.4.1.tar.gz
cd rdesktop-1.4.1
./configure --prefix=/ramdisk/tmp
make
make install
./rdesktop 192.168.0.3
Unless you specify otherwise, a new logon session will be established to the system.
The current one won't be terminated. But, perhaps a user is already logged onto the
system and you wish to connect to the current console session on the system, to see
exactly what you would see if you were sitting at the system. Then you should use
the -0
option to attach to the console, e.g. rdesktop -0
192.168.0.3
. You can specify the userid to use with the -u
option,
e.g. rdesktop -0 -u administrator 192.168.0.3
. You may also want to
change the color depth with the -a
option. The default value is 8-bit
color, which gives you only 256 colors. If you use -a 16
, you will
get 16-bit color, which is 2 raised to the power of 16 colors, i.e. 65,536 colors.
If you use rdesktop
alone with no options, you will get a list of other
available options for the command.
References:
-
Administer Windows from Linux with rdesktop
-
Using Rdesktop To Access Windows Terminal Services from A GNU/Linux Client
[/os/windows/software/remote-control/rdp]
permanent link
Tue, Jan 10, 2006 10:56 pm
Windows Vulnerability in Embedded Web Fonts
Microsoft released a patch today, which is January's "Patch Tuesday", for a
vulnerability in the way Windows handles fonts embedded in a webpage. The vulnerability
could allow a malicious webpage developer, or someone who has compromised a website, to
install an embedded font on a webpage such that when a user views the webpage the user's
system could be compromised, potentially even allowing a remote attacker to take
complete control of the user's PC.
[ More Info ]
[/security/vulnerabilities/windows]
permanent link
Sun, Jan 08, 2006 11:48 pm
Attempted SpyAxe Installation
SpyAxe is
suspect antispyware that, through deceptive and agressive deployment
techniques, may be installed on a PC. If you see the message below,
some malware is likely trying to install SpyAxe on the system.
Your computer is infected!
Dangerous malware infection was detected on your PC
The system will now download and install most efficient
antimalware program to prevent data loss and your private
information theft.
Click here to protect your computer from the biggest malware
threats.
The software should not be installed. You can use the
smitRem tool to remove the software which is attempting to set up SpyAxe
on the system.
[ More
Info ]
[/security/spyware/spyaxe]
permanent link
Sat, Jan 07, 2006 6:02 pm
ClamAV Error While Loading Shared Libraries
I wanted to run the current version of the
ClamAV antivirus software with a
PLoP Linux boot CD.
PLoP Linux provides a
LiveCD
that can be used to boot a Windows system and scan it for viruses.
This can be useful when a Windows system is badly infected and you wish to
avoid even booting into Windows to check the system. The version of PLoP Linux
I downloaded from the developer's website at
http://www.plop.at/page_en_0.html included ClamAV, but it was the 0.86.2
version rather than the current 0.87.1 version. I put the most current version
of clamscan on a Zip disk, which I mounted after booting from the PLoP Linux
CD, but when I tried to run the
current version I got the message "error while loading shared libraries:
libbz2.s0.1: cannot open shared object file: No such file or directory."
I used the ldd
command on a Linux system where I had clamav
working to find out what
shared libraries it needed.
# ldd `which clamscan`
libclamav.so.1 => /usr/lib/libclamav.so.1 (0x40022000)
libz.so.1 => /usr/lib/libz.so.1 (0x4006e000)
libbz2.so.1 => /usr/lib/libbz2.so.1 (0x4007c000)
libgmp.so.3 => /usr/lib/libgmp.so.3 (0x4008b000)
libpthread.so.0 => /lib/tls/libpthread.so.0 (0x400b8000)
libnsl.so.1 => /lib/libnsl.so.1 (0x400c6000)
libc.so.6 => /lib/tls/libc.so.6 (0x42000000)
/lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000)
I then copied all of those files to the same directory on the Zip disk
where I had the clamscan program. But I got the same error message when
I ran clamscan. So clamscan wasn't able to find the libraries it needed in
the current directory.
After reading the article
CLI Magic: ldconfig and friends by Joe Barr, I realized I need only
add the directory where I had stored the libraries to /etc/ld.so.conf file.
So I added /mnt/zip
to the end of /etc/ld.so.conf
.
/lib
/user/kerberos/lib
/usr/lib
/opt/multimedia/lib
/media/pluspacks/antivir
/mnt/zip
I then issued the
ldconfig
command. That allowed the newer
version of clamscan I had on the Zip disk to look in the /mnt/zip
directory while searching for the shared libraries it needed, when it
couldn't find them in the other directories listed as locations for shared
library files. I was then able to use /mnt/zip/clamscan
to
run the newer version on the Zip disk rather than the older version on the CD.
If you don't want to add a directory permanently to the list of directories
searched for libraries, then you can issue the ldconfig
command
followed by the directory, e.g. ldconfig /mnt/zip
would specify
that the /mnt/zip
directory be searched for libraries as well,
but only until the system is rebooted.
References:
-
CLI Magic: ldconfig and friends
By Joe Barr
May 16, 2005
-
What is ldconfig used for?
By Nathan Wallace, Kim Shrier
August 3, 1999
-
Shared Libraries
By David A. Wheeler
April 11, 2003
-
Building and Using Static and Shared "C" Libraries
By Guy Keren
2002
-
LDD Library Dependencies
By Karsten M. Self
April 8, 2005
-
Automatic Dependencies
By Red Hat, Inc.
2000
[/security/antivirus/clamav]
permanent link
Tue, Jan 03, 2006 8:17 pm
Disabling the FTP Service
If you wish to disable the FTP service on a Solaris 2.7 system, you can
take the following steps while logged in as root.
- Edit /etc/inetd.conf, since the ftp daemon is started through inetd
and comment out the ftp line.
Old
ftp stream tcp nowait root /usr/local/etc/tcpd /usr/sbin/in.ftpd
New
#ftp stream tcp nowait root /usr/local/etc/tcpd /usr/sbin/in.ftpd
-
Send a "-HUP" signal to the inetd process, which will cause inetd to restart
using the new contents of inetd.conf.
# pkill -HUP inetd
If you issue the ps -e | grep inetd
commands before and after
the pkill command, you may see
the same PID for the inetd process, but if you now try connecting to
the system with FTP, you should get a "connection refused" message, since
the ftp daemon will no longer be started by the inetd service.
[/os/unix/solaris]
permanent link
Mon, Jan 02, 2006 11:45 pm
WMF Vulnerability Could Allow Remote Code Execution
Code that will allow attackers to compromise a Windows-based PC using
a vulnerability in the way such systems handle images has been posted
online over the holidays. Exploitation of this vulnerability by attackers
could allow them to install spyware on a system or take complete control
of it.
The vulnerability is within software that is part of the Windows operating
system distribution. The affected software processes Windows MetaFile (WMF)
images, but an attacker need only rename an infected WMF file with a JPG, GIF,
PNG, or other common graphic file format extension to avoid any block on all
WMF files, since a Windows system will examine the contents of files with those
extensions and execute the code in them, if they are really WMF files.
An attacker can send infected images by email or put them on a website.
The mere presence of an infected file on a system can lead to the system's
infection, if file indexing software, such as Google's desktop search utility
is presence. When the file is indexed, the exploit is triggered.
[
More Info ]
[/security/vulnerabilities/windows]
permanent link
Sun, Jan 01, 2006 6:33 pm
Adding a Domain Account to the Administrators Group
To add a domain account to the local "Administrators" group on a Windows XP
system, take the following steps:
- Click on "Start".
- Click on "Control Panel".
- Click on "Performance and Maintenance". If you don't see it, then you
are in Windows XP's "classic" view and you can skip to the next step.
- Click on "Administrative Tools".
- Double-click on "Computer Management".
- Click on "Local Users and Groups" in the "Computer Management" window.
- Double-click on "Groups".
- Double-clik on the "Administrators" group in the right pane of the window.
- Click on the "Add" button.
- In the "Enter object names to select" field, put in the domain account
name. E.g. if the domain was "example" and the user name was "Sally", you would
put in "example\sally".
- Click on "Check Names" to verify the name you entered.
- Then click on "OK", if it was accepted. A "name not found" window will
open if it wasn't accepted.
- Click on "OK" to close the "Administrators Properties" window, which should
now show the name you added.
[/os/windows/domain]
permanent link
Privacy Policy
Contact