Gone Phishing (open redirect — really?)

April 15, 2017

https://www.itnews.com.au/news/centrelink-website-flaw-leaves-users-vulnerable-457864

Redirect, relays, same principle. Some people never learn.. So was there any threat modeling conducted for that site?

IPv6  adopters beware..

April 15, 2017

https://www.itnews.com.au/news/ipv6-attacks-bypass-network-intrusion-detection-systems-457476

Netgear users advised to stop using affected routers after severe flaw found | ZDNet

December 12, 2016

http://www.zdnet.com/article/two-netgear-routers-are-vulnerable-to-trivial-to-remote-hack/?loc=newsletter_small_thumb&ftag=TRE7ed2633&bhid=24735823317269128257463835837057

Three serious Linux kernel security holes patched | ZDNet

December 12, 2016

http://www.zdnet.com/article/three-serious-linux-kernel-security-holes-patched/?loc=newsletter_small_thumb&ftag=TRE7ed2633&bhid=24735823317269128257463835837057

Good stuff to know: secure coding

October 7, 2016

https://www.securecoding.cert.org/confluence/plugins/servlet/mobile#content/view/2426

Nip the problems at the bud – design and coding – because dealing with exploits later will cost much more.

Macbook Pro (6,2) with rebooting/crashing nvidia problems

January 24, 2016

This may be the late 2010 model, which was fine until I upgraded to Mavericks in order to keep up with Guild Wars 2. The reboots occur when something gets poked in the nvidia software, it seems. It was past the period when Apple offered to replace hardware for free. In the end, my solution was to downgrade to the original Snow Leopard and forego upgrading past 10.6.8.

At first, it seemed like gfxcardstatus was enough to keep things going, but there were occasions when GW2 or minecraft would get away with going back to discrete graphics mode, and it would reboot again. Didn’t help if I was running from Windows 8.1 either, via bootcamp. Newer graphics drivers meant exposing those chip defects, particularly in using minecraft or Neverwinter online. Attempted one suggested fix to force Mavericks to overheat with a wool blanket or a sealed laptop bag, which should have made it shut down while on integrated graphics, after which one was to remove the discrete graphics drivers and rebuild the metadata of drivers. Too much hit and miss, always missing. Downgrading, while a bit of a hassle, was the best solution for me.

DHCP dilemma: Netgear CG3000-STAUS has no DNS option

December 29, 2013

So, short of setting up static DNS (OpenDNS for me) on each device, what can I do?

I need another device that provides DNS, one that is always on when the router is, so nothing high-powered. Maybe a new switch to upgrade my 100Mbps one. 🙂 Or replace my current switch with my retired Linksys WRT54G, used without wifi purely as a switch — with DHCP enabled on a static DNS setting. But will it let me set a default gateway? Maybe if I flash the firmware with DD-WRT.. Could be interesting just to try it anyway.

Why does it matter? Because OpenDNS is an inexpensive and reasonably effective way to restrict my Internet traffic (for the whole family, away from undesirable websites).

Mac OS 10.5.8 — X11 quit unexpectedly

December 25, 2013

Seemed to happen when X11 (XQuartz) launches right after I start my terminal. The crash report would say something like this:

Reason: Incompatible library version: X11.bin requires version 15.0.0 or later,
but libpixman-1.0.dylib provides version 13.0.0.

The same message appears in Console Messages.

Solution was simple:

# sudo ln -sf /opt/local/lib/libpixman-1.0.dylib /usr/X11/lib/libpixman-1.0.dylib

This is probably due to mistakes I had made in installing mac ports or X11 (which was installed before ports). In case someone else had made similar mistakes, this one works for me. The bug tracking page I found on it suggests that this isn’t an inherent problem of X11.

/etc/hosts and dnsdomainname

July 10, 2013

The order matters in /etc/hosts as far as dnsdomainname is concerned. As man hosts says,

IP_address caconical_hostname [aliases..]

I was wondering why munge was complaining about being unable to resolve my host name, despite it being available via DNS (both forward and reverse) and the correct (so I thought) entry in /etc/hosts. The solution appears to be that dnsdomainname resolved, which required the correct order in /etc/hosts.

Stupid things we did (hopefully not anymore) at the Data Center

April 29, 2013

Yep, I’ve done some of these stupid things in my former career as a systems admin, especially in the early days back in the 90s and early 2000s. I would like to think that I’ve outgrown the attitude underlying these ..

[Source: TechRepublic (http://ct.techrepublic.com/clicks?t=1176711121-f70bb0a3726a8f71eee2e99de6ecbe3b-bf&brand=TECHREPUBLIC&s=5)]