Archive for the ‘code’ Category
2011
02.08
Tags: code, upgrade, wordpress
Posted in code, php, security, sysadmin, wordpress | 1 Comment »
The upgrade to 3.0.5 was resleased yesterday. From the release notes:
Two moderate security issues were fixed that could have allowed a Contributor- or Author-level user to gain further access to the site.
One information disclosure issue was addressed that could have allowed an Author-level user to view contents of posts they should not be able to see, such as draft or private posts.
Two security enhancements were added. One improved the security of any plugins which were not properly leveraging our security API. The other offers additional defense in depth against a vulnerability that was fixed in previous release.
Download and upgrade now!
2011
01.11
Posted in code, Did you know, firefox, security | No Comments »
A new product over at x-pire.net (which redirects to x-pire.de) was unveiled in Germany today, with the aim of embedding expiry times and information into images so that they cannot be viewed after a certain time. In that way there should be a maximum lifespan to digital images on the web to prevent future embarassment, usage etc. At this stage, the prototype is available as plug-in for Firefox (as well as some other browsers in future), and expounds the idea of a ‘forgetful internet’ so that information is not immortal on the web. (more…)
2010
12.09
Tags: remote publishing, upgrade, wordpress
Posted in code, php, sysadmin | No Comments »
… it’s time to go 0-3, I think — WordPress 3.0.3 is out – but the update is really only applicable to remote publishing-enabled systems…
WordPress 3.0.3 is available and is a security update for all previous WordPress versions.
This release fixes issues in the remote publishing interface, which under certain circumstances allowed Author- and Contributor-level users to improperly edit, publish, or delete posts.
2010
11.27
Tags: best practice, security, stuxnet, virus
Posted in code, security, sysadmin | No Comments »
Just a quick grouping of resources relating to Stuxnet resources and analysis after the targeted infections of the frequency converters of the Vaasa, Finland based Vacon (though Vacon publicly denies this) and Iranian company Fararo Paya.
The bottomline takeaway – never use default passwords (partical attack vector of the PLCs and SCADAs), and keep systems patched (4 zero-day Windows-based attacks). And don’t allow USB devices on a production network (the entry point of the 0.5Mb virus written in C and C++)… (more…)
2010
10.22
Tags: apt, apt-get, environment, export, linux, proxy, ubuntu, web traffic
Posted in bash, code, linux, security, sysadmin | 1 Comment »
So that it’s documented… I’m using port 8080 as the default port as the likelyhood of your upstream proxy being on 8080 is high – else, typical proxy ports are, of course, 80, 800 (transpartent), 8000, 3128 (squid)
To force your server to force web traffic via a proxy, just two quick things to set – in /etc/environment, export one (or two) variables: (more…)
2010
10.21
Tags: bash, gzip, search, zcat, zgrep
Posted in bash, code, linux, sysadmin | No Comments »
You knew it already – but I keep forgetting – the power of zgrep and zcat both of which behave as their z-less counterparts.
So, to search a gzip’d file, you can simply zgrep <term> <filename.gz>, or to cat/view it, zcat <filename.gz>
Good to come back to in case of impending forgetfulness…
2010
10.21
Tags: drivers, kernel, linux, server linux
Posted in bash, code, linux, sysadmin | No Comments »
For self-reference, mainly:
For the Intel Corporation 82574L Gigabit Network Connection on an old kernel that doesn’t have the drivers compiled into it – get the driver and
make install
it on the platform you’re on, and to be sure (if it doesn’t get done for you) to copy to /lib/modules/2.4.36/kernel/drivers/net/ (your kernel may vary, this is an example only) (more…)
2010
09.10
Posted in code, Did you know, firefox, javascript, sysadmin | No Comments »
Here’s something fun: use Firefox 3.6.9 to have a set of Javascript code in a child frame append HTML code to a text box in the parent frame, and content of the string is modified:
what was
<img src="foo.jpg" alt="bar" width="1" height="1" />
becomes
<img alt="bar" width="1" height="1" />
which is pretty pointless… (more…)
2010
07.14
Tags: backup, bash, compression, gzip, locking, mysql, mysqldump, on the fly, pipe, tar
Posted in bash, code, Did you know, mysql, sysadmin | 1 Comment »
Just to jot it down lest I forget:
Tar’ing the local directory and streaming the tarball straight to gzip:
tar cvf - . | gzip > target.tar.gz
MySQLdump’ing directly to gzip: (more…)
2010
07.12
Tags: apt, apt-install, command line, LTS, ubuntu, upgrade, version upgrade
Posted in code, Did you know, linux, open source software, sysadmin, ubuntu | No Comments »
In the story relating to release upgrades for Ubuntu, below the end-of-life table for the Ubutu Releases from the Ubuntu Wiki – just to have it all in one place; I’m only including the LTS (long-term support) editions, as these should be the only ones deployed on live production systems. In the meantime, Maverick Meerkat is due in October 2010, supported for 2 years. (more…)
2010
07.06
Tags: console, error, firefox, firefox 3.6.6, plugin, vista, vmware, xp
Posted in code, sysadmin, windows | No Comments »
VMWare Plug-in Error - Cannot access virtual machine console
As the VMWare plugin does not work with Mozilla‘s Firefox 3.6.6 – and as it cannot launch a virtual machine console – you’ll have to use a workaround. This post results from the error I kept receiving:
Cannot access virtual machine console. The request timed out.
The paths are applicable to your OS and version – the below is for Vista 64-bit. You can add a direct link to the VMConsole on your desktop (much easier, actually). (more…)
2010
07.05
Tags: code error, iol, nigeria, soccer, spa
Posted in code, Did you know, php | No Comments »
IOL – the online offering of Independent Newspapers – seems to have issues — only two stories show up – one about Nigeria reversing their ban on its soccer team (and announcing that the football federation said it would disband and rebuild the side) and another after a very strange story about the Gatsby International Health Spa, and the search they performed on the suspicion of theft… (more…)
2010
06.28
Tags: 7za, 7zip, backup, bash, gzip, keyless ssh, login, scp, ssh, tar
Posted in bash, code, linux, sysadmin | No Comments »
It’s a simple one-liner that one tends to forget (that is, one that I forget as I untar more than I manually tar). So creating a tar file from directory and all subdirectories is as simple as
tar -cvf file.tar directory (more…)
2010
06.19
Tags: bash, Mac, port forwarding, putty, ssh, terminal, tunnel, windows
Posted in bash, code, linux, mysql, security, sysadmin, windows | No Comments »
Assuming you have a Windows machine and you interact with Linux boxen at any stage, chances are high that you have used and interacted with PuTTY at one stage or another. That beautiful, less than 2 sec, 444K download of a tool (currently at version 0.60 beta) allows you to SSH, COM-direct, RSH, Telnet etc from the desktop. Both examples below relate to MySQL port tunneling.
SSH Tunnels using the Bash command line
Running on a proper machine (or even a Windows with Cygwin or a Mac Terminal) allows you to quickly tunnel a session to a remote server: (more…)
