Wietese Venema, the main developer of Postfix (you know, the wonderful
sendmail replacement that Redhat is removing from Redhat 7.2) posted this
to the postfix list:
-----------
There's a new worm hammering networks via email, via open shares,
and via vulnerable web servers.
This is also a reminder that Postfix needs decent MIME parsing
support so it can filter this sort of malware more effectively.
Wietse
The worm's MIME headers, with spaces inserted to avoid false alarms.
- - = = = = _ A B C 1 2 3 4 5 6 7 8 9 0 D E F _ = = = =
C o n t e n t - T y p e : m u l t i p a r t / a l t e r n a t i v e ;
b o u n d a r y = " = = = = _ A B C 0 9 8 7 6 5 4 3 2 1 D E F _ = = = = "
- - = = = = _ A B C 0 9 8 7 6 5 4 3 2 1 D E F _ = = = =
C o n t e n t - T y p e : t e x t / h t m l ;
c h a r s e t = " i s o - 8 8 5 9 - 1 "
C o n t e n t - T r a n s f e r - E n c o d i n g : q u o t e d - p r i n t a b l e
< H T M L > < H E A D > < / H E A D > < B O D Y b g C o l o r = 3 D # f f f f f f > < i f r a m e s r c = 3 D c i d : E A 4 D M G B P 9 p h e i g h t = 3 D 0 w i d t h = 3 D 0 > < / i f r a m e > < / B O D Y > < / H T M L > - - = = = = _ A B C 0 9 8 7 6 5 4 3 2 1 D E F _ = = = = - -
- - = = = = _ A B C 1 2 3 4 5 6 7 8 9 0 D E F _ = = = =
C o n t e n t - T y p e : a u d i o / x - w a v ;
n a m e = " r e a d m e . e x e "
C o n t e n t - T r a n s f e r - E n c o d i n g : b a s e 6 4
C o n t e n t - I D : < E A 4 D M G B P 9 p >
Real news: glibc-2.2.4 was released today
on
2.4.9 Kernel Released
·
· Score: 5, Informative
Don't forget that the libc is just as important for your computers stability
as the kernel. Most applications go trough the libc to
access kernel services. Today glibc-2.2.4 was released, go to your local
mirror (yes, that is a gnu mirror, not a kernel mirror) and do the upgrade
now.
Slashdot: News for nerds ?
Why does the libc get so little publicity compared to the kernel ? I don't get it !
This seems like a nice opportunity to add iptables to *BSD. Iptables is the linux version of ipf. Some people claim that iptables is superior (or at least more flexible and easier to understand) to ipf....
* A carefully constructed URI could cause the server to segfault on Win32 and OS/2, denying access to users until the error was cleared. This is resolved on both platforms, no server data vulnerability was identified for this denial of service exploit.
I have been using bluefish
for some time now, and I am very impressed. Although the authors says it is not
finished yet, I have had no problems using it, it is very stable, and
feature packed.
Cut n' paste from their web page:
FEATURES:
A What You See Is What You Need interface
Nice wizards for startup, tables, frames, and others
Dialogs for all HTML 4 tags that have a lot of options
HTML toolbar and tearable menu's
Open any URL directly from the web, or using drag and drop, etc.
Fully featured image insert dialog
Thumbnail creation and automatically linking of the thumbnail with the original image
A custom menu, specify your own tags or sets of code, and define your own dialogs
Project management, link management, etc.
Per project customized default dialog settings
Reference for PHP3, PHP4, SSI and RXML (over 900 functions referenced)
Preview options for dynamic HTML
One of the most complete CSS dialogs
Syntax highlighting with configurable regular expressions
A nice configuration dialog, customizable shortcut keys
A very powerful search and replace dialog, allowing
regular expressions
I thought I'd mention the policy for 2.4.x patches so that nobody gets
confused about these things. In some cases people seem to think that
"since 2.4.x is out now, we can relax, go party, and generally goof off".
Not so.
The linux kernel has had an interesting release pattern: usually the.0
release was actually fairly good (there's almost always _something_
stupid, but on the whole not really horrible). And every single time so
far,.1 has been worse. It usually takes until something like.5 until
it has caught up and surpassed the stability of.0 again.
Why? Because there are a lot of pent-up patches waiting for inclusion,
that didn't get through the "we need to get a release out, that patch
can wait" filter. So early on in the stable tree, some of those patches
make it. And it turns out to be a bad idea.
In an effort to avoid this mess this time, I have two guidelines:
- I've basically thrown away all patches sent to me so far, and I will
continue to do so at least over the weekend. I'm not going to bother
thinking about patches for a few days.
- In order for a patch to be accepted, it needs to be accompanied by
some pretty strong arguments for the fact that not only is it really
fixing bugs, but that those bugs are _serious_ and can cause real
problems.
Obviously, the size of the patch matters too: if you can make an
obvious fix in 5 lines, do it. Don't try to make a clean fix that
fixes the problem the clever way in 150 lines.
In short, releasing 2.4.0 does not open up the floor to just about
anything. In fact, to some degree it will probably make patches _less_
likely to be accepted than before, at least for a while. I want to be
absolutely convicned that the basic 2.4.x infrastructure is solid as a
rock before starting to accept more involved patches.
> Your first mistake: you are using TeX. It sounds like you want LaTeX
Please explain to me how to use LaTeX without TeX as an intermediate format.
Using LaTeX would only make the problem bigger, because the error messages are now hidden in messages from the
LaTeX macros.
I have written large reports in latex, because it creates excellent output. But using TeX (or LaTeX) as an intermediate format is not possible to do without having the user to wade trough pages of output when some strange counter reaches its limit. (I am talking of large documents).
And plain LaTeX is not suitable for company wide use. The users wants a WYSIWYG application ala Frame or Word. Latex is not an option.
We need a good cross platform technical text editor/type setter solution now.
I was excited when Adobe announced that they are porting Frame to Linux, my
preferred operating system. I work for a small company, where most of the
documentation is written with Microsoft Word. Everyone hates that product, and
we convert everything to pdf to make sure that we can use the files in year 2005
if needed (we can at least print the documents, and "cut and paste" into
the current word processor of choice). I was looking forward to switch to frame maker,
but now I am on my own again...
This is my wish list:
Runs on linux, mac and NT. (Yes, this is going to be used by a lot of people,
and we have to respect their choice of OS).
Semi WYSIWYG.
Built for creating large technical documents.
Save files in a open file format (XML docbook ?).
Easy conversion to PS, PDF, XHTML, RTF and ascii text.
Should not use TeX as an intermediate format. TeX creates nice
output, but it needs a complete rewrite to get rid of static data
structures, and make the error messages human readable. Everyone
who has used TeX for something useful has made major modifications to
TeX to make it processes his/her particular document (changed 20
constants in a config file or recompiled the package). It amazes
me that Donald Knuth has kept his guru status, when the second most
known piece of work he has done is TeX... It certainly tells
something about how excellent his most known work is (yes, it
is excellent, this is not a flame).
E-Mail is sent using SMTP. For this purpose a TCP/IP connection to the
MX host of the recipient is established. Usually a computer is able to
hold about 65500 TCP/IP connections from/to a certain port. But in most
cases it's a lot less due to limited resources.
If it is possible to hold a mail connection open (i.e. several hours),
the productivity of the UBE sending equipment is dramatically reduced.
SMTP offers continuation lines to hold a connection open without running
into timeouts.
A teergrube is a modified MTA (mail transport agent) able to do this
to specified senders.
The basic idea of mpeg is that the encoder removes the parts of
the music which you (probably) can't hear. The encoder splits the
sound into pieces, and rates each piece after how important it is
for the total sound image. Then it starts with the most important
sound and encodes that, and continuing with the less important
parts until the available bit rate is reached (e.g 128kbit/s). The
rest of the sound data is discarded.
The tricky part is the calculation of the "importantness" of each
sound, and that is what differentiates the encoders. This
calculation is done with an algorithm called "a psycho
acoustic model".
To measure the quality of an mpeg encoder automatically, you need
an algorithm which calculates the quality the the encoded
signal. By knowing this algorithm it is trivial to create an
encoder which will score maximum on this quality measurement, since
the quality measurement algo is basically the same as the
psychoacoustic model.
This test is "snake oil", a real test of mpeg encoder unfortunately
involves listening to the music to evaluate the psycho acoustic model
of the encoder, and not comparing two artificially created psycho acoustic
models with each other.
Freenet takes this concept to another level,
because information on Freenet is not stored at
fixed locations or subject to any kind of
centralized control like the Zero-Knowledge
servers.
Both authors and readers of information stored on this system
may remain anonymous if they wish.
Freenet does not have any form of centralized control or
administration.
It will be virtually impossible to forcibly remove a piece of
information from Freenet.
Information will be distributed throughout the Freenet network
in such a way that it is difficult to determine where information
is being stored.
Anyone can publish information. They don't need to buy a domain
name or even a permanent Internet connection.
Availability of information will increase in proportion to the
demand for that information.
Information will move from parts of the Internet where it is in
low demand to areas where demand is greater.
Slashdot Mirror
talonyxi wrote:
> Stops that VBS nonsense too.
Yeah, dream on ....
No need to, I have found a perfect auto obfuscater, it's called cat(1) ....
... when will 2.5.0 be out ?
Wietese Venema, the main developer of Postfix (you know, the wonderful
/etc/postfix/main.cf:
/etc/postfix/body_checks:
/^[SPACE TAB]*name=.*\.exe/ REJECT
sendmail replacement that Redhat is removing from Redhat 7.2) posted this
to the postfix list:
-----------
There's a new worm hammering networks via email, via open shares,
and via vulnerable web servers.
Propagation via email can be stopped with:
body_checks = regexp:/etc/postfix/body_checks
Inside the [] are one space and one tab.
This is also a reminder that Postfix needs decent MIME parsing
support so it can filter this sort of malware more effectively.
Wietse
The worm's MIME headers, with spaces inserted to avoid false alarms.
- - = = = = _ A B C 1 2 3 4 5 6 7 8 9 0 D E F _ = = = =
C o n t e n t - T y p e : m u l t i p a r t / a l t e r n a t i v e ;
b o u n d a r y = " = = = = _ A B C 0 9 8 7 6 5 4 3 2 1 D E F _ = = = = "
- - = = = = _ A B C 0 9 8 7 6 5 4 3 2 1 D E F _ = = = =
C o n t e n t - T y p e : t e x t / h t m l ;
c h a r s e t = " i s o - 8 8 5 9 - 1 "
C o n t e n t - T r a n s f e r - E n c o d i n g : q u o t e d - p r i n t a b l e
< H T M L > < H E A D > < / H E A D > < B O D Y b g C o l o r = 3 D # f f f f f f > < i f r a m e s r c = 3 D c i d : E A 4 D M G B P 9 p h e i g h t = 3 D 0 w i d t h = 3 D 0 > < / i f r a m e > < / B O D Y > < / H T M L > - - = = = = _ A B C 0 9 8 7 6 5 4 3 2 1 D E F _ = = = = - -
- - = = = = _ A B C 1 2 3 4 5 6 7 8 9 0 D E F _ = = = =
C o n t e n t - T y p e : a u d i o / x - w a v ;
n a m e = " r e a d m e . e x e "
C o n t e n t - T r a n s f e r - E n c o d i n g : b a s e 6 4
C o n t e n t - I D : < E A 4 D M G B P 9 p >
Yes, embedded systems need 0.8 sec boot time *and* console on /dev/ttyS0, and the General Software BIOS supports both.
Enjoy
Don't forget that the libc is just as important for your computers stability as the kernel. Most applications go trough the libc to access kernel services. Today glibc-2.2.4 was released, go to your local mirror (yes, that is a gnu mirror, not a kernel mirror) and do the upgrade now.
Slashdot: News for nerds ?
Why does the libc get so little publicity compared to the kernel ? I don't get it !
RedHat is the ketchup of linux
Tasty, versatile, red and ubiquitous, but some people will tell you that it isn't very gourmet...
Arrrrg, I pre-ordered this book from my regular book store a few months ago, and it has not arrived yet, and now I can downlod it for free ......
(But this is after all excellent news, I just feel a little stupid)
This seems like a nice opportunity to add iptables to *BSD. Iptables is the linux version of ipf. Some people claim that iptables is superior (or at least more flexible and easier to understand) to ipf ....
The main site for iptables is: http://netfilter.kernelnotes.org but that site has been down for some time now, use http://www.samba.org/netfilter/ instead.
Here is the Release Announcement for 1.3.20
The relevant part of the changelog:
* A carefully constructed URI could cause the server to segfault on Win32 and OS/2, denying access to users until the error was cleared. This is resolved on both platforms, no server data vulnerability was identified for this denial of service exploit.
Oh, and I forgot: It is GPL :-)
I have been using bluefish for some time now, and I am very impressed. Although the authors says it is not finished yet, I have had no problems using it, it is very stable, and feature packed.
Cut n' paste from their web page:
FEATURES:
the next crazy step
bash in assembler.
By the way, that would make bash self booting ...
---
recursion, n: see recursion.
Ahh, if only you could mirror CGIs more easily :)
Google does it with ease ....
This is ... really strange.
Meteor scatter isn't that strange, since the space dust ionizes the atmosphere. Moonbounce on the other hand is ... really strange.
In moonbounce you use the moon as a passive reflector. Google has more info.
This was sendt to the kernel list a week ago by Linus: http://www.uwsg.indiana.edu/hypermail/linux/kernel /0101.0/1192.html
This is the interesting part:
I thought I'd mention the policy for 2.4.x patches so that nobody gets confused about these things. In some cases people seem to think that "since 2.4.x is out now, we can relax, go party, and generally goof off".
Not so.
The linux kernel has had an interesting release pattern: usually the .0
release was actually fairly good (there's almost always _something_
stupid, but on the whole not really horrible). And every single time so
far, .1 has been worse. It usually takes until something like .5 until
it has caught up and surpassed the stability of .0 again.
Why? Because there are a lot of pent-up patches waiting for inclusion, that didn't get through the "we need to get a release out, that patch can wait" filter. So early on in the stable tree, some of those patches make it. And it turns out to be a bad idea.
In an effort to avoid this mess this time, I have two guidelines:
- I've basically thrown away all patches sent to me so far, and I will continue to do so at least over the weekend. I'm not going to bother thinking about patches for a few days.
- In order for a patch to be accepted, it needs to be accompanied by some pretty strong arguments for the fact that not only is it really fixing bugs, but that those bugs are _serious_ and can cause real problems.
Obviously, the size of the patch matters too: if you can make an obvious fix in 5 lines, do it. Don't try to make a clean fix that fixes the problem the clever way in 150 lines.
In short, releasing 2.4.0 does not open up the floor to just about anything. In fact, to some degree it will probably make patches _less_ likely to be accepted than before, at least for a while. I want to be absolutely convicned that the basic 2.4.x infrastructure is solid as a rock before starting to accept more involved patches.
> > Should not use TeX as an intermediate format.
> Your first mistake: you are using TeX. It sounds like you want LaTeX
Please explain to me how to use LaTeX without TeX as an intermediate format.
Using LaTeX would only make the problem bigger, because the error messages are now hidden in messages from the LaTeX macros.
I have written large reports in latex, because it creates excellent output. But using TeX (or LaTeX) as an intermediate format is not possible to do without having the user to wade trough pages of output when some strange counter reaches its limit. (I am talking of large documents).
And plain LaTeX is not suitable for company wide use. The users wants a WYSIWYG application ala Frame or Word. Latex is not an option.
We need a good cross platform technical text editor/type setter solution now. I was excited when Adobe announced that they are porting Frame to Linux, my preferred operating system. I work for a small company, where most of the documentation is written with Microsoft Word. Everyone hates that product, and we convert everything to pdf to make sure that we can use the files in year 2005 if needed (we can at least print the documents, and "cut and paste" into the current word processor of choice). I was looking forward to switch to frame maker, but now I am on my own again ...
This is my wish list:
Blow the spammers away by stopping their tools:
From the Teergrubing FAQ:
E-Mail is sent using SMTP. For this purpose a TCP/IP connection to the MX host of the recipient is established. Usually a computer is able to hold about 65500 TCP/IP connections from/to a certain port. But in most cases it's a lot less due to limited resources.
If it is possible to hold a mail connection open (i.e. several hours), the productivity of the UBE sending equipment is dramatically reduced. SMTP offers continuation lines to hold a connection open without running into timeouts.
A teergrube is a modified MTA (mail transport agent) able to do this to specified senders.
Read the full story in the Teergrubing FAQ:
I did consider buying this book based on this review, until I saw the "Purchase this book at ThinkGeek" link on the bottom.
Makes you wonder how objective this review is ....
The basic idea of mpeg is that the encoder removes the parts of the music which you (probably) can't hear. The encoder splits the sound into pieces, and rates each piece after how important it is for the total sound image. Then it starts with the most important sound and encodes that, and continuing with the less important parts until the available bit rate is reached (e.g 128kbit/s). The rest of the sound data is discarded.
The tricky part is the calculation of the "importantness" of each sound, and that is what differentiates the encoders. This calculation is done with an algorithm called "a psycho acoustic model".
To measure the quality of an mpeg encoder automatically, you need an algorithm which calculates the quality the the encoded signal. By knowing this algorithm it is trivial to create an encoder which will score maximum on this quality measurement, since the quality measurement algo is basically the same as the psychoacoustic model.
This test is "snake oil", a real test of mpeg encoder unfortunately involves listening to the music to evaluate the psycho acoustic model of the encoder, and not comparing two artificially created psycho acoustic models with each other.
- Both authors and readers of information stored on this system
may remain anonymous if they wish.
- Freenet does not have any form of centralized control or
administration.
- It will be virtually impossible to forcibly remove a piece of
information from Freenet.
- Information will be distributed throughout the Freenet network
in such a way that it is difficult to determine where information
is being stored.
- Anyone can publish information. They don't need to buy a domain
name or even a permanent Internet connection.
- Availability of information will increase in proportion to the
demand for that information.
- Information will move from parts of the Internet where it is in
low demand to areas where demand is greater.
For more info: http://freenet.sourceforge.net/The freenet FAQ
Wow, that's just awesome !
Please tell us more about this amazing device ..
"9A in 10 seconds in 200mAh device"
Which boils down to slightly more that 10 %, which is OK considering the large current surge.