Make sure you update linux and ios!

A long time ago it was possible to add stuff to the end of a file to make the checksums match but still have an eof in the correct place to fool the size counter in unix. I doubt if you have been able to do that for years but people do have a habit of putting bugs back in by swiping old code for reuse.

I just wanted to say that setting up rsync between linux machines is not arduous, and spinning rust is very cheap. And it provides, if you arrange cron to email you the results, a once a day email (if that's how often you run it) of stuff that's been backed up. That takes less than a minute to review..after a while you know the pattern, and anything out of the ordinary can be identified and investigated.

Its a very handy way to notice if anything has happened to your machine that can't be accounted for by normal system behaviour.

Anyone else running centos 5.x? Seems they forgot to update the version string in the rush to get the patch out ...

[root@xen1 ~]# yum -C list installed bash Loaded plugins: fastestmirror Installed Packages bash.x86_64 3.2-33.el5.1 installed [root@xen1 ~]# strings /bin/bash | grep 3.2 @(#)Bash version 3.2.25(1) release GNU operation differs from the 1003.2 standard [root@xen1 ~]# bash --version GNU bash, version 3.2.25(1)-release (x86_64-redhat-linux-gnu) Copyright (C) 2005 Free Software Foundation, Inc.

But it's definitely the fixed version ....

[root@xen1 ~]# env x='() { :;}; echo vulnerable' bash -c "echo this is a test" bash: warning: x: ignoring function definition attempt bash: error importing function definition for `x' this is a test

Really? So overwriting something in the middle of the file, then rewriting the timestamp back to the original value isn't going to be feasible?

Many years experience have shown me this happening in the big bad world of Windows malware. Just because this isn't Windows doesn't mean they can't do it.

Depends on whether it's a checksum or something more complex. Even then some of the digest algorithms have been hacked.

This is the second major problem lately in the Linux world. I hope those who think they don't need an antivirus because it's Linux (or Apple) are having another think.

Yes, Windows malware is 90-something percent of what's out there. It's the biggest, and given some of the users, the easiest target.

But, to paraphrase, the hacker only has to be lucky once. You have to be lucky all the time.

Andy

There, fixed your post for you. :-)

En el artículo , Dennis@home escribió:

*rolls eyes*

If they did have man it would be wrong, they are all dedicated devices not desktops. I use linux for what its good at.

En el artículo , Dennis@home escribió:

Having a router with embedded Linux is not *using* Linux, Dennis.

I'm not stupid enough to want a router with linux.

En el artículo , Dennis@home escribió:

Given that the vast majority of them run Linux, that does make you pretty stupid. But then we knew that anyway.

You don't often get the choice. All you normally see when you're administering your router is a web page, and that is, for all the ones I've had, hosted on a completely locked down, Linux based system.

You can buy routers that don't use linux, its all very well using linux if you trust the manufacturer to fix it when a hole is found. The hole will be well publicised by others that do issue a fix leaving you very vulnerable as the hackers can go hunting for your unpatched router. A lot of so called linux based routers only use the kernel and stuff a big binary blobb on top.

Well then you had better do without a router, cos 99% of them are linux in the core

I *do* want a router with linux. Why?

Because, short of high end gear costing 1000's, everything I've tried to use in any advanced way is a piece of crap.

Vigor 2830. Stable if used in a simple configuration. But things like DHCP service does not play nice with VLANs and teh firewall is obtuse.

Technicolor - that's just a piece of crap full stop (it was an A&A "free" router).

Everything as it's own configuration syntax/gui - advanced features do not always layer correctly.

Whereas Linux:

1) Slowly evolving set of configs;

2) Choice of tools (eg DNS server, DHCP etc)

3) *Extremely* powerful firewall that layers correctly with other perts of the networking stack.

4) Massively advanced routing and QoS.

So I'm off to make myself another Mini ITX box with a Sandisk SSD and notionally fanless (I actually add a couple of Noctua 40mm fans running at half power to waft a little air through - but it will not actually melt if they fail. They are more to prolong its life, especially in summer).

A very fair point.

I prefer running a "real linux" (Debian in my case, but could be one of many others) as it's generally safe to let it auto pull from the security repos IME.

OpenWRT I was less keen on...

Some of Extreme Networks Black Diamond series of core routers (half a cabinet high units) ran linux. Often several instances (2 management cards, then some of the blades also had linux running for management and config purposes).

+1

I suppose he wants one running Windows!

There are other OSes besides windows and linux. I have used several different ones in products that 99% of the population of the UK have or will use. Linux fanatics appear to be blind to other software, that makes them do stupid things IME.

LOL And IME MS Windows fanatics appear to be blind to other software, that makes /them/ do stupid things.