by ezs | Nov 21, 2005 | evilzenscientist, patching, Uncategorized
SANS are flagging a particularly nasty Internet Explorer problem:
the UK group “Computer Terrorism” released a proof of concept exploit against patched versions of Internet Explorer. We verified that the code is working on a fully patched Windows XP system with default configuration.
The bug uses a problem in the javascript ‘Window()’ function, if run from ‘onload’. ‘onload’ is an argument to the HTML
tag, and is used to execute javascript as the page loads.
The Javascript Window() vulnerability has been known for a few months now, but it has so far been treated as a denial of service (DoS) vulnerability. The author of this PoC figured out a way to use this older vulnerability to execute code.
Impact:
Arbitrary executables may be executed without user interaction. The PoC demo as tested by us will launch the calculator (calc.exe).
In addition ot the PoC ‘Calculator’ exploit, a reader (thanks Chris R!) submitted a version that opens a remote shell. The PoC exploit allows for easy copy/paste of various shell code snippets.
In itself, the vulnerability will not escalate privileges. We are trying to verify other exploits at this point.
Mitigation:
Turn off javascript, or use an alternative browser (Opera, Firefox). If you happen to use Firefox: This bug is not affecting firefox. But others may. For firefox, the extnion ‘noscript’ can be used to easily allow Javascript for selected sites only.
Looks nasty. Fully patched Windows XP and IE 6 is at risk from this one; turning off javascript is going to break a lot of new sites..
As the man said – make sure you use Firefox or Opera.
by ezs | Nov 21, 2005 | evilzenscientist, Linux, Uncategorized, ZENworks
I used Visio to build a relationship map of the ZENworks 7 Linux Management database.
(In a former life I use to use ERwin from Platinum Technology..)
If anyone wants a copy in PDF just give me a shout. If anyone wants to know how I did this – please also get in touch.
(more…)
by ezs | Nov 18, 2005 | evilzenscientist, ITIL, Uncategorized
Nice article this month from Line56.com – about the business value of a CMDB.
It’s by the ex CTO of Marimba – who is now CTO of the Change and Configuration Management space at BMC – Kia Behnia.
I’d expect BMC to push a CMDB message – they after all message ITIL heavily and have a CMDB product.
The nice piece about this article is the real difference ‘process’ and ‘best practices’ can bring – regardless of your management technology.
The other truth is that a single repository as a CMDB is unworkable – a ‘meta-CMDB’ or ‘virtual-CMDB’ is far more realistic. Kia refers to federated CMDB:
However, not all management data related to configuration items are appropriate for storage in the CMDB. This is why organizations should consider a CMDB based on a federated data model. Why? Just like links within the general ledger to financial details stored in the accounts receivable system, a federated CMDB links to IT details. For example, a federated approach allows for other useful management information — such as service level agreements, purchase orders, incident and problem tickets, performance and utilization data–to be linked to the configuration items within the CMDB.
by ezs | Nov 18, 2005 | evilzenscientist, Uncategorized
It may not be fashionable to talk about tradtional NetWare anymore – but there is a vast installed base that is running this reliable NOS.
Novell Cool Solutions has been running a competition to showcase server that have been up for years.
Here is the latest round.
My favourite is this NetWare 3 server – it’s been running for nine years:
by ezs | Nov 17, 2005 | blogging, evilzenscientist, Uncategorized
Lots of people commenting that Google Analytics is suffering under the load. My data is pretty slow coming in.
Tecosystems, Tim Bray and a few more.
Even Google acknowledges the additional load:
Update: 11:28 AM PST. Wednesday, November 16th, 2005
Currently, report updating for Google Analytics is experiencing delays. As a result, you may not be seeing any data in your reports even after implementing the Analytics tracking code.
We are currently in the process of updating all reports. You should be able to see these updates in several hours. While this is going on, you may notice different reports updating at different rates. Once this process has completed, all data should be restored to your profiles. Please be assured that this update process has no effect on data collection.
We apologize for any inconvenience. This reporting delay is associated with unexpected demand for Google Analytics. Under normal circumstances, the data in your reports will be at most six hours old.
by ezs | Nov 17, 2005 | evilzenscientist, Linux, Uncategorized
A great read from IBM – the Redbook on File and Print services on Linux.
The focus is heavily on NT4 replacement – but there are some good notes and worked examples of Windows 200x and Active Directory migration.
One area that would be interesting (for Novell customers) is replacing the LDAP components of this Redbook with eDirectory; for more comprehensive management of this space Novell Open Enterprise Server would also be a great choice.
Recent Comments