The update experience in Fedora, including the recently released Fedora 12, is flawed. There are just too many packages flooding the repositories for the current release model to function efficiently and securely. There seems to be no requirement for updates to only fix bugs and add hardware support while avoiding implementing brand new features. But is the drive here just to become more like Windows?

Proxytunnel is a program that connects stdin and stdout to a server somewhere on the network, through a standard HTTPS proxy. Getting it built seems to be pretty straight forward stuff.

While there are application groups for just about every category of software from graphics, software development, office productivity, multimedia, and others, there’s no specific group for security or auditing related packages. Here’s a list of the security and auditing related packages that are now available in the standard Fedora 12 repositories. From intrusion detection to data recovery, Fedora has come a long way in the last couple of years.

Which is better? Which is faster? For a desktop system, I don’t think it really matters if you have to process a bunch of rules. How many can there be, and how much network traffic are you seeing anyway? It’s probably more efficient to modify your sysctl.conf, but it seems more organized to do it all with iptables.

Links to file UNC paths are disabled by default in just about every browser except Internet Explorer because it is an easily exploitable security vulnerability. Malicious sites could detect your operating system or installed applications by checking default installation paths, or worse, browse your cookies, sifting for sensitive data. As system vulnerabilities are discovered, files related to exploits could also be detected.

I still prefer a flat ascii file either loading the rules one at a time, or the built in iptables save/restore which basically does the same thing. But if you like/want/need a GUI application, then skip the lokkit firewall configuration tool in favor of system-config-firewall. It makes configuration of your firewall as easy as the simple Windows firewall, but with the option detail you expect from Linux.

Start by installing all of the required dependencies. Here’s the list, but your specific versions may vary. I’m just letting yum install all the latest packages. And I finish by running a “yum update -y” to get the whole system up to date. There are newer versions of the libnet package available, but you specifically need libnet-1.0.2a.tar.gz. You can search and find a bunch of mirrors or try the one I used below: Now download the snort source.

Australian news sites are reporting that Integral Energy, the company that supplies energy throughout New South Wales and Queensland, has suffered through a W32.Virut.CF virus outbreak. The company had to disinfect all 1000 of their desktops. The Sydney Morning Herald reported that the company’s anti-virus software hadn’t been updated since at least February. Luckily for the Aussies, the power grid’s servers run on Sun Solaris.

All of the firmware is covered under the GPLv2. I can see this being popular with high school kids forced to carry RFID tags while attending school. I like the scanning detection capability, and the active shield especially. And “Wall-of-Sheep”, a nod to DefCon perhaps? ProxPick’s decode routines are capable of reading and decoding
other 125KHz tag formats. Quick, hide your passport!

Start by going to the hooks directory in your repository and copying pre-commit.tmpl as pre-commit. Then add the line to disallow changes to tags and run it. All is well, the change didn’t get committed, right? What just happened was the commit failed because the pre-commit wasn’t marked executable!