On June 17th, Pythian hosted the June of meeting of OVSAGE. This month, there was a presentation by Bill Stuart, CEO and VP Engineering , Karoly Molnar of Eseri. Eseri is a local Ottawa company that has integrated a full organization IT solution from the best of the world’s open source, from hosted Intranet to [...]
Good afternoon and welcome to issue 27. The number 27 according to numerology is “the symbol of the divine light” so I’ll try to do that ideal justice. We’re off to a good start, what with me actually getting this out on schedule and such, so let’s get to it while the day is still [...]
Hi there and welcome to Blogrotate in which I, your humble host and blogger, bring to you interesting stories and events from the past week in the SysAdmin world. It’s been yet another busy week, which is why this is coming out on a Sunday again, so I am going to have to short list this edition but there’s still plenty of tasty nuggets to be found. Read on.
It’s been discovered that Microsoft released three patches last month without including them in the release notes. Two of the patches were to fix security holes in MS Exchange servers. While this is nothing new it completely removes the ability for a sysadmin to evaluate the impact of the patches on critical corporate systems, which is necessary before rolling out the updates. Not to mention it makes it really difficult to diagnose a change in behaviour if you have no idea there was a change made. See more gory details in Security firm reveals Microsoft’s ‘silent’ patches.
Sun/Oracle removed public firmware downloads is a strange piece by someone called techbert describing how he logged into the sunsolve to download some firmware for his systems only to find that they were no longer publicly available. This is a bad move that will likely annoy a lot of people looking for firmware on old, repurposed or used systems. It’s a good thing that my Sparc 1+ is already patched!
If you are an old fogey like me you may still be using newsgroups over nntp for many things. Even Microsoft provided support for their products using newsgroups, but as of June 2010 they will begin decommissioning the groups in favour of their online community message boards. See the official news release Microsoft Responds to the Evolution of Communities.
Ars Technica has a look at the current market share for internet browsers. Chrome has surged to a new high while IE has dropped below 60% market share. FireFox and Safari (Mac) have remained fairly static which means that Chrome is taking the bite right our of Microsoft’s share of the pie. For more visit Emil Protalinski and his aritcle Chrome continues surge as IE drops below 60% market share
From the Google Chrome Blog, a piece about performance improvements in the latest Chrome beta claiming “30% and 35% improvement on the V8 and SunSpider benchmarks over the previous beta channel release” and “as much as 213% and 305% on these two benchmarks since our very first beta”. Take a look at Pedal to the Chrome metal: Our fastest beta to date for Windows, Mac and Linux.
Since we’re all about the chrome this week check out this link that Bill provided, a video demonstrating the rendering speed of Chrome. See the youtube video Google Chrome Speed Tests (SFW). I think the results were skewed because a) the french fry chopper introduced resistance to the potato reducing it’s velocity and; b) actual sound waves move faster than paint moving against gravity no matter how much force you put into the paint. Still they are all really neat.
Linux Journal has a nifty little piece by Bill Childers about setting up your own Ubuntu server in the Amazon cloud. Check out Put Your Servers in the Cloud with Amazon EC2 and Ubuntu.
Data Center Knowledge has an interesting report by Rich Miller called Rackspace Hits 100,000 Customers. Based on the numbers he presents it seems that “the managed hosting unit accounted for less than 1 percent of customer growth, but 77 percent of revenue growth” meaning basically that they’re gaining a lot of cloud customers but it’s not their money maker, it’s just gravy. Still the gains in cloud presence are impressive.
Matt Asay at C-net writes about increasing competition between Red Hat and VMware in the virtualization and middleware markets, and suggests that Red Hat may look at growing by acquiring a NoSQL technology and VMware may enter a bid for Novell to enter the operating system space. See VMware and Red Hat: The war for the data center.
The world is hungry for storage capacity and there are limits on storage density using current technology. But wait! There is hope for the future. There is a new paper showing how a combination of thermally-assisted magnetic recording (TAR) and bit-patterned recording (BPR) can be used to “store data at densities of up to one terabit per square inch, and suggest the media could be stable up to ten terabits per square inch”. See Casey Johnston‘s article New hard drive write method packs in one terabit per inch.
That’ll have to do it for this week. Leave your own picks in comments and we’ll see you next week.
 In a surprising turn of events when I went to do my usual linking of the Internet slang definition for SFW above I found that the definitions themselves included language that would be considered NSFW. So for those who do not know SFW == Safe For Work and NSFW == Not Safe for Work.
Good evening and welcome to this weeks edition of Blogrotate. It’s a bit later than usual this week due to client concerns but I could not let this week go by without something. This week, after all, is the release of Ubuntu 10.04LTS (Lucid Lynx) so I get to leverage my supreme blogging power to promote the product since I use it pretty much everywhere now.
So as I was saying, the release of Lucid Lynx has the world abuzz. We had a mini install fest here in the SA cluster at Pythian and 2/3 of it went well. It seems that video is the main source of install pain for us in this new version. My own install went well at home except for the proprietary NVidia drivers, and the fglrx (ATI) driver was an issue for a colleague in the office. Luckily we have the knowhow to get around these issues here at Pythian, but I would be concerned for new users trying to upgrade. Despite that I think it’s a bloody good package and well worth trying.
Here’s a short list of some sources of information on the new Ubuntu.
- First off, the official Ubuntu 10.04 release announcement.
- Ryan Paul of Ars Technica provides an overview of Ubuntu 10.04 in Ubuntu 10.04 arrives with extended support (and less brown )
- Joe ‘Zonker’ Brockmeier provides Seven Reasons to Upgrade to Ubuntu Lucid Lynx.
- For anyone who has heard about the serious memory leak in GLX you can get some more info in Lucid Lynx fights ‘major’ X-Server memory leak. I verified this was fixed before I upgraded my personal PC, if by fixed you accept “reverted to version 1.2″ as a real fix. I’ll take stable over a few features anyday.
- Self proclaimed “Cyber Cynic” Steven J. Vaughan-Nichols with some pre-release postulation called Ubuntu 10.04: Where Ubuntu goes from here.
- For those of you wondering about the server side of Ubuntu, check out Run your own Ubuntu Enterprise Cloud. This is very cool, by the way, and I am working on setting one up myself.
- And The Var Guy has Ubuntu 10.04 Attracts New Software Partners. I for one am liking the current partnership momentum Ubuntu has going. The Likewise partnership is brilliant for making headway in a market struggling for cash and faced with decisions about desktop life cycles and Windows XP nearing EOL, AD integration for Linux will be a key feature.
On in other news, let’s all shake our heads in disbelief at Unix copyrights: SCO want a new ruling.
Priya Ganapati at Wired writes about this weeks Palm purchase by HP. It’s long been known that HP had scrubbed the iPaq because that just could not nail the OS, but now they own WebOS so watch for the iPaq to make a comeback (minus the silly name (and resulting lawsuit from Apple) of course). But I digress, check out HP Buys Palm for $1.2 Billion.
If you are running Windows 7 you’ll want to beware of a recently discovered problem. See the Microsoft Ansrews Forum topic Windows 7 deletes all system restore points on reboot.
Joel Wineland is Senior Product Developer at Rackspace Managed Hosting. He writes about things to consider when evaluating cloud services. See Creating a Successful Cloud Environment.
Amazon Web Services (AWS) adds a Singapore Data Center so users can run their cloud computing infrastructure in the Asia Pacific region.
Have you considered the security risks of your impending cloud investment? Take a look at 10 Cloud Security Threats by Anil Chopra. My advice is to never trust a hosted cloud service with production, proprietary or sensitive data.
Media darling and bon vivant Steve Jobs was at it again in a tirade against the evils of Flash. You can get the short (and long) story at Engadget in Steve Jobs publishes some ‘thoughts on Flash’… many, many thoughts on Flash by Paul Miller. When you are done with that head on over to Ars Technica for a rebuttle of sorts in Pot, meet kettle: a response to Steve Jobs’ letter on Flash.
That’s all I’ll have time for this week. As always your comments and stories are welcomed.
Try Lucid Lynx. The power of blog compels you.
Good afternoon and welcome to another edition of Blogrotate. Though I have been contributing to Blogrotate since its inception, this is the first time I have had the honour of posting it myself. Go me!
Red Hat has announced the availability of a public beta for Red Hat Enterprise Linux 6 (RHEL 6). There are a number of changes, for which Dave Courbanou at The VAR Guy does a pretty good job of providing an overview. Of note are that Red Hat has completed its migration from Xen to KVM as the supported virtualization technology (which began with RHEL 5.4), and that ext4 is now the default filesystem.
There have been a couple of tidbits of news in the Ubuntu world. The first being a bug with memory leakage in X.org affecting beta 2 of Ubuntu 10.04. The discussion on Slashdot became a debate on the merits of time vs scope-based release schedules. Per the bug report, a fix has since been committed, which is good because — and this leads into the second bit of news — Ubuntu has announced the availability of the release candidate for 10.04. Things are moving fast as we approach its release next Thursday.
And for something that’s not release announcement related, M. Tim Jones has an interesting article over at IBM’s developerWorks about Kernel Shared Memory in the Linux 2.6.32 kernel. Without going into a lot of detail (I’ll let him do that), it’s basically the implementation of a daemon to handle de-duplication of memory pages. This has obvious implications in a virtualization environment as there is the potential to run more virtual machines on a host without increasing the memory footprint.
The big news on this front was that McAfee pushed out a virus definition update that falsely identified svchost.exe as a threat, resulting in Windows automatically rebooting. Peter Bright from Ars Technica has some good coverage of this, and linked to McAfee’s official solution. Meanwhile, Dave Courbanou over at The VAR Guy has a follow up on the situation with some additional detail, and Barry McPherson from McAfee has posted an official response stating that a ’small percentage’ of enterprise accounts were affected. And finally, Ben Grubb of ZDNet Australia reports that Coles had 10 percent of its point-of-sales terminals affected and shut down stores in WA and South Australia as a result.
Oracle has decided to charge for an ODF plugin for MS Office which allows users to import/export documents in Open Document Format. Matt Asay, COO at Canonical, provides some commentary on this stating that “$9,000 is the new ‘free’ for Oracle“.
Jono Bacon, Canonical’s Community Manager, wrote that Canonical has made the single sign-on component of Launchpad available as open source under the AGPL3 license. There is some coverage from The H on this as well. Launchpad itself was released under the AGPL3 license about a year ago.
On a final (interesting) note, ‘Cyber Cynic’ Steven J. Vaughan-Nichols writes that HP and Likewise to release Linux-based storage line about HP and Likewise partnering on a line of StorageWorks products that will make use of the Likewise CIFS stack to support Active Directory authentication.
Well, that’s all I have time for this week. Will Brad be back at the helm next week, or will I continue my reign? You’ll just have to wait and see…
Good morning everyone and welcome to another edition of all the news fit to reprint. Last week iPad news was the number one topic on the hearts and minds of most places I visit, let’s see if the iPad can last another week or if a new champion will be crowned. Call or text your votes to … oh wait that’s someone else. :)
Starting off on a sad note that I missed last week. Ed Roberts, the inventor of the Altair personal computer died on April 2nd at the age of 68. The New York Times has a good article about it, see H. Edward Roberts, PC Pioneer, Dies at 68. You can also check out an audio interview he did with Mark Frauenfelder over at BoingBoing, Remembering Ed Roberts, the father of the personal computer. Geeks everywhere owe this man a debt of gratitude.
Hey look! It’s an iPad related story. If you miss the good old days of Windows 95, now you can run it on your iPad (assuming you were an early adopter and have not smashed it for YouTube). See this video called Windows 95 on iPad completes the Bill Gates vision. For the record I purposely did not link the iPad smashing video because that nonsense is not worth my time.
Was anyone else up yesterday with email outages that trace back to ClamAV? I know I was. It turns out that ClamAV 0.94 has passed EOL but instead of gracefully disallowing new updates, ClamAV released new virus databases which broke installations of 0.94. You can check out the full EOL release at the ClamAV site in End of Life Announcement: ClamAV 0.94.x. A colleague here (Hi Mo!) found this interesting piece by Neil Schwartzman called ClamAV and the Case of the Missing Mail, proving that we were not alone in our suffering. So once you are done with righteous indignation, be sure to upgrade your AV engine.
Sean Michael Kerner at VOIPPlanet is reporting Open Source Asterisk 1.8 Aiming for Long-Term Support. According to the article users had complained that the frequency of releases in the 1.6 version of the software was making it difficult to know when and why to update, and the Asterisk team hopes to have their 1.8LTS out in the third quarter this year.
VMWare has released new patches for their ESX/vSphere product line. Check out the charmingly titled [Security-announce] VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues.
If you are working towards vitualization and need a primer in the various technologies available look no further than Containers vs. Hypervisors: Choosing the Best Virtualization Technology by Joe ‘Zonker’ Brockmeier at linux.com.
Rackspace has released a new iPad app which will let you manage your cloud servers remotely using the bleeding edge device. Matthew Weinberger at The Var Guy has details in The Rackspace Cloud Launches iPad Application, and you can check out the marketing version of the news at the RackSpace web site.
Now that Oracle owns Sun, it also owns VirtualBox. Oracle has now released their first maintenance release addressing some outstanding bugs and stabilizing some features such as VT-x and multicore support. You can get the details from Timothy Prickett Morgan in Oracle freshens its VirtualBox.
James Gosling, the father of the Java programming language, has moved on from his position at Sun Microsystems. No word as to what he’ll be doing, but we wish him well. See his new new blog called On a New Road to hear it straight from the horses mouth.
A BGP error at a Chinese ISP caused it to briefly declare itself the route for approximately 37,000 IP networks, many belonging to US companies. The H Online has a report on this event titled Chinese ISP ‘hijacks’ bits of the web.
The key to corporate web sites has been SEO for quite a long time now. How well your web site is ranked by Google and other search engines is important if you want to be at the top of the results. According to Google’s Webmaster Central blog they are now going to be using the speed of your site as part of their ranking algorithm. See Using site speed in web search ranking for the official announcement. You can also find more on El Reg, see Google tweaks search results with mystery site speedometer.
If you are in the market for SSD to speed up your servers, here’s a good place to start. Henry Newman (CTO of Instrumental Inc.) has a 3 part series at the Enterprise Storage Forum that covers most (if not all) you’ll need to know to choose the right fit for your purposes. See all three parts:
- Solid State Drives in Enterprise Applications
- Solid State Drive Reliability and Performance in Storage Networking
- Choosing the Right Solid State Drive for Your Storage Network
Well that’s all the time I will have for this week. I had a ton of other stuff on the list for this week but I have to stop and do some real work eventually. As always leave your own stories in comments and we’ll see you back here next week.
As promised I’ve posted the instructions for Installing TOra with Oracle Support on Ubuntu 10.04 (Lucid Lynx). Be sure to check it out. And don’t forget to upgrade your ClamAV.
Good afternoon and welcome to another edition of Blogrotate. This week has been absolutely insane so it’ll be another short one I’m afraid. Luckily for me the majority of news outlets were binging on iPad related press which left only limited space for real news.
Yes normally I do not cover mobile stuff very much, yet even after the above crack about iPads I feel obligated to at least make mention of it. I, personally, do not care about iPads. Wake me when they have those little scrolly deals from Earth: Final Conflict. For those of you who do care, here’s a quick list of places you could go.
- Ars Technica reviews the iPad
- iPad Review by SlashDot’s very own CmdrTaco.
- And last but certainly most amusing iPad jailbroken already, using leftover security flaw
And how is the competition doing? Check out BlackBerry sees iPhone shrink in rear view mirror.
There was not a lot of news on the OS front this week, but here’s a short list of the few OS coming to a device near you.
- Ubuntu 10.04 Lucid Lynx Beta 2 available. I’ve been using Lucid since it was pre-alpha and so far so good. Also among the hubub of Lucid, see Ubuntu 10.04 drops Yahoo search as default.
- Mandriva Linux 2010 Spring Beta 1 released. I’ve not used Mandriva since it was Mandrake, but it looks pretty nice. I’ll have to load it up someday.
- Red Hat Enterprise Linux 5.5 was released last week. CentOS 5.5 cannot be far behind.
There’s a new exploit out against Java which has been proven to have the ability to launch apps on the desktop without authorization. Java exploit launches local Windows applications has the full story.
Here’s the list of what’s in store for the next “Patch Tuesday” release from MS. Microsoft Patch Tuesday for April 2010: 11 bulletins.
Have you ever wondered how a data center protects itself against the damaging effects of an earthquake? Check out Earthquakes and Data Centers over at Data Center Knowledge for an interesting read.
Are you looking for a PCI compliant data center? Check out PCI Compliance: Who Manages What? which gives good insight into the processes and highlights some things you should be looking for when you talk to the sales rep.
Were you the first on your block to run out and get an Intel i7? Well now AMD throws even more cores at you. Check out New server platform and 12-core Opteron keep AMD in the game.
The clock tells me it’s time I should be going. I am sure I missed lots of good stuff this week, so feel free to add it to comments. You know you want to.
Stay tuned, the return of tOra is at hand. I’ve successfully compiled tOra on Lucid and have the instructions to prove it.
Spring has sprung, the grass is riz. I wonder where them birdies is. Welcome to Blogrotate. It’s Good Friday here in Ottawa, a holiday for us. For this reason it’s going to be a short one this week. That and the fact that it’s 25C and sunny here. :)
Closure sweet closure. It’s been 7 years but SCO has finally lost it’s silly lawsuit against Novell. Novell smugly posted the results on their site with Decision in the SCO Group vs. Novell Jury trial. For us linux users they state for the record “Novell remains committed to promoting Linux, including by defending Linux on the intellectual property front”. This victory means that the case against IBM is the next to fall, followed by the demise of what was once a giant in the industry. The full history of this case can be found on GrokLaw, try SCO Group v. Novell, Inc for starters. A high level summary can be found at SCO loses again: jury says Novell owns UNIX SVRX copyrights.
Ubuntu 8.04 is approaching end of life. The last LTS (Long Term Support) release will stop getting software updates and security patches at that time. If you are running 8.10 fear not, the next LTS (10.04, Lucid Lynx) is in beta and should be released prior to this date. According to the Ubuntu site there is a clean upgrade path directly from 8.04 to 10.04, see their LucidUpgrades page for more info. Also see Ubuntu 8.10 approaches end-of-life at The H Online.
I’ve been saying this for years regarding every version of Windows, but if you don’t believe me read 90 percent of Windows 7 flaws fixed by removing admin rights.
AMD has released it’s new 12 core Opteron CPU, code named “Magny-Cours”. While it’s not news that there’s more cores in a new CPU, there are additional benefits. See AMD’s 12-core chip may cut software costs.
For those of you running Internet Explorer, Microsoft has released a patch to address security issues with it’s widely used browser software outside of it’s normal “patch Tuesday” release cycle. You can read more at C-Net in Microsoft issues emergency patch for 10 IE holes.
Threat Post is reporting that a
hacker security researcher has found a way to exploit Adobe Reader with no other plugins required. “The PDF hack, when combined with clever social engineering techniques, could potentially allow code execution attacks if a user simply opens a rigged PDF file” says the aritcle. Check out the full details at Hacker Finds a Way to Exploit PDF Files, Without Vulnerability.
Well that’s all we’ll have time for this week. Have a great Easter weekend everyone. As always, your comments and favourite news stories are welcome.
Good evening and welcome to the late night edition of Blogrotate. It’s been hectic around here but I did not want to skip a week so I am burning the midnight oil. There was a lot of action in the world of IT this week, here’s a few tidbits we took notice of.
The Var Guy is reporting that Novell has rejected a bid by Elliott Associates to take over the company for a reported 1.8 billion dollars. Novell Rejects Takeover Bid… But Welcomes Other Bidders has the full story with some links to the back story as well.
The arguments are done and the deliberation begins in SCO vs Novell. The world yawns in anticipation. No Verdict Today, the Final Day, in SCO v. Novell – Deliberations Begin Again Tuesday – Updated at GrokLaw has the details. “Fine lawyering” indeed.
Tom Krazit at C-Net news reports that DNS registrar GoDaddy may be following in Google’s footsteps, steps that lead out of China. More details and source material links are in GoDaddy to stop registering domains in China
The CanSecWest conference started this week in Vancouver BC, Canada. With it came the 4th annual Pwn2Own contest wherein hackers ply their exploits against various targets. This years target was web browsers. The results so far? See Peter Bright’s article IE8, Safari 4, Firefox 3, iPhone fall on day 1 of Pwn2Own. Ok so the title ruined any suspense I may have built, but it’s still worth reading.
If you are not part of the 1337 gaming crowd you’ve probably never pwn’d anything any may not know what it means. See Wikipedias definition of pwn. After that you can set up a lan party and get fragged because you’re a n00b. Be careful not to camp or backpack, and watch out for headshots.
If you are a user of Cisco IOS on your devices, you need to check out the Summary of Cisco IOS Software Bundled Advisories, March 24, 2010. The patches fix security issues with IPSec, NAT, SIP, H.323 and much much more.
Mark Murphy, Global Alliances Director for Canonical, wrote on his blog that Dell announces support for Ubuntu Enterprise Cloud. According to the blog the Canonical cloud team has been working for 6 months with Dell’s DCS team to “test and validate the integration of the cloud stack on their new PowerEdge-C series [servers]“, and will be offering a series of optimized ‘blueprint’ configurations for the PowerEdge-C servers.
Former MySQL CEO and Sun Sr. VP Marten Mickos will be the new CEO of Eucalyptus, the company behind the Ubuntu Cloud. See Former MySQL CEO to become Eucalyptus Systems CEO at The H Online for more of the story and links to the official press release. Matthew Weinberger at The Var Guy has some more analysis on this subject in “Can Marten Mickos Build Another $100 Million Company?”.
A couple of data center outages this week.
Wikipedia, linked heavily above, suffered an outage to their European data center this week due to overheating. Mark Bergsma from Wikimedia, the company that runs Wikipedia, posted on their tech blog that some of their servers powered down to protect themselves from a worse fate. Services had to be relocated to the Florida cluster causing an outage of at least 1 hour, more for some sites that don’t honour DNS TTL (time to live) properly. You can read more in Mark’s technical blog, called Global Outage (cooling failure and DNS). There is also more at Data Center Knowledge, see Wikipedia’s Data Center Overheats.
The very next day, YouTube suffered a 2 hour outage. I thought it was rather funny because they informed users of the outage via their Twitter feed. Judging by that feed there were more issues yesterday and again today. Is it just me or is this the oddest way to communicate site outages ever? I’d love to hear your opinions.
The Register is reporting that the University of Wisconsin at Green Bay is planning to save cash by switching all it’s fonts to Century Gothic. Apparently Century Gothic uses up to 30% less ink when printed, saving their organization money. See Switch to Century Gothic to save the planet for the story and links to source materials. Gotta love the tag lines at el Reg. “Arial will doom us all, says American IT director”. Indeed.
That’ll have to do it for this week. I’m off to Tosche station to buy some power converters. As always, comments are welcome.
Hey! CNN just facebooked that their mail server is down! :)
Good morning and welcome once again to the (usually) weekly round-up of news that matters to Sys Admins. We missed last week for reasons previously stated, client work always comes first. This week was yet another fast and furious week so let’s get started.
In case anyone was wondering about SCO vs. Linux it is still going on. If anyone has a lot of free time on their hands and is interested in lost causes, check out SCO vs. Linux: The story so far at The H Online. Even more details can be found at the prolific GrokLaw in Summary of SCO v IBM.
If you are running Max OSX you may be vulnerable to at least 20 major security flaws in you system. Security researcher Charlie Miller will be presenting full details at the upcoming CanSecWest conference. Read more in Mac OS X: “safer, but less secure” – Update.
If you, like me, are part of the “never put a .0 release into production” school of thought, then you probably have not rolled out Windows 7 on your company desktops. Fear not, SP1 is coming. Check out Microsoft announces Windows 7 SP1 at Computer World.
Is Google set to leave China and close the www.google.cn site entirely? Read the story on Cnet news in Report: Google to leave China on April 10. The sources seem to be dubious, so I would take this with a grain of salt until the official announcement.
There has been stuff floating around the internet about DNS tunneling exploits for years. The H Online is reporting that hacker Ron Bowes has now released a command line tool and code that could easily be integrated into an exploit. Check out Exploit code with DNS tunnel for more.
Have you upgraded from FireFox 3.0 to 3.6 yet? You probably should soon. See Firefox 3.0 approaches end-of-life.
The Register is reporting that almost 2 weeks after being notified the Energizer site still plagued by data-stealing trojan. The file in question is “UsbCharger_setup_V1_1_1.exe” so try to avoid downloading that one.
There’s reports of a security flaw in milter, part of the spamassassin utility for scanning email. The flaw allows a specially crafted RCPT command to trick postfix into running commands as root. Sendmail servers seem to not be affected. You can find more details in [Full-disclosure] Spamassassin Milter Plugin Remote Root.
Here’s another follow-up to a previous item about the Waledec botnet being taken down by Microsoft. See Waledac Botnet Now Completely Crippled, Experts Say. Microsoft has also waxed poetic on the subject in What we know (and learned) from the Waledac takedown on the technet blog.
Ars Technica has a cute item on hidden gems in open source applications, affectionately knows in geek nomenclature as “Easter Eggs”. Check out Cracking open five of the best open source easter eggs for a larf, and read over the comments for a bunch more.
That’s all the time I will have this week. I know there’s a lot more stuff from the last 2 weeks that I could have added, so feel free to leave your favourites in the comments. ‘Til next week.
Who you trying to get crazy with SA, don’t you know I’m loco?
Is it Friday already? Where does the time go? Lots of stuff going on this week–here’s a few of the things that I found interesting.
Russia Today-TV announced the existence of “Red Star”, the new OS developed in North Korea and based on Linux. I found this by way of Slashdot of course, citing the source as The Korea herald. According to the article it looks very much like the Windows UI, and features a “My Country” icon that allows connection to Korea’s closed internet-like network and the Woori office application. Slightly more information can be found there in the article N. Korea develops own OS.
The upcoming Ubuntu 10.04 (Lucid Lynx) has had the third alpha version released. The alpha versions are not for the faint of heart, and I have had to put in several bug reports myself already. It’s just part of the process though and will hopefully result in a rock solid release next month. The full release announcement can be found on the mailing list: see Lucid Alpha 3 released. A rundown of some of the things you can expect is on The H Online in Canonical releases Ubuntu 10.04 LTS Alpha 3.
Ars Technica has more on an item mentioned last week about the future of Open Solaris. OpenSolaris not dead; might not get all new Solaris features The exact details of which features may be excluded are not clear from the article but I did not get a chance to dig into some of the source material referenced so you may find more by clicking through them.
Opera 10.5 is out and Ars Technica has a detailed review of the new features, performance improvements and UI changes. There’s a lot of detail in the article, I suggest you read it for yourself. Hands on: Opera 10.50 makes impressive performance gains is the place to go. I think I’ll give the new Opera a try myself.
Local company makes good! I mentioned last week the takedown of the Waledac botnet, this week the Mariposa botnet suffered a similar fate. Ottawa’s own Defence Intelligence detected this botnet in 2009 and started an investigation that ended with the dismantling of the botnet by Spanish authorities. This is a much more important takedown than Waledac because Mariposa actually put sensitive and financial information at risk. You can read more of this story in Spanish arrests mark the end of dangerous botnet. Ottawa, represent!
Microsoft has released new drivers to improve the performance of Red Hat Enterprise Linux systems running under Hyper-V. The new drivers include new network and storage drivers, but still only support a single virtual CPU. These drivers are not officially included in, or supported by Red Hat, but they are fully support by Microsoft. Read Microsoft releases Hyper-V drivers for RHEL for more, and you can check out Microsoft’s side of the story on the technet blog in Red Hat Enterprise Linux and Hyper-V.
How Server Virtualization Impacts Storage. The title says it all. Penned by Heidi Biggar from Hitachi it has a good perspective on current industry trends and growth. We all know that consolidation methods, like virtualization, add bottlenecks on resources like CPU, memory and storage because they are all shared by many instances. Find out what Heidi has to say on the subject.
Data Center Knowledge is reporting that the demand for data centers has been growing continually and no change is in sight for 2010. We’re certainly seeing the trend here with many companies making the push for full, real disaster recovery sites. There seems to be a real shortage of data center space and new ones are popping up slowly, so if you have lots of cash this may be a good business to get into. But I digress. The full story is in Strong Data Center Demand Seen for 2010.
The H Online has a good article about the US government’s new cyber security policy. I haven’t had a chance to review the whole document as yet, but I have it bookmarked for later reading. US government publishes parts of its cyber security directive is where to go, which also links the source document.
Tom’s Hardware has an interesting Op-Ed piece on the past, present and future of the 3D graphics industry. See Opinion: AMD, Intel, And Nvidia In The Next Ten Years for 10 pages of goodness.
Allyn Malventano has a very detailed review of Western Digital’s first foray into the SSD market. The new 256GB offering performed well through the tests but is still priced a bit too high for the market. The full review is at PC Perspective, see Western Digital SiliconEdge Blue 256GB SSD Review – WD enters the SSD market. You can find the Western Digital product information page on their site.
Well that about wraps it up for this edition. Comments are always welcome. Until next time, may your days be productive and the levels of administratium be non-toxic.
Good afternoon and welcome to another edition of the usually, mostly, kind of weekly news for System Administrators. I was on a much needed holiday for the last couple of weeks. Many thanks to Tim for filling in on the last one. What with clients’ priorities and February being a short month, we did not have the cycles to get a blog out last week, and this one will be short because, frankly, the IT news world has been a bit slow of late. With that I shall cease my preface and move on to . . .
The Phoronix media site is reporting that the end may be near for Open Solaris since the purchase of Sun by Oracle. Oracle has been quiet on its plans for the free/open source version of its Solaris operating system, and the Service Life Status for OpenSolaris Operating System Releases does show the GA (General Availability) phase support as “TBD“. See a little more info in Oracle Still To Make OpenSolaris Changes. This one will be worth watching and I’ll update the blog when more is available.
Users running the Max OS X 10.4 “Tiger” beware–the next versions of the popular Firefox web browser will no longer support you. Check out In future Firefox will drop Mac OS X 10.4 Tiger support for more and a link to the Mozilla press release. Apparently, about 25% of Mac/Firefox users are still using 10.4. Time to upgrade, people!
Probably the biggest story this week revolves around a secret court injunction requested by Microsoft to take out 277 domain names belonging to the Waledac botnet. By taking these domains off the net it basically cripples the command and control structure for the bots, as they will no longer be able to “phone home” for instructions. This will only be a temporary win I am sure, but anything that reduces the volume of spam is a benefit even if it’s short lived. Peter Bright has more in his article entitled Judge’s restraining order takes botnet C&C system offline. If that’s not enough for you, Google has lots of news items about this. The thing I find funny is that MS did this to reduce the spam being sent to Hotmail, which IMHO has always been a big source of spam due to its disposable accounts.
Google has released a new version of Chrome for Windows, to resolve three high-risk vulnerabilities and some other lesser issues. This is worth an install to make sure you stay safe on the net. More detail is available in Google fixes vulnerabilities in Chrome 4 for Windows.
In a follow-up to a previous post in this blog, Google has now stated that YouTube support for IE6 will officially end as of March 13, 2010. Time to update those NT4 servers folks. See YouTube to kill IE6 support on March 13 over at Ars Technica for more information. There are also details on the Google/Youtube support site in Solve a Problem: Upgrading your browser.
Several Cisco IronPort products are vulnerable to attacks allowing unauthenticated access to files and the ability to execute arbitrary code on the affected devices. Cisco has released patches for these devices and also have workarounds documented for those who are unable to upgrade just yet. See Cisco Security Advisory: Multiple Vulnerabilities in Cisco IronPort Encryption Appliance for the full details.
This one is not really IT-related, but it’s scary none the less. Kelly Jackson Higgins at Dark Reading details the recent revelation that criminals in Utah have planted card skimmers in gas station pumps, meaning that if you pay at the pump, your information could be stolen and used for nefarious purposes. Criminals Hide Payment-Card Skimmers Inside Gas Station Pumps has the full story. Be afraid, be very afraid.
Adobe has released a new version of their download manager to fix a severe flaw allowing specially-crafted web sites to push malicious software to your PC. All versions of the Adobe Download Manager on Windows prior to the 23rd of February, 2010 are affected. Check out Adobe patches critical vulnerability in Download Manager for the gory details.
Too funny to not include
That’ll do it for this week folks. I hope you enjoyed your trip through this door.
Fetch the aliens, write the blog . . . brain the size of a bloody planet . . .
A while back, I posted about detecting virtualization on Linux from a shell, using various tricks. Around that time, I also implemented those tricks as a perl script for internal use at work with the intent of eventually cleaning it up for public consumption. I finally got around to doing it, and the result is Sys::Detect::Virtualization availabe from CPAN, or from GitHub.
Currently, it can only handle Linux, and is only tested on a small number of virtualization hosts. Patches are welcome.
Good morning and welcome to a new Blogrotate. We missed last week’s edition because last week was insanely busy. We take customer service very seriously here at Pythian, so when there is a conflict between client issue and a blog, the client always wins out. ‘Nuff said.
It’s been another busy week here and shows no sign of slowing, but here’s a few of the things we found interesting this week.
The H Online is reporting that Linus Torvalds named one of the 100 most influential inventors by “The Britannica Guide to the World’s Most Influential People”. More info can be found there, as well as a link to some free sample pages from the book. Of course, Bill Gates was also on the list.
Could it be that Microsoft ranks third in Linux sales? As part of their 2006 agreement with Novell, they were required to purchase $240 million worth of “subscription certificates” to sell or distribute. Microsoft says that so far 475 of the coupons have been used which is equivalent to about a half million dollars worth. See Sold out: Microsoft’s Linux business is booming at The H Online for the skinny, and Microsoft exhausts coupons for SuSE Linux at SD Times for a much more detailed analysis.
Ubuntu has released Ubuntu 8.04.4, the fourth patchset for “Hardy Heron”, which is a long term support release. See the release notes for the full list of updates. Alternately, schedule a change window and
apt-get update and
apt-get upgrade today!
Did anyone realize that SCO vs. Novell was still a going concern? Well, apparently it is. According to Groklaw SCO and Novell File Proposed Witness Lists. Again. If you enjoy a good licensing battle, I don’t think this qualifies, but you can decide for yourself. Why can’t they both just get along?
According to the political news site C-Span’s page for Solving Video Problems, it will be discontinuing support for Real Networks RealVideo streaming format citing as the cause lack of interest. They do, however, still support IE6 unlike . . .
The official Google Enterprise Blog has announced that as of March 1st, site functionality may no longer support IE6. New features for Google apps will be built without support for IE6 as well. Check out the full deal, called Modern browsers for modern applications.
Apache HTTP Server 1.3.42 Released by the Apache foundation spells EOL (end of life) for the popular web server, though some security patches may still be released. I know of a lot of Oracle app servers out there running apache 1.3, so perhaps one of our crack DBAs can chime in with some details on how to handle it, what versions support 2.0, etc.
The popular Squid proxy server released a patch this week for a vulnerability to specially crafted DNS packets which can trigger a queue overflow and eventually a DOS. If you make heavy use of Squid, check out the creatively named Squid Proxy Cache Security Update Advisory SQUID-2010:1.
We have all heard by now of the Google attack from China. Now Google is seeking the help of the NSA to prevent future attacks of this sort. Ars Technica has the full scoop, see In wake of hack, Google negotiating cooperation with the NSA.
VMWare has announced security flaws in a number of its products. Patches have yet to be released, so if you run VMWare, keep your eye out for them. The full info and affected products can be found in the announcement from the VMWare Security Announce mailing list, see [Security-announce] VMSA-2010-0002 VMware vCenter update release addresses multiple security issues in Java JRE.
Are you running services in the “cloud”? If so, you’ll need to monitor them. Data Center Knowledge has a roundup of the current players in the cloud-monitoring game. Check out Cloud Monitoring Services: A Resource Guide.
That’s all the time we have for this week, folks. I know there have been other interesting things going on over the last two weeks, so please add them in the comments. Have a wonderful week!
Happy Friday and welcome once again for news from the whacky world of IT. Big Thanks to Tim for pushing out last week’s edition. I was busy banging my head against a particularly nasty wall. If you think my head looks bad, you should see the wall.
I was at the Ottawa VMWare Mini Conference yesterday. It was quite interesting. There were some good keynotes by some good speakers. I especially enjoyed the breakout speaker from Cisco about their direction in the years to come, and I think I drooled a little when he was talking about the Nexus 5000 switch (578 ports ought to be enough for anyone). Also news to me was the Nexus 1000v virtual switch which is a plugin replacement for the standard vSphere 4.0 virtual switch and includes a full Cisco IOS for management. I also really enjoyed the breakout with the Ottawa Senators IT team describing their progression from physical to virtual servers, their challenges, business needs, and lessons learned. There was a lot more, including an enjoyable one by the EMC rep. I’m trying to get my slides and notes together and will likely post more on the mini-con at a later time. I won a door prize! Go me!
Now on to things that are not about me.
Luke Dicker at Likewise has posted in his blog that their Likewise 5.4 Release included in Ubuntu 10.4 Alpha. We’ve been using likewise with a couple of clients here and it works wonders. Now there will be no reason not to use linux in your company’s AD infrastructure.
A critical vulnerability has been discovered that has been with us since the Windows NT 3,5 days. That’s 1993. This is an exploit against the legacy 16 bit emulation code used to allow old apps to run natively in Windows NT. Check out [Full-disclosure] Microsoft Windows NT #GP Trap Handler Allows Users to Switch Kernel Stack for the full details on the exploit.
linux.conf.au is going on in Wellington NZ this week. If you want to get the rundown of events, check out the coverage over at Linux Journal. Start with Linux.Conf.Au – Day One. You can get links to the other days from there.
Linux Magazine has a nifty article detailing all the cool stuff you can do with the VirtualBox command line interface. From the articleI was surprised at how many things you can do with it, very useful stuff. Check out VirtualBox’s Little Secret: The Command Line.
FireFox 3.6 was released today. This new version is a performance release, claiming to be 20% faster than 3.5. They have also made improvements to their Java engine, faster awesome bar and a theme like system called personas. You can read the full press release on the FireFox site Mozilla Delivers Firefox 3.6 to Millions of Users. You can download it from here. You can also find a review or 3.6 at Ars Technica, check out Review: Firefox 3.6 brings joy to Web devs, not just users.
It’s that time of year again. 90% of IPv4 address space used; IPv6 move looking messy!!!!!! Scream with meeeee!!!!11
Microsoft is releasing a patch for their vulnerability, found in every version of IE. Please see their Advance Notification for Out-of-Band Bulletin Release for full details.
If you are a perl developer and had trouble accessing cpan mirrors recently you may want to check out MSNBOT must die! on the CPAN testers blog. It seems some bots from Microsoft were hitting the mirrors creating a DOS effect, the bots ignored the robots.txt which is supposed to stop this sort of thing for compliant bots.
I am sure that there are other good stories I have missed here, so don’t be afraid to add your own into comments. Now I’m off to play with all the pens I got from vendor booths yesterday. Mmmm vendor pens. The sweetest pens of all.
Today I tested OracleVM (OVM) templates on their own distribution of Oracle Enterprise Linux (OEL) 5 with seeded VNC Viewer Free Edition 4.1.2 for X. All went fine, but the VNC connection to virtual machine was not painless as I expected.
[root@oram ~]# rpm -qa "vnc|xen" kernel-xen-2.6.18-128.el5 xen-3.0.3-80.el5 kmod-gfs-xen-0.1.31-3.el5 kmod-cmirror-xen-0.1.21-10.el5 vnc-4.1.2-14.el5 kmod-gnbd-xen-0.1.5-2.0.1.el5 vnc-server-4.1.2-14.el5
On a brand new OEL5 system with virtualization support, I have created a new virtual machine with a fresh OEL4 (plain OS), and set appropriate memory for the virtual domain using the Xen management user interface commands. I also checked if the VNC port was allocated with the command
[root@oram ~]# xm create /OVS/running_pool/OVM_EL4U6_X86_PVM_4GB/vm.cfg Using config file "/OVS/running_pool/OVM_EL4U6_X86_PVM_4GB/vm.cfg". Started domain OVM_EL4U6_X86_PVM_4GB [root@oram ~]# xm mem-set 1 1024 [root@oram ~]# xm list Name ID Mem(MiB) VCPUs State Time(s) Domain-0 0 997 2 r----- 284.5 OVM_EL4U6_X86_PVM_4GB 1 1023 1 -b---- 73.6 [root@oram ~]# virsh dumpxml OVM_EL4U6_X86_PVM_4GB |grep port <graphics type='vnc' port='5900' listen='0.0.0.0'/> [root@oram ~]# netstat -l |grep 5900 tcp 0 0 *:5900 *:* LISTEN
Now I expected that VNC Viewer would simply connect to the console of VM, but it displayed only the very first frame and then died after a few moments with a
Connection reset by peer (104) error:
[root@oram ~]# vncviewer localhost:0 VNC Viewer Free Edition 4.1.2 for X - built Jan 21 2009 14:35:26 Copyright (C) 2002-2005 RealVNC Ltd. See http://www.realvnc.com for information on VNC. Fri Aug 14 15:59:24 2009 CConn: connected to host localhost port 5900 CConnection: Server supports RFB protocol version 3.8 CConnection: Using RFB protocol version 3.8 TXImage: Using default colormap and visual, PseudoColor, depth 8. Fri Aug 14 15:59:25 2009 CConn: Using pixel format depth 6 (8bpp) rgb222 CConn: Using ZRLE encoding Fri Aug 14 15:59:29 2009 CConn: Throughput 20156 kbit/s - changing to hextile encoding CConn: Throughput 20156 kbit/s - changing to full colour CConn: Using pixel format depth 8 (8bpp) colour-map CConn: Using hextile encoding main: read: Connection reset by peer (104)
As I was able to see the VM console for a while, my first guess was that it would be related to the virtual system itself, so I decided to create another virtual domain to see if the problem is replicable. And yes, it was! (Well, in addition to the 104 error I got another one:
Broken pipe (32), which was very likely related to domain auto-restarts, and easily traceable by
xm list command showing the current VM domain ID changes.)
And the solution for
Connection reset by peer (104)? I noticed that VNC Viewer’s default setting is auto-encoding selection, which means first use ZRLE and then switch to hextile if possible—that creates a problem here. When I set any encoding (fixed to either ZRLE or hextile), it started to work well:
[root@oram ~]# vncviewer localhost:0 PreferredEncoding=Hextile VNC Viewer Free Edition 4.1.2 for X - built Jan 21 2009 14:35:26 Copyright (C) 2002-2005 RealVNC Ltd. See http://www.realvnc.com for information on VNC. Fri Aug 14 18:10:39 2009 CConn: connected to host localhost port 5900 CConnection: Server supports RFB protocol version 3.8 CConnection: Using RFB protocol version 3.8 TXImage: Using default colormap and visual, PseudoColor, depth 8. Fri Aug 14 18:10:40 2009 CConn: Using pixel format depth 6 (8bpp) rgb222 CConn: Using hextile encoding
Do you have any related or similar issues to share?
Frequently, our customers want to install our software in a virtual machine. This can be OK, but frequently they hit a CPU, memory, or IO limit caused by running in a constrained virtual environment. When this happens, we really like to know if they're running under virtualization when we try to support them. Here's some tricks to detect, from a shell, if the system is virtualized.
Frequently, our customers want to install our software in a virtual machine. This can be OK, but frequently they hit a CPU, memory, or IO limit caused by running in a constrained virtual environment. When this happens, we really like to know if they're running under virtualization when we try to support them. Here's some tricks to detect, from a shell, if the system is virtualized.
In the era of consolidation, storage has not been left out. Different systems are made to share the same storage boxes, fiber-channel switches and networks. Inside a typical storage box, we have front-end and back-end controllers, cache, physical spindles shared amongst different applications, databases, backup destinations, and so on.
The impact of backup on normal database activity . . . batch processing in one database impacting transactional processing — these are two real life examples of the consequences of storage consolidation known to almost every DBA. Of course, it’s easy to suggest separating databases to different physical disks, but what about SAN box controllers and shared cache? And don’t forget about the cost factor and ubiquitous consolidation that forces storage administrators to pack as much data as possible into a single SAN or NAS storage device.
Some of our customers use hosting services — they outsource hardware hosting just like they outsource DBA work to Pythian. In such scenarios, hosting service providers usually have storage hardware shared amongst different customers to provide higher utilization and on-demand storage capacity at a lower cost.