May 4th, 2010 admin
Just to remind myself as much as anything, as I’ve been through this a few times. ClamAV was complaining loudly in the logfiles about not having the most up to date ClamAV. I searched around and was pointed to the Debian Unstable repository to /etc/apt/sources.list (Read the whole article before you add this one …there is a better one)
After that, on running apt-get update, you get a message like this:
W: GPG error: http://volatile.debian.org etch/volatile Release: The following signatures couldn’t be verified because the public key is not available: NO_PUBKEY DFD993306D849617
So, take the pubkey number off the end and do this with it.
sudo gpg --keyserver subkeys.pgp.net --recv-keys DFD993306D849617
sudo gpg --armor --export DFD993306D849617 > new.key
sudo apt-key add new.key
I then got a message saying “The following packages have been kept back: clamav clamav-daemon clamav-freshclam”
By using
sudo aptitude dist-upgrade
(NB aptitude rather than apt-get) the new packages are downloaded. However they’re still not up to the level that ClamAV is telling me to upgrade to.
So, more searching. It turns out the most up to date Ubuntu Repositories are from this page … https://launchpad.net/~ubuntu-clamav/+archive/ppa. In my case the solution was to add these lines to my /etc/apt/sources.list
deb http://ppa.launchpad.net/ubuntu-clamav/ppa/ubuntu hardy main
deb-src http://ppa.launchpad.net/ubuntu-clamav/ppa/ubuntu hardy main
And then run through the pubkey process above, with the different pubkey id number. Later distros might get away with the add-apt-key command, but I was running hardy (8.04) on this particular server.
Posted in General IT, Linux, Security | No Comments »
November 18th, 2009 admin
Captcha If You Can
I understand what captchas are for, and why we need them, but they seem to be getting out of control. I recently visited a site which had the captcha displayed here.
For the record the first word wasn’t ‘stirred’. I saw the option for an audio captcha and wondered how you pronounce ‘Ohehyahtah’. If that indeed was the second word. Too good to miss. I pressed the button and found that the audio captcha is just as bizzarrely impenetrable as the text. The mp3 file of it is here, and it reminded me strongly of an early David Lynch film]. Back to the text: after refreshing the words two or three times I was eventually able to get to the next stage.
The next stage involved typing a random string of letters into a box – approximately 200 characters. The web page did kindly suggest that I could cut and paste them into the box, which I did, but really, what this did was turn a quick attempt to give someone some feedback on their blog into a task akin to hacking into NASA.
Security shouldn’t be that hard. It should be as unobtrusive as possible. Roll on the next anti-bot paradigm.
Posted in General IT, Life, Security | No Comments »
June 8th, 2009 admin
I’ve recently been using Dropbox. Its a free offsite backup service, which works with Windows, Linux and Mac and gives you 2Gb of space for free. You can pay for more if you need it. Here’s what I like about it:
- It just works. Drop your files into a folder and forget about it.
- You can join more than one computer to the same account and the files sync between both computers. eg one at work, one at home.
- If you’re away from you computer and you need a file, you can get it from the web interface. (But of course you’d only do this on computers you trust
- There are different levels of privacy. Private files are only seen by you. However you can share files with certain people, by supplying their email addresses. You also have Public files which can be downloaded by anyone at all with the given URL. Much more control than senduit.com for example.
- Photos put in the photo folder are instantly made into galleries. Neat.
- You can roll back to a previous version of a file if you make a mistake.
Having said all that, I wouldn’t trust super secret work or personal documents to it, but for keeping a backup of photos and non-sensitive personal docuements, it works a treat.
Also, there’s a referral program on at the moment, so if you sign up via the link below, you get an extra 250Mb of space. And so do I as well … go on … its free, and you’ll be glad you did.
https://www.getdropbox.com/referrals/NTI3NDkwMDk
Posted in General IT, Security | 2 Comments »
September 14th, 2008 admin
I’m at a loss to explain this unless SmartBro’s DNS or proxy servers have been taken over. Here’s the deal. I’m surfing normally, and then suddenly I try to go to a normal site (economist.com, yahoo.com, facebook.com, google. com, iptools.com etc) and instead of getting the correct page, I get a weird spammy advertising page, even though the URL in the Address bar looks correct.
The image to the right is an example. Click on the image to get a full sized view. I have more examples saved if anyone is interested. Read the rest of this entry »
Posted in General IT, Philippines, Security | No Comments »
September 12th, 2008 admin
Don't do it ...
I’m continually startled by the way people use email in the Philippines. Using a Yahoo address is phenomenally popular, even for business. I could forgive a mom and pop company from using momandpop@yahoo.com.ph, but when you get top management handing you cards saying ceo_888@yahoo.com.ph there is something clearly very wrong.
In no particular order, here are a few reasons why you should NOT use yahoo for your business email address. Read the rest of this entry »
Posted in Life, Philippines, Security | 1 Comment »
August 8th, 2008 admin
Depending on your background you’ll have different reactions to Free Wireless. Most people shout a quick whoopee, and plug right in there. However if your background is in IT security, you take a much dimmer view.
First of all there’s the fact that a lot of the traffic you send down the wire can be intercepted (“sniffed”) by people on the same network as you. The guy next to you in Starbucks could be snagging all your email passwords, for example. So at a minimum you need to make sure that you’re using Secure email protocols (eg Secure POP on port 995 instead of port 110, and Secure SMTP on port 465 instead of port 25), and using https intead of http wherever you get a chance.
Read the rest of this entry »
Posted in General IT, Security | No Comments »
