Posted by Michael
Thu, 10 Jan 2008 15:52:00 GMT
You’ve got port 3306 (MySQL) firewalled off and you want to use a MySQL GUI every once in a while (or maybe a bunch).
This is a snap with ssh.
On your local Linux/BSD/Mac/Unix machine (works in cygwin too) edit your .ssh/config file and add:
Host somemysqlserver
Hostname server.mydomain.com #your mySQL server FQDN or IP
User bob #replace with your valid ssh server username
LocalForward *:13306 localhost:3306
Now do:
ssh -f -N somemysqlserver
You can now connect to your localhost port 13306 and it will forward to your MySQL server’s port 3306.
Plus, it’s free and probably already installed on your systems.
Need help? support@imapenguin.com
Posted in How-To, Mac, Linux, Programming, Security, servers | no comments | no trackbacks
Posted by Michael
Mon, 11 Dec 2006 11:12:07 GMT
We’re going to apply to put “componentable” in the dictionary.
Just what is “componenetable” you ask?
We’ve been looking at a score of “Unified threat” solutions for the last few months. On a VERY broad scope there are a few major components of a security architecture that need to be addressed:
In this example we assume things like firewall/vpn/network based external attacks to the network are covered somewhere.
There are two basic solution groups to solving the above problem areas:
Appliances are:
- Easy to install and manage
- Typically have one interface
but:
- Have questionable scaling issues
- Typically make it difficult to replace one component
Software solutions:
- Have good scaling solutions (it’s trivial to buy better hardware)
- Make it easy to swap one product for a given solution
but:
- Require multiple interface to control, manage and report
- Require operating system management on top of the component’s management requirements
In PART 2, we’ll talk about some ways to select solutions that have some advantages of both approaches, then later in the series we’ll talk about how to develop your apps to do a hybrid of both approaches.
Posted in How-To, Programming, Security, Reviews, Rails | no comments | no trackbacks
Posted by Michael
Tue, 03 Oct 2006 14:11:05 GMT
In Ars Technica’s article today called Firefox JavaScript security ‘a complete mess’? More like a hoax they site Mischa Spiegelmock as saying
“I have not succeeded in making this code do anything more than cause a crash and eat up system resources, and I certainly haven’t used it to take over anyone else’s computer and execute arbitrary code,”
and that there wasn’t any new exploit that was discovered. The editor notes that the story link is where they will update the details as they come in.
This is considerably less worrisome than a remote control exploit as this was originally reported as.
Stay tuned, er, browsed, whatever.
Posted in Security | no comments | no trackbacks
Posted by Michael
Wed, 09 Aug 2006 20:26:00 GMT
“We’re still hard at work on Rails 1.2, which features all the new dandy REST stuff and more, but a serious security concern has come to our attention that needed to be addressed sooner than the release of 1.2 would allow. So here’s Rails 1.1.5!
This is a MANDATORY upgrade for anyone not running on a very recent edge (which isn’t affected by this). If you have a public Rails site, you MUST upgrade to Rails 1.1.5. The security issue is severe and you do not want to be caught unpatched.
The issue is in fact of such a criticality that we’re not going to dig into the specifics. No need to arm would-be assalients.
So upgrade today, not tomorrow. We’ve made sure that Rails 1.1.5 is fully drop-in compatible with 1.1.4. It only includes a handful of bug fixes and no new features.
For the third time: This is not like ‘sure, I should be flossing my teeth’. This is ‘yes, I will wear my helmet as I try to go 100mph on a motorcycle through downtown in rush hour’. It’s not a suggestion, it’s a prescription. So get to it!
As always, the trick is to do ‘gem install rails’ and then either changing config/environment.rb, if you’re bound to gems, or do ‘rake rails:freeze:gems’ if you’re freezing gems in vendor.
UPDATE: This problem affects 0.13, 0.14, 1.0, and 1.1.x. So here’s a happy opportunity to upgrade if you still haven’t.
P.S.: If you run a major Rails site and for some reason are completely unable to upgrade to 1.1.5, get in touch with the core team and we’ll try to work with you on a solution.
“
(Via Riding Rails.)
Posted in Security, Rails, Ruby | no comments | no trackbacks
Posted by Michael
Mon, 13 Mar 2006 07:28:56 GMT
Root Password Readable in Clear Text with Ubuntu: “BBitmaster writes ‘An extremely critical bug and security threat was discovered in Ubuntu Breezy Badger 5.10 earlier today by a visitor on the Ubuntu Forums that allows anyone to read the root password simply by opening an installer log file. Apparently the installer fails to clean its log files and leaves them readable to all users. The bug has been fixed, and only affects The 5.10 Breezy Badger release. Ubuntu users, be sure to get the patch right away.’
“
(Via Slashdot.)
Posted in Security | no comments | no trackbacks
Posted by Michael
Fri, 10 Mar 2006 07:01:25 GMT
Security Flaw Discovered in GPG: “WeLikeRoy writes ‘A serious problem in the use of GPG to verify digital signatures has been discovered, which also affects the use of gpg in email. It is possible for an attacker to take any signed message and inject extra arbitrary data without affecting the signed status of the message. Depending on how gpg is invoked, it may be possible to output just faked data as several variants of this attack have been discovered. All versions of gnupg prior to 1.4.2.2 are affected, and it is thus recommended to update GnuPG as soon as possible to version 1.4.2.2.’
“
(Via Slashdot.)
Posted in Security | no comments | no trackbacks
