A security advisory on OpenSSL has recently been published. Details are there and there. It is vulnerable to a MiTM attack where the attacker can intercept and retrieve the credential to a trusted HTTPS website, by intercepting the session cookie sent back to the client. A proof of concept of an attack against Twitter was [...]
Archive of posts tagged Debian
openSUSE 11.1 and /boot on RAID 1
I tried yesterday to set up a home server with two disks in a RAID 1 array. My intention was to have everything on the RAID volume, including /boot, so that if a disk crash, I still can boot on the second one. That’s the way I think it should work anyway, despite the number [...]
SHA-1 vulnerable : consider SHA-2
Not long after md5, the computation progress has made another victim. Last week, it was made public that the SHA-1 hash function should be now considered vulnerable. The discovery bring up that the computation to create a collision hash has been dramaticaly reduced. As a consequence, the SHA-1 function can’t warranty anymore the uniquity – [...]
Connecting your GNS3 labs to the real network
There is a nice video tutorial to get your GNS3 lab connected to your physical network. However, it requires you to use a real network card with a fixed IP for doing that. This is not really handy if, llike me, you use GNS3 on a laptop whose connectivity is frequently switching between cable and [...]
VMWare Workstation 6.5
I have just upgraded WMWare from version 6.04 to 6.5, and I have to say that it has very nice new features. The first surprising thing was the file I downloaded. It is now not anymore a tar.gz archive but a .bundle file. After downloading, as root, just make it executable or start it with [...]
How-to : Mod-security 2 set-up for Apache 2
Mod-security is a security proxy for Apache. It adds a frontal layer filtering unwanted clients, malformed packets and malicious requests. It is especially usefull if your website is dynamic, involving php, sql, javascript, etc. With such a complex environment, as you can never be sure that your website is not vulnerable or up-to-date enough, something [...]
The SSL/SSH disaster
Due to the recent security hole discovered in Debian, which has also concerned various distributions – of course including Ubuntu – for 2 years, I simply closed all my SSH and OpenVPN accesses. I have had no time so far to check all the keys on my server. I prefer to stay on the safe [...]
Totem : black screen issue affecting all your XVideo output
I confirm the black screen issue with Totem. Actually it changes the contrast for all the environment, and of course using Mplayer or the gstreamer test program just after also gave back a black screen. Therefore I had been convinced it was a driver issue (reporting a bug to Nvidia and posting on this forum), [...]
