Just a quick note. I will be moving my focus to putting posts up on my company web site at www.sterlingideas.com. Any really technical items will still end up here, but I am going to make a new effort to post regular content over on the company site, particularly items of interest to my clients.
Be sure to add http://www.sterlingideas.com/feed/rss/ to your feed reader.
Quick note:
When you do domain masquerading with sendmail, root is exempted from that by default. No big deal unless the host name of your system is not actually registered in DNS. I have a couple VMs that don’t need outside access or DNS registrations, but I’d like to receive their cron output cleanly.
This is a rather easy fix. In most sendmail .mc files you will find the DOMAIN(generic) statement. This refers to loading the generic.m4 file which includes a default statement to expose root without masquerading — EXPOSED_USER(`root’). Copy the generic.m4 to mycustom.m4 and remove the EXPOSED_USER line. Go to your .mc file and change the DOMAIN(generic) to DOMAIN(mycustom) and rebuild your sendmail.cf file.
This is a simple note to capture process.
I just upgraded the main perl port on a FreeBSD box from 5.8.8 to 5.8.9 and a perl based service promptly died, complaining of problems locating dependencies. D’Oh!! That’s not good.
After a bit of crunching away I found that each perl module port (each p5-* port) needed a ‘make deinstall && make reinstall’ to align with the new perl version. The only bugger is that this machine has 54 p5-* ports installed. Now I’m basically lazy so I wanted a better way than manually reinstalling each port or even writiing a script to handle these specific ports.
Thankfully a little deeper google exercise turned up pearl-after-upgrade. From the man page:
The standard procedure after a perl port (either lang/perl5 or lang/perl5.8) upgrade is to basically reinstall all other packages that depend on perl. This is always a painful exercise. The perl-after-upgrade utility makes this process mostly unnecessary.
The tool goes through the list of installed packages, looks for those that depend on perl, moves files around, modifies shebang lines in those scripts in which it is necessary to do so, tries its best to adjust dynamically linked binaries that link with libperl.so in the old path, and updates the package database.
Brilliant!! Just what I was looking for.
I ran perl-after-upgrade followed by perl-after-upgrade -f, and it did all the heavy lifting of getting things straight. Just for good measure I ran a rebuild on mimedefang (portmaster mimedefang), and it was back off to the races for that system.
So I must say…. perl-after-upgrade is your friend!
I am starting a new category of posts, called Is Your Friend. Frequently when talking with Todd Long (of the Jireh Consulting blog), one of us will find a cool tool or technology and inevitably it is said that <blank> is your friend.
Recently, Todd said that “OpenDNS is your friend.” I have to agree.
It seems that every few weeks or months another tool saves my bacon or another technology finds a home in my world. I will be filing these away under the Is Your Friend series.
Do you have a particular tool, program, gadget, widget, or whatnot that qualifies for Is Your Friend status? If so, let me know, and I’d be glad to include it here.
As I’ve been planning for my trip to Shmoocon, I’ve been thinking through what I will and won’t be taking along. I will also follow the advise I’ve heard time & again on podcasts about taking care at security conferences. As such, I’m planning to travel much lighter than usual. I will not be carrying my laptop. I will be taking:
That’s it. Toss in a book and some clothes, and I’m ready to roll. Yee-haw.
Someone from a school I work with pointed this out to me recently, and I want to make certain I can find it again in the near future.
Interactive Whiteboard with a Wiimote
The second point and second video on the page go over using the Nintendo Wii remote and an infrared pen to create interactive whiteboards or surfaces. I’ve been very impressed with the Wii as it was designed, but this kind of application is even more impressive.
I hope to give this a try in the future.
In a month I will be in the middle of ShmooCon 2009 in Washington DC, probably freezing my Florida butt off. Cold or not, I’m looking forward to this opportunity. Two years ago I wanted to go but ended up out of the country. Last year I bought a ticket and ended up not going for other commitments. This year though, this year will be different. I’ve already booked the travel and I’m committed to getting there.
If all goes well, I hope to bring back my thoughts to share here.
The little extra fee you pay on new PCs for Microsoft Windows, whether you want it or not, has long been called the Microsoft tax, but what about their counterparts over at Apple? Is there a Mac Tax? Let’s check.
I bought a new laptop about four months ago. I had entertained both a Dell and a Mac. The Dell I looked at is the Latitude D830, the top of the line of their business laptops. I then tried to spec a similar MacBookPro, which required the addition of some options and a three year warranty to match the Dell. Here’s the interesting part – the Dell cost $1050 and the Mac was right at $3000. That’s a price differential that’s hard to justify on performance or utility alone.
To try to better compare the buying decision, I decided to set a theoretical spending budget of $3000 and see what I could get.
Option 1
Option 2
For the money, I will take option 1.
Before you Mac folks stone me, I do like Macs. I work with them regularly and always walk away impressed. BUT the apparent Mac Tax has always stopped me short of actually buying one.
I think I’ll go play on the Wii for a few minutes and think about it.
In late October, Microsoft released a software patch to address a problem in Windows operating systems. Every month Microsoft releases new software patches on the second Tuesday of the month, aka Patch Tuesday. For most companies Patch Tuesday is followed by Reboot Wednesday which is when the most important of these updates are installed and systems rebooted. In larger companies, Patch Tuesday is the beginning of a process to prioritize, test, and stage these updates as needed.
So what’s the big deal about October? Microsoft released an out-of-cycle patch (MS08-067) for Windows on October 23rd, nine days after Patch Tuesday. Typically patches are queued up until the next second Tuesday, but this one was so important that Microsoft released it immediately. The urgency about this patch was directly related to the potential damage that could be caused by the flaw it fixes. In theory the flaw could be exploited by a worm that would blow through networks like wildfire, causing severe damage along the way.
To be fair, Microsoft’s mistake was the flaw in Windows; their handling of the situation has been very good.
How can you benefit from this? It’s now over a month past the release of this patch, and it’s time to look at how your business handled the situation. You can use this event as one method to evaluate your overall IT posture. If you are in management, this may require digging in with the technical folks to get the details. Specifically, look at the following areas:
Take a look at how your business responded. Use this opportunity to identify any shortcomings and work to fix them. Oh, and if you look around and see that this was handled well, give your IT people the credit they deserve.