Looks like RO access is still up.. -----Original Message----- From: Clayton Dukes [mailto:[EMAIL PROTECTED] Sent: Thursday, July 13, 2006 2:14 PM To: Freeman, Michael Cc: [email protected]; Claus Lund Subject: Re: Sourceforge SVN has been hacked!
Lovely... On 7/13/06, Freeman, Michael <[EMAIL PROTECTED]> wrote: > ( 2006-07-13 09:23:52 - Project CVS Service, Project Shell Service, > Project Subversion (SVN) Service, SourceForge.net Web Site ) A recent > kernel exploit was released that allowed a non admin user to escalate > privileges on the host pr-shell1. We urge all users who frequent this > host to change their password immediately and check their project > group space for any tampering. As a precaution, we have blocked access > to all project resources by passwo > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf > Of Clayton Dukes > Sent: Thursday, July 13, 2006 10:56 AM > To: [email protected] > Subject: [Php-syslog-ng-support] V2.9.2 Now Available > > Version 2.9.2 is now available at: > http://php-syslog-ng.gdd.net/current.tgz > > Lot's of changes here, so be sure to read the README. > I've just installed the demo using the installer so I know it works. > The demo is at http://php-syslog-ng.gdd.net Login/password is > demo/demo And is generating live (fake) data using the > scripts/dbgen.pl file Any problems, please let me know! > > > P.S. > Here's the Readme :-) > > /********************************************************************* > / Release notes for php-syslog-ng 2.9.1: > I've taken the 2.8 version, fixed a few bugs/annoyances and added an > install interface. > To use the installer, just create an empty (writeable) config.php in > the config/ directory and point your browser to > http://yourserver/install > > I've also added a perl script to generate fake events located at > scripts/dbgen.pl > > Added the Cisco Error Message Database (CEMDB) > - The CEMDB includes a MySQL table of all cisco errors available > (~25k entries). > - It will automatically display more information about any > Cisco-based event that comes in. > - Note that you must have javascript enabled for this to display. > To enable this feature, your config file requires two entries: > define('CEMDB', 'ON'); > define('CISCO_ERROR_TABLE', 'cemdb'); > These entries are created if you use the installer. > > I'm including the dumpfile for the CEMDB stuff - it can be found in > install/sql/cemdb.sql Note that scripts/cemdb/* is not needed, it's > there for future updates of the cemdb. > All you need is the cemdb.sql file in the install directory. > * You may want to GZIP this file to save space, I'm leaving it > uncompressed to the installer can use it > * Someone should write code to automatically uncompress and compress > it as needed using the installer > * (I may if I have time) > > - Clayton Dukes > - Lot's-o-props to Michael Freeman for his help on the emd.pl script! > ([EMAIL PROTECTED]) > /********************************************************************* > / > > /********************************************************************* > / > * Release notes for php-syslog-ng 2.9.2: > * NEW CONFIG - If you are not using the install utility provided, > please note that the > * config/config.php file has changed -- see config.php.dist for an > example. > /********************************************************************* > / > - Lot's of minor fixes to 2.9.1 > - Added Graphing capability on the main page > - To enable/disable Graphs, modify config.php > * Be sure to create a cache directory (jpcache is the default) and > make it writeable by the web user. > * You may also want to add a cronjob to clean out the cache on a > daily basis, like so: > @daily find /path/to/web/directory/html/jpcache -atime 1 -exec rm -f > '{}' ';' > * This will delete files in that directory older then 1 day > - Please read more about JPGraph here: > http://www.aditus.nu/jpgraph/pdf/jpgraphddda.pdf > Specifically, please note that it required GD libs to run! > - The full JPGRAPH library is included with this distribution located > under includes/jpgraph It is the standard download - no modifications > have been made to the source. > > > - Changed the size of host tables in the database from varchar(32) to > varchar(128) -- my customer has *really* long dns name s and they were > getting truncated. > To modify your installation, do the following from mysql: > * alter table logs modify host varchar(128) default NULL; > * alter table search_cache modify value varchar(128) default NULL; > Then, be sure to clear your search cache: > * delete from search_cache; > > - Changed default searches to include only yesterday to today. In > other words, if you leave the date fields blank on the mai n page and > click search, it will only search from yesterday until today, not everything. > I did this because users at my clie nt site would just click search > without selecting anything just to see what it does and then complain > that it was slow :-) > * To do this, I just modified regularresult.php and changed the > following: > $date = get_input('date'); > if (! $date) { > $date = "yesterday"; > } > $date2 = get_input('date2'); > if (! $date2) { > $date = "today"; > } > > - A couple of people have asked how to create a password for the admin > manually through the DB interface, here's how: > insert into users (username, pwhash) values ('admin', > MD5("somepassword")); > > - Modified reloadcache.php and added: > $basePath = dirname( __FILE__ ); > include_once "$basePath/../includes/common_funcs.php"; > include_once "$basePath/../config/config.php"; So that I could run a > cron job every 5 minutes to update the cache: > 0,5,10,15,20,25,30,35,40,45,50,55 * * * * php > /www/php-syslog-ng/html/scripts/reloadcache.php >> > /var/log/reloadcache.log > > - Modified dbgen.pl and made it more random -- including random hosts > now. > * Also cleaned up the code some in it. > > - Modified scripts/syslog2mysql.sh so that it uses syslogadmin instead > of syslogfeeder (I don't see a need for a separate sy slogfeeder > account) > > - Modified many of the files to use $basePath parameter instead of > relative paths $basePath = dirname( __FILE__ ); include_once > "$basePath/../includes/common_funcs.php"; > include_once "$basePath/../config/config.php"; > > - Modified META refresh tags on login and logout to use JS instead of > META since it's faster and doesn't try to modify heade r information. > > -- > ============================= > Clayton Dukes > Network Consulting Engineer, Advanced Services Cisco Systems, Inc. > Office: 919.392.6122 > Fax: : 919.869.1580 > Cell: 813.545.7373 > Email: [EMAIL PROTECTED] > MSN: [EMAIL PROTECTED] > ============================= > > > ---------------------------------------------------------------------- > -- > - > Using Tomcat but need to do more? Need to support web services, > security? > Get stuff done quickly with pre-integrated technology to make your job > easier Download IBM WebSphere Application Server v.1.0.1 based on > Apache Geronimo > http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=1216 > 42 _______________________________________________ > Php-syslog-ng-support mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/php-syslog-ng-support > -- ============================= Clayton Dukes Network Consulting Engineer, Advanced Services Cisco Systems, Inc. Office: 919.392.6122 Fax: : 919.869.1580 Cell: 813.545.7373 Email: [EMAIL PROTECTED] MSN: [EMAIL PROTECTED] ============================= ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ Php-syslog-ng-support mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/php-syslog-ng-support
