Re: [PLUG] Clinic on Sunday ??
On Sat, Nov 14, 2009 at 06:33:05PM -0800, William A Morita wrote: > Clinic on Sunday ?? I announced it on plug-announce on Thursday. I got a reply from Gilbert, so It made it to Guatemala. Should I repeat announcements on the plug list, or should people wanting to see meeting announcements sign up for the plug-announce list? Keith -- Keith Lofstrom kei...@keithl.com Voice (503)-520-1993 KLIC --- Keith Lofstrom Integrated Circuits --- "Your Ideas in Silicon" Design Contracting in Bipolar and CMOS - Analog, Digital, and Scan ICs ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] Film scanners
Denis Heidtmann wrote: > On Wed, Nov 11, 2009 at 10:40 AM, Rich Shepard > wrote: > .. >>Candidly, you'd be much better off (and spend less time and money) by >> replacing that with a scanner known to work with Xsane. Check >> http://www.sane-project.org/ for supported scanners; there are dozens of >> them. >> >> Rich > > I am getting frustrated by this effort. The SANE site lists 248 > scanners with a "complete" rating. Of those I count 97 as USB. Of > those, I started searching for Epson, which had 20 meeting the > criterion. NONE of those are film scanners on the Epson site. > > I tried HP; got similar results. Fujitsu, Genius, Avision the same. > What am I missing? Either the model numbers have changed or SANE is > out of date. (I did find a site that said "Since Microtek, Polaroid, > Minolta and now Nikon discontinued their film scanners, there is not a > lot of choice left in affordable, good quality 35mm scanners." > > Can anybody recommend a film scanner using USB with a "complete" SANE rating? Coolscan IV Several on eBay. -- m0gely ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] i can't believe this hasn't come up before
> Is this realization triggered by the recent Wordpress issue? > > http://seclists.org/fulldisclosure/2009/Nov/141 > http://seclists.org/fulldisclosure/2009/Nov/148 > > > The whole concept of placing executable text files in a web root and > then allowing one to mix them with non-executable content (HTML, > images, css, etc) is a pretty insane. Yes, I know, everyone does it > on nearly every platform, but that doesn't make it good. Anytime you > take static content and mix it with executable content, and then > intentionally blur the line between the two, it's a recipe for > disaster. (Examples: MS office macro viruses, PDF+JavaScript, > HTML+JavaScript, Flash+JavaScript, ...) > > Never trust your distro's defaults for Apache httpd. They're almost > always not right for you, and many distros continue to enable entirely > too many "features" that no one ever uses. > > > If you're writing an app for file uploads here are some approaches to > keep it safe (in order of preference): > > A. Don't allow file uploads. Find a way around it. > > B. Allow file uploads, but don't store files on disk. Instead, > capture the uploaded file name an contents and store them in > database records. > > C. Store the file on disk, but *do not* use the provided file name to > store it. Instead, store a record in the database which includes > the name of the file provided by the user, a unique identifier for > the file, and any other attributes you care to. Ensure that you: > >1. Do not store the contents of the file under the web root at > all. Use a separate script to download the file based on the > unique identifier. > >2. Use a file name based on the unique identifier that your code > generated during the upload. > > In cases B and C, watch out for SQL injection, cross-site scripting, > and HTTP header injection. Oh, not to mention, are users uploading > files that contain viruses or trojans? Are you becoming an accomplice > to attacks from one user to another? (Option A becomes more appealing > now.) > > > On the topic of badly designed PHP apps that allow file uploads, if > any of you host osCommerce installations or apps derived from hit, you > definitely want to take a look at this thread: > http://seclists.org/fulldisclosure/2009/Nov/169 yes, the wordpress alert was what triggered me to look at things more closely. allowing someone to upload a jpg/gif/etc into a web space is a pretty standard thing. and i doubt that most programmers would think that foo.php.jpg would be run by the php system. the methods you list are certainly other ways around the issue. but that isn't going to fix all the apps that are out there already. from what i can tell, using the filematch apache method will deal with all of them. there is a similar issue with addhandler being used for .cgi files, but that requires extra file permissions as well as other apache setup, so that is far less likely to be a problem for foo.cgi.jpg files. ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] Clinic on Sunday ??
On Sat, 14 Nov 2009 18:33:05 -0800 "William A Morita" dijo: > Clinic on Sunday ?? Indeed, there is a Clinic tomorrow. I regret the failure to announce earlier. My excuse is that I have been swamped with a construction project. But I will be there. ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] Network failure
On Sat, Nov 14, 2009 at 5:14 PM, Denis Heidtmann wrote: > On Sat, Nov 14, 2009 at 11:16 AM, drew wymore > wrote: > ... > > > > Denis, > > What kind of DSL modem is it, who's your ISP? > > It is an Actiontec R1524SU. I use dslnorthwest. > > -Denis > ___ > PLUG mailing list > PLUG@lists.pdxlinux.org > http://lists.pdxlinux.org/mailman/listinfo/plug > Hmm. There might be some system logs on the Actiontec to help determine if it is indeed the modem failing, it sounds like it's either PPPoE/A or routed with the 192.x.x.x addresses. If you need a modem to test with, I have an Actiontec that is known to be good and you can swap it in and see what happens. The 1524 is the little gray one right? Are you running a switch or using the built in ethernet? Drew- ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
[PLUG] Clinic on Sunday
Bring your 2G USB drive and I can make it bootable into Ubuntu 9.10 with persistence. - Bill Morita -Original Message- From: plug-boun...@lists.pdxlinux.org [mailto:plug-boun...@lists.pdxlinux.org] On Behalf Of wes Sent: Saturday, November 14, 2009 6:43 PM To: General Linux/UNIX discussion and help,civil and on-topic Subject: Re: [PLUG] Clinic on Sunday ?? I'll be there. I'm planning to bring a friend from India :) -wes On Sat, Nov 14, 2009 at 6:33 PM, William A Morita wrote: > Clinic on Sunday ?? > > - Bill > wamorita At hevanet.com > > > > ___ > PLUG mailing list > PLUG@lists.pdxlinux.org > http://lists.pdxlinux.org/mailman/listinfo/plug > ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] Clinic on Sunday ??
I'll be there. I'm planning to bring a friend from India :) -wes On Sat, Nov 14, 2009 at 6:33 PM, William A Morita wrote: > Clinic on Sunday ?? > > - Bill > wamorita At hevanet.com > > > > ___ > PLUG mailing list > PLUG@lists.pdxlinux.org > http://lists.pdxlinux.org/mailman/listinfo/plug > ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
[PLUG] Clinic on Sunday ??
Clinic on Sunday ?? - Bill wamorita At hevanet.com ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] dial-up
linux-yug wrote: > Hi > > Does anyone have experience with USB dial-up modem and Ubuntu > > > Ya..I am on dial-up and I suspect my modem is going bad.. I have > problems connecting every now and again.. > > > TIA > > > linux-yug > linux-yug No experience with USB modem, but with modems in general ... you say "problems connecting every now and again"? Do you get any error message(s)? Can you hear the process (dial tone, dialing, ring, connect chat)? These things could provide a clue. I have had modems physically fail, but rarely - if you don't fry it, or drown it, or take a hammer to it, there really isn't much in them to go wrong. Other than a faulty telco line, the usual suspects are physical connections (as in: remove and reseat - and you might include: inspect for signs of wear, breakage, corrosion, or misalignment). Also, if you need it, one can initialize a call from the command line and view the chat on screen (redirecting to a file is also possible, of course). Hope this helps Regards Fred James ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
[PLUG] dial-up
Hi Does anyone have experience with USB dial-up modem and Ubuntu Ya..I am on dial-up and I suspect my modem is going bad.. I have problems connecting every now and again.. TIA linux-yug ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] i can't believe this hasn't come up before
> if you use the apache addhandler command for things like php, perl, python, > etc > it can create a huge hole if you allow uploads into your web space (images > for > example). the unbelievable behavior is that addhandler (and other friends > from > mod_mime) look for the extension anywhere in the filename, not just the end. > so foo.php.jpg will be run as php if addhandler is used for .php (which is > the > default for redhat 5 systems). > > a workaround is to use: > > > SetHandler php5-script > ForceType text/html > > > instead. wow, this is just scary... Yup. Is this realization triggered by the recent Wordpress issue? http://seclists.org/fulldisclosure/2009/Nov/141 http://seclists.org/fulldisclosure/2009/Nov/148 The whole concept of placing executable text files in a web root and then allowing one to mix them with non-executable content (HTML, images, css, etc) is a pretty insane. Yes, I know, everyone does it on nearly every platform, but that doesn't make it good. Anytime you take static content and mix it with executable content, and then intentionally blur the line between the two, it's a recipe for disaster. (Examples: MS office macro viruses, PDF+JavaScript, HTML+JavaScript, Flash+JavaScript, ...) Never trust your distro's defaults for Apache httpd. They're almost always not right for you, and many distros continue to enable entirely too many "features" that no one ever uses. If you're writing an app for file uploads here are some approaches to keep it safe (in order of preference): A. Don't allow file uploads. Find a way around it. B. Allow file uploads, but don't store files on disk. Instead, capture the uploaded file name an contents and store them in database records. C. Store the file on disk, but *do not* use the provided file name to store it. Instead, store a record in the database which includes the name of the file provided by the user, a unique identifier for the file, and any other attributes you care to. Ensure that you: 1. Do not store the contents of the file under the web root at all. Use a separate script to download the file based on the unique identifier. 2. Use a file name based on the unique identifier that your code generated during the upload. In cases B and C, watch out for SQL injection, cross-site scripting, and HTTP header injection. Oh, not to mention, are users uploading files that contain viruses or trojans? Are you becoming an accomplice to attacks from one user to another? (Option A becomes more appealing now.) On the topic of badly designed PHP apps that allow file uploads, if any of you host osCommerce installations or apps derived from hit, you definitely want to take a look at this thread: http://seclists.org/fulldisclosure/2009/Nov/169 Ok, I've rambled long enough. tim ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] Network failure
On Sat, Nov 14, 2009 at 11:16 AM, drew wymore wrote: ... > > Denis, > What kind of DSL modem is it, who's your ISP? It is an Actiontec R1524SU. I use dslnorthwest. -Denis ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] Network failure
On Sat, 2009-11-14 at 14:13 -0800, Larry Brigman wrote: > On Sat, Nov 14, 2009 at 12:30 PM, linux-yug wrote: > > > > > > 169.254.xx.xx is NOt a good IP address.. > > > > Actually it is but not for getting out to the Internet. It is the > zero-conf networking address. > It is valid for local area networks but is (should be) dropped at the router. Thank You That was what I meant to say.. I always use it in trouble shooting..Tells me the Computer is not getting to DHCP TIA Linux-yug ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] Network failure
On Sat, Nov 14, 2009 at 12:30 PM, linux-yug wrote: > > > 169.254.xx.xx is NOt a good IP address.. > Actually it is but not for getting out to the Internet. It is the zero-conf networking address. It is valid for local area networks but is (should be) dropped at the router. ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] Network failure - 169.254.xx.xx
On Sat, Nov 14, 2009 at 12:30:38PM -0800, linux-yug wrote: > 169.254.xx.xx is NOt a good IP address.. RFC 3330 begs to differ. http://www.faqs.org/rfcs/rfc3330.html 169.254.0.0/16 - This is the "link local" block. It is allocated for communication between hosts on a single link. Hosts obtain these addresses by auto-configuration, such as when a DHCP server may not be found. -- Michael Rasmussen, Portland Oregon Be appropriate && Follow your curiosity http://www.jamhome.us/ The fortune cookie says: To be or not to be. -- Shakespeare To do is to be. -- Nietzsche To be is to do. -- Sartre Do be do be do. -- Sinatra ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] Network failure
On Sat, 2009-11-14 at 11:13 -0800, Denis Heidtmann wrote: > Trying to understand what happened to my network on Sep 21, 2009, and > actions to take if it happens again. > > Background: Running Ubuntu 9.04 with NetworkManager > (http://projects.gnome.org/NetworkManager/) > DSL modem. No wireless. > > On 9/21/09 all network communication failed. I power cycled the modem > to no effect. My son changed /etc/network/interfaces from: > auto lo > > iface lo inet loopback > > > to: > auto lo > > iface lo inet loopback > > > > auto eth0 > > iface eth0 inet dhcp > > > After restarting the network was restored, but the NetworkManager > applet which displays the network status on the task bar shows the > network as not functional. > > Since this occurrence I have had two more times that the network > failed. In both cases after shutting down for an hour or so then > restarting the network came back up functional. During one of these > most recent failures, I looked at a GUI which displays, among other > things, Netstat outputs. > > When it had failed: > > > > Destination GatewayNetmask Interface > > 169.254.0.0 0.0.0.0 255.255.0.0 eth0 > > 0.0.0.0 0.0.0.00.0.0.0 eth0 > > fe80:: ::64eth0 > > ...snip... > > When it was functional: > > > > Destination Gateway Netmask Interface > > 192.168.0.0 0.0.0.0 255.255.255.0 eth0 > > 169.254.0.0 0.0.0.0 255.255.0.0 eth0 > > 0.0.0.0 192.168.0.1 0.0.0.0 eth0 > > fe80:: ::64eth0 > > ...snip... > > > The spontaneous fixes since the first occurrence leads me to consider > the possibility that Evan's edit of /etc/network/interfaces did not > fix the issue, but only served to break the NetworkManager applet. > > I am interested in having a bag of diagnostic tricks at the ready when > it happens again. High on my list of suspects is the DSL modem. I am > also interested in restoring the NetworkManager applet to function. > > Suggestions? > > -Denis 169.254.xx.xx is NOt a good IP address.. HTH Linux-yug ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] how-to on precinct mapping
On Sat, 14 Nov 2009, Randy Stapilus wrote: > I do a fair amount of political voter precinct analysis, and a way of > easily mapping the results would be very helpful. > Question - might there be some better way to automate this? If there is, a > lot of people in the political world would be extremely interested. Wander over to http://grass.osgeo.org/ and grab a copy of grass-6.4RC5; actually, get the latest from the svn server or yesterday's weekly snapshot. You can get map data from the Oregon Geospatial Enterprise Office (OR GEO) at http://www.oregon.gov/DAS/EISPD/GEO/sdlibrary.shtml. You can find congressional districts, county boundaries, cities, census data, etc. You can even color the resulting maps red and blue! Rich ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
[PLUG] how-to on precinct mapping
I do a fair amount of political voter precinct analysis, and a way of easily mapping the results would be very helpful. So I was interested in a piece in the Boise Weekly (the Idaho alternative paper) wherein one of the reporters, Nathaniel Hoffman, tried to develop an approach for doing that, using mostly (though not entirely) open source options, including OpenOffice Calc and Qgis (I believe it's open source). The process he used was pretty involved and time-consuming, though, and used a bunch of conversions - it's certainly not simple. He writes about it at http://www.boiseweekly.com/boise/mapping-city- council-races/Content?oid=1297504 Question - might there be some better way to automate this? If there is, a lot of people in the political world would be extremely interested. Randy Stapilus www.ridenbaugh.com Northwest politics and public affairs WA, OR, ID Public Affairs Digests ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] Network failure
On Sat, Nov 14, 2009 at 11:13 AM, Denis Heidtmann wrote: > Trying to understand what happened to my network on Sep 21, 2009, and > actions to take if it happens again. > > Background: Running Ubuntu 9.04 with NetworkManager > (http://projects.gnome.org/NetworkManager/) > DSL modem. No wireless. > > On 9/21/09 all network communication failed. I power cycled the modem > to no effect. My son changed /etc/network/interfaces from: > auto lo > > iface lo inet loopback > > > to: > auto lo > > iface lo inet loopback > > > > auto eth0 > > iface eth0 inet dhcp > > > After restarting the network was restored, but the NetworkManager > applet which displays the network status on the task bar shows the > network as not functional. > > Since this occurrence I have had two more times that the network > failed. In both cases after shutting down for an hour or so then > restarting the network came back up functional. During one of these > most recent failures, I looked at a GUI which displays, among other > things, Netstat outputs. > > When it had failed: > > > > Destination GatewayNetmask Interface > > 169.254.0.0 0.0.0.0 255.255.0.0 eth0 > > 0.0.0.0 0.0.0.00.0.0.0 eth0 > > fe80:: ::64eth0 > > ...snip... > > When it was functional: > > > > Destination Gateway Netmask Interface > > 192.168.0.0 0.0.0.0 255.255.255.0 eth0 > > 169.254.0.0 0.0.0.0 255.255.0.0 eth0 > > 0.0.0.0 192.168.0.1 0.0.0.0 eth0 > > fe80:: ::64eth0 > > ...snip... > > > The spontaneous fixes since the first occurrence leads me to consider > the possibility that Evan's edit of /etc/network/interfaces did not > fix the issue, but only served to break the NetworkManager applet. > > I am interested in having a bag of diagnostic tricks at the ready when > it happens again. High on my list of suspects is the DSL modem. I am > also interested in restoring the NetworkManager applet to function. > > Suggestions? > > -Denis > ___ > PLUG mailing list > PLUG@lists.pdxlinux.org > http://lists.pdxlinux.org/mailman/listinfo/plug > Denis, What kind of DSL modem is it, who's your ISP? ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
[PLUG] Network failure
Trying to understand what happened to my network on Sep 21, 2009, and actions to take if it happens again. Background: Running Ubuntu 9.04 with NetworkManager (http://projects.gnome.org/NetworkManager/) DSL modem. No wireless. On 9/21/09 all network communication failed. I power cycled the modem to no effect. My son changed /etc/network/interfaces from: auto lo iface lo inet loopback to: auto lo iface lo inet loopback auto eth0 iface eth0 inet dhcp After restarting the network was restored, but the NetworkManager applet which displays the network status on the task bar shows the network as not functional. Since this occurrence I have had two more times that the network failed. In both cases after shutting down for an hour or so then restarting the network came back up functional. During one of these most recent failures, I looked at a GUI which displays, among other things, Netstat outputs. When it had failed: Destination GatewayNetmask Interface 169.254.0.0 0.0.0.0 255.255.0.0 eth0 0.0.0.0 0.0.0.00.0.0.0 eth0 fe80:: ::64eth0 ...snip... When it was functional: Destination Gateway Netmask Interface 192.168.0.0 0.0.0.0 255.255.255.0 eth0 169.254.0.0 0.0.0.0 255.255.0.0 eth0 0.0.0.0 192.168.0.1 0.0.0.0 eth0 fe80:: ::64eth0 ...snip... The spontaneous fixes since the first occurrence leads me to consider the possibility that Evan's edit of /etc/network/interfaces did not fix the issue, but only served to break the NetworkManager applet. I am interested in having a bag of diagnostic tricks at the ready when it happens again. High on my list of suspects is the DSL modem. I am also interested in restoring the NetworkManager applet to function. Suggestions? -Denis ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
Re: [PLUG] Dell Zino
Along the same line, we need to prototype something that's capable of playing streaming video from up to four IP cameras in a Firefox browser window, using the downloadable java players that each cam manufacturer provides to support playback of mjpeg or mpeg4 video streams. In the example of your proposed hardware, would these players typically be able to use the Nvidia chipset or would they have to use the Atom processor, or is there any way to know without trying it? Thanks, Tom S. - Original Message - From: "Galen Seitz" To: "General Linux/UNIX discussion and help;civil and on-topic" Sent: Friday, November 13, 2009 9:37 PM Subject: Re: [PLUG] Dell Zino > VY wrote: >> Hi: >> >> Does anyone has any experience running Linux on the new Dell Zino line of >> PCs? >> I want to use it as a media center kind of box. It seems low >> cost and even has an HDMI out. >> >> http://www.dell.com/us/en/home/desktops/inspiron-zino-hd/pd.aspx?refid=inspiron-zino-hd&s=dhs&cs=19&ref=dthp > > My first concern would be the state of driver support for video > features. It seems to be taking forever for ATI and Intel to get this > stuff nailed down. > > I'm considering a motherboard with an Nvidia ION chipset for a MythTV > front end client. > http://www.phoronix.com/scan.php?page=article&item=nvidia_ion_linux&num=1 > > These boards use an Atom processor, but with all the heavy lifting > offloaded to the Nvidia graphics processor, they have no problem > handling HD video. The one downfall that is frequently mentioned is > flash. Since there currently is no way to offload flash video to the > graphics processor, the Atom has to do the rendering. As you can > imagine, this does not work very well for anything high-res. > > Both Zotac and Asrock make suitable ION motherboards. Here's one that > looks promising for my purposes: > http://www.newegg.com/Product/Product.aspx?Item=N82E16813500027&cm_re=zotac_ion-_-13-500-027-_-Product > > I can't believe I'm suggesting something that requires a proprietary > driver, but unfortunately the Nvidia ION is currently the best fit for > what I want to do. > > -- > Galen Seitz > gal...@seitzassoc.com > ___ > PLUG mailing list > PLUG@lists.pdxlinux.org > http://lists.pdxlinux.org/mailman/listinfo/plug No virus found in this incoming message. Checked by AVG - www.avg.com Version: 8.5.425 / Virus Database: 270.14.64/2501 - Release Date: 11/13/09 18:22:00 ___ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug