Free Tibet, Free Willy, Free Region…

September 2nd, 2011

Történt, hogy gondoltam DVD-t nézek*.
Meglepődtem, mert a DVD lejátszó azt mondta, hogy nem hajlandó lejátszani az 1-es régiókódú lemezt.

Nahát, micsoda hanyagság, lehet, hogy még nem régiókódmentesítettem ezt a legalább 3 éves – LG RH199S – lejátszót? (gondolta Stirlitz).

Gép elé leül, Google, első találat.

DVD bekapcsol, setup, régióhoz lép, hét darab nulla beüt. Eredmény:

De most tényleg.
Mekkora barom volt aki a régiókodolást kitalálta?
Ha abszolúte lehetetlen lenne egy készüléket átkódolni, akkor is: mi lenne?

Lenne egy kettes régiókódú lejátszóm, meg egy egyes (legalább) – és persze cumiznék a sok kábel miatt…
Amúgy meg örülhetnének a gyártók, mert így egy olyan lemezt is megveszek, ami csak amerikában jelent meg (extrák, egyéb nyelvek, stb.) azon felül ami megjelent itt is (ha egyáltalán…)

* – Ez is már egy éves cikk lenne, de csak most találtam meg hozzá a képet…

Novell April 1st (1992) press releases finally found…

September 1st, 2011

I recently found Novell’s April 1st press releases – from 1992, soon a decade old -, which I think must stay accessible forever…

By the time we got them, we did what we usually did with press releases… Copied and sent them without reading… to twenty-some journalists… Then one of them [only one!] called us several days later, with “What is this hillarious nonsense?”… Then we’ve read them too…

So here they are, in text format [to feed google] and of course the scans of the originals at the bottom.


Novell Announces “WORN Disk Technology”

Düsseldorf, 1.4.1992 – Novell, Inc., developer of NetWare systems software products, today announced WORN technology. WORN is a result of Novell’s close cooperation with major disk manufacturers and implements the most recent and straightforward concepts of data storage on harddisks.

WORN technology is an ideal alternative to the high capacity CD WORM (Write Once Read Maybe) disks developed during the recent years. WORN (Write Once Read Never) is an easy to use and simple technology to store data of any kind of media. WORN has been field tested effectively in combination with Novell’s backup utilities and drivers for 3 years. Many customers reported the successful implementation of Novell’s new WORN resources.

Without data compression an effectively unlimited amount of data can be stored even on smaller disk systems. The current release allows standard hard disks and disk controllers to be used with WORN drivers supplied by Novell. Internal tests performed in the Novell labs showed that more than 200TB (terabytes) could be stored on simple 40MB harddisks.

Due to the fact that the process of storing data currently runs much faster than data retrieval, WORN disks is be especially useful for storing large amounts of data that do not have to be accessed very often. As a side effect of the new WORN technology Novell can guarantee that applications stored on WORN drives can never be infected by computer viruses.

The next WORN release will implement additional features: it will allow floppy drives on a NetWare file server to serve as WORN devices. In combination with Intel, one of the most prominent manufacturer of microchips, there will be a co-development of WOMs (Write Only Memory) that will replace standard RAMs and ROMs in most file servers. WORN and WOM technology will revolutionize data storage and data processing of the future and post another milestone of networking technology.
As network computing expands into the enterprise, there is a great need for data security and high speed data transmission. Many distributors and national reseller organizations are sponsoring Novell’s new IPX/CE seminars for resellers and end users who need this information.

“We believe in the direction Novell is taking in the security market,” said A.E.Neumann. “Their products are so strong and this promotion is such a great opportunity that we’re creating a whole new division to support it.”

Novell, Inc., (NASDAQ: NOVL) is an operating system software company and the developer of network services, specialized and general purpose operating system software products, including NetWare, DR DOS, DR Multiuser DOS and FlexOS. Novell’s NetWare networking computer products manage and control the sharing of services, data and applications among computer workgroups, departmental networks and business-wide information systems.

Contact:
Claudia Kornacker
Novell GmbH
Willstatter Str. 13
4000 Düsseldorf 11

Tel.: +49 – 211 – 5973 – 0
Fax.: +49 – 211 – 5973 -250

[NOVELL GMBH • WILLSTATTER STRASSE 13 • 4000 DUSSELDORF 11 • TELEFON: (02 11) 59 73-0 • TELEX: 8 587 570 • TELEFAX: (02 11) 5 97 32 50]


Novell Announces “IPX Compression And Encryption Technology”

Düsseldorf, 1.4.1992 — Novell, Inc., developer of NetWare© systems software products, today announced an enhanced version of Novell’s proprietary network protocol “IPX”. The new IPX/CE protocol allows NetWare file servers and workstations to compress and encrypt data packets before sending them to the network. The current release encrypts and compresses data packets of up to 1024 bytes into 1 byte packets.

Due to the innovative, high-performance technology it is impossible for any unauthorized receiver on the network to decrypt any information sent on the wire. The high compression ratio allows the use of the of the transmission media’s full bandwidth and increases the effective speed of data transfer by approximately 300-2000%.

Contact:
Claudia Kornacker
Novell GmbH
Willstatter Str. 13
4000 Düsseldorf 11

Tel.: +49 – 211 – 5973 – 0
Fax.: +49 – 211 – 5973 -250

[NOVELL GMBH • WILLSTATTER STRASSE 13 • 4000 DUSSELDORF 11 • TELEFON: (02 11) 59 73-0 • TELEX: 8 587 570 • TELEFAX: (02 11) 5 97 32 50]


Scans:
WORN – Page 1 of 2 • WORN – Page 2 of 2IPX Compression

Akasztófajáték…

December 6th, 2010

… avagy az ékezet még mindíg probléma (a harmadik évezredben)… 
(lásd még korábbi post)

Milyen gáz lenne, ha a fent szereplő, könnyen leírható mostani helyett mondjuk az “Árvíztűrő Tükörfúrógép Rt.” lenne a terem szponzora…

Persze, biztos azért nem tudták “megpatchelni” a “p_nzt_rg_p”-et, mert akkor nem lenne APEH kompatibilis…
Mert az alábbi nyilván az…:

Persze alulról a harmadik sorból hozzáértő számára az derül ki, hogy a tulajdonos két földönkívüli, akik leszálltak az űrhajójukkal, mely rendelkezik APEH-ellenőr megsemmisítővel is, így vélhetően nem aggódnak nagyon…

PayPal – “the new batch”

December 6th, 2010

Surely, I must be stupid, but I don’t understand…

So you got rooted by SHV4 / SHV5 rootkit…

November 17th, 2010

Best symptom that you have SHV4/5 is that you start getting “Unknown HZ value! (#) Assume 100.” messages from top/ps.

More on this at:
http://www.bigismore.com/web-server-security/unknown-hz-value-assume-100-youve-been-hacked/

rkhunter can help you “confirm” such situation too. Additionally run “chkrootkit” as well.

Now, the question, how you get rid of those.
Many forum/article/etc. on the web will likely say that you do a clean install. Meanwhile undoubtly that’s the best, you might be in a situation where that cannot be accomplished (easily), and/or you need fast (maybe temporary) remedy.

“Best” information I found was at:
http://www.linuxforums.org/forum/security/47606-shv4-shv5-rootkit-installed.html

So, the rootkit REPLACES – at least, but not limited to – the following commands at their appropriate location (/bin, /sbin, /usr/bin, etc): find, ifconfig, ls, md5sum, netstat, ps, pstree, top, dir, slocate, lsof […]

It also installs and runs /sbin/ttymon and /sbin/ttyload.
Since “ps” is replaced, you won’t be able to list them, though they would likely be running.
You can blindly issue a “killall ttymon” and “killall ttyload” to try to get rid of those process, but anyway you would need a “proper” ps to get information whether they’re killed and if not, try killing by process ID [kill -9 #].

You can get a “ps” from an identical or at least close linux system, or check /usr/lib/libsh/.backup – as the “decent” rootkit makes backups of the “clean” commands there.

After getting rid of the running process[es], lsattr -i -a the suspicious files (if you have the .backup directory, start with the named those), then replace them from either the .backup or from another identical system.

Move/backup/delete the following directories/files:
/usr/lib/libsh
/usr/lib/lidps1.so
/lib/libsh.so
/sbin/ttymon
/sbin/ttyload
/dev/devx
/etc/sh.conf

Check and delete “new”/unneeded entries from:
/etc/passwd and /etc/shadow [like psadmin, default, userx, sysadmin – also delete/move home directories of those, some might have .ssh/authorized.keys]
/root/.ssh/authorized.keys and known_hosts

Change administrator account’s passwords… [And anything you suspect to be leaked and important…]

And of course try to find the cause/way how you got hacked and make sure it won’t happen again.
Based on the creaton time of the directories, you might get a clue when the rooting happened, and check syslog, daemon.log, auth.log, etc. for clues.

Recent hacks could be related to proftpd exploit:
http://www.zerodayinitiative.com/advisories/ZDI-10-229/
This is/was supposely fixed in version 1.3.3c of proptfp [Fixed Telnet IAC stack overflow vulnerability (ZDI-CAN-925 ] – and likely backported to earlier version in your distribution, check changelog for package.
Debian changelog for reference:
http://packages.debian.org/changelogs/pool/main/p/proftpd-dfsg/proftpd-dfsg_1.3.3a-5/changelog

In case of vulnerable profptd, stop the daemon – and kill all process containing the word proftpd, there will be some…
Download and install the new package.

You might check proftp’s log “just for the fun”, you should see such mix of entries like:
“client sent too-long command, ignoring”, then
“ProFTPD terminating (signal 11)”, then
“FTP session closed.”.
Likely more of these. Then repeated open/closes.

If you see such messages in your log – and not yet hacked -, then update proftpd ASAP to avoid getting SHV4/SHV5 or anything else…

Geek teszt

June 26th, 2010

“Közkívánatra”, meg, hogy legyen néha írva valami…

Nemrég voltunk “nyaralni”, ott egy ilyen kulcsot kaptam:

28-40

Nekem az ugrott be elsőre, hogy “Né, két egyforma számú kulcs…”

—-

Aztán amikor hazajöttünk, függetlenül ettől kaptam egy ilyet (hint, hint…):

Q: Why is it that programmers always confuse Halloween with Christmas?
A: Because 31 OCT = 25 DEC.

2009.12.18

January 27th, 2010

Kis késéssel ugyan, de pár kép “egy rózsaszínű napról”.
(Nem photoshop és nem is ragadt rágógumi a fényképezőgépre…)

Gyerekszáj

January 27th, 2010

– Apa, te mikor nősz meg?
– Én már nem növök tovább.
– Akkor minek eszel?

És még csak 4 éves… Mi lesz itt még…

Far Manager – how to ruin a site

September 21st, 2009

I like Far Manager a lot (and Midnight Commander as well on linux boxes, if we’re here), as I grew up on Norton Commander. Once someone knows the keyboard shortcuts, he can work with that lightning fast.

Now, it happened, that I got a freshly installed notebook and one of the first things was to get Far Manager installed.
I visited the site, and found that the latest versions only available in .7z format.
Since I didn’t want to install 7-zip first, I downloaded an early install package in the good-old (erm…) .exe format.

Then, I thought I let them know, that maybe it is not the best idea to host the newest versions in .7z format, or at least provide an .exe version, but I couldn’t find a contact link on the site.

Then, I saw the forum!
Easypie – so I though -, I just register and drop a comment.
However, on the registration page, I faced an Impossible Mission!
A dreadful captcha, which was not just hard to read, but was impossible to read!
I tried to guess, but wasn’t successful, then I got another one, “Impossible Mission II” captcha.
To demonstrate what I am talking about, here are the two images I got (and no, I don’t have 16 color EGA mode selected on my computer). Anyone goes to the registration page can get similar ones.

(and no, “30M92” wasn’t a good answer…)

No wonder there are no activity on the forum!

Finally, I found a contact address at the “If you are visually impaired or cannot otherwise read this code please contact the Board Administrator.” section, I sent a mail on this “captcha” and 7z issues, but so far I didn’t get any answer…

I believe I did all I could – even wrote a blog entry! :-)

Szívecske

September 13th, 2009

Hol volt, hol nem volt, volt egyszer egy fémdarab.

Ezt a fémdarabot megkovácsolták, lepréselték, kifúrták, aztán belerakták valamilyen fadobozba (rádió?, szekrény?, ágy?), vélhetően sarokkötőelemnek vagy ilyesminek.

Szegény fémdarab nem tudta, hogy hol van pontosan, csak tette némán a dolgát, tartotta a sarkokat fáradhatatlanul.
Egy nap a dobozt tűzrehajították és elégették.

Szegény fémdarab nem tudta, hogy mi történik, csak nagyon melege volt egy ideig. Majd ott maradt a hamuban és nézte napközben a felhők vonulását az égen, este pedig a csillagokat.

Egyszer a felhők vonulását megszakította valami.

Egy kisfiú nézett le reá.

– Szívecske! – mondta a kisfiú, felemelte a hamuból és hazavitte.

A kisfiúnak volt egy csomó játéka, de szívesebben játszott olyan dolgokkal, mint ami a Szívecske is volt, például a Szivacsdarabbal, Szemeskővel vagy Parázsfénnyel – aki amúgy egy szintén utcán talált törött indexprizma volt.

Másnap a kisfiú Balatonra ment és elvitte magával Szívecskét is.
Együtt sétáltak, majd fürödtek és homokoztak – pontosabban iszapoztak – a Balaton partján.

Szívecske nagyon boldog volt, soha nem gondolta volna, hogy valaha ővele ilyen történik.

Amikor hazamentek, Szívecske órákig mesélt az új barátainak, Parázsfénynek, Szemeskőnek és Szivacsdarabnak akik ámulva hallgatták.

Az elbeszélés végére Szemeskőnek még egy könnycsepp is kigördült a szeméből.