Uhm, ... (rearranging quotes a bit) ... that's nice, but did you read what I wrote? :-) (okay, so it was a bit long) ... I can at least pencil myself in for that date (2005-10-18), but may not be able to confirm that date for a fair while yet. Perhaps I'll know quite a bit more about my schedule in the upcoming weeks, ... but then again some of it may not be settled for a fair while yet.
Nov., Dec., Jan., Feb. BALUG meetings are meeting dates I could almost certainly make. Sept., Oct. (and to a lesser extent Mar. - Jun. 2006) are still rather uncertain.
Quoting Dick Verna:
Thank you for volunteering to speak. The date for your presentation is October 18th, 2005. That is the third Tuesday of the month.
Dick Verna
Michael Paoli wrote:
The most noteworthy question (or question mark) is when. I've got a
wildcard
on my calendar that might land most any place mid-September through
October
on my calendar at present, so might not be able to commit to September or October BALUG meeting date until perhaps as late as nearly mid-September
for
September, and might not know until later for October. November, December, January, and February BALUG meeting dates would likely be safe dates to target if we wanted to schedule it that far in advance
(I'd
have to double check my calendar, but most likely those dates are all
clear
(or clearable) at this point in time.)
Okay, ...
An available speaker/presentation that would likely go over well and be rather/quite useful, and perhaps we could draw in a fair (to largeish?)
crowd
of folks, ...
Shell Programming (or Shell Scripting or ... anyway, whatever precise
title
gets picked) ...
I think last time, at least prior to this month, that was brought up / mentioned / suggested for a meeting presentation, it was well under a year after we'd had quite similar (at least in terms of general topic) speaker and presentation: http://lists.balug.org/pipermail/balug-talk-balug.org/2004-August/002877.htm... (why that was on the talk list, and apparently not the announce list is another matter) and I thought it would be rather redundant to cover something rather to
quite
similar so soon, ... but now, ... it's been, ... well, it'll be about a year by this September's BALUG meeting, and over a year by the October meeting.
Anyway, the presentation and approach, etc. is comparatively different
than
Mark G. Sobell's, so even if the topic's been done for a presentation as recently as 2004-09-21, it's sufficiently different in delivery and
materials,
etc. that it shouldn't be horribly redundant for those that may have also caught the 2004-09-21 presentation.
Let's see, ... and when, ... 2005-09-20 or 2005-10-18 or later may be possibilities, ... but may not be able to confirm date until approximately early-ish September.
Feedback on the materials and such have been quite positive, e.g.
including
quotes such as: "I've attended other scripting classes, one taught by a professional instructor and one by a PhD. Neither of these compare to
what
<presenter> was able to accomplish." (that was for a compact one-day presentation and mini-lab on that topic and those materials by presenter).
Oh, ... and what presenter? That Michael Paoli person again, a.k.a. yours truly.
Anyway, I've done presentation (and mini-lab) as a dayish long thing (I
think
it was <~=6 hours, including lab time and exercises), ... have also done preparations before for doing it as presentations somewhere in the range
of
an hour or two. Anyway, without "lab" and exercises and such (but perhaps with some tiny mini-demos) I could whittle and squeeze it to within <~=75 minutes (which is about as much "real" presentation time as we end up with
at
BALUG meetings).
So, ... anyway, what do you all think regarding cut-off date for
announcement
and such? Certainly more lead time is better to let folks know and plan
and
mark their calendars and such, but a reasonable yay or nay deadline date
to
plan for and announce a speaker? ... maybe we want to try and answer that question in general - then perhaps answering the specific case at hand
follows
logically from the general answer.
I suppose in cases where leading right up to the meeting, we don't have a speaker/presenter lined up, we could still have someone show up relatively last minute as available to do a presentation ... but probably need at
*least*
a few days for most folks to even catch the announcement and possibly show
up,
and preferably week(s) or more for most folks that would want to come to
any
specific presentation to be able to mark and/or clear/arrange their
calendars
so that they'd be able to come. And where we have opportunity to schedule
and
announce a speaker/presenter reasonably well in advance, as opposed to
quite
last minute(/hour/day/...) arrangements, it's probably much preferable to
get
them scheduled and announced suitably in advance.
So, ... yes, I can certainly do a presentation on shell
scripting/programming,
but mostly a matter of confirming a suitable BALUG meeting date, and being
able
to confirm it sufficiently well in advance as to be rather to quite
useful.
Anyway, I can put together text that can be used for an "announcement" to
be
sent out (and web page blurbs, etc.) when we've got a confirmed "go" date.
Maybe we could even manage to have someone other than the presenter send
the
announce e-mail out when such a time comes - might at least look a hair
more
objective. :-)
references/excerpts: http://lists.balug.org/pipermail/balug-talk-balug.org/2004-August/002877.htm... http://lists.balug.org/private.cgi/balug-admin-balug.org/2005-April/000027.h... http://lists.balug.org/private.cgi/balug-admin-balug.org/2005-May/000028.htm... http://lists.balug.org/pipermail/balug-announce-balug.org/2005-May/000032.ht... http://lists.balug.org/pipermail/balug-talk-balug.org/2005-May/003288.html http://www.rawbw.com/~mp/linux/lvm/balug/ (I still have some tweaks/updates to upload to stuff around that URL
above)
Well, not quite confirmed yet, but at the moment it looks rather to quite probable I'll be able to do shell presentation at the 2005-10-18 BALUG meeting. I'll likely be able to have a confirmation on availability for that date within the next several days or so (i.e. probably have update and likely confirmation by <~= 2005-09-05). I'd probably also provide some suitable text blurbs (e.g. for web site, and draft for announcement(s), etc.) at or around that time too.
Presuming I'm able to confirm, as I likely anticipate, I might also suggest for the announce list, when we send out "reminder" for the Sept. meeting, we could include a rather to quite brief blurb about the Oct. meeting presentation. I'd suggest it be relatively brief so as not to detract from the Sept. meeting (e.g. if the Sept. meeting announcement/ reminder did more to promote the Oct. meeting than the Sept. meeting, folks could be relatively discouraged to go to the Sept. meeting - especially if we don't have presentation/speaker lined up for Sept. meeting). Then a bit after the Sept. meeting, we could send out an announcement having more details about the Oct. meeting.
So, ... watch this space for updates. :-)
Quoting Michael Paoli:
Uhm, ... (rearranging quotes a bit) ... that's nice, but did you read what I wrote? :-) (okay, so it was a bit long) ... I can at least pencil myself in for that date (2005-10-18), but may not be able to confirm that date for a fair while yet. Perhaps I'll know quite a bit more about my schedule in the upcoming weeks, ... but then again some of it may not be settled for a fair while yet.
Nov., Dec., Jan., Feb. BALUG meetings are meeting dates I could almost certainly make. Sept., Oct. (and to a lesser extent Mar. - Jun. 2006) are still rather uncertain.
Quoting Dick Verna:
Thank you for volunteering to speak. The date for your presentation is October 18th, 2005. That is the third Tuesday of the month.
Dick Verna
Michael Paoli wrote:
The most noteworthy question (or question mark) is when. I've got a
wildcard
on my calendar that might land most any place mid-September through
October
on my calendar at present, so might not be able to commit to September
or
October BALUG meeting date until perhaps as late as nearly mid-September
for
September, and might not know until later for October. November, December, January, and February BALUG meeting dates would
likely
be safe dates to target if we wanted to schedule it that far in advance
(I'd
have to double check my calendar, but most likely those dates are all
clear
(or clearable) at this point in time.)
Okay, ...
An available speaker/presentation that would likely go over well and be rather/quite useful, and perhaps we could draw in a fair (to largeish?)
crowd
of folks, ...
Shell Programming (or Shell Scripting or ... anyway, whatever precise
title
gets picked) ...
I think last time, at least prior to this month, that was brought up / mentioned / suggested for a meeting presentation, it was well under a year after we'd had quite similar (at least in terms of general topic) speaker and presentation:
http://lists.balug.org/pipermail/balug-talk-balug.org/2004-August/002877.htm...
(why that was on the talk list, and apparently not the announce list is another matter) and I thought it would be rather redundant to cover something rather to
quite
similar so soon, ... but now, ... it's been, ... well, it'll be about a year by this September's BALUG meeting, and over a year by the October meeting.
Anyway, the presentation and approach, etc. is comparatively different
than
Mark G. Sobell's, so even if the topic's been done for a presentation as recently as 2004-09-21, it's sufficiently different in delivery and
materials,
etc. that it shouldn't be horribly redundant for those that may have
also
caught the 2004-09-21 presentation.
Let's see, ... and when, ... 2005-09-20 or 2005-10-18 or later may be possibilities, ... but may not be able to confirm date until
approximately
early-ish September.
Feedback on the materials and such have been quite positive, e.g.
including
quotes such as: "I've attended other scripting classes, one taught by a professional instructor and one by a PhD. Neither of these compare to
what
<presenter> was able to accomplish." (that was for a compact one-day presentation and mini-lab on that topic and those materials by
presenter).
Oh, ... and what presenter? That Michael Paoli person again, a.k.a. yours truly.
Anyway, I've done presentation (and mini-lab) as a dayish long thing (I
think
it was <~=6 hours, including lab time and exercises), ... have also done preparations before for doing it as presentations somewhere in the range
of
an hour or two. Anyway, without "lab" and exercises and such (but
perhaps
with some tiny mini-demos) I could whittle and squeeze it to within
<~=75
minutes (which is about as much "real" presentation time as we end up
with
at
BALUG meetings).
So, ... anyway, what do you all think regarding cut-off date for
announcement
and such? Certainly more lead time is better to let folks know and plan
and
mark their calendars and such, but a reasonable yay or nay deadline date
to
plan for and announce a speaker? ... maybe we want to try and answer
that
question in general - then perhaps answering the specific case at hand
follows
logically from the general answer.
I suppose in cases where leading right up to the meeting, we don't have
a
speaker/presenter lined up, we could still have someone show up
relatively
last minute as available to do a presentation ... but probably need at
*least*
a few days for most folks to even catch the announcement and possibly
show
up,
and preferably week(s) or more for most folks that would want to come to
any
specific presentation to be able to mark and/or clear/arrange their
calendars
so that they'd be able to come. And where we have opportunity to
schedule
and
announce a speaker/presenter reasonably well in advance, as opposed to
quite
last minute(/hour/day/...) arrangements, it's probably much preferable
to
get
them scheduled and announced suitably in advance.
So, ... yes, I can certainly do a presentation on shell
scripting/programming,
but mostly a matter of confirming a suitable BALUG meeting date, and
being
able
to confirm it sufficiently well in advance as to be rather to quite
useful.
Anyway, I can put together text that can be used for an "announcement"
to
be
sent out (and web page blurbs, etc.) when we've got a confirmed "go"
date.
Maybe we could even manage to have someone other than the presenter send
the
announce e-mail out when such a time comes - might at least look a hair
more
objective. :-)
references/excerpts:
http://lists.balug.org/pipermail/balug-talk-balug.org/2004-August/002877.htm...
http://lists.balug.org/private.cgi/balug-admin-balug.org/2005-April/000027.h...
http://lists.balug.org/private.cgi/balug-admin-balug.org/2005-May/000028.htm...
http://lists.balug.org/pipermail/balug-announce-balug.org/2005-May/000032.ht...
http://lists.balug.org/pipermail/balug-talk-balug.org/2005-May/003288.html
http://www.rawbw.com/~mp/linux/lvm/balug/ (I still have some tweaks/updates to upload to stuff around that URL
above)
This doesn't look good: http://www.balug.org/ "H4ck3rsBr um passrinho que naum tinha cu foi caga e explodiu"
Who's got the access to get in and clean stuff up ASAP?
Also, time to change all the site passwords (at least all the content change access passwords), and to also ensure they only go across secure communications channels, etc.
Seems similar has also happened to other sites, and probably recently, e.g.: http://www.arabdev.org/ "h4ck3rsbr UM PASSARINHO QUE NAUM TINHA CU FOI CAGA E EXPLODIU"
references/excerpts: $ lynx -dump http://www.balug.org/
H4ck3rsBr um passrinho que naum tinha cu foi caga e explodiu$ wget -N http://www.balug.org/ --10:27:25-- http://www.balug.org/ => `index.html' Resolving www.balug.org... 205.196.211.98 Connecting to www.balug.org[205.196.211.98]:80... connected. HTTP request sent, awaiting response... 200 OK Length: unspecified [text/html]
[ <=> ] 61 --.--K/s
Last-modified header missing -- time-stamps turned off. 10:27:26 (595.70 KB/s) - `index.html' saved [61]
$ cat index.html H4ck3rsBr um passrinho que naum tinha cu foi caga e explodiu $ telnet www.balug.org. 80 Trying 205.196.211.98... Connected to www.balug.org (205.196.211.98). Escape character is '^]'. GET / <html> <head> <META HTTP-EQUIV="Pragma" CONTENT="no_cache"> <title>Site Temporarily Unavailable</title> </head>
<h1>Site Temporarily Unavailable</h1>
We apologize for the inconvenience. Please contact the webmaster/ tech support immediately to have them rectify this.<p>
<font size=2>error id: "bad_httpd_conf"</font>
</body> </html>
Connection closed by foreign host.
Michael Paoli wrote:
This doesn't look good: http://www.balug.org/ "H4ck3rsBr um passrinho que naum tinha cu foi caga e explodiu"
Who's got the access to get in and clean stuff up ASAP?
Also, time to change all the site passwords (at least all the content change access passwords), and to also ensure they only go across secure communications channels, etc.
Postnuke is once again nuked, only person I know with a reasonable level of access is Hubbard. At this point my admin pass on Postnuked is worth about the same as if I had scribbled "$1000" onto a sheet of toilet paper.
If the lists are down then this is a fine mess.
Can you try contacting dreamhost, and have them at least temporariliy (virtually) pull the plug on at balug.org. TCP port 80 (pointing out to them that it's apparently quite obviously cracked, if necessary), at least until it can get fixed. Have you also tried contacting Hubbard?
Better (temporarily) no page than a cracked one (and presumably site, etc.)
*So far* Google cache has the uncracked page ... but that could change at any time.
It *seems* the lists are okay, ... but never know for sure (or who might be watching their messages/content). Of course most of the info. that's sent there is public or semi-public anyway.
Quoting Xavier balug-talk@xav.to:
Michael Paoli wrote:
This doesn't look good: http://www.balug.org/ "H4ck3rsBr um passrinho que naum tinha cu foi caga e explodiu"
Who's got the access to get in and clean stuff up ASAP?
Also, time to change all the site passwords (at least all the content change access passwords), and to also ensure they only go across secure communications channels, etc.
Postnuke is once again nuked, only person I know with a reasonable level of access is Hubbard. At this point my admin pass on Postnuked is worth about the same as if I had scribbled "$1000" onto a sheet of toilet paper.
If the lists are down then this is a fine mess.
Michael Hubbard michael@offroadgeek.com - can you do anything about this?
Thanks.
Quoting Michael Paoli:
Can you try contacting dreamhost, and have them at least temporariliy (virtually) pull the plug on at balug.org. TCP port 80 (pointing out to them that it's apparently quite obviously cracked, if necessary), at least until it can get fixed. Have you also tried contacting Hubbard?
Better (temporarily) no page than a cracked one (and presumably site, etc.)
*So far* Google cache has the uncracked page ... but that could change at any time.
It *seems* the lists are okay, ... but never know for sure (or who might be watching their messages/content). Of course most of the info. that's sent there is public or semi-public anyway.
Quoting Xavier balug-talk@xav.to:
Michael Paoli wrote:
This doesn't look good: http://www.balug.org/ "H4ck3rsBr um passrinho que naum tinha cu foi caga e explodiu"
Who's got the access to get in and clean stuff up ASAP?
Also, time to change all the site passwords (at least all the content change access passwords), and to also ensure they only go across secure communications channels, etc.
Postnuke is once again nuked, only person I know with a reasonable level of access is Hubbard. At this point my admin pass on Postnuked is worth about the same as if I had scribbled "$1000" onto a sheet of toilet
paper.
If the lists are down then this is a fine mess.
I did also drop dreamhost a pair of notes. Since I don't have "customer" level access, it just went in on their general form, and they seem to only "promise"/imply they'll read it within 24 hours ... and I don't know if that would be even that "timely" and applicable over a 3 day holiday weekend.
Anyway, this is what I sent to their "Abuse Department" and "Public Relations":
Subject: cracked site - please pull
Can you please effectively pull (at least block port 80) until the person(s) legitimately responsible for the site can repair it.
It is quite apparently cracked: http://www.balug.org/
Thanks.
Quoting Michael Paoli:
Michael Hubbard michael@offroadgeek.com - can you do anything about this?
Thanks.
Quoting Michael Paoli:
Can you try contacting dreamhost, and have them at least temporariliy (virtually) pull the plug on at balug.org. TCP port 80 (pointing out to them that it's apparently quite obviously cracked, if necessary), at least until it can get fixed. Have you also tried contacting Hubbard?
Better (temporarily) no page than a cracked one (and presumably site,
etc.)
*So far* Google cache has the uncracked page ... but that could change at any time.
It *seems* the lists are okay, ... but never know for sure (or who might
be
watching their messages/content). Of course most of the info. that's
sent
there is public or semi-public anyway.
Quoting Xavier balug-talk@xav.to:
Michael Paoli wrote:
This doesn't look good: http://www.balug.org/ "H4ck3rsBr um passrinho que naum tinha cu foi caga e explodiu"
Who's got the access to get in and clean stuff up ASAP?
Also, time to change all the site passwords (at least all the content change access passwords), and to also ensure they only go across
secure
communications channels, etc.
Postnuke is once again nuked, only person I know with a reasonable level
of access is Hubbard. At this point my admin pass on Postnuked is worth
about the same as if I had scribbled "$1000" onto a sheet of toilet
paper.
If the lists are down then this is a fine mess.
OK... both you Michael and Xavier are freakishly paranoid and apparently have too much time on your hands today.
The hack that was used was a simple way to change the index.php file. The hackers did not actually break into the server and no security is compromised.
This is due to a simple postnuke security hole, and I am going to patch it as soon as I finish this email.
The site is already back to normal (just switched the php file with a backup).
I obviously have full access to the servers balug is hosted on, and I have no intention of adding anyone else. If you guys want full access to the servers then I would recommend the site and mailing list be moved and hosted elsewhere...
On Sat, September 3, 2005 11:43 am, Michael Paoli said:
I did also drop dreamhost a pair of notes. Since I don't have "customer" level access, it just went in on their general form, and they seem to only "promise"/imply they'll read it within 24 hours ... and I don't know if that would be even that "timely" and applicable over a 3 day holiday weekend.
Anyway, this is what I sent to their "Abuse Department" and "Public Relations":
Subject: cracked site - please pull
Can you please effectively pull (at least block port 80) until the person(s) legitimately responsible for the site can repair it.
It is quite apparently cracked: http://www.balug.org/
Thanks.
Quoting Michael Paoli:
Michael Hubbard michael@offroadgeek.com - can you do anything about this?
Thanks.
Quoting Michael Paoli:
Can you try contacting dreamhost, and have them at least temporariliy (virtually) pull the plug on at balug.org. TCP port 80 (pointing out
to
them that it's apparently quite obviously cracked, if necessary), at least until it can get fixed. Have you also tried contacting Hubbard?
Better (temporarily) no page than a cracked one (and presumably site,
etc.)
*So far* Google cache has the uncracked page ... but that could change
at
any time.
It *seems* the lists are okay, ... but never know for sure (or who
might be
watching their messages/content). Of course most of the info. that's
sent
there is public or semi-public anyway.
Quoting Xavier balug-talk@xav.to:
Michael Paoli wrote:
This doesn't look good: http://www.balug.org/ "H4ck3rsBr um passrinho que naum tinha cu foi caga e explodiu"
Who's got the access to get in and clean stuff up ASAP?
Also, time to change all the site passwords (at least all the
content
change access passwords), and to also ensure they only go across
secure
communications channels, etc.
Postnuke is once again nuked, only person I know with a reasonable
level
of access is Hubbard. At this point my admin pass on Postnuked is
worth
about the same as if I had scribbled "$1000" onto a sheet of toilet
paper.
If the lists are down then this is a fine mess.
Thanks for at least getting web page fixed and such. Looks much better again.
Quoting michael@offroadgeek.com:
The site is already back to normal (just switched the php file with a backup).
On Sat, September 3, 2005 3:09 pm, Michael Paoli said:
Thanks for at least getting web page fixed and such. Looks much better again.
Quoting michael@offroadgeek.com:
The site is already back to normal (just switched the php file with a backup).
OK... the site has been successfully upgraded to 0.7.6.0. Unfortunately there is a problem with the postcalendar module (the balug calendar) so it's disabled until further notice.
michael@offroadgeek.com wrote:
OK... both you Michael and Xavier are freakishly paranoid and apparently have too much time on your hands today.
I have a flu thingy, thank you.
And without a back end view, its not easy or safe to assume that little has gone wrong. Moreover in the past worse has happened and nothing got done about it for a long time.
The hack that was used was a simple way to change the index.php file. The hackers did not actually break into the server and no security is compromised.
Do you have immutable logs to verify that?
Though it really wouldn't surprise me if they limited themselves to that. The ability to swap in PHP code offers quite alot of latitude to crackers. (the user end looks like a straight text file, that does not have to be true though, nor would it have to stay false for more than one page view)
I obviously have full access to the servers balug is hosted on, and I have no intention of adding anyone else. If you guys want full access to the servers then I would recommend the site and mailing list be moved and hosted elsewhere...
I'm in the process of advocating that, as always. :-)
Well, maybe we ought to take more of this "conversation" "off-line", and/or perhaps make an adjustment to its tone.
First of all, I think we ought to thank, and not forget, that most - if not quite literally all - of this, is volunteer done/run/operated. So, we should be thankful and appropriately appreciative of all the hard work that's been done and what we have gotten. Sure, things haven't been and will likely never be "perfect".
Sure, we can continue to work on ways to improve things. But we should be cautious to do so in manners that well leverage and utilize what resources we have, or potentially have, to work with. Of course we also want to appropriately consider what does and/or doesn't work (and how well, with what risks/trade-offs, etc.) in terms of general benefit and use to BALUG "members" (users of site/lists, those that come to our meetings, etc.), and also factors such as supportability, maintainability, etc.
I know I certainly appreciate the work that Michael Hubbard and Xavier and others have done regarding site work and support, web page work, materials contribution, etc.
And in general, it's best not to tick off those that have done and/or continue to do significant good work / support for one's organization - even if it may not be perfect and/or all that may be desired.
Anyway, hopefully we can mostly manage constructive useful dialogs.
Sorry if I might have sounded a wee bit alarmist when the main web page of http://www.balug.org/ had been trashed, but I was mostly concerned about how that looked for and reflected upon BALUG. I am quite glad that we did get at least the most obvious damage (the web page defacement) corrected relatively quickly.
Anyway, thanks again for everyone's work on the site and for BALUG, etc.
Quoting Xavier balug-talk@xav.to:
michael@offroadgeek.com wrote: And without a back end view, its not easy or safe to assume that little has gone wrong. Moreover in the past worse has happened and nothing got done about it for a long time.
The hack that was used was a simple way to change the index.php file.
The
hackers did not actually break into the server and no security is compromised.
Do you have immutable logs to verify that?