Enterprise Unix Roundup: Sending Microsoft a Message Page 2

In Other News

» The newest version of the GNOME desktop was released Wednesday. GNOME 2.8 includes a wide array of new features and tweaks including the following:

• Improved hardware support, to eliminate the awkward mount/dismount routine for portable storage devices and peripherals such as digital cameras.
• Support for "DNS-Based Service Discovery," a.k.a. Zeroconf or Rendezvous, which allows network services to announce their availability over a local network.
• Enhancements to the Evolution PIM, similar to Microsoft's Outlook, including the capability to connect to Microsoft Exchange Servers
• Remote desktop administration via Virtual Network Computing (vnc)

Word has started to leak about the new Novell/SUSE Linux desktop project. In April we noted the product would likely lean heavily on GNOME, so it's no surprise to read reports in which the talking points on the new product stress GNOME-based software like Evolution and Mono, the Free Software .NET competitor.

» The Free Standards Group announced the release of the Linux Standards Base (LSB) 2.0 on Monday. The LSB is an effort to outline a standard set of libraries and applications for Linux against which software can be developed, in the hopes that the Linux developer community can avoid the fragmentation that eventually crippled Unix uptake. The problem with standards from the perspective of companies already doing fairly well, of course, is that they can have a harmful effect on name brand, as an interesting take on why the LSB's efforts won't matter points out.

» SCO has asked for more time in its suit against IBM, hoping to gain enough time to convinue the court to force IBM to give up more information.

» Red Hat has announced the first-annual Red Hat Summit, a three-day show to be held in New Orleans next June. Details are sketchy and include all the appropriate noise about community and volunteerism, but we're guessing that for every issue raised in a business or technical session, there'll be an answer with a jaunty fedora on it.

Security Roundup

• A collection of remote exploit and buffer overflow bugs have kicked off a spate of Apache patches from distributors. Since the newest version of the popular Web server, addressing just these issues, was released on Wednesday, expect more updates from others soon. Patches are in from Mandrake, TurboLinux, and SUSE so far.
• Buffer overflow vulnerabilities in Samba have been discovered, with patches in from TurboLinux, OpenPKG, Trustix, Mandrake, and Gentoo.
• A vulnerability in the Squid Web caching proxy that could allow users to bypass its access control lists has been patched by Mandrake and TurboLinux.
• The vulnerabilities in kerberos, reported here several weeks ago, have been patched by TurboLinux and OpenPKG.
• Apple released an update to Security Update 2004-09-07. The patch, labeled 2004-09-07 1.1, corrects bugs in the patches to lukemftpd and Safari.

Tips of the Trade

One of the indispensable utilities for the hardworking ace sysadmin is a bootable rescue disk. As long as you can find a way to boot a system, you can get in and fix it. Knoppix, the bootable Linux on a CD, is currently at the top of the rescue disk charts. With Knoppix, you can rescue both Linux and Windows systems.

Since lugging around an entire CD quickly becomes burdensome, you can go even more portable with Feather Linux. Feather Linux, which is a customized, dropped and chopped Knoppix, weighs in at 64 megabytes and boots from a USB keychain drive. It doesn't leave off anything important: You can connect to a network, download files, edit configuration files and access network shares.

Feather Linux contains a hidden gem called chntpw. chntpw resets Windows NT/2000/XP passwords. You don't need the old password to make it work. So if you're ever thrown into a job where the previous admin left in a huff, and no one knows anything, this little jewel will make you a big hero.

Carla Schroder writes the Tips of the Trade section of Enterprise Unix Roundup. She also appears on Crossnodes every Wednesday, and is the author of the site's popular Scripting Clinic, which deals with Unix/Linux scripting issues.

>> To Main