Webmailer for the Thecus

Posted by coldtobi | 30 May, 2008, 09:53
Currently I am working on my "frostynas" NAS Framework for services I personally host on my Thecus NAS. And for that I need want a WebMailer frontend.

The candidated so far are
  • sqirrelmail (http://squirrelmai.org)
  • horde Webmail Project (http://www.horde.org/webmail/)
  • openwebmail (http://www.openwebmail.org/)
  • roundcube (http://www.roundcube.net/) 
Lets start with the decission finding.

Linux / Debian, Tips and Tricks, Thecus N2100 | Comments (0) | Trackbacks (0)

YAML Templates 3.0

Posted by coldtobi | 30 May, 2008, 09:02

Last year, I released the YAML Sets for Lifetype. However, just some days after I released them, YAML author releases a new mayor version: YAML 3.


Blog and Website, Lifetype | Comments (1) | Trackbacks (0)

bzr hangs at pre_commit stage

Posted by coldtobi | 25 May, 2008, 12:56 Sometimes there are really annoying bugs. Especially if you start using a software. You never know, if it is supposed to be that way or a bug. However, after some minutes, I was sure: Its a bug. This time, the pacakge bzr-dbus introduced a bug. When commiting to a bzr repository, it seems to hang with:
"Running pre_commit hooks - Stage 3/5"

As bzr-dbus was pulled by a recommend and I don't need publishing changes with dbus, simply purging the packages makes bzr working.


Tips and Tricks | Comments (0) | Trackbacks (0)

[Links] Version Control Systems -- Comparsions

Posted by coldtobi | 22 May, 2008, 11:55
For some of my personal data, I currently use CVS. But as this task also should go tho the Thecus, I was looking for something more mordern.

And, there are a lot of them, to many to take a look at them indivudually. Lucklily, other people did that already, so if you ara also in a simular situation -- choosing a new or replacment CVS System (or also called SCM, Configuration Managment ...)

Well, however you wanna call it, here are some links articles to check out:
The New Breed of Version Control Systems
Better SCM Initiative : Comparison
Version-Control Systems for Linux
(As far as I am through with that links, montone looks very promising as is currently my top candiate)

Linux / Debian, Netzfunde, Thecus N2100 | Comments (0) | Trackbacks (0)

Debian OpenSSL Issue on Arm[el] (Thecus, NSLU etc)?

Posted by coldtobi | 16 May, 2008, 18:43 By the way, the OpenSSL "issue" is also valid for the other debian ports, like the Thecus.

However, I read the quoted section from Metasploit

This will generate a new OpenSSH 1024-bit DSA key with the value of
getpid() always returning the number "1". We now have our first
pre-generated SSH key. If we continue this process for all PIDs up to
32,767 and then repeat it for 2048-bit RSA keys, we have covered the
valid key ranges for x86
systems running the buggy version of the OpenSSL library. With this key
set, we can compromise any user account that has a vulnerable key
listed in the authorized_keys file. This key set is also useful
for decrypting a previously-captured SSH session, if the SSH server was
using a vulnerable host key. Links to the pregenerated key sets for
1024-bit DSA and 2048-bit RSA keys (x86) are provided in the downloads section below.

the way, that the compiled list of compromised keys is only valid for a specific architecure. As ssh-vulnkey is using compiaring the keys against a blacklist, it might be a good idea to regenerate these keys. Even if I am wrong, it is better to be safe than sorry ;-)


Thecus N2100 | Comments (0) | Trackbacks (0)

Page Rank -- Updated?

Posted by coldtobi | 15 May, 2008, 00:23 I just noticed the PR now jumped to "4" on some pages on my site.... Not that I care so much, but as it jumped from 2 to 4 in days I'm wondering if Google updated their topsecret PR-algorithm again?

Blog and Website | Comments (0) | Trackbacks (0)

Debian OpenSSL vulnerability: Check your installation/keys

Posted by coldtobi | 14 May, 2008, 09:57

As I learned today by an announce at the debian security list, there was a "patch" against security in the OpenSSL Library. The patch is debian specific, so applies only to debian and clones (e.g Ubuntu). However, it was sufficient to create the keys on a affected machine, so everyone could be affected, if the keys where transfered to a third machine.


Linux / Debian | Comments (1) | Trackbacks (0)