I wonder if Planet works.

Apparently Snort’s Back Orifice preprocessor is vulnerable to a huge stack-based buffer overflow:

The Snort BO preprocessor vulnerability can be triggered with a single UDP
packet targeting virtually any port. As such, there is a large potential
that these packets can bypass perimeter firewall defenses. An attack need
not be directly targeted at a Snort installation, but merely towards a
network monitored by Snort. Due to the trivial nature of this vulnerability
and its potential to bypass perimeter firewalls, there is grave concern that
this issue might be exploited as part of a network-based worm. X-Force
urges all affected users to upgrade immediately.

It’s been a while since something like that was discovered. I was wondering when the next major hole would be discovered, and this appears to be it (or one of them). It seems(?) to have been handled quite well, with people cooperating across the board…but who knows what goes on behind the scenes.

I finally transitioned mail this weekend. It was quite a pain, and is continuing to be, in some form or another. I’m getting some of it figured out, and learning quite a bit in the process. One thing that is causing grief is the fact that, on the old server, the whole setup was kind of a mess. Unfortunately I can’t just change everything around to make it nicer, because as I learned, that breaks things for people who rely on the old method. People are using different formats for their mail boxes which means all of them have to be accomodated. And when there are problems, it’s a whole lot more annoying to track down. Over all, the new system is working fine for mostly everybody minus a couple of people.

Authoritative DNS and the web pages are the last step (oh snap!). I think that mean’s it is almost finished and I can start working on the fun stuff once everything works. I wrote up another plan for the last remaining steps in the process so Rick knows what we are doing and can accomodate. On a side note, I don’t think I’ll go to Physics today.

On the platter: get this plan cleaned up and show it to people (“Just tell us what you’re doing please“), figure out why a couple of people’s mail is “broken”, reboot boxes, transition web site, authoritative DNS, hit level 30 cough.

Nothing much has been going on with the servers lately. Things are pretty stable. I’m waiting for this weekend to switch mail, and also apply some patches, enable IPFW and reboot all of the machines. From there I can enable/disable rules. I will probably also contact the campus DNS admins and work out a time to switch authoritative DNS. I moved the files over and cleaned them up, but by now, things are somewhat out of date. It isn’t all that much work to do it again though.

After Mail is moved (hopefully that goes smoothly) then the web pages are pretty much the only remaining step. I don’t anticipate many complications with the pages (they were up and running before, Pat did a nice job with Wordpress) but it will be interesting to see how I can utilize clever virtual hosting to get different things running in parallel. It will be nice to have most everything served from one Apache install.

In other news, game prioritization is becoming increasingly popular…

Also, the proxies seem to be pretty even which is cool (top: Vali, bottom: Vidar)