Being a Linux administrator for couple of years, I believe year 2008 will be a very good year for Linux starting from Google’s “Project Android” and the poor performance of Windows Vista. So before the year 2008 arrives, let me extend my congratulations to Linux.

Popularity: 1% [?]

If you are a System Administrator using Squid Proxy Server and you need a tool for securing web acccess in your company, then use the “whitetrash” plugin for Squid.

Whitelisting is a technique that makes it difficult for malware to use HTTP and SSL.

For example, an attacker sends you a malware in the form of a MSWord document attached to an email. You open the attached MSWord document and then the malware executes. The malware will then use HTTP to download tools from the attacker’s domain and use these tools to damage your PC. With a whitelist, all of these actions will be blocked because the attacker’s domain is not in the whitelist.

The Goal

The goal of Whitetrash is to provide a user-friendly and sysadmin-friendly proxy that makes it significantly harder for malware to use HTTP and SSL for:

• initial compromise;
• data exfiltration;
• command and control.

Whitetrash features:

• Provides whitelisting for HTTP and SSL that is good for both users and sysadmins, but defends against malware and browser exploits.
• A HTML rendered whitelist report that can be viewed by all users. Can also be used to generate static whitelists for popular domains.
• Fast: no noticeable impact on users browsing urls already in the whitelist, and adding a new URL is very quick.
• Secure: As this is a security product, great care has been taken to sanitise input, flow control etc. so that the whitelist cannot be easily circumvented or exploited.

• Users can delete their own whitelist entries (optional). Admins can delete any whitelist entry.

• A HTML report that lists all domains requested but not whitelisted - good for tracking down malware/adware and generating static blacklists.
• Configurable authentication: any sort of authentication can be used. Squid provides plugins for NTLM, basic, and digest but has an extensible interface for other authentication schemes.
• NEW: A CAPTCHA system has been implemented to prevent malware adding itself to the whitelist. CAPTCHA can be enabled for HTTP, SSL, or both. This is available in the source tree and will be included in the next release.

Popularity: 2% [?]

Global Orbiting Navigation Satellite System (GLONASS) is Russia’s network of 24 navigation satellites in orbit. The system uses radio time signals to locate people and vehicles on the Earth’s surface just like the American and Europian’s Global Positioning System (GPS).

Last Christmas, Russia has successfully sent three satellites into orbit, these will  the last satellites to complete its GLONASS project which is expected to be online in 2009.

Popularity: 1% [?]

Slingbox is a TV streaming device that enables consumers to remotely view their cable sattelite or personal video recorder (PVR) programming from an Internet-enabled computer with abroadband Internet connectio.

I was in New York, more than a year ago when a friend of mine had a problem with his Slingbox after moving to another Internet Service Provider in uptown NY area. The thing is, even if he use public IP address, the SlingBox just wouldn’t work. He’s a little pissed since the ISP and SlingBox customer support were unable to make his Slingbox work. I told him I will help him resolve the problem, and that I have a little trick for him but he has to configure his SlingBox to use private IP address (He has several computers inside NAT in his place). He told me that it is not possible so I had to prove to him that it is absolutely possible.

Below are iptables statements I used to make my friend’s SlingBox work inside NAT.

iptables -A FORWARD -i eth0 -p tcp –dport 5001 -d 192.168.30.100 -j ACCEPT
iptables -t nat -A PREROUTING -i eth0 -p tcp –dport 5001 -j DNAT –to-destination 192.168.30.100:5001

He was very happy after I was able to resolve his problem, In fact he asked me to bring one to Manila so he could access it and watch his favorite Filipino shows live.

By the way, I assigned 192.168.30.100 as the IP address of his Slingbox.

Popularity: 2% [?]

PERL which stands for Practical Extraction and Report Language was developed in December 1987 by Larry Wall while working as a programmer in Unisys. From the official website of PERL, “Perl is a stable, cross platform programming language. It is used for mission critical projects in the public and private sectors and is widely used to program web applications of all needs.”

As PERL turns 20, their website has announced the release of PERL version 5.10 which available free from http://www.perl.org

Popularity: 2% [?]

Microsoft Corporation has released WinXP SP3 candidate 1 and it is now available for download (the installer is 336MB file). If you are not quite happy with Windows Vista then I suggest you stick with your XP and just download the Service Pack 3 (SP3) update. So for Windows XP users out there, watch out for the final release which isn’t expected until next year.

Popularity: 1% [?]