IT Resource

There is often a requirement to block/deny user access to certain websites and this post shows how administrators can utilise Squid to achieve this:

Squid is a popular open source web proxy server and web caching software. It has a wide variety of uses, from speeding up a web server by caching repeated requests, to caching web, DNS and other network lookups for groups of people sharing network resources and (which is of most interest to us for the purposes of this post) by aiding security via traffic filtering. It was originally inteneded for Unix/Linux but has been ported to a number of platforms.

Squid has powerful ACL (access control list). The primary use of the ACL system is to implement simple access control. This can be used to deny a user from accessing particular site.

In order to do this we have to edit the Squid configuration file.

e.g. # vi /etc/squid/squid.conf

Search for `Access Controls’ and append the following lines (in this example we are blocking access to ‘nastysite.com’):
acl badsite dstdomain .nastysite.com
http_access deny badsite

Save and close the file, and then restart Squid:
# /etc/init.d/squid restart

 If required, you can specify more than one site to be blocked:
acl badsite dstdomain .nastysite.com  .anothernastysite.com
http_access deny badsite

You can also use regex expressions to block access to more than one website. for example,  if you would like to deny access for any sites where the URL contains the word “twitter”, use the following ACL lines:
acl badsitegroup url_regex -i twitter
http_access deny badsitegroup

More information on Squid commands can be found at: http://wiki.squid-cache.org/FrontPage

Microsoft has released a new beta test version of IE8, stating that this version comes with new features to enhance privacy, ease-of-use, and security.

Beta 1 of IE 8 was released in March, but that was aimed at letting web developers take a first look at the new browser. This latest version is aimed at a broader consumer audience.

Although there is no official release date for IE8 as of yet, Microsoft has pledged to deliver more regular updates of Internet Explorer, whose lead has been chipped away by Mozilla’s Firefox browser. It released Internet Explorer 7 in October 2006.

The latest version of Internet Explorer boasts features found in Firefox 3, including a “smart” address bar that remembers and redirects user to website addresses they have visited before.

IE 8 will also offer a mode called “InPrivate Browsing,” which ensures that history, temporary internet files and cookies are not recorded on a user’s PC.

A new security feature that allows a user to block content coming from third-parties trying to track and aggregate the user’s online behavior will also be available.

Microsoft has also updated features such as “Activities” which allows a user to use information found on one page (e.g. an address) in conjunction with online services such as mapping, without leaving the original site.

The latest test release of Internet Explorer 8 can be found at www.microsoft.com/ie8

The infamous Microsoft “Blue Screen Of Death”, or BSOD, can of course have many causes, some of which can be fixed up with a reboot. Other BSOD errors may signify a more serious issue related to Drivers, memory or other factors.

Listed below are a few of the most common Error messages that accompany a BSOD, together with explanations of what they may mean.

The error messages take the form of an 8-character hexidecimal code (the last eight characters in the ‘STOP’ message code).

 
STOP: 0×0000000A
IRQL_NOT_LESS_OR_EQUAL
Indicates that a kernel-mode process or driver attempted to access a memory location it did not have permission to access, or a memory location that exists at a kernel interrupt request level (IRQL) that was too high (a kernel-mode process can only access other processes that have an IRQL that’s equal to or lower than its own).

 
STOP: 0×0000001E
KMODE_EXCEPTION_NOT_HANDLED
The Windows XP kernel detected an illegal or unknown processor instruction. The problems that cause this error can be either software or hardware related and result from invalid memory and access violations, which are intercepted by the Windows default error handler if error-handling routines are not present in the code  itself.

 
STOP: 0×00000024
NTFS_FILE_SYSTEM
Indicates that a problem occurred within Ntfs.sys, the driver file that allows the system to read and write to drives formatted with the NTFS file system. (A similar Stop message, 0×00000023, exists for the file allocation table [FAT16 or FAT32)] file systems).

 
STOP: 0×00000050
PAGE_FAULT_IN_NONPAGED_AREA
The requested data was not in memory. The system generates an exception error when using a reference to an invalid system memory address. Defective memory (including main memory, L2 RAM cache, video RAM) or incompatible software may cause this error.

 
STOP: 0×0000007B
INACCESSIBLE_BOOT_DEVICE
Windows XP has lost access to the system partition or boot volume during the startup process. Incorrect device drivers typically cause this error although it can also indicate a possible virus infection.

 
STOP: 0×0000007F
UNEXPECTED_KERNEL_MODE_TRAP
A hardware problem e.g. resulting from mismatched or defective memory, a malfunctioning CPU, or a fan failure that’s causing overheating.

 
STOP: 0×0000009F
DRIVER_POWER_STATE_FAILURE
Indicates that a driver is in an inconsistent or invalid power state. This error typically occurs during events that involve power state transitions, such as shutting down or moving in or out of standby or hibernate mode.

 
STOP: 0×000000D1
DRIVER_IRQL_NOT_LESS_OR_EQUAL
The system attempted to access pageable memory using a kernel process IRQL that was too high. Typical cause is a bad device driver (one that uses improper addresses) although it can also be caused by faulty or mismatched RAM or a damaged pagefile.

 
STOP: 0×000000EA
THREAD_STUCK_IN_DEVICE_DRIVER
A device driver problem is causing the system to pause indefinitely. Typically, this problem is caused by a display driver waiting for the video hardware to enter an idle state. This might point to a hardware problem with the video adapter or a faulty video driver.

 
STOP: 0xC0000218
UNKNOWN_HARD_ERROR
A required registry hive file could not be loaded. The file may be corrupt or missing. The registry file may have been corrupted due to hard disk corruption or some other hardware problem. A driver may have corrupted the registry data while loading into memory or the memory where the registry is loading may have a parity error.

 
STOP: 0xC0000221
STATUS_IMAGE_CHECKSUM_MISMATCH
Driver, system file, or disk corruption problems (such as a damaged paging file). Faulty memory hardware can also cause this message to appear.

There’s been some wild and panicky stuff in some of the Tech press lately about a potential exploit that could bypass Vista’s security model. It all sounds pretty drastic but please bear in mind that most reports have been pretty sensationalist about it.

A ZDNet blog post contains a bit more ‘measured’ information about it along with responses from one of the guys who reported the exploit.

Sybase has teamed up with Australian Business Intelligence (BI) provider Yellowfin to package up the Sybase IQ Data Warehousing tool with YellowFin’s Presentation layer & User Interface.

Sybase IQ is a database product optimised for fast analytics and reporting (using a column-based architecture), while the Yellowfin products will provide a web-based Reporting and Delivery capability with easy-to-use dashboards and charting tools.

The alliance already has a live customer in New Zealand based Paymark, and is actively looking to promote the packaged solution in Australia, NZ, Japan, India and China.

Yellowfin are at: http://www.yellowfin.com.au

Sybase can be found at: http://www.sybase.com.au

Sun’s ‘Light-weight UI Toolkit’ (LWUIT) has been made available for download under a version of the GPL2 open-source license, which will make it easier for developers to create applications for the Jave ME mobile/smart phone platform.

According to Sun’s Craig Gering: “We are enabling mobile developers to quickly and easily create rich, portable interfaces for their applications,” declared Craig Gering, Sun’s senior director of embedded Java software.

“This software will also help address the mobile industry’s fragmentation issue by enabling developers to create a single interface that will work anywhere Java is found.”

More information: http://lwuit.blogspot.com/

The August upate from Microsoft is likely to contain a number of critical and major fixes.

The update will include seven items rated as ‘critical’, the highest of Microsoft’s security alert levels. All of these will address issues that may allow an attacker to remotely execute code on a targeted system.

Four of the critical fixes relate to Office issues, one addresses critical flaws in Windows 2000, XP and Server 2003, another fixes a critical issue in Windows Media Player while the last addresses a critical vulnerability in Internet Explorer.

Also planned are five fixes rated as ‘important’. The patches include two remote code execution flaws in Windows and one in Office. The other two updates address information disclosure vulnerabilities found in Windows Messenger, Outlook Express and Windows itself.

The company plans to release the update on Tuesday 12th August. The release will also include non-security updates for the Windows Malicious Software Removal Tool and the Windows Update, Microsoft Update and Software Update Services

iiNet is offering free streaming access to English Premier League matches.

That’s “free” as in there will be no charge for the matches, and “free” in that iiNet won’t count the data usage (streaming will be in .wmv format, and will require Media Player 10) against the user’s monthly allowance.

The Premier League season starts on the 16th of August with Arsenal vs West Bromwich Albion at 12:45 UK time (9:45pm AEST). Up to four live games and five recorded games will be made available each week.

Intel has announced details of a new generation of chips designed to handle increasingly complex and diverse requirements.

The “multi-core” processor technology, codenamed “Larrabee” will be showcased at an upcoming industry conference in Los Angeles.

By dividing tasks between cores, these multi-core chips will be able to cut energy use and heat while speeding performance, using a type of  parallel processing.

Intel and AMD currently sell chips with two or four “cores,” but the new Intel chips (pencilled for release in 2009 or 2010) will have 16 to 48 cores and will be tailored for handling computer game graphics. The chips will also accomomodate the increasingly complex, ‘multi-tasking’ type approach that see users running many desktop apps at once.

Intel say that the major task for software developers now will be to make full use of the available processing power and multi-threading capabilities. Predicted research breakthroughs include voice recognition software so accurate it could be used to record witness testimony in courtroom proceedings.

Intel expects Larrabee “to kick start an industry-wide effort to create and optimise software for the dozens, hundreds and thousands of cores expected to power future computers.”

Larrabee’s initial foray into the multi-billion dollar computer graphics market will put it in an arena dominated by Nvidia and AMD, which both reportedly plan to market chips with hundreds of cores.

See more at:
http://www.intel.com/pressroom/archive/releases/20080804fact.htm?iid=pr1_releasepri_20080804fact

Here’s a handy little list of useful Vista keyboard shortcuts:

• Win + d – show Desktop
• Win + f- search for files
• Win + g  – cycles through Gadget selections
• Win + l – lock your computer
• Win + m – minimize windows
• Win + t  - cycles through Taskbar programs
• Win + u  – activate the ‘Ease of Use’ Center
• Win + x  – cycle through the ‘Mobility’ Center
• Win + Spacebar  – bring Gadgets to the front

Also – if you use the Quick Launch toolbar, pressing the Win key + a number (from the top row of the keyboard) will launch the corresponding application in the Quick Launch toolbar.

e.g. if your first 4 Quick Launch icons are Outlook, Word, Excel, PowerPoint – If you press Win+2, that will start up Word, Win+4 will start Powerpoint and so on. This only applies to the first 10 QuickLaunch icons Win+0 being the last).