Cramsession Linux Newsletter

home

Jan 17 2002

                    LINUX NEWS
        Resources & Links From CramSession.com
                 January 17, 2002

TABLE OF CONTENTS

1) Sean’s Notes

2) Linux News

Put an End to Word Attachments
Government of Korea to Buy 120K Linux Seats
No More Solaris x86
Why Can't We All Get Along?

3) Linux Resources

Linux Gamers FAQ
12 Steps to a Microsoft-Free Shop
A Little Challenge?
Munitions Archive
Using MP3s in Linux

4) App o’ the Week

~~~~~~~~~~~~~~~~~~~~~~ ADVERTISEMENT ~~~~~~~~~~~~~~~~~~~~~~~

Try Our IT Certification Courses FREE! SmartCertify Direct gives you classroom-quality IT training at a fraction of the cost of traditional courses. You’ll get 24-hour online mentoring from certified advisors, hands-on interactive exercises, the popular Test Prep exams and more! Choose from MCSE, Cisco, A+, CIW, Linux and many other courses. Click below to try them all FREE and register to WIN a state of the art Dell PC!

http://ad.brainbuzz.com/?RC06&AIG30

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

For information on how to advertise in this newsletter please contact mailto:adsales@CramSession.com or visit http://cramsession.com/marketing/default.asp

1) Sean’s Notes

This week, it’s the original Sean back in the chair. I’d like to thank my good friend Sean M. for taking care of the newsletter in my absence. I’d also like to thank all of you who wrote in with your concerns that I’d been replaced. It’s great to know that I’m able to help so many people with this newsletter.

I was gone for about 12 days, and between mailing lists that I don’t filter out, personal email, and spam, I had around 400 messages in my inbox. Out of those, I’d have to say that over 100 of those were spam. It wasn’t until I started to wade through my email that I realized how much time I waste sorting through junk.

Now I’m not much for New Year’s resolutions, but here’s one I came up with. I’m going to do what I can to stop spam.

From my viewpoint, there are three ways a computer can

determine if a message is spam. It can either compare it to a database of known spam, or it can use heuristics to look for spam traits. “Heuristics” is a fancy word that describes the process of making the computer look for patterns, almost like the human brain. The third method involves mangling my email address such that it is only valid for a certain period of time, or other similar methods.

My criteria for choosing which way to go are: I don’t mind false negatives, but I don’t want any false positives. That is to say, I don’t mind if I get some spam, but I don’t want any legitimate message being classified as spam. Secondly, I want this process to be transparent to the sender.

The last requirement means I can’t use the third method (mangling my address). Since my email addresses are already widely known (by spammers and legitimate people alike), it would be too much of a hassle. The first requirement is there, so that I don’t have to review all the quarantined messages, which cuts out heuristics.

So, that leaves me with comparing my incoming messages against known spam. The downside with this approach is that in order to be effective, a central registry of spam has to be kept. This is vulnerable to abuse, though, since there is nothing stopping someone from submitting, say, this newsletter, to the registry. It could not be a complete registry, either, since it would always lag, and spammers are starting to add random strings to email. However, it’s better than nothing.

Vipul’s Razor is the software I’ve chosen to use. It consists of a series of database servers. Each person subscribing to the service calculates a checksum of the message, and sends it to the central server. Based on a match or not, the remote end can do whatever it would like to the message, such as drop it.

http://razor.sourceforge.net/

Signatures are added to the database from the people using the service. People can either bounce the message to an address, which will submit the checksum to the central database, or even set up troll addresses which automatically do the same. Since I already use procmail to filter my mail, implementing Razor is a simple matter of adding some extra recipes.

Next week I’ll get into how to install and configure Razor. I’ll also do my best to give you some figures on how many messages I received, and how many spam letters were detected. In the meantime, you may want to review how procmail works:

http://ertw.com/~sean/newsletter/December+7%2C+2000

Long live the Penguin,

Sean mailto:swalberg@cramsession.com

2) Linux News

Put an End to Word Attachments

Even though email is cross platform, people still insist on sending content in proprietary format such as MS Word. For those of us that don’t have it, this causes us to undergo the burden of converting it, and trying to decypher the output. This article (by RMS himself) outlines some friendly ways of requesting that the sender use a more open format.

http://www.newsforge.com/article.pl?sid/01/10/1711238&mode=thread

Government of Korea to Buy 120K Linux Seats

This is the largest announcement of its kind that I can remember. 120,000 copies of Hancom Linux were sold to the Korean government. Hancom appears to use KDE, localized for the Korean language, and includes an MS Office-compatible office suite.

http://www.hancom.com/en/news/press02_0111.html

No More Solaris x86

Sadly, SUN has decided not to release Solaris 9 for x86, which does not bode well for the product. Besides being a great platform, it is an excellent way to work on Solaris without needing an expensive SUN server. Those currently using it in production need not panic, as SUN will be supporting the product for the next several years.

http://www.save-solaris-x86.org/

Why Can’t We All Get Along?

Even though they don’t yet have a product in sight, Lindows is in trouble from Microsoft. Seems that Bill and his cronies think that people might confuse “Windows” and “Lindows”. It’s all bunk if you ask me, but that’s for the courts to decide now.

http://www.cnn.com/2002/TECH/industry/01/16/lindows.v.microsoft.idg /index.html

3) Linux Resources

Linux Gamers FAQ

This FAQ answers lots of questions that may come up when playing games under Linux. Everything from hardware to the different game vendors (and emulators) is covered.

http://www.icculus.org/lgfaq/

12 Steps to a Microsoft-Free Shop

“DO YOU FIND that you’re incapable of stopping upgrades? Do you spend much of your day patching security holes? Do you have a vague sense that you’re spending too much money on software? If you answered yes to any of those questions, you may have become overly dependent on Microsoft. Here’s a handy 12-step program to cure your condition.”

http://www.cio.com/archive/010102/shop.html

A Little Challenge?

What do you do when you’ve lost the tools you’re used to? If you can’t trust ps to bring up a listing of all the processes, such as after you’ve been hacked, what do you do? I asked this question on the Linux-General board; read what others have to say, and put in your two cents.

http://boards.cramsession.com/boards/vbm.asp?mE7750

Munitions Archive

This site has a rather large collection of cryptographic software for Linux. The site’s layout is very good, so it’s relatively easy to find what you’re looking for.

http://munitions.vipul.net/

Using MP3s in Linux

There’s a great deal of software out there to convert from (and to) MP3 audio files. This Howto walks you through the steps to work with this format, and it’s Free alternative, Ogg Vorbis.

http://www.mp3-howto.com/

4) App o’ the week

“screamingCobra” is a program that crawls through your web site and tries to find CGI programs. Once it does that, it gives them a workout, looking for common vulnerabilities. Better use it on your site before someone else does.

http://cobra.lucidx.com/

(C) 2002 BrainBuzz.com, Inc. All Rights Reserved.

     This message is from CramSession.com.

You are currently subscribed to the Hottest Linux News and Resources as: sean@ertw.com

To un-subscribe from this newsletter by e-mail: send a blank email message to: mailto:leave-linuxnews-3825955Y@list.cramsession.com

To Subscribe to this newsletter by e-mail: send a blank email message to:

mailto:join-linuxnews@list.cramsession.com

github.com/swalberg
twitter.com/seanwalberg