mozilla dot org

Bad Caps = Bad Motherboard = OLUG Downtime

In case you did not see it on the mailing list...



Subject: [olug] Bad Caps = Bad Motherboard = OLUG Downtime
From: Jon Larsen relayer at levania dot org
Date: Fri, 27 May 2005 19:16:32 -0500
To: olug

Back in the late 1990s, a formula for a new electrolyte for capacitors was stolen from a superconductor manufacturer. It was used to make capacitors, many of which wound up in many popular motherboards. The formula was not complete, and was flawed. Over time, the 'faulty' capacitors started to exhibit behavior of producing incorrectly, or erratic voltage to the CPU (as the caps are used mostly in the voltage regulator module or VRM).

The Capacitors bulge and leak electrolyte over time. One indicator of this is the toroid choke in the VRM may show scorching or heat stress.

The motherboard from the OLUG box had such capacitors, which caused the failure last Sunday night.
Pictures can be viewed at <http://www.olug.org/albums/badmobo/>

So, one thing to take away from this is when you do your regular dusting and clean out of your PCs, check the caps, choke, and board surface for any irregularities. You may save your data. You do clean out your PCs, right? If not, check your fan exits and intakes, plus your CPU heatsink.

A good resource:
http://www.badcaps.net/


But, backups are always your first line of integrity.

Jon L.

orkut and LJ

I'm new to LJ. I've been happy with my http://www.blosxom.com/ based blog for a while. Someone invited me to orkut. Very intresting; I lost my password. Oh well. The problem with orkut is it's closed. I can't monitor things with my http://www.bloglines.com/myblogs agregator. LJ has nice RSS and ATOM feeds. There's even FOAF support! E.G. http://www.borho.net/foafer/?file=http%3A%2F%2Fwww.livejournal.com%2Fusers%2Firishmasms%2Fdata%2Ffoaf

BTW? Can I put HTML in here?
IrishMASMS on FOAFer

I've been lazy and not dug into the documentation for LJ. So there are many questions...

e.g. RSS feed for my friends agregation page? How can I get that?

Can I customize my FOAF?

LJ is open source. How do mere mortals submit patches? Can one do an apt-get lj-server and have their own community running in no time?

Is there PGP support for signing LJ posts?

Thanks for the clues.

p.s. I still have class on Tuesday nights, so no OLUG for me this Summer. In the Fall I'll be free on Tuesday nights..... woo woo.
  • Current Music
    http://somafm.com/dronezone.pls
Devil horn crossing

PHPNuke Exploit Fixed


A small exploit in PHPNuke allowed a number of email messages to be sent coming from 'webmaster@olug.org' or 'root@olug.org' advertising a executable (EXE) program, freesms.exe.
The exploit in PHPNuke was found and fixed.

Network Associates tags freesms.exe as Spyware. Please delete the message. If you did click on it and install it, please make sure you use a spyware removal tool to seek out and get rid of it.
OLUG does not send .exe or links to .exe programs (especially Windows programs)

Jon Larsen
Technical and Hardware Officer
OLUG



So, a little SQl inkjection has OLUG.org as a spam relay passing out some WinDoz spyware this afternoon.

Here is my SpamCop LART:


Parsing header:

Received: from rly-nc01.mx.aol.com (rly-nc01.mail.aol.com [172.18.151.198]) by air-nc01.mail.aol.com (v98.19) with ESMTP id MAILINNC12-821740969cea1a1; Mon, 03 May 2004 15:26:34 -0500
172.18.151.198 found
host 172.18.151.198 (getting name) no name
172.18.151.198 discarded

Received: from olug.org (olug.org [216.40.17.98]) by rly-nc01.mx.aol.com (v98.5) with ESMTP id MAILRELAYINNC12-66040969ce429f; Mon, 03 May 2004 15:26:28 -0400
216.40.17.98 found
host 216.40.17.98 (getting name) = olug.org.
host olug.org (checking ip) = 216.40.17.98
Possible spammer: 216.40.17.98
216.40.17.98 is an MX for olug.org
216.40.17.98 is mx
Received line accepted

Received: (qmail 4722 invoked by uid 65534); 3 May 2004 19:26:16 -0000
Removed 'by' from uid
Received: (qmail 4722 invoked (uid 65534)); 3 May 2004 19:26:16 -0000
no from
Ignored

Tracking message source: 216.40.17.98:
Routing details for 216.40.17.98
[refresh/show] Cached whois for 216.40.17.98 : noc@novia.net
Using abuse net on noc@novia.net
No abuse net record for novia.net
Using default postmaster contacts postmaster@novia.net
216.40.17.98 not listed in dnsbl.njabl.org
216.40.17.98 not listed in dnsbl.njabl.org
216.40.17.98 not listed in cbl.abuseat.org
216.40.17.98 not listed in dnsbl.sorbs.net
216.40.17.98 not listed in relays.ordb.org.
216.40.17.98 not listed in query.bondedsender.org
216.40.17.98 not listed in iadb.isipp.com

Finding links in message body
Parsing text part

Resolving link obfuscation
http://sky.prohosting.com/deccode/freesms.exe
host 65.113.119.149 = mp3.dns-solutions.net (cached)

Tracking link: http://sky.prohosting.com/deccode/freesms.exe
Resolves to 65.113.119.149

Tracking ip 65.113.119.149
Routing details for 65.113.119.149
[refresh/show] Cached whois for 65.113.119.149 : noc@prohosting.com
Using abuse net on noc@prohosting.com
abuse net prohosting.com = abuse@prohosting.com
Using best contacts abuse@prohosting.com


Re: http://sky.prohosting.com/deccode/freesms.exe (Administrator of network hosting website referenced in spam)
To: abuse@prohosting.com (Notes)


So, prohosting is a hacker & spammer host - bastards!
  • Current Mood
    disappointed disappointed
Devil horn crossing

NEbraskaCERT conference 2004 Call for Papers (CFP)

Hey Everybody,

NEbraskaCERT [http://www.nebraskacert.org/] has their call for papers for this year's (August 3-5, 2004) conference up at http://www.certconf.org/call2004.php

This year the conference planners are concentrating on Practical Security, so Linux and the BSD should be a pretty hot topic. ;)


The NEbraskaCERT conference is the Midwest's Premier security conference. Honest, really :-)


Disclaimer: I am friends with the members of the NEbraskaCERT Board of directors; have attended, assisted, and presented at past NebraskaCERT conferences and will most likely be presenting this year as well.


X-posted to olug, nebraskans, infosec, midwesterners, omaha_whatever