From mbuland at mymail.mines.edu Wed Sep 3 14:02:24 2014 From: mbuland at mymail.mines.edu (Matt) Date: Wed, 3 Sep 2014 14:02:24 -0600 (MDT) Subject: LUG: Meeting on 9/4 Message-ID: <433accb0.kqhkiG.1483d1c66e0@mymail.mines.edu> Fellow Linux Folk, We will have a meeting tomorrow! CTLM B56 at 6pm on Thursday. We'll talk about Linux from a high level, some great features of Linux platforms. We'll also talk about some of the more basic and introductory topics in Linux. If you would like help installing Linux on your own machine, tomorrow's meeting will be a great opportunity. Also, we will be raffling off 3 Linux T-shirts to new sign ups. We meant to talk about it at the celebration of mines, but since they were coming from Italy, we didn't know if they'd even be here in time. Anyways, only new members will be in the raffle, and you must be present to receive your shirt. They're all larges. A picture is attached; there's a tux Ethernet shirt, arch linux, and Debian. Hope to see you all there! Thanks, Matt Buland President of LUG -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 524 bytes Desc: PGP/MIME digital signature URL: From mbuland at mymail.mines.edu Thu Sep 11 11:35:02 2014 From: mbuland at mymail.mines.edu (Matt) Date: Thu, 11 Sep 2014 11:35:02 -0600 (MDT) Subject: LUG: Meeting: Powershell Message-ID: <432f8130.kqhkiG.14865c85a2a@mymail.mines.edu> Luggers, Tonight, Zeke will be giving a talk (more of a rant) on powershell. Since many of us admittedly use windows, this can be a great opportunity to learn how to avoid CMD prompt on windows. Same time, same place: CTLM B56 every Thursday at 6PM. Thanks, Matt Buland -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 524 bytes Desc: PGP/MIME digital signature URL: From mbuland at mymail.mines.edu Tue Sep 16 08:54:54 2014 From: mbuland at mymail.mines.edu (Matt Buland) Date: Tue, 16 Sep 2014 08:54:54 -0600 Subject: LUG: Meeting and LAN Party! Message-ID: <54184F3E.4050109@mymail.mines.edu> Luggers, This Thursday, Drew will be giving a talk on Meteor, a web framework for javascript and node.js. 6PM on Thursday in CTLM B56. Also, this Friday is our first LAN Party of the year! Starting at 6pm, we'll take over CTLM B60 to play various sorts of games. Bring your computer if you've got one, otherwise, all the games will play are accessible using the school computers. Thanks, Matt Buland -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 473 bytes Desc: OpenPGP digital signature URL: From mheck at mines.edu Thu Sep 25 14:13:49 2014 From: mheck at mines.edu (Martin Heck) Date: Thu, 25 Sep 2014 20:13:49 +0000 Subject: LUG: =?windows-1252?q?Fwd=3A_=5BCSM-CERT=5D_TA14-268A=3A_GNU_Bour?= =?windows-1252?q?ne_Again_Shell_=28Bash=29_=91Shellshock=92_Vulnerability?= =?windows-1252?q?_=28CVE-2014-6271=2CCVE-2014-7169=29?= References: <16905249.82875@ncas.us-cert.gov> Message-ID: <3710CE24-8D12-417D-8BEE-0BEB8B241DB6@mines.edu> Just an FYI in case nobody had heard of the bash vulnerability yet? Martin --- Martin Heck Work & School: mheck at mines.edu CSM CCIT Infrastructure Group - Campus Windows Technical Lead x2233 (303.384.2233) For Campus Computing Support, please open a request at: http://help.mines.edu Begin forwarded message: > From: US-CERT > Subject: [CSM-CERT] TA14-268A: GNU Bourne Again Shell (Bash) ?Shellshock? Vulnerability (CVE-2014-6271,CVE-2014-7169) > Date: September 25, 2014 at 1:12:10 PM MDT > To: > Reply-To: > > > > National Cyber Awareness System: > > TA14-268A: GNU Bourne Again Shell (Bash) ?Shellshock? Vulnerability (CVE-2014-6271,CVE-2014-7169) > 09/25/2014 12:56 PM EDT > > Original release date: September 25, 2014 > Systems Affected > > GNU Bash through 4.3. > Linux, BSD, and UNIX distributions including but not limited to: > CentOS 5 through 7 > Debian > Mac OS X > Red Hat Enterprise Linux 4 through 7 > Ubuntu 10.04 LTS, 12.04 LTS, and 14.04 LTS > Overview > > A critical vulnerability has been reported in the GNU Bourne Again Shell (Bash), the common command-line shell used in most Linux/UNIX operating systems and Apple?s Mac OS X. The flaw could allow an attacker to remotely execute shell commands by attaching malicious code in environment variables used by the operating system [1]. The United States Department of Homeland Security (DHS) is releasing this Technical Alert to provide further information about the GNU Bash vulnerability. > > Description > > GNU Bash versions 1.14 through 4.3 contain a flaw that processes commands placed after function definitions in the added environment variable, allowing remote attackers to execute arbitrary code via a crafted environment which enables network-based exploitation. [2, 3] > > Critical instances where the vulnerability may be exposed include: [4, 5] > > Apache HTTP Server using mod_cgi or mod_cgid scripts either written in bash, or spawn subshells. > Override or Bypass ForceCommand feature in OpenSSH sshd and limited protection for some Git and Subversion deployments used to restrict shells and allows arbitrary command execution capabilities. > Allow arbitrary commands to run on a DHCP client machine, various Daemons and SUID/privileged programs. > Exploit servers and other Unix and Linux devices via Web requests, secure shell, telnet sessions, or other programs that use Bash to execute scripts. > Impact > > This vulnerability is classified by industry standards as ?High? impact with CVSS Impact Subscore 10 and ?Low? on complexity, which means it takes little skill to perform. This flaw allows attackers to provide specially crafted environment variables containing arbitrary commands that can be executed on vulnerable systems. It is especially dangerous because of the prevalent use of the Bash shell and its ability to be called by an application in numerous ways. > > Solution > > Patches have been released to fix this vulnerability by major Linux vendors for affected versions. Solutions for CVE-2014-6271 do not completely resolve the vulnerability. It is advised to install existing patches and pay attention for updated patches to address CVE-2014-7169. > > Many UNIX-like operating systems, including Linux distributions, BSD variants, and Apple Mac OS X include Bash and are likely to be affected. Contact your vendor for updated information. A list of vendors can be found in CERT Vulnerability Note VU#252743 [6]. > > US-CERT recommends system administrators review the vendor patches and the NIST Vulnerability Summary for CVE-2014-7169, to mitigate damage caused by the exploit. > > References > > Ars Technica, Bug in Bash shell creates big security hole on anything with *nix in it; > DHS NCSD; Vulnerability Summary for CVE-2014-6271 > DHS NCSD; Vulnerability Summary for CVE-2014-7169 > Red Hat, CVE-2014-6271 > Red Hat, Bash specially-crafted environment variables code injection attack > CERT Vulnerability Note VU#252743 > Revision History > > September 25, 2014 - Initial Release > This product is provided subject to this Notification and this Privacy & Use policy. > > OTHER RESOURCES: > Contact Us | Security Publications | Alerts and Tips | Related Resources > STAY CONNECTED: > > SUBSCRIBER SERVICES: > Manage Preferences | Unsubscribe | Help > > This email was sent to csm-cert at mines.edu using GovDelivery, on behalf of: United States Computer Emergency Readiness Team (US-CERT) ? 245 Murray Lane SW Bldg 410 ? Washington, DC 20598 ? (703) 235-5110 > _______________________________________________ > csm-cert mailing list > csm-cert at mailman.mines.edu > https://mailman.mines.edu/mailman/listinfo/csm-cert > Unsubscribe: csm-cert-unsubscribe at mailman.mines.edu -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 5072 bytes Desc: not available URL: From mbuland at mymail.mines.edu Thu Sep 25 14:18:14 2014 From: mbuland at mymail.mines.edu (Matt Buland) Date: Thu, 25 Sep 2014 14:18:14 -0600 Subject: LUG: Meeting Tonight: Alternative Kernels and User Spaces Message-ID: <54247886.3000201@mymail.mines.edu> Luggers, Tonight, Jason will be giving us the low-down on alternative kernels, including BSD, GNU Hurd, Plan-9 and others. With these kernels sometimes also comes different ways to manage users and their space, so that will also be included in the discussion. Also, don't forget to update your BASH (see https://www.us-cert.gov/ncas/alerts/TA14-268A). CTLM B56 at 6:00pm every Thursday. See ya there! Matt Buland -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 473 bytes Desc: OpenPGP digital signature URL: From khellman at mcprogramming.com Thu Sep 25 16:58:46 2014 From: khellman at mcprogramming.com (Keith Hellman) Date: Thu, 25 Sep 2014 16:58:46 -0600 Subject: LUG: We are all patching, right? Message-ID: <20140925225845.GM4037@debian> http://apple.slashdot.org/story/14/09/25/1757208/flurry-of-scans-hint-that-bash-vulnerability-could-already-be-in-the-wild -- Keith Hellman #include khellman at mcprogramming.com from disclaimer import standard khellman at mines.edu -*- public key @ pgp.mit.edu 9FCF40FD Y!M: mcprogramming AIM/ICQ: 485403897 jabber: mrtuple at jabber.org irc: freenode.net as mrtuple -*- "Windows is about choice - you can mix and match software and music player stuff. We believe you should have the same choice when it comes to music services." -- David Fester, General Manager of Microsoft's Windows Digital Media Division http://apple.slashdot.org/apple/04/01/13/0158224.shtml?tid=109&tid=187 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 181 bytes Desc: Digital signature URL: From kkluherz at mymail.mines.edu Thu Sep 25 17:07:20 2014 From: kkluherz at mymail.mines.edu (Kyle Thompson Kluherz) Date: Thu, 25 Sep 2014 17:07:20 -0600 Subject: LUG: We are all patching, right? In-Reply-To: <20140925225845.GM4037@debian> References: <20140925225845.GM4037@debian> Message-ID: I haven't found a patch for Mint yet, anyone know if there might be one? I'm running the Debian-based edition. -Tk On Thu, Sep 25, 2014 at 4:58 PM, Keith Hellman wrote: > > http://apple.slashdot.org/story/14/09/25/1757208/flurry-of-scans-hint-that-bash-vulnerability-could-already-be-in-the-wild > -- > Keith Hellman #include > khellman at mcprogramming.com from disclaimer import standard > khellman at mines.edu > -*- > public key @ pgp.mit.edu 9FCF40FD > Y!M: mcprogramming AIM/ICQ: 485403897 > jabber: mrtuple at jabber.org irc: freenode.net as mrtuple > -*- > > "Windows is about choice - you can mix and match software and music player > stuff. We believe you should have the same choice when it comes to music > services." > > -- David Fester, General Manager of Microsoft's Windows Digital Media > Division > http://apple.slashdot.org/apple/04/01/13/0158224.shtml?tid=109&tid=187 > > _______________________________________________ > lug mailing list > lug at mailman.mines.edu > https://mailman.mines.edu/mailman/listinfo/lug > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From echopper at mines.edu Fri Sep 26 20:03:41 2014 From: echopper at mines.edu (Ezekiel T. Chopper) Date: Fri, 26 Sep 2014 20:03:41 -0600 Subject: LUG: We are all patching, right? In-Reply-To: References: <20140925225845.GM4037@debian> Message-ID: For Debian you can follow https://www.debian.org/security/ for security updates. Currently there isn't a full patch. There is an initial patch that fixed the surface level bug, but introduced bugs of its own. Here ( https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/ ) is a blog post from the RedHat security people that they will keep updated for news on distros of that variety. Apple has made a statement that OS X users aren't vulnerable unless they are using "advanced UNIX services" and that a patch for those "advanced" users is in the works, but you should probably download the bash source patch it yourself in Xcode and run your patched version. (They're kind of busy patching iOS 8) info: http://www.imore.com/apple-working-quickly-protect-os-x-against-shellshock-exploit -- Ezekiel Chopper Undergraduate Computer Science student Infrastructure Intern at Health Language, Inc. System Administrator for CARDI, Toilers, and SmartGeo On Thu, Sep 25, 2014 at 5:07 PM, Kyle Thompson Kluherz < kkluherz at mymail.mines.edu> wrote: > I haven't found a patch for Mint yet, anyone know if there might be one? > I'm running the Debian-based edition. > -Tk > > On Thu, Sep 25, 2014 at 4:58 PM, Keith Hellman > wrote: > >> >> http://apple.slashdot.org/story/14/09/25/1757208/flurry-of-scans-hint-that-bash-vulnerability-could-already-be-in-the-wild >> -- >> Keith Hellman #include >> khellman at mcprogramming.com from disclaimer import standard >> khellman at mines.edu >> -*- >> public key @ pgp.mit.edu 9FCF40FD >> Y!M: mcprogramming AIM/ICQ: 485403897 >> jabber: mrtuple at jabber.org irc: freenode.net as mrtuple >> -*- >> >> "Windows is about choice - you can mix and match software and music player >> stuff. We believe you should have the same choice when it comes to music >> services." >> >> -- David Fester, General Manager of Microsoft's Windows Digital Media >> Division >> http://apple.slashdot.org/apple/04/01/13/0158224.shtml?tid=109&tid=187 >> >> _______________________________________________ >> lug mailing list >> lug at mailman.mines.edu >> https://mailman.mines.edu/mailman/listinfo/lug >> >> > > _______________________________________________ > lug mailing list > lug at mailman.mines.edu > https://mailman.mines.edu/mailman/listinfo/lug > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From mheck at mines.edu Sat Sep 27 13:03:26 2014 From: mheck at mines.edu (Martin Heck) Date: Sat, 27 Sep 2014 19:03:26 +0000 Subject: LUG: We are all patching, right? In-Reply-To: References: <20140925225845.GM4037@debian> Message-ID: <354CB0AB0A430040973EAC9547DB93DF6E3FECF0@Aerilon.adit.mines.edu> And to be a little more aware of things? this is particularly bad with systems that either use bash as /bin/sh and/or use bash shell scripts to do or configure things from the outside world -- Apache with legacy CGI-BIN shell stuff, DCHP clients that run Bash scripts on ifup/ifdown and are passed things from the DHCP server [like, an IP address ;) ]? this does mean that that webserver you thought wasn?t doing anything may now be able to wreck antying www-data (debian-esque) owns. Thankfully, the Debian/Ubuntu dhclient uses /bin/sh, which on those distros is defaulted to ?dash?, *not* ?bash?. If you?ve got a custom crafted shell for SSH (say, if you?re running something so ?operators? can run backups), that?s the big risk with SSH at this point. (note this is my side-reading of things while I?m out sick, so take ti with a grain of salt, and don?t hesitate to send email to security at mines.edu to pester the actual security folk :) ). Martin From: lug-bounces at mailman.mines.edu [mailto:lug-bounces at mailman.mines.edu] On Behalf Of Ezekiel T. Chopper Sent: Friday, September 26, 2014 8:04 PM To: lug at mailman.mines.edu Cc: Keith Hellman Subject: Re: LUG: We are all patching, right? For Debian you can follow https://www.debian.org/security/ for security updates. Currently there isn't a full patch. There is an initial patch that fixed the surface level bug, but introduced bugs of its own. Here ( https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/ ) is a blog post from the RedHat security people that they will keep updated for news on distros of that variety. Apple has made a statement that OS X users aren't vulnerable unless they are using "advanced UNIX services" and that a patch for those "advanced" users is in the works, but you should probably download the bash source patch it yourself in Xcode and run your patched version. (They're kind of busy patching iOS 8) info: http://www.imore.com/apple-working-quickly-protect-os-x-against-shellshock-exploit -- Ezekiel Chopper Undergraduate Computer Science student Infrastructure Intern at Health Language, Inc. System Administrator for CARDI, Toilers, and SmartGeo On Thu, Sep 25, 2014 at 5:07 PM, Kyle Thompson Kluherz > wrote: I haven't found a patch for Mint yet, anyone know if there might be one? I'm running the Debian-based edition. -Tk On Thu, Sep 25, 2014 at 4:58 PM, Keith Hellman > wrote: http://apple.slashdot.org/story/14/09/25/1757208/flurry-of-scans-hint-that-bash-vulnerability-could-already-be-in-the-wild -- Keith Hellman #include khellman at mcprogramming.com from disclaimer import standard khellman at mines.edu -*- public key @ pgp.mit.edu 9FCF40FD Y!M: mcprogramming AIM/ICQ: 485403897 jabber: mrtuple at jabber.org irc: freenode.net as mrtuple -*- "Windows is about choice - you can mix and match software and music player stuff. We believe you should have the same choice when it comes to music services." -- David Fester, General Manager of Microsoft's Windows Digital Media Division http://apple.slashdot.org/apple/04/01/13/0158224.shtml?tid=109 &tid=187 _______________________________________________ lug mailing list lug at mailman.mines.edu https://mailman.mines.edu/mailman/listinfo/lug _______________________________________________ lug mailing list lug at mailman.mines.edu https://mailman.mines.edu/mailman/listinfo/lug -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 6304 bytes Desc: not available URL: