存档

作者存档

Winamp lovers beg AOL to open source code

2013年11月25日 评论已被关闭

Last week, AOL announced the impending death of Winamp, saying that the 16-year-old media player would be shut down within a month.

“Winamp.com and associated Web services will no longer be available past December 20, 2013. Additionally, Winamp Media players will no longer be available for download. Please download the latest version before that date,” AOL announced.

But fans of the venerable software have launched a “Save Winamp” website and petition asking AOL either to keep Winamp alive or to open source its code.

Read 3 remaining paragraphs | Comments

       



分类: OpenSource 标签:

Microsoft brings rich node.js support to Visual Studio

2013年11月21日 评论已被关闭

As the company continues to court programmers developing on software stacks that aren’t its own, Microsoft has released a plugin for Visual Studio that provides extensive support for Node.js within the Visual Studio IDE.

The Apache-licensed Node.js Tools for Visual Studio offer editing with IntelliSense, Node.js projects, debugging, profiling, and deployment, all inside Microsoft’s IDE. The plugin also includes a graphical interface to Node’s NPM package manager, so Node libraries can be downloaded from the NPM repository, again from within Visual Studio.

Though still only an “alpha” release, the development experience looks remarkably complete already. The plugin is plumbed into the V8 debugger and profiling APIs that Node already uses, so it should provide consistent results and capabilities as Node developers not using the plugin will have.

Read 1 remaining paragraphs | Comments

       



分类: OpenSource 标签:

New backdoor worm found attacking websites running Apache Tomcat

2013年11月20日 评论已被关闭
Diagram showing how Tomdep receives commands and spreads to new machines.

Researchers have identified new self-replicating malware that infects computers running the Apache Tomcat Web server with a backdoor that can be used to attack other machines.

Java.Tomdep, as the backdoor worm has been dubbed, is Java Servlet-based code that gives Apache Tomcat platforms malicious capabilities. It causes infected machines to maintain Internet relay chat (IRC) communications with attacker servers located in Taiwan and Luxembourg. The control servers send commands and receive progress reports to and from the infected machines. Affected platforms include Linux, Mac OS X, Solaris, and most supported versions of Windows. Researchers haven’t said precisely how the malware takes initial hold of servers, but there’s no evidence yet it exploits any vulnerability in Tomcat or any other software running on infected servers.

In a blog post published Wednesday, Takashi Katsuki, a researcher at security firm Symantec, said Java.Tomdep appears to be designed to harness the huge amounts of bandwidth and computing power available to Web servers for use in denial-of-service attacks against other machines. Unlike Darkleech and other malware targeting Web servers, there’s no indication that it’s used to attack end users visiting websites. Katsuki explained:

Read 3 remaining paragraphs | Comments

       



分类: OpenSource 标签:

GitHub resets user passwords following rash of account hijack attacks

2013年11月20日 评论已被关闭

GitHub is experiencing an increase in user account hijackings that’s being fueled by a rash of automated login attempts from as many as 40,000 unique Internet addresses.

The site for software development projects has already reset passwords for compromised accounts and banned frequently used weak passcodes, officials said in an advisory published Tuesday night. Out of an abundance of caution, site officials have also reset some accounts that were protected with stronger passwords. Accounts that were reset despite having stronger passwords showed login attempts from the same IP addresses involved in successful breaches of other GitHub accounts.

“While we aggressively rate-limit login attempts and passwords are stored properly, this incident has involved the use of nearly 40K unique IP addresses,” Tuesday night’s advisory stated. “These addresses were used to slowly brute force weak passwords or passwords used on multiple sites. We are working on additional rate-limiting measures to address this. In addition, you will no longer be able to login to GitHub.com with commonly used weak passwords.”

Read 3 remaining paragraphs | Comments

       



分类: OpenSource 标签:

Stability first: Ubuntu’s Mir won’t replace X in 14.04 desktop

2013年11月19日 评论已被关闭
Ubuntu 13.10.

Mir, Canonical’s replacement for the X window system, will not make it into the next version of the Ubuntu desktop.

Canonical initially planned to turn Mir on by default in Ubuntu 13.10, the version shipped in October 2013, but it was dropped due to compatibility problems in multi-monitor setups. It’s especially important not to add any buggy technologies to 14.04, the version coming in April 2014, because that is a Long-Term Support (LTS) edition that Canonical must maintain for five years. Mir itself seems to be working fine, but there are problems with XMir, an X11 compatibility layer that ensures Mir can work with applications built for X.”We will only bring Mir into 14.04 if we can be assured that we’re not going to have any support issues,” Ubuntu Community Manager Jono Bacon told Ars last month.

It now appears Mir won’t make it into the next edition. “It was affirmed today that Ubuntu 14.04 LTS will still be shipping with the stable and proven Unity 7 experience, which is designed around using an X.Org Server with Compiz,” Phoronix’s Michael Larabel wrote today. “It doesn’t appear they will try for using XMir by default in this next Long-Term Support release with Unity 7. It was also said today that point releases to Ubuntu 14.04 LTS will not be adding in Mir or Unity 8.”

Read 18 remaining paragraphs | Comments

       



分类: OpenSource 标签:

lvs ksoftirqd进程占用大量CPU

2013年11月19日 评论已被关闭

监控的时候,发现LVS貌似遇到了瓶颈,高峰期间发现有两个进程ksoftirqd/0ksoftirqd/1占用大量cpu,LVS为虚拟机:DR模式,配置了2GB内存,2core。
LVS带宽跑到了15M,见监控图:

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

阅读全文…

分类: OpenSource 标签:

monit 一个小巧的linux下监控/故障恢复工具

2013年11月18日 评论已被关闭

http://mmonit.com/
官方文档 http://mmonit.com/monit/documentation/monit.html

本文以监控squid为例子,主要是想实现故障检测及自动恢复的功能。

安装
yum install pam-devel
wget http://mmonit.com/monit/dist/monit-5.6.tar.gz
tar zxvf monit-5.6.tar.gz
cd monit-5.6
./configure && make && make install

阅读全文…

分类: OpenSource 标签:

nrpe Error: Could not complete SSL handshake. 5

2013年11月14日 评论已被关闭

/var/log/messages里面有非常多的日志在刷屏
Nov 14 21:18:57 2hei.net nrpe[14855]: Error: Could not complete SSL handshake. 5

把网上的说法尝试变了,什么nrpe.conf中的allowed_hosts,什么nrpe版本等全是误导,没有一个好用!

于是发现了这个nrpe端口的自检check_tcp,果断去掉就好了。

终极solution:
修改nagios配置文件:
define service{
use oupeng
host_name 2hei.net
service_description check_tcp_5666
check_command check_tcp!5666
}

分类: OpenSource 标签:

Canonical “abused trademark law” to target a site critical of Ubuntu privacy

2013年11月8日 评论已被关闭
This logo, if not used properly, could get you in trouble.

Canonical, the maker of Ubuntu, has been fending off criticism from privacy advocates because the desktop search tool in recent versions of the operating system also searches the Internet. That means if you’re searching your desktop for a file or application, you might also see results from Amazon or other websites.

One person who dislikes Canonical’s search tool is Micah Lee, a technologist at the Electronic Frontier Foundation who maintains the HTTPS Everywhere project and is CTO of the Freedom of the Press Foundation. Lee set up a website called “Fix Ubuntu,” which provides instructions for disabling the Internet search tool.

“If you’re an Ubuntu user and you’re using the default settings, each time you start typing in Dash (to open an application or search for a file on your computer), your search terms get sent to a variety of third parties, some of which advertise to you,” the website says.

Read 12 remaining paragraphs | Comments

       



分类: OpenSource 标签:

nagios check_udp 就是一残废

2013年11月3日 评论已被关闭

nagios中check_udp是链接到的check_tcp
lrwxrwxrwx 1 root root 9 Sep 23 22:01 check_udp -> check_tcp

两个例子:
./check_udp -H 2hei.net -p 161 -s “” -e “” -w 2 -c 5
No data received from host

./check_udp -H 2hei.net -p 123 -s “” -e “” -w 2 -c 5
CRITICAL – Socket timeout after 10 seconds

/usr/lib64/nagios/plugins/check_udp -h
check_udp: No arguments found
Usage:
check_udp -H host -p port [-w ] [-c ] [-s ]
[-e ] [-q ][-m ] [-d ]
[-t ] [-r ] [-M ] [-v] [-4|-6] [-j]
[-D [,]] [-S ] [-E]

需要输入[-s ] [-e ]实际上很多ndp的端口就没有返回内容,太扯淡了。
看来还得自己动手丰衣足食。
阅读全文…

分类: OpenSource 标签: