SANS has reported a verifiable zero-day exploit for Solaris 10 and beyond (Nevada et al). There is a vulnerability in telnetd that can allow attackers to login without a proper account and password.

 

Note that in recent releases of Solaris Nevada which are “Secure by default”, telnetd is disabled during installation. Earlier releases have telnet enabled and it should be disabled in almost all circumstances. The command to disable is

# svcadm disable telnet

 

Here is the Information Week article describing the problem and linking to SANS.

Hi, I just updated my list of the “best” Mac OS resources to version 1.1. I categorized the entries, color coded them, and corrected a couple of errors. I also added a section on the “best” web sites as well so now it’s generically named “resources” rather than “applications”. Finally, I gave it its own page for easy access. Check out The “Best” Mac OS Resources here. And thanks for all the feedback. I’ll create version 1.2 soon to incorporate all the recommendations.

Hi, I’ve renamed my list The “Best” Mac OS Resources and put it on its own page to avoid confusion. If you are looking for the original Essential Mac OS X Applications by MacSpecialists, check it out at MacSpecialists.

Late breaking news – Usenix is running some tutorials at the SANS 2007 conference in San Diego, and I’ll be teaching two of my workshops there. Here are the links for more information.
March 29 Solaris 10 Administration Workshop
March 30 Solaris 10 Security Workshop

Hope to see you there…

This is rather esoteric, but I’ve seen posts asking for a solution to this problem so thought I’d document my experience here.

Problem – Trying to install Nexenta (Elatte) Alpha 6 within Parallels on the Mac. Nexenta is an open source distribution of Solaris that has the Solaris Nevada kernel and the Debian userland. It installs cleanly in Parallels beta RC1, but X fails to start cleanly. It appears that the xorg.conf is missing and the default Xorg is not sufficient.

Solution – I ran Xorg -configure to generate a new /root/xorg.conf.new
Then I followed some advice from the parallels forums as to changes to make and saved the file as /etc/X11/xorg.conf

I changed the Monitor section to be:
Section "Monitor"
Identifier "Monitor0"
VendorName "Monitor Vendor"
ModelName "Monitor Model"
HorizSync 31.5-100
VertRefresh 59.0-75.0
Modeline "1440x900" 108.84 1440 1472 1800 1912 900 918 927 946
EndSection

And the Screen section:

Section "Screen"
Identifier "Screen0"
Device "Card0"
Monitor "Monitor0"
SubSection "Display"
Viewport 0 0
Depth 1
Modes "1440x900"
EndSubSection
SubSection "Display"
Viewport 0 0
Depth 4
Modes "1440x900"
EndSubSection
SubSection "Display"
Viewport 0 0
Depth 8
Modes "1440x900"
EndSubSection
SubSection "Display"
Viewport 0 0
Depth 15
Modes "1440x900"
EndSubSection
SubSection "Display"
Viewport 0 0
Depth 16
Modes "1440x900"
EndSubSection
SubSection "Display"
Viewport 0 0
Depth 24
Modes "1440x900"
EndSubSection
EndSection

Finally I changed parallels via the “configuration” section to allow a custom resolution of 1440×900.
Net result is Nexenta is up and being graphical on my MacBook Pro. Very nice.

Pardon the large .pdf file, here are the course materials that I hand out to the students of my Solaris 10 Administration Workshop course. This year I’m teaching this course for both USENIX and the SANS 2007 conference. This particular handout is from the Dec 2006 USENIX LISA conference. Feedback welcome.

Also, here are the course materials that I hand out to the students of my Solaris 10 Security Workshop course. I’m teaching this course for both USENIX and the SANS 2007 conference. This particular handout is from the Dec 2006 USENIX LISA conference. Feedback welcome.

I’m a fan of live music. Finding high quality, legally download-able (or at least stream-able) concert audio recordings is a rare treat. If you similarly like good live music free, check out these sites:

Wolfgang’s Vault Concert Vault – sound board recordings of many great 80s and 90s acts, streaming only.

NPR’s All Songs Considered – see the “live concerts” list on the left side of the main page. These are concerts recorded live at the 9:30 club in Washington D.C. (I think). Most are streaming only, but some are available for download. I’m listening to the White Stripes concert as I type this. Also on my list to check out there are Cat Power, M. Ward, Lucinda Williams, David Gray, James Brown, Arctic Monkeys…and the list goes on.

 towsertv.petetownshend.com

Fantastic stuff, highly recommended.

Have you noticed that almost always, contacting a company’s support organization results in a return email or phone hold message stating that the company is experiencing higher the expect volumes of communications?

If they are always receiving high volumes, should they start expecting that? And shouldn’t they do something about it?!
Also, I don’t recall ever hearing / reading that the company was experiencing lighter than expected volumes. <b>Now that’s a company I would do business with! </b>

Just for the record, I will accept no payments to promote any product, service, or web site in my blog. If I do receive a product for free or on loan I’ll make that clear.

Sun Microsystems has evolved from a company based on a closed-source proprietary operating system to one based on an open source operating system with a burgeoning community. These operating systems are one-in-the-same – Solaris. OpenSolaris is the non-commercial, open source distribution of Solaris. (Of course Sun still has its commercial Solaris for those wanting support.)

In the olden-days (in the 1990s), there used to be the Sun User Group (SUG). At one point I was even on the board of directors of SUG. But for various reasons, especially Sun’s lack of interest in having a user group, SUG fell apart.

Fast forward to the current century and Sun is encouraging user groups to form around the OpenSolaris banner. I’m a big fan of Solaris (in all flavors) and my company sells and supports Sun systems, so we’re doing our part and starting up the North East (U.S.) OpenSolaris User Group. Fortunately those initials give the new group the cool moniker NEOSUG.

The inaugural meeting of NEOSUG is Jan 31st, 2007 at Sun’s campus in Burlington Mass. All are welcome. This meeting will feature talks by Simon Phipps, Dave Miner, and myself. The purpose of this meeting is to give an overview of OpenSolaris, and then to have a discussion about what the attends want from NEOSUG (and what they can contribute). Everything is open for debate – how often to meet, where, what to cover, leadership, who to invite to talk, and so on.

So if you’re interested in OpenSolaris and if you are in the area, please make it a point to join us. There will be pizza and beverages (provided by Sun for this first meeting), and I have it on good authority that trinkets will be distributed.

Laura Ramsey is coordinating the meeting. Here blog and NEOSUG meeting details are here. You can register here.

For more information have a look at the NEOSUG web page. Hope to see you there!

Hi there, and thanks for checking out my blog. I’m Peter Galvin (also known as Peter Baer Galvin because there is another Peter Galvin that writes in technology).

I’m Chief Technologist of Corporate Technologies for my day job, where we sell data center products and provide consulting services around them. Our selection of data center products includes Sun (and StorageTek), Network Appliance, Juniper, Veritas, F5, 3Par, and a variety of other products. Most of my time is spent on all things Sun so I’ll be blogging most about that.

My personal web site talks about some of my other activities. In short I’m co-author of the series of Operating System Concepts textbooks, write a periodic / occasional column as a contributing editor at SysAdmin Magazine, and teach tutorials about Solaris, usual at the USENIX conferences.

I also love music, love gadgets, and oddly enough, collect fountain pens. I’m sure I’ll blog about those things over time. I will definitely blog about the fact that I recently moved from Windows to Mac.

“Hello World.“

Hello World is the traditional first communication with the outside world from a new programmer. I’m stretching its use a bit but it felt appropriate for my first blog entry. It’s about time that I embraced this ”new“ medium!