Current Stories
PermaLink IBM Notes and the Heartbleed Bug.04/21/2014 12:09 AM
 
 
IBM Notes & Domino are not vulnerable to OpenSSL "Heartbleed" bug (CVE-2014-0160)

The Heartbleed Bug
"The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM) and some virtual private networks (VPNs).

The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content. This allows attackers to eavesdrop on communications, steal data directly from the services and users and to impersonate services and users."

More @heartbleed.com

Abstract
Information is circulating describing a method called "Heartbleed," which exploits a vulnerability caused by a design error in OpenSSL. This technote provides confirmation that IBM Notes and Domino are not susceptible to the Heartbleed attack.

Content
IBM Notes and Domino are not vulnerable to the Heartbleed bug because they do not use OpenSSL as the basis of the SSL stack in the products. Note that this includes both the Domino SSL stack as well as the TLS implementation supported by the IBM HTTP Server in 9.0. Notes Traveler is also not affected.

For more information on the Heartbleed bug, including a Q&A, go to
http://www.heartbleed.com.

Related information
CVE-2014-0160
OpenSSL vulnerabilities do not apply to IHS
A simplified Chinese translation is available

More @ibm.com/support/docview.wss?uid=swg21669782

The Badkey Team
http://beknown.com/john-willemse
http://planetlotus.org/profiles/john-willemse
Technorati:
PermaLink Update CentOS (Linux) Important SSL Security Vulnerability. Fix OpenSSL version 1.0.1g04/20/2014 11:54 PM
 



On Monday, April 7th 2014, an OpenSSL vulnerability was disclosed which has been called one of the worst security holes in recent internet history. The bug, called the Heartbleed bug, was introduced in OpenSSL version 1.0.1. It has been in the wild since March of 2012 and is patched with OpenSSL version 1.0.1g released on April 7th 2014. OpenSSL Severe Vulnerability in TLS Heartbeat Extension (CVE-2014-0160)

The bug allows any attacker to read the memory of a vulnerable host, which means that any keys that have been used on a host with a vulnerable version of OpenSSL should be considered compromised. Distributions have been updating their packages and pushing out updates, but users need to pull down the most recent packages and revoke any previous keys based on insecure versions. Important: openssl security update. RHSA-2014:0376-1

An encryption flaw called the Heartbleed bug is already being called one of the biggest security threats the Internet has ever seen. The bug has affected many popular websites and services — ones you might use every day, like Gmail and Facebook — and could have quietly exposed your sensitive account information (such as passwords and credit card numbers) over the past two years.

Read more on the Social Networks. http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/

We'll show you how to update your systems with a secure version of OpenSSL, revoke any insecure SSL certificates, and test whether you are vulnerable or not.

Checking your Version Numbers. You should check your version of OpenSSL after you have updated your system.

While OpenSSL version 1.0.1g is the official fix of this problem, the version that fixes this for different distributions and releases may vary. Some releases and distributions patched their older versions to fix the problem, rather than releasing an entirely new version into an older, stable ecosystem. Because of this reason, it is best to check through your distribution's packaging system, since the openssl version command might not reflect the information we need.

CentOS and Fedora Releases and Fix Versions:
For CentOS and Fedora systems, you can query the version of the OpenSSL package installed on your system by typing:
rpm -q -a | grep "openssl"

You should receive output that looks like this:
openssl-1.0.1e-16.el6_5.7.x86_64

For CentOS, here are the releases and the minimum versions of OpenSSL that must be applied to protect future SSL interactions. We will take the architecture off the end in our list:
CentOS 5: Unaffected (Shipped with older version prior to vulnerability)
CentOS 6: openssl-1.0.1e-16.el6.5.7

CESA-2014:0376 Important CentOS 6 openssl Update
http://lists.centos.org/pipermail/centos-announce/2014-April/020249.html

CentOS Errata and Security Advisory 2014:0376 Important
Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-0376.html

YUM Update:
openssl         x86_64  1.0.1e-16.el6_5.7            
kernel-firmware noarch  2.6.32-431.11.2.el6      

More @digitalocean.com

The Badkey Team
http://beknown.com/john-willemse
http://planetlotus.org/profiles/john-willemse
Technorati:
PermaLink Heartbleed Security Bug fixes for VMware04/20/2014 12:58 PM
19 April, 2014.

It seems to be patch Saturday as today a whole bunch of updates of products were released. All of these updates relate to the heartbleed security bug fix. There is no point in listing every single product as I assume you all know the VMware download page by now, but I do want to link the most commonly used for your convenience: Time to update, but before you do… if you are using NFS based storage make sure to read this first before jumping straight to vSphere 5.5 U1a!

More @yellow-bricks.com

The Badkey Team
http://beknown.com/john-willemse
http://planetlotus.org/profiles/john-willemse
Technorati:
PermaLink Sophos UTM Up2Date 9.201023 package04/11/2014 12:14 AM
 
We just did the upgrade.

System Version:  Sophos UTM 9.200-11

News:
Official 9.2 GA Release - update from 9.200.  Fix: OpenSSL vulnerability: TLS heartbeat read overrun (CVE-2014-0160)

Bugfixes:
 Fix [28439]: vpn site2site overwiev is missing ipsec respondOnly connections
 Fix [28953]: Object Changelog PopUp can not be closed in IE9
 Fix [29356]: [BETA] RED50 reconnects all the time
 Fix [29419]: [BETA] Web Policy tester and http.log do not display modifications by local site list
 Fix [29501]: Transparent AD SSO conflicts with WAF (port 80)
 Fix [29748]: [BETA] changing OTP has no effect on WAF
 Fix [29843]: [BETA] Changing AV Scanners cause memory spikes in http proxy
 Fix [30389]: [BETA] http cache fills up partition
 Fix [30441]: [BETA] SPX encryption has higher priority than SMIME or PGP encryption
 Fix [30446]: [BETA] SPX: some characters in mail subject lead to broken subject in pdf
 Fix [30561]: [BETA] Username with \ is seen in sAMAccountName with \\
 Fix [30571]: Add option to disable OTP for Webadmin/SSH from front panel LCD of UTM appliance
 Fix [30637]: [BETA] Handling Filter actions used in multiple policies
 Fix [30701]: [BETA] SPX: labels of original message are not correctly encoded in spx reply
 Fix [30723]: RED 10 stops working while handling large packets
 Fix [30869]: [BETA] DLP: Region selector of "Sophos CCL Rules" doesn't show the first element
 Fix [30898]: OTP: Token may be created for wrong user if remote/local user differ in case
 Fix [30925]: SPX: character sets other than UTF-8 break PDF and portal
 Fix [30934]: Incorrect Certificate used during Transparent HTTPS
 Fix [30940]: Wireless: Some SSIDs are shown as HASH(...) in WebAdmin
 Fix [30945]: ATP Dashboard Link & Reporting Issue (72h not visible)
 Fix [30949]: smtp scanner dies in combination with SPX and regular email encryption
 Fix [30951]: Outgoing mails get quarantined as "UNSCANNABLE" although "Quarantine unscannable and encrypted content" is disabled
 Fix [31368]: CVE-2014-0160: TLS heartbeat read overrun [9.2]

RPM packages contained:
 libaio-0.3.109-0.1.46.1123.g533121f.rb1.i686.rpm  
 libopenssl1_0_0-1.0.1g-1.1.0.162384817.g6fb2a0a.rb1.i686.rpm
 libopenssl1_0_0_httpproxy-1.0.1g-1.1.0.162384817.g6fb2a0a.rb1.i686.rpm
 libsaviglue-9.20-8.gf151022.i686.rpm              
 libudev0-147-0.84.1.1204.gafeab2c.i686.rpm        
 client-openvpn-9.20-6.g8b06b8a.noarch.rpm        
 cm-nextgen-agent-9.20-30.ge5cc2d9.i686.rpm        
 csync2-1.34-16.g6441592.i686.rpm                  
 ddclient-3.8.1-19.gc92ba51.noarch.rpm            
 ipv6-aiccu-20070115-22.g3a8bc92.rb2.i686.rpm      
 ipv6-hurricane-9.20-2.g0ad29e1.i686.rpm          
 irqd-0.7.0-1.0.159644070.g559c8c7.i686.rpm        
 modsecurity2-2.7.3-217.g3aac31f.i686.rpm          
 modurlhardening-9.20-105.gdd9c494.i686.rpm        
 openssl-1.0.1g-1.1.0.162384817.g6fb2a0a.rb1.i686.rpm
 perf-tools-3.8.13.15-111.g2bc35f6.i686.rpm        
 perl-IO-Socket-INET6-2.72-1.0.g8ae5623.rb1.noarch.rpm
 postgresql92-9.2.7-0.158345058.gf297d3f.i686.rpm  
 red-firmware2-3047-0.g0f89c54.noarch.rpm          
 udev-147-0.84.1.1204.gafeab2c.i686.rpm            
 utm-lcd-0.6-0.160585403.gdd50b97.i686.rpm        
 ep-reporting-9.20-50.g5038097.i686.rpm            
 ep-reporting-c-9.20-29.g8fe8de6.i686.rpm          
 ep-reporting-resources-9.20-50.g5038097.i686.rpm  
 ep-aua-9.20-21.geb23e00.i686.rpm                  
 ep-awed-9.20-12.ged755a7.i686.rpm                
 ep-awetools-9.20-0.160496936.g56cf6c5.i686.rpm    
 ep-branding-ASG-afg-9.20-15.g95ad6c2.noarch.rpm  
 ep-branding-ASG-ang-9.20-15.g95ad6c2.noarch.rpm  
 ep-branding-ASG-asg-9.20-15.g95ad6c2.noarch.rpm  
 ep-branding-ASG-atg-9.20-15.g95ad6c2.noarch.rpm  
 ep-branding-ASG-aug-9.20-15.g95ad6c2.noarch.rpm  
 ep-confd-9.20-277.gd2828a7.i686.rpm              
 ep-epsecd-9.20-8.g2b9a152.i686.rpm                
 ep-ha-9.20-10.g23d774e.i686.rpm                  
 ep-ha-daemon-9.20-12.gd43cf6f.i686.rpm            
 ep-hardware-9.20-25.g43085a0.i686.rpm            
 ep-hotspot-web-9.20-3.gbc6c5cb.i686.rpm          
 ep-init-9.20-15.g4ae830a.noarch.rpm              
 ep-ipsctl-0.5-0.160568320.g1b4e2e1.noarch.rpm    
 ep-libs-9.20-54.gafa5533.i686.rpm                
 ep-localization-afg-9.20-10.gced13ea.i686.rpm    
 ep-localization-ang-9.20-10.gced13ea.i686.rpm    
 ep-localization-asg-9.20-10.gced13ea.i686.rpm    
 ep-localization-atg-9.20-10.gced13ea.i686.rpm    
 ep-localization-aug-9.20-10.gced13ea.i686.rpm    
 ep-mail-templates-9.20-6.g280effa.noarch.rpm      
 ep-mdw-9.20-178.g9374392.i686.rpm                
 ep-raidtools-9.20-42.g6ceb7d8.i686.rpm            
 ep-red-9.20-21.gecf46fa.i686.rpm                  
 ep-screenmgr-9.20-0.gfa1fd0b.rb57.i686.rpm        
 ep-spx-auth-9.20-1.g90293a3.i686.rpm              
 ep-webadmin-9.20-349.gc2b1337.i686.rpm            
 ep-webadmin-contentmanager-9.20-27.g773d6f7.i686.rpm
 ep-webadmin-spx-9.20-4.gf5c4d08.i686.rpm          
 ep-wireless-firmware-5020-0.g5078652.i586.rpm    
 ep-chroot-smtp-9.20-107.g1754b76.i686.rpm        
 ep-chroot-pop3-9.20-2.gcfbe315.i686.rpm          
 ep-httpproxy-9.20-79.gbea8874.i686.rpm            
 kernel-smp-3.8.13.15-111.g2bc35f6.i686.rpm        
 kernel-smp64-3.8.13.15-111.g2bc35f6.x86_64.rpm    
 ep-release-9.201-23.noarch.rpm                    

The Badkey Team
http://beknown.com/john-willemse
http://planetlotus.org/profiles/john-willemse
Technorati:
PermaLink Sophos UTM Firewall Release 9.204/04/2014
 
We just did an upgrade to Firmware version: 9.200-11 on VMware ESX.
Release notes: UTM 9.200 Soft-Released (02-26-2014) @
astaro.org

Update to 9.200:

Major Features:
• Web: New UI policy model
• Mail: SPX encryption support
• Mail: DLP support
• Network: Botnet/C&C traffic detection and blocking
• Network: Major IPS performance improvements
• Authentication: Dual-factor authentication with OATH TOTP
• WAF: Authentication support

Smaller Features:
• Web: AD SSO in transparent mode
• Web: Warn action
• Web: Transparent HTTPS filtering w/o full SSL scanning
• Web: URL categorization override
• Web: PUA blocking
• Web: Enhanced log search
• Web: Policy tester
• Web/Endpoint: Web Control for SEC-managed endpoints
• Endpoint: Proxy support for LiveConnect
• Wifi: Hotspot: Fully customizable login page
• Wifi: Hotspot: Fully customizable vouchers
• Wifi: Hotspot: New hotspot type with authentication against UTM/Backends
• RED: optional tunnel compression
• RED: RED50: improve LCD output
• RED: RED50: VLAN configuration for switch ports
• WAF: Extended threat filtering
• WAF: Fallback hosts
• WAF: HTTP to HTTPS redirection
• Network: Support more DynDNS providers

From @download.astaro.com/UTM/v9/virtual_appliance/README.txt  (2014-Mar-04 )

Dear customer, thank you in your interest in the Sophos virtual UTM appliance.

We have decided to discontinue to provide a dedicated pre-compiled virtual UTM machine for VMware due to the limitations and restrictions this had for our customers which used this virtual machine. No matter how we configure and pre-install that virtual UTM machine, there are always customers which need a kind of customization, and it's difficult to change some of these parameters on a already existing virtual machine belated. So we think that it makes more sense for all of the customers to install the UTM software with their personal configuration on their own instead of using a pre-compiled  virtual machine which is difficult to parametrize.

To be clear: the support of Sophos UTM for virtual platforms like VMware ESX, Microsoft HyperV or Citrix XEN has NOT been discontinued. It┤s just the fact that we don┤t provide any more pre-installed pre-parametrized VMware machines. You are much more flexible in using our UTM solution by considering the following.

It is just a matter of some minutes to install you fully self-parametrized UTM in your virtual platform.

Please follow these steps:
- go to the same server you found this README.TXT, but from directory /UTM/v9/software_appliance/iso (don't use the files in directory smart_installer)
- download the ISO file you want to install (e.g. "asg-9.107-33.1.iso")
- create a new virtual machine in your virtualization   platform. customize it appropriate to your needs
- if asked for the type of your operating system, select "Linux 64 bit", "SUSE Linux Enterprise 11 64 bit" or similar
- as a rough guideline, we recommend at least: 2 CPUs (cores), 4 GB   RAM, 100 GB of disk space, and 2 NICs, 1 CDROM. For non-productive environments (evaluation/test machines), you can downsize of course
- it is no problem to add afterwards (also if the UTM already was running) CPUs, RAM, or NICs. It's not possible to resize the harddisks afterwards.
- for the NICs we recommend to use VMXNET3 drivers in VMware, or optionally E1000 drivers. DO NOT USE "FLEXIBLE" NICS  - it may lead to severe performance issues.
- mount the downloaded ISO file into the virtual CDROM

Now turn on your virtual machine and boot from the virtual CDROM. The UTM installer will come up. Go through the installer options and
screens and make the appropriate selections. If finished, the installation will begin.

THE INSTALLER DETECTS AUTOMATICALLY WHICH TYPE OF VIRTUALIZATION PLATFORM IS USED AND WILL INSTALL THE CORRECT DRIVERS/KERNEL MODUELS, LIKE VMWARE TOOLS ETC.

After the installation has finished and the UTM is rebooted, you can access the system by connecting to the Webadmin port 4444 on the NIC and IP you configured during the installation.

Dutch: Sophos UTM 9.2

Virtual Security is trots om Sophos UTM 9.2 te mogen aankondigen.

De ontwikkelaars van Sophos hebben de laatste maanden hard gewerkt aan het maken van UTM 9.2 de grootste Sophos release tot nu toe. UTM 9.2 heeft een verbazingwekend aantal nieuwe mogelijkheden. Op dit moment is UTM 9.2 als Beta beschikbaar voor iedereen die deze nieuwe versie wil testen. Zoals altijd is deze UTM firewall voor thuisgebruikers gratis. Virtual Security heeft ook de mogelijkheid om voor bedrijven een trial licentie te verzorgen.
Source: @virtualsecurity.nl/nieuws

Hierbij een overzicht van de nieuwe mogelijkheden:
  • Advanced Threat Protection (APT)
Een van de nieuwe features voor UTM 9.2 is de toevoeging van Advanced Thread Protection (APT) door Sophos UTM te integreren met Sophos Labs de is de Sophos UTM op de hoogte van wereldwijd actieve botnets en de bijbehorende command & control sites. Een Command en Control Site is de besturingsserver van een botnet. Door verkeer naar deze site te blokkeren wordt de communicatie van het botnet platgelegd en zullen interne servers of clients hier niet actief aan deelnemen. Daarnaast rapporteert de Sophos UTM welke interne PC's of servers geinfecteerd zijn met botnet malware zodat er verdere actie ondernomen kan worden om deze te verwijderen. Bijvoorbeeld door Sophos UTM endpoint te installeren op deze pc's.
Deze feature is beschikbaar in de Network Protection subscriptie en in de Fullguard van de Sophos UTM
  • Intrusion Protection System (IPS) Snelheid.
De IPS functionaliteid van de Sophos UMT is na een grondige optimalisatie sterk verbeterd. Dit is gerealiseerd door algemene verbeteringen in het IPS systeem maar ook door UTM Hardware specifieke optimalisatie te implementeren. Daarnaast is er een "pattern aging systeem" toegevoegd zodat er geen performance verloren gaat aan oude IPS regels. Dit is naar wens te configureren.
  • One-Time Password (OTP) / Two-Factor Authentication (2FA)
Een nieuw systeem is geimplemnteerd om sterke authenticatie te ondersteunen met behulp van de Goolge Authenticatior. Hierdoor kunnen gebruikers onderandere met Sterke authenticatie aanloggen op de Webadmin, Userportal en VPN. Daarnaast is het mogelijk om tokens die gebruikmaken van OATH en TOTP te gebruiken.
  • Nieuwe gebruikers interface voor Web Protection. 
De gebruikers interface voor Web Protection is volledig vernieuwd. Het is nog eenvoudiger om policies te maken en toe te kennen en te veranderen. Het is nu ook mogelijk om op gebruikers niveau policies te gebruiken. Ook is het mogelijk om device authenticatie te gebruiken zodat Sophos webprotection nog krachtiger is toe te passen.
  • Transparente Mode with Active Directory Single Sign On Authenticatie.
Het is nu mogelijk om met Web Protection in transparente modus te gebruiken met Active Directory SSO. Hierdoor zijn er geen proxysettings nodig op de clients en dit geeft dezelfde voordelen als dat je normaal zou hebben als je AD single-sign gebruikt op een explicit proxy.
  • Reverse Authentication (Authentication Offloading) voor Web Server Protection. 
Een compleet nieuw authenticatie mechanisme is toegevoegd aan Web Server Protection welke gebruik kan maken van basic authenticatie en form-based authenticatie. Hierdoor is het mogelijk om gebruikers hier tegen te laten authenticeren en indien geautoriseerd door te sturen naar de desbetreffende server. Bijvoorbeeld een webserver of Microsoft OWA.
  • Live AV Lookups en Sandbox Execution via Sophos Labs (Catchy Name still in the Works!)
Als Web Protection met de Sophos AV engine enabled is is er een nieuwe mogelijkheid om de optie "live cloud checksum lookups from Sophos Labs" te gebruiken. Lookups die falen zullen gescanned worden door de AV Engine. Lookups die "schoon"bevonden zijn zullen lokaal niet worden gescanned waar door de AV scanning sneller is. File checsums die onbekend zijn bij het wereldwijde netwerk van Sophos labs zullen als sample worden aangeboden en zal een verdere analyse plaats vinden door de files in een Sandbox te starten en het gedrag te analyseren.
  • Fully Transparent HTTPS Filtering
De Sophos UTM kan nu URL filtering doen op HTTPS sites zonder gebruik te maken van de huidige man-in-middle “full” HTTPS scanning engine. Door gebruik te maken van SNI ( Server Name Indication ) wordt de URL (of IP als de URL niet beschikbaar is) uit de HTTPS session onttrokken en gecontroleerd tegen de URL database.  
  • SPX One-Way Message Encryption
Sophos UTM 9.2 ondersteund nu een richtings encryptie van email berichten naar ontvangers die niet in het bezit zijn van een vertrouwd encryptie systeem zoals de reeds gesupporte encryptie via PGP of s/Mime. Een nieuwe optie bij Mail Protection is “SPX Encryption”. Dit is een richting mail encryptie gebaseerd op Secure PDF eXchange (SPX). Gebruikers kunnen uitgaande berichten encrypteren welke vervolgens worden verpakt in een encrypted PDF welke kunnen worden gelezen door de ontvanger als ze het wachtwoord weten.
  • Data Leakage Protection (DLP)
Een nieuw systeem voor Data Leakage Protection is toegevoegd aan mail protection welke door e-mails en bijlagen scant naar data die het bedrijf niet mag verlaten. Het is mogelijk om op categorie te filteren per regio met parameters zoals creditcard, bankrekening, adressen, telefoonnummers en meer dan 200 andere parameters.
Naast bovenstaande veranderingen in Sophos UTM 9.2 zijn er ook nog een aantal kleinere wijzigingen. De volgende zaken zijn ook toegevoegd of verbeterd.
  • Google Application Control
  • Background Active Directory Synchronization Option
  • Enhanced Web Log Searching
  • Fully Customizable Wireless Hotspot Pages 
  • RED Tunnel Compression
  • Web Protection Policy Testing Tool.
  • Authentication Method by Device Type
  • Local Site Reclassification Listing
  • More Detailed HTTP Logging
  • Web Control Integration with Sophos Enterprise Console
  • Potentially Unwanted Application (PUA) Blocking
  • HTTPS End-User Block Pages
  • Multi-domain Active Directory user support
Kortom Sophos UTM 9.2 is de oplossing om Microsoft ISA server of Microsoft TMG te vervangen.
Source: @virtualsecuritynl.blogspot.nl

More @download.astaro.com/UTM/v9/software_appliance/iso/

Image:Badkey Corner - Sophos UTM Firewall Release 9.2

The Badkey Team

Technorati:
PermaLink Crossware Mail Signature for IBM Domino and Microsoft Exchange04/03/2014 11:54 PM
 




Crossware’s Mail Signature is a server based application that automatically adds compliant, personalized, good looking email signatures to all outgoing emails. From now on your emails will be 100% consistent with your corporate image. Your signatures may include legal disclaimers, logos, graphics and even advertising banners.

The signatures are tamper proof and fully configurable for any number of staff or groups. The signatures can include the traditional information like Name [first name, last name, and title], Position [job title], Division [business unit], Address [physical and postal], Phone Numbers [office number, mobile number, direct dial and fax] and Email Address. In addition any type of information like disclaimers, logos, marketing text etc. can be added.

Crossware’s Mail Signature Solution doesn’t require design changes to either your IBM Domino address book or any modifications to your Lotus Notes email template, and it is compatible with IBM Domino version 5 and above.

The application works with all the Domino email clients such as: Lotus Notes [Windows/Mac/Linux], Domino Web Access [iNotes] and even Blackberries. In addition, any database used for sending out emails can have a signature appended to the email.
More @ibm.com/partnerworld

Centrally manage you company’s email signatures with Crossware Mail Signature.
Crossware Mail Signature is an email signature product for IBM Domino and Microsoft Exchange which allows you to have complete control of your email signatures. Once you install the software, you can completely customise the design to include logos, advertisements, social media, imagery etc. It is server-based, so your signature will be automatically appended to every email that leaves your organisation, even those sent from mobile devices.

Your company signature will be ‘tamper-proof’, meaning that no one will be able to edit their signature.

Feel free to contact us in the EMEA region we have a contact for you.
Contact information:
Company CrossWare Ltd. 125 The Strand. Parnell. Auckland New Zealand
Phone: +64 9379 7044. http://www.crossware.co.nz

EMEA Region:  Rob Hollier. London, United Kingdom. Sales Manager
+44 20 3588 2000  
rob@crosswareuk.com

The Badkey Team
http://beknown.com/john-willemse
http://planetlotus.org/profiles/john-willemse
Technorati:
PermaLink CentOS alert RHSA-2014-0328. Kernel Update.04/03/2014 08:09 PM
We just upgraded OTAP to Centos 6.5 Kernel 2.6.32-431.11.2.el6.x86_64 x86_64

Details:
Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

The kernel packages contain the Linux kernel, the core of any Linux operating system.

* A flaw was found in the way the get_rx_bufs() function in the vhost_net implementation in the Linux kernel handled error conditions reported by the vhost_get_vq_desc() function. A privileged guest user could use this flaw
to crash the host. (CVE-2014-0055, Important)

* A flaw was found in the way the Linux kernel processed an authenticated COOKIE_ECHO chunk during the initialization of an SCTP connection. A remote attacker could use this flaw to crash the system by initiating a specially crafted SCTP handshake in order to trigger a NULL pointer dereference on the system. (CVE-2014-0101, Important)

* A flaw was found in the way the Linux kernel's CIFS implementation handled uncached write operations with specially crafted iovec structures.
An unprivileged local user with access to a CIFS share could use this flaw to crash the system, leak kernel memory, or, potentially, escalate their privileges on the system. Note: the default cache settings for CIFS mounts
on Red Hat Enterprise Linux 6 prohibit a successful exploitation of this issue. (CVE-2014-0069, Moderate)

* A heap-based buffer overflow flaw was found in the Linux kernel's cdc-wdm driver, used for USB CDC WCM device management. An attacker with physical access to a system could use this flaw to cause a denial of service or, potentially, escalate their privileges. (CVE-2013-1860, Low)

Red Hat would like to thank Nokia Siemens Networks for reporting CVE-2014-0101, and Al Viro for reporting CVE-2014-0069.

This update also fixes several bugs. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section.

All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.

More@redhat.com/errata/RHSA-2014-0328

The Badkey Team.

Technorati:
PermaLink ESX Build 1623387 (ESXi 5.5 Update 1)03/14/2014 09:54 PM
 

VMware ESXi™ 5.5 Update 1 11 MAR 2014 Build 1623387
Upgrade gedaan naar build 1623387 in de LAB omgeving (OTAP) voor evaluatie.

Image:Badkey Corner - ESX Build 1623387 (ESXi 5.5 Update 1)

Handig is RVTools 3.6 Version 3.6 (February, 2014). http://www.robware.net/

Description VMware ESXi 5.5.0 Update 1  
https://my.vmware.com/web/vmware/details?downloadGroup=ESXI55U1&productId=353&rPId=5254

Release Date 2014-03-11
See more at: https://my.vmware.com/web/vmware/details?downloadGroup=ESXI55U1&productId=353&rPId=5254#sthash.kMuxAW9R.dpuf

VMware ESXi 5.5 Update 1 Release Notes
https://www.vmware.com/support/vsphere5/doc/vsphere-esxi-55u1-release-notes.html

One small enhancement,
VMware ESXi 5.5, Patch ESXi550-201403210-UG: Updates ESXi 5.5 net-igb vib (2065823)
http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2065823

Image:Badkey Corner - ESX Build 1623387 (ESXi 5.5 Update 1)



The Most Affordable and Flexible Virtualization Solution
The QNAP TS-439 Pro II is certified as compatible with VMware« vSphere (ESXi and ESX) virtualization platform.
The NAS can be utilized as the networked shared storage of VMware virtualization environments and Windows cluster servers. Comparing with traditional SAN (Storage Area Network), the Turbo NAS is a competitive alternative with much lower setup and maintenance costs in an IP SAN.

The Feature-rich and Integrated Applications for Business
The NAS supports file sharing across Windows, Mac, Linux, and UNIX platforms. Versatile business applications such as file server, FTP server, printer server, web server, and Windows AD support are provided. The dominant features, such as WebDAV, Share Folder Aggregation (also known as DFS), IPv6 and IPv4 dual-stack, Wake on LAN, schedule power on/ off, HDD S.M.A.R.T, comprehensive log systems, and policy-based unauthorized IP blocking are all included features of a QNAP NAS server.

Image:Badkey Corner - ESX Build 1623387 (ESXi 5.5 Update 1) Image:Badkey Corner - ESX Build 1623387 (ESXi 5.5 Update 1)  


The Badkey Team
http://nl.linkedin.com/in/willemsej

Technorati:
PermaLink Running IBM Notes Traveler 9 on Linux Badkey03/12/2014 12:28 AM
 

Image:Badkey Corner - Running IBM Notes Traveler 9 on Linux Badkey

We now run IBM Notes Traveler V9.0.0.1 for Linux for xSeries Multilingual on VMware / vSphere 5.5 see the Release Notes
https://www.vmware.com/support/vsphere5/doc/vsphere-esx-vcenter-server-55-release-notes.html

What is IBM Notes Traveler ?  http://www-03.ibm.com/software/products/nl/notetrav/
IBM Notes Traveler on wikipedia.org  http://en.wikipedia.org/wiki/IBM_Notes_Traveler

File: NOT_TRA_9001_LIN_ML.tar.gz Build 201307181414 on Linux. In the LAB of Badkey.

IBM Notes Traveler 9.0.0.1 Interim Fix 4 Product Documentation
http://www-10.lotus.com/ldd/dominowiki.nsf/dx/IBM_Notes_Traveler_9.0.0.1_IF4

IBM Notes Traveler 9.0.1 IF 3 / 9.0.0.1 IF4 available
http://blog.nashcom.de/nashcomblog.nsf/dx/ibm-notes-traveler-9.0.1-if-3.htm

Index of recommended maintenance for IBM Notes Traveler
http://www-01.ibm.com/support/docview.wss?uid=swg24019529

[root@ install]# ./TravelerSetup -f installer.properties -i silent -l en
Notes Traveler 9.0.0.1 build 201307181414
Silent install started..
Notes Traveler version 9.0.0.1 build 201307181414 will be installed.

IBM Notes Traveler

What is IBM« Notes« Traveler ?
"No charge, push email software for IBM Notes users"

What's new in IBM Notes Traveler 9

Adaptive Initial Sync
Adaptive Initial Sync (AIS) is a new feature in IBM Notes Traveler 9.0.1 that helps ensure server availability in certain situations, such as bringing a server online or recovery scenarios.

MobileIron support for Android devices
Organizations using MobileIron to manage their mobile applications will now be able to take advantage of MobileIron application management capabilities with the IBM Notes Traveler client for Android, including the ability to provision application configuration settings, manage access through MobileIron Sentry, and enforce MobileIron application specific security polices. For more information, refer to this article link.

MobileIron support for Companion and ToDo applications on Apple iOS devices
Organizations using MobileIron to manage their mobile applications will now be able to take advantage of MobileIron application management capabilities with the IBM Notes Traveler Companion and ToDo apps for Apple iOS devices. For more information, refer to this article link.

Return receipts for Android devices
On IBM Notes Traveler for Android device, you can now elect to receive return receipts when your mail has been opened

More @Whats_new_in_IBM_Notes_Traveler_9.0.1

No charge, push email software for IBM Notes users
IBM« Notes« Traveler is push email software that provides quick access to email, calendar and contacts from a wide range of mobile devices or tablets.
This no charge mobile offering is available for IBM Notes and Domino« users. Enhance the productivity of your mobile workforce with this security-rich software.

IBM Notes Traveler (formerly IBM Lotus« Notes Traveler):
Is designed to keep your users connected and productive with full-featured email for smartphones and tablets.
Is security-rich, helping to safeguard sensitive data while enhancing compliance with your corporate policies.
Enhances administrator productivity and helps optimize network throughput.

The Badkey Team
http://beknown.com/john-willemse
http://planetlotus.org/profiles/john-willemse
Technorati:
ClustrMaps
Locations of visitors to this page
My World Travel (21%)
world66.gif
47 countries World66 Member
Domino Social Edition
StatCounter Statistics

View My Stats
Visitor Activity
Planetlotus.org
StatCounter Came From
Crossware Mail Signature
Twitter