Today, LOPSA (The League of Professional Systems Administrators) turns one year old!

I attribute, in part, the growing movement to turn Systems Administration into a profession to Tom Limoncelli. I believe his short “happy birthday lopsa” post explains LOPSA’s goal better than I can:

For those of you that don’t know, LOPSA is the League of Professional System Administrators. The goal is to become like the AMA is to doctors, or the APA is to shrinks. That is, work on building the professionalism of our community. If you aren’t a member, I highly recommend that you join. Heck, it’s free to just register.

LOPSA grew out of SAGE, the System Administrators Guild. If you work as a System Administrator and believe your job is more about professional practice, standards, and ethics than it is about knowing the right command or configuration file, you should join!

If you are running Mozilla, Firefox, or Netscape, you need to upgrade now due to the IDN URI Buffer Overflow. In short, internationalized domain name characters in URLs can be used to compromise your PC. While this vulnerability has been known for more than a week, exploit code has been made publicly available now so it just a matter of time before we start seeing attacks based on this vulnerability.

Don’t confuse that vulnerability with another new one that affects Unix only and also affects Thunderbird.

If you are running Firefox, Mozilla, or Thunderbird on Unix (Linux, OpenBSD, MacOS-X, Solaris) you need to upgrade now. According to The SANS Institute, “This vulnerability in Mozilla/FireFox browsers and Thunderbird email client can be exploited to execute arbitrary commands on UNIX systems.” More information is available at SecurityFocus.

Go to http://www.mozilla.org/ for information on how to download the latest versions.

A common problem in security is deciding how to scan PCs that are suspected to be infected with a computer virus. One approach is to use anti-virus software already installed on the PC, however mistrust of that anti-virus software may be wise considering that there exist a number of viruses that disable or alter anti-virus software. An alternative approach is to boot the computer from some other media (CDROM, Floppy Disk, USB Mass Storage, PXE) and run an anti-virus program from that media. This approach increases the trustworthiness of the the anti-virus software but brings up the question of how to ensure that the latest anti-virus definitions are available.

Knoppix is a bootable linux distribution that comes with Clam Anti-virus and support the downloading of anti-virus definitions to a ramdisk. Thus, you can boot from the CDROM which has a complete read-only operating system installed already and then run the included virus-scanner which will get the latest virus updates over the net. This provides you with a safe and easy method to initially respond to suspected infections.

Knoppix can be obtained by direct download from a number of mirror sites or via BitTorrent.

Today I learned a new unix command: stat. I never fail to enjoy learning a new unix command. Even after 10 years of being a sysadmin I still find useful commands that I have never used.

The stat command is similar to the ls command in that they both give you information about files and filesystems. However, stat is more useful in automated scripts. For example if you wanted to get just the filesize of a file with ls you would have to do this:


ls -la myfile | tr -s '[:space:]‘ | cut -s -d ‘ ‘ -f 5


But “tr” and “cut” behave differently on different systems so this will not always work. On the other hand GNU stat is simpler and works well across systems:


stat -c '%s' "users1.txt"