Skip to main content

Posts

Showing posts from May, 2016

Kill the Upgrade to Windows 10

There are many people who, for whatever reason, don't want to upgrade  to Windows 10.

Microsoft admits this and outlines the way to do this on their support page. This is what you need to do:

Create a blank.reg file and put this in it:

Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Gwx]
"DisableGwx"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate]
"DisableOSUpgrade"=dword:00000001


Then run it by double-clicking on it.  Alternatively, you may manually add those keys to the registry yourself using regedit.

Or you can download this file which is the file you were told to create above. Please examine the downloaded file in a text editor to see that it matches the instructions above.

UPDATE

BY now, this should be old news and you will have been forced to update you Windows computer. Sorry.

Adding a Spellchecker to Leafpad

Leafpad is the text editor for the LXDE desktop environment. It does well for editing basic text files, but it lacks a spellchecker.

This is a hack to use the default-installed Hunspell to spell-check your text file.

To accomplish this, you need to save the text file, open it in Hunspell, close Hunspell and re-open the document in Leafpad.

This is accomplished by a script added to your .bashrc. I found this script in a recent Knoppix thread.

Add this to .bashrc:

lpad() { # uses leafpad to edit $1; on closing leafpad, # # # hunspell checks spelling; 
#on closing hunspell, leafpad shows corrected copy.
leafpad $1; aspell $1; leafpad $1 &
}

NOTE: You can also use this with ispell, but you'll need to invoke "ispell  -c".NOTE: I found the command line at the bottom of Hunspell to be misleading. For example, it says that pressing "I" is "Insert". It actually means "Accept  the  word,  capitalized as it is in the file, and update private dictionary.&quo…

Using a Blocklist File With Iptables

I read an interesting piece about securing servers written by Greg Bledsoe in LinuxJournal. I thought I would try it out and it turns out that it needed a few massages to make it run on my Mageia5 system.

There are two parts to his approach, a short script that runs as rc.local, which file does not exist in Mageia, but will be properly run if you create it in /etc/rc.d/rc.local.

#!/bin/sh
#/etc/rc.d/rc.local
# REF: http://www.linuxjournal.com/content/server-hardening?page=0,2
#create iptables blocklist rule and ipset hash
/usr/sbin/ipset create blocklist hash:net
/usr/sbin/iptables -I INPUT 1 -m set --match-set blocklist 
↪src -j DROP

This file owner should be root with 700 permissions.
Once you create it, you should execute it manually because that needs to be done before you run the script to collect the blocklists.
I put the blocklist collection script in /usr/local/bin. You will need to create the directory /usr/local/bin/tmp because the script wants to keep its temporary files there.

#!/…

ImageMagick Interim Fix

A vulnerability resides in ImageMagick, a widely used image-processing library that's supported by PHP, Ruby, NodeJS, Python, and about a dozen other languages. Many social media and blogging sites, as well as a large number of content management systems, directly or indirectly rely on ImageMagick-based processing so they can resize images uploaded by end users. According to developer and security researcher Ryan Huber, ImageMagick suffers from a vulnerability that allows malformed images to force a Web server to execute code of an attacker's choosing. Websites that use ImageMagick and allow users to upload images are at risk of attacks that could completely compromise their security.

Update your /etc/ImageMagick/policy.xml file so that it contains the code taken from http://imagetragick.com  and restart corresponding daemons.

You're safe now. The full fix is still being worked out.

And if you have the old version of ImageMagick (because you are on CentOS 5, for example) …