Walmart servers hacked

November 2, 2009 by Leave a comment

Wired has a story about a hacker breaking into Walmart’s point of sales computer. Amazingly Walmart claims that the attacker didn’t get any costumer’s personal information or credit cards. While I’m a bit dubious of their ability to know this, I did find the description of how the attacker got in to be interesting.

Investigators found that the tool had been installed remotely by someone using a generic network administrator account. The intruder had reached the machine through a VPN account assigned to a former Wal-Mart worker in Canada, which administrators had failed to close after the worker left the company.

Filed under News Tagged with , ,

Subversion on Ubuntu

February 11, 2008 by Leave a comment

Why is it always so hard to setup applications in Linux? Don’t get me wrong I much prefer setting up complex applications in Linux to setting them up in Windows but still there must be an easier way. I just spent several hours setting up subversion on my Ubuntu machine which involved some time on help pages and some time debugging and some time figuring out how I wanted my setup to work vs. other people’s setups. So I’m documenting some of my problems and solutions here just in case some other poor soul has a similar issue.

Basic Subversion setup

To begin the following url was an excellent help guide to start with. The guide described everything except how to do ssl encryption and I had some issues with the authentication which is detailed below.

https://help.ubuntu.com/community/Subversion

Authentication issues

Once I got everything installed and working I tried doing a checkout on another machine. Much to my surprise the checkout worked but asked for no username or password. For some reason the server was requiring a username and password to write to a file on svn but not to read. Since I wanted my files to be kept private I had to lookup some documentation on how to change the authentication. I recommend this site, it is fairly cryptic but it has some good examples. I ended changing the /etc/apache2/mods-available/dav_svn.conf so it would only allow bob and myself to make changes.


<Location /svn/compilers>
DAV svn
SVNPath /home/svn/compilers
AuthType Basic
AuthName "compilers subversion repository"
AuthUserFile /etc/subversion/passwd
require user kami bob
</Location>

SSL Encryption

Using the basic setup SVN sends all passwords and other data in the clear. This is somewhat insecure and I wanted to enable SSL encryption. There is a nice Ubuntu documentation page on how to do this. The only problem is that a default install of apache2 on Ubuntu doesn’t come with the apache2-ssl-certificate application. I found a discussion forum that talks about the issue and proposes several solutions. I’ve quoted the solution I used below:

* apache2-ssl.tar.gz (964 bytes, application/x-tar)

You can grab ssleay.cnf and apache2-ssl-certificate from Edgy’s apache2 version.

I hope this workaround works for people who bothered by this issue. Extract the package and put ssleay.cnf to /usr/share/apache2/ and apache2-ssl-certificate to /usr/sbin.

Create /etc/apache2/ssl directory. Then apache2-ssl-certificate script should work.

Filed under Fixing computer problems Tagged with , , ,