From: David White ------------------------------------------------------ Judge for yourself. I haven't made up my own mind (yet), but I typically like CNET's stuff. http://news.cnet.com/8301-31921 ..more..

From: Stephen Haywood ------------------------------------------------------ Has everyone started patching SAMBA? https://www.samba.org/samba/security/CVE-2012-1182 -- Stephen Haywood Information Security Consultant CISSP, GPEN, OSCP T: @averagesecguy W: averagesecurityguy.info ..more..

From: Rod-Lists ------------------------------------------------------ UPDATE: A critical security flaw has been identified in the latest version of Backtrack, a popular version of Linux that is used by security professionals for penetration testing. The previously undiscovered privilege escalation hole was disclosed in a post on the Web site of the Infosec Institute. It was discovered by a student taking part in an InfoSec Instutite Ethical Hacking class https://threatpost.com/en ..more..

From: Stephen Haywood ------------------------------------------------------ An acquaintance needs help setting up MSSQL on SBS 2003. It is paid work (not sure how much). If you are interested, please let me know off list. Thanks, -- Stephen Haywood Information Security Consultant CISSP, GPEN, OSCP T: @averagesecguy W: averagesecurityguy.info ..more..

From: Stephen Haywood ------------------------------------------------------ My father-in-law is selling his black iPhone 4s for $320. If any of you are interested let me know off-list and I will put you in touch with him. -- Stephen Haywood Information Security Consultant CISSP, GPEN, OSCP T: @averagesecguy W: averagesecurityguy.info ..more..

From: Stephen Haywood ------------------------------------------------------ Have you looked at Basecamp from 37Signals. Not sure if it does the version control but it is designed as a project management system. On Sun, Apr 1, 2012 at 4:57 PM, Lisa Ridley wrote: > Hey Guys, > > I'm looking for a good solution for a version control / project management > / timekeeping system. I recently took a job as a project manager for a > small software consulting company, and we are struggling a little bit with > the project management software side of things. > > We are currently using Git for version control (which works great), and > Redmine for our project management package. The version control browsing > capabilities built into Redmine are a definite plus. > > I've got both running on a Rackspace cloud server configured with 2GB RAM, > with an Apache web server and Passenger, and we are having performance > issues with Redmine being slow on startup. In addition, we need better > time tracking than the base Redmine install can provide. To clarify, the > built-in time tracking is OK, but we need better reporting. Plus I'm > spending too much time having to restart the server because Redmine has > decided, for whatever reason, to die again. It's making me uncomfortable > relying on this as our primary means of managing workflow. > > I'm fine with patching together a series of software solutions (doesn't > have to be a one-stop-shopping solution, but the components do need to > integrate). If I have to cobble together, I'd prefer they be in PHP (it's > the language I know best). > > What I'm looking for is: > > 1. Git version control (no compromise here) > 2. Project Management / Ticketing system that has access control to allow > me to grant clients access to certain parts of the reporting aspects (but > not all). Integration with Git where tickets can be commented with git > commit messages and tied to related version control commits is a definite > plus. > 3. Documentation system (wiki based is good) -- also need granular > control for client access. > 4. Asset management (ability to upload designer files and client > documents) > 5. Timekeeping that integrates with the ticketing system to track time > spent on tickets as well as time spent on non-billable activities. > 6. Doesn't require a dedicated bank of servers to achieve an acceptable > level of performance. > > I've used Bugzilla and MantisBT in the past for bug tracking -- both > integrate well with version control, but don't have documentation and > timekeeping processes in place. > > I may be able to tune what I have in place to improve performance, and > install modules or plugins to achieve the timekeeping and reporting aspect, > but I can't seem to find a module that will provide what I need that works > with the version of Redmine we are running; besides the sluggish > performance is an issue. > > So--------------------- > > Suggestions? > > What are you using that works, and what are the pros and cons of your > setup? > > Lisa Ridley > > ..more..

From: Stephen Haywood ------------------------------------------------------ I have a software product that is a large Ruby script. I would like to sell it in source code form but don't necessarily want to grant the purchaser GPL rights (ie: I don't want them to modify and resell the script). Is it still considered open source if you give a way the source code but not the rights? If so, is there an appropriate open source license that would cover this? -- Stephen Haywood Information Security Consultant CISSP, GPEN, OSCP T: @averagesecguy W: averagesecurityguy.info ..more..

From: Matt Keys ------------------------------------------------------ fits one of my favorite clips from onion http://www.theonion.com/video/in-the-know-is-the-government-spying-on-parano id-s,14177/# -----Original Message----- From: chugalug-bounces@chugalug.org [mailto:chugalug-bounces@chugalug.org] On Behalf Of Dave Brockman Sent: Thursday, March 29, 2012 7:37 PM To: CHUGALUG Subject: [Chugalug] things that make you go hmmm... -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 http://www.wired.com/threatlevel/2012/03/ff ..more..

From: Dave Brockman ------------------------------------------------------ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 http://www.wired.com/threatlevel/2012/03/ff ..more..

From: Stephen Haywood ------------------------------------------------------ Got this on Linkedin and thought I would share. The opening appears to be in Huntsville AL. Dear Stephen, I wanted to reach out to see if we could get an update on what you are up to these days. We currently have an immediate need for a Sr. System Administrator with Linux/RedHat experience at MIT Lincoln Lab in Huntsville, AL that we are trying to fill. Specific Position can be seen at: http://www.dpcit.com/opportunities/detail/5869 If this role may not be a fit for your current career goals but you are interested in exploring opportunities, please send me an updated resume and salary / rate expectations and I would be happy to keep you informed of more fitting opportunities. Please also forward to anyone who might be interested - we pay great referral fees! Thanks so much for your consideration. MIT Lincoln Lab is one of the most prestigious Research and Development Labs in the country. The work is super challenging and interesting. The people are world class engineers from all types of backgrounds. The atmosphere is much more conducive to work life balance since it is not a commercial / publicly traded company. We have placed over 100 Engineers at this client and we can get you in there too if you're interested and well qualified. MIT Lincoln Lab is literally the kind of place that you can make a career out of. Many of our consultants have been there for many many years. These are very stable and long term opportunities. As a contractor with DPC you can work as our full time employee with full benefits (medical, dental, vision, STD, LTD etc.), or you can work as a W2 hourly contractor at a higher pay rate if you don't need the benefit package. Come and see why so many top engineers choose to work at MIT Lincoln Lab! ** All candidates must be US citizens** Patrick Guimond pguimond@dpcit.com -- Stephen Haywood Information Security Consultant CISSP, GPEN, OSCP T: @averagesecguy W: averagesecurityguy.info ..more..

From: Stephen Haywood ------------------------------------------------------ For the true geeks on the list. http://hackaday.com/2012/03/28/building-the-worst-linux-pc-ever/ -- Stephen Haywood Information Security Consultant CISSP, GPEN, OSCP T: @averagesecguy W: averagesecurityguy.info ..more..

From: Stephen Haywood ------------------------------------------------------ All, I have created a github repo for python example files. It's meant as a learning tool for folks that are new to python. Feel free to take a look at the repo if you are interested in learning python. If you already know python and are willing to make suggestions for other examples that should be included please let me know. The repo is at http://github.com/averagesecurityguy/Python-Examples. Thanks, -- Stephen Haywood Information Security Consultant CISSP, GPEN, OSCP T: @averagesecguy W: averagesecurityguy.info ..more..

From: Jonathan Calloway ------------------------------------------------------ Or Clonezilla. . . http://clonezilla.org/ From: chugalug-bounces@chugalug.org [mailto:chugalug-bounces@chugalug.org] On Behalf Of Christopher Rimondi Sent: Thursday, March 01, 2012 4:14 PM To: CHUGALUG Subject: Re: [Chugalug] Clone a drive If the drives are still in the machines and you don't feel like taking them out, you can use netcat. http://www.cyberciti.biz/tips/howto-copy-compressed-drive-image-over-network .html On Thu, Mar 1, 2012 at 4:08 PM, Stephen Haywood wrote: If you already own a USB hard drive you may be able to take it apart and swap the hard drives instead of buying an adapter. On Thu, Mar 1, 2012 at 3:41 PM, Lynn Dixon wrote: you could use a USB to sata adapter and plug it into a good system. Then just use dd to copy the entire drive to an .img or .ISO on the local machine. That way you can move the cloned img or ISO to whatever you wanted. On Mar 1, 2012 3:35 PM, "Nixonphotos" wrote: I need two drives cloned....both are Slackware....one laptop and the other a pc drive. The pc drive is SATA...I don't have a SATA system... Sent from my iPhone ..more..

From: Rod-Lists ------------------------------------------------------ Needing root to add a printer that is wild! http://www.itworld.com/security/254430/torvalds-blasts-opensuse-security-policies ..more..

From: Dave Brockman ------------------------------------------------------ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 http://nakedsecurity.sophos.com/2012/02/28/delete-old-tweets/ Regards, dtb -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk9NeJUACgkQABP1RO+tr2RECwCfRiQ+GNzTVTbAeT6A3dz1Si4Q nXsAoL1ojALkgCKfo+osg3ZJr8YnvlaR =IE2Q -----END PGP SIGNATURE----- ..more..

From: Jonathan Calloway ------------------------------------------------------ I worked in this job for about a year myself. I did about 6 weeks on 3rd shift once, and it was WFH. My only problem was the calls from India and China, but they were few and far between. It gave me a lot of time to read and study for cert tests! -----Original Message----- From: chugalug-bounces@chugalug.org [mailto:chugalug-bounces@chugalug.org] On Behalf Of Stephen Haywood Sent: Tuesday, February 21, 2012 1:47 PM To: CHUGALUG Subject: Re: [Chugalug] Job opening in Dalton I have to hit a certain number of billable hours and accomplish certain tasks. If I were goofing off it would become apparent very quickly. On 2/21/12, Ed King wrote: > thanks for the response Lynn... sounds like Mohawk has a great > working environment > > would still like to hear from other folks regarding their employer's WFH > policies... put it on the table... let's see who is the coolest, most > progressive IT employer in town :) > > > > > > > ..more..

From: John Aldrich ------------------------------------------------------ Got this from a recruiter today... I'd go for it, but for two things: =20 1) I've already got a temp job. 2) I think I'm going to have something =20 better shortly... 508 east Morris St. Dalton, GA 30722 16/hr ITSM Roll-Out, extra contract help needed for 4 months, possibly longer for the Support Center. Douglas said they need someone who is positive and upbeat with solid Office skills. The Support Center Technician I must provide 1st level technical support in a positive, professional image to a geographically dispersed client community. The majority of the work will be spent on the phone resolving tickets at the 1st level, and will escalate tickets to 2nd and 3rd level technicians when necessary. Also, the Support Center Technician I must be comfortable working closely with IS management, their Support Center peers, and other IS technical and applications staff. * Provides telephone or electronic 1st level technical support for the determination, resolution, or escalation of technical problems related to Windows environments and Windows applications, electronic mail, enterprise applications & databases, security issues, desktop hardware/software, server hardware/software, and production equipment related issues. * Troubleshoots problems using desktop remote control products where possible and documents all services provided. * Interacts with business customers of IS services with a high degree of tact and diplomacy to promote a positive image of the IS department. * Uses verbal and written communications to demonstrate a customer-focused attitude when dealing with customers. * Accurately communicates pertinent information to create a work environment that lends itself to the best interest of departmental personnel and customer service. * Develops an understanding of critical business systems / processes and the adverse business impact if these systems / processes are not available. * Invokes problem escalation procedures to coordinate recovery. * Resolves problems at 1st level at least 60% of the time. Performs 2nd level support on an exception basis. * Uses the Support Center ticket database (Service Center) to open and track tickets. Retains ownership for the tickets he/she opens. Escalates open tickets when necessary to a 2nd level technician. * Learns the Mohawk technical environment while maintaining competency and enhancing professional growth and development through continuing education and conferences. * Works closely with IS Management, Support Center personnel and other IS technical and applications staff. * Prefer to have a Bachelor's Degree in a technology or business related discipline, or * Associates Degree in a technology or business related discipline and at least 2 years related experience, or * At least 4 years experience in end-user support with the Microsoft Windows environment. * Must have a technical knowledge of advanced PC diagnostics and strong familiarity with the Microsoft Windows platform. * Industry standard certifications (A+, Network+, MCP, CCNA, CCNP, etc) a plus * Must be customer-focused, work well in a team-oriented environment, and provide quality service for the business client. Must pay very close attention to detail. Must have very good phone etiquette. * Must be open to flexible working hours including nights, weekends, and overtime as needed. * Bilingual in Spanish a plus. Sieron Dottin Senior Talent Qualification Specialist National Recruiting Center Kforce Inc. 813.552.3490 office 877.258.2085 x. 3490 toll free 866.470.6790 fax Great People =3D Great ResultsSM ..more..

From: Stephen Haywood ------------------------------------------------------ Anyone interested in getting together about 6:00 tonight at Panera on Gunbarrel to talk infosec, programming, projects, etc? Stephen -- Stephen Haywood Information Security Consultant CISSP, GPEN, OSCP T: @averagesecguy W: averagesecurityguy.info ..more..

From: Stephen Haywood ------------------------------------------------------ Do any of you have experience setting up an email server on rackspace? I have an account and a linux instance that I want to setup as a e-mail server for a personal domain. -- Stephen Haywood Information Security Consultant CISSP, GPEN, OSCP T: @averagesecguy W: averagesecurityguy.info ..more..

From: Rod-Lists ------------------------------------------------------ Due to combination of end of the License from Oracle & security issues. http://www.omgubuntu.co.uk/2011/12/java-to-be-removed-from-ubuntu-uninstalled-from-user-machines/ ..more..