Managing Xen With Xen-Tools, Xen-Shell, And Argo Version 1.0 Author: Falko Timme <ft [at] falkotimme [dot] com> Last edited 10/21/2006 This guide describes how to install and use xen-tools, xen-shell, and Argo on a Debian system. All three packages provide useful tools for the administration of virtual Xen machines. I want to say first that this is not the only way of setting up such a system. 1 Preliminary Note I assume you have already installed Xen 3 on your Debian system (it doesn't work with Xen 2!) The hostname of my Xen dom0 domain is server1.example.com in this tutorial, its IP address is 192.168.0.100, and the gateway is 192.168.0.1. Please make sure you have a line like this one in /etc/hosts: vi /etc/hosts 2 Xen-Tools Although there are Debian packages for xen-tools and xen-shell available on I decided to install xen-tools and xen-shell from the sources because the xen-tools Debian package wrote invalid Xen configuration files for me which didn't happen when I used the sources. man xen-create-image
17 Reasons Why Your Mac Runs Slower Than it Should | ChrisWrites Has your Mac become as slow as an asthmatic ant carrying some very heavy shopping? It can happen so gradually at first its hard to notice, sometimes its not until you get to use another machine that it finally dawns on you. Macs like all computers, can run slower over time, but it doesn’t have to be like this. By performing a few simple clean up and maintenance tricks, you can have it back running like new in no time. 1. Upgrading your RAM will probably give you the biggest speed increase out of any of these tips. You can use the Activity Monitor application (under Utilities in the Application folder) to check if your Mac would benefit from more RAM. 2. It doesn’t hurt to regularly clear out built up Caches, Log files and Temporary Items an easy way to do this is to use an application like CleanMyMac 3. 3. Smart playlists can make iTunes slower as they have to reload every time iTunes is launched. 4. 5. Having too many files and folders on your desktop can slowdown your machine. 6. 7. 8.
modsec2sguil - manage ModSecurity alerts in the Sguil NSM system Modsec2sguil is a Perl script that feeds ModSecurity alerts to Sguil, the Network Security Monitoring (NSM) system. The 0.7 release works as a drop-in replacement for Snort's barnyard. The new 0.8-devX release currently in testing works as a real agent, but it only supports Sguil 0.8.0. There is some documentation in the tarball. Modsec2sguil is Open Source under the GPLv2 license. For news, please check my blog at www.inliniac.net/blog/ Screenshot Screenshot of Sguil 0.7.0-CVS with a ModSecurity alert. Releases modsec2sguil-0.5 modsec2sguil-0.6 modsec2sguil-0.7 Development Releases (for Sguil 0.7-CVS) modsec2sguil-0.8-dev1 modsec2sguil-0.8-dev2 modsec2sguil-0.8-dev3 modsec2sguil-0.8-dev4 modsec2sguil-0.8-dev5 modsec2sguil-0.8-dev6 modsec2sguil-0.8-dev7 Code Modsec2sguil on github ChangeLog Version 0.8-dev7 March 26th, 2008 - Update protocol string to reflect Sguil 0.7.0 stable release - Support ModSecurity 2.5.x, thanks for the addition Ryan Cummings Version 0.8-dev6 September 18th, 2007
iPhone Apps and iPod touch Application Gallery appSafari.com Google App Engine Adds New Features -- InformationWeek Java and Python software development kits get upgraded as Google refreshes its platform-as-a-service offering.Google has upgraded the App Engine, the company's platform for developing and hosting Web application in Google data centers. Version 1.4.3, released Wednesday, brings the Java and Python runtimes closer to parity by including in the latter's software development kit a test library matching the Java SDK's testing framework, Google said. On the other hand, the Java SDK gets deferred and remote application programming interfaces. A key feature in the Python SDK is an experimental released called the Prospective Search API, which taps into a querying service that allows developers' applications to match search queries against real-time data streams. The test bed suite in the SDK enables developers to test the quality of code locally, instead of using App Engine production services. In releasing the new SDKs, Google also gave a peek at the upcoming 1.4.4 version of App Engine.
Primate Labs Blog Late last year Ars Technica noticed that some Samsung phones artificially boost performance when running Geekbench 3. This boost inflated Geekbench 3 scores by up to 20%. Since benchmarks are only meaningful when they're treated the same as any other application, we have been working on determining which devices "benchmark boost", and what we should do with results from these boosted devices. I'd like to share what we've discovered. In order to determine which devices artificially boost performance when running Geekbench we added a "boost detector" to Geekbench 3. Samsung Galaxy Note 10.1 (2014)Samsung Galaxy Note 2Samsung Galaxy Note 3Samsung Galaxy S 3Samsung Galaxy S 4Sony Xperia ZSony Xperia Z TabletSony Xperia Z UltraSony Xperia Z1Sony Xperia ZL On both Samsung and Sony devices the boost appeared in Android 4.3. In order to combat benchmark boosting we have decided to exclude results from these devices running Android 4.3 from the Android benchmark chart. Final Thoughts
BYTE Mobile Radio Digs Into The Week In Mobile -- InformationWeek More AT&T news, disappointing PlayBook rumors, and no iPhone 5 till fall On BYTE Mobile Radio this week, hosts Craig Johnston and I dig into the week's mobile news in our 15-minute podcast. Still top of mind: AT&T's deal to acquire T-Mobile. Chris Spera, a BYTE editor who sat in for InformationWeek's Fritz Nelson on this episode, added to our discussion about Sprint's recent objections to the merger. AT&T, of course, has responded by saying the merger will improve service. But how will T-Mobile customers fare? And is it true Apple won't have the iPhone 5 till mid- or late September? Another disappointment we discuss on this week’s segment of BYTE Mobile Radio: RIM's PlayBook will likely ship in a couple of weeks without native support for BlackBerry email and contacts. As Craig notes, RIM has yet to ship its SDK for the PlayBook, and without the SDK, developers can't write native apps. We discuss some rumors, too, including one that has Microsoft delivering a Zune tablet later this year.
“Secure by Default” doesn’t seem to be ColdFusion’s motto « Neohapsis Labs By Patrick Toomey It is a trivial truth, but it doesn’t make it any less so: secure development is not easy. Given the dynamics at play in the majority of companies many developers are incentivized to produce code as quickly as possible. This got me thinking about what should be the king of the hill when it comes to this type of object reuse; Rapid Application Development (RAD)/4GL languages/frameworks. While not a complete list by any means, and these are not likely to surprise ColdFusion experts, here are a few things that popped up pretty quickly on a recent assessment: Session cookies use CFTOKEN by default – An upper bound for the entropy provided by this is around 26 bits (which is extremely small relative to other contemporary session tokens). SQL Injection prevention – ColdFusion has a mechanism for parameterized queries built in to their database abstraction (cfqueryparam for those familiar with ColdFusion). SELECT A WHERE B= ‘#Form.C#’ AND D= ‘#Evaluate(“Form.element_” & i)#’
New Android Malware Targets App Pirates Following the recent removal of almost 50 apps from the Android Market due to malware infection, security firm Symantec has found Android threat. Unlike the previous malware threats however, this latest incident is not found in the Android Market, but in the form of an illegally copied version of a legitimate app. Found on file sharing sites, a pirated version of the app “ ” is infected with a type of malware that seems intended to embarrass the device’s owner by sending a badly misspelled SMS message to the entire target’s contact list stating “Hey, just downlaoded a pirated App off Internet, Walk and Text for Android. Im stupid and cheap, it costed only 1 buck. At this point, it’s unclear if this style of vigilante app justice is designed to damage the reputation of the legitimate software, or if it is simply the act of an angry developer. As the app market across the mobile user base continues to grow, this may simply be the first of many exploits aimed at underground app thieves.
VulnerabilityAssessment.co.uk House Republican freshmen resist potential budget compromise as leaders negotiate One day after Vice President Biden outlined a potential agreement to stave off a government shutdown, Republicans on Thursday said it won’t be that easy. Some seemed to object to the idea of a compromise, of any sort. Others took issue with the specific compromise Biden floated on Wednesday. And some said that was nowhere near enough. “You know, that is kind of classic Washington right there, right? A budget deal could still come together. But it was clear that this budget impasse will be solved — if it is solved — not because of the familiar Capitol Hill favor-trading but because each party fears being blamed for a shutdown. And, with the deadline to avert a shutdown still a week away, it seems that nobody is afraid enough yet. The government has now operated without a budget for 183 days. On Wednesday, Biden had signaled that a deal might be possible before April 8, when the current stopgap measure will expire, telling reporters, “We’re all working off the same number now.” Rep.
The BrainYard: Tackling The Hairiest Business Collaboration Issues -- InformationWeek Our new site delivers news and analysis you can trust -- and practical advice you can use -- in your mission to connect people, generate ideas, and create business opportunities. Welcome to the BrainYard, a brand new site and community dedicated to helping business and IT pros with a huge challenge: improving how their companies hatch ideas, share best practices, manage and execute projects, identify business opportunities, get closer to partners and suppliers, and tap into and anticipate customer needs. It's about the latest technology tools, platforms, and services -- as well as organizational approaches -- for fostering business collaboration, social networking, and community building. You may know the subject matter by a couple of other names: Enterprise 2.0 or the social enterprise. Why do we call this site the BrainYard? BrainYard shouldn't imply theoretical or wonky, however. And we won't be a bunch of industry or Enterprise 2.0 movement cheerleaders, either.
Re: INSECT Pro 2.5 Release - Web scanner tool Full Disclosure mailing list archives Re: INSECT Pro 2.5 Release - Web scanner tool From: root <root_ () fibertel com ar> Date: Thu, 31 Mar 2011 16:56:12 -0300 On 03/29/2011 10:12 PM, runlvl wrote: Insecurity Research is happy to announce the release of version 2.5, get it now while is still hot ! Hi Juan. By Date By Thread Current thread: Traffic deaths in U.S. drop to lowest level since 1949, NHTSA reports The 3 percent decrease from 2009 was recorded even as the nation’s drivers put nearly 21 billion more miles on their odometers in 2010 than they had the previous year. The death rate has declined by 25 percent since a peak of 43,510 in 2005, NHTSA said. “The recession is still a little bit of a factor,” said Barbara Harsha, executive director of the Governors Highway Safety Association, “but the big reasons are programs aimed at driver behavior, safer vehicles and safer roads.” After years of publicity and police enforcement, more drivers are buckling seat belts and fewer are driving drunk, she said. Stability control, anti-lock brakes and air bags have made accidents less likely and more survivable. “I just bought my son a little Toyota, and it has five air bags,” Harsha said. Some of the road engineering improvements she cited were relatively inexpensive tweaks rather than expensive overhauls. “Rumble strips and improved pavement marking make a big difference at a low cost,” she said.