Zero Day Vulnerability in Internet Explorer Could Allow Remote Code Execution

e-Cop has received reports about a zero-day vulnerability in Internet Explorer allowing remote code execution being targeted in the wild.

The vulnerability, CVE-2014-1776, is a remote code execution vulnerability. The vulnerability exists in the way that Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated. The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer. An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website. This vulnerability has been reported to affect all current versions (IE6 through IE11) of Internet Explorer.

Workaround/ Advices:
Microsoft is currently investigating this issue and no patches are yet available (as of the time of this email was sent).

Microsoft has offered Workarounds and Suggested Actions at the following advisory:
-          https://technet[dot]microsoft[dot]com/en-US/library/security/2963983

xrdp session unable to log on. Hang on sending login info to session manager for CentOS 5

I tried logging on to the linux box using the Remote Desktop Protocol and I was unable to log on. Instead, I had this message below and nothing happens. If I click the "ok" button, it returns to login screen.

connecting to sesman ip 127.0.0.1 port 3350
sesman connect ok
sending login info to session manager, please wait…

I manage to solve the issue by

Step 1: Cleaning up the /tmp/.X11-unix

• See  xrdp_mm_process_login_response: login failed

Step 2: Stop the VNC-Server and xrdp. Uninstall the VNCServer and xrdp to clean up all the processes

# service xrdp stop
# service vnc-server stop 

# yum remove vnc*
# yum remove xrdp

Step 3: Find and clean up the vncserver and xrdp orphan sessions

# ps -afe|grep vnc*
# kill -9 process_id_of_orphaned_vnc_process

# ps -afe|grep xrdp
# kill -9 process_id_of_orphaned_xrdp_process

Step 4: Yum install vnc-server and xrdp and start the services

# yum install vnc-server
# yum install xrdp

# service vnc-server start
# service xrdp start 

Try logging to the Linux Box using Remote Desktop Protocol again.

Installing cp2k on CentOS 6 via yum

CP2K is a program to perform atomistic and molecular simulations of solid state, liquid, molecular, and biological systems.

If you are installing cp2k on the linux box, you may want to use the good old yum. Make sure you have EPEL repository on. For more information, do take a look at Repository of CentOS 6 and Scientific Linux 6

For serial cp2k

# yum install cp2k

For OpenMPI

# yum install cp2k-openmpi

For MPICH2

# yum install cp2k-mpich2 

Using mod_reqtimeout to make HTTP Server less vulnerable for DOS Attack for CentOS

This steps are for CentOS 5 and 6

Step 1: Upgrade Apache HTTP to the latest version

# yum update httpd

Step 2: Edit the httpd.conf.

# vim /etc/httpd/conf/httpd.conf

Inside httpd.conf. Scroll all the way to LoadModule.......... section and add the line

LoadModule reqtimeout_module modules/mod_reqtimeout.so

Step 3: Create a /etc/httpd/conf.d/reqtimeout.conf and put in the informationbelow

<ifmodule reqtimeout_module>
RequestReadTimeout header=10-20,minrate=500
RequestReadTimeout body=10,minrate=500
</ifmodule>

Step 4: To check whether the apache module is loaded, do

# apachectl -M

Or

apache2ctl -M

References:

1. Mitigating WAS QID 150085 Slow HTTP POST Vulnerability on Apache

Redhat Summit 2014 Innovation Awards winner. Horray City-State Singapore

From Red Hat

Category: Emerging Technologies
Recognizing the most successful illustration of cutting-edge deployment and business value from Red Hat’s emerging technology portfolio.

Winner: Nanyang Technological University:
Due to high computing demand by researchers and students, Nanyang Technological University, a research-intensive university in Singapore, sought an open hybrid cloud infrastructure to link the school's private cloud with its Amazon Web Services public cloud. The university deployed Red Hat Cloud Infrastructure, Red Hat’s solution for building and managing an open, private Infrastructure-as-a-Service (IaaS) cloud based on datacenter virtualization and management technologies. Nanyang Technological University reduced costs by 30 percent by integrating their public and private clouds. The school increased flexibility afforded by the Red Hat and Amazon Web Services cloud solution during computing traffic spikes and provided secure data replication.


- See more at Red Hat Honors Outstanding Open Source Advancement with Eighth Annual Red Hat Innovation Awards

---

From Computerworld


Singapore's Nanyang Technological University (NTU) has emerged as the winner in the Emerging Technology category of the eighth annual Red Hat Innovation Awards.

The award ceremony took place at Red Hat Summit 2014 in San Francisco, California.

NTU is the first to implement a Red Hat Cloud Infrastructure solution in Singapore and is now used as a reference for adoption of hybrid cloud solutions amongst academic institutions locally and in the region.

- See more at: http://www.computerworld.com.sg/tech/industries/nanyang-technological-university-of-singapore-wins-technology-award/#sthash.oiFkcXqK.dpuf

Using Intelligent Platform Management Interface (IPMI) on IBM Linux Platforms

This is the Blueprint document of using Intelligent Platform Management Interface (IPMI) on IBM Linux Platforms for x86 machine Using Intelligent Platform Management Interface (IPMI) on IBM Linux Platforms

OpenSSL Release Critical Security Update to Fix "Heartbeat' Vulnerability

Summary:
A serious vulnerability in the popular OpenSSL cryptographic library has been discovered that allows attackers to steal information unnoticed. Known as the Heartbleed bug,

Impact:
The vulnerability allows anyone on the Internet to read the memory of systems that run vulnerable versions of OpenSSL, revealing the secret authentication and encryption keys to protect the traffic.
User names, passwords and the actual content of the communications can also be read.
According to the report, The exploit leave no trace that your server had been scanned and sensitive information leaked. 

If you had use the vulnerable version of the OpenSSL to generate encryption keys to secure your web traffic, your site is likely be affected.

In addition, tools had been released and out on the internet for users to scan sites that are vulnerable.

Only 1.0.1 and 1.0.2-beta releases of OpenSSL are affected including 1.0.1f and 1.0.2-beta1.

Solution:
OpenSSL 1.0.1g has been released to address this vulnerability.
Any keys generated with a vulnerable version of OpenSSL is likely be considered compromised and regenerated and deployed after the patch has been applied.

For more information: please refer to the links below

• https://www.openssl.org/ 
• https://www.openssl.org/news/secadv_20140407.txt 
• http://www.itnews.com.au/News/382211,admins-scramble-to-plug-giant-openssl-security-hole.aspx?eid=1&edate=20140409&utm_source=20140409_AM&utm_medium=newsletter&utm_campaign=daily_newsletter
• http://www.us-cert.gov/ncas/alerts/TA14-098A

References:

• CVE-2014-0160
• NCSC-FI case# 788210
• http://www.openssl.org/news/secadv_20140407.txt  
• http://blog.cloudflare.com/staying-ahead-of-openssl-vulnerabilities 
• http://www.ubuntu.com/usn/usn-2165-1/ 
• http://www.freshports.org/security/openssl/ 
• https://blog.torproject.org/blog/openssl-bug-cve-2014-0160 
• https://rhn.redhat.com/errata/RHSA-2014-0376.html 
• http://lists.centos.org/pipermail/centos-announce/2014-April/020249.html 
• https://lists.fedoraproject.org/pipermail/announce/2014-April/003205.html 
• http://www.kb.cert.org/vuls/id/720951 
• https://www.cert.fi/en/reports/2014/vulnerability788210.html 
• https://www.cert.at/warnings/all/20140408.html 
• http://www.circl.lu/pub/tr-21/

3M, SGI and Intel Showcase Advanced Cooling Technology for the "Data Center of the Future"

According to the article from 3M, SGI and Intel Showcase Advanced Cooling Technology for the "Data Center of the Future"

In this proof-of-concept, SGI® ICE™ X, the fifth generation of the world's fastest distributed memory supercomputer and the Intel® Xeon® processor E5-2600 hardware are placed directly into 3M™ Novec™ Engineered Fluid. The 3M Novec fluid is an efficient dielectric that keeps the hardware cooled with minimum additional energy, maximum performance and better reliability. 3M's two-phase immersion cooling technology can reduce cooling energy costs by 95 percent and reduces water consumption by eliminating municipal water usage for evaporative cooling. Heat can also be harvested from the system and reused for heating and other process technologies such as desalination of sea water.

Do take a look at the video 3M, SGI and Intel Showcase Advanced Cooling Technology for the "Data Center of the Future"

Brocade Drivers updates for IBM PureFlex and Blade Centre

Brocade CNA/HBA FC device driver vbfa-3.2.3.0 for RHEL 6 - IBM System x, BladCenter and Flex Systems

The newer models of PureFlex Nodes x240 on-board 10G is from Brocade. If you are using RHEL 6.4/CentOS 6.4, you may want to update the OS with latest Broadcom drivers

Version 3.2.3.0
New Features and Feature Enhancement:

• Support for patching firmware via boot image
• Support for Linux PTP
• Support for UEFI Health Check Protocol
• Support for SLES11SP3
  

Version 3.2.1.1

• Fixes and Enhancements:
• Firmware update to address the thermal notification issue

Mellanox OFED Version 2.1-1.0.6 for Linux Driver is now available

Product Updates

Mellanox OFED Version 2.1-1.0.6 for Linux Driver is now available

• IB Core – Added allocation success verification process to ib_alloc_device
• DAPL – DAPL is recompiled with no FCA support
• Openibd – Added the ability to bring up child interfaces even if the parent’s ifcfg file is not configured
• Ilibmlx4 – Unmapped the hca_clock_page parameter from mlx4_uninit_context.
• Scsi_transport_srp – scsi_transport_srp can't be cleared up when port reconnecting fails
• Mlnxofedinstall – Added support for the “—umad-dev-na” and “—without-” parameters

Relevant Information:

• Mellanox OpenFabrics Enterprise Distribution for Linux (MLNX_OFED)

Mellanox Ethernet EN Driver version 1.9.10-0 for VMware(R) vSphere5.1Ux/5.5Ux is now available.

• Single/Dual port
• MSI-X / Int-X
• NetQueue support
• Multiple Tx/Rx rings
• HW Tx/Rx checksum offload
• Large Send Offload ( TCP Segmentation Offload)
• VLAN Tx/Rx acceleration (HW VLAN stripping/Insertion)
• Ethtool support
• NAPI support
• WOL ( only on supported HW)
• NC-SI
• Auto moderation
• Net dump (Only for ESXu5.5Ux)
• RSS Queues
• Fixed Pass-Through
• 10Gb/s
• 40Gb/s (Only for ESXi5.5Ux)

Relevant Pages

• MLX4_EN Driver for VMware ESX/ESXi 5.x Product Page
• VMware: Firmware - Driver Compatibility Matrix

Hadoop Benchmark

Some Apache Hadoop Benchmark to take note of

1. Apache Hadoop Wins Terabyte Sort Benchmark
2. Hadoop Sorts a Petabyte in 16.25 Hours and a Terabyte in 62 Seconds
3. Sort Benchmark Home Page

Selected Papers from Chelsio comparing T5 and IB-FDR

IBM and Chelsio published a paper comparing the performance of representative HPC applications using Chelsio 40Gb iWARP RDMA against IB-FDR. iWARP over 40GbE consistently performs at parity with or better than IB-FDR, transparently to applications. The paper can be found

• 40GB Ethernet: A Competitive Alternative to Infiniband (LAMMPS, WRF, Quantum ESPRESSO Modelling with 40GB iWARP Technology (pdf)

Chelsio published benchmark results comparing NIC and RDMA performance for Windows 2012-R2 SMB-Direct. RDMA provides a large performance and efficiency boost to SMB, and T5 is the ideal plug-and-play provider.

•  SMB Direct RDMA: 40GbE iWARP vs 56G Infiniband on Windows Server 2012 R2 (pdf)

Chelsio published a benchmark on NFS/RDMA performance comparing IB-FDR and iWARP, again showing the two at performance parity. There is no longer need to compromise on performance or features when choosing Ethernet.

•  NFS with iWARP at 40GbE vs. IB-FDR (pdf)