Google Providing Invitations to Google Voice

The Google Voice service allows you to have one phone number reach you at any of your other phone numbers whether it be your home, work, or mobile.

From the Google Blog:

Invite a friend to Google Voice: "(Cross-posted from the Google Voice Blog)

Since the debut of Google Voice, our early users have shared lots of feedback that has led to some exciting new features, like the ability to receive SMS messages via email and the option to change your Google Voice number. But one of the most frequent requests we've received is for the ability to share Google Voice with friends and family.

Starting today, we're beginning to give out invitations to Google Voice users. If you currently use Google Voice, over the next few weeks, you'll see an 'Invite a friend' link appear on the left-hand side of your inbox.


We'll be rolling out these invitations gradually, so don't worry if you don't see your invitations immediately. We're initially giving out three invites to each account, but we're planning to provide more invitations in the future.

If you don't have an account yet, you can request a Google Voice invitation at google.com/voiceinvite.

Posted by Craig Walker and Vincent Paquet, Product Managers, Google Voice

RHSA-2009:1490-1: Moderate: squirrelmail security update

If you use Squirrelmail on your Redhat based servers be sure to upgrade.

RHSA-2009:1490-1: Moderate: squirrelmail security update: "Red Hat Enterprise Linux: An updated squirrelmail package that fixes several security issues is now
available for Red Hat Enterprise Linux 3, 4, and 5.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team. CVE-2009-2964"

Latest udev Package Causes Kernel Panic

Be forewarned: I just installed the latest udev update onto two of my CentOS 4 servers and it caused a kernel panic.  After resetting the servers, they have come up fine.  I am still researching as to what caused the problem.

UPDATE: I believe the problem was caused by an outdated kernel.  We were running 2.6.9.

ClamAV 0.95.1 Packages on CentOS 4

Today I ran yum update on my mail server and noticed that the ClamAV packages were set to be upgraded. Trusting rpmforge’s packages as I do, I ran the updates and attempted to restart clamd and clamav-milter services.  This is where my problems began.  When attempted to start clamd I received the error:

ERROR: LogFile requires full path. 

When I reviewed the clamd.conf file the LogFile line read:

LogFile unix:/var/log/clamav/clamd.log

I’ve never seen the unix: prefix in a path before so I removed it.  When I did clamd started right up.  Then I looked that messages logfile and saw the following line:

clamav-milter[19418]: No clamd server appears to be available

I looked in the clamd.log file and saw that is was set to LocalSocket /tmp/clamd.socket, but the clamav-milter.conf was looking for clamd’s socket at unix:/var/run/clamav/clamd.sock.  So I changed the ClamdSocket line to unix:/tmp/clamd.socket (to match clamd.conf) and restarted clamav-milter.  Then the error messages went away.

Apparently the 0.95.1 version also turns off the X-Virus-Scanned headers as well.  I turned that back on in the clamav-milter.conf file. 

 

Apparently there was a major architectural change in ClamAV 0.95.

UPDATE: A new set of packages was released this week.  I don’t know if they fix the problem, but I suspect they caught their mistake.

GrandCentral SSL Error

FYI.  Google’s GrandCentral site has an expired SSL certificate.  I’ve already contacted them about it via their support site.  I’m sure they’ll have it remedied soon.

Microsoft Releasing an Out-of-Band Security Update for Internet Explorer

 

Update Tuesday came and went this week with a few updates, but a vulnerability has been exposed for Internet Explorer versions 6-8 on Windows XP, 2003, Vista, and even 2008.  Microsoft has decided to release and out-of-band security update for this vulnerability due to its critical nature.  Unfortunately this zero-day exploit has not fix yet from Microsoft.  The update is expected to be released sometime today.  Be sure to sync up your WSUS servers after the exploit has been released. 

Remember my tips to subscribe to important security lists to stay on top of your networks.

Read Microsoft's Security Advisory

Server Updates

Every sysadmin knows that software of all kinds needs to be updated.  Sometimes the updates provide new features and enhancements, but many times the updates are bug fixes and security patches.  Keeping your servers, desktops, and software up to date can help prevent your networks from being comprimised.  

I've compiled a short list of best practices I use for patch management:

1. Schedule your patch management on a regular basis.  It is easy for the busy sysadmin to be distracted by all the end-users' needs which to them are always critical.  Prioritize a time for updates where you will not be distractec.  This may need to be after hours if necessary.  Many Windows updates require system restarts so be sure to schedule the restarts to minimize downtime, and be sure to check that the servers and services come back up afterwards.
2. Subscribe to mailing lists and/or rss feeds that provide you with information on exploits, patches, and security notices for the specific software you run.  Visit your vendor's website to see if they have these options available.
3. Keep a log of your patch installations.  I've created an Excel template that I print each week to record the packages and updates that I install on my Linux and Windows servers. Should something break due to the updates I will know exactly what has changed.