Questions and Answers
Bjorn Satdeva In the May column, I wrote about the security risk with Postscript. I mentioned that it was based on the programming language Forth, which caused a frustrated reader to write to me stating "I know Forth, and Postscript is certainly not Forth!" I cannot claim that I know Forth; I worked with it very briefly more than 10 years ago when a co-worker tried to convince me that it was the best invention since sliced bread. However, it did not appeal to me, and I have not used it ever since. On the other hand, the statement that Postscript is based on Forth has been made by numerous people in the security community over the years, so I decided to get to the bottom of this. Postscript is a graphical page description language invented by Chuck Getsche and John Warnock (the President and CEO of Adobe). Its syntax looks a little bit like Forth, because it is derived from Forth; however, Postscript's internal implementation has nothing to do with Forth. Postscript was written from scratch. So, now we all know the correct story. Nevertheless, it does not change my previous statement about the security risks of Postscript. Postscript allows embedded commands, such as removing a file, to be executed, so you still need to be aware of these risks. Some other comments to the May article were in regard to the question about wanting xlock to log occurrences of failed access. One suggestion was not to log password information. This is certainly always true. Another reader provided reference to an implementation that will syslog failed attempts. This modified xlock program, xlockmore-3.8, is available at:
ftp://ftp.x.org/contrib/applications/xlockmore-3.8.tar.gz
To enable the syslog functionality, it is necessary to enable -DSYSLOG in the Imakefile before running xmkmf. In the June issue, I mentioned the need for system administrators to keep track of their time. Since then, I have found a neat tool that can help with this, and I have been using it with great results. It is a small gadget slightly bigger than a pager that is manufactured by the Stratos company. It is called "The Time Machine." This is probably a valid name, but I cannot help associating "Time Machine" with H. G. Wells' novel about traveling back in time. This gadget will not allow you travel back to yesterday to do the backup you need to restore that disk today (although that would certainly be useful). It will, however, allow you to keep track of how you spend your time. The product actually consists of two parts, one is the abovementioned gadget, and the other is some software that runs under MS-Windows. Using the supplied cable, you can load information about the tasks you want to track. When starting a new activity, you just select the category, then push a bottom to start an internal timer, and push the same bottom when the task is complete (or interrupted). Later, you can download the collected data into your PC and generate reports showing how much time is spent on various activities. Although this tool probably is mainly aimed at consultants, lawyers, and other people who charge for their time, I think it could be a very valuable tool for all people who need to keep track of how they are spending time, if only to make themselves more effective. If you manage a group of people, you can supposedly combine them into a single database and generate a single report showing how the time has been spent for the entire department. I have not yet tested this, but I would think it should be able to generate highly valuable data for those who need to justify the budget for the system administration group, for example. I am by no means overwhelmed by the quality of the current implementation of the concept. Both the hardware and software could use improvements, and the very flimsy user's manual needs to be completely redone. In spite of its shortcomings, I still consider this tool one of the best productivity enhancement tools I have seen in a long time. If you are interested in checking out the Time Machine, you can order it from "Hello Direct" (http://hello.direct.com). Customers have 30 days to return the product if they do not like it, so a trial run is relatively risk free. The purchase price is just under $300. One noteworthy event that took place during the past month was the security seminar put on by Sun Microsystem and conducted by Dan Farmer and Wietse Venema. They are probably best known for their collaboration on the SATAN security scanner, but they have done other work independently, such as Dan Farmer's COPS and Wietse Venema's TCP Wrappers. The seminar was a one-time event and was mainly held as part of the collaboration on a new project writing a book on security and security audits. Dan Farmer hinted that the slides would be put up on his ftp server, ftp.fish.com, for anonymous retrieval. If and when that happens, I will publish the URL in this column. Tool of the Month For the tool this month, I have zeroed in on top. top is a ps alternative, written by William LeFever. Although ps will give you a single output listing all the active processes; top will limit itself to show only the top 15 active processes, and will update this information every 5 seconds. In addition, top will show other useful information, such as the number of active processes, the number of inactive ones, and the current load average of the system. top provides a very nice tool for continually monitoring which processes are running on the system, and what kind of load they are placing on it. If you are running top regularly on your important systems, it will provide you with a good feel for what is "normal" for those systems. This could make it easier to determine the cause of problems when things start acting abnormally. top is ported to a large number of BSD-based systems. It is ported to at least some System V-based systems, but depending on the flavor, it might not be available for all of your platforms. top is available from the system administration ftp archives at:
ftp://ftp.sysadmin.com/pub/admin/tools/hosts/top
You can get some of this information by running tcpdump, and recording the output. It is, also relatively trivial to write a Perl script that will count the various packets, thus, you will get an idea of the type of traffic you have and will be able to get some understanding of what is using up your bandwidth. This will not, however, take into account the size of the packets. These tools, together with the netstat -s command, will help you get some feel for what is going on in your network. If you are finding that you have lots of NFS traffic, nfswatch and nfstrace can be of value, too. Both of those, and tcpdump as well, are available from the system administration ftp archive on ftp.sysadmin.com.
You will find the uncompressed sources to both programs in the system administration ftp archives:
ftp://ftp.sysadmin.com/pub/admin/compress
About the Author
Bjorn Satdeva is the president of /sys/admin, inc., a consulting firm which specializes in large installation system administration. Bjorn is also co-founder and former president of Bay-LISA, a San Francisco Bay Area user's group for system administrators of large sites. Bjorn can be contacted at /sys/admin, inc., 2787 Moorpark Ave., San Jose, CA 95128; electronically at bjorn@sysadmin.com; or by phone at (408) 241-3111.
|
I have a medical system, and I need to run an automated
routine. What
I'm trying to accomplish is this: Enter application,
make selection
through multiple screens, print report to file. Is there
a utility that
can record these functions and have it saved to a filename?
Any input
would be appreciated.
Depending on the nature of your application, you might
be able to use
the script command to capture whatever you type. script
was designed to
work with plain ascii terminals. If your application
uses menus
displayed on a basic terminal, it might be usable, but
will need
editing, as it also saves the output printed to the
terminal. If the
application uses a X11-based solution, you are out of
luck.