When your Linux system has problems, there are a number of ways to track down and solve them. In this talk I will discuss my overall philosophy for troubleshooting and then follow up with more specific examples of how to diagnose common problems on Linux systems. This talk will be more server-focused but most things should apply to desktops as well.

Roll: Roger, Bill, Frank, Kyle, Allan

Talk for August: As of yet undecided, still attempting to get in touch with Dane. Perhaps Aaron has a talk prepared?

Kyle's book is out - perhaps this would be a good jumping point for an upcoming talk in a future month?

Roll: Roger, Bill, Frank, Kyle, Allan, Aaron

Talk for September: No speakers are available so Kyle will talk about troubleshooting tips.
We need more speakers and will directly solicit for them during the September meeting.

Kyle will be responsible for posting the upcoming meeting details two weeks before each meeting as well as a reminder two days before the meeting. Roger will be the Nag At Large™ to remind Kyle to send these announcements.

Roll: Roger, Bill, Frank, Kyle, Allan, Aaron

We have several talks lined up!
Oct 13: Sam to talk about SSLstrip
Nov 10: Potential talk from Doug on cross-site scripting
Dec 8: Roger to talk about GNUplot

No other topics were brought up this week.

Many Websites mix secure and insecure content on the same page, like
Facebook. This makes it possible to steal all the data entered on such a
page easily, using Moxie Marlinspike's SSLstrip tool. I will explain and
demonstrate this attack.

Slowloris is a very new layer 7 denial-of-service attack created by RSnake
that stops Apache web servers completely with very low bandwidth--one packet
every 2 seconds. The Apache developers were notified of this vulnerability
and decided it was unimportant and not worth patching. I will explain and
demonstrate this attack, and discuss various ways to protect your Apache
servers.

Cross Site Scripting is the #1 form of attack used in the web world
today. The attack vector usually comes in the form of some sort of
enticement in a forum posting with a bogus link, or a bogus email which
fools the victim into thinking they're doing something to protect
themselves (i.e. changing their online banking password, etc.).

Cross Site Forgery is in the Top 10 but is insidious in that the
victim is the website. This form of attack hijacks valid user
credentials and, unknown to the user, performs actions in their name
which benefit the attacker.

Roll: Roger, Bill, Frank, Kyle, Allan

Upcomming talks:

Dec 8: Linux in your pocket
Jan 12: Roger to talk about GNUplot

A possible speaker approahced us about talking about IPv6 but we agreed that the topic he was proposing was too code-heavy. Kyle will contact the speaker and inquire about a more entry-level talk.

According to the NBLUG Bylaws we should have held an election on the first meeting following the Daylight Saving Time change. I believe we missed this one so we'll have to sort out an election in the near term. Open question - Kyle, do you want to send out a request for nominations prior to the December meeting or should we defer to January?

Roll: Roger, Bill, Frank, Kyle, Allan

Upcomming talks:

Dec 8: Linux in your pocket
Jan 12: Roger to talk about GNUplot

A possible speaker approahced us about talking about IPv6 but we agreed that the topic he was proposing was too code-heavy. Kyle will contact the speaker and inquire about a more entry-level talk.

According to the NBLUG Bylaws we should have held an election on the first meeting following the Daylight Saving Time change. I believe we missed this one so we'll have to sort out an election in the near term. Open question - Kyle, do you want to send out a request for nominations prior to the December meeting or should we defer to January?