Jeff

there is no /proc/megaraid/ or /megeraid folder anywhere but for the drivers. The Dell website only has old kernel files, nothing for 2.6.x

I have been looking for the proper MegaRaid CLI utility but have come up empty, just stuff for an older 2.5 kernel

the controller is an LSI ROMB PERC4e/Di RAID Controller

The server is at a COLO HW ROMB RAID on a Dell 2850 /var/log/dmesg only shows the ARRAY as a whole, not the drives in it, nor does it display the SN of the backup drive outside the array. I'll probably reboot next week after the forum update and look in the RAID bios then. I'm not sure if that will tell me or not.

I did give that a shot, but since it is in an ARRAY, I can not seem to access VPD page [0x80] where the SN# is stored. It works fine in a non RAID setup. All that shows is the megaraid info /dev/sda: MegaRAID LD 0 RAID5 69G 521S

A few months back, we had a SCSI HDD fail as part of a RAID5 array. I had the new drive shipped to the DC and installed. Locally I keep track of the drive serial numbers for warrantee information, but I was not able to get the new drive SN# when it was installed. I would like to know if it is possible to get he HDD SN# from the command line some how. I can not use hdparm –i since the drive is not IDE and specifying /dev/sda does not help. Is the drive information stored someplace in a text file that I can view, or retrieve another way? I thought SCSI information was logged into a file at boot, but I see nothing in /proc Rebooting and watching POST does not help either as only the model, not the serial number is displayed. Anyone have a clue?

Thank you

probably not, It would most likely happen the next time you booted, or if you received an email from someone else who had the virus. Just make sure your anti-virus software is updated, and your firewall is configured correctly.

you should be able to set the company net as a trusted source and not have a problem with it

I have only seen dongles like that to protect software piracy, but that can be cracked too. I like the idea of hardware, but the problem with that USB device, is unless it is the actual WIFI receiver, all info has to pass unprotected from the wireless card in the laptop to the USB port. I'm no expert, but I would not use a device like that. The main reason is I dislike things protruding from my laptop. I want it mobile for a reason, and that is just something to get knocked around or knocked into and break.

Critical Symantec bug hits 40 products The security bug that RoARed By John Leyden Published Thursday 22nd December 2005 12:24 GMT A flaw affecting many Symantec security products - both consumer and enterprise - has been discovered. Users of Symantec's Norton Internet Security 2005, Norton AntiVirus 2005, Norton Antivirus for Macs, corporate anti-virus apps and Brightmail anti-spam software (among others) all need to apply patches following the discovery of the "critical" security bug. In all 40 packages are affected. The vulnerability stems from a flaw in an library component (called Dec2Rar.dll) involving the processing of RAR archives. This vulnerability can be exploited as a means to inject hostile code onto vulnerable systems when a malicious RAR file is scanned. The flaw affects Dec2Rar.dll version 3.2.14.3 and potentially hits all Symantec products that use the library file, hence the large number of affected packages. Click Here Users are advised to update their software, as explained in Symantec's advisory here. The glitch was discovered by security researcher Alex Wheeler, who's discovered many similar patches in anti-virus packages over recent months, most of which involve the processing of various types of archive file.

Santa worm is coming to IM Someone's been naughty. Very, very naughty. By electricnews.net Published Thursday 22nd December 2005 10:16 GMT Get breaking Security news straight to your desktop - click here to find out how A new virus is taking advantage of the Christmas-time custom of sending cards and joke attachments to spread itself among users of instant messenger software. The IM.GiftCom.All, or Santa Claus worm presents itself as a harmless image of Santa Claus and appears to be sent from someone known to the recipient. If victims click the file a worm is loaded on to their computer. The worm then sends the same message to everybody on that person's address list. Click Here The virus is part of a growing pattern whereby instant messaging programme users are being targeted by the writers of malware. The Santa Claus virus is just the latest instant messaging virus to be making the rounds, targeting the chat programmes provided by AOL, Microsoft and Yahoo. The worm was identified by IMLogic, which develops enterprise instant messaging software. "There isn't huge awareness surrounding the risks of instant messaging viruses," Eamonn Phelan, senior consultant at Topsec Technologies told ElectricNews.net. "People need to ensure that their firewall is on and that their anti-virus software up to date." Such worms are less successful than ones sent via e-mail, since they can only be delivered successfully if the recipient is logged on when the virus is sent. This is in contrast to an e-mail virus, where the malware can be activated at a later point when the victim logs on. In both cases the virus is only activated if the recipient chose to click on the link Home users are more vulnerable than corporate users, because most companies prevent their employees from using instant messaging software. Network administrators block chat programmes to prevent employees from getting distracted from their work, as much as to block viruses. Santa's name is also being invoked by spammers selling fake luxury watches. These unsolicited e-mail messages contain a detailed recipe, including ingredients and instructions, on how to make "Santa's Chocolate Sleigh Bell Cookies". The spammers also provide a link to their website, which then offers to sell the fake watches.

honestly I can't recommend one. I have not found one I really like that is easy to configure. That all take quite a bit of fiddling to get them to work properly. If it seems too easy to set up, it probably is not filtering enough. It is a poor tradeoff.

yes, you don't want to run more than one firewall at a time. Microsoft Firewall is very poor, it should not be relied on. Also, it is only an inbound firewall, not an outbound. Here is something interesting.... most modern firewalls automatically disable the Microsoft firewall when they are installed. Now if those programs can disable it, don't you think a virus can too Other firewalls are not able to be disabled by programs like the Microsoft firewall can.

Through the years since we opened the supporter gallery, it has taken on a few different forms. I think all the updates have been good, but have at times changed the location on files. What that means to the user is that links they have posted may become broken and show the dreaded red X Well I am planning on doing it again I want to make Greytalk more portable, and to do that, I need to put everything into one main area on the server. Currently we have 2 main areas, greytalk.com and forum.greytalk.com More then just links, they are actually separate areas in the server. Why do this? As you saw a few weeks ago, we moved to a test server during a main server outage. I can easily move the forum, and I can easily move everything else, but I can not easily get them to interact with each other as we have now, and I think that functionality should be in place as a safety measure. I will try to set up a simlink so that current links function, and redirect to the new location. I have done the same thing for http://greytalk.com/~forums That location no longer exists, but the link still works. So basically and hopefully your image links will still work, but they may not, just be forewarned. This will happen once we upgrade the main forum. I was hoping the update would be available this week, but that did not happen. Hopefully next week. I have been working with the .3 release of the new software testing and getting things ready, but I wanted to wait for one more point release to grab any little bugs before going live. That will be a .4 release. I hope to get that done before the new year. It will require some down time, and I'll give you the test server to play with again when that time comes. Stay tuned.

The windows built-in firewall is not sufficient, no. By choosing to open the email, you pretty much bypass the firewall, they are designed to stop forced entry, not so much email virus, but that is where your virus scanner comes in. Your virus scanner if updated, and designed to scan emails before you open them, should catch things like that. Always be sure you have the latest virus definitions for your virus scanner, most new ones, download those definitions automatically and check for them at least daily, if not every few hours. I don't have a personal recommendation for a firewall. I am behind a hardware firewall, plus also run a software firewall (ZoneAlarm Pro) but even knowing what I am doing, ZoneAlarm is a bear to setup and use, so I don't really recommend it.

I just post the virus warnings I see. When the last big one hit, we got a bundle of email to our helpdesk, that is because many of the GT users were infected and didn't even know it. The virus sent to everyone listed in the persons inbox, our helpdesk included. It became worse after SS started because 360+ people now have the address to the helpdesk, and however many of those infected now send to us. I find it funny when people say "I've never had a problem, or a virus" but the fact of the matter is... you may not know you do, but all the people in your inbox sure know that you have a problem!

not really, malware and virus can also be spread from malicious web sites, or implanted if your computer is hacked into, but the most common way is through email or online downloads.

Macs are not immune http://www.theregister.co.uk/2005/12/01/secfoc_macos/ http://www.theregister.co.uk/2005/09/19/sy..._threat_report/

yeah, Norton is pretty much crap, but you don't want to run more than 1 software firewall at a time. If you are happy with Norton keep it, if not uninstall it and get your computer back from the Norton grasp.

never open stuff like that, but no, that in itself is not enough. Install a decent virus scanner there are good free ones available http://www.avast.com/eng/avast_4_home.html (Free) Avast - What I use http://www.grisoft.com/doc/289/lng/us/tpl/tpl01 (Free) AVG - also very good Also install a firewall http://smb.sygate.com/products/spf_standard.htm (Free) Sygate

Security outfit iDefense is reporting that the next Sober worm attack will take place on 5 January - the 87th anniversary of the founding of the Nazi party. The information has been gleaned from breaking encrypted code in the latest version of Sober which dominated the November anti-virus ratings. According to iDefense, "the November 22 variant is designed to download an unknown payload of code on January 5, 2006". Click Here As we reported last month, Sober accounted for "one in every 13 emails sent and 42.9 per cent of all viruses reported to Sophos" in the November threat chart. The last variant was delivered as an email attachment to messages - either in German or English - allegedly emanating from police agencies warning users they are under investigation for visiting illegal websites. Once the attached file is run, the worm "scans the user's hard drive for email addresses, in its search for fresh targets for infestation". It also tries to disable security software on infected Windows PCs. Regarding the apparently political timing of the next expected assault, Joe Payne, vice president, VeriSign iDefense Security Intelligence Services, said: "This discovery emphasizes the ever-present and often underestimated threat of 'hacktivism' - combining malicious code with political causes. Exposing this latest variant required technical and geopolitical analysis that connected the dots to give enterprises and home users plenty of time to shore up their defenses."

Yes, open your album, at the bottom, there are 'Sort' options

The gallery update this weekend changed the links to many images, and if your signature came from there, odds are the link is not not working. Please update your signatures to the correct links. If you can not figure it out, please open a support ticket. :redx

and another for aol The remote system 64.12.116.66 was logged attacking this host. 64.12.116.66 was found to have exceeded acceptable inbound packet flow