Hi guys! Do you know Meiwa Denki (明和電機)? That is the Meiwa Denki whose performances I love. Their performances you can see on YOUTUBE and here is the video that BBC introduces them.
Mr.Knocky, I rolled on the floor laughing for the first time in several months. 土佐さん is always a genius, don’t you think so? (^_~)
Recently, I had two inconvenient things. One is about IE11 on Windows7 and the other is about phpMyAdmin version on the service of WebCrow. Yes I know, these things aren’t grouped together because their levels are very different.
The thing about IE11 on Windows7 is this (Credential authentication does not work if you paste credential information by using the Paste shortcut menu command in Windows 7 or in Windows Server 2008 R2). This looks one of the well-known issues. OK, I need not the Hotfix of KB2547752. OK, I can do CTRL+V or anything. But about the trouble the most frustrating for me is IE11 on Windows7 shows me ‘●●●●●●●●●●’ as if the procedure is normally ended when I use a right click and paste. ‘Don’t Use the Paste shortcut menu command’ is an old story, so itself is no problem. But if it’s requested, they should not make IE show ‘●●●●●●●●●●’. Grrr.
The other is phpMyAdmin version is 2.11.x.x on WebCrow. This version does not have Configuration storage, so I cannot use the feature bookmarks. Very inconvenient! I realize I am dependent on the feature everyday life, ha-ha-ha.
Apache HTTP Server 2.4.10 was released. It includes five security patches. It has a new module named mod_authnz_fcgi, so httpd.conf has a following added line.
#LoadModule authnz_fcgi_module modules/mod_authnz_fcgi.so
On the Windows version it was upgraded pcre from 8.34 to 8.35 and APR from 1.5.0 to 1.5.1.
I downloaded httpd-2.4.10-win32-VC11.zip (17 Jul) from the ApacheLounge for my Windows7 server. If you need the information about Apache 2.4.x configuration on Windows, see my post ‘To create a Wamp-like Web Server in Windows7-#1.‘.
I’ve got an email from No-IP because I use a No-IP domain for my net radio. Its title is ★ Update to Microsoft Takedown – All Domains Restored ★. Of course, it’s related to “Microsoft takes on global cybercrime epidemic in tenth malware disruption“. The original article has gone, so I link to the history in The Internet Archive (2014.9.24).
Hey! No-IP. Are you doing OK from now?
Edit(Jul.11):
Today, I have the second email from No-IP.
No-IP gives us more information on the page “Update: Details on Microsoft Takeover“.
Anyway, congratulations for surviving, No-IP.
Whew, I had a terrible time. However, I cannot complain to anyone because that was my own fault.
Yesterday, while I was writing about the article related to phpMyAdmin and MariaDB, I saw the error log of MariaDB and found some errors on it. I thought they came from my manual update. So I started messing around with MariaDB to solve them, had so enthusiasm to it and fell into a pitfall, grrr. As I did multiple things for the time, I could not understand what gave me such wrong conditions really. What a goofy situation!! I make such a blunder every few years, oops.
I gave up to restore the MariaDB after all and re-installed MariaDB 10.0.12. Now, I think it was better to re-install it from the first. But I did not back up the latest data for a change, so I couldn’t give up restoring the old state easily. Danger past and God forgotten. I can’t believe my deficit in learning ability, he-he.
As a result I lost three articles.
All have come back. But very early in the morning now. Exhausted!
I updated my Apache 2.4.9 to 2014 5 Jun version because of OpenSSL Security Advisory [05 Jun]..
It is built with ‘IPv6 Crypto apr-1.5.0 apr-util-1.5.3 apr-iconv-1.2.1 openssl-1.0.1h zlib-1.2.8 pcre-8.34 libxml2-2.9.1 lua-5.1.5 expat-2.1.0’. Its Changelog.
I really appreciate Steffen’s hard and quick work. Thanks again, Steffen.
Edit(Jun.9):
I found this on the Net, so linked to it as a reference.
OpenSSL Patches Critical Vulnerabilities Two Months After Heartbleed
phpMyAdmin 4.2.0 is released. Here is the ChangeLog. I’ve updated.
I downloaded a phpMyAdmin-4.2.0-english.zip, extracted it, copied my old config.inc.php to the phpmyadmin folder made by extracting, and uploaded all of them to the server (See “To create a Wamp-like Web Server in Windows7-#3.“).
By the way, when I compared the new config.sample.inc.php with my old one(=Ver.4.1.x), I found two lines were lost and seven lines were added.
The lost lines.
At /* First server */ area
/* Select mysql if your server does not have mysqli */
$cfg[‘Servers’][$i][‘extension’] = ‘mysqli’;
Does this mean they don’t support mysql modules anymore? (I noticed ‘Added warning about the mysql extension being deprecated and removed the extension directive’ in the ChangeLog.)
The added lines.
At /* Storage database and tables */ area
// $cfg[‘Servers’][$i][‘favorite’] = ‘pma__favorite’;
// $cfg[‘Servers’][$i][‘savedsearches’] = ‘pma__savedsearches’;
As a new parameter of the configuration
/**
* Whether to display icons or text or both icons and text in table row
* action segment. Value can be either of ‘icons’, ‘text’ or ‘both’.
*/
//$cfg[‘RowActionType’] = ‘both’;
So, when I logged on the new phphmyadmin at the first time, I got “The phpMyAdmin configuration storage is not completely configured, some extended features have been deactivated. To find out why click here.”.
By a clicking, I got the next three alerts.
$cfg[‘Servers’][$i][‘savedsearches’] … not OK [ Documentation ]
Saving Query-By-Example searches: Disabled
I had instructions, too.
Quick steps to setup advanced features:
Create the needed tables with the examples/create_tables.sql.
Create a pma user and give access to these tables.
Enable advanced features in configuration file (config.inc.php), for example by starting from
config.sample.inc.php.
Re-login to phpMyAdmin to load the updated configuration file.
To create the tables with the examples/create_tables.sql or by your hand, it is your choice. Further information about this, see “Configuration storage“. As I already had the pma user, I created the two tables manually. Then, I edited nine lines above in my config.inc.php, and removed “//” from the head of the next lines.
$cfg[‘Servers’][$i][‘favorite’] = ‘pma__favorite’;
$cfg[‘Servers’][$i][‘savedsearches’] = ‘pma__savedsearches’;
I re-logined to phpMyAdmin to load the updated configuration file. Mission complete.
I updated my Apache 2.4.9 to 2014 Apr 8 version because of CVE-2014-0160.
It is built with ‘IPv6 Crypto apr-1.5.0 apr-util-1.5.3 apr-iconv-1.2.1 openssl-1.0.1g zlib-1.2.8 pcre-8.34 libxml2-2.9.1 lua-5.1.5 expat-2.1.0′. Its Changelog.
I really appreciate Steffen’s hard and quick work. Thanks again, Steffen.
Edit(May.13):
This vulnerability also has effects on everyday life as I’ve worried about. Some OS of smartphones might have the vulnerability. I’ve found the list out. ⇒ The list of Android phones vulnerable to Heartbleed bug
And you can check your smartphone OS about the vulnerability by the Heartbleed Detector App.
I add three sites about Heartbleed detector you can access by a PC.
Heartbleed test
heartbleed test
Trend Micro Heartbleed Detector (does not exist anymore.)
Apache HTTP Server 2.4.9 was released, and they did not release 2.4.8 because of an issue about OpenSSL area. So we’d better think 2.4.9 includes the changes with 2.4.8.
I downloaded httpd-2.4.9-win32-VC11.zip (16 Mar) from the ApacheLounge for my Windows7 server. If you need the information about Apache 2.4.x configuration on Windows, see my post ‘To create a Wamp-like Web Server in Windows7-#1.‘.
I watched “さくらのVPSに来る悪い人を観察する その2” and “SSH ハニーポットでの悪い人の観察“, then rolled on the floor, laughing. I first found this on “徳丸浩の日記” which reads the slide show is very interesting and very popular lately, so I went to the slide show to be sure it and agreed with it.
The slide show is related to CVE-2012-1823. Actually, the attacks the slide#36 shows come everywhere whether the vulnerability exists or not. My server is no exception. I don’t create SSH server, and my PHP doesn’t have the vulnerability nor isn’t CGI version, so all attacks failed though.
Ozuma5119 is a genuine white hacker. If you’re up for this topic, visit the linked sites though they are only in Japanese. Please use some translation services m(_”_)m.