Previous month:
April 2005
Next month:
June 2005

S. Koreans make tailored stem cells

S. Koreans made a significant announcement today: they have managed to produce human stem cells which are tailored to a particular person. This raises the possibility of treatment with stem cells without the risk or rejection. The method involves substituting the donor ovum’s DNA with the patient’s, and allowing an early embryo to develop. The stem cells are extracted before the embryo becomes viable.

Elsewhere, some UK scientists were able to clone an embryo using a donor ovum and DNA from stem cells.

Interesting times, indeed. I haven’t really thought about the ethical questions which these procedures bring up, but they are, of course, difficult since both procedures involve getting a human embryo started.

Listening to Chicago from the album “Sufjan Stevens: Illinois” by Sufjan Stevens

A little action

So, a bunch of crackers had broken into our server, and it was discovered yesterday. It was a flaw in awstats, which is a webserver statistics report-producing package. It runs as a CGI script under the apache user, and it didn’t sanitize input, so arbitrary shell commands could be run. Anyway, suffice it to say that we got scanned, they found the out of date awstats, installed an IRC bot kit which included an inetd, a shell, and a fake klogd. It was downloaded from, in a tarball named ake3.tgz; I recommend you not go to that site if you are running Windows.

Just about an hour’s googling led me to it, and then a little more time perusing syslog, httpd logs, and the process accounting log (boy, am I glad I turn that on by default). The process accounting log was indispensable: it showed exactly what commands were run by the user apache. I am not sure how long they were on. It could have been since before yesterday: I had noticed that I was getting k-lined from Undernet, and was pretty confused. I wonder if it was because they were running lots of traffic on Undernet, which is what they were connected to. Well, I cleaned out their stuff, killed their processes, killed their crontab, and we’re clean, again. Oh, and I dropped awstats. I don’t need that kind of aggro.

Live and learn. I’m just glad that this was a pretty low-level intrusion: just a bunch of script kiddies. They only managed to get to the apache account, and not root.

Here’s a detailed presentation on the awstats flaw.