Syndicate content

Attacks by ZmEu or w00tw00t robots

Who is ZmEu?

An image showing ZmeuThe name Zmeu (no capital E) is the name of a fantastic creature of Romania. There are so many stories that there isn't a clear understanding of what it is... but it is human like, can spit fire and wants to marry young women.

If you're wondering, it is generally a bad guy.

ZmEu Attack

Today, I noticed a lot of traffic on one of my servers. Looking into what was happening, I immediately found out that an attacker was looking for a loophole in that system. That attack was being performed from China.

Thunderbird is so slow... it's nearly unusable!?

I have been using Thunderbird for a long time and yet I still did not know about the Compact feature.

A while back, i would use my Local Folders to save Junk, Draft, and Sent emails. This is really fast by default. But at some point I had a problem and reverted to using the remote folders which worked.

The problem was that Thunderbird would tell me that my Local Folders were full even though looking at them they were clearly empty.

The way this works is really annoyingly bad:

1. it accepts emails in a file, like the good old days, it uses one file for any number of emails

2. it adds new ...

Why are hotmail.com emails blocked by postgrey even though it is whitelisted?

Lately, I received emails from a customer something like 12 hours later...

So I checked closer and could see that the email was from hotmail.com.

Great.

On the server, I edited my whitelist to see what was going on:

vim /etc/postgrey/whitelist_clients.local

Searching the list I could see hotmail.com, so why is it that it gets bounced with a 450 by Postgrey if it is whitelisted?

Looking closer at the logs left behind by Postgrey, I found this line:

Apr 23 06:33:34 m2osw postgrey[1742]: action=greylist,
      reason=new,
      client_name=<secret>.outlook.com,
      ...

SugarCRM Community Edition for Ubuntu 16.04 with PHP 7

As I wanted to use SugarCRM on my new server, I looked into the Community Edition and apparently the company is not willing to convert their code so it works under PHP 7.

So that would not work on a newer system because the code uses quite a few forbidden mechanism (wrong class definitions, old defunct functions...) and that prevents to even instal the system on your machine.

Now, I have looked closer into it and I am getting a version that works pretty darn well already. I still have some issues here and there, but I think you can already make use of that version. Except for one thing which ...

No Meld Preferences Menu?!?!

In my development, once of the steps is to check the changes I made before I commit them.

To do so, I often use Meld.

Unfortunately, the preferences disappeared and it makes things harder to tweak large changes!

The fact is that my brain does not correctly support the Macintosh like Menu at the very top. (It's not just my brain, it's also the fact that when I move my mouse, it focuses windows automatically, which is the normal X-Windows behavior, and having the menus on the top is not acceptable in that case!)

You remove the menus at the top-right of the screen with:

sudo ...

What is the 255 in "iptables -A INPUT -p icmp --icmp-type 255 -j ACCEPT"?

The following command adds a rule to your iptable firewall:

iptables -A INPUT -p icmp --icmp-type 255 -j ACCEPT

As we can see, the rule accepts protocol ICMP and uses ICMP type 255. Only, if you look for a list of valid ICMP types, 255 is not included.

The fact is that this rule actually says: accept any ICMP type. If you changed the ACCEPT with DROP, it would refuse all ICMP packets. In most cases, it is safe to accept ICMP packets since they do not divulge more information than necessary.

Note that in your firewall script, you may use "any" instead of 255. That will make it ...

crontab -e — change default editor, selected wrong editor

In Ubuntu 16.04, I wanted to add a user cron file with crontab -e, which has a new behavior: the very first time, it asks you what editor you want to use (i.e. nano, vim, ...)

If you choose the wrong one, then next time it does not ask you, it remembers your choice forever, so you'll be stuck.

The nano editor is okay, but difficult to work with if you're used to something like vim.

The data actually gets saved in a hidden file of your home directory named .selected_editor.

# Generated by /usr/bin/select-editor
SELECTED_EDITOR="/usr/bin/vim"

Mine was set to ...

SSL_ERROR_RX_UNEXPECTED_NEW_SESSION_TICKET and ssl3_get_message:unexpected message

Today we had a problem with a combo of website that we never tried to run together.

Looking into it, it was definitely a problem with SSL. However, Apache2 would tell us absolutely nothing about it. No error or access logs. I think this is because it would happen at the time Apache and the client negotiate the SSL connection and Apache does not report such problems (at least by default, it might in case you turn on some debug mode?)

We had two different settings for two websites using the snakeoil certificate (As we test on VM machines, we use the snakeoil certificate as an easy way to check ...

Error trying to upgrade software on an Ubuntu system

Today I got a really strange error. Part of the message was:

E: Encountered a section with no Package: header
E: Problem with MergeList /var/lib/apt/lists/<some name>
E: The package lists or status file could not be parsed or opened.

That seemed really bizarre. I had never seen such an error before...

So I searched for it and one thing to know is that the files under that directory are temporary, so you can actually delete them. apt-get knows how to regenerate them.

So in other words you can do something like this:

sudo rm /var/lib/apt/lists/<some file>
# or ...

Cassandra node says it owns 0%??

Today I ran in a little bit of a problem with an new Cassandra node installation.

After the node was created, I ran nodetool and got this:

 $ bin/nodetool status
Datacenter: dc1
===============
Status=Up/Down
|/ State=Normal/Leaving/Joining/Moving
--  Address    Load       Tokens       Owns (effective)  Host ID   Rack
UN  127.0.0.1  219.83 KiB 256          0.0%              73bd8721  rack1

It took me a little while to find out that the problem was the IP address. Although it clearly says 127.0.0.1 here, the cassandra.yaml configuration file had localhost.

I edited the ...

Syndicate content

Diverse Realty

Diverse Realty Team

Want a New Home?
Want to Sell Your House?

Call Alex at
+1 (916)
220 6482

Alexis Wilke, Realtor
Salesperson
Lic. # 02024063

Cory Marcus, Broker
Lic. # 01079165

     

Terms of Site Index

Find the page/content you are looking for with our index.