Syndicate content


Attacks by ZmEu or w00tw00t robots

Who is ZmEu?

An image showing ZmeuThe name Zmeu (no capital E) is the name of a fantastic creature of Romania. There are so many stories that there isn't a clear understanding of what it is... but it is human like, can spit fire and wants to marry young women.

If you're wondering, it is generally a bad guy.

ZmEu Attack

Today, I noticed a lot of traffic on one of my servers. Looking into what was happening, I immediately found out that an attacker was looking for a loophole in that system. That attack was being performed from China.

Hacking my NVG510 device

Earlz found a way to hack the NVG510 device and wrote a page about it: Rooting The NVG510 from the WebUI

He also offers a page that one can use to allow telnet connections to the NVG510 (by default it is locked up.) From there you can allow ssh and tftp connections too.

Note that this means if you are logged in your NVG510 and you click on a link on a bad server, you could actually allow remote connections from anyone! So that's a dangerous back door, although if you are not logged in the Web interface, then it is fine (assuming you do not then log in without thinking!?)

Just in case ...

md5sum for MS-Windows

Today I needed to test a transfer from a file system to another making sure that a 750Mb file was being tranfered correctly. For this I wanted to run an md5sum on the file from the native OS (MS-Windows) and then on the target OS (Linux).

I found a nice utility that worked right in and returned the correct result (what I'd expect.)

MD5sum by Jem Berkes, SysDesign

Attack by Bots

Since the ZmEu attack, I've been watching my logs a little closer. I also found a page that I could not read (but Google could and was kind enough to provide a cached version.) That page listed many bots that are not nice bots. So? I decided to block some of them, especially those that use very bad URLs or load many pages too quickly.

The result is that I'm getting more and IP addresses in my firewall. Although they get removed in a schedule that I will not state here, I can tell you that each time I block tenth when not hundredth of useless hits (worst than that at times those could be

nice and ionice for Linux users

By default, a computer system gives each process the same priority level in regard to accessing your hard drive.

With newer versions of Linux, it is possible to use two other priorities: one where I/O is not primordial and thus you do not get it if anyone else wants it, and one where you want to work in realtime and have priority over anyone else.

This is achieved with the ionice command line (or corresponding kernel calls.)

This is particularly useful if you want to copy a partition to another and you know that it will take 20 minutes to copy everything... and thus the computer will be ...

Syndicate content Syndicate content