Syndicate content


Attacks by ZmEu or w00tw00t robots

Who is ZmEu?

An image showing ZmeuThe name Zmeu (no capital E) is the name of a fantastic creature of Romania. There are so many stories that there isn't a clear understanding of what it is... but it is human like, can spit fire and wants to marry young women.

If you're wondering, it is generally a bad guy.

ZmEu Attack

Today, I noticed a lot of traffic on one of my servers. Looking into what was happening, I immediately found out that an attacker was looking for a loophole in that system. That attack was being performed from China.

Recover name of message registered with RegisterWindowMessage()

Today I was confronted with an error in a process that would run in the background and slowly fill up the Windows message queue when it should have been dormant.

I looked at the messages that were being processed once the process woke up and the message number was 0xC10C or so. Nothing in the software has such a number. So I looked around and found out that the message was one of those created using the RegisterWindowMessage() function. (This is wrong in that application since the messages are never used from external applications, but oh well... that does not change the basic problem.)

So, ...

Cannot connect my Host system to Cassandra running on my Guest VM

I found a different way which is to use the:
Local Network or Host-only Network on your Virtual Machine

Today I did my first full install of Snap on a VM in my Ubuntu development system that runs VirtualBox.

This took me about 1h between getting all the files ready from our own APT repository, and then finding out all the setups needed (we have a few working installations, but we added all the necessary magic with time and did not clearly document all the steps yet... argh! so much to do!)

At some point, I wanted to setup the "domains" and "websites" tables on the VM. ...

CRON Drupal says "HTTP/1.0 302 Found" about "/cgi-bin/ipdiags.ha" (AT&T U-Verse)

I run a few Drupal website and once per hour I run the cron.php script. I do it only once per hour because nothing changes so often on my websites so it would require faster refreshes.

Once in a while (relatively rarely now) I get a list of errors from CRON saying that the checks failed. The errors look something like this:

HTTP/1.0 302 Found
Location: /cgi-bin/ipdiags.ha
Pragma: no-cache
Content-Type: text/html

<html><meta http-equiv=Refresh content=0;url=/cgi-bin/ipdiags.ha>

As you can see, this is a 302 so a temporary error. ...

Adding a group for to a logged in Linux user

Once in a while I want to add my user to a group and then right away make use of that group.

Unfortunately, in general Unix kind of forces you to re-log in for the new group to be attached to your account.

However, a command has been added, a while back, to do just that on the fly. Not something you would want to use in a script, but at least, it works for me when doing a few things here and there.

In my case, I wanted to run QEMU, which I hadn't done in a while, and the system told me that it could not open the KVM, the error: kvm permission denied.

The problem was that I was not part ...

My JavaScript code does not get the correct widget size, why?

As I am developing a set of pages for a customer, I ran in an intersting problem: my JavaScript function could not properly define the sizes of a box.

That box is heavily tweaked with the CSS assigned to it, as well as all of its neighbors. So I thought that may have something to do with it.

What I hadn't realized so far is that the ready() function of jQuery() is called once the script that includes it is ready (as in loaded) and not once the document as a whole is ready (done loading, i.e. onload event.)

With that knowledge it was easy to understand that I was actually finding myself ...

Console color: dark blue on black unreadable

As I work in consoles every now and then, I run in that one problem:

Some text is written in Dark Blue over the Black background:

This is a good example of what I'm talking about.

And if you can read that text, wow! (without selecting it first.

So... how could you change the color of that blue to make it readable? There is a way by sending some escape command to the console:

echo -e "\\e]R\\e]PC6495ed"

That command changes the color of the blue to a light blue (somewhat "cyan", although not light cyan.)

The "\\e]R" part is to reset the colors to ...

Postfix says it does not allow relaying?!

As we are upgrading our server to jump from version 12.04 to 13.04, we encounter a few problems.

Two with Postfix, first the Postgrey port has changed. It was 60000 before, now it is 10023. Don't ask me... Anyway, that was the easy one.

The other problem was a relay error. I could send emails all I wanted, but not my partner who does not show his server as part of our Made to Order Software Corp. network. Relay is why a computer allows emails from server X to be sent to server Y through server Z. You are server Z, that's the relay.

The fact is that if you can log in your account on ...

Quoting to run MS-DOS commands with system()

As I am working on wpkg, a tool to build and manage advanced packages, I encounter problems running MS-DOS scripts. I am not the strongest in that realm. I have been working with Unix scripts for a little over 15 years and MS-DOS scripts are so limiting...

Anyway, to run a batch file, you need to write a script in a file that ends with .bat and to make sure it gets run properly, you want to run it using the %COMSPEC% command using the /c flag.

If parameters to the command include spaces, you want to place those parameters between double quotes. Although some commands are capable of ...

Checking integrity of a Debian installation

You can check that all the packages currently installed on a Debian system (i.e. Debian, Ubuntu, etc.) with many different tools.

Root Kits

I run rkhunter to verify for root kits.

Some hackers replace a well known command such as ls or cat with a version that takes over your computer by becoming root without your consent and then hacking your system in all sorts of ways. In most cases, just the feat of installing such a tool requires the hacker to already have root access, so it generally doesn't happen, but better safe than sorry!

File Changes

I use tripwire to verify that ...

Syndicate content Syndicate content

Diverse Realty

Diverse Realty Team

Want a New Home?
Want to Sell Your House?

Call Alex at
+1 (916)
220 6482

Alexis Wilke, Realtor
Lic. # 02024063

Cory Marcus, Broker
Lic. # 01079165


Terms of Site Index

Find the page/content you are looking for with our index.