Syndicate content

COM

Attacks by ZmEu or w00tw00t robots

Who is ZmEu?

An image showing ZmeuThe name Zmeu (no capital E) is the name of a fantastic creature of Romania. There are so many stories that there isn't a clear understanding of what it is... but it is human like, can spit fire and wants to marry young women.

If you're wondering, it is generally a bad guy.

ZmEu Attack

Today, I noticed a lot of traffic on one of my servers. Looking into what was happening, I immediately found out that an attacker was looking for a loophole in that system. That attack was being performed from China.

My Embedded YouTube Video Disappeared

Embedded videos from YouTube.com used to work just fine on my website.

Today, though, I just noticed that my video was not showing up on one of my pages. Looking into it, I found out that the problem was the protocol.

I'm not too sure whether it was my browser or YouTube,com (although I'm not too sure how YouTube.com would know...) but the fact is that the iframe source was using HTTP and the page I was viewing used HTTPS.

By editing the page and changing the YouTube.com video from HTTP to HTTPS resolved the issue. It is generally much better to always use encryption anyway.

How to find fail2ban errors when logs/errors don't make it anywhere?

Today I noticed that my fail2ban wasn't running.

Looking into it, I could see that an error was happening on startup. This pretty much always mean that something's wrong in the configuration files.

sudo systemctl start fail2ban
Job for fail2ban.service failed because the control process exited with error code.
See "systemctl status fail2ban.service" and "journalctl -xe" for details.

However, somehow, systemd would not show me the error with the status or checking the journal and it would not write anything to the /var/log/fail2ban.log file which stayed ...

Why are hotmail.com emails blocked by postgrey even though it is whitelisted?

Lately, I received emails from a customer something like 12 hours later...

So I checked closer and could see that the email was from hotmail.com.

Great.

On the server, I edited my whitelist to see what was going on:

vim /etc/postgrey/whitelist_clients.local

Searching the list I could see hotmail.com, so why is it that it gets bounced with a 450 by Postgrey if it is whitelisted?

Looking closer at the logs left behind by Postgrey, I found this line:

Apr 23 06:33:34 m2osw postgrey[1742]: action=greylist,
      reason=new,
      client_name=<secret>.outlook.com,
      ...

Convert XML tags and text to a String

Today I started testing a lot of my JavaScript / jQuery code from a website I am building for a customer. I got an error, at some point, saying:

SCRIPT5007: Unable to get property 'replace' of undefined or null reference

The error was in link with the 'replace' function being referenced on an innerHTML of an element. More specifically, one of those XML element (probably the top most one.)

The fact is that Internet Explorer does not support innerHTML in an XML document. Not to be too surprised about that, XML is not HTML so there is really no reason why innerHTML should be ...

Lost SSH key graphical prompt and auto-add to SSH agent

At some point in the past, my system somehow lost the ability to avoid asking me for my key every time I connect to one of my servers. It generally okay, I don't do so much work on that server that I'd have to connect all the time...

However, it is annoying when, once in while, I end up doing a lot of work, back and forth.

The ssh-agent was installed and working. I could add the key manually:

ssh-add ~/.ssh/my-secret-key
ssh-add -l

The ssh-add command allows you to add and remove keys from the ssh-agent. The -l command line option lists the keys currently held by the agent.

...

List ciphers currently used by Apache2

If you are using Apache and e-Commerce, you probably want to know all the details of the ciphers used by the Apache SSL module.

So listing Apache supported ciphers is done using nmap as follow:

nmap --script ssl-cert,ssl-enum-ciphers -p 443 secure.m2osw.com

This call gives you a complete list of all the ciphers currently accepted by your running version of Apache. For example, the list may look like this:

| ssl-enum-ciphers:
|   SSLv3:
|     ciphers:
|       TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA - strong
|       TLS_DHE_RSA_WITH_AES_128_CBC_SHA - strong
|       ...

Why would Redirect and RedirectMatch in Apache2 not work?

As we are working on a new website, we had a problem where a redirect would not work. I tried both: a simple Redirect and a RedirectMatch as follow:

Redirect / http://finball.m2osw.com/
RedirectMatch permanent ^(.*)$ http://finball.m2osw.com$1

Both of these entries would not work at all.

I verified, to make sure, that the alias module was turned on. It was.

ls -l /var/apache2/mods-enabled

This did list the alias.conf and alias.load entries as expected.

So? What else?

Well... This was installed on a new server and we left the default entry in there:

ls -l ...

Useful online network tools

I'm starting this page and hope to think about it again at a later time when I find additional tools... but as I have network problems I often need these types of services to make sure I can get the information I need.

For more Network stuff, click on the Network tag!

What is your IP address?

Check your current IP address from your browser:

http://alexis.m2osw.com/nvg510/my-ip.php [Super clean version!]

https://www.whatismyip.com/ [More advance and with ads...]

What is my DNS?

This one is for people who setup a DNS to make sure that it can accessed from all over the world. It ...

Apache log says: client denied by server configuration

I work with Apache a lot. It is a really good web server that has many options and features. Unfortunately, maybe it has too many of them!

I ran in a problem where a notification from one server to another would fail with the following error:

[Fri Oct 11 19:43:50 2013] [error] [client 162.226.130.121] client denied by server configuration: <path to file>

Looking at the error, I was first thinking that my script was generating the error. The fact is that my script does not generate error 403. It has a 400 and 500 but not 403.

So looking at the error I thought, maybe that's an ...

Syndicate content Syndicate content

Diverse Realty

Diverse Realty Team

Want a New Home?
Want to Sell Your House?

Call Alex at
+1 (916)
220 6482

Alexis Wilke, Realtor
Salesperson
Lic. # 02024063

Cory Marcus, Broker
Lic. # 01079165

     

Terms of Site Index

Find the page/content you are looking for with our index.