Depending on the mobile network provider you use (MTN doesn’t seem to be affected in ZA at the moment, Vodacom in ZA leaks this information), and device used, your IMEI and MSISDN (mobile number) are being sent to each web server you access via the mobile data network. In addition, tracker headers are being added.
You can see this here: https://blog.sven.co.za/sniff/ (access the page from your mobile phone on 3G/4G/GPRS or EDGE). (more…)
Recently, I made the script to patch your BASH environment available on this site, but that meant a need to copy and paste.
Using a user with the appropriate rights, you can now pipe directly using a quiet wget to make the full recompile to most recent BASH version possible.
All you need is this line: (more…)
Updated to latest kernel patch bash43-30
You’ve heard of ShellShock, and the bash-exploits that are currently doing the rounds, across platforms, that make use of these bugs (CVE-2014-6271 and the volumes of additional updates including CVE-2014-6277, CVE-2014-7186, CVE-2014-7187 and CVE-2014-7169, but to name a few). Proofs of Concept are being collected here… The below works as a vulnerability fix for older Ubuntu LTS and non-LTS versions, Debian (eg Squeeze) as well as Fedora and RedHat/CentOS, and applies all up-to-date patches to Bash.
bash – as a shell – is a tried and trusted component. Some legacy systems’ repositories – be they apt, yum or other – may no longer be kept up to date. Alternatively, they may not be being kept up-to-date enough for your liking. And you want to close the bash issue in the best way you know how.
Easy workaround is a recompile of the bash shell yourself:
Quick note to myself, as I keep forgetting the syntax, though it is so easy — to block an incoming connection by null routing or rejecting the connection is as simple as
route add -host IP reject
To apply this to a whole subnet range, use the -net as you would with the /24 mask (or the appropriate subnet, /29 or smaller should do), eg
route add -net IP/RANGE reject
To undo this,
route delete IP
Repeatedly getting this error on this Twitter.com site: (more…)
It’s been a rocky start to the year of DSL connectivity with EASSY and SEACOM, among the major uplinks from Southern Africa, all were affected by outages.
After a network outage between Abu Talat in Egypt and Marseilles, France was reportedly cleared on Feb 8, 2012, rumours surrounding additional downtime of the SEACOM network (more…)
So you have a snapshot of data on one drive, and the current state of data on the second drive. How do you copy the difference between the two drives into a third directory?
Rync comes to the rescue here. And it doesn’t take much:
Time for some housekeeping – WordPress, plugins etc all patched and back to where they should be (taken long enough) — some more updates on PHP, scheduler integration and large data transfer info coming up soon!
Windows 7 won’t boot up, Safe Mode hangs (typically at CLASSPNP.SYS), the System Recovery can’t fix (Bad Patch and AutoFailover errors) and there are no recovery points to revert back to. Sound familiar? There’s a working solution! (more…)
Oftentimes, you may need to just delete all messages in queue (for example, when your script has gone mad and generated too many messages to handle, once you’ve stopped postfix). It’s quite simple, really: (more…)
Hurray!! Even Microsoft wants users to upgrade from IE6 to something modern (more…)
The upgrade to 3.0.5 was resleased yesterday. From the release notes:
Two moderate security issues were fixed that could have allowed a Contributor- or Author-level user to gain further access to the site.
One information disclosure issue was addressed that could have allowed an Author-level user to view contents of posts they should not be able to see, such as draft or private posts.
Two security enhancements were added. One improved the security of any plugins which were not properly leveraging our security API. The other offers additional defense in depth against a vulnerability that was fixed in previous release.
Download and upgrade now!
On 3G and outgoing mail not sending? Chances are, you need to set the SMTP server specific to your network. Here’s the list that may grow over time: (more…)
A new product over at x-pire.net (which redirects to x-pire.de) was unveiled in Germany today, with the aim of embedding expiry times and information into images so that they cannot be viewed after a certain time. In that way there should be a maximum lifespan to digital images on the web to prevent future embarassment, usage etc. At this stage, the prototype is available as plug-in for Firefox (as well as some other browsers in future), and expounds the idea of a ‘forgetful internet’ so that information is not immortal on the web. (more…)
From the WordPress Development Blog:
Version 3.0.4 of WordPress, available immediately through the update page in your dashboard or for download here, is a very important update to apply to your sites as soon as possible because it fixes a core security bug in our HTML sanitation library, called KSES. I would rate this release as “critical.” (more…)
… it’s time to go 0-3, I think — WordPress 3.0.3 is out – but the update is really only applicable to remote publishing-enabled systems…
WordPress 3.0.3 is available and is a security update for all previous WordPress versions.
This release fixes issues in the remote publishing interface, which under certain circumstances allowed Author- and Contributor-level users to improperly edit, publish, or delete posts.
For what it’s worth: an alleged SEACOM cable break a few kilometers from Alexandria – eta of 2.5hrs or so…
Seems like there is an upstream cable fault (being investigated) that has caused international browsing from South Africa outward to fail.
Pings reveal failing terminations on the entry points into continental Europe and the US.
IS has reported it as follows, all others are piggy-backing (or just silent on the matter): (more…)
Just a quick grouping of resources relating to Stuxnet resources and analysis after the targeted infections of the frequency converters of the Vaasa, Finland based Vacon (though Vacon publicly denies this) and Iranian company Fararo Paya.
The bottomline takeaway – never use default passwords (partical attack vector of the PLCs and SCADAs), and keep systems patched (4 zero-day Windows-based attacks). And don’t allow USB devices on a production network (the entry point of the 0.5Mb virus written in C and C++)… (more…)
So that it’s documented… I’m using port 8080 as the default port as the likelyhood of your upstream proxy being on 8080 is high – else, typical proxy ports are, of course, 80, 800 (transpartent), 8000, 3128 (squid)
To force your server to force web traffic via a proxy, just two quick things to set – in /etc/environment, export one (or two) variables: (more…)