Long time Nullamatix readers know how much I love reviewing log files. Logs can provide detailed incite into not only the overall health of a system, but information one can use to mitigate the risks of automated attacks. In this post, I'll go over a couple ways to harden a PHP enabled web server and hopefully prevent: fx29id1.txt, id23.txt, id.txt, id1.txt, fxid.txt, one.txt, fx1.txt, and several other automated attacks from successfully exploiting common weaknesses.
Although extremely useful, http server access logs are a mess in their raw form. If you're interested in watching your http server logs in real time with formatting rules and pretty colors, this post is for you.
I woke up this morning and started reading through Google Reader to see what appears to be an amazing offer posted on LowEndBox.com. The post claims a company called 2HOST is offering Xen based virtual private servers at $5/mo. How could anyone resist looking into this? Naturally, I did, and here's the scoop.
The Internet; so magical and dangerous, getting connected is a risk we're all willing to take. Whether you're infiltrating some moron's botnet, or just surfing the web, the possibility of becoming a victim in a cyber attack is real. Everyday, without fail, Nullamatix.com is bombarded with malicious attacks from all over the world. Typically, the attackers aren't targeting Nullamatix.com specifically, but a wide range of hosts, including you.
In response to the redditor seeking appropriate server room accessories, behold!:
This is a short post. A status update more than anything.
Before posting Madlib Site PHP code examples demonstrating how to use the content you've obtained from: Free Data Sources for Blue Hat SEO's Madlib Technique, I thought of a potentially interesting idea. Grep httpd server logs looking for Cross Site Request Forgery (CSRF), Cross Site Scripting (XSS), Blind SQL Injection, Remote Code Inclusion, and Remote Code Execution attempts, just for fun.
The lack of posts this week was the result of being in the woods for a week; isolated from all forms of media, cell phone communication, basically cut off from the outside world, but I'm back and have a lot to share. The disaster scenario we were instructed to deal with was pretty creative. Basically, the Military missed the satellite they shot down a couple weeks ago, and we had to deal with the radiation positioning, loss of basic infrastructure, toxic fumes, electro magnetic pulse, you name it. People died as a result of the satellite's impact, running water and electricity ceased to exist, and our primary objective was to rebuild the organization's IT infrastructure. This involved generating our own power, establishing data connectivity for Internet access and phone communication, providing air conditioning, the whole nine yards.
Although I've yet to compile any concrete proof, recent indicators have made me wonder whether or not Comcast is filtering more than just torrent traffic. Since implementing the steps outlined in this post, Comcast has actually been pretty tolerable, until recently. In an effort to establish a godly Rainbow Tables collection, I've started using torrents for the first time in probably a year. After the first day or so, ssh and remote desktop sessions would randomly terminate. GMail's built in chat interface would throw an error explaining, "We're experiencing technical difficulties, please try again later..." But I seriously doubt GMail was the one experiencing technical difficulties.