Getting rid of SSH brute forcers

Posted on 2008-06-29 by Oliver

I am usually using different methods in a combination. In the sshd_config I declare AllowGroups with the group ssh-users. This group does never contain root. Furthermore I set PasswordAuthentication no and generally authenticate only by key. Root login is of course not allowed either, except in single-user mode (PermitRootLogin no). Of course root has a different key, which will only be used in emergency cases, i.e. in single-user mode. Martin F. Krafft, author of the Debian book, has a nice recipe for this (note, that there is an erratum on the book’s website). Set this in your /etc/inittab:

sh:S:respawn:/usr/sbin/sshd -Do 'AllowUsers=root'

That will already keep out most attackers since they will try passwords most of the time. However, we can make it a bit harder for them. In order to achieve this, you just need a recent version of iptables. You will need the ipt_recent module of iptables installed as well. There are two programs coming with iptables, which can be used to save and restore the iptables rules. They are aptly named iptables-save and iptables-restore. We’ll use the latter one for our purposes. It allows us to declare rules and have them stored conveniently in a file. I usually call the file something like /etc/firewall.conf, but that’s a matter of taste.
Continue reading

Posted in EN, IT Security, Linux | Leave a comment

Beware the msvcrt.dll

Posted on 2008-06-28 by Oliver

As noted previously, the msvcrt.dll got the state of a system library and is thus included in systems from XP up. On earlier systems you will have to have a particular service pack level or get the redistributable package with the suitable version of msvcrt.dll.

But be careful. I noticed that the build target system will define whether a newer functions in msvcrt.dll will be used. For example functions involved in exception handling. Several of these aren’t available in previous versions of Windows and thus the built binary will really only run on the target and later. Previously it was possible to target binaries for – say – Windows 2003 Server and yet be able to run it on earlier systems.

// Oliver

Posted in DDKWizard/DDKBUILD, EN, Programming | Leave a comment

Version numbers of DDKBUILD.CMD and DDKWizard

Posted on 2008-06-27 by Oliver

I have just finished moving all previous DDKBUILD.CMD and DDKWizard versions under version control – subversion, to be more precise. This means there will be a change of the way how the version number is represented. Currently we have the normal way of saying 7.1, 7.2, 7.3 … 7.10, 7.136 … and so on. Whenever a slight change was made, the changed version wouldn’t change the minor version number, but rather get appended an a, b, c and so on (1.1.2a …). This will change with the next version of these two products. The new version numbers are going to look like this:

7.2/r20 or 1.2.1/r42

The number behind the “r” is the revision number in my SVN repository. Eventually I will even open up the respective repositories – but there are some technicalities I need to resolve first.

// Oliver

PS: Yes, I am working on the new version(s), including considerable updates to the DDKWizard manual.

Posted in DDKWizard/DDKBUILD, EN, Programming | Leave a comment

Prick passing chain – unpleasant questions

Posted on 2008-06-26 by Oliver

… at work or elsewhere, how often have you met those guys who pretend they can do things they don’t even have a clue of?

  • How often did such a person not only lie but hold you ransom by initiating ideas without following up on them? Did you and others have to fix it? How much of your efforts were rewarded? Who got the fame in case of success? Who got the blame in case of failure?
  • How often has the person posed as an expert and how many personal fans does he have?
  • How often has this person changed jobs?
  • How much does that person exaggerate in every single aspect of life?
  • How does the person’s expertise compare to the actual knowledge when caught without prepared presentation and lit projector?
  • How many jet packs does the person own?
  • How many incognito visits from leaders of foreign countries has the person gotten recently? How many visitors came in private jets?
  • How well does that person speak English?
  • How many photo-realistic pictures has the person “rendered” without being able to explain technical details of the process or the result? How much of that was done on the two-graphics-chip machine he got for work?
  • How many books did the person claim to have written? How many of them does your book store have in the catalog? Has he used the name of actual experts to appear more knowledgable?
  • How many truck loads of bananas did the person order?
  • How many nights did the person spend in a hotel room for five thousand dollars a night (and off-topic: were there any hookers included in that price?)?
  • How often was the person CxO/VP of a company? How many of the CxO/VP positions can be found in the CV?
  • How often was the person a grunt worker? How many of those positions appear on the CV?
  • How much of the claims in the CV add up when checked with Google and other search engines?
  • How many companies has the person left out on the CV? How does the CV add up if you add the left out jobs?
  • Does the person like to show off with gadgets or company-financed goodies?
  • Does the person change internet nicknames whenever changing companies?
  • Did the person single-handedly improve the product of the company he worked for according to his and his fans’ accounts?
  • Was the person suspiciously productive when joining the company with all the acquired knowledge from the previous company but soon went out of … aah maybe you aren’t at this point just yet?!
  • Is the person the most important knowledgable expert in your company?
  • Is there something wrong in this previous item?

How much of all this could possibly be true? Does such a person exist?

Chances are, you are wondering whether we think about the same person. It’s a well-known game and it is your turn now. Good luck! You’ll need it …

PS: Never mind the spelling of the subject line, I am not a native speaker.

Posted in EN, Thoughts | 5 Comments

I am told that size doesn’t matter (anymore)!

Posted on 2008-06-25 by Oliver

Chris Wimmer, a fellow programmer, told me in a chat today, that the size of applications doesn’t matter. But I’ll let you decide. However, the program which he wrote is worthwhile regardless of its size. Even more so the library on which it is based.

// Oliver

Posted in IT Security, Programming, Software | 6 Comments

A quick reply

Posted on 2008-06-24 by Oliver

The assertion that I rushed to my decision as it was raised couldn’t be further from the truth. First of all it hasn’t been the first time for me to think about this step and secondly I had several sleepless nights because of struggling with the decision. Maybe you could just respect it and read through my arguments. Feel free to comment on them over there (not here).

// Oliver

Posted in EN, Programming, Thoughts | Comments Off on A quick reply

Giving up on the Delphi community

Posted on 2008-06-24 by Oliver

Hi,

after some sleepless nights and thinking a lot about the pros and cons, I decided to leave the Delphi community. It isn’t clear to me, whether it is the Delphi community that changed so much, or whether it is me, but we don’t match anymore. I want to move on.
Continue reading

Posted in EN, Programming, Thoughts | 12 Comments

Serious development over at ReactOS

Posted on 2008-06-24 by Oliver

Read this:

http://www.reactos.org/pipermail/ros-dev/2008-June/010461.html

and then this:

http://www.reactos.org/pipermail/ros-dev/2008-June/010462.html

Update: nope, you don’t get the impression that James is taken serious.
http://www.reactos.org/pipermail/ros-dev/2008-June/010463.html
… although he is serious about it. But it seems this time ReactOS has been hijacked for good. Take a backup, everyone, now …

// Oliver

Posted in /dev/null, EN | Leave a comment

Mal wieder Versuchskarnickel für GMX

Posted on 2008-06-24 by Oliver

Na schönen Dank auch. Da wird man als zahlender Kunde tatsächlich in einen Betatest für ein Produkt gezwungen, daß – wiedermal – den aktuellen Funktionsumfang von GMX einschränkt, indem es nur Uralt-Browser unterstützt. Statt dies per Opt-In zu machen, darf man sich also folgende Meldung gefallen lassen:

GMX Organizer 2008 Beta

Als Opera-Benutzer wird man halt frech und fröhlich ausgesperrt. Ja, auch das ist eine Methode Kundenzufriedenheit zu erzeugen. Es ist ja schließlich so – wie schon vor Jahren – daß alle Browser in ihrer Kompatibilität derart divergieren, daß man Opera aussperren muß. Klar! Safari mag ich nicht sonderlich; es ist aber auch nicht in der Fehlermeldung erwähnt, also ist es sinnlos überhaupt zu probieren. Dafür werden wenigestens Uraltversionen von Firefox und Internet Explorer unterstützt. Man soll bei GMX ja einen “modernen” Browser benutzen … 😕

Bitte beachten Sie:

  • Ihre Termine haben wir für Sie von Ihrem alten Organizer in den neuen GMX Organizer 2008 Beta übertragen.
  • Der GMX Organizer 2008 Beta setzt den Internet Explorer ab Version 6 bzw. den Firefox Browser ab Version 1.5 und aktiviertes JavaScript voraus.

Meine Termine wurden also schon übertragen. Find ich … scheiße! 👿

// Oliver

Posted in /dev/null, DE, Gedanken | Leave a comment

OpenBSD’s NTPD inside a Debian domU

Posted on 2008-06-23 by Oliver

To get the package openntpd installed was easy, but to get it to work, required some search. In order to have a domU use an independent clock, you have to set a kernel variable. In a running system you do this via the following line:

echo 1 > /proc/sys/xen/independent_wallclock

and to make this setting persistent, add the following line to your /etc/sysctl.conf:

xen.independent_wallclock = 1

Then restart the OpenBSD NTP daemon or install it just after those changes. This will ensure that NTP works properly. Before, I got no complaints from the daemon or in the log files, but the time was off by ~2:10 min … in each and every domU.

// Oliver

PS: all credit goes to Martin at this blog.

Posted in /dev/null, EN, Software | Leave a comment

Fascinating problem with SCP

Posted on 2008-06-22 by Oliver

Today I had a fascinating issue with SCP (Secure Copy). I was a bit flabbergasted when several attempts to copy a 800 MiB file failed … after a while. You could see that the transfer rate was going up. Since I was connected via SSH to the machine which executed the SCP command, and apparently the transfer rate of SCP was eating up the bandwidth for the actual SSH connection. At least the SSH connection was dropped every single time until I used -l to limit the transfer rate of SCP. Fascinating indeed.

I hope this will help someone to figure out similar issues.

// Oliver

Posted in EN, IT Security, Software | Leave a comment

Let me know if anyone has problems accessing …

Posted on 2008-06-21 by Oliver

… this blog or any of the subdomains of assarbad.net, assarbad.info or assarbad.org. If this is the case, something went wrong with the migration to a different server. Otherwise you should perhaps not even have noticed. Except if you have one machine that caches DNS names and another which doesn’t. In this case this entry will only appear in the blog on the new IP, because this is the continued one. The other IP will at some point cease to get any requests for those domain names and I am going to take down the files and so on after 24 hours.

// Oliver

Update: Duh, I just noticed that I “defused” delphi-jedi.net by mistake. Have fixed it, but it’ll have to propagate through the DNS system again.

Posted in /dev/null, EN | Leave a comment

Hmm lecker

Posted on 2008-06-21 by Oliver

Meinen Reis kaufe ich ohnehin nur lose. Aber letztens habe ich mal etwas eigenwilliges probiert. Ich habe nach dem Kochen Pesto zu meinem Reis gegeben und es schmeckt ziemlich gut. Abgesehen von den Preissteigerungen beim Reis (allerdings habe ich den 5kg-Sack schon davor gekauft gehabt) ist das auch noch billig. Da ich als gebürtiger Lausitzer natürlich (Achtung Stereotyp :mrgreen: !) Meerrettich mag, habe ich dann bei einem der nächsten Male einfach mal etwas davon dazugetan. Immernoch lecker. Hier also das vorläufige Rezept:

– Thai-Duftreis (nach Bedarf)
– Pesto alla Calabrese (nach Geschmack)
– Meerrettich (nach Geschmack)

Vegetarisch und trotzdem lecker. Man glaubt es kaum.

// Oliver (Junggeselle :mrgreen: )

Posted in /dev/null, DE | 2 Comments

When is Opera 9.51 scheduled?

Posted on 2008-06-21 by Oliver

I’ve got one pretty interesting problem which is highly annoying in my opinion. As a fan of Opera, I have of course upgraded immediately to Opera 9.50 when it was released. Experience so far was always good. Not so this time.

First off, I disliked the fact that they have this dark glassy skin as a default now. Well, it may be stylish and nice and all – I don’t like it anyway. Here a comparison (click to enlarge).

Opera 9.27 vs. 9.50

Continue reading

Posted in EN, Software | Leave a comment

DLOAD_ERROR_HANDLER not specified

Posted on 2008-06-20 by Oliver

If you’re using the Windows 2008 Server WDK in order to develop usermode code, you’ll have stumbled over this error message referencing DLOAD_ERROR_HANDLER:

Warning: DLOAD_ERROR_HANDLER not specified in $(MAKEDIR)

I am not yet sure whether you have to give a function name (research leads me to think that), but you can make it shut up by giving some bogus value.

// Oliver

Posted in /dev/null, Programming | Leave a comment

Ich hasse es Fußball zu schauen

Posted on 2008-06-20 by Oliver

Kein Scherz, ich hasse es. Es ist meines Erachtens so sinnlos wie die Liveübertragung von Livekonzerten im Fernsehen. Nun höre ich relativ regelmäßig Inforadio vom RBB, jupp auch auf Island kann man das empfangen. Gestern aber gab es statt dem normalen “informativen” Programm nur Fußball als Liveübertragung. Nach ein paar Minuten hat es mir sogar einigermaßen gefallen (Portugal vs. Deutschland) und man kann nebenbei noch andere Dinge machen, weil eben nur einer der Sinne beansprucht wird.

// Oliver

Posted in DE, Gedanken | Leave a comment

Not a flop then, it seems

Posted on 2008-06-19 by Oliver

The Firefox 3 Download Day was apparently less a flop than it seemed at first glance (i.e. within the first two hours). They got more than 8 million downloads in 24h, but for some reason the start and end times were apparently really shifted by approximately 105 minutes. Perhaps due to the outages in the beginning.

I finally got the new version and one of the stranger things is the check of the certificate of some pages. For example some pages with a perfectly fine SSL certificate get the “medium” value (i.e. blue) instead of green. No idea why or how this is meant to be. I liked the yellow address bar for this purpose better.

// Oliver

Posted in EN, IT Security, Software | Leave a comment

Yep, polar bears are definitely endangered now!

Posted on 2008-06-18 by Oliver

While the Icelandic police had my understanding with shooting the first polar bear in twenty years, after it had approached a settlement, this is definitely just stupid now. There is no excuse for the killing of the two polar bears that were sighted on Monday this week. Tranquilizers should have been available this time, instead real bullets were used again.

And guess what, not the hostility of the (second) bear (this week) was the reason for it being killed – it was the stupid curiosity of journalists. Once the bear started approaching the journalists, it was shot. Nice job!

My proposal for the next time: let the bear kill one or two journalists in order to give the journalists the necessary impressions to develop some respect for such an animal and then you’ve bought yourself some time to get the tranquilizers and the cage to transport the polar bear back to Greenland or to some zoo alive.

// Oliver

Posted in EN, Island/Iceland/Ísland | 1 Comment

Firefox 3 Download Day 2008, a flop? (update)

Posted on 2008-06-17 by Oliver

The download day for the world record attempt in the number of downloads by the Firefox community seems to be(come) a flop. It’s now 45min after the whole thing started and apparently the servers can’t handle the number of requests.

Or is something going on in parallel? Such as a DDoS of their webservers?

Update: Their site is back, although slow.

Update #2: So they’re prepared? Fun fact, I get offered the version 2 in the language which is set as primary in my primary browser (which isn’t Firefox). Wondering whether the world record attempt will even be valid in such a case …

Update #3: Okay, screw their world-record attempt. I have some sympathies for them, although it is not my favorite browser, but it’s simply getting ridiculous. I am getting offered version 2 as version 3 (screenshot below) and their download page for other languages and operating systems lists only version 2.0.0.14 (other screenshot) for any language. It’s definitely the worst-prepared world-record attempt. Maybe it will make it into the Guiness Book after all, although under a different category than anticipated?!

Update #4: It looks like they sorted it out now.

// Oliver

Posted in EN, Software | 5 Comments

SpeedCommander 12.20 released

Posted on 2008-06-16 by Oliver

If you’re juggling files beyond the desktop and still use Windows Explorer, check out SpeedCommander. The new version has gotten even better and unlike another popular “commander-like” file manager it has full Unicode support and even has a native x64 version.

Link: www.speedproject.de

// Oliver

Posted in EN, Software | 5 Comments