Patrick's Rants


Design By Humans

4/6/2016

Hello Roadrunner, goodbye

Filed under: Geek News and Stuff — site admin @ 7:36 am

On my server I run Fail2ban to try to catch spammers, bots and other types of annoyances that those who run servers see every day. Recently I sent a couple of emails showing banned hosts from my server. These are typical reports from fail2ban showing how and from where a particular attempt (usually log in) has failed. It was – and always is – my intent to get the ISP to check into the address of the user to figure out what is happening on their network.

And so:

The IP 24.97.75.66 has made multiple attempts to authorize against my
mail server. It is in danger of being permanently blocked.

From: Fail2Ban [redacted]
To: [redacted]
Subject: [Fail2Ban] Dovecot-Auth: banned 24.97.75.66 from rwcinc.net
Date: Wed, 23 Mar 2016 13:21:42 -0700

Hi,

The IP 24.97.75.66 has just been banned by Fail2Ban after
3 attempts against Dovecot-Auth.

I attached around 5 emails that showed the same IP being blocked after 5 attempts each so there is something happening at that address.

I got a response a few days later. I can’t tell if they did anything about it or are just telling me that they don’t bother to read attached, forwarded emails.

Hello,

If you are reporting an e-mail related incident, and you check your email via our webmail service,
you can select all of the spam in your inbox and click on the “Report spam” button, this will send
your spam with all needed information to spamblock@postmaster.rr.com so they can improve our spam
filters.

Bla bla bla….

Road Runner will not accept logs that are not in plain text (ascii) format. Do not attach files to
your e-mail. All logs must be included in the body of the message.

So this is the part I’m not sure about. I guess I can check to see if I continue to get Fail2ban reports on the offensive IP and proceed to block the entire netblock because some admin doesn’t want to read an attachment…

[update 4/6/16]
Yes, there is another set of login attempts requiring the following email:

This is my second report to you. My first included copies of six such
automated and temporary bans. I am unsure if any action was taken by
RR/Time Warner as there was no clear indication that you did actually
review and take action to prevent this connection’s unauthorized access
attempt.

Please let me know that you have taken steps to correct the
unauthorized access attempts from your network.

We’ll see if there is any more satisfactory response.

12/19/2015

Open Letter to The Mozilla Project

Filed under: Geek News and Stuff — site admin @ 9:25 am

Well, maybe just an open note/short email.

Thank you for breaking the script that I was using to get the most up to date releases of Firefox and Thunderbird. No longer will I be able to revert back to an earlier working version of either software package when your latest update is crapped out because instead of saving each release as it is named, each release will overwrite the previous one and be named *Latest* and wget can no longer intelligently know whether it has downloaded any particular release or not. Not only does this increase my bandwidth usage but yours as well. Nice going with the obfuscation of just which version I’m getting.

This puts me another half step away from Thunderbird and Firefox.

I’m fairly sure with some searching I could rewrite my script, named “getfirefox”, so that the version can be determined from the returned url, but what I had was working.

6/2/2015

Has Hell Frozen Over?

Filed under: Geek News and Stuff — site admin @ 8:32 pm

Microsoft, or more accurately, the Powershell team, has announced they will be incorporating SSH, the Secure Shell, into Powershell for interoperability between Linux/Unix based systems and Windows based systems. I install Cygwin and OpenSSH on every Windows machine I touch – and sometimes I have to install PuTTY and WinSCP as well. This changes everything.

3/25/2015

So what’s that about no need for net neutrality and plenty of competition in internet service?

Filed under: Geek News and Stuff — site admin @ 7:35 pm

We aren’t doing too badly here, there is DSL, cable internet and even satellite. However the tax office has to deal with crappy Qwest/Centurylink copper that nobody wants to admit are dog crap bad – when it rains the line hums and the modem resets every 5 minutes, but there is nothing wrong with the copper. But this guy ends up having to move after he can’t work from home.

Here’s a little more on the story.

3/1/2015

Rooted an LG Spectrum

Filed under: Geek News and Stuff — site admin @ 9:42 am

So my LG Spectrum – getting quite long in the tooth at over 2 years old – was beginning to really, really annoy me. Yes, I could still text and email, but when I was trying to make phone calls the darned thing would reboot. After it did it three times in a row I decided it was time to update the phone. Verizon doesn’t have any updates available. Add a discussion over on Slashdot about vulnerabilities in webview libraries that Google isn’t going to fix and I was ready for a “fix”, load my own, or someone else’s own, custom ROM. I had already “rooted” my phone using the script I found on the Android Forums. I had tried a few others, but the phone that I have, running Android 4.0.4, or Ice Cream Sandwich, did not get rooted using any of those methods. I had actually used ES File Explorer to uninstall some of the apps that come with the LG Spectrum from Verizon, NFL Scores and other things like that that I won’t ever use, also the Verizon backup app since I moved my phone to another carrier. The only way to uninstall those preinstalled apps is to have the phone rooted.

After the multi reboot scenario, I had totally had it with this phone. I wanted a newer OS so I tried one set of instructions, then another and ended up more or less bricking the phone and ended up at the store to get different one (different model, a bit lighter on software/bloatware, newer – but not newest – OS). I would plug it in and the button lights at the bottom would just flash. I ended up reflashing using the LG_Tools file LG Mobile Update from this thread(Direct link to LG support pages you can actually download software for quite a few different devices). The LG Tools required me to go over to the Windows 7 laptop whereas everything else can be run from my regular Debian box. So the Spectrum was now recovered to the latest OS version that Verizon had available. The OS, of course, now relocked as originally shipped. Now, with a working phone and my now backup phone, the Spectrum, I could tinker at will. Having tried various methods that didn’t work for me, I tried the method in the unlocked bootloader thread. This one worked! I now have a Spectrum running the CyanogenMod bootloader and Android 4.2.2. Due to the licensing of Google Apps, the Play Store and couple of others, I had to install an additional package from the CyanogenMod page to match the version of CyanogenMod running on my phone. And then, because I haven’t been able to get a newer version of CM to install, I had to find and install a newer version of the PlayStore app (mine would open and then close). I sideloaded the PlayStore and now have a very clean, very lightweight install on this phone. Now, what to do with it?

Oh, and my “new” phone? I didn’t take the time to research if I could install custom ROMs beforehand and it seems like I can’t. It’s a Kyocera Hydro C6750 that all my after-the-fact research shows has a really, really locked bootloader so custom ROMs aren’t likely. I will do more research before I purchase a newer phone. It can be rooted, though, so a simple install of App Quarantine keeps the things I don’t want from running. I could uninstall those apps since I have root, but sometimes bad things can happen on a factory installed ROM.


Local files:

9/30/2014

What’s your best email address?

Filed under: Geek News and Stuff,It's funny — site admin @ 7:27 pm

I just went to download a pdf report and like so many others it asks for my name and email address. Unlike so many others in the email address box are the words, “Please enter your best email address”. So I entered yourbestemailaddress@ this site… that’s what they asked for, right?

6/24/2014

Supreme Court Takes a Step to Partially Invalidate Patents on “Ideas”

Filed under: Geek News and Stuff — site admin @ 8:10 am

In an interesting, if long, posting over on VOX reviews the recent Supreme Court ruling regarding software patents. Take a trip over to read The supreme court doesn’t understand software and that’s a problem. Should there be a patent on 1+1=2? That’s the most basic form of this question.

6/21/2014

Filed under: Geek News and Stuff — site admin @ 7:25 am

Note to self: If you want the name of the fail2ban filter to show up in the email reports you have to spell the word “name” correctly.

6/10/2014

The Failure of a Mailing List

Filed under: Geek News and Stuff — site admin @ 8:27 am

Recently, I was asked if I could host a mailing list for a non-profit organization. Of course I told them yes. There has been a lot of back and forth discussion over six months or so to get things configured “just so”. Well. Things were not configured “just so”.

The thing is, all of the people whose email addresses we used were on a list provided by a governmental agency. Two things had to happen for someone’s email address to make it to this list: they had to actually provide it to the agency in the first place, they had to leave a box empty next to words similar to “do not share my email address publicly.” In other words, if you didn’t want your name and information to make it to this list you had to specifically ask that the information not be shared. I have filled out this application – and marked do not share. So my own information is on the full list but not on the publicly released list. And companies use this list for marketing and other purposes every single day.

This day was unlike any other day though. When the first email hit the wire (it was sent using Mailman mailing list software) I noticed a substantial slowdown of this server (well the server that this one replaced) immediately. The list had 21,000 email addresses on it. I was seeing loads of over 20, spiking at well over 30. When the load is at 5 things start to slow down. For a little perspective the load (as I write this) on the new machine is 0.00 0.03 0.00. There is one configuration check box on Mailman that would have made this an announce only list – which is what it really was being used as. That box was not checked.

Most normal people, me – and I hope you – would have treated this as an email to discard if you had no interest in the subject matter (it was for continuing education) and clicked on delete or even marked it as spam on their email program. Most normal people would have even recognized which list their email address was on due to the subject matter. In a group of 21,000 you will get folks from the whole spectrum. And maybe just a little less than normal. What actually happened was a few people hit reply (did I mention that the sender’s address was stripped and replaced by the mailing list alias?) Each reply of “take me off your list” went to 21k people. The cascade was at times humorous and at times sad. A simple, “hey would you stop sending me these emails?” was responded to by “I’m not sending you emails, I’m getting them too.” Times 21k.

One, very abnormal induhvidual, did the very clever thing of responding to each of the other eight or twelve responses with profanity and threats. The threats were mildly amusing in the amount of effort it took to track down names of people he felt were responsible and who might have influence. He called business offices of members of the board for the non-profit. He tracked my domain registration information and threatened to have my registrar “shut me down” on my voice mail. Well. I think he was smart enough to annoy people, but not smart enough to understand the law. The email, while annoying, did not reach the legal definition of “spam”. Yes, I have a lower tolerance for what I would consider spam, but we were well within the legal limits and only actually sent one email. It was the people clicking on reply who added to the storm. Yes, the list was misconfigured and should never have been set to allow posts by anyone other than the list administrator. I click delete on so many unwanted emails, I mark the ones that are clearly spam (made up addresses on my domain that come to the catchall address – I even have a few addresses sprinkled around this site to catch the bots) and shuffle them off so Spamassassin can learn from them. I don’t respond. If this were real spam, the act of responding is the real problem. Now someone knows the inbox gets read.

It took some fast typing on my part to get the machine wrestled into a more manageable state. I eventually set the list into emergency moderation mode (via command line – the web interface was non-responsive) and we started the cleanup process of not only the list, but of the server itself.

4/17/2014

Stomping on My (Red) Hat

Filed under: Geek News and Stuff — site admin @ 7:36 am

After much thought and (I thought) much research into the matter I decided to move to an Active Directory implementation for the office. It was not a decision made lightly and there are a few more pieces that have to be added to make everything work the way I want it. I was looking forward to group policy management, adding computers and users to the domain without have to spend too much time configuring accounts. Done right, Active Directory allows a single location for handling permissions and passwords. That’s the main thing I’m looking for – well that and some kind of certificate signon for our remote desktop logins.

My biggest concern was getting bogged down in the Windows Server 2008 implementation so I started by reading the Samba wiki Windows doesn’t like an external DNS, but I have a very customized DHCP/DNS server for the LTSP and I’m not moving that into Windows.

I managed to get Samba upgraded on the CentOS box and then…. Redhat Samba doesn’t work. At the time that I was attempting this, the encryption backend was still being worked on by Redhat and was incompatible with Windows. Really!? I ended up reverting to the prior install of Samba, which broke and I had to go through some magical incantations to remove cruft files and finally get Samba running properly again. I was so mad that I’ve only just now gotten to writing about it and some of the details have fallen out of my head*. Sorry. If you are going to use Active Directory on Redhat, just wait. It’s not ready yet.

One last glitch of installing Active Directory is Microsoft knows better than I do and disables Terminal Services because, you know, it’s safer that way. While I don’t disagree, that’s why I was trying to put AD on CentOS, that’s the only fuggin reason that I have Windows – to be able to use Windows (via Terminal Services). MS instead wants to force another server on me. Thanks, but no. We spent enough money on this server and I want it to do what I want it to do. It works for me. Maybe. There is a setting, buried in there somewhere (Google is your friend) that will allow you to re-enable the Terminal Services login.

So far I like the ability to join computers to the Domain and manage accounts and passwords in a central location. Create an account on the Domain and I can manage which computers the users have access to and I don’t have to go around creating accounts on laptops. If the laptop joined to the domain all a user has to do is login to it – if their account has privileges for the laptops. I have not joined my CentOS box to the domain, that is a task for another day. I do not, do not like. Absolutely hate might not be strong enough to express my vile hatred of Active Domain to actually do what some web sites say it can do (and I would love it if it did) and set policies so users would have a default printer and/or links on their desktops. This might work – I could have the wrong level of AD configured, but if it doesn’t work in the level I have it set at why the hell is the option there in the first place? It’s like having manual windows on your car, for future functionality the car company added the power window switch but the switch isn’t actually wired and the motor isn’t in the door cavity.

This is the kinda crap that makes computer Admins go absolutely nuts and joining some online role playing game where they hunt down Bill Gates or a likeness and beat him nearly to death but keep him alive so his suffering can continue. Cause you know, in real life it takes a lot of hams to get the gators to eat the body.

Just to be clear – in case I wasn’t – Samba should be ready to take on the AD role. Redhat broke it due to incompatible encryption libraries. Windows still fails in at least three ways that I normally would be using this software. (And I have a hard time figuring out where the hell all the configuration posts on the ‘net are referring to. Yeah, I’m an AD noob. When it takes 27 mufuggin clicks just to get close to where my screen looks like the one online – and mine still breaks!?… or doesn’t work, just as bad.)

*My initial draft was January 2, 2014.

« Previous PageNext Page »

Powered by WordPress
Comments, opinions and drivel © the poster. Satire protected under Fair Use. Opinion protected under First Amendment (see: Constitution of the United States)
Nothing on this site should be construed as tax, legal, or investment advice. If you need any of those things, seek out a professional whom you can pay for such advice. Posters cannot be held liable for your failure to perform your own due diligence.