FyhTech - Fun with Linux https://tech.feedyourhead.at/rss.xml en 34c3: TUWAT! https://tech.feedyourhead.at/content/34c3-tuwat <span class="field field--name-title field--type-string field--label-hidden">34c3: TUWAT!</span> <div class="clearfix text-formatted field field--name-body field--type-text-with-summary field--label-hidden field__item"><p><img alt="34c3" data-entity-type="file" data-entity-uuid="c557d679-52ec-426e-9509-5c465fbe54e6" height="397" src="/sites/default/files/inline-images/rocket.jpg" width="298" /></p> <p>The year 2017 ended with the Chaos Communication Congress for me. It was the 34th congress and this time at a new location in Leipzig. Because the place was that huge, people brought skateboards, bicycles and even motorized sofas. As always the high quality lectures were <a href="https://media.ccc.de/c/34c3">recorded(and even live-streamed).</a> There was a variety of different topics for the lectures. I found the talk of Max Schrems about the Privacy Shield in "<a href="https://media.ccc.de/v/34c3-9295-privacy_shield_-_lipstick_on_a_pig">Privacy Shield - Lipstick on a Pig</a>?" very interesting. He gave profound insights about his battle for privacy. In the talk "<a href="https://media.ccc.de/v/34c3-9142-resilienced_kryptographie">Resilienced Kryptographie</a>" experts explained the mistakes that could be made when it comes to cryptography and they appealed to software-developers to ask for help with crypto. I like the technical lectures very much and I joined many of them. I can recommend  to watch all of the recordings. For the "political" part it was clear once again:  the fight for privacy is almost lost. Insecure IoT-devices, spying goverments and powerless citizens are in daily news. Even if this is very depressing, the title of this congress was "TUWAT", which referes to a <a href="https://berlin.ccc.de/wiki/TUWAT.TXT">text of the founder of the CCC</a>. In that text Wau Holland motivated computer fans to meet and make something useful together with this knowledge. This was the beginning of the CCC. So let's "TUWAT" and see what comes out..</p> <p> </p> </div> <span class="field field--name-uid field--type-entity-reference field--label-hidden"><span lang="" about="/users/hoti" typeof="schema:Person" property="schema:name" datatype="">Hoti</span></span> <span class="field field--name-created field--type-created field--label-hidden">Jan 03 2018</span> <div class="field field--name-field-tagies field--type-entity-reference field--label-above"> <div class="field__label">Tags</div> <div class='field__items'> <div class="field__item"><i class="fa fa-tags"></i> <a href="/taxonomy/term/99" hreflang="en">ccc</a></div> </div> </div> <section class="field field--name-comment-node-blog field--type-comment field--label-hidden comment-wrapper"> </section> <section class="field field--name-comment field--type-comment field--label-above comment-wrapper"> <h2 class='title comment-form__title'> <i class="fa fa-comments-o"></i> Add new comment</h2> <drupal-render-placeholder callback="comment.lazy_builders:renderForm" arguments="0=node&amp;1=251&amp;2=comment&amp;3=comment" token="La6EKXz-K546rUdjku3SWELR9MNzqGuxqtg3UIBd5ho"></drupal-render-placeholder> </section> Wed, 03 Jan 2018 21:24:43 +0000 Hoti 251 at https://tech.feedyourhead.at https://tech.feedyourhead.at/content/34c3-tuwat#comments https://tech.feedyourhead.at/content/34c3-tuwat#comments Merry Christmas https://tech.feedyourhead.at/content/merry-xmas-2017 <span class="field field--name-title field--type-string field--label-hidden">Merry Christmas</span> <div class="clearfix text-formatted field field--name-body field--type-text-with-summary field--label-hidden field__item"><p>I wish you a merry Christmas, beautiful holidays and a happy new year.</p></div> <span class="field field--name-uid field--type-entity-reference field--label-hidden"><span lang="" about="/users/hoti" typeof="schema:Person" property="schema:name" datatype="">Hoti</span></span> <span class="field field--name-created field--type-created field--label-hidden">Dec 25 2017</span> <div class="field field--name-field-tagies field--type-entity-reference field--label-above"> <div class="field__label">Tags</div> <div class='field__items'> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/xmas" hreflang="en">xmas</a></div> </div> </div> <section class="field field--name-comment-node-blog field--type-comment field--label-hidden comment-wrapper"> </section> <section class="field field--name-comment field--type-comment field--label-above comment-wrapper"> <h2 class='title comment-form__title'> <i class="fa fa-comments-o"></i> Add new comment</h2> <drupal-render-placeholder callback="comment.lazy_builders:renderForm" arguments="0=node&amp;1=250&amp;2=comment&amp;3=comment" token="b3rWhHlLeQAuowERGpQm4iTInpLSyDn6TWYI-QLfhqw"></drupal-render-placeholder> </section> Mon, 25 Dec 2017 08:37:52 +0000 Hoti 250 at https://tech.feedyourhead.at https://tech.feedyourhead.at/content/merry-xmas-2017#comments https://tech.feedyourhead.at/content/merry-xmas-2017#comments Suricata-Update: a smart update-script for suricata-rules https://tech.feedyourhead.at/content/Suricata-Update-a-smart-update-script-for-suricata-rules <span class="field field--name-title field--type-string field--label-hidden">Suricata-Update: a smart update-script for suricata-rules</span> <div class="clearfix text-formatted field field--name-body field--type-text-with-summary field--label-hidden field__item"><p>Last week <a href="https://oisf.net/">OISF</a> announced a new tool called <a href="https://suricata-ids.org/2017/12/05/announcing-suricata-update/">suricata-update</a>. It's a smart tool for updating suricata rules from remote sources like Emerging Threats. It's works similar to oinkmaster or pulledpork. The main advantage is that it works great with suricata, makes backup of previous rulesets and tests the rules before applying them.  Yesterday it reminded me about deprecated options in my suricata-configuration because of the tests it runs(suricata -T).</p> <p>Suricata-Update was a <a href="https://redmine.openinfosecfoundation.org/issues/2344">bit too chatty</a>, so I <a href="https://github.com/OISF/suricata-update/commit/c0596f5895b8c4514d5371543cfe2ee07af1afee">contributed to the project and implemented a config-option for a custom user-agent-string</a>.</p></div> <span class="field field--name-uid field--type-entity-reference field--label-hidden"><span lang="" about="/users/hoti" typeof="schema:Person" property="schema:name" datatype="">Hoti</span></span> <span class="field field--name-created field--type-created field--label-hidden">Dec 10 2017</span> <div class="field field--name-field-tagies field--type-entity-reference field--label-above"> <div class="field__label">Tags</div> <div class='field__items'> <div class="field__item"><i class="fa fa-tags"></i> <a href="/taxonomy/term/104" hreflang="en">Suricata</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/Programming" hreflang="en">Programming</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/taxonomy/term/103" hreflang="en">Open-Source</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/taxonomy/term/105" hreflang="en">Contribution</a></div> </div> </div> <section class="field field--name-comment-node-blog field--type-comment field--label-hidden comment-wrapper"> </section> <section class="field field--name-comment field--type-comment field--label-above comment-wrapper"> <h2 class='title comment-form__title'> <i class="fa fa-comments-o"></i> Add new comment</h2> <drupal-render-placeholder callback="comment.lazy_builders:renderForm" arguments="0=node&amp;1=249&amp;2=comment&amp;3=comment" token="KUUsA0VZz_KI9mfEDvmbLBv-No11EU6mZ8BHPmNeAvQ"></drupal-render-placeholder> </section> Sun, 10 Dec 2017 10:41:13 +0000 Hoti 249 at https://tech.feedyourhead.at https://tech.feedyourhead.at/content/Suricata-Update-a-smart-update-script-for-suricata-rules#comments https://tech.feedyourhead.at/content/Suricata-Update-a-smart-update-script-for-suricata-rules#comments Improving suricatas configuration-parser https://tech.feedyourhead.at/content/Improving-suricatas-configuration-parser <span class="field field--name-title field--type-string field--label-hidden">Improving suricatas configuration-parser</span> <div class="clearfix text-formatted field field--name-body field--type-text-with-summary field--label-hidden field__item"><p>I worked the last weeks on suricatas configuration-parser and fixed a couple of minor bugs. Some of them made it to the new <a href="https://suricata-ids.org/2017/12/06/suricata-4-0-3-available/">suricata 4.0.3 release</a>.</p> <ul><li><a href="https://suricata-ids.org/2017/12/06/suricata-4-0-3-available/">https://suricata-ids.org/2017/12/06/suricata-4-0-3-available/</a></li> <li><a href="https://github.com/OISF/suricata/commit/cb70d85c692df3e96495fa427429782add092d4d">https://github.com/OISF/suricata/commit/cb70d85c692df3e96495fa427429782add092d4d</a></li> <li><a href="https://github.com/OISF/suricata/commit/094632730ee2230ad3b2b690ea1daa528a421d8f">https://github.com/OISF/suricata/commit/094632730ee2230ad3b2b690ea1daa528a421d8f</a></li> <li><a href="https://github.com/OISF/suricata/commit/2e27a5df6b6cee7a3fdd4b6e0709a38f925ac4ad">https://github.com/OISF/suricata/commit/2e27a5df6b6cee7a3fdd4b6e0709a38f925ac4ad</a></li> </ul></div> <span class="field field--name-uid field--type-entity-reference field--label-hidden"><span lang="" about="/users/hoti" typeof="schema:Person" property="schema:name" datatype="">Hoti</span></span> <span class="field field--name-created field--type-created field--label-hidden">Dec 10 2017</span> <div class="field field--name-field-tagies field--type-entity-reference field--label-above"> <div class="field__label">Tags</div> <div class='field__items'> <div class="field__item"><i class="fa fa-tags"></i> <a href="/Programming" hreflang="en">Programming</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/c" hreflang="en">C</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/taxonomy/term/103" hreflang="en">Open-Source</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/taxonomy/term/105" hreflang="en">Contribution</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/taxonomy/term/106" hreflang="en">Bugfix</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/taxonomy/term/104" hreflang="en">Suricata</a></div> </div> </div> <section class="field field--name-comment-node-blog field--type-comment field--label-hidden comment-wrapper"> </section> <section class="field field--name-comment field--type-comment field--label-above comment-wrapper"> <h2 class='title comment-form__title'> <i class="fa fa-comments-o"></i> Add new comment</h2> <drupal-render-placeholder callback="comment.lazy_builders:renderForm" arguments="0=node&amp;1=248&amp;2=comment&amp;3=comment" token="VYkgD4YWXiJbOCGOnqvZ50OfcxkcqsaTXi2jScWWdYg"></drupal-render-placeholder> </section> Sun, 10 Dec 2017 10:25:25 +0000 Hoti 248 at https://tech.feedyourhead.at https://tech.feedyourhead.at/content/Improving-suricatas-configuration-parser#comments https://tech.feedyourhead.at/content/Improving-suricatas-configuration-parser#comments Bash-Insulter: insults you after typing a wrong command https://tech.feedyourhead.at/content/bash-insulter-insults-you-after-typing-a-wrong-command <span class="field field--name-title field--type-string field--label-hidden">Bash-Insulter: insults you after typing a wrong command</span> <div class="clearfix text-formatted field field--name-body field--type-text-with-summary field--label-hidden field__item"><p>If you type in a wrong command, <a href="https://github.com/hkbakke/bash-insulter">bash-insulter</a> will insult you badly.</p></div> <span class="field field--name-uid field--type-entity-reference field--label-hidden"><span lang="" about="/users/hoti" typeof="schema:Person" property="schema:name" datatype="">Hoti</span></span> <span class="field field--name-created field--type-created field--label-hidden">Nov 17 2017</span> <div class="field field--name-field-tagies field--type-entity-reference field--label-above"> <div class="field__label">Tags</div> <div class='field__items'> <div class="field__item"><i class="fa fa-tags"></i> <a href="/Fun" hreflang="en">Fun</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/shell" hreflang="en">Shell</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/Linux" hreflang="en">Linux</a></div> </div> </div> <section class="field field--name-comment-node-blog field--type-comment field--label-hidden comment-wrapper"> </section> <section class="field field--name-comment field--type-comment field--label-above comment-wrapper"> <h2 class='title comment-form__title'> <i class="fa fa-comments-o"></i> Add new comment</h2> <drupal-render-placeholder callback="comment.lazy_builders:renderForm" arguments="0=node&amp;1=246&amp;2=comment&amp;3=comment" token="Y4b0V6sSlAiC0eMXerG6va5Rv7tpAJXDMmW6lcZvJP0"></drupal-render-placeholder> </section> Fri, 17 Nov 2017 21:59:35 +0000 Hoti 246 at https://tech.feedyourhead.at https://tech.feedyourhead.at/content/bash-insulter-insults-you-after-typing-a-wrong-command#comments https://tech.feedyourhead.at/content/bash-insulter-insults-you-after-typing-a-wrong-command#comments How I fixed a bug in my favourite media player https://tech.feedyourhead.at/content/how-i-fixed-a-bug-in-my-favourite-media-player <span class="field field--name-title field--type-string field--label-hidden">How I fixed a bug in my favourite media player</span> <div class="clearfix text-formatted field field--name-body field--type-text-with-summary field--label-hidden field__item"><p>A few weeks ago I started <a href="https://cmus.github.io/">cmus</a> to read in all my music and it crashed badly. I wondered how this could happen and started to investigate. So I figured out that it crashed with a segfault. After compiling it with debugging-symbols and running it with gdb I located the bug in the <a href="https://github.com/lipnitsk/libcue">libcue-library</a> and I also found out the reason why: libcue doesn't handle unicode-files and one of my cue-files was unicode encodeded. So libcue started to detect a lot of "bad characters" before it segfaulted. The following lines of code leaded to a memory corruption:</p> <div class="geshifilter"><pre class="c geshifilter-c" style="font-family:monospace;">&nbsp; yylval.<span style="color: #202020;">sval</span> <span style="color: #339933;">=</span> <a href="http://www.opengroup.org/onlinepubs/009695399/functions/strncpy.html"><span style="color: #000066;">strncpy</span></a><span style="color: #009900;">&#40;</span> yy_buffer<span style="color: #339933;">,++</span>yytext<span style="color: #339933;">,</span><span style="color: #009900;">&#40;</span>yyyleng <span style="color: #339933;">&gt;</span> <span style="color: #993333;">sizeof</span><span style="color: #009900;">&#40;</span>yy_buffer<span style="color: #009900;">&#41;</span> <span style="color: #339933;">?</span> <span style="color: #993333;">sizeof</span><span style="color: #009900;">&#40;</span>yy_buffer<span style="color: #009900;">&#41;</span> <span style="color: #339933;">:</span> yyleng<span style="color: #009900;">&#41;</span><span style="color: #009900;">&#41;</span><span style="color: #339933;">;</span> yylval.<span style="color: #202020;">sval</span><span style="color: #009900;">&#91;</span>yyleng <span style="color: #339933;">-</span> <span style="color: #0000dd;">2</span><span style="color: #009900;">&#93;</span> <span style="color: #339933;">=</span> <span style="color: #ff0000;">'<span style="color: #006699; font-weight: bold;">\0</span>'</span><span style="color: #339933;">;</span> </pre></div> <p>In the first line the size of yy_buffer will be used if yyleng is too big. But in the second line there is no check and yyleng will be used to write the NULL-Byte.</p> <p>The fix was trivial:</p> <p><div class="geshifilter"><pre class="c geshifilter-c" style="font-family:monospace;">yylval.<span style="color: #202020;">sval</span> <span style="color: #339933;">=</span> <a href="http://www.opengroup.org/onlinepubs/009695399/functions/strncpy.html"><span style="color: #000066;">strncpy</span></a><span style="color: #009900;">&#40;</span> yy_buffer<span style="color: #339933;">,++</span>yytext<span style="color: #339933;">,</span><span style="color: #009900;">&#40;</span>yyyleng <span style="color: #339933;">&gt;</span> <span style="color: #993333;">sizeof</span><span style="color: #009900;">&#40;</span>yy_buffer<span style="color: #009900;">&#41;</span> <span style="color: #339933;">?</span> <span style="color: #993333;">sizeof</span><span style="color: #009900;">&#40;</span>yy_buffer<span style="color: #009900;">&#41;</span> <span style="color: #339933;">:</span> yyleng<span style="color: #009900;">&#41;</span><span style="color: #009900;">&#41;</span><span style="color: #339933;">;</span> yylval.<span style="color: #202020;">sval</span><span style="color: #009900;">&#91;</span><span style="color: #009900;">&#40;</span>yyyleng <span style="color: #339933;">&gt;</span> <span style="color: #993333;">sizeof</span><span style="color: #009900;">&#40;</span>yy_buffer<span style="color: #009900;">&#41;</span> <span style="color: #339933;">?</span> <span style="color: #993333;">sizeof</span><span style="color: #009900;">&#40;</span>yy_buffer<span style="color: #009900;">&#41;</span> <span style="color: #339933;">:</span> yyleng<span style="color: #009900;">&#41;</span> <span style="color: #339933;">-</span> <span style="color: #0000dd;">2</span><span style="color: #009900;">&#93;</span> <span style="color: #339933;">=</span> <span style="color: #ff0000;">'<span style="color: #006699; font-weight: bold;">\0</span>'</span><span style="color: #339933;">;</span> </pre></div></p> <p>I prepared a <a href="https://github.com/lipnitsk/libcue/commit/e60b7b01a40009c7c71c5e154a328881a6e9ae46">pull-request</a> and it was merged by the author immediatly.</p> </div> <span class="field field--name-uid field--type-entity-reference field--label-hidden"><span lang="" about="/users/hoti" typeof="schema:Person" property="schema:name" datatype="">Hoti</span></span> <span class="field field--name-created field--type-created field--label-hidden">Nov 09 2017</span> <div class="field field--name-field-tagies field--type-entity-reference field--label-above"> <div class="field__label">Tags</div> <div class='field__items'> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/c" hreflang="en">C</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/Programming" hreflang="en">Programming</a></div> </div> </div> <section class="field field--name-comment-node-blog field--type-comment field--label-hidden comment-wrapper"> </section> <section class="field field--name-comment field--type-comment field--label-above comment-wrapper"> <h2 class='title comment-form__title'> <i class="fa fa-comments-o"></i> Add new comment</h2> <drupal-render-placeholder callback="comment.lazy_builders:renderForm" arguments="0=node&amp;1=245&amp;2=comment&amp;3=comment" token="GjvCVcOrdkOib2kQql44EOHkN8BbAmDy0rtWQSgEfXs"></drupal-render-placeholder> </section> Thu, 09 Nov 2017 07:19:13 +0000 Hoti 245 at https://tech.feedyourhead.at https://tech.feedyourhead.at/content/how-i-fixed-a-bug-in-my-favourite-media-player#comments https://tech.feedyourhead.at/content/how-i-fixed-a-bug-in-my-favourite-media-player#comments Third Anniversary https://tech.feedyourhead.at/node/244 <span class="field field--name-title field--type-string field--label-hidden">Third Anniversary</span> <div class="clearfix text-formatted field field--name-body field--type-text-with-summary field--label-hidden field__item"><p>Even if I was a little bit lazy and did not write much lately, I am very proud to announce the third anniversary of this blog.</p></div> <span class="field field--name-uid field--type-entity-reference field--label-hidden"><span lang="" about="/users/hoti" typeof="schema:Person" property="schema:name" datatype="">Hoti</span></span> <span class="field field--name-created field--type-created field--label-hidden">Nov 07 2017</span> <div class="field field--name-field-tagies field--type-entity-reference field--label-above"> <div class="field__label">Tags</div> <div class='field__items'> <div class="field__item"><i class="fa fa-tags"></i> <a href="/taxonomy/term/98" hreflang="en">Anniversary</a></div> </div> </div> <section class="field field--name-comment-node-blog field--type-comment field--label-hidden comment-wrapper"> </section> <section class="field field--name-comment field--type-comment field--label-above comment-wrapper"> <h2 class='title comment-form__title'> <i class="fa fa-comments-o"></i> Add new comment</h2> <drupal-render-placeholder callback="comment.lazy_builders:renderForm" arguments="0=node&amp;1=244&amp;2=comment&amp;3=comment" token="uI0rRDoie0vy_5j0_uIqaxkp6-uZqtbjravAwk2ofBI"></drupal-render-placeholder> </section> Tue, 07 Nov 2017 21:50:05 +0000 Hoti 244 at https://tech.feedyourhead.at https://tech.feedyourhead.at/node/244#comments https://tech.feedyourhead.at/node/244#comments Managing MaraDNS with Ansible https://tech.feedyourhead.at/content/managing-maradns-with-ansible <span class="field field--name-title field--type-string field--label-hidden">Managing MaraDNS with Ansible</span> <div class="clearfix text-formatted field field--name-body field--type-text-with-summary field--label-hidden field__item"><p>I wrote a <a href="https://github.com/whotwagner/ansible-role-maradns">role for managing MaraDNS with Ansible</a>.</p> <h3>Requirements</h3> <ul> <li>Ansible 2.1+ (might ork with prior versions too)</li> <li>Debian-based Linux-distribution</li> </ul> <h3>Installation</h3> <p><code>ansible-galaxy install whotwagner.maradns</code></p> <h3>Configuration Example</h3> <pre><code> maradns_zones: - name: example.com email: support@example.com spf: - { val: 'v=spf1 ip4:212.41.224.0/24 -all' } txt: - { val: 'v=spf1 ip4:212.41.224.0/24 -all' } - { name: 'xmas', val: 'Merry Christmas' } ns: - { val: ns1.example.com. } - { val: ns2.example.com. } - { name: 'subdom.%', val: 'ns1.%' } mx: - { prio: 5, rec: mx.example.com. } - { prio: 10, rec: mx2.% } srv: - { name: "_sip._udp", val: "0 0 5060 sip.%" } fqdn4: - { domain: "mx", ip: "7.7.7.7" } ptr: - { domain: "www", ip: "8.8.8.8" } a: - { ip: 8.8.8.8 } - { domain: 'www', ip: 8.8.8.8 } - { domain: 'sip', ip: 6.6.6.6 } # the following zone is disabled: - name: alice.com enabled: False </pre><code></div> <span class="field field--name-uid field--type-entity-reference field--label-hidden"><span lang="" about="/users/hoti" typeof="schema:Person" property="schema:name" datatype="">Hoti</span></span> <span class="field field--name-created field--type-created field--label-hidden">Aug 28 2017</span> <div class="field field--name-field-tagies field--type-entity-reference field--label-above"> <div class="field__label">Tags</div> <div class='field__items'> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/ansible" hreflang="en">Ansible</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/Programming" hreflang="en">Programming</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/sysadmin" hreflang="en">Sysadmin</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/Linux" hreflang="en">Linux</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/downloads" hreflang="en">Downloads</a></div> </div> </div> <section class="field field--name-comment-node-blog field--type-comment field--label-hidden comment-wrapper"> </section> <section class="field field--name-comment field--type-comment field--label-above comment-wrapper"> <h2 class='title comment-form__title'> <i class="fa fa-comments-o"></i> Add new comment</h2> <drupal-render-placeholder callback="comment.lazy_builders:renderForm" arguments="0=node&amp;1=243&amp;2=comment&amp;3=comment" token="zU_W2MAJyqckkwjlDcj7hoIYMTQfaajbt8qlMirMjXA"></drupal-render-placeholder> </section> Mon, 28 Aug 2017 18:28:00 +0000 Hoti 243 at https://tech.feedyourhead.at https://tech.feedyourhead.at/content/managing-maradns-with-ansible#comments https://tech.feedyourhead.at/content/managing-maradns-with-ansible#comments check_mk-rbl - A check_mk-plugin that monitors public ipv4 addresses https://tech.feedyourhead.at/content/check_mk-rbl-a_check_mk_plugin_that_alerts_blacklisted_addresses <span class="field field--name-title field--type-string field--label-hidden">check_mk-rbl - A check_mk-plugin that monitors public ipv4 addresses</span> <div class="clearfix text-formatted field field--name-body field--type-text-with-summary field--label-hidden field__item"><p>Check_MK is a great monitoring tool. One of it's strengths actually is, that it can automatically detect services and monitors it. I always monitored all public ip-addresses of my servers if they are listed on any dns-blacklist. I  had to add new public ip's manually, so I reached out for a new solution. I found a nice little plugin in a <a href="https://github.com/HeinleinSupport/check_mk">GitHub-repository of HeinleinSupport</a>. The plugin waIs great, but I missed two things. First, it checks all Ipv4-addresses of a server,  including private addresses and second it uses hardcoded dnsrbl-server. So I modified the script so that it checks only public addresses and it can use an ini-file, if it exists(otherwhise it still uses hardcoded dns-servers). My modified version <a href="https://github.com/whotwagner/check_mk-rbl">check_mk-rbl is available on github</a>.</p></div> <span class="field field--name-uid field--type-entity-reference field--label-hidden"><span lang="" about="/users/hoti" typeof="schema:Person" property="schema:name" datatype="">Hoti</span></span> <span class="field field--name-created field--type-created field--label-hidden">Aug 20 2017</span> <div class="field field--name-field-tagies field--type-entity-reference field--label-above"> <div class="field__label">Tags</div> <div class='field__items'> <div class="field__item"><i class="fa fa-tags"></i> <a href="/Programming" hreflang="en">Programming</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/taxonomy/term/100" hreflang="en">Monitoring</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/taxonomy/term/102" hreflang="en">Check_MK</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/downloads" hreflang="en">Downloads</a></div> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/sysadmin" hreflang="en">Sysadmin</a></div> </div> </div> <section class="field field--name-comment-node-blog field--type-comment field--label-hidden comment-wrapper"> </section> <section class="field field--name-comment field--type-comment field--label-above comment-wrapper"> <h2 class='title comment-form__title'> <i class="fa fa-comments-o"></i> Add new comment</h2> <drupal-render-placeholder callback="comment.lazy_builders:renderForm" arguments="0=node&amp;1=242&amp;2=comment&amp;3=comment" token="kz-R6sHq8pRhFgqjnweZhHBFUpaijkAlj65nngshbmU"></drupal-render-placeholder> </section> Sun, 20 Aug 2017 08:12:05 +0000 Hoti 242 at https://tech.feedyourhead.at https://tech.feedyourhead.at/content/check_mk-rbl-a_check_mk_plugin_that_alerts_blacklisted_addresses#comments https://tech.feedyourhead.at/content/check_mk-rbl-a_check_mk_plugin_that_alerts_blacklisted_addresses#comments OpenElec: CVE-2017-6445 revisited https://tech.feedyourhead.at/content/openelec-cve-2017-6445-revisited <span class="field field--name-title field--type-string field--label-hidden">OpenElec: CVE-2017-6445 revisited</span> <div class="clearfix text-formatted field field--name-body field--type-text-with-summary field--label-hidden field__item"><p>A few months ago I <a href="https://tech.feedyourhead.at/content/openelec-remote-code-execution-vulnerability-through-man-in-the-middle">published a vulnerability in OpenElecs updater</a>. I successfully hacked remotely OpenElec version 6.x.x and 7.x.x . OpenElec 8 is available for a while and <a href="http://openelec.tv/news/22-releases/188-stable-openelec-8-0-4-released">reached version 8.0.4</a>. So I tested the bug against this version and it's still open. An attacker who is Man-In-The-Middle can remotely compromise Openelec-Updates and plant a reverse-shell  on the target.</p></div> <span class="field field--name-uid field--type-entity-reference field--label-hidden"><span lang="" about="/users/hoti" typeof="schema:Person" property="schema:name" datatype="">Hoti</span></span> <span class="field field--name-created field--type-created field--label-hidden">Jun 25 2017</span> <div class="field field--name-field-tagies field--type-entity-reference field--label-above"> <div class="field__label">Tags</div> <div class='field__items'> <div class="field__item"><i class="fa fa-tags"></i> <a href="/tags/security" hreflang="en">Security</a></div> </div> </div> <section class="field field--name-comment-node-blog field--type-comment field--label-hidden comment-wrapper"> </section> <section class="field field--name-comment field--type-comment field--label-above comment-wrapper"> <h2 class='title comment-form__title'> <i class="fa fa-comments-o"></i> Add new comment</h2> <drupal-render-placeholder callback="comment.lazy_builders:renderForm" arguments="0=node&amp;1=241&amp;2=comment&amp;3=comment" token="e3CIFIFw65ZxCl2noDmTgMicHB44fVHQD-OJ5FgKwHM"></drupal-render-placeholder> </section> Sun, 25 Jun 2017 08:41:54 +0000 Hoti 241 at https://tech.feedyourhead.at https://tech.feedyourhead.at/content/openelec-cve-2017-6445-revisited#comments https://tech.feedyourhead.at/content/openelec-cve-2017-6445-revisited#comments