May 19

In 1999 i subscribed to a usenet provider named Newsfeeds, the following year i didn’t renew the account but they forgot about me, so i cheated the following 10 years without paying a cent.
Thank you Newsfeeds, it’s been a huge joy downloading 10 years of binaries for free, too bad today it’s all gone, and not because they remembered about me.

This week marks the end of an era for one of the earliest pieces of Internet history, which got its start at Duke University more than 30 years ago. On May 20, Duke will shut down its Usenet server, which provides access to a worldwide electronic discussion network of newsgroups started in 1979 by two Duke graduate students, Tom Truscott and Jim Ellis.

News of the day is also the shutdown of the British Usenet indexer Newzbin today; the site sank under the weight of a lawsuit and outstanding debt. Merge these stories with the recent news of Microsoft shuttering its newsgroups, along with otherrecentstories, and the picture does not look bright for Usenet.

Sep 10

When i was looking for a Nagios replacement i stumbled upon Zabbix and i suddenly fell in love with it. Too bad it’s auto-discovery feature doesn’t allow CIDR/16 classes to be scanned, but even if it did it wouldn’t be that nice to scan the whole Amazon EC2 network just to monitor my hosts.
I’ve read in Zabbix forums that host auto-registration will be re-implemented as of version 1.6 but until then i needed an automated solution, manually add each server is not tolerated.

I wrote therefore the following script, which basically simulates logging in and manually adding a new host through web interface.
Username and password are stored into an external file (first line and second line), this because i bundled this script into a RPM for Zabbix’s agent (which erases it through %post scripts) and i don’t want my server login credentials to travel with it (i know, you can always unpack the RPM…).
The IF statement checks whether the host on which the script is run is an EC2 host or not by merely seeing if hostname begins with “ip-”, it’s a shoddy method but it does its job.
I left out template linking since it was outside my scope but it would just take a couple of seconds in tuning the POST request.

I guess all the rest is kinda self explaining. Sorry for poor formatting (WordPress doesn’t seem to handle wordwrapping properly), orange lines are of course one line only.

#!/bin/bash

USERNAME=`sed -n ’1p’ /usr/local/zabbix/sbin/zabbix_credentials`
PASSWORD=`sed -n ’2p’ /usr/local/zabbix/sbin/zabbix_credentials`
URL=http://<your_ip_address>/zabbix   # NO trailing slash
HOST=`hostname`

if [ ${HOST:0:3} = "ip-" ]; then
IP=`wget -q -O- http://169.254.169.254/latest/meta-data/public-ipv4`
DNS=`wget -q -O- http://169.254.169.254/latest/meta-data/public-hostname`
else
IP=`ifconfig eth0 | sed -n 2p | cut -d “:” -f2 | cut -d ” ” -f1`
DNS=`hostname -f`
fi

wget –keep-session-cookies –save-headers –save-cookies /tmp/cookies -O- \
–post-data=”form=1&form_refresh=1&name=$USERNAME&password=$PASSWORD&enter=Enter” \
$URL/index.php

wget –keep-session-cookies –save-headers –load-cookies /tmp/cookies -O- \
–post-data=”form=Create+Host&form_refresh=1
&config=0&groupid=0&devicetype=&name=
&os=&serialno=&tag=&macaddress=
&hardware=&software=&contact=&location=
&notes=&host=$HOST&groups%5B%5D=2
&newgroup=&dns=$DNS&ip=$IP&useip=1
&port=10050&status=0&save=Save” \

$URL/hosts.php

May 27

Though i’ll always love Debian and its philosophy i remember i immediately felt happy since i moved most of my main servers to CentOS, and when such news reach me it gets even better.

It looks like keys generated with ssh-keygen from Debian or other Debian based distros (e.g. Ubuntu) have a case of weakness due to an error in the package and can therefore be guessed. Additionally, other systems can be indirectly affected if weak keys are imported into them.

If you run any Debian based system it is highly recommended that you upgrade as soon.
More info can be found at: http://lists.debian.org/debian-security-announce/2008/msg00152.html

Mar 12

Rootkit Hunter and Lynis are two useful security tools provided by Michael Boelen at www.rootkit.nl. They perform local checks on your system looking for possible installed rootkits and compromised files and binaries.

Here you find the RPMs i made, they’ve been built on CentOS 5 but i don’t exclude you could be able to install them on any RPM capable distribution. Continue reading »

Mar 03

DenyHosts is a very nice Python script to help you protect from SSH brute force attacks. It parses your secure.log to find unauthorized access attempts and add the offending hosts to hosts.deny. Continue reading »

Jan 04

There are things you usually understimate, things with a remote possibility of failure, things that out of the blue turn the day before your departure into a living hell.

It happened yesterday, when the old, free and almost trusted Xname said goodbye to this world leaving many of my server forsaken in the darkness.

I now switched to EditDNS.net, which is free, well managed and provides lot of nice features and 5 world dislocated servers.
Hurry if your domains still lie in the dark.

Greetings from .nl :)

Nov 12

If you run your Mac in a mixed network environment you’ll surely have noticed .DS_Store files appearing in the shared folders of your Linux or Windows boxes, they’re hidden files used to store custom attributes of a folder such as the position of icons or the choice of a background image. Continue reading »