I started the honeypot-complaint service – now every attck is reported to the appropriate email-address. This was kind of tricky, since the abusix-database does not match every time. I added a whois-query and grep in the output, too..
Archive for July, 2009
honeypot now complaints actively
Tuesday, July 14th, 2009Milw0rm down
Wednesday, July 8th, 2009The exploit-portal Mil0rm has stopped.
Too many exploits and not enough time to verify them are the reasons.
Bad news..
Legato Networker: dynamic directory listing
Tuesday, July 7th, 2009You use Legato Networker and your directory-path are changing quite often? You want wo
parallelize your SaveSets? Here is how I do it:
on the backup server:
* enter “savepnpc” in the clients backup command.
* create 2 groups with this client starting shortly one after the other
on the client:
* in the /nsr/res directory create 2 file named <groupname1>.res and <groupname2>.res
group1 (which runs first) contains:
type: savepnpc;
precmd: "/usr/local/sbin/nsrupdate";
group2 contains:
type: savepnpc;
precmd: "/usr/local/sbin/nsrupdate";
pstcmd: "/usr/local/sbin/nsrpostupdate";
The file nsrupdate reads the dir-listing and changes networker via nsradmin;
in the second group this saveset is then used and afterwards changed to something
small, which will be modified again in the the next run..
# erstelle Directory-Listing:
set var [glob -nocomplain -types d /backup_dir/*]
# trenne Dateien mit kommas
foreach f [lsort $var] {
set g $f,
append dir $g
append dir " "
# Kontrolle?
#puts $dir
# entferne Lerrezeichen Komma vom letzten Dir-Eintrag
set dir [string trim $dir ]
set dir [string trim $dir ,]
# starte das backup-administrationsprogramm
spawn /usr/sbin/nsradmin -s backupserver
expect "nsradmin>"
send ". type : NSR client;name:dummyr"
expect "nsradmin>"
send "update save set: $dirr"
expect "Update?"
send "Yr"
expect "updated resource"
send "quitr"
exit 0
# starte das backup-administrationsprogramm
spawn /usr/sbin/nsradmin -s backupserver
expect "nsradmin>"
send ". type : NSR client;name:dummyr"
expect "nsradmin>"
send "update save set: /tmp/yr"
expect "Update?"
send "Yr"
expect "updated resource"
send "quitr"
exit 0
nice Stop – Sign
Saturday, July 4th, 2009looks like CDU has been hacked : http://www.cdu-bundestag.de/
shows a nice Stop-Sign 🙂
Actually, it isn’t hacked: cdu-bundestag.de (same as spd-bundestag.de) is a hoax;
it never belonged to the party.