Whow.. I finally crossed the 50.000 complaints line. I got about 18.600 replies to
my complaints; either being autoreplies by abuse departments, activity statements of the
providers or “over quota” or similar bounce messages from abuse-mailboxes.
I hope that this service does something good.
50.000 complaints
October 15th, 200920.000 complaints
August 19th, 2009Since the beginning of sending automated complaints due to attacks of my honeypot the system now has send out more than 20.000 emails. Some positive reactions have reached me, so I hope that this service is somewhat helpful. Funny are the bounces from the not reachable abuse-addresses .. will put them on a different page soon.
honeypot now complaints actively
July 14th, 2009I started the honeypot-complaint service – now every attck is reported to the appropriate email-address. This was kind of tricky, since the abusix-database does not match every time. I added a whois-query and grep in the output, too..
Milw0rm down
July 8th, 2009The exploit-portal Mil0rm has stopped.
Too many exploits and not enough time to verify them are the reasons.
Bad news..
Legato Networker: dynamic directory listing
July 7th, 2009You use Legato Networker and your directory-path are changing quite often? You want wo
parallelize your SaveSets? Here is how I do it:
on the backup server:
* enter “savepnpc” in the clients backup command.
* create 2 groups with this client starting shortly one after the other
on the client:
* in the /nsr/res directory create 2 file named <groupname1>.res and <groupname2>.res
group1 (which runs first) contains:
type: savepnpc;
precmd: "/usr/local/sbin/nsrupdate";
group2 contains:
----------------------------------
type: savepnpc;
precmd: "/usr/local/sbin/nsrupdate";
pstcmd: "/usr/local/sbin/nsrpostupdate";
The file nsrupdate reads the dir-listing and changes networker via nsradmin;
in the second group this saveset is then used and afterwards changed to something
small, which will be modified again in the the next run..
------------------------------
#!/usr/bin/expect
# erstelle Directory-Listing:
set var [glob -nocomplain -types d /backup_dir/*]
# trenne Dateien mit kommas
foreach f [lsort $var] {
set g $f,
append dir $g
append dir " "
}
# Kontrolle?
#puts $dir
#
# entferne Lerrezeichen Komma vom letzten Dir-Eintrag
set dir [string trim $dir ]
set dir [string trim $dir ,]
# starte das backup-administrationsprogramm
spawn /usr/sbin/nsradmin -s backupserver
expect "nsradmin>"
send ". type : NSR client;name:dummyr"
expect "nsradmin>"
send "update save set: $dirr"
expect "Update?"
send "Yr"
expect "updated resource"
send "quitr"
exit 0
------------------------------
------------------------------
#!/usr/bin/expect
# starte das backup-administrationsprogramm
spawn /usr/sbin/nsradmin -s backupserver
expect "nsradmin>"
send ". type : NSR client;name:dummyr"
expect "nsradmin>"
send "update save set: /tmp/yr"
expect "Update?"
send "Yr"
expect "updated resource"
send "quitr"
exit 0
---------------------------------
nice Stop – Sign
July 4th, 2009looks like CDU has been hacked : http://www.cdu-bundestag.de/
shows a nice Stop-Sign 🙂
Actually, it isn’t hacked: cdu-bundestag.de (same as spd-bundestag.de) is a hoax;
it never belonged to the party.
New Honeypot
June 16th, 2009The nepenthes-teammembers have been busy working on a new (low interaction) honeypot.
The name dionaea is taken from another carnivore. Here is the link to the project-homepage. Sounds interesting, since it is written in C with python-modules attached.
FTC shuts down pricewert
June 5th, 2009The FTC shuts down a rogue Provider known for hosting phishing and malware sites.
Good Job! Story
torpig powned
May 5th, 2009Elvis still alive!
April 22nd, 2009Elvis has an E-Passport 🙂 Look at the video at
the thc epassport page.