Installing Ksplice – The Easy Way
When you’ve got dozens or more CentOS boxes to install Ksplice Uptrack on, this single cut-and-paste method lets you do it in one click. Remember to replace ACTUAL_KEY with your Ksplice access key.
Author Archives Randy
Using TCPdump and Wireshark to monitor network traffic
Here are a few shortcuts for common monitoring tasks with TCPdump. I will update this post over time as new needs arise. Monitor traffic to/from a single port: tcpdump -n -i eth0 ‘port 53’ Monitor and decode traffic to/from or regarding a particular domain or IP (there may be a better way, this is quick […]
IIS6 Directory Listing Timeout with Windows Firewall
This issue comes up every so often. No matter what, even if you manually define all the passive ports in Windows firewall, add an exception for inetinfo.exe, the works, certain directory listings still hang on the client end. This issue is apparent only with the Firewall enabled — disabling the firewall allows the listings to […]
Creating Forensic Copies and Backups of Any Media
Make forensic-quality copies and backups of any type of media using free software.
Batch PHP Thumbnail Generator
Automatically create a batch of thumbnail images using PHP.
ConfigServer Firewall LFD Breaks tmpwatch on Linux servers
The issue was that old/stale tmp files are not getting cleaned by tmpwatch. This is because CSF/LFD regularly reads all tmp files scanning for trojans and other exploits, thus changing the ‘last access’ time so tmpwatch wouldn’t delete anything. I wrote a script to manually clean out session that are over 7 days old. Other […]
ASX/M3U/PLS On-Demand Playlist Generator
Auto-playlist generator for converting any PHP enabled website hosting account into an on-demand stream server.
mod_security rule for e107 ‘plugindir’ and ‘ifile’ remote include vulnerability
Here are modsecurity2 rules for the latest string of vulnerabilities affecting the E107 CMS system described in the following links: http://www.exploit-db.com/exploits/12818/ http://www.exploit-db.com/exploits/12715/ SecRule ARGS:THEMES_DIRECTORY “^http” “t:htmlEntityDecode,t:urlDecode,t:lowercase,deny,log,auditlog,msg:’Denied e107 vulnerability'” SecRule ARGS:ifile “^http” “t:htmlEntityDecode,t:urlDecode,t:lowercase,deny,log,auditlog,msg:’Denied e107 vulnerability'” SecRule ARGS:plugindir “^http” “t:htmlEntityDecode,t:urlDecode,t:lowercase,deny,log,auditlog,msg:’Denied e107 vulnerability'” SecRule ARGS:author_name “\[php\]” “t:htmlEntityDecode,t:urlDecode,t:lowercase,deny,log,auditlog,msg:’Denied e107 vulnerability'”
Remotely installing PFSense to hard drive with VGA and without CD-ROM
FreeBSD is great for certain tasks (such as firewalls and other embedded devices), but has some real shortcomings when it comes to booting from attached or remote storage. This severely complicates the installation process in some cases. In my case, I have a remote server in a rack with no CD-ROM. Pulling the server from […]
Arbitrary MIME support for aacplus streaming with libshout and perl bindings
If you want to be able to support alternative stream types (such as AACplus) using libshout-2.2.2, you’ll need a patch to add a ‘mime’ method. You can then manually set the mime-type for arbitrary stream types. I also included a minor change which sends ‘content-type’ headers to Shoutcast/ICY stream servers, which is required for Shoutcast […]