pingd.org

UDP Denial of Service: Difficulty In Mitigation

Posted on May 2, 2015 by pingd

Today I ran a workshop with our newest network administrators; Our topic was denial of service mitigation. We currently utilize Arbor Peakflow Threat Management System to detect and scrub inbound attacks. Arbor is a phenomenal system capable of amazing performance. With the right tuning, templates and bandwidth it’s virtually handsfree. However some motivated attackers manage to sneak through occasionally. My goal was to educate our team on the nature of denial of service attacks and manual operation of the Arbor system. The ultimate goal was sparking interest in security while ensuring our newest members can think on their feet when Arbor’s magic runs out. Through the workshop I escalated my attacks in terms of difficulty rather than volume. I didn’t stick to a concrete lesson plan when it came to crafting the attacks, instead I adapted my attacks to their reactions much like a real determined attacker would. Continue reading →

Posted in Bash One-Liners, Linux Guides, Network Security | Tagged arbor networks, arbor peakflow, arbor peakflow threat management system, arbor tms, attack vector, blacklist, datagram, ddos, ddos mitigation, ddos protectiond, ddos scrubbing, denial of service, distributed denial of service, dos, dos scrubbing, drdos, flood protection, hping, hping2, hping3, netadmin, netops, network administration, packet, payload, peakflow, stateless protocol, synflood, threat management system, udp flood, udp packet, udpflood, whitelist, zombie detection | Leave a comment

Deleting Files with Broken Windows File Permissions

Posted on April 23, 2015 by pingd

I’ve encountered this issue several times on windows VMs (sadly need a few still) where modern versions of Windows, i.e. Windows 8 will occasionally prevent you from deleting a directory. One was a directory an installer created, in this case Open Office, which was not cleaned up due to a VM crash during the install process. The file was showing ownership set to my regular user account. However the user could not delete the file, Windows would simply say I have to get permission from myself to delete it. I tried logging in as Administrator and assigning ownership to Administrator via the Advanced menu in the Security tab of the file properties. At this point windows would still tell me I need the non-Admin user’s permission to delete it (wtf, I’m admin…) and would now tell the regular user I need Admin’s permission to delete it. Basically windows has become the operating system equivalent of the DMV or any other government operation with an added touch of dementia.

I found the following commands as Administrator from command prompt solved my issue:

takeown /f "C:\Users\myusername_000\Desktop\OpenOffice 4.1.1 (en-US) Installation Files" /r /d y
icacls "C:\Users\myusername_000\Desktop\OpenOffice 4.1.1 (en-US) Installation Files" /grant administrators:F /t

After that I was able to right click and delete the directory without issue as Administrator. Overall it’s pretty crappy that windows can’t work out file ownership/permissions. This is something that has worked on Unix and Linux, without issue, since as long as most of us can remember.

Posted in Misc Technology | Tagged can't delete, can't delete file, can't delete files, can't delete folder, file permissions, uac sucks, windows 8, windows 8 sucks, windows can't delete, windows can't delete folder, windows sucks | Leave a comment

HOWTO: Compiling, Installing & Configuring Netatalk 3.1.7 on CentOS 6.6 x86_64 for Storage & Time Machine

Posted on March 1, 2015 by pingd

I’ve struggled to improve Samba (SMB) performance between my Mac Pro (Late 2013) running OS X Yosemite 10.10.2 and my CentOS 6.6 Linux server. The server has a large ZFS share with all my backups and archives as well as various KVM instances running off SSDs. My Mac Pro absolutely must access that ZFS share reliably and it would be nice if my two Mac Books were able to as well. I have a lot of experience with SMB and I’ve never had much trouble working with Linux servers and Windows clients. On OS X however I’ve never had any luck, the connectivity is slow, buggy and generally unreliable.

Tonight I decided to install Netatalk, latest version on my CentOS server from source code. Below is the documentation of the procedure I followed and any outcome I was able to document.
Continue reading →

Posted in Linux Guides, OS X | Tagged afp, afpd, apple filing protocol, centos, linux, mac, netatalk, nfs, os x, osx, samba, san, smb, storage, yosemite, zfs | Leave a comment

Instant Search Is So Freaking Stupid

Posted on December 9, 2014 by pingd

Why is everyone (Google, Microsoft, etc…) implementing instant search? Personally I think instant/live “search as you type” functionality is the dumbest thing that’s come to search boxes. I can’t grasp why anyone would want to have the page refresh as they type, especially when you might be trying to type text you’re looking at on the page you’re on… I wish you could disable it everywhere, Google has gotten better about instant search, it used to be horrid, but now Microsoft and other companies have been rolling it out everywhere in their applications, including the Windows OS. Continue reading →

Posted in Misc Technology | Tagged android sucks, annoying, fuck google, google sucks, instant search is annoying, instant search is stupid, instant search sucks, live search is annoying, live search is stupid, live search sucks, microsoft sucks | Leave a comment

Generation Y Doesn’t Need Sales Pukes

Posted on September 3, 2014 by pingd

The 1990s truly launched us into information age as we know it today. The world saw the internet reach critical mass, it’s entrepreneurs, investors and the virtual gold rush known as the dot-com bubble. The internet was told to have unfathomable wealth for those who could attain it. Unfortunately few entrepreneurs understood the internet and how it can be monetized.

This leads us to today. A world where being disconnected from the internet is seen as a human rights violation. A truly remarkable market is before us. A market with real tangible fortunes being made. So what does this have to do with the humble sales rep?
Continue reading →

Posted in Misc Technology | Tagged dot-com, generation y, it sales, millennial, millennials, network sales, sales, sales puke, sales rep, salesman | Leave a comment

ServerTech CW Series CDU Frustrations

Posted on August 16, 2014 by pingd

Working on updating some ServerTech CDU firmware today I found that they wouldn’t connect to my fresh new FTP server. I checked my firewall, I checked my server log, and saw that they weren’t authenticating correctly:

Aug 16 16:24:56 bouncer vsftpd[26571]: pam_unix(vsftpd:auth):
authentication failure; logname= uid=0 euid=0 tty=ftp 
ruser=ftpupdate rhost=10.40.2.31  user=ftpupdate

Continue reading →

Posted in Linux Guides, Network Security | Tagged cdu, pdu, power distribution, sentry switch, servertech, tcpdump | Leave a comment

The Rise of SNMP Reflection Attacks

Posted on April 28, 2014 by pingd

A few months ago we all saw the dramatic boom in NTP reflection attacks. These attacks exceeded DNS reflection that was so common before it. At the time I was personally experiencing consistent 10 to 40+ Gbps attacks. After a while they started to die down in frequency and volume. I still see many NTP reflection attacks, but in the last week I observed a large influx of SNMP based reflection attacks. It’s not the first time I’ve seen SNMP reflection in the wild, I see a few SNMP attacks every couple of months. Personally I’ve expected SNMP attacks to increase due to the large payloads generated by poorly secured SNMP daemons. Continue reading →

Posted in Network Security | Tagged amplification attack, ddos, denial of service, dns reflection, drdos, forged packet, ntp reflection, reflection attack, snmp reflection, spoofed packet, stateless protocol, udp stateless | Leave a comment

Easiest OS X VNC Client

Posted on April 7, 2014 by pingd

Hey guys, not a long post today, but thought I’d throw out an easy little tip. I was installing some KVM guests on a CentOS 6.5 storage server and needed a VNC client for my OS X desktop. Found something neat that some of you may already know, but if not, it’s pretty cool. Continue reading →

Posted in OS X | Tagged kvm, mac, macintosh, os x vnc, safari, vnc, vnc client | Leave a comment

Permanently Disable iTunes on OS X

Posted on July 9, 2013 by pingd

So this isn’t really the normal theme for my articles. However I’ve reloaded the OS on my MacBook Pro the other day, because my factory hard drive died within 8 months of buying the MacBook. I replaced it with a 256GB Samsung 840 Pro SSD and reloaded the OS via net-install (Apple+R on boot.)

About 3-4 days later iTunes decided to open itself over and over every 20 minutes to remind me to accept it’s license agreement. I don’t use iTunes and have no need to accept the agreement, furthermore I don’t like that it pops up again immediately after I hit decline, then again 20 minutes later. Plus it runs in the background and wastes resources while trying to coax you into using it.
Continue reading →

Posted in OS X | Tagged apple, chflags, disable itunes, disable itunes forever, disable itunes permanently, itunes, itunes agreement, itunes sucks, iTunes.app, macbook, macbook pro, macintosh, mbp, os x, osx, simmutable | Leave a comment

Understanding suPHP Permissions – Why am I getting 500 Internal Server Error?

Posted on April 25, 2013 by pingd

I see this topic come up a lot with users who migrate to one of our servers or to their own setup with cPanel and suPHP. The user or their customers will install a PHP script such as wordpress, concrete5, etc… Upon testing their installation they will get 500 ISE (Internal Server Error) in their web browser, served from Apache. Many less experienced users freak out and think something is wrong with the server. The reality is that permissions or file ownership is the cause of the error in the VAST majority of cases. Continue reading →

Posted in Bash One-Liners, cPanel Guides, Linux Guides | Tagged 500 error, 500 internal server error, 500 ise, cPanel, internal server error, lamp, linux ownership, linux permissions, php 500 error, php error, php suexec, suexec, suphp, world writable | Leave a comment