pingd.org

The Rise of SNMP Reflection Attacks

Posted on April 28, 2014 by pingd

A few months ago we all saw the dramatic boom in NTP reflection attacks. These attacks exceeded DNS reflection that was so common before it. At the time I was personally experiencing consistent 10 to 40+ Gbps attacks. After a while they started to die down in frequency and volume. I still see many NTP reflection attacks, but in the last week I observed a large influx of SNMP based reflection attacks. It’s not the first time I’ve seen SNMP reflection in the wild, I see a few SNMP attacks every couple of months. Personally I’ve expected SNMP attacks to increase due to the large payloads generated by poorly secured SNMP daemons. Continue reading →

Posted in Network Security | Tagged amplification attack, ddos, denial of service, dns reflection, drdos, forged packet, ntp reflection, reflection attack, snmp reflection, spoofed packet, stateless protocol, udp stateless | Leave a comment

Easiest OS X VNC Client

Posted on April 7, 2014 by pingd

Hey guys, not a long post today, but thought I’d throw out an easy little tip. I was installing some KVM guests on a CentOS 6.5 storage server and needed a VNC client for my OS X desktop. Found something neat that some of you may already know, but if not, it’s pretty cool. Continue reading →

Posted in OS X | Tagged kvm, mac, macintosh, os x vnc, safari, vnc, vnc client | Leave a comment

Permanently Disable iTunes on OS X

Posted on July 9, 2013 by pingd

So this isn’t really the normal theme for my articles. However I’ve reloaded the OS on my MacBook Pro the other day, because my factory hard drive died within 8 months of buying the MacBook. I replaced it with a 256GB Samsung 840 Pro SSD and reloaded the OS via net-install (Apple+R on boot.)

About 3-4 days later iTunes decided to open itself over and over every 20 minutes to remind me to accept it’s license agreement. I don’t use iTunes and have no need to accept the agreement, furthermore I don’t like that it pops up again immediately after I hit decline, then again 20 minutes later. Plus it runs in the background and wastes resources while trying to coax you into using it.
Continue reading →

Posted in OS X | Tagged apple, chflags, disable itunes, disable itunes forever, disable itunes permanently, itunes, itunes agreement, itunes sucks, iTunes.app, macbook, macbook pro, macintosh, mbp, os x, osx, simmutable | Leave a comment

Understanding suPHP Permissions – Why am I getting 500 Internal Server Error?

Posted on April 25, 2013 by pingd

I see this topic come up a lot with users who migrate to one of our servers or to their own setup with cPanel and suPHP. The user or their customers will install a PHP script such as wordpress, concrete5, etc… Upon testing their installation they will get 500 ISE (Internal Server Error) in their web browser, served from Apache. Many less experienced users freak out and think something is wrong with the server. The reality is that permissions or file ownership is the cause of the error in the VAST majority of cases. Continue reading →

Posted in Bash One-Liners, cPanel Guides, Linux Guides | Tagged 500 error, 500 internal server error, 500 ise, cPanel, internal server error, lamp, linux ownership, linux permissions, php 500 error, php error, php suexec, suexec, suphp, world writable | Leave a comment

MyISAM Repair all MySQL Databases & Tables

Posted on April 22, 2013 by pingd

So you’ve probably not made the switch to InnoDB or XtraDB yet, shame on you! But tonight your server crashed, ran out of disk space or otherwise corrupted all of your active tables across various databases. Ouch! How are we going to fix this one?

Many admins try using the myisamchk tool from shell in an attempt to repair the MYI files. This may or may not work. I generally don’t recommend it as a primary means to a repair, especially if you are going to continue running mysqld and attempting to use the crashed tables. Continue reading →

Posted in Bash One-Liners, Linux Guides, MySQL | Tagged corrupt myisam, corrupt table, database corruption, myisam, mysql, repair all tables, repair myisam table, repair mysql, repair table | Leave a comment

Reset Supermicro IPMI Password From Windows

Posted on April 12, 2013 by pingd

I recently had an issue where we lost the password for IPMI to a brand new Supermicro server. The server was running Windows 2008 STD. Not wanting to mess around rebooting the box to a livecd I had to find a solution to reset the password. This could be very useful for those of you buying a used Supermicro server or if someone fat fingers a password or logs it incorrectly into your management system. Continue reading →

Posted in Server Hardware | Tagged default ipmi password, ipmi, ipmi password, ipmi password reset, ipmicfg, ipmicfg-windows, ipmicfg-windows.exe, ipmitool, supermicro, supermicro default ipmi password, windows ipmi | Leave a comment

suPHP on CentOS 6 from Source Code

Posted on February 15, 2013 by pingd

So you’ve decided that you must run php as suPHP on your CentOS 6 based LAMP stack. This is a great idea for security on a multi-site or multi-user environment. Of course management panels like cPanel make running suPHP very easy, but what about the rest of us? Many of us do not use cPanel, perhaps because of the cost or because it’s resource intensive. Personally I like cPanel as a product, but I choose to forgo cPanel on servers requiring a high degree of security in an effort to minimize the amount of services that must be secured and updated. However I still want things like suPHP. Continue reading →

Posted in Linux Guides | Tagged centos 6, fastcgi, lamp, mod_suphp, mod_suphp.so, php, php.conf, security, source code, suphp, suphp-0.7.1, suphp.conf | Leave a comment

AWK to win friends and influence women

Posted on October 26, 2012 by pingd

AWK is a powerful tool, a language really, that every administrator needs to know. I recommend everyone read about awk and learn how to use it. It can really make your day when you need to do something, quick and dirty.

You will definitely win some friends with your awk skills, but probably not too many women ;-). Continue reading →

Posted in Bash One-Liners | Tagged /dev/urandom, awk, awk script, bash, bash script, head, linux, oneliner, onliners, scripting, substr, tolower, tr | 1 Comment

CRON ERROR: failed to open PAM security session: Protocol not supported

Posted on October 13, 2012 by pingd

Got an interesting report of an error on one of our servers. I was told crons for a user account on our server weren’t running. I tailed the cron log (/var/log/cron) and came to find these errors:

Oct 13 06:32:01 secure crond[4558]: CRON (clients) ERROR: failed to open PAM security session: Protocol not supported
Oct 13 06:32:01 secure crond[4558]: CRON (clients) ERROR: cannot set security context

Continue reading →

Posted in Linux Guides | Tagged cron error, crond, crons, hard limit, limits.conf, linux, maxlogins, pam, security, ulimit, ulimits | Leave a comment

ZFS on Linux RC10 released!

Posted on August 16, 2012 by pingd

The ZFS on linux team has released a new version of SPL and ZFS with multiple benefits to users. The new version is 0.6.0-rc10 and our guide found here is being updated now:

Installing ZFS RAID-Z on CentOS 6.2 with SSD Caching

Posted in Linux Guides | Tagged linux zfs, new zfs released, spl, zfs, zfs 0.6.0-rc10, zfs on centos, zfs on linux | Leave a comment