Into.the.Void.

This post is about a friend who had a faulty (firmware bug) hard disk replaced by Seagate…

A few months ago she bought a Seagate Barracuda 7200.11 500 GB loaded with firmware SD15. This specific firmware is known to be buggy and Seagate has provided a firmware upgrade for them, but of course she had no idea about that bug. Everything was OK until one day, suddenly, the BIOS couldn’t detect the disk. It didn’t take her long to find out the cause of the problem…

After several failed attempts to upgrade her firmware following the instructions placed at Seagate’s site she decided to send her disk to Greek companies that specialized on data recovery. One of them broke the seals of her disk but failed(!!) to do anything else. The other companies, asked a serious amount of money, 200-1000 Euros(!!!) in order to handle her case/take a preliminary look at the disk.

Fed up with those companies she finally decided to contact Seagate herself and she was given instructions via telephone to complete the online application form for technical support and data recovery.

The very next day, a courier took her disk, delivered it to Seagate Labs at Amsterdam and within a week, she had her disk brought back, totally repaired, with all her data intact(!!). Everything was free and her data was saved.

So the next time you have a hard disk problem, especially if it is a Seagate disk, contact Seagate before contacting these “specialized data recovery companies”. sigh.

Filed by kargig at 11:06 under General, Greek, Internet
Tags: barracuda 7200.11, bios, bug, crash, data recovery, firmware sd15, hard disk, recovery, sd15, seagate
4 Comments | 323 views

A friend’s site was recently hit by the massive infections/hacks on Dreamhost’s servers, so I decided to do some scanning on some servers that I administrate for base64_decode references.

The simple command I used to find suspect files was:
# find . -name \*.php -exec grep -l "eval(base64_decode" {} \;

The results could be sorted in just 2 categories. Malware and stupidity. There was no base64_decode reference that did something useful in any possible way.

The best malware I found was a slightly modified version of the c99 php shell on a hacked joomla installation (the site has been hacked multiple times but the client insists on just re-installing the same joomla installation over and over and always wonders how the hell do they find him and hack him…oh well). c99 is impressive though…excellent work. I won’t post the c99 shell here…google it, you can even find infected sites running it and you can “play” with them if you like…

And now comes the good part, stupidity.
My favorite php code containing a base64_decode reference that I found:

$hash  = 'aW5jbHVkZSgnLi4vLi';
$hash .= '4vaW5jX2NvbmYvY29u';
$hash .= 'Zi5pbmMucGhwJyk7aW';
$hash .= '5jbHVkZSgnLi4vLi4v';
$hash .= 'aW5jX2xpYi9kZWZhdW';
$hash .= 'x0LmluYy5waHAnKTtl';
$hash .= 'Y2hvICRwaHB3Y21zWy';
$hash .= 'd2ZXJzaW9uJ107';
eval(base64_decode($hash));

Let’s see what this little diamond does:

% base64 -d 
aW5jbHVkZSgnLi4vLi4vaW5jX2NvbmYvY29uZi5pbmMucGhwJyk7aW5jbHVkZSgnLi4vLi4vaW5jX2xpYi9kZWZhdWx0LmluYy5waHAnKTtlY2hvICRwaHB3Y21zWyd2ZXJzaW9uJ107
include('../../inc_conf/conf.inc.php');include('../../inc_lib/default.inc.php');echo $phpwcms['version'];

So this guy used a series of strings which all of them together create a base64 encoded string in order to prevent someone from changing the version tag of his software. That’s not software, that’s crapware. Hiding the code where the version string appears ? That’s how you protect your software ? COME OOOOON….

Filed by kargig at 01:36 under Internet, Linux, Privacy
Tags: base64_decode, crapware, hack, joomla, Linux, malware, php
No Comments | 684 views

I’ve recently moved from Thessaloniki to Athens, Greece and of course the very first thing I had to do was to find a new house. To make my life easier (?) I tried to go a bit techie on that. Using tools/sites on the web and my Android. And here’s what I did and what I used for anyone who might be interested.

First of all I found some sites with real estate listings. The ones I found/used/tried to use were: Χρυσή Ευκαιρία, Rento, Spitogatos and aggelies ta nea.

Each one though has it own benefits and problems, apart from some who only have problems.
Aggelies Ta Nea:
pros
None. I can’t find anything innovative about this site.
Cons
i) It has very few listings of places to rent in the areas I liked (downtown Athens).
ii) It is full of listings by real estates agents who ask you as payment one full rent if they manage to find you a house.
iii) There’s no map showing where each house is.
iv) There are pics of very very few houses in the listings.

Spitogatos:
Pros:
This site has a really neat feature, price per square meter. It’s quite nice to have the site calculate it for you.
Cons:
i) It has very few listings of places to rent in the areas I liked (downtown Athens).
ii) It’s default drop down price filtering boxes are a bit weird. It goes from 150->200->300->500->750>1000 Euros. So if I choose a price range of 300-500 euros I get a url like this:

http://www.spitogatos.gr/gr/search/results/residential/rent/r100/m2011m/nd/all/300/500/nd/85/nd/nd/nd/nd/nd/nd/nd/nd/all/rankingScore_desc

If I change it to:

http://www.spitogatos.gr/gr/search/results/residential/rent/r100/m2011m/nd/all/350/450/nd/85/nd/nd/nd/nd/nd/nd/nd/nd/all/rankingScore_desc

I get exactly what I wanted.
Having drop down boxes might be fine for some people, but they don’t let me be as specific as I would like. A form to fill the price range by hand would be a lot more useful for me.
iii) There’s no map showing where each house is.

Rento:
Pros:
i) Rento is the most innovative site I found. Every house listing is on google maps and you can access its details by just clicking on a house.
ii) It also features a VERY innovative search bar. You actually type a sentence about the house you would like and it searches for it.
iii) Each listing has pictures
iv) You can contact the owner by email
v) There’s an option to note each listing you like so you get something like “bookmarks”.

Cons:
i) It has very few listings of places to rent in the areas I liked (downtown Athens).
ii) The search bar did not have a negation clause. You can’t search for “not something”. So since I didn’t want a ground flour house, I couldn’t filter them out.
iii) The search bar would sometimes filter more than you asked for. If I searched for a price range of 350-450 and got some houses, then if I search for a 40-60 sq. meters I got some others. If I searched for both the price range and the sq. meters I got very very few results.
iv) Many of the listings were quite outdated. Places had been rent weeks ago and the listings were still on the site. (I guess that’s a problem with real estate sites…owners don’t tell the sites whether the house has been sold/rented when that happends).
v) There’s no way to see the most recently placed listings.

The awkward thing about Rento was that I met the people who manage it in a Ruby meeting in Athens one week after I got the house. They were aware of these problems and they said that they have already corrected them and will push their changes to the site very soon. I sure hope so because the site is definitely worth it.

One suggestion for rento would be to have an option to export as kml the “bookmarked” houses.

Χρυσή Ευκαιρία:
Pros:
i) Many many houses listed.
ii) The filtering for the search works very well.

Cons:
i) Very few pics of the houses (if any)
ii) Not every house is listed on a map
iii) In order to get the owner’s telephone you have to send an sms, or call a number and pay some amount of money.
iv) Not every house has an address listed.

I ended up using Χρυσή Ευκαιρία due to it’s massive database with listed houses. I tried to use rento and spitogatos but I just couldn’t find what I wanted. (Maybe I’ll get luckier when I’ll try to move to a new house.)

I then created an unlisted google map called “new houses” and started placing marks on the houses from Χρυσή Ευκαιρία that I liked, sorted by date of last update, and were placed on a map in the site. Then I started calling the owners of the rest to find out where they were. If they were in a place that I liked I made an appointment to go and check the house.
I placed all the appointments at the “TagToDo List” application for my android.
Unfortunately I couldn’t use the “My maps Editor” by Google on my android due to some bug it stopped connecting to google maps. It would be really useful to have this app because I could have all the places I placed on “new houses” and have them with me. Instead I had to print the maps with the marks on them.

Finally in order to walk around the city and not get lost I used the Rmaps application. It’s so much better than the standard google maps because you can get many different maps, and with the addition of GPS Status you can copy paste your exact location to any notes applications you might be using on android to track new houses you find while walking.

Filed by kargig at 10:37 under Internet
Tags: aggeliestanea, Android, athens, gps, gps status, house, real estate, rento, rmaps, spitogatos, tagtodo list, xe, Αθήνα, σπίτι, χρυσή ευκαιρία
2 Comments | 850 views

Six months after my original post on the creation of Greek Adblock Plus filter, the filter is finally added on the official subscription list thanks to Wladimir Palant.
Apart from Adblock Plus add-on for Firefox/Iceweasel/etc, the filter is also usable by the AdThwart extension for Google Chrome/Chromium

Until today the list peaked at 70 subscribers…I hope this will make more people trust my filter list and reach at least 100 subscribers.

As a sidenote, my RBL for Greek spam has moved to a new, better server thanks to a very kind person who donated it and some people administering mail servers have already added it to their spam filters. Since the original announcement the RBL jumped from 500 reqs/min to 2000 reqs/min.

Filed by kargig at 16:19 under Internet, Networking, Privacy
Tags: adblock, adblockplus, ads, antispam, grrbl, spam
4 Comments | 1,483 views

It’s been some months now that I’ve started collecting some IP addresses of well known Greek spammers and I’ve put them on an DNSBL. I’ve named this list GrRBL. The software I use to run the list is rbldnsd.

The list is strictly moderated by me and only me and I try to be very selective on hosts I add to the list. The list contains hosts not only in .gr zone but also “foreign” hosts used to send spam messages either in Greek language or of Greek interest.

There’s a minimalistic guide on using it with spamassassin, exim, sendmail and postfix on GrRBL’s website. There are currently no statistics and no public listing of IPs in the blacklist. If there’s enough demand for statistics I might create some.

There’s also NO automatic deletion support, once an IP is in the list there’s no automatic way out. Since I am the only one adding IPs to the list, I am also the only one removing them, manually of course.

Even though I use GrRBL in all of the mail servers I own/manage, still I consider the service as beta. I don’t think it’s ever going to eat your emails, but you are still the only one responsible if this happens.

To submit new spam messages for inclusion please send me an email with FULL headers of the spam message to grrbl [at] void [dot] gr and I will try to take a look at it as soon as possible.

If you use it, or plan to, please leave a comment or even better, submit some spam messages so the list gets bigger and better.

P.S. In case you wonder, yes the list contains the IPs of the notorious sofokleous10 spammer.

Filed by kargig at 15:48 under Internet, Linux
Tags: antispam, blacklist, dnsbl, email, exim, grrbl, postfix, rbl, sendmail, spam, spamassassin
10 Comments | 1,553 views

We have been talking with Patroklos (argp of census-labs.com) about going to a CCC event for years. This year though we were determined. So on late September 2009 we booked our flight tickets to Berlin. A couple of weeks later some other friends expressed their wish to come with us. So in the end me, Patroklos, huku and SolidSNK (of grhack.net) and Christine formed up a group to visit 26c3 Here Be Dragons. Another group of Greeks also came to 26c3, among them Ithilgore, xorl, sin , gorlist and one more that I have no idea who he was, sorry

After a canceled flight on the 26th of December due to fog on SKG airport we finally flew on the 27th and went to Berlin. After arriving there we immediately went to the hotel we had booked and then straight to the Berliner Congress Center where the 26c3 was taking place.

BCC is an excellent conference center, nothing close to anything I have ever seen in Greece. It looks great both from the outside and from the inside. When we entered BCC we saw a huge number of diverse people. You could see and feel the difference with all the other IT conferences. People were very relaxed, very talkative and extremely friendly. What makes CCC so special is it’s community. There were soooo many CCC volunteers inside the BCC willing to help you with any information you might need. More on that later on…

After paying just 80€ for the whole conference, 4 days, we started walking around the ground floor. There were many information desks of various projects, free PCs to use (loaded with Ubuntu), the huge lounge which included a bar for food and drinks with lots of seats for people and 2 rooms for presentations. On the upper floor there were many more projects and another large room for presentations.

What made BCC so lively were all these projects around the presentation rooms. There were always hundreds of people sitting outside of the presentation rooms hacking on their projects, discussing with other people, selling merchandise, etc. Because it was our first time in the conference we were not experienced enough to use our time wisely between the lectures so I only managed to visit very few projects, Cacert, Gentoo and Debian. I am sure that there were people who did not attend any lectures at all and just sat all day at their projects’ infodesk.

Before I continue with the presentations we went to I want to make a note about volunteers again. Volunteers at 26c3 were called angels and they did an EXCELLENT job. They would not allow you to sit wherever you liked at a lecture, they would try to find you a seat or they would put you on a place where you could stand without blocking others. Nobody was allowed to sit at the corridors, nobody. Everything was in order and I never ever heard a single person complain about angels’ policy. They were strict and firm on one hand but helpful, fair and polite on the other. They were probably the best volunteers I have ever faced anywhere. All of them were carrying an ID and a DECT phone on them to cooperate with other angels (oh yes, the conference had it’s own DECT network…AND it’s own GSM network!!!) Funny quote: Angels at the entrance and exit doors wore t-shirts that wrote “Physical ACL”, heh.

The very first presentation we attended was “Here Be Electric Dragons“, and then we moved to see “Exposing Crypto bugs through reverse engineering“. After a break we tried to go to the “GSM: SRSLY?” lecture but it was SOO full that we were not allowed to go inside the presentation room. So we went to the “Tor and censorship: lessons learned” presentation which was more interesting than I expected. The final talks we saw on the first day were: “UNBILD – Pictures and Non-Pictures” which was in German and of course “cat /proc/sys/net/ipv4/fuckups“. Since none of us spoke German there was no urge to see the UNBILD lecture, but as we painfully understood by not being able to even enter the presentation room for the “GSM: SRSLY?” lecture, you have to go a LOT earlier to see a good lecture. We definetely wanted to see fabs lecture so we went there an hour earlier to find some seats. By the way, outside of the presentation rooms were TVs with live streaming from inside for people who couldn’t go inside or for people who didn’t want to. As I said earlier a lot of people preferred sitting at their projects’ infodesk and watched the streams of the presentations.

On the next day we saw: “Milkymist“, “Advanced microcontroller programming“, “Fuzzing the Phone in your Phone“, “Defending the Poor, Preventing Flash exploits“, “Haste ma’n netblock?” and “SCCP hacking, attacking the SS7 & SIGTRAN applications one step further and mapping the phone system“.

On the third day just “Playing with the GSM RF Interface“, “Using OpenBSC for fuzzing of GSM handsets” and “Black Ops Of PKI” since we decided to do some sightseeing as well

Finally on the last day we went to “secuBT” and from that to another German lecture about a distributed portscanner called Wolpertinger that replaced a canceled lecture on IBM AS/400. Afterwards we went to the realtime English translation stream of “Security Nightmares” and to the “Closing Event“.

I had a really great time and I certainly want to be there again next year. If I manage to go there again though I will try take a lot more days off work so I can visit many more places around the city. The whole event was excellent, the organization was almost perfect and the people who contributed to it deserve a huge applaud, especially the angels.

Congratulations to all.

Necessary pics:

P.S. I don’t want to go into specific details about the lectures I attended. Some were REALLY good, some were average and some were totally boring. If you follow the news you already know which streams of lectures you should certainly download and see. You can find every lecture on CCC’s FTP server.

P.S.2 What a great wiki for an event…I was amazed by the amount of information one can find in there…

P.S.3 To Greeks only…please download the closing event presentation to see how we should start organizing events. Just check on the efforts of the people who contributed to the 26c3 event. I don’t want to write anything more about this issue because the difference with any Greek event I’ve ever attended to, or even the mentality of the people attending “our” events is SO SO SO HUUUUGE that it makes me really sad. I hope that this might fire up something. If more Greeks attended events organized abroad then maybe one day we might get more serious about our events as well.

Filed by kargig at 15:41 under Internet, Linux, Networking, Privacy
Tags: 26c3, bcc, Berlin, cacert, ccc, conference, debian, dragons, Gentoo, germany, hack, here be dragons, ubuntu
12 Comments | 2,115 views

If you have adblock enabled and you try to visit any url of www.archivum.info you will get a really nasty alert saying:

You Are Using Adblock Plus or some other advert blocking software! Archivum.info relies on advertising for revenue. Please add www.archivum.info to your ad blocking whitelist or disable ad blocking when you visit www.archivum.info.

When I first saw this I laughed…and then I tried to find a way to bypass it.
I used curl to see the sites html code:

$ curl -v www.archivum.info
curl -v www.archivum.info 
* About to connect() to www.archivum.info port 80 (#0)
*   Trying 69.147.224.162... connected
* Connected to www.archivum.info (69.147.224.162) port 80 (#0)
> GET / HTTP/1.1
> User-Agent: curl/7.19.5 (i486-pc-linux-gnu) libcurl/7.19.5 OpenSSL/0.9.8k zlib/1.2.3.3 libidn/1.15 libssh2/1.2
> Host: www.archivum.info
> Accept: */*
> 
< HTTP/1.1 200 OK
< Date: Tue, 17 Nov 2009 11:24:22 GMT
< Server: Apache
< Last-Modified: Mon, 16 Nov 2009 08:41:17 GMT
< Accept-Ranges: bytes
< Content-Length: 9392
< Vary: Accept-Encoding
< Content-Type: text/html
< 
<html>
<head>
<title>archivum.info - The Internet archive.</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<script type="text/javascript">var disabled = false;</script><script type="text/javascript" src="http://www.archivum.info/js/adblocker_probe.js?
site=http://googlead.foobar.tld/"></script><script type="text/javascript">if (disabled == false) { location.replace("http://www.archivum.info/denied");
alert("You Are Using Adblock Plus or some other advert blocking software! Archivum.info relies on advertising
for revenue. Please add www.archivum.info to your ad blocking whitelist or disable ad blocking when you visit
www.archivum.info.");}</script></head>

[snip]

Here’s how this site blocks Adblockplus: there’s a variable called disabled set to “false” then if a js (http://www.archivum.info/js/adblocker_probe.js) runs it sets disabled to “true” . The hint is that adblockplus blocks urls starting with “googlead.” so it won’t visit “http://www.archivum.info/js/adblocker_probe.js?site=http://googlead.foobar.tld/” and the variable will remain “false“. Then the alert pops up.

The solution is very simple, just add an exception to your local AdblockPlus rules, AdblockPlus Preferences -> Add Filter:
@@|http://www.archivum.info/js/adblocker_probe.js?site=http://googlead.foobar.tld/

So firefox, visits the js url, disabled becomes “true” you are allowed to continue browsing the site and AdblockPlus continues blocking all blockable items.

Filed by kargig at 14:14 under Internet, Linux
Tags: adblock, adblockplus, alert, archivum.info, block ads, curl, firefox, javascript, Linux
No Comments | 1,132 views

The following configs can be used when you have either Vodafone Mobile Internet or Cosmote Internet on the Go or both 3G USB sticks and you want to connect to the 3G Internet (in Greece) while using Linux. I’ll provide two ways to connect to 3G, the command line way using wvdial and the GUI way using umtsmon.

1) Using wvdial
Create /etc/wvdial.conf:

[Dialer Defaults]
New PPPD = yes
Dial Command = ATDT
Dial Attempts = 1
Modem = /dev/ttyUSB0
Modem Type = Analog Modem
ISDN = 0
#commented out see the comments on the post.
#Baud = 460800
Username = user
Password = pass
Init1 = ATZ
Init2 = AT&F E1 V1 X1 &D2 &C1 S
[Dialer cosmote]
Phone = *99#
Stupid Mode = 1
Init3 = AT+CGDCONT=1,"IP","internet"
[Dialer vodafone]
Phone = *99#
Stupid Mode = 1
Init3 = AT+CGDCONT=1,"IP","internet"
[Dialer vfPIN]
Init4 = AT+CPIN=1234
[Dialer cmPIN]
Init4 = AT+CPIN=5678

WARNING: You HAVE to change the PINs on the last part of the config

To connect to Cosmote, plug in the usb stick:

# wvdial cmPIN
# wvdial cosmote

To connect to Vodafone, plug in the usb stick:

# wvdial vfPIN
# wvdial vodafone

2) Using umtsmon
Connection->Manage Profiles and create the necessary profiles with settings that look like these:

Username and Password does not really matter. Enter something like User/Pass or Username/Password.

Both versions tested on Debian and Gentoo and they are working just fine.

If someone has the Wind ADSM settings please provide them as a comment so I can complete the post with all three Greek 3G providers.

References: List of AT commands

Filed by kargig at 21:38 under Gentoo, Internet, Linux
Tags: 3G, cosmote, debian, Gentoo, Internet, Linux, umtsmon, vodafone, wvdial
8 Comments | 5,913 views

I’ve decided to start a filter for adblock plus to filter out advertisements from Greek sites.

You can find more information on subscribing to the filter on the page: Greek adblock plus filter.

I started the list a long time ago with some personal filter for sites I visit the most. In order to enrich the list I searched and found a list with the supposedly “top 50″ greek sites (regarding traffic), so I visited them and started adding filters to reduce the ads on them.

I warn you though, the filters are a bit strict…and I don’t like flash ads…I really don’t. I hope you like the list.

Please contact me, by email or by commenting on Greek adblock plus filter page to add your own custom filters to the list.

Filed by kargig at 23:46 under Internet
Tags: adblock, adblock plus, ads, filter, firefox, Internet, web
4 Comments | 4,234 views

I’ve written a small perl script to parse random entries from the extremely usefull commandlinefu.com website. Quoting from their site:

Command-Line-Fu is the place to record those command-line gems that you return to again and again.

The script code is very “clean”. I can almost say that it’s written in a very python-ish way.
Sample output:%./cfu.pl
CMD: for (( i = 0; i < 100; i++ )); do echo "$i"; done
URL=http://www.commandlinefu.com/commands/view/735/perform-a-c-style-loop-in-bash. Title=Perform a C-style loop in Bash.
Description: Print 0 through 99, each on a separate line.
%./cfu.pl
CMD: rsync -av -e ssh user@host:/path/to/file.txt .
URL=http://www.commandlinefu.com/commands/view/20/synchronise-a-file-from-a-remote-server Title=Synchronise a file from a remote server
Description: You will be prompted for a password unless you have your public keys set-up.

You can get it from here: commandlinefu.com random entry parser perl script

As far as I’ve tested, it works out of the box on default perl installations of Debian, Gentoo and Mac OS X.

Filed by kargig at 01:28 under Gentoo, Internet, Linux, MacOSX
Tags: commandlinefu, debian, Gentoo, MacOSX, oneliner, parse, perl, script
3 Comments | 843 views

The Problem
To sum it up, the case is this: many many many web applications were programmed so that they used latin1 collation for their fields inside mysql databases. But most users now use utf8 from within their browsers. What happens is that utf8 characters are getting stored inside latin1 fields, which in return produces chaos! A huge web application that used that kind of madness was Wordpress. Luckily (or not) Wordpress now uses utf8 everywhere. I’ve known many many many people that got so frustrated when they tried to move from their old Wordpress installation to a newer one because all their greek posts couldn’t be exported “easily”, I won’t say “properly” because there are always solutions to problems like this, but all the solutions were not straightforward at all, that they finally dumped the idea of moving the posts and started a new blog.

This is a HUGE problem for many greek (and not only) users and I hope I now have an elegant(?) solution to it.
(more…)

Filed by kargig at 21:14 under Greek, Internet, Linux
Tags: bash, convert, Greek, latin1, mysql, sed, utf8, wordpress
18 Comments | 4,034 views

Today I had a very unpleasant surprise with my Vodafone Mobile Connect on Mac OS X. After a normal laptop standby, the application refused to open. Upon starting the application it peaked at 100% cpu usage but no gui ever appeared. I had to kill the application after a while…No messages at the console either. The solution was to (re)move the /Library/Application Support/nova media and /Library/Application Support/Vodafone folders to another location.

This way you lose your stats (data transfered, time used) but at least you can get back on the net…pheeeewwww

Filed by kargig at 20:37 under Internet, MacOSX, Networking
2 Comments | 1,168 views

451 CAOS Theory has a mini review of what’s going on with open source among the countries that compete in Euro 2008.
It’s quite interesting.
Here’s the link about Greece. It has quite a point…Things don’t look very promising…

Filed by kargig at 18:04 under Internet, Linux
No Comments | 724 views

When you are doing multiple ssh connections to one host there’s a way to speed them up by multiplexing them. When you open the first network connection a special socket is created and then all other connections to the destination machine pass through the first network connection and don’t open any new ones. All that is done via ControlMaster and ControlPath settings for ssh_config.

Example usage:
Inside /etc/ssh/ssh_config
ControlMaster auto
ControlPath /tmp/%r@%h:%p


Firsh ssh connection:
% ssh foobar@foo.bar.gr
Password:
Linux foo.bar.gr 2.6.20.1-1-686 #1 SMP Sun Mar 4 12:44:55 UTC 2007 i686 GNU/Linux
foobar@foo:~$


Second ssh connection:
% ssh -p 22 foobar@foo.bar.gr
Linux foo.bar.gr 2.6.20.1-1-686 #1 SMP Sun Mar 4 12:44:55 UTC 2007 i686 GNU/Linux
foobar@foo:~$

No password is asked and the connection opens up immediately.

kudos to apoikos for telling me about this neat feature in fosscomm

Filed by kargig at 11:50 under Encryption, Internet, Linux, Networking, Privacy
6 Comments | 1,001 views

Ο Δημήτρης έχει μια αρκετά καλή ανάλυση ενός attack σε ένα honeypot που έχει στήσει για πειραματισμούς. Αξίζει να του ρίξετε μια ματιά…

Επιτέλους μας την έπεσαν

Filed by kargig at 18:16 under General, Greek, Internet, Linux, Networking
No Comments | 424 views

I was reading my mails today and I bumped into some problems that Internet2 routers faced a couple of days ago with some multicast traffic sent from a host in France. Apparently the host was sending 44Mbit of traffic to a multicast group and that was more than enough to raise a very high load on some routers and cause problems to some firewalls too. Their solution was to either blacklist the host or to disable SAP listen on their routers.

To read more you can check the thread “Another SAP Storm?” from wg-multicast@internet2.edu All things related to multicast .

The same problem appeared on GrNET routers too, but unfortunately they don’t have any public archives of their exchanged mails on the problem. The only way to take a look at this problem from the GrNET point of view is to check on the GrNET router status page, click on the load of some routers and check the spike that appears on Wednesday night in the weekly graph.

Quite interesting…

Filed by kargig at 10:01 under Internet, Networking
No Comments | 413 views

This might be old news to most people but I didn’t know it…
You can use a special google url to view websites like mobiles phones do. Try this for example:
http://google.com/gwt/n?u=http://void.gr/kargig/blog/.
It’s quite useful when you want to see how your site looks like from a mobile phone or when you want to use a browser from a terminal like lynx or links (I know you don’t use these browsers but sometimes I do…)
To begin browsing in “mobile view” just go to http://www.google.com/gwt/n and all links you click afterwards will be parsed through the proxy.

And another link I liked was this: http://www.google.com/xhtml. Mobile view of google’s search.

Filed by kargig at 00:16 under Internet, Linux
3 Comments | 1,219 views

A friend of mine just ordered a macbook here in Greece. 2.4GHz CPU, 2Gb RAM, 160GB disk. No extras.
Looking at www.applestore.gr this macbook costs 1066E without tax. Tax here in Greece is 19% so the final price would be: 1294,72€
I decided to take a look at other applestores and compare the prices.
applestore.com lists it at 1299$. Using www.xe.com to convert that money to Euros: 843.403€ !! (there might be some kind of taxing missing from here. If you know something please correct me with a comment)
applestore.se lists it at SEK 11.795,00 with tax included. Using www.xe.com to convert that money to Euros: 1,266.38€
applestore.co.uk lists it at £829.00 with tax included. Using www.xe.com to convert that money to Euros: 1,049.31€
applestore.fr lists it at 1.199,00 € with tax included.
applestore.de lists it at 1.199,00 € with tax included.
applestore.it lists it at 1.199,00 € with tax included.
applestore.nl lists it at 1.199,00 € with tax included.
applestore.es lists is at 1.149,00 € with tax included.
applestore.pt lists it at 1.199,00 € with tax included.
applestore.no lists it at kr 10 390,00. Using www.xe.com to convert that money to Euros:1,304.20€
applestore.fi lists it at 1.199,00 € with tax included.

to summarize, from least expensive to most expensive (tax included):
US: 843€
UK:1049€
Spain: 1149€
Finland, France, Germany, Italy, Netherlands, Portugal: 1199€
Sweden: 1266€
Greece: 1294€
Norway: 1304€

Now, should I be happy or sad that in my country it costs a lot more than most other European countries ? It surely costs more than any other country in the Euro zone. If someone takes into account that the minimal monthly payment here in Greece is at 600€, then this macbook here in Greece costs more than 2 months of work. Shouldn’t the price be exactly the same as all other countries in the Euro zone since we are using Euros (€)? What’s the big deal with Greece ? Even the site looks different than all others.. :S

Filed by kargig at 15:00 under General, Internet
5 Comments | 2,750 views

Since I was tagged by comzeradd to show my Desktop..here it is.

To see what’s all that just click the image and check the notes of flickr.

I tag dstergiou, hsoc, stsimb and thatha

Filed by kargig at 15:05 under General, Internet
10 Comments | 690 views

Problematic Configuration:
OpenVPN server config:
dev tun
port 1194
proto udp
ca /etc/openvpn/ca.crt
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key
dh /etc/openvpn/dh1024.pem
persist-key
persist-tun
server 10.8.0.0 255.255.255.0
keepalive 10 30
client-to-client
comp-lzo
ifconfig-pool-persist ipp.txt
status /etc/openvpn/openvpn-status.log
verb 3
push "redirect-gateway"


OpenVPN client config:
dev tun
client
proto udp
persist-tun
persist-key
resolv-retry infinite
mute-replay-warnings
remote REMOTE.HOST 1194
ca /etc/openvpn/ca.crt
cert /etc/openvpn/client1.crt
key /etc/openvpn/client1.key
comp-lzo
verb 3


The problem:
Using the above config files I continuously got errors like this on the server syslog:

May 1 00:00:00 hostname ovpn-openvpn[22563]: client1/X.Y.Z.W:1194 MULTI: bad source address from client [10.10.1.11], packet dropped

where X.Y.Z.W is my public IP and 10.10.1.11 is the Lan IP of the machine that makes the connection to the openvpn server.

The solution:
OpenVPN server config:
dev tun
port 1194
proto udp
ca /etc/openvpn/ca.crt
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key
dh /etc/openvpn/dh1024.pem
persist-key
persist-tun
server 10.8.0.0 255.255.255.0
keepalive 10 30
client-to-client
comp-lzo
ifconfig-pool-persist ipp.txt
status /etc/openvpn/openvpn-status.log
verb 3
push "redirect-gateway"
client-config-dir ccd
route 10.10.1.0 255.255.255.0


Then I created the /etc/openvpn/ccd/ dir and put inside a file named client1 with the following contents:
# cat /etc/openvpn/ccd/client1
iroute 10.10.1.0 255.255.255.0


Client configuration stays the same.

All should be fine now and in your server logs you will now see entries like this:

May 1 00:00:00 hostname ovpn-openvpn[27096]: client1/X.Y.Z.W:1194 MULTI: Learn: 10.10.1.11 -> client1/X.Y.Z.W:1194

Hint: If you want your clients to be able to access the internet through the VPN tunnel you _must_ create NAT.
a typical config on a debian acting as the OpenVPN server:
# cat /etc/network/interfaces
auto lo
iface lo inet loopback
# The primary network interface
auto eth0
iface eth0 inet static
address A.B.C.D
netmask 255.255.255.0
gateway A.B.C.E
network A.B.C.0
broadcast A.B.C.255
post-up iptables -t nat -A POSTROUTING -o eth0 -s 10.8.0.1/24 -j MASQUERADE
post-up echo 1 > /proc/sys/net/ipv4/ip_forward


Filed by kargig at 11:49 under Encryption, Internet, Linux, Networking, Privacy
25 Comments | 16,683 views