Getting manufacture dates from cisco serial numbers
Tuesday, 8th October 2013
It turns out that it is in plain view other than the offset in the year value. The format is described in the text above the decoder, so you can write your own or do it in your head if you like to remember trivia like that.
Brute force for the win
Friday, 4th October 2013
If you are going to try an brute force passwords over ssh you should probably try better usernames than ferlac and gyurushop.
I wish I had logs of what sort of password ferlac and gyurushop would have.
Oct 4 14:56:15 wombat sshd: input_userauth_request: invalid user ferlac [preauth]
Oct 4 14:56:15 wombat sshd: pam_unix(sshd:auth): check pass; user unknown
Oct 4 14:56:15 wombat sshd: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.127.116.11
Oct 4 14:56:17 wombat sshd: Failed password for invalid user ferlac from 18.104.22.168 port 38348 ssh2
Oct 4 14:56:17 wombat sshd: Received disconnect from 22.214.171.124: 11: Bye Bye [preauth]
Oct 4 14:59:19 wombat sshd: Invalid user gyurushop from 126.96.36.199
Oct 4 14:59:19 wombat sshd: input_userauth_request: invalid user gyurushop [preauth]
Oct 4 14:59:19 wombat sshd: pam_unix(sshd:auth): check pass; user unknown
Oct 4 14:59:19 wombat sshd: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.8.131.52
Oct 4 14:59:21 wombat sshd: Failed password for invalid user gyurushop from 184.108.40.206 port 58955 ssh2
Defaults chosen for another era
Tuesday, 1st October 2013
I had to set up squid last week for a reverse proxy type arrangement and I was pretty amazed to see that the default config file that comes with ubuntu still has the same example memory and disk cache entries that were probably around when I first set it up in the late 90's on Slackware.
cache_mem 100 MB
cache_dir ufs /var/spool/squid3 100 16 256
100mb may have been a lot of memory way back when, but for the box I was using last week 28GB was a bit more like it. As a practical issue I was left wondering if the cache_dir entry was actually in GB and had to look it up.
Makes me wonder if everyone uses varnish or some other such new shiny these days and if there is some kind of beautiful symmetry around dinosaurs such as me using old dinosaur software like squid.
Google Adsense over SSL
Wednesday, 18th September 2013
It looks like Google have started offering adsense ads over an SSL transport in the last few days, so I've made the relatively minor change to take advantage of it.
With the scary warnings and other messages taken care of plus me finding the smaller wide format text ads I think I'm happy enough to leave them on the site.
What has happened here?
Tuesday, 17th September 2013
Some poor misguided firewall / router / voodoo packet forwarding aparatus has decided to let this packet out:
*mangle DROP: IN=eth0 OUT= MAC=00:14:85:17:09:8e:00:23:5e:7c:ba:1b:08:00 SRC=0.0.0.0 DST=220.127.116.11 LEN=76 TOS=0x00 PREC=0x00 TTL=251 ID=19777 PROTO=UDP SPT=65535 DPT=123 LEN=56
Theres a heap of drops in the logs for rfc1918 addresses, but 0.0.0.0 is a new one.
Trying to route on a Cisco ASA
Thursday, 12th September 2013
NAT, NAT sausage egg and NAT, that's not got much NAT in it.
Come back, all is forgiven
Thursday, 12th September 2013
Well Google has decided to un-disable my ads now which I suppose is better than a kick in the head.
I can't be totally sure that it was the link to the torrent site that did it because the process is very vague, they essentially give you a link to their terms and conditions and state that the violation is in there somewhere.
I'm not actually sure I want the ads anymore anyway because it is all a bit tacky looking and changing the site to https has made some browsers output scary looking messages for combining the http content of the ads in a page served up with https.
Tuesday, 10th September 2013
Google have suspended my Adsense account for 'Copyright Infringement'.
My guess after doing some more research on it is that they suddenly took offence to a link in the bookmarks section ( that had been there for the last four years at least ) to a torrent site which I won't name, but has links to obtain television in an easy manner. Pretty amazing to think that could qualify as copyright infringement.
I don't really care if they reinstate the ads or not, they kind of lower the tone a bit and mess up the page layout.