2007/09/25

舊電話線

這是個非常抵死及針對性的電視廣告 :

你所選用既最大網絡商,仲用緊舊電話線做寬頻。係呀,舊電話線呀。



再看眾多的電影人物在狹窄管道後面等候進入,實在令人棒腹大笑。

2007/09/24

dd and netcat coming together

"dd" coupled with "netcat" can allow cloning an entire hard disk to another server/PC on Intranet or Internet as binary image for forensics analysis.

This is really useful and avoid the need to open the PC case to dismantle the hard disk for the binary image replication:


Forensics(192.168.1.7)% nc -l 37337 | dd of=/dev/hda

Evidence% dd if=/dev/hdb | nc 192.168.1.7 37337

2007/09/08

港島區立法局空缺補選

不要再作猜想了,我相信葉劉淑儀參選一定能穩操勝卷。何解,以她的知名度及行政經驗,加上中方陣營及民建聯全力支持,泛民主派還有誰可匹敵。到現時,論名氣,只有陳方安生可對衡,但陳方安生不屬任何民主黨派,以她打正泛民旗號一定引起內鬨。單看泛民遲遲未定出人選,也可肯定他們的選舉氣勢已是一敗塗地了。

2007/09/05

Protecting brute force attack on dovecot by fail2ban

Some bad guys tried thousand times to guess pop user account and password. I decided that brute force attacks on dovecot should be banned similar as what I had done on vsftpd. To start up the protection, the following lines are added in /etc/fail2ban/jail.conf

[pop-iptables]
# Option: enabled
# Notes.: enable monitoring for this section.
# Values: [true | false] Default: true
#
enabled = true
filter = pop
action = iptables[name=pop, port=pop, protocol=tcp]
sendmail-whois[name=pop, dest=root]
logpath = /var/log/secure
maxretry = 5

Fail2ban reported a failure on fail2ban-pop chain. The mistake was that there is no a port called pop in /etc/services. The correct name of the port should be pop3 instead of pop. What a careless mistake I had made. After revising as follows, fail2ban started successfully and attacks on dovecot were tested successfully banned :

[pop3-iptables]
# Option: enabled
# Notes.: enable monitoring for this section.
# Values: [true | false] Default: true
#
enabled = true
filter = pop3
action = iptables[name=pop3, port=pop3, protocol=tcp]
sendmail-whois[name=pop3, dest=root]
logpath = /var/log/secure
maxretry = 5