Update: this post was flagged (in June 2022) as violating Blogger's content policy (relating to Malware and Viruses). The above content has not been changed. Only this last statement has been added. Please note that the above post does not relate to Malware or Virsues.
Tuesday, June 21, 2022
More Vi Tips
Sendmail compiling for the no-server crowd
Edit /etc/mail/submit.cf so that the DS line contains the FQDN to your upstream mail server.
Example: DSmail.myisp.com
You'll also need to set root:smmsp permissions on /var/spool/mqueue.
Hope this saves someone else some time (it took a bit of reading on my part).
Update: this post was flagged (in June 2022) as violating Blogger's content policy (relating to Malware and Viruses). The above content has not been changed. Only this last statement has been added. Please note that the above post does not relate to Malware or Virsues.
- GOOGLE.XDNICE.NET
- GOOGLE.WAIKOOL.COM
- GOOGLE.TRENDYMP3.NET
- GOOGLE.TCONV.NET
- GOOGLE.SKGPUBLISHING.COM
- GOOGLE.SITNIK.NET
- GOOGLE.RU286.COM
- GOOGLE.RU
- GOOGLE.PAASEI.NET
- GOOGLE.MOLDOR.COM
- GOOGLE.MELBOURNEIT.COM.AU
- GOOGLE.MARS.ORDERBOX-DNS.COM
- GOOGLE.MADE-IN-NB.COM
- GOOGLE.IFREEBSD.COM
- GOOGLE.IE
- GOOGLE.FUTUREWORKSONLINE.COM
- GOOGLE.FR
- GOOGLE.FI
- GOOGLE.ES
- GOOGLE.EARTH.ORDERBOX-DNS.COM
- GOOGLE.DE
- GOOGLE.CYGRATIS.BE
- GOOGLE.COM.ZOMBIED.AND.HACKED.BY.WWW.WEB-HACK.COM
- GOOGLE.COM.VN
- GOOGLE.COM.UA
- GOOGLE.COM.SUCKS.FIND.CRACKZ.WITH.SEARCH.GULLI.COM
- GOOGLE.COM.PLZ.GIVE.A.PR8.TO.AUDIOTRACKER.NET
- GOOGLE.COM.MX
- GOOGLE.COM.IS.POWERED.BY.MIKLEFEDOROV.COM
- GOOGLE.COM.IS.NOT.HOSTED.BY.ACTIVEDOMAINDNS.NET
- GOOGLE.COM.IS.APPROVED.BY.NUMEA.COM
- GOOGLE.COM.HAS.LESS.FREE.PORN.IN.ITS.SEARCH.ENGINE.THAN.SECZY.COM
- GOOGLE.COM.BR
- GOOGLE.COM.AU
- GOOGLE.COLORSEE.COM
- GOOGLE.CO.UK
- GOOGLE.CO.JP
- GOOGLE.CNIELIVE.COM
- GOOGLE.CL
- GOOGLE.CHENNAIEXPRESS.COM
- GOOGLE.CH
- GOOGLE.CANT.SET.THEIR.SERVERS.TO.GENERATE.THE.TRAFFIC.LIKE.CRAWLINGCLOUT.COM
- GOOGLE.CA
- GOOGLE.ADRIANP.NET
- GOOGLE.8LEGS.NET
- GOOGLE.51-HELP.COM
- GOOGLE.NET
- GOOGLE.COM
While some of those are legitimate, many are not. I wonder how much trouble Google has defending their trademark.
Update: this post was flagged (in June 2022) as violating Blogger's content policy (relating to Malware and Viruses). The above content has not been changed. Only this last statement has been added. Please note that the above post does not relate to Malware or Virsues.
Google Maps
- Engadget article
- No Fancy Name
- Google Maps Hacking and Bookmarklets
- myGmaps
- GoogleMapsHacking (Wiki)
- GoogleMapsHacks (Wiki)
- GoogleMaps (Wiki) (an attempt to tie in TerraServer and/or a GPS)
- Movin Gmap (using a GPS, map stays centered on you as you move around)
- Mapping Google (a look at the client side "bits" for Google Maps)
- Simon Willison's thread on Google Maps and XSL
- John Udell's animation (a trip from Keen to Manchester)
- GoogleX (not Maps related but fun)
- Hexodus (a nice example of adding pics)(click on the link and then the push pins)
- Google Maps Rock, Hacking Them Rocks More
- Google Maps Standalone Mode
- Google Maps on Tivo(See? Things are going in odd directions now!)
- Mapping Hacks (tieing Google Maps to Craigslist)
There's hundreds, if not thousands of other examples. I've just run out of time to continue digging up these links.
Update: this post was flagged (in June 2022) as violating Blogger's content policy (relating to Malware and Viruses). The above content has not been changed. Only this last statement has been added. Please note that the above post does not relate to Malware or Virsues.
Building honeyd
The various code packages below are either installed via urpmi (if the package is available) or built from source code. Remember to run "ldconfig" between library installs! The URL's for all of the below was available either in the comments made by "configure" or on the honeyd site itself.
Process:
1) installed byacc, (which is required by flex) (via urpmi)
2) installed flex (which is required by libpcap)
3) installed bison (which is required by libpcap) (via urpmi)
4) installed libpcap (which is required by honeyd)
5) installed libdnet (which is required by honeyd) (see honeyd site)
6) installed libevent (which is required by honeyd) (see honeyd site)
7) installed honeyd
8) added IP address to interface via:
ifconfig eth0:1 192.168.123.10 netmask 255.255.255.255 broadcast 192.168.123.255
9) installed Mail::Sendmail from CPAN (for the smtp.pl script). Please note: had to force the install as it was hanging on a "send" test. (Note:fix later.)
10) installed Net::DNS from CPAN (for the smtp.pl script).
11) installed arpd
12) wrote a simple start-up script consisting of:
#!/bin/sh
killall honeyd
killall arpd
arpd -i eth0:1 192.168.123.10
ifconfig eth0:1 inet 192.168.123.10 netmask 255.255.255.0 broadcast 192.168.123.255
honeyd -l log.honeyd -f honeyd.conf -i eth0:1 192.168.123.10
13) ran ./run-honyd (the start-up script above)
Comments:
1) The libevent site has some links to some other interesting projects.
Update: this post was flagged (in June 2022) as violating Blogger's content policy (relating to Malware and Viruses). The above content has not been changed. Only this last statement has been added. Please note that the above post does not relate to Malware or Virsues.
A new algorithm
I'm thinking that it's time to get off of Google services. I just received a number of emails from Google, announcing that five of my posts (from as far back as 2004) have been unpublished because they were related to malware and viruses. The titles of those posts:
- More VI Tips - this was just a pointer to someone else's web site, which no longer exists
- Sendmail compiling for the no-server crowd - explains what you need to edit before compiling the sendmail.conf file
- Google - this was basic research on someone who was spamming my comment section
- Google Maps - provided links to sites that explained how to add annotations to Google Maps
- Building honeyd - discussed some of the problems that I'd experienced while attemtping to compile a honeypot (a defensive tool)
The short version: none of these posts discussed malware or viruses. If these flags were implemented manually, HR needs to take a look at the resume of whomever flagged these posts. If it was an algorithm (more likely), Google needs to disable that algorithm and review the logic employed in it.
I don't know about anything nowadays, but we learned in the early 00's that keyword searches have a high false positive rate. My favorite example: blocking the Virginia educational system because the url has "virgin" in it (yeah, that was a $17B project that did that).
In short, I'll fight this once. The more likely event will be that I move the blog off of Google and onto a less buggy platform.