2010
07.18

Interesting scanner

Category: Everything / Tag:  / Add Comment

I know I’m probably the only one in this island that thinks this as interesting, but nevertheless…

It’s normal for the web server to get scanned by other “inquisitive” people/machines/bots, but this tool looks pretty interesting…  Will dig deeper into this later.

The scanners typically try to detect whether I’m running certain vulnerable versions of web apps for them to exploit.  So when the web app does not exist, guess what happens? ;)

This particular scan was interesting, because of the user agent field.  Check it out:

200.6.121.56 – - [17/Jul/2010:14:51:06 +0800] “GET /roundcubemail-0.1//bin/msgimport HTTP/1.1″ 404 136 “-” “Toata dragostea mea pentru diavola
200.6.121.56 – - [17/Jul/2010:14:51:06 +0800] “GET /bin/msgimport HTTP/1.1″ 404 136 “-” “Toata dragostea mea pentru diavola”
200.6.121.56 – - [17/Jul/2010:14:51:06 +0800] “GET /wm//bin/msgimport HTTP/1.1″ 404 136 “-” “Toata dragostea mea pentru diavola”
200.6.121.56 – - [17/Jul/2010:14:51:06 +0800] “GET /webmail//bin/msgimport HTTP/1.1″ 404 136 “-” “Toata dragostea mea pentru diavola”
200.6.121.56 – - [17/Jul/2010:14:51:06 +0800] “GET /webmail2//bin/msgimport HTTP/1.1″ 404 136 “-” “Toata dragostea mea pentru diavola”
200.6.121.56 – - [17/Jul/2010:14:51:05 +0800] “GET /rms//bin/msgimport HTTP/1.1″ 404 136 “-” “Toata dragostea mea pentru diavola”
200.6.121.56 – - [17/Jul/2010:14:51:05 +0800] “GET /roundcubemail//bin/msgimport HTTP/1.1″ 404 136 “-” “Toata dragostea mea pentru diavola”
200.6.121.56 – - [17/Jul/2010:14:51:05 +0800] “GET /mail2//bin/msgimport HTTP/1.1″ 404 136 “-” “Toata dragostea mea pentru diavola”
200.6.121.56 – - [17/Jul/2010:14:51:05 +0800] “GET /mail//bin/msgimport HTTP/1.1″ 404 136 “-” “Toata dragostea mea pentru diavola”
200.6.121.56 – - [17/Jul/2010:14:51:04 +0800] “GET /mss2//bin/msgimport HTTP/1.1″ 404 136 “-” “Toata dragostea mea pentru diavola”
200.6.121.56 – - [17/Jul/2010:14:51:04 +0800] “GET /rc//bin/msgimport HTTP/1.1″ 404 136 “-” “Toata dragostea mea pentru diavola”

If anyone knows more about this particular scanner, feel free to comment and share!

Edit (19 Jul): it seems that I’ve joined the ranks of those who’ve been scanned one way or another.  Apparently it is in Romanian, meaning “All my love for the devil”.

2010
07.14

More automation needed

Category: Everything / Tag:  / Add Comment

Although I’ve managed to configure the server such that there’s a fair amount of automation for appropriate tasks (phone homes, automated monitoring and basic defenses), the time needed daily to monitor/maintain it still adds up…and is unreasonable collectively.

Looks like I’ll have to look into further automating some of the tasks…

2010
07.12

The right to do something doesn’t necessarily mean that doing something is right

Category: Everything / Tag:  / Add Comment

Everyone likes “clever phrases”, but since it helps us to remember…

Came up as a summary statement of sorts in the sermon for 1 Cor 8-9. To sharpen the meaning further it probably could be “The right to do something does not necessarily mean that doing it is good for others”, but that certainly isn’t as memorable :P

It is a tough thing to do, alright.