Archive | February, 2012

How to update NATS Aware using a Mac without losing saved routes

According to www.airspaceaware.com in order to update the NATS Aware unit using a Mac, you simply overwrite the SD card with the contents of the airspace update.

More specifically, you download the latest airspace update file which will be named something like

Airac[month][year].update

e.g. Airac0212.update

The problem

Using the above example, we rename Airac0212.update, to Airac0212.zip, unpack it, and then copy the contents of the resulting Airac0212 directory into the root of the SD card. Simple enough, but this totally destroys any saved routes on the device.

NATS Aware Routes DatafileThe solution

I found that by copying the file

/Data/User/Route

from the SD card to somewhere safe (shown opposite) – then performing the update as usual, and then finally copying my old Route file back onto the SD card, that any saved routes are preserved. I notified Airbox Aerospace of this, and they confirmed that “all seems to work fine with this process”.

Track down cross account Symlinks on Linux server

One common exploit hackers try is this to create lots of symlinks to commonly used configuration files in other user’s accounts. Every PHP based CMS has configuration files somewhere containing database passwords and the like. The hacker has a list of these commonly found files.

Once he’s hacked your account, there’s a good chance he will also be able to get a list of all linux users on the server. Then, all he has to do is look for the commonly found configuration files in each users account.

Hacker, being lazy, will just try to create symlinks to the files in question, whether they exist or not. Now, if the hacker has used a kiddie script the chances are you have already detected his attack – but just in case he’s a little more resourceful, then here’s how you can search all cpanel accounts for evidence of Symlinks to files outside of each respective cpanel account:

ls /var/cpanel/users | grep -v "\`\|\.\|cpanel\|root\|mysql\|nobody" | while read CPUSER; do find /home/$CPUSER -type l -not \( -lname "/home/$CPUSER/*" -o -lname "*rvsitebuilder*" -o -lname "[^/]*" -o -lname "/usr/local/apache/domlogs/*" -o -lname "/usr/local/urchin/*" \) ; done

Apache Directives to prevent Symlink Attacks

In WHM Main >> Service Configuration >> Apache Configuration >> Global Configuration you will find the settings for Directory “/” Options.

To maintain a more secure server, you should only tick SymLinksIfOwnerMatch and NOT FollowSymLinks. This ‘might’ break some things depending on what you are trying to do legitimiaterly, but SymLinksIfOwnerMatch will only allow Apache to follow a symlink if the target has the same owner as the symlink.

The true purpose of design

Design failure

Bad and Good DesignRegardless of the primary or secondary function of a design, bad design is always obvious, especially when you encounter it in your day to day life.

An instruction manual that makes it awkward to find essential information, a website that makes it incredibly hard to find essential information, or a fashion magazine with no glamorous pictures are all unlikely to make you a repeat customer (unless you like that sort of thing!). Read More…

Grit Free Soda Blasting

Grit Free Soda BlastingGritFree Blasting is the brainchild of Peter Wardley. Peter sought an outlet more focussed on automotive, marine and aviation restoration, with an informal, fun, yet informative approach. It all started early in 2010, but due to the popularity of Soda Blasting, Ecoblast often left us to get on with the site. This was fun in many ways as it allowed us to fit more creative work into the job at our leisure.

Baking Soda MoleculeDespite only recently going live with the website, the GritFree team had been busy throughout 2011 and the Soda Blasting examples shown in their Portfolio page demonstrate how well the process is trusted by prestige customers.

Unlike shot blasting, the GritFree process is non-destructive. It was important to emphasise this, so graphics that were originally developed for parent company Ecoblast UK Ltd were re-used.

The job required a logo to be developed from the Ecoblast brand, some custom illustrations, and some original photography!

SORBS SUCKS

Why SORBS Sucks

Now 7 days after the event, and SORBS is still listing our affected server.

Why do SORBS Suck? More to the point, why am I writing this negative blog post? I’m writing it because SORBS has demonstrated itself to be wholly unprofessional, slow, and inaccurate, and are causing real problems for genuine ISPs, and countless people.

7 days ago the hosting company I work for found a client who’s site had been hacked. It was quite nasty, and a perl script was pumping out spam at a pace. Within an hour or so, we had tracked it down and got it shut down. Too late. We had appeared on a couple of blacklists, including spamhause and spamcop, and SORBS (just 46 hits).

Within a few hours, the world recognised that we had stemmed the problem, and all was fine again… or was it…

SORBS still listed us. We tried to remove ourselves. SORBS  has to be THE worst system I’ve ever used, ever. And I’ve used some pretty bad systems. If you’re going to allow companies to use your data to make decisions about whether or not to deliver email you at least owe it to run a service that isn’t completely broken. 

Read More…