Show Posts

You can view here all posts made by this member. Note that you can only see posts made in areas to which you currently have access.

Topics - kirrus

Pages: [1] 2
General Discussion / Hi
« on: April 09, 2017, 04:56:30 pm »
Popping in to change my password, in one of my rare visits here, might as well say hi! :)

News and Events / The Future's bright. The future's Linux
« on: October 18, 2010, 02:06:27 pm »

General Discussion / The Guardian != Neutral
« on: October 08, 2010, 10:13:10 pm »
Nice to see the Guardian being impartial:

I like the guardian's style of writing. I read their paper, visit their website, and use their iPhone app.

Today, I saw this advert:

The feature they're making the most of is a rip-off adaptation of a feature Firefox has had since version 1 (not mentioned); won't work on Linux or Macs machines (not mentioned) and the verbiage seems to be clear-cut marketing speech with no mention of any alternatives or downsides.

In the article they've mentioned that Internet Explorer has been the Market Leader since it's launch. What they didn't mention, is the reason it became the market leader. Microsoft abused it's monopoly position, as confirmed here:

Why not a guardian article, you may ask? Perhaps the tone of this blog would give you a hint, with the negativity detectable in the tone of the author: ?


Security / Basic system protection
« on: October 01, 2010, 11:32:44 pm »
You must have, on any web-server or other service-providing system: A firewall.

You should have, if you can't firewall port 22 (ssh), fail2ban or denyhosts.

If you're running a shared webserver system (providing hosting for 2 or more different websites) you really should be running mod_security.

If you can't put phpmyadmin behind a firewall or basic auth (customers, *sigh*) then do keep it upgraded. Of course, keeping things upgraded covers any off the shelf software, wordpress is just as bad - quite a few of them have got code injection/filesystem manipulation issues.

If you can, and you're running a mod-php system, run the IPX version of apache, not mpm prefork.  It allows you to get apache to make customer code executed as that customer's user, which is a boon to tracking down which muppet didn't upgrade wordpress this time.

Of course, there are a lot of other things you can do as well, fastCGI, nginx, and other more fancy things when you get up to MP's sort of level ;)

Security / IRC-based Botnet (phpmyadmin injection)
« on: September 29, 2010, 02:45:57 pm »
Somebody has been trying to infect servers running old versions of phpmyadmin. They dumped a perl scrpt in, which takes over port 80. (Dumb really, fast way to alert what you've done to a sysadmin, on monitored boxes).

The script then talks to a IRC channel, and those on the channel can run commands against the botnet.

No script examples this time, but a good reason to keep your phpmyadmin either upgraded or behind basic HTTP auth. This particular example gained a few hundred bots, afaik.

General Discussion / Security
« on: September 26, 2010, 03:42:29 pm »
Would anyone be interested / would it be OK, if I posted some bash/perl scripts used to exploit systems here? I tend to get a few due to the nature of my work (sometimes, hackers try to infect our machines, and I get to keep the tools they're using).

I guess wherever it's put, it should go in it's own safe area

It'd be useful to have something like a tablet pc, wall mountable, round the DC for camera/security/system status displays. Obv, running linux. Any ideas? :)

Linux Tips & Tricks / @madpenguin
« on: September 26, 2010, 03:38:20 pm »
You once showed me a really cool scp | tar command that keeps perms safe with scp transfers of large quantities of flles... could you post it, I've forgotten :/

- reposted from my main blog -

Currently, according to mainstream media, bandwidth is defined as the quantity of data you download or upload to the internet over a month. So, for example, your ISP will tell you the maximum bandwidth limit is 100GB. Or whatever.

That, however, is not it’s true definition. It’s true definition is:
a data transmission rate; the maximum amount of information (bits/second) that can be transmitted along a channel.[1]

This is the secret thing about bandwidth. ISPs don’t care about how much you upload to the web over a given period. We care about how fast you upload it.

When you pay for a high-level connection to the internet, that you use to connect houses to, or web-serving computers, you do not pay in quantity over time. You pay in speed. So, for example, 1 gigabit per second. If you go over that speed, longer than a allowed ‘burst’ period, you pay an overage charge, always assuming that your network is even capable of going over that speed.

Think of bandwidth like gas going through a pipe. (Terrible, terrible analogy, I know. But it’s the easiest way to explain.) That gas can only flow so fast, and only so much can be fit in the pipe at any one time. We don’t particularly care if you use 100GB by taking a trickle out of the system at any one time. We do care if you take a torrent.

Realistically though, customers never notice bandwidth. They’re too busy playing with computer-resource hungry things, like wordpress, to even be able to consume all of their allocated bandwidth. Only very, very rarely do we actually start thinking about bandwidth rather than computing resources. Normally, it’s podcasts. Static file. Almost no server-resources required to send it out onto the internet. But it eats bandwidth. Most are ~50-80Megabytes per episode. You get enough people downloading that simultaneously, and we’re going to start noticing…

As long as the current trend continues, i.e. the more computing power we have available to provide you with your shiny websites, the more the people creating the shiny websites waste computing power, the mainstream will never notice this secret.

More often than not, the reason we ask people to upgrade off our shared servers, is not because they’ve reached any arbitrary bandwidth limit, although we may use this as a guide to identify them. It’s because they’re using too much CPU time.


General Discussion / Funny Images
« on: May 21, 2010, 04:14:46 pm »

General Discussion / Off-Topic: Audobooks
« on: May 15, 2010, 08:37:53 pm »
Do any of you listen to audio books? I'm tending to listen to some from graphic audio whilst driving (my radio doesn't work, but plays mp3-cds fine. Go figure.)

News and Events / MMO Opensources ALL. Code, art, engine, client.
« on: May 07, 2010, 07:54:37 pm »
This is interesting:
All MMOs are rubbish, blah blah blah. World of Snorecraft, blah blah blah. Well, make your own bloody MMO, then. How? With the complete source code and art assets from fantasy monster-biffing game The Saga of Ryzom...

See the full article here:

Full disclosure: I work at the company that hosts RPS. And I like them :)

News and Events / SEO - Google making site load speed affect page rank
« on: April 12, 2010, 04:05:38 pm »
Faster loading pages will get a boost in result rankings.

Google has started ranking webpages by the speed with which they load.

The search giant is using the loading speeds to help rank the lists of sites it produces in response to keyword queries.

BBC article here:

General Discussion / Adverts
« on: March 28, 2010, 02:11:01 pm »

News and Events / Ubuntu Rebrand
« on: March 05, 2010, 12:02:15 pm »
Ubuntu has just released the results of their design team's rebrand. You can read more here:

Any comments? I've heard a range from love to "it's a confused steve envy" so far..

Pages: [1] 2

SimplePortal 2.3.3 © 2008-2010, SimplePortal