Tag Archive for 'despair'

18
Jun

Burn Out Mode

By hinkydink Comments
Categories: Uncategorized

I have to admit to being not all that obsessed lately.

The Websense shit took a lot out of me.  In the end it turned out to be an ISA configuration issue, which made me feel a little stoopit, but at least it was an extremely esoteric (“undocumented”) aspect of the configuration.  The fix Websense published seems to leave much to be desired, and is probably exploitable as well.  Time will tell.

I got into a spontaneous SSH shit-storm on Full Disclosure just to do a little promotion for obfuscated-openssh and PoTTY, but apparently nobody cares.

It seems people are just stuck in their ways and no one is going to do anything any different than whatever it is they’re doing right now.

But somehow I did get this guy to mention PoTTY in his blog and give me and obfuscated-openssh a few links.  Spread the word!

Last week I spent an extraordinarily brutal amount of time compiling Google Maps (here and here), which has also added to my general burn-outedness.

On top of that I had some hardware issues in May that caused the List to malfunction in June.  In fact I just noticed that today.

I had a power supply die in my decade-old Windows 2003 server, which was were I was dropping the nightly backups to the database.

I forgot about that.

Subsequently, the mount point where the files should have gone was pointing to itself, which caused the root partition to fill up.  And when that happens things start to choke.

I only noticed it after seeing the List stuck at 666 proxies for about a day.

Normally when power supplies blow it’s a mad scramble to the nearest computer store to get a replacement, but this time I just said FUCK IT and let it slide, ordering a replacement from Tiger Direct.  But a couple of days later I decided to clean up the computer room and discovered I already had a replacement power supply.  And although I didn’t really want to replace it (having already said FUCK IT and being burnt out on technology in general), I replaced it anyway.

To top all that off, rumors are buzzing at work about a new re-org, so I took a five day mini-vacation (Thursday through Monday) to depressurize.

And during all that I missed the two-year anniversary of the List!  I had planned to do… something… but June 7th came and went unceremoniously.

So that’s how June, 2010 is going for me so far.

Oh, and I’m still waiting for the WordPress hammer to fall, too.

24
Apr

Shitty Week (4/18 – 4/24)

By hinkydink Comments
Categories: Uncategorized

Four days of proxies on the front page!

We are living through hard times, boys and girls!  So hard that even the Dinkster himself had to rely on a PHP proxy to do his forum haunting (thank you Baron Munchausen!).

It’s been a rough week on other fronts as well.  I got caught up in McAfee’s mess back at the Salt Mine.  Not only am I the local Network Nazi, but I also manage McAfee’s crappy AV for the entire enterprise.  Luckily that day (Wednesday) I was telecommuting via RDP back-tunneling (over obfuscated-openssh on Cygwin) so I was not in the thick of things.

I was “in the cloud”, as it were.

I was also wise enough never to have installed Service Pack 3 on my Salt Mine PC, so I was one of the lucky ones.  For a variety of reasons, I never trusted it.  I was almost ready to apply it once IE 7.0 came out, but then I heard there was no roll-back to IE 6 on machines with SP3, so I passed.  I have it on all the XP machines here on DinkNet, but I use different AV.

And that was an odd thing.

I have Microsoft Security Essentials (MSE) on my main box and that morning it died.  Very mysteriously.  The little green system tray icon was just plain gone and when I went to restart it from Control Panel, Services the system told me it could not be found.

This was before the news came out that the whole thing was due to a turd dropped on the world by McAfee, so I was quietly sweating bullets.  Had some bug followed me home?  Or crawled through my other covert tunnel, OpenVPN?  I switched boxes while I re-installed MSE on that system.  Then I rebooted it and performed a full scan.  Nothing.

And “nothing” doesn’t mean shit these days, with fast-mutating bugz like Zeus floating around the Interwebs.  The virus definitions you get today are for crap that has been around for months.

While all this is going on I get a call from my sprog, Inky Dink, and it turns out he’s having AV problems too!  And I know damn well he doesn’t run McAfee because I personally installed MSE on his system!

What the motherfucking fuck was going on here?

But it turned out Inky had been victimized by one of those scareware AV programs.  I pointed him to malwarebytes.org and he took care of it himself later that evening.

Again, all this time we had no idea it was a McAfee problem.  What was I to think?  AV software was dying everywhere as far as I could tell from my small corner of the Universe.  Was it cyberwar?  Was the the “Digital Pearl Harbor” the trade press has been crying about for the last four months?  Was Google’s January hack the warning shot?

No.  It was ludicrous.  It had to be a series of coincidences, so I kept my mouth shut during the Salt Mine phone conference.

Other people were not so cautious.  They started spreading all sorts of FUD.  All it takes is one jerk to read one unsubstantiated claim on one Internet forum and as soon as that happens he’s sending e-mail out to everyone and his brother and the next thing you know you’re in full chickens-with-their-heads-cut-off mode.

Luckily even though that particular jerk (our very own local security wannabee) made an idiot of himself that day and cooler heads prevailed.  The only thing he damaged was his own credibility.

By about 10:30AM that morning the news finally came out and we went into Full Damage Control Mode.  When the dust cleared, about 25% of our systems were down.

McAfee later stated it only affected one half of one percent of their customers.  Do tell.  Maybe they based that number on the phone calls they got that day (“All lines are busy, please hold!”).  Maybe they thought it was just rubberneckers that took their site offline.

And WTF happened?

This event was curious in that the update that caused this mess arrived early that day.  Normally, and I admit I haven’t checked in some time, we get that update between 11:30AM and 2:30PM EST.  The timestamp on the files said they came in at 4:37AM.  Why?  Did their QA department in Bangalore (or Shanghai or whatever) take off early that day?

If McAfee’s Legal Department gets their way – and there is no doubt in my mind it will get its way – we may never know what happened.

10
Feb

Two Days In A Row

By hinkydink Comments
Categories: Uncategorized

I suppose the power company had to test our new smart grid meter by forcing an outage.

Everything died again.  At about the same time, too.  Even though, unlike the last two times, it wasn’t snowing at all.

And it’s very evident that the UPS that powers my lifeline to the Web must be toast, because it didn’t start back up when the power came on.

I have a lot of catching up to do on other projects. But enough of my problems.  Things will be back to normal at 8PM EST.  Maybe we’ll make it all the way through Thursday.

06
Feb

Blizzard of ’10 Strikes!

By hinkydink Comments
Categories: Uncategorized

The power went out for five hours last night. It killed the 4AM run and everything else.

Hopefully, the next update will be at 8:00AM EST.

10AM UPDATE

The fucking netfilter ftp modules didn’t load.

In fact, nothing in rc.local ran on the firewall box.

01
Nov

Hard Times

By hinkydink Comments
Categories: Uncategorized

Earlier this week, everything went dark.  Even the Japanese list I’ve been hitting since the beginning of this project back in March, which was good for at the very least a half dozen new proxies a day, was blank.  BLANK!  NOTHING!

And the Russians went on holiday.  At least they were kind enough to say as much on their blog (what would we do without Google Translate?).

Even the 4AM run, when I hit the listers I despise so much, was weak (weaker than usual, that is).  

But slowly everything came back to normal.  The Japs got their game on and the Rooskies came home tan and refreshed.  The proxies started coming back in, only a trickle at first but back to Full Tilt Boogie by Friday.

Work has been a bitch, so I’ve had to let the Proxy Business slide a little myself.  We are in the throes of a Web Migration.  After spending about a quarter million a year on Web Hosting for the past five years, the Boys in Mahogany Row decided it was time to cut their losses and bring the servers home.

This is turning into a huge fiasco, although the technical side has gone surprisingly well (so far).  It seems we spent all that money on a slew of Web sites that aren’t getting any traffic at all.  It is glaringly obvious that the Webbies have been lying about how well the sites were doing (as they must – it’s part of their “Performance Measures” to make certain traffic increases).  Rolling heads may be seen in the near future, but most of them have been re-orged into positions that will probably be eliminated in the near future anyway.

I get to monitor the IDS on these things, so I have a pretty good view of the traffic they pull.  From a security perspective, it’s a good thing no one uses our servers.  They’re just not worthwhile targets.  Nobody cares enough to hack them, although the way they’re configured they could be pwned at the drop of a hat.

Sometimes it keeps me awake at night.

21
Sep

Hard Times in Proxyland

By hinkydink Comments
Categories: Uncategorized

Three or four days ago I noticed “Curious Site” dried up.  I didn’t do much about it because, well, I bought a new laptop and I’ve been fucking around with it.

As it turns out, on September 8th, someone spilled the beans in a thread at anitchat.ru, a Russian message board with a relatively worthless proxy forum.  Now, there’s no more proxies to be had.  The link at CS-1 is still there, but there’s nothing in it.

That kills all three of my megasources.  Soon the list is going to degenrate to a few hundred proxies (mostly CoDeeN).  So it looks like I’m back to Google Hacking and List Raiding.  Since the Google Hack was the source of these sites, I’m going to refine my method.  I’m already getting some “interesting” hits.  Check out the domain name on this Russian site out (click for a larger view):

Obviously a “fast flux” site.