vacmf
there’s more than one way to do it
Slackware 12.0 is released!
Jul 2nd
The first Slackware release that come with the 2.6 kernel is available for download.
Here is the official detailed announcement.
Postfix with relayhost and SASL client
Jun 11th
I wrote a simple document to help in configuring Postfix mail server with a relay host that require SASL authentication.
It’s a common situation when you have an MTA at home or at your office with a dynamic IP adrress.
You can find it im my wiki with the Postfix with relayhost and SASL client
italia.it XSS
Feb 26th
Il nuovo portale italiano sul turismo italia.it fa un po’ acqua da tutte le parti inquanto a sicurezza.
Chi vuole un esempio, provi a sostituire il valore del parametro “scope” passato sulla URI del sito con:
"><script>alert('YaBaDaBaDoOoO');</script>
<"input type="hidden" value="
cosi facendo si inserisce lo script nella:
<input type=...
http://www.italia.it/it/scout/text/5,it,SCH1,2005/objectId,
RGN8it,modulId,scout,s,0,season,at1,selectedEntry,
home/result.html?rgnCMP=RGN8it&scope=">
<script>alert('YaBaDaBaDoOoO');<
/script><input type="hidden"
value="&Submit2.x=12&Submit2.y=10
Con piu’ fantasia, si puo’ aggiungere un sondaggio :)
http://www.italia.it/it/scout/text/5,it,SCH1,2005/objectId,
RGN8it,modulId,scout,s,0,season,at1,selectedEntry,
home/result.html?rgnCMP=RGN8it&scope=
"><script>alert('YaBaDaBaDoOoO');
</script><br><br>Come sono stati spesi i
soldi?<select><option>Male<option>
Malissimo</select><input type="submit"
value="Sei daccordo?" class="button">
<input type="hidden"
value="&Submit2.x=12&Submit2.y=10
o meglio: http://tinyurl.com/2h49x8
In parole povere, possiamo piu’ o meno ridefinire il sito abbastanza a piacere. E questo e’ un grave problema di sicurezza ponendo il sito al centro dell’attenzione di chi fa del phishing
la sua professione.
Reverse SSH tunnelling (exit by the door and come back from the window)
Dec 20th
Draft
What to do when you have a server behind a natted internet connection whitout public IP and you want to access it from your home or somewhere?
SSH is your best friend. So you can enable a reverse ssh tunnel that allow a connection from above the intranet.
server “S0″ in the intranet —-> Router (without access) —-> (OoOo Internet oOoO) <---- router (my CISCO 803) <---- "C1" remote computer (my.example.cxm)
In the server S0 I use ssh to create a tunnel that allow my C1 to connect it.
On S0
ssh -R 5000:localhost:22 my.example.cxm
On Router CISCO
ip nat inside source static tcp 10.1.1.1 5000 interface Dialer 1 5000
On C1
simply launch: ssh -p 5000 localhost
and you are connected to your server in the office intranet.
What appen if the connection goes down?
we can assure that the tunnel back up again. So we must consider the idea to insert a cron job which check periodically the tunnel status.
next: example shell script
How to prevent DHCP server to override your resolv.conf script
Dec 20th
Draft
The “problem” is caused by dhcp server that overwrite our resolv.conf script and we lose this personalization during the IP release session. Not even is a good idea to replace the dns configuration proposed by the dhcp server, if it push that to you, probably there is a reason. But some time you want to use your own configuration such as when you use your broadband router and you want your /etc/resolv.conf has been preserved fron updates.
To prevent this nasty situation we can operate in two ways, determined by which dhcp client you are using: dhcpcd ord dhclient.
In the first case, dhcpcd (as in my Slackware laptop), prevent overriding can be obtained simply add the -R option to the dhcpcd command:
# dhcpcd -R eth0
In the second case, we must read the man page about dhclient-script which is invoked any time you use dhclient.
In:
man 8 dhclient-script
at the HOOKS section we can read:
HOOKS
When it starts, the client script first defines a shell function, make_resolv_conf , which is later used to create the /etc/resolv.conf file. To override the default behaviour, redefine this function in the enter hook script.
This means that we must to create /etc/dhclient-enter-hooks and redefine the make_resolv_conf function to satisfy our needs.
If we simply wants to prevent resolv.conf updates only, the fastest way is to redefine the function to do nothing:
# cat /etc/dhclient-enter-hooks
make_resolv_conf() {
exit 0
}
Then save the file and ensure it is executable:
# chmod a+x /etc/dhclient-enter-hooks
Note that, as explained in the man page, the dhclient-script is not standard so if this configuration doesn’t work, please read the man page.
Next: How to merge dns addresses pushed by the dhcp server and my own dns.
whois and .eu domain name
Jun 21st
If you launch the command
whois eurid.eu
I returned the following message:
No whois server is known for this kind of object.
So you can simply use:
whois -h whois.eu eurid
but from `man whois` I read:
If the /etc/whois.conf config file exists, it will be consulted to find
a server before applying the normal rules. Each line of the file should
contain a regular expression to be matched against the query text and
the whois server to use, separated by white space.
So I created the /etc/whois.conf file and filled it with:
.eu whois.eu
but it doesn’t work. From the output of:
strace /usb/bin/whois eurid.eu
we can see that the program doesn’t search /etc/whois.conf file so the “problem” is in the source.
To get whois read his config file you must download the program source from his developer web site
http://www.linux.it/~md/software/
then you need to extract the files from the archive and modify config.h simply to uncomment the line regarding /etc/whois.conf as reported:
#define CONFIG_FILE "/etc/whois.conf"
finally you have to recompile the program with make and install it.
Now that whois read his config files you can create it
# echo ".eu whois.eu" > /etc/whois.conf
and launch the program
whois eurid.eu
Now in the output you have the whois search result.