Malicious bots sending site.ru as the HTTP referer

I’ve received a few hundred requests originating from bots setting site.ru as their referrer. These attacks are scanning for compromised WordPress installations and PHP based shells and backdoors. The attacking IP’s belong to compromised hosts and websites from service providers around the world.

Continue reading

I bought a new domain name through Njalla

I wanted to register a new domain name and decided to go with the privacy-aware domain registration service from Njalla. Unlike other domain registration services, Njalla actually purchases the domain for themselves and acquires full legal ownership and responsibility for the domain name. Njalla however grants you full control over the domain as long as you abide by their terms and conditions.

Continue reading

Submitting abuse reports to Microsoft might be a waste of time

About one and a half months ago I experienced a lot of botnet traffic originating from major cloud providers including Microsoft Azure. Against my better judgment I decided to see if reporting a few bad IP’s to the MS CERT team would make a difference.

Continue reading

CAcert – A community-driven Certificate Authority

So I was reading the Alien Pastures blog with great interest earlier and was surprised to learn that Eric Hameleers had chosen to secure his upcoming website with a certificate from CAcert. Unfortunately, certificates from CAcert are not trusted by most browsers and platforms and will either generate ominous looking warnings or be outright blocked.

Continue reading

About Slackware-current

So you’ve patiently been waiting for the next Slackware release but eventually you’re considering making the move to Slackware-current. So what exactly is Slackware-current and what would be the pros and cons of switching from stable to -current.

Continue reading

Raspberry down and out for the count

My Raspberry Pi based hosting came to an abrupt end earlier this week as the RPi3 suddenly became unresponsive. Powering off and on the device resulted in an infinitive loop of I/O error messages. I’ve tried to recover the filesystem, but unfortunately my attempts proved to be unsuccessful.

Continue reading

Opera – Can’t open user profile directory

I got the following ominous sounding message as I was to fire up my Opera browser at the office today:

Can’t open user profile directory, because you lack sufficient privileges. You might want to contact the administrator of this machine.

Continue reading

A year of hosting an onion site

A short story detailing my experiences with hackers, SIGINT and the inherent depravity of humankind. In truth though, this story may lack all the aforementioned ingredients.

Continue reading

Botnet traffic is on the rise

During the last few days I’ve been noticing a major surge in botnet traffic probing for the infamous Apache Struts 2 exploit, popular database setup and configuration scripts and even some old school cgi-bin vulnerabilities. The traffic originates from compromised hosts with major cloud vendors like Microsoft Azure, DigitalOcean, Vultr, Linode and OVH.

Continue reading

How to install Gnome Web (Epiphany) on Red Hat Linux

Accessing internal services on paranoidpenguin.net using self-signed certificates does no longer work in my preferred browser due to HSTS preloading. Instead of actually fixing the issue (or wait for Let’s Encrypt to roll out wildcard certificates), I decided to be clever and work around the restriction by installing a more “forgiving” web browser.

Continue reading