Gentoo – Tor 0.3.4.9 stable on amd64

So why is this release noteworthy? Well, I experienced an issue with the previous release (Tor 0.3.4.7) where I was unable to get sandboxing to work due to the following error:

(Sandbox) Caught a bad syscall attempt (syscall openat)
...

Continue reading

Another year of hosting an onion site

The highly anticipated continuation of last year’s riveting tale of fear and loathing on the dark web. I hereby offer a full disclosure of attack patterns observed against my onion and my WordPress installation, respectively.

Continue reading

Gentoo – ModSecurity 2.9.1 lands in stable on amd64

Gentoo developers recently marked mod_security-2.9.1 and modsecurity-crs 3.0.2 as stable on amd64, thus allowing me to move on from the dormant ModSecurity 2.7.7 release. Good thing I got this update on a Sunday though as it turned out to be more than a simple drop in replacement.

Continue reading

This website is IPv6 ready

As of today, this modest Gentoo VPS is finally available over IPv6. I’ve been putting off this move for a while as I needed to make sure that my services were correctly configured for IPv6.

Continue reading

Gentoo – New slot for PHP 7.2 on amd64

PHP 7.2 just went stable on amd64 providing me with an opportunity to finally migrate away from PHP 7.0. Unlike the PHP 7.1 releases, PHP 7.2 offers significant performance improvements.

Continue reading

Welcome to my new v3 onion

Gentoo recently marked Tor 0.3.4.7 as stable on amd64 so without further ado I’m launching my v3 onion. This hidden service is available at the following 56 bit long address: 4hpfzoj3tgyp2w7sbe3gnmphqiqpxwwyijyvotamrvojl7pkra7z7byd.onion

Continue reading

DKIM fail – Invalid public key

So I had just implemented DomainKeys Identified Mail (DKIM) on a Postfix server and was confident that the signing process was correct, but on testing, the recipient’s SMTP server insisted that the message had failed authentication due to an invalid public key.

Continue reading

Validating HTTP requests using Apache’s THE_REQUEST variable

I’m currently experimenting with a few rule conditions to explicitly whitelist the resources I want clients to be able to retrieve on my server. The initial target for this exercise was my onion site which has an issue with misbehaving (poorly written) Tor bots, but I thought it would be fun to extend the experiment to paranoidpenguin.net.

Continue reading

Hakaied with love from Telecom Egypt

In the last two weeks I’ve seen a steady increase of bots trying to exploit a remote command execution flaw on D-Link routers. The majority of the attacks are originating from IP blocks belonging to Telecom Egypt Data.

Continue reading

What does the future hold for Slackware Linux?

Shortly following the distribution’s 25th year anniversary, Slackware maintainer Patrick Volkerding has shared some insight into his current financial situation and the issues he’s facing due to a lack of revenue from the Slackware store. According to Volkerding, the store has not forwarded any founds from sales or donations for the past two years.

Continue reading