This site is now 100% read-only, and retired.

XML Logo

Posted by k2 on Mon 9 Nov 2009 at 03:43
Tags: none.

Need comments/advice on the following log entries(just a few lines out of 100s similar ones) found on my Apache2 running on my Debian box (runs behind another Debian box which acts as gateway/router). It isn't one of those regular filname.php access request testing for vulnerabilities of php based web software. Notice that the source IPs were not the same for the same "referrer" page. How can I brace my box for such an attack in future? Thanks in advance.

60.195.130.248 - - [08/Nov/2009:07:28:51 -0500] "GET / HTTP/1.0" 200 858 "http://www.bulgarian.biz.nf" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)"
81.189.10.194 - - [08/Nov/2009:07:28:51 -0500] "GET / HTTP/1.0" 200 858 "http://www.kanev.biz.nf" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)"
62.75.216.206 - - [08/Nov/2009:07:28:51 -0500] "GET / HTTP/1.0" 200 858 "http://www.kanev.biz.nf" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)"
202.112.126.123 - - [08/Nov/2009:07:28:52 -0500] "GET / HTTP/1.1" 200 858 "http://quit.awardspace.biz.nf" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)"
210.51.10.197 - - [08/Nov/2009:07:28:52 -0500] "GET / HTTP/1.1" 200 858 "http://quit.awardspace.biz.nf" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)"
218.75.75.246 - - [08/Nov/2009:07:28:52 -0500] "GET / HTTP/1.1" 200 858 "http://www.bulgarian.biz.nf" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)"
61.153.149.205 - - [08/Nov/2009:07:28:52 -0500] "GET / HTTP/1.1" 200 1149 "http://www.kanev.biz.nf" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)"
61.244.157.239 - - [08/Nov/2009:07:28:52 -0500] "GET / HTTP/1.1" 200 801 "http://www.kanev.biz.nf" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)"
222.90.66.30 - - [08/Nov/2009:07:28:52 -0500] "GET / HTTP/1.1" 200 858 "http://www.bulgarian.biz.nf" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)"
66.232.120.254 - - [08/Nov/2009:07:28:53 -0500] "GET / HTTP/1.0" 200 858 "http://www.kanev.biz.nf" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)"
217.116.23.132 - - [08/Nov/2009:07:28:53 -0500] "GET / HTTP/1.1" 200 858 "http://www.bulgarian.biz.nf" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)"
66.154.97.22 - - [08/Nov/2009:07:28:53 -0500] "GET / HTTP/1.0" 200 858 "http://www.kanev.biz.nf" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)"
75.110.21.134 - - [08/Nov/2009:07:28:55 -0500] "GET http://ghaint.no-ip.org/ HTTP/1.1" 200 820 "http://www.kanev.biz.nf" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)"

Text overflows to the right (only in preview).

 

Posted by k2 on Wed 12 Nov 2008 at 23:35
Tags: none.

Posting here are a long time. I had a small bit about Debian and art. I had posted earlier about a friend of mine who was making a quilt with Debian logo on it. Well, after a period of 2 years plus a few months, she has "almost" finished working on it and presently it is being displayed at the "Lucky Break" exhibition being held at Chandler Center for Arts, Arizona. For more details and a couple of snapshots of the quilt, check my other blog post.

 

Posted by k2 on Thu 3 May 2007 at 00:28
Tags: none.
My webhost had some network problems two days ago and the data from the web server was mirrored off to another machine. When I try to connect via ssh I get the usual error:

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@

and the usual text under the warning.

I have seen this happen earlier on my own machines (e.g. on a reinstall) and to remedy it I had removed the offending key from the known_hosts file. But I wanted to know what is the correct way to *update* the entry. A quick scan at the ssh man page didn't give me much light except the reasons why it happened. I confess I didn't read the man page 100% ;)

 

Posted by k2 on Tue 1 May 2007 at 19:55

I don't think many people would be interested but still leaving a note. I got Debian/Lenny to run on a USB flash disk (1GB) with XFCE4 on my MacBook Pro. I know this has been done earlier and there is lots of documentation for it. But my only requirement was that the installation should not involve any changes on the MBP internal hard disk whatsoever.

I am documenting my procedure for the installation here. It is just a quick write and should be considered a first draft. You can leave suggestions to improve the document below.

PS: Steve, the CSS restyle went on hold in the last few weeks due to busy time in family. Will revive it in a couple of days.

 

Posted by k2 on Mon 2 Apr 2007 at 17:59
Tags: none.

This definitely gives me bragging rights ;) Now the questions is: does it reach me first or Etch releases?

 

Posted by k2 on Mon 5 Mar 2007 at 05:29
Tags: none.

I was updating my Debian Unstable box a few minutes ago and during the pre-install configuration, it asked me if I wanted to install CA certicates for cacert.org and debconf.org. I didn't install them because it had asked me to install if I trusted them.

I had read Steve's recent article on SSH keys and hence wanted to know if there is a way to check the trustworthiness of these ca-certificates. Any help is welcome.

PS: The above said package ca-certificates was obtained from official debian repository by apt.

 

Posted by k2 on Sat 10 Feb 2007 at 06:15
Tags: none.

This week we started preparations for a project to do recording of the hymns recited every Sunday at our place of worship. The idea is to split the signal from the mixer and feed it to the computer's sound card in addition to the amplifier. From there on, we plan to use something simple as audacity to do the recording (other mixing softwares might be too complicated to use if we aren't there) and then convert them to a compressed format for archiving purposes.

The interesting part till now has been the PC which we are getting. It is an Acer PIV 2.6GHz 512MB desktop with Windows XP installed on it. We decided to give the plan a try without destroying the Windows installed .... yet. As usual the desktop had only one partition on a 160GB HDD. I booted it with a GParted - LiveCD and it gave me a nice little GUI for editing the hard disk partitions. I reduced the windows partition(NTGS) to around 30GB and the rest was for Linux. GParted reduced the windows partition without any trouble and I rebooted the machine in Windows just to make sure.

The machine boots, Windows XP notices something wrong, throws a hiccup and tells me that it needs to check the integrity of the disk. I smiled and let it do its job, didn't find anything wrong and finally it gave me the desktop. From there on, in went the Linux CD, a reboot was in order and the Linux installation started... Windows XP never had a clue what it went through!

 

Posted by k2 on Tue 12 Sep 2006 at 05:02
Tags: none.

I'm a little confused about which type of new HDD to buy, so I thought I might get some help from the userbase. I'm looking in the range of 300GB to 500GB as the price comes down day by day. I saw a 500GB SATA II last week for $159.99!

This entry has been truncated read the full entry.

 

Posted by k2 on Sat 2 Sep 2006 at 07:06
Tags: none.

My new laptop sleeve:

mbp-sleeve

Future plans for finishing touches

MBP sleeve's future

 

Posted by k2 on Sun 23 Jul 2006 at 22:46
Tags: none.

Couldn't find the old pictures of the swirls yet, so this one came to mind. It is not red, but still the swirl we love so much. Made in yogurt mixture using powdered roasted cumin seeds. Enjoy!debian-yogurt