We've used the CopSSH package to provide SSH and SFTP service on various Windows servers. Until now, we have not had a solution in place to block brute force attacks on the SSH server. We use the excellent fail2ban on our Linux systems, but we had not found a similar tool for Windows.
Yesterday we came across a solution to this problem:
http://www.itefix.no/i2/node/12081
It works very well on a Windows Server 2008 system where we've deployed it. The only thing it's lacking is a way to automatically remove banned IPs after a period of time. We'll post an addition to this tool if we implement this feature.
Thursday, January 21, 2010
Saturday, January 2, 2010
64-bit MySQL, 32-bit Ruby
Happy New Year, everyone!
As is far too often the case these days, we ran into a problem while trying to make 32-bit software play nicely with 64-bit software. One of our OS X 10.5 workstations had 64-bit MySQL installed as well as fink's 32-bit ruby. It took some time to sort out, but we ultimately solved the problem by following these instructions. Thanks to Josh there for the creative (though rather hackish) solution!
Visit us: www.singlebrook.com
As is far too often the case these days, we ran into a problem while trying to make 32-bit software play nicely with 64-bit software. One of our OS X 10.5 workstations had 64-bit MySQL installed as well as fink's 32-bit ruby. It took some time to sort out, but we ultimately solved the problem by following these instructions. Thanks to Josh there for the creative (though rather hackish) solution!
Visit us: www.singlebrook.com
Thursday, November 19, 2009
Old Bukowski Poem about Technology
Posted by Elisa: Of course the technology described in the poem is ancient, but it still resonates somehow.
16-bit Intel 8088 chip
with an Apple Macintosh
you can't run Radio Shack programs
in its disc drive.
nor can a Commodore 64
drive read a file
you have created on an
IBM Personal Computer.
both Kaypro and Osborne computers use
the CP/M operating system
but can't read each other's
handwriting
for they format (write
on) discs in different
ways.
the Tandy 2000 runs MS-DOS but
can't use most programs produced for
the IBM Personal Computer
unless certain
bits and bytes are
altered
but the wind still blows over
Savannah
and in the Spring
the turkey buzzard struts and
flounces before his
hens.
Charles Bukowski
16-bit Intel 8088 chip
with an Apple Macintosh
you can't run Radio Shack programs
in its disc drive.
nor can a Commodore 64
drive read a file
you have created on an
IBM Personal Computer.
both Kaypro and Osborne computers use
the CP/M operating system
but can't read each other's
handwriting
for they format (write
on) discs in different
ways.
the Tandy 2000 runs MS-DOS but
can't use most programs produced for
the IBM Personal Computer
unless certain
bits and bytes are
altered
but the wind still blows over
Savannah
and in the Spring
the turkey buzzard struts and
flounces before his
hens.
Charles Bukowski
Monday, August 31, 2009
Log database activity for one user (PostgreSQL)
Author: Jared Beck
Date: 2009/08/31
Keywords: log PostgreSQL psql postres log_statement database activity
Problem: You need to log all statements executed by a particular user.
Solution: Luckily, you can set a configuration_parameter for a particular role (aka user)
Don't forget to turn it off when you are done:
Be aware that logging has an overhead cost. That's one reason we wanted to only log one user.
Finally, the log file location is your "data directory" unless you configured it to be elsewhere. By default Postgres will prepend the lines you want with "LOG:" so you can grep those lines.
References:
Date: 2009/08/31
Keywords: log PostgreSQL psql postres log_statement database activity
Problem: You need to log all statements executed by a particular user.
Solution: Luckily, you can set a configuration_parameter for a particular role (aka user)
ALTER ROLE name SET log_statement = 'all'
Don't forget to turn it off when you are done:
ALTER ROLE name SET log_statement = 'none'
Be aware that logging has an overhead cost. That's one reason we wanted to only log one user.
Finally, the log file location is your "data directory" unless you configured it to be elsewhere. By default Postgres will prepend the lines you want with "LOG:" so you can grep those lines.
References:
Friday, March 27, 2009
IE7 Bug: <option> element has empty initial value
Author: Jared Beck
Date: 3/27/2009
Regarding the initial value of option elements, W3C HTML Spec Section 17.6 says:
Example: <option>foobar</option> should have the initial value "foobar". IE7 fails to set the initial value correctly. IE returns the empty string.
Solution: Developers should explicitly set the value attribute for all option elements.
Date: 3/27/2009
Regarding the initial value of option elements, W3C HTML Spec Section 17.6 says:
"[The value] attribute specifies the initial value of the control. If this attribute is not set, the initial value is set to the contents of the OPTION element."
Example: <option>foobar</option> should have the initial value "foobar". IE7 fails to set the initial value correctly. IE returns the empty string.
Solution: Developers should explicitly set the value attribute for all option elements.
Tuesday, February 3, 2009
TortoiseSVN, .exe, and TrendMicro OfficeScan
While building out a staging server for a client, we encountered a strange situation in which TortoiseSVN was unable to check out a working copy of the application. It was getting an "Access is denied" message while trying to write some of the metadata files (in .svn) for an .exe file that was part of the project. The permissions on the folder looked fine. We eventually determined that the TrendMicro OfficeScan real-time virus scanner was causing the problem. After disabling it, we were able to check out the working copy. Subsequent updates with the virus scanner on have worked fine, but we haven't made any changes to .exe files, so we can't say if it's just a checkout issue or if it affects updates too.
Wednesday, July 2, 2008
IE bug: Image buttons do not submit value
Author: Jared
Date: July 2, 2008
Keywords: IE input type="image" button submit submission post not defined undefined value
Symptom: Your form has a image button named Z (an input with type="image"). Your form handling page expects Z to be defined. Z is not defined. You are using Internet Explorer. It works fine in Firefox.
Check this: Using IE still, see if Z.x and Z.y are defined. They are, right? But Z is not defined!
Cause: Internet Explorer doesn't define Z. It just doesn't.
Does IE's behavior match the HTML spec? No. Under section 17.13 "Form submission" the spec says "Every successful control has its control name paired with its current value as part of the submitted form data set" (HTML 4.01 Specification)
Will this be fixed in IE? Maybe IE8 beta does, I haven't checked.
Date: July 2, 2008
Keywords: IE input type="image" button submit submission post not defined undefined value
Symptom: Your form has a image button named Z (an input with type="image"). Your form handling page expects Z to be defined. Z is not defined. You are using Internet Explorer. It works fine in Firefox.
Check this: Using IE still, see if Z.x and Z.y are defined. They are, right? But Z is not defined!
Cause: Internet Explorer doesn't define Z. It just doesn't.
Does IE's behavior match the HTML spec? No. Under section 17.13 "Form submission" the spec says "Every successful control has its control name paired with its current value as part of the submitted form data set" (HTML 4.01 Specification)
Will this be fixed in IE? Maybe IE8 beta does, I haven't checked.
Subscribe to:
Posts (Atom)
