This is the 20,668th day of my life.
Ever wondered about the mystery that is Unicode?
Ever wanted to keep track of earthquakes in the
My Resume, in Word format
In the course of administering an Apache webserver, I see all kinds of things show up in my access log (which goes back over five years now). One of the things I see is lame Micro$oft-specific hack/crack attempts; default.ida, NULL.printer, etc. A lot of crack attempts come in through FTP as well; any attempted access of "/_vti_*" is usually a crack attempt.
Whatever host shows up in these log entries is either a spoofed IP or it's a real machine that has usually been cracked into by someone somewhere; the person that host belongs to is almost always blameless except for having crappy security on their box. So, in the interest of public awareness and to do my part to increase the security of the internet as a whole, I present herewith:
Brett's List of Cracked Sites (or spoofed IPs) and their corresponding timestamps.
These lists were generated by rather long, complicated grep/awk/sort/uniq commands from my web server and FTP daemon logs. I'm no longer updating the list very frequently, since the hits seem to have tapered off, but I'll leave all the information where it is now. This is a link to the script I wrote for the job (without the FTP part). It has been updated to include this latest Nimda worm crap. I swear, why are there so many evil people on earth with so little time on their hands? "Oh yes, please, could you use all my bandwidth?" But anyway. Some entries will be IP addresses; some, hostnames... it all depends on whether the admin in charge of the reverse PTR entries for his DNS zones is doing his job or not. So few admins bother with the reverse entries... something else about the world I'd like to change.
I'd like to urge all server admins the world over to make their own such lists; maybe someone somewhere can keep a master copy of all the hosts that hundreds of admins see crack attempts coming from, and one day people can come look at it, see if their host is in it, and take steps to keep their box from being used in some script kiddie's plans for net domination. If all us White Hats pull together as a team, there's nothing we can't accomplish. Or something.
Do you use Linux too? Wouldn't it be great if there were a way to play DVD movies in Linux?
Well, there is a way.
(Slashdot article link removed since they apparently don't keep stories around very long.)
Despite the fact that DeCSS is still legal in 48 states (all but California and New York) and the
rest of the world, the MPAA (Motion Picture Association of America) and DVDCCA (DVD Copy Control
Association) are sending threatening letters to anyone they feel can be
intimidated into believing that their mirrors of the DeCSS source code are illegal. They named
hundreds of web sites in their lawsuit which they would like to see shut down for distributing DeCSS.
What's their legal basis for doing so? The Digital Millennium Copyright Act (DMCA). This heinous piece
of garbage legislation was quietly passed in 1998. It has provisions in it which make it
illegal to create/distribute "tools" capable of circumventing copyright protection. Literally. That's it.
I guess nobody thought to realize that this means that the following things are now illegal:
This is the test trial case, folks. There is no legal precedent for this. Whatever the courts decide about DVDs, DeCSS, the DMCA, the MPAA, and the DVDCCA will become the legal precedent for all of eternity. But relax; these typically greed-motivated, selfish children don't have a chance in hell of winning. Why?
Here's a nice comment about the whole mess that pretty much equates to "Case Closed" in this matter. It was posted anonymously on slashdot.org so I don't know who to credit, but I would if I could because it's brilliant.
Has it occurred to anyone that the MPAA and the DVDCCA should be sued for illegal product tying? Anti-trust laws should apply to illegally forcing the purchaser of one product (DVDs) to accept the purchase of another tied product (CSS-licensed players.)
It's time to file an injunction against the MPAA and the DVDCCA for causing great harm to consumers by forcing them to purchase products (i.e. players and movies) that are illegally tied to each other via CSS which has as its sole purpose the lining of the pockets of the DVDCCA.
The only reason for the existence of CSS is to allow the DVDCCA to make millions of dollars by ripping off manufacturers and consumers alike with unfair and monopolistic licensing schemes while infringing upon fair-use rights to a copyrighted work. No one in their right mind can claim CSS prevents piracy; all it does is prevent playback, and pretty shoddily at that (CSS is about as secure an encryption method as Pig Latin). CSS is a great scam being foisted upon an unsuspecting public to make the DVDCCA rich, fat and happy. And the same goes for "Region Codes."
If you buy Exxon gasoline and are forced to use it only in Exxon-licensed automobiles and only within the "region" where you bought it, that's illegal product tying and a breach of anti-trust laws.
If you buy a DVD movie and are forced to play it only in MPAA/DVDCCA-licensed players and only within the "region" where you bought it, that's illegal product tying and a breach of anti-trust laws.
I defy anyone to point out any fundamental difference between those two statements.
Contact your State's Attorney General's office and let them know how you feel about illegal product tying.
So go ahead, O great and mighty greed-mongers. Try and sue me for giving someone directions to a location where they might find some information about something whose purpose is to defeat your monopolistic and ILLEGAL marketing schemes. You do NOT want this to become headline news on CNN, and I guarantee you it will be whether Time-Warner owns the damn thing or not.
Want to read more? Lookie here.
It makes the world go round.