This morning I tried to run security updates on one of my Centos VPS systems. Had to get creative since just running yum upgrade did not work. The yum process was killed unexpectedly:
Transaction Summary ========================== Upgrade 19 Package(s) Total size: 24 M Is this ok [y/N]: y Downloading Packages: Running rpm_check_debug Killed
A month or so ago I started an SSH Statistics gatherer with the hope of identifying high-level configuration details of SSH-2/SSH-1.99 servers in the USA. In running the tool for a couple of weeks I identified 46,250 SSH Servers that meet the basic criteria (I'd like to do a survey of SSH Servers running older versions in the 1.x range at a later date). This post explains the results of the survey.
Today I spent way too much time trying to debug an issue encountered while developing a Chrome extension. While attempting to create an Options page, I setup a separate 'options.js' file (to comply with security requirements that don't permit inline-JS) and found that the .js file would not load and that there were no error messages listed in the chrome developer tools view.
An interesting problem surfaced earlier this year that prevented our systems administrators from using RDP to connect to a windows server if they use a windows laptop. Paradoxically, SysAdmins who run Macs were not affected. It took a little time to track this down and now that I've been through the troubleshooting process I know how to fix it and can see how we wound up in this situation in the first place
We switched from LastPass to 1Password and encountered an unexpected hindrance: HTML encoded strings somehow replaced certain characters in critical passwords. The first time through the process it seemed like 1Password was was causing the problem. Upon further investigation we found that the problem originated during the LastPass 'export' process.
I will be starting an SSH Statistics gatherer that will be targeting US based IP addresses today. The gatherer tool will run for 1 week through Sunday, January 22, 2017. During this time you may notice SSH-2.0-ssh-stats-gather-2017_1.0.0 appear in your SSH server logs. This tool performs a banner grab of SSH servers and does not attempt to login (performs a partial connect)
I will update this post once the run completes with more details.
Update 2017-01-29: Things picked up pretty fast and I was able to pick up quite a bit of data. The stats gathering tool has been turned off and I am parsing the results. Expect a post about the details at some point in the next few weeks.
Update 2017-01-22: Technical issues have come up which require that I extend the duration of this project for another couple of weeks. The new target completion date is Sunday, February 5th, 2017
Update 2017-02-21: Results were published here
This week I needed to compile PuTTY to work on an Ubuntu system running 16.04 (LTS). The instructions are pretty straight-forward and will take you most of the way through compiling something you can use. A problem I ran into is that I kept on running into errors during compilation referencing dlsym, dlopen and dlclose.
Fate was on my side as I was able to work my way through the problem (with a generous dose of google) and comple that actually works.
For the last few months we have been experiencing intermittent issues with one of our production processes. The issue is one that has confounded us in its lack of consistency and ability to frustrate anyone assigned to troubleshoot the problem. I was asked to look into the situation and in the end was able to discover the root cause in just a few hours using Telerik JustDecompile coupled with Microsoft's SQL Profiler tool. The journey was exciting and I'll share what I can here.
While cleaning up some old files I found a project that compares file manifests between MSIs. At the time we needed the ability to quickly determine if the files contained in a set of new MSIs contained at least the same set of files that was generated using a previous build process. While there are other tools that can compare MSIs, this code is lightweight and command-line scriptable.
I needed to setup a quick dashboard a couple months back so I turned to Dashing.io. Everything worked great, then one day none of the dashboard widgets displayed any data. Given the nature of the dashboard and its users this was incredibly annoying.
The symptoms of this problem (which I can only replicate on Centos) are:
- Dashboard widgets appear in the right order/layout when you load the page
- Widgets do not contain any data until you Ctrl-C or kill the dashing process