Categories
php security sysadmin

Random wordpress malware

A customer’s server was compromised ages ago with lots of lots of WordPress malware. The developers are now on top of it, thanks to a combination of : * Removing wordpress’s write permission (moving over to just use SFTP) * Adding maldet (Linux Malware Detection). * Tightening up the firewall so only incoming connections to […]

Categories
debian linux security

Squid 3.4.x for with transparent ssl proxying/support for Debian Wheezy.

I needed  a variant of Squid which supported transparent SSL interception (i.e via iptables redirection) so I could log outgoing HTTPS requests without the client being aware. The stock wheezy variant doesn’t support SSL (see : Debian Bug Report). Even after recompiling Wheezy’s squid3 it didn’t seem to work (perhaps my stupidity) so I ended […]

Categories
nonsense security

BeThere to Sky Broadband

Given BT have finally updated our street cabinet to support FTTC, my home broadband will soon hopefully be moving form BeThere to Sky. The monthly cost remains roughly the same, but I move from about 8mbit to 40mb. I hope. Except, Sky own BeThere. So perhaps I’m not really moving – but this didn’t stop […]

Categories
security

EE Broadband box

On a random mailing list there’s a report of an EE broadband box being delivered with a QR sticker on the side. Which when scanned gives something like : SN:J32xxxxxxx;MAC:88-03-55-xx-xx-xx;USER:admin;Pass:xxxxxx;SSID:EE-BrightBox-xxxxxx;WPA:xxx-xxxx-xxxxx Guess that makes it handy for the postman to use your broadband.