apparently china is upgrading it's great firewall to do more blocking of vpn';s.
GOOGLE is quite stupid and intrusive!!! They force HTTPS on thier search engine for MOST BROWSERS.. They force that crap on thier email server WHICH SUCKS because it doesnt work right!!!!! (@ least on my browser (I have to keep refreshing the page or it doesnt load (I HAD SSL DISABLED ON GMAIL (IT doesnt matter anyway,i would not use GOOGLEs email for anything!!! (I DO NOT TRUST THEM
IDIOTS)))))
Remember GOOGLE works with the GOVT,they are just as bad!!!!!!! THEY MAY HAVE CONCOCTED THE WHOLE THING TO MAKE PPL CHANGE THIER SSL SETTINGS AND MAKE THEM THINK THEY ARE NOW SAFE WHEN THEY ARENT!!!!! (You dont know who you are cooperating with)
I DONT BELIEVE ANY OF THIS SSL BS!!!!!!!! -- I THINK ITS STAGED CRAP TO GET PEOPLE LOCKED INTO A MORE EASILY MONITORING ABILITY!! ITS NOT GOOD TO BLINDLY BELIEVE THE BS WHEN THERE IS NO PROOF OF ANYTHING HAPPENING!! (Gives them all the power in the world to further thier agendas,etc)
sorry, wrong window, irssi didn't prompt on rightclick
still good for a chuckle
the best part is that that's a WHT post
bahaha
NS(SL)A
And here I thought hazardous had lost his mind
Glad those weren't your words
before i scrolled up to see who sent it to the channel, i figured it was one of those random users who show up in channels to send crazy shit for no reason
I thought so too before I looked to the side
This email is to notify you that you may be temporarily unable to access your SpiderOak account. Earlier this evening we experienced a network outage which cut off access for some of our users.  We are working around the clock to resolve the problem, and we will continue to update you as we make progress.  Please accept our sincere apologies for the inconvenience.
wee
does anyone know if cacti requires any of these functions: "fsockopen, show_source, system, shell_exec, passthru, exec, popen, proc_open, strrev"
I added them to my disabled function list and now cacti stopped working
I suspect so, I believe it shells out for some things
Check the error logs
Unless you have php error reporting turned silent, it will bitch when something tries to use a denied function.
enabled those functions and now the graphs appear
not sure which one exactly caused it to stop working
mnathani: Why would you block strrev?
just before 22nd of Jan - the graphs go dark
I found some malicious wordpress hack
that used it
with base64 decode / encode
All it does is reverse a string. In and of itself, it's not malicious
I can msg you the code if you care to check it out
if you've seen one wp hack, you've seen them all
(and I've seen a couple)
That's a lot like blocking "echo" because it's used in wp hack :P
mnathani: Confirmed taht strrev is used in cacti site/lib/snmp.php
Three times
*that
s/taht/that
<brycec> mnathani: Confirmed that strrev is used in cacti site/lib/snmp.php
ok
Also popen is used
And proc_open
Man, you hit every one on the head ;p
That's what she said!!
those can all be used to attack a system though
agreed
But they're also used so cacti can call out to rrdtool, perform snmp stuff, etc
so there should be massive firewalls infront of a cacti box
Ehhhh not necessarily
Provided that cacti isn't executing arbitrary code, for instance
(I mean, yeah, practice good firewalling anyways)
But the only times those functions are inherently bad is when they can be used to execute arbitrary commands.
(fwiw, I'm just grep'ing /usr/share/cacti/, and you can too)
grep -Irn strrev /usr/share/cacti/
i wonder if there's a way to map used functions to programs when compiling or such
i suppose modules is the difficult part
Compiling? This is PHP, it's scripted. (unless you meant inside PHP itself)
oh right
for some reason i think of php like a normal app :/
lol
but yeah it's not even php frontend
it's php through isn't it?
I mean, there is an rrd module for PHP that Cacti could (or might even) use assuming it's installed. I'm not digging in further.
Yeah, all of Cacti is written/scripted in PHP
well it does use rrdtool
but yeah that's external program
it's also meant to be the main perforamnce issue of cacti
well on larger installs
mnathani: most installs you need to login to do anything
so the attack vector for random internet users is greatly decreased.
I guess I am more concerned with wordpress sites on the same box
which can get compromised using said fuctions
use a separate ini file for them
s/fuct/funct
<zeshoem> which can get compromised using said functions
ahh
also alternate nick treshoem sometimes
if you can split off the php config and uid's that's good
I will look into that