| ↑back Search ←Prev date Next date→ Show only urls | (Click on time to select a line by its url) |
| Who | What | When |
|---|---|---|
| mercutio | apparently china is upgrading it's great firewall to do more blocking of vpn';s. | [01:21] |
| .................................. (idle for 2h46mn) | ||
| *** | SpaceDum1 has quit IRC (Ping timeout: 256 seconds)
SpaceDump has joined #arpnetworks | [04:07] |
| ..................... (idle for 1h41mn) | ||
| hazardous | GOOGLE is quite stupid and intrusive!!! They force HTTPS on thier search engine for MOST BROWSERS.. They force that crap on thier email server WHICH SUCKS because it doesnt work right!!!!! (@ least on my browser (I have to keep refreshing the page or it doesnt load (I HAD SSL DISABLED ON GMAIL (IT doesnt matter anyway,i would not use GOOGLEs email for anything!!! (I DO NOT TRUST THEM
IDIOTS))))) Remember GOOGLE works with the GOVT,they are just as bad!!!!!!! THEY MAY HAVE CONCOCTED THE WHOLE THING TO MAKE PPL CHANGE THIER SSL SETTINGS AND MAKE THEM THINK THEY ARE NOW SAFE WHEN THEY ARENT!!!!! (You dont know who you are cooperating with) I DONT BELIEVE ANY OF THIS SSL BS!!!!!!!! -- I THINK ITS STAGED CRAP TO GET PEOPLE LOCKED INTO A MORE EASILY MONITORING ABILITY!! ITS NOT GOOD TO BLINDLY BELIEVE THE BS WHEN THERE IS NO PROOF OF ANYTHING HAPPENING!! (Gives them all the power in the world to further thier agendas,etc) sorry, wrong window, irssi didn't prompt on rightclick | [05:50] |
| *** | _Zodiac has joined #arpnetworks
_Zodiac has left | [06:03] |
| ...................................................... (idle for 4h27mn) | ||
| m0unds | still good for a chuckle | [10:31] |
| hazardous | the best part is that that's a WHT post | [10:36] |
| m0unds | bahaha
NS(SL)A | [10:39] |
| *** | mkb has quit IRC (Ping timeout: 244 seconds) | [10:41] |
| ......... (idle for 44mn) | ||
| brycec | And here I thought hazardous had lost his mind
Glad those weren't your words | [11:25] |
| m0unds | before i scrolled up to see who sent it to the channel, i figured it was one of those random users who show up in channels to send crazy shit for no reason | [11:30] |
| brycec | I thought so too before I looked to the side | [11:30] |
| m0unds | This email is to notify you that you may be temporarily unable to access your SpiderOak account. Earlier this evening we experienced a network outage which cut off access for some of our users. We are working around the clock to resolve the problem, and we will continue to update you as we make progress. Please accept our sincere apologies for the inconvenience.
wee | [11:44] |
| ............ (idle for 58mn) | ||
| *** | mkb has joined #arpnetworks
mkb is now known as Guest10431 | [12:42] |
| ..... (idle for 20mn) | ||
| Guest10431 is now known as mkb | [13:02] | |
| ...................... (idle for 1h48mn) | ||
| hive-mind has quit IRC (Remote host closed the connection)
hive-mind has joined #arpnetworks | [14:50] | |
| zeshoem has quit IRC (Ping timeout: 245 seconds) | [15:00] | |
| .... (idle for 19mn) | ||
| zeshoem has joined #arpnetworks | [15:19] | |
| .... (idle for 15mn) | ||
| mnathani | does anyone know if cacti requires any of these functions: "fsockopen, show_source, system, shell_exec, passthru, exec, popen, proc_open, strrev"
I added them to my disabled function list and now cacti stopped working | [15:34] |
| brycec | I suspect so, I believe it shells out for some things
Check the error logs Unless you have php error reporting turned silent, it will bitch when something tries to use a denied function. | [15:36] |
| mnathani | enabled those functions and now the graphs appear
not sure which one exactly caused it to stop working | [15:42] |
| brycec | mnathani: Why would you block strrev? | [15:42] |
| mnathani | just before 22nd of Jan - the graphs go dark
I found some malicious wordpress hack that used it with base64 decode / encode | [15:42] |
| brycec | All it does is reverse a string. In and of itself, it's not malicious | [15:43] |
| mnathani | I can msg you the code if you care to check it out | [15:43] |
| brycec | if you've seen one wp hack, you've seen them all
(and I've seen a couple) That's a lot like blocking "echo" because it's used in wp hack :P mnathani: Confirmed taht strrev is used in cacti site/lib/snmp.php Three times *that | [15:43] |
| mnathani | s/taht/that | [15:46] |
| BryceBot | <brycec> mnathani: Confirmed that strrev is used in cacti site/lib/snmp.php | [15:46] |
| mnathani | ok | [15:46] |
| brycec | Also popen is used
And proc_open Man, you hit every one on the head ;p | [15:46] |
| BryceBot | That's what she said!! | [15:47] |
| mnathani | those can all be used to attack a system though | [15:47] |
| brycec | agreed
But they're also used so cacti can call out to rrdtool, perform snmp stuff, etc | [15:47] |
| mnathani | so there should be massive firewalls infront of a cacti box | [15:48] |
| brycec | Ehhhh not necessarily
Provided that cacti isn't executing arbitrary code, for instance (I mean, yeah, practice good firewalling anyways) But the only times those functions are inherently bad is when they can be used to execute arbitrary commands. (fwiw, I'm just grep'ing /usr/share/cacti/, and you can too) grep -Irn strrev /usr/share/cacti/ | [15:48] |
| mercutio | i wonder if there's a way to map used functions to programs when compiling or such
i suppose modules is the difficult part | [15:50] |
| brycec | Compiling? This is PHP, it's scripted. (unless you meant inside PHP itself) | [15:50] |
| mercutio | oh right
for some reason i think of php like a normal app :/ | [15:50] |
| brycec | lol | [15:50] |
| mercutio | but yeah it's not even php frontend
it's php through isn't it? | [15:51] |
| brycec | I mean, there is an rrd module for PHP that Cacti could (or might even) use assuming it's installed. I'm not digging in further.
Yeah, all of Cacti is written/scripted in PHP | [15:51] |
| mercutio | well it does use rrdtool
but yeah that's external program it's also meant to be the main perforamnce issue of cacti well on larger installs mnathani: most installs you need to login to do anything so the attack vector for random internet users is greatly decreased. | [15:51] |
| zeshoem | I guess I am more concerned with wordpress sites on the same box
which can get compromised using said fuctions | [15:56] |
| mercutio | use a separate ini file for them | [15:56] |
| zeshoem | s/fuct/funct | [15:56] |
| BryceBot | <zeshoem> which can get compromised using said functions | [15:56] |
| zeshoem | zeshoem and mnathani are the same person | [15:57] |
| mercutio | ahh | [15:57] |
| zeshoem | also alternate nick treshoem sometimes | [15:57] |
| mercutio | if you can split off the php config and uid's that's good | [15:57] |
| zeshoem | I will look into that | [15:58] |
| ........................... (idle for 2h12mn) | ||
| *** | josephb_ has joined #arpnetworks | [18:10] |
| technoid_ has quit IRC (*.net *.split)
vissborg has quit IRC (*.net *.split) pcn has quit IRC (*.net *.split) josephb has quit IRC (*.net *.split) pcn has joined #arpnetworks vissborg has joined #arpnetworks qbit_ has joined #arpnetworks | [18:17] | |
| qbit has quit IRC (*.net *.split)
CaZe has joined #arpnetworks | [18:35] | |
| abthorpet has joined #arpnetworks
hive-mind has quit IRC (Disconnected by services) kevr_ has joined #arpnetworks hive-mind has joined #arpnetworks relrod_ has joined #arpnetworks relrod_ has quit IRC (Remote host closed the connection) kevr has quit IRC (*.net *.split) relrod has quit IRC (*.net *.split) tabthorpe has quit IRC (*.net *.split) JC_Denton has quit IRC (*.net *.split) JC_Denton has joined #arpnetworks relrod_ has joined #arpnetworks JC_Denton is now known as Guest71727 relrod_ is now known as relrod | [18:43] | |
| jbergstroem has quit IRC (Ping timeout: 250 seconds)
jbergstroem has joined #arpnetworks | [19:06] | |
| Guest71727 is now known as JC_Denton
joepie91_ has quit IRC (Ping timeout: 252 seconds) | [19:16] | |
| joepie91_ has joined #arpnetworks | [19:23] | |
| dj_goku has quit IRC (Read error: No route to host)
dj_goku_ has joined #arpnetworks dj_goku_ has quit IRC (Changing host) dj_goku_ has joined #arpnetworks | [19:29] | |
| ..... (idle for 23mn) | ||
| toeshred_ has joined #arpnetworks
toeshred has quit IRC (Ping timeout: 628 seconds) | [19:52] | |
| dj_goku_ has quit IRC (Ping timeout: 245 seconds)
hive-mind has quit IRC (Ping timeout: 245 seconds) hive-mind has joined #arpnetworks | [19:59] | |
| dj_goku has joined #arpnetworks
dj_goku has quit IRC (Changing host) dj_goku has joined #arpnetworks | [20:19] | |
| .... (idle for 16mn) | ||
| dj_goku has quit IRC (Ping timeout: 252 seconds)
dj_goku has joined #arpnetworks dj_goku has quit IRC (Changing host) dj_goku has joined #arpnetworks | [20:35] | |
| ↑back Search ←Prev date Next date→ Show only urls | (Click on time to select a line by its url) |