Monday, 14 April 2008

Be a good sysadmin, check your log messages...

You might know the feeling of never be able to check your system/web/mail/ftp log messages, due the lack of time. I do have to guarantee it will cause problems, so better do it yourself or have someone do it for you ;-).

I do know this does not apply to you as you are always checking/analyzing your logs, running a fully tested and updated system and read every changelog/readme on any expected problem. But still as a piece of advice five reasons to do read your logs. Trust me if you have not been there, you might will be one day if your do not know the risks, I have visited all paths unfortunately (great learning experience how-ever ;-))

  1. Your machine resources might run out unnoticed You will get called in the middle of night cause your
    /var or /tmp
    ran out of space, causing the machine to halt

  2. Resources will not be sufficient anymore: Users tend to run as must software/services on the machine if possible draining your network, memory and cpu power and some day you are left with a ssh session will be a slow as your few baud terminal you used to have ages ago

  3. >System might be abused Not checking the log messages most likely also means not checking whether every piece of software/script is up2date. You do want your forgotten outdated phpBB forum test instance to be abused by link/email spammers, do you?

  4. Your fully automated scripts are missing some crucial bits and pieces: Written down in a debug log message, but never ever checked. Doing a backup one a night, but excluding a number of file, due some tag was set wrongly

  5. Missing deprecated warnings of updated software and wonders why the software breaks down real bad after upgrading a few releases.

Wednesday, 9 April 2008

Inventation spam...

I hereby introduce to you the latest type of spam "Inventation spam", using a ics file. And I thought I have had seen all ;-)

Monday, 7 April 2008

Identifying and fighting scammers...

Scamming is one of the not so nice things of the internet. Scamming is said to be mistreating persons in order to get better. One of the worst things about it, is the fact that some people seems to be proud of doing this kind of internet fraud. Take a look at one of the popular WoW forums, they have dedicated separate sections to it over here (required login).

It's just like spam, there will also need to be some good guys to fight them. Which comes with counter examples to keep the spammers thinking ;-). This simple steps guide will give you a start, but be-are it is not perfect and the scammers are reading as well ;-).

Step 1 - Recognize: We need to make sure to detect them, which could be rather trivial cause they tend to have the same tricks. Fast responding AIM chats (fully focused on the victim), bidding (way) higher then all others and tend to raise there offer really soon (they not gonna pay any way), not responding your questions or being vague with personal details (do not want to get caught), using anonymous channels like AIM (MSN, Skype, GoogleTalk, IRC), phone and others (again, better save then sorry). Flashy natural names and easy adoption of your language style and many others thing (gain your trust).
If you spot this kind of behaviour be warned!

Step 2 - Identify: Get to know your scammer 'victim' and collect his private date, if his still (tries to) rip you off you have some data which you could send to your local
police station. In order to do so you will need to know the following details: email, real name, phone, bank details, ip and we need to verify them. Email, send an email to his box with a secret number, and have him to reply to it, make sure he is using an email account which could be tracked and not a disposable one, like Hotmail, gmail and all others. Send $1 like amount to his bank account, again with a secret number in the comment and have him report the number back to you. Send a SMS to his mobile phone with (how boring) again a secret number. Get a person living close by to (secretly) check his address. Match his IP address to his hometown using sites like Get him on the webcam and make screen shots of the person. Setup and use remote services like to watch them while doing the transactions and other stuff. Have him to write something (like his name and the date) down, scan, and send it to you (in front of the webcam).
And always keep a copy of all log messages, emails, photo's, screen captures and more.

Step 3 - Deal: Suggest using a middleman which talk it will be to transfer goods and money safely. Have him to sign/reply to a message (and if possible get a autograph) stating this is not a scam/rip off of any kind and notice the goods and amount of money in here. Print and scanned version should be fine as well.
Always remember that you could request a bank to cancel the transfer while ongoing, screen shots and web pages could be crafted or altered, email,postal could be faked, electronic money transfer screens hot be faked. Packages could contain other stuff (like bricks) then requested (open them on delivery).

Step 4 - Scammed :-(: Hopefully you will never reach this step, but if so make sure to file your attempt at your local police station. It might seems stupid of you, but do remember they are they ones makes the faults. A little bit of good faith make this world livable. With all the evidence you collected you will make a good change of catching this scammer.
When the scammer contacts you (or gets back to your), try to be nice and friendly and just act as of the deal went just fine (trust me, it will work the best). Just give him a few compliments and gracefully start asking more personal questions. Like forums he is visiting, favorite music and such, just keep him connected. Meanwhile start monitoring and validating what he is telling and ask him to visit a few websites or post a comment/review somewhere. Get as much data out him as possible.

When done, post your story -slightly less obfuscated of course, so no revealing of any personal data of both sides as it might be a fake identity and you are blaming the innocent wrong person- on a few forums and blogs to make sure your story is read/heard) and people will learn from your mistakes, turning the bad move into something useful. Do NOT visit a house by your own, always bring police protection or something else, as it might cause dangerous situations.

As a last note just check out what popular sites has to say about save trading like , and for all the dutch readers and

Tuesday, 1 April 2008

Fighting spam...

I have to reveal something I love spam, the more the better ;-) Spammers feel free to email at instead annoying others.

5 reasons I like spam:

  1. I am a active user of Spamassassin and always like to improve the service

  2. It it is quite a technical 'fun' game of the spammers against the spam fighters

  3. Spam is a great way of stress testing my email servers and email software

  4. Spam allows me to maintain and build large email clusters, to be able to fight the spam

  5. I have to admit, some spam messages are actually really funny written :-)