I am busy implementing a new protocol to be featured on the naughty list. After implementing a simple SMTP email server here at T3CHKOMMIE.com I noticed countless IP address probing for an “open relay” tying to exploit my SMTP server as a hop for malicious email. I am currently re-working the naughty list script to incorporate this traffic. You will see the protocol popping up here and there. Don’t pay too much attention as it wont be accurate until the back-end is in place. I hope to eventually intercept this rogue email messages and put up a naughty message list so we can all take a look at what these people are trying to communicate through poorly configured or compromised SMTP servers. FTP, SSH, and HTTP should all be working accurately and as expected.
There has been something that has been bothering me for a few years now and I figured I would post about it, since the deed has been done. For years, I have studied, practiced, and implemented security measures and I even turned it into a career! But T3CHKOMMIE.com was still providing its services in the clear (Over HTTP). After spending the better part of my weekend patching servers and upgrading code, I figured I would stand up my own Root Certificate Authority at T3CHKOMMIE.com and start hosting over HTTPS. This change now provides encryption and a significant improvement to your viewing security.
Hello fellow Kommies of the T3ch!
I want to apologize for the last several months of my gross negligence of Minecraft especially of my Windows 7 Gadget Craft-Control. T3CHKOMMIE.com is currently running the most up-to-date MC server 1.7.2 with a new fresh world/map to guarantee access to all of the new biomes in this release. The server can also be queried via the Craft-Control gadget for Windows 7 at t3chkommie.com on port 25566. Feel free to use our servers as a test server for your gadgets as well. (more…)
I have been a very big supporter and user of Ubuntu since I discovered Hardy Heron (8.04) and dual booted my MBP to unleash its full potential. I have also been a self proclaimed crusader of open source software and personal privacy. In the past few weeks I have noticed that, with its growing popularity, Canonical has started to play hardball with its image and “intellectual property”. (more…)
We’re Back! And not only is T3CHKOMMIE.com back online, it’s coming to you from the East Coast with nearly 15x more bandwidth! The photo is a picture of a thunderstorm passing bye. While on my trip across the USA, I visited family and very good friends. I noticed that many of them have not been able to keep in touch with me as much as they wanted (I 86’d Facebook many years ago). Many of them have even resorted to following T3CHKOMMIE.com for personal and life updates of yours truly. I created T3CHKOMMIE.com as a type of anonymous opensource play ground. I keep personal things… well, personal. (more…)
Just by way of Public Service Announcement, T3CHKOMMIE.com including all of its services will be going dark on the 28th of June and will not be expected to come back online until mid to end of July. We are in the process of moving back to the east coast and will be taking the servers with me. Feel free to check the Google cache if you need some scripts/documentation/help. We anticipate being back online before the end of the July. We also anticipate having much faster upload speeds to serve you T3CHKOMMIE.com content as fast as you can download it! Thank you again for visiting. We hope this humble little site has proved useful for you and that you come back and see us in a month or so!
It has been quite some time since my last post and today I feel compelled to spill the beans on some magic many in the business world abuse: Email.
I am sure you have seen or know someone in your office that abuses Email. Maybe it is the person that doesn’t proof read their Emails and has to send out a redaction Email a few minutes later explaining a typo, an attachment they never attached, or my favorite, getting day/month/year wrong of an upcoming event. (more…)
T3CHKOMMIE.com has implemented it’s “Naughty List”! The list should be visible on the right side of the site and scrolls through attempted attacks on our servers. The information is released to illustrate just how frequently bad people try bad things. We hope this will provide some entertainment while also encouraging others to be diligent in keeping their network assets, especially those facing the internet, safe and secure. We are working on building statistical analysis and graphs to represent the scrolling data in real time as well. Check the list frequently to get an idea of where typical attacks are coming from and what protocols they are going after! The List updates about every 30 min.
Looks like the Security Focus Team found something interesting again today. I am a huge fan of Wireshark. As a matter of fact, I will be doing a software review of it when my time and schedule permit. For now, just a little public service renouncement.
From what I can gather, it looks as if these older versions of Wireshark fail to handle an exception with a specific kind of packet. This poorly handled exception causes Wireshark to crash, thus the DOS attack. It appears that this attack only effects Wireshark itself, so this info is really only out there for the security/network/forensic minded. (more…)
The security feeds that I watch regularly posted a few interesting things about known vulnerabilties for WordPress. You should read the following link and click on the tabs about info exploits and fixes.
Security Focus for WordPress
From what I have been able to guess, if you are running WP version 3.5.1 or newer, you should be ok. It seems that the vulnerability lies in HTTP script injection that can allow an attacker to pivot from your website and attack your visitors! I noticed that 3.5.1 just came out today (or at least that is when I checked).
A snip from the broadcast: