Ben Tasker's Blog

My Own Little HeartBleed Headache

When the HeartBleed bug was unveiled, I checked all of my servers to see whether they were running vulnerable versions. They weren't, but once the patched versions were released it seemed a good juncture to test and roll out the update to one server.

What followed was something of a headache, initially with all the markings of a serious compromise.

Having now identified and resolved the root cause, I thought I'd write a post about it so that others seeing similar behaviour can get something of a headstart.

In response to threats such as CDorked, I run PHP Changed Binaries on all my servers, so any file in PATH is checked (daily) for changes, based on a cryptographic checksum. If any changes are detected, an alert is raised so that I can investigate the cause of the change.

The day after I updated OpenSSL, I started receiving alerts for a wide variety of files (I'd updated hashes following the update of OpenSSL)

Read more...

Falling Out Of Love With Siteground

In the past, I've really rated Siteground Hosting very highly, and recommended them to anyone asking about US Based dedicated servers (Heart would be my first choice for UK Based Dedicated Servers or VPS). Unfortunately experience has worn me down.

To be clear, I'm not, and never have been, a Siteground customer. However, some of the people I do some work for are, so I occasionally have to escalate things to Siteground, or step in when Siteground have asked their customer to take some action.

I've been quietly sitting on some of these frustrations for a little while, but in the last week some have been added, tipping the balance in my mind.

Read more...

NTPD Refusing to accept time from GPSD

One of the (minor) drawbacks of the Raspberry Pi is the lack of a hardware clock. Normally, you'd work around this by configuring a good pool of NTP servers to connect to. What do you do though, if you can't guarantee there will be an Internet connection available when needed?

The solution is obvious, so obvious that many have already done it - use the time provided by a cheap GPS dongle. The gpsd daemon helpfully pushes the time to Shared Memory Segments (SHM) so it's a simple adjustment to the NTP configuration file to have NTPD pull the time from the dongle.

Except, it seems on Raspbian, it isn't quite so simple. You've followed all the instructions (simple as they are) but are still seeing an entry like this

# ntpq -p
     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
SHM(0)          .GPS.            0 l    -   16    0    0.000    0.000   0.001

No matter what you try, reach stays at 0.

Frustrating, and there's very little to give you a guide. This post will tell you what the issue is, as well as how to go about finding it should it re-occur

Read more...

The Storm Ate my Broadband

Like many in the country, the storm has left me feeling somewhat isolated - that is to say my broadband is down. Don't get me wrong, I'm just glad the power is (mostly) back, and I'm far better off than some who've had their lives affected.

The simple fact, though, is that I have things I need to do, and not having a broadband connection really gets in the way of that.

Living where I do, there's precisely one place in the house that gets a 3G signal, unfortunately that place isn't particularly conducive to sitting comfortably. Whilst the Wifi hotspot functionality on my phone helps, the range isn't great enough to let me sit somewhere that I might be able to concentrate.

So, somewhat convoluted workaround needed;

Read more...