Someone on a local comcast.net machine:

$ traceroute 75.72.0.20
traceroute to 75.72.0.20 (75.72.0.20), 64 hops max, 40 byte packets
...
11  te-0-3-0-5-ar01.roseville.mn.minn.comcast.net (68.86.91.186)  38.256 ms  49.556 ms  49.310 ms
12  te-0-1-0-0-ar01.crosstown.mn.minn.comcast.net (68.87.174.218)  72.147 ms  66.879 ms  73.369 ms
13  te-8-1-ur02.pillsbury.mn.minn.comcast.net (68.86.232.86)  70.672 ms  73.403 ms  75.239 ms
14  ge-4-1-0-ten01.pillsbury.mn.minn.comcast.net (68.85.164.206)  78.400 ms  76.518 ms  72.266 ms
15  c-75-72-0-20.hsd1.mn.comcast.net (75.72.0.20)  75.868 ms  80.111 ms  86.035 ms

Is attempting to use an old Microsoft FrontPage remote administration tool exploit to cause a buffer overflow and gain access to my server. This is what it looks like in the Apache log file:

0\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\
x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x9
0\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90" 414 546 "-" "-"
75.72.0.20 - - [29/Mar/2010:15:15:47 -0500] "GET / HTTP/1.0" 200 11988 "-" "-"
75.72.0.20 - - [29/Mar/2010:15:16:18 -0500] "POST /_vti_bin/_vti_aut/fp30reg.dll HTTP/1.1" 404 20680 "-" "-"

This is a known problem and it would be considerably more annoying if I were running FrontPage and/or IIS. All it does on my machine is dump my Apache processes and drive my systems loads through the roof.Effectively a DOS attack.

One of the canonical remedies simply redirects the requests to microsoft.com:

<IfModule mod_rewrite.c>
RedirectMatch permanent (.*)cmd.exe(.*)$ http://www.microsoft.com/
RedirectMatch permanent (.*)root.exe(.*)$ http://www.microsoft.com/
RedirectMatch permanent (.*)\/_vti_bin\/(.*)$ http://www.microsoft.com/
RedirectMatch permanent (.*)\/scripts\/\.\.(.*)$ http://www.microsoft.com/
RedirectMatch permanent (.*)\/_mem_bin\/(.*)$ http://www.microsoft.com/
RedirectMatch permanent (.*)\/msadc\/(.*)$ http://www.microsoft.com/
RedirectMatch permanent (.*)\/MSADC\/(.*)$ http://www.microsoft.com/
RedirectMatch permanent (.*)\/c\/winnt\/(.*)$ http://www.microsoft.com/
RedirectMatch permanent (.*)\/d\/winnt\/(.*)$ http://www.microsoft.com/
RedirectMatch permanent (.*)\/x90\/(.*)$ http://www.microsoft.com/
</IfModule>

There is humor in this, though the right thing to do would be a redirect to a local 404.html file. This should effectively stop the propagation of the exploit.

(See also: linuxquestions.com: security)

Tariq Krim, former Netvibes CEO, will launch a Linux-based OS for Netbooks in 2009 called Jolicloud.

Though it appears based on the UBUNTU Netbook Remix, Jolicloud looks nice and should be a light-weight alternative to Netbooks running Windows XP/Vista/7 or other LINUX distributions. HP offers a locked down LINUX version on their Netbooks called MI. HP/MI looks good but sanitized to the point it is unusable. Hopefully Jolicloud will at the very least allow shell access.

What I really need is a faster OS on the Nokia N810. I wonder if Jolicloud will scale to that platform?

(See also: www.jolicloud.com)
(See also: Flickr: Jolicloud)

This evening I upgraded to WordPress version 2.5. Installation was quite straightforward, though I wouldn’t have wanted to explain it over the phone to my Mom. I like the new administration interface, but I liked the Tiger skin. Installed and enabled caching. All my custom code seems to work as expected.

I ran into this error uploading images for current posts:

Fatal error: Call to undefined function: wp_constrain_dimensions() in /var/www/htdocs/wp-admin/includes/image.php on line 173

Until I realized I had not installed ALL of the 2.5 upgrade set. I did the folder dance, but had not installed the ‘wp-??*.php’ files that appear at the root directory of the WP server. Once I did this, the problem was solved.

Interested in exploring the built-in gallery function. I hope to use it to upload a collection of photos from the Next Web Conference in Amsterdam, NL.

Still something funky with WP2.5 and this skin on the article view. Any ideas?

(See also: Three step upgrade.)

In case you don’t have a phalanx of LINUX servers in your basement, or perhaps if you do, here is a well-organized UNIX guide to get you up to speed. I really enjoy the care and precision of collections like this. This is revision 11. Checkout the PDF and booklet versions cited below.

As an aside, even more fun is to be had in the pseudo-shell available at the root directory of this site. Try a few commands like: ‘weather’, and ‘whereami’. (pseudo-shell)

Efforts like this inspire me to start one for bioinformatics tools, BLAST, et alia.

(See also: UNIX Toolbox: xHTML)
(See also: UNIX Toolbox PDF)
(See also: UNIX Toolbox: PDF booklet)

I’ve created a brief cookbook for applying Daylight Savings Time patches for LINUX boxes where patches are not generally available or have failed for some other reason. This example is on a OpenSuSE 10.0 system in CST6CDT where Yast attempts to apply the timezone patch failed.

This document is attached as a PDF since some of the required formatting induced a series of WordPress errors. As this information is time sensitive, I’ve posted this process in the most expedient method.

Thank you to Peter Fleck for requiring me to collect this process in some meaningful way.

Your mileage may vary. Proceed with care.