company got a weird email today from who they suspect is a competitor thats been trying to fuck us over for awhile. i dont really give a shit but they asked if there was a way to trace the email back to an IP or something. i have the header information but it was sent from a fake yahoo account. dont know if the header information kicks out the IP from the computer it was sent from, or just the yahoo servers it was sent from

here is the header info

   Return-Path: <kevorkdiaz@yahoo.com>
  Delivery-Date: Mon, 07 Jul 2008 14:08:23 -0400
  Received: from mxw02.daemonmail.net (mxw02.daemonmail.net [216.104.161.12])
              by mx.perfora.net (node=mxus1) with ESMTP (Nemesis)
              id 0MKoXI-1KFv8L3cRV-0004BA for ; Mon, 07 Jul 2008 14:08:23 -0400
  Received: from localhost (localhost [127.0.0.1])
              by mxw02.daemonmail.net (Postfix) with ESMTP id 7AB41619F1F
              for <webdirector@bekelian.com>; Mon,  7 Jul 2008 11:08:16 -0700 (PDT)
  X-Virus-Scanned: Debian amavisd-new at mxw02.daemonmail.net
  X-Spam-Score: -2.598
  X-Spam-Level:
  X-Spam-Status: No, score=-2.598 tagged_above=-20 required=10
              tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001]
  Received: from mxw02.daemonmail.net ([127.0.0.1])
              by localhost (mxw02.daemonmail.net.daemonmail.net [127.0.0.1]) (amavisd-new, port 10024)
              with ESMTP id E6IU4-Ek+G1p for <webdirector@bekelian.com>;
              Mon,  7 Jul 2008 11:08:14 -0700 (PDT)
  Received: from n5a.bullet.mail.ac4.yahoo.com (n5a.bullet.mail.ac4.yahoo.com [76.13.13.68])
              by mxw02.daemonmail.net (Postfix) with SMTP id 03A2B619E23
              for <webdirector@bekelian.com>; Mon,  7 Jul 2008 11:08:08 -0700 (PDT)
  Received: from [76.13.13.26] by n5.bullet.mail.ac4.yahoo.com with NNFMP; 07 Jul 2008 10:01:32 -0000
  Received: from [76.13.10.166] by t3.bullet.mail.ac4.yahoo.com with NNFMP; 07 Jul 2008 18:08:09 -0000
  Received: from [127.0.0.1] by omp107.mail.ac4.yahoo.com with NNFMP; 07 Jul 2008 18:08:09 -0000
  X-Yahoo-Newman-Property: ymail-3
  X-Yahoo-Newman-Id:
  Received: (qmail 54238 invoked by uid 60001); 7 Jul 2008 18:08:08 -0000
  DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
    s=s1024; d=yahoo.com;
    h=Received:X-Mailer:Date:From:Subject:To:MIME-Version:Content-Type:Message-ID;
    b=vorjaBJb6B2QcyDnAbn2M0sFUmq20Td9lGzjSjEVVAouPt4CS8lfMI4lNdbEvi2Puf+XwlNJArqwxvrc7rj3ceOHVH5TLBiD4zsmTpMSkBYToBiQSfPyJkfl5Cf8T2qGel38pz+HpJtyHFTHoPZdLqkJgaMC5PSguIc9Qx7l6Y8=;
  Received: from [24.251.157.171] by web59606.mail.ac4.yahoo.com via HTTP; Mon, 07 Jul 2008 11:08:08 PDT
  X-Mailer: YahooMailRC/1042.33 YahooMailWebService/0.7.199
  Date: Mon, 7 Jul 2008 11:08:08 -0700 (PDT)
  From: Kevork Diaz <kevorkdiaz@yahoo.com>
  Subject: Hello Abe
  To:
  MIME-Version: 1.0
  Content-Type: multipart/alternative; boundary="0-515463560-1215454088=:52539"
  Message-ID: <754756.52539.qm@web59606.mail.ac4.yahoo.com>
  Envelope-To: 

whelp, did a few tests and compared headers. turns out this is the IP address for the computer it was coming from in case someone else has this problem in the future

Received: from [24.251.157.171] by web59606.mail.ac4.yahoo.com via HTTP; Mon, 07 Jul 2008 11:08:08 PDT

Wow, nice. So, from that are you able to see where it came from? Like, is it registered to a particular ISP or something? I wonder if you can do anything knowing where it came from.

i went to to get the location of where the IP is coming from. of the 2 possible people this email could have been sent from (the way the email address name is, its a narrow number of people) they both live on opposite sides of the city. got the approx location for the IP, so now we know who did it

lol, it says i live in beachwood. that is about a 40 minute drive from here. i would have thought that it would find the first hop station up the street instead…

i used another when i was at work (cant find the link) but it pinpointed his exact address. pulled it up on google maps and it matches the photos he showed us awhile ago of his house. my IP at work though shows me as being in North Dakota…no idea why though.

No related posts.

I use OpenDNS, Comodo Firewall pro, DD-WRT V24, and I have DSL broadband. For some reason the website will not load on any of my computers in any browser (IE7, Opera 9.5, FF3) I turned off the Firewall, hunted through my router for any setting it might be (I just reflashed it), I tried TOR and several proxies (in country and out), nothing works.

This is the error Privoxy returns:

No such domain

Your request for could not be fulfilled, because the domain name could not be resolved.
This is often a temporary failure, so you might just .

Is it something with the DNS? I’m confused. It is probably something stupid, I have a feeling I am going to make a fool of myself.
NVM, I just made an idiot of myself, it was the freaking DNS. I added the ISP’s servers to the OpenDNS list and now it works. I knew it should have been the DNS if it wasn’t resolving.
And for future reference we do not help with illegal activites

No related posts.

My question is, how do I find the computer name/ip address of the computer?
Is it the IPv6 address in ipconfig?

that’s your address as it’s visible to the outside.
Does that change each time I reboot my computer or router?
Cable internet doesn’t use static IP addresses anymore, right?

it’s not static but mine hasn’t changed in a while (but it could without warning)

if you need to be sure, use this

Some routers come with built in updating of the Dynamic DNS entry. Don’t know how well it works though.

On the other hand, mine changes about once a year.
You’ll also need to tell the router to redirect incoming traffic on the RDP port (I don’t know the number) to the internal IP address of the computer you want to connect to.

The better option, though, is to use a router with a built-in VPN.

Port 3389

nice lookin’ out
forward port 3389 to your internal ip address of your computer
set up dyndns.com
most modern router will have dynamic dns settings for popular services such as dyndns.com…..my 5 yo linksys router does
set up remote desktop on your computer
done

forget that. disable windows firewall and set your computer to DMZ on the the router!!

jk. don’t do that.

While he’s at it, he should disable NAT and turn off the router’s firewall too. Firewalls only degrade connection speed anyway.

No related posts.

So, I’m working for an organization part-time…and we have recently been getting help desk calls about e-mails being bounced back, and being classified as undeliverable. There was recently a large amount of spam being sent from our domain, and I believe this has caused our domain to become blacklisted on places like Hotmail, Yahoo, Comcast, etc…etc. There are probably 10 or 15 different e-mail providers that are bouncing our messages back.

Our Sys Admin should be doing something about this, but he recently just quit…so our server guys have been overloaded with work (Trying to push out AD)

I was just wondering if there is something that can be done about this, rather than having to contact every provider individually to try and get them to unblock us…because we are a legit institution!
verify your MX is OK (domain trail in headers resolves and matches domain in "From:")
Check with blocking services and ask them to re-review your domain

blocking services, as in, spam filters?

You will have to excuse my ignorance in this subject matter..
Our company had the same problem. You (or someone) will have to call those ISPs and request to be removed from their blacklists.
Get yourself a PTR record in your DNS setup while you’re at it.

shitty story
I ran a test from mxtoolbox and found that our domain is not blacklisted by any global blacklists.

Looks like just ISP blacklists.

No related posts.

My Internet has been acting up lately — just a series of kicking me on and off. When I do get on, I seem to be capped at like 10kb/s whenever I try to download anything. I tried diagnosing it on Vista and it gives me the same error every time: Windows cannot configure your DNS or something along those lines. I’m currently using time warner cable. Had a technician come to my place two times now to check up on my router/modem signal, and both are ok. My house mates all connect to the web fine. I also checked my network adapter and thats working fine as well. AVG, Spybot, RougeRemover, System Restore, flushdns, static config… tried all of that shit. Any ideas what the problem might be?

No related posts.

X-POP-User: lfindlay000.centurytel.net
X-Envelope-From:
Return-Path: <>
Received: from D1R99811 (72-161-234-79.dyn.centurytel.net [72.161.234.79])
by mail960c35.nsolutionszone.com (8.13.6.20060614/8.13.1) with SMTP id m6V04ULW007741
for <>; Thu, 31 Jul 2008 00:04:34 GMT
From: "Linda Findlay" <>
To: "Lilia Guzman" <>

Subject: RE: Sales Tax
Date: Wed, 30 Jul 2008 19:04:36 -0500
Message-ID: <>
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="—-=_NextPart_000_002E_01C8F277.1BD4F3B0"
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook IMO, Build 9.0.6604 (9.0.2911.0)
Importance: Normal
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3198
X-MS-TNEF-Correlator: <>
In-Reply-To: <>

Reporting-MTA: dns; mail960c35.nsolutionszone.com
Arrival-Date: Thu, 31 Jul 2008 00:04:34 GMT
Final-Recipient: RFC822;
Action: delayed
Status: 4.7.0
Diagnostic-Code: SMTP; 403 4.7.0 TLS handshake failed.
Last-Attempt-Date: Thu, 31 Jul 2008 08:02:07 GMT
Will-Retry-Until: Tue, 5 Aug 2008 00:04:34 GMT

Thanks.

You running exchange? If so do you have a SSL cert on the SMTP server.
Exchange Server? In Exchange System Manager, go down to the server/protocols/SMTP and right click probably default SMTP protocol and click properties. CLick the access tab, and the Authentication button. Make sure Require TLS encryption is turned off.
Sorry guys, forgot to mention it is infact Windows Small Business Server 2003.

Require TLS is off. What is checked is Anonymous Access, Resolve anonymous e-mail, and Integrated Windows Authentication

Could it be the Resolve anonymous e-mail being checked thats causing the issue?
No – don’t think so. BSR was on the right track – you could be advertising to the world you accept TLS if you assigned the SSL cert to the SMTP server (used for OWA).

Assuming this is you:

250-mail.dauntlessmolds.com Hello [68.179.23.209]
250-TURN
250-SIZE
250-ETRN
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-8bitmime
250-BINARYMIME
250-CHUNKING
250-VRFY
250-TLS
250-STARTTLS
250-X-EXPS GSSAPI NTLM
250-AUTH GSSAPI NTLM
250-X-LINK2STATE
250-XEXCH50
250 OK

That would indicate you do allow TLS.
We allow tls, I believe we had another vendor sending mail through Sprint who couldnt send when we had it enabled.

No related posts.

OS X: no thank you.

you don’t say?
haha whatever, half the ISPs out there havn’t patched yet
OS X Server sucks. Everyone knows this. Its a niche product, and you shouldn’t rely on it unless you have a really good reason.

Fortunately there is Linux. Or Solaris.

The desktop OS has 1% of the problems of Windows. I know that burns, but its true. Which is why you recommend OS X to people.

B b b ut you have a COMPLEX over that fact! OH NOES!

my win-based dns server was patched, negro. good thing i wasn’t using os x!

Yes. Because noone says that Mac OS X Server ‘Just Works.’

In fact, it JUST SUCKS.

But its not the same product as the desktop OS, is it?
yawn. who cares? who uses OSX server anyway, especially for running something like DNS? and don’t you all realize that this kind of shit is a constant for Winders and has been for years? Windows is a server OS that gets used quite often, yet i’m certain that it has tons of gaping holes just waiting to be exploited right now. shit, that’s why every install of Windows, both desktop and server, needs tons of 3rd party software to help plug the security holes. you need personal firewalls and all kinds of virus/adware/spyware/malware scanners to keep Windows alive and well. oh, and now you’ve found one real flaw for a barely used version of OSX for a job that no one in their right mind would use OSX for? good job.
Apparently the patched BIND isn’t stable on OS X Server, so they’re sort of stuck for the moment.
This is just the Apple attitude towards security on all of their products and YOU ALL KNOW IT.
Name another instance of this happening, and you might have an argument.

You got starry eyes, my friend.

According to secunia: still not fixed

I believe I’ve lost the blog post where the hacker (who discovered this flaw iirc) discussed Apple’s attitude to security on the whole, and they are useless to sum-up.
There’s also an unpatched flaw with ARD agent that allows arbitrary code to execute as root without authentication. Apparently, Apple has known about it for over a year without releasing a patch.

that’s the flaw that trojan exploits.

apple has not got security right.

but at least they look purdy
(for rape)

Haha. They’ve known about it for 4 years.

I forgot the old thread we had about this that got derailed & locked. (actually I remembered it, but I can’t search the forums since I have no sub. However, Firefox 3’s amazing history search came to the rescue)

Satisfied with your ‘other instance’ Peyomp?

If not, I would say to you 1. you are a careless dumbass as bad as apple and 2. google apple opener. It shouldn’t come to that.

Stay safe.

mac-hacking: just works.
i’d just like to see examples of Mac’s getting compromised. i’m sure every single person here has anecdotal evidence of Windows PCs being wrecked by adware, spyware, viruses, trojans and the like. Now, Apple computers are getting to the point where most of us should know a few people who are running OSX. Let’s hear the actual evidence of people getting their OSX computers fucked up due to any sort of malware. so far all you have posted is hypothetical, possible, someone could, maybe, might hack a vulnerable mac and thus used that to claim that OSX is insecure.

how about this? how about one of you finds a few examples of compromised systems? you can use the internet to find some anecdotal info. go ahead.

i’ll start. it isn’t completely current, but it is recent enough… your turn.

You’re a system admin. You know that the bridge from possible to actual is just effort and ambition. Proof-of-concept is absolutely enough.

Would you feel better if I used the ARD exploit to run a "Hello World" app on all the Macs on my campus? How about I add a dozen lines of code that send an email to an address. How about I have them all send a thousand emails to an address? Maybe I download some plist files and fuck up all the program settings?
Its not "if." Its when.

it’s been around for a year. when?

proof of concept isn’t enough when you can compare it to the real world of Windows.

People have gone into Apple stores and wrecked havoc on their insecure machines. (some Apple stores have manually fixed one or two of the, er, zero days)

I can tell you: If Apple doesn’t get their act together OS X, sir, will be fucked. The introduction of the iPhone could be OS X’s downfall, or Apple’s. Because they are fooking useless.

If Mozilla had this attitude it would be the same situation for them. It’s not about market share numbers (they come into target appeal obviously), it will ultimately come down to the attitude and the CARE. And it looks like OS X is doomed.

Apple have a lot of work to do, but further, they have to get their priorities right.

Proof of concept is a good indication of what would or could happen if OS X ever had the target appeal of Windows.

hmm… this sounds MUCH worse than that DNS problem. it is a Vista vulnerability that theoretically can’t be fixed because it is inherent to the architecture of Vista.

I heard the day it was patched. What’s your point lol?

As for Windows. I would never have called Microsoft security minded, but the last few years I feel they’re fighting back (often at the user’s expense). Not that I use it or follow it much.

I know one thing: and that is that the number one thing about a product being secure isn’t even market-share, it is effort and care. Firefox has about a quarter the market-share of IE or more. You do not want to see the day that OS X has a quarter of the market share of Windows. If Apple weren’t to change how they treat security issues, they would probably be sued for negligence 157 times.
The point is that you guys were grilling them for not patching it, and they finally did. Which is somewhat relevant to the discussion, isn’t t?

Yeah.

And the point of the article is: they were significantly slower than everything else.

But mostly, what you will have learned, is that apple sucks with regards to keeping users safe.

/thread, just let the thread die, it’ll hurt less and you can go on to pimping OS X up as easy & highly-commend apple in just a little while.

actually, that wasn’t what i got out of this thread. what i got out of it was that a bunch of ignorant people harped about Apple not patching a rarely used feature of their rarely used OS… how many companies do you think are out there using OSX server as their DNS server? i’m sure the 5 people who do it in the entire world had some sort of workaround.

there are fanboys and haters, both sides are equally ignorant. then there are experienced users who are open minded and that’s what peyomp seems like. then there are the devil’s advocates who have no loyalties to any company and who just can’t stand the ignoramuses who find one completely retarded, meaningless thing such as a lack of a DNS server patch for OSX server and think that it means anything.

The problem isn’t that I’m pimping Apple. I would never use OS X Server. The problem is that you can’t tell the difference between two distinct products, and have an axe to grind.

Apples are ROTTEN. Therefore the oranges must suck too. Brilliant. Makes me want to use Ubuntu as my desktop. Oh wait, it doesn’t.
Did we not discuss another OS X exploit and Apple’s attitude to it?
ARD agent ring any bells?

The DNS patch is one instance typical of Apple. That is why the ARD agent flaw was brought up.

Typical. Except that they patched it in the end god love their effort
OS X. OS X Server. Explain the difference for us. You are unable to distinguish.

You point out problems with OS X Server, then trash OS X. Its not a logical argument, and is instead quite lame. Rather than being persuasive, you just come off like you have an axe to grind.

DNS Flaw on Server.
ARD Agent flaw on Desktop.

I don’t give a fuck about OS X and OS X Server: they are both Apple and they won’t keep their users safe.

Let it go.
zOMG an exploit! OH NO what terrible OSes. You sound like you started reading security lists yesterday.

You sound like the head of Apple security

I cannot provide a greater insult wrt security. If you think of one do let me know.

Microsoft security in the 1990s? Maybe.

Privilege escalation is bad shit and should be fixed. Permission warnings to system logger should be understood and tackled if needs be. It’s been over 4 years and Apple have done nothing at all.

This is not good form. If you think it is.

Fuck I don’t read security lists. But if you could find a similar flaw that has been reported repeatedly to Ubuntu, Firefox, and other on-the-up software, and dealt with in such an unprofessional manner (operates ok? that just about sums it up for Apple) for over 4 years, with such dangerous exploits in the wild for how many months?, well then Apple has some friends at the bottom of the pile.

But there there is the fact that this isn’t even the exception for them.

You mac-heads are hard to talk to. This conversation is over. Apple security, you have the facts.

You don’t have much perspective on this. Its really not that big a deal. You KIDS are hard to talk to. You don’t have enough experience to contextualize.
Who the fuck uses apple desktops? I remember those things… there were 4 of them in the corner of my schools computer labs… segregated away from the 100 or so "normal" computers.

They always seemed lonely, so one day I went to use one… that lasted about 5 minutes.

It’s been probably 6 months since I have seen an apple computer… and I work as a software engineer and go to a tech school, well used to I recently graduated.
Who uses Apple desktops? Try… the top engineers at all the most exciting companies? Anyone building anything NEW and exciting? But yeah, not people like you.

hmm… so you spent 5 minutes with it and decided what? 5 minutes with something as involved as a computer OS really tells you nothing other than the fact that it is different.

apple is making more and more inroads to the technical communities every day. 2 years ago i didn’t know any of my peers who were using OSX. now, i know about 5. i also know 3 more people who use OSX, but 2 are design people and the third is someone’s parents. traditionally, i don’t think software engineering was apple’s target market.

LOL.

NO, Peyomp IS DEFO NO FANBOY!

"Anyone building anything NEW and exciting" uses Macs

Apple market share is minute and varies wildly from place to place. It is no surprise that some of you SEE PEOPLE WITH MACS EVERYDAY and some of you HAVEN’T SEEN A MAC IN SIX YEARS. These experiences don’t tell us anything new.

Of course, the 2% of computers users that use Macs are the top of the top, in everything they do.
I’m a fanboy… but you’re the one ranting and raving?

I’m pretty unemotional about my Mac. It is the best *nix notebook available, so its a no brainer that I own one. I would never use OS X Server, as it sucks. I’ve never had security issues with my Mac.

Meanwhile you’re name is piratepenguin… but I’m the fanboy?

No related posts.

If you want to keep it, I’d turn it into a Mini-ITX box.

Do you mean hard to source or physically hard ot get to? It looks like it uses ATA/33 drives or ultrawide SCSI which aren’t that hard to find. It also has USB ports and a PCI slot to add an SATA card.

Slow proc like deusex said, but it’s not a workstation it’s an appliance.

Yeah, it’d be sad slow if you used the HW that’s inside, even for a base linux build . FreeNAS would even choke.

I have a Raq box I keep in my closet that I use for DNS

lol
if its not doing anything right now just throw it away. Something compatible can be bought for less than 100$ and would save electricity and heating costs.
I still think it would make a good Mini-ITX box. No reason to throw out a perfectly good case, one which looks better than most no less.
I think I am going to try a mini-computer/sleeper setup (i.e. a little box that packs a punch in the performance dept.)

We’ll see just how much I can cram into it. I got this thing from my job…the old tech bought it, and I was told he had it hooked up for all of a month, then he just put it in his closet, and there it sat.

I couldn’t find any CDs or documentation at the office, but later downloaded these things.

I just popped the top on it and it has 128MB RAM, and 2 HDs in it…dunno what size yet. Raid setup, perhaps? I’m not sure if it came with this, or if he upgraded it.

It is the Professional Edition, if that means anything. I’m still researching.

Now, my only thing with the mini-itx boards is this…

See that board? Notice the VGA and other various connectors? Well, the case is not made for those, so how in the heck am I supposed to find a board for this thing?
Get out the dremel and get to modding. It probably has a non-standard board in it (along with non-standard mounting points).

No related posts.

So, if I build out the infrastructure myself… I’ll end up paying for server I am only going to use for a very small part of the time. On the other hand… EC2 is only $0.10-$0.30 an hour for a server. So at my slowest times, I’m only paying $72-$216 a month for a server… which is pretty trivial for a pay service.

There are some other costs associated with data transfer, but for what I’m doing they don’t amount to much.

Basically, Amazon EC2 lets us:

1) Use SimpleDB so that all new instances can access the model and I don’t have to worry about scaling MySQL or another DB. Headache gone. Our app barely hits the DB, but what data is there does need to be shared by all instances.

2) Use Amazon’s queue to serve work. Right now I use an InnoDB table as a queue. Amazon’s queue will do this for me, across many boxen. Another headache gone.

3) Use S3 to serve media. Why not? Its the same price as EC2 for data xfer, xfer between EC2 and S3 is free, and if you put a cache of work you’ve done in SimpleDB then all instances can share S3 and not do the same work twice.

4) Run one $0.30 an hour box all the time, and instantiate new boxes as load increases. Add then to round-robin DNS as they come up.

This way the architecture is completely horizontal, and it all faces Amazon’s cloud. So long as their cloud stays up… the app will scale to hell and back. For minimal cost.
good stuff. i have a couple of beta apps up on an EC2 instance, but i’m not completely sold on the SimpleDB though. I trust my dbms scaling over that from what I understand
I agree and if our use of the DB wasn’t trivial, I wouldn’t even consider it. I’ve been told that ‘Basically noone uses SimpleDB.’ But since we’re pretty light on the DB… its nice not to worry about a high available/high performance/scalable DB, huh? I was going to have to spend a lot of time on HA MySQL. The key is that all we really do that needs to be shared is log events, then count them later to make sure we don’t repeat one kind of message too many times. Ideal use of SimpleDB.

The minute I need to start worrying about HA mysql or postgre, I’ll probably be raking in enough $$$ from said app to afford it
Well thats the bad part – I would have to build out an HA DB… and then we might not need it. Because I have to guarantee a certain amount of uptime and capacity, but its not automatic it will get used.

So yeah, commodity HA distributed DB is the tits.

No related posts.