Tuesday, December 22, 2015

black hat sites referrals december 2015


  1. lirunet.ru
  2. top1-seo-service.com
  3. fealq.com
  4. berlininsl.com
  5. scripted.com
  6. sims-sims.ru
  7. aftermarket.7zap.com

Friday, December 18, 2015

linux boot error alsa restore 1': No such file or directory


During system startup systemd-udev will print the following error messages:

[ 15.089778] systemd-udevd[683]: failed to execute '/usr/sbin/alsactl' '/usr/sbin/alsactl -E HOME=/var/run/alsa restore 0': No such file or directory
[ 15.090130] systemd-udevd[684]: failed to execute '/usr/sbin/alsactl' '/usr/sbin/alsactl -E HOME=/var/run/alsa restore 1': No such file or directory

alsactl is present:

$ which alsactl
/usr/sbin/alsactl


https://bugs.launchpad.net/ubuntu/+source/alsa-utils/+bug/1289730
http://alsa-project.org/main/index.php/Main_Page

Solution
run command
sudo gedit /lib/udev/rules.d/90-alsa-restore.rules

replace the text there with the text below
---------------------------------------------------

ACTION=="add", SUBSYSTEM=="sound", KERNEL=="controlC*", KERNELS!="card*", GOTO="alsa_restore_go"
GOTO="alsa_restore_end"

LABEL="alsa_restore_go"
TEST!="/var/lib/alsa/state-daemon.conf", RUN+="/usr/sbin/alsactl -E HOME=/var/run/alsa restore $attr{device/number}"
TEST=="/var/lib/alsa/state-daemon.conf", RUN+="/usr/sbin/alsactl -E HOME=/var/run/alsa nrestore $attr{device/number}"

LABEL="alsa_restore_end"

ACTION=="add", SUBSYSTEM=="sound", KERNEL=="controlC*", KERNELS!="card*", TEST=="/usr/share/alsa", TEST=="/var/run/alsa", GOTO="alsa_restore_go"
GOTO="alsa_restore_end"

LABEL="alsa_restore_go"
TEST!="/var/lib/alsa/state-daemon.conf", RUN+="/usr/sbin/alsactl -E HOME=/var/run/alsa restore $attr{device/number}"
TEST=="/var/lib/alsa/state-daemon.conf", RUN+="/usr/sbin/alsactl -E HOME=/var/run/alsa nrestore $attr{device/number}"

LABEL="alsa_restore_end"


Saturday, December 12, 2015

wordpress intrusion

A user with IP address 185.92.72.33 has been locked out from the signing in or using the password recovery form for the following reason: Exceeded the maximum number of login failures which is: 20. The last username they tried to sign in with was: 'xxxx'
User IP: 185.92.72.33
User hostname: h33-72.fcsrv.net
User location: Amsterdam, Netherlands

Thursday, December 3, 2015

Black hat sites december 2015

stt8eyaege.taipai2013.com
artistic-endeavors.org
posadka.oma.sk
burger-imperia.com
origin-my.ru
gta-club.ru
gta-top.ru
stairliftsfind.com

Thursday, October 15, 2015

spam DOMAIN SERVICE NOTICE

Attention: Important Notice , DOMAIN SERVICE NOTICE
Domain Name:  yoursite.com
from: Domain Notice
reply-to: Domain Notice
ATT: your name
yoursite.com
Response Requested By
- Oct. - 2015

PART I: REVIEW NOTICE

Attn: xxxx
 As a courtesy to domain name holders, we are sending you this notification for your business Domain name search engine registration. This letter is to inform you that it's time to send in your registration.
Failure to complete your Domain name search engine registration by the expiration date may result in cancellation of this offer making it difficult for your customers to locate you on the web.
Privatization allows the consumer a choice when registering. Search engine registration includes domain name search engine submission. Do not discard, this notice is not an invoice it is a courtesy reminder to register your domain name search engine listing so your customers can locate you on the web.
This Notice for: yoursite.com will expire at 11:59PM EST,  - Oct. - 2015 Act now!

Select Package:
http://www.websubmit.xyz/?domain=yoursite.com

Payment by Credit/Debit Card

Select the term using the link above by  - Oct. - 2015
http://yoursite.com














unsubscribe:
Please reply with UNSUBSCRIBE subject.

-----------------------------------------------------------------------------------------------------------------------
Disclaimer: The CAN-SPAM Act of 2003 (Controlling the Assault of Non-Solicited Pornography and Marketing Act) establishes requirements for those who send commercial email, spells out penalties for spammers and companies whose products are advertised in spam if they violate the law, and gives consumers the right to ask mailers to stop spamming them. The above mail is in accordance to the Can Spam act of 2003: There are no deceptive subject lines and is a manual process through our efforts on World Wide Web. If you send me an UNSUBSCRIBE email we ensure you will not receive any such mails.

Tuesday, September 15, 2015

ad server company based in singapore

guy calls up from 02228880803

gets my number from google he says. only way is from the whois. as not privacy  protection has become so costly . that spammers/marketing guys are getting users details from the domain registration.wants to sells his ads on my site


Saturday, September 12, 2015

suspicious programs and updates on linux mint

The Simple Protocol for Independent Computing Environments (SPICE) is a remote display system built for virtual environments which allows you to view a computing 'desktop' environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. This package contains the run-time libraries for any application that wishes to be a SPICE server.
This update contains 1 package:  libspice-server1
http://www.spice-space.org/download.html

 Spice Agent The Spice agent is an optional component for enhancing user experience and performing guest oriented management tasks. For example, the agent injects mouse position and state to the guest when using client mouse mode. In addition, it is used for configuration of the guest display settings.
spicec -h [-p ] [-s ] [options]
http://www.spice-space.org/docs/spice_user_manual.pdf













The FreeType project is a team of volunteers who develop free, portable and high-quality software solutions for digital typography. They specifically target embedded systems and focus on bringing small, efficient and ubiquitous products. The FreeType 2 library is their new software font engine. It has been designed to provide the following important features: * A universal and simple API to manage font files * Support for several font formats through loadable modules * High-quality anti-aliasing * High portability & performance Supported font formats include: * TrueType files (.ttf) and collections (.ttc) * Type 1 font files both in ASCII (.pfa) or binary (.pfb) format * Type 1 Multiple Master fonts. The FreeType 2 API also provides routines to manage design instances easily * Type 1 CID-keyed fonts * OpenType/CFF (.otf) fonts * CFF/Type 2 fonts * Adobe CEF fonts (.cef), used to embed fonts in SVG documents with the Adobe SVG viewer plugin. * Windows FNT/FON bitmap fonts This package contains the files needed to run programs that use the FreeType 2 library. Home Page: http://www.freetype.org/ Authors: David Turner   Robert Wilhelm Werner Lemberg .
This update contains 2 packages:  libfreetype6 libfreetype6:i386

Thursday, June 11, 2015

Gentoo Linux torrent

Install Gentoo Linux according to the Gentoo Handbook installation instructions. It is recommended to use the hardened stage 3 tarballs and hardened-sources kernel instead of the standard ones, but standard stage installations are also supported for SELinux. Perform a full installation to the point that the system is booted into a (primitive) Gentoo base installation.

 there no torrent download on gentoo.org?
https://www.gentoo.org/downloads/

What should I download? What do I do with these files? 
 Gentoo Handbook
If you are unsure what you need to download, please refer to the Gentoo Handbook for the complete installation documentation.

SELinux resources

quick introduction to SELinux helps to have a high-level idea behind the SELinux security subsystem. It covers the difference between discretionary and mandatory access control, the labeled approach that SELinux takes and how it is integrated in the Linux operating system.
For more in-depth information, please refer to the following resources.
Concepts
Type enforcementControlling accesses is done in most cases through a type-enforcement based approach
Role-based access controlEnsuring a least privilege approach on a Linux system using SELinux' RBAC model
User-based access controlEnsuring segregation of users, even when they run using the same domains and accessing the same types
Information flow controlLimiting information flow based on security clearance and sensitivities
Unconfined domainsWhen SELinux protections are not needed in all cases, unconfined domains can be used.
User guides
InstallationThe main resource for installing and enabling SELinux on a Gentoo system
Users and loginsMapping Linux users (logins) to SELinux users
Managing labelsSetting and configuring file (and other resource) labels
PolicyThe SELinux policy defines the acceptable behavior on a system; it can be rebuilt by administrators, loaded and unloaded (through its modular design) and tweaked by adding more policy rules
LoggingSELinux usually logs denials in the audit log (or system log if no auditing is enabled)
BooleansEnable or disable additional policy controls through SELinux booleans
StatesSELinux can be enabled or disabled, and running in enforcing, partial permissive or full permissive mode
Expert documentation
Policy developmentUpdating SELinux policy to suit your needs, and send patches to Gentoo or even upstream projects
Policy storeThe policy store contains the SELinux policy binaries; multiple stores can be defined on a system
Networking supportSELinux supports port labeling, but also packet-based access controls through SECMARK and peer-to-peer labeling support
Reference material
FAQFrequently Asked Questions on SELinux and SELinux integration in Gentoo
SELinux policy languageSupported SELinux language constructs
Policy module specific informationMore in-depth information about particular SELinux policy modules

Hardened Gentoo - hardened linux distro

Concepts
Introduction to Hardened GentooOverview of the various technologies researched and supported through the Gentoo Hardened project
Introduction to PICIntroduction to Position Independent Code
User Guides
Hardened Gentoo Frequently Asked QuestionsFrequently Asked Questions for the Gentoo Hardened project
PaX Quickstart GuideHow to use PaX
PaX Flag migration from PT_PAX to XATTR_PAXHow to migrate the ELF based PaX flags to the extended attribute based flags
Grsecurity2 Quickstart GuideWhat are the grsecurity features and how to enable them on a Gentoo Linux system
Grsecurity TPE GuideGrsecurity Trusted Path Execution guide

download centos torrent 2015

http://isoredirect.centos.org/centos/7/isos/x86_64/http://centos.excellmedia.net/7/isos/x86_64/ 
http://centosmirror.go4hosting.in/centos/7/isos/x86_64/ 
http://mirror.nbrc.ac.in/centos/7/isos/x86_64/ 
http://ftp.iitm.ac.in/centos/7/isos/x86_64/ 
http://mirrors.ispros.com.bd/centos/7/isos/x86_64/ 
http://mirrors.vonline.vn/centos/7/isos/x86_64/ 
http://mirror.digistar.vn/centos/7/isos/x86_64/ 
http://mirrors.viethosting.vn/centos/7/isos/x86_64/ 
http://mirror-fpt-telecom.fpt.net/centos/7/isos/x86_64/ 
http://mirrors.vinahost.vn/centos/7/isos/x86_64/ 
http://mirror.nhanhoa.com/CentOS/7/isos/x86_64/ 
http://mirrors.vhost.vn/7/isos/x86_64/ 
http://centos-hcm.viettelidc.com.vn/7/isos/x86_64/ 
http://mirror.vietoss.com/CentOS/7/isos/x86_64/ 
http://ftp.cuhk.edu.hk/pub/Linux/centos/7/isos/x86_64/ 
http://mirror.vpshosting.com.hk/pub/linux/centos/7/isos/x86_64/ 
http://repo.virtualhosting.hk/centos/7/isos/x86_64/ 
http://mirror.sunnyvision.com/centos/7/isos/x86_64/ 
http://centos.01link.hk/7/isos/x86_64/ 
http://centos.uhost.hk/7/isos/x86_64/ 
http://mirror.nus.edu.sg/centos/7/isos/x86_64/ 
http://centos.usonyx.net/main/7/isos/x86_64/ 
http://mirror.vodien.com/centos/7/isos/x86_64/ 
http://centos.mirror.secureax.com/7/isos/x86_64/ 
http://mirror.vastspace.net/centos/7/isos/x86_64/ 
http://mirrors.zju.edu.cn/centos/7/isos/x86_64/ 
http://mirror.neu.edu.cn/centos/7/isos/x86_64/ 
http://mirrors.yun-idc.com/centos/7/isos/x86_64/ 
http://mirror.bit.edu.cn/centos/7/isos/x86_64/ 
http://mirrors.neusoft.edu.cn/centos/7/isos/x86_64/ 
http://mirrors.hust.edu.cn/centos/7/isos/x86_64/ 
http://mirrors.pubyun.com/centos/7/isos/x86_64/ 
http://mirrors.opencas.cn/centos/7/isos/x86_64/ 
http://mirrors.aliyun.com/centos/7/isos/x86_64/ 
http://mirrors.btte.net/centos/7/isos/x86_64/ 
http://mirrors.nwsuaf.edu.cn/centos/7/isos/x86_64/ 
http://mirrors.sina.cn/centos/7/isos/x86_64/ 
http://mirrors.cqu.edu.cn/CentOS/7/isos/x86_64/ 
http://mirrors.hustunique.com/centos/7/isos/x86_64/ 
http://ftp.sjtu.edu.cn/centos/7/isos/x86_64/ 
http://mirrors.skyshe.cn/centos/7/isos/x86_64/ 
http://centos.ustc.edu.cn/centos/7/isos/x86_64/ 
http://mirrors.163.com/centos/7/isos/x86_64/ 

Friday, May 22, 2015

linux mint updates real or suspicious

Filesystem in Userspace (FUSE) is a simple interface for userspace programs to export a virtual filesystem to the Linux kernel. It also aims to provide a secure method for non privileged users to create and mount their own filesystem implementations. This package contains the shared library.
This update contains 2 packages:  fuse libfuse2

FUSE | Linux.org

www.linux.org › ... › Linux Articles › Filesystem
Jun 29, 2014 - 1 post - ‎1 author
The Filesystem in Userspace (FUSE) is a special part of the Linux kernel that allows regular users to make and use their own filesystems ...


The AccountService project provides a set of D-Bus interfaces for querying and manipulating user account information and an implementation of these interfaces, based on the useradd, usermod and userdel commands. This package provides the shared libraries of the AccountService library.
This update contains 3 packages:  accountsservice gir1.2-accountsservice-1.0 libaccountsservice0

The Simple Protocol for Independent Computing Environments (SPICE) is a remote display system built for virtual environments which allows you to view a computing 'desktop' environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. This package contains the run-time libraries for any application that wishes to be a SPICE server.
This update contains 1 package:  libspice-server1

Sunday, March 15, 2015

Mithal Kanhiradath Kunhabdullah identity theft

So some guy Mithal Kanhiradath Kunhabdullah gets a phone in kuwait by giving someone elses email address 

Dear Mithal Kanhiradath Kunhabdullah,

Thank you for contacting our Customer Support Center.

We are very sorry for the inconvenience you may have encountered.
With regards to your inquiry, kindly refer to our official repair center in Kuwait :

BICCO Service Center
Behbehani Complex - Sharq City -Mezzanine Floor, Shop No. 45 & 46
Phone : +96522433562 - +96522408456
Working hours : Saturday - Wednesday. 09:00 am from 01:00 pm and 04:00 pm - 08:00 pm.
Thursday : 09:00 am - 05:00 pm .
URL: www.biccogroup.com
E-mail: biccosc@biccogroup.com

(General Points) Before sending the phone to the Repair Center, kindly make sure of the below:
1. Backup the device& remove all personal data.
2. Remove all accessories and send the bare unit. (SIM card, Headset, etc).
3. A copy of the POP if available.
4. Do send the device in a safe& sealed package (e.g. from the Post Office) but NOT the original box.
5. Please note that once the device is received at the repair center a full diagnostics will be made for it, in case it is found to be faulty due to miss-use, accidental damage or illegal firmware it will be regarded as out of warranty and you will be contacted regarding the cost of repair, if you choose not to pay for the quotation you can have the device back unrepaired but you will be charged for the labor fees and VAT.

Friday, February 20, 2015

Gemalto hacking of SIM card encryption keys

http://www.gemalto.com/press/Pages/Information-regarding-a-report-mentioning-a-hacking-of-SIM-card-encryption-keys.aspx

At present we cannot prove a link between those past attempts and what was reported yesterday. 

SUPERFISH malware UNINSTALL INSTRUCTIONS

NOTE: Please download and run the Automatic Removal tool executable to ensure complete removal of Superfish and Certificates for all major browsers.
To be certain that SuperFish is completely removed, you must make sure:

A. The SuperFish application is uninstalled and
B. The SuperFish certificate is removed. 

Monday, January 26, 2015

why you should avoid hostgator hosting

Hostgator promises unlimited everything. But the truth and pain is only known after you run a heavy duty site on their servers

Since Jan 2015 they have been getting constant error 508 and their explanation is below

The issue that you are facing is mainly due to saturation of the number of fcgi processes allocated for your account. We allow 3 child process and for each child process, 256 worker processes. Once that limit is breached, you see that kind of error. However, those errors are auto-fixed once the number of processes reduce.

{but their cpanel says Entry Processes 0 / 20  .Number of Processes 2 / 100}

The MySQL queries for the above mentioned databases are getting killed by the server which is causing the intermittent issue with the site loading. You can verify the same from cPanel >> Health checks and Monitoring >> Mysql Killed Queries.

Please note that, the long_query_time set for the MySQL service is 15 seconds.
Since it is a shared server, we can't alter this values for single domain. We have set this limit carefully to avoid any wastage/abuse of server resources and increasing the limit will result in degradation of server's performance.

Hence, we strongly recommend to contact your developer and optimize the database queries and PHP scripts for the better performance of the site.

Alternatively, you can switch to our VPS package, where you can set custom limits for your domain.
{WHY WOULD ANYONE GO FOR YOUR vps PACKAGE IF YOU CANNOT GIVE THEM GOOD SERVICE ON YOUR SHARED SERVERS??}
--
We kindly request you to spare 2 minutes of your valuable time by rating us on this ticket & also by adding any comments if required, so that we can take it as feedback & strive our best to improve our Quality of service.
Rating would be based on points. 10 - Highest & 0 - Lowest.
Please share your valuable rating and feedback.
--

The issue that you are facing is mainly due to saturation of the number of fcgi processes allocated for your account. We allow 3 child process and for each child process, 256 worker processes. Once that limit is breached, you see that kind of error. However, those errors are auto-fixed once the number of processes reduce.
[ Janxx  2015] [warn] [client zz.zz.zz.zz.zz] mod_fcgid: can't apply process slot for /usr/local/cpanel/cgi-sys/php-fcgi, referer: http://zzzz.com/

The MySQL queries for the above mentioned databases are getting killed by the server which is causing the intermittent issue with the site loading. You can verify the same from cPanel >> Health checks and Monitoring >> Mysql Killed Queries.

Please note that, the long_query_time set for the MySQL service is 15 seconds.
Since it is a shared server, we can't alter this values for single domain. We have set this limit carefully to avoid any wastage/abuse of server resources and increasing the limit will result in degradation of server's performance.

Hence, we strongly recommend to contact your developer and optimize the database queries and PHP scripts for the better performance of the site.

Alternatively, you can switch to our Dedicated Server package, where you can set custom limits for your domain. Refer the following URL to know about our VPS package and its prices:

----------
http://hostgator.in/dedicated-servers.php
--------

Thursday, January 22, 2015

trying to install the android emulator on linux with genymotion


if you really want to install the android emulator on linux just get the .ova file ,install virtualbox
http://www.linux.org/threads/android-in-virtualbox.6998/

below is my failed attempt to install genymotion.



 sh genymotion-2.3.1_x64_debian.bin
genymotion-2.3.1_x64_debian.bin: 109: genymotion-2.3.1_x64_debian.bin: [[: not found
genymotion-2.3.1_x64_debian.bin: 115: genymotion-2.3.1_x64_debian.bin: [[: not found
-e
-e Aborting.

chmod u=rwx genymotion-2.3.1_x64_debian.bin

$ ./genymotion-2.3.1_x64_debian.bin

Installing to folder [/home/myfolder/Downloads/genymotion]. Are you sure [y/n] ? y


- Trying to find VirtualBox toolset .................... OK (Valid version of VirtualBox found: 4.3.0r89960)
- Extracting files ..................................... OK (Extract into: [/home/myfolder/Downloads/genymotion])

Installation done successfully.

You can now use these tools from [/home/myfolder/Downloads/genymotion]:
 - genymotion
 - genymotion-shell

./genymotion
bash: ./genymotion: cannot execute binary file
sh genymotion
genymotion: 1: genymotion: Syntax error: "(" unexpected

sudo genymotion
[sudo] password for admin:
sudo: genymotion: command not found

http://tukitanotes.blogspot.in/2014/12/genymotion-on-debian-jessie.html
http://linuxn00.blogspot.in/2014/11/instalando-whatsapp-no-opensuse-131-via.html


genymotion $ ls

As was obvious to expect from the output does not have a version 2.15 or higher of the GNU libc genymotion therefore can not serve ...


http://mirror1.jarfil.net/androvm.org/Download/
crypto            icons                       libavutil.so.51   libQtNetwork.so.4  libssl.so        translations
device-upgrade    imageformats                libcrypto.so      libQtScript.so.4   libswscale.so.2
genymotion        lib64EGL_translator.so      libprotobuf.so.7  libQtSql.so.4      player
genymotion-shell  lib64GLES_CM_translator.so  libqca.so.2       libQtSvg.so.4      plugins
genymotion-tool   lib64GLES_V2_translator.so  libQtCore.so.4    libQtWebKit.so.4   sqldrivers
genyshell         lib64OpenglRender.so        libQtGui.so.4     libQtXml.so.4      tools

The spammer after domain registration hijacking whois? premiersubmission.net



got a spam email which looked very real

premiersubmission.net (the site does not exist)
ns1.embhost.com.   ['74.202.73.1']   [TTL=172800]
ns2.embhost.com.   ['74.202.73.2']   [TTL=172800]
http://embhost.com/ (also does not exist)



Submission Overview & Details
Your registration information for xxx.com can be found below.
Now that your domain registration is complete, the next step is to
submit your website to all of the major search engines. To get
started submitting your site to Google, Yahoo, Bing and AOL -
more here:
http://premiersubmission.net/iem/link.php?M=

By registering xxxxx.com with all of the major search engines,
you increase your sites exposure to an audience looking to find
your products or services.

Account Information:
==================================

Domain:
Registration Date: 2014
Name:

» Complete Site Submission [Final Step]:
http://premiersubmission.net/iem/link.php?M=

==================================

If you have any questions regarding the final steps of your site
registration, we encourage you to take a look at the site
submission details FAQs.

We look forward to the opportunity to serve you with all of your
site submission details.
PremierSubmission
1933 E. Dublin Granville Rd. #420; Columbus, OH 43229 USA
To manage your subscription options, go to
http://premiersubmission.net/iem/unsubscribe.php?M=





google shows

 Colin Walker the owner of a newly registered Dot Net Domain Name (premiersubmission.net) is hijacking WHO IS
http://blog.mccopro.com/domain-news/warning-unethical-business-practices-by-colin-walker-aka-premiersubmission-net/

Admin Name: ROBERT JACOBS
Admin Organization: PREMIER SUBMISSION
Admin Street: 1933 E DUBLIN GRANVILLE RD
Admin City: COLUMBUS
Admin State/Province: OHIO
Admin Postal Code: 43229
Admin Country: UNITED STATES
Admin Phone: +1.4406552513
http://badforpeople.org/scam-premiersubmission-net-is-not-the-internets-official-search-engine-registration-service/


Domain Name: PREMIERSUBMISSION.NET
Registry Domain ID: 1849134316_DOMAIN_NET-VRSN
Registrar WHOIS Server: whois.fastdomain.com
Registrar URL: http://www.justhost.com/
Tech Email:
Name Server: NS1.EMBHOST.COM
Name Server: NS2.EMBHOST.COM
http://whois.domaintools.com/premiersubmission.net

http://whois.domaintools.com/premier-submission.com


Received: from premiersubmission.net (premiersubmission.net. [50.97.107.80])
Received-SPF: pass (google.com: domain of bounce@premiersubmission.net designates 50.97.107.80 as permitted sender) client-ip=50.97.107.80;

From: "Aditi Gupta"
Reply-To: admin@premiersubmission.net
List-Unsubscribe: ,