Since I was in high school, I’ve taken the often unpopular role of ACLU supporter. While everyone else bitched about the things they fought, I supported them, because I believed that if a legitimate violation of the people’s rights were to happen, that the ACLU would be at the front of the fight against government-enforced fascism.

During the past several years, I have witnessed several prime violations of the rights of Adult americans. This isn’t a case of some 15 year old being told he can’t wear his promotional satanism t-shirt to school. This is a case of laws being written & voted into law in clear violation of the rights of adults.

I speak of the following:

1) Smoking ban in Chicago, Portland, New York, and several other localities
2) Trans fat ban in New York, and several other localities
3) The upcoming ban of black automobiles in California

Each of these laws, and probably many others I haven’t heard about are a direct violation of the rights of Americans.

Nobody should be able to tell a bar owner that he cannot allow smoking in his bar. It should be his god damn decision, and nobody else’s. If there’s enough consumer demand to ban smoking, the bar owner can ban it himself. The city should have no fucking say in the matter.

Nobody should tell any American what they can eat. More than 50% of the things we eat are unnecessary, and to say that trans fat is unneeded makes no sense. If something isn’t done about this, it’s only going to encourage the original lawmakers to seek further efforts to control our diets, and before you know it, it’s going to be 2020 and there will be laws limiting our daily sugar intake.

Nobody, absolutely nobody should be able to tell you what color your car, shirt, house, or absolutely anything else should be. Color is the absolute root of expression, and absolutely any control of it is obvious censorship. Think about your first favorite making decision. I’ll bet it was color, right? The argument is that black automobiles use more energy than other cars. Ask yourself this: What uses more energy: A white hummer, or a black sports car? According to this law, the babydicked hummer owner is the innocent party. The government shouldn’t have any decision in your choice of automobile. As long as you have a license to drive whatever you are driving, that should be all that matters. The cost of fuel is coming directly out of the owner’s pocket.

So, with this being said, where in the hell has the ACLU been when these three laws have been created? Each are in violation of our rights. Are they only holding back because the laws have been written by liberals? I really don’t want to think that, because I’ve long considered myself a liberal. I always thought that conservatives were the pro-fascism party, with their flurry of attempts to limit the lives of homosexuals, and attempts to write the bible into law. Why hasn’t the aclu done anything about these cases? I wrote them about the smoking ban almost 1 month ago, and I still haven’t received any kind of reply.

Alright, so the forums are abuzz about the latest owning of webhostingtalk. Let’s dissect the worst post!

Of course there is the nagging question, how did they find our backup cluster! I’m still investigating that, and it does make you wonder, but very few people even inside of iNET knew of the off site cluster, and even fewer knew where or how to access it. The company hosting the off site backup doesn’t even know the contents of our servers. So those facts make me think that social engineering is not part of this equation.

This is the biggest lie I’ve ever seen prohacker tell. Here’s why:

1) Automation is the number one goal of all programmers & sysadmins. We hate doing work, and we would rather rely on a computer to automatically do it for us.
2) If he had configured automatic backups, which 95% of all answers point to yes, he was more than likely using a combination of mysqldump & rsync, sftp, or scp, as those are the main utilities used in database backups on linux/mysql systems, which wht runs.
3) If he wanted to automate it, he would have written a script which would clearly identify backup1.inetinteractive.net (a hostname we on irc.whtirc.net/#wht guessed within minutes) as the backup target, with the username of the authenticating user clearly being identified within the script
4) If he wanted to automate the process without having to enter his password every single time, he would be required to:

4.1) Pipe his password into rsync/sftp/scp, which would make his password identifiable to the attacker as he read the script
4.2) Generate an rsa or dsa ssh key with no passsword for the key specified, or else he would be prompted for the passphrase of his ssh key.

5.1) If he were to chose route 4.1, the attacker would be able to grab the password out of the script, and login using that
5.2) If he were to chose route 4.2, the attacker would be able to simply ssh to backup1.inetinteractive.net from the box the script was being run from, and have immediate access to the backups.

What inet should have done:

1) Generate mysqldump backup, and rsync/sftp backups as a user account like ‘backups’
2) Once backups are transported, chown the backup file to root, and chmod it to 700

This way, if the attacker were to gain access to backup server, they would only have access to the ‘backups’ account, which wouldn’t be able to read, or delete any portion of the backups, as the permissions were chowned to root. However, this wouldn’t work so well if the backup server were rooted as well, which I suspect wht was. The attacker could also write data to the directory, but that wouldn’t be very harmful unless he managed to construct a fake backup of some type.

Anyway, wht got owned. My legacy of posting has been partially tarnished, but i was unbanned for a few minutes according to some friends. It’s a shame i missed out on the trolling. Get along with your lives, it’s just a forum. If your business depends on the forum, you should not have a business. Yes, I mean you, aussie bob. Don’t think I forgot about all that BMWADITRW schtuff

If you’re ever shoved the task of allocating a giant load of secondary ip addresses (/24, /23, or higher) you can use the following command to mass-allocate a large block of them:

for /L %a in (0,1,255) do netsh int ip add address “Local Area Connection” 192.168.0.%a 255.255.255.0

This will add the block of 192.168.0.0/24 to your server, a /24 indicates a 255 address block, so you would be allocating 192.168.0.0 through 192.168.0.255.

For additional /24 blocks, you can simply run the command in sets:

for /L %a in (0,1,255) do netsh int ip add address “Local Area Connection” 10.0.1.%a 255.255.255.0
for /L %a in (0,1,255) do netsh int ip add address “Local Area Connection” 10.0.2.%a 255.255.255.0
for /L %a in (0,1,255) do netsh int ip add address “Local Area Connection” 10.0.3.%a 255.255.255.0
for /L %a in (0,1,255) do netsh int ip add address “Local Area Connection” 10.0.4.%a 255.255.255.0
for /L %a in (0,1,255) do netsh int ip add address “Local Area Connection” 10.0.5.%a 255.255.255.0

Changing only the bold portion of the command.

If you only need to add a shorter block, like a /28 (16 addresses) you can manipulate your command like so:

for /L %a in (0,1,16) do netsh int ip add address “Local Area Connection” 10.0.0.%a 255.255.255.0

This would allocate 10.0.0.0 through 10.0.0.16 to your server.

Some people will ask “why do you need all these ip addresses, man???” Well, there are several reasons, I’ll go over the most common reasons:

1) SSL websites must be on unique ip addresses
2) Seperation of assets - If one of your clients is smacked with a multi-gigabit ddos attack, and you have no recourse but to null route the address since it’s saturating your uplink, it’s best that you have the website on a unique address, or else you’ll have to suspend more than one customer when the nullroute is put down.

That’s all! hope this helped somebody out there.