A couple of months ago, I noticed an unfamiliar charge on my debit card, coming from a company called khbill.com for about $40.00. I was unaware of what the hell was going on, so I first gave my bank a call to have a new card issued, and then gave KHBill a call to figure out who they were, and what was going on.

When I called their toll free line, I was directed to a very static-addled line, and a very indian operator who asked me for the last six digits of my card, and my name. I gave them that information, and asked them several questions.

Me: What website was my card subscribing to?
Them: It is an adult website…
Me: What is the domain name?
Them: It is an adult website sir…
Me: Yes, i want to know the domain ame.
Them: I am seeing the charge as coming from a ilovepootang.com (non-existant domain)

Me: What email address was the account subscribed to?
Them: Bailey@gmail.com (too rare for any fraudster to actually have, no email address verification?)

Me: What ip address was the signup coming from?
Them: We do not have that information on file sir

Me: OK, can you just charge the order back?
Them: Yes we can sir, thank you and have a nice day.

The whole thing seems all too fishy. Every credit card processor logs ip addresses. The email address should have been emailed the login information. The domain name is non-existant.

If you notice an unauthorized charge from KHBill.com on your card, let me know. I’d like to hear some more stories about them.

Some great news came about the other day. Hal turner (Wikipedia | Encyclopedia Dramatica), a fairly famous white supremacist was arrested after he made a death threat against a senator, and an associate on his blog. The post in question can still be found here, and here are the most notable quotes:

3:38 PM ET — Officer Boyle of the Connecticut State Capitol Police just called regarding this story. Seems they are concerned about the “Commentary” below. Looks the tyrants are worried. Good. –

…

This is a direct government assault upon the Catholic Church, in absolute violation of the First Amendment to the Constitution for the United States.

It is very clear to us at the Turner Radio Network that the state of Connecticut has become tyrannical and abusive. It is actively and aggressively attempting to directly interfere with the internal governance of a church and the free exercise of religion. It is retaliating against citizens for exercising their right to petition for redress of grievances. This is tyranny and it must be put down.

While filing a lawsuit is quaint and the “decent” way to handle things, we at TRN believe that being decent to a group of tyrannical scumbags is the wrong approach. It’s too soft.

Thankfully, the Founding Fathers gave us the tools necessary to resolve tyranny: The Second Amendment.

TRN advocates Catholics in Connecticut take up arms and put down this tyranny by force. To that end, THIS WEDNESDAY NIGHT ON “THE HAL TURNER SHOW” we will be releasing the home addresses of the Senator and Assemblyman who introduced Bill 1098 as well as the home address of Thomas K. Jones from the OSE.

After all, if they are so proud of what they’re doing, they shouldn;t mind if everyone knows where they live.

It is our intent to foment direct action against these individuals personally. These beastly government officials should be made an example of as a warning to others in government: Obey the Constitution or die.

If any state attorney, police department or court thinks they’re going to get uppity with us about this; I suspect we have enough bullets to put them down too.

The state pushed; it is about to get pushed back. Elected and other government officials sometimes need to be put in their place. They serve; they do not rule. They need to learn their place or be put there by force.

This post was made in reference to a bill which would require the catholic church register as a lobbying group. I absolutely support this measure in Connecticut, and every other state in our country, as the catholic church has held just a little too much “influence” in the ruling of our country.

Hal, being the retard he is, also ignored the prior warning that his local police gave him, kept the post up, and proceeded to cry like a 3rd grader to his friend who updated his blog.

I find this news to be fucking awesome, and I hope that mother fucker gets locked up for the rest of his life.

Hal also made this brilliant post in which he tells everyone where some judges in chicago live, complete with arrows pointing to the windows of their offices, and orders that they need to “Obey the Constitution or die”.

Back about 6 years ago, there was a sweet as shit project called webhostingradio. It was a webhosting show / stream which was broadcast over shoutcast, and was run by a few people from the industry, and wht. Most notably, jbiz, rewdog, and jbiz’s friend who handled prank calls, I wish I could remember his name. The show was a mix of both information, and entertainment, infotainment was what they called it. There were interviews with big names in the industry, ‘news’ from around the industry, and my personal favorite part were the prank calls that they made to both the biggest, and smallest hosts in the industry.

The show predated even rackshack/ev1’s ownership of webhostingtalk. In fact, one show was about rackshack’s buyout of the then-matt freeman owned site.

Towards the end of the original show, jbiz got busy with his life, and everyone simply lost motivation to create the show. After some amount of time, robert marsh of rackshack bought it as well, but on the day when it was due to be relaunched there was a fire at rackshack, and the whole thing was put off for an infinite amount of time. When inet interactive bought webhostingtalk, webhostingradio was thrown in. However, inet didn’t do anything with it until like 2006, but due to lack of support for the project, and lack of organization, that was short-lived.

Here’s the most memorable prank call from the original show, no it’s not me:
rackshack prank

A lot of companies in this industry claim to offer 24/7 support. From the smallest players in the game, to the largest. However, with all of the tiny hosts existing out there, claiming to offer 24/7 support, and never coming through with their promise, we tend to get a lot of customers who become amazed when we do actually answer their tickets during the most absurd hours of the day/night/year. However, before that happens, we always have to go through the ‘test round’ in which many customers choose to ‘rush’ us with what they believe is a profoundly complex question during what may or may not be a ’strange’ hour to look into such an incident. About 85% of these tickets are written in a barely-comprehensible manner, with customers barely explaining the problem they face. About 97% of them include at least one instance of “ASAP!!!!!!!”. About 98% of them are suprised when we answer their question in a matter of minutes. Typical “questions” include “MY WEBSITE IS DOWN! please resolve asap” when there are absolutely no server/network problems. Other requests include the restoration of a backup, explanation & resolving of errors php & perl scripts are spewing, or ‘install or configure this software on my dedicated server’ requests.

I work for a company who provides completely real 24/7/365 support. I myself was sitting in an office on December 31, 2008 at 11:59, this is proof of the fact. I can’t help but to feel a bit insulted when a long-time customer of ours responds as if we are typically away from our datacenter. I work directly outside of our second datacenter, and two doorways away from our first datacenter. It makes me feel like nobody really appreciates the hours that we work to support them. We have staff on site at all times, regardless of whether or not it’s a holiday, and we don’t even rely on a callcenter or third party company to help with the more minor requests. If you send an email to our technical support department, you’re going to be talking to myself, ryan, brad, sean, ben, kevin, or even the owner of our company, karl within at least 10 minutes of request, and if a solution exists, every staff member is going to be be able to handle any question or request you have. Every staff member works within our datacenter-side office, and you’re never going to be talking to someone who lives in india, or a callcenter. I’ve called the providers that our company works with, and been forwarded to callcenters in foreign countries. Granted, those companies don’t typically offer 24/7 support, but it’s still bothersome to have to deal with.

Kids, if you can’t offer 24/7 support, don’t advertise it. You’re fucking up the credibility of the industry, and it’s not helping anyone.

Alright, so the forums are abuzz about the latest owning of webhostingtalk. Let’s dissect the worst post!

Of course there is the nagging question, how did they find our backup cluster! I’m still investigating that, and it does make you wonder, but very few people even inside of iNET knew of the off site cluster, and even fewer knew where or how to access it. The company hosting the off site backup doesn’t even know the contents of our servers. So those facts make me think that social engineering is not part of this equation.

This is the biggest lie I’ve ever seen prohacker tell. Here’s why:

1) Automation is the number one goal of all programmers & sysadmins. We hate doing work, and we would rather rely on a computer to automatically do it for us.
2) If he had configured automatic backups, which 95% of all answers point to yes, he was more than likely using a combination of mysqldump & rsync, sftp, or scp, as those are the main utilities used in database backups on linux/mysql systems, which wht runs.
3) If he wanted to automate it, he would have written a script which would clearly identify backup1.inetinteractive.net (a hostname we on irc.whtirc.net/#wht guessed within minutes) as the backup target, with the username of the authenticating user clearly being identified within the script
4) If he wanted to automate the process without having to enter his password every single time, he would be required to:

4.1) Pipe his password into rsync/sftp/scp, which would make his password identifiable to the attacker as he read the script
4.2) Generate an rsa or dsa ssh key with no passsword for the key specified, or else he would be prompted for the passphrase of his ssh key.

5.1) If he were to chose route 4.1, the attacker would be able to grab the password out of the script, and login using that
5.2) If he were to chose route 4.2, the attacker would be able to simply ssh to backup1.inetinteractive.net from the box the script was being run from, and have immediate access to the backups.

What inet should have done:

1) Generate mysqldump backup, and rsync/sftp backups as a user account like ‘backups’
2) Once backups are transported, chown the backup file to root, and chmod it to 700

This way, if the attacker were to gain access to backup server, they would only have access to the ‘backups’ account, which wouldn’t be able to read, or delete any portion of the backups, as the permissions were chowned to root. However, this wouldn’t work so well if the backup server were rooted as well, which I suspect wht was. The attacker could also write data to the directory, but that wouldn’t be very harmful unless he managed to construct a fake backup of some type.

Anyway, wht got owned. My legacy of posting has been partially tarnished, but i was unbanned for a few minutes according to some friends. It’s a shame i missed out on the trolling. Get along with your lives, it’s just a forum. If your business depends on the forum, you should not have a business. Yes, I mean you, aussie bob. Don’t think I forgot about all that BMWADITRW schtuff

If you’re ever shoved the task of allocating a giant load of secondary ip addresses (/24, /23, or higher) you can use the following command to mass-allocate a large block of them:

for /L %a in (0,1,255) do netsh int ip add address “Local Area Connection” 192.168.0.%a 255.255.255.0

This will add the block of 192.168.0.0/24 to your server, a /24 indicates a 255 address block, so you would be allocating 192.168.0.0 through 192.168.0.255.

For additional /24 blocks, you can simply run the command in sets:

for /L %a in (0,1,255) do netsh int ip add address “Local Area Connection” 10.0.1.%a 255.255.255.0
for /L %a in (0,1,255) do netsh int ip add address “Local Area Connection” 10.0.2.%a 255.255.255.0
for /L %a in (0,1,255) do netsh int ip add address “Local Area Connection” 10.0.3.%a 255.255.255.0
for /L %a in (0,1,255) do netsh int ip add address “Local Area Connection” 10.0.4.%a 255.255.255.0
for /L %a in (0,1,255) do netsh int ip add address “Local Area Connection” 10.0.5.%a 255.255.255.0

Changing only the bold portion of the command.

If you only need to add a shorter block, like a /28 (16 addresses) you can manipulate your command like so:

for /L %a in (0,1,16) do netsh int ip add address “Local Area Connection” 10.0.0.%a 255.255.255.0

This would allocate 10.0.0.0 through 10.0.0.16 to your server.

Some people will ask “why do you need all these ip addresses, man???” Well, there are several reasons, I’ll go over the most common reasons:

1) SSL websites must be on unique ip addresses
2) Seperation of assets - If one of your clients is smacked with a multi-gigabit ddos attack, and you have no recourse but to null route the address since it’s saturating your uplink, it’s best that you have the website on a unique address, or else you’ll have to suspend more than one customer when the nullroute is put down.

That’s all! hope this helped somebody out there.

Leading up to last night, I was really bothered by today’s holiday, valentine’s day. I do believe that western culture has really brought the original meaning of the holiday through several rounds of high-scale corruption, and have also managed to exploit everyday people into worshiping a false tradition, but last night I started talking with this girl I’ve been talking with for about 3 months now, and we kinda got onto the subject of the day, and figured today is an ok day to meet up.

The women that i’ve seen, most of them have lived at least 30 minutes away from me. Francesca was about an hour on the metra, Lisa was about 45 minutes driving from the suburbs, Katrina was about a half hour i believe, Susan was about 45 minutes on the cta… There was one that lived about 20 minutes on the cta, but she didn’t really last very long. This girl lives 3 hours away in Lafayette, Indiana.

So, the train heads out at 5pm, and i get there after about 3 hours, then i’m out of there at 8am tomorrow morning. Yeah, really short trip. Only one train gets there every day, so I’d better not miss the train. I’m not sure what to expect, but what’s the worst that could happen? Heh, who cares. Worst case is i get stuck at a train station for roughly 11 hours. But, that couldn’t be much worse than the valentine’s day i’d have if i stayed here by myself.

Valentine’s day, i don’t completely hate you, you did have a good origin, but people really shouldn’t put this much emphasis upon you. You’ve successfully doubled the guilt of a great portion’s of the nation’s single folk over an absolutely frivolous reason, and you’ve probably even inspired a few suicides out there.

In other news, I haven’t gone out to a bar since that last entry about my neighbor mike.. January 22nd I beleive was the date of that encounter. I had been meaning to go to a few, but something seems to be holding me away. Once spring returns, I’m going to have to buy a replacement lens cap, a new backpack, and I think I’ll start photographing the city now that i’m more familiar with everything. I’m also working on giving up cigarettes.

I was generally more looked up to when I only smoked pot, and didn’t run around with any other vices. Pot is probably holding me back, and I have been scaling it back to help improve my overall mood, but I feel it’s necessary to use as it helps me relate to people. I’m much more uppity when I’m sober, and that’s usually too much for most people. I can be funny drunk, and it helps me appear more normal according to the people I’ve been drunk around, but I don’t really like waking up after sleeping 4 hours with a hangover.

I’m buying some new blinds to help block the sun out of my windows, because that’s been preventing me from sleeping. I also have a problem sleeping when the wide-open space of my room is too big. I can’t ever sleep for a long time with my closets open, and i can’t sleep with my blinds up. Even with the blinds down, the light shining through is too much.

Several seasons of The Office is on netflix’s ‘instant watch’ thing. You guys should get netflix and watch it.

That’s all. See ya.

Up until 3 days ago, I had never even heard of a bank called ‘interswitch’. Then in our abuse helpdesk, we received several complaints about several different interswitch phishing pages that several different customers were hosting. Each customer was operating a free webhosting service, and each simply had fraud signups. Every reported phishing account was terminated by our customers, and we haven’t heard from them yet.

Then today, we recieved a barrage of about a half dozen of these emails:

<title>Attention Card Holder</title>
</head>

<table border=”1″ width=”100%” id=”table1″
style=”border-collapse:collapse;” height=”444″>
<tr>
<td>
<table border=”0″ width=”91%” id=”table3″>
<tr>
<td width=”137″>
<img src=”http://www.interswitchng.com/you/images/interswitch-logo.gif”
alt=”InterSwitch” width=”121″ height=”61″/></td>
<td> </td>
</tr>
</table>
<table border=”0″ width=”753″ height=”18″ id=”table4″>
<tr>
<td height=”12″ width=”747″>
<img src=”http://interswitchng.com/images/red-line.gif”
width=”770″ height=”6″/></td>
</tr>
</table>
<table border=”0″ width=”95%” id=”table5″ height=”102″>
<tr>
<td width=”733″>
<table id=”table7″ height=”51″ width=”99%” border=”0″>
<tr>
<td><font face=”Verdana”>Attention Card Holder,</font><p>
<font face=”Verdana”>This is to notify you that our
services are being upgraded to a new, better and more
secured system . You are now required to
<a rel=”nofollow” target=”_blank”
href=”http://muyideen1.t35.com/inter-logon/index.html”>
<span class=”yshortcuts”
id=”lw_1200067074_0″>CLICK HERE</span></a> and register
all your DEBIT CARDS, X-CHANGE CARDS, and CASH CARDS
online <b>
IMMEDIATELY</b> so as to enable your card
to work on our new servers. Only registered cards will
work with the ATM machines.</font></p>
<p><font face=”Verdana”>Note that in order to
continue using your card for ATM transactions, you <b>
MUST</b> register your card(s) online <b>IMMEDIATELY</b>
<a rel=”nofollow” target=”_blank”
href=”http://muyideen1.t35.com/inter-logon/index.html”>
<span class=”yshortcuts”
id=”lw_1200067074_1″>BY CLICKING HERE</span></a> .If you do not
register
your ATM card(s) immediately, you will no longer be able to use
your cards with the ATM machines or for ATM transactions and your card(s)
will
be cancelled or terminated.</font></p>
<p><font face=”Verdana”>Adhere to this
instruction on receiving this message and <b>
<a rel=”nofollow” target=”_blank”
href=”http://muyideen1.t35.com/inter-logon/index.html”>
<span style=”TEXT-DECORATION:none;”>click here</span></a></b>
<b>
<a rel=”nofollow”
style=”text-decoration:none;” target=”_blank”
href=”http://www.goodfriendz.com//ray/modules/global/inc/f.html”><span
class=”yshortcuts” id=”lw_1200067074_2″>immediately to register your
card</span></a></b>. Our goal is to
satisfy all our customers need.</font></p>
<p><font face=”Verdana”>InterSwitch Nigeria
Limited</font><p> </td>
</tr>
</table>
</td>
</tr>
</table>
<table border=”0″ width=”751″ height=”10″ id=”table6″>
<tr>
<td height=”10″ width=”745″>
</td>
</tr>
</table>
<p align=”center”><font size=”1″ face=”Verdana”>Copyright(c)2009.
InterSwitch Limited. All Rights Reserved </font></td>

Why would a phisher send mass-mailings to every country in the world about a nigeria-specific bank? Are they really this slow? This time, they are hosting their website at t35.com, another free host, which is off our network. I just don’t know why there would be this large of an effort to phish customers of a bank that exists in nigeria.

So, i ended up going out at about 11pm the other night for drinking. I didn’t have anyone to drink with, but i needed something to do and felt booze would ok to consume. I had a train to catch early in the morning, so I decided to stay local to bport and drink at a bar called Mitchell’s.

I’ve talked about mitchell’s before. There are 4 bars within a few blocks of me, half of which are inhabitable by good people, but all bars seem to attract at least a small majority of dickheads.

Well, I stumbled my way through the snow, and got to mitchell’s after about 10 minutes. I then stood outside the bar for a few minutes and smoked a cigarette. While I was smoking, my neighbor mike walked up to me and started bragging like he always does about knowing someone who owns the bar. I usually silently doubt mike, because I’ve caught him lying to me many times before, but he seemed pent on drinking with me in this bar, and I really couldn’t dodge him. So, we walked in, and sat down.

Mike immediately left my side, and went to the other side of the bar and started talking to some guy he knows. “god i hope he’s gone” i thought to myself. I know mike doesn’t have a job, I know that he’s probably going to try and get me to pay for his drinks, and I know that I’m too weak to say no to the guy. Well, mike was over on the other side of the bar trying to scam drinks out of that guy, and I was sitting by myself waiting for the bartender to stop small chat with the other patron.

Ten minutes later, I’m still staring at the bartender waiting to order my pint of guiness, and he finally noticed me. The bar wasn’t crowded, but I guess he was preoccupied, and simply didn’t notice me. When he came over, he gave me a free pint of guiness to say sorry, and I began to drink.

Halfway through the glass, mike returns to the bar stool next to me, and shortly after walks up the guy he was talking to in the corner. Apparently the guy did know mike from previous encounters, but i didn’t really care. Mike’s friend was about the same age as him, and much bigger than him. Mike continually referred to him as “the kush man” because he’s a fucking idiot and loves to talk about weed all the time despite never having anything of actual quality. I’ve spent hours deseeding the shit he’s sold me when I first moved to the neighborhood, and I’ve smoked with him out of his personal supply, and he never has good stuff. I have 20 year old nerd white guy friends who have better pot than him. Mike exaggerates everything he has in his life, and will continue to serve as an example of why it is bad for a person to have a big ego for the rest of time.

Well, mike asks me what I’m drinking, i tell him what i’m drinking, and he starts to brag about some bullshit he drinks that’s imported from mexico and sold at the rate of $5.50/tinyfuckingbottle. He’s currently drinking out of one of those ridiculous 16oz bottles of bud light that they’ve been selling. “oh yeah?” i say to him, “have you ever had guiness?”. He seemed ignorant to the ways of dark beer, so I let him have a sip. “thats not bad man, but modello is so much better”. He would then go on to order a modello, but never offered me a sip. “Great job selling modello, mike” i think to myself.

Mike’s friend was drinking the same thing as mike, but didn’t seem nearly as enthused about the situation. Mike would eventually walk outside to smoke a cigarette, and his friend would tell me that he doesn’t know how to talk to mike, because he doesn’t believe a word that the guy says. “you too, huhh?” i say. “yeah, i guess…” responds the older gentleman.

Mike would eventually return, and when his friend left he began to call him the n word, and told me that his friend is a coke addict.

When Mike left, his friend started talking to me, and then told me that he would be going down the street a few blocks to buy some coke. “oh, what kind of price?” i asked, having not done coke in roughly 2 years, and having only done it once, I was well overdue for a miniparty. He gave me a small rundown of some prices I couldn’t afford, and I ended up just telling him that i was alright with the pot i have in my desk at home.

Well, mike came back, and showed off some of his tattoos, one of which is his wife’s name “particia” written in cursive across his forearm. He then went on to rant about how his wife is worried about him going out to bars, which i don’t blame her, but i don’t want to get in an argument with mike tonight because i know he’ll take everything way too far.

As the night progressed mike would drink the modello, and I bought him a carbomb because he’s never had one, which he completely fucked up by pouring the shot into the glass rather than dropping the shot into the glass, and he drank more budweiser because he doesn’t know any better, and eventually came time for him to go leave with his cokehead friend to buy drugs in the bad part of town.

“hey mike, can you give me 5 bucks?’ he says. I’m already a little drunk, and a fulltime pushover, so i throw him 5 bucks. Then he says again “sorry mike, can i have another five?”, “no, i’m not going to give you 10 dollars when I’ve already bought you a drink tonight”, “come on mike, i don’t want to look like an asshole” he says, “fuck off” i say.

He paid his tab, and left the bartender a dollar tip for well over an hour and a half of service that was riddled with free drinks from the bartender for some reason.

After mike left I was still there. THe bartender came back, saw the dollar tip, and had a disappointed look on his face. I would go on to drink a pint of bell’s lager, and left the bartender a $28 tip to make the bartender feel better about being fucked over by mike.

I then stumbled across the street and grabbed a couple of chicken tortas, and began hiking back. When I reached wallace, the street I live on, I began walking south, and as I was walking back into my home I could hear a faint yelling. Sure enough, it was mike. he was upset, probably because I wouldn’t give him the money he needed to impress the bartender with a fancy tip. I then decided that he wasn’t worth the time, and went into my building.

The following day, I took amtrak out to bloomington, IL, and drank a completely unhealthy amount of alcohol with some friends who own a tech company out there. Over the course of 6 hours we each drank roughly 10 to 14 pints of guiness, 4 carbombs, and i drank a couple of glasses of wine for good measure. At the end of the night we had run up a bill of about $400 for their company credit card, I had been given a job offer that would require I move to bloomington to teach their staff for 6 months, and later move to new york to manage their datacenter. They say they’re prepared to offer me 48k, but i’m really not sure if I want to leave my current job and chicago. I do kind of want out of this city, because the lack of social contact is really killing me, and i believe i could use a fresh start in a new city, but i’m also pretty sure none of my social habits will change, and I’d probably be more lonely out there.

talk like me

[4:54:17 am] mikey:if we could kiss, do you think it would be nice?
[4:54:43 am] some woman:yeah, probably
[4:54:53 am] mikey:that’s wonderful.
[4:55:01 am] mikey:I agree completely.
[4:55:17 am] mikey:It would be magic from the heart of funk and bass.
[4:55:27 am] some woman:that’s good to know.