The Mergy Notes

content + info + hacks + solutions

Latest Notes

Using fail2ban To Mitigate Excessive Apache 403, 404, 500, and 503 Attacks

I finally spent some time last weekend to address the botnets attacking my site and specifically looking for known exploits, bad WordPress plugins, and just general random stuff. I should disclaimer that messing around and systematically blocking hosts viewing your website generating 404s may or may not make sense for you. If you create a fail2ban filter, jail, and start picking off hosts that...

Fixing Invalid Command Errors on backup-manager in Ubuntu with NFS Mounts

After finally moving off Ubuntu 16.04, I lost my Simplebackup (or sbackup) setup and decided to try old backup-manager on my now bionic beaver 18.04 setup. All seemed well except I could not get backup-manager to leverage the old Synology NFS-mounted NAS on the home network I have always used for storage. It drove me semi-nuts. There has always been an issue on mapping users on that NFS mount, so...

IT Systems To Functions HeatMap Tool

The initial systems to functions heatmap tool concept was really brought to me in an engagement with Rippleworks and the amazing Anisha Vaswani. I took the initial concept Anisha modeled for me and ran with it a bit for nonprofits. The concept is actually pretty simple. You isolate the departmental functions of the organization, connect with the stakeholders of those areas for clarification, then...

The State of Internet Freedom 2019: It’s Not GREAT.

Freedom House recently released the Freedom on the Net 2019 report and the findings are troubling. The report can be found over at the site. I encourage you to deep through the report. As a lifelong proponent of technology as part of social change and freedom, the realization in 2019 that technology and social media are really being weaponized political and government entities to suppress the...

SSH Honeypot Cowrie Session Video

I had a ssh honeypot running a few months ago for a couple of weeks and while most session playbacks are just rapid fire scripts from bots trying to plant crypto mining software, I did have a few humans kicking around in there. I had a colleague login and kick the tires and shared the video back to him.

Here is the video to give you a sense of what the ssh session looks and feels like.

Fixing the fail2ban filter for Postfix unverified address / user unknown spam attacks

For whatever reason, the default distributed postfix filter I had on my fail2ban setup on ubuntu was not triggering on: 450 4.1.1 Receipient address rejected: unverified address: unknown user mail.log errors. The failregex line was in there for it, but it wasn’t hitting on the endless dictionary attack random attempts from spammer servers across the world. This was annoying because, in...

Setting up a killswitch for attacks with ufw and fail2ban on Ubuntu Linux

Who doesn’t love fail2ban? I know I do. If you look at logs and see the constant and acceleration of the server attacks on the internet from the massive resources across the world doing nothing but trying to takeover your servers for crypto currency mining, ransomware, or to help aid criminal phishing attacks, you’re probably using fail2ban in some form. If you are using fail2ban to...

Workaround for the Jitterbit Harmony Studio with NetSuite Custom Segments Issue

I’ve run Jitterbit Harmony with various integrations for a few years now and have had no issues until recently selecting Custom Segment objects from NetSuite for searches, upserts, etc. I’m unsure if NetSuite 2019.1 changes, the NetSuite API changes, or recent versions of Jitterbit Harmony Agents and Studio have caused the recent problems around the inability to select NetSuite Custom...