The Mergy Notes

content + info + hacks + solutions

Latest Notes

SSH Honeypot Cowrie Session Video

I had a ssh honeypot running a few months ago for a couple of weeks and while most session playbacks are just rapid fire scripts from bots trying to plant crypto mining software, I did have a few humans kicking around in there. I had a colleague login and kick the tires and shared the video back to him.

Here is the video to give you a sense of what the ssh session looks and feels like.

Fixing the fail2ban filter for Postfix unverified address / user unknown spam attacks

For whatever reason, the default distributed postfix filter I had on my fail2ban setup on ubuntu was not triggering on: 450 4.1.1 Receipient address rejected: unverified address: unknown user mail.log errors. The failregex line was in there for it, but it wasn’t hitting on the endless dictionary attack random attempts from spammer servers across the world. This was annoying because, in...

Setting up a killswitch for attacks with ufw and fail2ban on Ubuntu Linux

Who doesn’t love fail2ban? I know I do. If you look at logs and see the constant and acceleration of the server attacks on the internet from the massive resources across the world doing nothing but trying to takeover your servers for crypto currency mining, ransomware, or to help aid criminal phishing attacks, you’re probably using fail2ban in some form. If you are using fail2ban to...

Workaround for the Jitterbit Harmony Studio with NetSuite Custom Segments Issue

I’ve run Jitterbit Harmony with various integrations for a few years now and have had no issues until recently selecting Custom Segment objects from NetSuite for searches, upserts, etc. I’m unsure if NetSuite 2019.1 changes, the NetSuite API changes, or recent versions of Jitterbit Harmony Agents and Studio have caused the recent problems around the inability to select NetSuite Custom...

Tides Success Story @

Forgot about the interview and discussion we had back in late 2017 with on everything we have built at Tides. It’s funny, we’ve built and done so much more since then and are in the process of a massive grants management system as well.

Link to the Tides Sucess Story at

TAG Member Spotlight

TAG did a wonderful spotlight on me a while back. Really well done. This was early on in our membership with TAG. Since then, I have really found it to be even more of a wonderful group and stepped into a Board role with TAG.

Combining multiple fields from a Jitterbit connection into a large text field in Formula Builder

Took me a while to work this through. It should have been pretty easy but the Jitterbit Formula Builder syntax is just different enough to be a little bit of a challenge. Basically, I had a need to take multiple fields from a Jitterbit connection and map them over to a multiple line large string text field. We were taking some data parsed into separate fields and just moving them into a big text...

NUT ups.conf configuration for OMNIVS 1500XL USB

The Tripplite OmniVS 1500XL is a great home/SOHO USB UPS that is expandable with external battery packs. But, the NUT support on Debian-based linux distros is no bueno. They support Redhat-based with some software, but Debian users are stuck with NUT and tripplite_usb driver support. The unit doesn’t dish a few variables via the tripplite_usb driver so you kind of want to add a few...

Standard WordPress Attacks Visualized

Everyone that runs WordPress or any website knows there are thousands upon thousands of servers across the Internet doing nothing but looking for vulnerabilities and trying to hack sites. Logs directly don’t give you the sense of what is really happening in a nice visual way. An old favorite of mine, Logstalgia, is a fun way to see what all those servers trying to take you down, hack and...