Latest Comments

Another Visitor

In response to: Update on Morfeus Fucking Scanner

Another Visitor [Visitor]
If you guys are using nginx (EngineX) instead of Apache (slowpache) you can add this directive to your main server config and / or vhost include files.


if ($http_user_agent ~* (Baiduspider|Jullo|Morfeus) ) {
return 444;server {
listen 80 default;
server_name _;

if ($http_user_agent ~* (Baiduspider|Jullo|Morfeus) ) {
return 444;
}

access_log /usr/local/www/data/_default/access_default.log;
server_name_in_redirect off;

location ~ \.php$ {
root html;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /usr/local/www/data/_default$fastcgi_script_name;
include fastcgi_params;
}

location / {
index index.php index.html;
root /usr/local/www/data/_default;
error_page 404 error/404.html;
}

}

As in the following "default" example (for anything that doesn't match any of my served domains):


PermalinkPermalink 08/05/10 @ 15:49
Richard

In response to: Update on Morfeus Fucking Scanner

Richard [Visitor]
I just added "soapCaller" to my "custom keyword based blocker" which block not only their ip, but their whole subnet.

This is something I cobbled together
(1) Uses modsec to grep any of a list of keywords.
(2) Sends the ip to a "whois" custom java program
(3) This "whois" queries servers such as arin,ripe and gets the netblock range.
(4) Makes an OS call to block the range (via iptables,netsh,ipseccmd,ipsecmod,etc)
PermalinkPermalink 05/14/10 @ 10:04
kyle

In response to: Update on Morfeus Fucking Scanner

kyle [Visitor]
i set up an apache server on ubuntu recently, and i noticed this morfeus stuff on there, "Morefeus strikes again" and a bunch of requests. I don't really understand the http get and post stuff yet, so i was wondering if he had done anything bad. I got a bunch of 404s, but then it says internal dummy connection with what I think is the "option" command. maybe i did this, but i really dont know. mind taking a look?

95.211.24.2 - - [13/May/2010:01:25:08 -0400] "GET /mail/README HTTP/1.1" 404 470 "-" "Morfeus strikes again."
95.211.24.2 - - [13/May/2010:01:25:08 -0400] "GET /README HTTP/1.1" 404 467 "-" "Morfeus strikes again."
::1 - - [13/May/2010:01:25:09 -0400] "OPTIONS * HTTP/1.0" 200 152 "-" "Apache/2.2.12 (Ubuntu) (internal dummy connection)"
::1 - - [13/May/2010:01:25:10 -0400] "OPTIONS * HTTP/1.0" 200 152 "-" "Apache/2.2.12 (Ubuntu) (internal dummy connection)"
::1 - - [13/May/2010:01:25:11 -0400] "OPTIONS * HTTP/1.0" 200 152 "-" "Apache/2.2.12 (Ubuntu) (internal dummy connection)"

Did he get in? or was that just something i did? message me if you want, i appreciate the help
PermalinkPermalink 05/14/10 @ 06:28
Tristan

In response to: Displaying a File Open Dialog in Cocoa with Objective C

Tristan [Visitor]
@Aneeque: Set the Default Directory of the FIle DIalog to "/Applications" and then change the only allowed file types to ".app"
PermalinkPermalink 04/08/10 @ 22:40
ramkumar

In response to: iPhone Application Splash Screens

ramkumar [Visitor]
hey really thanks....i am working for it for more than a day....
PermalinkPermalink 03/28/10 @ 23:12
Bill Hernandez

In response to: Renaming Document Classes in Cocoa

Bill Hernandez [Visitor]
There are only nine steps required :

( 1 ) Select the Classes folder, then the MyDocument.m file
( 2 ) Double Click on "MyDocument" next to the @implementation
( 3 ) Select MenuBar --> Edit --> Refactor and a dialog will appear
( 4 ) Rename should be selected from the popup menu, change the textField to "ParDocument" or whatever you want, and Click Preview, and Apply Button, and Wait till it is done.
( 5 ) At the top of the ParDocument.m file Double Click MyDocument, and do a CMD-E, and a CTRL-CMD-E, then a CMD-SHIFT-F
( 6 ) In the Replace field change MyDocument to ParDocument, or whatever you want.
The popup menu's should have :
"In Project"
"Textual"
"Whole words"
( 7 ) select all the items found and click on Replace, then hit Find again to make sure there are no more items found.
( 8 ) Open the Resources folder and rename MyDocument.xib to ParDocument.xib
( 9 ) Hit CMD-R to run, and you should see a document window open
PermalinkPermalink 03/21/10 @ 22:07
Aneeque

In response to: Displaying a File Open Dialog in Cocoa with Objective C

Aneeque [Visitor]
Hi, can you please let me know how can I display the choose application dialog. I have an application in which I am displaying the right click context menu and I have an option in that menu on click of which choose application dialog gets open, my problem is that I don't know how to open what are the carbon/cocoa API's through which this dialog gets displayed.
PermalinkPermalink 03/16/10 @ 03:10
Jm

In response to: Displaying a File Open Dialog in Cocoa with Objective C

Jm [Visitor]
You legend, ive been looking through apple simple browser and complex browser examples, I knew there had to be an easier way
PermalinkPermalink 02/24/10 @ 18:03
Eric

In response to: Spam Scam #6: The Internet Service Provider Consorcium

Eric [Visitor]
This is still doing the rounds almost a year and a half later. I got called to help an elderly lady (who never even surfs the Web, let alone downloads!) who received this mail scam and another, apparently from the mediadefender.com domain, on the same day. Almost made her throw away her computer completely. ;-)
Showing her this article (and the comments posted by others) convinced her of the falsity of these mails.

Thanks!
PermalinkPermalink 02/15/10 @ 09:56
Aaron Jackson

In response to: Thoughts on HDTVs

Aaron Jackson [Visitor]
Just stumbled across this old post of yours and was wondering if you'd ever changed your mind :) I've replaced every set in my house with HDTVs, and man was it worth it.
PermalinkPermalink 01/03/10 @ 07:56
Sam

In response to: Update on Morfeus Fucking Scanner

Sam [Visitor]
I have nothing on my webserver, just a index.html page saying nothing is here.

I have thousands of lines every day from this Morfeus.

94.102.209.172 - - [08/Dec/2009:13:01:05 +0000] "GET /cube/README HTTP/1.1" 404 288 "-" "Morfeus strikes again."
94.102.209.172 - - [08/Dec/2009:13:01:05 +0000] "GET /round/README HTTP/1.1" 404 289 "-" "Morfeus strikes again."
94.102.209.172 - - [08/Dec/2009:13:01:05 +0000] "GET /roundcube-0.2/README HTTP/1.1" 404 297 "-" "Morfeus strikes again."
94.102.209.172 - - [08/Dec/2009:13:01:05 +0000] "GET /roundcube-0.1/README HTTP/1.1" 404 297 "-" "Morfeus strikes again."
94.102.209.172 - - [08/Dec/2009:13:01:05 +0000] "GET /roundcubemail-0.1/README HTTP/1.1" 404 301 "-" "Morfeus strikes again."
94.102.209.172 - - [08/Dec/2009:13:01:06 +0000] "GET /roundcubemail-0.2/README HTTP/1.1" 404 301 "-" "Morfeus strikes again."
94.102.209.172 - - [08/Dec/2009:13:01:06 +0000] "GET /wm/README HTTP/1.1" 404 286 "-" "Morfeus strikes again."
94.102.209.172 - - [08/Dec/2009:13:01:06 +0000] "GET /webmail2/README HTTP/1.1" 404 292 "-" "Morfeus strikes again."
94.102.209.172 - - [08/Dec/2009:13:01:06 +0000] "GET /rms/README HTTP/1.1" 404 287 "-" "Morfeus strikes again."
94.102.209.172 - - [08/Dec/2009:13:01:06 +0000] "GET /mail2/README HTTP/1.1" 404 289 "-" "Morfeus strikes again."
94.102.209.172 - - [08/Dec/2009:13:01:07 +0000] "GET /mss2/README HTTP/1.1" 404 288 "-" "Morfeus strikes again."
94.102.209.172 - - [08/Dec/2009:13:01:07 +0000] "GET /mss/README HTTP/1.1" 404 287 "-" "Morfeus strikes again."
94.102.209.172 - - [08/Dec/2009:13:01:07 +0000] "GET /roundcubemail/README HTTP/1.1" 404 297 "-" "Morfeus strikes again."
94.102.209.172 - - [08/Dec/2009:13:01:07 +0000] "GET /rc/README HTTP/1.1" 404 286 "-" "Morfeus strikes again."
94.102.209.172 - - [08/Dec/2009:13:01:07 +0000] "GET /webmail/README HTTP/1.1" 404 291 "-" "Morfeus strikes again."
94.102.209.172 - - [08/Dec/2009:13:01:08 +0000] "GET /roundcube/README HTTP/1.1" 404 293 "-" "Morfeus strikes again."
94.102.209.172 - - [08/Dec/2009:13:01:08 +0000] "GET /mail/README HTTP/1.1" 404 288 "-" "Morfeus strikes again."
94.102.209.172 - - [08/Dec/2009:13:01:08 +0000] "GET /README HTTP/1.1" 404 283 "-" "Morfeus strikes again."
PermalinkPermalink 12/20/09 @ 11:38
mms

In response to: iPhone Application Splash Screens

mms [Visitor]
Wow, I have no idea how simple to display a splash screen!!
And it works pretty good, thanks for the tutorial!!
PermalinkPermalink 12/07/09 @ 20:28
Dan Dish Deals

In response to: Entering the HDTV world

Dan Dish Deals [Visitor]
Finding time to do it is quite daunting, I bet you can do it considering you spend alot of time on the computer!
PermalinkPermalink 11/26/09 @ 20:47
MiDoX

In response to: Update on Morfeus Fucking Scanner

MiDoX [Visitor]
Blocking UA and IP'S is nonsense
Both can be faked
Just be sure that the files scanned for don't exists on your server(or in case you want to play with the kids you could create the files with nice js scripts like The Love You virus etc.) but why wasting your time with this ?? just secure your servers
and watch your logs on 200 status codes
The 200 Status tells me that somebody received the file he asked for!!
PermalinkPermalink 11/23/09 @ 11:21
Brandon

In response to: Virtual PC 2007: Bleeding Edge Virtualization

Brandon [Visitor]
You should use virtualbox becuase I know for a fact that virtual pc 2007 doesn't support Ubnuntu or any type of linux. I have tried doing this and I couldn't even get it to install. So guess you could say that you were lucky getting that far. Also virtualbox runs in OSX so you at least don't have to pay for a program like Parallels. Hope this gives ya some thoughts.
PermalinkPermalink 11/20/09 @ 15:46
Gabriele

In response to: iPhone Application Artwork in iTunes

Gabriele [Visitor]
tnx, it helped me :)
PermalinkPermalink 09/13/09 @ 09:59
Jaffee

In response to: Entering the HDTV world

Jaffee [Visitor]
Good stuff =)
PermalinkPermalink 09/07/09 @ 16:28
kayam

In response to: Jailbroken!

kayam [Visitor]
thankyou
PermalinkPermalink 09/02/09 @ 02:05
Axel

In response to: Displaying a File Open Dialog in Cocoa with Objective C

Axel [Visitor]
Nice Dialog thx a lot.
PermalinkPermalink 08/26/09 @ 12:13
The Law Offices of Philip C. Banks

In response to: Update on Morfeus Fucking Scanner

We are receiving the same soapCaller.bs scans, four of them just last night. I am just learning that these are related to this MFS. We have not noticed any particular problems aside from the fact that this keeps popping up on our error list.
PermalinkPermalink 08/04/09 @ 10:20
swetha

In response to: iPhone Application Splash Screens

swetha [Visitor]
Worked like charm...
Thank you so much
PermalinkPermalink 07/30/09 @ 20:55
Phoenixxx

In response to: Displaying a File Open Dialog in Cocoa with Objective C

Phoenixxx [Visitor]
Liked the code.. Very helpful !!
PermalinkPermalink 06/30/09 @ 12:40
Adeem Basraa

In response to: iPhone Application Splash Screens

Adeem Basraa [Visitor]
I have written two tutorials on creating stylish splash screen. You can check it here.

http://adeem.me/blog/2009/06/22/creating-splash-screen-tutorial-for-iphone/
PermalinkPermalink 06/27/09 @ 04:25
Tony

In response to: iPhone Application Splash Screens

Tony [Visitor]
Delete the build folder and rebuild. This should work.
PermalinkPermalink 06/25/09 @ 21:30
bodaay

In response to: Compile iPhone Apps Targeting iPhone OS 3.0

bodaay [Visitor]
Thanks I was looking for this :)
PermalinkPermalink 06/13/09 @ 09:55
snushes

In response to: Jailbroken!

snushes [Visitor]
your phone is locked by the service provider here.
you have to get it "unlocked" by a store in america
any store that unlocks iphones can do it.
might cost you a little bit of money.

next time you buy a phone from another person, ask if its unlocked or not.
PermalinkPermalink 06/08/09 @ 22:47
Ur friend

In response to: Jailbroken!

Ur friend [Visitor]
Yooo Safiya I think this illegal!!!
PermalinkPermalink 05/30/09 @ 18:55
Ur friend

In response to: Jailbroken!

Ur friend [Visitor]
Yooo Safiya I think this illegal!!!
PermalinkPermalink 05/30/09 @ 18:54
spiderman

In response to: Movie Trailer Review: Spiderman 3

spiderman [Visitor]
You know there is a free Spiderman game for the pc? The game has Spiderman, Carnage, Venom and more characters from Marvel, X-men, Justice League, and more. It is called MUGEN.
PermalinkPermalink 05/26/09 @ 19:11
Dawn

In response to: Spam Scam #6: The Internet Service Provider Consorcium

Dawn [Visitor]
Hi, also in SA, JHB. I also received the monitoring@isp. mail. Luckily, I picked it up with the @isp, the spelling, zip and the fact that I'm not a criminal! HERE is another one I received today, which I'm sure is the same type of thing so BEWARE of confirm-r16xa@facebookmail.com. Facebook never sends an email like this to confirm a friend...
Facebook notifier (asks for your username & password)!
One of your old classmates added you as a friend on Facebook. We need to confirm that you know her in order for you to be friends on Facebook.
To see her picture please check your attachment. (picture attachment)
Thanks,
The Facebook Team
Facebook © 2008

Remember to forward warnings on to your contacts about the above.
Thanks for letting me share!
PermalinkPermalink 05/22/09 @ 08:28
Katsu

In response to: iPhone Application Splash Screens

Katsu [Visitor]
I made the default.png and add it to my apps. It works when I tried it with the simulator, but when I tried with the iPhone, (both Default.png and default.png), I didn't see anything.
PermalinkPermalink 05/19/09 @ 18:23
runik

In response to: iPhone SDK Snippets

runik [Visitor]
Thanks, Grate Site!!!
PermalinkPermalink 05/19/09 @ 15:03
Evgeny

In response to: iPhone Application Artwork in iTunes

Evgeny [Visitor]
cool!!! Thanks!
PermalinkPermalink 05/08/09 @ 04:15
Zenni

In response to: Update on Morfeus Fucking Scanner

Zenni [Visitor]
Does it represent threats for HTML only or ASP.NET websites?
PermalinkPermalink 04/17/09 @ 08:10
shineshadow

In response to: Update on Morfeus Fucking Scanner

shineshadow [Visitor]
Beth
You could block the user-agent 'curl'. However you could also just install a captcha of some sort on user and content creation pages. Just google captcha script for various levels from simple math problems to the more typical 'Copy these numbers' kind.
PermalinkPermalink 04/03/09 @ 21:44
rekle

In response to: Jailbroken!

rekle [Member]
Take the iPhone to an AT&T store and get a new SIM card that will work on AT&T.
PermalinkPermalink 04/01/09 @ 07:55
missy

In response to: Jailbroken!

missy [Visitor]
My son bought an iphone over the internet. We live in the United States, he bought it from a kid that lives in Canada. We can not get the iphone to work.

I believe that is has already been jailbroken, but everytime we try to get it to work, it tells us that the sims card is not supported.

Help!!! How can we get this to work and not have a $250 paperweight.
PermalinkPermalink 04/01/09 @ 05:09
Teaser

In response to: Spam Scam #6: The Internet Service Provider Consorcium

Teaser [Visitor]
Thanks for revealing that this email is a scam. I first saw it when checking my email on my mobile. So I thought to open it on my pc. Instead I googled and saw your link. Thanks
PermalinkPermalink 03/18/09 @ 15:42
godling

In response to: Update on Morfeus Fucking Scanner

godling [Visitor]
Well I decided to make a file in my htdocs called soapcaller.bs . I wrote a nice message to the asswipe attempting to scan my location. I have been blocking these through .htaccess but I find it to be a pain and just figure if I send them some viruses to play with that would slow it down at least.
PermalinkPermalink 03/13/09 @ 12:44
Hein

In response to: Spam Scam #6: The Internet Service Provider Consorcium

Hein [Visitor]
I received this email two days ago. Nearly got a heart attack. I did not notice the spelling, i was to shocked. I tried to open the attachment to see what crimes i commited. Lucky my anti virus told me there is a virus in the attachment. Im in South Africa and afrikaans speaking. I dont have my computer very long and still learning.
Thank God for U.
PermalinkPermalink 03/07/09 @ 10:08
vincent

In response to: iPod Touch Bug #1

vincent [Visitor]
i took a pic with my ipod and it buged on the flash part(whigt part) can any 1 help mee
PermalinkPermalink 03/06/09 @ 21:51
anita

In response to: Spam Scam #6: The Internet Service Provider Consorcium

anita [Visitor]
Thanks i live in Australia and have recieved this email several times i am now going to block the sender.
Thanks.
PermalinkPermalink 03/05/09 @ 21:36
Lisa

In response to: Spam Scam #6: The Internet Service Provider Consorcium

Lisa [Visitor]
Received today. Exact same email. I am in the U.S., California. I goodled the email address and found your website. Want to say thanks for the info!! I'm glad I did'nt open the zip file but, wondering what I do with the email? Do I just delete it or take other steps to protect my computer?
Thank you for your time.....
PermalinkPermalink 02/27/09 @ 00:48
dlw

In response to: Spam Scam #9: Your Online Flight Ticket N 45109

dlw [Visitor]
It is goign aroudn again as a message from Delta Airlines with a zip file atatched.
PermalinkPermalink 02/26/09 @ 16:03
Beth

In response to: Update on Morfeus Fucking Scanner

Beth [Visitor]
Can anyone share the OSSEC rule they've used to block any user-agent? curl is being used constantly to create new blog accounts (1700 time yesterday) and I want it to stop. If I had a rule that blocked when there's a match for user agent = ^curl and file = wp-signup.php, I'd be able to eliminate 99.9% of the spam blog signups.

thanks,
Beth
PermalinkPermalink 02/26/09 @ 11:12
BOBZEE

In response to: Spam Scam #6: The Internet Service Provider Consorcium

BOBZEE [Visitor]
THANKS FOR ALL YOUR ADVICE GUYS. I ALMOST OPENED THE ZIPFILE UNTIL I NOTICED THE SILLY SPELLING ERROR. I JUST WONDER HOW THEY CHOOSE THEIR 'VICTIMS' COZ I DIDN'T THINK MY EMAIL ADDRESS WAS ON SUM DODGY DATABASE THAT COULD ACCESSED BY ANYONE...
PermalinkPermalink 02/23/09 @ 06:55
Sterling Cooper

In response to: Update on Morfeus Fucking Scanner

Sterling Cooper [Visitor]
I just saw "Morfeus Fucking Scanner" in my log files today, thanks for the article.
PermalinkPermalink 02/20/09 @ 11:37
R.B.

In response to: Spam Scam #6: The Internet Service Provider Consorcium

R.B. [Visitor]
How can I get these people to stop sending this e-mail. They are claiming that I am doing illegal activities on the internet, which originate from 68.111.94.136. I have no idea what this is?
PermalinkPermalink 02/19/09 @ 20:31
Chris

In response to: Spam Scam #6: The Internet Service Provider Consorcium

Chris [Visitor]
Same message. Jan 31st. Nice work
PermalinkPermalink 01/31/09 @ 19:21
Moebius Trip

In response to: iPhone Application Splash Screens

Moebius Trip [Visitor]
@Isaac

You are right, Default.png' works fine in the simulator but not the iPhone itself. You should use 'default.png' instead -- Mac OS X is case sensitive and the iPhone explicitily looks for 'default.png'.

M
PermalinkPermalink 01/26/09 @ 17:27
May 2013
Mon Tue Wed Thu Fri Sat Sun
 << <   > >>
    1 2 3 4 5
6 7 8 9 10 11 12
13 14 15 16 17 18 19
20 21 22 23 24 25 26
27 28 29 30 31    
Copyright © 2005 - 2013, Rick Ekle

Comments? Contact me at rick@ekle.us or visit me on Twitter at @rekle

Search

XML Feeds

User tools

powered by b2evolution free blog software