Ticketweb followup

Ticketweb (a UK arm of Ticketmaster) have confirmed that someone was able to send emails to subscribers fraudulently. Their initial response was covered on the Naked Security blog. A second email was sent out this evening: One part which stands out says: We sincerely regret any concern that may have been caused by this incident and we can assure you we took immediate action to close the unauthorised access as soon as it was identified.

Ticketmaster / Ticketweb hacked?

This afternoon I received an email with the spammy subject “Action Required : Update Your PDF Application”. I almost ignored it until I noticed that the link inside pointed to a domain owned by Ticketmaster. As I have shopped with Ticketmaster before, perhaps this isn’t so surprising. My first thought was that Ticketmaster had a dodgy redirect on their site, until I looked at the email and saw that it was actually sent from Ticketmaster’s network.

Fixing vim from macports

After installing vim from MacPorts I noticed that neither the arrow keys or backspace work as expected. The solution is simple, create a ~/.vimrc file with the following contents: set nocompatible set bs=2 Reload vim and voila, insert mode behaves as I’d expect it to. Note that you don’t really need to set nocompatible, simply having a .vimrc file in your home directory does this automatically. I’ve left it in to remember the solution in future.

Stupid password rules

Today I forgot the password for a site I use only occasionally. This is rare, as I have a number of password schemes that I use to create a password unique to each site. After clicking the reset password link, I am confronted with the “password strength checker” below: This list of rules doesn’t fit very well with my password scheme, primarily because what I computed in my head fails the test for uppercase characters.

dban on a USB stick

After a number of unsuccessful attempts to get dban on a USB stick using unetbootin, I found the Universal USB Installer instead. This appears to do a better job, making a bootable installation from the latest preview build of dban. It helps to remove the USB stick after boot, during the “Waiting for USB devices to register” stage. This is an issue with how dban recognises mass storage on some motherboards, rather than a problem with the USB boot.

Reporting a phishing site, is it worth it?

So I thought I was being a good internet citizen when I received the following email a week ago: Dear User; Please update to our new server click here to begin Thanks and have a wonderful day. Webmaster The site looked like this: For a while I was confused, after all I run my own email. Did I really need to remind myself of my password? And what had happened to my unlimited quota?

Adding fake ethernet headers to pcap files

Occasionally I see packet captures which have been saved as Raw IP, which can really mess up many of the tools developed to deal with pcap. Anything based on libnids, including the Perl module I maintain, cannot deal with it and will produce no (or bizarre) results. Wireshark displays these captures just fine, with “Raw packet data - no link information available” just above the IP layer.

Using the Razor view engine with S#arp architecture

Whilst the Sharp Architecture maintainers have little interest in Razor (see here), I have been using it recently and like the syntax. Swapping out a default project to use Razor instead of (or in addition to) the default engine isn’t too difficult. Enabling the view engine In Global.asax, find the few lines below in Application_Start(): ViewEngines.Engines.Clear(); ViewEngines.Engines.Add(new AreaViewEngine()); We need to register Razor here, by adding the line below:

Welcome to the IPv6 world

This blog can now be reached over IPv6 (or, which is surely the final nail in the coffin of IPv4 across the internet.

Net::LibNIDS 0.1 released

The other day I pushed a new version of Net::LibNIDS to CPAN. It interfaces with the C library libnids in order to provide TCP stream reassembly and returns the data to your Perl callback.