Category Archives: Code

code

Roundcube Plugin: Defense

Posted on February 21, 2013.

With the new 0.9-beta I found some plugins needed updating. The antiBruteForce plugin that I relied on to thwart bruteforce login attempts no longer worked. I searched for an alternative and found the ‘security’ plugin, which looked like it would be a good alternative. However upon closer inspection it seems to miss a few critical features, so I set out to fill the void of a decent anti-brute-force plugin for Roundcube 0.9+.

Introducing roundcube-defense.

Bruteforce protection
- Ban based on X failed-logins per Y seconds (default: 5 fails / 60m)
- Ban for X seconds. (default: 120)
- Increasing ban duration by power of 4 for repeated offenders (2m, 8m, 32m, 8h32m, etc)
Whitelist
Blacklist
Failed logins log [TODO: Logs are in DB, but no interface yet]
- Only accessible by administrator

Visit the github page for more information. Worked fine with internal testing, however any bug reports or feature requests are welcome via the issues tracker.

2 Comments

Zabbix Unsupported Items Status

Posted on January 5, 2012.

Following on from the zabbix status script, I have put togethor another script to list any unsupported items on agents.

For an item to go unsupported, it usually means something is wrong with the agent, so I add this script to /etc/cron.hourly.

The SQL query to get the list of unsupported items is,

SELECT
        hosts.host AS hostname,
        items.description AS item,
        items.key_ AS "key"
FROM
        items
RIGHT JOIN
        hosts ON items.hostid=hosts.hostid
WHERE
        items.status = 3;

SELECT

hosts.host AS hostname,

items.description AS item,

items.key_ AS "key"

FROM

items

RIGHT JOIN

hosts ON items.hostid=hosts.hostid

WHERE

items.status = 3;

Download
zabbix-unsupported-status.sh (1.3 KiB, 3,298 hits)

1 Comment

backuppc: Use of qw(…) as parentheses is deprecated

Posted on January 3, 2012.

If you upgrade Perl to 5.13.5 or beyond, backuppc will begin to spew this warning at every oppurtunity. Debian/wheezy currently has these warnings on startup and in backuppc logs.

Debian bug #650522 suggests surrounding each use of qw(…) with rounded parenthesis: (qw(…)). There are a lot these used throughout backuppc, so I took a slightly less ingenious but just as effective route.

By adding: “no warnings 'deprecated';” to the beginning of each file that uses qw(…), the warnings are suppressed. This change can be scripted by using the following one-liner:

grep -ril 'qw(' /usr/share/backuppc/lib/BackupPC/|while read file; do sed -i "1i no warnings 'deprecated';" $file; done

1	grep -ril 'qw(' /usr/share/backuppc/lib/BackupPC/\|while read file; do sed -i "1i no warnings 'deprecated';" $file; done

The location /usr/share/backuppc/lib/BackupPC/ is used on Debian/wheezy and may need adjusting for other distros.

1 Comment

Zabbix Trigger Summary by Email

Posted on December 27, 2011.

With quite a few flapping triggers on Zabbix I wanted to have a daily summary of active triggers. Following a few posts on the Zabbix forums I made a quick and dirty bash script.

Download
zabbix-status.sh (2.1 KiB, 3,887 hits)

3 Comments

#!/usr/bin/nooblet.org

/* not just your average nub */

Category Archives: Code

Roundcube Plugin: Defense

Zabbix Unsupported Items Status

backuppc: Use of qw(…) as parentheses is deprecated

Zabbix Trigger Summary by Email