Josh Wieder

After 2 years I have a new template. The old template was but ugly, contained pointless functions like dynamically changing look & feel to ensure that no matter what option was chosen, everything was always broken. Other, necessary functions like contact information it hid deep within the code, never to be seen by mere humans. I've watched my readership dwindle from thousands a day to a few dozen, as presumably they escaped to more sanely-coded pastures. I had come to accept all of this until today, when I found myself extending some custom rich snippets. Over the years, you see, I've been fighting something of a crazed Google war with a dermatologist from California. A dermatologist who by happenstance is named Joshua Wieder. For some time a detente had been reached, the good doctor opting for the more formal Joshua while I controlled the top results for the more casual Josh. Then, a year passed in which I was focused on actual work. My domain name lapsed and was claimed

Introduction Alright guys, this is a biggie. Shellshock allows remote code execution and file creation for any server relying on bash v3.4 through v1.1. If you are using Redhat or CentOS and the default shell, your server is vulnerable. The patching history was sketchy, as well. If you patched immediately when the bug came out using  CVE-2014-6271 , you are still likely vulnerable (as of right now, 9/26/2013 12:50PM EST). Run the following to apply the patch: #yum update bash You need CVE-2014-7169  if you are using Red Hat Enterprise Linux 5, 6, and 7. Note that 2014-7169 DOES NOT address the following operating systems, which as of right now are still not fully patched: Shift_JIS, Red Hat Enterprise Linux 4 Extended Life Cycle Support, Red Hat Enterprise Linux 5.6 Long Life, Red Hat Enterprise Linux 5.9 Extended Update Support, Red Hat Enterprise Linux 6.2 Advanced Update Support, and Red Hat Enterprise Linux 6.4 Extended Update Support If you applied CVE-2014-6271 and nee

For those not familiar with Spanish ISPs, RedIRIS is Spain's  National Research and Education Network . They are part of  Consorci de Serveis Universitaris de Catalunya and  Forum of Incident Response and Security Teams .  Essentially its an organization devoted to university networking projects and advanced R&D. They get their own nice big netblock to mess around with (in this case  193.144.0.0/14) . Similar projects in the US would be CalREN, Internet2 and LambdaRail.  I'm seeing what looks like malicious scanning from the RedIRIS netblock, like this: ** ** - - [08/Sep/2014:18:54:34 -0400] "GET /muieblackcat HTTP/1.1" 404 15 "-" "-" ** ** - - [08/Sep/2014:18:54:34 -0400] "GET //phpMyAdmin/scripts/setup.php HTTP/1.1" 404 15 "-" "-" ** ** - - [08/Sep/2014:18:54:34 -0400] "GET //phpmyadmin/scripts/setup.php HTTP/1.1" 404 15 "-" "-" ** ** - - [08/Sep/2014:18:54:35 -0400] "G

So I am looking around in one of Microsoft's websites for web development tips when I come across this: D'oh It's really one of the worst possible places to put one of those.

Getting these on one of my web servers on an almost daily basis: 114.232.243.86 - - [01/Sep/2014:09:51:34 -0400] "GET http://hotel.qunar.com/render/hoteldiv.jsp?&__jscallback=XQScript_4 HTTP/1.1" 404 15 "http://hotel.qunar.com/" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.114 Safari/537.36" The traffic comes from all sorts of different IPs that are owned by China Telecom. 114.232.243.86, 114.231.42.219, 222.209.137.232, 222.209.152.192, 118.113.227.95. The host I am seeing this on does not need to speak to anyone or anything in China, so I used IPTables to filter the entire netblocks I see hits from. Here is an example of a filtering rule along with a little note for myself. Notice that this rule assumes two nonstandard chains - BLACKLIST and LOGDROP - that I use to organize my ruleset. -A BLACKLIST -s 114.224.0.0/12 -m comment --comment "Chinanet Hotel Qunar Referrer" -j LOGDROP Beca

The website is rapidly approaching a quarter million hits(!). I haven't really done much to plug the site besides announcing new posts on Twitter and Google Plus, of which combined I have about 30 followers. Some time ago I used the free Bing and Adwords credits they give you for signing up. It never drove any real traffic to the site, and I never renewed after the trial. The only explanation I can think of is that people are reaching the site while looking for a way to fix a vexing issue, which is exactly what I had hoped for. Well, in all fairness, 14% (at most) seem to be looking for free Windows product keys (and leaving disappointed - sorry folks). All in all, that wave was about 33,000 views, which leaves over 200,000. Our average post gets about 1,000 views, with quite a few getting around 5,000 to 10,000. India is the second largest source of traffic, behind the US and before the UK. Perhaps most surprising, my post about qBasic Gorillas is the most popular (behind th

Hi everyone. My sincerest apologies for what has amounted to a year-long delay in publication. The break was due to a combination of factors - my job making it tough for me to write about tech matters away from the office and a failure to update payment information with my DNS provider. Im sad to say that as of this moment "joshwieder.com" is being held ransom by bulk domain purchasers. Best of luck to them; I can't speak for any of the other Josh Wieders out there but this one has about ten bucks he is willing to spend for the privilege of not using a subdomain. What this means is that we will be stuck using joshwieder.blogspot.com for the time being, unfortunately. Ill try to update the search engines and broken links to the best of my ability to do so. FYI every other part of the URL structure remains the same, so joshwieder.com/pagename would become joshwieder.blogspot.com/pagename and not joshwieder.blogspot.com/crazy/new-path.php or something. I'll have some n