howto block w00tw00t.isc.sans.dfind:) and other scans using iptables

Posted by & filed under admin.

Lately I recognized the increase of scans for some certain paths resp. not closed connections from user agents containing strings like “w00t.isc.sans.Dfind:)” and variations thereof. The source of these strings were from dialup ip adresses but also from some probably hacked fixed server ip adresses. To get rid of these scans I whipped up a shellscript which scans the apachelogs and utilizes iptables to block these ip adresses. The script assumes there are no installations of phpmyadmin or other server management software in a standard path. A responsible acting admin should’t use this kind of thing on openly accessible production servers anyway methinks 😉

Continue reading →

zensursula – german internet rises against censorship and does epetition Bundestag

Posted by & filed under internet.

in the last days my international followers probably recognized the hashtags #zensursula and #epetition in my µblog messages and me sending in krautlanguage a lot and talking about a magic 50000. I will try to explain why/what this is about.


German family secretary Usula von der Leyen has a mission. She wants to get all child pornographic content out of the internet. A mission which I do principially second, because I do hate all this stuff, like every sane person does. Unfortunately the intended means of getting the stuff out of the net are, put mildly, not very tech savvy and do have the odour of censorship. Especially in the light of other politicians (elections ahead!) suggesting now more things which are worth to be filtered, not only child pr0n. Who would have honestly expected something else 😉

The german word for censorship is zensur in combination with Frau von der Leyens Firstname Ursula it mashes up to #zensur-usula.

so the hashtag was born.


German Bundestag decided 2005 to give the german citizens the possibility to petition german Bundestags petition comission online. A server (which was not very much publicized) was setup (not very reliable btw) to enable these epetitions including forums to discuss them. If such an epetition gets 50000 supporters in 6 weeks it has to be discussed in public before the Petitionsausschuss des Bundestages.

This server led a quite life without much traffic for several years, until lately another epetition raised a lot of awareness for it. This awareness was a good stresstest failed terrificly by the server. One can muse about a government putting one’s taxmoney into a server which is not able to handle more then round about 10-18 votes max A MINUTE for some 85 million people in germany. Tactics or incompetence? A combination of both I fear.

Tactics or incompetence is the question again, when it comes to the measures planned by the german govt. to get the content out.

1. All german isp’s shall filter based on the domains (dns) and show a stop sign if illegal content is requested. Furthermore there should be a protocol of showed stop signs and if one gets too many stop signs police will come by and have a chat with the alleged child pornographer (no wait, haven’t there been mentions to filter more, not only child porn?).

2. The filter List is compiled by german BKA (as a german I shudder anyways by centralized police work, we had that already, too often) on a daily basis and send to the isp’s who are oligated to feed it to their nameservers, which will block the sites and report to BKA.

Till here not that much to complain about, except politicians wanting to filter everything which they do not understand or like, one could think. But now it gets dicey. There will be no judge or independent party involved in the decision process what domain belongs to this list. The list will be kept secret (except for some policemen). This smells like censorship preparations, big time.
Just imagine a policeman putting “by error“ a specific domain on a specific day on the list, claiming afterwards it was by accident, whatever.

The discussion broke loose on the very first day of this law proposal. twitter + were like always fast reacting realtime medium with youtube (how do I use opendns in 27 seconds) and blogs in the wake with longer articles about the matter.

One can follow mitzeichner or zensurla to get informed about the number of signers of the petition (numbers are international).

The good news:

It cracked the 50000 goal (I am number 984 btw) and rises. Hopefully to a 6 digit value until the 16th of June, which is vote closing time (dreaming abt. 7 digits,though, but even IF ppl wanted, the server probably won’t be able to process it in time).

It is a big buzz now on the news. German internet is rising against #zensursula and activating all other contacts. I am part of it, and so are many others. T-shirts are printed, I spammed my adressbook/facebook/skype like thousand others did.

The bad news:
The law will come. There are elections, so poulism counts.

Hope I could shed some light on the strange hashtags + krautcontent I was producing lately.
Unfortunately most of the links are german, but here is a list of IMHO further important ones.

lego movie
zensursula t-shirt

Good compilation of links + stuff @ fixmbr

Just to make it crystal clear again I DO DESPISE CHILD PORN! I want to have this shit out of the net, too.

the above is because german politicians don’t get it and call me “uncivilized” because I am (in their opinion coz I do not like their cool law) against getting it out the net.

so long
happy censorfree surfing