Inconsistent behavior. PHP5 FreeBSD server Vs PHP5 Windows Server.
Hi, I have a strange problem with PHP5 on FreeBSD. When run on a FreeBSD server the decrypt function of a xTea encryption library does not work correctly. While the same PHP code runs without problem on a Windows Server. Has anybody experienced similar problems? I am at a dead end any help would be much appreciated. Windows output: xTea A secret message. Meet at 21:00 by the old bridge to talk about the new plan. hK/xEOKqgx+Tfb7tCndxFH/3HTck+cy3+y1uMa/DUWNgg7I91/QeG2BceCmtaDYmFjPRAczqCHCc LHMWiGE0ZQV+QC+f3xcJWvtGxLIdDHY= A secret message. Meet at 21:00 by the old bridge to talk about the new plan. FreeBSD output: xTea A secret message. Meet at 21:00 by the old bridge to talk about the new plan. hK/xEOKqgx+Tfb7tCndxFH/3HTck+cy3+y1uMa/DUWNgg7I91/QeG2BceCmtaDYmFjPRAczqCHCc LHMWiGE0ZQV+QC+f3xcJWvtGxLIdDHY= ’³ûøfsƒ‰cfˆ®[Ë[…*x¶ØÚ5L´¥$¨lÔî�ÊB%Tª”ô�Ö�GµXõqÕ-åÉH(€¯;H8¯€àØà Note encryption works fine it is possible to encrypt the message on FreeBSD and decrypt the message on Windows. The message also decrypts correctly using a Javascript implementation of xTea. The only part that fails is decrypt under FreeBSD. Is this expected and common? PHP source: ?php require('xTEA.php'); $key = 'Password'; $input = A secret message. Meet at 21:00 by the old bridge to talk about the new plan.; //Encrypt $ct_data = base64_encode(cryptN($input, $key, TRUE, 32)); //Decrypt $pt_data = cryptN(base64_decode($ct_data), $key, FALSE, 32); ? html body h3xTea/h3 pre?=$input?/pre pre?=chunk_split($ct_data);?/pre pre?=$pt_data?/pre /body /html xTEA.php: ?php /*\ Based on TEA (2nd variant),http://www.simonshepherd.supanet.com/tea.htm crypt en- and decrypts a string (1st arg) using a key (2nd arg) of length 16 with 16 iterations (a 4th argument may be given to use another number of iterations (8 is superficial, 16 is often adequate, 32 is hard)). Arg 3 is true for encryption, false for decryption. Key is taken to contain byte characters (0x01-0xFF); subject sstring may contain wider characters but only each lower byte is used. \*/ function cryptN($str,$key,$encrypt,$itr) { $res=; while (strlen($str)8) { // $res .= crypt8(substr($str,0,8),$key,$encrypt,$itr); $res .= JScrypt8(substr($str,0,8),$key,$encrypt,$itr); $str = substr($str,8); } if (strlen($str)0) { while (strlen($str)8) { $str .= ' '; } // $res .= crypt8($str,$key,$encrypt,$itr); $res .= JScrypt8($str,$key,$encrypt,$itr); } return rtrim($res,' '); } //Four-byte truncate function fbt($x) { $x = $x0x0; return $x0?0x01+$x:$x; } function JScrypt8($oct,$key,$encrypt,$itr) { $y=0; $z=0; $k=array(); $k[0]=$k[1]=$k[2]=$k[3]=0; $d=0x9E3779B9; $sum=$encrypt?0:($d*$itr); $res=; for ($i=0; $i8; ) { $y=fbt(($y8)+(ord($oct{$i})0xFF)); $k[$i3]=fbt(($k[$i3]8)+ord($key{$i})); $k[$i3]=fbt(($k[$i3]8)+ord($key{$i+8})); $i++; $z=fbt(($z8)+(ord($oct{$i})0xFF)); $k[$i3]=fbt(($k[$i3]8)+ord($key{$i})); $k[$i3]=fbt(($k[$i3]8)+ord($key{$i+8})); $i++; } if ($encrypt) { while ($itr--0) { $y = fbt(($y+fbt(($z*16)^floor($z/32))+fbt($z^$sum)+$k[$sum3])); $sum=$sum+$d; $z = fbt(($z+fbt(($y*16)^floor($y/32))+fbt($y^$sum)+$k[($sum11)3])); } } else { while ($itr--0) { $z = fbt($z-fbt(fbt(($y*16)^floor($y/32))+fbt($y^$sum)+$k[($sum11)3])); $sum=$sum-$d; $y = fbt($y-fbt(fbt(($z*16)^floor($z/32))+fbt($z^$sum)+$k[$sum3])); } } for ($i=4; $i--0; ) { $res .= chr(fbt(($y0xFF00)24)); $y = $y8; $res .= chr(fbt(($z0xFF00)24)); $z=$z8; } return $res; } function crypt8($oct,$key,$encrypt,$itr) { $y=0; $z=0; $k=array(); $k[0]=$k[1]=$k[2]=$k[3]=0; $d=0x9E3779B9; $sum=$encrypt?0:($d*$itr)0x0; $res=; for ($i=0; $i8; ) { $y=($y8)+(ord($oct{$i})0xFF); $k[$i3]=($k[$i3]8)+ord($key{$i}); $k[$i3]=($k[$i3]8)+ord($key{$i+8}); $i++; $z=($z8)+(ord($oct{$i})0xFF); $k[$i3]=($k[$i3]8)+ord($key{$i}); $k[$i3]=($k[$i3]8)+ord($key{$i+8}); $i++; } if ($encrypt) { while ($itr--0) { $y = ($y+(($z4)^($z5))+($z^$sum)+$k[$sum3])0x0; $sum=$sum+$d; $z = ($z+(($y4)^($y5))+($y^$sum)+$k[($sum11)3])0x0; } } else { while ($itr--0) { $z = ($z+0x01-$y4)^($y5))+($y^$sum)+$k[($sum11)3])0x0))0x0; $sum=($sum+0x01-$d)0x0; $y = ($y+0x01-$z4)^($z5))+($z^$sum)+$k[$sum3])0x0))0x0; } } for ($i=4; $i--0; ) { $res .= chr(($y0xFF00)24); $y = $y8; $res .= chr(($z0xFF00)24); $z=$z8; } return $res; } ? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: sshd possible breakin attempt messages
Hi Brad, I don't know much about the nuts and bolts of FreeBSD or Security, but I resently had the same problem as you. I found that the Denyhosts port (http://denyhosts.sourceforge.net/index.html) fixed the problem very well. The non-standard, host.evil, set-up works best with the FreeBSD host.allow format. You end up with a host.allow that looks a bit like this: # # Denyhost Cron Job checks the logs and adds # the bad IPs to hosts.evil # ALL: /usr/local/etc/hosts.evil : deny # # Trust everyone until the logs say they tried a bad thing. # ALL : ALL : allow The FAQs on the website are very good and the Denyhosts' config file is well commented so the set-up and install is very easy. I hope this helps. Merv On Monday 06 February 2006 16:23, Brad Gilmer wrote: Hello all, I guess one of the banes of our existance as Sys Admins is that people are always pounding away at our systems trying to break in. Lately, I have been getting hit with several hundred of the messages below per dayin my security report output... gilmer.org login failures: Feb 5 11:18:17 gilmer sshd[78078]: reverse mapping checking getaddrinfo for 206-171-37-232.ded.pacbell.net failed - POSSIBLE BREAKIN ATTEMPT! Feb 5 11:18:18 gilmer sshd[78080]: reverse mapping checking getaddrinfo for 206-171-37-232.ded.pacbell.net failed - POSSIBLE BREAKIN ATTEMPT! Feb 5 11:18:20 gilmer sshd[78082]: reverse mapping checking getaddrinfo for 206-171-37-232.ded.pacbell.net failed - POSSIBLE BREAKIN ATTEMPT! I am running FreeBSD 5.4 RELEASE, and right now this box is not a production machine, but I am going to be taking it live fairly soon. Questions: 1) Is there anything I should be doing to thwart this particular attack? 2) Given that I am on 5.4, should I upgrade my sshd or do anything else at this point to make sure my machine is as secure as possible? 3) (Meta-question) - Should I upgrade to 6.0 before I go live to be sure I am in the best possible security situation going forward? Should I wait until 6.1 for bug fixes (generally I am opposed to n.0 anything). Thanks Brad ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: how to upgrade Perl
You will also have to reinstall all the other p5 ports that you may have installed prior to this upgrade. So that they all compile for 5.8 On Monday 26 July 2004 12:09, Perica Veljanovski wrote: How do I upgrade perl version 5.005_03 to Perl 5.8 on my FreeBSD 4.10-RELEASE from ports? Tryed: cd /usr/ports/lang/perl5.8 make install and nothing happend :P Nothing at all? Was there no output on the console? If you did see the normal kind of burbling, but still find ports use the original version, you probably haven't done: #use.perl port all done :) I did the make install in ssh from a windows box, an gues what, the windows box crashed during the make install on the fbsd box. And since I'm lazy enough not to run script(1) I didn't see the end of make which probobly sad what you sugested. 10x Peter. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: how to upgrade Perl
pkg_version -v | grep p5 On Monday 26 July 2004 16:49, Paul Schmehl wrote: --On Monday, July 26, 2004 12:46:06 PM +0100 merv [EMAIL PROTECTED] wrote: You will also have to reinstall all the other p5 ports that you may have installed prior to this upgrade. So that they all compile for 5.8 This explains something. I tried to upgrade perl and ran use.perl port, but that broke things. Is there a trivial way to see what p5 ports you have installed? I'm perfectly willing to do the work if the end result is functional. :-) Paul Schmehl ([EMAIL PROTECTED]) Adjunct Information Security Officer The University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu/ir/security/ ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: How to Get Public IP From LinkSys Router?
Drew, I use a perl script to get mine, see below. It may point you in the right direction. You will need to change this script to use your SMTP server, your email address and the IP address of your router. ~~~ #!/usr/bin/perl # Dynamic DNS, style program. # # Usage : Ask the Router for my Dynamic WAN IP addres and # then mail the result to me. # # Future : Build HTML page and post it to my Web site. # # perl -MCPAN -e 'install Bundle::LWP' # use LWP::UserAgent; use HTTP::Cookies; use Net::SMTP; # # Send Mail to Me with my IP address. # #Array of people to tell @ToList = qw([EMAIL PROTECTED] [EMAIL PROTECTED] ); sub send_mail() { $from=FreeBSD; $srvr=YOUR SMTP SERVER; $smtp = Net::SMTP-new($srvr); foreach $to (@ToList) { $smtp-mail($from); $smtp-to($to); $smtp-data(); $smtp-datasend(To: Users\n); $smtp-datasend(\n); $smtp-datasend(New IP address is :. $ip . \n\n); $smtp-dataend(); sleep(1); } $smtp-quit; } #What was the IP address last time, we will save and check. $in_file = h:/wsh/WANIP_LOG.txt; $out_file = h:/wsh/WANIP_LOG.txt; $linksyspassword = 'NOT TELLING YOU'; $ua = new LWP::UserAgent; $req = new HTTP::Request GET = 'http://ROUTER'S IP/Status.htm'; $req-authorization_basic('',$linksyspassword); $res = $ua-request($req); if ( $res-is_success ) { @data = split /tr/, $res-as_string; } else { # print Error: unable to get router's address\n; exit 1; } foreach $data (@data) { if ( $data =~ /IP Address:/ ) { $data =~ s/\/td\/tr//g; # trim extraneous tags $data =~ s/(.)*//; # $ip = $data;# The second IP is what we want. } } #Read in Old WAN IP. open (IN, $in_file) || die Can't open $in_file: $!\n; undef $/; #Skip end of line marker. $content = IN; close(IN); $/ = \n; #Restore for normal behaviour later in script if(($content =~ m/$ip/)==0) { send_mail(); } #Save the WAN IP open(OUT, $out_file) || die Can't open $in_file: $!\n; print OUT $ip\n; #print DSL Gateway $ip \n; On Wednesday 03 September 2003 7:27 pm, Drew Tomlinson wrote: I need to get my public IP address from a LinkSys cable router and don't have any idea where to start. The LinkSys is doing NAT and my FBSD box in on the private network on the inside. What commands and/or ports are there that would provide the public IP address from the command line so I pass the IP to a script? Any ideas? Thanks, Drew ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]