Posted on February 11, 2023 by mark

Been a long while since I posted anything, the real world has been keeping me too busy. But here are a few things that have been irritating me lately.

Will hackers ever go away

There was an article on the register with a link to known Russian hacktivists Killnet open proxy addresses. Reference https://www.theregister.com/2023/02/06/killnet_proxy_ip_list/

I downloaded the list and compared the ip-addrs in it against the 15530 entries my automation rules have added to my blacklist filter since I last rolled it on 17 Aug 2022. There were 16 matches. Mainly just trying “/wp-login.php?action=register” or running “masscan”.

The masscan is on github at the public repo https://github.com/robertdavidgraham/masscan and can be used to scan the entire internet and warns it can cause denial of service if used for ipv6 addresses. Looks like hacker kiddies have taken to playing with it as is rather than trying anything orgional.

The list referred to by the register site has around 16,000 entries as its rather specifically targetted at the open proxies used by the russian killnet hacking team. Are they a worry ?, no, I have 15514 additional unique ip-address that have tried to hack into my server in less than a year and this is a personal web sever that gets almost no real traffic so there are a lot more hackers to worry about than that one group (more in my list now, a few more realtime ones added and a couple I manually added as snort tells me there are still losers out there trying the log4j hack).

And a Docker update broke docker

The below used to work in damon.json for docker, it stopped working after my last update and prevented docker starting.

{
  "insecure-registries" : [ "docker-local:5000" ]
}
{
  "dns": ["192.168.1.179", "192.168.1.1", "8.8.8.8"]
}

No biggee, apart from I did not notice for a while. The fix is to just edit the file to be as below.

 

{
  "insecure-registries" : [ "docker-local:5000" ],
  "dns": ["192.168.1.179", "192.168.1.1", "8.8.8.8"]
}

Yes I do run a local insecure registry for internal use. It is only exposed externally via a https proxy so not an issue.

 

Bloody Java

Interesting article on the register at https://www.theregister.com/2023/01/27/oracle_java_licensing_change/

Many of you will already have come across discussions on those licensing changes on forums or technology websites.

Oracle bless them are short of money again, and are changing the licensing terms from “per user” to “per employee”, so if you have one Java server and two Java developers you are probably not paying much at the moment; if your company has 100 employees your license costs have just gone through the roof.

Too avoid the Oracle Java oin a server side is probably not too difficult. For a Java EE engine I personally try to stick to alternatives to anything from commercial vendors such as Oracle and IBM and use Jetty as the Java EE server where possible as it has a very tiny footprint. There is also the opensource Glassfish Java EE server or Apache Tomcat Java EE server for those wanting a heavier footprint server [note: with Eclipse and Apache licenses respectively (not GPL)]. It should be noted there is at least one company providing commercial support for Glassfish (according to Wikipedia) but as a general rule you are on your own with opensource although it generally just works.

IDEs and compilers on the other hand may be an issue. There are a lot of IDEs out there that compile Java code (a useful list at https://blog.hubspot.com/website/best-java-compiler) but it is hard to determine what they use in the back-end to actually compile Java code.

It is most likely, but no guarantees, that the Java compiler packages used by most Linux systems are not provided by or directly based on anything by Oracle; that would generally be OpenJDK (jdk.java.net) and OpenJFX (https://gluonhq.com/products/javafx/) [note: OpenJDK seems to at some point feed into JavaSE non-free from Oracle (noted on the download pages on jdk.java.net that it is also available as an Oracle commercial build), not sure or care how that works but it may become an issue at some point].

Windows users will most likely have by default Oracle supplied Java runtimes and backend compilers.

I guess the key thing to note from the licensing changes is that you should avoid Oracle software because it will eventually sting you.

About mark

At work, been working on Tandems for around 30yrs (programming + sysadmin), plus AIX and Solaris sysadmin also thrown in during the last 20yrs; also about 5yrs on MVS (mainly operations and automation but also smp/e work). At home I have been using linux for decades. Programming background is commercially in TAL/COBOL/SCOBOL/C(Tandem); 370 assembler(MVS); C, perl and shell scripting in *nix; and Microsoft Macro Assembler(windows).
This entry was posted in Home Life. Bookmark the permalink.