dopetalk

Technology => Technical Stuff => Topic started by: Chip on August 24, 2015, 07:00:41 PM

Title: We Need Some php + SQL Code Written
Post by: Chip on August 24, 2015, 07:00:41 PM
any competent software developers out there in junkie-land ?
Title: Re: We Need Some php + SQL Code Written
Post by: Chip on August 24, 2015, 08:46:58 PM
from most recent to oldest

Chipper: ... with the members names too, of course
40mgtofreedom: im good at modifying code, piping things, using the tools
Chipper: 40, i need to list and out sort all IP's first, that should be heaps of help, right ?
40mgtofreedom: you're a better programmer than i
40mgtofreedom: dude i just copped 20 1mg Klonopins and 840mg of methadone
40mgtofreedom: its weird this scrolls upwards lol
40mgtofreedom: of course i would never damage or change a thing
40mgtofreedom: btw would you like me to keep looking for security holes?
Chipper: 40, i wrote a PM and VM dumper in php and that's my anti-solicitation weapon (not to mention the same DB on MY intranet's unsecured TEST system)
40mgtofreedom: or get the ip address and get the first 11 chars (9 numbers and 2 periods i.e. 100.100.100) and see if thats equal to the other class C subnet then tell if the last octets are changing, but really ppl have static ips or semi static these days
Chipper: 40, it's going to be a combination of php and scripting, i reckon - i just have to pipe the output of my php sql query into "sed" or something
40mgtofreedom: but theres tor exit nodes, a million vpns, proxies which are pretty much worthless (proxies these days)
40mgtofreedom: im sure theres a blacklist back there somewhere right? first of all get a copy of like kasperspys bad ip/spam ranges, maybe one from malware bytes and just ban the fuck out of those ranges, if someone is banned give them a gateway to email a mod to analyze them on case by case basis
40mgtofreedom: but bash to php???? lol not so good
40mgtofreedom: i can do i in bash
40mgtofreedom: but writing it from scratch....
40mgtofreedom: as far as php, find a script that does it and i can tell you whether or not its secure code and modify it
Title: Re: We Need Some php + SQL Code Written
Post by: 40mgtofreedom on August 24, 2015, 08:51:35 PM
ok so the ip in question is assigned a variable and then compared against a sorted blacklist.... if it falls in the end or beginning you can even run the sort backwards or forwards

dude what kind of firewall are you running, are all these things running on one box>?? i really need more info like setup, whats running what, how you get ips, etc..
Title: Re: We Need Some php + SQL Code Written
Post by: 40mgtofreedom on August 24, 2015, 08:54:13 PM
you could put pfsense on literally any computer 486 and up and let it be the firewall in front of the webserver, are you running apache???

pfsense has amazing rules, and its intelligent, like what you're talking about writing is pretty much written in there, you just gotta guide and tweak what youre looking for
Title: Re: We Need Some php + SQL Code Written
Post by: 40mgtofreedom on August 24, 2015, 08:56:41 PM
can you draw me a diagram like in mspaint or gimp or something that just shows basic layout of machines and whats running on them, wiring diagram so i can get a picture of how the traffic is flowing
Title: Re: We Need Some php + SQL Code Written
Post by: 40mgtofreedom on August 24, 2015, 08:59:07 PM
also on the list sorting with php you can always use the endswith() and startswith() especially for the ends with
Title: Re: We Need Some php + SQL Code Written
Post by: Chip on August 24, 2015, 09:01:09 PM
it's packed with utilities, lots of scripts i wrote to help me, monitoring tools and performance monitors, network monitors etc.. it's got everything almost i could throw at it - do you want ?:

[root@forum SQL]# chkconfig --list
amavisd         0:off   1:off   2:off   3:off   4:off   5:off   6:off
auditd          0:off   1:off   2:on    3:on    4:on    5:on    6:off
blk-availability        0:off   1:on    2:on    3:on    4:on    5:on    6:off
cgconfig        0:off   1:off   2:off   3:off   4:off   5:off   6:off
cgred           0:off   1:off   2:off   3:off   4:off   5:off   6:off
clamd           0:off   1:off   2:off   3:off   4:off   5:off   6:off
clamd.amavisd   0:off   1:off   2:off   3:off   4:off   5:off   6:off
crond           0:off   1:off   2:on    3:on    4:on    5:on    6:off
cups            0:off   1:off   2:on    3:on    4:on    5:on    6:off
dovecot         0:off   1:off   2:on    3:on    4:off   5:on    6:off
fail2ban        0:off   1:off   2:off   3:on    4:on    5:on    6:off
htcacheclean    0:off   1:off   2:off   3:off   4:off   5:off   6:off
httpd           0:off   1:off   2:on    3:on    4:off   5:on    6:off
icinga          0:off   1:off   2:on    3:on    4:on    5:on    6:off
ip6tables       0:off   1:off   2:on    3:on    4:on    5:on    6:off
ipset           0:off   1:off   2:on    3:on    4:on    5:on    6:off
iptables        0:off   1:off   2:on    3:on    4:on    5:on    6:off
iscsi           0:off   1:off   2:off   3:on    4:on    5:on    6:off
iscsid          0:off   1:off   2:off   3:on    4:on    5:on    6:off
lvm2-monitor    0:off   1:on    2:on    3:on    4:on    5:on    6:off
mailman         0:off   1:off   2:on    3:on    4:off   5:on    6:off
mdmonitor       0:off   1:off   2:on    3:on    4:on    5:on    6:off
messagebus      0:off   1:off   2:on    3:on    4:on    5:on    6:off
multipathd      0:off   1:off   2:off   3:off   4:off   5:off   6:off
mysqld          0:off   1:off   2:on    3:on    4:off   5:on    6:off
named           0:off   1:off   2:off   3:off   4:off   5:off   6:off
netconsole      0:off   1:off   2:off   3:off   4:off   5:off   6:off
netfs           0:off   1:off   2:off   3:on    4:on    5:on    6:off
network         0:off   1:off   2:on    3:on    4:on    5:on    6:off
nmb             0:off   1:off   2:off   3:off   4:off   5:off   6:off
ntop            0:off   1:off   2:off   3:off   4:off   5:off   6:off
ntpd            0:off   1:off   2:off   3:off   4:off   5:off   6:off
ntpdate         0:off   1:off   2:off   3:off   4:off   5:off   6:off
portreserve     0:off   1:off   2:on    3:on    4:on    5:on    6:off
postfix         0:off   1:off   2:on    3:on    4:on    5:on    6:off
postgresql-9.2  0:off   1:off   2:off   3:off   4:off   5:off   6:off
postgresql-9.3  0:off   1:off   2:on    3:on    4:on    5:on    6:off
pure-ftpd       0:off   1:off   2:on    3:on    4:off   5:on    6:off
rdisc           0:off   1:off   2:off   3:off   4:off   5:off   6:off
restorecond     0:off   1:off   2:off   3:off   4:off   5:off   6:off
rsyslog         0:off   1:off   2:on    3:on    4:on    5:on    6:off
saslauthd       0:off   1:off   2:on    3:on    4:on    5:on    6:off
smb             0:off   1:off   2:on    3:on    4:on    5:on    6:off
snmpd           0:off   1:off   2:off   3:off   4:off   5:off   6:off
snmptrapd       0:off   1:off   2:off   3:off   4:off   5:off   6:off
spamassassin    0:off   1:off   2:off   3:off   4:off   5:off   6:off
sshd            0:off   1:off   2:on    3:on    4:on    5:on    6:off
svnserve        0:off   1:off   2:off   3:off   4:off   5:off   6:off
udev-post       0:off   1:on    2:on    3:on    4:on    5:on    6:off
webmin          0:off   1:off   2:on    3:on    4:on    5:on    6:off
winbind         0:off   1:off   2:off   3:off   4:off   5:off   6:off
xinetd          0:off   1:off   2:off   3:on    4:on    5:on    6:off
zabbix-agent    0:off   1:off   2:off   3:off   4:off   5:off   6:off
zabbix-java-gateway     0:off   1:off   2:off   3:off   4:off   5:off   6:off
zabbix-server   0:off   1:off   2:off   3:off   4:off   5:off   6:off

i have some manual starts too.

the classic LAMP base.

... later, i config'ed and autostart service spamassassin start
Title: Re: We Need Some php + SQL Code Written
Post by: Chip on August 24, 2015, 09:01:58 PM
also on the list sorting with php you can always use the endswith() and startswith() especially for the ends with

i was thinking the SQL sort ...
Title: Re: We Need Some php + SQL Code Written
Post by: Chip on August 24, 2015, 09:02:41 PM
let me have a poke around. i'm an IBM guy so all this is still quite new to me.
Title: Re: We Need Some php + SQL Code Written
Post by: shirobug on August 28, 2015, 03:36:59 AM
It's not entirely clear to me what you're looking for, but I know PHP and SQL so could probably lend a hand.

I saw some mention of trying to match a single IP address with a CIDR block.  That's pretty easy to do, see StackOverflow here:

http://stackoverflow.com/questions/594112/matching-an-ip-to-a-cidr-mask-in-php5

Also, if you are talking about blocking bad IP's, you could do all that the operating system level with iptables:

iptables -I INPUT -i eth0 -s 1.2.3.4 -j DROP
Title: Re: We Need Some php + SQL Code Written
Post by: Opus on August 28, 2015, 04:16:42 AM
webmin??

wow..

Chipper, brother, you gotta be careful about what you post openly, that's just simply too much information.. Plz be careful, not everyone has as big of a heart as you..

added: why run postgres when already running mysql?
Title: Re: We Need Some php + SQL Code Written
Post by: Chip on August 28, 2015, 08:25:23 AM
it was part of the audit tool you mentioned to me.

i forget it's name now.

i am aware of it but decided to keep it.

i like webmin - it's handy for mail but i do understand the dangers.

yeah, i'm a trusting guy, too much so.
Title: Re: We Need Some php + SQL Code Written
Post by: Opus on August 28, 2015, 08:50:25 AM
Server auditing should be done from a separate box.

What if the server had already been rooted? You likely wouldn't be able to trust *anything* the kernel told you in the first place, an audit might be completely worthless.

There are tools out there for finding rootkits on a local machine, but really it's best to run a minimum of software & services (especially stuff like databases) on any production server, for both security and performance reasons. I'd recommend finding a cheap used laptop to dedicate for admin/auditing purposes..

Title: Re: We Need Some php + SQL Code Written
Post by: Chip on August 28, 2015, 09:08:26 AM
now you tell me ! (Doh!).

i have installed RKHunter and so far, so good.

i got carried away and installed all sorts of crap. too late now, i guess.
Title: Re: We Need Some php + SQL Code Written
Post by: Opus on August 28, 2015, 09:11:48 AM
Nah, not too late at all. Just shutdown/remove the shit you don't need and find a cheap box to dedicate for admin tasks..

You're doing fine buddy.
Title: Re: We Need Some php + SQL Code Written
Post by: Chip on August 28, 2015, 09:15:59 AM
i'm too worried about removing stuff and i don't have access to another virtual server unless i pay.

thanks for the encouragement.

i'll leave it be for now but thanks for the solid advice.
Title: Re: We Need Some php + SQL Code Written
Post by: somnambule on September 11, 2015, 11:19:23 AM
I'm late to this thread, and maybe you have it sorted already, but....  You looking for PHP/MySQL help particularly for blocking ip ranges, right?  Cuz'. if you have root access (and aren't on a cheap virtual host or something), why not do thissimply through IP tables. 

Something like this to block a whole subnet:
Code: [Select]
iptables -A INPUT -s 192.168.100.0/24 -j DROP
I just stumbled onto this site which creates country specific IP ranges for blocking.  It seems really spot on, even generates P tables rules.

If you can't use iptables, you can always do something similar using .htaccess.  This way you don't need to add much of anything to the box.

Title: Re: We Need Some php + SQL Code Written
Post by: Chip on September 11, 2015, 12:23:21 PM
we have our own server.

your suggestion is valid but the SMF software also supports ranges too.

I'm going to sit on this one and cross that bridge when I come to it.

my current problem is that I have made so many mods to the software that removing them is now near impossible unless I rebuild it.

so I have opted for a freeze on mods as they are also starting to conflict.

I was aiming for as close as possible functionality with Opiophile so users could move between the two systems with relative ease.
Title: Re: We Need Some php + SQL Code Written
Post by: _Enduser on September 11, 2015, 09:47:04 PM
Quote
I'm late to this thread, and maybe you have it sorted already, but....  You looking for PHP/MySQL help particularly for blocking ip ranges, right?

Uh oh, what did I do wrong?

 :'( :'( :'( :'( :'( :'( :'( :'( :'( :'( :'( :'( :'( :'( :'( :'( :'( :'( :'( :'(
Title: Re: We Need Some php + SQL Code Written
Post by: Chip on September 12, 2015, 11:50:49 AM
Nothing at all, silly.

I wanted to weed out any non-administrative duplicate members in the future and perhaps restrict any banned members from sneaking back in.

just for the future ... everybody is cool so far.
Title: Re: We Need Some php + SQL Code Written
Post by: newphone on July 09, 2016, 10:40:42 PM
I'm not volunteering to do anything, but you should really use some sort of configuration management tools like puppet or chef to configure the server. That way you can tear it down and rebuild easily. I am a software developer, a systems developer with a background in web development too, but I do enough of that stuff at my day job.
Title: Re: We Need Some php + SQL Code Written
Post by: Chip on July 10, 2016, 02:37:35 AM
if I had to rebuild it then putting on the near 100 mods. is the main issue - i run a mirror of the forum at home and update it frequently plus I have copies of all the settings of CentOS /etc libs etc.

Right now, we image the server weekly and at worst it can be simply restored from it. A rebuild is something that will have to be done when the disk space fills up.
SimplePortal 2.3.6 © 2008-2014, SimplePortal