Some cloud/VPS/bare-metal server companies are good at handling abuse complaints

It has been my experience that most companies which provide virtual private servers (VPS), bare-metal servers, web hosting, or other cloud services are incompetent at handling abuse complaints. Some of those companies never even respond to an email to their published abuse email address. Others send an automated reply telling you to use their web browser URL to report the abuse (fuck that). And a few are outright antagonistic towards abuse reports (see my articles about aventice.com and ovh.net for examples).

So I was pleasantly surprised when an abuse report to HostGator.com resulted in this reply:

We have identified the culprit account and a cleaning has been initiated. The shell used for this specific attack has already been removed. Please notify us of any further issues identified on our network.

Cordially, 

[name redacted]
Security Administrator 
HostGator.com LLC 
http://support.hostgator.com 

That type of response is exceedingly rare. If the rest of the HostGator organization is that competent I would highly recommend the company to anyone needing computer hosting. Almost as rare is a generic “we have investigated your report and taken appropriate action” response. Amazon Web Services (AWS) is typical of that type of response.

Far more common is no response whatsoever. Or no “abuse@” email address. Or an “abuse@” email address that is invalid (i.e., messages to it bounce). Or, most annoying of all, is a response that tells me to use their web (i.e., HTTP browser) interface to submit my report.

P.S., As I was writing this article I received another exceedingly rare competent reply to an abuse report from UberGlobal cloud hosting:

Hi Kurtis,

Sorry for the delay in responding

Thank you for emailing in. We have found a compromised WordPress account which was being used to launch outbound attacks. This account has now been disabled and will be cleaned to prevent further issues.

If you detect any other attacks, please let me know.

Perhaps there is hope for the Internet.

New malware guessing credentials via “POST /xmlrpc.php” attacks with odd User-agent values

One week ago I started seeing password guessing attacks using “POST /xmlrpc.php” requests. Yes, that type of attack has been happening since WordPress was first released to the public. What made the recent attacks unique is that they include a “User-agent” header. Something that is exceedingly rare. Even more interesting is that the user-agent values are all from this list:

Poster
Windows Live Writer
WordPress
wp-windowsphone
wp-iphone
wp-android

Those are the literal values. They do not include any other prefix or suffix strings. I saw the first attack from this new vector on 2015-08-28T21:50:03 UTC. Looking at my logs (which go back six months) there has never been a single request with those user-agent values prior to 2015-08-28. So I’ve added those to my list of blacklisted user-agent values.

All of the sources appear to be from cloud/VPS/hosting providers which tells us that this malware targets server apps for infection rather than personal computer apps.

The FRC wants you to “Help free Kim Davis from jail”

Todays I received the following email from the Family Research Council (FRC) headed by Tony Perkins. A theocratic grifter of some renown.

Kim Davis is the county clerk in Rowan County, Kentucky. She has been jailed by a federal judge for refusing to issue a marriage license to a same-sex couple. And Kentucky Governor Steve Beshear (D) wants to keep her there.

Gotta love the gratuitous swipe at a Democratic governor. Especially since he has no control over whether Ms. Davis is in jail or for how long. Also, she wasn’t jailed for refusing to issue a marriage license to a same-sex couple. She was jailed for contempt of court.

Her refusal is based on her belief that God has ordained marriage as the union of one man and one woman. Regardless of the recent Supreme Court decision claiming same-sex marriage is a constitutional right, Kim is standing on a higher law, one she believes derives not from the decision of any court but from the hand of our Creator.

Apparently the FRC believes that everyone should be able to flout civil law if they hold a belief incompatible with that law. Not to mention all the people who want to be paid to do jobs that conflict with their deeply held religious beliefs. What do you want to bet that they will hastily modify that assertion once it is pointed out that by their reasoning

a) A Protestant paramedic can refuse to give aid to a Catholic and vice-versa.

b) A Muslim working at the DMV should be able to refuse to give a drivers license to women.

c) A Hindu working at McDonalds should be able to refuse to cook or serve hamburgers.

d) An Amish bus driver should be able to refuse to drive busses but still be paid.

Etcetera.

Our Constitution guarantees Kim Davis the right to practice her faith. It's called "freedom of religion," and is the first freedom listed in the Bill of Rights.

Yes, Ms. Davis is free to practice her faith. She can attend the church of her choosing as often as she wishes. She can give that church as much of her $80K/year salary as she wishes. She is free to read and write about her religion without government interference. What that right does not include is violating civil law and refusing to do the job for which she is paid.

The couple demanding she issue them a marriage license claims Kim's exercise of her freedom of religion has imposed a burden on them. Yet they have had many other options for obtaining a license and have, in fact, now gotten one.

Irrelevant point. Also disingenuous. Ms. Davis’ behavior imposes an unreasonable burden on the members of her community she is obligated to serve.

Apparently Kentucky Governor Steve Beshear is more concerned with imposing a moral and personal burden on Kim Davis than he is with accommodating her deeply-held Christian convictions. So, he is keeping her in jail.

Yawn. Repeating a tiresome lie doesn’t make it true. A federal judge is keeping her in jail. You’re asking that Gov. Beshear provide her a “get out of jail free” card.

This is wrong. We jail criminals, not people of conscience. We penalize wrong-doers, not people who simply decline a service for moral reasons -- a service which is readily available in other places.

We do jail people of conscience. All the fucking time. People who protested the Vietnam war were jailed. People who protest nuclear war are jailed. And by telling a federal court she won’t abide by their ruling in a matter she has committed a crime known as “contempt of court”. What the FRC really means is that Christians shouldn’t be jailed for following “biblical law”. But only the parts of biblical law they feel like following. Not those other bits like killing adulterers (I’m looking at you Ms. Davis) or people who work on the sabbath.

American Christians need to stand with Kim Davis's right to stand by her religious convictions. You can help by signing our petition below to Kentucky Governor Steve Beshear asking him to issue an accommodation to Kim Davis allowing her to live and work according to her beliefs…

I followed that link. A full 48 hours after I received the FRC’s email they had 32,158 signatures including mine. Yawn. And, of course, the petition page had the obligatory prominently placed “DONATE NOW!” button. Grifters gotta grift.

Video of my dogs playing while I play with my new Canon 5D Mark III camera

Recently my next door neighbor acquired a female puppy. My two male dogs have been having a great time playing with the puppy. I finally grabbed my expensive Canon 5D Mark III DSLR camera, put the 50mm lens on it, and recorded the dogs playing a couple of nights ago. This is the first time I’ve used the video feature of the camera and was pleasantly surprised. Especially since it was late evening and the light level was low. The videos I’ve embedded below are approximately half the resolution of the original.

This video includes another neighbor’s dog, buddy, a Boston Terrier, who stopped by unexpectedly.

Here we see Cronut, my neighbor’s puppy, playing with Hank, my Chihuahua/Terrier mix. The Black Lab/Basset Hound mix that is only interested in the tennis ball is my other dog Junior.

Here we have two children who regularly come by to play with the dogs make an appearance.