Thursday, July 18, 2013

byteblaze.com, rackd.net, Doctor Cloud Pty Ltd scam

Domains: doctor-cloud.net, doctorcloud.com.au, byteblaze.com, rackvps.net and rackd.net
Company: Doctor Cloud Pty Ltd

Whois Details:
   Doctor Cloud Pty Ltd (92 150 259 644) 
   Domain Registration (admin@doctor-cloud.net) 
   +1.2067450886 
   Fax: +1.5555555555 
   95 Keona Road McDowall 
   Brisbane, Queensland 4053 
   AU 

Just wanted to let everyone know that I rented servers from them and they did not deliver the service. I asked for a refund but my ticket was just passed around from staff to staff. In the end it was never resolved.

If you are looking for a new host its a good idea to do a background check first. They might probably create another brand under their company name "Doctor Cloud Pty Ltd".


Wednesday, April 10, 2013

Server is offline 4/10/2013

Our server is offline because it is still under DDoS attack. The attack started at around 10:00 AM (GMT+8:00) 4/11/2013 and stopped after a few hours then the attack resumed again.


When will it stop? I don't know :) Our host is very unresponsive in offering a solution and resolving this issue so we will just temporarily redirect traffic to our blog page while we are still working on mitigating the attack.

For more updates you can visit our Facebook page:  https://www.facebook.com/pinoyden.com.ph

Thank you!

Monday, March 4, 2013

Western Union Fraud Claims



Just got my adsense earnings through Western Union, but before I can claim my money someone already cashed it out.

The Story

I went to a Western Union branch in Taguig last March 1 to claim my AdSense earnings but when I gave the payment details to the agent he said that it was already claimed. At first we thought that it was just a problem with the MTCN that Google issued. That night I submitted a report to Google using this link. At the same time we called Western Union (888-1200) and informed about the problem. They said that they would investigate and they would call us back for updates but we did not hear from them again.

So we went back to the Western Union Location this afternoon (3/4/2013). The agent already knew about our issue and he told us that someone actually picked up the money on their second branch at the same building an hour before we arrived last March 1 (WTF). They showed us the form that I supposedly filled up, It has my name on the form but with a different address, middle name, age. Strange thing is they also tried to copy my signature. The agent also showed us the scanned driver's license that they used, (The picture on the ID is not me). We requested a copy of the ID but the Western Union agents refused to.


We also searched the internet if someone is also having the same issue and we stumbled upon Yugatech's post yesterday afternoon. We had the exact same issue. His payment was also claimed last March 1st.

I believe it was an inside job. Who else can get the MTCN details aside from Google and Me. I saw the signature on the form and it was close to my signature so a compromised adsense account or a keylogger does not apply here. Whoever claimed that payment definitely saw my signature before. And the fact that the payment was claimed on the same location that I usually go to for the last 3 months is definitely suspicious.

We already filed a report to CIDG Taguig this evening. We are also going to ATCD-CIDG Camp Crame tomorrow since the officers at Taguig said that they are probably more well equipped and accustomed to crimes like this.

I would love if Abe would also file a report on this with me since they would probably take it more seriously if they get more reports about this crime. I actually do not have any hopes in retrieving the money. I am more interested now on who are the people behind this fraud but it would be better if Western Union can still give us our money back.

This is definitely a well planned crime since they have fake IDs to show and they also know my signature.

One thing to note is that the agent did not ask for more IDs since they should be more strict when they are dealing with large amount of money. Her reason is that the person said that he was already a "suki" on that branch. Well they could always fake more IDs so asking more Identification Cards is useless. The government should pass the National ID System so that it would be much harder for criminals to commit crimes. Our government and Western Union should use biometric system in verifying the identity of a person. That would be far fetched but really the government should already pass the National ID system.

I will post which branch we went to probably later, but for now I'll just keep it to myself until the investigation is not complete. Western-Union is probably  not the problem here but the people working on those branches.

The lesson here is to claim your payment immediately after you get your MTCN. I am also going to opt for "Check - Secured Express Delivery" next payment since I no longer trust Western-Union. I also wish AdSense would also offer EFT here in the Philippines.

Another interesting article: http://www.selaplana.com/2012/07/20/western-money-union-scam/#sthash.5ldsw2II.dpbs

Wednesday, February 6, 2013

configure: error: mcrypt.h not found. Please reinstall libmcrypt.

When compiling PHP on a CentOS 6 machine I always get this error
configure: error: mcrypt.h not found. Please reinstall libmcrypt.
To fix this I just add these Repos. Just choose if you are running 32bit or 64bit

*For CentOS6 32bit  
# rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm

*For CentOS6 64bit  
# rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

And then also add this
# rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-6.rpm

And then install the libmcrypt  
# yum --enablerepo=remi,remi-test install libmcrypt libmcrypt-devel

I would prefer this way since I dont want to compile the library manually and since I would also like to install the latest MySQL version which you can also install using the command below  

# yum --enablerepo=remi,remi-test install mysql mysql-server
 

Sunday, November 4, 2012

Unexpected maintenance 11/5/2012

Last month we moved our forum to a new server when the DDoS incident occured. We specifically ordered the server to be setup with a raid array. RAID (redundant array of independent disks) is a storage technology that combines multiple disk drive components into a logical unit.* This technology protects our files in case one of the drive fails preventing loss of data and gives us more time to change the failing drive. Unfortunately they did not setup the drives in raid and we only learn about this when the drive we are using failed tonight. After the drive failed our database immediately stopped working. We are now trying to recover the files onto a new drive. The retrieval process could take as long as 24hours. I know that is a very long time but we have no other option. Let's just hope that no important data is destroyed.

Thanks for your patience. :)

In the  meantime you can visit our facebook page if you want to chat with other PINOYDEN members.

Wednesday, October 31, 2012

How to change the default SSH port(22)

In this How-To we're going to walk you though changing the default SSH port on a Linux system.

The Secure Shell (SSH) Protocol by default uses port 22. Accepting this value does not make your system insecure, nor will changing the port provide a significant variance in security. However, changing the default SSH port will stop many automated attacks and a bit harder to guess which port SSH is accessible from. In other words, a little security though obscurity.

Steps to follow

Step 1: As root, use your favorite text editor (vi) to edit the sshd configuration file.
vi /etc/ssh/sshd_config

Step 2: Edit the line which states 'Port 22'. But before doing so, you'll want to read the note below. Choose an appropriate port, also making sure it not currently used on the system.
# What ports, IPs and protocols we listen for
Port 50683


Note: The Internet Assigned Numbers Authority (IANA) is responsible for the global coordination of the DNS Root, IP addressing, and other Internet protocol resources. It is good practice to follow their port assignment guidelines. Having said that, port numbers are divided into three ranges: Well Known Ports, Registered Ports, and Dynamic and/or Private Ports. The Well Known Ports are those from 0 through 1023 and SHOULD NOT be used. Registered Ports are those from 1024 through 49151 should also be avoided too. Dynamic and/or Private Ports are those from 49152 through 65535 and can be used. Though nothing is stopping you from using reserved port numbers, our suggestion may help avoid technical issues with port allocation in the future.

Step 3: Switch over to the new port by restarting SSH.
/etc/init.d/ssh restart

Step 4: Verify SSH is listening on the new port by connecting to it. Note how the port number now needs to be declared.
ssh username@hostname.com -p 50683

Note: If you have a firewall installed on your system, make sure to  also open the port you want to use in the firewall to prevent yourself from getting locked out of the system.

Thursday, October 18, 2012

Get memory usage of a process under Linux

Finding out the memory usage of a process under Linux can be a bit confusing. That is because Linux doesn’t have one number for a process’ memory usage.

It has a bunch of different figures for a process’ memory usage! The different numbers include or exclude the virtual memory or swap usage that does not count towards a process’ physical memory usage.

The number that tells you the physical memory or main memory usage is the resident set size. You can see the resident set size for a process using this command:

ps -C <process name> -O rss

For example on CentOS you can find out the process size of the Apache processes using this command:

ps -C httpd -O rss

The output should be like this:

  PID   RSS S TTY          TIME COMMAND
 7409 23740 S ?        00:00:00 /usr/sbin/httpd
 7416  5484 S ?        00:00:00 /usr/sbin/httpd
 7903  8580 S ?        00:00:30 /usr/sbin/httpd

The RSS column tells you the amount of non-swaped physical memory the process is using in KB. At least that is the theory. Often parts of physical memory are shared between processes so the numbers don’t always add up. In fact most processes use shared libraries that are only loaded into memory once and shared among all processes that use them. To find out the amount of non-shared memory a process is using you use this command:

ps -C <process-name> -O size

You will get output like this:

PID    SZ S TTY          TIME COMMAND
 7804 20964 S ?        00:00:02 /usr/sbin/httpd
 7835 12692 S ?        00:00:00 /usr/sbin/httpd
 7903  3024 S ?        00:00:30 /usr/sbin/httpd

The SZ column tells you the amount of private memory a process is using in kilobytes.

But how to find out exactly how much RAM a set of processes like Apache are using? Well the answer is that it’s complicated. I try to estimate memory usage using this script:

#!/bin/bash
ps -C $1 -O rss | gawk '{ count ++; sum += $2 }; END {count --; print "Number of processes =",count; print "Memory usage per process =",sum/1024/count, "MB"; print "Total memory usage =", sum/1024, "MB" ;};'

Save it as psmem.sh and run it like this:

[admin@serve3 ~]$ psmem httpd
Number of processes = 3
Memory usage per process = 9.83464 MB
Total memory usage = 29.5039 MB
Source: http://abdussamad.com/