UFONET – Open Redirect DDoS tool

UFONet is an open redirect DDoS tool designed to launch attacks against a target, using insecure redirects in third party web applications, like a botnet. Obviously, only for testing purposes.

The tool abuses OSI Layer 7-HTTP to create/manage ‘zombies’ and to conduct different attacks using; GET/POST, multi-threading, proxies, origin spoofing methods, cache evasion techniques, etc.

Definition of an “Open Redirect”:

An http parameter may contain a URL value and could cause the web application to redirect the request to the specified URL. By modifying the URL value to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials. Because the server name in the modified link is identical to the original site, phishing attempts have a more trustworthy appearance.



Load balancing and proxy for Riak-CS

From the basho.com official website – on their technical documentation – we are recommended to place Riak CS behind a load-balancing or proxy solution. Riak CS should not directly expose to public-facing network interfaces.

Today I have managed to make HAPROXY work together with Riak CS as my load-balancing and proxy.

For detail documentation please refer to this link:


You can use my configuration as a reference too.

Please do not forget to edit your /etc/haproxy/gip.lst by inserting your allowed IPs

log local0
log local1 notice
maxconn 256000
spread-checks 5

log global
option dontlognull
option redispatch
option allbackups
no option httpclose
retries 3
maxconn 256000
timeout connect 5000
timeout client 5000
timeout server 5000

frontend riak_cs
# Example bind for SSL termination
# bind ssl crt /opt/local/haproxy/etc/data.pem
mode http
option httplog
capture request header Host len 64
acl good_ips src -f /etc/haproxy/gip.lst
block if !good_ips
use_backend riak_cs_backend if good_ips

backend riak_cs_backend
mode http
balance roundrobin
# Ping Riak CS to determine health
option httpchk GET /riak-cs/ping
timeout connect 60s
timeout http-request 60s
server riak-cs weight 1 maxconn 1024 check
server riak2 r1s02.example.com:8081 weight 1 maxconn 1024 check
server riak3 r1s03.example.com:8081 weight 1 maxconn 1024 check
server riak4 r1s04.example.com:8081 weight 1 maxconn 1024 check
server riak5 r1s05.example.com:8081 weight 1 maxconn 1024 check

Nagios plugin!

This plugin allows a web page address to be taken and then checked for given text. A Linux news page can therefore be checked for any virus or hacking news.
Details of usage are in the script itself.

#       AUTHOR - Raman Sailopal
#       Script to check web page for news alerts i.e. viruses or hacks
if [ "$#" != "4" ]
        echo "usage: ./newschk.sh -p \"http://www.linux-magazine.com/Online/News\" -t \"Virus\""
if [ "$1" != "-p" ] || [ "$3" != "-t" ] && [ "$1" != "-t" ] || [ "$3" != "-t" ]
         echo "usage: ./newschk.sh -p \"http://www.linux-magazine.com/Online/News\" -t \"Virus\""
if [ "$1" == "-p" ]
elif [ "$3" == "-p" ]
if [ "$1" == "-t" ]
elif [ "$3" == "-t" ]
resp=$(curl -s $payge | grep -i $txt)
if [ "$(echo $resp)" == "" ]
        echo "No News"
        exit 0
        echo "News Alert - Go to $payge"
        exit 2

Raspberry Pi vs Gumstix

I have received Gumstix Robovero to play around with. On top of from the picture is Raspberry Pi B and from Gumstix Robovero at the bottom.

ImageWith a RoboVero featuring a standalone ARM® Cortex™-M3 driven LPC1769 microcontroller and a Wifi/Bluetooth-enabled Overo AirSTORM computer-on-module running Ubuntu with Robot Operating System (ROS), the Gumstix Robotics Development Kit makes it quick and easy to get started on your robotics project. Featuring many header pins and the ability to drive the microcontroller independently via a HubCommander™ interface, the Robotics Development Kit is ideal for motor control applications.