Archive for category Network

pfSense sucks

Never use pfSense as the Gateway in production environment, sometimes you have to reboot the whole OS to fix some issues, but the reboot means serious downtime especially when there are some VPN connections between different colocations.

Just buy some professional firewall network devices…


Fix the OpenSSL Heartbleed vulnerability without upgrade

In some environments, upgrade all OpenSSL packages may not be easy, with iptables there is a solution.

iptables -t filter -A INPUT -p tcp --dport 443 -m u32 --u32 "52=0x18030000:0x1803FFFF" -j LOG --log-prefix "BLOCKED: HEARTBLEED"
iptables -t filter -A INPUT -p tcp --dport 443 -m u32 --u32 "52=0x18030000:0x1803FFFF" -j DROP


No Comments

The most wonderful way to access Facebook from China

Woo! I found the most wonderful way to access Facebook from China! It's totally free! No VPN, no web-based proxy and no software. Just need to configure your computer by two steps.

1. Configure the hosts file: /etc/hosts (Mac OS X) or C:\Windows\System32\drivers\etc\hosts (Windows) by following the ""

2. Login Facebook via https "" then enable the "Secure Browsing" on "".

Then you can enjoy the facebook!


PS: Here are the details of step 1 on Mac OS X, it's a little bit difficult than Windows:

Open "Terminal"
Input "sudo -i"
Input your own password again
Input "vi /etc/hosts"
Input "i"
Copy from ""
Press button "ESC"
Input ":wq!" 

This is just a backup, if the latest hosts cannot work, use the below instead.

Read the rest of this entry »



Hackers released the passwords of over 70 million Chinese internet accounts

In China, we have the biggest number of people on internet in the world.
But unfortunately our security technology is too bad to support this number one.

In these days, from Dec. 21st to 26th, some hackers have released the passwords of over 70 million Chinese internet accounts. Because most people just have one accounts, so that means over 70 million people have been leaked. Compare with our population, about 5%.

Because some hackers released the users' information of many Chinese famous websites' databases, including the usernames, passwords, email addresses and phone numbers etc. It was not very difficult to find those files and download them, I have downloaded most of them.

But what made me most surprise was almost every people around me, they didn't know this happened, some of them knew that but didn't believe until I showed them their own passwords.

I think this is very dangerous, because hackers just put the passwords in public, so anyone who wants to do some evil things, they have a lot of methods. And because most people use same passwords and same user names for all websites, so that's very easy to find out and get more information from other places like email, IM software and some eCommerce websites. What they have leaked, not only the passwords of those websites.

I don't know whether this is a big news in other foreign countries, but in China, I think it will be bigger after many people are hurt.

The websites which leaked the passwords I have confirmed were:
Facebook-like service - - 4,768,600
Leading IT development website - - 6,428,632
Twitter-like service - - 4,765,895
The biggest Chinese online community website - - 31,761,424
Popular online game community website - - 18,333,776
Popular online game community website - - 8,305,005
Popular online game community website - - 5,577,553
Other common websites -16,144,539 total

In the future may have more passwords leaked, now it's over 70 million. It's really a very huge number!

And from my opinion, they are not just the hackers' faults. Because most of those websites are using unencrypted passwords in the databases. That's why hackers can easily get users' passwords, if they put the passwords into database with MD5, hash or own-created algorithm, hackers can not get them so easily.

I even felt angry about the, as the leading IT development website in China, so many developers talk about the technologies on it, but it is also using unencrypted passwords like other websites in databases, really really shit!! Unforgivable! This is why when I saw their official apology to users I felt worse than before. I've given up it.

If you are a foreign visitor on my blog, any questions you can just ask me, I'd like to tell you what I know.

, , ,


Fork me on GitHub