FMP24 with Linux and Wine

[lwvmobile]

On the CEM web interface, any way to disable the flashy shiny bits for a more conservative interface. I noticed when I was testing the idea of setting up an old laptop/computer/pi that pulling up the CEM web interface brought my Core 2 Duo computers to their knees. Not sure if its just one specific element, i.e. the changing colors, or some other element. I don't suppose you have an alternate CSS file for basic plane jane low powered computers/SBC systems.

 

[lwvmobile]

With this theme, it was idling at 24% CPU usage, which I think is just because its shuffling through style colors or something.

 

[ianb]

I'll try to provide a non-animated or less resource intensive version that loads by default and a menu option to enable changing backgrounds etc. I myself am unsure if I like how it looks at times as it's harder to remember which colours mean what as many colours keep changing.

You can disable the animation by commenting out this line in css/index.css

animation: animation-background 123s 1s infinite;

In other terms of performance. I was having very slow login issues and it turned out to be connecting to websocket was slowed when parsing large log files, which I've now fixed in the coming update. Then, I had some weird connections from Iran, Russia, South Korea, China on port 8080 that slowed things down, it may have been a brute force attack, but I didn't log much detail. CEM terminal output now contains any connection attempt with colour coding for rapid identification of bad actors, including their IP.

 

[lwvmobile]

I'll try to provide a non-animated or less resource intensive version that loads by default and a menu option to enable changing backgrounds etc. I myself am unsure if I like how it looks at times as it's harder to remember which colours mean what as many colours keep changing.

You can disable the animation by commenting out this line in css/index.css

animation: animation-background 123s 1s infinite;

Thanks. I'll check it out and try it out next time I get to messing around with it. See how it works out and report back on its effectiveness.

Then, I had some weird connections from Iran, Russia, South Korea, China on port 8080 that slowed things down, it may have been a brute force attack, but I didn't log much detail. CEM terminal output now contains any connection attempt with colour coding for rapid identification of bad actors, including their IP.

I don't doubt it. You left your DDNS address all over that github code. Then again, it could have also just been random. I used to have a few different web domains back in the mid 2000s for a few personal project websites, and it wasn't uncommon to find my Wordpress or whatever other code I had downloaded to use as a site defaced from hackers in Turkey or something. I actually got a kick out of it, because I was just surprised somebody would want to even bother to deface a website that got less that 100 views a month anyways.

 

[ianb]

Thanks. I'll check it out and try it out next time I get to messing around with it. See how it works out and report back on its effectiveness.



I don't doubt it. You left your DDNS address all over that github code. Then again, it could have also just been random. I used to have a few different web domains back in the mid 2000s for a few personal project websites, and it wasn't uncommon to find my Wordpress or whatever other code I had downloaded to use as a site defaced from hackers in Turkey or something. I actually got a kick out of it, because I was just surprised somebody would want to even bother to deface a website that got less that 100 views a month anyways.

Interesting story and I'm not sure why they would deface a small page either. Perhaps some technical troll satisfaction. I do like having some challenge with security and these connections get me rather excited. Some of the more known IP's I setup firewall ranges for the whole block as I don't visit these countries. It would be nice to see what things I have missed in regard to the security realm as they say "We Don’t Know What We Don’t Know".

How I started to notice these connections on port 8080 was when a client authorisation is rejected the connection was not explicitly closed, but return was called so code execution stopped, but I believe the connection would then sit in a idle state for a bit. I've fixed it to now immediately close when rejected for any reason.

 

[lwvmobile]

Well, if nothing else, those unknowns are giving you some penetration testing that you can rectify. I think why people randomly get targeted like that is there are either known exploits for things like Rachet, Apache2, etc or even popular web code like Wordpress, Joomla, and Forum Code. I had a friend back in college who taught himself how to code in Perl and then he started making a ton of money by writing security exploits for a firm that did penetration testing. He randomly showed me one day how he could use some code he wrote to cause some sort of over flow on a Windows Server and get the calculator to open on the desktop. A lot of his job then became just doing security audits for big business by taking known exploits and writing code so he could test entire networks.

 

[ianb]

I really admire that sort of talent and when coupled with honesty it can better the world and web. It is sometimes safer when vulnerabilities are patched before public news statements otherwise a greater majority of people will be able attempt infiltration. I'm glad that at least the project is not mission critical for me so I can use it as a learning experience while trying to maintain a secure solution.