I Caught A Harvester!

I’ve been running a honey pot for a while, and found this in my inbox this morning…

Nick —
Regardless of how the rest of your day goes, here’s something to be happy
about — today a honey pot you installed successfully identified a
previously unknown email harvester (IP:

This is a nice thing to find, I’m looking forward to catching some more inter-twats over the Christmas period :)

Bad Behaviour and Akismet Blocked Counters for WordPress

The Bad Behaviour plug-in for WordPress comes with a weekly counter in the admin dashboard, but do you want a wicked footer like mine?

106,386 dodgy geezas have been blocked by Bad Behaviour and 36,926 spams were eaten by Akismet.

Akismet comes with a counter you can use in themes/plugins…

$akcount = get_option('akismet_spam_count');
$akcount = number_format($akcount);
echo $akcount;

But with Bad Behaviour you have to do a little more work. To start with you need to get BB to record in the database each time it blocks someone, this is done by adding a function to ~/wp-content/plugins/bad-behavior/bad-behavior-wordpress.php , add the following code…..

// Bad Behavior callback functions.
function  bb2_banned_callback() {

        $counter = get_option('bad_behavior_spam_count');
        $counter = $counter + 1;
        update_option( 'bad_behavior_spam_count', $counter );


Now BB will store an incrementing number in the WP database for you to use in your theme..

$bbcount = get_option('bad_behavior_spam_count');
$bbcount = number_format($bbcount);
echo $bbcount;

Now you can track how many inter-twats your blocking!

links for 2008-12-15


[ # ]

Multiple SYSLOG Receivers with a Cisco NAC Appliance Manager (CAM)

According to Cisco’s documentation on configuring syslog on a CAM, you can only forward the NAC logs to a single external log server. If you’re willing to get down and dirty with the Linux operating system underneath, then this document will show you that this is simply not the case.

To get started, tweak the default logging settings within the NAC web interface, this screen-shot shows I’m sending the syslog to the local host as local6 messages, this change will send a copy of the “normal” NAC event logs to the localhost syslog server.

Next we need to enable the localhost syslog server; the CAM is build upon a Fedora image, so the SYSLOG daemon is already running it’s just not listening on UDP 514 (thus not yet receiving the logs configured above). Change /etc/sysconfig/syslog , the line:

Now that the local daemon is recieving the files we need to change /etc/syslog.conf, here we will make two changes, One: we will write a copy of the NAC events to disk – this will allow us to see what events the “NAC application” is sending. The second change we’ll make is the forwarding configuration, we will put in two lines (for both our syslog hosts) so that we send forward the syslogs to two different servers – which was our original intention :)
Add the following lines to /etc/syslog.conf :

# Log Messages sent from Cisco NAC Application to dedicated File
Local6.*	/var/log/CiscoNAC.log

# Forward all syslog messages to host1
*.* 	@loghost1
# Forward all syslog messages to host2
*.* 	@loghost2

*NOTE: loghost1 & loghost2 need to be resolvable via DNS or in /etc/hosts !!

Finally restart the syslog daemon /etc/init.d/syslog restart

It’s good practice once we’ve made changes to clear up after ourselves, these are some option steps you can take.

Add /var/log/CiscoNAC.log to logrotate, so that it doesn’t just grow and grow until you run out of disk space. This is done by editing /etc/logrotate.d/syslog before /var/log/messages insert /var/log/CiscoNAC.log

You may also want to compress your syslogs, edit /etc/logrotate.conf and uncomment the word compress (remove the “#”) .

Important Note
When performing NAC upgrades, Cisco provide operating system package upgrades & changes, it’s important to check that after an upgrade this config changes still exist, also I take no responsibility for Cisco’s TAC not wanting to support you because of the changes made!

Changing the twitter tools update interval

I use twitter tools to post my twitter tweets to my blog; the thing is that twitter can sometimes slow down or break completely, this in turn kills wordpress.

To improve things I’ve changed how often I check twitter, you can do the same by editing the plugin file (wordpress/wp-content/plugins/twitter-tools/twitter-tools.php), see below for a code snippet…

function tweet_download_interval() {
#return 1800;
return 14400;


MARS: Zone product or package version does not match

I’ve been having problems getting my Cisco MARS Local and Global controllers to synchronise their topologies. This error message vexed me for a few days, but thankfully Cisco’s TAC solved it for me.

If you read Ciscos troubleshooting guides they will tell you to check that the MARS Local & Global controllers are running the same version, and to check that the SSL certificates are copied/pasted correctly.

If after checking the above Cisco recommendations and the additional basics ( network connectivity / ntp / timezones etc) check that both MARS boxes are running and have downloaded the same version of IPS signatures; under Admin -> IPS Signature Dynamic Update Settings -> Update Now.

It fixed the problem for me!

phpbb_recent_topics version 0.4.1

UPDATE: This Plugin has been updated, please download the update from http://wordpress.org/extend/plugins/phpbb-recent-topics/, and please comment on the new post, thanks.

This is a small update, it incorporates the patch submitted by toni to fix the widget, thanks toni :)

The old information still applies…

phpBB Recent Topics Admin interface in WordPress
Admin GUI

If you’re happy with v0.4 and have it running fine then don’t bother, in fact edit phpbb_recent_topics.php so that WordPress stops complaining about finding a newer version.

Download phpBB_Recent_Topics_0.4.1 from wordpress.org

What’s New?

  • The widget patch mentioned above!

What’s Old?

  • Most importantly I have tested this plugin with phpBB3 and WP2.5 so I’ve updated the readme.txt to reflect this.
  • I finally quashed the install bug where by phpbb-recent-topics was confused with phpbb_recent_topics.
  • Sidebar Widget, yus for all you non-php people you have a widget to play with.
  • Edit the Time & Date layout – leave blank to remove it completely

The Installation

  • Unzip phpbb_recent_topics.tgz in your `/wp-content/plugins/` directory. (You’ll have a new directory, with this plugin in /wp-content/plugins/phpbb_recent_topics)
  • Activate the plugin through the ‘Plugins’ menu in WordPress
  • Configure the plugin, you need to tell wordpress about phpbb, this is done in the wordpress menu ‘Settings’ -> ‘phpBB Recent Topics’
    The following Settings are required:

    • * The name of your phpBB database (e.g phpbb)
    • * The name of the table where topics are held (the default is phpbb_topics )
    • * The full url of your forum for links (e.g. http://www.mydomain.com/forum)
    • * The number of topics to show. (If left blank you get 5)
    • * The Date Formatting, i.e. “d/M/y – g:i a” similar to the WordPress “General Settings”
  • Hit ‘Update Options”
  • To output the list of topics in a page or post…
    • * create a new page/post, type {phpbb_recent_topics} , hit ‘Publish’ or ‘Create new page’

    To output the list of topics in your theme sidebar using the widget…

    • * click “design” in the dashboard
    • * click “widgets”
    • * next to phpBB Recent Topics click “add”
    • * click “save changes”

    To output the list of topics in your theme sidebar using a template tag…

    • * edit sidebar.php and inside <div id=”sidebar”> type…
      if (function_exists('phpbb_topics')) {

A bit about Database configuration.
If wordpress & phpBB share a DB already then set $PHPBBDB to DB_NAME and everything will be fine, else you’re going to need to GRANT the wordpress user read access to phpBB.

How to GRANT wordpress read only access to phpBB ?
If you don’t know it already you need to find your wordpress mysql user id, it’ll be in wp-config.php

define('DB_USER', 'wp_user');     // Your MySQL username

and you should have already found your phpbb database & table for the above.
You need to type the following syntax into your mysql database

GRANT SELECT ON phpbb_database.phpbb_topics TO wp_user@localhost;

this can be achieved by logging into phpmyadmin as your phpbb user, selecting SQL and pasting the correct GRANT into the text box.

Frequently Asked Questions

  • Is phpbb3 supported?
    • yes.
  • Can I output 10 Topics in my Page, and 3 Topics in my Sidebar ?
    • Yes ! In the WordPress menu ‘Options’ -> ‘phpBB Recent Topics’, set ‘The number of topics to show’ to 10, and then in your sidebar include…<?php
      if (function_exists(‘phpbb_topics’)) {
  • Can I exclude a certain forum from the list ?
    • In this version, the only way to do that is to hack /wp-content/plugins/phpbb_recent_topics/display/display.php, change
      $results = $wpdb->get_results("SELECT * FROM $TOPIC_TABLE ORDER BY topic_time DESC LIMIT $LIMIT");


      $results = $wpdb->get_results("SELECT * FROM $TOPIC_TABLE WHERE forum_id != 1 ORDER BY topic_time DESC LIMIT $LIMIT");

      to exclude forum 1 from the list. I plan to setup a proper solution to this in the next version.

  • Why is the date config under settings not in the widget configuration?
    • The date settings effect both the template tag and the widget :)

I’ve always been honest about support, there isn’t any. Basically I write this for my own needs and then publish it for you to use for free. You’re more than welcome to post comments here and if you tag wordpress forum posts with “phpbb-recent-topics” I’ll reply to you there, but we all have busy lives and I make no promises on how quickly I’ll reply to you.

Link for posting in the correct phpbb-recent-topics forum

Finally Subversion
You also might be interested to know that I’ve been getting to grips with the wordpress plug-ins svn, so you can get work directly from here; and when wordpress.org re-crawls my readme the latest version will also be available on wordpress.org/extend/plugins/ :cool:

links for 2008-11-20


[ # ]