#openteacher - 2017-04-26
[13:35:07] <lordnoid> Can't it be ported to some asyncio IRC library?
[13:46:05] <commandoline> Yes, turned out to be less of a problem than I thought, I switched to, what was the name again...
[13:46:21] <commandoline> pydle
[13:46:40] <commandoline> also already found a bug in 3.3 :(
[13:47:14] <commandoline> pretty much disables typing tutor. Still, I guess it's better than the topo one :P
[14:10:23] <lordnoid> true, everything is better than the topo one
[14:10:31] <lordnoid> We got surprisingly few complaints about that
[14:14:44] <commandoline> yeah, for the amount of downloads it's a bit weird. That said, creating a bug report on launchpad requires quite a few steps for a novice. And topo is probably still used less than words. It's less advertised functionality (e.g. on the website etc.)
[14:15:13] <commandoline> speaking about .downloads . I'm curious about the numbers lately.
[14:15:13] <OTbot> http://openteacher.org/en/download.html
[14:15:18] <commandoline> .stats
[14:15:18] <OTbot> http://sourceforge.net/projects/openteacher/files/stats
[14:16:23] <commandoline> that's actually suprisingly stable.
[14:17:11] <lordnoid> should include ubuntu package installs
[14:17:16] <lordnoid> 33127 openteacher 1227 4 1217 2 4 (Unknown)
[14:17:22] <lordnoid> But that's not very much :P
[14:17:44] <commandoline> by default you're not publishing stats to pocon IIRC.
[14:17:51] <commandoline> *popcon
[14:18:16] <lordnoid> ah that's right
[14:18:51] <lordnoid> still now we know that 0.3% uses it regularly
[14:19:02] <lordnoid> but I don't know what the definition of regularly is
[14:30:01] <commandoline> the debian tools noticed the new release btw. Now it's just waiting for a human to take over: https://tracker.debian.org/pkg/openteacher
[14:33:03] <commandoline> Seems like oldstable is still shipping 2.3. I knew debian's release cycle was conservative, but the software in there is positively ancient.
[14:38:10] <lordnoid> yes I noticed the same. I don't know how their versioning works exactly but I think the current major stable is from 2012 so oldstable is probably very old
[14:39:47] <lordnoid> but the new stable should come out very soon so then oldstable won't be so old :)
[14:41:52] <commandoline> true :)
[15:00:27] <lordnoid> do the apache access logs on your home server also look like this? : "GET /phpmyadmin/setup.php 404" "GET /login 404" etc etc
[15:01:01] <lordnoid> or vps
[15:02:26] <commandoline> yep:
[15:02:26] <commandoline> proxy_1 | nginx.1 | web.openteacher.org 84.121.30.96 - - [26/Apr/2017:12:11:35 +0000] "GET /wp-login.php HTTP/1.1" 404 170 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1"
[15:04:04] <commandoline> it seems like Yandex is also still trying to crawl pages I removed 5 years ago... :P
[15:06:24] <lordnoid> same here, some rss reader trying to open pages that have been gone for many years
[15:06:27] <commandoline> it does surprise me that it's always phpmyadmin and wordpress though. Probably the best economic tradeoff between wide deployment of old versions and exploits being available.
[15:06:53] <commandoline> still, I'd expect some other CMSs in there.
[15:07:20] <lordnoid> problem is I actually host a wordpress site on it, so I see lots of wp-login.php with 200 :P
[15:07:26] <lordnoid> But they probably try "admin123" etc.
[15:09:25] <lordnoid> "GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1" 404 498 "-" "ZmEu"
[15:09:34] <lordnoid> some don't really try to hide their identity
[15:12:31] <commandoline> I actually have a wordpress site running too, but they get send a 301 because it's https-only. Seems like the spider doesn't follow up on that :P
[15:13:37] <lordnoid> hm mine is also https only but my attackers are smarter unfortunately
[15:17:35] <lordnoid> some are stuck on 301s indeed :)
[15:19:16] <commandoline> to be fair, the ones that don't follow up are probably the smart ones. https-only sites probably on average have better security, and in the time you're building up an https connection, you could try two other sites on your list. Both provide no guarantee that you'll hit a vulnerable wordpress site.
[15:20:55] <lordnoid> good point
[13:46:05] <commandoline> Yes, turned out to be less of a problem than I thought, I switched to, what was the name again...
[13:46:21] <commandoline> pydle
[13:46:40] <commandoline> also already found a bug in 3.3 :(
[13:47:14] <commandoline> pretty much disables typing tutor. Still, I guess it's better than the topo one :P
[14:10:23] <lordnoid> true, everything is better than the topo one
[14:10:31] <lordnoid> We got surprisingly few complaints about that
[14:14:44] <commandoline> yeah, for the amount of downloads it's a bit weird. That said, creating a bug report on launchpad requires quite a few steps for a novice. And topo is probably still used less than words. It's less advertised functionality (e.g. on the website etc.)
[14:15:13] <commandoline> speaking about .downloads . I'm curious about the numbers lately.
[14:15:13] <OTbot> http://openteacher.org/en/download.html
[14:15:18] <commandoline> .stats
[14:15:18] <OTbot> http://sourceforge.net/projects/openteacher/files/stats
[14:16:23] <commandoline> that's actually suprisingly stable.
[14:17:11] <lordnoid> should include ubuntu package installs
[14:17:16] <lordnoid> 33127 openteacher 1227 4 1217 2 4 (Unknown)
[14:17:22] <lordnoid> But that's not very much :P
[14:17:44] <commandoline> by default you're not publishing stats to pocon IIRC.
[14:17:51] <commandoline> *popcon
[14:18:16] <lordnoid> ah that's right
[14:18:51] <lordnoid> still now we know that 0.3% uses it regularly
[14:19:02] <lordnoid> but I don't know what the definition of regularly is
[14:30:01] <commandoline> the debian tools noticed the new release btw. Now it's just waiting for a human to take over: https://tracker.debian.org/pkg/openteacher
[14:33:03] <commandoline> Seems like oldstable is still shipping 2.3. I knew debian's release cycle was conservative, but the software in there is positively ancient.
[14:38:10] <lordnoid> yes I noticed the same. I don't know how their versioning works exactly but I think the current major stable is from 2012 so oldstable is probably very old
[14:39:47] <lordnoid> but the new stable should come out very soon so then oldstable won't be so old :)
[14:41:52] <commandoline> true :)
[15:00:27] <lordnoid> do the apache access logs on your home server also look like this? : "GET /phpmyadmin/setup.php 404" "GET /login 404" etc etc
[15:01:01] <lordnoid> or vps
[15:02:26] <commandoline> yep:
[15:02:26] <commandoline> proxy_1 | nginx.1 | web.openteacher.org 84.121.30.96 - - [26/Apr/2017:12:11:35 +0000] "GET /wp-login.php HTTP/1.1" 404 170 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1"
[15:04:04] <commandoline> it seems like Yandex is also still trying to crawl pages I removed 5 years ago... :P
[15:06:24] <lordnoid> same here, some rss reader trying to open pages that have been gone for many years
[15:06:27] <commandoline> it does surprise me that it's always phpmyadmin and wordpress though. Probably the best economic tradeoff between wide deployment of old versions and exploits being available.
[15:06:53] <commandoline> still, I'd expect some other CMSs in there.
[15:07:20] <lordnoid> problem is I actually host a wordpress site on it, so I see lots of wp-login.php with 200 :P
[15:07:26] <lordnoid> But they probably try "admin123" etc.
[15:09:25] <lordnoid> "GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1" 404 498 "-" "ZmEu"
[15:09:34] <lordnoid> some don't really try to hide their identity
[15:12:31] <commandoline> I actually have a wordpress site running too, but they get send a 301 because it's https-only. Seems like the spider doesn't follow up on that :P
[15:13:37] <lordnoid> hm mine is also https only but my attackers are smarter unfortunately
[15:17:35] <lordnoid> some are stuck on 301s indeed :)
[15:19:16] <commandoline> to be fair, the ones that don't follow up are probably the smart ones. https-only sites probably on average have better security, and in the time you're building up an https connection, you could try two other sites on your list. Both provide no guarantee that you'll hit a vulnerable wordpress site.
[15:20:55] <lordnoid> good point