A couple months ago while I was trying to make some decent progress on Nuubz when I came to a point that I realized I needed to start and do some serious work on an unrelated project before I could advance what I wanted to work on. In particular, I wanted to move the system/site security forward, which I hope will lead to better comment spam prevention and better all around security. I already had a plan in place, I just needed to actually implement it.

Enter Project Indigo. Or at least *MY* Project Indigo.

Some years ago, while working at a web hosting company, I noticed that people kept trying to break into a site of mine for which I literally had no content. There was a single, simple HTML file saying “There’s nothing here yet.” So, I quickly wrote a script and database to record those attacks. That system has been tracking these attacks for 6 years. Last year, I noticed an abundance of brute force ssh attacks on the server as well, and started recording those in a separate system. I decided to put this data together in a security web site project to help the masses, and myself, but I just didn’t get around to doing it until Nuubz prodded me to do so.

So, I put an old domain name I owned to use and Project Indigo was born. I still have a lot to do on it, including actually providing some useful information beyond some statistics on the home page, but as you can see, it’s receiving live information currently from two virtual private servers. (I’m getting ready to shut one down, however.) There have been over 700,000 SSH attacks detected and reported to the system as of this moment, while only 2,700 “404” attacks. I emphasize “404” attacks because these are just pure page not found attacks; in my honeypot site, these are requests for pages that don’t currently and have never existed on the site, and don’t have any additional attack parameters. There’s another similar attack that I’m simply calling “web attacks” that aren’t yet reported, these are (again on my honeypot sites) page requests with GET, POST, and/or cookie values that were never requested, used, or expected on the site, regardless of whether the requested page has existed or not. (Again, on the honeypot site, most of the pages that have been targeted have never existed.)

I’m still debating whether I should try to make a business out of this or not, but I’m willing to accept donations. I’ll provide that information when I make it possible to register an account on the site and put a little more polish into it. In the mean time, some attack data is available on Google if you search for “site:prjindigo.com” and machine readable data on a given IP address is available at https://www.prjindigo.com/data/<ip address>.json . Both IPv4 and IPv6 addresses are supported though I’ve only seen a few v6 addresses enter the system at this point. (Be sure to URL encode IPv6 addresses.)

I have created a Github repo for the honeypot software, which is still in active development as well, and I’m working on a Go language program to report the data and possibly parse log files to get ssh failure data. (I’m still unsure about using Go to parse that data as the log files may change from OS to OS.) Don’t rush out and clone either repo yet, both depend on client identifiers and encryption keys that depend on having an account at the Project Indigo website, which, as I indicated above, isn’t quite ready for that yet. But I’ll be sure to post here when the time has come.

This is a brief summary of the current development status of Nuubz.

  • All development is being done using Apache, PHP 7, PostgreSQL 9.5.x, jQuery, and Bootstrap on Linux. The software, once feature complete, will be adapted to include MySQL/MariaDB support.
  • Native account creation and login is fully functional.
  • OAuth2 support is approximately 60% implemented from scratch based on RFC 6749; obtaining access token from Google and Facebook has been tested and works properly, though more work is necessary to obtain user information from both services.
  • Support for separate read/write and read-only databases is implemented; this will allow for a master-slave/server-replicant configuration if the site administrator so desires. This will not, however, transfer files such as the comic image from server to server; a network file system is recommended for that.
  • Support for Google Analytics, reCAPTCHA, Akismet, and Project Honeypot is built in.
  • HTML5 support is the targeted HTML level.
  • Multiple language support for both interface and comic.
  • Microdata support is being implemented in the base theme.
  • Multi-home support is being implemented as well, to allow a single installation of the software to support multiple comics with different domain names. This will only require that the additional domains be parked on the server and point to the same directory.

I’m more than likely forgetting some features that have been, are being or will be implemented, but this makes a good first status report.

If you wish to play around with something, feel free to visit the comment spam tester.

Over the last few months, I’ve been [albeit slowly] working on a new piece of software. Instead of something for Android or a particular operating system, this one is for the web. While browsing my favorite webcomics, I came to realize that many were using WordPress which seemed like a problem to me. While WordPress is a hugely popular and flexible piece of software, it’s really overkill for webcomics. So, I started developing my own dedicated piece of software that I’m calling Nuubz.

It’s still relatively early in development, but if you want to watch on progress, you can visit http://dev.nuubz.com to take a look. Be sure to check back regularly as I make progress.