So, how do you signup? Easy simply link to whatsthetide.com from your website, and send me the link.
And I’ll generate you a juicy serial! :)
Oh… and prizes for who can crack my serial algorithm! (Probably best not to bother with this one!)
After doing a lot of mapping, say 500 points on my GPS, I needed a way to get them of my GPS. Doing it by hand, are you crazy or just really, really technophobic? So after purchasing a cable off eBay for a few bucks, and not sure if Garmin’s software required a license, I downloaded the free software EasyGPS. Great! I thought, until I noticed that it only exported to GPX format, and I could only use copy and paste internally in the application. Well thank god, they aren’t Microsoft[1][2][3][4][5][6][7][8] and used XML [properly]. So I built a GPX2KML Converter. Questions, comments, suggestions are welcome. Leave them in the comments.
Have a look that this source code:
// Lowercase via is used by open proxies/referrer spammers
// Exceptions: Clearswift uses lowercase via (refuses to fix;
// may be blocked again in the future)
if (array_key_exists(’via’, $package['headers']) &&
!strstr($package['headers']['via'],’Clearswift Web Policy Engine’)) {
return “9c9e4979″;
}
Hm….
4.2 Message Headers HTTP header fields, which include general-header (section 4.5), request-header (section 5.3), response-header (section 6.2), and entity-header (section 7.1) fields, follow the same generic format as that given in Section 3.1 of RFC 822 [9]. Each header field consists of a name followed by a colon (”:”) and the field value. Field names are case-insensitive.
Well, it seems that: Clearswift, Coral CDN, etc are getting blocked because of this…
If you use Bad Behavior let me know you experiences with it, and if this is affecting you, you might want to contact them.
Can’t remember which arguments you have to use with tar, etc.?
*.tgz use tar -zxvf
*.tar.bz2 use tar -jxvf
*.tar.bzip2 use tar -jxvf
*.zip use unzip
*.tar use tar -xvf
*.bz2 use bunzip2 -d -v
*.gz use gunzip -d -v
*.arj use unarj
*.lha use lha x
*.ace use unace
*.rar use rar x (Note: on on some systems “unrar”, others “unrar x”)
*.cab use cabextract (Note: Some .cab files need unshield (apt-get install unshield))
*.Z use uncompress
*.zoo use zoo -extract
*.chm use chmextract
*.xpi use unzip
*.jar use jar xvf
*.deb use ar xv
*.lzo use lzop -x
*.7z use 7z x
Steven.
Ok, you’re on some channel on an IRC network… yada yada… so loser wants to hack you…
>Yeah, my IP is 127.0.0.1 go hack it…
Looks like they tried to…
There is your laugh for today…
I would of thought DShield would of filtered out bogus firewall logs…
Hm.. NULL even tried some hacking…
I wonder if 255.255.255.255 did?
Today I needed to use curl, but this time via a http proxy that required authentication:
curl_setopt($ch, CURLOPT_HTTPPROXYTUNNEL, 1);
curl_setopt($ch, CURLOPT_PROXY, ‘proxy.mybusiness.null:8080′);
curl_setopt($ch, CURLOPT_PROXYUSERPWD, ‘user:password’);
Easy, huh? Just add those three lines before you call curl_exec().
Steven.
Stefan Esser of the Hardened-PHP Project posted a security advisory of a flaw in ModSecurity regarding POST Data NULL Byte Rule Bypass.
The problem is that it is possible to bypass rules by adding NULL bytes to POST data with the application/x-www-form-urlencoded media type.
Now the funny part:
SOLUTION:
Do not rely solely on ModSecurity to block attacks.
ModSecurity isn’t a magical anti-hack solution, and the people who use it know that. Kinda stating a very obvious fix. How about “turn off scripting” :) [IE]
Steven.
The guys over at the Hardened-PHP Project have started a months of PHP Bugs. Whereby they set out to find vulnerabilities in the PHP Core (not any specific application). At the time of writing, they are up-to their 9th flaw. You can see all the action at php-security.org.
I am talking about in the context of Win NT. SID is an acronym for Security Identifier. Today I needed to change the name of my main box, simple because the name, well, was crap. So thinking back to the last time I needed to change a SID, I used the newsid.exe tool from [what was then] SysInternals and I remember seeing an option for changing the name of the computer. Now I could of simply inputting my current SID, but no, I was in a rush and chose to generate a random key. Big mistake, all my EFS encrypted files (which were not that important anyway, since I don’t use EFS to secure anything important) were made usless, now I could recover them, but to save me the trouble I obtained the old SID from SAM file (C:\WINDOWS\system32\config\SAM), by viewing the security tab, which then showed me my SID. (You will need to truncate after the 7th dash, eg. S-1-5-21-xxxxxxxxxxx-xxxxxxxxx-xxxxxxxxxx|-xxxx <– .The rest is just to do with the user name. The simple way to change the computer name is Control Panel>System>Computer Name>Change.
So there a lesson learn’t, do not change the SID!
Steven
