Slashdot Mirror

I travelled through Cambodia last November - the prices there may range from under $1 to over $5 for tourists, depending on where you go - fancy hotels are of course the most expensive. In Ratanakiri, a remote province, there was only one place that offered net access for $5/15 minutes. So without knowing exactly how those prices are compiled (average in capital city? average throughout country?), the accuracy is difficult to judge - more so since your poorer locals aren't going to go to the fancy hotel for net access.

This map is also really decieving b/c many net cafes i've been to have different rates: one for foreigners, one for locals, and one for friends. The same place in Lima, Peru will charge me differently depending on how well i speak spanish when i walk in (and how i'm dressed, etc). Thus, this map is trying to compare two numbers which don't necessarily directly relate to each other.

On a different note, i hated Thailand, but i only spent a couple days in Bangkok. I think the first day there i met every con artist in the city.

I don't see that the article tests ext3 made with dirindex. In my tests on Fedora Core 2 Test 1, dirindex drastically changes ext3's performance.

Bonnie++ Single file tests, Bonnie++ Multiple file tests.

These tests were run on a Dell 1750, dual 2.4 Xeon, 2GB ram, 3 35GB drives in RAID5 configuration (hardware RAID), each test done in the same 10GB partition, and the results shown are the average of 5 bonnie++ runs (with the exception of jfs - it hung after the 3rd run and yes i opened a bug ticket with fedora about it) with ext2 being 100% and everything else shown in relation to its performance.

I don't see that the article tests ext3 made with dirindex. In my tests on Fedora Core 2 Test 1, dirindex drastically changes ext3's performance.

Bonnie++ Single file tests, Bonnie++ Multiple file tests.

These tests were run on a Dell 1750, dual 2.4 Xeon, 2GB ram, 3 35GB drives in RAID5 configuration (hardware RAID), each test done in the same 10GB partition, and the results shown are the average of 5 bonnie++ runs (with the exception of jfs - it hung after the 3rd run and yes i opened a bug ticket with fedora about it) with ext2 being 100% and everything else shown in relation to its performance.

As for html being used in art, that's what the second show at http://art.by.arena.ne.jp/ (1995) was all about. Plus some art shows have featured websites as part of their exhibitions for a while - nothing major that i can think of, but groups like http://entity.ummu.umich.edu/. Then there were (are? can't find link) the minimalist competitions - designing in under 5k pages - and the like. If you want pictures made from html then maybe my http://www.blackant.net/code/oth/img-html-src.html will suffice.

I'm sure i'm missing plenty of other sites and competitions but it's only 7am in my TZ.

Omaha, NE is real close to where SAC operated back in the day. what's the name of the air force base there? i belive Bush flew there during 9/11.

Had the Cold War gone hot, Omaha would have been well within the affected area of a number of nukes. Then again, Washignton would have been, too. Better to keep docs in Your Big City, and then in some Nowheresville.

if you ever drive through NE, check out the SAC museum, off of I-80 in between Omaha and Lincoln (my photos of the musuem). it has a number of beautiful aircraft as well as a lot of historical information. Not nearly as large as the Dayton Museum (my photos), but still worth the stop.

Omaha, NE is real close to where SAC operated back in the day. what's the name of the air force base there? i belive Bush flew there during 9/11.

Had the Cold War gone hot, Omaha would have been well within the affected area of a number of nukes. Then again, Washignton would have been, too. Better to keep docs in Your Big City, and then in some Nowheresville.

if you ever drive through NE, check out the SAC museum, off of I-80 in between Omaha and Lincoln (my photos of the musuem). it has a number of beautiful aircraft as well as a lot of historical information. Not nearly as large as the Dayton Museum (my photos), but still worth the stop.

kind of similar to RAID 1 with ramdisk/hd. after the mirror is rebuilt, take the hd out of the picture. re-insert hd and resync periodically for backups. won't decrease your boottime and is really esoteric.

i did something similar in OpenBSD: howto and benchmarks

i wrote this many years ago, it is why i originally learned perl-
HTML to VRML converter
dont know how well/poorly it works, havent used it in ages and have gone through many perl changes since then.

email can look good.
you just gotta look at it in the right way!

detail, project page

email can look good.
you just gotta look at it in the right way!

detail, project page

email can look good.
you just gotta look at it in the right way!

detail, project page

email can look good.
you just gotta look at it in the right way!

detail, project page

email can look good.
you just gotta look at it in the right way!

detail, project page

email can look good.
you just gotta look at it in the right way!

detail, project page

sometimes we get servers thrown in our laps that already have gfx cards which aren't needed. my last Sun came with 128mb video card plus an onboard 64mb card. i don't use either one since i use serial console on the thing.

I'm working on cd's that will install themselves into memory filesystems. Problem is, to get a decent set of apps i need a lot of memory. Using vram would be very nice, maybe not for a machine that i would spec out since i'd buy it with enough RAM, but what about borrowing/hijacking machines? Imagine using this cd to go to library, boot computer from cd, cd ejects (so there's no trace of you since upon reboot, mem is wiped), you walk on. what you left behind: a machine running gnutella and using memory file systems to store files on. getting more space from the vram would be essential.

Here is a photo plus the recipe, in case anyone wants to link to it. It doesn't take much preparation but takes a long cooking time, so halfway through your all night coding session you'll have a good meal.

PostModern Casserole

Ingredients

1 package sobe noodles
1 green pepper
1 onion
1 measurement quinoa
2 measurements nutrional yeast
1 measurement thyme
1 quantity tempeh
1 spoonful rocoto salsa*

Preparation

Cut green pepper,onion and tempeh.
Fry the onion and tempeh on low heat in some oil.
Cook sobe noodles quite al dente.
Pour noodles and water into crock pot (you better not have too much water)
Dump pepper, onion, tempeh and quinoa into the crock pot.
Mix in thyme, rocoto and nutritional yeast.
Sprinkle layer of nutritional yeast on top of food.
Place lid on crock pot and leave on low for a few hours, or on high for less time.
It's done when the quinoa is cooked, there is no sitting water and you're hungry.

Optional
Add corn and calamata olives.

* not meant to be too hot. remember - good hot stuff is tasty first, hot second.

one more thing, it's vegan and has enough fiber for even CowboyNeal.

i've written a how-to on this; it's at http://www.blackant.net/other/random/how-to-google whack.php and repeated below for your convenience.

HOW-TO GoogleWhack

1) think of complex word, mispell it, and search dictionary.com for the misspelling.

example:
word: insullatory
http://www.dictionary.com/search?q=insullatory

2) look through dictionary.com suggestions for a very odd-sounding word, look at definition of word.

example:
word: inculcation
http://www.dictionary.com/search?q=inculcation&r=3

3) do google search for the word and for derivatives of the word.

example:
words tried: inculcation, inculcator

4) choose word that has the least google returns

example:
inculcation: 14100 returns
inculcator: 238 returns
we choose inculcator.

5) if the returns number more than 1000 for any word or derivative, go back to step 1.

6) in the google returns for the word selected, look for an odd word in the returns, preferably one that is unrelated to the definition of the first word.

example:
words: inculcator, adepts

7) do a google search for both words. if it has more than one return, go to step 5.

8) submit your googlewhack

example:
words: inculcator, tablet.

9) once you find one googlewhack, look at the page returned for more odd/awkward words. use these as potential new googlewhacks.

using this method, i found a googlewhack in less than ten minutes (took me longer to write this up) and have repeatedly done so.

but i don't plagiaise, i'm not in school, and i've other things to do than race towards a placebo for plagiarists, or even panacea for plagiarists.

a guy i know asked for something similar earlier today, but his request was...
My vision is a tool that you download a list of "categories" such as: "pr0n", "web e-mail", "environmentalism", "news", "hacking", "mp3", etc... and for each category there are thousands of URLs that are just continuously requested

i modified some spiders i had lying around and came up with a script that does google queries for terms you specify and then follows the searches returned. here is the script. It currently does no error checking and i havent tested it that much, just wrote it this morning, but it could be easily modified to do random queries.

i wrote something that did random queries and created pages from that a few years ago. there are other people who've done similar, like JWZ's webcollage, which he also integrated into Xscreensaver, so running that screensaver will generate constant random traffic.

my co-worker Joe opened up and mod'ed his hard drive too. didn't require a clean room, but the drive doesn't work too well.

which checks your Accept_Language HTTP header to see if the primary language is one that babelfish can handle, and if it is redirects you to the bablefish translation of the page, otherwise to the english version.

Setting a cookie will let you pinpoint that a given instance of netscape is viewing your site. with lack of cookies you can tell that a given ip is viewing your site, but then proxies will get you in trouble and may get you some nice email (that one deals with those pesky nipr.mil people). Using ip, timestamps and useragent can get you a more accurate pinpointing, but still not exact.

I like to set an invisible image at the bottom of my website with a special id on it. This image gets changed at onunload which, for those who use javascript and unload the page, will tell me how long they viewed any given page. (some of this info is also presented at the bottom of every page).

If you really wanted to and could afford a fully dynamic site you could have every single link called with a ?sessionid at the end of it (like http://www.example.com/?1234) and have this reset if the referer wasnt from your site (this could cover people copying and pasting that link to someone else) and then parse through your logs afterwards. but that could get annoying.

as far as thelogs go, a friend of mine has apache log directly to mysql which facilitates his parsing. as another poster mentioned, sniffing traffic can help alleviate strain on your webserver - a nice openbsd bridging firewall will do the trick. (checking your firewall logs is handy in other ways - i have some hidden "easter eggs" on my site which appear to be exploits on my box - i check who gets to those pages and then who tries to connect to port XX and see what ip's match up - nice little stats)

One time i wondered what would happen if i matched the ips from my mail headers to the ips from my weblogs. It turns out that around %1 of the unique ips in my mail headers also appeared in the weblogs, which means that with pretty fair certainty i knew who was browsing my site. But this mainly works due to the personal natureof my site.

On the other hand, if you've access to lastlogs, query logs, and weblogs you can really start identifying local users of your website. i work at a local college and can learn a lot about a particular viewer by seeing if the same ip is logged in to a given server, or by looking at the query log and seeing what else they've done dns lookups for. Add in a messaging system and you can freak people out. (i also use this to freak out people who search images.google.com for 'breast' and get to my site (i'm a photographer too)).

one other thing i find useful is to keep track of who searches for robots.txt. this can be an indication that someone is a robot or proxy. It also helps me present special information to search engines, allowing them to know of (and thus index) a new page the next time they get to my site (i put a couple special links if you access robots.txt)

a friend of mine runs a journal/bbs website and was wondering about tracking his users when they create different accounts. We are thinking about implementing something similar to my spam identification to identify similar writing styles and possibly the same people in different accounts.

Once you've gathered up some data you'll want to look at it in a nice way. you could use excel or you could create some really nice webmaps (that site also has links to similar mapping projects).

finally a word of advice, if you put up a page of your refer logs, include that as disallowed in your robots.txt or you will get a lot of strangely referred people.

oh, and keep in mind no one method will be %100 accurate, but a combination of methods can get you close.

and there was an article not too long ago about MIT (i think) doing studies into howpeople view webpages - that is, if mouse is over to side of screen then person is most likely reading page, if mouse in middle of page then probably not, etc).

maybe forcing every viewer into a frameset and then tracking changes in the subframes is a viable option. associate a frame change to a hidden image change with an encoded identifier.

ok, thats it for now.

Setting a cookie will let you pinpoint that a given instance of netscape is viewing your site. with lack of cookies you can tell that a given ip is viewing your site, but then proxies will get you in trouble and may get you some nice email (that one deals with those pesky nipr.mil people). Using ip, timestamps and useragent can get you a more accurate pinpointing, but still not exact.

I like to set an invisible image at the bottom of my website with a special id on it. This image gets changed at onunload which, for those who use javascript and unload the page, will tell me how long they viewed any given page. (some of this info is also presented at the bottom of every page).

If you really wanted to and could afford a fully dynamic site you could have every single link called with a ?sessionid at the end of it (like http://www.example.com/?1234) and have this reset if the referer wasnt from your site (this could cover people copying and pasting that link to someone else) and then parse through your logs afterwards. but that could get annoying.

as far as thelogs go, a friend of mine has apache log directly to mysql which facilitates his parsing. as another poster mentioned, sniffing traffic can help alleviate strain on your webserver - a nice openbsd bridging firewall will do the trick. (checking your firewall logs is handy in other ways - i have some hidden "easter eggs" on my site which appear to be exploits on my box - i check who gets to those pages and then who tries to connect to port XX and see what ip's match up - nice little stats)

One time i wondered what would happen if i matched the ips from my mail headers to the ips from my weblogs. It turns out that around %1 of the unique ips in my mail headers also appeared in the weblogs, which means that with pretty fair certainty i knew who was browsing my site. But this mainly works due to the personal natureof my site.

On the other hand, if you've access to lastlogs, query logs, and weblogs you can really start identifying local users of your website. i work at a local college and can learn a lot about a particular viewer by seeing if the same ip is logged in to a given server, or by looking at the query log and seeing what else they've done dns lookups for. Add in a messaging system and you can freak people out. (i also use this to freak out people who search images.google.com for 'breast' and get to my site (i'm a photographer too)).

one other thing i find useful is to keep track of who searches for robots.txt. this can be an indication that someone is a robot or proxy. It also helps me present special information to search engines, allowing them to know of (and thus index) a new page the next time they get to my site (i put a couple special links if you access robots.txt)

a friend of mine runs a journal/bbs website and was wondering about tracking his users when they create different accounts. We are thinking about implementing something similar to my spam identification to identify similar writing styles and possibly the same people in different accounts.

Once you've gathered up some data you'll want to look at it in a nice way. you could use excel or you could create some really nice webmaps (that site also has links to similar mapping projects).

finally a word of advice, if you put up a page of your refer logs, include that as disallowed in your robots.txt or you will get a lot of strangely referred people.

oh, and keep in mind no one method will be %100 accurate, but a combination of methods can get you close.

and there was an article not too long ago about MIT (i think) doing studies into howpeople view webpages - that is, if mouse is over to side of screen then person is most likely reading page, if mouse in middle of page then probably not, etc).

maybe forcing every viewer into a frameset and then tracking changes in the subframes is a viable option. associate a frame change to a hidden image change with an encoded identifier.

ok, thats it for now.

Setting a cookie will let you pinpoint that a given instance of netscape is viewing your site. with lack of cookies you can tell that a given ip is viewing your site, but then proxies will get you in trouble and may get you some nice email (that one deals with those pesky nipr.mil people). Using ip, timestamps and useragent can get you a more accurate pinpointing, but still not exact.

I like to set an invisible image at the bottom of my website with a special id on it. This image gets changed at onunload which, for those who use javascript and unload the page, will tell me how long they viewed any given page. (some of this info is also presented at the bottom of every page).

If you really wanted to and could afford a fully dynamic site you could have every single link called with a ?sessionid at the end of it (like http://www.example.com/?1234) and have this reset if the referer wasnt from your site (this could cover people copying and pasting that link to someone else) and then parse through your logs afterwards. but that could get annoying.

as far as thelogs go, a friend of mine has apache log directly to mysql which facilitates his parsing. as another poster mentioned, sniffing traffic can help alleviate strain on your webserver - a nice openbsd bridging firewall will do the trick. (checking your firewall logs is handy in other ways - i have some hidden "easter eggs" on my site which appear to be exploits on my box - i check who gets to those pages and then who tries to connect to port XX and see what ip's match up - nice little stats)

One time i wondered what would happen if i matched the ips from my mail headers to the ips from my weblogs. It turns out that around %1 of the unique ips in my mail headers also appeared in the weblogs, which means that with pretty fair certainty i knew who was browsing my site. But this mainly works due to the personal natureof my site.

On the other hand, if you've access to lastlogs, query logs, and weblogs you can really start identifying local users of your website. i work at a local college and can learn a lot about a particular viewer by seeing if the same ip is logged in to a given server, or by looking at the query log and seeing what else they've done dns lookups for. Add in a messaging system and you can freak people out. (i also use this to freak out people who search images.google.com for 'breast' and get to my site (i'm a photographer too)).

one other thing i find useful is to keep track of who searches for robots.txt. this can be an indication that someone is a robot or proxy. It also helps me present special information to search engines, allowing them to know of (and thus index) a new page the next time they get to my site (i put a couple special links if you access robots.txt)

a friend of mine runs a journal/bbs website and was wondering about tracking his users when they create different accounts. We are thinking about implementing something similar to my spam identification to identify similar writing styles and possibly the same people in different accounts.

Once you've gathered up some data you'll want to look at it in a nice way. you could use excel or you could create some really nice webmaps (that site also has links to similar mapping projects).

finally a word of advice, if you put up a page of your refer logs, include that as disallowed in your robots.txt or you will get a lot of strangely referred people.

oh, and keep in mind no one method will be %100 accurate, but a combination of methods can get you close.

and there was an article not too long ago about MIT (i think) doing studies into howpeople view webpages - that is, if mouse is over to side of screen then person is most likely reading page, if mouse in middle of page then probably not, etc).

maybe forcing every viewer into a frameset and then tracking changes in the subframes is a viable option. associate a frame change to a hidden image change with an encoded identifier.

ok, thats it for now.

Setting a cookie will let you pinpoint that a given instance of netscape is viewing your site. with lack of cookies you can tell that a given ip is viewing your site, but then proxies will get you in trouble and may get you some nice email (that one deals with those pesky nipr.mil people). Using ip, timestamps and useragent can get you a more accurate pinpointing, but still not exact.

I like to set an invisible image at the bottom of my website with a special id on it. This image gets changed at onunload which, for those who use javascript and unload the page, will tell me how long they viewed any given page. (some of this info is also presented at the bottom of every page).

If you really wanted to and could afford a fully dynamic site you could have every single link called with a ?sessionid at the end of it (like http://www.example.com/?1234) and have this reset if the referer wasnt from your site (this could cover people copying and pasting that link to someone else) and then parse through your logs afterwards. but that could get annoying.

as far as thelogs go, a friend of mine has apache log directly to mysql which facilitates his parsing. as another poster mentioned, sniffing traffic can help alleviate strain on your webserver - a nice openbsd bridging firewall will do the trick. (checking your firewall logs is handy in other ways - i have some hidden "easter eggs" on my site which appear to be exploits on my box - i check who gets to those pages and then who tries to connect to port XX and see what ip's match up - nice little stats)

One time i wondered what would happen if i matched the ips from my mail headers to the ips from my weblogs. It turns out that around %1 of the unique ips in my mail headers also appeared in the weblogs, which means that with pretty fair certainty i knew who was browsing my site. But this mainly works due to the personal natureof my site.

On the other hand, if you've access to lastlogs, query logs, and weblogs you can really start identifying local users of your website. i work at a local college and can learn a lot about a particular viewer by seeing if the same ip is logged in to a given server, or by looking at the query log and seeing what else they've done dns lookups for. Add in a messaging system and you can freak people out. (i also use this to freak out people who search images.google.com for 'breast' and get to my site (i'm a photographer too)).

one other thing i find useful is to keep track of who searches for robots.txt. this can be an indication that someone is a robot or proxy. It also helps me present special information to search engines, allowing them to know of (and thus index) a new page the next time they get to my site (i put a couple special links if you access robots.txt)

a friend of mine runs a journal/bbs website and was wondering about tracking his users when they create different accounts. We are thinking about implementing something similar to my spam identification to identify similar writing styles and possibly the same people in different accounts.

Once you've gathered up some data you'll want to look at it in a nice way. you could use excel or you could create some really nice webmaps (that site also has links to similar mapping projects).

finally a word of advice, if you put up a page of your refer logs, include that as disallowed in your robots.txt or you will get a lot of strangely referred people.

oh, and keep in mind no one method will be %100 accurate, but a combination of methods can get you close.

and there was an article not too long ago about MIT (i think) doing studies into howpeople view webpages - that is, if mouse is over to side of screen then person is most likely reading page, if mouse in middle of page then probably not, etc).

maybe forcing every viewer into a frameset and then tracking changes in the subframes is a viable option. associate a frame change to a hidden image change with an encoded identifier.

ok, thats it for now.

Setting a cookie will let you pinpoint that a given instance of netscape is viewing your site. with lack of cookies you can tell that a given ip is viewing your site, but then proxies will get you in trouble and may get you some nice email (that one deals with those pesky nipr.mil people). Using ip, timestamps and useragent can get you a more accurate pinpointing, but still not exact.

I like to set an invisible image at the bottom of my website with a special id on it. This image gets changed at onunload which, for those who use javascript and unload the page, will tell me how long they viewed any given page. (some of this info is also presented at the bottom of every page).

If you really wanted to and could afford a fully dynamic site you could have every single link called with a ?sessionid at the end of it (like http://www.example.com/?1234) and have this reset if the referer wasnt from your site (this could cover people copying and pasting that link to someone else) and then parse through your logs afterwards. but that could get annoying.

as far as thelogs go, a friend of mine has apache log directly to mysql which facilitates his parsing. as another poster mentioned, sniffing traffic can help alleviate strain on your webserver - a nice openbsd bridging firewall will do the trick. (checking your firewall logs is handy in other ways - i have some hidden "easter eggs" on my site which appear to be exploits on my box - i check who gets to those pages and then who tries to connect to port XX and see what ip's match up - nice little stats)

One time i wondered what would happen if i matched the ips from my mail headers to the ips from my weblogs. It turns out that around %1 of the unique ips in my mail headers also appeared in the weblogs, which means that with pretty fair certainty i knew who was browsing my site. But this mainly works due to the personal natureof my site.

On the other hand, if you've access to lastlogs, query logs, and weblogs you can really start identifying local users of your website. i work at a local college and can learn a lot about a particular viewer by seeing if the same ip is logged in to a given server, or by looking at the query log and seeing what else they've done dns lookups for. Add in a messaging system and you can freak people out. (i also use this to freak out people who search images.google.com for 'breast' and get to my site (i'm a photographer too)).

one other thing i find useful is to keep track of who searches for robots.txt. this can be an indication that someone is a robot or proxy. It also helps me present special information to search engines, allowing them to know of (and thus index) a new page the next time they get to my site (i put a couple special links if you access robots.txt)

a friend of mine runs a journal/bbs website and was wondering about tracking his users when they create different accounts. We are thinking about implementing something similar to my spam identification to identify similar writing styles and possibly the same people in different accounts.

Once you've gathered up some data you'll want to look at it in a nice way. you could use excel or you could create some really nice webmaps (that site also has links to similar mapping projects).

finally a word of advice, if you put up a page of your refer logs, include that as disallowed in your robots.txt or you will get a lot of strangely referred people.

oh, and keep in mind no one method will be %100 accurate, but a combination of methods can get you close.

and there was an article not too long ago about MIT (i think) doing studies into howpeople view webpages - that is, if mouse is over to side of screen then person is most likely reading page, if mouse in middle of page then probably not, etc).

maybe forcing every viewer into a frameset and then tracking changes in the subframes is a viable option. associate a frame change to a hidden image change with an encoded identifier.

ok, thats it for now.

Setting a cookie will let you pinpoint that a given instance of netscape is viewing your site. with lack of cookies you can tell that a given ip is viewing your site, but then proxies will get you in trouble and may get you some nice email (that one deals with those pesky nipr.mil people). Using ip, timestamps and useragent can get you a more accurate pinpointing, but still not exact.

I like to set an invisible image at the bottom of my website with a special id on it. This image gets changed at onunload which, for those who use javascript and unload the page, will tell me how long they viewed any given page. (some of this info is also presented at the bottom of every page).

If you really wanted to and could afford a fully dynamic site you could have every single link called with a ?sessionid at the end of it (like http://www.example.com/?1234) and have this reset if the referer wasnt from your site (this could cover people copying and pasting that link to someone else) and then parse through your logs afterwards. but that could get annoying.

as far as thelogs go, a friend of mine has apache log directly to mysql which facilitates his parsing. as another poster mentioned, sniffing traffic can help alleviate strain on your webserver - a nice openbsd bridging firewall will do the trick. (checking your firewall logs is handy in other ways - i have some hidden "easter eggs" on my site which appear to be exploits on my box - i check who gets to those pages and then who tries to connect to port XX and see what ip's match up - nice little stats)

One time i wondered what would happen if i matched the ips from my mail headers to the ips from my weblogs. It turns out that around %1 of the unique ips in my mail headers also appeared in the weblogs, which means that with pretty fair certainty i knew who was browsing my site. But this mainly works due to the personal natureof my site.

On the other hand, if you've access to lastlogs, query logs, and weblogs you can really start identifying local users of your website. i work at a local college and can learn a lot about a particular viewer by seeing if the same ip is logged in to a given server, or by looking at the query log and seeing what else they've done dns lookups for. Add in a messaging system and you can freak people out. (i also use this to freak out people who search images.google.com for 'breast' and get to my site (i'm a photographer too)).

one other thing i find useful is to keep track of who searches for robots.txt. this can be an indication that someone is a robot or proxy. It also helps me present special information to search engines, allowing them to know of (and thus index) a new page the next time they get to my site (i put a couple special links if you access robots.txt)

a friend of mine runs a journal/bbs website and was wondering about tracking his users when they create different accounts. We are thinking about implementing something similar to my spam identification to identify similar writing styles and possibly the same people in different accounts.

Once you've gathered up some data you'll want to look at it in a nice way. you could use excel or you could create some really nice webmaps (that site also has links to similar mapping projects).

finally a word of advice, if you put up a page of your refer logs, include that as disallowed in your robots.txt or you will get a lot of strangely referred people.

oh, and keep in mind no one method will be %100 accurate, but a combination of methods can get you close.

and there was an article not too long ago about MIT (i think) doing studies into howpeople view webpages - that is, if mouse is over to side of screen then person is most likely reading page, if mouse in middle of page then probably not, etc).

maybe forcing every viewer into a frameset and then tracking changes in the subframes is a viable option. associate a frame change to a hidden image change with an encoded identifier.

ok, thats it for now.

Setting a cookie will let you pinpoint that a given instance of netscape is viewing your site. with lack of cookies you can tell that a given ip is viewing your site, but then proxies will get you in trouble and may get you some nice email (that one deals with those pesky nipr.mil people). Using ip, timestamps and useragent can get you a more accurate pinpointing, but still not exact.

I like to set an invisible image at the bottom of my website with a special id on it. This image gets changed at onunload which, for those who use javascript and unload the page, will tell me how long they viewed any given page. (some of this info is also presented at the bottom of every page).

If you really wanted to and could afford a fully dynamic site you could have every single link called with a ?sessionid at the end of it (like http://www.example.com/?1234) and have this reset if the referer wasnt from your site (this could cover people copying and pasting that link to someone else) and then parse through your logs afterwards. but that could get annoying.

as far as thelogs go, a friend of mine has apache log directly to mysql which facilitates his parsing. as another poster mentioned, sniffing traffic can help alleviate strain on your webserver - a nice openbsd bridging firewall will do the trick. (checking your firewall logs is handy in other ways - i have some hidden "easter eggs" on my site which appear to be exploits on my box - i check who gets to those pages and then who tries to connect to port XX and see what ip's match up - nice little stats)

One time i wondered what would happen if i matched the ips from my mail headers to the ips from my weblogs. It turns out that around %1 of the unique ips in my mail headers also appeared in the weblogs, which means that with pretty fair certainty i knew who was browsing my site. But this mainly works due to the personal natureof my site.

On the other hand, if you've access to lastlogs, query logs, and weblogs you can really start identifying local users of your website. i work at a local college and can learn a lot about a particular viewer by seeing if the same ip is logged in to a given server, or by looking at the query log and seeing what else they've done dns lookups for. Add in a messaging system and you can freak people out. (i also use this to freak out people who search images.google.com for 'breast' and get to my site (i'm a photographer too)).

one other thing i find useful is to keep track of who searches for robots.txt. this can be an indication that someone is a robot or proxy. It also helps me present special information to search engines, allowing them to know of (and thus index) a new page the next time they get to my site (i put a couple special links if you access robots.txt)

a friend of mine runs a journal/bbs website and was wondering about tracking his users when they create different accounts. We are thinking about implementing something similar to my spam identification to identify similar writing styles and possibly the same people in different accounts.

Once you've gathered up some data you'll want to look at it in a nice way. you could use excel or you could create some really nice webmaps (that site also has links to similar mapping projects).

finally a word of advice, if you put up a page of your refer logs, include that as disallowed in your robots.txt or you will get a lot of strangely referred people.

oh, and keep in mind no one method will be %100 accurate, but a combination of methods can get you close.

and there was an article not too long ago about MIT (i think) doing studies into howpeople view webpages - that is, if mouse is over to side of screen then person is most likely reading page, if mouse in middle of page then probably not, etc).

maybe forcing every viewer into a frameset and then tracking changes in the subframes is a viable option. associate a frame change to a hidden image change with an encoded identifier.

ok, thats it for now.

everytime spam gets mentioned on slashdot, someone says this, and everytime i respond with the work i've been doing-
pattern matching spam
uses word counts and phrase counts from known spam and known good mail to match against incoming mail. requires a certain amount of known spam/not spam, but otherwise it has a good rate of matching spam/not spam and doesn't require the incoming mail to at all known beforehand.

Handmade presents are the best, and handmade presents with a geek theme are great for geeks.

Why not give your s.o./parents a portrait of yourself made out of your code, like using the Text-Image plug-in for the GIMP, or my own image to text. Get a nice hi-res image of yourself and your best perl script/r00t sploit, combine the two and print it out on some photo quality paper, mat and frame it.

use the case of an old monitor as the pot for a large plant.

make a custom keyboard which only has the letters of your s.o.'s name.

get out the dremel, epoxy, spare parts, creativity and go at it.

Handmade presents are the best, and handmade presents with a geek theme are great for geeks.

Why not give your s.o./parents a portrait of yourself made out of your code, like using the Text-Image plug-in for the GIMP, or my own image to text. Get a nice hi-res image of yourself and your best perl script/r00t sploit, combine the two and print it out on some photo quality paper, mat and frame it.

use the case of an old monitor as the pot for a large plant.

make a custom keyboard which only has the letters of your s.o.'s name.

get out the dremel, epoxy, spare parts, creativity and go at it.

Handmade presents are the best, and handmade presents with a geek theme are great for geeks.

Why not give your s.o./parents a portrait of yourself made out of your code, like using the Text-Image plug-in for the GIMP, or my own image to text. Get a nice hi-res image of yourself and your best perl script/r00t sploit, combine the two and print it out on some photo quality paper, mat and frame it.

use the case of an old monitor as the pot for a large plant.

make a custom keyboard which only has the letters of your s.o.'s name.

get out the dremel, epoxy, spare parts, creativity and go at it.

walk around town with laptop in backpack then go somewhere to see what's been found - like an internet cafe, which is also useful for probing the network in question (like probing their network from the outside to find what router to spoof - determine this based off the ips in the tcpdumps from the walk) - here's what i've found

most of the unencrypted networks found will have nice tcpdumps chock full of arp requests, novell and nt broadcast messages. can tell you a lot about the network in question.

if you can find a discrete location close to the building in question then you have your entry point. of course cops dont really know what you're doing anyways (though they give some real wierd stares at 3am) so you might be safe. spoofing the router is generally wasy, gaining external access should be fine, sometimes they're real kind and leave a dhcp server accessible for you. but either all these places have taken the time to setup some real nice honeypost or they're real.

i'm giving a talk about this at rubi-con, plus my webstie has more info, not that i've done anything like this, of course.

i wrote it down but was too drunk to write it legibly-
http://www.blackant.net/other/images/page4.php

Farid's Publications

say, which one of those papers listed on the page you mention talks about Farid's steganographic detection work?

The best part about Neil Provos' work is that he goes both ways, working on both OutGuess and stegdetect.

While i'm singing the praises of Neil Provos, thanks for your work on OpenSSH and pf, as well as the rest of the OpenBSD work you've contributed.

-f
http://www.blackant.net/

that's fuckin' hilarious!!!!

Do you have a photo of it? I use stuff like that for my 404 pages and would like that on there. or just tell me where it's at (404 miles north of LA on I-5, i imagine) and the next time i'm there i'll take a photo of it.

Instead of giving you a t-shirt those now-defunct dotcom's would have given you a license to wear their logo.

The subscription service will not be for wireless service, it will be for designs and logos and phrases. Want to show off your enjoyment of the latest boy-band? Buy a license for their logo and go download their mod for your shirt. (aside: if it was named similar to winamp, would that be licensing a new "skin" for your shirt?)

Personally, i prefer to make my own shirts, though making a silk screen for one or two shirts is a laborious process and CafePress just doesn't cut it (industrial iron-on? *shudder*). A technology whereby i can easily show off a new design would be nice.

Clothes that change colour reminds me of Rorschach from Watchmen.

And this book about flying frogs describes the phenomena as well.

When i first read that book i was thoroughly Freaked Out. It's one thing for frogs to fly thanks to magnetic levitation, quite another when they start riding lilypads into your house. I've since trained my cat to attack flying frogs.

The hit you saw on the 20th might also be from someone in a different time zone - you're in EDT? Was the hit before 6am on the 20th? I got one hit on the 20th but it was before 6am so i figured it was someone in different timezone.

As far as the amount of hits that you're getting now, it is most likely due to the time the worm has to be in infect mode coupled with any random deviation (since the spread is random you might see 10 hits one day, 50 the next - i don't know the statistical term for this).

My logs thus far show about an average of 21 hits per day this time around versus 24 hits on the 19th, so i don't see that much change.

oh yeah, here you go:
grep default.ida?NNNNN access_log | cut -f2 -d[ | cut -f1 -d/ | sort | uniq -c
for default apache logs :-)

i tried that, had very good success. read more about it at:

http://www.blackant.net/code/oth/random/nlp-spamfi lter.php

i collected a sample of 30-plus spam messages as well as 30-plus not spam messages and ran some word and phrase frequency counts on each group, then threw that data into a couple mysql tables. Next i match the phrase and word frequency counts to new mail that arrives, and depending on how closely the new mail matches the known groups, i can tell whether or not the mail is spam.

by tweaking the exact amount needed to be determined as spam or not-spam, i had very, very good success rate - out of 32 messages checked using this method, all were appropriately identified as either spam or not-spam.

I've been meaning to continue with this line of spam detection, increasing the size of the db and testing it on a larger sample of mail (read: all my mail) and then seeing if the results were still as good, but...

-f

The Code-Red worm is a wake-up call. This exploit demonstrates clearly the need to keep machines up-to-date with security developments

We should assess our response to the attack -- How quickly and reliably can we disseminate news about the threat? How quickly can infected hosts be located, isolated, and repaired? In the case of the Code-Red worm, even windowsupdate.microsoft.com was infected, and many hosts were re-infected during attempts to patch them.

(the last line included in regards to a separate post in this thread).

and now back to mp3s -

talking about Code Red in the file sharing column made me think that it would be interesting to distribute files via http requests in a fashion similar to Code Red's exploit attempts via GET requests.
This hides sharing a file in some other protocol, steganographically transferring a file.

I couldn't find anything out there like that, so i did some quick coding and came up with:
stegweb, a method to use HTTP GET requests and your web logs to distribute files.

the code is sloppy, the idea is impractical, but oh well it was fun to code.

-f