I set up a p133 laptop with 32mb ram and it runs windows 98 + winamp2 + aac plugin (I think it was this one) + browseamp. It plays 192kbps AAC files, and all MP3 great. Files get to the machine over mounted network drives, phsyically located on my file server.
I can then log in using my laptop (wifi, also a source of some files) over http and control all aspecs of winamp, including browsing the network shares. I can also VNC in =] Just a note, my network is 11g, and I have not tested it on 11b.
It works wonderfully, though, sometimes the AACs skip when I VNC in, so a faster CPU / more RAM would be great.
suppose a spammer harvests from a social network site and spoofs their source address to be from harvested addresses... it's pretty likely 2 people on the same social network site will be within eachother's threshhold if only the to/from/cc headers are used...
maybe more sophistocated techniques to include the source IP subnet or something? Some sender verification would be required.
I was looking at the protocol, and your MAC and your default gateway's MAC are sent along with login, maybe this is for authentication, or maybe it has something to do with their "progressive proximity search." Maybe if it can see what users are on what gateways, and use some IP geometric locating, it can group users? who knows?
incoming member update? [0x0A between each element] <M> <a>4141</a> member id <b>1054626160</b> timestamp <c>2</c></M> variations of <c> = 1,2
?? <N> <a>4141</a> remote uid </N>
login: <C> <a>xx-xx-xx-xx-xx-xx</a> my MAC <b1>xx-xx-xx-xx-xx-xx</b1> my default gateway's MAC <c>my login</c> <d>my password, MD5'd and probably salted. 32 bytes</d> <e>2.0</e> version? </C>
???: <L> <a>0</a> <b>1054630291</b> timestamp? <c>2</c> </L>... series of <M>...
request profile?: <D> <a>1498</a> <b>1</b> </D>... in a series, variations of <b> = 1,2 1=full, 2=partial?...
profile: <O> <a>1498</a> member id <p>missouri</p> location <b>1044120269</b> login time? <d>xxxxx</d> login <m>99</m> age <n>F</n> sex <g>xxx</g> first name <h>xxxl</h> last name <o>wardriver</o> profile data <e>xxxx@xxxx.com</e> email <i></i> <j>xxxxx</j> AIM <k></k> <l></l> <f>http://xxxxxxx.org</f> homepage <r>usa</r> <s>mo</s> state <t></t> city <u></u> languages? <v></v> school? <w></w> company? <q></q> base64 encoded image (not always present) </O>
If you own your own domain you can make all the email go to one account, and then give different sources a different address. For example amazon@ispooge.com, ebay@ispooge.com, some_merchant_site@ispooge.com... It is really nice to see who is giving your address out, and then you can throw mails with certain To: headers into a folder. Combined with a spam filter it would probably be a pretty good solution.
Add the windows boxes MAC addresses to their own VLANs and have the rest of the computers assigned to the open segment. Or just set up a named ACL to deny known 'security features' of windows, assuming it's a switched network.
Yea, but that isn't fair to the ISP. egress filtering is just more processing, requiring more equipment, more electricity, all at the expense of the ISP. It is their responsibility to provide bandwidth and keep everything up, not to filter it. In cisco the other day we learned that the ISP's responsibility ends at the POP, which means company networks are out of it. I think it is up to the companies them selves to regulate security.
Slashdot Mirror
Oh for crying out loud, the election is over!
Technology also makes it easier to escape.
I set up a p133 laptop with 32mb ram and it runs windows 98 + winamp2 + aac plugin (I think it was this one) + browseamp. It plays 192kbps AAC files, and all MP3 great. Files get to the machine over mounted network drives, phsyically located on my file server.
I can then log in using my laptop (wifi, also a source of some files) over http and control all aspecs of winamp, including browsing the network shares. I can also VNC in =] Just a note, my network is 11g, and I have not tested it on 11b.
It works wonderfully, though, sometimes the AACs skip when I VNC in, so a faster CPU / more RAM would be great.
suppose a spammer harvests from a social network site and spoofs their source address to be from harvested addresses... it's pretty likely 2 people on the same social network site will be within eachother's threshhold if only the to/from/cc headers are used...
maybe more sophistocated techniques to include the source IP subnet or something? Some sender verification would be required.
I was looking at the protocol, and your MAC and your default gateway's MAC are sent along with login, maybe this is for authentication, or maybe it has something to do with their "progressive proximity search." Maybe if it can see what users are on what gateways, and use some IP geometric locating, it can group users? who knows?
I got some data off the wire, here is what I made of it after about 10 min of observation:
... series of <M> ...
... in a series, variations of <b> = 1,2 ...
outgoing message:
<F><a>4181</a><b>testing out</b></F>
incoming message:
<Q><a>4181</a><b>gorgonzola</b></Q>
outgoing message:
<F>
<a>4181</a> remote uid
<b>testing out</b> message
</F>
incoming message:
<Q>
<a>4181</a> remote uid
<b>gorgonzola</b> message
</Q>
incoming member update? [0x0A between each element]
<M>
<a>4141</a> member id
<b>1054626160</b> timestamp
<c>2</c></M>
variations of <c> = 1,2
??
<N>
<a>4141</a> remote uid
</N>
login:
<C>
<a>xx-xx-xx-xx-xx-xx</a> my MAC
<b1>xx-xx-xx-xx-xx-xx</b1> my default gateway's MAC
<c>my login</c>
<d>my password, MD5'd and probably salted. 32 bytes</d>
<e>2.0</e> version?
</C>
???:
<L>
<a>0</a>
<b>1054630291</b> timestamp?
<c>2</c>
</L>
request profile?:
<D>
<a>1498</a>
<b>1</b>
</D>
1=full, 2=partial?
profile:
<O>
<a>1498</a> member id
<p>missouri</p> location
<b>1044120269</b> login time?
<d>xxxxx</d> login
<m>99</m> age
<n>F</n> sex
<g>xxx</g> first name
<h>xxxl</h> last name
<o>wardriver</o> profile data
<e>xxxx@xxxx.com</e> email
<i></i>
<j>xxxxx</j> AIM
<k></k>
<l></l>
<f>http://xxxxxxx.org</f> homepage
<r>usa</r>
<s>mo</s> state
<t></t> city
<u></u> languages?
<v></v> school?
<w></w> company?
<q></q> base64 encoded image (not always present)
</O>
What are you talking about? I am from the land of Minnesota nice, and it's true! Watch out for the drivers though, they are crazy.
If you own your own domain you can make all the email go to one account, and then give different sources a different address. For example amazon@ispooge.com, ebay@ispooge.com, some_merchant_site@ispooge.com... It is really nice to see who is giving your address out, and then you can throw mails with certain To: headers into a folder. Combined with a spam filter it would probably be a pretty good solution.
Add the windows boxes MAC addresses to their own VLANs and have the rest of the computers assigned to the open segment. Or just set up a named ACL to deny known 'security features' of windows, assuming it's a switched network.
There is an online petition to stop this at stoppoliceware.org. It also has ways to find contact information of your legislator, get the word out.
Yea, but that isn't fair to the ISP. egress filtering is just more processing, requiring more equipment, more electricity, all at the expense of the ISP. It is their responsibility to provide bandwidth and keep everything up, not to filter it. In cisco the other day we learned that the ISP's responsibility ends at the POP, which means company networks are out of it. I think it is up to the companies them selves to regulate security.
ahhh thats no fair.... a hundred bucks is hard to come by for sombody my age(15 at the time i bought it) and i had to pay for mine =[