You'll still see the images though, but that's what my Squid proxy is for. (I don't want to pay to see your adverts. It's my bandwidth and money dammit.)
Only takes 12868 bytes
on
Code Redux
·
· Score: 2, Informative
Code Red will only slurp down 12868 bytes.
Don't do it - the 'net has enough stress on it with 5.9 million IIS running hosts trying to infect everything in site without you transmitting a bunch of zeroes.
I've seen some interesting fun done with backdoor.
One was the changing of the default home page to say... "This system has been infected! Fix me up as soon as possible!"
I've also heard reports of people trying to run Internet Explorer and forward them to the page where the patch is, but from what I've heard it hasn't worked.
It looks like it is testing for:
* Code Red 3 backdoor (found on all good Windows 2000 systems)
* A web server
* The ida overflow
* A web server (again)
Do you want to save CPU? (An issue on heavily loaded sites with oodles of cheap bandwidth.) Continue as you are without mod_gzip.
Do you want to save bandwidth? (An issue with expensive bandwidth.) Then sure, use mod_gzip and convert some of that CPU into bandwidth savings.
This is only thinking about the server end of things. On the other end of the connection is a user who also has limited bandwidth and CPU available.
So it varies. Athlon 800 serving huge text files on a 56K modem? mod_gzip. P90 dishing out 1x1 GIFs? Leave it as is.
One example of this CPU vs bandwidth I came across was when I was scp'ing a file across a Fast Ethernet (100MB) network. On one end was a K6/200, and the transfer was taking ages! Then I realised I had told SSH to compress data. It was eating CPU like crazy! So I stopped the transfer, and left off the compression flag. It went about three times faster.
Speaking as someone with experience unlike the parent of this message... I can say that it is very stable.
I used Mozilla almost daily, and I do a lot of surfing. At the moment I have a grand total of four Mozilla windows open (as I happen to have just closed about five of them). In addition to that I'm always testing the latest whacked out design I can think of.
And yes, it is much more stable than Netscape 4.78. 4.7 would crash on nested margins (which I use a lot). It also came across as having quite a flaky interface.
Now if only they'd fix these TEXTAREAs... (using the END key means you can't press the LEFT arrow, and skipping to the end of the text box means you get another line).
So get your head out of whatever it is currently in, and use a standards compliant browser.
I'm now 350M over the d/l limit, and a few megs over what'll fit on a CD..
Tell me about it! The only times I've paid for a Linux distro were:
When I bought a Redhat 5.2 Cheapbytes CD
When I did a network install of Mandrake and went a long way over my d/l limit
In download fees, Mandrake 8 cost me $NZ80 to install. Thank God for cheaper bandwidth plans these days (and why can't a minimal install of Mandrake fit into 70MB like some *nixes and distros? Huh?).
there are always systems where the sysadmin hasn't updated for years
Not always. I've come across open relays that are running fairly recent software. Witness the following (it is a genuine message):
Received: from fodge.net (xxx [xxx]) by ldserver.liandung.com.tw with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.1960.3
)
id M92JH4VS; Thu, 19 Jul 2001 17:11:49 +0800
They are actually 'possums', but you've got the right idea.
New Zealand has had a barrel of new species introduced for many reasons, and because of the difference in climate and food chain from where it originating, things went wild.
Here are some examples:
Ferrets and stoats - killed many of the flightless birds in the central South Island. The Takahe (flightless Pukeko-like bird) is nearly extinct
Gorse - being warmer than Scotland (or where it came from) it took off like crazy and now covers large patches of land
Rabbits - where'd all the grass go?
Possums - where'd all the trees go?
And there is more... eg, mutton bird population on Stewart Island, some type of robin down to the last four alive, brown kiwis getting killed by stray dogs, etc, etc.
Heat your house with solar panels (which a good friend of mine has
been doing since 1989 or so).
Take a look at a site by Simon Cope describing the house he lives in. It was completely powered by solar and wind generation for a few years. He was the first person to ask to be disconnected from the national grid. Then again he was the first to be connected back so he could sell his excess power to the grid. His power meter spins backwards.
BTW, New Zealand may in a few months be facing blackouts because the hydro dams which we use to generate power from are fairly empty. Time to get a UPS and a power cell to go with the solar water heating.
My copy of RealPlayer is registered to abuse@real.com. My copy of Quicktime is registered to abuse@apple.com.
Ditto for a lot of my other mail.
I also notice that funcards.com (or similiar) has a thing where it says:
To view this page and sign up for our newsletter click here: link
(To view this page, click here: link)
Most people hit the first link and get opted in to their mailing list without realising it. I've opted-in some addresses at their domain.:-) Dose of their own medicine.
Handy dandy, but I've recently found that + and - characters aren't supported by all mail user agents.
One case in point, I had published an email address in the form 'bla - fodge @ domain . summink', and I received an email to 'fodge @ domain . summink'. The MUA had ommitted the 'bla - ' part of the address that was being used to filter out spam.
Another poster many posts ago said that the BEST way was to use a subdomain, and then eventually drop that subdomain. With no MX and no A for the subdomain, the spammer won't know where to send the mail - which is better than post facto filters and post-connection fatal errors from your SMTP daemon. They will already have used your resources by that time, even if you never get to see the email.
I'm using a text-only browser (because this computer doesn't support anything but an 80x25 text display) and I'm afraid I can't read your email address.
I understand that on my personal web site and have included an image with a detailed ALT tag that even blind users will be able to use. It doesn't help cognitive impaired people unfortunately, but there is a form they can use.
A meta-comment: what has happened to full disclosure? Normally full disclosure is required in all articles to show where the author's bias lies.
In this article it cited a case where one office run by The New York Times Company was searching. The NY Times that the linked article is on is run by The New York Times Company.
They SHOULD have mentioned that. They were talking about themselves (always a great source of bias) and they didn't even bother to mention that.
Nit picking I know, but hey, I was real, fully disclosed news, not fluffy bunnies.
Your letter is a bit too long. It should be short and to the point. People don't have the patience to stick around. Heck, even I didn't, and I'm not on a sugar-induced hyperactivity buzz.
If they want more information, give them a link, otherwise, keep it short. You only have 5 seconds to make an impact, not a half hour sermon.
Let me see if I can trim it down a bit for ya:
Recently a programmer has been arrested for analyzing encryption software and writing a tool for disabled people to be able to use Adobe eBooks.
He was arrested under the Digital Millenium Copyright Act (DMCA), a law which makes some decryption software illegal.
Decryption is
necessary to watch DVD movies, read Adobe eBooks, and listen to music. The encryption is there only to restrict USE. Your use.
The DMCA has had a chilling effect on speech. A Princeton professor was recently prohibited (through threat of a DMCA lawsuit by the Recording Industry Association of America) from presenting a research paper.
In general, the DMCA severely hinders the analysis of security
protocols. In addition, were the DMCA law 20 years ago, the personal computer revolution would have been "illegal" (under the DMCA) because reverse engineering was an important part.
Some members of the programming/computer science/research community have drafted a statement that will be sent to Congress and anyone else that can help change this situation. Please take a moment to read this and become educated about the DMCA.
http://www.dibona.com/dmca/
Sure I've left out a lot of details and it can be construed as spin-doctoring a little, but if people want the details, the link will have them all.
I also recommend you add a footer to the email:
FORWARD THIS TO EVERYONE IN YOUR ADDRESS BOOK WITHIN 10 MINUTES OR YOU WON'T BE ALLOWED TO WATCH MOVIES ANY MORE WHICH IS BAD AND STUFF.
Slashdot Mirror
Downloading software and then running it ... sounds quite like Java, and a whole bunch of other stuff.
Who swiped the Scooby snacks?
It isn't quite so advanced, but simply add advertiser domains to your restricted sites zone. In the restricted sites zone they will have no Java, cookies, or Javascript - all of which are annoying.
You'll still see the images though, but that's what my Squid proxy is for. (I don't want to pay to see your adverts. It's my bandwidth and money dammit.)
Code Red will only slurp down 12868 bytes.
Don't do it - the 'net has enough stress on it with 5.9 million IIS running hosts trying to infect everything in site without you transmitting a bunch of zeroes.
Yes, so I had similiar thoughts, but Daniel Lawson taught me better. (Thanks Daniel BTW.)
I've seen some interesting fun done with backdoor.
One was the changing of the default home page to say ... "This system has been infected! Fix me up as soon as possible!"
I've also heard reports of people trying to run Internet Explorer and forward them to the page where the patch is, but from what I've heard it hasn't worked.
A couplea hours ago this one was quite funny: http://202.108.221.61/
I tried it out. This is what appeared in the log.
/scripts/root.exe?/c+dir+c:\ HTTP/1.0" 404 286 "-" "-"
/NULL.ida?XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXX=X HTTP/1.1" 404 284 "-" "-"
- 216.201.108.18 - - [08/Aug/2001:19:29:45 +1200] "GET
- 216.201.108.18 - - [08/Aug/2001:19:29:46 +1200] "GET / HTTP/1.0" 200 1948 "-"
"-"
210.zz.zz.zz 216.201.108.18 - - [08/Aug/2001:19:29:46 +1200] "GET
- 216.201.108.18 - - [08/Aug/2001:19:29:48 +1200] "GET / HTTP/1.0" 200 1948 "-"
"-"
(I've snipped by IP BTW.)
It looks like it is testing for:
* Code Red 3 backdoor (found on all good Windows 2000 systems)
* A web server
* The ida overflow
* A web server (again)
It's a case of what you want to optimise for.
Do you want to save CPU? (An issue on heavily loaded sites with oodles of cheap bandwidth.) Continue as you are without mod_gzip.
Do you want to save bandwidth? (An issue with expensive bandwidth.) Then sure, use mod_gzip and convert some of that CPU into bandwidth savings.
This is only thinking about the server end of things. On the other end of the connection is a user who also has limited bandwidth and CPU available.
So it varies. Athlon 800 serving huge text files on a 56K modem? mod_gzip. P90 dishing out 1x1 GIFs? Leave it as is.
One example of this CPU vs bandwidth I came across was when I was scp'ing a file across a Fast Ethernet (100MB) network. On one end was a K6/200, and the transfer was taking ages! Then I realised I had told SSH to compress data. It was eating CPU like crazy! So I stopped the transfer, and left off the compression flag. It went about three times faster.
He pads out his pages with bogus keywords to help the spiders. Here's a quote:
<font class=hidden> <!-- a few words for the spiders --> Greasy Daemon, FreeBSD, OpenBSD, NetBSD, BSDi, Unix, Internet, Networking, NFS, Netatalk, SMB, Samba, Security, Guide, News, Benchmark, SSH, OpenSSH, Cryptography, TTY,
(and so it goes on ...)
Speaking as someone with experience unlike the parent of this message ... I can say that it is very stable.
I used Mozilla almost daily, and I do a lot of surfing. At the moment I have a grand total of four Mozilla windows open (as I happen to have just closed about five of them). In addition to that I'm always testing the latest whacked out design I can think of.
And yes, it is much more stable than Netscape 4.78. 4.7 would crash on nested margins (which I use a lot). It also came across as having quite a flaky interface.
Now if only they'd fix these TEXTAREAs ... (using the END key means you can't press the LEFT arrow, and skipping to the end of the text box means you get another line).
So get your head out of whatever it is currently in, and use a standards compliant browser.
Tell me about it! The only times I've paid for a Linux distro were:
In download fees, Mandrake 8 cost me $NZ80 to install. Thank God for cheaper bandwidth plans these days (and why can't a minimal install of Mandrake fit into 70MB like some *nixes and distros? Huh?).
Buddy, have you read the most recent Netcraft Web Server Survey, released barely two days ago?
And another thing, the reason why Linux is not infected is because it didn't have that silly buffer overflow.
Not always. I've come across open relays that are running fairly recent software. Witness the following (it is a genuine message):
They are actually 'possums', but you've got the right idea.
New Zealand has had a barrel of new species introduced for many reasons, and because of the difference in climate and food chain from where it originating, things went wild.
Here are some examples:
And there is more ... eg, mutton bird population on Stewart Island, some type of robin down to the last four alive, brown kiwis getting killed by stray dogs, etc, etc.
Ya think? PHPLIB has been OSS for a long time and only recently programming problems of the above type were found in it.
OSS isn't the magic elixir. It's a step in the right direction.
I wonder if they paid for that copy of MySQL ...
(MySQL now comes in a new dolphin flavoured package.)
You also forgot that you need to remove quotes as well.
When it helpfully fills in a text box, you have to escape the quotes. Take this example:
Now we craft the malicious string ( " onfocus="alert('howdy'); ) and place it in the text box like so:
See also my article on Accepting input and malicious script insertion.
Lots of sites are vulnerable. Lots of sites have lazy developers.
Take a look at a site by Simon Cope describing the house he lives in. It was completely powered by solar and wind generation for a few years. He was the first person to ask to be disconnected from the national grid. Then again he was the first to be connected back so he could sell his excess power to the grid. His power meter spins backwards.
BTW, New Zealand may in a few months be facing blackouts because the hydro dams which we use to generate power from are fairly empty. Time to get a UPS and a power cell to go with the solar water heating.
How the hang did you figure that out?
My copy of RealPlayer is registered to abuse@real.com. My copy of Quicktime is registered to abuse@apple.com.
Ditto for a lot of my other mail.
I also notice that funcards.com (or similiar) has a thing where it says:
Most people hit the first link and get opted in to their mailing list without realising it. I've opted-in some addresses at their domain. :-) Dose of their own medicine.
Handy dandy, but I've recently found that + and - characters aren't supported by all mail user agents.
One case in point, I had published an email address in the form 'bla - fodge @ domain . summink', and I received an email to 'fodge @ domain . summink'. The MUA had ommitted the 'bla - ' part of the address that was being used to filter out spam.
Another poster many posts ago said that the BEST way was to use a subdomain, and then eventually drop that subdomain. With no MX and no A for the subdomain, the spammer won't know where to send the mail - which is better than post facto filters and post-connection fatal errors from your SMTP daemon. They will already have used your resources by that time, even if you never get to see the email.
I'm using a text-only browser (because this computer doesn't support anything but an 80x25 text display) and I'm afraid I can't read your email address.
Might I also point out that your web site violates several of the Web Accessibility Initiatives's guidelines.
I understand that on my personal web site and have included an image with a detailed ALT tag that even blind users will be able to use. It doesn't help cognitive impaired people unfortunately, but there is a form they can use.
P.S., see also the UID on my GPG key.
Web forms are a great idea. They actually encourage people to write to you.
The only problem is when the person writing types their address in wrong.
I think usual rates for the increase in the amount of feedback you get when changing from a mailto: link to a form are something like 10x the amount.
Another thing is the feedback forms I've added to my web site. In the past I might get one comment every two months. Now I get several a day.
Still there are some old skool people who want your email address, or in case you break your form and don't notice - then how do they contact you?
Indeed. This is known as the Delphi debating method.
Read more at this location: Delphi debating - http://www.icehouse.net/lmstuter/page0019.htm
A meta-comment: what has happened to full disclosure? Normally full disclosure is required in all articles to show where the author's bias lies.
In this article it cited a case where one office run by The New York Times Company was searching. The NY Times that the linked article is on is run by The New York Times Company.
They SHOULD have mentioned that. They were talking about themselves (always a great source of bias) and they didn't even bother to mention that.
Nit picking I know, but hey, I was real, fully disclosed news, not fluffy bunnies.
Your letter is a bit too long. It should be short and to the point. People don't have the patience to stick around. Heck, even I didn't, and I'm not on a sugar-induced hyperactivity buzz.
If they want more information, give them a link, otherwise, keep it short. You only have 5 seconds to make an impact, not a half hour sermon.
Let me see if I can trim it down a bit for ya:
Sure I've left out a lot of details and it can be construed as spin-doctoring a little, but if people want the details, the link will have them all.
I also recommend you add a footer to the email:
;-)
Yeah, bla bla Colombine bla bla.
What about the people that don't make it into a hundred tear-jerking articles?
The OSD isn't the same as DMOZ. Similiar idea though.
I also share your concern over DMOZ. I was declined as an editor for an editor-less category that I know inside and out.