Security? that’s for pussy!
Seriously. SECURITY IS IMPORTANT! And it starts with what you put on your server.
Take this output:
Trying "www.***.ca" ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1812 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 3 ;; QUESTION SECTION: ;www.***.ca. IN ANY ;; ANSWER SECTION: www.***.ca. 3006 IN A *.*.*.235 ;; AUTHORITY SECTION: ***.ca. 3006 IN NS ns1.***.com. ***.ca. 3006 IN NS ns2.***.com. ***.ca. 3006 IN NS ns.***.com. ;; ADDITIONAL SECTION: ns.***.com. 132017 IN A *.*.*.55 ns1.***.com. 131340 IN A *.*.*.7 ns2.***.com. 131340 IN A *.*.*.235 Received 171 bytes from 192.168.7.235#53 in 12 ms
at first you don’t see anything wrong, right? right? Take a look again. The webserver is on the same machine as the nameserver?
Wait…. something doesn’t sound right?
Now you might be thinking: “They ave firewall, they are doing NAT/PAT and redirect the port 53/80 to another machine inside their network.”
It IS possible (and I damn hope it is) but so far the support we had and the level of profesionalism isn’t great. I wouldn’t be surprise it’s on the same machine. Not only that but their installed packages are OLD! They run Mysql 4, PHP 4, etc. there is probably dozen of exploits you could run. Someone could hack it and do some domain name server poisoning. Scary.
Sad. Very sad.
Also, if you look at the whois entry for ***.ca you will notice that it is outside of CIRA regulation (missing contact info).
Domain name: ***.ca
Domain status: EXIST
Approval date: 2008/04/23
Renewal date: 2013/04/23
Updated date: 2008/04/24
Registrar:
Name: Tucows.com Co.
Number: 156
Name servers:
ns2.***.com
ns.***.com
ns1.***.com
% WHOIS look-up made at 2010-02-23 21:25:21 (GMT)
%
% Use of CIRA's WHOIS service is governed by the Terms of Use in its Legal
% Notice, available at http://www.cira.ca/legal-notice/?lang=en
%
% (c) 2007 Canadian Internet Registration Authority, (http://www.cira.ca/)
Also, http:// ***.ca doesn’t work because there is not A entry in the DNS.
Note: sorry for the censorship but we still are in business with them.
HOWTO: Convert, transcode and stream a video feed.
There was this Foosball competition at my workplace and they ask me to do some nice! This was a side project at work that I complete in, roughly, 3 hours. It was fun because I was able to play with anything to make it work.
First lets explain what I had to do:
- Use an old SMC TV-IP200 camera
- Record it
- Stream this to ~40 people
- Archive it
The camera itself have a web server where you can see the live feed (a MJPEG stream). It’s nice and all BUT the port on the camera is 10 Mbps. After setting up the camera and adjusting the image settings the feed is 200 KB/s. More than 4 people watching it and the stream will lag.
02.11.10Working on live server = not something I like to do
But something you have to. I found some settings for top that make it work a bit better. that is not counting all the other custom tools that I run to make sure everything is smooth.
Also, watch is an amazing tool!
My setup when working on lives server
I also use dtach instead of screen, I never got around to learn screen. On the bright side, multiple people can interact with the dtach session since it’s using file to “attach/detach” a process.
The Tao of Leveling
I blatantly stole the title from the Escapist Magazine. Anyway, go read the The Tao of Leveling. It’s a good article.
I think you shouldn’t proud of that!
really? You are proud of that? I wouldn't.
As seen in the Ottawa byward market. Google Street View
Realistic and communist!
The question now is between Bono and Pollara who is realistic and who is communist?
The answer is in this article from CBC News and this one from Michel Geist.
I am not exactly surprise but Bono did gave me a reason to not buy his stuff. The quote from Pollara vice-president Robert Hutton is revealing:
What all this has to do with your topic of copyright laws, I admit, I’m not sure. Certainly, illegal downloading of copyright material is wrong. Certainly, not all those doing so are criminals in any logical sense of the word. The industry is very much to blame here, because they ignored their customers needs knowing full well that a technological revolution was at hand that would enable their customers to satisfy their needs, with or without them.
Source: Michel Geist Post
Please make your own opinion, don’t accept already made statements like CRIA and the House are doing all the time.
Also, Bono is a douche.
12.30.09WS4 doesn’t like to play with WSUS
First acronym: WS4 is Windows Search 4.0 and WSUS is Windows Server Updates Services.
Here is the deal: How the fuck can you declined the update? Apparently this is not possible. Or at least I haven’t found it. I tried searching the whole database with keyword and the KB number. Nothing!
Also, why Re-inventing the wheel? There is the Windows Search service that create an Index. What you created is a Google Desktop and you flag it as a update? WTF Microsoft? And now you ask “Why people hate us?”. That is the exact reason.
I Hate You. Not because windows is crap (linux was, it’s getting awsome), not because you don’t say how it works (I’m looking at you blob video drivers), It’s because of things like that, not acknowledging 0 day, disclosing vulnerability and not fixing them so people would upgrade and I’m sure the internet already have a lengthy list of why MS suck.
Need a Sock? in an array? IRC have the answer!
You where expecting “The Internet”? No, but at least IRC is encompass in The Internet so you’re right, in a way.
12.24.09-!- blehhhhh [n=muhammad@213-193-176-96.adsl.easynet.be] has joined #perl
<blehhhhh> hello guys, how am i able to create an array of socks ?
<mmlj4> open a drawer?
Happy Christmas!
I’m just lazy. So enjoy this post written 2 days ago.
2009 was amazing for me. Graduated with 2 diplomas, found a job that is not governmental, etc.
Now, all I need is love.
All You Need is Love from Across the Universe. 12.23.09
Christmas time!
And shopping time for a lots of people… not for me.
I have no plan to buy, run and jump into a crowd of unintelligent shopper just for the sake of getting gift.
Sorry friends, the most you will get from me is a card. And if you’re lucky, a bottle of wine or something that is actually useful.
English
Français 
