Messages

451

iago's forum / Re: Photoalbum Program needs a name

« on: September 25, 2005, 05:21:16 pm »

AFIAK the PHP license agreement forbids the use of 'php' in the name for anything you make in PHP.

phpbb?

See http://www.php.net/license/

Q. I've written a project in PHP that I'm going to release as open source, and I'd like to call it PHPTransmogrifier. Is that OK?

A. We cannot really stop you from using PHP in the name of your project unless you include any code from the PHP distribution, in which case you would be violating the license. But we would really prefer if people would come up with their own names independent of the PHP name.

Why you ask? You are only trying to contribute to the PHP community. That may be true, but by using the PHP name you are explicitly linking your efforts to those of the entire PHP development community and the years of work that has gone into the PHP project. Every time a flaw is found in one of the thousands of applications out there that call themselves "PHP-Something" the negative karma that generates reflects unfairly on the entire PHP project. We had nothing to do with PHP-Nuke, for example, and every bugtraq posting on that says "PHP" in it. Your particular project may in fact be the greatest thing ever, but we have to be consistent in how we handle these requests and we honestly have no way of knowing whether your project is actually the greatest thing ever.

So, please, pick a name that stands on its own merits. If your stuff is good, it will not take long to establish a reputation for yourselves. Look at Zope, for example, that is a framework for Python that doesn't have Python in the name. Smarty as well doesn't have PHP in the name and does quite well.

452

iago's forum / Re: ospap - Alpha1

« on: September 25, 2005, 05:18:56 pm »

A couple of suggestions instead of doing things like

function display_footer()
{

print("<HR>\n");

print("Written by <A HREF=\"mailto:iago@valhallalegends.com\">Ron Bowes</A>, 2005.  Comments welcome!\n");

print("</BODY>\n");

print("</HTML>\n");
}

in the skins try something like

function display_footer()
{

$footer = <<< FOOTER
<HR>
Written by <A HREF="mailto:iago@valhallalegends.com">Ron Bowes</A>, 2005.  Comments welcome!
</BODY>
</HTML>

FOOTER;

print($footer);
}

Much friendlier when you want to go and change it.

Also when viewing images you should use Previous/Next vs the image's title because it makes it nicer and prevents someone from making a short title and forcing me to move my mouse.

453

iago's forum / Re: Photoalbum Program needs a name

« on: September 25, 2005, 05:02:48 pm »

AFIAK the PHP license agreement forbids the use of 'php' in the name for anything you make in PHP.

Open/Free are both overused in names and rarely are programs named as such successful. Find a cool word that describes your program and use that or if you can't do that make up a word or use a common one like Windows.

454

Tutorials, References, and Examples / Re: Virus Development

« on: September 19, 2005, 11:04:46 pm »

Quik compiled some "evil" code on my machine (d.c).

Not only did it succeed in consuming all of my memory (very noticeable when programs start crashing) AND spawn a root shell (I guess this is harmless), he now had full access to my system. With full access, a quick rm -rf / and everything is gone. Very noticeable indeed.

I think it's safer to say that with Linux, it's harder to hide the virus. A lot harder. A Linux virus, even if it corrupts ps, won't corrupt /proc more than likely, so hiding itself is virtually useless.

newby@impaler:~$ echo "There are really" `ls -d /proc/* | grep [0-9] | wc -l` "processes running on my boxen." ;
echo "ps tells me there are" `ps aux | wc -l` "processes running. Hmm.."
There are really 145 processes running on my boxen.
ps tells me there are 145 processes running. Hmm..

When they don't show up evenly, you know there is something wrong with your system.

Also, most linux viruses, to my knowledge, are just exploits that end up crashing your system or spawning some root shell which will cat /dev/urandom > every drive outputted in df -h, which is hard to not notice.

I had a virus on my Win98 ME box once. The only reason I knew I had one is because netstat returned something connected to 6667. I didn't use IRC at the time.

Hmm... the process list looks normal. What could it be?

I had to reformat to get rid of it.

* Newby shrugs.

How many users are going to actually compare the output of ps and /proc? Most normal users aren't going to do that and as such a virus would have an easy time hiding. Compared to windows where Blaster and the other recent worm have triggered reboots that notify the user via a dialog making it insanely hard to miss that something is wrong.

It's easy to hide code on both Windows and Linux, and on every other OS that I know of.  Once malicious code gets into your machine, there's really no way to guarentee that it's ever gone.  If anybody asks me what to do after they get a virus or something, I tell them to format.  That's the only way to be sure.

The trick is, to hide code, you generally need to do kernel modification (a rootkit, or kernel module, or system driver, or anything like that).  On Windows, every use (almost) runs as Administrator, so any malicious program can do that.  On Linux, most users run at the user level, so it would be harder to hide malicious code.  But still possible, though, since you can hide malicious code (as a few examples) as a Firefox extension, as a Gaim plugin, and probably a dozen other places.  But at least, when you're a user, you can't hide it in program executables (infecting /usr/bin/ls or C:\windows\sytem32\explorer.exe, or wherever explorer is, is evil).

To summarize: if you're running as root/administrator, on either Windows or Linux, there are tons of places to hide evil code, it's game over.
If you're running as a user, it's more difficult, but still possible.

Actually the method im thinking of would infect explorer but as far as I know doesn't require administrator or even write access to explorer.exe only to c:\. I still say the average user is more likely to notice an infection on Windows simply because of the way it is setup for simplicity.

One of my friends made a blizzard specific virus, which hooked the logging in of diablo2 and starcraft and stole the login, password and cdkey.  It created files in the C:\windows\font folder.  Windows is really gay with that folder, not letting you see the contents of it other then fonts.  It then infected scvhost.  It has a remote control program 'Minimo'(?), and was pretty good for undectable.  Nortan, macafee, avg, nod32 didn't find anything wrong with it, and he got lots of diablo 2 characters and items, and cdkeys too.  Written in C++ (I have the source) and very light weight.

You should clarify, its not Windows messing with c:\windows\font but Explorer. Also small viruses tend not to be picked up by major antivirus software. I suspect you'd have to infect x many people with x being in the thousands to hundreds of thousands range before they start trying to detect you.

455

Tutorials, References, and Examples / Re: Virus Development

« on: September 19, 2005, 09:04:16 pm »

Back onto the orginal topic. I came across an interesting way of 'infecting' a windows machine awhile back however it would still require an exploit to get the code onto the windows machine in the first place.

When you look at most of the evil(to avoid the virus/worm/trojan debate I'll refer to it as evil) code out there for windows now it is all destructive. Destructive in that it crashes the windows machine it is running on so its rather obvious that something bad has happened. What would the impact have been if things like Blaster didn't invoke a crash and restart? I'd being willing to argue that with the evil code out there today its actually safer to be running windows vs. linux because of the fact that its easier to hide on linux than it is on windows.

456

General Discussion / Re: Nintendo ftw

« on: September 17, 2005, 09:42:57 pm »

People bitched about the XBoxs controller when it first came out too. Suggest every takes the old advice of 'Not judging a book by its cover'.

457

General Discussion / Re: Windows Vista: 7 flavors

« on: September 11, 2005, 05:02:34 pm »

What a bunch of fucking fools. No one is going to want to pay for an OS only to have it crippled. Its comparable to trying to sell Half-Life 2: Uber Lame edition which only has the cut scenes and no game play or such. When making different editions you're suppose to add things that people want to make better editions and not take away things people want to make worse editions. Leave it to Microsoft to fuck it up.

The best operating system ever offered for a personal PC, optimized for the individual. Windows Vista Ultimate Edition is a superset of both Vista Home Premium and Vista Pro Edition, so it includes all of the features of both of those product versions, plus adds Game Performance Tweaker with integrated gaming experiences, a Podcast creation utility (under consideration, may be cut from product), and online "Club" services (exclusive access to music, movies, services and preferred customer care) and other offerings (also under consideration, may be cut from product). Microsoft is still investigating how to position its most impressive Windows release yet, and is looking into offering Ultimate Edition owners such services as extended A1 subscriptions, free music downloads, free movie downloads, Online Spotlight and entertainment software, preferred product support, and custom themes. There is nothing like Vista Ultimate Edition today. This version is aimed at high-end PC users and technology influencers, gamers, digital media enthusiasts, and students.

Nice, its going to cost you an extra $100 so you can buy an edition of Vista that will let you turn off all of Microsofts lame services so you can actually use your CPU power to play games instead of sending back your personal info to Microsoft. Someone needs to slap whichever fucking genius came up with this marketing plan.

458

General Security Information / Re: New Nmap Version

« on: September 11, 2005, 03:03:59 am »

Pssh, let us know when you get your name on something cool.

459

General Discussion / Re: Personality

« on: September 10, 2005, 08:25:36 pm »

Extraversion    ||||||||||    33%
Stability    ||||||||||||||||||    80%
Orderliness    ||||||||||||||    60%
Accommodation    ||||||||||||||||    70%
Interdependence    ||||||||||||||||||||    83%
Intellectual    ||||||||||||    50%
Mystical    ||||||    23%
Artistic    ||    10%
Religious    ||    10%
Hedonism    ||    10%
Materialism    ||||||||||||    43%
Narcissism    ||||||||||||||||    63%
Adventurousness    ||||||||||||    43%
Work ethic    ||||||||||||||||    63%
Self absorbed    ||||||    30%
Conflict seeking    ||||||    23%
Need to dominate    ||||||||||||||    56%
   
Romantic    ||||||    23%
Avoidant    ||||||||||    36%
Anti-authority    ||||    16%
Wealth    ||||    16%
Dependency    ||||||||||    36%
Change averse    ||||||||||    36%
Cautiousness    ||||||||||||||||    63%
Individuality    ||||||    30%
Sexuality    ||||||||||||    50%
Peter pan complex    ||    10%
Physical security    ||||||||||||||||||||    83%
Physical fitness    ||||||    24%
Histrionic    ||||||    23%
Paranoia    ||||||||||||    43%
Vanity    ||||||||||    36%
Hypersensitivity    ||    10%
Female cliche    ||||||    23%

Stability results were high which suggests you are very relaxed, calm, secure, and optimistic..

Orderliness results were moderately high which suggests you are, at times, overly organized, reliable, neat, and hard working at the expense of flexibility, efficiency, spontaneity, and fun.

Extraversion results were moderately low which suggests you are reclusive, quiet, unassertive, and secretive.

trait snapshot:
secretive, organized, clean, rarely worries, solitary, high self control, dislikes large parties, prefers organized to unpredictable, prudent, observer, tough, self reliant, very good at saving money, introverted, perfectionist, mind over heart, not controlling of others, hard working, confident, resolute, solitary, does not make friends easily, finisher, does not like to stand out, very practical, intellectual, unsympathetic at times, honest, respects authority, follows the rules, cautious

I'd say the trait snapshot sums me up rather well.

460

General Discussion / Re: New Orleans is Sinking

« on: September 07, 2005, 05:17:24 pm »

Uh, they've known about the threat of massive flooding in New Orleans for over 30 years. So I doubt they knew first and I also doubt anyone was surprised by what happened as a result of the storm. It was all very well predicted and they have 'dooms day' scenerios where 40,000-60,000 people died in New Orleans from a hurricane.

461

General Discussion / Re: Kanye West on Red Cross donations

« on: September 03, 2005, 09:50:28 pm »

People who are screaming the race card are fucking morons. I mean like its really the Presidents fault that the Governor and Mayor are incompetent? They had plently of lead time before the hurricane, but they failed to act and as such their people are suffering because of it.

A lot of the people on the streets are complaining about this too, but what you'll notice is that they have no TV or radio or anything else. They don't realize that help is on the way and only so much can be done so fast. Then you have the assholes like Jesse Jackson and Kanye West who are trying to advance their careers by attacking Bush and others. Fuck them, I hope someone shoots them.

I wish someone would do the math, a school bus can hold ~50 people. Consider the 20,000+ at the Superdome alone. 20,000/50 = 400. Have you ever seen 400 school buses all at once? Have you ever seen 800 bus drivers all at once? Can you imagine trying to manage 400 buses at the same time? Now consider the fact that they think there are 100,000 people still in New Orleans. One also has to include all the other towns that have been destroyed or damaged as a result of the hurricane. They all need assistance too.

Its rather clear that they had a plan. The plan just didn't scale to the number of people who remained in New Orleans because of lack of leadership on part of the Governor and Mayor.

It was reported on Thursday that Marines were taking over force protection duties in the city of New Orleans. Of course the media never mentioned this because they were too busy with their Iraq style reporting in which they only talk about the bad things. Screw them too, I hope someone shoots the reporters out there too.

462

General Security Information / LANL attack statistics

« on: August 25, 2005, 11:02:48 pm »

http://www.lamonitor.com/articles/2005/08/25/headline_news/news03.txt

On a $15 million a year budget, Los Alamos National Laboratory is waging a daily battle against a barrage of threats to its computer network.

Alexander D. Kent, deputy group leader for the lab's network engineering group, said 25,000 computers processing about 850 gigabytes of data in 20 million legitimate sessions a day are facing a growing risk.

A graph of Internet sessions between May and mid-August this year shows at least five million "malicious" sessions on slow days and 10-15 million during peaks.

On weekends, when LANL activity slows, 90 percent or more of the computer activity appears to be malicious.

Malicious activity could mean anything from a sophisticated hacker or terrorist or a foreign intelligence operative to unsophisticated pranksters and adolescent mischief.

The lab protects itself with network firewalls for its public network and "air gaps" - compartmentalization - for its classified net.

The numbers they have given a rather impressive. I'd never have thought that they would be getting 5 million on slow days.

463

Tutorials, References, and Examples / Re: [PHP]blocking ip address from viewing site

« on: August 23, 2005, 10:52:17 pm »

I'll blame you for not knowing better yet selling your PHP services! :p

464

Tutorials, References, and Examples / Re: [PHP]blocking ip address from viewing site

« on: August 23, 2005, 10:46:29 pm »

Note that given things like HTTP_X_FORWARDED_FOR are headers sent by the client they can be forged and as such checking only them is likely a bad idea. One should really be checking all possible ips and not just the first found one.

465

General Discussion / Re: Post your total time logged

« on: August 11, 2005, 11:50:23 pm »

what can I say, I'm not a forum whore.