man, am i out of it! mt 2.2 has been out for almost a month now! i’ll have to install that baby soon!
…
some of the new features look cool… trackback, etc. looks like fun! and mysql support is a very welcome addition.
Comments Off
a few nights ago my wireless link started acting up. i could only get a connection within a few feet of the base unit - normally i can get a decent signal even out on the deck or upstairs. then tonight it dawns on me - i had another 2.4Ghz transmitter sitting right next to the base unit! duh!
yeah, the other day i got out this vga/tv/audio transmitter i got a couple years ago to tinker around with some. well, the idiot that i am, didn’t unplug it so it was interferring with the 802.11b signal. guess it’s a good thing my phone is only 900Mhz!
Comments Off
long time, no post… geez, well again busy at work and home… a stupid cookie issue arose with our product and windows nt 4.0. i couldn’t track the real problem down after several days of testing, installs, google and microsoft searches, but i was able to put a patch in place. kudos from the boss was nice, but i hate not having a true solution.
the problem was that ie 5.5 on nt 4.0 was loosing it’s cookies (tossing it’s cookies?) when we open a new browser window. i know that windows creates new processes for new windows in ie (if you’ve got more than 32 megs of ram installed) and we had issues several years ago with ie 4 and nt 4.0 with new windows… but i could not duplicate the problem at all! so frustrating! i put a patch in to pass the data via the url instead of a cookie and that works, but i wish i knew the combo to duplicate the problem. cookies aren’t really any more secure than url params if you’ve got a sniffer anyway, but it was a cleaner implementation. we’ll have to see what works in the long run.
Comments Off
ok, i read every “hacker” book i can get my hands on. i use the term “hacker” in the real sense, but i’ll check out the “cracker” ones on occasion as well. some of my favs are hackers: heroes of the computer revolution and the cuckoo’s egg. i’m currently reading the fugitive game, which is a better look into kevin mitnick than takedown was. takedown was told from tsutomu shimomura standpoint, who sort of led police to mitnick after being hacked by mitnick himself. takedown was co-authored by john markoff who had really put out some bull shit about mitnick over the years - although i still have enjoyed reading a few of his books.
anyway… there had been many reports of a movie based on takedown and i come across various entries in movie databases, but never saw the movie itself. well, thanks to my buddy tony, i’m watching it right now. while it’s gone under different names, such as “hackers 2: takedown”, etc., it’s officially just “takedown”.
i’m about 40 minutes into it and so far it’s been laugh-able in many respects. i’ll need to re-read takedown to refresh my memory of the story, but i don’t think the story goes like what i’m watching. i hate when they use the term “based on the book” - so i guess that means they can screw the story up as much as they want. amanda peet is hot, though.
…
ok, just finished watching it. i’m always interested to see how the movies and tv will portray the act of “hacking code”. there weren’t too many images or equations floating around like in the movie hackers, so that’s a plus. but the story seemed too flat - one dimensional or something. i can deal with them wanting to protray mitnick as evil - i don’t like it, but i’ve come to accept it - but the movie needed more.
Comments Off
the long weekend was very enjoyable. good food, parties and fireworks on the 4th. my friends, aaron and beth, got married on saturday - i videotaped it so i got to join the rehersal festivities on friday as well. sunday got in some frisbee golf, then stopped by beth’s parents for an impromtu viewing of the ceremony and reception.
well, back to the grind in a big way! today was another day of frustration digging in to more isa proxy issues and such. last week read the http 1.1 spec to clarify proxy and caching issues. ms isa server continues to cause me grief. keep alives, content-length and isa don’t mix well with our stuff. but i will figure it out…
Comments Off
arg! today we found that coldfusion has issues with isa server as well! so i’m off to packet sniff again. these are very strange happenings! now when the client get a R packet after a POST request response returns, it resends the request as a GET!
well, the prolific writer in me must have come to an end. just been busy - that’s the usual excuse for not posting, right? well, last week was busy, frustrating, but ultimately productive.
i solved the ms isa proxy issue with our application, thinkingfolders (tf). took a few days ’cause i’ve been focused on development over networking. i got a crash course in cisco switch configuration - we had a spare 2912 that i configured to mirror ethernet traffic from the internal nic of the isa box to a linux box running snort to log the http traffic being sent to/from our tf client applet. i also configured an external 2924 switch to mirror the external http traffic send to/from the isa box to moby (my laptop) running snort to capture those packets. (snort rocks - i’ll post more later)
the issue we had was that our applet, which makes soap requests to a servlet, would throw a internet file read error or something like that, after making the request - when ie was set to use the isa box for its proxy. this only happend when ie was set to use isa as a proxy, not with the firewall client installed, which worked perfectly.
last monday was when i actually setup my little test switched network. over that previous weekend i installed the squid proxy on my home adsl network firewall to see how well tf worked. things worked pretty well - no file read errors, at least. (i’ll have to revisit some caching issues later.)
one obstacle i overcame was that the ethernet adapter in moby’s docking station is only a 10 meg adapter which would not run in promiscuous mode - needed to capture packets not specifically destined for moby. using a usb 10/100 adapter i had lying around did the trick - linux detected the adapter as soon as i plugged it in!
i’m not an expert in tcp/ip so it took me a bit to figure out the snort output, but it wasn’t to tough since i’ve done some tcpdump stuff before. i did a capture using the proxy and one using the firewall client to get a “bad” dump and a “good” dump of the data.
after finding the packets that were been returned to the client, i noticed that after all the errors, one of the trailing packets contained the R flag. the R flag is to reset the connection. that was a big clue to the problem.
then I started to analize the http headers. i knew that the applet was having no problem loading static xml files. the problem arose when we issued a soap request that the request processor servlet would then send a dynamic response. so what did the headers show? well, the static files all had the standard fair that apache sends back, including “connection: keep-alive”. guess what the servlet’s http headers had, yup: “connection: close”.
this was telling the applet to close the connection. so what i’m assuming is that, since the request is actually being submitted by the proxy server, the request that gets back to the applet closes before the applet closes its input stream - even when it looks like the whole xml response is there.
so from there we tried coding the servlet to put the keep-alive headers in, but all we got back was a dual connection entry: “connection: keep-alive, close” which would close the connection still. so it was off to google to do some more searching.
since i knew what i was looking for, i found this cool article on keep-alives and java. what i did not know was that servlets put “connection: close” headers if the response is greater than 4k and you don’t send a content length header. once we knew that, we added one line of code to the servlet to send back the content length and, bam!, it worked! ahhh!
the boss bought us a 12 pack of beck’s!
one thing i still want to investigate is how proxies work at the tcp/ip level. isa seems to send http 1.0 headers (”via” header) instead of http 1.1 headers that ie sends, so i want to know what problems this will cause.
Comments(2)