by R.I. Pienaar | May 9, 2004 | Front Page
Last night I went to see the Wolfsheim concert despite my earlier plans not to go. I was quite glad I went the concert was excellent.
The supporting acts were Trademark and Silence is Sexy.
I did not care much for Trademark, they seem to be a bit of a Kraftwerk inspired electronic band completely with glowing costumes and all, but it lacked something in the overall execution. Silence is Sexy was really good I thought, the female vocal has a very strong voice it may be worth trying to get hold of some of their music.
Wolfsheim was fantastic, it is mostly a 2 man band with what seemed to be temporary band members on drums and guitar, one member takes care of the music with the help of a Apple Powerbook while the other does all the singing, after listening to them now for 3 years or so it was really great to finally see them live other than on the DVD I have of their concerts.
The concert was held at the Carling Islington Academy. The venue is pretty small but has an impressive lightning system and good sized stage, the sound quality can do with some improvement though as there were quite a bit of distortion some times.
View the extended entry for some photos that I took with my Canon iXus 400, they wont allow you into concerts with professional camera equipment ๐
(more…)
by R.I. Pienaar | Apr 16, 2004 | Front Page
I always look at my web server logs, I find the various log spammers, bots and RSS readers really interesting. About a week ago I noticed a lot of log spamming all in a short period of time and thought something must be going on but waited till it happened again.
Today again I got 5 log spam attempts in a very short interval from different IP addresses. As this is the 2nd time this happens I can only imagine this is 5 machines that is acting in a coordinated fashion.
64.69.172.9 – – [16/Apr/2004:15:29:46 +0100] “GET / HTTP/1.0” 200 32759 “http://www.nudecelebblogs.com/” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)”
201.128.123.11 – – [16/Apr/2004:15:33:09 +0100] “GET / HTTP/1.0” 200 32759 “http://paris-hilton-video.blogspot.com” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)”
212.163.30.100 – – [16/Apr/2004:15:34:15 +0100] “GET / HTTP/1.0” 200 32759 “http://www.shatteredreality.net” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)”
217.219.165.3 – – [16/Apr/2004:15:34:46 +0100] “GET / HTTP/1.1” 200 32861 “http://britneyspearsnude.blogspot.com/” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)”
80.58.35.46 – – [16/Apr/2004:15:37:23 +0100] “GET / HTTP/1.0” 200 32759 “http://www.amateurxpass.com” “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)”
The IP addresses are in US, MX, ES, IR and ES and interestingly enough have exactly the same user agent. 2 of the machines are running mail servers and may also be NAT/Masquarading machines I am guessing.
Eitherway, I think someone is controlling a bunch of bot machines and using them to spam logs. I wonder if I contact the hosting companies of these sites if they will shut them down?
by R.I. Pienaar | Apr 6, 2004 | Front Page
After recent announcements from Google about GMail a small fry company in the web email business announced that they are offering 1Gb email to all current and new subscribers.
The company in question is Spymac for your free membership you get:
1Gb Email space
250Mb photo hosting
100Mb web space
Blog and Forums
WebDAV access to all your files
FTP Access to all your files
iCal hosting
You can read more about it here. Thanks for BoingBoing for the mention of this. I will try it out soon!
UPDATE: I tried it out, read the extended entry for my experience.
(more…)
by R.I. Pienaar | Apr 1, 2004 | Front Page
There is a bit of discussion on the Bugtraq list about a new Fragmentation Attack that seems to be able to take out most operating systems. The author has named it the Rose Attack. Will be interesting to see where this goes.
Of the machines I have had access to, this attack has caused any number of the following problems:
1) Causes the CPU to spike, thus exhausting processor resources.
2) Legitimate fragmented packets are dropped intermittently (unfragmented packets get through fine)
3) Legitimate fragmented packets are no longer accepted by the machine under attack (unfragmented packets get through fine) until the fragmentation time exceeded timers expire.
4) Devices like Cisco routers can have Buffer overflow, i.e. packets are dropped at high packet rates if there aren’t enough buffers allocated.
The following devices were tested and showed some or all of the above
symptoms:
1) Microsoft Windows 2000
2) Mandrake Linux 9.2
2) Cisco 2621XM
3) PIX Firewall
4) Mac OS/X V10.2.8 (FreeBSD 5?)
Nasty.
by R.I. Pienaar | Mar 31, 2004 | Front Page
I have had many conversations with people who believe that Apache 2.0 is a good server to run PHP under and never had enough ammunition to answer back at them. Well now thanks to Simon Willison I have it:
I finally found the answer today in this comment buried on Slashdot. It seems that one of the key features of Apache 2 is the new threaded worker module which uses threads to serve more requests more efficiently than 1.3’s multi-process based server. While the core Zend engine of PHP is thread-safe many of the critical libraries that PHP relies on for its advanced functionality (image processing, database connectivity and so forth) are not, and are unlikely to become so any time in the future. In a threaded environment PHP is likely to suffer from all kinds of unpredictable bugs. Apache 2 can be run in traditional 1.3-style prefork mode but doing so greatly reduces its advantages over 1.3. Combined with the lack of heavy duty testing on Apache 2 and the fact that the 1.3 series will continue to be supported for a long time to come it’s clear why PHP team are unwilling to recommend PHP and Apache 2 in a production environment.
This makes me wonder about all these so called enterprise ready Linux Distro’s that ship PHP in Apache 2.0 as a stable solution.
by R.I. Pienaar | Mar 26, 2004 | Front Page
Hooray for Microsoft, seems the much loved MS Word password protection is pretty lame (it’s not like anyone would trust this would they? The mind boggles)
Example 1
1) Open MS Word with a new/blank page
2) Now select “Insert” >> “File” >> browse for your password protected doc select “Insert” & “Insert” password protected doc into your new/blank doc
3) Now select “Tools” & Whey hey, voila, there’s no longer an “Unprotect document” … password vanished …
Read the full sad story here
