collapse collapse

* Who's Online

  • Dot Guests: 85
  • Dot Hidden: 0
  • Dot Users: 0

There aren't any users online.

* Board Stats

  • stats Total Members: 88
  • stats Total Posts: 11163
  • stats Total Topics: 1699
  • stats Total Categories: 4
  • stats Total Boards: 76
  • stats Most Online: 248

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - Nathan

Pages: 1 2 3 4 [5] 6 7 8 9 10 ... 46
121
Just got this one on my work connection. I think it's a lot more common to not have a reverse PTR set up than you think. :)  I'm posting using an ssh tunnel from my server now.

I thought that majority of the bots are coming from infected users' computers anyway, over a normal customer line, and this wouldn't help much. I could be wrong of course.

Just out of curiosity, why are you forbidding everything from people with no reverse PTR? Why not just check it at registration time, if it has to be done at all? It'd save your resources too, and to be fair I can remember only one or two cases of spam bots in the last many months. Maybe I haven't just been on the right time and place, though.
I have noticed a large percentage of spammers are coming from IP addresses without PTR records. I don't have hard numbers, but I would venture to say about 40% (this is including comment spam on my blog).

That message came from a project I put into production - CentralACL. Basically, its a way to plug into to an application to carry blocks across applications. I am growing tired of maintaining iptables rules, and it's not very effective considering the spammers come from all over the world from different IP addresses. This project would also allow me to specify a TLD that gets returned from a PTR and compare it to what I believe to be "bad". Which, in phase 2, will allow an individual to jump through some hoops to add themselves to a whitelist - which is something very hard, if not impossible, if I continue with iptables rules.

Upon reflection, the "blocking" is too restrictive. In the new version, which I should be working on tomorrow night, will allow GET requests, but a POST request will show an error message like you see.
Obviously, this is a premature launch, and I think I should get unblocking working FIRST before I put it here.

After I had my "epiphany" I removed it from this forum. I am learning some interesting things, especially the number of people who still use IE 6.0. I would be more than happy to show you the data I have collected so far.

Upon more thinking, I should create a "passive" CentralACL that just listens to requests and logs data. You may be saying "Isn't that what the Apache logs are for?", I would normally say yes but unfortunately it is hard to parse through a multi-gig log file. I have ordered a massive amount of storage (see other thread) and plan on snarfing it into a MySQL database so I can run some reports.

I apologize for you getting that though, I don't seem to have patience when it comes to releases. I seem to be in need of a "release manager" ;).

122
Updates / Re: Deleting spam accounts
« on: March 21, 2011, 10:00:00 pm »
Seriously? I'm curious on how you plan to do that. Aside from preventing unknown mail addresses, I don't know of any other way personally.
One thing I have noticed is that many of the spam users don't have a PTR record set for their IP.
I would put a bet that at least all residential ISPs in the US set a PTR record, and while some businesses don't - I would argue that you should have SOMETHING. I would be suspicious of a user that doesn't have one set.

In the same script (PHP script for easy integration) I will maintain a blacklist database, similar to what I have been doing for putting blocks into iptables but instead this will be easier to maintain. Putting in just IPs is fairly useless because they happen all over the globe, but with this script I can store DNS names and block based on reverse PTR names. This blacklist DNS list probably will never contain US companies, but domain names like "nexlinx.net.pk" and "3bb.co.th" would most certainly be in there.

If they match the criteria of no PTR or blacklist they will see a nice message telling them to go scratch.
DNS resolution could be a problem, which is why I have a recursor running locally on my network. The only bottleneck, in theory, would be the ISP's DNS server responding to my query.

That is phase one, phase two will include a way for them to unblock themselves - which is inevitable considering the ranges and domains I will be putting in. It will include information such as email, name, captcha, and email verification. And perhaps a random quiz to make sure they are actually competent and understand english - they will only get one shot, before a permanent ban, at it and it will ask questions like "What is Facebook?" "Which of the following is a programming language?".
Why english? I don't speak/read/write any other languages, but that doesn't mean in some phase afterwards I create a language drop down menu for users who speak a different language.

This script will also log activity of "banned users" and in phase 3 I can have a script that scans the activity log and after a certain threshold it puts a block into iptables. Which, hopefully, this will spin off into my next project.

Of course, a worthy question is why create such a script when SMF has something like that built in. Three reasons:
*) SMF doesn't have a mechanism in place for a user to unblock themselves
*) I want to use the same database/system across ALL of my applications/services
*) SMF doesn't record indepth activity that I am interested in

...at least that all sounds like a good idea to me.

I don't mind being a test subject. But all that looks fairly tricky to implement properly. Wish I had time to keep up with all this stuff. I still have 2 months and I'm killing myself trying to get ready. Organizing my computer data and backing stuff up is taking ages.
I plan on testing it on my blog which seems to get a lot of spam first. Then after it looks like it all works, I'll put it into this site.

It's actually not hard at all to implement - PHP provides all the necessary "tools" to do this.

123
Updates / Re: Deleting spam accounts
« on: March 21, 2011, 09:36:43 pm »
Seriously? I'm curious on how you plan to do that. Aside from preventing unknown mail addresses, I don't know of any other way personally.
One thing I have noticed is that many of the spam users don't have a PTR record set for their IP.
I would put a bet that at least all residential ISPs in the US set a PTR record, and while some businesses don't - I would argue that you should have SOMETHING. I would be suspicious of a user that doesn't have one set.

In the same script (PHP script for easy integration) I will maintain a blacklist database, similar to what I have been doing for putting blocks into iptables but instead this will be easier to maintain. Putting in just IPs is fairly useless because they happen all over the globe, but with this script I can store DNS names and block based on reverse PTR names. This blacklist DNS list probably will never contain US companies, but domain names like "nexlinx.net.pk" and "3bb.co.th" would most certainly be in there.

If they match the criteria of no PTR or blacklist they will see a nice message telling them to go scratch.
DNS resolution could be a problem, which is why I have a recursor running locally on my network. The only bottleneck, in theory, would be the ISP's DNS server responding to my query.

That is phase one, phase two will include a way for them to unblock themselves - which is inevitable considering the ranges and domains I will be putting in. It will include information such as email, name, captcha, and email verification. And perhaps a random quiz to make sure they are actually competent and understand english - they will only get one shot, before a permanent ban, at it and it will ask questions like "What is Facebook?" "Which of the following is a programming language?".
Why english? I don't speak/read/write any other languages, but that doesn't mean in some phase afterwards I create a language drop down menu for users who speak a different language.

This script will also log activity of "banned users" and in phase 3 I can have a script that scans the activity log and after a certain threshold it puts a block into iptables. Which, hopefully, this will spin off into my next project.

Of course, a worthy question is why create such a script when SMF has something like that built in. Three reasons:
*) SMF doesn't have a mechanism in place for a user to unblock themselves
*) I want to use the same database/system across ALL of my applications/services
*) SMF doesn't record indepth activity that I am interested in

...at least that all sounds like a good idea to me.

124
Updates / Deleting spam accounts
« on: March 20, 2011, 04:19:59 pm »
I'm on a mission to prune spam accounts. There is still a bunch of spam users, but I have thought of a way to cut down on them being able to register in the first place.

125
General Talk / Re: yahoo not working? [or not?]
« on: March 20, 2011, 03:46:02 pm »
is yahoo actualy working for anyone ?
i'm trying to get on my mail but it only says "connecting to mail.yahoo.com"
all other sites work fine , but yahoo and all its sub sites are failing all together

EDIT
WTF , as soon as i post this it started working again ( after at least an hr of failure )
Sounds like a temporary DNS issue.

126
General Talk / Re: High Res Satellite Images of Japan aftermath
« on: March 15, 2011, 08:09:31 am »
Can you point out any specific points? I scrolled around and for the most part it doesn't look bad.

127
php / Re: [BOREDOM] [IMPROVED] Simple PHP Port Scanner
« on: March 09, 2011, 07:11:58 am »
Then wouldn't it be faster to create multiple threads to scan multiple ports?
Considering PHP wasn't designed for this - it would probably be better to use Angry IP Scanner - http://www.angryip.org/w/Home

128
C++ / Re: vector problems [updated]
« on: February 26, 2011, 07:13:31 am »
ok that works but but i just realized a problem with that ><

i cant access var ( in particular a vector called Inventory ) of the child class

Object
  |--Item
  \--Player ( Inventory Vector of Items )

plus i apperently cant have the vector in the object class either
work arounds any 1 ?
 
i'm thinking have a pointer to an empty pointer that will be set to the vector ... only idk how to use pointers or if it will even work
I don't think I understand, can you post some code?

129
C++ / Re: vector problems [updated]
« on: February 25, 2011, 07:39:36 am »
ty , that fixed it

as well as explains why this didnt work earlier XD
Code: C++
  1. objList[0].push_back(Object("name","id");
  2.  

but that aside , would a vector like this be able to hold classes derived from this class ?
In thoery yes, if you did a cast. Are you wanting a vector to hold 2 types of objects?

130
php / Re: Online Checker
« on: February 20, 2011, 05:21:11 pm »
$arrayofports is not any array you probably want something like:

$arrayofports = array();
$arrayofports[] = $counter;

And you are doing a port scanner in PHP? I think you want to rethink you approach and try something like the "angry IP scanner".

131
php / Re: ASCII Text to UTF-8
« on: February 19, 2011, 01:16:01 pm »
Um, maybe because i WANT to........
You know that won't work with a web form right?

132
php / Re: ASCII Text to UTF-8
« on: February 18, 2011, 05:53:47 pm »
... I'm expecting to put in a string that's in complete ENGLISH such as "hello" and returning it's UTF-8 form. It would still say "hello", but in UTF-8.

Wait...
Why are you doing this?
Code: PHP
  1. $input = file_get_contents("php://stdin");
  2.  

133
php / Re: ASCII Text to UTF-8
« on: February 18, 2011, 09:44:39 am »
It's not returning the UTF-8 version of the ASCII text.
What string are you inputing and what string are you expecting to get out of it?

134
C++ / Re: Using variables from header files?
« on: February 18, 2011, 09:42:48 am »
header.h
Code: C++
  1. #ifndef
  2. #define HEADER_H
  3. class myClass{
  4. public:
  5.       int j;
  6. };
  7. #endif
main.cpp
Code: C++
  1. #include <iostream>
  2. #include "test.h"
  3. int main(int argc,  _TCHAR* argv[])
  4. {
  5.       cout << test::j << endl;
  6.       return (0);
  7. }

What is the problem with this? Also what is the difference between:
Code: C++
  1. #include <test.h>
And:
Code: C++
  1. #include "test.h>
For your first question if you want to do that, you have to label the variable as static. I would stick with Justin's response though.

135
General Talk / Re: The date has been set!
« on: February 16, 2011, 01:00:01 pm »
Will you keep the site up after you leave for basic and then whatever happens after that? I hope so, oh and good luck  :)
Unless Justin says otherwise, as far as I'm concerned it will stay up (as I am the one hosting it after all).

136
php / Re: ShadowIce's question
« on: February 13, 2011, 05:11:00 pm »

137
php / ShadowIce's question
« on: February 13, 2011, 04:49:10 pm »
Question from the chat:

Code: PHP
  1. <?php
  2. $hexstr = "#FF0000";
  3. $firstgroup = substr($hexstr, 1, 2);
  4. echo $firstgroup;
  5. ?>

138
General Talk / Re: Dreams
« on: February 13, 2011, 12:46:33 pm »
I once had a dream where I was in the first person view of someone and they were clicking along, then a pop-up comes up for the fake AV. They then click it, all the while I'm trying to scream "don't install it! It's malware!" and the user clicks it as if he didn't even hear me. At that point I woke up.

Sometimes I think it wasn't a dream, it was actually a real person doing it.

139
Request A Program or Tutorial / Re: C++ Program help
« on: February 13, 2011, 12:42:24 pm »
Hi, This is my task

Write a program that reads several lines of text from the keyboard and prints a table indicating the number of occurrences of each letter of the alphabet and the number of one-letter words, two-letter words, three-letter words, etc., appearing in the text. Assume that the maximum length of a word is 10 characters long. For this program you should use at least three functions.

-If not give me the whole program but could someone just explain what to use and like pointers on how to do this program... it would be very helpful. plz and thnak u
File I/O - http://celestialcoding.com/index.php?topic=22.0
Arrays - http://celestialcoding.com/index.php?topic=20.0

Let use know when you got some code written up and we can help you from there. From your experience in the class you should be able to write the starting int main() with the necessary includes.

140
General Talk / Re: Hardware upgrades
« on: February 13, 2011, 08:06:32 am »
Ah well, the conversion rate from EUR to USD is dirt cheap anyway. $30 it is. Can't help much more than that though, sorry. Got my own bills to pay as well. ;)
Thanks I appreciate it. :)
Every penny does help, in fact I have started to collect tips for when I make coffee at work and I've almost made $20.

141
General Talk / Hardware upgrades
« on: February 12, 2011, 11:17:29 pm »
I know I have mentioned to a few people about my backup solution (perform a full file/MySQL dump backup) every night. As of right now that doesn't work too well for me to maintain because I have attempted to burn the backups to DVD but it's simply too much and I can't burn it fast enough. I just bought a new computer so I will be holding off purchasing anything expensive for awhile but my plan is to buy this:
http://www.newegg.com/Product/Product.aspx?Item=N82E16822122010&nm_mc=OTC-Froogle&cm_mmc=OTC-Froogle-_-Network+-+Storage-_-Netgear+Inc.-_-22122010
With 4 1TB drives.
Which I estimate will cost about $70/each (with a spare) so total:
NAS - $329.99
5 1TB HDs - $350
----
Total - $670.99

On the same thought, blu-ray has come down in price and being able to store 25GB/disc vs 4.7GB/disc will go a long way and make the manual process of backups a lot easier.
That cost I estimate for the burner ~$95 ( http://www.newegg.com/Product/Product.aspx?Item=N82E16827136181 ) and media seems to be about $25-30 for a pack of 25 discs.
Burner - $95
Disc - $25
-------
Total - $120

I would like to purchase something offsite like S3, but the cost does not scale. Also, I need to purchase 3 servers/systems to run a development and 2 production Hypervisiors (VM hosts). I estimate this will be ~$500/system. The purpose of this is to consolidate what I have running today and make it easier to add systems. Why 2 production Hypervisiors? 2 Domain Controller servers, 2 DNS servers, load balancing - it wouldn't make sense that they live on the same hypervisior.
Total - $1,500

Total cost to upgrade - ~$2,290.99

Everything seems to be running fine right now (knock on wood) but I would really like to expand and become a little more "professional" in my hosting services. I can probably eat a lot of those costs, but I would really appreciate it if some people made a few large donations :).

142
I want to prevent my group-mates to plug a USB Storage Devices in my computer. So they can't copy and paste my files like my PORN videos  :P
It's called disabling autorun and locking your computer.

143
Hardware Support / Re: Windows 7
« on: January 23, 2011, 09:06:12 am »
Not so much in using Windows 7...It just irritates when I have to install some of my required software's and it creates problem.
How does it create problems? I can't think of a single (modern) program that I installed that didn't work and/or interfered with other applications.

144
C / Re: Connecting Visual C++ 6 to Microsoft SQL Server 2000??
« on: January 18, 2011, 11:39:59 am »
Hi,

How to Connect Visual C++ 6 to Microsoft SQL Server 2000?? Do you guys have any idea??

Thanks in advance!.  :D


http://msdn.microsoft.com/en-us/library/aa198030(v=SQL.80).aspx

145
XHtml/Html / Re: Set a certain frame after clicking a link?
« on: January 05, 2011, 10:31:05 pm »
Hi. I am trying to create an HTML help file for my program, and would like to know how if you click a link inside ANOTHER frame, it will set the frame right next to it to that page.

So here's how it would work:

i want to click something in frame 1, and have it change to another page in frame 2.

________     ________
|          |    |           |
|          |    |           |
|frame 1|    |frame 2 |
|          |    |           |
|______|    |_______|
You would be better off creating a PDF for a helpfile.

146
Humor / Re: Hacker vs Thief - Don't fuck with a hackers machine
« on: January 01, 2011, 06:20:48 pm »
Saw this from a post on facebook. It's defiantly very interesting, but really who would steal a Mac? Those things are freaking heavy.

To be honest, I would have cameras setup inside and outside my house with motion detection among other security measures.

147
DarkBASIC / Re: Wordwrap / type writer problem
« on: December 30, 2010, 05:53:08 pm »
Posting screenshots would be helpful.

148
Javascript / Re: mouse-over help
« on: December 28, 2010, 09:41:31 am »
Where is your code?

149
DarkBASIC / Re: Need help with Camera code...
« on: December 26, 2010, 10:59:59 am »
I can't help much with this since it uses DarkBasic and the language so terribly limited. I hate to send a fellow member away, but since we specialize in many languages, you may want to try out a forum with DarkBasic as a primary language. I don't think we can help you anymore since few of use even use DarkBasic.
Doesn't DarkBASIC have a trial version or something?

Edit: Yup: http://www.thegamecreators.com/?m=view_product&id=2000&page=free

150
Technology / Re: iPhone 4 antenna (The unresolved problem)
« on: December 26, 2010, 10:59:27 am »
I just prefer it, I noticed that there wasn't acctualy no fix for it, but the guy at the mobile shop lied.
Tut tut t-mobile.
T-Mobile doesn't sell iPhones.....they are still exclusivity with AT&T.
In fact I have an HTC HD2 and the screen is about twice the size and it really makes a difference.

Pages: 1 2 3 4 [5] 6 7 8 9 10 ... 46

Donate


* Search


* Recent Posts

Image Comparison by Shishka
[May 15, 2017, 01:18:02 pm]


Re: srchub - free source code hosting by Nathan
[December 14, 2015, 11:37:02 pm]


Re: srchub - free source code hosting by Celestialkey
[November 27, 2015, 08:51:42 am]


Updates by Nathan
[October 30, 2015, 08:27:36 pm]


Re: Client-Server Messaging by Nathan
[October 25, 2015, 05:48:57 pm]