Jason Cooper

In regards to the original post I had to do something similar for Linux machine, where any domain not in the hosts file would be redirected to localhost. The solution I used was to run a local DNS server that would point everything to the localhost. As the order the OS resolves hosts is the hosts file then DNS it meant that anything not in the hosts file would be redirected to the localhost. While there are a number of tools that would run a DNS in the way described I chose to craft a 5 minute perl script to do the job, as I already had perl on the machines and space was limited. Here is the code I used, note that it binds to the localhost IPs (IPv4 and IPv6) so it won't be visible for other machines only the localhost. Also you will need to set up your machine to have its localhost listed as your only DNS server. #!/usr/bin/perl # A nameserver that maps all hostnames to 127.0.0.1 use strict; use Net::DNS::Nameserver; my $ns = Net::DNS::Nameserver->new( LocalAddr => ['::1' , '127.0.0.1' ], LocalPort => "53", ReplyHandler => \&reply_handler, Verbose => 0, Truncate => 0, ); $ns->main_loop; sub reply_handler { my ($qname, $qclass, $qtype, $peerhost,$query,$conn) = @_; my ($rcode, @ans, @auth, @add); # print "Received query from $peerhost to ". $conn->{"sockhost"}. "\n"; # $query->print; if ($qtype eq "A") { my ($ttl, $rdata) = (3600, "127.0.0.1"); push @ans, Net::DNS::RR->new("$qname $ttl $qclass $qtype $rdata"); $rcode = "NOERROR"; }else{ $rcode = "NXDOMAIN"; } # mark the answer as authoritive (by setting the 'aa' flag return ($rcode, \@ans, \@auth, \@add, { aa => 1 }); }

Variables being set to 0 and you can't spot where; my first instinct is to check all the places you compare that variable to anything else and make sure that you are using double = (eg ' if(x==0)') and not a single = ('if(x=0)'). Both will compile and run but operate very differently. It is a common mistake even for experienced C programmers. If you can't spot anything that way the break out the debugger and start stepping through your running code watching the variables that are being cleared, you should soon find out where they are being cleared and hopefully that will be enough to figure out what the bug is.

If you don't want to use C style pointers you could just pass your variable as a reference. e.g. load(room11); . . . void load(&room11) { . . . . [code]

That is exactly it, the main aim is to be able to reuse your engine for more games without having to alter the engine itself each time. It also enables you to then create tools to help you build your game. Creating a simple game with 5 rooms is easy enough to do manually but creating one manually that has 100+ rooms will slowly drive you insane. If you have a tool that lets you create rooms and connect them together on a map then you will be able to concentrate on the game design.

Good start, especially as you are just learning to program. It is definitely more complex than people usually tackle for a final project in a programming class. A piece of constructive criticism, for the next version look at separating the game data from the game engine (i.e. load the data from your events, rooms, items, etc. from data files). That way you can extend, develop and fix the game or even reuse your game engine for a completely different game without having to alter the engine itself.

Things that could give an attacker root on a system (not an exhaustive list) running your web server as the root user exploitable kernel exploitable suid'd program writeable home directories (if they can edit your files they can set up trojan versions of su or sudo to grab passwords) patience, if they wait long enough an exploit may be found that would give them root

For a GUI Client I would use Thunderbird, where I have the choice. Where people don't have a choice it tends to be Outlook that they have to use. If you are wanting a client you can use from the command line then Mutt and Pine are good established ones.

Externally hosted server, have you checked what backup options are available to you from the hosting company? It might cost a bit but they will be able to avoid tying up the servers bandwidth.

Just out of interest, is it blocking based on packet content of just port? If it is just ports that are blocked then you could run sshd on port 443 and not need to set up a VPN.

Don't forget good old sourceforge for hosting as well.

Personally out of the two I would go with the AMD A6-3400m, reasons being (based on a quick read of the specs of each): More cores beats clock speed these days If you do have a single threaded processor intensive task then the processor will boost the clock speed of the used cores (upto ~2.3GHz if just a single core is being used and the chip is cooled well enough). Note: the AMD A4-3300M can overclock one of its cores to 2.5GHz at the expense of the other, but you are far more likely to be using both of its cores which makes the option a bit pointless While the on chip AMD Radeon HD 6520G runs at 44mhz slower than the AMD Radeon HD 6480G on the other processor it has 80 more pipelines. Note: If you are planning on getting a laptop with a separate graphics card then really look at a different set of processors.

Depending on the device and its set up you might be able to get some information out of it via SNMP. Probably not the password but there is a chance that you can get the configuration or perhaps the firmware version of the device which you can then use to look for exploits. Failing that it could be a good time to bring the replacement of the router forward and replace it.

What is the OS running on the two servers you want to back up to the same disk? You could just plug it into one server and share the drive with the other server (If your network interfaces on your servers support gigabit Ethernet then invest in a gigabit switch so they can speak to each other faster). Then again if you could just by a second USB drive to backup to for about the same price as upgrading your servers connections.

You would most likely have to resort to defining you local char array and then manually copy the string from constant into the char array, then you would be able to get the address of the constant and the location of the char array. This is messy though and a waste of your time unless you have a very good reason you require the address of the constant used to populate your char array. You also open yourself up to horrible problems if you change the length of your constant but don't update the size of your char array as you could overwrite parts of your stack (of course you would use strncpy and not strcpy to avoid this).

Yes it is pointing to the stack, but the good news it that is where the string it is pointing to is located. When the function is called it creates two pointers that it then sets to point to a constant string (hence them pointing into the .rdata section. It then creates a pointer that points to a char array. The char array is a variable, not a constant, so it has to create the char array on the stack. Once it has created the char array it can set the pointer to point to it.

Not sure if you figured out your grep issue, but I can't see an answer posted yet so I figured I should take a stab. There are two ways to use grep. The first is to grep for something a file or files. To do this you provide grep with the search string and the files to look in. grep root /etc/passwd /etc/shadow[code] The second way is to grep for something from stdin (stdin means standard input, from the command line this is either going to be from the command line or from the output of another command piped into your grep command. try [code]grep frog then type in a line of text containing "frog", the line will be repeated for you by grep. Then type in a line of text that doesn't contain "frog" and the line won't be repeated by grep. When you have finished playing press CTRL+D to end the command (CTRL+D sends an end of file to the program so it believes that stdin has been closed and stops running) Now try ps -elf | grep bash[code]which will show you all processes that contain "bash" in their ps results, this is a very useful little trick as you can use it find the process id (PID) of a process that has hung or got stuck and then you can use the kill command to kill that process. Now the most likely reason that your attempt at using grep took so long was that you had used it without piping into it or providing it with filenames to search, so it was sat waiting for input from the console. If that is the case then it will wait until it either receives a CTRL+D from the console or you kill the process.

perl -e '$_=0; while($_<10000000000){print "$_\n";$_++};' > numbList.txt or perl -e '$_=0; while($_<10000000000){print "0"x(10-length("$_"))."$_"."\n";$_++};' > numbList0padd.txt

theEnd.cobra.unit is connecting 3 subnets together and running pfSense, looks to me like a router. Or to put it another way he doesn't need another router as he has one doing the job already.

Your DNS server doesn't need a NIC per subnet it is being used for lookup from. If that was the case then corporate DNS servers would require thousands of network interfaces. Leave the routing between subnets to routers (theEnd.cobra.unit looks like it is routing between the subnets in this case). Of course you will have to make sure that your firewall between your subnets doesn't block DNS access internally.

Assuming your web server is hosting The Lair, then it works from outside your network. So your DMZ firewall rules are working. If you can access it locally via IP then that leaves us with the local DNS setup. What do you get when you use nslookup to lookup cobra.unit and theboss.cobra.unit?

Which direction are you trying to connect to the LAMP from? if from within the network and the DNS is set up you just need and an 'A' record (assuming IPv4 if you want IPv6 then use an 'AAAA' record, or use both for IPv4 and IPv6) for cobra.unit that points to the servers IP address. Or you could add a CNAME record that makes cobra.unit an alias for LAMP.cobra.unit. If you wanting external access to the LAMP server by the cobra.unit hostname then you will be in for a bit of a problem, as I don't believe that unit is a valid internet domain. You could always get a valid internet domain and point it's DNS records at your server (assuming that you have a static IP address) or use a dynamic dns service (best solution if you don't have a static IP address). Note your external IP address will be different for your LAMP.cobra.unit server than the internal IP address (asuming you are using NAT).

Personally I don't think it would be morally just to DDOS the site, as a DDOS will have impact on the network hosting the site and any other networks connected through the routers that route to the site. It isn't just the one site. To put it into your analogy it would be like gunning down the murderer in a busy public area, thus killing the murderer and any of the general public near by.

HTTPS wasn't directly vulnerable, just the entire infrastructure around it. They just exploited the fact that most communications don't use HTTPS and so you can manipulate them easily and avoid any links into HTTPS and steal cookies/sessionIds from the http stream. The new attack retrieves plain text from the TLS1.0 cipher stream. Of course we haven't seen the new attack yet, but is reported to require some JavaScript to be run on the client browser as well as a packet sniff intercepting the traffic. The reports I have seen differ between mentioning a 30 minute and a 10 minute processing time to retrieve enough plain text to expose the cookies.

From skimming the RFC's I don't think new certificates would be needed as TLS 1.2 requires a X.509v3 certificate just like TLS 1.0 (So if they are doing TLS 1.0 their certificate will most likely be suitable for TLS 1.2). The big limiting factor is that openSSL doesn't support TLS 1.1 or TLS 1.2 yet. You can get support for apache for TLS 1.2 thorough gnutls but for most sysadmins that is a lot of work. The good news is that I now expect openSSL to support TLS 1.2 in the not to distant future.

If every inch of screen space is required for other things you could try ImageMagick which runs from the command line. It probably won't be able to do everything you are after but it is an alternative. It is a shame that GIMP doesn't meet your needs. It sounds like what you would need is a batch mode for GIMP so you can process all your photos without having to do everything manually for each one.