Jason Cooper

What application is this that it doesn't work for? I usually just have a toolbox and the image window open when working (other dialogues can be docked into the tool box to save space). Most the tools have keyboard shortcuts so if you really do need all the space for your image window you can learn them and not need your toolbox visible. It uses as much computing power as needed for the task at hand. Really any modern computer will be able to handle image editing (or at least the basic image editing you seem to be after). What commands do you struggle to issue quick enough in GIMP. The chances are there is an easier/quicker way to get the same result, or you are doing very complex edits (and if you are doing very complex edits then you need the power of GIMP,Photoshop,etc).

Use GIMP, I know you don't want something that powerful but you don't have to use all the features. Just learn the very basics to get what you need done. Crop, use the crop tool Rotate by angle, Layer->tansformation->Arbitrary Rotation Resize, image->Scale Image Change contrast and saturation, Check out the colours menu and pick the method that gets the best results for you

Any good programmer will be comfortable with a number of languages, which as you say will be good enough for most things they have to deal with, but there will be those times when a programmer would be better off spending the time learning a new language rather than tackling a problem with a language that just isn't suitable. (e.g. if you are needing to customise a WordPress theme you are better off learning PHP rather than trying to use C.) This statement shines quite a bit of light on where you and Hyperant differ. Hyperant seems to like learning/teaching top down (i.e. knowing how the big picture works before worrying about the detail) and you seem to like learning bottom up (i.e. knowing how the internals work before worrying about the bigger picture). I had a similar experience myself. When I was at college I helped a lecturer convert their C tutorials/examples/coursework to C++. Of course due to the simplicity of the original C code the resulting C++ ended up being mostly procedural and not OOP. Did this help the lecturer, who knows? it did help me though understand a lot more about when OOP is a benefit to development and when it is a hindrance.

Not quite the same but will work just fine (cat6 was designed with gigabit networking in mind, while cat5 was designed with 100mb networking in mind). So if you have a cat6 cable that reaches, use it.

Again it depends on the size of the userbase that he is dealing with. For a small SOHO company then SAMBA is great, for a larger organisation the management of it all becomes a complete nightmare.

In a large userbase environment a RADIUS server can be very useful, especially if you want to do 802.1x authentication on the network (wireless or wired). Of course Radius servers and LDAP servers can work together in harmony with one using the other to pull out most of the information it requires from the other.

Most computer science degree's will introduce students to more than one language in their first semester. Perhaps Java is used as a counterexample, "Here is how you shouldn't be programming" :) Personally the language which taught me the most on my degree was x86 Assembly (taught in the first year at the same time as Prolog and Pascal). I had already taught myself C, along with BASIC and Pascal, many years before I started my degree but having learnt Assembly really made a difference to my understanding of the memory handling in C and helped me take my abilities to the next level. Would I teach Java to first year computer science students? No, partly because I don't really like Java and partly because I think that C and Assembly should be taught early on as it helps tie the programming side to the hardware side of computer science. Having said that I think students should be introduced to Java in their second year as it is now almost impossible for them to have a career where they won't have to deal with Java at sometime.

Feel free to go to your local library as well and see what books they have, they will probably be a few years old but should help you find which ones you can understand and get on with and then you can look at getting the latest edition. Newbie. :D Seriously though having knowledge of the workings of older systems has helped me and no doubt Mr-Protocol with lots of tasks and makes picking up new technology easier. Personally I think all techies should have have a go at coding for a system with limited resources. NOTE: 1GB of memory in XP doesn't count as limited, think 16KB of space in which to fit a working BASIC interpreter.

If he is wanting them to actually be library.com and catalogue.com then yes he would have to do some fudging of his DNS as you describe. Personally I would treat that as secondary task after confirming that the server is hosting the correct site on the correct port (pointing his browser at http://192.168.5.128 and http://192.168.5.128:8080 should be enough of a test). It is usually a good idea when setting these sorts of things up to do it in little steps so you know you are building upon a working base and don't have to spend as much time at the end figuring out if the problems are with the server, apache config, or DNS config that isn't working.

If you are just wanting to limit based upon port numbers, which it looks like you do. Then try something like this. Listen 80 Listen 8080 NameVirtualHost *:80 NameVirtualHost *:8080 <VirtualHost *:80> DocumentRoot /var/www/vhost1 ServerName library.com </VirtualHost> <VirtualHost *:8080> DocumentRoot /var/www/vhost2 ServerName catalogue.com </VirtualHost> The *'s are wildcards so it will listen on all IP addresses. As mentioned by digip you will need to put the :8080 on then end of the hostname in the url to get to catalogue.com.

So 27jr would become 000010 000111 101111 110111 which is 0000100 0011110 1111110 111 ignoring the last 3 bits for now is 4 30 126 which means you message starts <EOT Character> <Record Seperator Character> ~ Not very plain text really. Feel free to point out any mistakes in the decoding.

If your (0.9+A-/-z) is a hint at the order of your mapping then that would make the binary something like 000010000111101111110111011001111110010110000111101001110101110110011000011110100110100111011111101110111001101000001101111110111001000001100100110010111000111101111110010011010011101110110011101000001110100110100011001010100000110110111001011110011111001111000011100111110010101000010001101000101000011010001010100100101000001110111110100111100111101000010000010010010100000110001111011111110101110110011001000100000110011111010011110110110010101000001111001110111111101010100000111001111011111101101110010101000001100111111001011001011100001111010001000001110000111001011010011111010110010101011000100000110001011101011110100010000010010010100000110001111000011101110110111011011111110100010111000011010001010000110100010101001001010000011101111101111111010111011001100100010000011010001101111111011111001011110110110010111100100100000110110011010011101011110010101000001110100110111101000001101011110111011011111110111010000011010011100110010000011000011101110111100111011111101110110010101000001100011111001011000011100011110101111001011100100010000011101001101000110100111100110100000111000011100101100101111010011101001111001010000011100111101001110110111100001101100110010101000000101101010000011000101110101111010001000001101000110111111100001100101110011011101011101100110110011110010100000110111011011111101110010110111011111100010111011011010011101111111010111100110100000010110101000001100101110111011000111101111110010011010011101110110011101000001101101110010111101001101000110111111001000101110010000010100111101111010110001000001110000110110011001011100001111001111001010100000111001111001011101110110010001000001100001110111001000001100101010110111011011100001110100111011000100000110110111001011110011111001111000011100111110010101000001110100110111101000001100111110010111001011101011110001111010001100001110110011011001100101110111011001111100101100000011001111101101110000111010011101100010111011000111101111110110101000001110111110100111101001101000010000011101001101000110010101000001110011111010111000101101010110010111000111110100010000001000101010000100110010100000100000100010011001011100011110111111001001100101010001001000001100001110111011001000100000110000101000001100010111001011010011100101110011001000001100100110010111100111100011111001011010011110000111010011010011101111110111001000001101111110011001000001111001110111111101011110010010000011001001100101110001111011111100100110100111011101100111010000011100001110010110111111000111100101111001111100110100000110100111011100100000111010011010001100101010000011000101101111110010011110010101110 and assuming 0.127 means 7 bit ASCII rather than 8 bit then the message would be ~v?'.f&N~w~r&.~&Nv:&F*n/>hPhTJ>OB.f">O6**~n*?."OV*b/"Jv"phPhTJ.f">/6/fN^*&z^:N2wN~v*^."&FO/''JNof*j/".7.fgJv~rn~6/j.v~&Nv:n/&F~"rzbf.*.v"r*nnNbn/>*&z>..^Fff.v>,>nNbv~j>O&B&F*.V."e&.~&*v" N.2&/O&N~r~2/&.~&Nv:~/Nr&F*~'J Now assuming that is not the message you intended, I have either misread your hints or have a bug in my decoding script. Of course you could always have bug in your encoding script :)

It looks to me like you have just used an alternate mapping from BASE64 characters (0-9,A-Z,a-z,+,/) to the binary strings they produce. If that is the case then it is cipher as your mapping is the key that takes the plain-text and produces the cipher text. Yes that does make standard BASE64 a cipher, the only difference being that the key is public knowledge for BASE64. Of course you may have done something different, but strangely enough I don't have the time to waste running a frequency analysis of an encrypted message on an Internet forum.

Personally I do all my coding with vim, but then I am developing in different languages, sometimes it is on my local machine through windows and other times it is on a remote machine over SSH. Vim is well worth learning to use if you are going to be working on multiple machines and through a terminal at times, but it does have a steeper learning curve than most other editors. Of course there is also the third option of using emacs as your editor of choice.

So the first part of the token has to be unique when compared to all other messages the server is waiting to verify? Personally I would have had each message identified by a message ID that is unique to the verification server. This could be something as simple as a sequence that is easy for the verification server to deal with. What could be a useful exercise for you to do is to put together a simple graphic showing the flow of a message being sent and verified. (e.g. something like this http://security.crudtastic.com/wp-content/uploads/2010/05/3way.jpg)

Nice to see another person learning to use Perl, it is a great language. Try the Net::IP module for perl. It will let you replace your 4 loops with just one, and also give you the option of doing IPv6 as well as IPv4. Also consider using the Getopt::Long module for adding in switches and parameters as it will add very little code to your script but make it very versatile. Oh, to get the white-space to show in the code in your posts put it in code tags (pressing the <> button on the editor will give you a pair of code tags to paste your code between)

Does it connect back to the verifictation-server, the server that originally connected to it or the server related to the host part of the senders e3/email address? If it connects to the verification server then the spammer could just run their own verification server and put that in the email. If it connects back to the server related to the host part of the senders e3/email address then in theory this would stop the email being spoofed, but it would also present a possible denial of service attack. If the attacker chose a host that has a firewall rule to just drop packets for the relevant port then they could just send a mass of large emails to the server with e3/email addresses from that host. The receiving server would then try to connect to the host and only throw away the email when the connection attempt has timed out. The larger the mail received and the more of them recieved the more resources being spent holding onto fake messages. Another alternative would be send large fake emails, with the host of a target e3 server, to a number of other e3 servers, they would each connect back to this e3 server and pass it the large fake email. If you have enough machines doing this you can effective DDOS the server but without any of your machines communicating directly with the target.

I may have missed it, but I can't see the tokens explained in your document. How are they generated? Is it an common cryptographic standard token, or something else? Without knowing how the tokens are generated, used and verified we can't say how effective they would be at stopping spoofing. It's always good to get second, third, fourth, etc opinions on a new protocol's security, you just need to make sure to point out what you see as the benefits and deficiencies of the protocol. (e.g. it stops spoofing or it requires the use of GPG) I can't really comment on this till I understand the whole method that your protocol uses to validate a message. It seems very vague in your document (It is a first draft though, so you can beef this section up in the next revision).

Having skimmed your protocol I can't see what benefits it has over the standard email protocols, which are also open, and well documented in the RFCs like most other networking protocols in use today? If you really want to make a new email protocol figure out one that will work on both IPv4 and IPv6 which stops spam. Not an easy task and it is spam that stops most people from moving their mail servers over to IPv6 (blacklists which are one of the most effective ways to stop spam aren't scalable and IPv6 scales the problem of maintaining blacklists up massively). a slightly relevant xkcd entry

I wonder what would happen if you had a teensy set up to report itself as a mass media device of 10TB in size and then every time it is asked for what's on a sector it just returned a random bit stream.

If you are going to have a go with it look at using the pcap libraries as they will make you life easier when dealing with sniffing/captured packets.

I have never tried using tcpdump with are wirless interface in monitor mode, I suspect that you will have to do a bit of coding to get the results that you want or grab everything with tcpdump and then run the capture through wireshark. If you do start to investigate coding your own tool then the 802.11 standards could be useful reading.

It is referring to layer 2 data frames that it has captured. These don't include beacon frame but do include broadcast frames, they are different. The easiest way to think of it is that they are the actual frames from each computer that will reach other computers on the network. Frames like Beacon, Authentication, Deauthentication, etc. are only passed between the computer and the access point, and so aren't included as a data frame.

It isn't hard to calculate an offset. Take the final address value and subtract the original address value and there you have your offset. e.g. 0x0100 a 0x0101 b . . . 0x0105 f 0x0106 g To find the offset to g from a take 0x0106 and subtract 0x0100 which gives you an offset of 0x0006.

You do realise that you can use whichever one fits best in the equation. There are somethings that are more intuitive using tau and others that are more instinctive using pi, you don't have to pick sides (they aren't vim and emacs). p.s. a belated pi day to elegin :)