Older blog entries for Stevey (starting at number 32)

 I've recently started looking at pcap, the packet capturing library for Unix/Windows, and thinking of writing something to use it.

 I've written clients + servers before, and I've designed protocols which assume insecure networks - but I've never actually written any kind of sniffing tool and I can't help thinking it would be interesting.

 So having wardv point out NGrep + Ettercap has me a little miffed. I had heard of dsniff before - but not those other two tools

 I'm a little lost now, I was thinking of writing something like ngrep; a grep-like tool which could search through current network traffic. (I'm not really interested in sniffing passwords, etc, it's of limitted real life non-blackhat use).

 So if anybody has any interesting ideas of network capture/sniffing tools they'd like written drop me a line...

 I guess I should mention that I've heard of 'snort' already - and I use netcat on an almost daily basis..

 After a busy weekend I finally made the first release of GNUMP3d to support external plugins.

 It's been out for a couple of days now and I've had a few mails from people asking about the plugin API which I regard as promising. (A few people asked whether it would let them do really bizarre things; so it's gonna be interesting to see whether the API is open enough for them to pull it off).

 Randomly looking around Freshmeat I see that my project is more popular than Samba, Portabl OpenSSH, Webmin, GCC, Debian, XMMS, Links, and Gaim!

 That's very flattering but clearly bogus.

 My previous entry contained my dilemna about forking a project - after a night at the pub last night I decided that I'd make my changes publically available, and I've now done so. I thought natural selection would ensure that the better version survives, either that or the original author would be spurred to do more work on his project that my version is no longer necessary.

 That's the first time I've been in this situation and it was slightly strange. I mailed the author another bug report yesterday and ironically received a reply this morning. Maybe I should take down my copy of his code.. I'll wait and see what he says.

 In a previous entry I mentioned that I thought I'd found a bug in the advogato code but that I wasn't sure.

 The bug was that it was possible for a user to rate their own diary. At the time I called it malicious because it allows the rating to be subverted. Which potentially undermines it's usefullness.

 Now that I've thought about it I guess that the net effect is very slight and it's probably not worth worrying about, especially given that it's possible to certify yourself...

 Hmmm, maybe it's about time I certified myself ;)

 When I first joined Advogato I didn't because I know what I think of myself and was more interested to see how other people would rate me.

 GNUMP3d now handles user generated playlists. Huzzah!

 When I fix the syslog support there'll be a new release. Today? Probably not - I've just been out to buy some cat food for Tigger and it's a beautiful day. I didn't want to come home - but he looked so folorn this morning, standing in front of his mostly empty food bowl that I really had no choice...

 Recently I've been using a small tool which puts transparent icons upon my desktop.

 This compliments the simple window manager I use IceWm and gives me a nice working environment.

 However the program has some buggy behaviour, (like crashing with >10 icons - or when dragging icons off the screen). I've fixed these bugs, tidied up the code a lot, and added an Autoconf/Automake build system.

 Like a good user I mailled the author about each of the problems and described my fixes. No response. No updates to the code - which has only had one public release.

 So, what do I do? I'd like to package up his code + my changes/enhancements and make it publically available. Is this the right thing to do, or not? Intuitively I feel that it is, as it lets other users take advantage of the bugfixes, but it feels almost like I'm hijacking an existing project. So I'm torn.

 My streaming MP3 server now has support for plugins which I've used to reorganise a lot of the existing code. I'm hoping that people will contribute plugins - but I expect this won't happen...

 I made a new upload for the Debian project and happily there have been no new bug reports. I'm strangely disappointed. I'm not daft enough to believe it's bug free and I rely upon other people pushing the code to make them visible; either through misconfiguration or running the code in interesting ways.

 I believe I may have found a bug in the current advogato site. It's potentially malicious, but I'm not sure if I'm seeing a real bug, or bogus output - I need somebody who understands the current setup to confirm this for me.

 Who do should I contact to get this confirmed? I'm assuming that Raph is the person to ask - but if he's anything like me he'll get lots of mail a day and I don't want to disturb him unless it really is a bug I'm seeing..

 I've downoaded the source to 'mod_virgule' but this doesn't seem to be where the bug lies.

 (I'm deliberately not posting details here...)

C++

 Today I managed to knock up a quick demo of loadable C++ plugins. Tommorow I'm going to wrestle with libtool to try and make them portable.

Work

 Most of today was spent testing the recently rebuilt Apache installations I've installed - to make sure they're working correctly. This is necessary because the setup is rather complex. (mod_auth_mysql, mod_fastcgi, +ssi, mod_perl, and php). After that it was a lot of fiddling around with the kernel of our gateway machine getting freeswan installed.

 Freeswan looks like it will provide a good VPN solution but the magic patching of the kernel didn't work. So I had to do it manually. Ouch. Many, many build errors had to be fixed by hand. Tommorow morning I'll actually install my freshly built kernel - and test it out. That does mean another early morning though :(

Life

 tardis is down - so no email for the next few days. This might affect my application to the Debian project. :(

md5sums

 I've just updated the download page of GNUMP3d to mention that I'll be GPG signing all future releases - rather than simply listing MD5sums.

 It's a good thing for me to be doing, especially now I've taken the decision to sign all my outgoing emails. This I've done because I know a large proportion of people I mail use GPG/PGP, and I'm applying to become a Debian project member - which will hopefully spread my key further into the wild.

 The thing that made me do this is the recent bitchx server compromise. I'd hate to leave people open to a compromised version of the server.

 In other news the development is going well, more autoconfiscation is happening thanks to this online autoconf / automake book. I really think that I'm beginning to get the hang of it. (If you're using autoconf you should probably checkout the GNU Autoconf macro archive.

dan : Yes I ended up using netcat in the end; but it's suprizing that telnet doesn't have the ability to disable the strings it displays 'Trying 127.0.0.1...', 'Connected to ...', etc.

 I would have expected a --quiet/-q switch..

 I had a lovely evening last night playing video games with a friend. We started off playing Micro Machines v3 and Wipeout on the playstation then decided to get pizza + ice-cream and watch films.

 We saw Spawn which sucked to be honest, and Wild Things which I've seen before and quite enjoyed - she seemed to like it lots; though we both agreed that Denise Richards is pretty to look at, if you like that kind of thing, but she can't act.

 I've been making code cleanups all over the place during the past few days, so now I'm happy with the structure of the program.

 Today I implemented file caching for all the theme template files. Previously they were re-read for each connection which wasn't optimal.

 The simple scheme I've come up with is based upon the modified time of the files and provides a snappier feel to the system.

 It's nice when simple changes like this produce a noticable performance gain.

 After having installed Netsaint last week we now have a decent network monitoring system!

 Today I'm just mildly irritated that there's no obvious way to turn off telnets 'connecting ..' messages. This means that I can't do this:

export START="`telnet localhost daytime`"

 *shrugs*

 This made me laugh though, from 'man telnet'

BUGS
     The source code is not comprehensible.