Monthly Archives: March 2006

you know you’ve chosen a good isp when…

Posted by on 30Mar06 Comments Off

…they tell you that you have a security hole that you weren’t aware of. I just received an email which said:

“It has been identified that your internet connection is acting as an open recursive DNS server. This means that your connection could contribute to a DDoS (Distributed Denial of Service) attack resulting in your and other people’s connections becoming unusable.”

This confused me, as although the IP given was in my range, I was sure I didn’t have anything on that number. A quick check later and it turns out that I do have equipment there: my Zyxel ADSL router. A play with host confirms that they are 100% right and I can lookup DNS via my router, despite the fact that I don’t use it for DNS – it just gets the settings when it DHCP’s the ISP after startup, and there are no DNS settings in the device.

It took just a few moments to fix with an explicit deny of all incoming DNS requests to that IP, but it’s a worrying thought that I would not have found this hole as I never considered the box capable of DNS as I hadn’t set it up to serve any: spending time making sure my DNS server has correct views could have been pointless.

So, thank you Zen, and a warning to everyone out there who has Zyxel Prestige 630-H in static IP no-NAT routing mode. Oh, and the reason this is praise and not a rant at my ISP is that they not only inform, but treat me as an adult too:

“At this point we are only informing you of a potential security vulnerability on your network. However, if we receive abuse reports about your connection contributing to a DoS/DDoS attack, your connection may be suspended until such time that this security hole is closed.”

Can’t argue with that at all; it’s just a pity that not all home ISP’s did this, or ‘bot armies would be on the decline.

Share

things i have learnt today

Posted by on 26Mar06 Comments Off

In no particular order:

  • Although OmniGraffle 2.2 is very outdated, it makes short shrift of flow charts, especially when using Lucida Grande 9pt text and frequent use of the Align Center to Grid button
  • You need to have at least a 1280 x 1024 display to do sane flow charts on A4 in Omnigraffle, as there’s enough room on the screen to have the Font, Palette and Inspector windows open too
  • Adding the Font to the Favourites list in the Font Inspector makes it very fast to change a page once it’s been roughed out: Option+A and then a single click
  • Our children will gaze at us with wonder[1] when we descibe how disc filing systems used to erase the previous contents of the file when saving data with the same name, assuming we can get the concept of a ‘Save’ across to them. I absolutely hope that all key/mouse strokes will be logged and be editable as an integral part of the file and what we currently call ‘File Systems’ will be 100% versioning. Anyone using VMS can laugh in safety already (although I challenge them to run OmniGraffle…)
  • I previously hadn’t paid much attention to computer languages, but they really are quite different at times – growing up programming in C, PHP, Perl, Assembler, Forth, BASIC, etc. has meant that it’s a quick read of the man page and I’m off until the first compiler/run-time error, but trying to get the nuances of Forth described in a Flow Chart is at times monumentally difficult. I’m starting to grasp how hard it must be to translate poetry from French or Japanese to English: some constructs just simply don’t exist, and make Pratchett‘s “Reflected sounds of underground spirits” seem short and to the point

[1] or possibly barely concealed contempt, given that it’s taken us so long to get around to it when compared to such useful items as, say, translucent CLI windows

Share

Web 2.1 server-side blink tag demonstration

Posted by on 16Mar06 1 comment

Web 2.1 server-side blink tag demonstration: http://cheese.blartwendo.com/web21-demo.html

Now here’s something the mainstream fuss over AJAX has missed: real, tangible and downright useful code. No more silly browser intelligence: let the server control everything !

Roll on Web 2.5

Share

AIRTIGHT – PostcardViewer Download

Posted by on 08Mar06 Comments Off

AIRTIGHT – PostcardViewer Download: http://www.airtightinteractive.com/projects/postcardviewer/

I meant to mention this a while ago when I was looking at various galleries and it’s a great non-linear way of presenting images, plus it’s free. It just got a lot better for Photoshop users though, as there’s now a script for automatically generating albums.

No, it doesn’t work in Elements 3 (I tried !) but there is an iPhoto exporter mentioned which I’ve not had a go with yet.

Share

ADSL2 speed estimator

Posted by on 05Mar06 3 comments

DSL ZoneUK – Common terms: http://www.dslzoneuk.net/maxspeed.php

If you’re on one of the majority of BT’s exchanges in the UK then by the 31st of March 2006 it ought to be possible to move to ADSL2 (assuming your hardware and ISP support it). If you can get access to the current attenuation and signal-to-noise figures from your modem then the above link will give an idea of what you can expect from the new service.

So, I’m up from 1Mb to 2.4Mb, which is enough to make me look at the ADSL2 ISP’s out there ready for April :)

Update: Ahem. :blush: the MaxDSL stuff is still plain old ADSL and has nothing even remotely to do with ADSL2…

Share
Page 1 of 11