This and That Rotating Header Image

My Favorite OS?

Apr 28th, 2010
by Ninjax.
No comments yet

Here’s an excerpt from an email exchange I had with a friend recently:

See, here’s the thing, I’m not a *-guy. I use whatever computer will most easily let me get my work done given the constraints of my environment. That’s why I keep this crappy XP box around for corporate email. If I’m going to edit some video, I’ll use my Mac. If I need to get a server quickly stood up, I’ll slap Ubuntu on it. My goal is the path of least resistance – I really just want to get work done. All OSes have their shortcomings, and instead of harping on them and picking a favorite, I look past the faults and just use the machine. Right now my goal is to try and find a standard set of applications that I can run on any platform (Firefox, Eclipse, etc), so that I can be equally productive regardless of OS.

Posted in: Uncategorized.

Developing with winpcap and Eclipse

Apr 22nd, 2010
by Ninjax.
No comments yet

So I recently needed to develop some pcap applications on Windows machines. I do development on a variety of platforms (OSX, Linux, and Windows), and I’ve been trying to ’standardize’ on one IDE. Since Eclipse runs on all of those platforms and has support for a variety of programming languages, it seemed like the obvious choice. Here are the steps I followed to get a simple example pcap program to compile.

1) Install Java. Eclipse is written in Java and requires at least the JRE to run. I installed the JDK, because I figured I might be doing Java development on this box at some point. I installed build 1.6.0_20-b02.

2) Install MinGW (Minimalist GNU for Windows). Eclipse provides the development environment, but we still need a compiler to build the code. I installed MinGW-5.1.6 (MinGW has an online, package-based installer like Cygwin).

3) Install Eclipse IDE for C/C++ Developers. This is an installation package with the Eclipse C/C++ Development Tooling (CDT) packages pre-installed. It’s difficult to determine what version I installed, but Help -> About shows Build id: 20100218-1602.

4) Install the WinPcap Driver. I installed version 4.1.1.

5) Install the WinPcap Developer Pack in order to get the header files and libraries. I installed version 4.1.1.

6) Launch Eclipse and create a new Empty Project (File -> New -> C Project and select Empty Project).

7) Add an empty source file (File -> New -> Source File) and paste in the code from the WinPcap Developer Tutorial. We need to make a few alterations. Above the #include "pcap.h" add the following defines:
#define WPCAP
#define HAVE_REMOTE

Then, change main() to int main(int argc, char **argv).

8 ) Now we need to add the include and library directories to the compilation and linking processes, respectively. Click on Project -> Properties -> C/C++ Build -> Settings. Under the ‘GCC C Compiler’ section click on Directories and add the Include directory from WinPcap. Then click on the Libraries item under ‘MinGW C Linker’ and add wpcap under ‘Libraries’ and the Library directory under ‘Library search path’.

9) Cross your fingers and try building the code.

Posted in: Uncategorized.

Using Stepping Stones with SSH

Feb 26th, 2010
by Ninjax.
No comments yet

I just recently learned that ssh has an option, ProxyCommand, that allows you to specify a machine (machine B) to be used as a stepping stone when connecting to another machine (machine C). So if you normally establish a connection from your machine (machine A) to B and then establish another connection from B to C, this could save you some time and hassle. Here’s how to do it:

1) Add the following to your ~/.ssh/config:
Host C_hostname
ServerAliveInterval 60
User C_username
ProxyCommand ssh B_username@B_hostname netcat -w 180 %h %p

-Line 1: Specifies the ultimate host we are connecting to (C)
-Line 2: How often, in seconds, ssh will send a keepalive request to C.
-Line 3: Specifies the username to be used when logging in to the ultimate host (C).
-Line 4: Specifies B as the stepping stone to connect to and netcat as the command to run on the stepping stone once connected in order to make the ssh port on C available to your local machine (A). Note, on some machines netcat is named nc. The -w option specifies the timeout in seconds for netcat. `%h’ will be substituted with the hostname specified in line 1 (C_hostname) and `%p’ with the default ssh port (22).

Posted in: linux.

Erin’s Etsy Store

Dec 30th, 2009
by Ninjax.
No comments yet

Check out Erin’s new Etsy store where she sells jewelry and other crafts that she makes.

Posted in: Uncategorized.

Wishlist for the Fall

Aug 5th, 2009
by Ninjax.
No comments yet

So there are a couple of things that I hope happen in the world of gadgets before the end of the year.  Both of these items are potential enhancements to my entertainment center.

First of all, I’ve been waiting for a Playstation 3 price drop for quite some time now.  I would like to enter the world of Blu-ray, have been thinking of adding a DLNA client to my media setup, and would probably buy a game or two.  However, I just can’t stomach the $400 hit for a PS3.  As soon as the price hits $300, I’d be all over it.  From what I’ve read on forums, a lot of other folks are waiting for the price drop as well.  According to this Examiner article, the price to produce a PS3 has dropped 70% to about $240.  Therefore, the $300 price point would not require Sony to sell PS3s at a loss.  Unfortunately, the article also notes that Sony is likely to keep the price at $400 to recoup the money that was lost when the PS3 was sold for a loss.  I’m not a financial analyst, but I would not be surprised if the increase in sales spurred by a price cut to $300 exceeded the revenue that Sony would make by continuing at the $400 price point even with the lower margin.

The other item I desire is a version of Adobe Flash that is optimized for the Ion platform.  Nettops utilizing Ion are attractive because of their low power consumption, small form faction and HD capabilities.  However, as several articles have noted, they strugggle when it comes to Flash performance, particularly full-screen 720p Flash video.  This is of particular importance to many individuals contemplating incorporating an Ion nettop into their home theater in hopes of being able to watch Hulu on their HDTVs.  I’ve found one lonely mention of an Adobe/Nvidia collaboration to enhance Flash to take advantage of Nvidia GPUs, but the estimated release date is not until 2010.  Before I add a nettop to my entertainment center, it will have to be able to decode HD Flash video without hiccups.

Posted in: home theater.
Tagged: · ·

Obtaining Operating System Discs From Dell

Jun 26th, 2009
by Ninjax.
No comments yet

Up until recently, Dell did not ship OS discs with their computers.  However, if you request the discs, they will send them to you even if your warranty has expired.  Finding the link to request the ‘Backup Discs’ can be a bit tricky, so I’ll post it here.

Posted in: Uncategorized.
Tagged: ·

FiOS, Onkyo and the Green Screen of Death

Mar 17th, 2009
by Ninjax.
3 comments

So I had FiOS installed a couple of weeks ago, and so far the experience has been mostly positive.  The only major issue I had was an HDMI incompatibility bug between the Motorola QIP 7216 1 set-top box that Verizon issued me and my Onkyo TX-SR606 receiver.  I wanted to use HDMI to connect the STB to my Onkyo and then use HDMI to connect the Onkyo to my Samsung HDTV.  This pass-through mode is fairly common, and it’s how I had my old Cox Scientific Atlantic STB hooked up.  Unfortunately, with the 7216, this configuration results in a ‘green screen of death’ after a few seconds of viewing.  I noted this problem during installation and asked the technician if he had another box on the truck that I could try.  He had me plug the Motorola box directly into the Samsung, and of course the GSOD did not occur.  The tech told me that if the box worked with the TV, then there was nothing he could do.  As soon as the tech left, I did some quick googling and learned that I’m not the only with this problem.  I decided to try using component video cables and a coaxial audio connection to connect the STB to my Onkyo and see if I could live with it.

Continue reading →

Posted in: home theater.
Tagged:

Roth IRA Contribution Calculator for 2008

Mar 6th, 2009
by Ninjax.
No comments yet

I wrote some quick and dirty Javascript that will calculate your reduced contribution limit when your income is in the ‘phase out’ range.

Posted in: projects.
Tagged:

Black Hat DC 2009 trip report

Mar 3rd, 2009
by Ninjax.
No comments yet

Presentations and whitepapers can be found here.

New Tricks for Defeating SSL in Practice – Moxie Marlinspike (Mike Benham)
This talk started off with an explanation of a vulnerability that Benham exposed in 2002.  Basically, some CAs did not explicity set the basicConstraints field in leaf node certificates (site certs) and web browsers were not verifying the basicConstrainsts fields.  So, anyone with a valid leaf node certificate could create a valid certificate for a site of their choosing that would chain back to the root CA.  Benham wrote a tool called sslsniff to leverage this vulnerability and perform a man-in-the-middle attack.

The new vulnerability that Benham discussed is actually a problem with the way that sites utilize https.  Many sites that require user authentication have homepages served over http with a login form where users put their login and password information.  When the user clicks submit, an HTTPS POST is performed so that the credentials are secure while in transit to the server.  However, if an attacker can intercept the initial page while it is being served to the user and rewrite the POST https url to an http url that he controls, the attacker can steal the credentials.  Benham wrote a tool called sslstrip that performs this attack and goes a step further and also proxies the https POST so that the victim has no indication that he was attacked.

To test sslstrip, he set it up on a Tor exit router for a period of 24 hours.  Out of hundreds of sessions that were attacked, everyone entered their credentials once the login page came up.

Continue reading →

Posted in: Uncategorized.

Things to know before flying Southwest

Oct 3rd, 2008
by Ninjax.
No comments yet

I recently flew on Southwest airlines for the first time, and while the experience on a whole was pleasant, there are a few ‘gotchas’ to be aware of.

First of all, Southwest does not allow you to choose your seat when you book your flight.  You are assigned a group and a number when you check-in that dictate when you can get on the plane.  Once on the plane, any seat is fair game.  So to avoid getting the middle seat and to ensure that you can stow your carry-on, it is imperative that you check-in as early as possible (typically 24 hours before departure time).  Fortunately, Southwest has a webpage designed for mobile devices, so you can check in even if you’re away from a computer.  However, if you have the misfortune of being on the terror watch list, you might be screwed.

Next, when boarding, the seats in Row 1 look attractive because of all the legroom.  Unfortunately, these seats do not have tray tables for some reason.  If you get a drink, you’ll have to hold it until you’re done with it.  Every other plane I have ever been on has tables that fold out of the armrest for the first row seats.  I can’t see this being a cost-saving issue, so I don’t know why Southwest omitted these tables.

Finally, Southwest’s planes do not have closets at the front of the plane to store garment bags in, so you have to stow them in carry-on bins.  Again, I’ve never seen this before on other airlines.  I can see how removing the closet frees up some extra room, but it’s a pain having to try and layer a garment bag on top of a bunch of irregularly shaped carry-ons that barely fit in the bin to begin with.

Posted in: travel.
Tagged: ·

← Earlier Posts