GoDaddy promo codes
I am posting this as a personal memo, so that I don’t have to google it everytime. Please enjoy variety of discount codes. I would appreciate if you could drop a line with the outcome of your coupon, did it work?
- OYH3 - $3 off / $6.95 any .COM (renewals too… just used it)
- YH1 - 10% off whatever
- BTPS7 - 20% any order of $50 or more
- BTPS20 - 25% any order of $100 or more (expires Dec 21st)
- BTPS4 - 10% off anything
- OYH2 - $5 off a $30 purchase
- chill1 - 10% off
- chill2 - $5 off $30
- chill3 - $6.95 .coms
- hash1 - 10% off
- hash2 - $5 off $30
- hash3 - $6.95 .com registration
- gdd1101c - 10% off any order of $40 or more
Pointless and boring presentations
Art Lebedev is a leading design studio based in Russia with many other office worldwide. Artemy Lebedev, he is the founder and the head of the studio write a lot good articles on various topics.
One of the latest article he wrote is about pointless presentations. Note that the article is in Russian, however they will publish in English later. So to cut short, here’s the list of what I understood:
- Be prepared, know your topic - don’t just memorize
- If you are presenting some text on your slide show, make it shorter. Write a few words then talk the rest in your words. Don’t let your audience read your long text.
- If you let your audience read the text, don’t repeat and read it again yourself.
- Don’t mumble/ramble and be confident.
- 99% percent of all presentations are boring, decisions are not made after the presentations.
What’s your opinion about the article and in presenting in general? Please leave in the comments.
Year 2007 for Linux and Open Source
Let’s sum up and see what were the biggest Linux moves in the year 2007.
- GPLv3
- Asus Eee PC
- OpenMoko
- Ubuntu 7.04, Ubuntu 7.10 = lots of fork distros
- GNOME 2.20
- Pidgin 2.0
- KDE 4.0(postponed to Jan 2008)
- Xfce 4.4
- Google Desktop
- Fedora 7, Fedora 8, Red Hat Enterprise Linux 5
- Mplayer 1.0 RC2
- Adobe Flash Player 9
- OpenOffice.org 2.3
- Linux is preinstalled in Dell, Lenovo and HP PCs
- Wallmart and gOs = Everex
Did I miss anything?
Telekom Malaysia blocks outgoing port 25
Telekom Malaysia (TM) is blocking out port 25 on all dynamic IPs(residential IPs) effective from 3rd December 2007.
Well, this means:
- TM has issues with spammers. Be it zombie machines with trojans, viruses and spywares.
- All the local businesses that run internal E-Mail servers will have to find other ways.
It’s not a big deal actually, but again if you are doing this kind of things that means something out of your control is happening and you have to block it. Otherwise I believe it’s a very widely used port.
The TM’s corporate users, the one who has fixed IPs do not have to worry, since this does not effect them.
For the home/soho users I will be writing a nice how-to on this matter in a few days time.
Of hubs, switches and network security
At the Network layer, hosts are identified by IP addresses. At the Data Link layer, however, hosts are identified by MAC addresses. All packets (in ethernet) are delivered by MAC address (ARP and RARP convert between IP and MAC addresses).
To conserve bandwidth, switches direct traffic to a specific port based on the target MAC address (as opposed to hubs which simply broadcast all packets to all ports). This allows multiple peer-to-peer conversations to occur at the same time as each conversation only requires two ports (whereas in a hub each conversation occupies all ports!) Hence, bandwidth management; not security 
.
For a switch to know which port connects to which MAC addresses, the switch creates and manages a CAM table (a simple mapping between port and MAC address(es)). If no Port Security, this table is dynamic and changes over time (to allow for hosts to appear, disappear and move between ports). The switch learns the CAM table mappings by monitoring the source and destination MAC addresses in packets that it directs.
Now look at the Port Stealing slide. Send layer 2 packets with “source address equal to victim host address” and “destination address equal to its own mac address”. Taking these in reverse order, the switch will direct the packet to the port mapped to the destination address, the attackers “own mac address”; i.e. the packet will return to the attackers host (so no other hosts will notice the packet). At the same time, the switch will record the source address of the packet against the port it came from in the CAM table; i.e. the victim host (MAC) address against the attacker’s port. If you looked in the CAM table, you’d now find the attackers port mapped to both the attackers MAC address and also the victim’s MAC address.
The switch will now direct the next packet targeted at the victim’s MAC address to the attackers port (based on the CAM table entry) - the port is ’stolen’.
To relay the packet to the correct port (so that the conversations can continue uniterrupted), the attacker needs to get the CAM table back to the original state, i.e. with the victim’s port mapped to the victim’s MAC address. This is achieved by issuing a broadcast ARP request for the victim’s IP address. Broadcast means the request will go to all ports (including the victim). When the victim responds, the switch will record the new CAM table mapping (back to where it was originally). The captured packet can now be resent by the attacker and correctly directed by the switch to the victim’s port.
Now (and this is the scary bit) to get and relay the _next_ packet, the attacker needs to repeat the entire process. It looks like a lot of work and is why I raised queries about whether or not packets would be dropped. NaGA says ‘not necessarily’ which is fair enough.
URL: http://ettercap.sourceforge.net/forum/viewtopic.php?t=2329
About
Welcome to Arstan's personal blog. This blog includes tips on Linux, Apache, MySQL, Shell Scripts. Hardware/software and internet technologies reviews and updates.
