Tuesday, April 19, 2005

Like Multi-player Gaming? Throw an LAN Party!

Joel Durham Jr. writing for Yahoo News brings us "Let's Have a LAN Party!" Multiplayer gaming is hugely popular since in addition to being able to play computer players you are either teamed with or up against humans. Every techie has gotten caught up in Doom. Doom is probably the classic introduction to multiplayer first shooters. My personal favorite has always been Descent which should date my gaming experiences.

Multiplayer games can be played by simply networking two or more computers. The easiest way to do this for most people is by dialing up to the Internet. Performance then becomes an issue. Joel Durham Jr. does a great job of explaining latency. In short, if one person's connection to the Internet is better than yours that person will have an advantage over you. A LAN party eliminates, or greatly reduces, that advantage by providing a relatively even network connection for all players.

In setting up a LAN Party you have to consider the number of attendees. If it will be huge then renting space at a hotel and getting discounted rooms for out of town visitors may be in order. Tables and chairs will have to be rented. Infrastructure considerations include electricity, 10/100 network connections and dedicated servers.

Other preparations include selecting games that will be played, collecting dues from players to help cover costs, getting listed, and food.

Yahoo recommends checking with LANParty.com and Blues News. And our favorite KROSTech.

Other resources:

Monday, April 18, 2005

Make your own infrared camera from an old webcam

Video is an intriguing aspsect of the Internet. It's so mysterious with its compression rates, varying qualities, and bandwidth requirements. However, video is an important part of the future Internet. Video on the Internet will become how we communicate replacing phones with smooth, television like pictures. Already video blogs have a huge following with a Google search producing 23,300,000 results.

MS brings us a video on SenseCam. Could it be another potential avenue for blogging? "Watch my day in 3 minutes." SenseCam is a concept camera that takes a picture everytime the light changes slightly which is a technique to detect movement. This camera, worn around the neck, would photo document your day without sound in a time-lapse style video. I think that if the videos did not run too long, it would be fun to review my day or see how someone else spent theirs.

In other camera news, James of Puerilis has turned us onto a step by step guide to turn your desktop webcam into an infrared camera so you can "see in the dark". Bjoern Wieland has more discussion on IR cams.

For people interested in video, this primer is an absolute must read particularly for understanding that critical difference between the lost cost CMOS imager and the more costly CCD imager. When it comes to quality, you get what you pay for.

djuggler's personal blog is Reality Me and consults as Superior Internet Designs

Sunday, April 17, 2005

Debugging HTTP traffic

Are you trying to figure out why your webpage is so slow even after you switched from that old slow host to a new host that is supposed to be so much better? It could be that your website is producing bad header information or other wierdness in the HTTP traffic. Fear not! Programs such as Fiddler, Netmon and Achilles can help. Fiddler is described as:

Fiddler is a HTTP Debugging Proxy which logs all HTTP traffic between your computer and the Internet. Fiddler allows you to inspect all HTTP Traffic, set breakpoints, and "fiddle" with incoming or outgoing data. Fiddler is designed to be much simpler than using NetMon or Achilles, and includes a simple but powerful JScript.NET event-based scripting subsystem.
Fiddler can help with performance testing by revealing missing headers that would allow client or proxy caching.
Additionally, by exposing HTTP Headers in the Session list, the user can see whether pages are missing HTTP Expiration headers that permit client or proxy caching. If a response does not contain Expires or Cache-Control headers, it might not be cached by the client.
Fiddler can help debug and enhance security for your website by using its "break points" feature.
When the Enable Single Step Debugging option is checked on the Rules menu, or when the properties of the HTTP Request or Response match the target criteria, Fiddler can pause HTTP traffic and allow edits. This feature proves useful for security testing, as well as for general functionality testing, because all code paths can be exercised.
Fiddler has flexibility and can be extended via the .NET framework. See more information on MSDN.

A 2003 survey lists the Top 75 Security Tools (go to their site for wonderful descriptions including clarification of cost and platform (Linux/BSD/Windows):
  1. Nessus
  2. Ethereal
  3. Snort
  4. Netcat
  5. Tcpdump / Windump
  6. hping2
  7. DSniff
  8. GFI LANguard
  9. Ettercap
  10. Whisker/Libwhisker
  11. John the Ripper
  12. OpenSSH / SSH
  13. Sam Spade
  14. ISS Internet Scanner
  15. Tripwire
  16. Nikto
  17. Kismet
  18. SuperScan
  19. L0phtCrack 4 (now called "LC4")
  20. Retina
  21. Netfilter
  22. traceroute/ping/telnet/whois
  23. Fport
  24. SAINT
  25. Network Stumbler
  26. SARA
  27. N-Stealth
  28. AirSnort
  29. NBTScan
  30. GnuPG / PGP
  31. Firewalk
  32. Cain & Abel
  33. XProbe2
  34. SolarWinds Toolsets
  35. NGrep
  36. Perl / Python
  37. THC-Amap
  38. OpenSSL
  39. NTop
  40. Nemesis
  41. LSOF
  42. Hunt
  43. Honeyd
  44. Achilles
  45. Brutus
  46. Stunnel
  47. Paketto Keiretsu
  48. Fragroute
  49. SPIKE Proxy
  50. THC-Hydra
  51. OpenBSD
  52. TCP Wrappers
  53. pwdump3
  54. LibNet
  55. IpTraf
  56. Fping
  57. Bastille
  58. Winfingerprint
  59. TCPTraceroute
  60. Shadow Security Scanner
  61. pf
  62. LIDS
  63. hfnetchk
  64. etherape
  65. dig
  66. Crack / Cracklib
  67. cheops / cheops-ng
  68. zone alarm / Kerio Personal Firewall
  69. Visual Route
  70. The Coroner's Toolkit (TCT)
  71. tcpreplay
  72. snoop
  73. putty
  74. pstools
  75. arpwatch
Fyodor has done a wonderful job putting this list together. Using such tools as Fiddler and tools that Fyodor lists will certainly aid you in making a more secure web application.
djuggler's personal blog is Reality Me and consults as Superior Internet Designs.

Friday, April 15, 2005

Annotating the planet with Google Maps

I have always been a huge fan of MapBlast and MapQuest with MapBlast being my preference because of its wonderful LineDirections! Who needs to see all those unnecessary small roads and who wants to waste ink printing color-shaded route maps that aren't going to add to the journey? I used to have the opinion that MapQuest was better in the City and MapBlast better in the rural areas. Now-a-days I don't think one matters over the other although I still occasionally can find an address on one but not the other. I even continued to like MapBlast when Microsoft bought them and tried to get me to type http://maps.msn.com.

I recently installed Microsoft's MapPoint (for developers) from my MS Partner kit and was so completely impressed that I figured I would never use an online mapping program again. MapPoint even updates its data to show me current construction information which allows for better trip time prediction.

Google Maps is one of the latest on the online mapping scene and I must say I'm thoroughly impressed. Google Maps is stealing my attention away from MapBlast and Mappoint. Jon Udell writes in "Annotating the planet with Google Maps" that Google Maps was receiving a negative response to his article "Google Maps pushes the envelope" as the directions were off and its coverage wasn't as comprehensive as MapBlast or Multimap. Jon puts all these concerns aside as he describes some of the potential that is soon to be realized from Google Maps. He focuses on describing how Google Map data can be downloaded into a GPS receiver and used to give walking tours of our choice!

The friend is Matt King, and his proof of concept is a JavaScript bookmarklet that uses Google Maps to display a walking tour of Beverly Hills, with waypoints labeled and linked to photos. If you try it, be sure to check out the black-and-white bunny sitting on the tree lawn of N. Rodeo Drive between Park and Carmelita. (Matt King's latest)
Google Maps has won me over mostly because I don't have to be precise in my search. I can misspell a person's name or street address and Google Maps still finds it. Google Maps will overlay a beautifully rendered line on top of satellite photos so giving directions to a visual yet spatially impaired person is now much easier. After typing an address, say the library where our support group meets which is 100 Golf Club Road, Knoxville, TN 37919, I get this map. After I zoomed and centered the map the way I wanted it to appear, I right-clicked the "link to this page" and copied the url. With the "link to this page" feature you can instant message, email or post a google map the way you want it to appear for anyone. Now with the library map up, I can click the "local search" link at the top of the screen and type "pizza" to find all the places that sell pizza near the library in case we want to have pizza for the support group. Next, click any red tear drop to see detailed information about the pizza shop and you can get directions. I'm going to enter the directions from the library. I now have detailed directions and distance with a line on the map. Next I click the satellite link to see the line over actual imagery of our route. For fun I zoom in as close as possible for the final leg of the journey. Very impressive!

Other online mapping tools include:
djuggler's personal blog is Reality Me and he consults as Superior Internet Designs

Tuesday, April 12, 2005

Moving house - no posts for a week

We are moving house and offices and there probably won't be any tips for about a week.
I may surprise myself and do one anyway but don't hold your breath.
Have a great week!

Monday, April 11, 2005

Moving House

There is a lot of technology in our house. So moving isn't simple unfortunately.
Fortunately we have a very good techie - who manages our servers, sets up the Linux servers we manage all our clients websites and email on and helps with the tech stuff.
There will be a scarcity of posts from me in this next week as we move house and get the servers all set up in the new house. There will be no downtime of this web site as the spyjournal sites get too much traffic to be managed on our server. They are located elsewhere anyway. However there may be minor interruptions on the other sites.
Here is a list of all the sites I either own myself or have set up or manage in some way.

Spyournal Home

Spy Journal Archives
Personal Blog
Excel Tips Blog
Blog Tips Blog
Tech Tips Blog
Urban Space Novel
Photo Archive
Parklife Soccer Club Website
Parklife Results
KROSTech LAN Parties
Jethro Management
Jethro Consultants
Oz Bush Poet
Miller Family Web Site
JAM Creativity
Cindy Maulkner
Extended Millers
Jono Miller
Dan and Pris Gollan
Rivers Baptist Church

Monday, April 04, 2005

Ineen Video Conferencing

I tried the Ineen Video Conferencing softeware today.
It seems to work pretty well.
I will report back later with more information about the application when I have tried it more.
Basically, you download and install the software (As far as I can tell it contains no spyware), then create an account and away you go.
You can call someone else - acts just like a video phone and talk live on the net.

Friday, April 01, 2005

Website for cracking Windows Password Hashes

If you have ever looked at any of your stored Windows passwords, you know that they are encrypted and look nothing like your actual password. That is because your system "hashes" the password, and the resulting gobbleygook is in fact known as a "password hash". For those of you not familiar with password hashes (or other hashes), it’s useful to think of it as not unlike like a checksum. Your password is encrypted and scrambled up ("hashed") in a certain way, based on a certain formula, such that the same password will always yield the same hash. Generally speaking, however, while the same password will lead to the same hash, you cannot deconstruct the hash to yield the password. That is why hashing a password is considered a security feature. Even though a hacker can get your password hashes from your computer, they are in theory useless because they still have no idea what the password is.

However, there are programs out there which will crack a hashed password, and now, thanks to a fellow over in France, there is a website where you can enter a hashed password, and have it cracked for you (gee thanks).

Check it out for yourself, if you want to, although Aunty would caution you to change the password you use before you submit it to the website!

Then you can crack your hashes here.

This post reproduced from Aunty Spam's Net Patrol