Blog

A new project has been added

Hi everyone,

It’s been a long time since I’ve updated this blog. I wanted to announce that I added a new project to my Projects page. It’s an updater for a TunnelBroker IPv6 Tunnel, written in Python. You’ll see two versions listed. The first version is the original script, while the second version includes a password hashing program.

The requirements are Python 2.7.3 (although it’s a trivial task to convert it to Python 3.x), and you’ll have to fill in your information in the UserInfo.txt file. Try it out, and let me know what you think. And let me know what features you want to see included in it. My next plan for the script is adding some type of file size limitations, so you don’t end up with logs that are wiping out your hard drives. Right now, you have to manually clean the results.log file out (although after a week of running, it’s only at about 5KB).

Have a great day:)
Patrick.

The DNS Changer: End of the Internet–or not

There has been a lot of talk in the news about this DNS Changer worm, and how it will cause people to lose their internet connection on Monday. I wanted to take a moment to clear some things up, as the news basically points you to the FBI’s site (and their information). The link to their information is here.

So, here we go…

  1. Originally there were over 14 million estimated computers infected with these worms. Through the FBI and ISP’s sending out warnings, that number has decreased dramtically. RIght now, in the US, it’s estimated that only 70,000 devices are infected. (Worldwide stats are available from the FBI.) This is why they’re shutting down the servers.

  2. The FBI set up it’s own DNS Servers at the “rogue” IP Addresses, because with so many infected computers, it would have been catastrophic to shut the sites down cold. Imagine waking up to find that over 14 MILLION people have lost internet access suddenly.

  3. Basically what’s happening is this: DNS is like calling directory assistance and getting someone’s phone number. Your browser does this, when it doesn’t know the address (think phone number) of a website. That virus changed those “Directory Assistance” numbers to it’s own set. So it’s as if you were calling a special number for Directory Assistance, and they gave you what numbers they wanted you to dial (not necessarily the number to the person you were calling). Or they gave you a number that would charge your phone bill on their behalf (like using a Phone card to call).

In terms of DNS, your browser would either get sent to an ad site, porn site, or something else, when you typed in a site name. Or if you did a search, it would fake the results of the search with malicious sites (where you could be infected with other viruses), or it would replace the ads on a legitimate site (since your browser had to get the ads from somewhere), with their own ads. It was hinted that the viruses would also capture your passwords, but I haven’t seen anything openly saying that. Although if someone’s infected with any virus, they’ll want to change their passwords after fixing their computer.

** Another common analogy for DNS is like sending a letter through the Post Office, but to be honest, I’m not sure how this would play out in that scenario.

How do you know if you’re infected with the worm?

The easiest way to check your computer is to visit this site for their steps. They have a page which will tell you (via a green or red background on a picture) if you’re infected or not. One drawback is if your ISP “fixes” or alters DNS entries, it may look like you’re clean, when you’re really not.

As for what to check on your computer, here’s what to do:

For Windows Users:

  1. Click the Start orb, and type cmd in the bottom box (where it says “Search”).
  2. Click on Command Prompt (or cmd) in the results at the top.

** These instructions are for Windows Vista/7 users mainly. In older versions of windows, it would be the start button, then Run… and type cmd, or (in all versions of Windows) you can also press the Windows Key and the R key at the same time, and type cmd in the “Run…” box that pops up.

  1. Type in ipconfig /all (or copy and paste from this post).

You’re going to get a lot of information on the screen. What you’re looking for will say something like this:

Local Area Connection (Ethernet)
IP Address: 192.168.x.x (could be something like 192.168.2.100)
Subnet Mask: 255.255.255.0
Default Gateway: 192.168.x.1 or 192.168.x.254 (whatever the IP Address from your modem or router is)
DNS Servers: xxx.xxx.xxx.xxx
xxx.xxx.xxx.xxx

*Those are what you’re looking for ***

What the link said to do was look at the first set of xxx’s in each DNS server. If it’s in their table, then look at the second set of xxx’s in each server. If that’s in the table, look at the third set, and so on. If at ANY point, you find a set of xxx’s that’s not listed in their table, you can stop. Even if it’s one number.

Here is the table that they are referring to.

Rogue DNS Servers

85.255.112.0 through 85.255.127.255
67.210.0.0 through 67.210.15.255
93.188.160.0 through 93.188.167.255
77.67.83.0 through 77.67.83.255
213.109.64.0 through 213.109.79.255
64.28.176.0 through 64.28.191.255

If your DNS Servers are the same as your “Default Gateway” up above, then you need to log into your modem and check them from it. If you have just a modem, then you’ll probably want to call your ISP for help with this. Unless of course, you’ve logged into it enough times that you know what to do. If you have a separate router (like a Linksys, Cisco, or Netgear router for example) that your computer is plugged into, you should be able to go to their site and get information on how to log in. The steps here are general (as the pages and passwords are different for each router).

  1. In your browser, type in the IP Address for your Default Gateway and hti enter.
  2. On the screen that comes up, type in the username and password for your router (NOTE** if you haven’t changed these from the default (usually admin for both), YOU NEED TO DO THAT!!!!!!!!!!!)
  3. You will be presented with the setup screens for your router. You want to look for the DNS information screens (first look at your Status screens, and if the DNS Entries aren’t there (or are the rogue entries) then look for how to configure them).
  4. If your DNS Entries are the rogue entries in the table, then you need to change them back to “good” ones (or follow whatever steps are needed to have your ISP automatically provide them). Personally, I recommend using Public DNS entries (like 208.67.222.222 and 208.67.220.220 for OpenDNS or 8.8.8.8 and 8.8.4.4 for Google DNS), but it’s your decision whether to use your ISP’s or not.

Apply the changes, and restart your computers after the modem/router restarts. You should be all set for Monday.

For Linux users, you’ll either want to check your /etc/resolv.conf file to see if it has the rogue DNS servers or manually edit your network connections (or router/modem).

And for Mac users, you’ll want to check the instructions from the FBI’s website link.

If your computer is/was infected, you need to take steps to clean it. On the link that I provided above for detecting whether you’re infected, they have links to tools for cleaning your computer. After running these tool(s) and making sure your comptuer is clean, you most defiinitely want to change ALL of your passwords. This goes without saying for any malware that’s on your computer (not just this one).

Good luck, and I’ll see you on Monday (hopefully).

Have a great day:)
Patrick.

One more test post from blogilo Part 2

Ironically enough, the “test post final try” entry was uploaded, but not published. It was scheduled for 2 minutes prior to when I checked to see if it had uploaded successfully.

So, I’m trying this once more, in hopes that it publishes immediately. If not, then this will work for scheduling posts, but not so much for uploading them immediately. This attempt will be scheduled for July 4, 2012 @ 4:00 a.m. (CDT). Hopefully it will publish at that time.
Have a great day:)
Patrick.
P.S. on this, you will probably see the exact same text as a separate entry (probably just a Part 2 at the end of this one), as I’ll test out it’s ability to schedule posts.

One more test post from blogilo

Ironically enough, the “test post final try” entry was uploaded, but not published. It was scheduled for 2 minutes prior to when I checked to see if it had uploaded successfully.

So, I’m trying this once more, in hopes that it publishes immediately. If not, then this will work for scheduling posts, but not so much for uploading them immediately.
Have a great day:)
Patrick.
P.S. on this, you will probably see the exact same text as a separate entry (probably just a Part 2 at the end of this one), as I’ll test out it’s ability to schedule posts.

Test post final try

If this goes through, and looks decent enough, then I’ll use Blogilo. So far, the only program that’s meeting my expectatations is the “Blog Entry Poster (Google Blog)”.  I’ve even resorted to downloading and trying some Windows-based blogging applications.  Most of them will start (under wine), but never produce anything worthwhile.

One exception to the rule is Zoundry Raven. I might be able to get it working, simply because it’s open sourced and designed to be compiled under wine.  But, if I’m going to that extreme, I may as well try to compile it natively under Linux (and rewrite the necessary portoins to work).  That may be something down the road–but for now, I’ll stick with something that works.
***UPDATE*** After moving my blog to my site (which is a WordPress blog instead of using the Blogger format), and reconfiguring Blogilo, I finally got this to where it *should* post. However the date may be completely off, as in the “Preview” it shows December 31, 1999 (and it’s obviously not New Years Eve).  So, we shall see how this works out.
Have a great day:)
Patrick.

apt-get: “the following packages have been kept back” « The Ubuntu Incident

apt-get: “the following packages have been kept back” « The Ubuntu Incident

I’m more or less posting this link for my own benefit. Occasionally I get errors about untrusted packages or “The following packages have been kept back” when I try to update. This blog post explains how to fix that (although in my case, it was a combination of two separate posts that fixed my issue).

If you’re getting the untrusted sources message when using the Ubuntu Update Manager, then open a Terminal, and try this

sudo apt-get update

This should give you an error message about repositories with no public key (NOPUBKEY). You’ll want to use the next command, replacing the ‘XXXXXX’ with the key value after the NOPUBKEY message

sudo apt-key adv –recv-key –keyserver keyserver.ubuntu.com XXXXXXX

So, in my personal case it was something like:
sudo apt-key adv –recv-key –keyserver keyserver.ubuntu.com 4B82DCA0798F627E

After you’ve received the key, you’ll want to try the sudo apt-get update a second time, and then try

sudo apt-get upgrade

If you still get the message about programs being kept back, then use this command:

sudo apt-get install

and it should upgrade the program(s).

Have a great day:)
Patrick.

Trying out QTM

So, this hopefully is my final test post. The sitation is this: When I post in Blogilo, they show up on my site as “Scheduled” and I have to manually change that status to “Published”.

So, I’m hoping that it’s an issue with Blogilo, and not my site. If this post shows up as “Scheduled”, then I know that I have to find the setting and fix it online. If this post publishes immediately, then I know that I can use QTM to create my posts.

One drawback is that I may not be able to schedule posts in advance with this application. In which case, Blogilo and visiting my site will take care of that.

Have a great day, and sorry for all of the “Test posts” today. 🙂
Patrick.

Learning to Program- Two Main Types of Errors

In programming, you’ll encounter a lot of different errors. Syntax errors, functional errors, configuration errors, and more. All of the errors can be classified as two main types though: compiler (or compilation) errors and run-time errors.

Compilation errors are the syntax errors and other problems encountered while creating the program. They are found and fixed before the program is released to the customer (end-user or the public, as the case may be). These won’t impact the customer, because you’ll fix them before you release. Otherwise, your program won’t work.

Run-time errors are errors that involve the logic or function of the program. Some of them will happen before release, and some will happen after. The goal is to make sure most of them happen before release, but nothing is perfect.

One example of a run-time error is in a program that I’ve been developing. Essentially the program is an updater for an IP Address. The error is that once I enable “Automatic updating”, I can’t disable it (or change the time-frame for the updates). It’s a functional error, because while the logic is sound (making sure you can automatically update and set the interval), the way it’s implemented doesn’t work.

If you have run-time errors after the program is released, you’ll be informed via bugs or security notifications (depending on the type of error). Some of the errors are features that don’t work properly, features that people want, security vulnerabilities, or other problems.

The point here is two-fold. First and foremost, you’re going to run into compilation errors and run-time errors. If you don’t, then the program was either fairly simple, or you didn’t write it. Now, let me clarify that occasionally you’ll write a complex program without any errors–but it’s rare.

Secondly, your goal is to minimize all of the errors as much as possible. Your goal is 100% perfect code. Your reality should be somewhere between 92% and 98% perfect code. Don’t release unless your compilation errors are 2% or lower, and your run-time errors are 5% or lower.

And test for every possible scenario that you can think of. Even the ones that are highly improbable. Because, the more people who use the program, the more probable one of those scenarios will happen. And have others test for everything they can think of also. That’s how the “professionals” do it.

Have a great day:)
Patrick.

E-Book on Programming and Logic

I’m planning on writing an e-book about Programming and Logic. Right now, I have a basic Table of Contents set up, and I want to get some feedback from people who are learning to use Pseudocode and Flowcharting.

Some questions that I have for you are these:

1. Which do you think is harder, creating flowcharts or pseudocode?
2. Would you prefer to see a) more flowcharting examples, b) more pseudocode examples, or c) an equal share of each?
3. Which aspects of logic are you struggling with (for example but definitely NOT limited to: variables, arrays, looping, decisions, methods, classes, objects, or data types)?

Please post in the comments section, and I’ll be more than happy to frame the book along the requests. Also if there are other subjects that I haven’t covered in the questions, please post those as well.

At some point, I’ll be posting the table of contents for opinions on things like the chapter names, the order that I’m presenting things, and the structure of the book overall.

Thanks, and have a great weekend. 🙂
Patrick.

An important note to consider in Programming and Development

When you take a course in Programming or Logic, you’re taught a certain way of doing everything. It varies by the language, but you’re taught to indent your code a specific amount of space, use certain namingConventions for variables, put braces and other symbols in a specific way, and other things.

The problem with this is the industry and your future (or current) employers may not follow these conventions. And your instructors (and books) won’t point this out to you. So you have to find out what the current industry (and employer) standards are, and follow those. In short, you need to overcome and adapt to the environment that you’re thrown into.

It really becomes apparent if you’re employed by a company to code, and you also code for other projects on the side. For example if you’re a C/C++ coder, your employer may follow the industry standards (or not). And if you decide to write code for the Linux kernel. The kernel has it’s own set of standards–ranging from how to indent and how far to indent, to when to put the {}’s on the same line or a new line. They don’t necessarily follow the industry standard.

Again, your instructors and books won’t talk about this. Their goal is to show you everything in one easy to learn fashion. The industry expects you to adapt what you’ve learned to their version of “reality”. So if you’re taking programming courses now (or plan to), remember that what you learn is just the foundation for what you’ll do. The foundation will look the same regardless, but what you build on that is up to the needs/wants of whoever you’re building it for.

Have a great day:)
Patrick.