-
Unshortifying Cisco “Go” links
Inspired by a post on the PacketLife.net blog – Cisco "Go" links reference in the wiki – I tried to mine the short links to come up with the “definitive” list, but after running it for a couple of days, it only managed to find 473 links, compared to the 4720 Google estimates it has…
-
User input, by any other name
A friend of mine posed me an interesting question: how is it possible that a CMS software, which displayed the IP addresses for comments made anonymously (instead of the username) showed a private IP (like 172.16.63.15)? Before I get to the actual explanation, here are some specific clarifications which should be made: IP addresses are…
-
Build a botnet – without infecting end-users
The idea is not new: get a lot of users to view a given webpage, to DDoS the webserver / backend (depending where the bottlenecks are). If I recall correctly, some student asked the visitors of his website to continuously refresh the page of his university and got charged for it. As many have remarked…
-
Update to the DeShortify Pipe
A while ago I created a pipe to transform short URL’s in their longer versions. However the pipe itself was rather complicated and required a modification for each new service to be supported. Luckily, on the Network Security Blog I saw the link to LongURL, which provides the same action for multiple services (in fact…
-
Installing the webhoneypot on OpenWrt
This is a raw tutorial for installing webhoneypot on a router running OpenWrt. The used version is Kamikaze 8.09 (this can be important because commands change between version). The tutorial is not 100% complete and I will update it in the future when I learn new information. An other assumption I make is that you…
-
SDHC – Shared Dictionary Compression
I saw the following article on the GOS blog: Google Search Pages Load Faster if You Use Google Toolbar. It turns out that Google added an experimental feature in the Google web servers and the Google toolbar to reduce the network traffic by supplying a dictionary of frequently used page elements (BTW, I find the…
-
Using a single file to serve up multiple web resources
While trying to set up my GHDB mirror, my first thought was to use googlepages. I quickly found the bulk upload to googlepages how to by X de Xavier, which is a very cool tool (and also an interesting way to hack your “chrome”), but unfortunately I found that Google Pages has a limit of…
-
How to make sure that your webserver isn’t blocket by the ISP?
First of all, if it says in your contract that you can’t run servers, doing so may result in your connection being cut, so do this on your own risk! Second of all, I don’t advocate running websites on a home machine. Get a VPS! All this said, if you do run a webserver on…
-
Tracking Users Via the Browser Cache
From the department of old things I didn’t know about comes the following bit: Tracking Users Via the Browser Cache. Original story: meantime: non-consensual http user tracking using caches. Also covered here: Clearing cookies is not enough to save your privacy. And it was already posted on slashdot (so please don’t post it again :)).…
-
Spammers use Google as redirector
It seems that this isn’t a new thing (see others noticing it here and here), however I’ve been just hit by a couple of these today, so I blog about it 🙂 Google offers a service which creates redirects with arbitrary targets. Just enter http://www.google.com/url?q=<an-url-of-your-wish< and it will issue a 302 permanently moved header and…