My M:tg decks
Povray Files
OTF Roleplaying
2A4X2\2A5X3A
3C0X1\2E2X1
Alpha NAQ
The Crew
E-mail
Reading List
Blog 2016
Blog 2015
Blog 2014
Blog 2013
Blog 2012
Blog 2011
Blog 2010
Blog 2009
Blog 2008
Blog 2007
Blog 2006
Blog 2005
Blog 2004
Blog 2003
Blog 2002
Blog 2001

2015

Salt Lake City - Oct 4th, 2015
Bobby tables
M y only exposure to Java is through a few online classes, so I had trouble getting SVG files to display using the AndroidSVG library, namely because I kept trying over and over to use SVGImageView.
Anyway, after putting androidsvg-1.2.1.jar into app/src/libs and putting acid1.svg into app/src/main/res/raw, you can map the SVG to an ImageView as follows:
SVG svg = null;
try { svg = SVG.getFromResource(this, R.raw.acid1); } catch (SVGParseException e) { e.printStackTrace(); }
Drawable acidDrawable = new PictureDrawable(svg.renderToPicture());
ImageView acidImage = (ImageView) findViewById(R.id.acidImageView);
acidImage.setImageDrawable(acidDrawable);

Salt Lake City - Oct 1st, 2015
Bobby tables
I was having some problems with prepared statements recently. While it was easy to insert like so:
$prepared_statement = mysqli_prepare($link, "INSERT INTO users (username, pass) VALUES (?, ?)");
mysqli_stmt_bind_param($prepared_statement, 'ss', $u, $p);
$u = $username;
$p = $pass;
mysqli_stmt_execute($prepared_statement);
mysqli_stmt_close($prepared_statement);
I had trouble coming up with procedural code for getting row information. Anyway, here's the code:
$prepared_statement = mysqli_prepare($link, "SELECT * FROM items WHERE type=?");
mysqli_stmt_bind_param($prepared_statement, 's', $t);
$t = $type;
mysqli_stmt_execute($prepared_statement);

$result = mysqli_stmt_get_result($prepared_statement);
$row = mysqli_fetch_array($result, MYSQLI_ASSOC);

S o, I took a Sec+ class recently. It didn't have any hands-on, but I saw some tools listed and checked out one in particular...   Salt Lake City - July 10th, 2015
540 failed login attempts
Hydra is a really-easy-to-use ssh brute force tool that runs on windows (download HERE) via command line. You'll need to find a password file before using it; search for one on your preferred search engine. In this case, I'm using a 16MB password file that I found called cracklib.txt that contains over 1.4 million passwords. Note: In windows, open with Wordpad, not Notepad (I also opened it with MS Word to get a quick count of how many words it contained and Word froze up for a solid 5 minutes, then froze up again when I went in for the word count).

I ran Hydra for a minute against my CentOS box, then logged into it and got "540 failed login attempts". That many attempts and guess what CentOS does? Nothing. That's right, the default install lets an attacker get in over 750,000 attacks a day (so you're going to need a much bigger password file if you want to try running this for more than 2 days consecutively).

Mind you, in this particular case, I'm doing this on a server that rarely reaches out to the network, so I'd hope that it shouldn't be particularly vulnerable to attacks (in theory, anyway). But for a box that's wide open on the network, particularly one with various users that are not you, I could see where brute force ssh could be a tool, though rather slow. Of course, you need a username, but hypothetically speaking, that sort of thing probably isn't that hard to social engineer out of someone.

So, what can you do to help protect your server? Use PKI keys? Well, yeah, that's probably a good idea, but I'm going to cover another option to help you guard your box without PKIs: sshguard. It's a small C program that pulls log files, analyzes them and appropriately tells the firewall to block IP addresses as needed. In the example below, it will pull syslog files and tell iptables to block IPs as needed. So, first:
sudo yum install python-twisted

yum -y install syslog-ng
chkconfig syslog-ng on
chkconfig rsyslog off

wget http://sourceforge.net/projects/sshguard/files/sshguard/sshguard-1.5/sshguard-1.5.tar.bz2
bunzip2 sshguard-1.5.tar.bz2
tar -xvf sshguard-1.5.tar
cd sshguard-1.5

sudo yum install gcc make
sudo ./configure --with-firewall=iptables
sudo make && sudo make install
Verify with this:
ls -la /usr/local/sbin/sshguard
Which should yield something like this:
-rwxr-xr-x 1 root root 399995 Dec 16 02:28 /usr/local/sbin/sshguard
Next:
nano iptables
Edit to something like this (adding the sshguard line):
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [6585:1425605]
:sshguard - [0:0]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT 
-A INPUT -j sshguard 
And:
service syslog-ng stop
service syslog-ng start

restart iptables
restart syslog-ng
Now try again with Hydra and ssh should be entirely blocked. In fact, you may need to reboot your linux box to clear the blacklist on your IP. If you think about it, yes, someone could spoof YOUR address and lock you out of your box. If you need access all the time and don't have local access to the server in question, it's probably time to rethink using PKI instead.

Salt Lake City - June 9th, 2015
Framemeistered SNES
I decided to do a retro-gaming setup in my basement. I started with buying a Sony 50W700B, because I wanted it to double for watching movies.
After some research, I decided to hold on getting a NES or N64 due to HDMI native versions on the horizon, so I jumped into getting a PS3 and SNES. For the PS3, I picked up a CECHE01 for backwards compatibility. It worked fine for months as I watched movies and played some games, though it eventually fell victim to the YLOD (Yellow Light of Death).
I started with Symphony of the Night--which now stands as one of the best games I've ever played. I then moved on to a number of popular modern games, but wasn't impressed. Fallout 3, Red Dead Redemption, GTA5, and Assassin's Creed all proved to be tedious, so I'm planning on selling those in the future. Battlefield 3 is the only game of the modern bunch that I kinda like. Also, I got a XIM Edge since I can't stand playing FPS with the PS3 controller. Just when I was getting warmed up, the PS3 died (YLOD). I sent it in for a reball and we'll see how that goes.

As for the SNES, I went for a SNES mini and got it modded by a fella on eBay (oghugo). I got a framemeister and initially had problems because I didn't have the right cable. It ships with a JAP21 dongle which you're not supposed to hook up to a SCART cable--which I did. As suggested by the internets, the new XRGB mini (framemeister) won't fry when you do this. Anyway, I'd recommend ordering these two cables:

www.retrogamingcables.co.uk (Lots of complaints in forums, but mine works fine)
retro_console_accessories on eBay (Assuming you have the csync mod: SNES RGB SCART lead SNES CSYNC FULL SHIELD, GROUNDED cable)

Update the framemeister following these instructions: http://junkerhq.net/xrgb/index.php/XRGB-mini_FRAMEMEISTER#Firmware

Salt Lake City - March 28th, 2015
Lifebook T580
I finally got a new laptop. I've been putting off getting something new on account of wanting something without a touchpad, but aside from ultra-mobiles and such, nobody is making anything like the old lifebooks anymore.
I first bought a Lifebook P2120 in 2002. I was attracted to the long battery life, but eventually I found that that didn't really matter. Sometime around 2009 or so, wanting to avoid touchpads, I picked up a Lifebook P1620. I've waited and waited for a good replacement (no touchpad), but recently caved in and got a Lifebook T580. I have a Lenovo with no touchpad, but found that it's not the lack of touchpad, so much as the short space under the spacebar that was really making the difference. The T580 has just under 2 inches of space, so it's just what I needed. I haven't even bothered to disable the touchpad, since it's not sensitive at all.

And I always thought my old laptop just couldn't handle the copy of Wrath of Khan I had. Apparently, it's something wrong with the file, since the T580 has the same exact problems with the Mutara nebula scenes.

 Here's my old table of touchpad-less laptops:
 Lenovo x200          | P8600 2.40  |  3.5 lbs  |  11.6 x 9.2  x 1.4  in
 Lenovo Thinkpad x61  | T8300 2.40  |  3.6 lbs  |  10.5 x 8.35 x 1.41 in
 Fujitsu P1630        | SU9400 1.4  |  2.2 lbs  |  9.1  x 6.6  x 1.5  in
 Fujitsu P1620        | U7600 1.20  |  2.2 lbs  |  9.13 x 6.57 x 1.36 in
 Fujitsu T2010        | U7600 1.20  |  3.5 lbs  |  11.9 x 8.80 x 1.36 in
 Lenovo Thinkpad x60  | T2400 1.83  |  3.2 lbs  |  10.5 x 8.30 x 1.39 in
 Lenovo Thinkpad x60s | L2400 1.66  |  2.7 lbs  |  10.5 x 8.30 x 1.10 in
 Lenovo Thinkpad x41  | PM 758 1.6  |  3.7 lbs  |  10.5 x 9.30 x 1.10 in
 Lenovo Thinkpad x40  | PM 758 1.6  |  2.7 lbs  |  10.5 x 8.30 x 0.90 in
 IBM Thinkpad x31     | PM 705 1.4  |  3.6 lbs  |  10.7 x 8.80 x 1.20 in
 HP Compaq nc2400     | U2500 1.2   |  2.8 lbs  |  11.1 x 8.38 x 0.97 in
 Fujitsu P8240        | U1400 1.2   |  2.2 lbs  |  9.13 x 6.57 x 1.36 in
 Fujitsu P1610        | U1400 1.2   |  2.2 lbs  |  9.13 x 6.57 x 1.4  in
 Fujitsu P1510        | PM 753 1.2  |  2.2 lbs  |  9.10 x 6.60 x 1.35 in
 JVC 741              | PM 855 1.1  |  2.0 lbs  |  8.58 x 6.97 x 1.16 in
 VAIO VGN-X505VP      | PM 713 1.1  |  1.8 lbs  |  10.2 x 8.20 x 0.83 in
 JVC 831              | Pent-M 1.0  |  3.2 lbs  |  9.25 x 6.97 x 1.24 in
 Fujitsu P2120        | TM5800 933  |  3.3 lbs  |  10.6 x 7.01 x 1.58 in
 Toshiba Libretto L5  | TM5800 800  |  2.4 lbs  |  10.5 x 6.60 x 0.81 in


Copyright 2001-2015 Optic Fox. All rights reserved.
Some card names and all images of Magic: the Gathering including tap & mana symbols
and card artwork are copyrighted by Wizards of the Coast, Inc..