Ted Leung on the air
Ted Leung on the air: Open Source, Java, Python, and ...
Ted Leung on the air: Open Source, Java, Python, and ...
Sat, 21 Feb 2004
iChat videoconferencing tip
I've been having trouble with iSight video conferences. I was starting or receiving video chats where the video started up just fine, but there was no sound. It turns out there is a bug in iChat AV. Fortunately, there is a
workaround. Unfortunately, this bug is still in iChat AV and the iChat AV 2.1 beta...
Other new tips:
[22:51] |
[computers/operating_systems/macosx/tips] |
# |
TB |
F |
G |
0 Comments |
- Logorrhea iChat keeps its logs in a binary format, which makes it impossible to search the logs using the UNIX command line. Logorrhea provides a GUI program that allows you to browse and search your iChat logs. It'd be great if it just converted them to text.
- Gibson Research's ShieldsUP! A web based port scanner that you can use to test how well your firewall is setup. You have to scroll down the page and click the link (it gets generated according to your IP address)
pyblosxom comment spam fix
If you are using the pyblosxom comments plugin, you should update to the latest version from CVS (or you can download it from my home page. There's a new comment spam program running around that tries to exploit weaknesses in comment systems and use it to send e-mail on its behalf.
In the case of pyblosxom, the attack works if you have SMTP notification of comments turned on. If you have comment notification turned on, the attacking program injects the commands for a complete SMTP transaction into the fields for the comment form. The way that Python's smtplib works is to jam text into the SMTP connection. So if the body of the comment happens to look like this:
[22:38] |
[computers/internet/weblogs/pyblosxom] |
# |
TB |
F |
G |
0 Comments |
blasterattacko@aol.com To: blasterattacko@aol.com From: blasterattacko@aol.com Subject: PyC(5D9A983C,url)dlq9F UeFb8RE4XhzEn6 9dwVwadJWbqLXc2EjtIcmkc9Q7f1aeAnNqR .the entire thing gets sent to the SMTP connection as the body of the e-mail. The updated plugin wraps To: From: and Subject: in the comment body in html tags, so a comment that has that data in it will still display, but will be illegal as SMTP commands.
pyblosxom metaweblog, round 2
There's been a nice bit of activity in pyblosxom lately. We're cleaning up a bunch of stuff and getting ready to do a 0.9 release.
I've updated the metaweblog plugin to accomodate all the new changes in 0.9, and I've put a new copy up on my home page.
[22:15] |
[computers/internet/weblogs/pyblosxom] |
# |
TB |
F |
G |
0 Comments |
![[Valid RSS]](http://www.sauria.com/blog/images/valid-rss.png "Validate my RSS feed"){kind=small}
