14 Oct 2011 dangermaus   » (Journeyer)

Win a trip in space!

I once saw a documentary about Burt Rutan's Spaceship One. I was impressed by the engineering skills of Rutan's team and by their audacity: how they tried different rockets for their spaceship (the first one blew up), the ingenious method developed for reentry in atmosphere... How during the flight to win the SpaceX price the main 3D instrument gave up and the pilot simply lead the spaceship in direction where it was more dark :-)

If you are lucky, there is now the possibility to win a suborbital flight with Space Adventures, a company which offers space trips based on the technology developed by Rutan.

If you are a database administrator living in UK, US, Canada or Germany, try Redgate contest DBA in space. You might win a trip to space! I am doing it although I am Swiss and can't win anything just for fun :-)

I noticed the contest, because Redgate is developing database control version tools similar to deltasql.

Monitor a tor node in Wikileaks style

One of the good sources feeding Wikileaks is the tor network. What happens is that lot of intelligence agencies pull sensitive stolen documents via tor, so that they can hide their tracks while stealing documents. Wikileaks volunteers might run tor exit nodes and monitor for unencrypted traffic going through it.

For example, in Gentoo (unfortunately, this time I did not write down all steps, so it is only a sketch):

emerge -av tcpdump # to monitor traffic
emerge -av openntpd # to synchronize the clock with ntpd
emerge -av tor # tor itself
torgencert # generates a certificate for your tor node
ntptime # to adjust your clock

Configure /etc/tor/torrc so that it is sound, plus add the following lines so that the tor node becomes an exit node.
The following lines make your tor node an useful node which will cause you little trouble as all exiting traffic is encrypted a part of irc.

ExitPolicy accept *:22 # ssh
ExitPolicy accept *:465 # smtps (SMTP over SSL)
ExitPolicy accept *:993 # imaps (IMAP over SSL)
ExitPolicy accept *:994 # ircs (IRC over SSL)
ExitPolicy accept *:995 # pop3s (POP3 over SSL)

ExitPolicy accept *:6660-6697 # allow irc ports, very widely
ExitPolicy reject *:* # no other exits allowed

The next two policies make your tor node useful to monitor it for stolen documents. It is best however, not to run it for too long time as you might get complaints, as unfortunately tor is not only used by charitative NGOs...

ExitPolicy accept *:22 # ssh
ExitPolicy accept *:465 # smtps (SMTP over SSL)

The final policy is

ExitPolicy reject *:* # no other exits allowed

Now try to tear up tor and listen for packets:

/etc/init.d/tor start
tcpdump -A | grep -i "WHATYOUAREINTERESTEDIN" > captured .txt

If tor does not start check /var/log/tor/tor.log for hints.

Besides this topic, I found an interesting article on how the Great Chinese Firewall works. But I think that DNS poisoning is only one of the many techniques used.

Cool hacker challenges

On hacker.org I was able to cut the head of the arithmetic snake. And I am proud on how I solved the "Cons Car" challenge with a Freepascal prototype always at the swapping limit of my old andromeda laptop. As side effect, I finally got insights into the LISP language. I am breaking my head on the late didactic crypto challenges and on "Anybody Out There": I tried to model it with two parameters of an oscillating circuit (L and C) and had a look at the hydrogen line, but it did not work out. (rank 210/solved 170)

Not much progress on Khan Academy (videos 187/2619 - solved 194/211)

Latest blog entries     Older blog entries

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!