tansqrx

This is a very similar post to the topic regarding my blog. I decided to go ahead and post it again because it is a different thread and someone might not read the other. The results are the same.I would like to make an update to my original post. Since I have installed and updated the site, I have gotten no SPAM messages and it looks like a success, at least for now. Apparently the program that the spammers were using against me hit a brick wall with the new additions. This does not rule out future attacks but this looks to be a good start.

It sounds like Akismet is a nice solution but it looks like it is only for WordPress. I would like to make an update to my original post. Since I have installed and updated the site, I have gotten no SPAM messages and it looks like a success, at least for now. Apparently the program that the spammers were using against me hit a brick wall with the new additions. This does not rule out future attacks but this looks to be a good start.

A little bit more has come out of this exploit. SecurityFocus has picked up on it at http://www.securityfocus.com/bid/21607/info/ US-CERT has a better description at http://www.kb.cert.org/vuls/id/901852/

As a follow up to my question I am posting what I have done to help with the SPAM on my phpBB forum. In the course of my investigation I found that most of the SPAM is not to advertise to my members but to get a better search engine ranking. Below is a list of procedures. I’m not sure if any of these will work; I will eventually give an update. Update – I updated my phpBB version from 2.0.19 to 2.0.21. There didn’t seem to be any security related fixes for my current problem but it is always a good idea to stay current. Enabled User Email Confirmation – I should have done this from the very beginning. Under the General Configuration option there is “Enable account activation” which was set to none. By setting this to user, a user will have to verify their email first. Stop Spambot Registration Mod – (https://www.phpbb.com/community/viewtopic.php?t=435694 https://4'>https://4 https://4'>https://4'>https://www.phpbb.com/community/viewtopic.php?t=435694 https://4'>https://4 https://4'>https://4) This is one of the many mods out there that tries to stop SPAM bots. The comments were pretty good for this one. Basically it displays “do not add any profile information” and if you do then you get canned. This compares with some other mods that have a hidden field for the URL and if they enter it then they get canned (no human would see it anyway). There are some comments that the bots are catching on to this so I will have to just wait and see. Installation was fairly straight forward although I do no use the sub_silver skin and had to modify the skin that I use. Admin Userlist Mod – (https://www.phpbb.com/community/viewtopic.php?t=117359 https://9'>https://9 https://9'>https://9'>https://www.phpbb.com/community/viewtopic.php?t=117359 https://9'>https://9 https://9'>https://9) This isn’t strictly a SPAM mod but it is a good administrator add-on. It lists all of the users and lets you quickly ban or delete. I think this should have been added a long time ago. Fairly easy to install and no problems.

CNET is reporting that a new Yahoo! Messenger Exploit has been found. The story (http://news.a.com.com/ https://s'>https://s https://s'>https://s'>http://news.a.com.com/ https://s'>https://s https://s'>https://s) states that all versions prior to November 2, 2006 are affected and by downloading the latest version (8.1) you will be protected. The bug was apparently first reported to Secunia (http://secunia.com/advisories/23401/ '> http://secunia.com/advisories/23401/ ). No details or exploit code has been published. No my question, which ActiveX control does this affect and does anyone of the juicy detail of this one? Additional links can be found at http://forums.xisto.com/no_longer_exists/ https://l'>https://l https://l'>https://l'>http://forums.xisto.com/no_longer_exists/ https://l'>https://l https://l'>https://l and http://forums.xisto.com/no_longer_exists/ https://6'>https://6 https://6'>https://6'>http://forums.xisto.com/no_longer_exists/ https://6'>https://6 https://6'>https://6.

I like the lottery idea, how would one play?

Looks like I got hit again and this time it was hard. This one was directed at my Nucleus CMS blog located at http://forums.xisto.com/no_longer_exists/. My problems are not fixed yet and a related article can be found at http://forums.xisto.com/topic/91679-topic/?findpost=1064359033. It started when I checked my email that I have all my Xisto traffic forwarded to (which is also my main account). I knew it was bad when I had 500+ new messages from comments on my blog. After deleting all of the messages I checked the blog and every single post had around 15 new comments advertising quite nasty things. Fearing that things would only get worse and I would have another 500 messages tomorrow, I decided to disable the blog and investigate later. According to an article at SecurityFocus (http://www.securityfocus.com/news/11420), bot nets are behind a lot of the recent SPAM plaguing the Internet lately. The investigation on my problem seems to support that hypothesis. All of the comments were from different IP address yet held the same advertisement. Some of the comments could have been duplicate IPs but after my twentieth visit to http://www.dnsstuff.com/ to do a reverse IP lookup, I just gave up. From the recent SPAM on my forums to this recent happening, it is clear that I am on “the list” and I better batten down the hatches if I am to stay on the Internet for more than a week. Here is a list of things that I hope will work. Implimented Update software - I am running Nucleus CMS from http://nucleuscms.org/. The old version was 3.22 and I updated it to 3.24. There was no fixes for SPAM particularly but I figured it would be a good idea to keep the install current. The installation was absolutely no hassle. Since only minor changes had been made, all I had to do was copy the updates files over to the servers. No configuration files were included so I didn’t have to worry about my custom skins being affected. NP_Captcha – (http://forums.xisto.com/no_longer_exists/) This adds captchas when registering or posting a comment. Since I think all of the SPAM was from a bot network, this should squash all of the current SPAM issues. I also liked this solution because it was very easy to implement and requires no on going matience. Not Implimented But Considered Most of these solutions and more can be found at http://forums.xisto.com/no_longer_exists/ NP_Blacklist – (http://forums.xisto.com/no_longer_exists/) I didn’t try it but this seems like a more robust solution because you can make your own blacklists. NP_SpamBayes – (http://forums.xisto.com/no_longer_exists/) If you are going to run a blacklist then this looks like the way to go. You can train the filter to what is accepted and what is SPAM. I really didn’t want to go in this direction because I just don’t have the time to train a filter. I can go long periods without even checking the site so I think this would not really help any. NP_Spamtrap – (http://forums.xisto.com/no_longer_exists/) I couldn’t get to the site because the corporate firewall didn’t like it but the description look interesting. NP_GlobalBlacklist – (http://forums.xisto.com/no_longer_exists/) This appears to be a community generated blacklist that is no more. The link is broken but once again a good idea worth mentioning. Unrelated “Fun” Stuff While poking around the plugins page I found a few other things of interest. NP_Poll – (http://forums.xisto.com/no_longer_exists/) This will create a poll on your blog. Not much use but it just looked too cool to pass. The install was easy but implementing the poll in your post is somewhat of a pain because you have to paste a special code for each pool. NP_SystemInfo – (http://forums.xisto.com/no_longer_exists/) This also seemed useful. It shows every version number and system statistic that it can get its hands on.

Do you have any more details about what this does? Just call me a little paranoid but my mommy told me to never download untrusted executable code from the Internet.

I think those are quite reasonable. I may have to buy a couple hundred.

I don’t think contacting the sales department at 5pm on a Friday would really be wise if you were in an “emergency.” I was thinking more along the lines of an automated process.

One correction, Visual Studio Express is not open source but it is free. For those who do not know, Visual Studio Express is a collection of tools from Microsoft that closely matches the full Visual Studio 2005. The mail Visual Studio page can be found at https://www.visualstudio.com/vs/visual-studio-express/. Microsoft started this program to foster the amateur programmers in the community. My opinion is that I completely love the whole package. I mainly use VB.NET Express at home and I have few complaints for a free program. I have done some fairly complicated programs and they all have been developed in Express. I also use the full Enterprise version at work so I do have something to compare them to. From what I can tell, Express has about 95% of the functionality of the full version. Like I said, not too bad for a free product. The biggest setback for me is there is no multithreaded debugging in the Express edition. Besides that and a few other things I see absolutely no reason everyone shouldnât have a copy. If it were up to me, Express would be deployed with every version of Windows.

Its been awhile since I fooled with c header files but I will give it a shot. Assuming your programming department does not use a special internal random.h file, the most common appears to be this one: http://forums.xisto.com/no_longer_exists/

I was traveling on the road today when I had one of those ohh crap moments. Last night I had every intention of posting on Xisto because I was down to something like .7 credits and I knew I was going to get my hosting suspended if I didn’t post (not like it hasn’t happened in the past). Like I said, I had every intention but I forgot and I remembered today when I was well over 5 hours away from home and gone for the weekend. While I was thinking in the car I also had the idea of paying for emergency credits. In situations like mine it would be wonderful to be able to pay for credits. Perhaps add a PayPal link for such things and $10 for 5 days credit. This would prevent the casual users from just paying all the time and not posting because it would just be easier to get a paid host for less.In the end all worked out, I still had .2 credits when I got to a computer (better type fast) but that was surprise because I thought I surely already got cut off. I know this would be some work on the administrator’s part but I thought this may be an interesting solution to my time spent in the car wondering “ohh crap, how long until I can get to a computer?”

Any word on this yet? I have found a stop gap solution but it is not perfect by any means.My solution so far includes using phpFormGenerator from the Fantastico Cpanel addon. My biggest gripe is that the attachments are saved in a very weird way and I can not customize the subject.

Houdini,I all fairness of discussion, Can I ask you to elaborate on your opinion? What makes you think this way? I know there has to be some reason you are so anti-drug. Have you or a family member had personal experiences with drugs that make you feel this way.In taking this to the extreme should we also outlaw such drug as Aleve and Tylenol? I have heard that an overdose of either one is quite nasty and we should keep anyone from such a fate.

Forward: I received a request from a friend that is in a Drugs and Crime class. I spent about two hours on the response and I didn’t want all the typing to go to waste so I decided to throw it in here. Too bad there is no post count here; this would set me for a month.Question: What are your opinions on the legalization of drugs and why do you feelthat way?I hope you were expecting a counter argument to the traditional arena of thinking regarding drugs because that is what I am offering. I am currently at work so my research into some of the facts presented may not be completely accurate due to the fact that I am sitting behind the firewall and they don’t take kindly to searches relating to illegal drugs.“Man must cease attributing his problems to his environment, and learn again to exercise his will - his personal responsibility.” -Albert EinsteinA person’s views on life are shaped by many things. Some are for abortion while others are staunchly against it and will carry out extraordinary measures to show their conviction, such as planting a bomb in an abortion clinic. Views are varied and have many roots. Some come from personal experience, some from religion, and others from family values passed down over the generations. Without varying points of view the world would be a very boring place indeed.In most things I have a strong Libertarian point of view. My point of view is also strongly shaped by my religious beliefs which are Christian. The above quote encapsulates one of my core principals. A person must take personal responsibility for what they do. One should be able to do anything they want as long as it does not directly affect the welfare of others and the individual takes responsibility for their actions.Taking these beliefs into reality, all drugs except a few exceptions should be completely legalized. If a person wants to go down to his local street corner and buy a pound of crack cocaine, go straight home to inject all of it, and then die that is his choice and no one should stop him. The above person has invoked personal responsibility and reaped the benefits of their actions. This responsibility swings both ways though. The same person could have also walked by the same dealer and not bought the cocaine and too reaped the benefits of their actions.The next argument has its roots in personal responsibility and is more of an axiom and not a base theory. It also doesn’t have a good name other than “Society trying to make people not stupid.” A problem that I see America facing is the growing dependency of society to make good decisions for people. It is the belief of some that if something is “bad” then it should be banned, outlawed, and dumped into the sea never to be seen again. But who is to say that something is “bad?” Something that is bad may be considered good by others even though that group may be small. This is related to the drug issue in that the government is trying to regulate behavior or trying to make people not stupid. This particular issue makes me quite mad. I feel like the government is saying to me “hey you are not smart enough to make the right decisions so let us do it for you.” As the core of my personality I need to challenge authority and make decisions for myself. How do I know that this is the right choice if I have not tried it for myself and why should I let someone else make that choice for me?That is the basis of my theoretical beliefs; I have a few real life examples that have also added to my belief that almost all drugs should be legalized. I have a chronic medical condition that can give me quite a bit of pain on occasions. I have found that the only thing that works for me are opiates (codeine family). It has always been the case but it has gotten much worse in the past few years. If you go or call the doctor and say you need to get some pain relief, you get the run around and are eventually told that you will just have to suffer because they can not prescribe controlled substances. This almost makes me as mad as the above example of being told what to do (not quite as much but still very mad all the same). I am curled up in a ball crying and the doctor can not subscribe a medicine because he has a set quota mandated by the FDA on how much of a certain medicine he can subscribe.Second example, Ambien. Because of the fore mentioned chronic illness, I have a problem sleeping. Ambien has been the best thing for me since sliced bread. I have even gone to a sleep specialist and he said that Ambien is the best treatment option for me. Here is the problem. I started taking Ambien right before it became a scheduled drug. I had no problems at all getting my prescriptions refilled and the world was good. Apparently about the time Ambien started their national advertising campaign, it was found out that Ambien could be used as a “date rape drug.” This of course sent the government into overtime and Ambien soon became all but outlawed. Suddenly I could not order Ambien through the mail (at a great discount) because every time I put in an order I was on the phone with the mail order company and my doctor trying to get all the paperwork straight. After many hours each time I had a refill, I eventually gave up and had it filled at local pharmacy. Since then I have had tons of problem because the government feel that this drug is a public health hazard and should only be given out under armed guards.I hope that I have not overwhelmed you with my response but this is an issue that strikes a fire within me. I feel that Codeine should be sold over the counter at Wal-Greens and you should be able to pick up a pack of mary jane cigarettes on your way out the door. It all goes back to personal responsibility. If you want to participate in using currently illegal drug then it should be up to you. Smoke em if you got em!

A few comments on this one. I have been running XP since it came out and I have rarely seen a BSoD. Usually the computer just reboots without seeing anything. Aka_Bar mentioned the following: I donât think you can turn it off. It is something built into the NT Kernel. I also agree with xboxrulz that the error message should be more readable and be on the screen longer. At any rate you can still retrieve the last message by reading the memory dump which is usually located at %systemroot%\Minidump. Of course you may not have this turned on because you can change it under system properties>advanced>startup and recovery. I have tried to diagnose many of these messages before and have almost never been able to use one. Turns out that 99% of the messages are generic and could mean that anything could be wrong. Like in medicine, thousands of different afflictions all have the same three symptoms. Wikipedia as usually has an excellent article on the subject at https://en.wikipedia.org/wiki/Blue_screen_of_death.

Iâm thinking that this is more of a Xisto host question than a VB.NET question. An application that I am working on needs to send notification once an update is performed. I figured the best way to do this was to send an email message to a specific Xisto email account. I have already setup the account and it works fine but Iâm having problems using Xisto as the relay. Below is a snippet of the code that I am using. Public Function sendMail() As Boolean Try â_strFrom= âx@ycoderscookbook.comâ â_strTo= ây@ycoderscookbook.comâ Dim mail As New MailMessage(_strFrom, _strTo) mail.Subject = _strSubject mail.Body = _strBody Dim SmtpMail As New SmtpClient SmtpMail.Host = "ycoderscookbook.com" SmtpMail.Send(mail) Catch ex As Exception MessageBox.Show(ex.ToString) End Try I get an exception thrown (Unable to read data from the transport connection: net_io_connectionclosed). When sniffing the packets, the request is made but no reply is ever received. Iâm guessing that Xisto has done something to block this behavior (prevent SPAM) and thatâs why no communication is happening. Any ideas on the mail issue or perhaps a better way to send program notifications?

I always edit all my posts in Word before I send them out to the general public. I’m not exactly the best speller in the world and it is a must not to make me sound like a third grader. In this instance my existing code was from the old way that I was reading the XML file in. I was in a hurry so I just corrected the line of code in Word before posting.I think I have found a solution to my problem. It’s not exactly what I had in mind but it works. A few more hours of debugging and I will post it.

A stable schema is a problem for me, that is part of the allure of reading dynamically. I tool a look at the Wiki site and I found a few good ideas. I think I will have to end up reading the type and running it through a case statement and convert it as needed.BTW, sorry for the typo in the one line of code, I guess that’s what I get for editing in Word.

I have hit a problem that requires a much greater VB.NET guru than I could ever imagine being. This is a code fragment from a configuration engine that I am building. My program runs off a XML configuration file. This part of code comes from a DLL that will initialize, read, and write to the XML configuration file. I have found that my configuration values may change (add or remove values). As such I have tried to make a more flexible solution than statically reading and writing the values. The values are held in memory in nested user defined structures (I hope you can make that out). Structure configValues Public cfgUser As configGroup Public cfgStartup As configGroup Public cfgUpdate As configGroup Public cfgMainForm As configGroup End Structure Structure configUser Public cvProfileName As configValue Public cvGGDN As configValue Public cvBotsListSelect As configValue Public cvBotsList As configValue End Structure Structure configGroup Public iCount As Integer Public aKeys() As configValue Sub addKey(ByVal key As configValue) ReDim Preserve Me.aKeys(iCount) Me.aKeys(iCount) = key Me.iCount += 1 End SubSub addkey(ByVal strName As String, ByVal objValue As Object, ByVal tType As Object, ByVal objDefault As Object) Dim key As New configValue key.strName = strName key.objValue = objValue key.tType = tType key.objDefault = objDefault Me.addKey(key) End Sub End Structure A simple sample of the XML File. <Config> <User> <Name>JoeBob</ Name > < Exists>True</ Exists > </User></Config> A function similar to what I will be using to read the XML. strName = CType(configXMLDocument.GetElementsByTagName("Exists",Boolean) Enough with the background, here is my problem. When reading the file I need to know what the type of objValue is, or in this case that Exists is a Boolean. This way I can put everything into a loop and just step through all the values without having to specify the type for each one. I guess I am wondering if there is a way to use a variable in the place of the type object (Boolean). Below is what I think should work but of course the complier completely blows up. If you need more details or a better explainiation let me know. Dim t As System.Type = configValues.cfgUser.aKeys(1).objValue.GetType() Dim b As Boolean = CType(configValues.cfgUser.aKeys(1).objValue, t)

I know there are a lot of add-ons for phpBB. Any recommendations?

I found Xisto through one of those mega free web hosting sites. One of my requirements was no banner ads and that pretty much limited me to post for credit systems. To make this work I had to find a forum that I actually wanted to talk on. I wouldn’t consider myself a recluse or antisocial but I only talk (or type) when it is of interest to me. I suppose with many personalities of my type, talking about nothing or small talk just wastes air. Xisto was one of the only sites that is technology driven. Not only could I talk about something that interested me, there were others here that could answer questions that 99% of the general population could not. I have had many chances to switch to a paid host (and sometimes I have almost done it due to the aforementioned resistance to talking) but I have found a great use for Xisto. I have had many programming questions answered here and I have found it to be a great traffic generator for my site. While reviewing the logs on my site I have found that most of the traffic comes from the Xisto forums and in turn most of that traffic comes from Google.Now I guess on to my site. I have two primary uses for my Xisto site. The first is to host http://www.ycoderscookbook.com/ or also The Yahoo! Coder’s Cookbook. I got involved with Yahoo! Messenger several years ago. I am also a hobbyist computer vulnerability researcher so these two worlds quickly collided. When I started my research on Messenger I found so many sites dedicated to booters that my head almost popped off. Quite simply there was A LOT of junk and no substance. What I wanted was protocol information and some of the more useful information that a computer programmer would need. I found none. I ended up reverse engineering all of the Messenger protocols from scratch and writing my own Messenger clone (a bit rough but still useful). Also during this time I created a research paper for a class that I was taking that asked the question “how does a Yahoo! Messenger boot packet work and does it cause a buffer overflow that can be used to send malicious code to the victim?” I found that most boot code of the time actually did not cause a typical buffer overflow and there was little chance of injecting code. In the end I had a lot of information and I know nothing like this existing on the Internet so I felt a civic duty to share my knowledge with others.The second use for my site is software development testing. I have several programs that communicate over the Internet and I can use my Xisto account to deposit log data and the such.Hope this wasn’t too long and involved. I hope Xisto keeps up the good work. I would hate to have to find something similar all over again.

I figured something was going on. This is not a complaint but a funny story.I have a program that runs updates from my Xisto account. Basically it reads a directory and if the files there are newer than on the client, the files are downloaded and installed. Last night I kept getting one file that was always downloading and I couldn’t figure out why. After spending 3 hours in my debugger I finally went to that directory and found something strange. The file modified date was November 18, 2006. It is now November 9. I guess I warped to the future and updated the file, lol. As I said this is not a complaint but more of a story of weird things that can happen when debugging.

I will have to direct this problem to someone else. As far as I know you are out of luck unless you designated a recovery authority or created a repair disk.