digip : sailing the high seas of the internet

For two days now I have been trying to update a clients site. His hosting company(who will remain anonymous for now) has allocated his account 250 megabytes. But when the sites files total 27.3 megabytes, the transfers stop and we get the error “552 Transfer aborted. Disk quota exceeded”. I emailed customer services on Monday and received one of those scripted generic responses. I’m not even sure its a real person responding to the problem. Hell, I’m not even sure there are real people working there at all, as it seems they use some outdated control panel that still relies on Site builder. Who uses Site builder any more? Anyway, I emailed them 2 more times, each time getting the a very similar response, but from a different person. “We escalated it to the second level engineer…blah blahblah… please be patient and we will get back to you… blah blahblah”.

I have dealt with people like that before at my last host company, iPower. I mentioned them because they are one of if not the worst hosting companies I have ever dealt with. My clients host company is quickly coming in second in that category, ready to knock out GoDaddy as the number two worst host I have dealt with so far. GoDaddy isn’t as bad for down time or anything(although when they are down, they take their sweet old time fixing things), but their customer service is horrid and their knowledge of what goes on behind the scenes to make a web site is just a joke. Their default response is change your password whenever a site gets defaced or pwned. Their security is very lax, and all it takes is a few lines of PHP and you can traverse their intranet for all shared hosts on their vhost services. Yeah. Not good. Have an upload script, better filter out php files. Oh, and if they manage to use a file like somfile.php.jpg when uploading it to a GoDaddy domain, 9 times out of 10, it will still execute the jpg as PHP code, giving them full access to the site, with the potential to break out of the vhost and onto the intranet. I’ve seen it happen to a client and witnessed it first hand. Their fix, “change your password, as someone must have guessed it to deface your site”.

Hosting companies come and go, and mostly because they use automated scripts while working as “re-sellers” and not as top-domain hosting companies. They often are sublets of the parent company, where any Joe Shmoe can come in and sell you a website, only to find out there is no customer service, their is no tech support, and billing is usually some subcontracted phone support in a third world country where thy resell your info to the highest bidder. Yeah, never got spam before you opened that domain of yours, how do you think they got your email address.

Luckily for me, I moved to Dreamhost. I have to say, even when they have their downtimes, its nothing like the horror stories I have seen with other hosting companies. Dreamhost is also the most secure I have seen so far. I’m not saying you can’t hack a Dreamhost site, but most likely its due to human error by the web designer or programmer working on the site, and not so much a problem with the Dreamhost servers themselves.

Any horror stories of your own? Comment on this post and let me know, “What hosts you like the most, what ones should people stay away from?”

One thing I really like about Opera is its ability to block content. But Ads can be a tricky thing to block some times. Advertisers make their money by finding ways to get around ad blocking software, and often use tricks such as javascript obfuscation.

One place I hate seeing ads is within a video. Often these ads will have a little [X] button to close them during the video, but they keep sliding up over the video every so many seconds. Some of them even redirect you to other pages when you try to click the [X]. This is because they use static images that don’t actually close, but use dirty tricks to get you to click them, which gives them all kinds of info on you, your browser, your pc, etc. Demographic stuff really. They get this wether you click the ad or not, but its another way to fill in their stats and follow your usage.

Now, swf videos have come a long way. One such video site that has grown over the years is Justin.TV. They are notorious for the whole sliding ad/redirect to their site tactic. I watch a live cam on this one site, and every time you try to close the ad, it launches the cams main profile on Justin.TV. Well, not any more!

What I did was use Wireshark to capture the video and then start clicking the close buttons to generate new traffic to the Justin.TV site. It becomes pretty clear where the ads are coming from once you look through the packets in wireshark. So, now that I know what site generate the ads, I can use this to block them in Opera.

Open your Opera browser, and go to Tools>Preferences>Advanced>Content>Blocked Content. Click the add button and then put in http://*.adsfac.us/* and then add another one for http://*.adotube.com/*

You will now have blocked the main ads from JustinTV videos, leaving you the full viewable area of the video untouched. Now, if another ad shows up, use the same method of Wireshark and going through the packets to find the advertisers. Block them as well and you are all set to watch, ad free and uninterrupted.

I’m not sure how many different ad sites are used on JustinTV, but so far, those two seem to do the trick in blocking them for me. Have any other useful ways to block ads? Oh, by the way, you can also ad these sites to your HOSTS file and block their sites all together, but you would need to know each site sub-domain prefix. EX: instead of *.adotube.com you need the fully qualified name of chibis20.adotube.com, but it chibis20 changes, you need to add each one, every time it changes. Doing it in Opera saves time of having to find each one and adding them to the HOSTS file.

I don’t know if any of this is tru, but someone just sent me an email about something posted on Craigslist. Here it what the person posted on Craigslist.

This was pretty funny!

Posted to Craig’s List Personals:
To the Guy Who Tried to Mug Me in Downtown Savannah night before last.
Date: 2009-03-23, 3:43 A M EST

I was the guy with the black Burberry jacket that you demanded I hand
over, shortly after you pulled the knife on me and my girlfriend. You also
asked for my girlfriend’s purse and earrings. I hope you somehow come across
this message. I’d like to apologize.

I didn’t expect you to crap in your pants when I drew my pistol after
you took my jacket. Truth is, I was wearing the jacket for a reason that
evening, and it wasn’t that cold outside. You see, my girlfriend had just
bought me that Kimber Model 1911 .45 A CP pistol for Christmas, and we had just
picked up a shoulder holster for it that evening. Beautiful pistol, eh?

It’s a very intimidating weapon when pointed at your head, isn’t i t? I
know it probably wasn’t a great deal of fun walking back to wherever you’d
come from with that brown sludge flopping about in your pants. I’m sure it
was even worse since you
also ended up leaving your shoes, cell phone, and wallet with me. I
couldn’t have you calling up any of your buddies to come help you try to mug us
again.

I took the liberty of calling your mother, or “Momma” as you had her
listed in your cell, and explaining to her your situation. I also bought myself
and four other people in the gas station this morning a tank full of gas on
your credit card. The guy with the big motor home took 150 gallons and was
extremely grateful!

I gave your shoes to one of the homeless guys over by Vinnie Van Go Go’s,
along with all of the cash in your wallet. I threw the wallet in a fancy
pink “pimp mobile” parked at the curb after I broke the windshield and side
window out and keyed the drivers side. I called a bunch of phone sex
numbers from your cell phone. They’ll be on your bill in case you’d like to know
which ones. Ma Bell just shut down the line, and I’ve only had the phone
for a little over a day now, so I don’t know what’s going on with that. I
hope they haven’t permanently cut off your service..

I could only get in two threatening phone calls to the D A ’s office and
one to the FBI with it. The FBI guy was really pissed and we had a long
chat (I guess while he traced the number).

I’d also like to apologize for not killing you and instead making you walk
back home humiliated. I’m hoping that you’ll reconsider your choice of
path in life. Next time you might not be so lucky..

- Alex

P.S. Remember this motto…… an armed society is a polite society!

To some extent I hope this is true. It would be a nice twist on getting mugged, although, the guy posting it did pretty much what could have happened to him. It still doesn’t make it right. If he really did take the guys stuff and let him go, he should have just turned him in to the police.

This part is a joke:

This part isn’t:
The oldest living record for a goldfish was 43 years old. The oldest known living Koi, 226 years, from 1751 to 1977.

The average goldfish bought from a pet shop only lives for about 24 hours after you buy them. No, its not the fishes fault, you just killed the little guy because you know nothing about how to take care of them. You will just have to live with the fact that you are a goldfish murderer. Get over it.

My two goldfish have been alive and swimming for over two years now. I’d say we got our moneys worth after that first 24 hours. Anyone willing to clean my tank?

I was having some trouble figureing out how to tty into a router via pc and the serial com ports on the back. I have a rollover rj-45 to serial female adapter only hav eone pc that has the proper ports on it to connect to the router. It just so happens that this pc only has uBUntu installed on it. Had it been windows, I could have just opened Hyper-terminal and been ready to go, but linux is not so easy. Not unless you know what to do. With a little google-fu, I was able to find some info on how to get it working. So here is a “How to connect to a cisco serial port via local pc com port in linux” tutorial.

From a terminal, type:
dmesg | grep ttyS

This shows you the com ports and serial interfaces id’s such as ttyS0, ttyS1, etc.

(using minicom for speaking to serial interface: sudo apt-get install minicom)

To start minicom, just type it at the console.
#minicom (You might have to sudo in order to make/save changes and such if on ubuntu).

Hit CTRL-A to list the help menu, then Z for main menu of configuration commands.

Option P for comm parameters. Select 9600 baud , hit enter.

To configure the default serial com port, select option O, scroll down to serial port, hit enter, then A to change serial interface. Change this to your /dev/ttyS0 or whatever your cable is on. Trial and error if
you do not know the exact com port. Save your config to defaults, you can even save it to a file name for later use.

Q to exit, then type minicom again and it should put you at the router console prompt.

“When we’re on a mission, I keep count of how many spammers my father kills. He says not to keep count, only to pray for their bytes. But if I don’t keep count, I don’t know how many bytes to pray for. So I keep count. So far, it’s three hundred and forty-two-thousand bits.”

It seems that maybe things are starting to make a small turn for the better. It’s not something to get too excited over because there are still large numbers to overcome, but the hope that this trend continues is something I welcome and hope to see continue.