| WIKI | FAQ | Tech FAQ | |
 http://csua.com/feed/ | |
| ||||||
| 1998/9/24-25 [Computer/SW/Languages/C_Cplusplus, Recreation/Dating] UID:14662 Activity:nil |
9/23 How do I get a C program to read the default output of date?
\_ char buffer[40];
time_t now = time(NULL);
strftime(buffer, 40, "%+", localtime(&now));
printf("At the sound of the tone, the time will be: %s\n", buffer);
You could also actually call /bin/date using popen(3), but that
would be harder.
\-i dont think that is what the question is asking.
sounds to me he/she is trying to *parse* date output.
i suppose youcan use mktime() ... what are you trying to
do with the "default output" ... ? --psb |
| 1998/9/24 [Uncategorized] UID:14663 Activity:nil |
9/24 Items wanted
1. Borland C++ 4.5x (or BC++ 5.0 containing a CD for version 4.5x)
It's okay even if some manuals are missing.
2. Novell 16-bit ODI Development Kit (not sure of exact naming).
Please email me if you have some available. Thanks. --- yuen |
| 1998/9/24-26 [Uncategorized] UID:14664 Activity:kinda low |
9/24 What does the T1 in "T1 connection" stand for?
\_ its useless telco jargon, which doesn't really mean anything
significant any more.
\_ T1 was used to describe a specfic type of carrier equipment way back
when. Now is just describes a general carrier system..
\-that's right. DS-1, OC-x ... these all stand for something
but t1 doenst really. it might have meant "telephone co", but
ds-1 is a more precise term. there is also E1 and E3 which are
similar but for europe. --psb
\_ What's the speed of T1 and T3 connections then? What other Tx
connections are there?
\_ those are the only T's people use. See DS-x & OC-x for
faster connections.
\_ T-1 = 1.5 Mbps (slower than 10Mb ethernet)
T-3 = 45 Mbps |
| 1998/9/24-26 [Computer/SW/Security] UID:14665 Activity:high |
9/24 How do I find out what machines are in a certain domain, e.g.
http://laney.edu? Thanks.
\_ ping -f http://laney.edu
\_ a little command many people forget about: host -l http://laney.edu
\_ echo "What machines are in your domain?" | mail postmaster@laney.edu
\-You have to be so tall ... /tmp/laney.edu --psb
You could try to use nslookup's ls command to list everything in the
domain, but most nameservers (including http://laney.edu's) won't let you.
\-"You have to be this tall ... " ... /tmp/laney.edu --psb
\_ you could get a map of what network addresses they use, and then
try to get reverse dns mappings for everything in those addresses.
This is why disabling zone transfers on a nameserver (i.e. ls)
is pretty stupid unless you kill reverse dns too. -ERic
\_ Disabling zone transfers stops the script kiddies for now
(until someone takes pity on them and writes them a script
to do things the hard way)
\_ so until then you end up making it harder on everyone
else.
\_ stupidity in the name of security is rampant.
See soda's relaying policy. -tom
\_ most everyone else doesn't need to do a zone xfer
or can ask nicely for one
\_ Disallowing them is a security through obscurity
policy, and impedes curiosity. It's like turning
off finger on Unix. Besides, crackers can still
scan easily, even without using DNS.
\_ or it's like using shadowed passwords
\_ WTF are you smoking!? Non shadow-passwd
files are a huge security hole. Give
any user on your system instant access
to all the poor sops' accounts and files
who can't pick a decent password.
\_ unshadowed passwrds aren't the
cause of the security hole, stupid
users are
\_ shadowed passwords provide little real
security; it's not difficult to get the
shadow file without root. -tom
\_ Um, by that logic, it's not hard to get
root, so why bother having any security
at all --dbushong
\_ Tom, you were the one who suggested
using shadowed passwds and have, until
now, continued to do so on the basis that
it was "more secure" for at least 4 years
now, see CSUA/OCF/XCF Help Session handout
by Tom Holub
\_ I haven't updated that in quite
some time; I haven't taught the
security help session in something
like 3 years. At the time, I
wasn't aware that programs such as
ftpd can leave large swaths of the
shadow file in core dumps. -tom
\_ That's not the logic. The logic is that
shadowed passwords provide a false sense
of security. The security problem with
non-shadowed passwords is having bad
passwords; having shadowed passwords does
little or nothing to alleviate the only
problem it could theoretically solve. -tom
\-i think turning off zone xfers is
basically free to do. of course you
shouldnt rely on it and what is really
the important thing to do is to be able
to see who is asking forone and what
they do right after that. a zone xfer
a pretty good indicator of certain
types of scans/signatures of certain
tools. --psb
\_ Or just curious network users.
E.g. zone transfer of various
things under http://mit.edu is fun.
\_ Please define "zone transfer" -- clueless
\_ Simple answer: it's what you get when you run
host -l or nslookup ls. Long answer: Read the
BIND book from O'Reilley |
| 1998/9/24 [Uncategorized] UID:14666 Activity:kinda low |
9/24 Wanted: Borland C++ 4.x (or BC++ 5.0x containing a CD for version
4.5x). It's okay even if some manuals are missing. Please email
me if you have one available. Thanks. --- yuen
\_ how much are you willing to pay? |