Jump to content
The Education Forum

Recommended Posts

Posted

Wiki :

"BOTS , also known as web robots, WWW robots or simply bots, are software applications that run automated tasks over the Internet. Typically, bots perform tasks that are both simple and structurally repetitive, at a much higher rate than would be possible for a human alone. The largest use of bots is in web spidering, in which an automated script fetches, analyses and files information from web servers at many times the speed of a human. Each server can have a file called robots.txt, containing rules for the spidering of that server that the bot is supposed to obey.

In addition to their uses outlined above, bots may also be implemented where a response speed faster than that of humans is required (e.g., gaming bots and auction-site robots) or less commonly in situations where the emulation of human activity is required, for example chat bots.

These chatterbots may allow people to ask questions in plain English and then formulate a proper response. These bots can often handle many tasks, including reporting weather, zip-code information, sports scores, converting currency or other units, etc. Others are used for entertainment, such as SmarterChild on AOL Instant Messenger and MSN Messenger and Jabberwacky on Yahoo! Messenger.

An additional role of IRC bots may be to lurk in the background of a conversation channel, commenting on certain phrases uttered by the participants (based on pattern matching). This is sometimes used as a help service for new users, or for censorship of profanity.

AOL Instant Messenger has now introduced a feature that allows you to make a screen name into a bot. This new feature removes the rate limit on the screen name, however it is now limited in the amount of instant messages that can be sent and received."

"Another, more malicious use of bots is the coordination and operation of an automated attack on networked computers, such as a denial-of-service attack by a botnet. Internet bots can also be used to commit click fraud and more recently have seen usage around MMORPG games as computer game bots. A spambot is an internet bot that attempts to spam large amounts of content on the Internet, usually adding advertising links.

There are malicious bots (and botnets) of the following types:

Spambots that harvest email addresses from contact forms or guestbook pages

Downloader programs that suck bandwidth by downloading entire web sites

Web site scrapers that grab the content of web sites and re-use it without permission on automatically generated doorway pages

Viruses and worms

DDoS attacks

Botnets / zombie computers; etc.

Bots are also used to buy up good seats for concerts, particularly by ticket brokers who resell the tickets. Bots are employed against entertainment event-ticketing sites, like TicketMaster.com. The bots are used by ticket brokers to unfairly obtain the best seats for themselves while depriving the general public from also having a chance to obtain the good seats. The bot runs through the purchase process and obtains better seats by pulling as many seats back as it can.

Bots are often used in Massively Multiplayer Online Roleplaying Games to farm for resources that would otherwise take significant time or effort to obtain; this is a concern for most online in-game economies.

The most widely used anti-bot technique is the use of CAPTCHA, which is a form of Turing test used to distinguish between a human user and a less-sophisticated AI-powered bot, by the use of graphically encoded human-readable text."

Cn anyone add to this?

Posted

Is there a dada-engine bot that can beat any site-bot?

(One of the earlier Cowboys and Yankees (?) topics had kind of dada-engine-esque flavour)

Posted

IF ? ...one was to wake one morning (or evening (funny icon)) and find that there is no internet. A phonecall to the ISP help desk recording informs one that the internet has been disbanded and will not be restored again, sorry, have a nice day.

What would YOU do?

Get a life? Look for ways of having it restored? Let it fade as a memory does as one becomes one of the last of the generation that remembers it?

http://www.defenselink.mil/speeches/speech...x?speechid=1018

"The Internet-Web paradigm considers that principle a contradiction. What is the purpose in creating a medium giving broad access to a virtually unlimited spectrum of information if we are going to turn around and chop that medium up into a host of restricted compartments? Given the security-oriented nature of the intelligence business, isn't it likely that an ability to compartment Intelink will result ultimately in loss of the primary data dissemination and access benefits we initially realized?"

A new art form? making a film...?

http://www.theatlantic.com/issues/96jul/sa...te/satelite.htm

"...the next phase of mapping the earth. By next year three of the four companies plan to produce images of one-meter resolution--100 times as precise as those of current civilian satellites. The ability to see hazy outlines of large buildings will be replaced with the ability to see the clear shapes of small cars. The ability to observe the same farm or city block every sixteen days will be replaced with the ability to observe the same point every two or three days; three to six images a day of most places in the United States are promised within four years. "

Posted

What is a static IP address/dynamic IP address?

(link missing, apologies to writer)

"A static IP address is a number (in the form of a dotted quad) that is assigned to a computer by an Internet service provider (ISP) to be its permanent address on the Internet. Computers use IP addresses to locate and talk to each other on the Internet, much the same way people use phone numbers to locate and talk to one another on the telephone. When you want to visit whatis.com, your computer asks a domain name system (DNS) server (think telephone information operator) for the correct dotted quad number (think phone number) for whatis.com and your computer uses the answer it receives to connect to the whatis.com server.

It would be simple if every computer that connects to the Internet could have its own static IP number, but when the Internet was first conceived, the architects didn't foresee the need for an unlimited number of IP addresses. Consequently, there are not enough IP numbers to go around. To get around that problem, many Internet service providers limit the number of static IP addresses they allocate, and economize on the remaining number of IP addresses they possess by temporarily assigning an IP address to a requesting Dynamic Host Configuration Protocol (DHCP) computer from a pool of IP addresses. The temporary IP address is called a dynamic IP address.

Requesting DHCP computers receive a dynamic IP address (think temporary phone number) for the duration of that Internet session or for some other specified amount of time. Once the user disconnects from the Internet, their dynamic IP address goes back into the IP address pool so it can be assigned to another user. Even if the user reconnects immediately, odds are they will not be assigned the same IP address from the pool. To keep our telephone telephone analogy going, using a dynamic IP address is similar to using a pay phone. Unless there is a reason to receive a call, the user does not care what number he or she is calling from.

There are times, however, when users who connect to the Internet using dynamic IP wish to allow other computers to locate them. Perhaps they want to use CU-SeeMe or use a VoIP application to make long distance phone calls using their IP connection. In that case, they would need a static IP address. The user has two choices; they can contact their ISP and request a static IP address, or they can use a dynamic DNS service. Either choice will probably involve an additional monthly fee.

Using a dynamic DNS service works as if there was an old-fashioned telephone message service at your computer's disposal. When a user registers with a DNS service and connects to the Internet with a dynamic IP address, the user's computer contacts the DNS service and lets them know what IP address it has been assigned from the pool; the service works with the DNS server to forward the correct address to the requesting DHCP computer. (Think of calling the message service and saying "Hi. I can be reached at 435.44.32.111 right now. Please tell anyone who tries to reach me to call that number.) Using a dynamic DNS service to arrange for computers to find you even though you are using a dynamic IP address is the next-best thing to having a static IP.

IPv6, which has also been called "IPng" (IP Next Generation), lengthens IP addresses from 32 bits to 128 bits and increasesthe number of available IP addressess significantly, making static IP addresses easier and less expensive to obtain and maintain."

...

"Getting started with static IP and dynamic IP addresses

To explore how static IP and dynamic IP addresses are used in the enterprise, here are some additional resources:

IP routing: Static routes: This article explains the pros and cons of static IP routing, how to create static routes and when to use them in your network.

IP routing: Dynamic routes: This article delves into the benefits and complexities of dynamic IP routing and offers examples of dynamic routing protocols including a configuration using RIP ."

_____________

To check out vulnerability, have a look at grc.com (Gibson research) and try 'Shields up'. It'll probe multiple ports and other ways that may make ones computer vulnerable. The articles written by Gibson are very informative for anyone interested in that sort of thing.

  • 2 weeks later...
Posted

"To check out vulnerability, have a look at grc.com (Gibson research) and try 'Shields up'. It'll probe multiple ports and other ways that may make ones computer vulnerable. The articles written by Gibson are very informative for anyone interested in that sort of thing."

--- http://www.grc.com/default.htm - 'shields-up'

"The text below might uniquely identify you on the Internet

Your Internet connection's IP address is uniquely associated with the following "machine name":

XXX-YYY-YYY-YYY-YYY.Z.Z.Z.Z (ed : censored)

The string of text above is known as your Internet connection's "reverse DNS." The end of the string is probably a domain name related to your ISP. This will be common to all customers of this ISP. But the beginning of the string uniquely identifies your Internet connection. The question is: Is the beginning of the string an "account ID" that is uniquely and permanently tied to you, or is it merely related to your current public IP address and thus subject to change?

The concern is that any web site can easily retrieve this unique "machine name" (just as we have) whenever you visit. It may be used to uniquely identify you on the Internet. In that way it's like a "supercookie" over which you have no control. You can not disable, delete, or change it. Due to the rapid erosion of online privacy, and the diminishing respect for the sanctity of the user, we wanted to make you aware of this possibility. Note also that reverse DNS may disclose your geographic location.

If the machine name shown above is only a version of the IP address, then there is less cause for concern because the name will change as, when, and if your Internet IP changes. But if the machine name is a fixed account ID assigned by your ISP, as is often the case, then it will follow you and not change when your IP address does change. It can be used to persistently identify you as long as you use this ISP.

There is no standard governing the format of these machine names, so this is not something we can automatically determine for you. If several of the numbers from your current IP address (YYY.YYY.YYY.YYY (ed) ) appear in the machine name, then it is likely that the name is only related to the IP address and not to you. But you may wish to make a note of the machine name shown above and check back from time to time to see whether the name follows any changes to your IP address, or whether it, instead, follows you.

Just something to keep in mind as you wander the Internet." (- mine's dynamic, but with certain loose locators)

Posted

Experimenting with Numerous connections and lines with regards to developing defences against Cyberwarriors

(wiki)

"O-line

An O-line, shortened from Operator Line, is a line of code in an RC daemon configuration file that determines which users can become an IRC Operator and which permissions they get upon doing so. The name comes from the prefix used for the line in the original ircd, a capital O. The O-line specifies the username, password, operator flags, and hostmask restrictions for a particular operator. A server may have many O-lines depending on the administrative needs of the server and network.[8]

Operator flags are used to describe the permissions an operator is granted. While some IRC Operators may be in charge of network routing, others may be in charge of network abuse, making their need for certain permissions different.[9] Operator flags available vary widely depending on which IRC daemon is in use. Generally, more feature rich IRC daemons tend to have more operator flags, and more traditional IRC daemons have fewer.

An O-line may also be set so that only users of a certain hostmask or IP address can gain IRC Operator status using that O-line. Using hostmasks and IP addresses in the O-line require the IP address to remain the same but provide additional security.

K-Line

A k-line or kill line (also written K:line) is an Internet Relay Chat term, applied to a specific user. When a user is k-lined, it bans the user from a certain server, either for a certain amount of time or permanently. Once the user is banned, they are not allowed back onto that server; they have to join a different server to get onto IRC. This is recorded as a line in the server's IRC daemon configuration file prefixed with the letter "K", hence "K-line".

While the precise reason for the disconnection varies from case to case, usual reasons involve some aspect of the client or the user it is issued against.

User behavior

K-lines can be given due to inappropriate behavior on the part of the user, such as nickname colliding, mode "hacking", multiple channel flooding, harassing other users via private messaging features, spamming etc., or in the case of older networks without timestamping, split riding, which cannot be corrected through use of channel operator privileges alone.

Client software

Some IRC Daemons can be configured to scan for viruses or other vulnerabilities in clients connecting to them, and will react in various ways according to the result. Outdated and insecure client software might be blocked to protect other network users from vulnerabilities, for instance. Some networks, e.g. freenode, will disconnect clients operating on/via open proxies, or running an insecure web server.

Geographic location

An IRC network operating multiple servers in different locales will attempt to reduce the distance between a client and a server. This is often achieved by disconnecting (and/or banning) clients from distant locales in favour of local ones.

Other "lines"

There are a number of other network "lines" relating to the K-line.

G-Line/AKill

Main article: Gline

A Gline or AKill is a global network ban applied to a user; the former term comes from Undernet and the latter from DALNet. The term "AKill" comes from an earlier implementation in which the IRC Services would automatically "kill" (disconnect) the user remotely upon login, rather than the individual servers simply denying the connection.

Z-line

Main article: Zline

On some IRCds, such as UnrealIRCd, a Zline is similar to a Gline, but applied to a client's IP address range, and is considered to be used in extreme cases. Because a Zline does not have to check usernames (identd) or resolved hostnames, it can be applied to a user before they send any data at all upon connection. Therefore a Zline is more efficient and uses fewer resources than a Gline or Kline when banning large numbers of users. Because not all IRCds are the same, others, such as Charybdis, use a 'Dline' instead.

Q-line

On some IRCds, such as UnrealIRCd, a Qline forbids a nickname, or any nickname matching a given pattern. This is most often used to forbid use of services nicknames (such as 'X', or NickServ) or forbid use of IRC Operator nicknames by non-operators. Some IRC daemons may disconnect users when initially applying the Qline, whilst others will force a nickname change, or do nothing until the user covered by the Qline reconnects. Other IRCds, like Charybdis, use the 'RESV' command instead, with the stats letter remaining as Q.

Operator abuse

Unfortunately, some IRC operators abuse their power by killing or K-lining users that haven't committed any serious offenses on the network, usually because of boredom, for comical effect, or the user offended the operator in some way. Such abuse is tolerated or even encouraged on a few private networks, while on most major networks it's highly discouraged and abuses of power may result in removal of the O-line or in severe cases, a K-line or G-line of the offending operator."

As the internet develops certain features like it's commercialisation and controlling search engines, the openings for the separation of the internet brings with it hazards in the solutions applied. Perhaps there is a better way?

  • 2 months later...
Posted

''Page Updated: Tuesday, October 10th, 2000

MAJOR NEWS!! Senator John Edwards

Introduces 'Spyware Control Act'

What do the NetZip-descended

file downloaders whisper when

they think you are not listening?

OVERVIEW: How Does This Affect YOU ?''...

http://www.grc.com/downloaders.htm

''...

To Summarize before we examine the details . . .

In order to confirm or deny the reports alleging that the Real Networks and Netscape/AOL download utilities might be spying on their users by secretly "phoning home" with detailed reports of every file their users download, I used a readily available "packet sniffer" to monitor the data being sent from one of my machines when downloading a handful of my own website's files.

I was able to quickly confirm that the NetZip-descended downloaders used by Real Networks and Netscape/AOL were, indeed, sending detailed reports of every download "back to base" every time they were used to download a file.

These reports contained the complete Internet URL of the file being downloaded and were accompanied by an apparently unique "ID Tag" which was associated with each machine. To confirm this, I experimented with downloads from several different computers. In every case the "apparently unique ID" being sent out never changed on the same computer, and each computer has its own.

Netscape's Smart Download goes one step further by including the computer's IP address in a separate "cookie" header. This is troubling, since "cookie" headers tend to be left alone as they pass through proxies and anonymizers. This would thwart deliberate attempts at keeping the computer's IP address confidential.

When you consider that each user's computer is uniquely identified, and that reports are being sent back for every file downloaded — and accompanied by a unique ID tag (and, in the case of Netscape, the machine's unique IP address) . . .

. . . It is NATURAL to wonder WHY

this information is being transmitted,

and to what end the data is being put!''...

  • 7 months later...
Guest John Gillespie
Posted
Wiki :

"BOTS , also known as web robots, WWW robots or simply bots, are software applications that run automated tasks over the Internet. Typically, bots perform tasks that are both simple and structurally repetitive, at a much higher rate than would be possible for a human alone. The largest use of bots is in web spidering, in which an automated script fetches, analyses and files information from web servers at many times the speed of a human. Each server can have a file called robots.txt, containing rules for the spidering of that server that the bot is supposed to obey.

In addition to their uses outlined above, bots may also be implemented where a response speed faster than that of humans is required (e.g., gaming bots and auction-site robots) or less commonly in situations where the emulation of human activity is required, for example chat bots.

These chatterbots may allow people to ask questions in plain English and then formulate a proper response. These bots can often handle many tasks, including reporting weather, zip-code information, sports scores, converting currency or other units, etc. Others are used for entertainment, such as SmarterChild on AOL Instant Messenger and MSN Messenger and Jabberwacky on Yahoo! Messenger.

An additional role of IRC bots may be to lurk in the background of a conversation channel, commenting on certain phrases uttered by the participants (based on pattern matching). This is sometimes used as a help service for new users, or for censorship of profanity.

AOL Instant Messenger has now introduced a feature that allows you to make a screen name into a bot. This new feature removes the rate limit on the screen name, however it is now limited in the amount of instant messages that can be sent and received."

"Another, more malicious use of bots is the coordination and operation of an automated attack on networked computers, such as a denial-of-service attack by a botnet. Internet bots can also be used to commit click fraud and more recently have seen usage around MMORPG games as computer game bots. A spambot is an internet bot that attempts to spam large amounts of content on the Internet, usually adding advertising links.

There are malicious bots (and botnets) of the following types:

Spambots that harvest email addresses from contact forms or guestbook pages

Downloader programs that suck bandwidth by downloading entire web sites

Web site scrapers that grab the content of web sites and re-use it without permission on automatically generated doorway pages

Viruses and worms

DDoS attacks

Botnets / zombie computers; etc.

Bots are also used to buy up good seats for concerts, particularly by ticket brokers who resell the tickets. Bots are employed against entertainment event-ticketing sites, like TicketMaster.com. The bots are used by ticket brokers to unfairly obtain the best seats for themselves while depriving the general public from also having a chance to obtain the good seats. The bot runs through the purchase process and obtains better seats by pulling as many seats back as it can.

Bots are often used in Massively Multiplayer Online Roleplaying Games to farm for resources that would otherwise take significant time or effort to obtain; this is a concern for most online in-game economies.

The most widely used anti-bot technique is the use of CAPTCHA, which is a form of Turing test used to distinguish between a human user and a less-sophisticated AI-powered bot, by the use of graphically encoded human-readable text."

Cn anyone add to this?

_____________________

A bot is something that flots in water.

  • 1 month later...
Posted (edited)

flash cookies , mice and a bit about nibbles for JG

grc.com :

''And then my final bit of news comes from some researchers at UC Berkeley, who

discovered from poking around that more than half of the Internet's top websites are

now using Flash cookies to track users and store information about them, but that only

four of those sites mention their use of Flash cookies in their privacy policies. And just to

refresh our users' memories, our listeners' memories, traditional cookies are browser

cookies. And probably everybody knows about them. There's a UI that's very available

and visible on browsers that allows you to manage your cookies, to delete them, to turn

them into session cookies so that they're not persistent, to allow some sites to keep

cookies and others not to and so forth.

Flash cookies are Adobe/Macromedia's own completely separate channel which allows

data to be stored, surprisingly large amount of data actually per website, much more so

than cookies, in a channel which is completely separate from your browser. So it will be

something that GRC will be addressing. I've got a lot of research that's in the process of

getting itself ready to come online, just needs more documentation about browser

cookies for educating people. And it has been pointed out to me a year ago, more than a

year ago, that Flash cookies are on the rise.

Well, here we are now, more than half of the Internet sites are using Flash cookies. The

only reason they would be doing that is that they're no longer happy with the tracking

they're getting from regular cookies. And what that means is, since still all browsers

default to having cookies enabled, since that was part of the original specification for the

web was that a server can give a browser client a cookie, which it will then return in

order to identify itself. Well, users don't want to be tracked, so they're turning their

browser cookies off. But websites are not accepting their choice not to be tracked.

They're saying, well, we're going to track you anyway. Even though you've disabled your

browser cookies, we're going to be even more sneaky because our website requires

Flash, and everybody pretty much has Flash who's on the 'Net now. So where possible,

we're going to give you an even stickier cookie through the Flash mechanism in order to

hold onto you. Which, you know, doesn't seem right, but that's what's going on. More

than half of the Internet's top sites.''

Every time you view a youtube video, or use facebook, twitter etc you get these ''super cookies''. Firefox with ''Better Privacy'' provides some protection.

____________________

''Was MICE added to Windows intentionally?

Software engineers who have looked closely at the Windows code that enables the MICE capability have concluded that, for whatever reason, it is operating exactly the way its designers intended it to.

Mark Russinovich, well known professional developer at SysInternals, performed his own examination, the results of which he sent to both Microsoft and me (which you can read in full here). Mark concluded:

"The bottom line is that I'm convinced that this

behavior, while intentional, is not a backdoor."

Mark agreed that Windows MICE behavior was intentionally incorporated into Windows. I respect the fact that he chose not to characterize it as a "backdoor", since that term carries such malicious connotation, and no one believes (myself included) that Microsoft would act in a deliberately malicious manner. But despite Mark's wishing to avoid characterizing this intentional facility as a "backdoor", the entire personal computer industry freaked out as much as it ever has when the power of MICE became public knowledge.

It was certainly usable as a "backdoor".

Another professional developer and industry associate with a great deal of reverse-engineering and low-level systems programming experience wrote to me, which I quote with his permission (emphasis is his):

"I've learned more and talked this over with peers. I think your argument is MUCH more convincing than Microsoft's explanation; though if this back door is intentional, the Microsoft guys answering the accusations likely don't know anything about it ;).

The idea of it being intentional has met considerable resistance by people when they first hear of it, and even I was originally resistant. But when people learn all the facts they grow surprisingly less resistant ;). One guy said, "its not like it's a jmp eax".. which is ironic, since that's EXACTLY what it is."

What is it that programmers see?

Many programmers who took the trouble to look into the operation of MICE concluded that it was intentionally added to Windows because the instructions that cause the computer's processor to "jump" into the metafile image and begin executing instructions are plain as day. Sometimes computer code is obscure and unclear, especially when it is reverse-engineered. But this is not. Any unbiased examiner would look at Microsoft's code and conclude that someone, for some reason, wanted to give Windows the ability to execute code contained within metafile images . . . just as Windows has starting with NT4.

If this is so obvious, how did Microsoft miss it?

That is the million dollar question. We know that earlier versions of Windows did not have this facility and that all versions of Windows since NT4 have. It was even already incorporated into the next "Vista" version of Windows. Somehow, despite having been resident in Windows for nearly ten years, despite many security sweeps and analyses looking for exactly these sorts of things, and even despite several past security vulnerabilities occuring right there in the Windows metafile processing code . . . Microsoft never removed this facility until it became public knowledge.

We must assume that Microsoft either wanted this code to remain in Windows, or just continually missed noticing it.

But if it's clearly there intentionally, who put it in?

Only Microsoft knows.

Why did they put it in?

Only Microsoft knows.

What does Microsoft say about all this?

Microsoft said nothing whatsoever, beyond their standard "vulnerability disclosure" for several weeks. Everyone in the computer industry has become so accustomed to these continual security updates and patches that no one thought twice . . .

Until I posed some serious questions about what was going on with Leo Laporte during our weekly Security Now! podcast episode #22. Given the preliminary evidence and "feeling" I had from starting to write the freeware utility that evolved into "MouseTrap", I told our Security Now! audience that this "felt" like a deliberate backdoor.''

________________

http://www.answerbag.com/q_view/837237

''Binary digits are a basic unit of information storage and communication in digital computing and digital information theory.

A bit is a binary digit. A binary digit is one that can only have one of two possible values, either 0 or 1.

A value which is represented by 8 bits is referred to as a byte. For example, the value 10010111 is 8 bits long, and therefore a byte.

The term "nibble" originates from the fact that the term "byte" is a pun on the English word "bite". A nibble is a small bite, which in this context is construed as "half a bite". A value represented by 4 bits is referred to as a "nibble''. For example, the value 0110 is 4 bits long, and therefore "half a byte", or a "nibble".''

EDIT : typos, formatting

Edited by John Dolva
Posted

Could whoever is DOSing, Nuking, or whatever, my computer do it a few more times please? (I haven't get a comprehensive log as yet.)

  • 1 month later...
Posted (edited)

Sherry Turkle in her excellent book "Life on the Screen" talks about entering a multi-user domain and finding there was a "Doctor Sherry" with an office conducting interviews with users. She was not sure if it was another user or a bot. She was reasonably sure it wasn't her.

Of course she could never subsequently be quite sure she wasn't a bot that was programmed to think it was a university professor :ice

Edited by Derek McMillan
Posted

Bots dont think :ice funny tho, it touches on artificial intelligence and if one introduces a dada engine and a cleverly written bot, I'm sure many would take time to figure out it's a bot. There are complex and simple bots and people are always trying them out. Some of them are pretty good. She must have had fun writing the book. (or the bot that wrote it)

  • 2 weeks later...
Posted

stop it, it's not funny.

  • 3 weeks later...
Posted

wierd< its possible my system has been breached and posts not from me occuring from now as my admin password was changed and ive lost control over my mouse and kboard it may be benign but just in case test

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
×
×
  • Create New...