Press "Enter" to skip to content

Month: March 2008

B0rken eBay Express

Broken Ebay ExpressI was just poking around eBay earlier and I came across mention of “eBayExpress” and thought it’ll be interesting to sign up. So I tried to – but hit a load of debug information.

Interesting stuff: eBay Express appears to run in PHP (as can be confirmed in the URL), but it runs on Microsoft SQL Server (as can be evidenced by the MS SQL/mssql mentions in the error messages) and they use the “sa” (super administrator) account to login to the MS SQL server: a big no no in any security aware programmer’s book. They also have the web server running on the same server as the database server (as evidenced by the “Unable to connect to server: localhost” section) and they keep everything in nice distinct files. They also have warnings turned on on their server.

Interesting stuff (for a techy like me!).

[added]

Steps to replicate:

Techy: New Free Monitoring System

Beebware (the company I operate in my spare time) is slowly ramping up with a number of new services – and the first one is the Beebware Internet Monitoring system at http://monitor.beebware-internet.co.uk/ and to help promote the “soft launch” of the service (before the main Beebware Internet site is up and running) we’re giving away free trials of the service.

So, what does it do and how does it do it? Basically, we’ve got 9 monitoring stations (in Seattle, San Jose, Dallas, Virginia and Illinois in the US, Berkshire in the UK, Amsterdam in the Netherlands, Singapore and Queensland in Australia) running 24×7 which checks your site/server for any interruptions to pings, HTTP, HTTPS, FTP, SSH, SMTP, DNS, POP3, IMAP, MySQL, PostgreSQL or any other TCP/IP service. And unlike other services, we’ll also check for certain keywords on your site (some will mark your site as “available” even if it’s just returning a holding page!), send reboot notifications to your datacenter if necessary, send you alerts via email or SMS and it’s all web based!

Feel free to give it a try free of charge – whilst we accept payment via Paypal, you don’t even need to provide your Paypal email address to try the free trial!

Oh – did I forget to mention, you can even have a public status report on your site in HTML or RSS and that, if you decide to upgrade from the free monitoring account, it’s only £12 for ONE MINUTE interval checks – no matter which service? (For example, My Unitard .co.uk is being monitored at a five minute interval over HTTPS – Beebware Internet will just charge £3 per month for this – Alertra charges $144 (approximately £72) for the same service!

Signs of the Times

Via Softlayer’s private forums from Tris at Seeksadmin.com:

Sign over a Gynecologist’s Office:
“Dr. Jones, at your cervix.”

In a Podiatrist’s office:
“Time wounds all heels.”

On a Septic Tank Truck:
Yesterday’s Meals on Wheels

At a Proctologist’s door:
“To expedite your visit, please back in.”

On a Plumber’s truck:
“We repair what your husband fixed.”

On another Plumber’s truck:
“Don’t sleep with a drip. Call your plumber.”

On a Church’s Bill board:
“7 days without God makes one weak.”

At a Tire Shop in Milwaukee :
“Invite us to your next blowout.”

At a Towing company:
“We don’t charge an arm and a leg. We want tows.”

On an Electrician’s truck:
“Let us remove your shorts.”

In a Nonsmoking Area:
“If we see smoke, we will assume you are on fire and take appropriate action.”

On a Maternity Room door:
“Push. Push. Push.”

At an Optometrist’s Office:
“If you don’t see what you’re looking for, you’ve come to the right place.”

On a Taxidermist’s window:
“We really know our stuff.”

On a Fence:
“Salesmen welcome! Dog food is expensive!”

At a Car Dealership:
“The best way to get back on your feet – miss a car payment.”

Outside a Muffler Shop:
“No appointment necessary. We hear you coming.”

In a Veterinarian’s waiting room:
“Be back in 5 minutes. Sit! Stay!”

At the Electric Company
“We would be delighted if you send in your payment. However, if you don’t, you will be.”

In a Restaurant window:
“Don’t stand there and be hungry; come on in and get fed up.”

In the front yard of a Funeral Home:
“Drive carefully. We’ll wait.”

At a Propane Filling Station:
“Thank heaven for little grills.”

And don’t forget the sign at a Chicago Radiator Shop:
“Best place in town to take a leak.”

Sign on the back of another Septic Tank Truck:
“Caution – This Truck is full of Political Promises”

Avoid US Domain Registrars – A Response

My darling other half has just made another interesting blog post – this time about avoiding US domain registrars due to eNom (the second largest domain name registrar according to Webhosting.info) disabling domain names belonging to a British National (based in Spain) selling holidays/vacations in Cuba to European citizens (Nytimes article).

Sounds good in theory – but in practice, it’s a bit more difficult.

Why? Well, I mainly use a registrar called DirectI/ResellerClub (as I have a lot of domain names – over 60) who are based in India – but (ignoring the fact they now have a US office) I could, in theory, still have my domain names disabled by the US courts: because DirectI get their domain names (like all other .com/.net/.cc or .tv domain name providers) from a company called Verisign GRS who are the “root provider” (also known as the “authoritative directory provider”) of all those domains. And they are based in the USA and hence the US courts could just ask Verisign to suspend the domain names at their level.

“Ah ha!”, I hear you cry – what about my nice safe .co.uk or .eu domain name that I brought for a UK company such as Heart Internet? Well, again, there’s a catch. All .uk domain names are via Nominet (a UK based company) and all .eu domain names are from Eurid (a Belgium based company) – so on the “registrar” level they are safe (apart from the inter-country co-operation agreements). But ALL domain names (.com/.net/.uk and .eu) are ultimately allocated by an organisation called the Internet Assigned Numbers Authority (IANA) which is part of Internet Corporation For Assigned Names And Numbers (ICANN) which, whilst being a “private-public partnership” is a US organisation currently under the control of the US Department of Commerce (at least it’s a change – ICANN and IANA used to be run by the US Department of Defense).

So there you go – all your domain names are belong to the US Government!