| |
ZL3AI > APRDIG 22.05.04 00:52l 262 Lines 9632 Bytes #999 (0) @ WW
BID : 3320-ZL3AI
Read: GUEST
Subj: TAPR Digest, May 11, 2/3
Path: DB0FHN<DB0FOR<DB0SIF<DB0MW<DB0ROF<DB0ACH<DB0ACC<DB0GOS<DB0EEO<DB0RES<
ON0AR<IK1ZNW<VE3FJB<ZL2TZE<ZL3VML
Sent: 040521/2225Z @:ZL3VML.#80.NZL.OC #:24474 [Chch-NZ] FBB7.00i $:3320-ZL3AI
From: ZL3AI@ZL3VML.#80.NZL.OC
To : APRDIG@WW
Subject: RE: New Portable APRS display?
From: Jeff King <jeff@aerodata.net>
Date: Tue, 11 May 2004 13:21:29 -0400
X-Message-Number: 12
On Tue, 11 May 2004 11:06:40 -0500, David VanHorn wrote:
>There's at least one company that uses the gameboy to control
>medical equipment. $50 for a screen, keyboard, and sound!
One of my wife's sewing machines uses a GameBoy to store and display the
special stitches.
----------------------------------------------------------------------
Subject: RE: New Portable APRS display?
From: David VanHorn <dvanhorn@cedar.net>
Date: Tue, 11 May 2004 12:28:11 -0500
X-Message-Number: 13
At 01:21 PM 5/11/2004 -0400, Jeff King wrote:
>On Tue, 11 May 2004 11:06:40 -0500, David VanHorn wrote:
>
>>There's at least one company that uses the gameboy to control
>>medical equipment. $50 for a screen, keyboard, and sound!
>
>One of my wife's sewing machines uses a GameBoy to store and display the
>special stitches.
My sister has one of those, I forgot about that.
----------------------------------------------------------------------
Subject: Re: AGWPE interface
From: Mark Sproul <msproul@jove.rutgers.edu>
Date: Tue, 11 May 2004 14:01:28 -0400
X-Message-Number: 14
Wes
MacAPRS talks to AWGPE running on Windows and it works fine. I have
also run it from one Windows machine runing WinAPRS talking to AGWPE
running on a different Windows machine.
Mark
------------------------------------------------------------------
Mark Sproul |
http://ecs.rutgers.edu |
msproul@jove.rutgers.edu |
Manager - Engineering Computing Services | 732-445-3121
Rutgers University School of Engineering |
Office: Eng D111 |
------------------------------------------------------------------
----------------------------------------------------------------------
Subject: Re: What is "TRACE"
From: "Robert Bruninga" <bruninga@usna.edu>
Date: Tue, 11 May 2004 14:34:19 -0400
X-Message-Number: 15
Best thing is to read the original APRSdos docs called DIGIS.TXT.
Google should find it...
Bob
----------------------------------------------------------------------
Subject: Changes to third.aprs.net....
From: "Dave Anderson" <dave@aprsfl.net>
Date: Tue, 11 May 2004 14:48:41 -0400
X-Message-Number: 16
Hi everyone,
This message is to inform you of a change being made to third.aprs.net.
Also note that second and fourth are going to be implementing the same
change.
Port 23 has been a legacy port that APRS software uses to connect to a APRS
server for a full feed. Back when APRS-IS was first conceptualized, the
internet was a more kind and gentle place. Current day internet operations
are completely different.
There are countless exploits on *Nix boxes running telnetd (what answers
port 23 on these boxes). Do any search for telnet vunerability on a
search engine, or on the bugtraq mailing list archive and you'll start to
see what I mean. This by itself does -not- affect APRS servers, but side
effects are starting to.
What's makes this worse is that "script kiddies" aka someone who downloads
a script that scans multiple blocks of IP addresses for vulnerabilities.
These individuals are far from "hackers", they are simply using someone
else's "recipe" to look for vulnerabilities. These scripts scan literally
hundreds of thousands of IP's in a few hours.
This makes any APRS server come up as a blip on the radar screens of those
running these scripts.
When some of these scripts (I tested several on my own server) "find" a APRS
server, it sets off alarms like a winning slot machine. This leads the
attacker to apply more attention to the machine in question. Since 99% of
other applications that use port 23 use a login/password authentication
system, this seriously confuses these attackers. They have no idea what
they are seeing with a non-stop stream of APRS packets. This ultimately
forces them to sit and try over and over again to break into a server that
is not venerable -- sometimes, in the case of my research, for days at a
time. I'll add note here that none of the scripts could do anything to
javAPRSrvr, the code is rock solid and not even the hardest attack with
buffer overruns even made my machine blink, so kudos to Pete on this.
This has several detrimental effects to the servers being scanned. Firstly,
it ties up connection ports. Secondly it ties up bandwidth on servers.
We all have limited resources at some point, and any wasting of them should
be addressed. Third it makes firewall logs for port 23 gigabytes in size
per day.
In an attempt to stem the impact of some of the negative effects of this, a
change has been made. When you -now- connect to a server, until you login
with your callsign and your validation number, no data will be passed to
you. This means the scanners will look over the servers quicker, so the
amount of time they stay connected will be no where near as long, and any
stale connections to servers from these scanners will take no bandwidth at
all.
What does this mean to you? Not much. 99.9% of software that uses APRS
servers automatically send your callsign and a validation number for you.
The -only- known reason to take note of this is if you run custom software
or scripts that pull data from the APRS system and provide no login
information.
A suggested logon stream to send when you connect is:
user callsign-TS pass -1 vers yourapplicationname 1.0
Replace callsign with your callsign/name of service and put your
application's name in there. Then normal operations will resume when the
change goes online.
Testing of this feature were performed over the weekend, and I intend to
permanently activate this feature on third Wednesday evening at Midnight.
Just "FYI". Should you have any questions or concerns let me know.
Seeya,
Dave
KG4YZY
www.aprsfl.net
----------------------------------------------------------------------
Subject: Re: What is "TRACE"
From: "Patrick A. Green" <pgreen@warpcore.com>
Date: Tue, 11 May 2004 14:12:37 -0500
X-Message-Number: 17
Perfect! This is exactly what I was looking for. I thank everyone for
responding.
73 de Pat -- KA9SCF
----------------------------------------------------------------------
Subject: RE: What is "TRACE"
From: "Eric H. Christensen" <kf4otn@earthlink.net>
Date: Tue, 11 May 2004 19:00:41 -0400
X-Message-Number: 18
Absolutely! In the Carolinas we are implementing weather service LANs (i.e.
WXMHX for the Newport NWS area, WXILM for the Wilmington NWS area) and state
LANs (i.e. NCn-N, SCn-N). These have been implemented to reduce traffic
loads and improve traffic movement. An example of this would be the NWS
bulletins that we gate to RF for two of our NWS areas (Newport and
Wakefield). With these LANs in place, these bulletins don't enter an area
where they are not needed and stay within the area of concern.
The state LANs have been implemented in place of TRACE in our case. This
allows packets to stay within an area of interest, in this case the state of
North Carolina, South Carolina, or Virginia (I think they have started
implementing this in Southeastern Virginia).
For those that want to still utilize a more "circular" propagation from
their location RELAY, WIDE, and WIDEn-N is still being used. Basically it
gives people options and containment.
I cc'ed this to the APRS SIG just incase anyone else was wondering about
this.
73s,
Eric KF4OTN
-----Original Message-----
From: David John Walsh [mailto:david.walsh@vodafone.net]
Sent: Tuesday, May 11, 2004 13:48
To: 'Eric H. Christensen'
Subject: RE: [aprssig] RE: What is "TRACE"
Eric
==
In some places, TRACEn-N is being removed to make way for LANs. ==
Could you expand more on the reasoning behind this, and how it is being
applied.
Regards
David
----------------------------------------------------------------------
Subject: Power Point file size.
From: "Robert Bruninga" <bruninga@usna.edu>
Date: Tue, 11 May 2004 19:54:11 -0400
X-Message-Number: 19
I hate to ask this here, but I hve a Power point APRS presentation that is
too big.
How can I find out which of the SLIDES are the BIG ones? Sometimes one
slide can be 4 megabytes and others only 10k.
And BOTH have images. It depends on how they were saved in the first
place. How can I rapidly find out how much of the file size is associated
with each slide?
Once I know that, I can easily cut them down. I simply bring the screen
shot into paint and resave it as a JPG. This can reduce megabytes down to
ten's of K. But I dont know how to find which of my 40 slides are the BIG
ones...??
thanks
Bob
----------------------------------------------------------------------
Subject: GPS in your COKE can??
From: "Richard Amirault" <ramirault@erols.com>
Date: Tue, 11 May 2004 21:12:20 -0400
X-Message-Number: 20
Starting this monday COKE is running a promotion where you can find a
special Coke can with a built in cellphone and GPS. If you've found one,
you call Coke using the can and (hopefully) agree to let them "track" you
for a few days (up to a week I think) .. they track you and find you and
give you the prize you've one (like maybe a new SUV!)
The website is http://www.unexpectedsummer.com/index_flash.html but doesn't
have much explaination. I heard about this flipping thru the cable TV
channels.
Richard Amirault N1JDU Boston,
MA, USA
www.erols.com/ramirault "Go Fly A Kite"
----------------------------------------------------------------------
Read previous mail | Read next mail
| |
