new dlink AP900+ firmware hack

A guy from Athens Wireless Metropolitan Network with nickname Acinonyx published his hacked firmware for dlink AP900+ rev C that:

  • is fixed so that the transmitting and receiving antenna is the same and the one you pick from the web interface
  • changes left -right antenna with internal-external
  • One can specify the power output from max (17dbm) to min (1dbm) in both Access Point mode AND client mode!!!
  • Changed stats to display total packets instead of “good packets”
  • If you can read Greek check here: http://www.awmn.net/forum/viewtopic.php?t=10601
    To DOWNLOAD the firmware: http://www.awmn.net/forum/download.php?id=4109

    a screenshot: http://www.awmn.net/forum/download.php?id=4108

    software improvements

    In order to read rss feeds in windows I have a client called Abilon (and yes it’s freeware!). I really like it’s clean design and it’s features. It’s neither bloated nor lacking features.
    I had a problem with it though when it came to reading some rss feeds that were on https sites. So I thought I should give it a try and contact the author. I have done this with many other progs …but I never got such friendly and fast answers as the Abilon programmer gave me. The problem was fixed within a day…and it’s christmas! (the new version available on the site “2.5.3 build 196″ has got no probs with https sites any more, at least all my sites are working perfectly right now)
    It’s great when you send your suggestions to improve a program that you use and like and the programmer responds in a very polite and helpfull manner. It’s a big big + (plus) for Abilon that it’s programmer listens to people suggesting him some changes. Imho it’s the only way to improve a program…listening to requests…

    Abilon

    8bit xmas wishes

    While browsing the net I came up with this music collection for xmas made on old machines :)

    Featuring the sounds of Yerzmyey on the Spectrum, Nullsleep on the NES, Vim on the VIC20, Paul Slocum on the Atari 2600, Bit Shifter on the GameBoy, Goto80 on the C64, Dma-Sc on the Atari ST, and Hally on the X68000

    You can download all the files for free…I might check the rest of the songs there as well :)

    Have fun ppl :)

    yahoo! privacy!

    It may sound weird…but looks like yahoo! is protecting its users privacy quite firmly. Reading this cnn article I totally agree with yahoo! . If that soldier wanted his mom to read his email he should have cc’ed or bcc’ed all his email to her. Since he didn’t…his emails go with him. I’d certainly not want anyone reading my files/emails, or whatever other personal I have, after my death. I have chosen to publicize parts of what I think and write and that’s all, nothing more nothing less.

    If they want their sons’ emails they should hack his account … and they’ve got 90days to do so :)

    cracking wep

    Very nice article on tools you need to crack wep in most wi-fi networks. enjoy :)

    http://securityfocus.com/infocus/1814

    I am going to HELL!!!

    Bryan Erickson (oh come on…google to find who he is) posted a newletter from St. Mary’s church in Colorado Springs that gives indications for parents so they can understand whether their kid is turning away from the Lord….It specifically talks about gothic culture and stuff like that.

    Please seek immediate
    attention through counselling, prayer, and parental
    guidance to rid your child of Satan’s temptations if
    five or more of the following are applicable to your
    child

    read the “signs” here… http://www.livejournal.com/users/hexfix93/52879.html

    My favorites:

  • Drinks alcohol
  • Complains of boredom
  • Is excessively awake during the night
  • Requests time alone and quietness. (This is so that your child may speak to evil sprits through meditation
  • Expresses an interest in sex
  • omg I am doomed…

    I am going straight to hell for what I do and what I’ve done all those years…who cares…could be fun…I’ll certainly meet a lot of friends there :)

    btw if you haven’t seen the latest video clip from velvet acid christ…do it now! Pretty toy

    The World’s Smallest P2P Application + unix file wiping

    While reeding my rss feeds today I came up to this interesting article. 2 guys wrote a p2p application in 15 lines of python code just to prove how hard it is to restrict p2p apps. Everyone can write or customize one. It may not be fancy with buttons and stuff like azureus…but it surely is achievable. Buttons and colors and and and….can be added at any time later on since the base application works.

    There was an interesting thread on bugtraq too these last days about secure file deletion on unix system. It’s pretty interesting and there’s some clues about ZFS, the new solaris 10 FS. One of sun’s engineers says that they will add secure file deletion support sometime in the future inside their FS utils. Where does linux stand here ? I am not aware of any such future thoughts for it. Don’t linux users have sensitive data to protect or is it that linux is silently becoming so much a “desktop-OS” alternative to windows and forgets some of it’s main goals like security ?

    And again rises the same question…is “wiping” enough to protect our files or should we all create and use encrypted partitions/loops for our disks where we will save all sensitive data ? It’s far better to “wipe” (or think you’ve wiped) some encrypted crypto-loop than thinking you have deleted your new ATM card’s PIN or your company’s financial data or…or…..

    The great playlist meme of ’04

    Following the post of my friend Patroklos in his blog (who in turn follows the post of Diego Doval) I’ll publish my own list of 10 songs:

      1. Pink Floyd – A Great Day For Freedom
      2. converter – sadist
      3. lights of euphoria – fortuneteller (zillo club mix)
      4. icon of coil – everything is
      5.

    Configuring logging on cisco routers

    One of the latest tasks I have is to monitor the perfomance and stability of around 20 wireless schools in the city.
    Perfomance is quite is to do. I configured all routers to listen for snmp queries and fired up MRTG. The I set up smokeping to measure delays…and I had a fair view of what’s going on. Or that was what I though. I saw that the traffic was minimal. My guess was that schools were not using the broadband service we had offered them as they should. That is sometimes the case where teachers have no clue on how to use the broadband internet and/or kids have no intention to learn some new tricks and prefer to mock on people that use the internet as a tool.
    Later on I set up a machine with syslog-ng and configured all schools to log “wirelessly” there.

    logging trap debugging
    logging IP.IP.IP.IP

    where IP.IP.IP.IP is the IP of your host with the syslog daemon (preferably syslog-ng).

    Then one day the wireless BSU had probs and schools had to use their isdn backup to reach the net. I had to do sth so that logging to my syslog did not begin a new session by dialing from the isdn backup. If logging was enabled and no filters were activated, then when one dial session was terminated the syslog messages from the router to me opened a new session just to tell me that the previous one terminated. And this could go on for hours and hours.
    So I added a filter to the dialer and blocked syslog packets from opening the isdn.

    < previous rules >
    access-list 102 deny udp any any eq syslog
    access-list 102 permit ip any any
    dialer-list 1 protocol ip list 102

    If any of you use syslog-ng for your machines (and you should) then try php-syslog-ng

    spambots were pwned

    Today my blog “suffered” a flood from spambots trying to post ads…but unluckilly to them…NO posts were “allowed” in due to the new patches. There were 81 unique attempts to post a comment.

    Better luck next time boys!

    Today my best friends’ gf got her university degree…We are going out tonight to celebrate…I wonder when I’ll get mine…I hope I’ll have mine by Feb 2006 or sooner. We shall see! For the time being I have to study for my exams starting on December 1st. Wish me luck…

    being forgetfull…

    Yesterday I updated php to one of my machines to enable freetype and GD support. On that system I also had IMP webmail. I had forgotten the exact flags I used when I compiled the older php version I had at that machine, so the webmail did not work with the new version. After some googling for the error msgs I got, I found out I needed to add –with-imap and –with-imap-ssl flags to the configure script. I run the script but it couldn’t find the imap libs…I was sure I had them someplace…but where ? I found out where my imap sources were and recompiled imap. Then added some dirs after the flags

    –with-imap=/koko/lala/imap-2002e
    –with-imap-ssl=/koko/lala/ssl

    And recompiled php…restarted apache and expected the webmail to work. Nope…it didn’t.
    I opened up the servers.php file of the imp configuration, read the comments once more and changed the server type. It needed a /novalidate option because my certificate was self-signed. I wonder why it worked earlier….who knows….

    btw, the latest php 4.3.9 seems a LOT faster in many scripts, nice :)

    and again?

    ohhhhhhhhh yes…the damn spambots found a way to bypass all measures agorf had taken. So it was time for the gd library to come in handy.

    I found a patch for wordpress that creates a random text string on one image and someone has to copy that text to a text field to “validate” his comment.
    The url to the patch is here: http://www.gudlyf.com/index.php?p=376
    Then I had to install libjpeg, freetype,gd and recompile the latest php to use all that…DAMN these spambots!

    Let’s see how long it will take until the spambots find ways to figure out text out of images…I am not sure if I really want this to happen or not …If it happens it will be a great improvement for AI in general…but all that authentication measures based on images will go down the drain….

    Btw I’ve learned today that gentoo is not a “random” word for a distro…but rather a “penguin race”…You can find some info here:

    http://www.siec.k12.in.us/~west/proj/penguins/gentoo.html

    http://www.antarcticconnection.com/antarctic/wildlife/penguins/gentoo.shtml

    New spam attack

    And again another spam attack in my blog comments! It seems I am really famous! This time the ads were about medicines and diets and crap like that. Agorf re-patched my blog to stop this attacking pattern too.

    The spam comments looked like this:

    #

    Name: buy phentermine online | Email: byob@y1049o.com | URI: http://phentermine.one-phentermine.com | IP: 148.244.150.58

    1049 phentermine.one-phentermine.com
    adipex.one-phentermine.com
    tramadol.one-phentermine.com
    ambien.one-phentermine.com
    cialis.one-phentermine.com
    viagra.one-phentermine.com
    diet-pills.one-phentermine.com

    Posted Nov 23, 4:46 AM | Edit Comment | Delete Comment — Edit Post “Infosystem 2004” | View Post

    There’s a number inside the email of the “poster” and the beggining of the comment:
    email: byob@y1049o.com
    body: 1049 phentermine.one-phentermine.com

    Let’s see who’s next!

    another patch made by agorf

    For the ones that are not aware of the refer 2.1, I will quote a text from the website:

    What is it?

    Refer is a web application that tracks incoming referrers (visitors who followed a link found elsewhere) to your website.

    Check on the demo link: Demo

    Agorf has patched it a bit because I wanted on the who list to be able to lookup ips from the ripe database. He added a field to the database and changed the phps to enable the RIPE queries.

    Get the patch from here: refer ripe patch by agorf

    Blog comments update

    The official php coder of this blog has made a change in the way comments are being posted. agorf has added a checkbox that you HAVE to uncheck in order for your comments to be posted. Else your comment get’s ignored.

    No more comment moderation! I hope we won’t get outsmarted by the spambots…at least for a while!

    Cheers and thnx to agorf!