After some tweaking around in analytics it turned out that most of the new bouncing traffic came from Safari, from a machine with the same screen resolution as mine, from my city, my broad band provider and so on.

It turns out that this is because my blog had appeared on Safaris “Top Sites”, a grid of often visited web pages on the welcome screen of Safari. And every time you open safari, it contacts the webpage for an updated snapshot of the page.  This is recorded by analytics and regarded as a bounce visit, decreasing your average time on site and increasing your bounce rate.

So far, it doesn’t seem like there is any other solution to this except removing the site from “Top Sites”, until Google or Apple figure something out.  This of course does not solve the, for me not yet existing, problem of bogus traffic from other Safari users.

No related posts.

Read his article at http://truben.no/journal/auto-hide-tab-bar-in-mozilla-thunderbird-3/

No related posts.

Wireshark

Wireshark, a really cool network analyzer I’m planning to write more about later. What happened was that at startup you get a long list of error messages, and then no network interfaces could be found.

Luckily, Michael Gracie has scavenged the net for a solution, and found it.

Basically, all you need to do is follow the normal instructions, Dragging the app to the Application folder, the ChmodBPF folder in utilities to the StartupItems alias and the contents of the commandLine folder to /usr/local/bin.

Open a terminal and type:

cd /Library/StartupItems
sudo chown -R root:wheel ChmodBPF

enter your password and hit enter.

Now start up Wireshark, close the list of error messages, hit edit -> preferences -> name resolution, click the edit button next to “SMI (MIB and PIB paths)”, click “new” and type /usr/share/snmp/mibs/ in the text field.  Now click apply / OK, all your way out, exit, and reboot your computer.

After the reboot, everything should be working like a charm.

Related posts:

1. Spoofing your MAC-address in Snow Leopard

OWASP

“Application Security – Awareness.”  Martin works for OWASP, The Open Web Application Security Project, and they have created a lot of cool stuff.  On the workshop we got an introduction to WebScarab and WebGoat, and for learning how a lot of software vulnerabilities work, they are great tools, and fun to play with.

WebScarab is a tool to analyze HTTP and HTTPS communication, and intercepts traffic as a proxy between your browser and the application you are analyzing, and let you look at and modify requests. WebScarab itself is not a training tool, but is supposed to be used for serious application analysis.

WebGoat is a Java web application hosted on a local tomcat server, which contains a lot of flaws and vulnerabilities. The application consists of a series of challenges, in which you use WebScarab to crack your way into the application.

The challenges range from very simple stuff like scanning through source code to look for hardcoded passwords, to more interesting things like Cross Site Scripting and SQL-injection for stealing credit card numbers.

Both tools can be downloaded for free from the OWASP download page, and since it is written in Java, it works on all platforms.

Just be sure to disconnect from the internet before starting WebGoat, since it opens up your computer to all the vulnerabilities it contains while it is running.

Related posts:

1. Citing / displaying source code in LaTeX
2. Installing Wireshark on Mac OS X 10.6 Snow Leopard

For example the system they used at the college I lived in at the University of Newcastle, where you had to send in a paper form to register your mac-address to the ethernet outlet in your room, and weren’t able to use the internet on your laptop when visiting friends on the campus.

Be aware that using these commands to work around such a policy is probably illegal, though.
In snow leopard, spoofing your ethernet MAC-address is as easy as opening a terminal, and type sudo ifconfig en0 lladdr aa:bb:cc:dd:ee:ff

The address can of course be anything you want it to be.

For spoofing the address of your airport card you first have to disconnect from the network you are currently on, this can be done by clicking the airport-symbol in the menu bar, select join other network, type some random name, hit connect and then cancel. Now type

sudo ifconfig en1 lladdr aa:bb:cc:dd:ee:ff

And then you can reconnect, with your new address.

Update:

Captain Future has created an applescript for spoofing the mac address that looks very nice.  It can be found here. Thanks!

Related posts:

1. Installing Wireshark on Mac OS X 10.6 Snow Leopard
2. Useful BASH-command: !!

Wordpress

Well, after using Joomla! for my blog since March, I got tired of it. Joomla is great for building large websites, but it was way too complicated for a simple blog like this.   Also, it’s kind of strange that a open source project got next to no documentation.  I had some problems migrating the articles from the Joomla database because of some charset errors from norwegian letters, but have imported the most important stuff now.  Using WordPress is a whole different experience… so easy!

I guess I have to learn hacking WordPress themes now.

No related posts.

It turns out there is an anti-pattern that describes this dilemma, called the Diaper Pattern. -”Because it catches all the shit”.

Now what’s left to decide is whether this applies to web apps or not…

No related posts.

http://www.roseindia.net/spring/index.shtml

No related posts.