Upgrading a FreeBSD system is not all that hard. The FreeBSD Handbook obviously has a more verbose look at the whole process, but the following is basically what you will need to do on most systems.

If csup is new to you, man csup for more information. It is a C rewrite of cvsup.

I have compiled a list of system commands that I felt were frequent enough to mention. The list covers commands that you use to ti interact with the file system and network, use the vi/vim editor, and utilize screen to make life easier.

I thought it would be neat to write a program to spider the Web autonomously... so I wrote a Perl script that does just that!

The computer science folks would consider the spidering aspect a breadth first search that uses a queue data-structure to hold the collection of hostnames. That sounds like a mouth full, but the idea is simple (I promise!).

The program basically works by looping through the following phases:

1. do a HTTP dump on a host (port 80) in queue
2. scrape unique hostnames from the output
3. add the found hostnames to the crawl queue
4. do something fun with the output

The link to the code is here if you want to check that out.

To make a long story short, transparency is a P.I.T.A. if you plan on exposing your image to older web browsers. The transparency in your image might appear to work as planned in the more recent browsers, but the same image can often result in an array of funky colors where the transparency is supposed to be in older browsers.

Transparency is a must on today's Web and, unfortunately, old and outdated browsers are still prevalent enough that you have to take them into considering when building/designing a website. Though some statistics might cite that older browsers have a minute market share and choose to neglect them in the design process, those same viewers could be a click on an ad, a purchase at your store, or remain valuable in some other aspect.

Using the GIMP, cross-browser transparency support is easily accomplished with a few clicks. The following list of instructions is, verbatim, what needs to be done to export the image correctly.

1. Image -> Flatten Image
2. Layer -> Transparency -> Add Alpha Channel
3. Select -> By Color OR use the Fuzzy Select Tool with thresholds on the GIMP toolbox
4. Edit -> Clear or DEL on the keyboard
5. Image -> Mode -> Indexed...
6. File -> Save As... -> filename.png
7. (yes to defaults)

Often times, administrators and default installations of various DNS servers (on all platforms) leave the DNS server susceptible to zone transfers. What this basically means is that the DNS server will allow someone to download a dump of all DNS records served for a specific domain. This can obviously pose a moderate to high security risk (but can be disabled on the server quite easily).

The information gained with a successful zone transfer can be very helpful for an intelligence gathering attacker and can ultimately expose the addresses of a huge number of hosts that administrators might not want the public (internet) to know about (and that no one planned to be exposed to internet traffic!).

For example, I have seen zone transfers that listed multiple development servers that were freely accessible, exposing security flaws due to incomplete code. Development boxes are also a good candidate to look for files with incorrect permissions to gain even more information out of the host.

Also, bare in mind the situation where someone gets their hands on a decent sized transfer. Thousands of hosts belonging to a single domain can be easily gleaned in seconds. I think it is also neat how you can quickly read over most zone transfers and easily pick out the devices that belong to the core infrastructure and even addresses of important services used in the domain (due to the verbosity some administrators use in coming up with a hostname).

I wrote a small Perl tool, dig-shovel, to automate the process of finding the list of nameservers for a domain, attempting a domain transfer from each, and finally parsing the addresses contained in the zone transfer into something easily readable and exportable. The tool I wrote can be directly downloaded form this site by with this link (right-click, Save As...) or click through to this post to get the details on dig-shovel.

If your host happens to have weird or non-existent PHP logging features, you can easily enable them in-line with your code as if you had changed php.ini directly.