monline

Using a torrent client with lots of connections my (Snow) Leopard used to get stalled (it just hangs and no app seems to be responding, but the GUI remains mostly functional though). The solution seems to be a bit of a network tweaking.

A "protocol relative URL" is an absolute URL without the starting scheme + ":" part. Eg. a protocol relative URL of http://google.com/ is //google.com/. You can read all about various sorts of URL references in RFC 3986 ("Uniform Resource Identifier (URI): Generic Syntax"). Unfortunately not all web clients support protocol relative URLs (eg. various IE versions exhibit different problems and Safari in some iOS versions breaks too). You can read some notes and comments on this at Paul Irish's blog or in this post at Wikimedia's blog.

"Microsoft Network Monitor is a packet analyzer. It enables capturing, viewing, and analyzing network data and deciphering network protocols. It can be used to troubleshoot network problems and applications on the network."

The de facto standard for network capture and analysis is Wireshark, but Microsoft also developed their solution for the problem and named it simply Network Monitor. The app has no real homepage, only a small knowledge base article. Most of the available information is gathered on Wikipedia and the app's blog.

Just found out that the reason for the hangs I've been experiencing (for ages) is a 7 year old bug in Firefox. It's even documented in the main "Firefox hangs" Mozilla KB article. Since my PAC file was not too complicated, I can easily live without it. But people seriously depending on a PAC are screwed.

The page describes SYN cookies pretty well. For a bit more info, take a look at these:

• SYN cookies at Wikipedia
• TCP variables in the Ipsysctl tutorial
• Linux firewall-related /proc entries

Up til now I believed that all Oracle database connections are firewall-crippled by the well known SQLNET setup: client connects to server's 1521 TCP port (the TNS Listener), the server starts a DB process to handle the connection and tells the client to disconnect from TNS Listener and connect to a newly opened, random port. Ie. you've to open all ports on the server for traffic coming from the client. However today I've monitored with Wireshark a connection being estabilished through an SSH tunnel from an Oracle client (running PL/SQL Developer) to a 9iR2 database server and only a single connection was used the whole time!

Is this really a bug in the VPN client? All operating systems have components that run at the highest possible privilege level (see: privileges in protected mode). Thus at least "some" code can have access to all memory segments, so we can assume that the process memory is not protected (well enough). However the VPN client is going to need those passwords in clear text at some point. And if we assume that a malicious user runs a debugger eg. in the kernel and steps through the code of the VPN client and watches the memory closely, the passwords cannot be fully protected. Of course having the passwords in the memory in clear text for the shortest possible period can help make life more difficult for prying eyes, but not "that much" more difficult.

I've been in this situation a couple of times before, but I've never been able to fix it ... not until today. Let's assume that somehow your network setup in Windows gets screwed up. Ie. you've no network connection, the network adapter in Device Manager has a small yellow exclamation mark meaning it has some obscure problem that prevents it from normal functioning. And of course re-installing the adapter won't help because you get an obscure "error occurred during the installation of the device" error message (maybe you even get a "The system cannot find the file specified." message along too) ... or even better, you cannot uninstall the adapter at all because you get a "Failed to uninstall the device. The device may be required to boot up the computer." error message. All seems to be lost.

The description of the route command on the MS website is a lot more helpful, than the output of route /?. I've used the route command a lot, but never before realized that there's an interface list at the start of a route print command's output. It's good to know how to create a route for a specific interface. I had some trouble with a Nortel VPN Client (it overwrote my default gateway) and I couldn't figure out why my custom routes won't work (I still don't know). But an interface specific rule helped.