Saturday, October 17, 2009

Connection Interrupted (TCP RST) has nothing to do with HTTPS aka HTTP over TLS

A network has layers.

In the TCP/IP model, there are four layers. TCP, UDP belong to the transport layer, while HTTP, SSL/TLS belong to application layer. RST (Reset the connection) is a flag in TCP header as in RFC793. RST vulnerability as well as off-path attacks are disscussed in RFC4953. Basically, if a connection is interrupted, it simply means that there is an accepted TCP package with RST flag set. It could be the server who reset the connection, or it could be an attacker. HTTP over TLS aka HTTPS, RFC 2818, is an application layer protocol. SSL/TLS protocol is used between HTTP and the transport layer. From a transport layer's view, the upper layer applications are served in the same way.

To summarize, TCP RST vulnerability is applicable to HTTP or HTTPS or any other application protocols as long as they rely on TCP connection, but it has nothing to do with application layer protocols.

A link to RFC.

Wednesday, October 14, 2009

Migrate from Goolge Pages to Appengine

Migration without losing any data.

When it comes to Google Pages, will you opt-out or do nothing and wait for your pages to be migrated to sites smoothly? We can wait, but at a cost. Google Sites do not provide equal or more features than Pages do. No custom Javascript; no uploaded HTML; limited layouts, themes. It dose not seem possible to migrate without losing any data. Even the appearance will change. So, where else can we migrate to?

Our choice is Appengine.

  • Powerful.
  • From the same vendor.

  • Technical skills required

Step by step migration:
  1. Download your pages as a zip from Google Pages
  2. Create a new appspot handle
  3. Download appengine SDK from
  4. Create a new project
  5. Configure the project
  6. Unzip pages into static content directory
  7. Test on localhost
  8. Deploy to appspot
  9. Test with http://<your-handle>
  10. (Optional) Bind your domain

The long waited automatical migration from Pages to Sites is still not done! Is Google waiting for everyone to opt-out? The magic is a rumor.
Option 1 - Do nothing, and your pages will automatically be moved to Google Sites

  • We'll set up the new site and move your pages for you.
  • Visits to your URL will redirect to your new site.
  • Note that Google Sites does not support custom JavaScript or CSS in its pages.
Option 2 - Opt out of the move, and take your pages to a new location

  • Download your site.
  • Once you've moved your site to its new location, opt out of migration by setting up a redirect below.
Let's wait and see.

A History of man-made Lunar Impact

Hit the Moon

An incomplete list of lunar impact by human being.

2009.10.9 7:31 EDT

2009.03.01 16:13 CST
嫦娥一号 ChangE1

The Moon Impact Probe

2006.9.3 05:42 UT