Skip to content
31 July 2010 / April

I hope OIT reads my blog

In celebration of surviving my first week of arduous CS research, being able to straighten my left arm again, and sunshine, I thought I’d write a blog post.  Woohoo!

To explain the left arm thing, oh man no I’m so not in the mood to explain the left arm thing.  Let’s just say I messed with Texas, and Texas gave me an IV in the arm.  More specifically, on the inside of my left elbow.  I thought I would never be able to straighten my arm again, but now it’s only mildly uncomfortable to do so, so I am optimistic for a bright future of arm-straightening excitement.

CS research is not actually arduous.  Despite my lack of experience with distributed systems and GUI programming, I somehow still forced those dots on the map to bend to my will and change colors as I bid them.  Score one for April

Anyway, I’ve missed the CS department.  Everyone is so incredibly chill, and apparently their chillness only increases during the summer months, when suddenly lunches absolutely require one and a half hours plus magnets.  We also make fun of tour guides and complain about OIT.  (If you’re on campus, try Googling or otherwise searching “dr*p table” – with an ‘o’ where the * is.)

And… it’s sunny.  Sunshine always deserves props.

[Addendum: So I’ve been struggling for over an hour to get this thing posted and it’s not working.  Really, universe?  I finally sit my ass down to write a blog post and you won’t even let me post it.  To add insult to injury, every other website on the internet is working just fine, as well as all other parts of  SO FUCKING FRUSTRATING.

I have a sneaking suspicion that this is all because I Googled “dr*p table” while writing the post.  This is clearly completely illogical but I can’t shake the thought, so there you have it.

Actually, it’s not COMPLETELY illogical.  Shall I explain?  Oh what the hell, I can’t post the damn thing anyway.  So WordPress autosaves your posts every insert-time-interval-here, but along with my inability to post comes an inability to save or autosave.  Ergo, the last saved copy of my post can tell me exactly when everything went to hell in a hand basket, give or take insert-time-interval-here.  Thus I know the hand basket left the station, destination hell, when I was in the middle of the parenthetical interjection about Googling “dr*p table”, which was just about when I would’ve Googled “dr*p table”, so you see –

Wait.  I’m an idiot.

Obviously the network is unhappy about any text fields containing the words “dr*p table” which includes blog post fields.  GODDAMMIT OIT.

Anyway, this post just crossed the line from marginally interesting to completely unnecessary, although I know for a fact that the CS department is going to get a kick out of this when I tell them.]

[PS. Requisite XKCD comic.]



Leave a Comment
  1. Kati / Jul 31 2010 6:09 pm

    you messed with Texas? man, we really do need a skype date.

    • April / Jul 31 2010 8:14 pm

      Tell me about it…

  2. JH / Aug 2 2010 3:39 am

    I discovered this issue several months ago. OIT’s IPS appliance kills any outgoing HTTP requests containing “drоp table,” among other suspicious strings.

    OIT knows about the issue; following is Peter Charbonneau’s response to my inquiry.

    Our IPS device is set to drop suspicious SQL traffic, but it depends on the traffic type, the “weight” of the transaction (from low risk to high risk) and the rated “goodness” of the catch – in other words, what the chances are of it being a false positive. We usually don’t drop traffic unless the signature has a very high likelihood of being bad in all cases.

    To answer your first question, there have been cases on our network, where machines haven’t had up to date patches and were exploited via malicious PDF files; other machines on our network, have been exploited via phishing; the end result, typically, is a machine that becomes part of a botnet, and then tries to exploit weak SQL passwords and XSS attacks.

    I have looked at all the signatures that could potentially drop traffic and blessed them. That doesn’t necessarily mean that if/when a signature update occurs, that the vendor didn’t dork something up, but Cisco is usually pretty good.

    • April / Aug 2 2010 10:01 am

      I guess their reasoning makes sense, although it still seems a bit heavy-handed… Thanks for the info!

  3. JH / Aug 2 2010 3:46 am

    P.S. The Cyrillic “о” serves nicely in place of the Roman “o,” should the need to type “drоp table” arise again . . .

    That, or a non-breaking space.

  4. rezecib / Aug 3 2010 1:19 pm

    I’m pretty sure asterisks aren’t metacharacters in HTML, so I don’t think that would be the problem…

    • April / Aug 3 2010 2:24 pm

      I’m not using * as a metacharacter here, it was just being used as a replacement character so that my blog post could actually get through on the Williams network. THAT was the problem.

      • rezecib / Aug 3 2010 2:45 pm

        Oh, I see, so originally it was the correct character, and that’s what caused the problem? That makes more sense. It probably wasn’t the Williams network being the problem, though, more likely the WordPress code, as the network shouldn’t be interpreting it (unless they have a packet filter… hmm… which is not unlikely…). Meh.

        • April / Aug 3 2010 3:33 pm

          It’s definitely Williams OIT’s fault, the issue is more widespread than WordPress (as acknowledged in JH’s comment).

          • rezecib / Aug 3 2010 7:44 pm

            That’s pretty bizarre.

            I wonder how small these boxes get?

          • April / Aug 3 2010 7:46 pm

            This small, apparently.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: