# neverendingbooks Posts

As I am going to give a talk on Combinatorial Game Theory early
next month I have to update my rusty knowledge of canonical forms of
two-person game positions, their temperature theory and the like. As
most of the concepts in this field are recursive they are hard to work
out by humans but easy for computers. So it is nice to have a good
program to use. I remember that David Wolfe wrote a couple of years ago the Gamesman Toolkit but it seems he has taken it off
his website. Still, you can get it from the Software released by Michael Ernst page. So,
Then do the following

cd Desktop/games sudo make sudo cp
games /usr/bin/ /usr/bin/games

to get it up and
running (for documentation of how to use it see the Gamesman
Toolkit-paper above. But, it seems that as of July 2003 there is a much
better alternative around : the Combinatorial Game Suite of Aaron Siegel. It is an open source Java-program so it
runs on many platforms (including Mac OSX). Here is the way to get it
cgsuite-0.4-folder on your desktop. Then type

cd
Desktop/cgsuite-0.4 java -jar cgsuite.jar

and after a few
questions (including whether you want to be on the mailing list of the
project) the program starts up. It is very well documented with an
on-line manual which I have to read over the coming
days…

A
longer term project is to get the web-server www.matrix.ua.ac.be integrated in our home-network
as an external WebDAV-server (similar to the .Mac-service
offered by Apple). But as this server runs all information about the
master-class on non-comutative geometry connecting to it via HTTP to use
combinations will be send without encryption. Hence the natural question
whether this server can be set up to run SSL (Secure Sockets
Layer) such that one can connect via HTTPS and all exchanged information
will be encrypted. As the server is an Apache it comes down to get
mod-ssl running. A Google on mod_ssl OS X gives the
ADC-document Using mod-ssl on Mac OS X which seems to be just
instructions of using the openssl command. However, the
end-result is rather weak : it only makes the localhost running
HTTPS, that is, one can connect to your own computer safely… which is
pretty ridiculous (other computers in the same network cannot even
connect safely).

So, back to the Google-list on which
one link raises my interest Configuring mod-ssl on Mac OS X which looks like
the previous link but has one essential difference : the page is written
by Marc Liyanage. If you ever tried to get PHP and/or MySQL
running under OS X you will have noticed that his pages are by far the
most reliable on the subject, hence maybe he has also something
interesting to say on mod-ssl. However, the bottom line of the
document is not very promising :

You
should now be able to access the content with https://127.0.0.1 from
the same machine.

which is again the
localhost. So perhaps it is just impossible to run mod-ssl
without having an X-server. Anyway, let us try out his procedure.
Begin by issuing the following commands in the Terminal

sudo -s cd /etc/httpd mkdir ssl chmod 700 ssl cd
ssl gzip -c --best /var/log/system.log > random.dat openssl rand
-rand file:random.dat 0

Next, we need a server certificate. If you
want to do it properly you need a certificate from a certification
authority
such as Thawte but this costs at least $200 a year which I am not willing to pay. The alternative is to use a self-signed certificate which will force the browser to display an error-message but if the user dismisses it all traffic exchanged with the server will still be encrypted which is just what I want. So, type the command openssl req -keyout privkey-2001.pem -newkey rsa:1024 -nodes -x509 -days 365 -out cert-2001.pem (all on one line). You will be asked a couple of questions (the only important one is the Common Name (eg, YOUR name). Here you should take care to enter the host name of your web server exactly as it will be used later in the common name field. In my test-case, if I want to get my server used by other computers in the network this name will be imaclieven.local. (note the trailing .). Now issue the following commands chmod 600 privkey-2001.pem chown root privkey-2001.pem apxs -e -a -n ssl /usr/libexec/httpd/libssl.so  which will activate the SSL-module (if at a later state you want to de-activate it you have to change -a by -A in the last command). Finally, we have to change the /etc/httpd/httpd.conf file so first save a backup-version and then add the following lines at the end of the file : (IfModule mod-ssl.c) Listen 80 Listen 443 SSLCertificateFile /etc/httpd/ssl/cert-2001.pem SSLCertificateKeyFile /etc/httpd/ssl/privkey-2001.pem SSLRandomSeed startup builtin SSLRandomSeed connect builtin (VirtualHost -default- :443) SSLEngine on (/VirtualHost) (/IfModule) Observe that round brackets () should be replaced by <>. Finally, we do apachectl stop apachectl start and we are done! Going to another computer in the network and typing in Safari https://imaclieven.local./ will result in an error message Just click Continue and you will have a secure connection to the server. Thanks Marc Liyanage! (Added january 11th) Whereas the above allows one to make a HTTPS connection it is not enough for my intended purposes. In order to get a secure connection to a WebDAV server, this server must have the mod-auth-digest module running which seems to be impossible for the standard Apache server of 10.3. You need an X-server to have this facility. So I think I have to scale down my ambitions a bit. So far I found it rather easy to post one or more messages a day as I was installing a lot of software or trying to get things working and was merely logging my progress for future reference. These notes are useful to me but probably not to the rest of the world. Another thing I noticed is that I’m using this blog sometimes as a replacement for my Bookmarks, merely listing interesting web-pages without too much personal comments. I will continue to post both install-logs and bookmark-logs but in addition I want to write (say weekly) a lengthier post on a specific topic with more background, more details (such as screenshots) and more personal comments. We will see how this works out in the coming weeks… Another thing that slightly worried me is that people visiting my homepage and clicking on to my blog may expect entirely different things there. But this cant be helped, I’m sitting on an OSX-cloud at the moment but no doubt this will change quickly. Beginning of february I have to give a talk on Combinatorial Game Theory and soon afterwards the Non-commutative Geometry Master Class starts in which I’m giving a couple of courses, so mathematics will become more dominant in this blog from next month on… On a blog-tech matter : I found a quite good editor pMpost which is meant to write pMachine-blogs offline and upload them by one click. It also synchronizes categories etc. on login. Further, it has a spelling-checker but the thing I really like about it is that you can save texts as a draft and continue at a later time (sadly, it remember the date/hour when you start your post so when you finally submit it it will be posted at the starting- rather than the posting-day. Still, there is nothing that copy/paste cannot solve. I hope to use this facility when (read if) I’m going for a more in-depth post. Another matter that I will address to as quickly as possible (probably over the weekend) is teh layout of this site. The main annoying thing is that the text doesnt resize when you increase/decrease window width. So I will address this matter first and probably leave a personal layout and color-scheme to later. Fortunately, I did find a good site containg a lot of CSS templates for pMachine weblogs. Another site I’ll have to investigate over the weekend is pMtemplates. But don’t expect too much from the layout-side, I still have other projects to worry about : SSL, WebDAV, streaming iTunes, getting on Ethernet-DVD player to work and so on. What then is all this WarWalking, WarDriving, WarChalking and so on? In particular, why the aggressive War-word in them ? From what I learned, the historical origin of these terms comes from the 1983 movie “War Games” in which a kid sets up his modem to dial numbers until it finds a computer to hack leading inevitably to the US-army in total panic. This hobby created the phrase WarDialing. In analogy, a person driving around in a car with a laptop in search for wireless networks is said to be WarDriving, if (s)he is on foot it is clearly WarWalking. Because of the aggressive nature of the War-subword some people have re-engineered an explanation : WAR = Wireless Access Reconnaissance so let us hope this acronym will catch on. Now then, what is WarChalking ? It was invented by Matt Jones and the idea is that a WarWalker should write a symbol in chalk on the wall nearest to the discovered Access Point describing its nature (see picture on the left) : the first sign depicts an open node, the next a closed one and the last one is a node with WEP-protection (btw. WEP=Wired Equivalent Privacy). A lot of people seem to take this fairly serious, there is even a webpage warchalking.org devoted to it on which you can find a lot more information. And as warchalking was originally British, there had to be also an American site containing among other things a not that active forum. Further, the unofficial HOW-TO of WarDriving may be interesting. To me it all sounds as an excuse to buy a GPS-receiver and a laptop We still have an original iMac (Bondi Blue). It runs at 233 MHz, has 192Mb RAM and a hard-disk of 4Gb, so is pretty outdated. Still, when Mac OSX was introduced I had a hard time installing extra RAM in it (for this model you have to take it apart disconnecting all sorts of cables) so it would be a shame if this oldest member of the family is left out of the network. The problem is that it has an Ethernet card but no possibility to include an Airport-Card… So I bought a D-Link Wireless USB adapter and was told that installation would be plug-and-play : just connect it to the USB-port, open up the Applications/Utilities/Airport Setup Assistant and everything would rum smoothly. Hahah! When I started the Assistant it was clever enough to detect that no Airport-Card was installed and refused further action. But, there is a CD in the package so I did install the driver which really adds a new icon Wireless Adaptor to the System Preferences . Clicking it gave the sobering message No Wireless Device Attached and I couldnt press the Scan button for detection of possible networks. But disconnecting the D-Link a number of times and pressing it very hard eventually I got a wireless icon in the toolbar but still it couldnt give me a signal strength of available networks. But that might be right as the ABS is protected both by WEP and by MAC-access. So, I added the MAC-address of the D-Link to the list in the Access Control pane of the Airport Admin Utility which also gives a way to get at the Hex-equivalent of the WEP-key : click on the Password icon. So, i manually created in the Wireless Adaptor-preferences a network with the correct name, WEP-key equivalent and so on and thought that would do it. But no, now I did get a signal strength but it showed that I was not connected and that the WEP-key was incorrect. On the other hand, no complaints were listed when i tried to access the ABS as Peer-to-peer but this created all other sorts of problems as I could detect with iStumbler so I quickly removed this option and got to bed. This morning I realized that I still have the old Graphite Airport Base Station lying idle so I connected it with a patch cable to the Router, reconfigured it without WEP-protection and without Access Control and instructed BondiBlue to connect to this new network, which it immediately managed to do but it took a few restarts and time to get it onto Internet and connected to other computers on this second network. So, now I will increase security on this new network and see where it fails. First, add Access Control by including the MAC Address of the D-Link and other computers, reconfigure the ABS and the BondiBlue is still on the network! Next, WEP : in the Apple documentation it is mentioned to take a passphrase of exactly 5 symbols to ‘increase compatibility with third-party products’. Let’s try ab;12, change in the Wireless Adaptor-Prefrences the properties of the network by choosing Enable WEP 40 Bits ASCII (5 characters) and give the key ab;12 and sure enough : everything works! So the problem was that our regular network is WEP-protected by a longer passphrase and D-Link could not handle the HEX-equivalent 10 digit number. A final attempt : in the D-Link documentation a solution is offered by giving the ABS a 10-digit Hex together with a starting$-sign so let’s try
\$4bb2603b52 on the ABS and 4bb2603b52 in the properties of