Is it considered as a DOS attack if I add too much data to a page so that it doesn’t respond at all?

I am working on an application. There is a new feature implemented where a user create some IDs and secret keys for that application.

I have observed that there is no rate limit for creating those.

I have sent the request to intruder and created nearly 11000 sets of IDs and secrets.

So whenever any user tries to access that page, it loads continuously and displays a message that page has become unresponsive and as a result it doesn’t let user to access anything in the page.

In my point of view, this is a vulnerability because lack of rate limiting is leading to inaccessibility of the page for all the users in the application.

However, I am confused if it is as considered as a DOS attack or valid rate limiting issue.

Please suggest with valid justification.

Nmap doesn’t show physical hosts

~# nmap -sn Starting Nmap 7.80 ( ) at 2020-07-02 18:11 +01 Nmap scan report for Host is up (0.00068s latency). MAC Address: 52:54:00:12:35:02 (QEMU virtual NIC) Nmap scan report for Host is up (0.00067s latency). MAC Address: 52:54:00:12:35:03 (QEMU virtual NIC) Nmap scan report for Host is up (0.00070s latency). MAC Address: 52:54:00:12:35:04 (QEMU virtual NIC) Nmap scan report for Host is up. Nmap done: 256 IP addresses (4 hosts up) scanned in 2.04 seconds 

i use a virtual machine, and Nmap shows only the virtual hosts

Multi-classing doesn’t generalize Single-class spellcasting?

I am aware of our go to question about spellcasting and multiclassing, and I am aware of the rules. I am nonetheless confused about something:

If we use the multi-class rules, in particular

You determine your available spell slots by adding together all your levels in the bard, cleric, druid, sorcerer, and wizard classes, half your levels (rounded down) in the paladin and ranger classes […]

So, a 5th level paladin contributes as a 2nd level caster (5/2 = 2.5, rounded down 2). A 2nd level caster would have 3 first level spell slots, and that’s all. However, a 5th level Paladin has a spell slot table that clearly reflects a 3rd level spellcaster. In general, it looks like the Paladin level is being rounded up when defining the class’ spellcasting table. The same can be said to the Ranger and to the "1/3 casters" (Arcane Trickster and Fighter).

So, when you multiclass, the half-casters and 1/3 casters contribute less to the spellcasting levels than their own progression suggests. This means, for example, a 3rd level Paladin and 2nd level Ranger, although "jointly" count as a 5th level "half-caster" (you sum them before dividing and rounding), when multi-classing the character is only a 2nd level multi-class caster and doesn’t have 2nd level spell slots, even though a single-class 5th level ranger or a 5th level paladin would both have 2nd level spell slots.

This is weird to me, so, to start with, is the math right? Am I missing something? Or multiclassing is, in fact, inherently harming the spell progression provided by the not-full-spellcasters, in a way that 5 levels of different half-casters is simply worse than 5 levels of the same half-caster?

IP doesn’t change to the domain name

I am facing this problem for quite a long time. When I enter the IP address of my website it take me to the website but the IP address doesn’t change to the Domain Name. I am hosting my website on a Virtual Machine on Google Cloud. I am using the Google Cloud service as a hosting service for my website. Can someone help me in solving this problem?

How do I deal with a player wanting to do an activity that takes weeks when the party doesn’t want to?

I’m currently running a campaign with 5 players at level 3, one of which is a Wizard Dragonborn who’s entire character is devoted to becoming a real dragon by the end of the campaign through some kind of magic or holy gift or something.

As part of this, the player has decided that he absolutely MUST have a Pseudodragon and has decided that next session, as the players have finally returned to town after leaving at level 1, he is going to spend a few days resting before setting off alone to explore the forests of the nearby area to find a Pseudodragon.

I explained to him that on foot, sweeping the whole forest systematically (in a frontier part of the world where the majority of the land is forested) will take literally weeks for his character to do, as he has no spells that can assist him except find familiar (which he could use to sweep the air with a hawk).

When I explained that, this would involve him as a player turning up to the session (online) and contributing essentially nothing for extended periods of time over the course of several sessions (my players have decided they will be leaving town soon and our sessions have very little time between them in the world) he decided that he was fine with that.

I really don’t think that he will be and I’d hate to lose one of my players because in two session’s time he decides that he is really bored and doesn’t want to keep playing but on the other hand I really don’t feel like it’s fair for the other players just to give him what he wants immediately because I’m scared to lose a player.

I know he has said that he is fine with it and I’ve explained the downsides to doing what he is planning to do.

As the DM, is there a better way that I can damage control this? I don’t know if I’m making the right choices by not giving the player what they want but I just cannot see a reasonable way that a player could quickly find a rare animal in hundreds of square miles of forest.

Why doesn’t relu cause back propegation to get stuck

Say you have a neural net that is being trained using back propagation and you are using relu activation. Say the input to a node is a weighted sum of the previous layer with a bias term and say for a particular data point, this weighted sum plus bias is negative. Then relu returns 0. Notice the change in the loss as a function of the change in one of these weights or the bias is 0. Therefore the network won’t improve the bias as the network does back propagation. Why is this not a problem?

arpspoofing doesn’t work for some reason?

I’m new to hacking so please don’t bash me on the replies. :'(

Trying to arpspoof my own windows machine (not vm), the guide I’ve watched tells me to check the arp -a on windows cmd before and after arp spoofing and that if the MAC adress on the gateway ip has changed it means it worked, nothing changes though? also tried urlsnarfing and nothing popped up? I’m so confused on why it’s not working.

echo 1 > /proc/sys/net/ipv4/ip_forward  arpspoof -i wlan0 -t [Victim IP] [Gateway IP] (Terminal 1) arpspoof -i wlan0 -t [Gateway IP] [Victim IP] (Terminal 2)  

Oracle 19c database instance doesn’t register with listener

I have just installed an oracle 19c ( to be exact) database on a centOS 8 virtual machine. The databases instances can all be started with sqlplus on the host machine. I have set up listener.ora and tnsnames.ora based on an existing (functioning) oracle 12c, which has a very similar setup.

I did the initial installation using the .rpm from Oracle, thinking that would make things easier. It probably didn’t make things any more difficult, but it meant that the directory structure was not what I’d have expected. Still, it isn’t as though it is unusable, just located differently. Having done that, I did a basic install of the DB instances I wanted (using pretty much all default settings) with dbca.

Finally, I setup listener.ora and tnsnames.ora based on the working 12c installation. The problem is, no matter what I do, the DB instances don’t seem to be registering themselves with the listener.

The tnsnames.ora looks like this:

## initially copied from linuxoracle12 (20200617-1112)  LISTENER_TEMP =   (ADDRESS = (PROTOCOL = TCP)(HOST = = 1521))   TMF =   (DESCRIPTION =     (ADDRESS = (PROTOCOL = TCP)(HOST = = 1521))     (CONNECT_DATA =       (SERVER = DEDICATED)       (SERVICE_NAME =     )   )  LISTENER_TMFDE =   (ADDRESS = (PROTOCOL = TCP)(HOST = = 1521))   LISTENER_TMF =   (ADDRESS = (PROTOCOL = TCP)(HOST = = 1521))   TEMP =   (DESCRIPTION =     (ADDRESS = (PROTOCOL = TCP)(HOST = = 1521))     (CONNECT_DATA =       (SERVER = DEDICATED)       (SERVICE_NAME =     )   )   TMFDE =   (DESCRIPTION =     (ADDRESS = (PROTOCOL = TCP)(HOST = = 1521))     (CONNECT_DATA =       (SERVER = DEDICATED)       (SERVICE_NAME =     )   ) 

The listener.ora looks like this:

## initially copied from linuxoracle12 (20200617-1117)  SID_LIST_LISTENER =  (SID_LIST =   (SID_DESC =    (GLOBAL_DBNAME = TMF)    (ORACLE_HOME = /opt/oracle/product/19c/dbhome_1)    (SID_NAME = TMF)   )   (SID_DESC =    (GLOBAL_DBNAME = TEMP)    (ORACLE_HOME = /opt/oracle/product/19c/dbhome_1)    (SID_NAME = TEMP)   )   (SID_DESC =    (GLOBAL_DBNAME = TMFDE)    (ORACLE_HOME = /opt/oracle/product/19c/dbhome_1)    (SID_NAME = TMFDE)   )  ) LISTENER =   (DESCRIPTION_LIST =     (DESCRIPTION =       (ADDRESS = (PROTOCOL = TCP)(HOST = = 1521))       (ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC1521))     )   ) 

As an example the initTEMP.ora looks like this:

## initially generated with dbca ## 20200617 added: *.local_listener='LISTENER_TEMP' TEMP.__data_transfer_cache_size=0 TEMP.__db_cache_size=855638016 TEMP.__inmemory_ext_roarea=0 TEMP.__inmemory_ext_rwarea=0 TEMP.__java_pool_size=0 TEMP.__large_pool_size=16777216 TEMP.__oracle_base='/opt/oracle'#ORACLE_BASE set from environment TEMP.__shared_io_pool_size=0 TEMP.__shared_pool_size=301989888 TEMP.__streams_pool_size=0 TEMP.__unified_pga_pool_size=0 *.audit_file_dest='/opt/oracle/admin/TEMP/adump' *.audit_trail='db' *.compatible='19.0.0' *.control_files='/opt/oracle/oradata/temp/TEMP/controlfile/o1_mf_hgkpt5t0_.ctl','/opt/oracle/fast_recovery_area/TEMP/controlfile/o1_mf_hgkpt5w0_.ctl' *.db_block_size=8192 *.db_create_file_dest='/opt/oracle/oradata/temp/' *.db_domain='' *.db_name='TEMP' *.db_recovery_file_dest='/opt/oracle/fast_recovery_area' *.db_recovery_file_dest_size=8256m *.diagnostic_dest='/opt/oracle' *.dispatchers='(PROTOCOL=TCP) (SERVICE=TEMPXDB)' *.local_listener='LISTENER_TEMP' *.open_cursors=300 *.pga_aggregate_target=378m *.processes=300 *.remote_login_passwordfile='EXCLUSIVE' *.sga_target=1134m *.undo_tablespace='UNDOTBS1' 

So far so good… I thought. But regardless of what I try, I cannot get the DB instances to register with the listener. When I run lsnrctl services, I get the following:

[oracle@linuxoracle19 admin]$   lsnrctl services  LSNRCTL for Linux: Version - Production on 17-JUN-2020 12:11:01  Copyright (c) 1991, 2019, Oracle.  All rights reserved.  Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)( Services Summary... Service "TEMP" has 1 instance(s).   Instance "TEMP", status UNKNOWN, has 1 handler(s) for this service...     Handler(s):       "DEDICATED" established:0 refused:0          LOCAL SERVER Service "TMF" has 1 instance(s).   Instance "TMF", status UNKNOWN, has 1 handler(s) for this service...     Handler(s):       "DEDICATED" established:0 refused:0          LOCAL SERVER Service "TMFDE" has 1 instance(s).   Instance "TMFDE", status UNKNOWN, has 1 handler(s) for this service...     Handler(s):       "DEDICATED" established:0 refused:0          LOCAL SERVER The command completed successfully 

In various posts and what not, I have read that status UNKNOWN, whilst not seriously bad, actually means that the service in question is not registered with the listener. This is exemplified when I try to connect using NetBeans or SQLDeveloper. In both cases I get the error:

IO Error: The Network Adapter could not establish the connection 

Before anybody asks, yes, I did try tnsping. When I did, I got:

[oracle@linuxoracle19 dbhome_1]$   tnsping TEMP 5  TNS Ping Utility for Linux: Version - Production on 17-JUN-2020 16:02:19  Copyright (c) 1997, 2019, Oracle.  All rights reserved.  Used parameter files: /opt/oracle/product/19c/dbhome_1/network/admin/sqlnet.ora   Used TNSNAMES adapter to resolve the alias Attempting to contact (DESCRIPTION = (ADDRESS = (PROTOCOL = TCP)(HOST = = 1521)) (CONNECT_DATA = (SERVER = DEDICATED) (SERVICE_NAME = OK (10 msec) OK (0 msec) OK (0 msec) OK (0 msec) OK (10 msec) [oracle@linuxoracle19 dbhome_1]$   trcroute TEMP  Trace Route Utility for Linux: Version - Production on 17-JUN-2020 16:05:39  Copyright (c) 1995, 2019, Oracle.  All rights reserved.  Route of TrcRoute: ------------------  Node: Client        Time and address of entry into node: ------------------------------------------------------------- 17-JUN-2020 16:05:39 ADDRESS= PROTOCOL=TCP  PORT=1521  Node: Server        Time and address of entry into node: ------------------------------------------------------------- 17-JUN-2020 16:05:39 ADDRESS= PROTOCOL=TCP  PORT=1521 

Can anybody out there tell me what is going wrong? I really have no idea why the current setup doesn’t work.