WAF Block issues

We have a web app hosted in AWS. I want users to only reach specifics URIs not but not the home page of the app. For instance, if the app is reachable at https://mypublicapp.com, I only want the users to access https://mypublicapp.com/submit/d131dd02c5e6eec4/. The "d131dd02c5e6eec4" example hash value is different for different resources. When I take a look at how the app works using the DEV tools of the browser, the "Requested URL" is https://mypublicapp.com/submit**?key=**d131dd02c5e6eec4/ so the hash is sent as a query string in the headers under the value "key". At this point I could simply use the AWS waf to inspect the request header and reject everything that has no key as a query string. But the problem is that the web app, which I do not have control over, also does a request to the "/", so If I restrict the home page, I also restrict the access to the submit resource mentioned above. Any ideas on how to do the home block without blocking the resource?

Appreciate. Farid

12.1.1 “Part” functionality having issues with Dataset

I made some large datasets of SEM micrograph images and metadata in 12.0 and they have been working no problem for several weeks. but now when I run the notebook in 12.1.1, it seems that it fails to define the Part of the dataset I need. I just reinstalled 12.0 and the problem is still happening now, so maybe I’m just an idiot.



Do any serious balance issues result from this houserule: Floating Ability Score at Character Creation?

I’ve recently been considering the phenomenon that "unusual" race-class combinations are often 1 modifier behind on their primary ability score – i.e. that they would start, using point buy or standard array, with a 15(+2) in their primary score, rather than 16 or 17 (+3). To my mind, this is a very significant mechanical effect that undesirably discourages such unusual combinations, while each race’s other qualities act as much more of a nudge than a hard barrier.

I recently came across a house-rule that would address this issue, allowing any race to achieve a 16 (assuming point buy or standard array) in their classes primary ability score at character creation, and have slightly modified it to the below.

Floating Ability Score at Character Creation

During character creation, you may remove 1 point from any racial ability score bonus you gain from your base race (but not your subrace), and add it to any other ability score which does not already gain a bonus from your race or subrace.

The original rule allowed this movement from any racial ability score, including from subraces. I have changed that because:

  1. It avoids breaking the balance of the Mountain Dwarf subrace, whose traits are designed to work against each other, and they do so much less if you can swap a point of STR for another stat
  2. Subraces are already thematically sparser than base races; the ASI is often 1 of only 2 defining traits – and you already get to pick between several subrace options anyway

I think even with that change this rule still achieves the desired goal of letting less traditional race/class combos not fall behind in their primary stat.

Are there any serious foreseeable balance issues that would arise from using this house-rule?

Issues with no flux boundary conditions in NDSolve

enter image description hereThe no flux boundary conditions are making trouble. How to handle them? The problem I’m trying to solve is as follows: PDE: 0.036*D[C[x,y],x]==2.4*10^-10*(D[C[x,y],{x,2}]+D[C[x,y],{y,2}]) Boundary conditions: 1. C[0,y]==Piecewise[{{1,H/21)==0 3. (D[C[x,y],y]/.y->0)==0 4. (D[C[x,y],y]/.y->0.005)==0

I wrote the following: sol2=NDSolve[{0.036*D[C[x,y],x]==2.4*10^-10*(D[C[x,y],{x,2}]+D[C[x,y],{y,2}]),C[0,y]==Piecewise[{{1,H/21)==0,(D[C[x,y],y]/.y->0)==0,(D[C[x,y],y]/.y->0.005)==0},C,{x,0,1},{y,0,0.005}]

The error message shows-The dependent variable in the boundary condition Dirichlet condition need to be linear. But I noticed that a similar no flux boundary condition works just fine (for a different problem though). sol3=NDSolve[{D[u[t, x], t] == D[u[t, x], x, x],u[0, x] == 0,u[t, 0] == Sin[t],(D[u[t, x], x] /. x -> 0)== 0},u, {t, 0, 10}, {x, 0, 5}]

What is the issue in the previous case and how to resolve it?

What is the lowest-level spell combo to give disadvantage to an enemy’s specific save, without running into follow-up concentration issues?

What I’m trying to do is debuff an enemy’s stat so that I can hit them with a “save or suck” spell like dominate monster, and be more likely to succeed.

The problem is, I’m running into concentration issues because most spells that debuff a single stat like Bestow Curse use concentration, and thus I cant use them in conjunction: The moment I cast Dominate Monster, Bestow Curse is removed.

Hex also will not work because it only impacts ability checks, and not saves.

To clarify, I am a Warlock who wants to cast powerful disabling spells only when they have a high chance of success (so typically Wisdom has to be the weakened modifier). However, I am open to answers outside of that class, as well as any spell combos that specifically function as

  1. Weakening the the ability save for the second spell without utilizing concentration, and

  2. The second spell being a powerful, one-save spell of concentration.

What spells would be the best for this kind of combo, given that only I can cast the spells?

GPG issues with sending and receiving keys

I’ve experimented a lot with GPG the last couple days and one issue persists:

Someone signed my GPG key and published it to a keyserver X. I can see on the webpage that his signature is shown under my key, so that worked. But my local PGP doesn’t understand:

gpg --keyserver [X] —refresh-keys [myKey] gpg: refreshing 1 key from [X] gpg: key [myKey]: [...] not changed gpg: Total number processed: 1 gpg:              unchanged: 1 

If I check my signatures, that new signature doesn’t appear.

gpg --list-sigs [myKey] => only outputs the signatures I already had before (either manually imported or signed by other keys that belong to me) 

Also, when signing a key and performing a --send-keys, it throws no errors but the key just never arrives on the servers. This only happens with some keyservers. I read something about ports maybe being closed by the firewall, but didn’t find any concise answer for what to check and how to fix.

Thanks in advance!

PS: Sometimes, the webinterfaces of the keyservers I’m using just load forever or are generally very slow or unreachable, is this normal?

What are security issues about sending bank alerts via email/SMS?

Banks offer to send alerts for each transaction happening on a customers account. My bank is offering three options: SMS alerts, email alerts and push alerts into their own app. Only sms alerts are free of charge. The other options are a very small fee each time a transaction happens.

Could scammers make much out of transaction alerts containing the transaction’s IBAN, the amount and sender and recipient?

Besides that, what is the wisest choice between the options? Email notifications could be intercepted if the scammers gain control of my email account. I might not receive emails while traveling in an area with low reception, while sms still come through.

SMS might be problematic if my phone gets stolen with the sim card. So there’s no way to be informed (but also no good way to authenticate myself to the bank to halt all transactions).

The bank app is not good because it relies on me having a smart phone and an internet connection. The bank states that email and sms will be send unencrypted (as usual), this option is not clear, but it probably will be.

Which of these options offers the most unlikely scam scenarios?

Issues finding other locations in the file manager of Kali 2020 Forensics mode

I am having trying to follow a homework problem for a digital forensics class. The goal is to be able to boot Kali Linux from a flashdrive in forensics mode and then mount your computer’s harddrive as read-only so that you can view and interact with it. I am struggling to confirm my harddrive’s location and the “other locations” tab in the file manager is not showing up.

For your reference here is a link to the problem I am working through (pages 4 & 5) https://drive.google.com/file/d/1keVSTAWaPASnAsirl8Mkxsbtd1WMFTek/view?usp=sharing

Any suggestions or work arounds?

Hugoclose.com malware is causing issues in google chrome

In my MacBook Air, whenever I search something in google, some adds are appearing out of no where and they’re hiding the actual search results from google. When I checked the developer tools, I found that they were coming from a http request to findsearchresults.info which is being called from another js file from hugoclose.com https://hugoclose.com/22c1fbfd0fc1969766.js. Can anyone help me fix this issue?

enter image description here