| August 2007 |
|---|
| Sun |
Mon |
Tue |
Wed |
Thu |
Fri |
Sat |
| |
|
|
1 |
2 |
3 |
4 |
| 5 |
6 |
7 |
8 |
9 |
10 |
11 |
| 12 |
13 |
14 |
15 |
16 |
17 |
18 |
| 19 |
20 |
21 |
22 |
23 |
24 |
25 |
| 26 |
27 |
28 |
29 |
30 |
31 |
|
|
Recent Comments
Wiki RSS
|
Wed, 30 Jun 2004
|
|
The /. article has the URL wrong but IPv6Nordic.com has a " Free Transition Cookbook" for those moving from IPv4 to IPv6.
joat: 18:30:00 30 Jun 2004 |
|
|
|
|
This is a /. post which describes the origni of the "forward this e-mail and receive $$$ from Bill Gates" chain letter which has been "living" on the Internet since 1997. It's been decades since I last saw one given out, but I hereby nominate Byran Mack for a "Elbow of the Year" award.
joat: 18:00:00 30 Jun 2004 |
|
|
|
|
|
joat: 17:30:00 30 Jun 2004 |
|
|
|
|
I was unable to fix those posts yesterday. Short version of the excuse
== I was troubleshooting a video distribution system (cables!!!) and was
faced with the choice of editing text or five hours sleep. Guess which
one I chose. As for the cause of the text problems, blame Microsoft.
Seems that even when you tell Outlook to use straight text to compose
messages, it still encodes things like equal signs (=). One more
support for my rant against claiming compliance with industry standards.
joat: 17:00:00 30 Jun 2004 |
|
|
Tue, 29 Jun 2004
|
|
|
My apologies for the cruft below. I've been experimenting with
mail-based delivery and it seems that Outlook is a horrible source for
it and OWA is even worse. I will delete/correct the mess this evening.
joat: 13:24:00 29 Jun 2004 |
|
|
|
|
It's not surprising, after the fact, that someone thought this up: location aware WiFi. The article (Via The New Scientist) states that it works best where GPS doesn't, inside large buildings and other places where the GPS satellite signals are blocked.
joat: 12:30:00 29 Jun 2004 |
|
|
|
|
Here's a /.
pointer to an article which talks about 429,000 violations of the DNC
law. We receive these calls occasionally and have given up trying to
report them. Instead, my wife has gotten quite nasty with some of the
callers. Me? I think the epitome of rude is <click!>
joat: 12:20:00 29 Jun 2004 |
|
|
|
|
There's another bit of JavaScript that's causing surfers to compromise their machines just by visiting the website. The Evil Empire has a pointer to an eWeek article about it.
joat: 12:10:00 29 Jun 2004 |
|
|
|
|
The Incidents mailing list has a post
which discusses various statistics about the Scob Trojan which users
were recently contracting from compromised web sites via JavaScript.
The other thing that still needs to be determined was how the
JavaScript got onto the web sites in the first place.
joat: 12:00:00 29 Jun 2004 |
|
|
Mon, 28 Jun 2004
|
|
Yet another article discussing the motivations of virus writers.
joat: 23:30:00 28 Jun 2004 |
|
|
|
|
Here's an article which discusses hacking Google's numrange operator. joat: 13:00:00 28 Jun 2004 |
|
|
|
|
|
joat: 12:15:00 28 Jun 2004 |
|
|
Sun, 27 Jun 2004
|
|
|
It appears that my posts are showing up on Bloglines sans titles. More work to do. joat: 14:37:00 27 Jun 2004 |
|
|
|
|
|
For some of last night's posts and all of today's, I've been mailing my entries in (involves shell scripts and procmail). I seem to have run across a problem with time. Because of the problem in the script and the time zone that the server resides in, any post timestamped after 8 p.m. may jump to the next day's set of posts after midnight. I'm working on it. joat: 13:04:00 27 Jun 2004 |
|
|
|
|
Dan Kaminsky talked about tunneling non-standard stuff via the DNS protocol at the recent Layer One Technology Conference. The L1 people say the actual presentation "eclipses" the Power Point and will be offering DVD recordings of the event (requires that you join a mailing list). This stuff is funny and scary at the same time. joat: 12:30:00 27 Jun 2004 |
|
|
|
|
I really don't think that the Induce Act is that well thought out. If you follow the logic, MP3 players, IPods, Xerox machines, fax machines, and just about any network-aware program, not counting the P2P software that the Act is aimed at. They really need some serious rewording or someone's going to jail for selling a used cable modem.
It should be noteworthy that while Mr. Hatch's 8-page argument for passing the bill talks about P2P and "protecting the children", the actual Bill does not. Various people have taken it upon themselves to rebut Mr. Hatch's arguments.
This one is going to be interesting to watch. joat: 12:15:00 27 Jun 2004 |
|
|
|
|
Not sure of the amount of truth in the article but "Confession for Two" is an interesting article/interview with a spammer. joat: 12:00:00 27 Jun 2004 |
|
|
Sat, 26 Jun 2004
|
|
This sort of hardware hacking fascinates the heck out of me. joat: 23:28:00 26 Jun 2004 |
|
|
|
|
I've added the referers plugin as sort of a vanity feature for myself. I modified it slightly to include local sources also. joat: 23:16:22 26 Jun 2004 |
|
|
|
|
Skype has decided to offer a free Linux-based version of its VoIP software for download. joat: 20:00:00 26 Jun 2004 |
|
|
|
|
The morning shock jocks have a bit they call "Stupid News" where they read news articles about various stupid human tricks. I think that this qualifies as InfoSec Stupid News.
joat: 19:15:00 26 Jun 2004 |
|
|
|
|
The RSS feeds are online again, I'm still working on the others. You will have to change your subscriptions though. I "borrowed" the RSS 1.0 feed from the Blosxom Starter Kit. Unfortunately I never got past beginner Japanese so I am unable to read/translate the documentation. For anyone that cares, the download is at http://hail2u.net/archives/bsk/bsk101.zip.
I still need to get the other feeds online, get them all validated and tweak out all of the other kruft from the old blog. Repairing the wiki is much further down the road. Wish me luck.
joat: 19:14:00 26 Jun 2004 |
|
|
|
|
Thanks to Kyle at http://kylem.xwell.org for pointing out the hole in the writeback plugin. I've applied his patch.
I'm still new to Blosxom so if anyone knows of any other problems I should fix, please let me know. I'm also considering switching over to static files also. Due to the number of entries already in the blog, it takes a bit to do all the background work to build a dynamic page. joat: 19:00:47 26 Jun 2004 |
|
|
|
|
|
Welcome to the new version of my ongoing mess. Please bare with me as I clean up various bugs. Everything in the left-hand column should be working properly, the top menu and various links in the right-hand column still link back to the old blog. I'll continue to work on it. joat: 05:45:25 26 Jun 2004 |
|
|
|
|
|
joat: 01:50:00 26 Jun 2004 |
|
|
Fri, 25 Jun 2004
|
|
Courtesy of the Full Disclosure mailing list, here's an analysis of the ILookup Trojan (examples of exploits included).
Update: more info.
Update: yet more info.
Update: and yet more. joat: 21:30:00 25 Jun 2004 |
|
|
Thu, 24 Jun 2004
|
|
|
Just started receiving a new type of comment spam. This one started with a synopsis of today's news bulletin which talked about the AOL programmer being arrested for selling the AOL user list. It was followed by 11 links for incest porn sites which are forwarded off of GeoCities web sites. Gee, running a blog is SO much fun... joat: 23:58:00 24 Jun 2004 |
|
|
|
|
/. has a pointer to an article which blames MS zombies for 80% of spam.
The Register has an articlein which Philippe Gerard, a senior EU official, berates the anti-spam industry for lack of co-operation. Basically, he states the legislation exists, it's now up to the industry to enforce them.
Err.. how? How do I, as a lowly SA or NSO, enforce those laws? Do I now have a federal charter to kick doors in and incarcerate miscreats? (I'm exaggerating but you get my point?) My response to Mr. Gerrard is: we need to go back to the drawing board on this one. joat: 23:53:00 24 Jun 2004 |
|
|
|
|
Believe it or not, your usual network troubleshooting is a pretty straight-forward process. Then again, it's amazing the number of "network professionals" that cannot do basic troubleshooting. (One of the reasons that I still get phone calls from the NOC that I left a year and a half ago.) joat: 23:50:00 24 Jun 2004 |
|
|
|
|
Not widely announced yet but 802.11i was ratified today!
joat: 23:45:00 24 Jun 2004 |
|
|
|
|
JFW... Now the RIAA (or at least one of its memebers) is looking to infect your machine.
joat: 02:48:00 24 Jun 2004 |
|
|
|
|
|
Okay, I'm in a fighting mood. I've had to argue repeatedly in the last week that Spyware is nothing more than malicious code. It's just a trojan with a few odd twists. By using various prevention and detection/clean-up tools, an organization should be able to keep ahead of the malicious code.
Prevention tools include: content filtering for web and mail traffic, pop-up blockers, anti-virus software (those that include spyware scanning), and active systems adminstration and network monitoring. A good portion of the problem can be prevented by blocking specific sites. Unlike worms/viruses, the sources of spyware do not move around much.
Detection/clean-up tools include: spyware scanners or anti-virus scanners with spyware detection capabilities, active systems administration and network monitoring.
Spyware gets in (mostly) via user interaction. It also is included in legitimate software and can even be installed via RPC. People noticed the Blaster worm because it was noisy and infected other systems. How many people have noticed spyware that was quietly installed and only occasionally connects to a website?
Anyone want to convince me otherwise? joat: 02:22:00 24 Jun 2004 |
|
|
|
|
I've got the MT to Blosxom conversion script tweaked so that I have only a few errors (only 6 out of 1100) to correct manually. I only have a few template tweaks to work on and I should be able to swap 'em out without too much interuption. The new blog looks a lot like the old one, only a few underlying features will change. Wish me luck! joat: 01:47:00 24 Jun 2004 |
|
|
|
|
It appears that the 802.11i standard willl be signed into being tomorrow! joat: 01:36:00 24 Jun 2004 |
|
|
Tue, 22 Jun 2004
|
|
|
Please excuse any weird problems with the blog over the next few days. By Saturday, I hope to be moved to the other blogging software (still have a few bugs to kick out). joat: 10:49:00 22 Jun 2004 |
|
|
|
|
Something to keep an eye on. joat: 10:48:00 22 Jun 2004 |
|
|
|
|
I agree with Jeremy in that we don’t do it for the traffic. joat: 10:26:00 22 Jun 2004 |
|
|
|
|
Baseline Magazine has an article discussing the current state of HIPAA compliance and what many medical organizations are going to have to do in the next 9 1/2 months. Sad to say, but it's probably going to take the government levying a heavy fine against a national org before the rest of them realize that they're going to have to conform.
joat: 03:12:00 22 Jun 2004 |
|
|
|
|
Scripty Goddess shows how to pre-fill a field entry and how to auto-clear it if the user clicks on the field. joat: 03:07:00 22 Jun 2004 |
|
|
Sun, 20 Jun 2004
|
|
|
Please excuse any interuptions in blogging over the next few days as MT is being removed from the server and bloggers are asked to move to another program. I'll attempt to continue blogging but it may get a bit messy. joat: 17:58:00 20 Jun 2004 |
|
|
|
|
|
joat: 16:17:00 20 Jun 2004 |
|
|
|
|
My first exposure to LURHQ was in the late 90's when they were "doing" mostly firewall monitoring. They've grown up a bit since then.
They've posted an analysis of one of my favorite port scanning tools: scanrand, part of the Paketto Kieretsu project. joat: 10:21:00 20 Jun 2004 |
|
|
|
|
Richard Dorn, over at Security Focus has an article about how the increase in the number of security certifications cheapens their value, as a whole.
I only agree up to a point. They will lose their value as employers go through a period "realization", (that hiring Bob at the NOC really was a mistake). However, this will also be a shakedown period as the employers figure out what the truly valuable certifications are. (There's a reason why CCIE's get salaries which are in the 6-figure range.) In other words, the valuable security certifications are going to be the ones that are HARD to get. joat: 09:59:00 20 Jun 2004 |
|
|
|
|
Security Focus has an article discussing forensics analysis of a system that hasn't been turned off yet. joat: 03:25:00 20 Jun 2004 |
|
|
|
|
Angelo Rosiello has a quick paper about shellcoding basics. Anyone have a paper on reverse engineering shellcode to determine what it does? joat: 03:16:00 20 Jun 2004 |
|
|
Fri, 18 Jun 2004
|
|
Here and here are explantions and examples of Joe jobs. joat: 23:52:00 18 Jun 2004 |
|
|
|
|
TrimMail started a project that might be interesting to finish. Read this and this about how they tripped over a nest of "marketers". joat: 07:01:00 18 Jun 2004 |
|
|
|
|
I hate to admit (quietly) that I am amongst the demographic that was dropped by Comcast when they merged G4 and TechTV. Comcast just doesn't get it. The geeks and gamers are actually two different demographics with only a little overlap.
What really ticks me off is that Comcast seems to think we watched out of hero worship: " Shane described the cancellation of Call for Help as "just a programming decision." He added that Laporte can be seen on segments of The Screen Savers... Err... yeah, that's it, right...
I wonder if James Burke would consider doing "Connections4"? (My wife calls that cocaine for history geeks.) joat: 06:37:00 18 Jun 2004 |
|
|
|
|
The mathematics are a bit beyond me but IBM has posted the methods for doing Bayesian analyis in PHP. joat: 03:48:00 18 Jun 2004 |
|
|
|
|
Insecure.org has a pointer to an analysis of the Witty worm. joat: 03:46:00 18 Jun 2004 |
|
|
Thu, 17 Jun 2004
|
|
ComputerWorld has an article which lists six basic justifications for security training. joat: 01:29:00 17 Jun 2004 |
|
|
|
|
Linux Security has an article entitled "Tacklilng Unix Security in Large Organizations". Here's part 1 and part 2. joat: 01:27:00 17 Jun 2004 |
|
|
Wed, 16 Jun 2004
|
|
From the Honeypots mailing list comes the announcement of a Kuang2 emulation script for honeyd. joat: 01:07:00 16 Jun 2004 |
|
|
|
|
|
joat: 01:05:00 16 Jun 2004 |
|
|
|
|
|
Once again I've prevented the possibility of making a new friend within the profession by telling both sides of an ongoing "which OS is better" argument that they were both wrong. The argument should be which OS is worse and is totally dependant on the system administrator responsible for the specific instance of the OS. In other words, it's dependant on the people involved. joat: 01:04:00 16 Jun 2004 |
|
|
Tue, 15 Jun 2004
|
|
I'm still not sure that it's an original attack, but Bugtraq has a description of the Rose Attack. joat: 02:07:00 15 Jun 2004 |
|
|
|
|
Here's more about the problems with allowing unchecked USB use in your networks. joat: 01:56:00 15 Jun 2004 |
|
|
|
|
Here is another analysis of the Witty Worm, this one CIADA's. joat: 01:55:00 15 Jun 2004 |
|
|
|
|
|
joat: 01:52:00 15 Jun 2004 |
|
|
Sun, 13 Jun 2004
|
|
Recently saw something like this at work. The only reason we detected it was that the spoofed source address belonged to a neighbor org. joat: 21:38:00 13 Jun 2004 |
|
|
|
|
It’s more of the usual electronic Pearl Harbor tripe but can be used as support for my argument that malicious code can affect national security.
It's amazing the number of people that think national security has nothing to do with the economy or the trust that citizens put in something. Examples: our money is no longer gold/silver-based, the stock market fluctuates based on investor opinion, it takes years for companies to recover from scandal (e.g., Enron, Exxon, etc.). joat: 13:19:00 13 Jun 2004 |
|
|
|
|
From the Penentration-Testing mailing list, more discussion concerning USB hazards.
joat: 13:12:00 13 Jun 2004 |
|
|
|
|
Michal Zalewski has a piece entitled " Strike Out", which describes the problems of publishing word documents without removing the "change" data. The IEEE also has an article on the topic.
joat: 12:58:00 13 Jun 2004 |
|
|
|
|
|
joat: 02:35:00 13 Jun 2004 |
|
|
Sat, 12 Jun 2004
|
|
Here is a work-in-progress entitled "Analyzing Worms Using Compression". joat: 14:28:00 12 Jun 2004 |
|
|
|
|
Here's a site with TONS of links to digital forensics articles, papers and FAQs. joat: 14:08:00 12 Jun 2004 |
|
|
|
|
Using SSH keys greatly improves a system administrator's life. It allows you to make multiple, repeated connections to (if you have to) an unlimited number of systems. Anything that you can do from a terminal, you can do via SSH. You can even run scripts remotely without having to open an additional window. joat: 14:06:00 12 Jun 2004 |
|
|
|
|
Here's a decent article, posted to the Information Security News mailing list, on securely wiping Microsoft disks. joat: 14:02:00 12 Jun 2004 |
|
|
|
|
This is roughly two inches by two and 3/4 inches in size, is powered by Ethernet, and is designed to run in mesh configurations. Problem is that it's roughly $160 US so I don't see anyone buying in bulk just yet. joat: 13:51:00 12 Jun 2004 |
|
|
Fri, 11 Jun 2004
|
|
DHCP, while having good specific uses, gives me nightmares when it comes to network security. I've seen instances where a neighbor networks DHCP server answers up before the local server, leadning to some very interesting network problems to pick apart. To further complicate/compound the issue, Microsoft likes to lump DNS, DHCP, and WINS into the same server. This complication doesn't help things much. joat: 11:39:00 11 Jun 2004 |
|
|
|
|
The book is not out yet but here's the site associated with " Windows Forensics and Incident Recovery". (via the Incidents mailing list) joat: 11:07:00 11 Jun 2004 |
|
|
|
|
I agree with Richard, over at TaoSecurity, that " prevention eventually fails". It's a symptom of the arms race where the attackers are always ahead of the defenders. A real-world example of this was the Blaster worm. Until that incident, the majority did not filter/block ports 135-139. joat: 02:04:00 11 Jun 2004 |
|
|
|
|
Stop using NTLM passwords now. If this has any truth , using NTLM authentication has just become that much more of a security problem.
The problem is if the database exists. We already knew that this would be a problem eventually. joat: 01:58:00 11 Jun 2004 |
|
|
|
|
I've been asked about Smart Cards repeatedly in the past week (in different forums). It appears that I'm going to have to brush up on the theory as various orgs are looking at using them as part of either authentication or non-repudiation. Here's an SANS paper discussing the use of eliptic crytography with Smart Cards. joat: 01:35:00 11 Jun 2004 |
|
|
|
|
Found an interesting project while reading the Incident.org Handlers Diary, the DarkNet Project intends to analyze traffic amid at vacant portions of the net. joat: 01:34:00 11 Jun 2004 |
|
|
Thu, 10 Jun 2004
|
|
Angelo Rosiello has a quick analysis of the MyDoom.A worm and has been able to reverse engineer the access to the backdoor in the worm. joat: 02:16:00 10 Jun 2004 |
|
|
|
|
Computer Cops has a short article explaining the basics of the BGP routing protocol. joat: 02:14:00 10 Jun 2004 |
|
|
|
|
/. has a pointer to the Linux Flash 7 player. joat: 02:13:00 10 Jun 2004 |
|
|
Tue, 08 Jun 2004
|
|
|
joat: 10:48:00 8 Jun 2004 |
|
|
|
|
Dana Epp has a piece on network and disk forensics that's intersting. joat: 10:47:00 8 Jun 2004 |
|
|
|
|
Insecure.org has a pointer to a paper entitled " Analysis of the Exploitation Process" which, at a minimum, has a decent description of the different types of memory attacks. It's a work-in-progress though. joat: 10:44:00 8 Jun 2004 |
|
|
|
|
One more tool to run against your server prior to putting it online. joat: 03:38:00 8 Jun 2004 |
|
|
|
|
Mebbe I'm being paranoid but this leads me to think about the hordes of portable electronic devices that we're supposed to have in the future becoming members of the zombie hordes (think warez, spam, and attack bots). joat: 02:28:00 8 Jun 2004 |
|
|
|
|
I once had a job where I had little control over the network but was responsible for finding the problems in it. My tools? Router logs and NMap. <-- a good article about using NMap to search for problems. joat: 01:36:00 8 Jun 2004 |
|
|
Sun, 06 Jun 2004
|
|
Initial infection via WiFi has been a discussion at work as of late. Given the use-rate of <20% for WEP/WPA, the most-successful/least-traceable infection vector seems to be from the parking lot outside of an apartment building. joat: 15:49:00 6 Jun 2004 |
|
|
|
|
The New Scientist has noted that Microsoft has patented mouse clicks. Hmm... based on that logic, I'll bet that I can patent the process of operating a car door to gain entry into motorized vehicles. Anyone want to help? joat: 14:58:00 6 Jun 2004 |
|
|
|
|
This type of denial leads to serious problems. Does the GMU paper mean that the Internet has never been affected by the security of the Microsoft boxes connected to same? Hmm... so airline delays, ATM failures, internal document exposures, etc. don't count? The clue: it depends on the definition of "national security"? To quote them, "If catastrophic failure of the network is the threshold by which national security threats are defined, Microsoft wouldn't qualify, simply because their monoculture is not at the core of the network," says the George Mason report. "No matter how many Windows operating sytems are infected or fail, the core of the network will still run, even if there is nobody left to send traffic." Err... I have a headache now. joat: 14:38:00 6 Jun 2004 |
|
|
|
|
In case you want to complain or comment privately, I've added a  button to the right-hand column, under the Google search. You'll have to edit the "To:" address as I'm trying to avoid having my address scraped by the spammers. joat: 13:46:00 6 Jun 2004 |
|
|
|
|
Saturday (yesterday) as the last instance of required classroom attendance for me, at least for the rest of the summer. (Only two of us showed up, the rest of you should be ashamed.) I have a paper due in August and a test in September but I do have a little free time to catch up on the RSS feed backlog. A quick look shows that I'm behind approx. 60 days. Ouch. I'll be leaning into it over the next few weeks. joat: 13:13:00 6 Jun 2004 |
|
|
|
|
While it improves life for the majority, I somehow think that link prefetching contains the possibility to be seriously abused by unsavory webmasters. joat: 03:15:00 6 Jun 2004 |
|
|
|
|
|
joat: 01:41:00 6 Jun 2004 |
|
|
|
|
PCWorld has an article which describes 29 basic steps for locking down your PC. It's more Windows-centric but does enumerate the basics. joat: 01:39:00 6 Jun 2004 |
|
|
|
|
I cannot vouch for the accuracy but here is a copy the MT blacklist for 757. joat: 00:47:00 6 Jun 2004 |
|
|
Sat, 05 Jun 2004
|
|
I was part of a presentation today which was attended by two groups of high school students, along with various CIO's from local schools and gov't. Most of the high school students were bored out of their gourds (how interesting can talking about policy and procedures be?). There were a few that were actually interested and asked questions afterwards.
One of the common questions was about how to get into the field. Here's some of the answer(s) to that type of question (I try not to blather on in person about it but, here, it's a brain dump): - Don't do it unless you're really interested in it. The money's good but unless you really like your job, it can be a real ball-buster (not in those words)
- When you're first starting out, don't try to specialize. Learn as much as you can about the underlying theory. Ex: you want to know as much as possible about TCP/IP before you work on Foundry or Cisco equipment. (Doctors learn general medicine before they specialize.) Learn as much as you can about DNS before you work with just *nix or MS implementations. (Don't be a point-and-click administrator.) Specialization comes naturally as you find favorite topics/areas to learn more about.
- Leave the "which OS is better/more secure" argument behind. It's a religious argument which will never be settled. Your job will be to protect the castle, not just the chapel in the north-east tower. The actual question isn't "which one is better". It's "which one is worse". The answer is "all of them". OS's are only as secure as the people managing them.
- Plan on spending a good portion of the rest of your life in school (something most teenagers find painful). It doesn't have to be formal though. The idea is to keep current in technology or to learn more of what you're interested in. If you're focused enough, this leads to a Masters or a PHD. If not, (like me) it, at least, adds up a lot of college credits in varied curriculums, a decent GPA, and working relationship with a LOT of the people you need to know in your local neighborhood. (Hint: the people "in power" are doing the same thing: continuing/broadening their education to keep ahead.) Or, at least, you make a lot of friends.
- To go along with that, read. The Internet makes it easy. Current developments with RSS make the process even easier. (Heck, borrow/steal from my blog feeds if you're that desparate.) Learn about the advanced features on your favorite search engines (an invaluable skill!!).
- To get ahead of the rest of the pack, keep yourself busy. During the week, find something you're interested in. Spend the weekend learning more about it. Set up a DNS/mail/web server. Learn about all of the switches in tcpdump (or whatever utility strikes your fancy). Barring any projects, read up on the bleeding-edge technologies.
- No matter how painful it is, be polite and honest. Your career in the technology field depends on three inter-related things: your knowledge/experience, your ability to interact, and the amount of trust your employer has in you. The first two may offset lack of the third to some degree but trust and integrity are large parts of the package that your employer is "buying".
- As part of that, "keep your nose clean". Contrary to popular myth, very few organizations hire hackers to to protect their systems. Nowadays, the big-money positions require a LOT of talent and a LOT of integrity (both of which you'll be selling to your employers).
- Pay attention in English Composition (at least). To be recognized "within the community", you're going to have to research and talk about new (or new twists to old) developments. This means "publishing", either in trade journals or magazines. (Or even blathering periodically in a blog.)
Like it or not, your parents expect you to move out in the near future. Many are willing to help pay for your seconday education but the end goal is to let you loose into the world to make your own way. They have their own lives to live and they're looking forward to the post-child-rearing years (really, their lives do not end when you move out). The objective is to do well enough for yourself that you're able to do the things that you really like doing. If you can "get by" by flipping meat at the local burger joint, more power to you. Many computer geeks, nowadays, have a nasty eBay (hardware) or book habit that can't be supported by a minimum wage job. Not that I'm the fount of wisdom here, but the main points are: only "do it" if you really like it, plan on working to staying current, and remember the Boy Scout creed. To be honest, we had aimed at a slightly different audience but, due to layers 8 and 9 of the OSI model, other groups were invited to "fill in" for the missing attendees. joat: 02:49:00 5 Jun 2004 |
|
|
|
|
|
Anyone else notice that until this past week, you didn't hear the phrase "yo yo yo!" on TechTV? I left TechTV on after the ScreenSavers this evening. How interesting is a show about video games where you get to watch a 3-minute sequence, viewing the guys on the couch, playing a PS-2 game that was out 3 years ago (Golden Eye). joat: 00:36:00 5 Jun 2004 |
|
|
Thu, 03 Jun 2004
|
|
Personally, I find email disclaimers very, very silly and pointless: - they ignore the fact that, if you futz up the recipient's address, one or more postmasters automatically receive a copy of your message and
- people are generally lazy. They are more likely to forward or copy the message (to someone else) without deleting anything, not even the obnoxious signature blocks or silly disclaimers.
joat: 16:27:00 3 Jun 2004 |
|
|
|
|
There are various methods for changing your MAC address and they're all the more reason(s) you should be using port security on your switches. joat: 16:25:00 3 Jun 2004 |
|
|
|
|
This one from Dana Epp (who got it from someone else) is a keeper. Open a command prompt in the folder's location by right clicking the folder. joat: 03:45:00 3 Jun 2004 |
|
|
|
|
Liudvikas Bukys pointed out Fred Avolio's blog post which basically summarizes everything we geeks have talked/argued about in the last two decades. There's a couple less-important topics missing but I'm not about to start those conversations here. (heh!) joat: 03:36:00 3 Jun 2004 |
|
|
Wed, 02 Jun 2004
|
|
|
joat: 02:36:00 2 Jun 2004 |
|
|
|
|
|
(heh) There's at least one comedian spammer out there. Tried to get me to block dmoz.org by dressing the URL up with a fictional path to what was supposedly a sales site. joat: 02:20:00 2 Jun 2004 |
|
|
Tue, 01 Jun 2004
|
|
Here's a short piece entitled "Intro to RSS". joat: 14:39:00 1 Jun 2004 |
|
|
|
