| August 2007 |
|---|
| Sun |
Mon |
Tue |
Wed |
Thu |
Fri |
Sat |
| |
|
|
1 |
2 |
3 |
4 |
| 5 |
6 |
7 |
8 |
9 |
10 |
11 |
| 12 |
13 |
14 |
15 |
16 |
17 |
18 |
| 19 |
20 |
21 |
22 |
23 |
24 |
25 |
| 26 |
27 |
28 |
29 |
30 |
31 |
|
|
Recent Comments
Wiki RSS
|
Sat, 31 Dec 2005
|
|
Here's another good source of basic info on wirless: Microsoft's How 802.11 Wireless Works. Please ignore the part that talks about Zero Conf because, as with any auto-config technology, it has some safety issues. joat: 13:00:00 31 Dec 2005 |
|
|
Fri, 30 Dec 2005
|
|
The Full Disclosure Mailing List is discussing Richard Smith's suggestion on how to draw the attention of the NSA. A few thoughts: - Now why would you want to do that?
- I seem to remember that your IP is commonly included in the headers of traffic originating from the large webmail services.
- Why become a "person of interest" just so's you can be funny for two seconds?
It's not that funny of a joke. joat: 13:30:00 30 Dec 2005 |
|
|
|
|
Interlink Networks has a paper on " Wireless Detection and Tracking" that talks about some of the low level stuff, including packet analysis and what amounts to "heat maps". Some of it is a bit dated (WPA, WEP) but it's interesting nonetheless.
joat: 13:00:00 30 Dec 2005 |
|
|
Wed, 28 Dec 2005
|
|
|
Please note that the comment-related functions are offline while the system is tweaked. Be nice, those that are working on the system are not being paid to do it. joat: 23:10:31 28 Dec 2005 |
|
|
|
|
Bruce Perens is working with Prentice Hall to produce a series of books by various authors called the Open Source Series. A nifty additional feature is that the book becomes available online, for free, a few months after it hits the shelves. joat: 21:30:00 28 Dec 2005 |
|
|
Tue, 27 Dec 2005
|
|
|
While Sean has been tweaking the server, I've been digging around in the odd corners of the site. It seems that, in the 2 or so years the wiki has been up, roughly 96 accounts have been added to the wiki in an attempt to spam/hack it. The wiki adds the account, logs the time and IP and promptly refuses any attempt to change it. (heh) joat: 21:30:00 27 Dec 2005 |
|
|
Mon, 26 Dec 2005
|
|
Okay, I'm having too much fun. Worked last night and this morning to get the Digium TDM400P card and the Asterisk software installed and running. In the process, I also figured out where my problem was in installing the IVTV software. (It had to do with the build version in the Makefile for the kernel.) So far, I think I've burned up all the spouse points that I earned earlier in the year. I've added a cheap 900MHz handset to act as the console phone and have driven my wife nuts with the phone (and the laptop) ringing. More stuff to add to The List of Unfinished Projects: - figure out how to stream live audio to the phone
- "adapt" the NSLU2 (saving up for a USB2 HD)
- learn more about the ivtv modules and MythTV
- get ready for next semester's classes
- get ready for ShmooCon (19 shopping days left!!)
Add that to the stuff already on the list and I'll be busy for at least 6 months. joat: 17:00:00 26 Dec 2005 |
|
|
Sun, 25 Dec 2005
|
|
Stand still and watch. You'll see the leading edge of the crack pass by you very quickly. What am I referring to? How about the fracturing of the Internet? InfoWorld has an article about a Dutch company (UnifiedRoot) standing up their own dns infrastructure, with the intent to run it in parallel to the ICANN managed namespace. Call me a sadistic pessimist but this topic is going to be "interesting" (Chinese curse version) to watch and has a high entertainment potential. This sort of thing has been tried before and has taken some intriguing turns. (Hint: the proposed managers of the .XXX domain are the same people that used to sell you the domain under ALTERNIC, for less money.) You'll need popcorn and some soda for this one folks! (I predict a lot of nasty politics, both external and internal.) Update: Still think I'm kidding? How about this: the site recommends that DNS owners replace their hints file with one from UR. A quick look at the file reveals none of the normal DNS root servers are included. Yep, that's right, rather than the cooperation the web site touts, they want you to trust them implicitly. This should get interesting quickly. joat: 13:30:00 25 Dec 2005 |
|
|
|
|
|
Please standby. The powers-that-be (again, mostly Sean) are working to get the system back up and running. Some of the custom code (mine) has to wait on final system tweaks before I attack it. joat: 04:10:22 25 Dec 2005 |
|
|
Fri, 23 Dec 2005
|
|
|
The site will be offline today. I'll backfill this day's post(s) later. joat: 17:00:00 23 Dec 2005 |
|
|
Thu, 22 Dec 2005
|
|
|
While we're on the subject of DNS tools, dnstop may be a useful tool if you manage a network. It's a bit simple but will keep track of which host is doing how many DNS lookups. For home networks, it's a bit useless as it needs to listen to a gateway feed. You may find it interesting in any case. joat: 21:30:00 22 Dec 2005 |
|
|
Wed, 21 Dec 2005
|
|
dnstracer is an interesting tool. It traces information from DNS back to its source. It does this by using non-recursive queries. In other words, if you tell it to trace "shmoocon.org", it'll return the following interesting data:
Tracing to shmoocon.org[a] via 68.10.16.25, maximum of 3 retries
68.10.16.25 (68.10.16.25)
|\___ TLD3.ULTRADNS.org [org] (199.7.66.1)
| |\___ ns0.directnic.com [shmoocon.org] (204.251.10.100) Got authoritative answer
| \___ ns1.directnic.com [shmoocon.org] (204.13.172.154) Got authoritative answer
|\___ TLD2.ULTRADNS.NET [org] (204.74.113.1)
| |\___ ns0.directnic.com [shmoocon.org] (204.251.10.100) (cached)
| \___ ns1.directnic.com [shmoocon.org] (204.13.172.154) (cached)
|\___ TLD1.ULTRADNS.NET [org] (204.74.112.1)
| |\___ ns0.directnic.com [shmoocon.org] (204.251.10.100) (cached)
| \___ ns1.directnic.com [shmoocon.org] (204.13.172.154) (cached)
|\___ TLD1.ULTRADNS.NET [org] (2001:0502:d399:0000:0000:0000:0000:0001) send_data/sendto: Network is unreachable
* send_data/sendto: Network is unreachable
* send_data/sendto: Network is unreachable
*
|\___ TLD6.ULTRADNS.CO.UK [org] (198.133.199.11)
| |\___ ns0.directnic.com [shmoocon.org] (204.251.10.100) (cached)
| \___ ns1.directnic.com [shmoocon.org] (204.13.172.154) (cached)
|\___ TLD5.ULTRADNS.INFO [org] (192.100.59.11)
| |\___ ns0.directnic.com [shmoocon.org] (204.251.10.100) (cached)
| \___ ns1.directnic.com [shmoocon.org] (204.13.172.154) (cached)
\___ TLD4.ULTRADNS.org [org] (199.7.67.1)
|\___ ns0.directnic.com [shmoocon.org] (204.251.10.100) (cached)
\___ ns1.directnic.com [shmoocon.org] (204.13.172.154) (cached)
While it shows that there may be a problem with TLD1 (this is likely to be a problem with the tool's ability to handle IPv6 data rather than the server), you can see that the tool queries all of the DNS servers that are known to have the data. (68.10.16.25 is the IP of a DNS server local to me). This tool also has the ability to detect lame DNS servers (those that are supposed to know the answer but don't)(think misconfigured or damaged secondaries). If anyone is really proficient with this tool, please contact me. I'd like to know if it is useful in detecting record poisoning. joat: 21:30:00 21 Dec 2005 |
|
|
Tue, 20 Dec 2005
|
|
|
If PJ (at Groklaw) ever gets around to writing a book on the SCO v. The World cases and I fail to notice it, will y'all let me know? If she can sort out the mess, I'd enjoy reading about it. In any case, more hand-waving and finger-waggling is slated for 22 Dec. Anyone know if I how much it is to buy just one stock (currently at $4.01) and have it framed? joat: 13:00:00 20 Dec 2005 |
|
|
Mon, 19 Dec 2005
|
|
The Worm Blog has some initial comments on the Dasher worm. There's also some comment about Dasher.C. joat: 21:30:00 19 Dec 2005 |
|
|
Sun, 18 Dec 2005
|
|
Offensive Computing may be a site to keep an eye on. Their stated purpose is to improve computer/network security via analysis of malware. joat: 21:30:00 18 Dec 2005 |
|
|
Sat, 17 Dec 2005
|
|
|
"The powers that be" (Sean mostly) have stated that the server swap will occur this week. While the wiki shouldn't be affected as I already maintain it on the new server, there may be some glitches in the rest of the site. Please excuse any vagaries. joat: 21:35:00 17 Dec 2005 |
|
|
|
|
|
Just spent the last hour removing spam from the queue for the blog. I feel another spam hunt coming on. Every single one of the incest and beastiality ads pointed at web servers in the continental U.S. joat: 21:30:00 17 Dec 2005 |
|
|
|
|
I've just altered my Bloglines subscriptions to remove the Geek Style feed. Visiting that site causes pop advertisements (even in a Linux-based Firefox install). I don't know about anyone else but I feel that I read are either geek-related or personal. With Geek Style, it's the usual low-grade crap in the pop-ups. Example: The usual "Your system is infected with spyware. Click here to scan for it." message. (Hint: I'm not running Windows on this laptop.) Babak, if you read this, I think the ads are getting into your blog via your webstats4u logo/link. Read this post at JNode and the following excerpts from the WebStats4U Terms of Service: - WMS entitles users to access to a variety of on-line and interactive on-line services (the "Products and Services"). Some of the Products and Services are supported by advertising, enabling WMS to provide them to you at no cost. When you use these free services, you agree to allow WMS to display advertising, including third party advertising, through the Products and Services.
- With the installation of WebStats4U on the site it is accepted that WMS has the right to place advertisements on the site in any format or through any channel, including but not limited to e-mail, layer ads, pops, banners and other usual formats without any forewarning and it is furthermore accepted that WMS takes no responsibility for the advertising content and that WMS shall not be liable for any losses incurred regarding this advertising.
I find anything more obtrusive than Google Ads to be offensive. Google Ads are passive and easily ignored. I'll probably resubscribe at a future date but only after the WebStats4U thingy goes away. joat: 21:30:00 17 Dec 2005 |
|
|
Fri, 16 Dec 2005
Thu, 15 Dec 2005
|
|
Is there any way we can strip a Doctorate from someone absolutely clueless? Dr. Carrigan believes that the Internet is wide open to infection from alien (as in off-world) computer viruses. I have problems with a number of his anthropomorphised assumptions: - Where'd they get the 8086-series chips? Dr. Carrigan seems to assume that silicon and the various doping elements are as plentiful there as they are here.
- Are they running Microsoft Windows? If so, how are they getting their updates? I assume they'd be easy to track on Patch Tuesday. Also, I believe Bill would like a word with them about licensing. Actually, taking into account the speed of light, it means that Windows was in use decades (if not centuries or millenia) before it's availability here on Earth. We may need to talk to Bill about his patents and licensing practices.
- Infection by off-planet source would happen in one of two ways: either intentionally or accidentally. If intentional, it means they know we're here and network infection is likely to be the least of our problems. (Somebody call Tom Cruise!!) If unintentional, we need to prompt the anti-virus industry that they need to start including sub-routines to counteract alien worms and viruses.
- If there is a risk of infection from exterrestial sources, what risk do we pose to the galactic community with the problems that we have in our networks? Could that be why no one has contacted us yet? (All claims by the UFO community aside.)
In any case, I hereby nominate Dr. Carrigan to be the recipient of a Reynolds Wrap hat. Shiny side out, dude! Update: the above is a bit dated and lived in my slush pile for a bit but is still amusing. joat: 21:30:00 15 Dec 2005 |
|
|
Wed, 14 Dec 2005
|
|
This will a hint to tell how old I am (at a minimum): I'm excited about discovering the TMBG podcast feed. To those that are Britney's age or younger (or those who've never heard of Login Whitehurst), TMBG is short for "They Might Be Giants". Where else can you hear a band sing in the style of Yes, Rocky Horror, the Beatles, and Leon Redbone? Then again, trying getting through the day with Birdhouse in Your Soul and Happy Noodle doing battle in your head. joat: 13:00:00 14 Dec 2005 |
|
|
Tue, 13 Dec 2005
|
|
Here is an analysis of MP3.com's Beam-It protocol which is used to verify that a user actually owns the CD they want to stream. Something I never really understood: why employ a lower quality stream when you already have the CD? joat: 13:00:00 13 Dec 2005 |
|
|
Mon, 12 Dec 2005
|
|
Took a power hit this weekend. Lost a stereo and my home network has been acting funny every since. I thought that I'd lost the router that acts as my IPv4/IPv6 gateway because it'd only work for a few minutes at a time. Turns out that I was wrong. I'd forgotten about the print server I had picked up a few months ago (my wife is the only one that uses it). I'm not sure if it's permanently damaged yet but the network came back when I unplugged it. In any case, I'm relieved and my wife is pissed. (Keep in mind there's only one print server and two spare AP's.) I'm in trouble! joat: 21:35:00 12 Dec 2005 |
|
|
Sun, 11 Dec 2005
|
|
|
Not that it's new but I received one from a friendly Mytob worm that I hadn't seen yet. It was from veeby@fbi.gov and said "Here are your bank documents." So, if you're IP is 202.177.156.97 (India), please take a look at your system. It's infected. joat: 13:00:00 11 Dec 2005 |
|
|
Sat, 10 Dec 2005
|
|
I'm searching for stuff to listen to for an upcoming trip to DC. If anyone has any sources for non-music content, please forward 'em. Hint: stuff from recent cons and the usual podcasts, I already have. joat: 14:14:37 10 Dec 2005 |
|
|
Fri, 09 Dec 2005
|
|
|
It's old news (2 days) now but 802.16e has been ratified. It's important to wireless because it provides extensions to 802.16 that improves mobility (hand-offs between cells) and streaming media. Between this, podcasting and BPL (at least the noise generated by it), we may see some damage to the AM radio business. joat: 21:30:00 9 Dec 2005 |
|
|
Thu, 08 Dec 2005
|
|
|
No post today, I'm taking the evening off to attend "finals", also known as the class party at the Biergarden in Portsmouth. They have a highly addictive form of potato soup that has beef chunks and spaetzle in it and I'm planning on at least two bowls. joat: 21:30:00 8 Dec 2005 |
|
|
Wed, 07 Dec 2005
Tue, 06 Dec 2005
Mon, 05 Dec 2005
|
|
I'm a bit nervous when the term Information Warfare is used in relation to a website as the Information Warfare Mailing List suffers from bouts of tangential politics but the IWS appears to be a good site to read. It has a lot of good documents for communications security and InfoSec basics. joat: 21:30:00 5 Dec 2005 |
|
|
Sun, 04 Dec 2005
|
|
It's a bit trivial but it's knowing more about your root servers is a good-to-know. joat: 21:30:00 4 Dec 2005 |
|
|
Sat, 03 Dec 2005
|
|
Linux.com has a "CLI Series" piece on netcat. This is yet another good-to-know tool in the netadmin/sysadmin/power user toolkit, especially for the beginner. joat: 13:07:05 3 Dec 2005 |
|
|
Fri, 02 Dec 2005
|
|
Can RSS hijacking really be that much of a threat? If it is, I'll modify previous statements about RSS being a viable vector for malicious code. It still wouldn't be a good vector for the spread of malicious code but it might be a usuable vector for the introduction of malicious code. joat: 21:30:00 2 Dec 2005 |
|
|
Thu, 01 Dec 2005
|
|
My entire exercise in getting CounterPath's (XTEN) X-Lite softphone to run under Wine (as logged in the wiki) has been rendered a moot point. I've discovered that they also have versions for Mac and Linux via their download site. Note: this isn't a new development. Chalk it up to my not noticing. joat: 21:30:00 1 Dec 2005 |
|
|
Wed, 30 Nov 2005
Tue, 29 Nov 2005
|
|
I've re-org'd the Asterisk page and have added a bit of work to the " sip.conf" setting descriptions. Think of it as yet another of my (ongoing) unfinished projects. Hopefully it'll help someone. Let me know if it does? joat: 21:30:00 29 Nov 2005 |
|
|
Mon, 28 Nov 2005
|
|
|
joat: 13:00:00 28 Nov 2005 |
|
|
Sun, 27 Nov 2005
|
|
While we're on the clueless security rant, here's one that I heard on the radio tonight. A syndicated personality, known as " Troubleshooter Tom Martino", has a consumer-centered talk show. As I was driving back from the grocery store this evening, Mr. Martino was ranting that iPods are susceptible to viruses via podcasting and stating that "we need anti-virus software for our iPods". Would someone in Denver please ring up Tom and tell him the problems with his logic? Stuff like: - iPods are not x86 or Windows-based. Ask him to name one ARM or MIPS based virus that's capable of self-replication.
- Podcasts are normally delivered from static, one-way sources. For a podcast to become infected, it (theoretically) would require malicious action on the part of the podcast author. There's no two-way data feeds involved.
- RSS feeds are not like e-mail. They don't mysteriously show up on your iTunes list. You have to subscribe to them. In other words, there's a certain amount of reputation and trust involved with podcast sources.
In short, there are too many things missing from the environment that would support malicious code. "In ain't gonna happen." Instead, Mr. Martino should be ranting about virus scanners for our cars. There are models out there that run versions of MS Windows. joat: 23:00:00 27 Nov 2005 |
|
|
|
|
I fear that I may have angered some fellow CISSP's. If I haven't said it before, I like to argue. I'm even willing to take positions that I don't necessarily believe in. However, this isn't one of those cases. In a recent discussion, I took the stance that "risk = threat X vulnerability X asset replacement cost" is not a good formula for sound business decisions. I will admit to having "poked fun" at their belief that the above is a "security formula". It isn't. It's a business formula, used to decide how much money is safe to throw at a department with no ROI. I took the stance that the formula is usually a rationalization used to support a business decision that's already been made. That the formula comes from a "recognized" organization of security "professionals", makes it that much more of a problem. My argument follows... Let's get "threat" and "vulnerability" out of the way. Both are binary in nature or, at least, that was the original intent. You either have the vulnerability or you don't. If you have the vulnerability, it's either exposed or it isn't. The formula becomes "risk = (1 or 0) X (1 or 0) X asset replacement cost". You can state that "threat" and "vulnerability" are quantitative values ("1" or "0") unless you attempt to put a "degree" on it. If the terms "degree" or "percentage" are applied to either value, that value becomes subjective and I no longer have to argue the point. Unfortunately, you'll usually hear "degree of exposure" or threat described as a percentage (i.e., "how much of a threat is it?"). The real trouble lies within "asset replacement cost". It's an oversimplification and a subjective value hiding behind a number. (i.e., it isn't quantitative!) Don't think so? Try this: - The basic "asset replacement cost" works best with a standalone system. If it's connected to any other asset, networked or not, the value quickly becomes a WAG (nice version: Wild Assumed Guess) (not-so-nice: drop "um" from the middle word and add a hypen between the first two words)
- The basic "asset replacement cost" works best with a dedicated system. In other words, it's not used for anything else. If the system is used for any additional function, "asset value" gets complicated and other systems may be dragged into the equation. If the equation is artificially limited to the system under discussion, the value loses it's integrity.
- "Asset replacement cost" is only valid when applied to hardware or programs. It fails horribly when applied to data. Normal business types will attempt to say that data replacement cost is nil ("we have a backup, don't we?"). I've yet to see any organization, outside of federal, that will attempt to actually recover "lost" data. Oh, and a law suit does not meet the definition of "recovery". At best, an organization might take into account penalties for lack of due care and/or due dilligence.
The end result is that the formula usually ends up being "risk = estimate X guess X stubbornly narrow error", losing it's security "value" entirely and becoming a rationalization for a business action that might not improve security at all. In any case, I enjoyed the argument, though it would have been better demonstrated if a white-board was involved. I also won't deny that I enjoyed tormenting two people who actually needed it. Many people who obtain certifications often "stop" once they get them. If a person stops thinking about (and practicing) security, the certification becomes little more than a badge to hang on the wall. Thoughts? joat: 17:00:00 27 Nov 2005 |
|
|
Sat, 26 Nov 2005
|
|
What comes out of the " First Responder Standard" should be interesting to watch. Various groups have attempted this. The main stumbling block is the lack of a common infrastructure (e.g., radio frequencies, communications protocols, etc.). joat: 21:30:00 26 Nov 2005 |
|
|
Fri, 25 Nov 2005
|
|
|
I highly recommend O'Reilly's book, "Switching to VoIP" by Ted Wallingford. If you're messing around with Asterisk, it's a good book to have. While there's not a whole lot on setting up Asterisk, it is a good reference for theory and troubleshooting. joat: 21:30:00 25 Nov 2005 |
|
|
Thu, 24 Nov 2005
|
|
|
Happy Birthday to son Jonathan! Happy Bird-Day to everyone! joat: 21:30:00 24 Nov 2005 |
|
|
|
|
Microsoft's Office 12 product looks like it's going to be a pretty slick product. After a "first look", I like it. However, I could have gone without the marketing approach that the Redmond Dog & Pony Show used. They seem to have taken a page from the Presidential Race strategy guide, where you say little about what you can do and verbally deride all of your competitors. The part that struck me as a bit odd was about interoperability, a point which they stress repeatedly when talking about the Office 12 product. It's taken me almost a month, but I think that I've finally figured out what they meant by the term: they're not talking about platform interoperability, they're talking about interoperability between Office 12 products! [*sarcasm on*] Now there's something new. [*sarcasm off*] Just call me "slow" this month. Microsoft almost "gets it". They've said that they're going to allow others to "use" their document format via a free license. The only restriction appears to be "with attribution to Microsoft". What "attribution" means may be a sticky point in the future. I need to find a copy of the EULA and license agreements they're using. Update: Is this a case of schizophrenia? How can something be patented and open source at the same time? Seems that the open source format has been submitted for patent in certain countries... This will be interesting to watch as it unfolds. joat: 15:17:40 24 Nov 2005 |
|
|
Wed, 23 Nov 2005
Tue, 22 Nov 2005
|
|
It happened almost a week ago but... Brian Carrier has posted a new
issue of " The Sleuth Kit Informer", a newsletter he writes in
conjunction with the Sleuth Kit. This issue talks about the new license
for the Sleuth Kit and about changes to the ils tool.
joat: 13:00:00 22 Nov 2005 |
|
|
Mon, 21 Nov 2005
Sun, 20 Nov 2005
|
|
Monoculture is a recognized problem when discussing malicious code.
It's what amplifies the effects of malicious code to the point where it
can have devastating effects. Here is another
paper from last year's WORM, this one describing a method called
synthetic diversity as a method for combating malicious code. It's an
interesting read but I disagree with most of it for a number of
reasons: - Synthetic diversity within a program can only go so far.
While the techniques may reduce the number of attack points within a
program, it won't remove them entirely. Add millions of users to that
situation and diversity within a program that does the same function,
time after time, becomes a bit shallow.
- As always, adding
complexity isn't a good response to lessen vulnerabilities. The KISS
principle is better.
- Diversity can only be provided via a small
number of methods. It wouldn't take long for the "bad guys" to adapt.
Even if more methods were developed, it would lead to an already
familiar type of arms race.
Anyone care to argue for or
against?
joat: 13:00:00 20 Nov 2005 |
|
|
Sat, 19 Nov 2005
Fri, 18 Nov 2005
|
|
I hereby declare the novelty of podcasting as officially dead and that the technology is now mainstream. While searching for additional content to listen to during this week's commutes, I noticed that the "ususal suspects" also have their own podcasts. The "usual suspects" include the panorama of pseudo-science, fake grass-roots sock puppet, conspiracy theorist, and hate types. The good news is that I did find some new security and tech-related casts to listen to (for a list, see my Bloglines subscriptions link at the top of this page). joat: 13:30:00 18 Nov 2005 |
|
|
|
|
Here is a collection of
notes that relate to network operations.
joat: 13:00:00 18 Nov 2005 |
|
|
Thu, 17 Nov 2005
|
|
AWK is one of those "things" that you very quickly (you wouldn't believe
how quickly) forget if you don't use it continuously. It's also a very
powerful tool to have. Here is a tutorial for
it.
joat: 13:00:00 17 Nov 2005 |
|
|
Wed, 16 Nov 2005
|
|
I've loved Zyxel modems for many years. However, they've lost points
with me for thinking that undocumented
or hidden equates to secure. What's that old line about repeating
history? [*sigh*]
joat: 22:30:00 16 Nov 2005 |
|
|
|
|
O'Reilly has a quick
tutorial for GraphViz. This is valuable if you draw a lot of flow
charts or relationship drawings.
joat: 13:00:00 16 Nov 2005 |
|
|
Tue, 15 Nov 2005
|
|
It's a bit dated but SANS has a good piece on
DNS poisoning. It describes some of the issues and lists a few
mitigations.
joat: 13:00:00 15 Nov 2005 |
|
|
Mon, 14 Nov 2005
|
|
Too much time on your hands? Why not entertain yourself by watching the headers of the sites that you visit and see what sort of extra kruft is included?
joat: 13:00:00 14 Nov 2005 |
|
|
Sun, 13 Nov 2005
|
|
Everyone should steer clear of the " Nothing joke". The joke has been stretched
so far that when it does fail, Nothing will be funny. Nothing is
sacred. According to the theory of relativity: Nothing travels faster
than light, Nothing existed before the Big Bang and Nothing can have
negative mass. In the real world, Nothing is perfectly symmetrical and,
for most of the time, Nothing changes. When you're sick: Nothing
tastes good, Nothing is interesting and Nothing really matters. Then
again, Nothing is better than sleep to help you get better. A lot of
parents end up sending their kids to college to learn Nothing. Many of
those students think that Nothing is harder to learn than Calculus. If
those students learn Nothing, their parents tell them that they're good
for Nothing. That's about it for the puns. (I'm hiding Nothing.)
Please contribute Nothing to further the joke. SCO: you started this!
joat: 16:00:00 13 Nov 2005 |
|
|
|
|
Hmm... I may be in trouble here: It's roughly six weeks until Christmas
and roughly nine weeks until ShmooCon. I have more shopping done for
the latter than for the former. (If you're married, ignore the rest
of this. You already know the futility of the thought(s).) How can
it be my fault though? She still hasn't filled out her wish list!
joat: 13:30:00 13 Nov 2005 |
|
|
|
|
Some of it is vendor-centered but this site has a lot of
good hardware info.
joat: 13:00:00 13 Nov 2005 |
|
|
Sat, 12 Nov 2005
|
|
|
I've disabled the blogroll provided by Blogrolling.com as issues with
their server(s) were preventing this page from loading. If things don't
clear up soon, I'll probably move to a static list.
joat: 21:30:00 12 Nov 2005 |
|
|
|
|
OpenRCE has a pointer to a quick
binary analysis of Skype. Short but very interesting.
joat: 13:00:00 12 Nov 2005 |
|
|
Fri, 11 Nov 2005
|
|
Let's see if I can re-explain it (without shouting) for those that still
think that I'm anti-MS: it's the marketing aspect that I like to poke
fun at, not the tech. Example: the ongoing OpenDocument bickering.
The marketing department would like you to think that Massachusetts is
going to require Linux and OpenOffice. I doubt anyone who reads this
blog is confused but just in case, THEY'RE NOT THE SAME!!
(sorry) OpenDocument is a document format, not a program. MS Office
could save files in OpenDocument format with no more difficulty than
saving in .RTF or .TXT formats. If MS doesn't adopt the format, we'll probably see it as a third party plug-in. So what's the controversy? Why the
smoke and mirrors from Redmund? How about the "free
flow of data in and out"? With the OpenDocument format, MS no
longer owns any part of your documents, rather than the current
proprietary format where they own the font, the metadata format, and the file storage format. MS's risk in adopting the OpenDocument format?
Loss of user "lock in" (many companies initially adopt MS Office because
it's considered the "industry standard"), loss of font "lock in" (many
fonts are proprietary to MS Office), loss of feature "lock in" (a common
format is just that: common, and people will come to prefer
interoperability over proprietary features)(will anyone miss fighting
Words auto-formatter?). I've had to explain this issue multiple times
this week. Hopefully those in the State Government can recognize the
difference. Unfortunately, it's entirely possible that one or more of
those people can be hired to |
| |
