| August 2007 |
|---|
| Sun |
Mon |
Tue |
Wed |
Thu |
Fri |
Sat |
| |
|
|
1 |
2 |
3 |
4 |
| 5 |
6 |
7 |
8 |
9 |
10 |
11 |
| 12 |
13 |
14 |
15 |
16 |
17 |
18 |
| 19 |
20 |
21 |
22 |
23 |
24 |
25 |
| 26 |
27 |
28 |
29 |
30 |
31 |
|
|
Recent Comments
Wiki RSS
|
Sun, 31 Dec 2006
|
|
Here is a sample chapter from " Computer Forensics: Incident Response Essentials", entitled " Tracking an Offender". Although the material is five years old, it still applies. To fill in the gaps, here's a few bits: - While the message ID for email is unique, it may or may not be random. It may be worthwhile to know more about the systems handling the mail you're investigating. (Hint: Message ID's generated by Sendmail are based on process number and time of day.)
- In addition to NetBIOS (for Unix systems, use nbtscan), it's likely to be worthwhile to run other tools, like Nmap, to get a better idea of the services running on a machine. This is an act of last resort though as accessing a suspect system may foul any legal proceedings. Then again, if the system is out of your reach...
In any case, it's been five years since the book was published. I expect that it will be updated shortly (I hope). joat: 14:12:12 31 Dec 2006 |
|
|
Sat, 30 Dec 2006
|
|
From Anarchaia, here is a list of tutorials dealing with various statistics-related methods/theories. joat: 12:26:53 30 Dec 2006 |
|
|
|
|
The obvious response to this is to port Vi to the DS too. joat: 12:26:49 30 Dec 2006 |
|
|
Fri, 29 Dec 2006
|
|
I cannot vouch for the accuracy, but here is a list of IP's that I believe to be part of a unique botnet. Reason: an entries in the web server logfile that indicate a scripting error common to all of the IP's. Please be careful in handling the list, there's likely to be innocent bystanders in there also. At the moment, I don't have time to do the research. joat: 20:05:40 29 Dec 2006 |
|
|
Thu, 28 Dec 2006
|
|
|
Just in case anyone's wondering, I'm still around. The change in jobs required a bit of reorganization on my part. That along with the PowerStorm incident has kept me quite busy for a few weeks. I should be back up to speed shortly. joat: 23:55:33 28 Dec 2006 |
|
|
|
|
Is this criminal? Having differences based on shortcomings between browsers is one thing. Intentionally creating artificial differences is another. Any lawyers in the house? joat: 23:44:08 28 Dec 2006 |
|
|
|
|
For some reason I cannot get the video feeds to work but the audio feeds from 22c3 seem to be working fine. joat: 22:47:00 28 Dec 2006 |
|
|
|
|
Umm... Not a good sign. 
joat: 11:27:19 28 Dec 2006 |
|
|
Mon, 25 Dec 2006
|
|
One good thing that came out of the recent spammer floods from PowerStorm is that it forced me to work with the code underneath the blog. Because I'm working with static pages now, I'm able to use a different set of plugins. The latest experiment is with Sensei's Blosxom Plugin, which allows me to use miscellaneous short-hand for links while editing posts. Note: for anyone attempting to download the plugin, the link on the page is incorrect. The code actually resides here. joat: 20:44:29 25 Dec 2006 |
|
|
Sun, 24 Dec 2006
|
|
Associated with the 22 Dec fix for magic quotes is a needed configuration fix for memory issues. Because I don't have admin access to the server, I have to attempt various (sometimes impossible) fixes inside the programs that I use. Associated with this, the index page of the wiki was overly large, especially after I've been adding various extensions. In any case, I was able to figure out how to increase the PHP memory limit for MediaWiki from within the code itself. Wiki entry is here. I've also moved the index to it's own page and have added a couple extensions to the wiki which track changes. See them here. joat: 06:27:47 24 Dec 2006 |
|
|
Fri, 22 Dec 2006
|
|
When the powers that be at 757 upgraded PHP, they turned on various magic_quotes functions so that a program that needed them could be run. The problem with magic_quotes being turned on is that it breaks MediaWiki. The side effect noted here (on an already installed MediaWiki 1.6.8) was the addition of cumulative addition of delimiters ('\' characters) in front of every ' and ". Credit goes to Count at 757 for pointing me to the (for now, tentative) fix of adding the following near the top of LocalSettings.php and index.php: set_magic_quotes_runtime(0); That's it! Please let me know if this doesn't fix it or causes other problems. Wiki entry here. joat: 22:50:22 22 Dec 2006 |
|
|
Thu, 21 Dec 2006
|
|
|
Should I be scared that the Hello Kitty Pez dispenser is right next to the Orange County Choppers Pez dispenser? Is the end near? I was out looking for a USB power supply (a wall wart with a USB slot) and saw those in the check-out line. Yikes! (BTW, this is a test message for my "publish" script. Please ignore.) joat: 23:51:22 21 Dec 2006 |
|
|
Wed, 20 Dec 2006
|
|
In switching to the static pages, I've repaired some of the code in the back-end so that the RSS .91, RSS 1.0, and Atom feeds are updating themselves again. Please yell if you see any problems. It appears that I may have to resort to HaloScan or similar if I want to reinstate commenting... joat: 13:00:00 20 Dec 2006 |
|
|
Mon, 18 Dec 2006
|
|
Thanks to our PowerStorm buddies (the comment spammers), I've been forced to modify the blog. For now, I've turned off the comment system (again) and have switched to static pages. For those using the older CGI-based joatblog, this should be the last visible post. Everyone should update their readers/subscriptions to the following new URLs: I will be generating the blog on my home machine and periodically pushing it out to the server. It'll improve my relations with the other server tennants, allow me to mess with embedded PHP, and the shorter/simpler URLs should make the guys at CyberSpeak happier too. Heck, it needed consolidation anyways. joat: 13:00:00 18 Dec 2006 |
|
|
Sun, 17 Dec 2006
|
|
A long time ago, I experimented with forging domain authority on internal DNS servers as a anti-spam/anti-porn measure. It does work though I don't recommend it as a countermeasure unless you're willing to devote (I'm not kidding) a lot of time to updating the zone files. Over a one year period, I added 21K zones and still could not get ahead of the game. I guess it would help to have an organized project to rely on. Something like Bleeding Edge's black-hole DNS project. Mix in a little policy-based routing (IP and port redirects that are invisible to users) and your troublemakers get quite frustrated. If you manage a network, I recommend looking at this. Side note: what you use as a DNS server will determine how well you can scale the project. Windows DNS handles 21K domains poorly. Linux doesn't fare much better. (They do work but overload easily.) FreeBSD variants a bit better. The one that I recommend as a DNS server for heavy uses is BSDi (the commercial one). Wind River purchased BSDi and discontinued the product some time in 2003. It's still a very stable platform if you have the license. Side note: Wind River has purchased and discontinued at least one other OS. They're also the parent to VxWorks, which is that annoying OS in the newer 54G's. Would it suprise you that they've also been a partner to Redhat? joat: 13:00:00 17 Dec 2006 |
|
|
Fri, 15 Dec 2006
|
|
Unfortunately the SlimServer plugin for SageTV has some Windows specific JARs and won't work with the Linux version of SageTV. I know I might be one of the few Linux SageTV users on the planet but could we ask Chris Koele to fix the plugin? [*sniff*] Still won't prevent me from putting the Squeezebox on my wishlist though. (heh) joat: 13:00:00 15 Dec 2006 |
|
|
Thu, 14 Dec 2006
|
|
I just love it when someone thinks that the rest of the world should change so that their own stuff will work. Do I need to bring up the old story about the MSCE that repeatedly abused 100+ domains because reverse DNS lookups were keeping his outbound mail from being delivered? (Hey, he claimed that his having the MSCE cert qualified him as a DNS expert. I only egged him on.)(And wasn't the first to do so on that very topic.) joat: 13:00:00 14 Dec 2006 |
|
|
Sat, 09 Dec 2006
|
|
I'd noticed the web interface to SageTV awhile ago but didn't have the time to mess with it. Decided to poke at it for an hour or so. It actually took all of five minutes to install. It would have taken less time but I had to figure out where it needed to be installed as all of the directions talked about relative paths. In any case, I now have a very nice web front-end to SageTV with an especially nice (customizeable) show schedule interface. Notes and screenshots here. Next up, I want to play with SlimServer. For some reason they say that it doesn't work with the MediaMVP interface for SageTV, but it's supposed to work with the MVPMC firmware. I have hopes. Mebbe I'll have to come up with a way to select which firmware the MVP loads. I'm off to start dropping hints that I really want a Squeezebox and/or another MediaMVP. The Transporter is definitely a bit out of my budget at $2K. joat: 21:00:00 9 Dec 2006 |
|
|
Fri, 08 Dec 2006
|
|
Everyone please thank the ass spammer at 205.134.172.137 and 138. He was pounding the site so hard that the admins took the server offline and beat me. (A system load of 68?!) Analysis pending. joat: 02:18:29 8 Dec 2006 |
|
|
Thu, 07 Dec 2006
|
|
It's on! (ShmooCon) Pass it on! Say thanks to Mosh76 for pointing it out. joat: 07:10:29 7 Dec 2006 |
|
|
Tue, 05 Dec 2006
|
|
While playing with the MediaMVP box, I discovered DVArchive. I've got no use for it as I don't have a ReplayTV box but it should prove useful for anyone that does. It allows you to pull recordings off of the ReplayTV box and serve them up via an internal UPNP server. As it runs entirely out of Java, it's pretty simple to set up and run. The one thing that is hidden (left out) by the documentation is how to start the program: java -jar DVArchive.jar. joat: 13:00:00 5 Dec 2006 |
|
|
Mon, 04 Dec 2006
|
|
Spent most of my weekend of unemployment (did I mention that I was switching jobs?) poking at the guts of dotProject in an attempt to add e-mail alerts to tasks. It's taking awhile to gain enough understanding to add the appropriate code as, while the database tables are straight forward, the code and database queries in the original program are quite dense. As a break, I got the MediaMVP interface to SageTV up and running via a WRT54G which I configured as a client (notes). It works great. It's even able to grab the dongle.bin file (that file name is not required) via the wireless network. No skips, network dropouts or stutters as yet, even with live TV. My two biggest annoyances with the product so far is: 1) I don't yet have sufficient hard drive space to let it run full time (it can eat up space quickly) and 2) it means that there's yet another remote control to lose in the cushions of my favorite chair. On the other hand, it allows me to take down the video sender and the remote control repeaters that were causing so much interference with the network to begin with. I still plan on playing with MythTV and MVPMC. joat: 13:00:00 4 Dec 2006 |
|
|
Fri, 01 Dec 2006
|
|
Just noticed that there's 30 days to the 23C3. It's been awhile, I'm looking for some fresh con vids. The reason that I'm brining it up now is that it looks like they may also be doing live streams of various talks. joat: 13:00:00 1 Dec 2006 |
|
|
Tue, 28 Nov 2006
|
|
|
Given the response from the pictures (and my own fascination), is anyone interested in building a "photo album" of Wi-Spy shots? If no one's done it yet, I'll donate space on the wiki. joat: 13:00:00 28 Nov 2006 |
|
|
Mon, 27 Nov 2006
|
|
Harold Welte has a gripe about air conditioning turned up too high. He managed to irk me. He asks, "How weak have we become if we can't even tolerate temperatures up to, let's say, 30 centigrade?". My response is it's probably pretty weak if we can't tolerate a little cold, say 21 C? It irks me because I'm from much further north and I'm quite comfortable in a server room kept at 13 C. I'm used to winter in Buffalo (snow depths measured in feet) and Chicago (sub-sub-zero wind chills). I actually suffer at 25 C. My secondary response is to tell Harold to bring a jacket if he ever visits me. I won't visit him as there's only so much clothing I'm allowed (by law) to remove in public. Oh, sorry: here's rough equivalents: 30C ~ 86F, 25C ~ 77F, 13C ~ 55F, 21C ~ 70F. joat: 13:00:00 27 Nov 2006 |
|
|
Sun, 26 Nov 2006
|
|
For those interested, I've posted notes on my getting the Linux version of SageTV (including the MediaMVP module) up and running. joat: 21:30:00 26 Nov 2006 |
|
|
Sat, 25 Nov 2006
|
|
Dave: Here's the bookmarks. Look for the "video" and "streaming" tags in the right-hand column. joat: 20:00:00 25 Nov 2006 |
|
|
|
|
For those that care, I've copied the Wi-Spy screen captures into the wiki. joat: 13:00:00 25 Nov 2006 |
|
|
Fri, 24 Nov 2006
|
|
This latest screenshot from the Wi-Spy is probably useless for everyone else. 
What you're seeing is the traffic generated by my running "iwlist eth1 scanning" on the AP, over and over and over. Doing so revealed that the light noise between channels 10 and 13 isn't actually my neighbor's network. Rather, it's two neighbors' networks on channel 11. There was also another neighbor's network on channel 9 (weird choice). I really need to get outside and map the neighborhood. I especially need figure out how much interference the video sender will cause if I leave it running on channe 4 (around channel 11 for 802.11 traffic). Note to self: copy these pics into the wiki. joat: 13:00:00 24 Nov 2006 |
|
|
Thu, 23 Nov 2006
|
|
Here's another from the Wi-Spy. This one turned out to be quite valuable to me (or at least it explained a lot about some interference issues). 
What you're seeing is a capture of the signals from each of the channels on my Grandtech AVW-1000 Video Sender that I use to send audio/video into the back of the house. The interesting part is channel 1 which obviously fails to conform to FCC interference regs. (It's an old piece of equipment though). The bad news is that I'm going to have to rethink my spectrum management now that I can "see" it. joat: 13:00:00 23 Nov 2006 |
|
|
Wed, 22 Nov 2006
|
|
Here's the second screenshot from the Wi-Spy. 
The red, yellow, green and orange dots are generated by my own access point, running in 802.11g mode on channel 6. The bar between channel 8 and 9 has me intrigued. joat: 13:00:00 22 Nov 2006 |
|
|
Tue, 21 Nov 2006
|
|
Here's the first screen capture from the Wi-Spy. There's not much there as it's a picture of the background noise at my house. 
The light noise scattered between 10 and 13 is actually a wireless network belonging to a neighbor, a few house up the street. I have no idea what that narrow band of signal between channel 8 and 9 is. Josh Wright had pointed out a similar band during a recent talk and indicated that it was a wireless camera. Maybe that's the case here too. joat: 13:00:00 21 Nov 2006 |
|
|
|
|
Just noticed the following... (Click to see photo). (89K) Do you see it? (Hint: look at the body but not the text.) I've got a growing collection of messages in which someone has gone to the trouble of adding little colored threads. It is not a picture as the text is normal. Though the threads are included as part of a graphic, they are inline. If I resize the window, no scrollbars appear (unless there's too much text). This is too weird. Anyone have any ideas on what it is? joat: 11:37:20 21 Nov 2006 |
|
|
|
|
Once again, the Fed Ex delivery was waiting on my porch when I got home (I've already said that we'd asked them not to do that, right?) I'm not unhappy though. It was my Wi-Spy. I've been playing with it for the last half hour after spending the first half hour building the software (didn't really take that long to build but I had to chase down a few libraries) and eating dinner. In any case, over the next few days I'll post snapshots of various types of traffic. joat: 00:00:00 21 Nov 2006 |
|
|
Mon, 20 Nov 2006
|
|
|
For those that care, I've added some work to the wl page in the wiki and have removed the podcast items. The one menu looked horrible in IE. joat: 13:00:00 20 Nov 2006 |
|
|
Sun, 19 Nov 2006
|
|
[*sigh*] Various vaguely-related questions about Mr. Balmer's comments: - Why does this sound oddly familiar? (Okay, it's a leading question.)
- Does this have anything to do with the sudden reversion to that truly horrible TCP/IP stack in the new version?
- Do people yet realize that a covenant means that they won't sue but there's nothing to keep the originator from calling you a pirate, a thief, or worse?
- Does Mr. Ballmer believe that the only way his company can profit is to keep the communities alienated? (There is a not-small population that lives in both. I'm one of them.)
I hereby call for Mr. Ballmer to list the misappropriated intellectual property used in Linux so it can be removed and we can get on with life. (Who needs yet another court case where the claim is that Linus or one of his fanatics stole from so-and-so?) (It's been four years and we still don't know what was stolen from SCO.) Call me a pessimist but I think that PJ and crew are going to have enough material to keep them busy for a decade or more. Oh, and before I get beat up for being anti-MS, remember that I usually don't criticize the OS. Rather, it's the company's marketing tactics that I am vocal about. When does it stop? One pont to keep in mind is that the same tactics used against the open source community are readily adapted to the shareware and freeware programmers on both sides of the fence. Once a company decides that lawsuits are a legitimate (in their view) source of revenue, they will eventually strong-arm anyone they think is profiting (financially or otherwise) without "paying tribute" (MS's phrase, not mine). It might also be called "vig". joat: 13:00:00 19 Nov 2006 |
|
|
Sat, 18 Nov 2006
|
|
Andre Duran blogged about decentralized security and used the following picture. 
The caption reads: "So where do I deploy my firewall now?" My answer is: "You don't. You're screwed." And because each of those entities at the edge are likely to have similar looking networks, you're screwed. En masse. The decentralized border discussion has irked me for years because it makes some very bad assumptions concerning trust. Not trust in people, but in their behavior. Just about anyone that has worked network security for any large firm will tell you that people tend to drift towards practices which require the least activity on their part. In other words, people tend to procrastinate and some are downright lazy. Unless you can guarantee that each of those border entities conform to the letter and intent of your security policies, you're screwed. En masse. Your corporate network should reach farther than you can walk in 15 minutes and should only have users whose connection to your internal network can be terminated without a lawyer. The guy who has the power to hire and fire should also be within a 15 minute walk of your office (his pace, not yours). Decentralized security (the transparent border) has been a rationalization used to spend less money on security and to justify the convenience of teleworking with minimal spending. External people need access to a service or data set? Good. Stick that service in a DMZ and restrict who can access that. Even better, give them a laptop configured so that it is only capable of connecting to your DMZ. Block your internal users from accessing the DMZ too. If you have to supply access from between the internal network and the DMZ, use an application proxy and limit what can go through where, when (yes time limits) and how. The only company whose network diagram should look like the picture above is one who gives away network access for free and doesn't require passwords. (In other words, they have no service or data set, only connectivity.) Yeah, we're going to need identity-based security to be able to use IPv6, but that technology isn't available yet. And don't go pushing NAC at me. That only works when you own the network from end to end (i.e., it's centralized security and won't work with a decentralized network). Gunnary writes that security models must mirror the changes in business and technology or it's going to be broken. I think he's over-simplified the issue. While the company's "mission" may change greatly (moving from selling sneakers to MP3 players), the reason that the network is there changes little (provide word processing and access to the database). Decentralized security only works when your users cannot exert changes in any part of the network or even on their local system. If any one of them can connect their node to any other network then there's going to be trouble (ask CNN to tell the story about their senior management and the Welchia worm). If they can connect to yours and the other at the same time, you're screwed. En masse. Here's a hint: if you have a firewall like what Gunnar describes, with thousands of open ports, then your security domain is too big and your security policy is too generic. They should both be broken into communities of interest and protected as separate entities. Don't believe me? Go interview any Fortune 500 company. I'm willing to bet they partition off specific pieces of the network from their own users, not to mention the rest of the world. joat: 13:00:00 18 Nov 2006 |
|
|
Fri, 17 Nov 2006
Thu, 16 Nov 2006
|
|
Reminder to self: Watch for the next issue of Make Magazine. (It is supposed to have Ethan's truck in it!) Update: It's on the newstands! Ethan's project is on page 151. Ironically, the cover has a pinball machine on the front of it which is what he's toying with now. For those that don't know, Ethan is the one who stood up RockTheSkillCrane.com. joat: 14:00:00 16 Nov 2006 |
|
|
Wed, 15 Nov 2006
|
|
I've finally shelled out the coin for my own Wi-Spy. If I beat the delivery home, my neighbors are likely to be treated to a geeky version of " Lady, where's my spy camera?" joat: 13:30:00 15 Nov 2006 |
|
|
|
|
Here is a paper from Samuel Sotillo which describes some of the security issues associated with IPv6. joat: 13:00:00 15 Nov 2006 |
|
|
Tue, 14 Nov 2006
|
|
The fall issue of the International Journal of Digital Evidence is out (probably has been for awhile as I've not been tracking it). Again, it contains good topics. Topics this time out: memory analysis, SIM card forensics and Google Desktop as a source of evidence. joat: 13:00:00 14 Nov 2006 |
|
|
Mon, 13 Nov 2006
|
|
Here is the paper that appears to have started the battle between a security company and a spamming/malware group. joat: 13:00:00 13 Nov 2006 |
|
|
Sun, 12 Nov 2006
|
|
|
I'm Indian Head this week. On the map, it looks like an awfully small town. What is there to do in Indian Head, MD? joat: 15:56:02 12 Nov 2006 |
|
|
Sat, 11 Nov 2006
|
|
Attention! Would the owner of the system at 12.213.13.12 (in Middletown, NY) please take a look at his/her system? You are infected with a zipped/UPX-packed MyDoom variant and you are annoying the rest of the planet. Also, would Stephanie Micheneau please review the need for response e-mails for detected infections? MyDoom forges source addresses and I do not run networked systems susceptable to W32 viruses. So please stop yelling at me... (heh) joat: 21:30:00 11 Nov 2006 |
|
|
|
|
This has to be the worst week I've ever had with other organizations' customer support. For those that are considering buying the Archos 404 (and possibly their other models), know this: - You're only buying basic capability. The ability to view those Hak5 or Digital Life vidcasts requires the purchase of additional plugins.
- Archos has a really crappy interface for obtaining those downloads. The font on my product key didn't readily indicate the difference in similar characters so I typed in "O" when I should have typed in "0" (see?). The interface isn't written to self correct.
- The interface has some serious logic issues. Using the activation code with a mistyped product key burns the activation code at the same time that it spits back an error code about the product key. In other words, you can't then fix the product key and legitimately use the activiation key with the good product key.
- The interface has no way to fix the above. Customer support's fix for this is to refund your purchase (something that takes a number of business days to occur).
- The interface is a piece of shit because it's just a digital front end to a manual process. I re-ordered the plugin at 1:45 today and they still haven't forwarded the purchase to processing (the site does have a tracking capability). Now that it's after "business hours", I have to wait until Monday to get this fixed. Needless to say, I'm on the road again, starting Sunday.
Really, a $20 purchase shouldn't be this much of a headache. If it's not fixed first thing on Monday, I'm considering siccing my wife on 'em. (heh) joat: 02:00:00 11 Nov 2006 |
|
|
Wed, 08 Nov 2006
|
|
Written last night... One thing about monopolies. You can usually treat your customers as poorly as you can get away with, without the PUC stepping in. However, you can go too far. Point in case... My wife ordered two DVR's from Cox Cable and even offered to pick them up at the local store. No, no, Cox insists on overnight shipping. Three days later they're setting on our porch when we get home from work. One of them is missing it's power cord. After forty-five minutes of being on hold, we determine the other (obviously a refurb) can only display the schedule (no video). One phone call later, we discover that they can't be shipped back, we have to take them in to the local store. This means that I either have to take a day off or burn a Saturday morning to visit the store. Two days later, I'm standing outside the local store, waiting for it to open. Unfortunately, other people knew I was going to be there so they decided that they had to show their solidarity by also standing in line. Ahead of me. Two hours later, I'm at the counter, explaining to the problem with the box to the guy behind the counter. He explains that due to a mix up at the warehouse, he cannot replace my box at this time and asks if I would like to schedule a visit to my house. A few questions later, I discover that I would be charged for this visit. Five minutes later, I leave the store (with a receipt for the box I just turned in) with a promise that we would be called when a new box is available. After a few stops at the local gas station, burger joint and shopping center, I arrive home to realize that I hadn't called my wife (when I left the store) to tell her "How The Cable Company Was Going To Fix Her DVR". Fifteen minutes later, she's extracted a refund for the money paid for the service-so-far, a credit for $20, and a promise that the next available DVR would be shipped to the house. (Have I said that I am in awe of my wife sometimes?) Five minutes later, I realize that the phrase "ship overnight" was used. (Have I mentioned that sometimes I'm a little slow on the uptake?) Of course, three days later we arrive home to find that the delivery guy had left the box on the front porch again (we've asked them not to do that). Ninety seconds later, we place the box on the dining table and open it to discover that the device delivered was a cable converter, not a DVR. A split second later, I'm able to actually see the large capital letters as they pass through my wife's lips:AUGH!! (I think I know where Charles M. Shultz got the idea.) Ten seconds later, my wife has dialed the phone to customer support. After the obligatory waiting period, during which the not-really-soothing hold-music is interrupted a number of times by your-business-is-important-to-us-please-hold messages, my wife has determined that: there are no DVR's available at this time as the ones available are reserved for people already on the list for replacement, there's been another mix up at the warehouse, we still don't want to schedule a visit, there's actually no supervisor on duty in the call center at the moment, the operator is unable to understand why my wife is angry, and, ooh!, a supervisor just walked in. Two minutes later, my wife has a promise that someone will drive out to the house (from the only store in town) to hand deliver the DVR. (Have I said that I sometimes fear my wife?) Whether or not the device actually shows up remains to be seen. I'm not concerned about it though. In situations like this, I never am. It's always handled by my awesome/fearsome/loving wife who used to supervise customer support for a large Japanese conglomerate. I will admit that I find these snafu's funny much, much earlier than she does. (I think that it's funny now.) My advice to Cox: 1) Fire the guy in the warehouse (or the programmer that wrote the excuse generator). 2) Tell the poor schmuck who's delivering the box to smile and back away... 3) ...slowly... 4) ... from my wife. The dog only bites. 5) For lessons learned, write down that there exists an Ol' Girl Network (that didn't come out right but you get the idea), somewhat of a NANOG for current and former supervisors of customer service centers, where members have met at conferences, made friends, and know all of the office phone numbers and some of the home phone numbers of many of the OGN members. I doubt The Kevin Bacon Game works here (there's not that much separation) and, for me, "reach out and touch someone" has taken on a different meaning. Uh, I did indicate that my wife can be scary sometimes? Hint for those that still don't get it: my wife makes our Halloween costumes with a collection of t-shirts, cans of black and red spray paint, and whatever vehicle happens to be parked in the driveway. (We go as "road kill".) (The trick is to spray the tire as the vehicle is rolling.) Update: The box was delivered. I discovered: he has a wife too, there really was a mix up at the warehouse (grain of salt needed here but...), and you can catch cold after getting extremely soggy, standing in the front yard, in the dark, in the rain, talking about your wife. joat: 13:00:00 8 Nov 2006 |
|
|
Tue, 07 Nov 2006
|
|
Discovered last Friday in Cheasapeake: Barnes and Noble now sells Hakin9 from the magazine rack. joat: 13:00:00 7 Nov 2006 |
|
|
Mon, 06 Nov 2006
|
|
Squidly1, a friend, pointed this out a couple weeks ago (I'm only now catching up). Wicrawl is an access point auditor that was relased at Toorcon 2006. It has a "simple and flexible plugin architecture". The current list of plugins can be viewed here. The video of the Toorcon 2006 presentation can be viewed here (hi-res), here (lo-res), or downloaded here (note: slow download). There is a claim that the tool will be included in the next Backtrack CD which, BTW, has a beta of BT 2.0 out. There is also a training site for BT and a demo video for the new disk. joat: 13:00:00 6 Nov 2006 |
|
|
Sun, 05 Nov 2006
|
|
|
I attempted to find a good example of a forged email header, for a short demo that I'm writing, by wading through my quarantine folder. Guess what I've noticed: no one bothers to forge headers anymore. Why bother when you buy zombies for a few pennies per box? joat: 13:00:00 5 Nov 2006 |
|
|
Sat, 04 Nov 2006
|
|
Here is an interesting paper on location sensing in wireless networks. joat: 13:00:00 4 Nov 2006 |
|
|
Fri, 03 Nov 2006
|
|
Learning about WiMAX? Got a wide printer? Here's a poster you might be interested in. joat: 13:00:00 3 Nov 2006 |
|
|
Thu, 02 Nov 2006
|
|
It really doesn't look like a computer security site but it is. The WildList is a site devoted to listing "in the wild" viruses and related information. joat: 13:00:00 2 Nov 2006 |
|
|
Wed, 01 Nov 2006
|
|
|
joat: 13:00:00 1 Nov 2006 |
|
|
Tue, 31 Oct 2006
|
|
If you want to get a good idea of where the technologies are going, you need to read documents like Proceedings of the International Symposium on Advanced Radio Technologies (from March of this year). It contains a number of papers on various radio and spectrum issues. Note: NTIA is to national government as FCC is to general public. The common point between the two is the State Department. joat: 13:00:00 31 Oct 2006 |
|
|
Mon, 30 Oct 2006
|
|
Set up your Tivos. Johnny Long is going to be in a documentary on 1 Nov. (9-11 p.m.) on CNBC called "Big Brother, Big Business". The local Cox schedule shows a replay at midnight. Here's his announcement. joat: 13:30:00 30 Oct 2006 |
|
|
|
|
Here is a paper from Mike Kershaw and Josh Wright (who I saw talk this past week) which discusses attacks on the interface firmware (drivers). joat: 13:00:00 30 Oct 2006 |
|
|
Sun, 29 Oct 2006
|
|
Hopefully things have improved since this analysis of 802.1x but I'm not holding my breath. joat: 13:00:00 29 Oct 2006 |
|
|
|
|
For those interested, I've updated the software behind the wiki. For those affected, please bear with me while I make minor adjustments. joat: 02:33:50 29 Oct 2006 |
|
| |
