| August 2007 |
|---|
| Sun |
Mon |
Tue |
Wed |
Thu |
Fri |
Sat |
| |
|
|
1 |
2 |
3 |
4 |
| 5 |
6 |
7 |
8 |
9 |
10 |
11 |
| 12 |
13 |
14 |
15 |
16 |
17 |
18 |
| 19 |
20 |
21 |
22 |
23 |
24 |
25 |
| 26 |
27 |
28 |
29 |
30 |
31 |
|
|
Recent Comments
Wiki RSS
|
Sun, 31 Dec 2006
|
|
Here is a sample chapter from " Computer Forensics: Incident Response Essentials", entitled " Tracking an Offender". Although the material is five years old, it still applies. To fill in the gaps, here's a few bits: - While the message ID for email is unique, it may or may not be random. It may be worthwhile to know more about the systems handling the mail you're investigating. (Hint: Message ID's generated by Sendmail are based on process number and time of day.)
- In addition to NetBIOS (for Unix systems, use nbtscan), it's likely to be worthwhile to run other tools, like Nmap, to get a better idea of the services running on a machine. This is an act of last resort though as accessing a suspect system may foul any legal proceedings. Then again, if the system is out of your reach...
In any case, it's been five years since the book was published. I expect that it will be updated shortly (I hope). joat: 14:12:12 31 Dec 2006 |
|
|
Sat, 30 Dec 2006
|
|
From Anarchaia, here is a list of tutorials dealing with various statistics-related methods/theories. joat: 12:26:53 30 Dec 2006 |
|
|
|
|
The obvious response to this is to port Vi to the DS too. joat: 12:26:49 30 Dec 2006 |
|
|
Fri, 29 Dec 2006
|
|
I cannot vouch for the accuracy, but here is a list of IP's that I believe to be part of a unique botnet. Reason: an entries in the web server logfile that indicate a scripting error common to all of the IP's. Please be careful in handling the list, there's likely to be innocent bystanders in there also. At the moment, I don't have time to do the research. joat: 20:05:40 29 Dec 2006 |
|
|
Thu, 28 Dec 2006
|
|
|
Just in case anyone's wondering, I'm still around. The change in jobs required a bit of reorganization on my part. That along with the PowerStorm incident has kept me quite busy for a few weeks. I should be back up to speed shortly. joat: 23:55:33 28 Dec 2006 |
|
|
|
|
Is this criminal? Having differences based on shortcomings between browsers is one thing. Intentionally creating artificial differences is another. Any lawyers in the house? joat: 23:44:08 28 Dec 2006 |
|
|
|
|
For some reason I cannot get the video feeds to work but the audio feeds from 22c3 seem to be working fine. joat: 22:47:00 28 Dec 2006 |
|
|
|
|
Umm... Not a good sign. 
joat: 11:27:19 28 Dec 2006 |
|
|
Mon, 25 Dec 2006
|
|
One good thing that came out of the recent spammer floods from PowerStorm is that it forced me to work with the code underneath the blog. Because I'm working with static pages now, I'm able to use a different set of plugins. The latest experiment is with Sensei's Blosxom Plugin, which allows me to use miscellaneous short-hand for links while editing posts. Note: for anyone attempting to download the plugin, the link on the page is incorrect. The code actually resides here. joat: 20:44:29 25 Dec 2006 |
|
|
Sun, 24 Dec 2006
|
|
Associated with the 22 Dec fix for magic quotes is a needed configuration fix for memory issues. Because I don't have admin access to the server, I have to attempt various (sometimes impossible) fixes inside the programs that I use. Associated with this, the index page of the wiki was overly large, especially after I've been adding various extensions. In any case, I was able to figure out how to increase the PHP memory limit for MediaWiki from within the code itself. Wiki entry is here. I've also moved the index to it's own page and have added a couple extensions to the wiki which track changes. See them here. joat: 06:27:47 24 Dec 2006 |
|
|
Fri, 22 Dec 2006
|
|
When the powers that be at 757 upgraded PHP, they turned on various magic_quotes functions so that a program that needed them could be run. The problem with magic_quotes being turned on is that it breaks MediaWiki. The side effect noted here (on an already installed MediaWiki 1.6.8) was the addition of cumulative addition of delimiters ('\' characters) in front of every ' and ". Credit goes to Count at 757 for pointing me to the (for now, tentative) fix of adding the following near the top of LocalSettings.php and index.php: set_magic_quotes_runtime(0); That's it! Please let me know if this doesn't fix it or causes other problems. Wiki entry here. joat: 22:50:22 22 Dec 2006 |
|
|
Thu, 21 Dec 2006
|
|
|
Should I be scared that the Hello Kitty Pez dispenser is right next to the Orange County Choppers Pez dispenser? Is the end near? I was out looking for a USB power supply (a wall wart with a USB slot) and saw those in the check-out line. Yikes! (BTW, this is a test message for my "publish" script. Please ignore.) joat: 23:51:22 21 Dec 2006 |
|
|
Wed, 20 Dec 2006
|
|
In switching to the static pages, I've repaired some of the code in the back-end so that the RSS .91, RSS 1.0, and Atom feeds are updating themselves again. Please yell if you see any problems. It appears that I may have to resort to HaloScan or similar if I want to reinstate commenting... joat: 13:00:00 20 Dec 2006 |
|
|
Mon, 18 Dec 2006
|
|
Thanks to our PowerStorm buddies (the comment spammers), I've been forced to modify the blog. For now, I've turned off the comment system (again) and have switched to static pages. For those using the older CGI-based joatblog, this should be the last visible post. Everyone should update their readers/subscriptions to the following new URLs: I will be generating the blog on my home machine and periodically pushing it out to the server. It'll improve my relations with the other server tennants, allow me to mess with embedded PHP, and the shorter/simpler URLs should make the guys at CyberSpeak happier too. Heck, it needed consolidation anyways. joat: 13:00:00 18 Dec 2006 |
|
|
Sun, 17 Dec 2006
|
|
A long time ago, I experimented with forging domain authority on internal DNS servers as a anti-spam/anti-porn measure. It does work though I don't recommend it as a countermeasure unless you're willing to devote (I'm not kidding) a lot of time to updating the zone files. Over a one year period, I added 21K zones and still could not get ahead of the game. I guess it would help to have an organized project to rely on. Something like Bleeding Edge's black-hole DNS project. Mix in a little policy-based routing (IP and port redirects that are invisible to users) and your troublemakers get quite frustrated. If you manage a network, I recommend looking at this. Side note: what you use as a DNS server will determine how well you can scale the project. Windows DNS handles 21K domains poorly. Linux doesn't fare much better. (They do work but overload easily.) FreeBSD variants a bit better. The one that I recommend as a DNS server for heavy uses is BSDi (the commercial one). Wind River purchased BSDi and discontinued the product some time in 2003. It's still a very stable platform if you have the license. Side note: Wind River has purchased and discontinued at least one other OS. They're also the parent to VxWorks, which is that annoying OS in the newer 54G's. Would it suprise you that they've also been a partner to Redhat? joat: 13:00:00 17 Dec 2006 |
|
|
Fri, 15 Dec 2006
|
|
Unfortunately the SlimServer plugin for SageTV has some Windows specific JARs and won't work with the Linux version of SageTV. I know I might be one of the few Linux SageTV users on the planet but could we ask Chris Koele to fix the plugin? [*sniff*] Still won't prevent me from putting the Squeezebox on my wishlist though. (heh) joat: 13:00:00 15 Dec 2006 |
|
|
Thu, 14 Dec 2006
|
|
I just love it when someone thinks that the rest of the world should change so that their own stuff will work. Do I need to bring up the old story about the MSCE that repeatedly abused 100+ domains because reverse DNS lookups were keeping his outbound mail from being delivered? (Hey, he claimed that his having the MSCE cert qualified him as a DNS expert. I only egged him on.)(And wasn't the first to do so on that very topic.) joat: 13:00:00 14 Dec 2006 |
|
|
Sat, 09 Dec 2006
|
|
I'd noticed the web interface to SageTV awhile ago but didn't have the time to mess with it. Decided to poke at it for an hour or so. It actually took all of five minutes to install. It would have taken less time but I had to figure out where it needed to be installed as all of the directions talked about relative paths. In any case, I now have a very nice web front-end to SageTV with an especially nice (customizeable) show schedule interface. Notes and screenshots here. Next up, I want to play with SlimServer. For some reason they say that it doesn't work with the MediaMVP interface for SageTV, but it's supposed to work with the MVPMC firmware. I have hopes. Mebbe I'll have to come up with a way to select which firmware the MVP loads. I'm off to start dropping hints that I really want a Squeezebox and/or another MediaMVP. The Transporter is definitely a bit out of my budget at $2K. joat: 21:00:00 9 Dec 2006 |
|
|
Fri, 08 Dec 2006
|
|
Everyone please thank the ass spammer at 205.134.172.137 and 138. He was pounding the site so hard that the admins took the server offline and beat me. (A system load of 68?!) Analysis pending. joat: 02:18:29 8 Dec 2006 |
|
|
Thu, 07 Dec 2006
|
|
It's on! (ShmooCon) Pass it on! Say thanks to Mosh76 for pointing it out. joat: 07:10:29 7 Dec 2006 |
|
|
Tue, 05 Dec 2006
|
|
While playing with the MediaMVP box, I discovered DVArchive. I've got no use for it as I don't have a ReplayTV box but it should prove useful for anyone that does. It allows you to pull recordings off of the ReplayTV box and serve them up via an internal UPNP server. As it runs entirely out of Java, it's pretty simple to set up and run. The one thing that is hidden (left out) by the documentation is how to start the program: java -jar DVArchive.jar. joat: 13:00:00 5 Dec 2006 |
|
|
Mon, 04 Dec 2006
|
|
Spent most of my weekend of unemployment (did I mention that I was switching jobs?) poking at the guts of dotProject in an attempt to add e-mail alerts to tasks. It's taking awhile to gain enough understanding to add the appropriate code as, while the database tables are straight forward, the code and database queries in the original program are quite dense. As a break, I got the MediaMVP interface to SageTV up and running via a WRT54G which I configured as a client (notes). It works great. It's even able to grab the dongle.bin file (that file name is not required) via the wireless network. No skips, network dropouts or stutters as yet, even with live TV. My two biggest annoyances with the product so far is: 1) I don't yet have sufficient hard drive space to let it run full time (it can eat up space quickly) and 2) it means that there's yet another remote control to lose in the cushions of my favorite chair. On the other hand, it allows me to take down the video sender and the remote control repeaters that were causing so much interference with the network to begin with. I still plan on playing with MythTV and MVPMC. joat: 13:00:00 4 Dec 2006 |
|
|
Fri, 01 Dec 2006
|
|
Just noticed that there's 30 days to the 23C3. It's been awhile, I'm looking for some fresh con vids. The reason that I'm brining it up now is that it looks like they may also be doing live streams of various talks. joat: 13:00:00 1 Dec 2006 |
|
|
|
