Thursday, December 29, 2005

King Kong (2005)

What's a guy gonna do after fucking up a good portion of the Lord of the Rings trilogy? Take a 1933 classic and give it a twist by having King Kong duke it out with T-Rex and the rest of the cast flee from a pack of velociraptors. The eye candy was excellent but I think Peter Jackson tried to humanize the king of the jungle a bit much with his relationship with the Naomi Watts character. Another mixed rating as the visual effects make it worth the $9 admission and with its three hours in length, make sure you bring the catheter & pee bag.

Activision - GUN™

Typically I don't write game reviews but this one I think warrantet it. Activision's "Gun" had a lot of potential and still does if they would give more of the free game play that Rockstar Games applied to the Grand Theft Auto series or
Max Payne. If this game had been released in 2001 and on Playstation I wouldn't bitch but come on.. You can almost tell that they cared more about the blood and gore factor to attract the kiddies rather than giving full game play to the buyer. You basically end up with two towns and a huge amount of empty space between the two. The storyline isn't bad but there is a certain degree of ridiculousness that they apply to make the game more difficult. I give the game a mixed thumb ranking but the scenes in the game where you get to use the cannon and howitzer are really awesome; hell even the secret gun you get once you complete all of the missions is fun although I really think they should beef up some of the side missions and expand the board with a town or two more. Maybe hide osme of the guns throughout the board so it doesn't take you forever to save up with your $10 wage to buy the really cool shit.

Sunday, December 18, 2005

The Ringer

This movie almost looks too good to be true; Johnny Knoxville taking on retards in an athletic competition. Too bad this won't have the same ball smashing fun as Jack Ass or the CKY: Camp Kill Yourself videos. I'll post a review when I get around to seeing it... maybe..

Sunday, December 11, 2005

My Daily Mantra

This will help anyone get through the day. Screw watching CNN or Fox News. This has more interesting commentary than anything that ever comes out of Lou Dobb's mouth.

Friday, December 09, 2005

And just in time for Christmas..

Looks like VMware is opening itself up this Christmas to provide a free tool to allow anyone to run VM session and share it across many people. Will need to investigate later (like I ever have time anymore)..

Monday, November 14, 2005

MARS updated to 4.1.1

New documentation for configuring end point devices to send logs into MARS. Cisco bought this technology from Protego Networks. It's funnny; the 3.4 documentation still had all of the Protego branding. This is the first release under the Cisco banner. The CSA support has improved but it's still lacking heavily on the SAV end of course I think that has more to do with the support coming out of Symantec because in today's environment of DHCP networks, what good is a short hostname without an IP address? At least give me a FQDN.

Tuesday, November 01, 2005

Citrix overview for DMZ deployment

Not a bad article of understanding how Citrix ICA links and what ports you need to open for internet facing Citrix farms.

Saturday, October 22, 2005

Bas's brother goes to jail..

Dutch officials have turned over probably the largest known bot net to date. A couple of dutch citizens had approximately 1.5 million machines in their bot net..

Thursday, October 20, 2005

More Executive poaching...

First it was Mickeysoft v. Google now its Motorola v. Nortel.

Snorty snort

Good job Marty. I'm sure Checkpoint is probably pretty happy with their new acquisition of Sourcefire/Snort after this was released not too soon after that announcement.

Napster's learning curve | CNET News.com

Interesting article on what you can learn from the Napster-RIAA debacle of the past years. People are afraid of change and that's what Napster did - it turned the marketing and distribution of music to the masses upside down and completely failed to capitalize on it.

Saturday, October 08, 2005

OnMilwaukee.com Dining: Mexican restaurant guide

Various Mexican restaurants throughout Milwaukee.. La Perla isn't too bad just don't be stupid and think Dos Banditos in Glendale is anything close to mexican food..

Thursday, October 06, 2005

EETimes.com - CheckPoint acquires SourceFire for $225 million

So Checkpoint decided tobuy out Sourcefire today for $225 million dollars. Now Marty can retire and as one friend put Checkpoint just went from a 5 to 6% market share.

Wednesday, October 05, 2005

Bug spotted in Symantec antivirus | Tech News on ZDNet

So all of companies, iDefense finds some lame-oh bug in an old version of the Symantec Antivirus Scan Engine. Upgrade to 10 and start beating down the door on your platinum contracts for the patches. It's only a matter of time kids until your Enterprise is infected with anti-Antivirus.

Thursday, September 15, 2005

Beyond "Blaster" - MSRPC Evasions

Paper on observing Mickeysoft at work..

AirSnare - Intrusion Detection Software for Windows

AirSnare - Intrusion Detection Software for Windows

F.I.R.E.

Select a Mirror for File: /biatchux/fire-0.4a.iso

Build your own PIX

Quick HOWTO on building your own PIX since the going price for a brand new one can be a wheee bit expensive.

Tuesday, September 13, 2005

Just because I always forget..

Getting rid of the ^M in your file..

CGDB - a curses debugger

Curses GDB that allows you to view src while executing through gdb. very helpful.

Tuesday, September 06, 2005

Patch Management Software

Check out PatchLink or check out Shavlik for patching your enterprise. I'll revisit this when I have more insight to share.

Domain Secure Channel Utility -- Nltest.exe

A MS Tool for working with domains: Domain Secure Channel Utility.

Mozilla ActiveX Plug-in

here.

Foxie - Complete Privacy, Security and Productivity Suite

Here's a very nice security suite for those of you that are web paranoid. It provides a spyware cleaner, a privacy cleaner and a app level firewall. Pretty cool so far.

Sunday, September 04, 2005

Crooks and Liars

Anderson Cooper hits right on the head and takes it to Senator Landrieu and the others like her for not doing shit but thanking each other for doing God only know's what.

Sunday, August 21, 2005

BSDnews » Issue #2 » Using Dummynet for Traffic Shaping on FreeBSD

Monday, August 15, 2005

Thursday, August 11, 2005

Monday, August 08, 2005

sniffing network traffic in python

sniffing network traffic in python

sniffing network traffic in python

sniffing network traffic in python

flowgrep - TCP/UDP/IP stream 'grep' tool

flowgrep - TCP/UDP/IP stream 'grep' tool

Python links

Here's some decent python links:

Overview
Python tutorial

Packet captures
python-libpcap

Dugsong creations for packet capture:
simple pcap modulepypcap
Simplified packet creation/parsing: dpkt
low level networking routines (C/C++/Python/Perl): libdnet

fwlogwatch

fwlogwatch

LogAnalysis.Org

LogAnalysis.Org

WallFire: wflogs - the firewall log analyzer of the WallFire project - Hervé Eychenne

WallFire: wflogs - the firewall log analyzer of the WallFire project - Hervé Eychenne

OSSIM (Open Source Security Information Management)

OSSIM (Open Source Security Information Management)

OSSIM (Open Source Security Information Management)

OSSIM (Open Source Security Information Management)

eEye Digital Security - Vulnerability Management Solutions

eEye Digital Security - Vulnerability Management Solutions

Network Admission Control - Cisco Systems

Network Admission Control - Cisco Systems

Detecting Worms and Abnormal Activities with NetFlow, Part 2

Detecting Worms and Abnormal Activities with NetFlow, Part 2

Detecting Worms and Abnormal Activities with NetFlow, Part 1

Detecting Worms and Abnormal Activities with NetFlow, Part 1

Detecting Worms and Abnormal Activities with NetFlow, Part 1

Detecting Worms and Abnormal Activities with NetFlow, Part 1

Sunday, August 07, 2005

worm blog

Here's a worm blog. Discusses various aspects of how worms are and novell (well, that's subjective) approaches to containing them. Of course the obvious one would include people applying patches as they're available or using an operating system that isn't broken..

The Island (2005)

Just sawThe Island; it was a lot better than I was anticipating and by most accounts very pleased with what they put forward. For a summer action flick, it was well worth the matinee that I paid for.

Wednesday, August 03, 2005

Bitvise Home Page

Bitvise makes a very good commercial SSH server for WIntel and optionally supports tunnelling included a SSH tunneled Remote Desktop.

CNN.com - Geeks flex hacker muscles at Defcon - Aug 2, 2005

I wonder if this has anything to do with this. To quote the CNN article: "Among the exposed sheep were an engineer from Cisco Systems Inc., multiple employees from Apple Computer Inc. and a Harvard professor." Gee, warm fuzzies all around...


Excerpt from cisco.com:

Authentication Required

IMPORTANT NOTICE:

* Cisco has determined that Cisco.com password protection has been compromised.
* As a precautionary measure, Cisco has reset your password. To receive your new password, send a blank e-mail, from the account which you entered upon registration, to cco-locksmith@cisco.com. Account details with a new random password will be e-mailed to you.
* Because of a large number of requests, registered Cisco.com users may experience delays in receiving the new passwords.
* This incident does not appear to be due to a weakness in Cisco products or technologies.


Monday, August 01, 2005

Fake Phrack 63

The germans finally sobered up and released Phrack #63 for the masses. They claim it will be the last one but we all damn well know that it won't be; its just they haven't found anyone to pass the torch just as route passed it onto them.

Thursday, July 28, 2005

Cisco pulls an HP

Cisco, ISS file suit against rogue researcher. While none of the content Mr Lynn was presenting was necessarily groundbreaking and in some cases really needed to be fixed by Cisco, I still find it hysterical that Cisco would actually try and stop the presentation. For a company that's trying to assert itself as a major security vendor they're trying to cover up relevant information that customers should really know about. This is similar to the time that HP tried to sue Fatelabs for some really retarded exploits that they had found in Digital Unix.

Additionally:
Netsec blog
Washington Post

Monday, July 25, 2005

Sieve Networks

Sieve Networks .. Milwaukee based firm.. I hear they have a decent person or two.

Cisco Systems Critical Infrastructure Assurance Group

Here's a quick online howto for securing Cisco routers. Not too shabby..

Sunday, July 24, 2005

LinksysWrt54g - SeattleWireless

Here's a hack to put Linux on your linksys Wrt54g home wireless cable router. I haven't tried but seems pretty interesting, although personally I'd prefer it to be running FreeBSD and ipfw2 but that's just me..

For the lazy..

Here's a recommend reverse remote shell. It's quite a few helpful features including twofish, xor, and OpenSSL support for encrypted tunnels. But if you're interested in the above, this might be good for you as well.

Thursday, July 21, 2005

Remote Desktop Web Connection

Remote Desktop Web Connection

For the real geeks..

Ok, so everyone needs an inner geek to release so why not read the Stargate Blog.

Monday, July 18, 2005

Useful Visio template

A friend sent me a link
to this today. Definitely a more effective usage of Visio rather than lame network drawings. Its for the CSI wannabe in everyone.

Friday, July 08, 2005

klister

Simple tool for Windows 2000 which list the processes from the kernel then query via the native API to do a comparison. Also check out Blacklight from Fsecure or rootkit revealer from sysinternals.com.

sk8 goes to prison

Jerome Heckenkamp, aka "sk8", was sentenced in April for his previous eBay and Qualcomm intrusions. He'll be turning himself over next week. The hacker had previously claimed he was innocent and went to some extremes of even defending himself and trying to get off with minor technicalities but last January guilty and decided to pay up.

Thursday, July 07, 2005

The neverending blackhole of government regulations

CIO had a pretty good article over why SOX is eating up IT budgets and has even gotten worse for year 2 auditees, but of course the external auditors are so subjective in their approach that they keep making life a bigger hellf for everyone.

Tuesday, July 05, 2005

Vonage® VoIP Forum Forums - Post 1060 - FreeBSD ipfw traffic shapping rules

Vonage® forums have a couple of a examples of QoS with IPFW to make sure your phone gets all the packets it needs.

TaoSecurity: 01/01/2004 - 01/31/2004

Basic HowTo on configuring FreeBSD for the ng_netflow modules and turning on netflow for FreeBSD. More to come...

Friday, July 01, 2005

Reverse engineering patches making disclosure a moot choice?

Going off Halvar's demonstration from an earlier post; this article makes it obvious even to the layman that patches are just as damaging as full disclosure advisories.

Thursday, June 30, 2005

Using HSRP for Fault-Tolerant IP Routing

Cisco article on HSRP for fault tolerant configurations of routers. Good for fail over/DR configurations.

CNN.com - Backstreet Boy Nick Carter to rehab - Jun 29, 2005

CNN.com report that Nick Carter of Backstreet Boy fame will be entering alcohol rehab after pleading guilty to drunk driving. Personally, if I was him I'd be doing a lot more narcotics than alcohol to forget the fact that I was in the Backstreet Boys. What's funnier is that he was quoted through his publicist that he was on prescription meds "and was unaware of its interaction possibilities." Riiiiiiight.

Where all the white women at?

Reality tv going a bit too far? ABC sure thought so when they killed this new ( of the 100,000 ) reality show that had a competition to bring various minority families into a conservative, white neighborhood. Personally, I jjust want the highlight reel of the pagan family sacrificing the goat in their backyard and watching all of the white women run away in horror.

Wednesday, June 29, 2005

Hacking in my backyard

Someone
got caught with their hands in the cookie jar after being expelled from the kingdom. It's rather funny how every security professional out there is concerned more with the external security of his/her network than they are with the internals. The funniest statistic of this article is something most IT people already know: the vast majority of intrusions are leveraged by people with internal knowledge of the company.

Quote of the Day:
"'If you fire the guy with the keys to the kingdom, you had better do it very carefully,' Higgins said. 'There have been numerous cases where fired employees knew the back doors to get inside the company, and destroying data is one of the ways they use to get revenge.'"

Tuesday, June 28, 2005

Wired News: Rejected TV Pilot Thrives on P2P

See releasing TV shows over the internet really does help to bring back life to shows execs would pass over. Just ask the people from Firefly which has a new movie coming out this fall.

Monday, June 27, 2005

Retarded Book of the Weak(c)

Here's a book on how to become a Script^H^H^H^H^H^H Kiddie^H^H^H^H^H^H. This chapter specifically gives you an idea of how to interface with HD Moore's perl interface for Metasploit. Do yourself a favor and just buy CANVAS and the Shellcoder's Handbook. You'll learn a lot more.

Sunday, June 26, 2005

Wisconsin Disc Golf Courses

Here's a listing of disc golf courses in Wisconsin and also here's a free one in Milwaukee.

Friday, June 24, 2005

Reverse Engineering in 30 minutes or less...

Halvar Flake put together a pretty good movie of how to use his BinDiff tool against MS05-027 finding the patch and indirectly pointing out where the vulnerability is.

Interview: Looking at FreeBSD 6 and Beyond - OSNews.com

Here's a really good interview with the core of the FreeBSD development staff on what FreeBSD 6.0 will behold for us. Included topics are the SMPVFS project, the hyper-threading vulnerability and the implementation of TrustedBSD into FreeBSD 6.0.

Thursday, June 23, 2005

Supreme Court Rules Cities May Seize Homes

Great. Lets empower the rich even more by giving them supreme court backing to bulldoze people's homes for a new Walmart or mall.

Tuesday, June 21, 2005

Welcome to the Microsoft Security Response Center Blog!

The M$ Security Response blog. Didn't see anything to great here but will have to explore later.

Monday, June 20, 2005

The Common Vulnerability Scoring System (CVSS)

The complete guide to the Common Vulnerability Scoring System. Written partially by Mr. Libnet and others..

yersinia...

Pretty neat tool for testing network protocol attacks such as CDP forgery, Spanning Tree and other layer 2 attacks.

Sunday, June 19, 2005

CISSP, MSCE, SSCP, CISM, A+, CCIEAEAKEAGAGEAGFUCK!#%!#%#!

Here's a pretty good reason why certifications don't par up with experience. The only time I've seen certifications come into question is when either two cases: 1) you're looking for a new job and in that case that the certifications is the equivalent of having a Bachelor's degree ( yes a simple check box will suffice) or 2) you're an external consultant trying to prove to executives why paying you $500/hour when the executive is too fucking stupid to realize there's plenty of people within his organization who know whats wrong already if they'd ever perk up from the stock portfolio or upcoming golf match. Bitter? You better fucking believe it.

BGP Security and Dark IP

Here's a linkto a decent presentation to BGP Security and some techniques being used to mitigigate distributed DoS attacks. Some neat references make from the presentation refer to the Internet Motion Sensor project at U of M and the Internet draft on the use of Sinkholes by ISPs.

Here's also a link on how to create your own darknet.

Sysinternals Freeware - Security Utilities

Even more good Windows security tools. Some are pretty simplistic but considering M$ writes a pretty gui intensive its always nice to have command line tools.

The Strider GhostBuster Project

Even Microsoft has their own toolkit to detect rootkits. Good thing people stopped doing the 1998 technique and have gone on to more interesting ideas.

Friday, June 17, 2005

Is Linux For Losers? - Forbes.com

Theo de Raadt does it again. In this article again he emphasizes why Linux isn't UNIX and emphasizes with the mantra of a every BSD user out there: "Linux is for those who hate Microsoft and BSD is for those who love UNIX."


While Linux has done a lot to improve itself with the 2.6 kernel series, its still primarily a culture of distribution freaks who spend more time working on ports and broken systems that ultimately were BSD driven.

Serenity (2005)

Saw the trailer for Serenity last night and it looks to be good as the original Firefly series that Fox killed. Too bad it didn't last for more than one season but I think the movie will probably have a sequel if it takes off.

Thursday, June 16, 2005

Batman Begins (2005)

Best Batman movie ever. I just got out of it and this by far really gets to the core of the Batman comics and added a nice twist of realism to Batman. Christian Bale played the best Batman to date. You might remember him from some of his other great performances. Go see it.

When nerds grow up..

This is what happens when you allow nerds to procreate together. Note the article focuses on how the two parents should have left their child with its grandmother rather than taking responsibility. Brilliant. More incidents like these and Asia won't have much of a population problem anymore.

Sunday, June 12, 2005

Cheap Tickets and Student Travel Airfare Deals

This might be worth enrolling Jacquie back into school just so we can travel cheap again..

Google Hack: Chicago crime

CNN covered a new google hack whereby someone interfaced with the Chicago crime statistics from their police website to geographic show the high crime rates on demand.

Also check out this site to show where the pedophiles are in Florida via Google maps. Or better yet, check out Housingmaps to find your new home via craigslist and Google.

Saturday, June 11, 2005

SecurityFriday [RpcScan]

Pretty interesting link to a rpcscan tool to enumerate services tied to port 135 on MS. Seki's presentation at Blackhat Windows 2004 adds a lot to the idea of using RPC to fingerprint endpoint services running on the system.

Death to SOX

Tom Ptacek yet again presented a really good opinion
on how ineffective SOX is being implemented into organizations. From personal experience the external auditors are trivializing and in most cases putting way to much emphasis on documentation rather than allowing IT Security professionals to focus on actual key risk areas.

Personally, they should start with financial controls and THEN analyze the impact of IT and the underlying financial system infrastructure as the external first start with IT and then work their way into business process controls thereby leaving CIO's big glaring issues that their organization has significant issues as they've streamlined their organizations and have assigned multiple roles to developers and administrators to reduce their overall IT costs.

And lets not even forget that with the Final 4(tm) organizations many of them are pulling inexperienced CPA's straight from college slapping a senior title to charge more and giving them a checklist to evaluate an organization's overall approach to security and development...

Additional articles that are linked within his blog entry:

Washington Post article

Actual PCAOB article

And here's the new guidance.

Friday, June 10, 2005

The Devil's Advocate: Mac Punditry: Deranged and Dumb on any Processor || The Mac Observer

Goodbye PPC; Hello Intel. Interesting rant on Apple's decision to go Intel.

Monster Frozen Drink Maker

Everyone needs one of these for their summer barbeques.

Cisco Security Monitoring, Analysis and Response System� [Cisco Security Monitoring, Analysis and Response System] - Cisco Systems

Who needs a bunch of monkeys to read logs when you can use MARS to do it for you? Also check out their CSA product.

Wednesday, June 08, 2005

solo NOT so1o

This is one man's quest to seek the answer to the age old question: "Is it just Americans who want to hide the fact that they're sexually assaulted by aliens?"

Thursday, June 02, 2005

SQL Server security

Page relating to my initial research into SQL Server security. LanGuard provides some functionality for identifying issues as well.

Wednesday, June 01, 2005

Tomahawk Test Tool

NIPS test tool. Have yet to test; but can simulate a mess of network traffic. It's an opensource project released from Tippingpoint.

Tuesday, May 31, 2005

DEBKAfile - Two Suspected Israeli Computer Hackers Face Extradition from London

Now this is what I call "corporate espionage." I picked this article up from the DD ( see prior posts ). It will be interesting to how this pans out.

Monday, May 30, 2005

Preventing turkeys from reading your AOL hacker chats

I wish all of the idiots who have developed an encryption plugin for their AIM clients would've taken a deep breathe and provided something like this from the frogs at Secway..Although its funny to realize such ex-blackhats as Nicolas "plaguez" Dubee work there.

The Elder Geek on Windows XP

Decent website for Windows XP fixes and associated nonsense.

MBA Elites try to predict future and fail

Today's bonehead move.
Some Adrian Lamo ripoff told BusinessWeek back in Feb how to pull your admission results to determine if you're one of the business elite. I find it hilarious that 1) the problem was never fixed and 2) that the university's are even bothering with giving the prospects a second chance to explain their actions. For such universities that are supposedly so good at understanding the human psyche and making good business decisions, how fucking dumb are you to think that everyone is going to obey the honor code and not look? With so much riding on getting into a prestigious business schools, who quite honestly wouldn't want to know early if they were admitted or not? Quite honestly, its a pure demonstration of typical business ethics and what is demonstrated by executive teams in attempting to gain a "competitive advantage."

What The Hack

It's that time again. 4 years later and its time to invade the Nederlands once more. In 2000, it was HAL 2000. This time its What The Hack. Hopefully this year the OpenBSD team doesn't get picked on as much and have their poster defaced or get their tent dropped... Just make sure you don't drop the soap if you see any of these guys in the group shower..

Sunday, May 29, 2005

what the ....

I was minding my own business as usual until one of my friends pasted this to me. He seems like a good guy and probably misunderstood by the Man.... just like Frankenstein...

The DD

The Daily Dave mailing list . One of the few mailing lists out there that isn't moderated and still maintains to be intelligible from time to time. Probably the only mailing list that I bother to follow anymore. Well worth the wasted mail space.

Aitel also has a pretty decent pentest tool known as CANVAS. Much cheaper than Core Impact and definitely more useful than Nessus. Buy a copy and ensure Bas doesn't get too thirsty.

decent blog to read

Tom Ptacek's blog. If you're unfamiliar with Tom then look up his initial work in breaking NIDS while he was working at Secure Networks. I used his original work in my senior project regarding IDS and their falicies. He's also worked at a defunct start up ( Sonicity ) and now in charge of product marketing at Arbor Networks.

Saturday, May 28, 2005

test

blah blah blah.. might as well try..