oh well... dont have time to mess around any further.

A visit from the FBI

What surprised me, however, were how often Trojans are used to mess with the heads of the poor unsuspecting suckers who own the zombie machines. A favorite trick is to surreptitiously turn on the Webcam of an owned computer in order to watch the dupe at work, or watch what he's typing on screen. This part isn't surprising. But Dave had countless screenshots, captured from impounded machines or acquired online from hacker hangouts, where the script kiddie, after watching for a while, just can't help himself any longer, and starts to insult or mock or screw with the duped owner.

How can the above not be fun for a 13-16 year old?!?

In one, a hacker sent a WinPopup message to a fellow: "Hey, put your shirt back on! And why are you using a computer when there's a girl on your bed!" Sure enough, the camera had captured a guy using his computer, sans shirt, and in the background you could clearly see a young woman stretched out on a bed.

In another, a man was working a crossword puzzle online when the hacker helpfully suggested a word for 14 Down (I think it was "careless"), again using WinPopup. In a third, a screenshot captured the utterly shocked expression on a man's face - mouth agape, eyes open wide in amazement - when his computer began insulting him using, you guessed it, WinPopup.

heh heh.... jeez... how can the above not be fun for a person of any age?!?

This is bad enough and it's also cruelly funny, but the scary part came in when Dave started talking about the other group behind the explosion of viruses and Trojans: Eastern European hackers, backed by organized crime, such as the Russian mafia. In other words, the professionals.

ok... not fun!

Worms hit home

My older brother is a long-haul trucker who carries a laptop with him. He bought a new top-tier machine recently, and upon returning home from work decided to plug it into the Internet. "Run Windows Update right away!" I cried, and he did. Yet somehow before the process was even completed he was already infected with the latest worm at the time, Welchia, and his machine started to reboot. I tried to explain to him over the phone how this can happen, but in his mind it made no sense at all. He had anti-virus software installed, and it was a brand new computer. He simply plugged it into his broadband connection, turned the machine on and look what happened. Well, let's step out of our shoes as security professionals for a moment and imagine yourself to be the average user -- this is the current state of computer security for a typical user's Microsoft (R) Windows (TM) experience.

Its hard to look from that perspective. I've been a system administrator for so long....

Linux v2.6 scales the enterprise

Linux 2.6 Review

A primary focus of the v2.6 kernel is large server architectures. Support for up to 64GB RAM in paged mode, the ability to address file systems larger than 2TB, and support for 64 CPUs in x86-based SMP systems brings this kernel and Linux into the more rarified air of truly mission-critical systems. The included support for NUMA (Non-Uniform Memory Access) systems; a next-generation SMP architecture; and PAE (Physical Address Extensions), providing support for up to 64GB of RAM on 32-bit systems, is also new.

Mydoom virus

Microsoft offers money for information to the mydoom author

What the hell is the big deal with the mydoom virus. Maybe it did'nt hit my lab as hard as it hit others. But it seemed like any other virus to me. I just dont get what all the hoopla is about? Maybe they are just trying to scare the virus writers into not writing the viruses or something.

"This worm is a criminal attack,' said Microsoft's general counsel Brad Smith in a statement. "Its intent is to disrupt computer users...Microsoft wants to help the authorities catch this criminal." The company is offering $250,000 for information leading to the arrest of the worm writer.

I wish I could be in front of this guy when he said this. Stupid Moron! Stop making bull shit software. Stop putting the blame on people who are writing something that is good for the end user. If people would'nt write these viruses the wholes would'nt be patched, and the real theives would just get the important information and move out. Is'nt it worse if someone secretly hacks the computer, gets your information and leaves, without you knowing about it. Stupid, stupid people!

new laptop

Just bought a Dell Latitude C600 750 Mhz laptop. Cheap, but a real beautiful fun machine. I'm gonna have fun.

Top ten tools/hacks

Popular hacking tools of 2003

VPN solutions

Introduction to OpenVPN

OpenVPN

Security and Software Engineering

I'm currently carrying out research regarding how security considered at different levels during the software engineering cycle affect the end product, and end user.

My project page should evolve through the semester.

Here I will have a list of articles that will come in handy through this research.
Security in Software Engineering
Countering buffer overflows
Security and Software Engineering: a roadmap
Introduction to Input Validation with Perl
web security articles list
Secure programming for Linux howto

Spirit and Opportunity

Spaceflight Now: Mars Exploration Rovers

blog

My blogs old. I'm going to have to switch to a monthly archive. Weekly is starting to take up too much space.

I still havent found a good blogging service. Blogger for me, is the best so far. But it does'nt even come close to offering some of the features I'd want. I really need to get started on writing my own blog software.

Linux Desktop

Now that the Linux desktop is here, I'm a bit scared. Linux is about choice. And I dont want the whole community standardizing on one desktop. Sure it makes things easy, but I like one desktop and I dont like the other. And I dont want only one desktop to become the standard killing the second.

Its about likes and dislikes. I feel that one desktop has some features and feel to it that the other does'nt. I am sure the people who like the other desktop have the same feelings. Lets keep all of them. Even the small ones like enlightenment, windowmaker, blackbox, afterstep, ICEWM, KDE, GNOME......

Its about choice!

Some basic mysql primer stuff

I've been learning mysql, and here is some basic mysql setup stuff...

MySQL works in a client server model. First we need to setup the server stuff. I am using Suse 9.0, and I had installed all the applications that can be installed during initial setup. Mysql was therefore installed by default. /etc/rc.d/mysql start, causes the mysql daemon to start up. It does its initializations and informs the admin to setup a root password. That can be done by
mysqladmin -u root password "password"
Having completed the above command one can login using the mysql client.
mysql -u root -p
The above command will cause mysqlclient to ask for a password, and then you are ready to go.
The next step was to grant my local username access to a table. I issued the following commands,
GRANT ALL ON weblog.* TO adnan@localhost IDENTIFIED BY "password_here"
GRANT ALL ON weblog.* TO adnan@% IDENTIFIED BY "password_here"

The first allows access to the user adnan from localhost and the second one grants access to adnan from any host. This is so I can login using a mysql client from any host at work.

Make sure the above is done as root.

Logging in again using mysql -u adnan -p, I issued the command,
create database weblog;

Using Select database(); you can view the currently selected database. use database_name causes database_name to be the current working database. Invoking the mysql client as,
mysql database_name
is the normal way of prespecifying the working database.

To create a table within a working database, the following syntax is used:
create table posts (
date DATE NOT NULL,
title VARCHAR(255),
text LONGBLOB
)

To view a tables columns use
describe posts;

To insert values into database use:
insert into posts values("2004-1-27", "First Post", "Here is a first post");

to view the values in a table, type
select * from table_name

To update an entry in a table,
update table_name set column=value where column_name = "Some Value";

Thats it for today... I thought I'd post this stuff for future reference.

Linux Networking Links

Linux networking Links.

Suse 9.0

Just finished installing Suse 9.0 on the home computer. Sweet. Painless install. Compiling Mplayer right now.

Progeny Update Service

I find myself in the exact same position as this guy, but with RedHat 7.3. We on the other hand are thinking its time to move on to Suse. She seems a whole lot better than Redhat. Dont know for sure though.

BlogniX and rewrites

I was just considering if I should rewrite BlogniX and I ran into this article on Slashdot.org,

Rewrites considered Harmful.

However, I dont think that would apply to me, considering the small amount of users BlogniX has, if any.

new year, new...

headaches!!!

but so far it seems like a year where I will be able to get things done!!!
(Fingers crossed)
That means a newer version of BlogniX and so forth. The past few weeks I should have had ample time to read and write for this blog, but it was all taken up by a project I undertook.
I created a Catering Menu/Reciept generating software for a local restaurant, using C#. A good learning experience, and fun. But it took a hell of a lot of time. Anyway, thats almost finished and done away with. If nothing then I'll get some free food from the place!!! :)

Though most of the last few weeks have been spent in Windows. I got a new computer, and I haven't even installed Linux on it :( I'm so glad that when I get home today, I should be able to format and install Suse 9.0 on it, and begin mucking around. It should make computing a lot better.