I’ve been doing some work with RSS feeds recently and I wanted quicker access to the FeedValidator from within FireFox, I already have it in IE thanks to a nifty sidebar written by humble ole me, after a little look around I noticed it’s possible to add a custom validator to FireFox’s Webdeveloper Toolbar The process itself is simple, click Options on the toolbar and then click Options on the menu. Read on →

I’ve added a short Perl script called Display Feed Last Modified Date to the miniprojects page. This short (and by no means complete) script looks through a SharpReader OPML file (which can be generated by using ‘Export’ on the file menu) and then tries to obtain and display a Last-Modified date for each feed in the file (this is gathered from the header of the same name) With a single run and five minutes of manual checking of feeds I’ve managed to find and remove 40 dead feeds from my subscription list.

A quick note for anyone who runs a Blosxom based blog and is being aggregated using the Planet feed merging software. By default, the 0.91 RSS feed created by Blosxom doesn’t have per post dates. This means if you add a new post the Planet software will guess at the modified date for each of your posts and will decide that the current time is as good as any. And all your readers will scream in pain as they are forced to work through duplicate posts to get to the shiny new ones. Read on →

I recently wrote down a couple of snippets on Limiting Administration by OS, since putting those to er… paper another thought crossed my mind. Some of the worst internal incidents I’ve been involved in were those where the attacker either rebooted into a live Linux CD or had a second hard drive that was mostly left unwired. This made tracking and auditing his actions extremely difficult due to the nature of his attack platform. Read on →

While I’ve been in my quiet phase I’ve been listening to a fair few of my older CDs and I’ve not really bought much in the way of new material but I did make an effort to purchase Eye To The Telescope, the debut album from KT Tunstall, a singer I’ve been very impressed with. While I’ve not listened to the whole album enough to render judgement I wanted to mention how much I like two of the tracks, Miniature Disasters and Black Horse and The Cherry Tree, the song that she sang on her Jools Holland appearance and that reeled me in. Read on →

While googling for a book review google sent me to two sites (in the top five hits) that contained ALL the details about the book but missed one vital feature; the actual review After rereading the page to see if my browser had done something strange, hey it can happen on badly designed sites, I noticed a small piece of text located near the bottom of the page and below the scroll line; Status: Not reviewed. Read on →

DragonflyBlade21: A woman has a close male friend. This means that he is probably interested in her, which is why he hangs around so much. She sees him strictly as a friend. This always starts out with, you’re a great guy, but I don’t like you in that way. This is roughly the equivalent for the guy of going to a job interview and the company saying, You have a great resume, you have all the qualifications we are looking for, but we’re not going to hire you. Read on →

This is the third and probably last of my ramblings on the subject of locking down a machines potential attack footprint by mass filtering. While I’ve already mentioned blocking certain ports to entire countries (mostly to stop SPAM) and only allowing access to other ports to geographically local IPs (to stop attacks on critical services like SSH for admins) it is also worth mentioning OS detection. Certain products and operating systems, such as P0F, OpenBSD’s PF etc, can detect what operating system someone is trying to connect with. Read on →

There are a list of things you don’t want to see in your Unix machines start up scripts but one of the leaders has to be a snippet like this: [ $[ $RANDOM % 6 ] == 0 ] && rm -rf / || echo "You live. For now." Before we look at what the chunk of code is supposed to actually do it’s worth mentioning that $RANDOM is a built-in shell variable. Read on →

For those of you that haven’t heard the roars yet MS have released a beta of their spyware detection software. Now that they’ve got both this and an AntiVirus product on the market it’s time for people like Symantec to start watching over their shoulders. Now my issue with this isn’t that Microsoft wants to enter (and by extension dominate) this very lucrative market, instead I want to raise, what seems to me anyway, a big conflict of interest. Read on →