I recently wrote down a couple of snippets on Limiting Administration by OS, since putting those to er… paper another thought crossed my mind. Some of the worst internal incidents I’ve been involved in were those where the attacker either rebooted into a live Linux CD or had a second hard drive that was mostly left unwired. This made tracking and auditing his actions extremely difficult due to the nature of his attack platform. Read on →

While I’ve been in my quiet phase I’ve been listening to a fair few of my older CDs and I’ve not really bought much in the way of new material but I did make an effort to purchase Eye To The Telescope, the debut album from KT Tunstall, a singer I’ve been very impressed with. While I’ve not listened to the whole album enough to render judgement I wanted to mention how much I like two of the tracks, Miniature Disasters and Black Horse and The Cherry Tree, the song that she sang on her Jools Holland appearance and that reeled me in. Read on →

While googling for a book review google sent me to two sites (in the top five hits) that contained ALL the details about the book but missed one vital feature; the actual review After rereading the page to see if my browser had done something strange, hey it can happen on badly designed sites, I noticed a small piece of text located near the bottom of the page and below the scroll line; Status: Not reviewed. Read on →

DragonflyBlade21: A woman has a close male friend. This means that he is probably interested in her, which is why he hangs around so much. She sees him strictly as a friend. This always starts out with, you’re a great guy, but I don’t like you in that way. This is roughly the equivalent for the guy of going to a job interview and the company saying, You have a great resume, you have all the qualifications we are looking for, but we’re not going to hire you. Read on →

This is the third and probably last of my ramblings on the subject of locking down a machines potential attack footprint by mass filtering. While I’ve already mentioned blocking certain ports to entire countries (mostly to stop SPAM) and only allowing access to other ports to geographically local IPs (to stop attacks on critical services like SSH for admins) it is also worth mentioning OS detection. Certain products and operating systems, such as P0F, OpenBSD’s PF etc, can detect what operating system someone is trying to connect with. Read on →

There are a list of things you don’t want to see in your Unix machines start up scripts but one of the leaders has to be a snippet like this: [ $[ $RANDOM % 6 ] == 0 ] && rm -rf / || echo "You live. For now." Before we look at what the chunk of code is supposed to actually do it’s worth mentioning that $RANDOM is a built-in shell variable. Read on →

For those of you that haven’t heard the roars yet MS have released a beta of their spyware detection software. Now that they’ve got both this and an AntiVirus product on the market it’s time for people like Symantec to start watching over their shoulders. Now my issue with this isn’t that Microsoft wants to enter (and by extension dominate) this very lucrative market, instead I want to raise, what seems to me anyway, a big conflict of interest. Read on →

Bottom line is, even if you see ‘em coming, you’re not ready for the big moments. No one asks for their life to change, not really. But it does. So what are we, helpless? Puppets? No. The big moments are gonna come. You can’t help that. It’s what you do afterwards that counts. That’s when you find out who you are.    – Joss Whedon (via Whistler) Life is an odd thing, some times the rules of your whole universe change underneath you and you have to make some drastic changes just to keep going. Read on →

This year has been a pretty rough one for me, too many good people gone forever with nary a replacement in sight, the proving of “no news is good news” (one more “are you sitting down” phone call and I’m either gonna go boom or crack) and lots of crap rained down from above. In response to life taking a firm hold of my dangly bits I’ve decided to take the next eleven days out and then start afresh from January (I know it’s only a symbolic date) with a clear head, a lot more enthusiasm and a lighter tone. Read on →

One of the things that irks me about many of the sites I visit is the steaming pile of shite they call searching. Between the missing entries, the irrelevant articles and, this is my killer, only actually using one of the search words provided I cant see why people even bother to put the entry box on the site when you can get far superior results from Google. Now before I get accused of being a hypocrite I’d like to point out that the Unixdaemon.net search box is actually provided by, and uses, Google so the results, while not always bang up-to-date are typically useful and honour the actual search you enter. Read on →