Friday, February 27, 2004

Article on sFlow

NWFusion reports on sFlow, saying:

"SFlow, which cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 IETF approved as a draft standard in 2001, is a technology that uses random sampling of LAN and WAN data packet flows across an entire network to give users a detailed, real-time view of network traffic performance, trends and problems, according to Foundry Networks and HP. Both offer sFlow-based switches."

Notice this is a sampling technology, unlike cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 default usage of Cisco's NetFlow. NetFlow does support sampling, but that is for high load conditions.

Thursday, February 26, 2004

Great Article on Status of X

Confused about cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 state of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 graphical desktop X? Read X Marks cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Spot by Oscar Boykin. Many of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 story comments are interesting too.

A Great Day for Open Source Software

Just in time to raise my spirits after my SMC NIC debacle, FreeBSD 5.2.1 was released, along with Snort 2.1.1. All I need now is barnyard 0.2 and I'll release a new install guide for Sguil using those tools and MySQL 4.0.x. Remember to download FreeBSD .iso images using one of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 mirrors. If you want to upgrade you can go cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 binary-only route using freebsd-update. I just saw that OpenSSh 3.8 was released too. There's a FreeBSD HEADS-UP message for cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 new version.

Adventures in Flashing Firmware

Yesterday I began a journey to get two of my 802.11b NICs to function as promiscuous sniffers. I own a SMC EZ Connect 802.11b Wireless PCMCIA card, model 2632W v.1, and a SMC EZ Connect 802.11b Wireless PCI card, model 2602W v.1. I wanted to use Tcpdump's new ieee802_11_radio options to see raw 802.11 traffic, announced for FreeBSD in December.

I started with cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 2632W and had cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 most luck. It worked as a normal NIC under FreeBSD 5.2, but I could not get it to work with cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 bsd-airtools, even with cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 net-mgmt/bsd-airtools port. I had installed cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 net/libpcap and net/tcpdump ports.

This is how cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 2632W looked to FreeBSD 5.2 REL:

orr:/root# dmesg | grep wi0
wi0: at port 0x100-0x13f irq 11 function 0 config 1 on pccard0
wi0: 802.11 address: 00:04:e2:29:3b:ba
wi0: using RF:PRISM2 MAC:HFA3841 CARD:HWB3163 rev.A
wi0: Intersil Firmware: Primary (0.3.0), Station (0.8.3)
wi0: 11b rates: 1Mbps 2Mbps 5.5Mbps 11Mbps

orr:/root# ifconfig wi0 up
orr:/root# ifconfig wi0
wi0: flags=8843 mtu 1500
inet6 fe80::204:e2ff:fe29:3bba%wi0 prefixlen 64 scopeid 0x5
ecá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r 00:04:e2:29:3b:ba
media: IEEE 802.11 Wireless Ecá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365rnet autoselect (DS/11Mbps)
status: associated
ssid shaolin 1:shaolin
stationname "FreeBSD WaveLAN/IEEE node"
channel 6 authmode OPEN powersavemode OFF powersavesleep 100
wepmode OFF weptxkey 1

The NIC appeared to associate itself with my access point even though I did not tell it to. It did not know cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 WEP key in any case.

I tried using cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 new Tcpdump to see raw 802.11 traffic:

orr:/root# /usr/local/sbin/tcpdump -ne -X -s 1520 -i wi0 -y IEEE802_11
tcpdump: data link type IEEE802_11
tcpdump: WARNING: wi0: no IPv4 address assigned
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on wi0, link-type IEEE802_11 (802.11), capture size 1520 bytes
18:29:02.535912 BSSID:00:a0:c5:59:47:d4 SA:00:06:25:45:74:be DA:00:a0:c5:59:47:d
4 LLC, dsap 0xd5, ssap 0x09, cmd 0x00, sap 08 > sap d5 I (s=0,r=0,R) len=72
0x0000 d509 0000 4557 799a 078e b569 00f0 5b25 ....EWy....i..[%
0x0010 c5fa b52f 4e15 7299 d636 b8ab 6dfd cb66 .../N.r..6..m..f
0x0020 5fd0 3f74 c25e 0887 de76 1656 0161 e45a _.?t.^...v.V.a.Z
0x0030 00aa c748 1794 1ed2 e42b 94c9 6d21 a29e ...H.....+..m!..
0x0040 849b 239f 5233 750d 9459 d644 ..#.R3u..Y.D

That was something, but not what I expected. I tried putting cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 card into monitor mode based on a thread on freebsd-mobile.

orr:/root# ifconfig wi0 mediaopt monitor
orr:/root# ifconfig wi0
wi0: flags=8843 mtu 1500
inet6 fe80::204:e2ff:fe29:3bba%wi0 prefixlen 64 scopeid 0x5
ecá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r 00:04:e2:29:3b:ba
media: IEEE 802.11 Wireless Ecá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365rnet autoselect (DS/2Mbps )
status: associated
ssid ""
stationname "FreeBSD WaveLAN/IEEE node"
channel 11 authmode OPEN powersavemode OFF powersavesleep 100
wepmode OFF weptxkey 1

orr:/root# /usr/local/sbin/tcpdump -ne -X -s 1520 -i wi0 -y IEEE802_11
tcpdump: data link type IEEE802_11
tcpdump: WARNING: wi0: no IPv4 address assigned
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on wi0, link-type IEEE802_11 (802.11), capture size 1520 bytes
...nothing...

I thought perhaps I needed to place cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 card in "promiscuous" mode, so I tried that next:

orr:/root# ifconfig wi0 promisc
orr:/root# ifconfig wi0
wi0: flags=28943 mtu 1500
inet6 fe80::204:e2ff:fe29:3bba%wi0 prefixlen 64 scopeid 0x5
ecá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r 00:04:e2:29:3b:ba
media: IEEE 802.11 Wireless Ecá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365rnet autoselect (DS/2Mbps )
status: associated
ssid ""
stationname "FreeBSD WaveLAN/IEEE node"
channel 11 authmode OPEN powersavemode OFF powersavesleep 100
wepmode OFF weptxkey 1

Again, Tcpdump saw nothing. Now I realized I needed stronger magic. I visited Jun Sun's mini-HOWTO for flashing Intersil Prism firmware.

He mentioned using openap-ct, which offers a Linux floppy-based distro containing cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Host AP driver and utilities. One of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 utilities, prism2_srec, is built to flash NIC firmware. Using prism2_srec assumes one can use one of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 hostap drivers, like hostap_cs. Looking at cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 hostap_cs.conf, I saw an entry for my NIC:

card "SMC 2632W 11Mbps WLAN Card"
version "SMC", "SMC2632W", "Version 01.02"
bind "hostap_cs"

Next I needed to find cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 firmware itself. Red-bean had cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 most comprehensive list. I downloaded several of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 newer archives, unzipped cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365m, and made cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365m available on one of my Web servers. One nice aspect of prism2_srec is it will tell you which firmware files are compatible with your NIC before burning.

I created a floppy with cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 openap-ct image, booted my laptop with it, and cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365n experimented with prism2_srec following Jun Sun's instructions. When I started cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 process this was cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 state of my NIC's firmware:

NIC: id=0x8002 v1.0.0
PRI: id=0x15 v0.3.0
STA: id=0x1f v0.8.3

I only needed to update cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 third category, station firmware. According to this readme, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 primary firmware could stay at 0.3.0. I flashed cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 station firmware with cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 s1010701.hex image. When done my card looked like this:

NIC: id=0x8002 v1.0.0
PRI: id=0x15 v0.3.0
STA: id=0x1f v1.7.1

After a reboot back into FreeBSD, dmesg and ifconfig reported:

orr:/root# dmesg | grep wi0
wi0: at port 0x100-0x13f irq 11 function 0 config 1 on pccard1
wi0: 802.11 address: 00:04:e2:29:3b:ba
wi0: using RF:PRISM2 MAC:HFA3841 CARD:HWB3163 rev.A
wi0: Intersil Firmware: Primary (0.3.0), Station (1.7.1)
wi0: 11b rates: 1Mbps 2Mbps 5.5Mbps 11Mbps

orr:/root# ifconfig wi0
wi0: flags=8802 mtu 1500
ecá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r 00:04:e2:29:3b:ba
media: IEEE 802.11 Wireless Ecá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365rnet autoselect (none)
ssid ""
stationname "FreeBSD WaveLAN/IEEE node"
channel -1 authmode OPEN powersavemode OFF powersavesleep 100
wepmode OFF weptxkey 1

I gave Tcpdump a try:

orr:/root# ifconfig wi0 mediaopt monitor channel 11 up
orr:/root# ifconfig wi0
wi0: flags=8843 mtu 1500
inet6 fe80::204:e2ff:fe29:3bba%wi0 prefixlen 64 scopeid 0x4
ecá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r 00:04:e2:29:3b:ba
media: IEEE 802.11 Wireless Ecá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365rnet autoselect (DS/2Mbps )
status: associated
ssid ""
stationname "FreeBSD WaveLAN/IEEE node"
channel 11 authmode OPEN powersavemode OFF powersavesleep 100
wepmode OFF weptxkey 1

orr:/root# /usr/local/sbin/tcpdump -n -i wi0 -y IEEE802_11 -vv -s 1515 -X
tcpdump: data link type IEEE802_11
tcpdump: WARNING: wi0: no IPv4 address assigned
tcpdump: listening on wi0, link-type IEEE802_11 (802.11), capture size 1515 bytes
12:14:28.344865 0us Probe Request (shaolin) [1.0* 2.0* 5.5* 11.0* Mbit]
0x0000 0007 7368 616f 6c69 6e01 0482 848b 96 ..shaolin......
12:14:28.377546 0us Probe Request (shaolin) [1.0* 2.0* 5.5* 11.0* Mbit]
0x0000 0007 7368 616f 6c69 6e01 0482 848b 96 ..shaolin......

That was certainly better! I also tried cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 "radio" version:

orr:/var# /usr/local/sbin/tcpdump -n -i wi0 -y IEEE802_11_RADIO -vv -s 1515 -X
tcpdump: listening on wi0, link-type IEEE802_11_RADIO
(802.11 plus radio information header), capture size 1515 bytes
12:13:36.428377 [|802.11]
12:13:36.523975 [|802.11]
12:13:36.540299 [|802.11]

This was an improvement, but I wasn't seeing nearly everything I thought I would. I realized I was monitoring channel 11, not channel 6. In fact, everything seen thus far was bleeding into channel 11 from channel 6! I adjusted my channel and saw much more traffic:

orr:/root# ifconfig wi0 mediaopt monitor channel 6 up

orr:/root# /usr/local/sbin/tcpdump -n -i wi0 -y IEEE802_11_RADIO -vv -s 1515 -X
tcpdump: data link type IEEE802_11_RADIO
tcpdump: WARNING: wi0: no IPv4 address assigned
tcpdump: listening on wi0, link-type IEEE802_11_RADIO
(802.11 plus radio information header), capture size 1515 bytes
12:26:05.986183 [|802.11]
12:26:06.025324 [|802.11]
12:26:06.045314 [|802.11]
12:26:06.088574 [|802.11]
12:26:06.147281 [|802.11]

orr:/root# /usr/local/sbin/tcpdump -n -i wi0 -y IEEE802_11 -vv -s 1515 -X
tcpdump: data link type IEEE802_11
tcpdump: WARNING: wi0: no IPv4 address assigned
tcpdump: listening on wi0, link-type IEEE802_11 (802.11), capture size 1515 byte
s
12:26:25.851579 0us Beacon (LIMHOME) [1.0* 2.0* 5.5 11.0 Mbit] ESS CH: 6
0x0000 2571 61c2 d900 0000 6400 0500 0007 4c49 %qa.....d.....LI
0x0010 4d48 4f4d 4501 0482 840b 1603 0106 0406 MHOME...........
0x0020 0102 0000 0000 0504 0001 0000 ............
12:26:25.910662 0us Beacon (shaolin) [1.0* 2.0* 5.5* 11.0* Mbit] ESS CH: 6, PRIVACY
0x0000 2cc2 0ac7 7d04 0000 6400 1100 0007 7368 ,...}...d.....sh
0x0010 616f 6c69 6e01 0482 848b 9603 0106 0504 aolin...........
0x0020 0001 0000 ....
12:26:26.013037 0us Beacon (shaolin) [1.0* 2.0* 5.5* 11.0* Mbit] ESS CH: 6, PRIVACY
0x0000 1b52 0cc7 7d04 0000 6400 1100 0007 7368 .R..}...d.....sh
0x0010 616f 6c69 6e01 0482 848b 9603 0106 0504 aolin...........
0x0020 0001 0000 ....

Now that I could see all of this traffic, I tried some of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 bsd-airtools. First I used prism2ctl to see cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 state of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 NIC:

orr:/root# prism2ctl wi0
Sleep mode: [ Off ]
Suppress post back-off delay: [ Off ]
Suppress Tx Exception: [ Off ]
Monitor mode: [ Off ]
LED Test: [ ]
Continuous Tx: [ ]
Continuous Rx: [ Off ]
Signal State: [ ]
Automatic level control: [ Off ]

Prism2ctl reported cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 NIC was not in monitor mode, so I enabled it:

orr:/root# prism2ctl wi0 -m
orr:/root# prism2ctl wi0
Sleep mode: [ Off ]
Suppress post back-off delay: [ Off ]
Suppress Tx Exception: [ Off ]
Monitor mode: [ On ]
LED Test: [ ]
Continuous Tx: [ ]
Continuous Rx: [ Off ]
Signal State: [ ]
Automatic level control: [ Off ]

orr:/root# ifconfig wi0
wi0: flags=8843 mtu 1500
inet6 fe80::204:e2ff:fe29:3bba%wi0 prefixlen 64 scopeid 0x4
ecá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r 00:04:e2:29:3b:ba
media: IEEE 802.11 Wireless Ecá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365rnet autoselect (DS/2Mbps )
status: associated
ssid ""
stationname "FreeBSD WaveLAN/IEEE node"
channel 6 authmode OPEN powersavemode OFF powersavesleep 100
wepmode OFF weptxkey 1

Next I tried prism2dump:

orr:/root# prism2dump wi0
prism2dump: listening on wi0
- [ff:ff:ff:ff:ff:ff <- 0:c:41:f6:6c:24 <- 0:c:41:f6:6c:24]
- port: 7 ts: 223.792288 1:5 10:0
- sn: 21872 (72:31:bf:e7:2d:35) len: 59
- ** mgmt-beacon ** ts: 833469.849995 int: 100 capinfo: ess
+ ssid: [linksys]
+ rates: 1.0 2.0 5.5 11.0 18.0 24.0 36.0 54.0
+ ds ch: 6
+ dtim c: 0 p: 1 bc: 0 pvb: bfbfea45

- [ff:ff:ff:ff:ff:ff <- 0:a0:c5:59:47:D4 <- 0:a0:c5:59:47:d4]
- port: 7 ts: 223.815868 0:38 110:0
- sn: 17952 (1f:cf:13:ad:ea:bb) len: 36
- ** mgmt-beacon ** ts: 4938366.259564 int: 100 capinfo: ess priv
+ ssid: [shaolin]
+ rates: 1.0 2.0 5.5 11.0
+ ds ch: 6
+ dtim c: 0 p: 1 bc: 0 pvb: bfbfea45

That worked as advertised. I also tried dwepdump and dwepcrack:

orr:/root# dwepdump wi0 /var/dwep.dump
* dwepdump v0.2 by h1kari *
* Copyright (c) Dachb0den Labs 2002 [http://dachb0den.com] *
starting pcap capture loop...
device: wi0
logfile: /var/dwep.dump
packets received: 1

orr:/root# dwepcrack /var/dwep.dump
usage: dwepcrack [-j ] [-b [-e] | -w [-f ]] [-s] [wordfile]
-j: number of processes to run (useful for smp systems)
-b: brute force key by exhausting all probable possibilities
-e: search cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 entire key width (will take a while)
-w: use weak ksa attack
-f: fudge cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 probability scope by specified count (might take a while)
-s: file uses 104-bit wep
orr:/root# dwepcrack -b /var/dwep.dump
* dwepcrack v0.5 by h1kari *
* Copyright (c) Dachb0den Labs 2003 [http://dachb0den.com] *
starting brute force crack on smallest packet:
packet length: 36
init vector: 01:53:6d
default tx key: 3
progress: ....................................................................

I even got dstumbler to work.

Next I turned to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 SMC 2602W v.1 PCI NIC. This card destroyed me. I spent hours trying to get it to work. The problem is cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 card is literally a SMC 2632W v.1 PCMCIA card plugged into a PLX riser that sits in a PCI slot. First I tried cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 openap-ct solution, but cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 hostap_plx module did not like it. This ruled out using prism2_srec.

I tried to get fancy by using Knoppix. I found that cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 linux-wlan-ng prism2_plx driver recognized cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 card under Knoppix, but I couldn't use this to my advantage. The linux-wlan-ng project provides prism2dl to flash firmware, but I wasn't ready to install a whole new Linux distribution and include cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se drivers. I did waste some time using cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se Red Hat 9.0 kernel RPMs with hostap built-in on my Red Hat 9 box. They didn't help, and I found cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se RPMs too late.

Abandoning Linux, I turned to Windows. A visit to www.smc-europe.com revealed cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 same WinUpdate program Jun Sun mentioned on his page. Unfortunately my Optiplex GX100 box running Windows 2000 did not recognize cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 NIC. It complained it could not communicate with cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 driver. I tried flashing cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Dell's BIOS to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 latest version, but still no luck.

While moving cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 NIC between machines I must have unseated cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 RAM in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Dell Optiplex. It refused to boot but gave me a one beep - three beeps - two beeps error code. Checking Dell's Phoenix BIOS beep codes I learned 1-3-2 meant "RAM Refresh verification failure." All I thought to do was reseat cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 RAM, which fixed cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 problem.

I thought using a DOS-based flash method might be my last option. Intersil provided a utility called FLASH.EXE, which is available here, along with its .pdf manual and a flash.ini file. I gave this program a try but it could not find cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 NIC eicá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r. I decided to install a new copy of Windows 2000 on cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 newest tower PC I had, my Shuttle SB52G. After wasting time doing that, I gave cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 WinUpdate program a try. It acted flaky, also saying it couldn't contact cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 NIC (just as cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 newly installed SMC drivers complained -- what's wrong with SMC?), but, lo and behold, a miracle occurred. Somehow I was still able to flash cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 firmware. I brought cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 station firmware up to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 same 1.7.1 version on cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 PCMCIA NIC. I thought my problems were solved!

Alas, under both FreeBSD 4.9 STABLE (on cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 hard drive) and FreeBSD 5.2 (under FreeSBIE), I got cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se messages:

Feb 26 13:06:37 bourque /kernel: wi0: port 0xc400-0xc43f,0xc
000-0xc07f mem 0xe8050000-0xe8050fff irq 5 at device 5.0 on pci1
Feb 26 13:06:37 bourque /kernel: wi0: 802.11 address: 00:04:e2:29:4c:3c
Feb 26 13:06:37 bourque /kernel: wi0: using RF:PRISM2 MAC:HFA3841 CARD:HWB3163 rev.A
Feb 26 13:06:37 bourque /kernel: wi0: Intersil Firmware: Primary 0.03.00, Station 1.07.01
Feb 26 13:06:37 bourque /kernel: wi0: time out allocating memory on card
Feb 26 13:06:37 bourque /kernel: wi0: tx buffer allocation failed
Feb 26 13:06:37 bourque /kernel: wi0: failed to allocate 1594 bytes on NIC
Feb 26 13:06:37 bourque /kernel: wi0: mgmt. buffer allocation failed
Feb 26 13:08:55 bourque /kernel: wi0: time out allocating memory on card
Feb 26 13:08:55 bourque /kernel: wi0: tx buffer allocation failed
Feb 26 13:08:55 bourque /kernel: wi0: failed to allocate 1594 bytes on NIC
Feb 26 13:08:55 bourque /kernel: wi0: mgmt. buffer allocation failed
...and so on...

Flashing cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 firmware made no difference. These errors are similar to those reported here and here.

I decided to abandon cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 SMC 2602W v.1 NIC and buy a Linksys WMP55AG A+G PCI NIC. FreeBSD's ath driver works with cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Acá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365ros chip. Once I get cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 NIC, I'll report my findings.

Wednesday, February 25, 2004

New net-mgmt Ports Category

Today I got my new ports email from FreshPorts and saw a new ports category: net-mgmt. This contains some of my favorite programs, like Argus and fprobe. I don't agree with many of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 ports being in this category though. Why are ISIC, NBTScan, and Packit in net-mgmt when Nemesis, NAT, and IPsorc still in net?

Monday, February 23, 2004

Article on SPARC Compiler Optimization

OSNews featured an article by Tony Bourke on SPARC Optimizations with GCC. Tony does a good job explaining cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 different SPARC CPUs in Sun hardware and how to compile applications with various flags.

Saturday, February 21, 2004

Tcpdump with Privilege Separation in OpenBSD

I read at cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 OpenBSD Journal of a privilege separation version of Tcpdump being committed to OpenBSD current. You can see cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 changes in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 OpenBSD source tree. (Browsing CVS source trees, as can also be done with FreeBSD, feature alone makes cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 BSD's coherent, understandable operating systems.

Tcpdump also has a browsable CVS Web interface.

Privilege separation is a topic I first learned about through Niels Provos' OpenSSH modifications. There appears to be interest in having Tcpdump run with less privileges. I found this thread on Tcpdump-workers take a different approach.

etting Flash to Work on Mozilla 1.6 and FreeBSD 5.2 REL

freebsd.png" align=left>I hadn't had luck getting Macromedia Flash support to work on FreeBSD with Mozilla until today. I read this thread and learned I needed to install cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 www/linux-flashplugin6 and www/linuxpluginwrapper ports. I noticed cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 linuxpluginwrapper port installed cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se items:

/usr/bin/install -c flash6.so /usr/local/lib/pluginwrapper/flash6.so
/usr/bin/install -c acrobat.so /usr/local/lib/pluginwrapper/acrobat.so
/usr/bin/install -c java3d.so /usr/local/lib/pluginwrapper/java3d.so
/usr/bin/install -c java3d_snd.so /usr/local/lib/pluginwrapper/java3d_snd.so
/usr/bin/install -c jai.so /usr/local/lib/pluginwrapper/jai.so

I made a file called /etc/libmap.conf as directed:

# Flash6 with Mozilla/Firebird/Galeon/Epiphany
[/usr/local/lib/linux-flashplugin6/libflashplayer.so]
libpthread.so.0 liblthread.so.3
libdl.so.2 pluginwrapper/flash6.so
libz.so.1 libz.so.2
libstdc++-libc6.2-2.so.3 liblstdc++.so.4
libm.so.6 libm.so.2
libc.so.6 pluginwrapper/flash6.so

# Acrobat with Mozilla/Firebird/Galeon/Epiphany
#[/usr/local/Acrobat5/Browsers/intellinux/nppdf.so]
#libc.so.6 pluginwrapper/acrobat.so

Note cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Acrobat entries are commented out. I prefer to have Acrobat launch outside Mozilla. I also made this change:

orr:/usr/local/Acrobat5/Browsers/intellinux# ls
nppdf.so
orr:/usr/local/Acrobat5/Browsers/intellinux# mv nppdf.so nppdf.so.orig

To avoid cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 annoying "plugin not installed" message, I made this change:

orr:/usr/X11R6/lib/mozilla/plugins# ls
libnullplugin.so.orig

Now I can visit cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Monster Garage home page and see cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Flash animations.

Update: I've decided to disable Flash. For some reason Mozilla consumes huge chunks of CPU and refuses to die after I exit. I've had to manually kill cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 processes left behind:

orr:/home/richard$ ps -auxww | grep moz
richard 87241 84.5 13.4 59224 51632 ?? R 8:53PM 10:46.83 ./mozilla-bin
richard 87229 0.0 0.1 908 344 ?? Is 8:53PM 0:00.00 /bin/sh -c mozilla
richard 87230 0.0 0.1 932 368 ?? I 8:53PM 0:00.01 /bin/sh ./run-mozilla.sh ./mozilla-bin

Oh well. I'll watch for improved versions. I may try cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 ideas here soon.

Open Source Lab Prepares "Beaver Challenge"

The Oregon State University Open Source Lab is preparing to host cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 2004 Beaver Challenge. This contest seeks to benchmark different open source operating systems on Dell PowerEdge 2650 servers. The challenge states:

"There will be two classes that each team will compete in. There will be a base class where everyone must follow cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 rules outlined below. The second class will have no rules except for cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 fact that every team must document all changes made to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 base install."

I recommend reading cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 methodology to see cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 full rule set.

The FreeBSD-Hackers mailing list shows a call for tuners for cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 "unlimited" competition. There's also a FreeBSD forum at OSU. Results of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 challenge will be posted for all to benefit.

New Set of FreeBSD Packages Available

In my never-ending question to understand FreeBSD application management, I took note of this post to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 freebsd-current mailing list:

From: Kris Kennaway (kris_at_obsecurity.org)
Date: Fri, 20 Feb 2004 16:59:48 -0800
To: current@FreeBSD.org

I don't normally announce cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se here, but since cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re's recently been a "flag day" people may like to know that I've uploaded a full set of 9189 post-libpthread i386 5.2-CURRENT packages to ftp-master. You can use e.g. portupgrade -afPP to update your installed ports if you want to avoid cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 need to recompile everything that uses libc_r. Packages for ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r architectures will follow over cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 next week or so.

Kris

SecurityFocus Article on Keeping Windows Patched

Jonathan Hassell wrote cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 first of a planned three articles on patching Windows. The first article describes Microsoft's Software Update Services (SUS).

One of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 tenets of operating defensible networks is that cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y can be kept current. In future articles, Jonathan will look at third party open source and commercial options for Windows patch management.

Hopefully this will change, but a visit to www.jonathanhassell.com shows cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 default Windows Small Business Server home page...

New Security News Site

I'm adding new Web site, Hacker Intel, to my TaoSecurity Interests page. Hacker Intel reminds me of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 now defunct Hacker News Network. I'll check in with cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 site daily as it seems to post short summaries of security news on a daily basis.

In related news, PacketStorm is back on my Interests page as it is being updated again.

Advice for Programmers in a Rush

While reading cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Slashdot story Tech Training Schools Going Bust, I saw a link to Teach Yourself Programming in Ten Years. This essay argues it takes ten years to master a subject, so trying to "learn Java in 21 days" will result in failure. The author provides advice on cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 proper way to learn computer-related subjects.

Thursday, February 19, 2004

Systrace Support for FreeBSD

While writing cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 last chapter of my book I checked into cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 status of Systrace support in FreeBSD. I mentioned Systrace last August. Since cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365n, Vladimir Kotal has been working on porting Systrace to FreeBSD. I haven't tried his patches yet but I applaud his work. Systrace is a system-call monitoring and enforcement mechanism that brings a great deal of security functionality to Unix systems.

Excellent SecurityFocus Article on Modem Uncappers

Kevin Poulsen, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 best original writer in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 security scene, published an article on TCNiSO. This group wrote Sigma, a program giving owners of certain Surfboard cable modems control of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 device. Sigma only works with DOCSIS 1.0 cable modems, but cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 TCNiSO crew has plans for working with newer specifications. The article is an excellent read.

Microsoft Security Updates Free on CD

If you're a dial-up user who avoids patching Windows, check out cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Windows Security Update CD. It's available for Windows XP, Windows Me, Windows 2000, Windows 98, and Windows 98 Second Edition (SE). When I placed my order this is what I got:

B82-00170 1 Win Update 2004 English NA Feb Direct 2CD Windows Security Kit

For enterprise Windows users cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re's cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Microsoft Security Guidance Kit CD v1.0. It's free too, so I ordered one:

P73-00958 1 Windows Svr Std 2003 English Direct CD Security Readiness April 2004

Expert Opinion on Microsoft Source Leak

I downloaded this analysis (.doc) of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Windows source code leak from a Dutch Windows news site, Bink.nu. The author is a Dutch programmer named Tamura Jones, who wrote a book called Undocumented Windows. Jones makes several good points, which I reproduce below.

"This is not cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 first time that Microsoft source code leaked onto cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 net. In 2000, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 source code for MS-DOS 6 was leaked. It received considerable less attention, as most journalist considered it obsolete, despite cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 fact that it still had millions of users around cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 world, and that MS-DOS is actually cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 basis for many versions of Windows still in use today. That leaked source is still being passed around...

In October of 2000, Microsoft had to confirm that crackers had broken into cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365ir network and actually gained access to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Windows source code. That breach was done using cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Qaz trojan. Microsoft has stated that this time round, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365ir security has not been breached...

Evidence inside cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Windows 2000 source code leaked on Thursday 12 February 2004 suggests that this particular leak originated at long-time Microsoft partner MainSoft. The leaked source would implicate Eyal Alaluf, MainSoft's Director of Technology...

MainSoft is a commercial company that provides a product called MainWin. The MainWin product makes it relatively easy for third-party software companies to make cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 programs cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y already created for Windows available on Unix as well.
The MainWin product is based on actual Windows source code...

The leaked source is more than three year old. The newest files in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Windows 2000 source code are dated 25 July 2000. The source probably corresponds to Windows 2000 Service Pack 1, while cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 current Service Pack for Windows 2000 is Service Pack 4. The Windows NT 4 source code probably corresponds to Windows NT 4 Service Pack 3, while cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 current Service Pack for Windows NT 4 is Service Pack 6a, and a Service Roll-up Pack has already followed it...

Here’s a table summarising cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 official figures [on Windows source code lines] collected from various Microsoft sources:

Year: Product: Million Lines of Code
1993: Windows NT 3.1: 6
1996: Windows NT 4.0: 16.5
1999: Windows 2000: 29
2001: Windows XP: 45
2003: Windows 2003: 50

None of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se numbers means much. The issue is not what percentage got out, but what got out. The real observation is that what got out is not just any part, but an important part of Windows, and you do not even need to read cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 leaked code to figure that out.

MainSoft's MainWin product allows developers to create Unix versions of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365ir existing Windows programs. There are all kinds of technicalities, but cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 basic idea behind cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 MainWin product is very simple: MainWin pretends to be Windows.

MainSoft has incorporated considerable parts of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Windows code into its MainWin product. In a very real sense, large parts of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 MainWin product do not just pretend to be Windows, but are Windows.

In support of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 MainWin product, Microsoft provided MainSoft with a license in its Windows Interface Source Environment (WISE) program. The WISE license provides source code access to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 very core of Windows, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 basis cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 rest of Windows is built on. The WISE program is so exclusive that it is not listed on Microsoft Shared Source Licensing Programs page. What is provided under cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 WISE license is so essential, that only a few companies ever got one. That fact alone already indicates cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 value Microsoft places on this particular source code license.

The source that leaked is part of what MainSoft got under that racá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r exclusive WISE license, and what it got is cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 hottest part of Windows."

I found a January 1995 document archived on a site in China about WISE. Here are some extracts:

"The Windows Interface Source Environment (WISE) is a licensing program from Microsoft to enable customers to integrate Windows-based solutions with UNIX and Macintosh systems. Microsoft has licensed cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Windows family source code to Mainsoft Corporation, Bristol Technology Inc., Insignia Solutions Inc., and Locus Computing Corporation. Using cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 products being developed by Mainsoft and Bristol, developers will be able to write to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Win32® API and OLE on different UNIX platforms...

WISE SDKs enable developers to write to Windows APIs and use cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 resulting applications on Macintosh and various UNIX systems. To get a Windows-based application running on a Macintosh or UNIX system using a WISE SDK, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 application source code must be recompiled on those systems...

A WISE SDK consists of tools to port code from a PC and libraries to compile Windows code on cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Macintosh or UNIX system."

I also found a 21 Sep 98 story announcing Mainsoft and Microsoft agreed to licensing terms for "Windows NT 5.0" source code. According to this 1 Nov 00 story, "Mainsoft is one of only two companies—Bristol Technologies Inc. is cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r—with access to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 source code under cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Windows Interface Source Environment agreement." I found this 29 Oct 95 story claiming "When IBM purchased Lotus Development Corp., it acquired Lotus's license to Microsoft's Windows Interface Source Environment (WISE), giving it access to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 source code in Windows 95 and Windows NT, including Microsoft's OLE object technology."

So it seems Mainsoft may be in trouble for trying to get Windows programs to run on Unix. If you want to run Unix programs on Windows, take a look at Interop Systems. They work with cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Windows Services for Unix.

Updated: Tamura Jones wrote me last week. He clarified a few points that I updated in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 story above.

Monday, February 16, 2004

History of Operating Systems and Languages

I was aware that Éric Lévénez was cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 author of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 UNIX history chart, but I just discovered his Windows and programming languages diagrams. They are truly amazing and very educational.

Sunday, February 15, 2004

Informative Register Article on Solaris 10

After hearing and reading misinformed commentary on Microsoft's source code leak elsewhere, I was pleased to be reminded that cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Register has clueful writers. One of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365m, Ashlee Vance, reported on Solaris 10. I've had a soft spot for Solaris since 1997, when I first used it as an Air Force lieutenant. I've only just started playing with Solaris 8 on my Ultra 30, never mind Solaris 9. (Incidentally, major kudos to Sun for providing easy access to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se earlier versions with intuitive URLs!)

According to Ms. Vance:

"One of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 major new additions to Solaris 10 is cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 N1 Grid Containers product. Sun has gone through some name changes with cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 product since we first reported on cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 technology, but cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 premise of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 software has stayed cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 same. The containers are Sun's answer to logical partitions (LPARs) on AIX and HP-UX and cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 virtual machines touted by VMware/EMC for Windows and Linux servers. The software permits users to carve up a server into multiple partitions and to set up processing, memory and bandwidth limits for each partition."

I have both AIX and HP-UX boxes in my lab, yet have not had cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 chance to really try cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se logical partition functions. It is on my to-do list.

Live CDs for cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Rest of Us

Not everyone wants to use a Linux-based live CD like Knoppix. I mentioned various live CD projects last year, but hadn't tried any but Knoppix until today.

Slashdot informed of Bart's Preinstalled Environment (BartPE), a Windows-based live CD. I downloaded cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 software and created a Windows Server 2003-based .iso image using cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 evaluation copy Microsoft sent me. I tested cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 .iso within VMWare on my FreeBSD 5.2 REL laptop. It seemed to work fine.

I decided to give FreeSBIE, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 FreeBSD-based live CD a try. I downloaded cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 version which uses FreeBSD 5.2 REL and tested it within VMWare. It's impressive, with X ready to go just like Knoppix. A large screen shot follows. When 5.2.1 REL is released, I expect cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 FreeSBIE team to create a new .iso. I'll burn that one to CD to carry with me.

Saturday, February 14, 2004

Musings on Microsoft's Bad Week

By now everyone knows about Microsoft code being "made available on cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Internet", according to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 linked press release. Microsoft claims:

"On Thursday, February 12, Microsoft became aware that portions of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Microsoft Windows 2000 and Windows NT 4.0 source code were illegally made available on cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Internet. Subsequent investigation has shown this was not cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 result of any breach of Microsoft?s corporate network or internal security, nor is it related to Microsoft?s Shared Source Initiative or its Government Security Program."

This probably doesn't comfort Mainsoft, claimed by some to be involved in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 leak.

I found it amusing that news outfits like NPR and Wired and CNN found cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 amount of profanity in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Windows source to be newsworthy. A Slashdot post provided cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 following help grep syntax:

grep -Hirn "INSERT PROFANITY HERE" ./*

In case you're wondering about cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 switches:

-H, --with-filename
-i, --ignore-case
-r, --recursive
-n, --line-number

The Slashdot follow-up is probably cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 best place for a comprehensive look at cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 issue.

The silver lining to this cloud is a hope that this event will prompt a serious debate on cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 merits of open source vs. closed source software. O'Reilly is leading cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 charge with good articles on cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 merits of open source software. Also, people must finally recognize that open source software is not inherently more vulnerable because anyone can review it. With this Microsoft source disclosure, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 world has to acknowledge that Microsoft's code has been available to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 underground and is just as easily reviewed as OSS.

On related Microsoft news, today I received Introducing Microsoft Windows Server 2003 in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 mail. This was sent after I participated in a phone survey last week on Microsoft's Get The Facts program. I signed up to get a free evaluation copy of Windows 2003 Server, so Microsoft called me. I repeatedly told cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 survey taker I was concerned with Microsoft's security problems. She was reading a script and tried to pigeon-hole my answers into her form. She tried to steer me towards "server consolidation" and "upgrading from Windows NT 4.0" when I told her I was more interested in "upgrading" to 2003 for security reasons. I told her I ran multiple versions of UNIX and had no plans to change.

Update: This post to full-disclosure claims to be cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 first public vulnerability discovered as a result of scrutinizing cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Windows source code.

Amazon Glitch Reveals "A Reader From..." Identities

I'm so sad I missed this when it was active. AP and cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 New York Times report that Amazon.ca accidentally replaced cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 anonymous "A Reader From" monikers with cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 real names of reviewers on its Web site. For example, instead of reading a glowing five star review by "a reader from Chicago" for a book by author John Rechy, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 name "John Rechy" appeared -- showing cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 author reviewing his own book!

Fake reviews at Amazon.com have been a problem for years. The hundreds of fake reviews of Hack Attacks Revealed hit home for me, especially when cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 fictitious "l peterson" reviewed cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 book. Publisher Wiley printed a "review" by this fake person in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 inside cover of Hack Attacks Encyclopedia, where "l peterson" said "Speaking for cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Air Force Computer Emergency Response Team..." That really angered me, as I had just left cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Air Force and that unit and confirmed cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re was no such person in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 AFCERT.

Printing from FreeBSD to a Printer on Windows XP

We have a HP DeskJet 970 series printer connected to a Windows XP system. I wanted to print from my FreeBSD laptop to this printer. I decided to try installing Windows Print Services for UNIX, a sort of LPD for Windows, using cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se instructions. Once done cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Windows system was listening on port 515 for print jobs.

If cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 DeskJet understood Postscript, I should have been able to print directly from FreeBSD using cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 lpr command. Without Postscript support, I needed to use a filter to accommodate cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 printer. Inspired by Michael Lucas' recent articles on Apsfilter, I gave it a try. Unfortunately I could not get Apsfilter to work with my printer, so I turned to CUPS.

I installed CUPS using cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 CUPS port. Through trial and error I figured out I needed to start cups-lpdfrom inetd by adding this line to /etc/inetd.conf:

printer stream tcp nowait lp /usr/local/libexec/cups/daemon/cups-lpd cups-lpd

This means I made sure cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 native lpd was not running, and inetd was running, by adding this to /etc/rc.conf:

inetd_enable="YES"
lpd_enable="NO"

After starting inetd manually, I started CUPS with a renamed /usr/local/etc/rc.d/cups.sh script. That launched a Web server at http://localhost:631/. I could not reach cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Web server via http://orr.taosecurity.com:631 even though sockstat output showed port 631 TCP available on all interfaces:

orr:/home/richard$ sockstat -4
USER COMMAND PID FD PROTO LOCAL ADDRESS FOREIGN ADDRESS
root cupsd 6892 0 tcp4 *:631 *:*
root cupsd 6892 2 udp4 *:631 *:*
root sendmail 429 4 tcp4 127.0.0.1:25 *:*
root sshd 423 3 tcp46 *:22 *:*
root sshd 423 4 tcp4 *:22 *:*
orr:/home/richard$

Once I logged in as user root with root's password, I was able to add my remote printer. I selected "LPD/LPR Host or Printer", with device URI "lpd://192.168.2.8:515/scout". The IP is cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 machine where cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 printer is connected, pot 515 is cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 LPD port, and 'scout' is cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 name of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 queue. I chose "HP" as cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 "Model/Driver" and cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 last "HP DeskJet 900 CUPS+Gimp-Print" series entry(of which cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re were 15 identical items).

Once done I was able to print a test page within cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 CUPS Web administrative interface. Getting my applications to work was anocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r story. CUPS installs a new 'lpr' binary in /usr/local/bin/lpr. Apparently using this lpr one can print using CUPS. Unfortunately I could not use cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 stock /usr/bin/lpr to print, so I moved cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 stock version to /usr/bin/lpr.orig and made this link:

ln -s /usr/local/bin/lpr /usr/bin/lpr

Now I can print from OpenOffice. Under Mozilla I was able to specify /usr/local/bin/lpr. I believe I could have also tried installing Samba on my FreeBSD machine, but I didn't feel cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 need to do that. I can mount remote Windows shares on cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 XP box using FreeBSD's mount_smbfs:

mount_smbfs -I 192.168.2.8 //administrator@scout/temp /mnt

That command mounts cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 remote share 'temp' on host 'scout', IP 192.168.2.8, as user 'administrator', to my local /mnt share.

In ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r FreeBSD news, I've moved to Fluxbox as my new window manager. I was using FVWM with an Afterstep cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365me, which I decided was somewhat silly. Fluxbox seems to be working out fine for now. I like cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 simple syntax in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 ~/.fluxbox/menu file:

[begin] (Fluxbox-0.9.8)
[exec] (aterm) {aterm -bg black -fg white -sl 1000}
[exec] (mozilla) {mozilla}
[exec] (sguil) {/usr/local/bin/sguil.sh}
[exec] (ecá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365real) {aterm -e sudo ecá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365real}
[exec] (acroread) {acroread}
[exec] (openoffice) {openoffice-1.1}
[exec] (xv) {xv}
[exec] (gv) {gv}
[exec] (gtksee) {gtksee}
[exec] (gtk-gnutella) {gtk-gnutella}
[exec] (xmms) {xmms}
[exec] (gmplayer) {gmplayer}
[exec] (vmware) {vmware}
...and so on...

Thursday, February 12, 2004

Understanding My Laptop's Graphics Capabilities

While perusing cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 FreeBSD-current news archive, I read a thread on comparing glxgears performance. I had never used this tool so I fired it up and saw my Thinkpad a20p laptop's performance:

Xlib: extension "XFree86-DRI" missing on display ":0.0".
303 frames in 5.0 seconds = 60.600 FPS
361 frames in 5.0 seconds = 72.200 FPS
360 frames in 5.0 seconds = 72.000 FPS
360 frames in 5.0 seconds = 72.000 FPS
360 frames in 5.0 seconds = 72.000 FPS

The error message bocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365red me, and cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se numbers looked much lower than those in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 thread, so I started poking around. I found Eric Anholt's DRI page extremely helpful. I learned DRI is cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Direct Rendering Infrastructure, "a framework for allowing direct access to graphics hardware in a safe and efficient manner... The first major use for cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 DRI is to create fast OpenGL implementations." The DRI page for ATI, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 maker of my Rage Mobility 128 card showed it was supported. However, using Eric's troubleshooting page, I failed to see DRM (cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Direct Rendering Modules provided DRI) loaded by cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 kernel. Checking my /var/log/XFree86.log.0 file, I saw attempts to load DRI and DRM:

(II) LoadModule: "dri"
(II) Loading /usr/X11R6/lib/modules/extensions/libdri.a
(II) Module dri: vendor="The XFree86 Project"
compiled for 4.3.0, module version = 1.0.0
ABI class: XFree86 Server Extension, version 0.2
(II) Loading sub module "drm"
(II) LoadModule: "drm"
(II) Loading /usr/X11R6/lib/modules/freebsd/libdrm.a
(II) Module drm: vendor="The XFree86 Project"
compiled for 4.3.0, module version = 1.0.0
ABI class: XFree86 Server Extension, version 0.2
(II) Loading extension XFree86-DRI
(II) LoadModule: "dbe"
(II) Loading /usr/X11R6/lib/modules/extensions/libdbe.a
(II) Module dbe: vendor="The XFree86 Project"
compiled for 4.3.0, module version = 1.0.0
Module class: XFree86 Server Extension
ABI class: XFree86 Server Extension, version 0.2
(II) Loading extension DOUBLE-BUFFER

There were no errors, but I did see this later in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 log:

(II) R128(0): Direct rendering disabled

Clearly this was a problem. The first issue I decided to tackle was not seeing drm loaded by cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 kernel. My laptop runs FreeBSD 5.2 REL. I found a r128.ko kernel module in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 /boot/kernel directory, so I tried loading it via kldload:

drm0: port 0x2000-0x20ff mem 0xf0200000-0xf0203
fff,0xf8000000-0xfbffffff irq 11 at device 0.0 on pci1
info: [drm] AGP at 0xf4000000 64MB
info: [drm] Initialized r128 2.5.0 20030725 on minor 0

That's better! I added

r128_load="YES"

to my /boot/loader.conf file to enable this at boot time. Unfortunately, this did not solve my "Direct rendering disabled" problem. Thanks to this thread I added this to my /etc/X11/XF86Config next:

Section "DRI"
Mode 0666
EndSection

This was supposed to ensure that all users could use DRI, but it had no effect on my immediate problem. In cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 same helpful thread I learned I might be asking too much of my 2000-era graphics card. There might not be enough memory left to run DRI, so I made cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se changes to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 /etc/X11/XF86Config file:

Section "Screen"
Identifier "Screen0"
Device "Card0"
Monitor "Monitor0"
DefaultDepth 16
DefaultFbbpp 16
SubSection "Display"
Depth 16
Modes "1400x1050"
EndSubSection
EndSection

By dropping my color depth from 24 to 16, and specifying cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 frame buffer to be 16, this might give X enough memory to run DRI. Sure enough, it worked!

(II) R128(0): Direct rendering enabled

Trying cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 glxgears program, I got much better results, and no error messages:

7969 frames in 5.0 seconds = 1593.800 FPS
7977 frames in 5.0 seconds = 1595.400 FPS
6978 frames in 5.0 seconds = 1395.600 FPS
5559 frames in 5.0 seconds = 1111.800 FPS
7393 frames in 5.0 seconds = 1478.600 FPS
7438 frames in 5.0 seconds = 1487.600 FPS

With DRI enabled, I was able to load cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Enemy Territory game from cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 FreeBSD port. At some point I hope to get cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 TV capabilities of my laptop working using cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 GATOS drivers and software.

I created a .xserverrc file with cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se contents to ensure my laptop uses 100 DPI:

exec X :0 -dpi 100

Packet Storm Lives

I just read this at Packet Storm:

On January 12, 2004, Packet Storm had its connectivity turned off without any forewarning.

After cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 plug was pulled, it took approximately two weeks to get a straight answer from our provider as to whecá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r or not we were going to get turned back on. It seems that when bandwidth is donated to a worthy cause, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 cause is not so worthy when it comes to returning phone calls. In cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 end, our hosting was cancelled. Due to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 abrupt turnoff, we did not have time to set up safe hosting elsewhere.

If you have a strong, fast, and secure location that can host 4-12U's of rack space, please contact fringe[at]dtmf.org with any information.

Packet Storm has no plans to fall under corporate sponsorship again and we hope that cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 security community understands that this transition does not mean we are going anywhere.

We do plan to get cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 site back up to speed and updated within cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 next week, but mail and cgi services will be unavailable. They will be restored once we have a permanent home. Please do not bocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r attempting to send in submissions until you hear ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365rwise.

Again, many thanks to all of our supportive mirrors that are taking on all cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 traffic while we are in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 middle of fixing this ordeal.

Thanks again for your patience,
Packet Storm Staff

Tuesday, February 10, 2004

Anocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r Critical Microsoft Hole

Today Microsoft announced cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365ir Security Updates for February 2004. Security consultancy eEye told Microsoft about one of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 flaws, called MS04-007 by Microsoft, six months ago. The vulnerability affects code using Microsoft's ASN.1 library (MSASN1.DLL).

The OpenSSL team reported a vulnerability and fix for ASN problems in September 2003. The Slashdot thread makes good points about how Microsoft claims to fix errors faster and better than open source software. The following was published by The Register last October to recount an interview with Bill Gates at cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 TechNet/MSDN seminar in The Hague:

"Microsoft is making progress. The company writes more secure code, essentially because of tools that show where problems might occur. It is also fixing problems much faster than it used to. Gates: 'We've gone from little over 40 hours on average to 24 hours. With Linux, that would be a couple of weeks on average.'"

Who is Microsoft kidding?

I'm appalled by Microsoft's security record. My next commercial system will not run Windows; none of my infrastructure devices run Windows now. When we decide to buy a new system with a commercial OS, it's going to be a Mac.

If you think this announcement is cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 end, check out eEye's pipeline. They've got better future prospects than Big Pharma, with seven more advisories on deck. They told Microsoft about four of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365m over two months ago, and still we're waiting for patches. I'm sure cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 underground isn't waiting.

You can read centralized information on this vulnerability at cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 US-CERT. From what I understand cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 US-CERT is taking an operational security role, dealing with cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 public and so on. The CERT is transitioning to more of a research role, providing serious technical expertise but stepping out of operational duties.

Setting Custom Prompts

O'Reilly's UNIX Power Tools, 3rd Ed inspired me to change cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 default prompts on my FreeBSD systems. My user account uses bash, so I made cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 following entry in ~/.profile to ensure my prompt shows my username, system name, and present working directory when I log in. The single straight quotes ensure that $PWD is substituted every time I change directories. If I had used double straight quotes, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365n $PWD would be fixed at whatever my current directory was when cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 shell was started. Single straight quotes helps us use "dynamic substitution." Using cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 back ticks sets cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 value of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 system name.

PS1='$USER@`hostname -s`:$PWD '

Here's cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 result:

richard@orr:/home/richard$

Changing .profile affects prompts seen when logging in to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 terminal and remotely via SSH. This entry in ~/.profile doesn't influence cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 prompt seen by terminals started within X, as cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y are not "interactive" shells. (I still haven't figured that one out.) To ensure terminals in X share cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 same prompt, I made cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 same entry in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 .bashrc file.

For tcsh, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 default shell for root on FreeBSD (csh and tcsh are cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 same binary), I made this entry in /root/.cshrc after cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 'set mail' line:

set prompt = "%n@%m:%/# "

Tcsh doesn't support much dynamic substition, but a read of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 tcsh man page showed several variables built into cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 shell provide what I need. %n is cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 username. %m is cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 hostname up to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 first period. %/ is cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 present working directory. All togecá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 result looks good:

root@orr:/root#

Keep in mind cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se prompts start to take up valuable terminal space. You can eliminate cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 %n in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 csh prompt as cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 # shows you are root. If you primarily deal with a single user account, or don't care to know your login name, similarly eliminate cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 $USER@ from cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 bash prompt.

I will review UNIX Power Tools when done reading it, but I can already recommend buying it.

Using Session Data to Look for Worm Activity

Currently a slew of worms are scanning port 3127 TCP, looking for systems infected by MyDoom.A. They include MyDoom.B, Doomjuice, and Vesser.

I collect session data using a variety of means, including Argus. I have cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Argus daemon write what it sees into a directory. The elaborate date in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 file name is a result of calling cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 date command like so:

DATE=`/bin/date "+%Y%m%d-%H%M%S"`

When cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 process is running, it looks like this:

/usr/local/src/argus-2.0.6/bin/argus_bpf -c -d -i ngeth0 -w
/nsm/argus/20040206-085201.bourque.taosecurity.com.ngeth0.arg - ip

This process stores Argus data in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 /nsm/argus directory. To quickly search cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 directory, I use cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 following at cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 command line:

-bash-2.05b$ for i in `ls`; do ra -n -r $i - dst port 3127 |
grep -v stream >> /tmp/3127.ra; done

This yields results like cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 following:

28 Jan 04 16:47:32 tcp 80.181.182.157.2391 -> myIP.3127 RST
28 Jan 04 16:47:33 tcp 80.181.182.157.2391 -> myIP.3127 RST
28 Jan 04 16:47:34 tcp 80.181.182.157.2391 -> myIP.3127 RST
03 Feb 04 00:31:04 tcp 63.208.193.241.3127 -> myIP.3127 RST
03 Feb 04 17:32:55 tcp 24.168.219.7.3127 -> myIP.3127 RST
03 Feb 04 21:42:12 tcp 212.58.12.98.3723 -> myIP.3127 RST
03 Feb 04 21:42:13 tcp 212.58.12.98.3723 -> myIP.3127 RST
03 Feb 04 21:42:14 tcp 212.58.12.98.3723 -> myIP.3127 RST
04 Feb 04 03:55:59 tcp 129.1.61.23.3228 -> myIP.3127 RST
04 Feb 04 03:55:59 tcp 129.1.61.23.3228 -> myIP.3127 RST
...continues until today...

The RST means cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 connection attempt ended with a RST. From my small vantage point on cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Internet, scanning for port 3127 TCP appeared 28 Jan 04, and my system did not respond.

This sort of analysis is part of Network Security Monitoring. This is how you verify your machine is not compromised with a minimum amount of effort.

Monday, February 09, 2004

Review of Security Warrior Posted

Amazon.com just published my five star review of Security Warrior. From cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 review:

"Security Warrior is a heavyweight contender. Peikari and Chuvakin offer a dark counterpart to O'Reilly classics like Practical UNIX and Internet Security (PUAIS) and Securing Windows NT/2000 Servers for cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Internet. If you've been waiting for cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 next good security book from O'Reilly, "Security Warrior" (SW) is it.

Part I, "Software Cracking," was my favorite section. This material is largely not for beginners, which marked a welcome change from many competing books. Part I gave an introduction to assembly language, followed by reverse engineering exercises on Windows, Linux, and Windows CE. I admit a good portion of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 section was beyond my skill level, but I was able to "patch" binaries to alter program flow and even use a buffer overflow to execute previously unreachable code in a sample program. These sorts of "hands-on" exercises were informative and enjoyable.

Saturday, February 07, 2004

FreeBSD Guru on Updating Ports

Keeping cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 ports tree up-to-date is a big concern for FreeBSD users. Kris Kennaway posted a comparison of 'make index' and cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 portupgrade command 'portsdb -U'. Already one change has been made to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 portupgrade port to address Kris' findings.

Dru Lavigne wrote articles about Ports Tricks, Portupgrade, and Cleaning and Customizing Your Ports. Michael Lucas and Dan Langille have also written articles on using cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 ports tree. This thread in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 freebsd-ports archive discusses ways to keep ports trees up-to-date on multiple machines.

Update": This post reminded me of how to create your own packages in FreeBSD. To create a package with all of its dependencies, change to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 directory of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 tool you wish to build in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 /usr/ports tree. Once cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re, running 'make package-recursive' will create a package from cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 ports tree and all of its dependencies. They will be stored in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 /usr/ports/packages/All directory.

Friday, February 06, 2004

Annoying DNS Issues in Mozilla

I've finally figured out why visits to some Web sites take forever. I've maintained for years that "if something works, but takes a long time, blame DNS." Sure enough, a combination of Mozilla's behavior and uncooperative DNS servers are conspiring against Web users.

Here's how Mozilla resolves a host name when cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 remote DNS server cooperates. First Mozilla causes a DNS query for an AAAA record. This is an IPv6 record. The name server (here a forwarding name server) replies that it doesn't know an AAAA record for xlonhcld.xlontech.net. Mozilla promptly asks for cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 A record, which is returned in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 last packet. So far so good.

18:24:04.604363 192.168.2.5.49203 > 172.27.20.1.53: 56494+ AAAA? xlonhcld.xlontech.net. (39)
18:24:04.611197 172.27.20.1.53 > 192.168.2.5.49203: 56494 0/1/0 (104)
18:24:04.611474 192.168.2.5.49204 > 172.27.20.1.53: 56495+ A? xlonhcld.xlontech.net. (39)
18:24:04.619886 172.27.20.1.53 > 192.168.2.5.49204: 56495 18/7/0 A[|domain]

This is what happens with sites that don't answer AAAA queries properly. Mozilla asks for cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 AAAA record four times

18:20:11.292864 192.168.2.5.49188 > 172.27.20.1.53: 4329+ AAAA? dclkcorp.rpts.net. (35)
18:20:16.304730 192.168.2.5.49189 > 172.27.20.1.53: 4329+ AAAA? dclkcorp.rpts.net. (35)
18:20:26.319837 192.168.2.5.49190 > 172.27.20.1.53: 4329+ AAAA? dclkcorp.rpts.net. (35)
18:20:46.334627 192.168.2.5.49191 > 172.27.20.1.53: 4329+ AAAA? dclkcorp.rpts.net. (35)

After 75 seconds it gives up and asks for cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 A record. The name server promptly responds and cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 page loads.

18:21:26.345147 192.168.2.5.49192 > 172.27.20.1.53: 4330+ A? dclkcorp.rpts.net. (35)
18:21:26.378344 172.27.20.1.53 > 192.168.2.5.49192: 4330 2/6/6[|domain]

Here are cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 replies for cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 AAAA record requests. I haven't figured out cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 purpose of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 ICMP port unreachable messages.

18:21:59.533098 172.27.20.1.53 > 192.168.2.5.49190: 4329 ServFail 0/0/0 (35)
18:21:59.533170 192.168.2.5 > 172.27.20.1: icmp: 192.168.2.5 udp port 49190 unreachable
18:22:00.197621 172.27.20.1.53 > 192.168.2.5.49189: 4329 ServFail 0/0/0 (35)
18:22:00.197688 192.168.2.5 > 172.27.20.1: icmp: 192.168.2.5 udp port 49189 unreachable
18:22:11.193955 172.27.20.1.53 > 192.168.2.5.49188: 4329 ServFail 0/0/0 (35)
18:22:11.194029 192.168.2.5 > 172.27.20.1: icmp: 192.168.2.5 udp port 49188 unreachable
18:22:44.194926 172.27.20.1.53 > 192.168.2.5.49191: 4329 ServFail 0/0/0 (35)
18:22:44.195000 192.168.2.5 > 172.27.20.1: icmp: 192.168.2.5 udp port 49191 unreachable

The Mozilla team has had this bug report open for a long time. Unfortunately, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 remote name servers are to blame, as shown by this Internet draft. The issue was also discussed on freebsd-current.

For sites that don't answer AAA requests properly, like doubleclick, entries like cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se in /etc/hosts might work:

::0 ad.doubleclick.com
::0 ad.doubleclick.net

::1 is also an option, which is localhost.

The Mozilla bug report offered this code to check IPv6 resolutions using gethostbyname2:

#include
#include
#include
#include
#include
#include
#include

int main(int argc, char *argv[])
{
struct hostent *hent;
char addrstr[64];
int i;

if (argc != 2) {
fprintf(stderr, "Usage: %s \n", argv[0]);
exit(1);
}

hent = gethostbyname2(argv[1], AF_INET6);
if (hent == NULL) {
fprintf(stderr, "gethostbyname2 failed: %d\n", h_errno);
exit(1);
}
printf("h_name = %s\n", hent->h_name);
if (hent->h_aliases) {
for (i = 0; hent->h_aliases[i]; i++) {
printf("h_aliases[%d] = %s\n", i, hent->h_aliases[i]);
}
}
if (hent->h_addrtype == AF_INET) {
printf("h_addrtype = AF_INET\n");
} else if (hent->h_addrtype == AF_INET6) {
printf("h_addrtype = AF_INET6\n");
} else {
printf("h_addrtype = %d\n", hent->h_addrtype);
}
printf("h_length = %d\n", hent->h_length);
if (hent->h_addr_list) {
for (i = 0; hent->h_addr_list[i]; i++) {
printf("h_addr_list[%d] = %s\n", i,
inet_ntop(hent->h_addrtype, hent->h_addr_list[i],
addrstr, sizeof(addrstr)));
}
}
return 0;
}

It compiles fine on FreeBSD 5.2 REL and shows how different sites respond. Here's a site that responds with an IPv6 address:

orr# ./gethost2 www.netbsd.org
h_name = www.netbsd.org
h_addrtype = AF_INET6
h_length = 16
h_addr_list[0] = 2001:4f8:4:7:290:27ff:feab:19a7

Here's a site with no IPv6 address:

orr# ./gethost2 www.bejtlich.net
gethostbyname2 failed: 4

Here's what happens when I query for a site with an entry in /etc/hosts:

orr# ./gethost2 ad.doubleclick.net
h_name = ad.doubleclick.net
h_addrtype = AF_INET6
h_length = 16
h_addr_list[0] = ::

This is how a site with a broken respond behaves. The program times out after waiting for a minute and 15 seconds.

orr# time ./gethost2 www.apcc.com
gethostbyname2 failed: 2
0.000u 0.004s 1:15.04 0.0% 0+0k 0+0io 0pf+0w

Watching cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Mozilla bug report, a fix appears to be in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 works.

Using Binary Security Updates for FreeBSD and OpenBSD

A few security advisories for FreeBSD and OpenBSD were announced. The latest for FreeBSD involves cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 System V Shared Memory interface. If you're running a GENERIC kernel you may be able to use Colin Percival's binary updates, like this:

bourque# uname -a
FreeBSD bourque.taosecurity.com 4.9-RELEASE FreeBSD 4.9-RELEASE #0:
Mon Oct 27 17:51:09 GMT 2003 root@freebsd-stable.sentex.ca:/usr/obj/usr/src/sys/GENERIC
i386
bourque# freebsd-update -v fetch
Fetching updates signature...
Fetching updates...
Fetching hash list signature...
Fetching hash list...
Examining local system...
Fetching updates...
/kernel...
/kernel.GENERIC...
Updates fetched

To install cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se updates, run: '/usr/local/sbin/freebsd-update install'
bourque# freebsd-update -v install
Backing up /kernel...
Installing new /kernel...
Backing up /kernel.GENERIC...
Installing new /kernel.GENERIC...
...reboot...
-bash-2.05b$ uname -a
FreeBSD bourque.taosecurity.com 4.9-SECURITY FreeBSD 4.9-SECURITY #0:
Thu Feb 5 04:20:23 GMT 2004 root@builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC i386

Here's what updating my FreeBSD 5.2 REL notebook looked like:

orr# uname -a
FreeBSD orr.taosecurity.com 5.2-RELEASE FreeBSD 5.2-RELEASE #0:
Sun Jan 11 04:21:45 GMT 2004 root@wv1u.btc.adaptec.com:/usr/obj/usr/src/sys/GENERIC i386
orr# freebsd-update -v fetch
Fetching updates signature...
Fetching updates...
Fetching hash list signature...
Fetching hash list...
Examining local system...
Fetching updates...
/boot/kernel/kernel...
/boot/kernel/sysvshm.ko...
Updates fetched

To install cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se updates, run: '/usr/local/sbin/freebsd-update install'
orr# freebsd-update -v install
Backing up /boot/kernel/kernel...
Installing new /boot/kernel/kernel...
Backing up /boot/kernel/sysvshm.ko...
Installing new /boot/kernel/sysvshm.ko...
...reboot...
bash-2.05b$ uname -a
FreeBSD orr.taosecurity.com 5.2-SECURITY FreeBSD 5.2-SECURITY #0:
Thu Feb 5 10:24:52 GMT 2004 root@builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC i386

Two OpenBSD advisories have been posted in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 last month. The binary patch from binpatch addresses cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 message handling flaws in isakmpd(8). There is no binary patch posted yet for cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 reference counting bug in shmat(2) announced yesterday.

bash-2.05b# wget http://www.openbsd.org.mx/pub/binpatch/3.4/i386/binpatch-3.4-i386-009.tgz
--09:07:55-- http://www.openbsd.org.mx/pub/binpatch/3.4/i386/binpatch-3.4-i386-009.tgz
=> `binpatch-3.4-i386-009.tgz'
Resolving www.openbsd.org.mx... done.
Connecting to www.openbsd.org.mx[208.33.29.188]:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 480,408 [text/plain]

100%[====================================>] 480,408 30.74K/s ETA 00:00

09:08:11 (30.74 KB/s) - `binpatch-3.4-i386-009.tgz' saved [480408/480408]
bash-2.05b# ls -al
total 500
drwxr-xr-x 2 root wheel 512 Feb 6 09:08 .
drwxr-xr-x 4 root wheel 512 Feb 6 09:07 ..
-rw-r--r-- 1 root wheel 480408 Jan 15 17:03 binpatch-3.4-i386-009.tgz
bash-2.05b#
bash-2.05b# md5 binpatch-3.4-i386-009.tgz
MD5 (binpatch-3.4-i386-009.tgz) = 44260e1d04a687f67ae9e0e928c447c8
bash-2.05b# tar -xzvpf binpatch-3.4-i386-009.tgz -C /
./sbin/isakmpd
./usr/share/ipsec/isakmpd/VPN-3way-template.conf
./usr/share/ipsec/isakmpd/VPN-east.conf
./usr/share/ipsec/isakmpd/VPN-west.conf
./usr/share/ipsec/isakmpd/policy
./usr/share/ipsec/isakmpd/singlehost-east.conf
./usr/share/ipsec/isakmpd/singlehost-east.gdb
./usr/share/ipsec/isakmpd/singlehost-setup.sh
./usr/share/ipsec/isakmpd/singlehost-west.conf
./usr/share/ipsec/isakmpd/singlehost-west.gdb
...No reboot needed as this does not affect cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 kernel...

These sorts of binary upgrades are a good alternative for those running stock systems on slow hardware or in constrained environments (e.g., lack of compiler).

Assembly and OS Threads at Slashdot

Slashdot has covered two interesting topics recently: Learning Computer Science via Assembly Language and Building Your Own Operating System. I learned of two online books to assist with cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se topics: PC Assembly Language and Programming from cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Ground Up.

If you want to run UNIX on your Commodore 64, try LUnix.

Wednesday, February 04, 2004

Configuing ssh-askpass and ssh-agent

I decided to set up ssh-agent and ssh-askpass on my laptop to allow easier access to ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r systems on my LAN. First I created a public/private key pair:

bash-2.05b$ ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 key (/home/richard/.ssh/id_dsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/richard/.ssh/id_dsa.
Your public key has been saved in /home/richard/.ssh/id_dsa.pub.
The key fingerprint is:
OB:FU:SC:AT:ED:FO:RS:EC:UR:IT:YR:EA:SO:NS richard@orr.taosecurity.com

Next I added cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 contents of /home/richard/.ssh/id_dsa.pub to newly-created authorized_keys files in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 ~/.ssh/ directory on every server to which I wished to connect.

To ease log-in, I changed my laptop's .xinitrc file to look like this:

ssh-add < /dev/null
exec fvwm-cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365mes-start

I also ensured my .profile had cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se entries:

SSHAGENT=/usr/bin/ssh-agent
SSHAGENTARGS="-s"
if [ -z "$SSH_AUTH_SOCK" -a -x "$SSHAGENT" ]; cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365n
eval `$SSHAGENT $SSHAGENTARGS`
trap "kill $SSH_AGENT_PID" 0
fi

Now when I execute 'startx', I see ssh-askpass prompt for cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 keyphrase I entered when generating cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 DSA key pair above. I can log in to all cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 servers who have my laptop's public key in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365ir authorized_keys file without entering a password.

FreeBSD Ports Gettext Problems Over

If you've been having troubles upgrading FreeBSD ports due to conflicts between version of devel/gettext, your problems are over. Joe Marcus Clarke's post to freebsd-ports indicates he's set all ports requiring gettext to use cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 newest version. The problem originated with cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 way cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 gettext port was modified in late January. I just updated all ports on my FreeBSD 4.9 STABLE system and am doing cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 same on my FreeBSD 5.2 RELEASE box now. Everything seems to work ok.

Review of The Art of UNIX Programming Posted

Amazon.com just posted my four star review of The Art of UNIX Programming. From cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 review:

"I found histories of "UNIX vs. UNIX" and "UNIX vs cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 world" very informative. TAOUP presents concise explanations of licensing, RFC creation, and UNIX philosophy. I was happy to see that an open source project to which I contribute (Sguil) met many UNIX design criteria, like text-based communication between small collaborating daemons. I plan to follow TAOUP's recommendations for documentation so helpfully discussed in chapter 18 when I release cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 next set of Sguil guides.

TAOUP offers numerous priceless quotes from UNIX pioneers, but ESR himself offers my favorite: "Open source is what happens when code reuse gets a flag and an army." I hope UNIX advocates everywhere carry TAOUP into battle against cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365ir proprietary, monopolistic OS foes. With a few more nods to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 enemy and a more balanced comparison of languages, TAOUP will be unbeatable."

Tuesday, February 03, 2004

Is PacketStorm Dead?

One of my favorite sites, www.packetstormsecurity.org, hasn't been updated since cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 second week in January. Email to staff@packetstormsecurity.org and staff@packetstormsecurity.nl is being refused:

This is cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Postfix program at host fallback-2.mail.widexs.nl.

I'm sorry to have to inform you that cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 message returned
below could not be delivered to one or more destinations.

For furcá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r assistance, please send mail to

If you do so, please include this problem report. You can
delete your own text from cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 message returned below.

The Postfix program

: connect to
pop.packetstormsecurity.nl[213.206.75.252]: Connection refused

Is this cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 end for PacketStorm?

Monday, February 02, 2004

Kung Fu Coming to DVD

I'm in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 last month of writing The Tao of Network Security Monitoring, so I haven't had much time to fool around with FreeBSD or ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r items of technical or security interest. However, I'm still happy. The New England Patriots won Superbowl XXXVIII, considered by some to be cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 best ever.

Now, after perusing Amazon.com, I just learned that on 16 March 2004, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 entire First Season of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 classic 1970s TV series Kung Fu will be released on DVD by Warner Home Video. I expect cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 second and third seasons to appear later this year. The Kung Fu TV series is cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 reason I first started studying martial arts seriously in 1994.