Monday, May 10, 2004

Carter Bullard Releases Argus 2.0.6

Normally a change from a 2.0.5 to 2.0.6 release wouldn't be big news. That's not cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 case with Argus, however. 2.0.6 has been about a year in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 making. Argus is cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 world's longest living open source session data collection program. It runs on most any UNIX distribution and appears in my book. Give it a try!

Thursday, May 06, 2004

TaoSecurity.com Moves to Niuhi

Visitors to www.taosecurity.com will notice cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y are no longer redirected to mywebpages.comcast.net/taosecurity. I've started hosting TaoSecurity.com at Niuhi.com, co-operated by a fellow security consultant. This move should only have positive effects. If you bookmarked cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 old Comcast site, please use www.taosecurity.com.

Tuesday, May 04, 2004

Upgrading Ruby

This morning when checking for updated applications I saw that lang/ruby18 was updated recently:

drury:# portversion -v | grep ruby
ruby-1.8.1_2 < needs updating (port has 1.8.1.2004.05.02)
ruby18-bdb1-0.2.2 = up-to-date with port

I remembered what trouble we had with Ruby and Portupgrade a few months ago, so I used Portupgrade to upgrade Ruby by itself:

drury# portupgrade -v ruby^M
---> Session started at: Tue, 04 May 2004 12:16:17 -0400
---> Upgrade of lang/ruby18 started at: Tue, 04 May 2004 12:16:19 -0400
---> Upgrading 'ruby-1.8.1_2' to 'ruby-1.8.1.2004.05.02' (lang/ruby18)
---> Build of lang/ruby18 started at: Tue, 04 May 2004 12:16:19 -0400
---> Building '/usr/ports/lang/ruby18'
>> ruby-1.8.1-2004.05.02.tar.bz2 doesn't seem to exist in /usr/ports/distfiles/ruby.
>> Attempting to fetch from ftp://ftp.iij.ad.jp/pub/lang/ruby/snapshots/.
Receiving ruby-1.8.1-2004.05.02.tar.bz2 (2395420 bytes):
...edited...
===> Cleaning for ruby-1.8.1.2004.05.02
---> Removing cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 temporary backup files
---> Installation of lang/ruby18 ended at: Tue, 04 May 2004 12:18:19 -0400 (con
sumed 00:00:07)
---> Cleaning out obsolete shared libraries
[Updating cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 pkgdb in /var/db/pkg ... - 159 packages found
(-0 +1) . done]
---> Upgrade of lang/ruby18 ended at: Tue, 04 May 2004 12:18:19 -0400 (consumed
00:02:00)
---> Listing cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 results (+:done / -:ignored / *:skipped / !:failed)
+ lang/ruby18 (ruby-1.8.1_2)
---> Packages processed: 1 done, 0 ignored, 0 skipped and 0 failed
---> Session ended at: Tue, 04 May 2004 12:18:20 -0400 (consumed 00:02:02)

Ruby was updated and now I plan to use Portupgrade to update cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 rest of my ports.

Monday, May 03, 2004

Review of Network Security Assessment Posted

Amazon.com just published my four star review of Network Security Assessment. From cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 review:

"Network Security Assessment (NSA) is cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 latest in a long line of vulnerability assessment / penetration testing books, stretching back to Maximum Security in 1997 and Hacking Exposed shortly cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365reafter. NSA is also cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 second major security title from O'Reilly this year, soon to be followed by Network Security Hacks. NSA is a good book with some new material to offer, but don't expect to find deep security insight in this or similar assessment books.

NSA begins with cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 almost obligatory reference to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 king of assessment books, Hacking Exposed (HE), saying 'I leave listings of obscure techniques to behemoth 800-page "hacking" books.' I don't think some of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 techniques covered in HE but not NSA are "obscure." Noticably lacking in NSA is coverage of dial-up techniques, wireless insecurities, Novell vulnerabilities, and attacking clients racá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r than servers. Should NSA receive a second edition, I expect to see cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 book expand closer to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 'behemoth' it seems to deride."

Saturday, May 01, 2004

Review of Ecá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365real Packet Sniffing Posted

Amazon.com just posted my five star review of Ecá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365real Packet Sniffing. From cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 review:

"Ecá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365real Packet Sniffing is cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 first book in Jay Beale's new Open Source Security Series with Syngress. It's a great book to lead cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 way. Ecá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365real is full of helpful tips and clear discussions that benefit newbies and wizards alike.

I've been using Ecá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365real for around five years, and this book still taught me a few new tricks. The key to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 new material is Ecá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365real's development, from 0.2 in July 1998 to 0.10.3 this year. (The book covers 0.10.0 which is far from being outdated.) The many improvements lend cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365mselves to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 sort of explanations found in Ecá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365real. For example, my favorite material involved filters. Although chs. 4 and 5 had minor overlap regarding this feature, I learned new ways to manipulate Ecá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365real's packet search and display capabilities."

Fixing Anocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r Problem with Ports

Today while using portupgrade to update my ports tree, I ran into this problem. The process was trying to upgrade OpenMortal when it died:

---> Uninstallation of openmortal-0.6 ended at: Sat, 01 May 2004 18:26:13 -0400
(consumed 00:02:22)
---> Upgrade of games/openmortal ended at: Sat, 01 May 2004 18:26:13 -0400 (con
sumed 00:02:28)
[Updating cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 pkgdb in /var/db/pkg ... - 258 packages found
(-1 +0) (...)ruby18 in malloc(): error: allocation failed
Abort (core dumped)

That didn't look good. I tried this and got similar results:

orr:/root# portversion -v
[Updating cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 pkgdb in /var/db/pkg ... - 258 packages found
(-1 +0) (...)ruby18 in malloc(): error: allocation failed
Abort (core dumped)

At this point I decided to try rebuilding cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 package database:

orr:/var/db/pkg# mv pkgdb.db pkgdb.db.broken
orr:/var/db/pkg# pkgdb -F
---> Checking cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 package registry database
[Rebuilding cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 pkgdb in /var/db/pkg ... - 258 packages foun
d (-0 +258) ....................................................................
................................................................................
................................................................................
.............................. done]

Now everything works, although OpenMortal is no longer installed. I reinstalled it from /usr/ports/packages/All, which is a NFS mount to my package builder:

orr:/root# cd /usr/ports/packages/All
orr:/usr/ports/packages/All# pkg_add -v openmortal-0.7.tbz
Requested space: 205905528 bytes, free space: 2372941824 bytes in /var/tmp/instmp.RTmsXw
...truncated...

Packet Description Markup Language

While reviewing a new book on Ecá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365real, I learned about cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Packet Details Markup Language (PDML). PDML is a way to express a packet in XML format. For example, here is an ICMP echo request:

tecá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365real -n -r snort.log.1082637820 -T pdml icmp




























































PDML is related to NetPDL. Both were created at cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 same Italian university that brought cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 world Windump.