|
thorwaldgustav.com
Old Page Honda VTR250 Genesis of a Serial Killer Writings All About Jeremy Anderson Computer Stuff Humor Photoalbum Email me Spammers suck PICTURES Thorwald Gustav Thorwald Gustav, July 11th, 2003 Thorwald, and miscellany, July 27, 2003 August and september baby General Photoalbum Aggie and the Pumpkin Misc: 10/15/2k2 Me Angela Renae FRIENDS Jose Dirk Roger Beth Brian |
Wednesday, April 27th, 2005, 0920Ultrasounds are coolIt's going to be a boy. Of course, we have another 16-20 weeks to wait (this was, after all, the 20-week ultrasound). Tuesday, April 26th, 2005, 074531337 H@x0r5 @r3 |<00L!!There is only one thing you need to know for this story to be funny: 127.0.0.1 is a special ip address that always refers to your OWN computer: http://www.jellyslab.com/~bteo/hacker.htm. Safe for work, but foul language. Friday, April 21st, 2005, 0733There's a new 800 pound gorilla in town...And it's name is: discrimination. I'm disappointed to report that Microsoft has pulled support from Washington state's H.1515 bill, which would have declared that discrimination against gays and lesbians is not just wrong, but illegal in the eyes of the state. Many other states currently have bills like this. Why did MS support the bill? It turns out they're a very GLBT-friendly workspace. They even offer partner benefits! So why did they pull support from the bill? Simple. Under the guise of "family values", A conservative "Christian" minister pressured them to pull support, threatening to organize a nationwide boycott on their products. I am horrified that a financial juggernaut like MS would take a stand and back down because a bunch of book-burning luddites threatened to stop using MS products. Get this: Jesus of Nazareth didn't hang out with "family values" type people. He hung out with sinners, prostitutes, tax collectors, and other unsavory types. He told them all that they were loved. And he encouraged them to pull the plank from their own eye before removing the splinter from their brother's eye. "Judge not, lest you be judged" should not be translated to "I don't mind being judged, so I can judge EVERYONE."--it means, essentially, mind your own business. There are things, mind you, which need to be declared illegal, and punished (Catholic sex scandal, anyone?), but whatever happens between two consenting adults isn't anyone's business but their own. Attacking someone on the basis of whether they are sexually attracted to men or women is just as ludicrous as racism. And like racism, it comes from a small-minded fear of all that is different from oneself. Thursday, April 21st, 2005, 2144One small step for man...Tonight, we finally did it. Angela wrote the check to pay off the last of her college loans. Next month, we'll be able to pay off the last of my college loans, provided everything goes as planned. We should throw a party or something. W00t! Wednesday, April 20th, 2005, 1944Back onlineMy web page is back on line now, but edited. I'd hate for this to happen to me. Certain subsites are currently down. There are certain companies with whom I don't think anyone should do any business whatsoever. But I'm not at liberty to say who they are. Friday, April 1st, 2005, 0726There but for the grace of god...If you ever think that because you know a little bit of computer security, you can save the world, then think again. You do NOT want to end up like Steve Gibson. This messages was brought to you by the letter Z. Thursday, March 31st, 2005, 1605Total Technology RentalAnyone who reads this blog knows how rarely I plug businesses. I find that most businesses...well, suck. But the guys down at Total Technology Rental are a notable exception. I just had occasion to rent 3 LCD projectors from them, and I am very, very impressed with their flexibility, pricing and customer service. Their phone number is 952-945-0900, and they're at http://www.ttrmn.com. They do pick up and drop off of projectors and other equipment, too. You know they're cool when Joe from TTRMN shows up to pick up the equipment wearing an Onion tee-shirt. My kind of people. Friday, March 25th, 2005, 1015Mediawiki/firefox problem fixed!For six months, I've noticed the occasional page-load problem in firefox with mediawiki over SSL. But I'm primarily the only user, so I've ignored it. Today, I got a burr under my saddle and did more research, and found a solution at wikipedia.org for my occasional wiki page load error on firefox. I mean, it is still a bug, but that page has a workaround at the bottom. It has to do with compression settings. Wish I'd looked this up 3 months ago! Friday, March 25th, 2005, 0739I guess I'm not doing so badFound a link to this site on Lynn's blog, and I have to say, I'm not doing bad. Basically, you pump in your age, and it'll tell you what massive accomplishments other people made at your age. Well, heck, I'm only 32, and I _did_ publish a book a few years ago. Granted, Bill Gates was a billionaire for 2 years by the time he reached my age, but...you know...I'm just as happy not to be Bill Gates. This page, by the way, is done entirely in vi, and I think that needs to change. I'd update more if I had some automated way of doing it. I'm considering looking at fromage, but it's only available through CVS, and I haven't checked it out yet. I also like building systems myself. I'm thinking of building my own MySQL-backed system, just to brush up my SQL skills, which are getting a workout at work. SQL is ugly, and kludgy, and really, really cool. In News Of Things That Don't Interest You, my hack summary is up to 700+ hits this month, putting it second only to my senior paper Genesis of a serial killer (which is sitting at 1700 hits for this month, and almost 5000 for the year). I've been restricting access to MSNBot for my picture galleries, because it fills up my logs :). Besides, I don't like MSN. Wednesday, March 23, 2005, 0724Looking for a good con?Some friends of mine are putting on a security convention in Cleveland, OH. If you're looking for an excuse to spend some of April on Ohio, check out notacon. Notable speakers include Dr. Jose Nazario, and Drew Curtis of fark.com fame. Both, mind you, friends of mine from college. Tuesday, March 22, 2005, 2150You know someone likes you when...They call you from their honeymoon! John & Jen called us from Hawaii last night. Apparently, Hawaii is a nice place. I think we'd like to go sometime. And J & J were kind enough to point out that their 5th anniversary will be our 15th, or close enough. So we may take a joint anniversary trip, which would be fun. If I can get the Interceptor fixed up, we may do the black hills together again, too. Okay, John wasn't with us the last time we went, but Jen was, and it was a blast. Monday, March 21, 2005, 0736A guild reborn?Looks like Cyberlodge.org is going through with something I've been wanting for some time--a genuine guild to represent skilled IT workers. I'm considering joining, but want to make sure that their health benefits will cover Thor first. I don't really need their benefits, since I'm employed full time right now, but it'd be nice to have an ace up my sleeve for the future. Sunday, March 20th, 2005, 2104Updated Hack AnalysisI've updated the analysis, since there were some things I left out of it before. I added the CVE number, and added a recommendation on firewalling. View it at computer/hacked-v2.html. I'm also looking through Jose Nazario's excellent book on OpenBSD, and am looking at making a wholesale move to Open. Frankly, it's more in line with many of my attitudes anyway. I like the fact that they've secured sendmail, BIND, and apache through code audits and careful default configuration. Jose has been haranguing me for years to switch to OpenBSD, and I've largely brushed him off because...well...I'm lazy. But I see now how spending the time to master OpenBSD will save me time in the long run. Friday, March 18th, 2005, 1003Slashdotted!I've been indirectly slashdotted, from This article. Apparently, the author liked my IRC chat with the evil cracker "darks". You'll be reading this, I'm sure, darks, so I will say this: Thank you for not mindlessly defacing that server, and thank you (in advance) for not hacking this box. Anyway, greetings to everyone! The article is primarily about linux kernel vulnerabilities, which can be nasty. Seems like a fair read. Tuesday, March 15th, 2005, 2055Hacked, Part ][Well, it looks like some script kiddies in brazil (210.192.122.16, and 201.14.136.122) had fun doing a minor defacing of my personal webserver. Back on March 10th, they wiped out DOCROOT/index.html with one that said "Siemens". The only reason I can guess for this is that they're using this to tag servers which may be exploitable later on. They never bothered with doing anything more invasive on my machine, though I was quite vulnerable. Now that I'm alerted, though, I've patched everything up. I'm a bit worried about awstats, actually. I may have to find another package entirely. I've blocked out external access to it via apache's controls (per-directory config), and rigged the awstats config file to only listen to requests from internal IPs. But I'm still not terribly comfortable with it. Paranoia, I guess. Oh, and I've been getting nice mail from people on the Incidents list. And about 300 "spam rejected" and "I'm out of the office" notices. Jeepers, people, I only ask two things of you: 1) learn to use .vacation properly. 2) whitelist your mailing lists in your spam filter. Tuesday, March 15th, 2005, 1258Analysis availableWell, I figured I'd do something more useful than eat today, so I finished up the report on Getting hacked via awstats. Jose, of monkey.org fame said it was a good read, so I've submitted it to incidents@securityfocus.com, as well. Tuesday, March 15th, 2005, 0655Ah, the joy of being hackedHad a machine broken into at work. I'll be submitting it to incidents.org shortly. But I wanted to post the crappy perl script I wrote for turning all the hex codes for text into human-readable text. If you're running awstats, you're in trouble. LOTS of vulnerabilities. Turn it off, rename it, do SOMETHING. More later. Here's the perl script, converter.pl Monday, March 7th, 2005, 0650Finally, proof that he's making a livingI always worried that Chaka from Land of the Lost wouldn't find work as a model again. Thankfully, ad in the startribune showcases his work beautifully. In case you can't tell, he's the one without the hat. Friday, March 4th, 2005, 0715Woo Woo!Happy 3-4-5 day! It's 03/04/05! This bit of silliness was brought to you by the letter 'R' |
