Older blog entries for carl (starting at number 3)

WOOHOO. My mom bought me a new laptop a couple days ago. It's great. It's an HP Pavilion n5440...has a 850MHz P3, 128MB RAM (soon to be 256), 20GB hard drive, dvd-rom, builtin 10/100 card (3com mini-pci -- device dc), s3 savage/ix graphics chip w/ 8mb sgram (max 1024x768 on the lcd but 1280x1024 on a standard vga monitor and also has a s-video output for tvs :)), a modem (winmodem i think), an incompatible-with-freebsd sound card (ESS something...I'm working on this), touchpad, comes with WinME, etc.

Much as I cannot stand WinME I actually installed it over FreeBSD today. I cannot get X working and I can't get the sound to work. That just about renders it useless for my needs but I'd like to some day work on a driver for it. Some day :). Right now it has WinME and I just got Cunning Stunts on DVD to watch. So far the dvd is okay but it could be better I suppose (I'd really like to try it with the TV output but I need a TV that doesn't suck and an S-video cable).

Aside from all that I'll probably only use WinME for about a week to get some usage out of it. Then I think I'll put FreeBSD-CURRENT back on it and perhaps start trying to help out the xMach team a little bit (some code review and whatnot). I'd really love to learn how to get a sound card driver running on this but that'll be a while.

My mom is really pissed off because I bought the Cunning Stunts dvd. I told her what was on it and she was mad. I was laughing so hard at Lars picking his nose and eating it and I was like saying what he did. She didn't think it was so funny. Oh well. =(

I really think she's upset that she can't watch what I'm doing anymore. She has such a huge lack of trust in me. She thinks I'm an evil hacker (I'm being serious) and I'm out to do harm and watch porn all the time. I really haven't been watching too much porn lately but I have plenty to watch if need be. Life sucks when you're fat and ugly and are good at not much else but typing. Oh well. There she goes, off to work...one of these days I'll have a job that isn't trying to rip me off for minimum wage even though I'm doing $20/hour work. I know $20/hour isn't a whole lot but it'd be great for me. I need a job. Time to go job hunting...again. My resume is here.

Later folks. I'm tired. =/

11 Aug 2001 (updated 11 Aug 2001 at 10:29 UTC) »

Wheee. This is fun. I started working on a secure logging machine paper. It's probably way overkill considering my lack of experience in the area but I am going to try some of the ideas when I get another machine (which could be quite a while from now). My naivity would be readily apparent to any experienced systems administrator if he/she were to read my beginning of the paper but it's fun because I'm getting down a few ideas. They're my ideas that are largely unaffected by the outside world. We shall see how much work I have to do yet.

I'm really starting to gain an interest in security. I am trying so hard to learn C past printf(). ;) It's not easy for me because I have a hard time remembering what I read. I used to be so good at reading/comprehension...something went wrong a long time ago and it just isn't so anymore. =(

But anyway, I just want to audit code for a while and see what I can pick up on just by reading full (not just partial clippings) code examples of bad and good code side by side. I am finally beginning my security approaches on my server because I think it's time I start using some of the things I keep talking about to other people or I just think about.

Oh and since it's pretty much a dead issue now I figure I'll go ahead and paste my codered scan count. =)

[carl@carbon]$ grep default.ida access_log.* | wc -l

[carl@carbon]$ grep default.ida access_log.* | awk '{print $1}' | sort -u | wc -l

They're both from the same IP.

Har har. It's been a while since I've done anything here.

So what's new?

Let's see....I'm writing a preliminary paper on system administration security. It'll be my first ever paper related to administration. I don't expect it to be perfect and I certainly don't expect it all to be right. However I do expect it'll be a nice place to start from.

This isn't going to be anything really serious or high-tech or anything of that sort. It's just my first try at writing a somewhat technical paper. There's a reason for writing it and that is to get my ideas down somewhere so I don't forget them. The information is almost pure because I've only had a minimal amount of outside impact on my administration habits. I've been mostly a loner for a while now but recently I'm starting to read more papers so I want to get down the unadulterated ideas before I become biased from any one paper.

An example of what I'm writing about is useless binaries being installed on the system. Checking what all system binaries do and what they depend on. Figure out why they're dependent/depended on and if their security does not meet your standards (coding security) figure out if they're really necessary. If not then see if it's possible to hack the programs that depend on them. Stuff like that and perhaps a little bit about network security. Mostly it'll just be local security though because networking isn't my strong point just yet. Hopefully I'll have some tangible (sp?) work done soon and I'll put it on my website and update this to point to it.

Bah. After watching CSPAN coinciding with a irc channel chat I must say I am thoroughly embarassed with myself and the way I handled myself. I spent about five minutes trying to get through to CSPAN so I could comment on the proposed amendment to the constitution of the U.S.A. I got through and completely lost any amount of control I might have had intially. I was so scared I was shaking. I got on the air (live, no less) and mentioned that I could not believe I had to pay taxes for these people to argue such a dead topic. I also (seemingly as an afterthought) dropped in the part about freedom of expression/speech I believe we are supposed to have in this country as well as the ability to address the government with grievances (which the first amendment does not prescribe any particular method which has to be performed to do such things). I made such an ass out of myself because of the way I spoke and the lack of thought before speaking. It would have helped to write it down but I just wasn't thinking. And so I repeat that it is almost always best to think before you speak and I must try harder to say before I go ahead and make an ass out of myself on national television. (This was seriously one of my most embarassing moments in life to date.)

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!