Tuesday, September 22

There IS good left in the world!

Yesterday I was in Washington DC walking from Union Station over near the Smithsonian. Apparently along the way I dropped my "return home" train ticket. A kind gentleman from the Washington Times found it, Googled my name, found my blog, and emailed me to return it.

Thanks Steven. It's people like you in the world that still give me hope in humanity as a whole. How do you work on Capitol Hill? :)

Just kidding, in any case. Thank you.

There IS good left in the world!

Yesterday I was in Washington DC walking from Union Station over near the Smithsonian. Apparently along the way I dropped my "return home" train ticket. A kind gentleman from the Washington Times found it, Googled my name, found my blog, and emailed me to return it.

Thanks Steven. It's people like you in the world that still give me hope in humanity as a whole. How do you work on Capitol Hill? :)

Just kidding, in any case. Thank you.

Wednesday, September 9

I bought something new...

Usually you read my blog for my long diatribes on Microsoft or something else that annoys me. OR Email, OR Apple, OR security

Today, bit different. This past weekend, I was driving down the street and I passed this guys house, now, this guy is one of those people that buys a car, fixes it up, and resells it for a modest profit, he does it mostly for fun, and really, not that INTENSE fixing car up kinda stuff, just get it running, or maybe just to sell it, as is, for a meager profit. So this guy always has some kind of car sitting out front.

The other day I drove past, he had a 66 Mustang, a Galaxie 500, another green mustang (67 I think), and this beauty.


I convinced my wife to stop and look at it, and after we saw it, saw the condition, we bought it. Not the original color, but it's a nice one. I am going to go pick it up tonight.


I bought something new...

Usually you read my blog for my long diatribes on Microsoft or something else that annoys me. OR Email, OR Apple, OR security

Today, bit different. This past weekend, I was driving down the street and I passed this guys house, now, this guy is one of those people that buys a car, fixes it up, and resells it for a modest profit, he does it mostly for fun, and really, not that INTENSE fixing car up kinda stuff, just get it running, or maybe just to sell it, as is, for a meager profit. So this guy always has some kind of car sitting out front.

The other day I drove past, he had a 66 Mustang, a Galaxie 500, another green mustang (67 I think), and this beauty.


I convinced my wife to stop and look at it, and after we saw it, saw the condition, we bought it. Not the original color, but it's a nice one. I am going to go pick it up tonight.


Tuesday, September 1

New Minimization technique in Snow Leopard

Something I didn't know was there, but again, it's one of those hidden new gems buried inside of Snow Leopard.

(This post is for my OS X users out there. Obviously.)

You know when you minimize an application to the Dock, the Dock places the minimized application over on the right hand side of the dock, next to your stacks and the trash?

Well, you don't have to do that anymore. This button:
"Minimize windows into application icon" is found in the System Preferences under "Dock". After you click this, the next time you minimize a window, it will go into the dock icon, instead of making your Dock longer.

Plus this also fixes the annoying task of, after you minimized something the old way, you click on the Application icon expecting the minimized application on the right hand side of the Dock to maximize into the screen. Well, the system doesn't do that. Unless you have this button checked.

Check it out.

New Minimization technique in Snow Leopard

Something I didn't know was there, but again, it's one of those hidden new gems buried inside of Snow Leopard.

(This post is for my OS X users out there. Obviously.)

You know when you minimize an application to the Dock, the Dock places the minimized application over on the right hand side of the dock, next to your stacks and the trash?

Well, you don't have to do that anymore. This button:
"Minimize windows into application icon" is found in the System Preferences under "Dock". After you click this, the next time you minimize a window, it will go into the dock icon, instead of making your Dock longer.

Plus this also fixes the annoying task of, after you minimized something the old way, you click on the Application icon expecting the minimized application on the right hand side of the Dock to maximize into the screen. Well, the system doesn't do that. Unless you have this button checked.

Check it out.

Microsoft IIS 5/6 FTP 0Day

In my job, I see a lot of Snort rules being thrown around for this that, and the other thing. The thing I try to emphasize is not to make rules for rules sake. Don't write rules just because you can. Write rules because you have to.

So recently an exploit for Microsoft IIS's FTP daemon was released on Milw0rm. (Go find it yourself if you must.) Almost immediately I saw a ton of people trying to make rules for it. Turns out, rules didn't need to be made.

The Ftp_telnet preprocessor was written a long time ago to deal with these "buffer overflow" type of exploits. Plus, a lot of old rules were already in place to catch it.

Check out the VRT's blog post about it here. Use the rules and preprocessor alerts that they suggest.

So, lesson learned here? Before you try and write rules, get a pcap and run it through Snort with all the rules on already. You should have a separate instance of Snort that you use for running pcaps through that mimics your actual live set up. This instance of Snort should have every rule turned on and every preprocessor alert on. That way you can see, if you run a pcap through Snort, what alerts, and if you need to write a rule in the first place.