Skip to main content

Posts

Showing posts from November, 2009

Readability

I don't remember exactly where I got this from, but I've been using it a lot lately to look at websites.  Since apparently, ad space and other random flash or movement based ads on webpages is now the norm -- making the content on a webpage impossible to read without distraction, someone made this.  It's called the Readability Experiment.  You go to this website, you configure the setup how you want, and then you drag the bookmarklet to your bookmark bar.

Next time you are on a webpage that looks something like this:



Let's see, we have a header (with an ad in it!)  Two ads below the header, and ad on the right, and a footer bar.  (I just randomly picked Cnet, because I know their stuff is laced with ads).  I mash my set-up bookmarklet.. and viola, I get this:




The actual content.



Please leave comments below.



Great Desktop Wallpaper for those of you that hate clutter.

This is an absolutely phenomenal desktop wallpaper for those of you that hate clutter.  So, if you are one of those kinds of people (re: me) that can't stand icons on your desktop and the like..  this one is for you.  Posting the link over to Merlin Mann's blog, where the awesomeness takes place.

http://www.kungfugrippe.com/post/229188592/simple-desktop-download

It simply states "Quit fiddling with your desktop, Nerd" on a black background.  Reminding you to get back to work.


Please leave comments below.

Readability

I don't remember exactly where I got this from, but I've been using it a lot lately to look at websites.  Since apparently, ad space and other random flash or movement based ads on webpages is now the norm -- making the content on a webpage impossible to read without distraction, someone made this.  It's called the Readability Experiment.  You go to this website, you configure the setup how you want, and then you drag the bookmarklet to your bookmark bar.

Next time you are on a webpage that looks something like this:



Let's see, we have a header (with an ad in it!)  Two ads below the header, and ad on the right, and a footer bar.  (I just randomly picked Cnet, because I know their stuff is laced with ads).  I mash my set-up bookmarklet.. and viola, I get this:




The actual content.



Please leave comments below.



Great Desktop Wallpaper for those of you that hate clutter.

This is an absolutely phenomenal desktop wallpaper for those of you that hate clutter.  So, if you are one of those kinds of people (re: me) that can't stand icons on your desktop and the like..  this one is for you.  Posting the link over to Merlin Mann's blog, where the awesomeness takes place.

http://www.kungfugrippe.com/post/229188592/simple-desktop-download

It simply states "Quit fiddling with your desktop, Nerd" on a black background.  Reminding you to get back to work.


Please leave comments below.

Applying "Getting Things Done" to IPSs

Getting Things Done, or "GTD" for short, as I've blogged about before, several times, is a method of personal organization with a focus on accomplishing tasks.  It's great for applying to email (Inbox Zero) and it's great for organization of your personal life (read some of the articles I've written before, particularly this one).

Some IDS and IPS courses and teachers will tell you to turn on everything, and log everything because that's the only way you'll find anything.  I don't disagree with that, but there are several problems with this philosophy, design, bandwidth, dropping packets, time, money, and performance.  Just to name a few.  Plus, who wants to sit there and look for everything.  Most IDS analysts I know are just trying to keep their head above water.  They want to just figure out a better way to deal with the information that is coming in, not increase the amount of information coming in.  Some people have this same problem with ema…

Fedora 12 allows installation of software without root privs

I posted this on the ISC this morning as well, but I just wanted to post it here as well.

A "bug" created back in November against the latest Fedora release (12) indicates that, through the GUI, desktop users of the Fedora system are able to install signed packages without root privileges or root authentication.  Yes, you just read that correctly.  (I'll give you a second re-read that sentence so I don't have to retype it.)  Yes, "it's a feature, not a bug".
In all my travels I've only ran across one company, ever, that has Fedora rolled out as an enterprise operating system on every desktop.  But what kind of security implications does this have?  I obviously don't have to explain why this is (may be) a bad idea to the readers of the ISC, as we are all security minded people.
Now, the restrictions.  This change does not affect yum on the command line.  This only affects installing things through the GUI.  (Not that helps any, as most users will b…

Fedora 12 allows installation of software without root privs

I posted this on the ISC this morning as well, but I just wanted to post it here as well.

A "bug" created back in November against the latest Fedora release (12) indicates that, through the GUI, desktop users of the Fedora system are able to install signed packages without root privileges or root authentication.  Yes, you just read that correctly.  (I'll give you a second re-read that sentence so I don't have to retype it.)  Yes, "it's a feature, not a bug".
In all my travels I've only ran across one company, ever, that has Fedora rolled out as an enterprise operating system on every desktop.  But what kind of security implications does this have?  I obviously don't have to explain why this is (may be) a bad idea to the readers of the ISC, as we are all security minded people.
Now, the restrictions.  This change does not affect yum on the command line.  This only affects installing things through the GUI.  (Not that helps any, as most users will b…

IPS's don't just send RST packets.

Commenting on an email I read earlier today, some people apparently still have the misconception that an IPS simply sends an RST packet, and therefore, shortly after a session that is taking place between two parties should die.

Nope.

A real IPS, in my opinion, has full control of the traffic.  Cable one, exits firewall, enters port 1 on IPS, cable 2, exits port 2 on IPS and goes to switch.

While the traffic is passing through the IPS, the engine (in Sourcefire's case -- Snort) makes the decision if the traffic that entered port 1 should be allowed to go out port 2 and vice versa.

Can Sourcefire's devices send RST packets?  Sure!  But why would you want to give away where your IPS was on the network?  Why not just silently drop the connection into the big bit bucket in the sky and go on about your day?

Oh.  And do this at >10 Gig a second?  Yeah it's awesome.


Please leave comments below.

Looking for a Label Printer?

Recently I needed a label printer for a project I was involved with, and after looking around a bit decided on buying the Brother QL-570 Label Printer.  Having not used it before, but having used successful Brother products in the past, I decided that this one was it.

This is a great printer.  It prints fast, it cuts automatically at the end of the print.  The label paper is readily available at any office supply store, and the software is dead easy to use.

I plugged it into my Mac, (running Snow Leopard) and it was immediately recognized, and the drivers were automatically updated and installed.  However, I had no software to design the labels with.  The printer comes with the software on a CD, but I usually just go to the manufacturer's website and download the software from there, because, well, often times, the software on the CD is old.

The computer installed the software (I think it had to reboot), and I was designing labels and printing in no time.  The only "tricky&q…

Looking for a Label Printer?

Recently I needed a label printer for a project I was involved with, and after looking around a bit decided on buying the Brother QL-570 Label Printer.  Having not used it before, but having used successful Brother products in the past, I decided that this one was it.

This is a great printer.  It prints fast, it cuts automatically at the end of the print.  The label paper is readily available at any office supply store, and the software is dead easy to use.

I plugged it into my Mac, (running Snow Leopard) and it was immediately recognized, and the drivers were automatically updated and installed.  However, I had no software to design the labels with.  The printer comes with the software on a CD, but I usually just go to the manufacturer's website and download the software from there, because, well, often times, the software on the CD is old.

The computer installed the software (I think it had to reboot), and I was designing labels and printing in no time.  The only "tricky"…

Shootings at Fort Hood

For those of you that have not heard, yesterday, apparently, a psychiatrist decided to take it upon himself to start offing soldiers, and wound up with 12 dead.

I would like to send my condolences out to the families of the victims of this senselessness.  We have enough people trying to kill our soldiers abroad, why must we have our own do the same here at home?

I don't know how the guy managed to get 12 people, of course, I wasn't there, and I am just armchair quarterbacking, but 12?  I mean, after the first one or two, that guy should have been tackled to the ground and caught a beat down from some fellow soldiers.

I don't know the situation, or how it took place, if that was even possible, but I also give kudos to the officer that ended the madman's spree by not only taking a bullet herself, but putting four bullets in the shooter.  Good job.


Please leave comments below.

Shootings at Fort Hood

For those of you that have not heard, yesterday, apparently, a psychiatrist decided to take it upon himself to start offing soldiers, and wound up with 12 dead.

I would like to send my condolences out to the families of the victims of this senselessness.  We have enough people trying to kill our soldiers abroad, why must we have our own do the same here at home?

I don't know how the guy managed to get 12 people, of course, I wasn't there, and I am just armchair quarterbacking, but 12?  I mean, after the first one or two, that guy should have been tackled to the ground and caught a beat down from some fellow soldiers.

I don't know the situation, or how it took place, if that was even possible, but I also give kudos to the officer that ended the madman's spree by not only taking a bullet herself, but putting four bullets in the shooter.  Good job.


Please leave comments below.

Dojocon

Drove down to Dojocon at Capitol College in Maryland today.  Did the old, "Man the Sourcefire Booth" bit.  Except this time, it was for VRT, instead of at a big Orange Sourcefire booth full of literature about product, the questions this time were about Snort and VRT rules.  Quite a bit different from normal, great though.

Dojocon did quite well (It's still going on), 150-200 people there, I would guess, (I'm not good at people estimation), lots of good presentations and lots of good questions at the end of the talks. Food and drinks and snacks were provided (which is a nice change from other conferences I've been to).

I recommend going if you can next time they have it, great resources of information there, Marcus does a great job.


Please leave comments below.

Hey Jude

Don't know where this originally came from, I saw it on KungFu Grippe.





Please leave comments below.

Hey Jude

Don't know where this originally came from, I saw it on KungFu Grippe.





Please leave comments below.

Lots going on, thus lack of posts

So...  lately I haven't been posting a lot, been doing a lot of things for work, plus I just got back from a vacation to Disney World, I got my Mustang back, and am traveling for work.

Just for those of you that read the blog and will be there, I'll be at DojoCon on Friday, November 6th with the VRT.  Stop by and say hello if you'll be there.


Please leave comments below.

Lots going on, thus lack of posts

So...  lately I haven't been posting a lot, been doing a lot of things for work, plus I just got back from a vacation to Disney World, I got my Mustang back, and am traveling for work.

Just for those of you that read the blog and will be there, I'll be at DojoCon on Friday, November 6th with the VRT.  Stop by and say hello if you'll be there.


Please leave comments below.