Wednesday, September 25, 2002
Hidden Risks in Linux Worm
Last Sunday I found that my DSL connection at home was running at nearly 100% utilization, and that it had been doing that since 5:00 AM. Although I run a web server on that link, I don't usually see that kind of traffic, so I decided that I needed to do some investigation.
I found that there was a huge amount of traffic coming in to my site on UDP port 4156, and that my machine was also sending out an even larger amount of traffic to sites all over the web. The first thing I did was reboot the machine. That actually fixed some of the problem, but it took many days to fix the rest.
It turned out that I had become a victim of the slapper.A and slapper.B Open-SSL/Apache worm that has been invading linux machines all over the world. This worm infects your machine, registers your machine with a large Peer to Peer network and then starts participating in DDOS attacks on other sites. You can find out more about the worm in this article from PCWorld.com, also you can see the original CERT advisory.
When I started trying to diagnose this problem, however, I didn't even consider the worm. This is because my machine runs Redhat Linux, and I use Redhat's up2date service religiously. This service will identify out of date software on your linux machine then download and install the updates. It works much the same way as Microsoft's Windows Update service.
I knew that I had already loaded the patches to protect my server against the slapper worm and it's variants. In fact I had installed the patches back in July. So how could my machine have been infected again?
Well, the answer was that the up2date service never restarted the ssl and https processes on my server. So, I had the patched files on disk, and the unpatched files running in memory. This was bad in two ways. First, it left me vulnerable to security holes that I thought were fixed. Second, when I checked the revision levels of code on my machine it reported everything as being at the fixed level. This is also why the reboot fixed most of my problem, because the new patched code was loaded when the machine came up again.
So, be aware that sometimes the up2date service may not restart your processes, and that could cause you problems later on. I've instituted a new policy of rebooting my machines on a schedule so that there is less of a chance of this happening in the future.
CNN.com - Motorola unveils tiny GPS chip - Sep. 24, 2002
CNN.com has a story about a new chip Motorola has released. This tiny chip can do all of the functions of a GPS and is small enough to include in digital cameras and PDAs.
Tuesday, September 24, 2002
Yahoo! News - Shoes Spare Gays from Nudity Charges
Yahoo! News - Shoes Spare Gays from Nudity Charges. I think this story speaks for itself.
Saturday, September 21, 2002
Score Brownie Points :: The Girly Stuff Gift Service
Score Brownie Points is an interesting new service I just heard about. Basically, you sign up for the service and every other month this woman will send you a gift, a way to wrap it, and a note card. You then wrap the gift and give it to the woman in your life. The service costs $47.00 every other month.
Friday, September 20, 2002
Cheap trick secures secrets
Nature has a story about a technology developed at MIT to use epoxy tokens, glass spheres and lasers to create a physical one way code. This code could be used for a more secure version of a credit card, because the medium used to produce the code is very hard to forge.
Johnson Controls Poll Shows Travelers Open to New Personal Identification Technology
Johnson Controls Poll Shows Travelers Open to New Personal Identification Technology, as shown in a recent poll the company performed. See the quote below about giving up person freedoms.
Thursday, September 19, 2002
Ashes to Ashes, Dust to Diamonds
Wired.com has a story about what to do with those pesky ashes you relatives leave behind after they are cremated.
I've actually had many conversations about this topic. Some of my friends have said that they want their remains packed into explosives, and then used to blow something up. Others have said that they would like their remains packed into fireworks, which has been my favorite idea to date.
However, now that I know that the carbon in my body could be used to make 100 diamonds, I think that might be my new favorite idea. Yes, Life Gem can turn your dead relatives into diamonds. Wait, they also do pets. Jenna, get me a large envelope, one that the cat can fit in, I knew I'd find a way to get you that tennis bracelet for your birthday ;-)
An interesting quote for the times
Beware the leader who bangs the drums of war in order to whip the citizenry into a patriotic fervor, for patriotism is indeed a double-edged sword. It both emboldens the blood, just as it narrows the mind. And when the drums of war have reached a fevered pitch and the blood boils with hate and the mind has closed, the leader will have no need in seizing the rights of the citizenry. Rather, the citizenry, infused with fear and blinded by patriotism, will offer up all of their rights unto the leader and gladly so. How do I know? For this is what I have done. And I am Caesar.
Julius Caesar Well, this quote turned out to be false. So, I'm setting the record straight. See Snopes.com for more information. This was pointed out to me by Jeffree Lasitter (catcher1002@yahoo.com) who sent me this wonderful email on the subject. One of the great things about the Internet is that a total stranger will take the time to point out your faults. Absolutely amazing. From: "Jeffree Lasitter" catcher1002@yahoo.com To: catcher1002@yahoo.com Sent: Tuesday, October 15, 2002 9:24 PM Subject: CEASAR QUOTE HOAX ON THE INTERNET > FYI... > There is a marvelous quote floating about the Internet > these days that purportedly is something that Julias > Caesar said. Some web sites even claim that it's a > Caesar quote from a Shakespearean play. The fact is, > it's a pathetic hoax. Julias Caesar never said it. > Shakespeare never put those words into Caesar's mouth. > History has no record of it. Websites that tracks > these kinds of hoaxes have confirmed this. > > Here's the infamous quote: > "Beware the leader who bangs the drums of war in order > to whip the citizenry into a patriotic fervor, for > patriotism is indeed a double-edged sword. It both > emboldens the blood, just as it narrows the mind... > > And when the drums of war have reached a fever pitch > and the blood boils with hate and the mind has closed, > the leader will have no need in seizing the rights of > the citizenry. Rather, the citizenry, infused with > fear and blinded with patriotism, will offer up all of > their rights unto the leader, and gladly so. > > How do I know? For this is what I have done. And I > am Caesar." > > This false quote is one of those items that are > surprisingly all too common on the Internet these > days: someone dreams up a wonderful quote that they > fervently wish a historical figure had said because it > would perfectly underscore their own views about a > current geo-political situation...and reinforce the > "nothing new under the sun" idea through the mouth of > a famous historical individual. > > Then they slip the false quote anonymously onto the > Internet and it is copied and spread around by > well-meaning individuals who are taken by the 'awesome > coincidental beauty' of the parallel concepts, but too > trusting [or perhaps too lazy] to research the > historical sources for themselves. This is surprising > since ALL of Shakespeare's works and ALL of Caesar's > writings can be easily scanned on the Internet for > text strings. > > It was hoped that the faux-Caesar quote was real > because it is so darn cool, in spite of the awkward > grammar. The authenticity problems started when > searching for the section of the Shakespearean play > that contained it in order to view its context...but > none existed. That led to further digging through > Caesar's writings.no such quote. Then, through the > works of Roman historians on-line.again, no such > quote. > > Unfortunately, this quote is currently displayed as > fact on hundreds of web pages, which loose credibility > as victims of what must surely be a college freshman > prank. > > Perhaps the famous authoress Colleen McCullough [The > First Man of Rome series] has run across this strange > quote, since her team has done so much thorough > research on the Roman Empire. It will be useful to try > and track her down to find out.
Julius Caesar Well, this quote turned out to be false. So, I'm setting the record straight. See Snopes.com for more information. This was pointed out to me by Jeffree Lasitter (catcher1002@yahoo.com) who sent me this wonderful email on the subject. One of the great things about the Internet is that a total stranger will take the time to point out your faults. Absolutely amazing. From: "Jeffree Lasitter" catcher1002@yahoo.com To: catcher1002@yahoo.com Sent: Tuesday, October 15, 2002 9:24 PM Subject: CEASAR QUOTE HOAX ON THE INTERNET > FYI... > There is a marvelous quote floating about the Internet > these days that purportedly is something that Julias > Caesar said. Some web sites even claim that it's a > Caesar quote from a Shakespearean play. The fact is, > it's a pathetic hoax. Julias Caesar never said it. > Shakespeare never put those words into Caesar's mouth. > History has no record of it. Websites that tracks > these kinds of hoaxes have confirmed this. > > Here's the infamous quote: > "Beware the leader who bangs the drums of war in order > to whip the citizenry into a patriotic fervor, for > patriotism is indeed a double-edged sword. It both > emboldens the blood, just as it narrows the mind... > > And when the drums of war have reached a fever pitch > and the blood boils with hate and the mind has closed, > the leader will have no need in seizing the rights of > the citizenry. Rather, the citizenry, infused with > fear and blinded with patriotism, will offer up all of > their rights unto the leader, and gladly so. > > How do I know? For this is what I have done. And I > am Caesar." > > This false quote is one of those items that are > surprisingly all too common on the Internet these > days: someone dreams up a wonderful quote that they > fervently wish a historical figure had said because it > would perfectly underscore their own views about a > current geo-political situation...and reinforce the > "nothing new under the sun" idea through the mouth of > a famous historical individual. > > Then they slip the false quote anonymously onto the > Internet and it is copied and spread around by > well-meaning individuals who are taken by the 'awesome > coincidental beauty' of the parallel concepts, but too > trusting [or perhaps too lazy] to research the > historical sources for themselves. This is surprising > since ALL of Shakespeare's works and ALL of Caesar's > writings can be easily scanned on the Internet for > text strings. > > It was hoped that the faux-Caesar quote was real > because it is so darn cool, in spite of the awkward > grammar. The authenticity problems started when > searching for the section of the Shakespearean play > that contained it in order to view its context...but > none existed. That led to further digging through > Caesar's writings.no such quote. Then, through the > works of Roman historians on-line.again, no such > quote. > > Unfortunately, this quote is currently displayed as > fact on hundreds of web pages, which loose credibility > as victims of what must surely be a college freshman > prank. > > Perhaps the famous authoress Colleen McCullough [The > First Man of Rome series] has run across this strange > quote, since her team has done so much thorough > research on the Roman Empire. It will be useful to try > and track her down to find out.
IFPI announces new optional copy control symbol for CDs
IFPI announces new optional copy control symbol for CDs in this press release. Take a moment to look at the logos, and then be sure not to buy CDs that contain this logo.
Looking for the logo by itself won't be enough, however, because the logo is optional. You can also look for the Phillips/Sony CD logo, a copy protected CD violates the CD spec, and therefore can not carry the Phillips/Sony CD logo.
Looking for the logo by itself won't be enough, however, because the logo is optional. You can also look for the Phillips/Sony CD logo, a copy protected CD violates the CD spec, and therefore can not carry the Phillips/Sony CD logo.
Mayan texts reveal superpower wars
New Scientist has a story about a recently translated Mayan text which describes a war between two Mayan superpowers.
The more things change, the more they stay the same.
The more things change, the more they stay the same.
PCWorld.com - IBM's Translation Tools Go Mobile
PCWorld.com is running an article about a new product from IBM which will allow you to do spoken translations on a PocketPC from English to Spanish, French, or German.
Wednesday, September 18, 2002
Aliens are among us...
The Black Vault and Cryptome are two great sites for conspiracy theorists. So, if you are ever wondering how people find out about the aliens who live in Saddam Hussein's guest house, now you know where to look. Make sure to wear your aluminum foil hat though, you don't want the Government mind control satellites to know what you're looking at. Otherwise they may come after you.
FAST, CHEAP RANDOM NUMBERS
PHYSICS NEWS UPDATE
The American Institute of Physics Bulletin of Physics News
Number 605 September 18, 2002 by Phillip F. Schewe, Ben Stein, and James Riordon
The keys needed to encrypt credit card transactions and other crucial information floating in cyberspace often rely on an infusion of random numbers. Generating true random numbers is actually harder than it seems since the generation process generally follows some deterministic algorithm, permitting the possible reappearance of unwanted predictability. James Gleeson, a physicist at Kent State University (330-672-9592, gleeson@physics.kent.edu) has come up with a cheap, fast solution. He shoots laser light into a sample of liquid crystals. But because the sample is subject to a turbulent flow, causing haphazard fluctuations in the orientation of the liquid crystals, the digitized transmitted light coming from the sample represents a stream of random numbers. Gleeson believes that because his device depends on standard liquid-crystal-display technology, his compact device can be used for many processes requiring random-number generation. (Applied Physics Letters, 9 September 2002.)
infoSync : Age of Empires for the Pocket PC
infoSync has a story and pictures from the upcoming release of Age of Empires for the PocketPC. It looks like a great game.
I'm Back
I didn't announce it on this site beforehand, but I got married on September 1. After the wedding, Jenna and I went to DisneyWorld for our Honeymoon. We got back last Sunday, and are recovering from the shock of going back to work. Here are the pictures from our trip. The actual wedding pictures are coming, but we don't get the negatives back for another week. After that we will begin scanning them in.
Subscribe to:
Posts (Atom)