Author's posts
Dec 24 2008
more DNS silliness
I came across an interesting post on Avert labs site recently. That post pointed to an earlier SANS posting, which in turn, referenced a Symantec discussion of a new Trojan called Trojan.Flush.M. This trojan is an interesting variant of a class of trojans which hijack local DNS settings to force the compromised machine to use …
Permanent link to this article: https://baldric.net/2008/12/24/more-dns-silliness/
Sep 25 2008
gun, foot, shoot
As a chartered member of the British Computer Society (BCS) I recently received through the post my voting forms for the 2008 AGM. The process gives me the option of voting electronically using a website run by Electoral Reform Services. My security codes (two separate numeric IDs, one of six characters, the other of four) …
Permanent link to this article: https://baldric.net/2008/09/25/gun-foot-shoot/
Sep 12 2008
webanalytics – just say no
I have just built myself a new intel core 2 duo based machine to replace one of my older machines which was beginning to struggle under the load of video transcoding I was placing upon it. The new machine is based on an E8400 and is nice and shiny and fast. Because it is a …
Permanent link to this article: https://baldric.net/2008/09/12/webanalytics-just-say-no/
Sep 12 2008
french slugs?
In an earlier post I speculated that the CherryPal PC might be a possible option for users considering replacements for the slug. But that device has still yet to hit the streets and is beginning to look suspiciously like vapourware. However, linuxdevices, the site devoted to linux on embedded devices, wrote about the interesting looking …
Permanent link to this article: https://baldric.net/2008/09/12/french-slugs/
Sep 08 2008
chrome *can* get rusty
Amidst all the hype and hullabaloo about Google’s chrome, el reg tells it like it is. Yes, “it’s a f***ing web browser”. You just have to love the reg.
Permanent link to this article: https://baldric.net/2008/09/08/chrome-can-get-rusty/
Aug 20 2008
where did my bandwidth go
Have you ever wondered what was eating your network? Would you like to be able to check exactly which application was responsible for that sudden spike in outbound traffic? NetHogs might help. This neat little utility calls itself a “small ‘net top’ tool”, and that is exactly what it is. NetHogs groups bandwidth usage by …
Permanent link to this article: https://baldric.net/2008/08/20/where-did-my-bandwidth-go/
Aug 10 2008
trusting DNS
Dan Kaminsky has (quite rightly) been hitting the press a lot in the weeks since 8 July when he announced the work done to fix a flaw he had discovered in DNS. The vulnerability itself was new, but its impact (cache poisoning) was not. Indeed, we’ve known about the dangers of poisoned DNS caches for …
Permanent link to this article: https://baldric.net/2008/08/10/trusting-dns/
Jul 26 2008
replacement for the slug
I noted in an earlier post that Linksys were ceasing production of the NSLU2. There are now a variety of NAS systems coming onto the market which might make good replacements – but most of them look expensive when compared to the slug. However I’ve just seen a review of a box which looks as …
Permanent link to this article: https://baldric.net/2008/07/26/replacement-for-the-slug/
Jul 22 2008
implementing mailman and postfix with lighttpd on debian
I recently needed to set up a mailing list for a group of friends (my bike club). I had become tired of mail bounces and failures because we were all relying on an out of date list of addresses originally cobbled together by one member. That list of addresses was routinely used in “reply all” …
Permanent link to this article: https://baldric.net/2008/07/22/implementing-mailman-and-postfix-with-lighttpd-on-debian/
Jul 16 2008
ooops
An apt-get dist-upgrade (to bring the kernel up to date and install some new patches) on the slugs killed the webcam. Of course I should have remembered that the gspca module was built against the old kernel and might fail. One quick “m-a auto-install gspca” later and all is working again. Of course the kernel …
Permanent link to this article: https://baldric.net/2008/07/16/ooops/
Jul 09 2008
slugs are history
Jim Buzbee, of batbox fame and one of the original NSLU2 hackers, apparently gave a presentation about the history of slug hacking at the Boulder Linux Users Group. A PDF copy of his presentation can be found on his batbox.org site. Jim also notes that Linkys are ending production of the NSLU2 after four years …
Permanent link to this article: https://baldric.net/2008/07/09/slugs-are-history/
Jul 02 2008
mine’s longer than yours
You could regard this as another pointless entry to go alongside the webcam. But hey – so what. I had cause to check the uptime on my slugs a little while ago now that they are largely stable and providing the services I want. After doing so I thought it would be good to be …
Permanent link to this article: https://baldric.net/2008/07/02/mines-longer-than-yours/
Jun 20 2008
backtrack 3 released
Any half decent sysadmin will routinely test the security of his or her own systems. A good, and sensible, sysadmin will follow up those tests with an independent security audit by a professional company – preferably one which is a member of a recognised industry body (such as CREST). Finding the holes in your security …
Permanent link to this article: https://baldric.net/2008/06/20/backtrack-3-released/
Jun 19 2008
dental dos
On Tuesday 17 June, Craig Wright, supposedly “Manager of Risk Advisory Services” in an Australian Company called “BDO Kendalls”, posted a rather odd note to Bugtraq and a few other security related lists titled “Hacking Coffee Makers”. In that posting he said that the Jura F90 Coffee maker (which can apparently be networked) was vulnerable …
Permanent link to this article: https://baldric.net/2008/06/19/dental-dos/
Jun 05 2008
xkcd on the openssl fiasco
I’ve had my attention drawn to Randall Munroe’s take on the openssl coding change problem. Beautiful.
Permanent link to this article: https://baldric.net/2008/06/05/xkcd-on-the-openssl-fiasco/
Jun 02 2008
debian and the openssl flaw
Ben Laurie wrote about the Debian SSL problem a couple of weeks ago. That particular post has attracted a huge response which is well worth reading if you care about free open source software and/or privacy/security issues (or even if you don’t). The key point to take from the discussion is that about two years …
Permanent link to this article: https://baldric.net/2008/06/02/debian-and-the-openssl-flaw/
Jun 02 2008
recursion: see recursion
I have written about how I use one of my slugs to backup my internal files via rsync over ssh. Well it turns out I made a pretty silly mistake in my rsync options. I thought I’d been careful in specifying the files I specifically wanted excluded from the backup (ephemeral stuff, thumbnail images, some …
Permanent link to this article: https://baldric.net/2008/06/02/recursion-see-recursion/
May 26 2008
linuxdoc.org hijacked
Sadly it appears that the once useful linuxdoc.org website has been hijacked by one of those awful domain squatters who seem to want to sell mortgages, holidays and houses. I tried today to check out an old “howto” I had bookmarked and was greeted by a completely new site – as below: At first I …
Permanent link to this article: https://baldric.net/2008/05/26/linuxdocorg-hijacked/
May 16 2008
what it is to be popular
According to some dubious stats from a web company, this site now ranks at number 4,880,077 (on a scale of usage where Yahoo, Google and YouTube are apparently first second and third). But I shouldn’t really complain. The same stats say that the position is “up 16,958,547 ranks over the last three months”. Now that …
Permanent link to this article: https://baldric.net/2008/05/16/what-it-is-to-be-popular/
May 05 2008
slugs aren’t really slow
A recent email exchange with the friend who originally suggested that I take a look at the NSLU2 got me thinking about the machines we currently take for granted. In his email he outlined that he had consolidated a set of services previously run on a couple of old desktops (a Dell and a Shuttle) …
Permanent link to this article: https://baldric.net/2008/05/05/slugs-arent-really-slow/
May 04 2008
a problem slug
I bought myself another slug recently so that I could have one dedicated to internal work and the other used for public facing webs. I wasn’t really comfortable with having my network backup and apt-get mirror on the same beast as a public web. I know from experience that public facing systems are vulnerable and …
Permanent link to this article: https://baldric.net/2008/05/04/a-problem-slug/
Apr 07 2008
slugs as pets
Following a recommendation from a friend of mine, I have recently been playing with a Linksys NSLU2. This device is no larger than a paperback book yet packs some remarkable capabilities. It was originally designed by Linksys (Cisco) to act as a “Network Storage Link for USB 2.0 Disk Drives” (hence NSLU2). Externally, the rear …
Permanent link to this article: https://baldric.net/2008/04/07/slugs-as-pets/
Apr 06 2008
google oddness
A google search for “loadlin” produces a sponsored link for “Inflatable lilos”. Strangely no references to insects or food however.
Permanent link to this article: https://baldric.net/2008/04/06/google-oddness/
Mar 01 2008
ssh through http proxy
On a mail list I subscribe to I have recently been involved in a discussion about the restrictions sometimes placed on users of WiFi hotspots or hotel networks (to say nothing of the restrictions placed on corporate networks). Some of the suggested solutions involve tunnelling ssh connections over http(s). Other solutions assume that the network …
Permanent link to this article: https://baldric.net/2008/03/01/ssh-through-http-proxy/