Category: trivial musing

more DNS silliness

I came across an interesting post on Avert labs site recently. That post pointed to an earlier SANS posting, which in turn, referenced a Symantec discussion of a new Trojan called Trojan.Flush.M. This trojan is an interesting variant of a class of trojans which hijack local DNS settings to force the compromised machine to use …

Continue reading

Permanent link to this article: https://baldric.net/2008/12/24/more-dns-silliness/

gun, foot, shoot

As a chartered member of the British Computer Society (BCS) I recently received through the post my voting forms for the 2008 AGM. The process gives me the option of voting electronically using a website run by Electoral Reform Services. My security codes (two separate numeric IDs, one of six characters, the other of four) …

Continue reading

Permanent link to this article: https://baldric.net/2008/09/25/gun-foot-shoot/

webanalytics – just say no

I have just built myself a new intel core 2 duo based machine to replace one of my older machines which was beginning to struggle under the load of video transcoding I was placing upon it. The new machine is based on an E8400 and is nice and shiny and fast. Because it is a …

Continue reading

Permanent link to this article: https://baldric.net/2008/09/12/webanalytics-just-say-no/

french slugs?

In an earlier post I speculated that the CherryPal PC might be a possible option for users considering replacements for the slug. But that device has still yet to hit the streets and is beginning to look suspiciously like vapourware. However, linuxdevices, the site devoted to linux on embedded devices, wrote about the interesting looking …

Continue reading

Permanent link to this article: https://baldric.net/2008/09/12/french-slugs/

chrome *can* get rusty

Amidst all the hype and hullabaloo about Google’s chrome, el reg tells it like it is. Yes, “it’s a f***ing web browser”. You just have to love the reg.

Permanent link to this article: https://baldric.net/2008/09/08/chrome-can-get-rusty/

where did my bandwidth go

Have you ever wondered what was eating your network? Would you like to be able to check exactly which application was responsible for that sudden spike in outbound traffic? NetHogs might help. This neat little utility calls itself a “small ‘net top’ tool”, and that is exactly what it is. NetHogs groups bandwidth usage by …

Continue reading

Permanent link to this article: https://baldric.net/2008/08/20/where-did-my-bandwidth-go/

trusting DNS

Dan Kaminsky has (quite rightly) been hitting the press a lot in the weeks since 8 July when he announced the work done to fix a flaw he had discovered in DNS. The vulnerability itself was new, but its impact (cache poisoning) was not. Indeed, we’ve known about the dangers of poisoned DNS caches for …

Continue reading

Permanent link to this article: https://baldric.net/2008/08/10/trusting-dns/

replacement for the slug

I noted in an earlier post that Linksys were ceasing production of the NSLU2. There are now a variety of NAS systems coming onto the market which might make good replacements – but most of them look expensive when compared to the slug. However I’ve just seen a review of a box which looks as …

Continue reading

Permanent link to this article: https://baldric.net/2008/07/26/replacement-for-the-slug/

ooops

An apt-get dist-upgrade (to bring the kernel up to date and install some new patches) on the slugs killed the webcam. Of course I should have remembered that the gspca module was built against the old kernel and might fail. One quick “m-a auto-install gspca” later and all is working again. Of course the kernel …

Continue reading

Permanent link to this article: https://baldric.net/2008/07/16/ooops/

slugs are history

Jim Buzbee, of batbox fame and one of the original NSLU2 hackers, apparently gave a presentation about the history of slug hacking at the Boulder Linux Users Group. A PDF copy of his presentation can be found on his batbox.org site. Jim also notes that Linkys are ending production of the NSLU2 after four years …

Continue reading

Permanent link to this article: https://baldric.net/2008/07/09/slugs-are-history/

mine’s longer than yours

You could regard this as another pointless entry to go alongside the webcam. But hey – so what. I had cause to check the uptime on my slugs a little while ago now that they are largely stable and providing the services I want. After doing so I thought it would be good to be …

Continue reading

Permanent link to this article: https://baldric.net/2008/07/02/mines-longer-than-yours/

dental dos

On Tuesday 17 June, Craig Wright, supposedly “Manager of Risk Advisory Services” in an Australian Company called “BDO Kendalls”, posted a rather odd note to Bugtraq and a few other security related lists titled “Hacking Coffee Makers”. In that posting he said that the Jura F90 Coffee maker (which can apparently be networked) was vulnerable …

Continue reading

Permanent link to this article: https://baldric.net/2008/06/19/dental-dos/

xkcd on the openssl fiasco

I’ve had my attention drawn to Randall Munroe’s take on the openssl coding change problem. Beautiful.

Permanent link to this article: https://baldric.net/2008/06/05/xkcd-on-the-openssl-fiasco/

debian and the openssl flaw

Ben Laurie wrote about the Debian SSL problem a couple of weeks ago. That particular post has attracted a huge response which is well worth reading if you care about free open source software and/or privacy/security issues (or even if you don’t). The key point to take from the discussion is that about two years …

Continue reading

Permanent link to this article: https://baldric.net/2008/06/02/debian-and-the-openssl-flaw/

recursion: see recursion

I have written about how I use one of my slugs to backup my internal files via rsync over ssh. Well it turns out I made a pretty silly mistake in my rsync options. I thought I’d been careful in specifying the files I specifically wanted excluded from the backup (ephemeral stuff, thumbnail images, some …

Continue reading

Permanent link to this article: https://baldric.net/2008/06/02/recursion-see-recursion/

linuxdoc.org hijacked

Sadly it appears that the once useful linuxdoc.org website has been hijacked by one of those awful domain squatters who seem to want to sell mortgages, holidays and houses. I tried today to check out an old “howto” I had bookmarked and was greeted by a completely new site – as below: At first I …

Continue reading

Permanent link to this article: https://baldric.net/2008/05/26/linuxdocorg-hijacked/

what it is to be popular

According to some dubious stats from a web company, this site now ranks at number 4,880,077 (on a scale of usage where Yahoo, Google and YouTube are apparently first second and third). But I shouldn’t really complain. The same stats say that the position is “up 16,958,547 ranks over the last three months”. Now that …

Continue reading

Permanent link to this article: https://baldric.net/2008/05/16/what-it-is-to-be-popular/

slugs aren’t really slow

A recent email exchange with the friend who originally suggested that I take a look at the NSLU2 got me thinking about the machines we currently take for granted. In his email he outlined that he had consolidated a set of services previously run on a couple of old desktops (a Dell and a Shuttle) …

Continue reading

Permanent link to this article: https://baldric.net/2008/05/05/slugs-arent-really-slow/

a problem slug

I bought myself another slug recently so that I could have one dedicated to internal work and the other used for public facing webs. I wasn’t really comfortable with having my network backup and apt-get mirror on the same beast as a public web. I know from experience that public facing systems are vulnerable and …

Continue reading

Permanent link to this article: https://baldric.net/2008/05/04/a-problem-slug/

slugs as pets

Following a recommendation from a friend of mine, I have recently been playing with a Linksys NSLU2. This device is no larger than a paperback book yet packs some remarkable capabilities. It was originally designed by Linksys (Cisco) to act as a “Network Storage Link for USB 2.0 Disk Drives” (hence NSLU2). Externally, the rear …

Continue reading

Permanent link to this article: https://baldric.net/2008/04/07/slugs-as-pets/

google oddness

A google search for “loadlin” produces a sponsored link for “Inflatable lilos”. Strangely no references to insects or food however.

Permanent link to this article: https://baldric.net/2008/04/06/google-oddness/

ssh through http proxy

On a mail list I subscribe to I have recently been involved in a discussion about the restrictions sometimes placed on users of WiFi hotspots or hotel networks (to say nothing of the restrictions placed on corporate networks). Some of the suggested solutions involve tunnelling ssh connections over http(s). Other solutions assume that the network …

Continue reading

Permanent link to this article: https://baldric.net/2008/03/01/ssh-through-http-proxy/

another vulnerability in the home hub

The guys at gnucitizen have posted details of another vulnerability in the BT home hub (and related Thomson routers). This vulnerability allows a remote attacker to reconfigure the router using the UPnP functionality which is turned on by default. UPnP is an authenticationless protocol designed to allow local devices to reconfigure the router – typically …

Continue reading

Permanent link to this article: https://baldric.net/2008/01/19/another-vulnerability-in-the-home-hub/

psp hardware and software specs

I have just stumbled upon a very good resource listing specifications of the hardware and software revisions for the PSP. I would have found this site most useful when I was researching how to format video for the psp last year. The site is at www.edepot.com/reviews_sony_psp.html

Permanent link to this article: https://baldric.net/2008/01/13/psp-hardware-and-software-specs/