Sunday, August 31, 2003

Behavior bocking software
If Anti-virus is obsolete, whats next?

Before briefly reviewing the available products, I will define what I mean by behavioral blocking. When I use the term, I am referring to a technology that has the ability to run suspect programs in multiple virtual operating systems, determine precisely what the code does and then, based upon a set of rules, decide what to do with that program. This is different from what some people call behavioral blocking, which generally refers to the use of set of rules to decide what to do with a program based upon its attributes.

That is a real waste of compute cycles. Now we know what all the next generation processors are going to be doing. They are'nt going to be any faster than what we have now because most of thier cycles are gonna be doing these things.

And if you think using Linux saves you, think again. It seems to me that the only reason there are'nt more worms/viruses for Linux is that there are less people using the Operating system. Same for the *BSD and so on.

Another form of attribute blocking is integrity checking. This can take various forms, but essentially it consists of a mechanism to determine if the characteristics of a file or program are about to be (or have been) changed by another program. CRC and MD5 checks are one form of this technology. Programs like tripwire and tcpwrappers are another. Most of these, however, only report a file or program alteration and do nothing to prevent it.

Can you see a normal average computer user doing this? I cant. Its not possible. Whats the solution? Network devices, with user data residing on servers. We buy the service which gets us the network admin who is responsible for securing your data. No more personal computers. Sad. An average computer user cannot keep his computer patched at all times.
Start ILDASM From Visual Studio

Wednesday, August 27, 2003

Google is now also a calculator

Looks like google is throwing everything, except the kitchen sink. Hey I dont mind, I'm an emacs user myself!

(emacs is an editor that also includes everything except the kitchen sink)

Tuesday, August 26, 2003

Summer job is over, and I am back to working part time. I've been enjoying the past two days off, since school does'nt officially start till tomorrow. This summer was fun. Lots of sleeping. Dont expect much sleep over the following semester.

Thursday, August 21, 2003

Gnutella protocol

I have an idea for a fun program. But need to study the gnutella protocol to figure out how things work with a decentralized protocol.
Longhorn screen shots

The Windows desktop is turning more and more into a childs toy. Looking into those screen shots makes me feel sick. How dumb are the people who use windows? Already in Windows XP I find myself turning of all those dumbed down interfaces. The older interface makes so much more sense. Oh the days of the command line!

Linux is a blessing. As long as I have Linux with Windowmaker, life can go on! I cant imagine using an interface other than Windowmaker. It is just so perfect. It gives me all that I need and more.
New glasses. Finally I can look at the screen, read, and not get a headache!

phrack61 here I come!

Wednesday, August 20, 2003

Copied from :
http://arstechnica.com/etc/linux/index.html

Screen - Multiple Terminals - Screen, the terminal multiplexor. Screen is like a window manager for your console. Unlike a virtual terminal, screen allows you to detatch from a terminal. While detached, the program you were running continues to run. You can then reattach later and continue your task. This is useful if you want to run a bunch of tasks but don't want to keep an ssh session open or if you lose your connection. Screen is almost always used when running a game server in Linux. You can attach occasionally to check the server output without having to interrupt the server. First, we want to connect to our remote host via ssh and then run screen:

jorge@piccolo:~ ssh trunks
jorge@trunks:~$ screen

Note how my remote machine doesn't ask for a password, thanks to LUSSH. Now, execute whichever command you wish, for the example make it something that will remain in the foreground. Our "watch uptime" from a while back will suffice. Now, you've got something running on the remote host, and we want to detatch it (it will still be running, but your terminal windows will be free). Hit CTRL-A, then d. You are now detached. The process you were viewing run is still running... you can confirm this with ps -a. You can now exit back onto localhost (piccolo in this example), yet the program continues to run on the remote host even though we're not connected to it. To reattach, ssh back into the remote host and at the prompt type "screen -r". Screen will return you to where you left off. This is just a simple example; what other ways are Arsians using screen? (IRC is a popular use for this) Let us know in the Discussion.
Going to get a pair of glasses today. My eyes have gone bad again. :(

Tuesday, August 19, 2003

Sunday, August 17, 2003

Just got done with a complete re-install of RedHat 9. For some reason Vmware v4.0 does'nt boot with the new grub/lilo. I dont know why. Havent been able to figure it out yet.

Friday, August 15, 2003

Havent been able to get to Hotmail.com all day, or sign on MSN Messenger. Though I could do it remotely from my home computer just fine. Dont know whats up with the local university network.

I also realized how addicted I am to MSN Messenger.

Wednesday, August 13, 2003

hostname: slack

13:55:46 up 12 days, 2:03, 1 user, load average: 0.08, 0.27, 0.21

Monday, August 11, 2003

RPC Worm

This is the vulnerability we were trying to get patched a few days ago. Why cant everybody just use Linux!
I'm using the new Mozilla Firebird with AntiAliased fonts. Cool.

New Firebird
The Virus did it

Damn it! That is one excuse I cant use. I dont use Windows!!!!

Maybe I'll be able to use "The Worm did it!" in a couple of years!

Low-Cost Linux Gaining on Microsoft in India

Difference between India and the US is that most people here in the US are already used to using Windows. In India everybody is new to computers, and everybody is learning from the start. The learning curve for them is the same, whether they learn to use Linux, or Windows. They dont have to learn how to use Linux all over again, from scratch after having learnt Windows. Plus, Linux is not made by a foriegn company.

Tuesday, August 05, 2003

InformationWeek > Microsoft > Microsoft's Web Site Brought Down By Attack > August 1, 2003

Ok maybe this is why there is so much fuss being made!
New Scientist

US government computer experts have warned that hackers may be preparing a large-scale coordinated attack. This could involve the release of a virulent type of internet worm or use thousands of enslaved personal computers to bring down websites.

I dont understand why there is such a big fuss over this particular vulnerability. And believe me, there is a whole lot of fuss being made!

Monday, August 04, 2003

We had a bunch of experimental computers running Windows 98/2000. Since they are computers meant to run simulations, I hardly ever have to interact with them. The users were supposed to apply the patch for the RPC vulnerability that has been making everybody panic. They did'nt. There machines are now of the net. Those that had been compromised have been thrown of the net completely. Those that were vulnerable but not compromised cannot get out of the University. For now. When the users found they could'nt actually get out of University, they came running over to me.

I've applied the patch, and put a firewall on those machines, and hopefully the network guys will put them back on the net.

On another note, the machines that are directly under me, were patched, and firewalled, and never even showed up on the network guys scans. Thats what I keep telling these people. Give me complete control, and your machines will be safe.

There is a problem with there scanning though. Windows 98 machines are not vulnerable to this particular exploit. But they for some reason do show up on the scans, and are blocked even though they cant be hacked. Some poor people got swept into this for no reason at all. And they have no choice. They have to run Windows 98 because the data acquisition cards will only run in Windows 98.
Back on slack/windowmaker/aterm/bash/MozillaFireBird/amsn. Thats the way it should be.

Mozilla and hypocrisy

Right, but what about the experiences that Mozilla chooses to default for users like switching to  Yahoo and making that the default upon ...