Wednesday, January 30, 2008

Old Red Hat cds

I was cleaning out a storage bin and I came across some old Red Had linux cds. There were seven cds in the package that were needed in order to install Red Hat 6.2. I also found three cds for Red Hat 9.0. It gave me a chuckle, as I remember struggling to get the 6.2 installation to work properly on the hardware I had at the time. And yet, Ubuntu is generally one cd, with a nice installer and pretty good operability right out of the box.

Ah well....I'm keeping the cds, though I doubt I'll ever use them again.

Sunday, January 27, 2008

ESPN log download - returns

Ok, as I see in a comment, it looks like it has returned. It just happened to me as well.

[edit: found in drafts....]

ESPN log download - returns

Ok, as I see in a comment, it looks like it has returned. The download attempt just happened to me as well. I've attached an image of what I'm receiving. Clicking on "Save" would not work, it looks like the only option is to open. However, I would like to save it, and examine it on another more secure machine.

Saturday, January 26, 2008's log

I logged in to this morning, and there was no attempt to download a log. I'm going to guess that this was brought to their attention and has been fixed.

Friday, January 25, 2008

GCIH - confirmed

I just signed up. I've taken SANS' Security Essentials in this format, and got much out of the class. So, I look forward to taking this class.

Downloading a log from

I'm using Firefox During the last couple of days, when I've surfed to, I receive the save window asking me if I want to save or open "Log" from Has anyone else received this dialog, or downloaded the log? A quick Google search did not return anything useful. The next time it happens, I'll update this post with a screenshot.

Wednesday, January 23, 2008

I suspect we're under attack

I'm only consulting for my former company, I go in a couple of days a week in order help train my replacement. However, due to politics, I've been given an end-date of a couple of weeks. I'll never be able to train my replacement in that time, so I do the best I can.

I still help out with network support and security work It's the least I can do. Over the past week (? maybe more) the firewall has been puking "Attack Alerts" to the admin mailboxes. We're getting so many alerts it's fastly filling up my mailbox. I've talked with the sys admin, and he isn't doing anything about it. (Unfortunately, it's not technically in my domain, my doing anything would be tantamount to heresy.) I can only suggest. Today, I logged in to find a ton of mail. I wonder, if, to some extent, the company is under some kind of dos attack. If enough of these attacks are aimed at the firewall, will it finally crash?

Saturday, January 19, 2008

GCIH certification

I've gotten a couple of emails announcing that the GCIH class is going to be made available in the @Home format. After thinking about it for a bit, I've decided to do it. I like it because I won't have to travel, make hotel reservations, etc. I think I'll miss the atmosphere when you take the class at one of their events, but I think I'll still get a lot out of it.

If you've taken the class, post your thoughts in the comments.

Monday, January 14, 2008

My credit card account was compromised....

Interesting. I had just read a great post on Andy ITGuy's blog about getting a call from a credit card company regarding suspicious credit card activity. Well, today I got a similar call. Being an IT Sec worker, and trusting no one, I went and found a statement, and called the customer service number printed there. Unlike Andy, I happen to use this card with some regularity. And, I keep all receipts for month-end reconciliation. So, I'm fairly familiar with the places the card has been used.

When I got through to a CSR, I was told there is/was suspicious activity on the card and the account needed to be closed. However, the CSR asked me to verify two transactions, which were correct. I was told a new card would come in the next X number of days, to call to activate the card, yadda, yadda, yadda.

Here's what ticks me off. And I'm pretty sure Andy was in the same boat. I questioned the CSR on where the suspicious activity was from, or what merchant reported (or didn't) the breach. She wouldn't answer me. When she asked me if there was anything else she could do for me, I (politely) asked her to transfer me to someone who could answer my question. She put me on hold for about a minute, no doubt to get another cup of coffee. When she came back, she told me that she wasn't allowed to tell me anything. Was there anything else? Sure, if she can't tell me where the problem occurred, how do I know where NOT to use the card? What's to say that I use the card this week (where I normally would) and get another call from the credit card company? Doesn't the consumer have some rights here?

I've read a lot on PCI, and how the credit card companies are shifting the responsibility to the merchants (and there are two great posts here and here). Shouldn't there be some (more) accountability to the consumer?

I'm on the fence with whether or not I want to keep this credit card. I've been with the company for many years.

And, the company I have just left deals with credit card companies. They are woefully PCI non-compliant. But that's a post for another day.

Saturday, January 12, 2008

Thanks for hanging in there....

I think I've finally got the Feedburner issue cleared up. It just takes a little longer to show up in my Google Reader. Now it's back to your regular scheduled programming.

Friday, January 11, 2008


testing 1..2..3..

Just a test post

My Google Reader didn't update, with the new Feedburner, so I had to do some tweaking with Google Reader. I think all will be ok.

Back to your regularly scheduled program....


I just added a Feedburner feed to the blog. I hope it hasn't disrupted operations. If you see something odd, let me know in the comments.

HAKIN9 magazine?

I hadn't been in a Barnes & Noble in a long time, and since I had some time to kill (and a gift card, ha-ha) I thought I would browse my local B&N. The magazine section has been expanded, and, there seem to be many more computer magazines than I remember. And, I couldn't believe how many linux magazines there were. I get Linux Journal, and I thought there was one other. However, there were no less than five different magazines on the shelf.

What caught my eye, though, was a magazine titled HAKIN9. It was billed for the "hardcore enterprise security" or words to that effect. There was a DVD inside with a bunch of tools. And the articles looked pretty informative, at least the few I skimmed in the short period of time I was there. The magazine looks to come out bi-monthly, and I think i saw a price of $14.95, or something like that.

Does anyone have any reviews of the magazine? Leave a comment.

Thursday, January 10, 2008

I hate failure...

In myself, at least.
I don't mind it in my sports teams, they have a history of failure. Some of them should be listed in the dictionary, as the very definition of failure.
But I don't like it when I can't get the resolution the client wants.
Case in point.
I was called to a client's machine the other day. This machine had no firewall, no anti-virus (or anti-anything software,) and was wide open. XP home, not admin password and no user account had a password. After somewhat locking down the situation, SpyBot almost broke with the number of problems it found. I cleaned that up, ran all my tools. The client was thrilled. I left a firewall, and some security tools so that the machine was relatively defended.
But that wasn't all.
It turns out the printers had been removed, and IE wouldn't run. AOL ran, but not IE. Looking into this further, it appeared the RPC process was corrupted. It looked like I was going to have repair that. At the last minute, I decided to look again at the event logs. And there it was.....the system log was one big red X. It was littered with disk hardware failures. And, I could pinpoint where the troubles started. At this point, since it was a Dell desktop under warranty, I thought the best option was to have them swap the drive out.

I just don't like NOT being able to finish.

Tuesday, January 1, 2008

Lesson learned: bring a different browser

Out on a case today, I ran into a situation where I couldn't get to the internet. Something had overtaken IE. I was really wishing for Firefox at the time, but I had no way to get it. (And I couldn't remember the FTP commands to grab it.) Now, I've downloaded the .exe to my USB drive, so I should be ok when I need the alternate browser in the future.