Diary of a Network Geek

Attack someone’s network or website, that is.
Okay, this has been on my mind lately, not because I’ve done any actual hacking recently, since: a) that would be illegal and b) I haven’t done that sort of thing in, well, years. No, I’ve been thinking about it because, according to a friend of mine, at least one fan (short for “fanatic”) seems to think that I am not only capable of doing such things, but that I, in fact, have. And recently, too! As the French say, “It is to laugh…” So, as a thought experiment (that’s a mental exercise for you vocabulary impaired), here’s how I’d go about doing this, if I were, in fact, to do “ownz” someone’s “box”.
First off, I wouldn’t use a computer that I own, that can be traced to my ownership, or that uses an IP address that has ever been associated with my name. There are several ways around this, of course, including IP spoofing, anonymous remailers and other redirectors, and a compromised, third-party’s machine. That last one is the best, and, ironically, the easiest method. Surprised? You shouldn’t be. Compromised Windoze machines are a dime a dozen. There are hordes of script kiddies out there just hammering away at every weak Windoze machine they can ping. Also, there are more and more insecure Linux machines floating around out there, too. (Have you applied all the latest patches to your penguin box?) Or, if you know of any systems that you left behind at an unhappy employment situation, that are still vulnerable, you can use them. Usually, a corporation will have a nice, fat data pipe which makes your “job” faster and easier. Of course, if they have half a brain, after you leave, they’ll change all the passwords, but sometimes someone slips. (The last place I knew of like that from my own past finally, after three years, changed the passwords as part of an upgrade.) Or, you could simply go to a coffee house that offers free Internet access via a wireless network. Every time you change coffee houses, you change IPs. And, while I normally am just fine with industrial-strength institutional coffee, a nice cafe au lait from Cresent City is always nice. Or, according to this article on Slashdot, Panera Bread Company is a good place to find a free wifi link.
So, now you have one or more launching platforms from which to case your mark. (That there’s criminal slang that means “look at your ultimate hacking goal”.) What do you use to look for a way in? Well, there’s three that I’d recommend, based on reviews; Snacktime, Nessus and NMAP. Of the three, NMAP is, arguably, the more robust and well known. In fact, NMAP was used in The Matrix movies. Now, that, my faithful readers, is “geek cred”! Though Snacktime is interesting to me because it’s PERL-based. Now, if you’re not familiar with these three tools, just stop reading and go play with your IIS 6.0 webserver. We’re about to talk “big boy” stuff here and you just won’t be up to it. So, if you’re still man enough to be following this, you’d load up your lookeeloo tool of choice on your remote launch platform at this point and get a fingerprint of your target system’s OS.
Now, we get to the meat of this little mental exercise… Okay, you’ve got your “open door”, or “doors”, as it were, into your target system. At this point it’s a matter of taking the information from the nice, clean results that NMAP, or whatever, gives you and applying your exploit. What and how you do that really depends on what you’re attacking, but it’s pretty much a paint-by-numbers affair now, thanks to the legions of script kiddies that keep us up to date. Right, root access (or Administrator, if your target is foolish enough to run Windoze). Now what? Well, that sort of depends, doesn’t it? Do you want data? Start a background transfer to a third party that you can collect later. (Use ftp, tftp, or, for loads of sneaky fun, telnet, to transfer your data. Many admins disable logs on these protocols because they don’t think they’re running. Double check.) Want to install something? Go for it! (Try a keylogger. Now you’ll get loads of target passwords to compromise other machines for further adventures!) Just want to crash the system? You should have skipped all this hassle and just hit your target with a DDoS attack from your many compromised machines, stupid. (Incidentally, for you Windoze admins out there, the entire Code Red scare you sloppy bastards caused was all about a Distributed Denial of Service “issue”. )

Of course, this is all very illegal and somewhat morally questionable as well, so I would NOT do it. What’s more, I would not recommend that anyone else attack, hack, assault, fold, spindle or mutilate any system other than your own. In short, the Network Geek, RyuMaou.com and Jim Hoffman (yes, we’re all the same entity) does not in any way endorse any of the above listed activities, except the cafe au lait from Cresent City. In fact, I suggest that you do NOT do anything that I’ve written about in this entry, including flinging wild accusations that cannot be proven. That’s called “libel”, or, if you say it instead of write it “slander”. That’s against the law, too, the last time I checked.

Advice from your Uncle Jim:
"May you live all the days of your life."
   --Jonathan Swift

Well, I’m back to something I’m comfortable with at work.
Yep, I finally got most of my end of the workstation imaging project done last week. The basic images for the hardware and the Novell client are all squared away. At least, they are for all the hardware that we have in stock. I still need to get images of one of the older Dell PCs and the engineering laptop, but that’s easy enough now that I have a good idea what I need to do. The hardest part of all this, so far, has been figuring out what should go into the dang image! But, the resident expert on workstation images got me all fixed up in that area and the rest was actually pretty simple.
Now, though, I’ve been back to the Linux-based ZENWorks Imaging partition. We had an “issue” with the restore menu I did. Apparently, if you have an existing partition and only restore one partition of an image, it doesn’t completely wipe the existing partition. In other words, it just copies the files over the existing install. Not good enough for our purposes. So, I had to devise a method for deleting the existing C partition, recreating it and then, finally, restoring it from the local backup image. Not a problem, right? Wrong. I needed to have a universal menu that could tell what size the existing partition was and plug that into the script which recreated the partition. Not quite as easy as it sounds. Well, thanks to sed & awk, second edition, I found a relatively painless and reliable way to get it done. Basically, I run an “fdisk /dev/hda -l”, pull the relevant information from those results with grep and use “awk” to spit out the correct information to populate the variable. Actually, I have to do some mathmatical adjustments to that, too, but, in a nutshell, that’s what I did. If anyone is really interested and doesn’t want to shell out the money for Learning the bash shell, second edition and sed & awk, second edition, I can put the restore menu that I use up on the site. I have to admit, it’s a pretty sweet solution. Hmm, maybe I’ll submit it to Cool Solutions for another t-shirt….
Well, that’s what I’ve been up to at work. If youse guys want to know more, just pop something into the comments!

Strange addresses watch my web page.
Who on the other side of disneyOC3-gw.customer.alter.net would be interested in my web page? Does Disney run Novell? Is an imagineer looking for Linux tips? I just can’t imagine what the interest might be, myself. Though, it is cool that I seem to have a fan in South Africa. Never been there, but it always looks beautiful in the documentaries. Besides, that’s where Charlize Theron is from, right? So, that’s all good.
Again, though, who the devil at Winn-Dixie.com would be interested in little, ole’ me? Is this another Novell site? I have a feeling that there are a lot of big Novell shops that are rather “stealth”, if you take my meaning. Of course, I get hits from all kinds of state and local governments, too, but I expect that considering how highly entrenched Novell is in the government sector. Though, I have to admit that the hits I get from .MIL always make me wonder. Is the NSA actually monitoring my communications? Or, Army Intel? Or even, the CIA? In any case, I think it’s great that so many people in the Washington, D.C. area are interested in my website.
Contrast those sites with the all the anonymous browsing sites that hit my page, though. I find that very interesting, indeed. After all, if the United States military isn’t embarassed to be browsing my website and blog, who would be? It certainly can’t be anyone from big business, since, in part, that’s who I cater to here. Is there a closet Novell geek out there who’s afraid his boss might find out? Or, perhaps, she’s afraid that her husband might catch her at something? Oh, whoever you are, just come on out of the closet and say hello! What could be the harm? (Oh, if you’re interested in using any of those free anonymous browsing systems, you can find a decent grouping of them here. Thank you, anonymous fan, whoever you are, for giving me that bit of information!)
Naturally, I find it particularly interesting that a device labeled “virgo-gw.customer.alter.net” seems to like hitting my website. Gee, do I have a secret admirer who just happens to be a Virgo? Well, what the heck, it can’t be worse than any of the Capricorns I’ve known! Say, just what is compatible with a Sagitarius like me? Ah, well, it doesn’t really matter, I guess, since I don’t believe in that hokum. Still, it is fun to speculate, isn’t it?

Okay, so I’m almost done coughing up a lung.
Yeah, I’ve been sick this week, but not in the usual way. I’m not sure if it was a sinus infection or the flu or what, but horrible wracking cough is finally dwindling. I’m sure it was not helped by the long hours, or extra days, I was putting in at work. The good news is, though, that I mainly got my problems worked out and I’m starting to feel better. And, I now know more about Linux boot loaders and Novell’s ZENWorks Workstation Imaging solution than I thought possible. I feel like Dr. McCoy in that episode of Star Trek “Spock’s Brain” where he has an entire civilization’s medical knowlege dumed into his head. (Yes, I’ve had the same bug-eyed stare, too!) But, whatever, I got it more or less done. Now, we get to test. Yea! Incidentally, I don’t reccomend pushing yourself as hard as I do. I don’t plan on living to be as old a man as my peers. The candle that burns twice as bright burns half as long. Okay, so, maybe I’m not burning twice as bright, but I’m burning faster than I ought to be. Eh, what the Hell, I figure I’m losing the last years where I’m drooling on myself and don’t remember my own name anyway.
Oh, and for those of you who were interested, no, I don’t actually expect to get my Hilda back. That was just my way of expressing how crazy my week was. It felt like anything could happen! But, as always, I pray for the best and plan for the worst. Though, I am keeping an eye on what seems to be Hilda’s sister. Sometimes, volunteering at H.O.P.E. has its advantages!

Advice from your Uncle Jim:
"The journey of a thousand miles begins with a single step."

Ah, the old days…
Yes, this past week or two sure has felt like the old days. Long, long hours that are appreciated only by a select few. Coming home to an empty house. Being at work late on a Saturday night. Yep, it sure seems like old times. The joys of being a Professional Network Geek. Well, at least I solved my little “issue” and, with the help of an equally dedicated co-worker, I have just a bit of testing to do tomorrow and we should be good to go for the mini-rollout.
In a nutshell, my last problem was getting the LILO information to update on the Linux-based ZENWorks Imaging partition on the local drive. Everytime I would get the damn thing installed, then added an image to the disk, the menu that let the user go into the recovery mode (ie. the Linux partition) would go away. So, after chasing my tail for a week, while sick as a dog, incidentally, I finally noticed something in the documentation that indicated a particular order to do things. Yes, once I read the “fine” manual, it was clear that I had to first enable the ZENWorks partition, then apply the updated LILO config that gave the user a boot option menu. Since I know that “once is luck, but twice is skill”, I tested this on a desktop and a laptop and a second time on a second desktop. All three worked like a charm. Yea! Now, I can go back to my regular 45 hour work week. And, maybe, I’ll get a little rest and get over being sick.
Just as soon as I finish the laundry and ironing and pay my bills and go grocery shopping.

“The woods are lovely, dark and deep,
but I have promises to keep.
And miles to go before I sleep.
And miles to go before I sleep.”
– Robert Frost

Man, I should work for the Chicago Sun Times.
Well, thanks to an article, or entry, or whatever, over at Slashdot last week, I have a new post about SCO. Been a long time since we’ve heard much about them, hasn’t it? Well, there’s a reason. According to this summation of a News.com story on Slashdot, a judge was very critical of SCO’s alleged “proof” that they had copyrights being infringed upon by the OpenSource Linux. To quote the quote they quoted, “… it is astonishing that SCO has not offered any competent evidence to create a disputed fact regarding whether IBM has infringed SCO’s alleged copyrights through IBM’s Linux activities”. Yeah! So there! Of course, those of us who have been following this case at all already knew that SCO’s case was thin at best, but still, it’s nice to know the judge hearing the case agrees with us. I, at least, take comfort in the fact that I can spot blindingly obvious legal facts when I see them.
Damn, I should’ve gone to law school.

Well, I’ve got another bit up on Novell’s CoolSolutions website.
This time, it’s a bit of bash code to let you choose which ZEN imaging server to use based on subnet. It works for any version of the ZEN for Desktops imaging system, since it’s pure bash.
For those of you who are not ” in the know” bash is the Bourne Again SHell which runs on Linux and has scripting capabilities. It’s pretty cool, considering that this will be the third or fourth thing I have up on Novell’s site and I get another t-shirt. Wooo! And, I’ve turned in enough articles that I have my very own Author Profile page. Cool!
Anyhow, go look at the article and vote it up higher, eh?

It always amazes me what people search for.

Especially when they end up with me, instead of what they were looking for in the first place! I used to check on this kind of thing a whole lot more than I do lately, but I looked yesterday and thought I’d put it up here.
Here are the Top 20 searchs that led to my site, with commentary:
1 “bootable usb linux” – Well, I have been working on this a lot lately
2 “crazy toys” – All my toys are crazy, yo
3 “geek pictures” – Er… Would anyone really want to look at me?
4 “linux resume” – Um, duh?
5 “strom thurman” – This one always gets me. Even after death, ol’ Strom is a draw
6 “virtual legos” – No idea at all here
7 “usb linux boot” – How is this different from #1?
8 “javascript encryption” – I am Geek. Hear me roar, er, type
9 “jim hoffman” – Well, DUH!
10 “zenworks imaging” – I am a Novell zealot, after all
11 “free cisco book” – Hey, a Fun Friday Link!
12 “geek art” – Must be me talking about the future ex-wife’s art
13 “hello kitty robot” – Hello Kitty is fun. Hello Kitty Mecha is more fun. Too funny.
14 “tales of hoffman” – Again, DUH!
15 “bootable windows cd” – Hmm, I think I talk about boot loaders too much
16 “case mod tools” – Never done it, but maybe in the future…
17 “linux resume software” – Gee, I guess I talk about Linux a lot, too…
18 “novell resume” – Yep, I’m a hardcore Novell geek allright!
19 “science fiction channel” – Or, maybe just a hardcore geek
20 “homebrew tivo” – Yeah, see the above comment.

Freaky! Well, at least no one is looking for goat-sex pictures and finding my website! You know, that reminds me of a story this Greek guy told me about somone from his village back home… Maybe another time.

I had some minor setbacks at work this week.

I say minor because, as far as I’m concerned, anything short of termination or death is minor. So, first the ZENWorks imaging thing that I thought I’d worked out last week didn’t work this week. Or, rather, it didn’t work all the time or even consistently. So, I’m working on that. Again. Oh, joy.

Then, I’ve been doing a lot of Linux server work lately and that had some small snags. Mainly, it was me being tired, a little depressed, and somewhat distracted. I forgot a couple of little, “detail” items, like chaning IP addresses and cleaning out temp files before running a backup. Stuff like that. The only “show-stopper” was something entirely out of my hands. (Hey, that seems like a theme in my life these days!) The server that I’d been working on, and getting prepared to install on a remote SAN, can’t be shipped until we get the additional processor and power supply from Dell. They’ve been on order for almost a month now. *sigh* Oh, well, my end is almost done. Just a little bit of testing left to do and then…. I wait. (Unfortunately, that seems like a theme in my life right now, too. Always waiting…)

All in all, though, it’s not been a bad week. Nice and quiet. So far…

After some long struggles, VICTORY!

In recent weeks I have posted less and less about my job. Why, you ask? Well, aside from a serious bout of depression, things have not been going well on my projects. Oh, the Linux stuff was okay, mostly, except for a nasty little problem with that mkCDrec program and our SAN. Something about the way it makes the boot partition on the ISO just didn’t like the drivers for the QLogic cards we use. It would never recognize more than one partition at a time. Even after we recompiled it with multiple LUN support. But, I digress….

So, I’ve been banging away at this ZENWorks desktop imaging system deal for weeks. Well, it hasn’t been smooth, but we have a way that *seems* to work well. And, get this, we use snapshot! Yeah, I know, it sounds crazy, but it works. So, here’s the thing, we want to have one base image for XP and then just have addon images for everything else. But, we have at least one SCSI-based workstation. So, what does that mean? Trouble, that’s what. Ultimately, here’s what I did…

I started with a base XP image then added just enough to get it to boot on the SCSI machine (a Dell Precision 670). Next, on a second partition, I loaded all the snapshot files and started that process. Then, I loaded all the Dell drivers and such as appropriate and capped off the snapshot. Finally, I make the app and use filedef.txt to create a BAT file that copies the converted files to their original names and directories. From that, I make the ZENWorks image. And, viola! It works like a charm. Okay, so it’s a bit ’round-about, but it *does* work and a whole lot better than using sysprep, too. At least, for me.

So, all in all, it was a pretty good week! Now, all I need is to get a working car….