Diary of a Network Geek

Well, it seems I’ve “upset” someone.
Apparently, an un-named someone at IP 68.106.38.39 is a little upset with me. Said person changed a couple of e-mail addresses and passwords last night. That same person seems to reside at hostname ip68-106-38-39.ph.ph.cox.net. Interestingly enough, this is the same IP address and hostname that changed the Yahoo account of another person who used to live in this house recently. Coincidence or pattern? Remember what I was writing about this very thing earlier in the week? Well, apparently, our would be malcontent doesn’t read very well, because they’ve left a very traceable trail. Does anyone know what areas are covered by Cox Cable? How many Western states do they handle? Ah, yes, logs are a wonderful thing.
Now, the question is, does it merit such things as, say, prosecution? I believe that said person, or persons, are now in violation of several laws. Having restricted my access to accounts at which I should be able to expect a reasonable amount of security and/or privacy. I don’t have the statutes in front of me, but, the last time I checked that was illegal. Now, I’ll get it straightened out, eventually, but that’s not the point. The point is, after being accused of hacking and breaking the law myself, someone has gone and done what I’ve been accused of doing. Ironic, isn’t it?
But, at least I have the joy of knowing that I’ve upset someone’s apple cart. It makes all the hassle of changing a couple of passwords back worth while. Suddenly, no matter what the weather is here in Houston, it’s a bright, sunny day for me! Have a fantabulous day!

Advice from your Uncle Jim:
"One of the things that worry business men is the number of unemployed on the payroll."

Oh, yeah!
Man, Linux is just getting a massive boost this week! Yahoooooo! According to this announcement on Nero’s webiste, they’re now offering Nero for Linux. If you don’t understand how cool that is, then you’ve either never used Linux or Nero or both. This is the coolest thing since sliced bread, at least in the Linux world. And, if you’re already a Nero Ultra user, they’re GIVING Nero for Linux to you for FREE! How cool is that?!
Jeez, I remember ten or twelve years ago when this plucky, little OS was something that hard-core geeks were into and no one in the business world had even heard of it before. Now, major corporations are supporting it and some even live or die by how well Linux fares in the marketplace. Back then, the idea that anyone would give away an entire operating system for free was just, well, unheard of. No one thought it would amount to much. No one but us hard core geeks. And, now, here we are. Linux is a player in the Big Game and doing better every day.
We’ve come a long way, baby!

…Really, really excites me!
Novell believes in Linux so much that they’ve added extra support for it in their ZENWorks for Desktops suite of programs. According to this press release on Novell’s website, they’ve added “imaging, configuration lockdown, remote management, inventory and software management” to their software which will enable folks to use Novell ZENworks 7 Linux Management to manage most Linux platforms, including SUSE LINUX and Red Hat* Enterprise Linux. Now, this might not seem like much to some of you, but, trust me, this is a quantum leap forward in the Linux world. Five years ago, I couldn’t hardly concieve of a major networking company doing something like this. Now, I can completely cut Microsoft out of the picture, if I want. I can have Linux desktops and servers all managed with Novell software.
I’m so happy I could just plotz.
And, I have to say that I’m really, really glad that I not only have maintained my Novell certification, but also gotten at least one Linux certification, too. I didn’t know it at the time, but I couldn’t have planned it any better. Once again, my career choices have been affirmed.
Well, off to the uranium mines! Have a very high-tech day!

For some reason, I seem to be preparing for a siege.
Yesterday, I spent $296 on food at Sam’s Club. My freezer is packed so full, that things lean against the door! I have mass quantities of all kinds of staples. So, for the next three months or so, all I should need are short-term perishables like milk, eggs, and yogurt. Everything else, mostly, I have jammed into my pantry and upright freezer. But, my siege mentality goes further than that.
I’ve taken to locking the door behind me when I get home. I have a double-key deadbolt, so I don’t have a little toggle handle to lock the deadbolt on my back door. Instead, I have to actually use a key on the inside, too. That makes it difficult for anyone to smash a window and then open the door from the inside. It’s kind of weird, really, since I have no reason to be like this. I mean, it’s not like I’m actually afraid that someone is going to try and kill me or anything, but, still, I’ve been a little paranoid.
My .357 is still loaded and in the key-code gun safe next to my bed. I have candles in every room of the house, so I can find my way when the power goes out. But, the power hasn’t gone out in ages and I don’t remember the last time I heard anything about any kind of violent crime in my neighborhood. Still, I’m ready should anything happen. I don’t know, maybe it’s just that I’ve been living alone for a bit now and I’m just preparing to take care of anything, no matter what it is, all by myself. Certainly, that’s some of what motivated the food hoarding.
Everything I bought at Sam’s is convenient food. For me, at least. Soups and ravioli and single-serving macaroni and cheese. Hot Pockets and White Castle Cheeseburgers. Frankly, everything I make these days has to be quick and easy or it’s not worth it! I’m just too busy! All the running around with H.O.P.E. and doing pro bono computer work for a non-profit organization and church and therapy and support groups and just everyday life keep me really busy. And, even with all that, I still manage to lose weight. Of course, it fluctuates, but I bounced off 170 this weekend. It’ll be back up tomorrow, but still, I’m keeping trim in spite of eating relatively “fast” food.
Wow, I got tired just thinking about all that. Off to bed for me. I need my rest!

Attack someone’s network or website, that is.
Okay, this has been on my mind lately, not because I’ve done any actual hacking recently, since: a) that would be illegal and b) I haven’t done that sort of thing in, well, years. No, I’ve been thinking about it because, according to a friend of mine, at least one fan (short for “fanatic”) seems to think that I am not only capable of doing such things, but that I, in fact, have. And recently, too! As the French say, “It is to laugh…” So, as a thought experiment (that’s a mental exercise for you vocabulary impaired), here’s how I’d go about doing this, if I were, in fact, to do “ownz” someone’s “box”.
First off, I wouldn’t use a computer that I own, that can be traced to my ownership, or that uses an IP address that has ever been associated with my name. There are several ways around this, of course, including IP spoofing, anonymous remailers and other redirectors, and a compromised, third-party’s machine. That last one is the best, and, ironically, the easiest method. Surprised? You shouldn’t be. Compromised Windoze machines are a dime a dozen. There are hordes of script kiddies out there just hammering away at every weak Windoze machine they can ping. Also, there are more and more insecure Linux machines floating around out there, too. (Have you applied all the latest patches to your penguin box?) Or, if you know of any systems that you left behind at an unhappy employment situation, that are still vulnerable, you can use them. Usually, a corporation will have a nice, fat data pipe which makes your “job” faster and easier. Of course, if they have half a brain, after you leave, they’ll change all the passwords, but sometimes someone slips. (The last place I knew of like that from my own past finally, after three years, changed the passwords as part of an upgrade.) Or, you could simply go to a coffee house that offers free Internet access via a wireless network. Every time you change coffee houses, you change IPs. And, while I normally am just fine with industrial-strength institutional coffee, a nice cafe au lait from Cresent City is always nice. Or, according to this article on Slashdot, Panera Bread Company is a good place to find a free wifi link.
So, now you have one or more launching platforms from which to case your mark. (That there’s criminal slang that means “look at your ultimate hacking goal”.) What do you use to look for a way in? Well, there’s three that I’d recommend, based on reviews; Snacktime, Nessus and NMAP. Of the three, NMAP is, arguably, the more robust and well known. In fact, NMAP was used in The Matrix movies. Now, that, my faithful readers, is “geek cred”! Though Snacktime is interesting to me because it’s PERL-based. Now, if you’re not familiar with these three tools, just stop reading and go play with your IIS 6.0 webserver. We’re about to talk “big boy” stuff here and you just won’t be up to it. So, if you’re still man enough to be following this, you’d load up your lookeeloo tool of choice on your remote launch platform at this point and get a fingerprint of your target system’s OS.
Now, we get to the meat of this little mental exercise… Okay, you’ve got your “open door”, or “doors”, as it were, into your target system. At this point it’s a matter of taking the information from the nice, clean results that NMAP, or whatever, gives you and applying your exploit. What and how you do that really depends on what you’re attacking, but it’s pretty much a paint-by-numbers affair now, thanks to the legions of script kiddies that keep us up to date. Right, root access (or Administrator, if your target is foolish enough to run Windoze). Now what? Well, that sort of depends, doesn’t it? Do you want data? Start a background transfer to a third party that you can collect later. (Use ftp, tftp, or, for loads of sneaky fun, telnet, to transfer your data. Many admins disable logs on these protocols because they don’t think they’re running. Double check.) Want to install something? Go for it! (Try a keylogger. Now you’ll get loads of target passwords to compromise other machines for further adventures!) Just want to crash the system? You should have skipped all this hassle and just hit your target with a DDoS attack from your many compromised machines, stupid. (Incidentally, for you Windoze admins out there, the entire Code Red scare you sloppy bastards caused was all about a Distributed Denial of Service “issue”. )

Of course, this is all very illegal and somewhat morally questionable as well, so I would NOT do it. What’s more, I would not recommend that anyone else attack, hack, assault, fold, spindle or mutilate any system other than your own. In short, the Network Geek, RyuMaou.com and Jim Hoffman (yes, we’re all the same entity) does not in any way endorse any of the above listed activities, except the cafe au lait from Cresent City. In fact, I suggest that you do NOT do anything that I’ve written about in this entry, including flinging wild accusations that cannot be proven. That’s called “libel”, or, if you say it instead of write it “slander”. That’s against the law, too, the last time I checked.

Advice from your Uncle Jim:
"I love deadlines. I especially love the whooshing sound they make as they fly by."
   --Douglas Adams

Would you pay to find computer geeks to date?
Okay, this site is obviously directed at professional computer geeks and, lately, I’ve been thinking about dating. Well, I came across a link to a place called aeWebworks that was selling a web suite called aeDating. And, well, that got me thinking… I’ve seen dating sites targeted at every group from Christians to nudists to science geeks to cowboy freaks and I thought, well, why not computer geeks? Okay, sure, it might be lopsided toward the male end of things, but I think I can use that as a selling point. I mean, think about all the “nice” girls who would like to find a guy with a good job. Hey, that’s us! What about all the “ladies” that might get deported if they don’t get married? I’ve known web designers that would do anything to get a date!
Okay, maybe it’s a little out there, but I already have a lot of traffic. It wouldn’t take much to juice that up a little. In fact, just having the dating site, or subsite, would probably drive some traffic. Keywords would be the thing. Yeah, keywords…. Well, before I get too far ahead of myself, I suppose I should see if there’s any interest. So, is there? Leave a comment!

wOOt!
We have moved into our new office! Yea! Actually, we moved in yesterday, but I’m just getting to write about it today. It is so, so nice to finally have an actual office. No more Storage Room B!! I’ve been saying that it’s “no big deal”, but it really is. I ordered business cards yesterday, finally, because I also got an actual extension! I feel like a real-live genuine employee now. I guess I’ll start bringing things into the office for my desk now. And, I’ll finally be able to have actual office supplies. Oh, the joy! The rapture of it all!
We’ve hidden our “lab” area behind a bookcase when you walk in the door, which my boss’ boss liked. Our desks are at right angles to each other, but that lets us not have our backs to the door. I don’t mind having my back to my coworker, but I don’t like having my back to the door. I’m just funny like that. It’s really a nice setup. I may have to get a full-spectrum light for my desk, though, to simulate sunlight. And a plant. Yep, I need to bring in a plant. Hey, if enough of you deadbeats who read this blog clicked on ads, I could buy cool stuff for my desk, too! Or, check out the official Diary of a Network Geek Store. Or, better yet, you could hit my ThinkGeek Wishlist… Nah, all you guys are as poor as I am! Oh, for the 90’s again….

Ooo, I lost that “ugly” five pounds I gained while travelling, too. Maybe it was all the extra exercise moving or something, but I’m back down to my “fighting weight” of 175. Sweet.

Well, I’m back to something I’m comfortable with at work.
Yep, I finally got most of my end of the workstation imaging project done last week. The basic images for the hardware and the Novell client are all squared away. At least, they are for all the hardware that we have in stock. I still need to get images of one of the older Dell PCs and the engineering laptop, but that’s easy enough now that I have a good idea what I need to do. The hardest part of all this, so far, has been figuring out what should go into the dang image! But, the resident expert on workstation images got me all fixed up in that area and the rest was actually pretty simple.
Now, though, I’ve been back to the Linux-based ZENWorks Imaging partition. We had an “issue” with the restore menu I did. Apparently, if you have an existing partition and only restore one partition of an image, it doesn’t completely wipe the existing partition. In other words, it just copies the files over the existing install. Not good enough for our purposes. So, I had to devise a method for deleting the existing C partition, recreating it and then, finally, restoring it from the local backup image. Not a problem, right? Wrong. I needed to have a universal menu that could tell what size the existing partition was and plug that into the script which recreated the partition. Not quite as easy as it sounds. Well, thanks to sed & awk, second edition, I found a relatively painless and reliable way to get it done. Basically, I run an “fdisk /dev/hda -l”, pull the relevant information from those results with grep and use “awk” to spit out the correct information to populate the variable. Actually, I have to do some mathmatical adjustments to that, too, but, in a nutshell, that’s what I did. If anyone is really interested and doesn’t want to shell out the money for Learning the bash shell, second edition and sed & awk, second edition, I can put the restore menu that I use up on the site. I have to admit, it’s a pretty sweet solution. Hmm, maybe I’ll submit it to Cool Solutions for another t-shirt….
Well, that’s what I’ve been up to at work. If youse guys want to know more, just pop something into the comments!

Strange addresses watch my web page.
Who on the other side of disneyOC3-gw.customer.alter.net would be interested in my web page? Does Disney run Novell? Is an imagineer looking for Linux tips? I just can’t imagine what the interest might be, myself. Though, it is cool that I seem to have a fan in South Africa. Never been there, but it always looks beautiful in the documentaries. Besides, that’s where Charlize Theron is from, right? So, that’s all good.
Again, though, who the devil at Winn-Dixie.com would be interested in little, ole’ me? Is this another Novell site? I have a feeling that there are a lot of big Novell shops that are rather “stealth”, if you take my meaning. Of course, I get hits from all kinds of state and local governments, too, but I expect that considering how highly entrenched Novell is in the government sector. Though, I have to admit that the hits I get from .MIL always make me wonder. Is the NSA actually monitoring my communications? Or, Army Intel? Or even, the CIA? In any case, I think it’s great that so many people in the Washington, D.C. area are interested in my website.
Contrast those sites with the all the anonymous browsing sites that hit my page, though. I find that very interesting, indeed. After all, if the United States military isn’t embarassed to be browsing my website and blog, who would be? It certainly can’t be anyone from big business, since, in part, that’s who I cater to here. Is there a closet Novell geek out there who’s afraid his boss might find out? Or, perhaps, she’s afraid that her husband might catch her at something? Oh, whoever you are, just come on out of the closet and say hello! What could be the harm? (Oh, if you’re interested in using any of those free anonymous browsing systems, you can find a decent grouping of them here. Thank you, anonymous fan, whoever you are, for giving me that bit of information!)
Naturally, I find it particularly interesting that a device labeled “virgo-gw.customer.alter.net” seems to like hitting my website. Gee, do I have a secret admirer who just happens to be a Virgo? Well, what the heck, it can’t be worse than any of the Capricorns I’ve known! Say, just what is compatible with a Sagitarius like me? Ah, well, it doesn’t really matter, I guess, since I don’t believe in that hokum. Still, it is fun to speculate, isn’t it?

I’m sure most of my loyal readers have already seen this, but…
Just in case you don’t read Slashdot as compulsively as I do, they recently ran a story, or link to a story on PCPitStop, about a guy who got $1000 for reading the End User License Agreement (EULA) for a little piece of software he installed. I have to confess, I hardly ever read the damn things myself, since they’re mainly boilerplate legal agreements, but maybe I should start! The folks who made this particular piece of software included instructions for claiming a $1000 “consideration” for actually reading their EULA. Pretty cool. And, almost worth reading those long, boring EULAs everyone has. Almost…