There has long been a movement in the geek community to expunge the negative thoughts attached to the word hacker, the image to the right The Glider, being one of the latest and most visible. In the beginning there were hackers (people who worked on computers, programmed and made things work) and crackers (people [...]

On the monit mailing list today someone asked how they could monitor a process that didn’t have a pidfile associated with it.  Without thinking I jotted this down, there’s likely a better way, but this should work and may be all I need for some init.d scripts for a couple of apps on ramon (the home server).  In the the beginning of the [...]

I thought the days of crashing IE with just some malformed code were over, apparently not. I just takes a misplaced wildcard in a style declaration to send it down.
<style>*{position:relative}</style><table><input /></table>
This took out IE on my work computer which is fully patched. I’ve read that people running IE under Wine in Linux have it crash [...]

Dan Kaminsky is a 7 year veteran of Black Hat and Defcon in Vegas, and he was pretty much a fixture when I was there last year. His performance during Friday nights’ TCP/IP drinking game was hilarious, and his talk the next morning even more so. This year he’s presenting info on the [...]

Defcon is almost here, and now I have a highlight planned for Saturday: AirTight Networks will be revealing a new varient of Evil Twin. Evil Twin has been known about longer that I was aware; basically it’s someone running a laptop in a wifi hotspot (like a coffee shop) that impersonates the hotspot’s access point [...]

A former spammer comes forth to tell his story, an amazing look at how easy something like this is to get away with.  “Ed,” a retired spammer, built a considerable fortune sending e-mails that promoted pills, porn and casinos. At the peak of his power, Ed says he pulled in US$10,000 to $15,000 a week, [...]

Ah, just what I need, another new way to get more music online; Moozaget. This one seems to employ a special search with specific options that I used to have bookmarked, for example it will search for “Index of” servers, in other words ones without websites, just a bare directory listing. If you [...]

Oh yeah, I’m going to Defcon again this year, just found out this Friday for sure. It’s August 3rd - 5th, in Las Vegas, and this year it’s all paid for by my new consulting group; what a great thing. I argued that I would learn so much more there than any class, [...]

UPDATE: thanks to a comment below from Ted, we now have a solution to have this option persist across kernel updates.  In grub, “…at the end of this new menu item add it as an argument to the line:
defoptions=quiet splash irqpoll
I knew there had to be a way, thanks for the post Ted!
There’s a known [...]

So the only thing I don’t love about my new job is the same old thing; you have to run Windows XP on the desktop. Yeah, I’ll give it a bit more time before I really start pushing to run Linux on the desktop, so until then it’s my ongoing struggle to get XP [...]

When you’re running a ton of termial windows or tabs, it helps to have the title of the box name, along with some environment values, easily available to keep you orientated. Here’s a quick script I created to do this automatically when called via your .profile file in your home directory.
#!/bin/bash
HOST_NAME=`hostname -f`
if [ `id -u` [...]

I’ve had a 12″ G3 iBook since ~2002, and I’ve really liked it. Of course me being me, I’ve run Linux on it for almost the whole time, even running a dual boot of OS X and Gentoo Linux back when I used this puppy on the job. The only thing I (and [...]

Recently I had an issue at work; while trying to transfer files between Unix hosts we were unable to hit the known scp port, but we could still hit the ssh port. All of this was occurring from home, late at night on a Saturday where I was the main technical point man to move/install [...]

Anyone hosting a Wordpress 2.1.1 install should upgrade or immediately prevent access to certain queries to prevent an attack described here. If the server is running Apache with mod_security, simply update your httpd.conf with the following rules:
<IfModule mod_security.c>
SecFilterEngine On
SecFilterDefaultAction “deny,log,status:412″
# RULES: Prevent Wordpress 2.1.1 attack
# http://wordpress.org/development/2007/03/upgrade-212/
SecFilter “ix=”
SecFilter “iz=”
[...]
</IfModule>
And then restart Apache. Note that while this [...]