via Julien:

% S=(sleep code) ; echo ${S[$(($RANDOM % ${#S[*]} + 1))]} sleep

Guess it’s time to goto :BED :-(

Dana got Alex thinking about RSS Spoofing, which in turn got me thinking about RSS Hijacking.

Imagine you find some reliable, popular site that is cross-site scriptable. Send out a few million phishing emails that add an RSS feed to the page via scripting and “target” adds said RSS feed to their reader. Continue with the thought Alex had about tracking valid info for a while, and then pouncing.

Now of course there are some diminishing returns here - most RSS readers are fairly tech savvy and not likely to fall pray to a phishing scam, but RSS is gaining popularity…

I attended my first Chicago Nerd Dinner tonight and had a great time. I was afraid I would miss most of the night as I had an appointment in Naperville until 6pm, but despite the rush hour and snow coming down, time from Naperville to Downtown was only 30 minutes! I thought a “1” was missing in front of that time, but the highway’s were clear…everybody must have left work early to beat the snow.

My first nerd dinner was definitely a lot of fun, and I can’t wait to go to another! It was great to meet some more nerds in Chi-town.

Like so many others, I stumbled across Filangy over on Jeremy’s blog. Being hip and trendy, I signed up for a beta and no less than a few days later received an invite.

The theory behind Filangy is awesome and would greatly benefit how I use the web, however I cannot in good conscience use the service.

Why? Simple - security.

I have discovered two fairly major security flaws with their implementation, which I have informed Filangy about, that put Filangy users at risk with respect to the (limited) personal information stored in Filangy. However, it is fairly obvious that this tool was not built with security in mind and that worries me. In my experience, if their developers were not aware of these issues prior to this point, the fixes will likely be tacked on solutions and will fail to fully correct the problem. The fact that the JavaScript rollovers seem to be snagged from Dreamweaver do not make me very optimistic…

Please, Filangy, at least take a look at the Open Web Application Security Project (OWASP) and get Filangy on the right track…I would love to use it.

I stumbled across a post a couple days ago that challenged to solve the Hanoi problem using batch. Being a batch aficionado and scripting everything from IPSec policies and network configuration to remote VNC installs, I thought I would give it a shot.

The algorithm to solve the Hanoi problem is actually quite simple and with the exception of N-1 not being set properly the second time around, it was pretty easy to convert the pseudo-code to batch. To make it a little bit more challenging, I configured the script to be fairly dynamic in that it determines how many Hanoi disks there are and initializes it’s variables based on that. I am very much against writing scripts that you need to modify when an external factor has changed. My solution is available here: hanoi.bat

Being the overachiever that I am and driven by an odd desire to automate any manual process, I also whipped up another script to initialize the Hanoi disks. I actually did this prior to the hanoi script so I could easily build up and tear down the disk structure. Copy and paste was too much of a manual process for me. grin Again, allowing for my desire to make the script as dynamic as possible, I build the disks based on a pre-defined height. In addition, a desired height can be passed to the script as the first parameter, which makes it very easy to build a tower of any height. So if I want to build a tower of 100 disks and let my computer run through the 1.2676506 * 10³⁰ iterations it would take to solve it, which I also just learned is the probability of tossing a coin and getting the same result 100 times in a row. The script is also configured to remove any previous disks. This init script is available here: init.bat

Thanks for the challenge, Adi. I had a good time with it!

Should I be worried that whenever I am about to receive an incoming call or message on my cell phone and have headphones on, I can detect it due to some fairly loud clicks and buzzes in the earpiece. Perhaps I should take a look at how much radiation my phone is emitting.

I do appreciate knowing that a call is about to come in, though, so I can dig my phone out of my pocket.

How Microsoft builds an attack and penetration testing team.

Some good points in that paper, including:

• Less cost over the long term.
• The hardest part of starting an Attack and Penetration Testing program is finding the first person.
• It is important to find people who not only have the technical skills to find vulnerabilities and the personality that drives them to try to break systems, but also good interpersonal and team skills.
• Three people are the recommended minimum Attack and Penetration Testing team, one with each of these specialties (Host, Network, Application).
• There is a spirit of competition on the team that drives each team member to be the first to find the vulnerability in a new target being tested. Different people on the team take the lead on different projects on a rotating basis, to balance growth opportunities across the team.
• One prime motivation of all of the testers on the team is the pursuit of knowledge and understanding.
• As team members become more senior, a greater portion of their time is devoted to research and managing or mentoring other team members.

Wow…this is so right-on.

I just wrote up a Chicago version of this, then happened to hit the side-button of my mouse that also acts as “Back” and consequently lost the fairly large post I had made…argh!

After my recent Domain Controller failure, I brought up a virtual machine as a second DC and then demoted my original DC. Ever since, I had been receiving SceCli (Event ID 1202) errors every five minutes.

Microsoft support was actually very helpful this time. The error message made reference to http://support.microsoft.com and indicated I should query for “troubleshooting 1202 events”. I did so and was directed to this knowledgebase article, which instructed me to enable some detailed logging. After doing that and examining the log, I found the source of the problem: “Error 1355: The specified domain either does not exist or could not be contacted. Cannot bind to the GC.”

Oops…forgot to make my new DC a Global Catalog server. A quick checkbox in AD Sites and Services and my logs were clean again. I love having clean logs.

wow…