May 29, 2004
Default Password List

Just in case you start working somewhere and they have never secured anything... and have lost the docs.

You'll need this to get things buttoned down...

Keeping Presidents in the Nuclear Dark

When the history of the nuclear cold war is finally comprehensively written, this McNamara vignette will be one of a long litany of items pointing to the ignorance of presidents and defense secretaries and other nuclear security officials about the true state of nuclear affairs during their time in the saddle. What I then told McNamara about his vitally important locks elicited this response: “I am shocked, absolutely shocked and outraged. Who the hell authorized that? What he had just learned from me was that the locks had been installed, but everyone knew the combination.

The Strategic Air Command (SAC) in Omaha quietly decided to set the "locks" to all zeros in order to circumvent this safeguard. During the early to mid-1970s, during my stint as a Minuteman launch officer, they still had not been changed. Our launch checklist in fact instructed us, the firing crew, to double-check the locking panel in our underground launch bunker to ensure that no digits other than zero had been inadvertently dialed into the panel. SAC remained far less concerned about unauthorized launches than about the potential of these safeguards to interfere with the implementation of wartime launch orders. And so the "secret unlock code" during the height of the nuclear crises of the Cold War remained constant at OOOOOOOO.

May 28, 2004
Chrooting Apache

The chroot daemon allows you to run a program and have it see a given directory as the root (/) directory. This effectively locks the process into its very own filesystem ("chroot jail") isolated from the real / filesystem. In this article we will look at how to install the Apache Web server in such an environment.

Subversion: The new-generation CVS

Software development is an iterative process that benefits from coordination between developers and with historical archives. To facilitate such practices, developers can turn to special versioning software. In this article we will explore Subversion, one of the most recently released version control suites.

May 14, 2004
Seven open source business strategies for competitive advantage

Business managers should understand open source business strategies and determine which strategies are useful for their companies to adopt. Investors should consider the models here when evaluating companies they may be considering for their portfolios. Identifying trends quickly and taking action can be a powerful advantage. Hopefully this article provides a clear introduction to the open source business dynamics that are permanently changing the software industry.

Understanding and Attacking DNS

Understanding the mechanics behind DNS is important when securing your DNS server. DNS is robust and full featured; understanding what resources each DNS action requires will allow administrators to disable unnecessary features, therefore achieving a minimalist and secure DNS server. This section reviews the basics of DNS mechanics. Domain name information is stored in flat text files called zone files. User requests and server replies are simple text-file searches and take very few system resources. Some newer DNS technologies allow for write access to update record data and other configurations remotely. However, unless write access is explicitly enabled, from an end user perspective DNS should be referred to as a read-only service. DNS is mechanically broken up into records, servers, and their respective chains of authority from the root servers.

May 13, 2004
Creative Loafing Charlotte

Where does it go from here? The nightmare misadventure in Iraq is over, beyond the reach of any reasonable argument, though many more body bags will be filled. In Washington, chicken hawks will still be squawking about "digging in" and winning, but Vietnam proved conclusively that no modern war of occupation will ever be won. The only way you "win" a war of occupation is the old-fashioned way, the way Rome finally defeated the Carthaginians: kill all the fighters, enslave everyone else, raze the cities and sow the fields with salt. Otherwise the occupied people will fight you to the last peasant, and why shouldn't they?

ACLU Was Forced to Revise Release on Patriot Act Suit

The dispute over the ACLU's April 28 news release centered on two paragraphs. The first laid out the court's schedule for receiving legal briefs and noted the name of the New York-based judge in the case, U.S. District Judge Victor Marrero.

The second paragraph read: "The provision under challenge allows an FBI agent to write a letter demanding the disclosure of the name, screen names, addresses, e-mail header information, and other sensitive information held by 'electronic communication service providers.' "

Can someone please explain to me how that second paragraph is a threat to national security?

Denial of Service Vulnerability in IEEE 802.11 Wireless Devices

A vulnerability exists in hardware implementations of the IEEE 802.11 wireless protocol[1] that allows for a trivial but effective attack against the availability of wireless local area network (WLAN) devices. An attacker using a low-powered, portable device such as an electronic PDA and a commonly available wireless networking card may cause significant disruption to all WLAN traffic within range, in a manner that makes identification and localisation of the attacker difficult.

May 09, 2004
The Oil Crunch

Before the start of the Iraq war his media empire did so much to promote, Rupert Murdoch explained the payoff: "The greatest thing to come out of this for the world economy, if you could put it that way, would be $20 a barrel for oil." Crude oil prices in New York rose to almost $40 a barrel yesterday, a 13-year high.

Those who expected big economic benefits from the war were, of course, utterly wrong about how things would go in Iraq. But the disastrous occupation is only part of the reason that oil is getting more expensive; the other, which will last even if we somehow find a way out of the quagmire, is the intensifying competition for a limited world oil supply.

Thanks to the mess in Iraq -- including a continuing campaign of sabotage against oil pipelines -- oil exports have yet to recover to their prewar level, let alone supply the millions of extra barrels each day the optimists imagined. And the fallout from the war has spooked the markets, which now fear terrorist attacks on oil installations in Saudi Arabia, and are starting to worry about radicalization throughout the Middle East. (It has been interesting to watch people who lauded George Bush's leadership in the war on terror come to the belated realization that Mr. Bush has given Osama bin Laden exactly what he wanted.)

I don't normally post links from this site because of their insistence on your first born...

But... you can use these.

username: genital
password: genital

May 05, 2004
Debian GNU/Linux Installation with Knoppix and debootstrap

Because Debian GNU/Linux 3.0 is a little bit old, it can happen that newer hardware isn't supported by the woody installer. That's bad, at least when you want to install Debian on a harddisk which is connected on a not supported controller.

There are a few ways to workaround this:

* rebuild the bootfloppies and replace the kernel with a newer one
* build a kernel module for the kernel from the woody installer
* install the base system with Knoppix and debootstrap

I think the last one is the easiest way, that's why I use this way to install Debian on newer hardware.

SA pollie weighs in about Sasser worm

"The Sasser worm is just the latest in a series of onslaughts that are widely reported as affecting all computers that are connected to the internet, but this is not true," said Gilfillan, who introduced a bill in the South Australian legislative council last year to amend state software procurement policies.

"The Sasser worm doesn't affect Apple, Sun, BSD, Unix, or Linux systems. Once again we see governments and businesses around Australia are being slammed by a computer program that exploits weaknesses in one brand of proprietary software."

Math and the Computer Science Major

As I've mentioned in previous articles, computer science (CS) majors tend to struggle for reasons that have very little to do with computers. More often than not, such struggles are rooted in weaknesses related to math.

In this article, I want to show what kind of math to expect as a CS major, why these courses are important, and how to prepare yourself while you are in high school. If you plan on getting a CS degree, you need to come to grips with one important fact first: computer science has more to do with math than computers.

Economics and Security Resource Page

The economics of security is a hot and rapidly growing field of research. More and more people are coming to realise that security failures are often due to perverse incentives rather than to the lack of suitable technical protection mechanisms. (Indeed, the former often explain the latter.) While much recent research has been on `cyberspace' security issues - from hacking through fraud to copyright policy - it is expanding to throw light on `everyday' security issues at one end, and to provide new insights and new problems for theoretical computer scientists and `normal' economists at the other. In the commercial world, as in the world of diplomacy, there can be complex linkages between security arguments and economic ends.

Version Control with Subversion

This is the online home of Version Control with Subversion, a free book about Subversion, a new version control system designed to supplant CVS. This book is a work in progress, which will be published by O'Reilly and Associates in mid-2004.

May 04, 2004
We are all security customers

The invasion of Iraq, for example, is presented as an important move for national security. It may be true, but it's only half of the argument. Invading Iraq has cost the United States enormously. The monetary bill is more than $100 billion, and the cost is still rising. The cost in American lives is more than 600, and the number is still rising. The cost in world opinion is considerable. There's a question that needs to be addressed: "Was this the best way to spend all of that? As security consumers, did we get the most security we could have for that $100 billion, those lives, and those other things?"

Longhorn to Steal Limelight at WinHEC

Microsoft is expected to recommend that the "average" Longhorn PC feature a dual-core CPU running at 4 to 6GHz; a minimum of 2 gigs of RAM; up to a terabyte of storage; a 1 Gbit, built-in, Ethernet-wired port and an 802.11g wireless link; and a graphics processor that runs three times faster than those on the market today.

May 03, 2004
Strong Passwords

Below is a list of commonly used weak passwords that should NEVER be used. If any of these passwords look hauntingly familiar and are being used, you need to change the password immediately.