Go visit Elizabeth’s shiny new domain www.bitropolis.com and then go and tell her how wonderful it is at her new blog.
Murphy is laughing his ass off right now
I went to take my walk this afternoon. As I had to bring my form by parking services to get my new parking pass, I took that with me and stopped by parking service first. As I left, I placed my pass in my pocket and proceeded to walk down DOG street to the Capital and back to my office. I went to get my sticker out of my pocket and it wasn’t there. I looked in my car and around my office; no sticker. Shit.
So I went back out, retraced my entire walk (that would be 3 miles or so). No sticker. So I slunk back to the parking services office to grovel and pay the “idiot who looses his sticker within an hour of getting it” fee. As I am talking to the lady in parking service, her phone rings.
Some tourist found my sticker and walked it into an office on campus.
I can hear the laughter all the way over here.
August is a good month. Today began the run up to Jeremy Birthday 2004 (which will be immediately be followed by Elizabeth Birthday 2004). Thanks Sweety! I received my first present today; a copy of the 3rd volume of the Harper’s Index Book. Harper’s Index was always my favorite part of Harper’s Magazine; lots of fun facts. (And to be honest, the only part I ever read of my dad’s subscription.)
And a sad fact from my new book relating to elections:
Chances that an American is willing to vote for a Mormon for President: 4 in 5 Chances that an American is willing to vote for an atheist: 1 in 2
On another topic, I got half the lawn mowed before it started raining again. At the rate we are going, it will probably be another few weeks before there is a breach in the rain so I can mow again. ::sigh::
Just some random things.
As of yesterday at 2pm, I no longer am no longer part of the EIS team at William and Mary. Never fear, I wasn’t fired, I am just moving over the the Web and Learning Services team. It makes lots of sense given the work I have been doing (just about everything I do is web related) and I think it will be a better personality match. It does mean that I get to move onto campus, which is cool. I think this will be a good thing.<p>
While doing some things for Braz today, I realized that the webserver on bree serves pages for 35 different hostnames. wow. that is all. have a nice day
</p>
As a regular user of CVS, I am well aware of the limitations this classic tool has. As a result, I’ve been looking for tools that are as simple to use as CVS yet have learned from the shortcomings of CVS. Subversion appears to be such a tool. The authors of Version Control with Subversion have produced an informative yet succinct book that will get one started with what they call the “Next Generation Open Source Version Control.”
They begin with a general architectural overview of version control systems and of subversion itself. Individual sections are provided for prospective users and administrators of a subversion system. They explain the pros and cons of the two different servers that can be used to provide source control access to remote users. A detailed section is also given to the developer who is interested in the inner workings of subversion. In closing they give a complete reference to using the complete family of subversion tools.
This is a straightforward book and as such there isn’t so much to say about it, but that is a good thing. It covers the topic well, and I look forward to putting the knowledge to work.
If you are writing something not application specific in Java you are doing something wrong as it is probably already written for you. But finding the correct solution or class that answers the need you have is often hard. Books such as Java in a Nutshell are useful, but you need to know what you want before you look.
Ian Darwin’s book Java Cookbook is a mammoth (829 page) book that provides answers to hundreds of questions. His style is easy to follow. The book is broken down into major topic areas (strings, numbers, OO techniques, networking, etc.). Each section begins with an overview of the capabilities that Java provides in that area followed by a series of Q&A entries that address specific problems a programmer might encounter. He then concludes with a simple application (or two) that demonstrates the techniques he has discussed. Simple, straightforward, useful.
This second edition has expanded to cover new features that are being developed for Java 1.5. As a programmer familiar with working in Java (but by no means an expert) I found these topics to be the most enlightening. Specifically the coverage of the new foreach construct and the templating mechanisms.
Overall this is a book useful for everyone who codes in Java. It has basic techniques for the new user, and expands into areas that an expert would need.
“Be afraid. Be very afraid.”
If there is one motto to be taken from this book, that is it. Security Warrior takes a new track from most security books, the view of the attacker. How and what they do are explained in detail, from reverse code engineering to methods of avoiding intrusion detection systems. As a systems administrator, part of me wants to just go and unplug all my servers after reading this book.
Far from an introductory book, the authors assume you are familiar with the concepts of securing servers and networks on the internet (achieved, possibly from books like Practical Unix and Internet Security). The first half of the book covers attack methods and then switches to defense methods for the remainder.
The authors provide detailed and up to date information regarding program disassembly for the purpose of patching as well as for determining possibilities for buffer and heap overflows. Methods and tools are discussed for Windows, Linux, and Windows CE. This is heavy stuff; you will need to be at least passing familiar with assembly language and computer architecture to make sense of what they are discussing. They move on to cover network attacks beginning with reconnaissance techniques, firewall and IDS avoidance, and hiding your tracks. I found it very impressive the discussion of some of the most moedrn tools; not only did they discuss TCP stack fingerprinting, they mentioned the latest developments in non-static and passive OS detection tools.
In the last “attacker” section of the book, they discuss specific vulnerabilities in many services, including topics such as Active Directory hacks (extending even into the weaknesses of smart card technology). General web attacks like SQL injection and parameter checking problems are discussed as well as the deficiencies present in most wireless ethernet implementations.
After scaring the daylights out of you in the first part of the book, the authors proceed to the defensive topics of the book. They cover the general topic of logging adequate information and dealing with logs from multiple sources. Alternate syslog implementations are discussed that provide more flexibility than the standard toolsets. For networks in general, intrusion detection systems are discussed using Snort as the example tool. Honeypots are also described in brief. Computer forensics is covered as well as techniques that are used to destroy electronic evidence.
I felt this was an excellent book. It is definitely an advanced book, but is a welcome relief for people who are experienced in computer security and want something that pushes the edge.
I love Williamsburg in the summer.
OK, I realize this was a horrible event and my heart goes out to the victims and their loved ones, but what the hell is up with this headline?
90 dead in tanker horror smash
“tanker horror smash” What?!?!
::sigh::
I’m an official real student again. I got my acceptance letter and have returned the “yes, I will register” paperwork. Master’s degree, here I come (albeit slowly).