After some thought, I decided it would be useful to document some of the projects i’m actively working on for this site. One of such projects is a real time black list (RBL) for the Rizon IRC Network. The network consists of 20~ servers holding around 15 – 17 thousand users.

Why is this important? Because IRC is such a old and simple  text based chat protocol. It is often abused by hackers, script kiddies and other malicious reasons to abuse people’s personal computers which have been compromised and turned into drones. They are then often used to disrupt the chat of others, or even denial of service attacks.

First the setup, after talking with some other RBL projects, dronebl.org and proxybl.org, I decided on a mix of MySQL and rbldnsd.

Rizon has several methods of detecting compromised hosts, drones, open proxies or other types malicious users. Each time a user is detected which matches one of our rulesets, his or her IP address is added to our ban list, normally for a 3 day period. While 3 days is useful, we wanted to pool the knowledge we had gained of the IP’s which were bad.

No small task, but I decided to spin up one of Rackspace’s new Cloud Servers to Debian (5.0). Tasks before me include:

  • installation of mysql, rbldnsd, and lighttpd, my web server choice.
  • setup of DNS records to create my blacklist & domain acquisition
  • creation of php scripts to allow our services to add hosts & comments
  • creation of scripts to dump the mysql database into a zone format for rbldnsd
  • creation of informational website as well as a check & removal system for users who have cleaned up their problem.
  • meet with the different Rizon developers depending on service and agree on a protocol for blacklist adds.

more to come…. as I get things implemented.

I finally got done configuring my laptop the way I want it, and impressively VMware Fusion lets me full screen VM’s per each of OSX 10.5 spaces. With 4gb and a dual core processor, my macbook is holding its own. Ubuntu 9.04 (xfce4), Windows XP, and Windows 7 (RC) for those unfamiliar.

I was amused by Steven Colbert’s trip to Iraq as apart of the USO efforts to provide releif for service members abroad. Hulu even allows you to edit a clip, so here it is in all its glory:

are not the cars we drive, but the buildings we live in.”  – Hulu provides a way to view some of the PBS shows that I’ve never heard of yet have found the most valuable and interesting “TV” ever produced. From the series Carrier, to this new mini series i’ve found, Design e^2, the ability to watch these programs on demand is something of great value.

While the series may seem to glorify the job and responsibilities of architechs I found the shows immensely interesting.

 

Rough Weather continues....

Rough Weather continues....

The strength of SAS, software as service, especially in the form of personal and free services has really come along way. When I first showed up for this class I brought a notebook some pens and a highlighter. While I was waiting for things to get started, it occurred to me that I didn’t really want to keep the notebook around to go dig it up when ever I needed to renew the certification, nor did I want to have to keep track of multiple pages of notes or the notebook I was given. 

 

Wiki’s are by default have a degree of learning curve to display data the way you want. The problem with this of course that every different wiki software has a markup language that is a little different. This is where some SAS providers have stepped in and created online wiki’s that allow a user to create his or her own personal wiki, and have a rather full featured web editor instead of requiring the user to learn the details of the markup language.

PBwiki allows users to create wiki’s, make them public or private, and gives them 2gb of space to upload pictures, attachments ect. This is all for free also. A paid service gives granular control over each page, as well as a large storage space bump, but for notetaking… 2gb space is practically unlimited for just text files only. But most importantly, I now have an online backup of all my notes, that I can access from anywhere, and if I wanted to could let others access. This is just one service that exists in a sea of similar offerings as well. 

Oh and did I mention the weather was terrible?

 

Rough Weather

Rough Weather

Started a crash course for the CompTIA Security+ exam  today. I’m taking a two day course which is being provided by CBT Xpress, and NITTCI. My experience from my undergrad security concentration has proved to have already covered almost every page so far in the book which we were given and in far more depth. 

Curiously in the introduction the instructor attempted to dissuade people from digging too deep into a subject, citing the general lack of time in the course for someone to learn everything. The obvious problem with both the testing idea and the crash course idea is people who have minimal experience on any of the subjects can now gain the certification without actually truly understanding the topics, while people who understand the topics must take the crash course to pass the nit picky questions posed by the test.

The course runs a full week and covers the A+, Network+, and Security+ certifications, but I skipped the first two parts. After completion of the Security+, with the base knowledge I have gained through my undergrad at RIT I expect to be able to pick up both certifications without any subject training to the test. It will be interesting to me to compare the differences between the crash course and undergrad courses that i’ve already taken and how different the depth of understanding on each topic which is provided in both.

The Wall Street Journal has a story running that the RIAA the group behind the mass lawsuits against file sharing in the US will stop filing new lawsuits. It goes on to note CD sales are still in decline and the PR of taking almost 40,000 people to court has resulted in various mishaps along the way, including a dead person and a thirteen year old girl. Instead it will attempt to force our Internet Service Providers to do the policing for them. The number of problems with this idea are too many to list in this short ramble. But one comment on the article raised an interesting idea, that maybe the RIAA has finally met some resistance and are changing directions before the door on their lawsuits gets closed.

I’ve not written about anime on this blog yet, but it is something I find interesting, especially in some of the complex topics which are unable to be covered by traditional media. Time of Eve is a story about a future where androids have become common place. They revolve around three rules which are suppose to govern all actions of the androids. The quality of the animation is also rare and the release method signals a change in the problematic fan-subtitling versus US publishers approach. The first three episodes are available for free streaming at crunchyroll.com   The story revolves around a cafe which the only rule is treat everyone the same, android or human.

I have always believed that the mouse and keyboard would be on their way out sooner or later, but the new method of working with a computer has always been something of scifi story. This video is the first working model of something I could see being viable in the future. 

Full article over at oblong.com

Its been awhile since i’ve setup a PPTP server in linux but the overhead of server 2003 for under 10 users is hard to justify the cost. I’ve compiled a short how-to for reference. This is based off Ubuntu 8.10 but would most likely work for any flavor of both Ubuntu or Debian.

Install software…

aptitude install pptpd

Get your ip address

ifconfig – get eth0 ip address

First Config File

sudo nano -w /etc/pptpd.conf

what is -w? it turns off automatic line wrapping

Edit the following information:

localip      192.168.0.5 (this address should be the IP address of your server [inet addr] when you type ifconfig, see above )

remoteip   192.168.0.241-246 (this will provide you with 6 working IPs (aka a /29))

Get your DNS Servers

cat /etc/resolve.conf  ( your looking for the numbers after the word nameserver )

Second Config File

sudo nano -w /etc/ppp/options

Edit the following information:

ms-dns  18.70.0.160 (replace information from /etc/resolve, copy only the IP)

ms-dns  18.71.0.151

Third Config File

sudo nano -w /etc/sysctrl.conf

fine the line that says:

#net.ipv4.conf.default.forwarding=1

remove the #

This will allow the kernel to foward packets to your VPN clients

Final Config File

sudo nano -w /etc/ppp/chap-secrets

Format:

username service password ip

(* will allow any IP address to conncet)

alice pptpd secret-password-here  *

bob pptpd secret-password-here *

Lastly, reboot.

When your machine comes back up, you may need to /etc/init.d/pptpd start