I’m very pleased with the level of detail the book goes into when explaining debugging techniques and how a CPU deals with processes. It almost makes me want to focus more on C code, but I know that the further I get into the book the more I will be happy with the relative simplicity offered by Python.

My only gripe with the book is the first sentence of the first paragraph on section 1.1, “I assume that you are using a 32-bit Windows-based platform to do most of your coding.” While it certainly makes sense to focus on debugging techniques on the Windows platform since most of the software one would be dealing with is written for it, it rubs me the wrong way to make the assumption that I’m using Windows to write software — especially with a language like Python. And no, I’ll be writing code primarily with vim on OSX and running Python on Windows via Parallels.

With that only negative note aside, it’s a fantastic book and I would absolutely recommend it to others.

• The Python Challenge – Pretty self-explanitory. Some puzzles that require a little bit of creative Python programming along with some outside-the-box thinking on solving problems. Can probably use other programming languages as well, but at some point I’m betting there’s some Python specific data-types (I just started a few last night so don’t know yet).
• HAXTOR (warning – JS will attempt to resize your browser window) – Various decrypting challenges and web-related stuff.
• hackergames.net – Just ran across this the other day but haven’t gone through any of them.

* Word to the wise: Use a disposable virtual machine with a safe snapshot when messing around with this kind of stuff. The sites are probably safe, but you never know where you’ll end up and who could be targeting them for extra kicks. Use No-Script at a minimum.

SecuraBit

Security Justice

PaulDotCom Security Weekly

Hak5

Network Security Podcast

I’m still a little unsure about the innerworking of the OS, but *nix is no stranger to me so I’ll get there. MacPorts is also a little odd, but once I get the hang of it I should be fine. It seems to fail on dependencies for GIMP and Wireshark during my first attempts to install stuff, but nmap worked fine right away (probably because it’s just console). I’ll have to dig into X11 stuff I’m guessing.

While I’m not considering converting workstations and servers over, I think I’m sold on my quest for a solid laptop.

I mean, with the exception of only a small handful of other services, Twitter is the only micro-blogging platform that could possibly be used for malicious communication. And, unlike other forms of nefarious yacking technologies like the cell phone and instant messaging it is inherently and by default open to the public for easy reading (yes, I know Twitter accounts can be marked private — not the point).

Ok. You sense sarcasm? Well, at least they’re paying attention to the right groups. You see, they’ve identified Twitter as becoming an activists tool for “socialists, human rights groups, communists, vegetarians, anarchists, religious communities, atheists, political enthusiasts, hacktivists”.

In fact, “Twitter is already used by some members to post and/or support extremist ideologies and perspectives.”

Damn those vegetarians and political enthusiasts…

That being said, I’m disappointed with the lack of solid, free applications written for the platform. I spent hours trying to find a reasonable program to view my school books (PDF format) from my media card and mostly found paid subscription software that was grossly overpriced. I ended up creating a BlackBerry email account and sending my PDF’s to it. It’s a workaround that I’m willing to live with rather than fork out money for something we all take for granted in the PC world. I don’t understand why BlackBerry developers think they should be charging for something as basic as a reader that is free on virtually every platform I’ve ever used. Charge for the added value of the writer (like Adobe Acrobat), but give the reader away and get your name on the device.

The next thing that got me was the difficulty in listening to streaming music on it. I know I can throw MP3 (maybe OGG) files onto it and play them locally, but I really just want a Pandora or Last.fm setup where I can play a tag or similar artist station. Pandora doesn’t support the BlackBerry and their web-based player thought my IP was from Norway so wouldn’t work either. Last.fm doesn’t support the BlackBerry directly as well and even if I wanted to scrobble tracks played locally I needed to buy software (3rd party). End of the road here is that I applied for a Last.fm API key so that I could attempt to write my own streamer for the BlackBerry. More to come on that I hope — still waiting on the key.

And yes, if and when I complete this project (I already have a name picked out) I will absolutely release it for free.

set objShell = CreateObject("WScript.Shell")
set objFSO = CreateObject("Scripting.FileSystemObject")

' // BEGIN CONFIGURATION OPTIONS //

arrIPAddr = Array("192.168.1.1", "10.0.10.1", "172.16.1.1") 'Array of IPs
strDirectory = "C:\Path\to\logs\" 'Logfile directory
strFile = "HostMonitor.txt" 'Logfile name
strTestLocalConn = "google.com" 'A public server to test your connection

'Email Settings
strEmailTo = "" 'To email address (somebody@domain.com)
strEmailFrom = "" 'From email address (somebodyelse@domain.com)
strEmailSubject = "" 'Email subject
strSMTPGateway = "" 'SMTP server (smtp.emailgateway.net)
strUseSMTPAuth = false 'Change to true to authenticate (true|false)

‘Only if strUseSMTPAuth is true
strSMTPUsername = “” ‘SMTP username
strSMTPPassword = “” ‘SMTP password
strSMTPPort = 25 ‘SMTP port number
strSMTPSSL = false ‘SMTP SSL option

‘ // END CONFIGURATION OPTIONS //

dim strIP
strLogTxt = “”
strSendMsg = false

if Reachable(strTestLocalConn) then
for each strIP in arrIPAddr
if not Reachable(strIP) then
strSendMsg = true
strLogTxt = strLogTxt & ” ” & strIP
end if
next
if strSendMsg then
strLogTxt = “The following addresses were unreachable:” & strLogTxt
else
strLogTxt = “All hosts responded normally.”
end if
else
strLogTxt = “Connection to ” & strTestLocalConn & _
” failed. Host monitor aborted.”
end if

const ForAppending = 8
set objFSO = CreateObject(”Scripting.FileSystemObject”)
if not objFSO.fileexists(strDirectory & strFile) then
objFSO.CreateTextFile(strDirectory & strFile)
end if
set objFile = objFSO.OpenTextFile(strDirectory & strFile, ForAppending)

objFile.Write date() & ” ” & time()
objFile.WriteBlankLines(1)
objFile.Write strLogTxt
objFile.WriteBlankLines(2)
objFile.Close

if strSendMsg then
const cdoSendUsingPickup = 1
const cdoSendUsingPort = 2

const cdoAnonymous = 0
const cdoBasic = 1
const cdoNTLM = 2

set objEmail = CreateObject(”CDO.Message”)

objEmail.From = strEmailFrom
objEmail.To = strEmailTo
objEmail.Subject = strEmailSubject
objEmail.Textbody = strLogTxt & strDate

objEmail.Configuration.Fields.Item _
(”http://schemas.microsoft.com/cdo/configuration/sendusing”) = 2
objEmail.Configuration.Fields.Item _
(”http://schemas.microsoft.com/cdo/configuration/smtpserver”) = _
strSMTPGateway
if strUseSMTPAuth then
objEmail.Configuration.Fields.Item _
(”http://schemas.microsoft.com/cdo/configuration/smtpauthenticate”) _
= cdoBasic
objEmail.Configuration.Fields.Item _
(”http://schemas.microsoft.com/cdo/configuration/sendusername”) _
= strSMTPUsername
objEmail.Configuration.Fields.Item _
(”http://schemas.microsoft.com/cdo/configuration/sendpassword”) _
= strSMTPPassword
objEmail.Configuration.Fields.Item _
(”http://schemas.microsoft.com/cdo/configuration/smtpserverport”) _
= strSMTPPort
objEmail.Configuration.Fields.Item _
(”http://schemas.microsoft.com/cdo/configuration/smtpusessl”) _
= strSMTPSSL
end if
objEmail.Configuration.Fields.Item _
(”http://schemas.microsoft.com/cdo/configuration/smtpconnectiontimeout”) _
= 60

objEmail.Configuration.Fields.Update
objEmail.Send
end if

function Reachable(strComputer)
dim objShell, objExec, strCmd, strTemp

strCmd = “ping -n 1 ” & strComputer

set objShell = CreateObject(”WScript.Shell”)
set objExec = objShell.Exec(strCmd)
strTemp = UCase(objExec.StdOut.ReadAll)

if InStr(strTemp, "REPLY FROM") then
Reachable = true
else
Reachable = false
end if
end function

Out of our current 19 public interfaces, we did have a single one that responded via ICMP. It was more or a less bad timing on our part because performing support on the machines behind the routers isn’t perfected yet, so we have to go in and disable bottom drop-rules for a few minutes to get in. Packet filtering is still active and unwanted traffic won’t come through, but it did allow that router to talk back and announce its existence — unlike the rest of the stoic batch.

One more big step out of the way…

I started studying for my CISSP last month too. I doubt I’ll get around to actually taking the test until next year, but it’s a goal worth attaining if I continue down the road of IT security.

I’m not sure why exactly, but I recently gave it another go and have become increasingly intrigued with how to use it.

So far I’ve got it pegged to being:

• an IM client
• a chat room
• a micro-blog
• a news source
• an idea storm/generator
• a megaphone

The ways to use it really go on and on. Heck, someone even used it to propose!

[tags]twitter, microblog[/tags]