binpoint

Moving

My RSS reader constantly has 1000+ entries left to read. My average day doesn’t budget enough time to get through them faster than they arrive.

Time to reduce, reus– err, prioritize!

Many of my favorite blogs are part of the gawker media network, which features a “top posts tag.” This is perfect. I can now let other people do the dirty work of weeding out the less interesting posts and leave only the cream of each day’s crop. Great, but what if I want to read / stumble new websites?

alltop’s got you covered.

Problem:

• So you say ‘hackers’ are constantly knocking on the perimeter door to your network.

• You claim that they are trying to ‘map’ your network.

• You insist that they will cherry pick targets based on fingerprint data, wins/dns name, or other factors.

Proposition:

• Fill up a virtual machine host with hundreds to thousands of fake hosts that each have random fingerprint appearance and different name. They don’t need to do anything except listen on a few ports (on a set of believable ports, to mimic a real OS), and maybe send a fake packet or two around (you know, like M$ boxes like to do because they get lonely.) A full blown app like vmware is overkill for this purpose. A perl script on five tiny embedded systems would suffice.

Just think of the possibilities.

1. Each would dilute any reconnaissance tool with bogus hosts
2. Each is indistinguishable from real hosts without attempting to check the function of each service for each address.
3. Each could also be setup to send alerts to your InfoSec dept when anyone attempts to connect to them; (only two categories of connectors: 1) misconfigured friendlies, and 2) bad guys.)
4. Every second the scanner spends poking around in these fake hosts, your real ones aren’t touched.
5. You can brag about how many ‘hosts’ are on the network you manage.
6. If ‘fancy’ is your middle name, you could write a script that would forward connection attempts to a honeypot and attempt to grab a fresh piece of badware.

Thoughts?

P.S. I admit I partly stole this idea from Tom Liston’s LaBrea tarpit.

After trying out a window manager that forces windows to always be tiled (thus preventing any window from getting covered up by another) I realized how silly this idea is. The whole point of a windows based GUI system is to hide inactive panes and prominently display those in use.

But the seed was planted. The ability to line up windows with no gaps was beneficial in certain situations. Thanks to Steve Gibson of Security Now! for pointing out Allsnap.

I drive a pretty sizable distance every day to commute to work. I drive on a freeway most of the distance.

Freeways were poorly named. Congested freeways are anything but free of cars. They house traffic ‘trends’ such as ‘packs’ or ’squadrons’ as well as ’stop and go’ sections or often just convenient ‘parking lot’ areas while you attempt to get home before dark.
In an attempt to optimize this sad state of affairs affecting those of us in urban life, I have come up with the solution (which as I’m sure you’ve guessed by now since you read the title) is that all freeways should be replaced with conveyor belts.

Now, I don’t mean the rubber & pulley wheel variety, I have in mind something more like the catapult system found on the flight decks of American super carriers. It seems so simple it just may work!

Each car would hook up to one of these at speed and “lock in” to a spot on the freeway ‘belt.’ That way, the belt is always moving at a constant speed, no one is able to weave in and out of lanes, it’s impossible to have a fender bender, people can’t use the margins on the side of the road as ‘temp passing lanes,’ maximum fuel efficiency for all cars is enforced and no one can speed!

It’s a perfect solution! I just solved the top 5 highway issues with one ginormously expensive and implausible invention that everyone would hate.

I dare you to poke holes in my logic…

Security data visualization is definitely a promising and awesome way to look at your logs / ids alerts / firewall rules. I was recently introduced to secviz, a site showcasing the various graphing and plotting tools freely available to help visualize un-eye-popping log or plaintext data. Of particular interest to me was:

• How many times have you looked at a firewall rule set and collapse in anticipated mental exhaustion? Wouldn’t it be much nicer if someone just drew a picture of that rats nest? Enter Ruined which makes prettyful things like this:

• Monitoring server load sounds like a job for another server to do (agh infinite loop!) but with a couple RGB values and some squiggly math, you can produce load reports that look like this!

Take a peek at secviz and get inspired. What else would you make pretty pictures of?

At least, I used to! Check out this awesome utility for all your closed-source grepping needs!