June 29th, 2008
“Bruce Schneier brings us his perspective on a future filled with kill switches; from OnStar-equipped automobiles and city buses that can be remotely disabled by police to Microsoft’s patent-pending ideas regarding so-called Digital Manners Policies. In Schneier’s view, these capabilities aren’t exactly high points of our potential future. From the article:
Once we go down this path — giving one device authority over other devices — the security problems start piling up. Who has the authority to limit functionality of my devices, and how do they get that authority? What prevents them from abusing that power? Do I get the ability to override their limitations? In what circumstances, and how? Can they override my override?
Posted in 1984, IT Babble | Comments Off
June 14th, 2008
I just bought a new server today from the very excellent folks at Server Beach who I have been using for 4 or 5 years now for all my hosting needs (Anyone who signs up with them after reading this please use referrer code 5C2APE5ZPX). Server Beach offers servers of all sizes running any of a fairly large range of Linux versions (or Windows) for a monthly fee, however unfortunately none of the versions of Linux offered are SUSE. Now, a lesser geek would pick one of the available Linux versions, grumble about it a bit, then get on with using the server, however a fully certified ubergeek like myself will have nothing of that, and immediately starts exploring reinstallation options.. Now, the logistics at first glance appear to be a little daunting:
* Server is in USA
* Server has no CD ROM Drive
* No remote access to Server BIOS, Keyboard or Video
* Geek is 8000km away in Istanbul, Turkey
Now, the answer of course is the McGyver method of:
* Provision the Server with whatever Linux is available (CentOS for example)
* Login to the server with SSH
* Download an openSUSE installation image to the server’s hard disk
* Set the server to boot directly into the openSUSE installation image configured with SSH access
* Cross Fingers
* Reboot the server
* Wait impatiently for the server to (hopefully) reappear on the internet
* SSH to the server and kicking off the openSUSE installation
Now, the first and last time I did this proceedure was just over 2 years ago, and it took me 2 goes to get it right, after reading, rereading, and modifying some obscure instructions on the net pointed out to me by some friends working at SUSE. (Hi Darix.. Hi Henne..)
Now, having not carried out the proceedure for 2 years, given that it is a little complex, I first checked though my bookmarks in vain, then did a google search to try and find the original instructions. Unfortunately, the original instructions I followed no longer seem to exist, but luckily someone else had bothered to write up the exact proceedure I was looking for. Upon closed inspection it turned out that it was me who wrote the document, and it is hosted on the server that I am planning to obsolete after I finish installation of the new server… Are other people this absent minded as well, or is it only me?
Anyway, without further ado, here is HOWTO Install SUSE Linux Remotely without Physical Accesslittle redhead girls
lg m5500c-ba
stick your tongue in slave
erotic cunt
stop smoking shot
afv military
busty teen sex
used office furniture tampa
sexy lesbian lingerie
free nurse video porn
granny huge tits
cam teen
website design seattle
naked supermodels
ariel nude
the average length of a stud horses penis
nude twins
gay orgy penis dick cock
girdles corsets lingerie
free shemale photos
www sexcam de
dog booties
sexy beach photos
nudist chat masturbation
swap cells excel
xxx proposal hardcore sex deal
confederate military history maj. jed hotchkiss
free lesbian sex movies
extreme activities
Bubble Butt POV-3 CD-1
nylon fetish tgp free
black throat fucking
female castration
male masterbation videos
office strip
certified nurses aide registry
avatar cartoon porn
naked women in public
free pornos
shemale stars
nipple sucking milk lactating human
hot gay military men
gay men naked
celeb pussy slip
oriental teen sluts
large volum positive displacement water pumps
mature women sex
brown eyed girl
japanese schoolgirl panties
peeing in mouth
ladies wearing nylon stockings and garter belts
little virgin girls
everyone else has had more sex than me
mom daughter lesbian sex
the chicks dig it
sexy glamour models stockings galleries
masturbation fun
women using sex machines
zyban advantage smoking pill prescription quit
stockings teen
monster cocks cum
milk my jizz
cum nurse
mom and dad sex
erptic male masturbation stories
giant fat cock
fetish sluts
Big Big Babes-21
big tit chat rooms free
nude workout
80’s porn
Its Huge-9 CD-1
body switch story male female
xxx picture mary kay & ashley olsen
free nude paparazzi pics
barefoot redhead girls
beaver shave
shower voyeurism
squirting brunette
the affect of learning style on student classroom behavior
high school musical songs
gay student sex
twink wank
tranny thumbs
bbw fisting
grants pass daily courier newspaper
tits and thong
teenagers having sex
preteen passwords
ntsc secam dk dvd/vcr player
women anal
hermione granger porn
oriental pussy photos
black chicks nude
jetsons nude
female mastrubation techniques
closeup female orgasm
Tesao Na Adolescencia CD-2
office suck
detroit 60 series smoking
gothic lolita bible extra scans
gag bits
accutane centre military and veterans law legal education
australia sex chat free
skinny non nude young
party group sex
nipple hair
jessica simpson paparazzi
bbw homemade
wet n wild girls
free female orgasm movie clips
horny neighbor wife
twinks movies
Gangbang All The Way-2 CD-1
shit in my mouth
large breats
tattoo ideas for girls
dugong vagina
masturbation gay
insest cartoon
nude erotic pics
skinny girl cameltoes
amateur ass to mouth
gay giants
hentai nurse maid
cock pussy
list of female celebrities
adult amateur video
small wrist tattoos
free naked maids
strip suck fuck
teacher and student porn
fuck machine orgasm
chick flashing
My Girlfriend Wants To Do Porn-2 CD-2
oral slut
red head preteens
gay men naked
hand
anti gag cream
ebony tranny gape
groin kick galleries
m715 military tow bar adaptors
private boarding schools
log cabin decor
interracial payperview porn
free incest movies
kids fuck
women’s erotic stories
Meet The Neighbors CD-2
pussy masturbate
free blow job video
wank me off
korean tits sex
large volum positive displacement water pumps
skinny flat girls
I Wanna Cum Inside Your Mom-8 CD-1
how often men shave
double-ended studs
singing penis
wife orgasm
slave whore
animal food vending machines for hand feeding animals
japanese nurse tits
virgin redhead
teen suck
milf in lingerie
will she gag on cock
gag gifts you’re fired
office spank
helen hunt sex video
latina blowjob swallow
hip replacement surgery compression stockings
use sildenafil small animals
office sex mpegs
japanese nurse tits
starwars xxx
pissing in girls mouths
british whores
classy sluts
oriental cumshots
latino marketing for cosmetic dentistry
extreme oriental bondage
www. old cunt and young cock .com
stockings and suspenders porn
nude ballet erotic
chicks with tattoos
free sexy stories
teen puffy nipples
masterbation machines for men
hand
potos of snoop dog
sole fetish
female muscle domination
first orgasm stories
students fuck teachers
queefing vagina
petite tight pussy
hot high school girls
nurse porn pics
amateur teen orgasm
teachers fuck
old men porn
throat fuck
marc jacobs nylon bag
sexiest legs
large object insertions
teacher and student lesbian sex
horny chick
free erotic movies
girl shitting
mega mouth shark
barefoot redhead girls
mountain view school district
hot latina porn
girl mpegs
acupuncture for stop quit smoking
plaid school uniforms
free lesbian porn movies
little girls raped
Posted in IT Babble, Open Source | Comments Off
January 13th, 2008
Posted in Open Source | Comments Off
November 13th, 2007
Posted in WWIII | Comments Off
October 28th, 2007
I can’t count the number of times recently that people have told me that they are about to or just have purchased a Blackberry just so that they could have the all important, critical to business, world goes dark without, feature of “push email“.
As a Nokia E61i smartphone user, I have the ability to install “Blackberry” support, as well as MS Exchange “Direct Push” support (Available in Exchange Server 2003 and later) but the feature that I actually use is trusty old IMAP!
Yes, ladies and gentlemen, the Internet Message Access Protocol (known as IMAP to most of us) has had “push email” ever since the IBM T.J. Watson Research Center published RFC2177 in June 1997. I guarantee that this is WAAAAAY before anyone reading this had either a “smart phone” or had heard of “push email”.
Read the rest of this entry »
Posted in IT Babble, Open Source | Comments Off
September 11th, 2007
Note to self. When trying to export data from a mysql 5 table in something approaching a sane format use:
mysqldump -p –skip-opt –complete-insert –no-create-info dbname
Additionally, mysqldump now has a convenient option to specify that you want to dump in a PostgreSQL compatible format for when you have outgrown MySQL:
mysqldump –skip-opt –complete-insert –no-create-info –compatible=postgresql -p dbname
Posted in IT Babble | Comments Off
August 27th, 2007
Today I needed to make one of my Django sites authenticate against the same usebase as one of my FreeRADIUS servers. Now, given that the RADIUS userbase is in PostgreSQL, this could have been done without touching RADIUS per se, however that would not have been nearly as interesting or elegant as making Django speak RADIUS. (And given the strange record format that FreeRADIUS uses, would have taken nearly as long to implement)
After about half an hour of hacking on a Django custom Authentication Backend I now have a Django happily authenticating from my FreeRADIUS server with all the flexibility that implies (Being able to proxy requests to third parties, set time of day restrictions, use multiple clustered backends etc etc). Without further ado, here is the first cut:
from django.conf import settings
from django.contrib.auth.models import User
import pyrad.packet
from pyrad.client import Client
from pyrad.dictionary import Dictionary
class RadiusBackend:
"""
Authenticate against a RADIUS Server.
You must have a working RADIUS Server and Secret
configured in settings.py. For example:
RADIUS_SERVER = '127.0.0.1'
RADIUS_SECRET = 'testing123'
"""
def authenticate(self, username=None, password=None):
srv=Client(server=settings.RADIUS_SERVER,
secret=settings.RADIUS_SECRET,
dict=Dictionary("/usr/share/pyrad/dictionary"))
req=srv.CreateAuthPacket(code=pyrad.packet.AccessRequest)
req["User-Name"] = username
req["User-Password"] = req.PwCrypt(password)
req["NAS-Identifier"] = "django"
reply=srv.SendPacket(req)
if reply.code==pyrad.packet.AccessAccept:
print "access accepted"
try:
user = User.objects.get(username=username)
except User.DoesNotExist:
# Create a new user. Note that we can set password
# to anything, because it won't be checked; the password
# configured on the RADIUS server will.
user = User(username=username, password='Koh8oF7eiRou4xahxoob')
#TODO: Use user.set_unusable_password() once
# Django SVN > 5608 + openSUSE 10.3 bug is fixed
user.is_staff = False
user.is_superuser = False
user.save()
return user
else:
print "access denied"
return None
def get_user(self, user_id):
try:
return User.objects.get(pk=user_id)
except User.DoesNotExist:
return None
Just copy and paste this code into myproj/radiusauth.py and then stick the following in settings.py:
AUTHENTICATION_BACKENDS = (
'myproj.radiusauth.RadiusBackend',
'django.contrib.auth.backends.ModelBackend',
)
This code makes use of Wiggy’s wonderfull Pyrad library, so you will need to have it installed also to make things work.
Posted in Open Source | Comments Off
August 26th, 2007
My morning mail traffic contained a very sobering post to one of the security mailing lists I follow regarding the security of industrial control systems. Choice quotes include:
The typical lifetime of an industrial control system is can be 10 to 15
years. Chew on that for a minute. What were YOU playing with 15 years
ago?
And:
There is much to be afraid of. Cities depend on an infrastructure that
runs all too well; utilities are so reliable that we forget about how
integral they are to daily life. We’re nearly invisible until something
breaks. Think of this the next time you flush your toilet. How long
could a large city last without water?
The only people who sleep well in my industry are those who do not
understand the problem.
Makes you think…
Posted in IT Babble | Comments Off
August 18th, 2007
As it turns out my new company requires a PPTP VPN connection to be able to check email from outside the LAN. While some might argue that you are better off not having access to work email from home, it is a necessary evil for most of us. While I personally think that an industry standard SSL encrypted IMAP connection is at least as secure as the broken PPTP protocol, there is something to be said for hiding Exchange Servers behind firewalls (Have that firewall be a Microsoft server itself, on the other hand is obviously a questionable gain in security).
Anyway, without more ado, here is the proceedure to painlessly (Without booting Windows) connect Linux to a MS PPTP Server:
Install the NetworkManager-pptp package (openSUSE users can find it at http://repos.opensuse.org/home:/hgraeber)
Restart NetworkManager (It may be easier to simply reboot)
Right Click on the NetworkManager icon in the GNOME/KDE sytem tray (next to the clock) and select “Options / Configure”
Select “VPN Connections / Add”
From the “Service” list select “ppp” (If you run KDE you will now see “You have the GNOME configuration applet installed and can use this to configure the VPN connection……” Press OK to run the GNOME configuration applet)
Select “Add
Select “Next / PPTP Tunnel / Next”
Give a “Connection Name”, Select type of “Windows VPN (PPTP)” and put in the hostname of your Windows VPN server
On the “Authentication” tab select “Refuse EAP” (Otherwise Windows rejects the connection attempt)
Optionally enable deflate and BSD compression modules from the “Compression and Encryption” tab
Click “Forward”, then “Apply”, then “Close”
You should now have a new selection with the name you selected for the VPN connection in NetworkManager’s “VPN COnnections submenu. Click on it and you should be able to connect to your VPN server (After entering a valid username and password)
Posted in IT Babble, Open Source | Comments Off