I get a lot of mail. No, I get a $h1tload of mail. I have excellent spam filtering at my server and on my trusty mail.app mail client. Yet, I still get my fair share of spam.

I know what you’re all thinking… “Chief, why don’t you just go to a grey-listing mail service… then only the people you authorize can mail you!”. Well, you’re all right. I’m lazy and I haven’t gotten there yet – even though a few good friends of mine have written an amazing (and yet unpublished) grey-listing mail

continue reading.....

align="texttop" border="0" height="325" hspace="4" vspace="4" width="400" />

Master modder [Jani ‘Japala’ Pönkkö]’s latest hack is
adding an LCD screen into a mouse. The LCD
is from a Nokia 6610. It fits pretty well since the controller board isn’t any larger than the screen. The controller
requires adding three more wires to the mouse. These are connected to a parallel port. The screen can only show about 1
frame per second, but that is fast enough for general statistics or showing photos. It’s a really clean build. A clever
trick was using a piece of plastic from the blister pack to cover the screen since it was already the same shape as the
mouse.

[thanks z]

Read | Permalink | Email this | Linking Blogs | Comments
© 2006 Weblogs, Inc.

Ads by Google

continue reading.....

At the time of the official release of Ubuntu Dapper Drake, I happened to visit the site of Kubuntu – the alter identity of Ubuntu. And on an impulse, I ordered a CD of the latest Kubuntu 6.06 LTS which was also released more or less at the same time as Ubuntu Dapper Drake but with a lot less fan fare. I forgot all about it till a couple of days back, when I received the single CD I ordered

continue reading.....

“One of the reasons that my family left Mexico before I was born was because of so much corruption in business. It nearly drove my father into the casa pobre!” Inez lamented as she waved around a dry erase marker. “It is what drives me in these situations, you know?”

I nodded understandingly. Corruption seemed to be everywhere, like why Starbucks always seems to run out of the exact coffee bean I’m looking for one day before I walk into the store. Some things are not meant to be understood

continue reading.....

In this session we’re going to look at a zone file listed in our named.conf file.

So let’s look at pri.example.org. Notice the a CNAME and SPF files. We didn’t list those in our file types in part III, but we’ll demonstrate what they do in the next session.

continue reading.....

SCADA system makers pushed toward security

continue reading.....

border="0" height="325" hspace="4" vspace="4" width="400" />

Our friend [Markie] keeps insisting on dragging all of his old tech into the new millennium. In his recent article
about cramming a non-airport WiFi card
in his old iBook he hinted at another wireless project coming up. Well here it is: a
wireless eMate. eMates were sold to
the education sector as durable computers for classroom use. Markie had to build a serial cable to transfer the
necessary software to the machine. With only 3MB of RAM and a 25MHz processor the machine isn’t up for much, but it
seems to work fairly well as a terminal.

Read | Permalink | Email this | Linking Blogs | Comments
© 2006 Weblogs, Inc.

Ads by Google

continue reading.....

All the news sites and news television channels are agog with the news of AMD acquiring ATI – one of the foremost graphics card manufacturing firms which rivals Nvidia. In the future, when one buys a PC with an AMD chipset, there is a good chance that it will have on-board graphics as powerful or even more than the graphics cards sold by ATI. This means that we need not have to buy a separate

continue reading.....

Carla Schroder tells you how to configure Asterisk with hold music. Via VoIPPlanet: VoIPowering Your Office with Asterisk: Soothing the Savages with Hold Music.

One of the more fun aspects of running an Asterisk server is choosing your own hold music…

continue reading.....

Vyatta launched the 1.0 version of its Open Flexible Router today. Via Network World: Vyatta to take on Cisco and Juniper.

The OFR software is available for download from the Vyatta Web site at vyatta.com. Vyatta charges for support and maintenance u…

continue reading.....

SecurityFocus talks about getting hacked: After an Exploit: mitigation and remediation. Frankly, the article seems a bit misnamed to me. Ignore the “after an exploit” part. It’s really about prevention and mitigation of particular attacks.

As we all …

continue reading.....

Debianhelp has a nice little tutorial on setting up Nagio and Oreon (a Nagios front-end) in (of course) Debian: Nagios and Oreon (Nagios web frontend) installation in Debian.

continue reading.....

Before we take a look at a complete primary zone file, we need to cover background. Consider this background the context where the file itself is content.

Note: None of this may mean much to you until you see the entire text of a zone file. That’s OK at this point because when you do see it tomorrow, you can refer back to this information to make sense of it. In the mean time, you may have to humor the editor.

continue reading.....

I was fifteen minutes from finishing my weekly yard work in the backyard. The lawn was perfect, the bushes were trimmed, the pool was sparkling clean, and the patio begged me to pull up a chair and sip on a fresh iced coffee.

I sauntered over the patio and spied a curious item laying near one of my freshly manicured bushes: a fast food wrapper!

The Chief doesn’t touch fast food. This MUST have blown in from a neighbor.

With a quick single motion, I scooped up the wrapper and noticed tha

continue reading.....

Audio And 64-bit Linux, Part 1

Sorry for the delay, it’s been hectic here.

As I mentioned at the end of my last entry I’m preparing myself for my first excursion into the world of 64-bit Linux. After trading some lessons for a motherboard I started collecting parts for a new desktop machine for the studio. 64-bit considerations were new to me so I asked for help on the Linux Audio Users mail list. Some LAU members run 64-bit systems, and I did indeed get the information I needed. I won’t detail the engaging traffic that resulted from that thread, you can read it yourself in the LAU list archives (it’s titled AMD64 question).

continue reading.....

src="http://www.weblogsinc.com/common/images/2872212676710755.JPG?0.7341846657658356" align="" border="0" height="325"
hspace="4" vspace="4" width="400" />

The meddlers over at the camera hacking forum have been
abusing our favorite CVS product once again. You
can now unlock your single use digital camera without any hardware modes. Last week [Sailpix] discovered that Pure
Digital had left their FTP server wide open. He found an interesting app on it and discovered the way the
challenge/response keys were generated. It was only a matter of time before other hackers like [BillW] were able to use
a little brute force and create a software app to generate the correct response keys. You can
download
the app here. BillW wrote it based entirely on Sailpix’s description of the algo, not the original code. App works
for the type-04 camcorder as well.

[thanks [removed by request]]

UPDATE: CameraHacking.com has removed the original thread at
Pure Digital’s request.

Read | Permalink | Email this | Linking Blogs | Comments
© 2006 Weblogs, Inc.

Ads by Google

continue reading.....

align="texttop" border="0" height="325" hspace="4" vspace="4" width="400" />

Hacker [Sprite_tm] is one of our favorites. He continues to court our fancy with his latest hack,
adding a USB host port to his GP2X. The
GP2X is a Linux based handheld game system. It supports USB devices through its EXT port. Problem is: it doesn’t
provide power and you have to use a dongle. The GP2X uses a MAX1566 DC-DC converter so Sprite_tm was able to get 5V
from the chip that was otherwise unused. Once mounted in place all he needed to do was write a simple script to mount
the USB device. The chip should provide 500mA, but it’s not guaranteed. High draw could lock up the GP2X so a powered
hub should still be used if you are unsure.

Read | Permalink | Email this | Linking Blogs | Comments
© 2006 Weblogs, Inc.

Ads by Google

continue reading.....

Yesterday, we looked at a named.conf file for a single domain we called example.org. Rather than send you back to the earlier article, we'll reproduce the file contents below:

continue reading.....

There was a time when it was practically impossible to buy a computer with GNU/Linux pre installed. If you wanted to run Linux, you had to install it yourselves. Almost all PC manufacturers were shipping PCs with Windows OS. And if the buyer did not want Windows, he still had to pay the full price of the machine which included the cost of Windows OS. But with Linux getting more user friendly as

continue reading.....

How important are Domain Name Services? Consider this, suppose you want to set up your own web site, you go to a commercial registrar and attempt to acquire a domain name. The purchasing process won’t proceed unless you can enter the IP addresses or Internet names of two existing, registered DNS servers for your domain.

continue reading.....

align="texttop" border="0" height="325" hspace="4" vspace="4" width="400" />

The Sharp Zaurus SL-C1000 is one of the handful of PDAs
that Sharp has released preloaded with Linux. With it’s full qwerty keyboard it’s pretty easy to use any program
intended for a full size Linux box. Reader [Sonicvanajr] decided to make a
video of his new toy doing a few tricks. Namely, running
Aircrack-ng (key to
WEP cracking) and
MDK2. He compiled both using the
OpenEmbedded tools. If you are looking for one of these tiny Linux boxes you
might wan to try for the older 5500 model which was sold in the states. The
OpenZaurus project is the distro of choice even though it does have a
surprisingly steep learning curve for being on a fixed hardware platform.

Read | Permalink | Email this | Linking Blogs | Comments
© 2006 Weblogs, Inc.

Ads by Google

continue reading.....

Insecure.org has once again updated its list of Top 100 Network Security Tools. Leading tools include Nessus, Wireshark, and Snort.

After the tremendously successful 2000 and 2003 security tools surveys, Insecure.Org is delighted to release this 2006…

continue reading.....

Looks like Sourcefire is starting to enter some emerging markets: Sourcefire targets Indian enterprise market.

Sourcefire Inc. international sales vice-president Allen Male said, “This year, and specifically in 2007, we are going to put a lot of fo…

continue reading.....

Next Tuesday at OSCON in Portland, I’ll be giving a 3.5 hour tutorial titled Open Source Clue Training: How to Market to People Who Hate Marketing.

As I prepare for that, I thought I’d share some of the curriculum I’ve come up with. I’m looking for constructive feedback, suggestions and Stories From the Real World that might be useful to the tutorial. Here we go…

continue reading.....

Posted by labs-no-reply on Jul 21

continue reading.....

align="texttop" border="0" height="325" hspace="4" vspace="4" width="400" />

The keyboard on [IraqiGeek]’s aging Averatec started to fail after two years of use. He didn’t want to pay $60-80
for a replacement. Instead he decided to dissect a cheap membrane keyboard
and use the key contacts out if it. The how-to is really thorough and covers the disassembly and reassembly of the
complex key supports in the notebook.

Read | Permalink | Email this | Linking Blogs | Comments
© 2006 Weblogs, Inc.

Ads by Google

continue reading.....

I had a very disturbing phone call with a security colleague of mine this evening. With his permission, I have transcribed the story that he shared with me and have only changed the names to protect the genetically stupid.

My Colleague’s Story:

Today I was fired as the Director of Data Security And Compliance from BigCompany, Inc. I have been an employee of BC for almost twenty years. I’m no suit, I’m just a regular old security professional that has worked myself up from a help desk po