The Switch To Slackware


For the majority of my Linux user experience I have been a Debian Linux user. The first distribution of Linux I ever used was Damn Small Linux back in 2002. Following that I tried an installation of Gentoo Linux based on the recommendation of a friend of mine from school. Being a complete novice to Linux, I failed miserably at installing Gentoo. After that I tried out (in no particular order) Slackware, Fedora, Gentoo (again), Ubuntu, and finally Debian. I fell in love with the Debian Linux distribution almost immediately. I have been a hard core Debian user since 2004 until now.

View Full Post

Ruby and Nmap


I have been a fan of Nmap for many years because of its reliability and effectiveness. For those of you who do not know what Nmap is: Nmap (or Network Mapper) is a free and open source network port scanner that identifies and probes network devices (computers, phones, routers etc.) of all types. I have used it for basic tasks such as identifying what hosts are connected to my LAN. I have used it for complicated tasks such as identifying vulnerabilities or finding holes in firewalls. It can be used on any type of network that uses the IP protocol. Nmap can also be scripted using NSE (Nmap Scripting Engine) Scripts. I am sure it has other uses, but those are the ways I have traditionally used Nmap.

View Full Post

The Fuzz


Fuzz testing is the process of sending random or semi random data as input to a piece of software, network protocol, or file format in order to discover design flaws. The process is generally automated but can be semi-automated to give the auditor the ability to modify input to achieve faster results. There are two forms of fuzzing, mutation based and generation based, and it can be utilized by means of white-box, grey-box or black-box testing. Today I will be talking about grey-box testing using a generation-based fuzzer on a network based application.

View Full Post

Urban Terror


Way back in the day I played Doom, Quake 2, Quake 3, Action Quake, Medal of Honor: Allied Assault, Medal of Honor: Breakthrough. I was a big fan of first person shooters. Out of nostalgia I decided to start playing Urban Terror because it is based on the code from Quake 3 Arena. Of course it has different player models and maps, but there are a few maps people recreated that I played in the previously mentioned first person shooters. I used to be very strict about the realism involved in the games I played, but that all went away with my long time binge of MMO's. Some aspects of Urban Terror are realistic but Urban Terror plays more like Quake 2, which was not realistic at all.

View Full Post

Block Port Scans and Brute Force Attacks


It is a guarantee that any internet facing desktop or server will be probed by attackers. This discussion is geared toward Linux servers, but the same techniques can be applied to any other Linux installed device. Assuming your server is accessible on public networks and it is running network services, it is important that you take the appropriate security precautions. Port scans will bombard your network card and brute force attempts will plague your log in services. Sometimes a strong password just is not enough. After all, brute force attempts and port scans do after use bandwidth and do cause your network to slow down.

View Full Post