Sunday, April 4, 2004

A lot happened this weekend. Saturday started out with the usual Raisin Bran ("two scoops!") for breakfast, along with some homemade cinnamon raisin toast (breadmakers are quite clever, as is Pam). Then it was off to the in-law's house for some Saturday chores.

As you might recall, Pam's mother lives on 1 1/4 acre, and since Pam's father passed away, I've helped take care of the outside maintenance. So I started off spraying the weeds on the hill below the house, and a bit of the side and front area. Then a bit of mowing of the lawn, using their walk-behind but self-propelled mower. I then fixed one circuit of the sprinkler system. There were a couple of broken sprayer risers, and a dead sprinkler head. It only took one trip to the hardware store. (Over the years I have found that most projects require at least three trips to the hardware store.) But there were some spare sprinkler parts in the garage, so I was able to use those parts instead of another trip to the hardware store. It is quite refreshing to work on a sprinkler system, since you get to be right next to the sprinkler as you adjust the patterns. But it was a nice day, with temps in the 70's, so the water felt nice.

Once that was done, some of the other parts of the property also needed to be mowed. One of the attachments for the Kubota tractor is a field mower, so Jared and I got that hooked up to the tractor, and Jared did a bit of mowing of those weeds. That was about the limit of our energy for one day (hey, I'm a desk-bound computer geek, a bit out of shape).

Meanwhile, Pam went out shopping with Christine and the grandkids, and we all ended up having dinner at her mother's house ("steaks on the barbie"). We got home about 730pm, and I was just too tired to even do a bit of web surfing.

Today, we had a pre-Easter celebration with our family, since Jared/Christine are spending next Sunday with Jared's family, so we had them over today. We started out with a nice big breakfast, then spent the day visiting and having a good time together. Jason (our middle son, 22) was able to come by for dinner, along with Pam's mother. Pam made lasagne ("Garfield food"), with garlic breadsticks (again, courtesy of the breadmaker). And after dinner, she did some roll-out cookies that the grandkids could decorate.

So, we had a busy but pleasurable weekend. Back to work tomorrow. I'll be working on some more automatic auditing, and a few more projects that might prove interesting.

On the computer front, the "Sober.F" variant is starting to get widespread, prompting most anti-virus vendors to release an update this weekend. You are hereby advised and alerted. Remember the mantra.

One of my many (well, perhaps one of the six...) asked for more information about the iPaq I just got. My initial impressions are positive. It has a nice and clear screen, and the handwriting recognition is clever and fairly accurate. I haven't really done a whole lot with the handwriting features, but it is a bit advanced over the Sony Clie I got a couple of years ago.

My main use of the iPaq is with the built-in wireless part (and the "Jawbreaker" game, which Pam is also enjoying). I was able to easily connect with my home network, and get mail and surf the net. I did notice this weekend that although web surfing is easy, I haven't found a way to print web pages. The iPaq comes with a wireless printing system, but I haven't found the settings to print web pages. Pam and I were watching "Emeril Live" the other night, and she wanted a printout of one of the recipes. Although I could easily get to the web page with the recipe, there wasn't any "File, Print" command in the browser. So I'll have to do a bit of research on that.

The other concern I have, being a Security Dweeb, is how to best protect the information on the iPaq if it 'wanders off'. There are a bunch of encryption programs available. I'm willing to spend a small amount (under $30) on such a program, but want to find something with a demo version first. There doesn't seem to be an included data encryption process, so an add-in is probably necessary.

I also need to get some sort of database add-in for it. Again, there are lots of possibilities, but I'm still in the beginning of my research. I used "jFile" with the Palm-OS-based Sony Clie, which I found easy to use and had all the features I needed. But they don't make a Pocket PC version, so will have to find something else.

I've gotten the iPaq to sync with my home/personal mail account, and to send/receive mail through that mail system. And I've gotten the Contacts and Calendar records to get from my laptop to the iPaq. I haven't gotten the work calendar to sync yet, since we use Novell's Groupwise for our corporate mail system. Intellisync makes a good product for that, but haven't gotten that purchased yet.

As for battery life, it seems to be OK. The wireless part will drain the battery a bit faster, so I haven't used the wireless part a whole lot. I may get the high-capacity battery, especially when I need to start using the wireless a bit more for security auditing purposes.

So, first impressions are positive. I'll keep you posted as I use it further.

Monday, April 5, 2004

Hmmm...it seems like I had to get up an hour earlier today compared to last week. But here it is almost 7:30pm, and the sun is just barely setting after a nice but slightly cool day.

The day started out colder than usual. I was driving Jason's truck, which is missing the passenger window due to some vandalism. So I was driving down the freeway at 7am with outside temps at about 50 degrees (F), the heater on full blast, wearing my jacket, and it was quite refreshing. Probably not as refreshing as if I lived in some of the other Daynoter's cities (Tom in Canada, John in Minnesota, Brian in Washington DC).

I spent a bit of time in the morning working on the weekend's mail, and some of the BindView reports. One was giving me trouble; it was reporting on the wrong part of the NDS tree for some reason. I finally got it fixed this afternoon, after a fashion. I had a new user id set up for the BindView reports, so will need to configure the reports for that user tomorrow, after verifying that the appropriate rights were given to that user id.

Midmorning, I went off to the windshield shop, and got the window replaced for only $120. Some of the shops were quoting as high as $200 (with on-site repair), but since Jason was paying for it, I volunteered my time to get it done at the lower price. It's not as easy for him to leave his work during the day, so I was glad to help out (and he is quite appreciative). The new window was finished about 11:30am, so I dropped off the truck at his work, trading for my truck that he was driving. I got back to the office during the lunch hour, so there wasn't too much time lost.

Most of the afternoon was spent mucking about with the aforementioned BindView problem, and testing the new user ID. I don't have full 'supervisor' rights to the tree, so I can't just change my rights (or any other user's). Which is a proper way to do that: I (as a security officer) should have the rights to audit/read every object, but I shouldn't have rights to change things outside of my job boundaries. Letting everyone have excessive rights is not a good practice; and it has caused significant problems a couple times in the past. Things are slowly getting more towards a role-based administration, which is a good thing.

I got home a bit after 5pm, and did a bit of final cleanup in the kitchen, unloading and loading the dishwasher, and defrosting dinner. In celebration of the later sunset time, we cooked a couple of steaks on the BBQ, and had dinner outside. It is still just slightly chilly; although I changed into shorts when I got home, I can tell that it is not quite short-wearing weather yet.

So, it's a quiet evening at home tonight, just 'laying low'. We may watch a DVD, unless there is something better on ("CIS" could be another choice).

When I did yesterday's post, I was going to tell you about the 'Robo-mower'' article I found on Wired. It's similar to the "Rooba" (the little vacuum cleaner that scoots around the floor all by itself), and I found the article a bit interesting. As was this article about creating a snowboard out of paper only. And this one about gasoline prices; I'd agree that the basics of the contention in that article are true, especially here in "Kahl-ee-forn-ya". And there's also the report on a study about kids and too much television (it's all over the place, so do a 'do it yourself' link) and the possible increase in Attention Deficit Disorder due to too much watching by the really young kids.

Although if I wasn't paying attention in class, a smack upside the head was usually a good cure. But that was a long time ago. Which may also explain a lot.

Tuesday, April 6, 2004

Today's security news contains a new problem with mis-directed links, especially in HTML messages. More details about this new problem are here (this link, like most around here, will open up a new window). This new vulnerability lets a specially crafted 'form' object point you to a bogus page, when the link says a valid site. This problem will be best exploited with an HTML mail message; although our demo just shows it on a web page.

This problem is similar to the browser re-direct problem that came out late last year, which has been successfully used in a lot of 'phishing' attacks. A sample of the last problem is here. That will take you to an explanatory page that dicusses the problem, and a link that shows you how the problem can fool you (unless you have installed the patch from Microsoft).

This new problem is not fixed yet. I haven't seen any exploits with this one yet, but I expect to. The last time we did one of those 'fake pages', it didn't take long for others to exploit it with phishing attacks. Take a look at the "Anti-Phishing" organization site for some clever examples that exploited the last problem. Their main page has a nice chart showin gthe increases in phishing attacks since they started last November.

The usual mantra applies.

Wednesday, April 7, 2004

A quick update to the problem noted in yesterday's post. The Australia CERT security organization notes that they are seeing a lot of emails purporting to be from a Australian bank that is using the above technique (link). They also note that (emphasis added)

Moving the mouse over the URL will not reveal the true destination
in the status area of the email or browser window; it will appear
the same as in the text. Clicking the link, however, will initiate
a connection to a malicious site, the impact of which could include
the downloading of a binary program and execution of malicious
commands on the user's computer. At this time AusCERT is not aware
of any available patch from Microsoft for this vulnerability.

There is no protection against this threat at the moment, except for user vigilance and awareness, so be careful (and tell others). But we'll be keeping an eye on this one.

...later...

I spent some time working with the BindView auditing program, setting up a different user to run the audits. I still need to move some of the reports around to 'share' them among the two validated BindView users, but I am making progress. The new user has more appropriate rights to the network objects, and protects my personal user ID from abuse by someone getting access to the BindView computer. It is a more appropriate role-based ownership of the auditing computer.

After we go home, Pam and I spent some time in the garage going through a few boxes that had never been unpacked. They were mostly odds-and-ends, some of it will go to the local charity house. Getting rid of that stuff will make a bit more room in the garage. The next step is to start working on the two bicycles, getting them ready for a bit of riding this spring. The area around here has several bike trails around the neighborhood, and I think that bike riding is more fun than walking.

Thursday, April 8, 2004

Meetings today, project status, and the start of a handoff of the mail filtering system to the production side of the department. A bit of training for the admins that will be maintaining it next week. Another big project is a secure FTP server with public access, but controlling access securely. Looking for ideas on how to do that. But the business need hasn't been fully explored or explained. Although we block executable files via email, there is a process to quickly release those held messages if necesary (and they are valid business-related).

I also spent some more time with the BindView auditing program, tweaking some of the existing reports to the new user, and looking at some of the additional reports that are needed. Some pieces of the user objects are not visible to that user, so there are some rights problems that have to be explored.

We took a short walk tonight after dinner just before the sun went down. I need to do more of those, to get into better shape. (Yes, "round" is a shape...)

Some issues with viruses and worms; particularly one self-executing worm that doesn't require any action on the user's part; just opening the message (and not patching) will cause the problem. Some interesting problems with that might cause some significant problems. More on that later as I do a bit more research on how that one works. (It's too late to figure it out tonight.)

Friday, April 9, 2004

A interesting meeting today. One was on GIS (mapping) systems. The technology has advanced so that you can get down to 1 cm accuracy, horizontal and vertical. The GIS dweebs are very excited about all of this, along with other surveying types.

More time was spent on the BindView reports problem (with some of the password fields in the user ID). I think that I have the Novell NDS user set up properly. So I opened a ticket with the BindView support guys. There will be some more work on that next week.

Dinner at Mel's Drive-In tonight. Pam had to work later than usual (on a Friday, no less), so she really didn't want to fix dinner. (Before you get excitable, we have a deal. Since we work within a few blocks of each other, we commute together. I drive, she reads the newspaper or rests during the commute. Although lately she has been playing with the Jawbreaker program on the iPaq. Since I drive while she rests, she fixes the meal when we get home; I help somewhat. We eat, then I do the dishes. Not hard with only two of us. And she enjoys cooking, so all are happy.) Anyhow, dinner was good as usual.

Then home for us. I've been doing a bit of wandering around the net for wireless/PDA stuff. And a computer support call from Stacy at school. She's been bothered a bit with pop-ups and spyware, so I got her to download "Spybot Search and Destroy", and the Google toolbar. Both are recommended. I suspect that combination will help her browsing a bit.

Not sure of the plans for this weekend. I may do a few things around the house that didn't get done last week (furnace filter, smoke detector batteries), and perhaps get a few flower plantings in the yard. And I probably should do a good cleaning of the barbeque. Easter Sunday will be quiet; Christine/Jared and the grandkids are doing a family party at Jared's parent's house with their side of the family. But I am sure that we'll find something to do. Perhaps a bit of web site building. Or an update to the "Digital Choke" story. Or learning more about the wireless capabilities of my iPaq.

Saturday, April 10, 2004

We got a few things accomplished today, and I even had time for a short nap.

Pam and I started with the usual cleaning up after breakfast, then she was off to the beauty parlor. I did the vacuuming, replaced the furnace filter, dusted a few of the high ceiling fixtures (as long as I had the ladder inside). There were a couple of drip sprayers to replace/repair.

After lunch (at the local sandwich deli), we went over to Home Depot to get a couple of things. We've been looking for a replacement outside light fixture for the back patio, but didn't see one that we liked. But we picked up some cleaning supplies, including a Windex outdoor window cleaner sprayer thing that hooks onto your hose. When we got back, Pam went out shopping some more, and I did the outside windows. The Windex thing seems to clean the windows fairly well, with minimal spotting. Then I cleaned off the patio a bit.

After dinner, I played with a web site a bit while watching "Back to the Future II" (more about that web site when it is ready). It's interesting to set up a new site. Not that I am an expert (as you can probably tell by the looks of this place). But that site, with the help of some others, might turn out OK.

Easter Sunday tomorrow, of course. It will be quieter than usual, since the grandkids will be at their other grandparents with all of their aunts and uncles and cousins.

... more later ...
Last Week	Next Week	mail	bookmark	The Digital Choke story