Navigation

You are here: Home MSCD 2007 March

Archive | March, 2007

CentraLUG notes from Andy Bair’s Digital Forensic File Carving presentation

By on March 19, 2007 in Home Page, Linux, OpenSource, Security, Technology

Our thanks to Andy Bair for making the trip north from Massachusetts to present to the Central New Hampshire Linux User Group on March 5th, 2007, the first Monday of the month, at the New Hampshire Technical Institute’s Library. Andy announced that his work at MITRE was done and that he would be starting a job at Korelogic in the immediate future.

Andy worked with several friends at KoreLogic to take on the Digital Forensic Research Workshop (DFRWS) 2006 File Carving Challenge. They were supplied with a 50 megabyte “chunk” from a hard drive with the assignment to find as many files in that chunk as possible. The DFRWS’ motivation was to move the state of the art forward, and all participants were required to supply the source code of the applications they developed. Andy and his team won the challenge, beating out a number of other teams, notably Simson Garfinkel, who came in second. Andy demonstrated the procedures they worked out, talked about the algorithms they used, and showed the graphing of the results that made boundary detection and anomaly detection more easy to pick out. Andy and his team extended the UNIX magic technique to detect patterns in files, extending magic to XMagic which included regular expressions and more sophisticated rules to match files to the patterns. It was a very interesting presentation, presented well. Andy’s presentation, the source code and original data can be found at this link [Updated link – tr, 15-Feb-2010].

Thanks to Andy for the presentation, to Bill Sconce for supplying the projector, and to the New Hampshire Technical Institute for providing the facilities.

Upcoming presentations include:

  1. Bill Stearns demonstrating Logical Volume Management April 2nd,
  2. Seth Cohn presenting Drupal on May 7th, and
  3. Ben Scott presenting OpenWRT on June 4th.

We plan to meet at the usual location, but keep an eye out for a more detailed announcement as the date gets closer.

Blog, the first five years…

By on March 19, 2007 in Home Page, LAMP, Linux, MySQL, OpenSource, Personal, PHP, Python, Technology

… ended yesterday, and today I start the sixth year of blogging. The first year was blogging on the Perl-based TWiki software, 2003 through 2006 on Radio Userland. This year, I’m using WordPress, on a self-hosting Linux-Apache-MySQL-PHP platform. Wonder what I’ll be running in another five years? It’s been a blast, and I hope it continues to be. Primarily, my blog is my voice online: notes of places I’ve found and want to share (or publicly bookmark so I can find them again), news to pass on, or events on which I comment. Thanks for reading.

GNHLUG MythTV Installfest beta 31-March-2007

By on March 18, 2007 in Home Page, LAMP, Linux, MySQL, OpenSource, Technology

GNHLUG recently held an alpha installfest of MythTV, the media-center software (think Free TiVO, jukebox, photo album, more) that runs on Linux. We’re just announcing the beta version in two weeks:

http://wiki.gnhlug.org/twiki2/bin/view/Www/MythFest

This installfest is limited to GNHLUG members and staff and students of the New Hampshire Technical Institute. We hope to open future versions to the public, as we refine the process.

Shipping is a Feature: Linux Magazine (p)reviews RHEL5

By on March 17, 2007 in Home Page, LAMP, Linux, OpenSource, Technology

First Look: Red Hat Enterprise Linux 5 | Linux Magazine: “Red Hat Enterprise Linux RHEL has long been a fixture in enterprise machine rooms. Robust, fast, and feature-rich, RHEL is often the standard by which other enterprise distributions are measured. With Red Hat Enterprise Linux 5 RHEL5, Red Hat once again raises the bar for commercial Linux. CIOs, don the Red Hat.”

I thought I heard a huge sigh coming from the south this week: RHEL5’s delivery was tough labor, from what I understand. I’m looking forward to trying it out. All the features sound pretty cool: Xen integration, the Global File System, and better user interfaces for Security Enhanced Linux. The article above is a preview and the explanation of virtualization is a bit shaky, but the intent is right.

For a good explanation of why you want Red Hat, watch the funny videos here. The usual disclaimers apply: I liked Red Hat so much, I bought (one one-millionth of) the company. Pricing is better and competitive: there’s an $80 basic desktop with a year of web support and updates. Rather than buying “end-user” licenses, developers (yes, it’s still all about “developers, developers, developers, developers”) would much likely prefer the “Standard Developer Subscription” which for $299 gives a developer download access and 1-year support for up to five products, a much better deal than MSDN, more along the lines of the Action Pack or one of those promotions.

Perhaps a bad choice of words…

By on March 15, 2007 in Home Page, Technology

… about “the smoke clears” after the Daylight Savings Time switch. I no sooner finished posting the entry than I looked over to see Laura working on her laptop and smoke coming from the back of her laptop. The power supply cable at the back of her ThinkPad was on fire, the cable having shorted just beyond the end of the formed strain relief on the plug. Yanking the power out of the machine and the power socket put out the flames. The laptop appeared unharmed, and an overnight replacement order from ThinkPad-Parts.com had her up and running pretty quickly. Gotta watch those metaphors…

Microsoft’s Tuesday the 13th Security Bulletin

By on March 13, 2007 in Home Page, Microsoft, Security 
********************************************************************
Title: Microsoft Security Bulletin Summary for March 2007
Issued: March 13, 2007
Version Number: 1.0
Bulletin Summary: http://go.microsoft.com/fwlink/?LinkId=85543
********************************************************************

Summary:
========

Microsoft has not released any security bulletins on March 13, 2007.

Wow. Imagine that. Division by zero.

Seacoast LUG: OpenWrt, 9-April-2007

By on March 13, 2007 in Home Page, Linux, OpenSource, Technology

Ben Scott announces the April meeting of the Seacoast (New Hampshire) Linux User Group, a presentation on OpenWRT:

  • Who : Ben Scott
  • What : OpenWrt – LinkSys firmware enhancements
  • Where: Room 301, Morse Hall, UNH, Durham, NH
  • Date : Monday 9 April 2007
  • Time : 7:00 PM to 9ish

For the April 2007 SLUG/Seacoast/UNH/Durham meeting, Ben Scott will be presenting on OpenWrt and related tools. The focus will be on initial installation and configuration, and a general survey of capabilities, rather than a specific application. A live demo is planned.

OpenWrt is “a Linux distribution for embedded devices”. In particular, it is commonly used as third-party firmware for the popular LinkSys WRT54G line of SOHO routers. OpenWrt provides a modular system for customizing the firmware (embedded software) for such devices. It can add everything from SSH to VPN to VoIP and more.

In addition to the OpenWrt base package, X-Wrt and WebIf^2 will also be covered. X-Wrt is a set of additional/updated packages for OpenWrt, which provide even more enhancements, with a particular focus on end-user experience. In particular, it provides WebIf^2, an advanced web user interface for OpenWrt.

Ben will bring a LinkSys WRT54G device running stock firmware, and attempt to demonstrate the whole process of installing and configuring OpenWrt and X-Wrt. Come see Ben tempt the Live Demo Gods!

SLUG is the Seacoast Linux User Group, and is a chapter of GNHLUG, the Greater NH Linux User Group. Rob Anderson is the SLUG coordinator. SLUG meets the second Monday of every month, same time, same place. Meetings take place starting at 7:00 PM. Meetings are open to all. The meeting proper ends around 9ish, but it’s not uncommon to find hangers-on there until 10 or later. They take place in Room 301 (the third floor conference room), of Morse Hall, at the University of New Hampshire, in Durham.

Preserving our documentation for posterity

By on March 11, 2007 in Home Page, Linux, Microsoft, OpenSource, Technology

Recently, I received a diagram created in Microsoft Visio I wanted to examine and possibly edit. It turns out that OpenOffice.org Draw does not have an import module for the proprietary (and apparantly undocumented) .vsd format, nor can I find another FOSS product that does. This is one of the reasons to keep a Windows machine around – to read the proprietary format files. Or it should be. My version of Visio is a version or two old, and it wouldn’t read it either. I asked my co-worker to send the diagram in another format I could use. We tried a number of them. SVG (Structured Vector Graphics) is a standard format and OpenOffice.org has a filter for it. However, it turns out that Microsoft uses proprietary extensions to the format for items like word wrap and the filter won’t read them (Neither will Gnome image viewer nor FireFox nor Dia). EPS, EWF and WMF are more standard and were readable, but the graphics are reduced to primatives at that point with no larger structure. Drawing Exchange Format (.DXF), which might have come from AutoCAD, is equally illegible.

The .VDX format is XML, so I had some hopes for that. It looks like the Dia diagramming tool will work with .VDX files with a plugin. [Update: irony of ironies: the VDX plugin link is now dead. Good news: VDX is now a built-in import/export filter.]

What a disappointment. While we are not writing anything particularly profound that needs to be preserved for posterity, it would be nice to know we could read the files in a few months on our platforms of choice. Vendors need to get more serious about interoperable, open formats.

Older posts Newer posts

Powered by WordPress. Designed by Woo Themes

This work by Ted Roche is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 United States.