Zenoss, doh!

Posted by : Rob Stevens | Sunday, December 28, 2008 | Published in

OK, so that was really simple. For anyone being as dense as me, just add a new machine with the name localhost.

I say again. Doh!

Everything seems to be working nicely from a monitoring point of view, so now I'm starting playing with the management and config side of things.


, ,

ScribeFire.

Zenoss and SNMP

Posted by : Rob Stevens | Sunday, December 21, 2008 | Published in

A while ago when I was doing my work placement at Sunderland College I was given the task of evaluating and testing  the free version of the Zenoss network management system. At the time a combination of the instability of Zenoss, the colleges lack of enthusiasm for running Linux boxes (no one wants to be resposible for it), and my lack of knowledge on SNMP meant that I ended up suggesting that they keep looking.

I recently covered SNMP in one of my uni modules, so I thought I'd have another look. With a bit of fiddling I seem to have most of my network being read OK, but I've yet to start experimenting with updating configs and such. Thanks to this post I've gotten my router talking, and the windows boxes were easy enough. One bit I'm still fiddling with is getting the system to monitor its own local machine. SNMPwalk works from the command line, but I can't seem to pursuade Zenoss to use localhost when looking, instead of the machines external IP.

More on this as I get more bits working.




Powered by ScribeFire.



, , , ,

How to Stay Alive in a Terrorized Hotel

Posted by : Rob Stevens | Monday, December 15, 2008 | Published in

I've just been reading this months Crypto-Gram, and came across this article about how to survive a hotel in the event of a terrorist attack. I thought it was pretty interesting and reminded me of the measures that were taken at the Riyadh Sheraton when I went to Saudi earlier this year. To get near that place in a car you first had to be checked with mirrors for bombs, then make your way through a maze of thinly disguised concrete blocks to get to the front entrance. Once you'd made it that far there was still hotel security and a baggage x-ray machine to contend with before you made it to the lobby. Before we went we all had to sign waivers promising not to sue anyone in the event of us getting blown up or kidnapped, and while we were there we spent a fair amount of time riding around in an armoured car.

It was all very interesting, but at the same time pretty scary. I really enjoy travelling, but I wish it wasn't necessary to have to think about such things as much as it is these days. Both the current issue of Crypto-Gram and the article itself mention the recent incident in Mumbai, which wasn't mounted using cars or anything, but armed men. This would have rendered most of the security steps that I mentioned above pretty much useless. This means that places feeling particularly threatened are going to tighten up even more which, while done to increase peoples safety, makes more of an impact on the way people go about their lives, in turn meaning that the terrorism has succeeded in having a negative impact - people living in fear. The line between keeping people safe, and not succumbing to terrorists is, I would imagine, a difficult one to draw. It's not a responsibility I would want I must admit.
Technorati Tags: , , , , , ,

Scribefire

Posted by : Rob Stevens | | Published in

http://postalheaven.files.wordpress.com/2008/03/scribefire.jpg I'm Having a play with Scribefire as I've seen it recommended in a couple of different places. It's a Firefox plugin for blog publishing with the ability to integrate your blog with various other services such as Technorati and Delicious. I don't usually use anything but the web interface, but the extra features might be useful.

, , ,



Powered by ScribeFire.

MS Live

Posted by : Rob Stevens | Sunday, December 14, 2008 | Published in


I took the plunge today and finally got around to setting up a new MSN ID. I've been using one linked to a long-dead email address for years now, and I thought it was finally time to change it, if only to escape people whinging at me when they send messages to the afore-mentioned dead addy.

The new Windows Live pages are very slick and shiny, and seem to work for the most part. The main irritation I had was that I couldn't import contacts that I'd just exported from a different Windows Live account. In a way I suppose that's a good thing. It made me go through the old contacts and do some weeding. As expected, I deleted a load of people that I can't even remember...

I really like the Skydrive feature (A pretty impressive 25 gigs of storage), but I'm not sure how much of the other feature I'll use. Most of the bases (and more) are covered by the ever expanding collection of Google world take-over tools, and for photos usually use Flickr, but again I'm thinking of moving to Google Picasa online for space reasons.

Maybe the Live pages are a bit too slick and shiny? Maybe I fear MS domination? Who knows.

Message me if by some chance you read this, feel you should be on the new contact list, and aren't :)



Video Calling

Posted by : Rob Stevens | Saturday, December 06, 2008 | Published in

Yes, old news I know. But, I've just aquired a webcam and just made my first video call using Skype and I think I can say I'm sold. Being able to see my uncle in Madrid while talking to him is pretty cool.

Now if only more people I know would catch on...

More hours in the day please

Posted by : Rob Stevens | Sunday, November 30, 2008 | Published in

Bit of a frantic couple of weeks with some less than pleasant family stuff going on, as well as a busier than normal work schedule. Hopefully things will settle down a bit now so I can get back into the swing of things. For anyone checking, sorry for lack of posting, more soon :)

Obama. Apparently He's Black.

Posted by : Rob Stevens | Friday, November 07, 2008 | Published in

OK, politics is something I generally stay well away from, and is totally away from the sort of things I normally rant about on here, but the amount of media commentary on a particular subject over the last few days is driving me nuts.

So, the new US president is black. Why all the fuss? We have the BBC asking "can Britain elect a black leader", we have "mass outrage" at comments from the Italian prime minister (who seems a bit nuts anyway, but that's by the by). Who Cares!? What precisely has the colour of the guys skin got to do with how well he runs the worlds most bizarre country? He could be fucking purple with green spots for all it matters. As long as he's better for the world in general than Bush then WHO CARES!!!?! Is this not all a bit racist in itself? Are we not past the stage where skin colour is in any way relevant to anything and should even be mentioned or considered? The only thing that all of this highlights is the slightly worrying fact that this is still an issue. GAH!

Rant over :P

Traffic Generation

Posted by : Rob Stevens | | Published in

We're doing some pretty interesting stuff in network management at the moment. This session and the last one we've started looking at packet generating and capturing using ttcp and tcpdump. I'm enjoying this quite a lot because it's adding the sort of depth to my networking knowledge that I was really lacking. Now I'm starting to understand the concepts behind some of the technologies that I've been playing with over the last few years, both as part of the foundation degree, and the tools that I've been experimenting with at home.

Only problem is, a large chunk of the class really don't seem to be up to the standards they should be at for doing the last year of a degree, and as a consequence really aren't understanding what we're doing. Because of this the lecturer is saying that he might have to scale back the pace of the tutorials. I'm not desperately impressed with this as I already spend quite enough time sitting around waiting for stuff to happen. Most of the people that I've been on the foundation degree with are absolutely fine with what's going on. The problem seems to be with the people coming from courses run by different colleges or universities. Very frustrating, and really shouldn't be happening.

Kubuntu 8.10

Posted by : Rob Stevens | Thursday, October 30, 2008 | Published in

I'm typing this from the new version of Kubuntu 8.10, which came out today. This new release uses KDE 4.1 which is a very slick desktop and it will only get better as it matures. At the moment there are some bits of it that a little rough around the edges, but now that it's being used as the default Kubuntu desktop I'm sure it'll see some more love. The new kernel fixes the issue with the ATI accelerated graphics that caused X to freeze up under the last kernel. There's a new version of Adept and some Ubuntu tweaked Plasma features and lot's of other shiny new things. As with the last release things like installing Atheros drivers are pretty much done for you.

See the link above for some screen shots. These are all of features that are enabled and work by default.

Intrepid Ibex is, on first examination, a very nice system that was pleasantly easy to set up. Definitely a worth while upgrade.

GNS3 on Ubuntu

Posted by : Rob Stevens | Monday, October 27, 2008 | Published in

This is something I'd intended to write myself, but hadn't gotten around to it. This guide on The Little Things blog has beaten me to it with a good explanation of how to get started using the excellent Dynamips Cisco emulation package. Ah well. Check it out if you're interested in experimenting and learning with Cisco kit but don't space/money/inclination to acquire a room full of routers.

Twitter Me

Posted by : Rob Stevens | Sunday, October 26, 2008 | Published in


I heard about this a while ago, but decided to have a look when the guy who did the Microsoft Talk mentioned it. It's a micro-blogging system much like the status update feature of Facebook, but without all the other intrusive crap that goes with it. Might be good, might be just another "interesting idea". We shall see. Linkage

Networking, Finally

Posted by : Rob Stevens | Friday, October 24, 2008 | Published in

Had our first session of playing with routers today, and christ am I rusty! Got everything working, but it was only a fairly simple point to point layout, with nothing complicated thrown in. But at least we're actually doing something at last, and I'm sure everything will start coming back once we start working with them regularly again.

The Microsoft Inspiration Tour

Posted by : Rob Stevens | Thursday, October 23, 2008 | Published in


Yestersay the MS Inspiration Tour visited Sunderland Uni. The speaker (or Evangelist as Microsoft would have it) was a guy called Paolo Barone, and he gave us an excellent talk on Silverlight showing us some excellent work that had been done with it (like this) and the tools used to create it. I really enjoyed this part of the talk and was particularly interested in a feature called Deep Zoom which I'm looking forward to having a play with.

He also spoke to us about a programming language called XMA which Microsoft is developing for cross platform games creation. This was also pretty interesting but to be honest a lot of it went a bit over my head. We were shown some pretty good games that have been developed using it and there seems to be a lot of potential there.

The last thing he spoke to us about was Microsoft's Imagine Cup. This consists of several different competitions, but the on I'm interested in is the IT Challenge. To quote the site,
The object of the IT Challenge Competition is to highlight the art and science of developing, deploying, and maintaining IT systems that are efficient, functional, robust and secure.
Seems interesting, and I think I'll be signing up.

So Far, So Disorganised

Posted by : Rob Stevens | Wednesday, October 15, 2008 | Published in

I'm now into the 3rd week of the uni term and they have just about managed to get themselves organised. The time table has been all over the place, and is still wrong in one instance, and there have been several problems with lecturers turning up at different times to their class, or sometimes not at all.

The most interesting module thus far is the Network Management course we're on which is being taken by Dr. Chris Stokoe. He seems like a very nice bloke, and has had relevant industry experience to draw on for his lectures, which (for me) instantly makes him more interesting and credible than those with a purely academic background. He is also going to be the first lecturer this year to actually have us touch a computer (Level 3 IT students, 3 weeks into our course... Am I right to be frustrated by this?). He's apparently going to start us all off doing a Linux system later on this week.

At least it's all finally started. Should hopefully get better from here, but I have no illusions about the uni getting themselves organised. They've always been the same and I doubt it's going to change. I wonder if they're all this bad?


Doom Averted

Posted by : Rob Stevens | Saturday, September 27, 2008 | Published in

Problem solved. Those nice folks at Aria, where I bought the board, managed to find me a replacement retention clip. All that was required was screwing it into place on the board, re-thermal pasting the CPU, then wrestling the cooler back into place. Everything seems to work fine and all is once again quiet in the land of Rob :)

I do like it when things go smoothly....

God DAMN it!

Posted by : Rob Stevens | Tuesday, September 23, 2008 | Published in

So here I am, merrily shooting terrorists on Call of Duty 4, when I hear a thunk from the general direction of my PC. I have a quick look, nothing obvious, carry on shooting. Two minutes later the computer dies. Totally switches itself off. Switching it back on results in it thinking about starting then turning itself off again. Cue much swearing and knashing of teeth. I open the box only to discover that part of the catch on the the CPU cooler retention bracket has snapped, and that the thud I heard was my CPU cooler giving way to gravity. Bugger. Luckily the board is a week inside its warranty (and boy would I have been pissed if this had happened next week...) so I've sent photo's off to the retailer and am now awaiting my fate. Will they be able to produce a decent socket 939 board for me (another ASUS A8R-MVP would be nice so I don't have a system rebuild to deal with on top of this)? Or am I going to have to bite the bullet and modernise? Either way, I really can't be bothered. Hopefully they'll just send me a new retention bracket. We'll see.

Have some pictures of motherboard doom.







Finally getting started.

Posted by : Rob Stevens | Monday, September 22, 2008 | Published in

I've finally started back at uni. Thank God! I'm generally not one for getting bored, but nearly 3 months of sitting inside watching it rain has really been tedious. It's freshers week this week, so lots of mostly pointless 'fun' getting to know you exercises. Despite the fact that this is my 3rd year at the uni, and I pretty much know what they're going to tell me, I'm technically starting a new course. This means I have to sit through all of it again to pick up the few vital bits of information given out, like our time tables. I suppose there could be worse fates, but I have a horrible feeling that it's going to be another couple of weeks before we actually start getting on with it.....


Once things have started properly I'm planning on getting myself a digital dictaphone and using it to record lectures and, assuming the uni doesn't forbid me to do so, put links to them on my sites for the others on the course. So there will problably be a university section appearing on there soon to hold these, and anything else of interest.

More web server

Posted by : Rob Stevens | Friday, September 12, 2008 | Published in

I haven't had a lot of time to keep up with my security reading of late, hence the lack of security based posts. Hopefully that will change fairly soon once I get back to uni (only a 9 days to go, thank god...). I have, however, finally gotten the secure area of my website working. I have no real need for such a thing and there's little of interest in there, but I thought it would be an interesting experiment. This is the sort of thing I'm likely to cover next year, so it's probably a good idea to start becoming familiar with this area. Kept me entertained for a little while at least. The main problem I'm having in setting things up is that it's a pain testing the site from a public connection. As results from accessing things using my internal network are not a genuine representation of what people are going to be seeing accross the internet I've had to resort to a getting friends to test things for me, and logging onto a different net connection every time I get a chance. Fun and games. It all seems to work now anyway.

Web Site Building

Posted by : Rob Stevens | Friday, August 29, 2008 | Published in

I finally got around to coughing up for a domain name, so I've spent the last few days sorting out a web server and putting together my site. Not something I've done before really, but not desperately challenging. I've also found how good the Google sites are for allowing you to forward their services to your own domain. I have to wonder how much they get out of it, but I'm not complaining... Both Blogger and Gmail made it very easy. I'm particularly impressed with Gmail at the moment. It's easily the best web mail out there. Imap forwarding, easy redirection to your own domain name, and the best spam protection I've ever had.

I'm in the process of looking into registering a company so that I can start looking for contract work. There are plenty of organisations around here that provide support for setting up small businesses, so I think I'll need to make a couple of appointments to go and speak to a couple of them. Once I've done that then I can start putting the site together properly. I need to do a bit of research to find out what sort of rates people are charging for different types of work, both private and commercial, so I can work out where I need to be aiming in order to be competitive enough to get some attention. We'll see how it goes.

Other things...

Posted by : Rob Stevens | Saturday, August 23, 2008 | Published in

I haven't posted in a few days because I've been revising for my driving theory and hazard perception test, which I've passed. Now that's out of the way I'll have time to read something other than the highway code and might actually have something to talk about here. As much as I usually do anyway :)

De-ICE.net PenTest Disks

Posted by : Rob Stevens | Monday, August 11, 2008 | Published in

I found out about these recently on the Ethical Hacker forums. They are live CD's containing operating system installs with deliberate flaws built into them for people to discover and exploit to gain access to the system. They are intended as practice labs for pentesting and I reckon that they're a brilliant idea. I've just about got the first one sussed and it's been a very interesting learning experience, exposing me to a range of security tools which I've never had a reason to use before.

Anyone with an interest in information security or penetration testing should definitely give these some attention.

Mass Effect

Posted by : Rob Stevens | | Published in

What can I say about this game except WOW! Mass Effect is a Sci-Fi RPG based in the far future where humanity is struggling to make its mark as a useful part of the galactic community. Evil stuff ensues, humanity saves the day, etc.. This is an absolutely fantastic game with a brilliant plot and I'll definately be playing it through a few times so I can see all of the different story lines and twists. It's very similar to the Knights Of The Old Republic games, which I also loved, allowing you to develop your character as you like and taking them through either the good guy or the evil guy path in the game. There are loads of different worlds to explore, tons of upgrades and plenty of additional side missions to keep things going for a while. The makers are even releasing extra planets, missions, and races to pad things out even more.

My only problem while playing this is that it's fairly resource hungry and my poor old Nvidia 6800 graphics card could only just handle it. Hopefully I should be able to upgrade this soon and enjoy this game in all its shiny graphicy goodness!

A definite 2 thumbs up for this one. I only wish more games were this good.

The Information Systems Security Association

Posted by : Rob Stevens | Saturday, August 09, 2008 | Published in


I've just signed up for the 90 free trial membership of the ISSA. This gets you access to things like their journal and other member only content like webcasts (the last one being Dan Kaminsky and other speakers talking about the recent DNS problems) and other support material. The different chapters of the organisiation hold periodic meetings and talks on current security issues. Membership of proffesional organisations is generally a good idea and a useful thing to be able to stick on a CV so I think I'll probably sign up for a student membership of this once the trial runs out. I've also been looking in the getting a student membership of the British Computer Society, so I'll probably shell out for both of them once I'm back at uni and the good ol' student loan lands.

For info on the UK chapter of the ISSA have a look here.

Underwater Photos

Posted by : Rob Stevens | Wednesday, August 06, 2008 | Published in

I finally got around to getting the photos from the underwater camera I bought on holiday developed. Not as good as I'd hoped, but not bad for a disposable.









Have a look at my Flickr page for more.

Must get around to learning to scuba.

Comic Book Movie Trailers

Posted by : Rob Stevens | Sunday, August 03, 2008 | Published in


I only recently discovered the graphic novel of Alan Moores Watchmen, which is brilliant. It's gritty costume crime fighter type stuff about a bunch of anti-heroes (I think that's the best way to describe them...), only one of whom actually has any super powers. Anyone who enjoyed V For Vendetta or Moores Batman effort will most likely enjoy this. It's one of the best graphic novels that I've read in a while and no self respecting comic geek should fail to read it.

The film looks like it's going to be a good adaptation, but as always we'll have to wait and see how badly they're screwed with the storyline. Here's the trailer for all that are interested...



In a similar vein ther's also a film adaption of The Spirit being made by Frank Miller (Sin City, 300) that looks like it'll be worth a watch. I haven't read the comic, but I think I'll have to have a look.



How to Own A Continent

Posted by : Rob Stevens | Saturday, August 02, 2008 | Published in

I've just finished reading the copy of Stealing The Network: How To Own A Continent that I borrowed from a friend. I thoroughly enjoyed it and am looking forward to my copy of How To Own The Box arriving even more. The storyline is excellent with enough technical description to keep it interesting, but not so much that it gets tedious. There are some very interesting ideas here and I would definitely recommend this book to anyone with an interest, professional or otherwise, in hacking and information security. There are very few people around who would learn nothing from reading this.

The story is broken up into 8 different attack types, with a couple of extra chapters of background information. Each chapter deals with a different attack and introduces a different character, some of whom are criminals and some are people duped into co-operation, and each chapter is written by a different figure within the security community. There are some links and references between the chapters, but they are, for the most part, pretty self contained. My favourite chapters were the ones written by Fyodor and Jay Beale. As I already said, I really enjoyed this, and will be making an effort to read the rest of the series.

Another MS Cert

Posted by : Rob Stevens | Saturday, July 26, 2008 | Published in

I obtained another MCP cert yesterday. The exam was 70-290:Managing and Maintaining a Microsoft Windows Server 2003 Environment.

So, only a couple more MS exams and the CompTIA Security+ to go until I have my MCSA:Security. Between this and my Fd results I'm feeling pretty pleased with myself. Now, on with the next one!



Prizes

Posted by : Rob Stevens | Tuesday, July 22, 2008 | Published in

I just found out from the university that I've been awarded a prize for outstanding achievements in my course last year. So I have a £40 cheque to dispose of as I see fit. I think some more books might be in order. I'm looking at getting the first Stealing the Network book: How To Own The Box. I've heard really good things about and the excerpts I've read from it are great. Now all I need is for the uni to re-issue the cheque with my name spelt properly...



USB dongle auto malware scanning with clamav

Posted by : Rob Stevens | Wednesday, July 16, 2008 | Published in

Just read about this on Extreme Security. The idea is that it scans your USB drive whenever you plug it into a machine. Could be useful for anyone that plugs their pendrive into a lot of insecure machines and needs to check it regularly, but it might get annoying if you only use your drive in a few machines. I'll probably just keep mine as an on-demand check from the app itself, but it's an interesting idea. The scripting didn't quite work when I tried it, but I'm sure I can get it going nicely on my key with some tweaking. It's probably just Vista being awkward.



Reading List Goodies

Posted by : Rob Stevens | | Published in


The first 3 books that I was after from my next years reading list have arrived. I now have Beyond Fear and Secrets & Lies by Bruce Schneier, and Ross Andersons Security Engineering to plough through. I've heard great things about all of these books and I've really been looking forward to getting stuck into them! I've started with Secrets and Lies and will post my thoughts on it, and the others as I read them. Security Engineering is a bit of a monster though. Could take some time...

As I've said, all 3 are on my university reading list for next year, which I was pleased about as I already wanted to read them. I've heard several people say that Security Engineering is one of the best and most reffered to security books they own, and Schneiers work is always worth a read and these 2 books have also come highly recommended.

Bruce Schneier video

Posted by : Rob Stevens | Monday, July 07, 2008 | Published in

I've just found this excellent Bruce Schneier video through SecurityTube.net. It's a really interesting Q&A session that he did at DefCon 15 covering all sorts of fascinating stuff including cryptography, privacy and voting machines amongst other topics. I really enjoy his writing and it was good to see that he is as passionate about what he does in person as comes across in his essays and blog posts. Give it a watch, it's about 50 mins.

Securitytube is something I've only just discovered, but am pretty impressed with so far. YouTube for InfoSec geeks. Lots of really interesting stuff on there from tutorials to documentaries.

Results!

Posted by : Rob Stevens | Sunday, July 06, 2008 | Published in

The results for my uni course have been posted. I got my foundation degree with a commendation, which I am told is the best mark that can be obtained for this type of course. Not too shabby if I do say so myself. Now, on with the 3rd year...

The course, which starts in September is a 1 year top up to BSc for anyone with a relevent level 2 qualification (i.e. Foundation degree, HND or equivalent). The course summary including full module descriptions and reading lists can be found here (course code GH46) on the University Of Sunderland website. I'm really looking forward to getting stuck into it and I really want to get my hands on some the reading list material particularly the books by Ross Anderson and Bruce Schneier. I think it bodes well for the course that there's stuff on that list that I really wanted to read anyway. Only problem is that I've got to wait until September. Ah well.

Nerja Caves

Posted by : Rob Stevens | Saturday, June 28, 2008 | Published in


A couple of days ago we decided to visit the Nerja caves. I love visiting stuff like this and do it whenever I have a chance. The caves were absolutely beautiful, it's just a shame that they may not stay that way as most of the people in there seemed to be too stupid to take any notice of the repeated signs forbidding flash photography (this is done because it, as far as I know, damages the pigments in the rock). Presumably for the same reason you could only get into a small portion of the caves and the paintings could only be viewed from pictures in the visitors centre. This is a great shame, but I suppose it's inevitable if people can't be trusted not to be morons.. I would have liked to have been here in about a month as that's when they hold the cave festival where there are musical performances put on down there, which I gather is amazing.
Again for more pics, check out my Flickr page. Some of the pictures are less sharp than I'd like because of the afore-mentioned lack of flash. For more info on the caves, have a look at the official site and the wikipedia page. Great stuff. Go and see it, but beware of the mercenary photo people!

La Fiesta De San Juan

Posted by : Rob Stevens | Wednesday, June 25, 2008 | Published in

St. Johns festival is an event that happens every year in Nerja on the 24th of June and attended by people from all over the region to celebrate the fish! It's an all night affair where the locals come and camp on the beach, and it's apparently traditional for everyone to throw themselves into the sea at midnight. There were hundreds of people there with live music and a long barbecue pit where tons of sardines where flame cooked and then given out with bread for anyone who could be bothered to stand in the massive queue... The whole thing had a great party atmosphere and everyone seemed to be getting along great with no problems at all that I saw. A far cry (sadly) from any similar event in the UK. There was fireworks and (as you can see from the picture above) a big bonfire. After these were done we took our sardines (which were absolutely delicious) and went and sat on the beach to people watch. We had a great night and I'd definitely recommend this as a must do experience for anyone that happens to be in the region at the right time. There were all ages there from the very young kids tearing around, to the old folks having a fine time dancing to the bands. We thought we'd missed it but it turned out to have been moved back a day to make way for Spain playing in Euro 2008, and I'm very glad it was. An unforgettable part of our trip.


For anyone interested in more pictures, check out my Flickr page.

And...rest

Posted by : Rob Stevens | Thursday, June 19, 2008 | Published in

The foundation degree is finished. Two years have flown over and now there's just the top-up year at the uni to get me the full BSc and I'm done! I've thoroughly enjoyed doing the course and have learned an amazing amount. Can't wait to start putting it into practice. I'm intending to spend the summer passing the rest of my MCSA, getting my driving license and doing as much security reading as I can (any suggestions?). I'm also going to look into getting some sort of part time tech job to earn a bit of cash. Any experience could be useful...
But, before I get stuck into that, I'm off to Spain. The other half and I are going to spend a couple of weeks sitting in the sun reading, going swimming, and indulging too much. She's a student nurse, so we've both put in some fairly serious graft in the last year and we both really need some downtime! We're heading off to Nerja which is on the southern coast. Should we feel the need to do stuff there's loads within easy distance. The caves there are apparently amazing, and if we fancy it we're pondering taking trips out to Barcelona and Gibraltar. We're flying out tomorrow, so this time in 24 hours I'll be snoozing my first night in Spain. I'll be blogging any interesting stuff we do and posting as many smug photos as possible.

Notepad++

Posted by : Rob Stevens | Wednesday, May 28, 2008 | Published in


Anyone who does any sort of coding, be it web pages or application code, will find their job made a lot easier by an editing tool that helps them check their syntax and allows them to test the code on the fly to make sure any alterations haven't broken anything. I strongly recommend that anyone that this applies to checks out Notepad++.

I discovered this excellent free tool when I was trying to work out what was going wrong when I was editing the XML coding for this blog. There was something somewhere that there shouldn't have been that was stopping the page loading but I couldn't for the life of me work out what. I used this tool to check the code then ran a test in firefox, using a menu option built into the tool, and it very helpfully told me exactly where the problem was. Notepad++ provides support for syntax checking in a wide variety of programming languages, and also allows collapsing of different kinds of statements, helping to simplify the overall bulk of code that you're working with.
I'm not a fan of coding for exactly the reason that it's possible to spend entirely too long finding that tiny snippet of code that's broken everything, but some times it's unavoidable and I can just about find my way around. Tools like this make everything much less painless, and whilst I still don't exactly enjoy coding, I'm less likely to shrink away in horror...

Data Security for Home Users

Posted by : Rob Stevens | Tuesday, May 27, 2008 | Published in

I've been doing quite a lot of reading recently about network traffic content and it's pretty scary to realise just how much sensitive login info for various different network applications and protocols is floating around in clear text, and how many websites run background scripts designed to analyse your Internet usage and store information on you. Usernames and passwords for all sorts of things like Internet messaging programs (i.e MSN, AIM, etc.) and logins for various web pages and forums are there for the taking by anyone with a rough knowledge of what they're doing and the right tools.
Lots of attention is given to securing data within the work place with many organisations employing technologies such as Active Directory to secure access to the network and users data internally and firewall, IDS, and proxy filtering proxy filtering (amongst other things) to monitor and control external access. What is always surprising is how many people, the most experienced IT professionals included, tend to totally forget all that they know about protecting data and securing their systems when they are at home in front of their own computers. Whilst this is a problem that is being addressed these days, with more people becoming aware of problems like email phishing scams, people still generally don't know or care what information is being sent and received by their home PC. What I'd like to do with this post is share some ideas that people can easily implement that will help to secure their data, in ways that won't cause too much interference with their day to day computer use. This is the main problem with home computer security - it's a hassle. Remembering to run scans and check for updates, etc., etc., it's more than most people can be bothered with and as a result they end up with machines ridled with viruses and other malware.

The first thing to look at is anti-virus software. Pretty much everyone with a computer knows they should have it, but many people don't bother for any number of reasons - it's too expensive, it slows the computer down, blah blah blah. There are several perfectly decent free antivirus programs out there, many of which are light-weight (i.e. they won't hog resources) and easy to use. One that I would suggest is Antivir. This is an excellent program, that has a very good reputation for successfully identifying software threats. It can be set to both update itself and run scans by a scheduler, meaning that you don't even really need to remember to do anything. Antivirus software really is important. Without it your computer could be doing god knows what. It could be part of a botnet (a network of computers illegally controlled by malicious parties and used for any number of unpleasant things from spamming to denial of service attacks) or it could be riddled with programs that do things like gathering your personal info or firing popups at you constantly. Having malware like this running will almost certainly slow your machine down more than the average antivirus program. It won't solve all of your security problems, but it's a really good start.

The Internet is rife with methods of appropriating other peoples data for any number of reasons, whether it be for ID fraud, credit card scams, or relatively 'innocent' marketing purposes. How often do you try and access information on a web page only to be asked for all sorts of seemingly irrelevant details like full name, address, phone number, etc.? Pretty often I would guess. Now, how many of you when presented with this will just give it what it wants so that you can get on with browsing the site? Before you something like this, think. Does this site really need these details? Can I get the same information from somewhere else without answering these questions? More often than not there is no reason whatsoever for sites to gain this info. All that's happening is that your personal data is being stored in yet another potentially insecure database, waiting to be ripped off and used for fraudulent purposes. If there is somewhere else you can get the information you need, go there. If not, consider being less than truthful when filling in the form. These people usually don't need your data, so don't make it easy for them to get. I cannot stress enough how much of a problem identity fraud really is these days. Think before you type!
Another prevelant problem is the amount of background scripts there are running on many web sites which, again, are there purely for the purpose of gathering info. It could be something simple such as script for keeping an eye on site traffic, but it could also be trying to steal data or install something unpleasant (such as a trojan) on your computer via your web browser. My preferred method of dealing with this is to use the Firefox web browser combined with a plugin called NoScript. What this does is to block any scripts running on a page you visit until you authorise them to run. It then remembers which pages you have authorised and loads them up without problem from there on. Once you start using this plugin you really start to notice just how much is happening in the background of many web pages that you wouldn't even suspect. There are lots of good addons/plugins for firefox - FlashBlock and AdBlock Plus are both good ones that limit the amount of unnecessary data finding its way down your net connection. Have a look around and see if you find anything useful.

While I'm on the subject of installing things I'd like to talk about 'bonus' software that comes packaged as part of another program. Many people when installing something will just sit there clicking next without even looking at what they're agreeing to. Do you really want yet another 'amazingly useful search bar and funky widget' installing on your machine? Even if it's purpose is totally innocent it's one more thing using up your machines resources and slowing it down. Read before you click and yet again think! Quite often you can opt out of installing your 'freebie' and just get the software you were expecting. Failing to do this is yet another way to end up with a riddled machine.

The last thing I'd like to talk about is the use of public computers in web cafes, libraries, wherever. A badly managed public computer, i.e. one that doesn't clear out all personal information after a user has logged off, can be a goldmine for anyone attempting harvest user details, passwords, and personal info. My suggestion for anyone using a public service like this is to use the local computer as little as possible. By this I mean establishing a remote encrypted connection to your home computer and doing your browsing from there. This might sound a little complicated but it's actually really easy! A free service called LogMeIn makes it possible to log into your home computer from anywhere using just the browser. All you have to do to set up this service is install the program provided by the site on your home computer, and this then handles everything else. Very easy, and the encrypted connection provides excellent protection for any information you input while using the public terminal.

Obviously the steps outlined here aren't the be all of personal data security, but hopefully it should be a good place to get people started. If there's one thing I'd like people to take away from reading this it would be this. Engage brain. Think!

Edit: Since writing this I've come accross a post on gmgDesign.com that takes a more in depth look at encryption for home use. Worth looking at if your interested in doing this.

The sleeve so far

Posted by : Rob Stevens | Saturday, May 24, 2008 | Published in

Thought I'd stick up a few pictures of the current state of my sleeve :)
Still a lot of work to do, but I'm pretty happy with it so far.







Nearly there

Posted by : Rob Stevens | | Published in

The end is in sight. My student practitioner project was handed in Tuesday and I had my final Micrsoft theory exam and one of my wireless theory exams on Thursday. Will be so glad to get finished with wireless. I enjoy the practical stuff, but the theory is wave physics based gibberish. It makes no sense...

Robert of Arabia

Posted by : Rob Stevens | Sunday, May 18, 2008 | Published in

I've just come back from a university exchange trip with a college in Saudi Arabia. Riyadh Communications College is Saudi's only Cisco training facility. The idea of the exchange is to form a partnership between them and our own college for the purposes of exchange of both culture, and technical training and ideas.

A group of 16 of us went. While we were there we participated in some of the lectures and workshops being run at Riyadh college. I got shown some very interesting stuff on removing and exchanging the processor and memory chips inside a mobile phone. That showed one thing that was very different about the way the two colleges work - The Saudis seemed to spend a lot more time looking into how the components in various devices work which is something I've never really looked into. It's made me want to do a bit of electronic work at some point when I have time. Maybe I'll look into doing a part time course at some point once I've finished my degree. We also took a trip to a fiber-optic cable plant to see how the different types are made.

When we weren't working in the college we were being shown around the city. We saw some fantastic stuff - An old Arab fort, an aviation museum, and one of the best bits, for me at least, was a meal we had at a traditional Saudi restaurant. Another highlight of the trip was going out to the Empty Quarter where we had a barbeque and rode quad bikes. The food while we were out there was fantastic - lots of grilled meat and fish, naan breads and stews. I also tried eyeball, which was interesting...

It was a very interesting trip which gave me some interestingly different perspectives on several things, from ways of dealing with technology, to perspectives different countries have of each other, and how the reality is often very different.