The Five Acts of Harry Patch: Third Act

July 25, 2009 – 6:18 pm

First the hard facts of not wanting to fight, and the kindness of deciding to shoot men in the legs but no higher unless needs must, and the liking among comrades which is truly deep and wide as love without that particular name, then Pilckem Ridge and Langemarck and across the Steenbeek since none of the above can change what comes next, which is a lad from A Company shrapnel has ripped open from shoulder to waist who tells you “Shoot me”, but is good as dead already, and whose final word is “Mother”, which you hear because you kneel to hold one finger of his hand, and then remember orders to keep pressing on, support the infantry ahead.


Top Recycling Tip for the Paranoid

December 4, 2008 – 2:07 pm

Got this top Recycling Tip from Google today.. Obviously well suited to the paranoid among us.


8 minutes

November 23, 2008 – 1:06 am

Well I brought up a new malware honeypot this evening, and to my surprise it only took 8 minutes for it to catch it’s first piece of malware. What is more important it is a new instance too of Worm.Win32.Padobot.m

This is pretty much a record for the VDot malware honeynet, the quickest before today was about 50 minutes.


IPv6

November 14, 2008 – 12:07 pm

Okay, so IPv6 is the saviour of us all, why you may ask well in 2 years there will be no new IPv4 address blocks for IANA to hand out and in 2011 the last address will be issued by the local registries. Thing it there is no push by any major ISP to roll out IPv6, hell there are no major content providers with IPv6 enabled services on mass.

I know Google have IPv6 on ipv6.google.com but to be honest, you wouldn’t know it existed if you did Google it first on the IPv4 Google. Even then Google will not put in a AAAA record for DNS on the www.google.com domain to give the main site a IPv6 address. Their reason is pretty lame too, apparently they reckon that it will cause problems for people with both IPv6 and IPv4 stacks when resolving the DNS for the domain? Odd that because I’ve never seen issues with having Dual Stacks..

Microsoft Live has as far as I can see no IPv6 enabled services, neither do Yahoo! or other similar content providers.

Well there is one content provider, me… The main VDot web site is IPv6 Enabled, so is Mail and Jabber. The Mailling list archive is too. The Scanner however is not, it could be however if I rebuilt the Kernel and added IPv6 support and assigned a chunk of IPv6 addresses to the section of network it has at home.

After all the rest of the network here is IPv6, in fact there are only two machines without IPv6, the scanner frontend and the OpenVPN box. The OpenVPN box isn’t IPv6 because the build of OpenWRT which the VPN server runs on doesn’t have support for it.

The other thing that really steams me is very few of the router vendors for home users actually produce versions that are IPv6 enabled in some way. There are one or two, one of the reasons I moved everything at home to IPv6 was because of Apple. Why Apple? Well almost everything they produce these days is IPv6 enabled, Access Points, Time Capsule and OS X, the exception is the iPhone (probably the iPod Touch too), but I reckon it wouldn’t be a huge deal for them to enable both of those given they are based on OS X/Darwin at the core.

It seemed the smart thing to do to go IPv6 at home, I setup a 6to4 Tunnel using a tunnel broker as neither of my two ISPs support native IPv6 on ADSL. That terminates on one of the two front end firewalls at home and then assigns IP addresses via the discovery protocols that are part of IPv6 thus no need for a DHCP server. Of course I use an IPv6 enabled firewalls in the form of IPTables and ipfilter so as well as protection using IPv4 Access Controls I’ve got the same on IPv6.

I’ve event setup a dynamic tunnel for IPv6 for my laptop so I can have IPv6 connectivity when mobile too..


Second Mortgage on the UK

October 8, 2008 – 12:12 pm

So Gordon has mortgaged the UK to the hilt to bail out the banks that have created the mess we’re in…

Interesting… Basically wants to return to borrowing more money to get us out of the problem where we’ve borrowed too much money.. Is it just me that this is just bad management of the public coffers…

After all it is seriously bad money management for someone to borrow on one credit card to pay off another credit card, this idea the the government is punting is just basically the same….

So as the public, we have to pay the money in more taxes to pay for the debt that Gordon has run up and the banks get richer while they make money from us when they lend more.. This really does seem like a bad deal.

Basically let the banks go under… If they have bad debt then they are running with bad business practices.

We seem to have a culture now that is toxic, everything in life seems to be driven by getting more and more in debt, we need to get out of this and get back to living within our means and not borrowing to the point that the middle and low elements of society are destroyed by the debt they are saddled with. Where as the rich just get richer..


Gurkha Right to Stay

September 16, 2008 – 12:41 pm

I’ve long been a believer as a member of the younger generation that we need to remember and stand up and speak for the Veterans of our Armed Forces no matter who they are. I’m increasingly beginning to think our current overlords (Government) are not honouring the Military Covenant with our service personnel and veterans.

One of the two charities I support does the best job they can given the support they get form the public and I think the public should do more to support the Royal British Legion.

You don’t see them having random ‘paid’ people signing up people on the street to make a direct debit payment to support them, a practice that undermines the sprit of the charity collection processes of many charities, and like those other charities it hurts them as the big charities can afford to pay these people to collect these direct debit donations. I’m not saying they don’t need the money I am saying the practice which gets around the law that governs how charities collect donations off people on the street is wrong.

Anyways I digress, in honouring the Covenant the Government should allow former members of the Gurkha Rifles who wish to make the UK their home to stay indefinitely, it is only fair and right. Consider this, if you look at the 10 surviving members of the British Armed Forces that hold a Victoria Cross, THREE of them are Gurkhas, consider this if you gave a minutes silence for every Gurkha killed during World War II you’d have to stay silent for TWO Weeks. So head over to No 10 and sign the petition for letting the Gurkhas stay.


SCADA

September 12, 2008 – 9:53 pm

Well after seeing a somewhat mediocre talk on SCADA at this years Defcon, myself and a colleague had been messing around with the idea of writing a SCADA network scanning tool.

Over the last couple of weeks I’ve been writing it in Ruby. At the moment it is more of a series of classes as a framework for communicating with SCADA ModBus devices either over TCP/IP or Serial. Included are some specific functionality to Enumerate Functions supported by a device, along with discovering the Slave Devices on the ‘network’. I say network as a more generic term as the Serial Connections are not specifically a network, but the code is able to enumerate slaves on a serial bus none the less.

The code doesn’t implement a full all singing and dancing ModBus API just a subset, but it is extendable to allow this. It provides a usable framework for building a valid message that can be sent, which is key for Fuzzing a device.

One of the key features is the code is able to be extended to include other SCADA protocols, I’m looking at a couple of others there too. Another element I’m looking at is code to test against Master devices on the SCADA network, at the moment the majority of the code is designed to look at a Slave device. But I’ve put together the basics of a ModBus Slave to allow me to do bad things to a Master that connects to it.

The other major feature for this code is that I can link it easily with my Ruby Fuzzing Library to target devices for specific testing of implementations. The code is all there, just need some devices to test it against.


Slaves to the software vendors

September 3, 2008 – 12:31 am

Is it just me or are most business slaves to the big software vendors. Everything they produce is about locking the user into their model there platforms and their hardware!

Take Email and Instant Messaging, Microsoft lock users into Office by discouraging the use of open protocols such as IMAP and similar, in doing so most businesses limit their client platforms to Windows as Outlook and Exchange RPC clients are Windows only.

IM within businesses provided by exchange requires a special Windows only client, none Windows users are discouraged by being forced to use inferior and impractical web based client software.

At least some vendors Apple and Google are making business products that are open so that anyone can use them. Shame is that it may be too late there are too many MCSE types out there that are blinkered to the better alternatives than being slaves to one vendor. Don’t they get it, you will cease to depend on one vendor, in doing so you open you business up to not having to be a slave to requirements to run the next OS from Microsoft, in the long term you spend less on updated hardware and software.

OS X and Linux run on old hardware, saving you money, vista requires you to update your hardware this is wasteful and cuts into your bottom line, yet strangely Microsoft gets richer.

Screw this support costs crap, if you IT staff cannot support multiple environments then you have the wrong staff. Fire them get some that are not Microsoft drones and you get free thinking creative staff that can build and support anything you throw at them. Your business will no longer be crippled by inferior software and you male more money!


Another year unto the breach

August 20, 2008 – 11:13 pm

Another year passes…


Defcon Day One

August 9, 2008 – 2:21 am

Defcon 16, day one couple of okay talks got the high tech badge. More on the badge later.