Last week a friend at work handed me a book to check out. It was called Stealing the Network. Boy did I enjoy it. It's basically a collection of 'fictional' hacker/security consultant stories. The stories cover the whole gammit of hacking, from social engineering to deconstructing worms, to stealing a 0-day exploit. I found it super interesting.
In their stories, the authors go into detail with the kinds of tools they use. Netcat, Snort, John the Ripper, and Ethereal all make an appearance, as well as many others. It's interesting to compare the list of tools used in this book with the list at sectools.org.
I'd highly recommend the book if you're familiar with any of these tools or have an interest in secure networks.
Monday, September 24, 2007
Thursday, September 13, 2007
A Different Perspective...
I've been working with Tibco for the last two months. Before that I was involved in a significant development effort building an automated build system for a large java development team. What a difference in projects.
Before this gig, I didn't have a lot of experience with big SOA (Service Oriented Architecture) solutions like Tibco. Approaching Tibco's 'solution' from a java perspective is a bit of a shock. Why? Isn't Tibco coded in Java? It certainly looks like it, however it's end users (I don't think) were supposed to be experience enterprise Java developers. It appears to be geared more towards business analysts and 'light' coders. ...Grab this component, drop it there, draw an arrow to it from that component.. etc. I was somewhat aware of that going into the project.
Probably the biggest surprise and 'Aha!' for me is Tibco's business model. What I see is Tibco markets their product to the big decision makers (read: people who sign the cheques). Generally, these people have a high level view of most things, including the development process and what actually happens behind the GUI of an application. Tibco very successfully markets their products to these people, telling them that Tibco applications will 'take your system from greedy (as in a money sink) to speedy'. It looks great on paper and running in a demonstration. It looks like a Godsend to businesses that are fed up with waiting a month for the release cycle to finish so they can get their little text change posted in production.
Who knows.. it might be. It seems to come down to who really owns the business. Who calls the shots about what the business direction is and what should be put into production? Who's responsible if revenue doesn't meet expected targets? Should the business be limited and reigned in by IT's processes because 'everything needs to be unit tested, smoke tested, functionally tested, regression tested, performance tested, and then tested in a staging environment'? Sometimes it's fun to wear a cowboy hat.
The Tibco tool we work with doesn't seem to have much in the way of a testing harness... at all. Please feel free to set me straight on this - I want to know how to do some QA against a Tibco app. Also, our Tibco application makes close to 2 dozen separate calls (between itself and over the wire with a significant amount of data) for 1 single request - it's VERY chatty. Apparently, Tibco's solution to increase performance and make chatty applications run faster... throw more hardware at it.
For me the jury is out. I don't have enough experience yet to make an informed decision either way: Java enterprise or Tibco SOA. You want granular control of how your application works at the lowest level and you don't need to turn production on a dime - I'd suggest Java. If you want quick turnaround and a business oriented IT application, and you're not concerned about what's happening underneath the covers, maybe Tibco is the option for you.
Before this gig, I didn't have a lot of experience with big SOA (Service Oriented Architecture) solutions like Tibco. Approaching Tibco's 'solution' from a java perspective is a bit of a shock. Why? Isn't Tibco coded in Java? It certainly looks like it, however it's end users (I don't think) were supposed to be experience enterprise Java developers. It appears to be geared more towards business analysts and 'light' coders. ...Grab this component, drop it there, draw an arrow to it from that component.. etc. I was somewhat aware of that going into the project.
Probably the biggest surprise and 'Aha!' for me is Tibco's business model. What I see is Tibco markets their product to the big decision makers (read: people who sign the cheques). Generally, these people have a high level view of most things, including the development process and what actually happens behind the GUI of an application. Tibco very successfully markets their products to these people, telling them that Tibco applications will 'take your system from greedy (as in a money sink) to speedy'. It looks great on paper and running in a demonstration. It looks like a Godsend to businesses that are fed up with waiting a month for the release cycle to finish so they can get their little text change posted in production.
Who knows.. it might be. It seems to come down to who really owns the business. Who calls the shots about what the business direction is and what should be put into production? Who's responsible if revenue doesn't meet expected targets? Should the business be limited and reigned in by IT's processes because 'everything needs to be unit tested, smoke tested, functionally tested, regression tested, performance tested, and then tested in a staging environment'? Sometimes it's fun to wear a cowboy hat.
The Tibco tool we work with doesn't seem to have much in the way of a testing harness... at all. Please feel free to set me straight on this - I want to know how to do some QA against a Tibco app. Also, our Tibco application makes close to 2 dozen separate calls (between itself and over the wire with a significant amount of data) for 1 single request - it's VERY chatty. Apparently, Tibco's solution to increase performance and make chatty applications run faster... throw more hardware at it.
For me the jury is out. I don't have enough experience yet to make an informed decision either way: Java enterprise or Tibco SOA. You want granular control of how your application works at the lowest level and you don't need to turn production on a dime - I'd suggest Java. If you want quick turnaround and a business oriented IT application, and you're not concerned about what's happening underneath the covers, maybe Tibco is the option for you.
Wednesday, September 12, 2007
Flash boot, more cron, and caching.
I learned an interesting thing today. Depending on the bios of your system, you can boot your box from a flash drive (memory stick). The flash drive needs to be in the usb port when you start your box up though, otherwise the bios won't know that's it's available.
I learned one more thing about cron today. To get cron to run once daily, don't do this: '* 0 *** /opt/myscript.sh'. What will happen is cron will wait until midnight to run, and then it'll run every minute because you've used a '*' instead of a '0' in the minutes space. The correct format is '0 0 *** /opt/myscript.sh'.
I've pretty much finished up my little project with FusionCharts. However, I've noticed there a bit of an issue with caching. It's actually not very consistent. I can have 5 charts displaying 5 different data sets on one page, and 4 of them will update with new data, one of them will absolutely refuse to until I shut down the browser and open a new one. (I'm working with Firefox, by the way).
Firefox seems to really be in love with pages it's seen before. I haven't just seen this issue with FusionCharts. Some time ago we ran into a situation at work where clients were actually having to log in twice because the first login seemed to be ignored. What was happening was Firefox was overwriting the cookie for the login page with the favicon cookie. We had to examine every packet for each request to figure that one out. We used an obscure setting in the ajp connector in tomcat's server.xml file to resolve that one. 'emptySession=true' or something like that - I can't remember it off the top of my head right now - it was a couple of months ago.
I learned one more thing about cron today. To get cron to run once daily, don't do this: '* 0 *** /opt/myscript.sh'. What will happen is cron will wait until midnight to run, and then it'll run every minute because you've used a '*' instead of a '0' in the minutes space. The correct format is '0 0 *** /opt/myscript.sh'.
I've pretty much finished up my little project with FusionCharts. However, I've noticed there a bit of an issue with caching. It's actually not very consistent. I can have 5 charts displaying 5 different data sets on one page, and 4 of them will update with new data, one of them will absolutely refuse to until I shut down the browser and open a new one. (I'm working with Firefox, by the way).
Firefox seems to really be in love with pages it's seen before. I haven't just seen this issue with FusionCharts. Some time ago we ran into a situation at work where clients were actually having to log in twice because the first login seemed to be ignored. What was happening was Firefox was overwriting the cookie for the login page with the favicon cookie. We had to examine every packet for each request to figure that one out. We used an obscure setting in the ajp connector in tomcat's server.xml file to resolve that one. 'emptySession=true' or something like that - I can't remember it off the top of my head right now - it was a couple of months ago.
Tuesday, September 11, 2007
Oracle & perl
Continuing to work with SqlPlus and Oracle 10g. Today I resolved two issues I had with an sql query.
With the first problem, I was passing two parameters into the .sql file and when the sql was executed in the file, along with the selected information, it would output 'old ... my sql here with the params not replaced' and then 'new... my sql here with the params replaced'. Thanks for that, but I know which params I'm replace, I don't need more notification of it. It turns out getting rid of this notification is fairly easy. At the top of the script, just put 'set verify off' and no more 'old...new' junk.
In the second problem (same script) I was doing some division and there were instances where my divisor could be (and was) 0. Sql doesn't like to divide by 0 at all (like pretty much every other language I've worked with). There is a neat little fix to get around this as well. My divisor looked like 'select count(a.blah) from ....' and if you add 'select decode(count(a.blah),0,1,count(a.blah)) from ...' it will substitute a 1 if the selected count is a 0. It worked super.
Messing around with Perl some more, I discovered some good functions. @myArray = split(/~/,$var); will take make an array of strings, seperating them by every '~' found in the string. Working with arrays, push(@myArray, someValue) pushes a new value onto 'myArray'. Pretty basic stuff, I know. I like to celebrate small victories (and remember them for next time).
Can you believe it, I hit a dog riding my bike on the way home from work today. A big doberman. He ran right infront of me. I slammed on my brakes and my rear end came up. I didn't hit him hard - but enough to put my handle bars out of alignment with my front tire a bit. I fixed that at the first red light I stopped at. I also just about hit a snake warming himself on the pavement.
With the first problem, I was passing two parameters into the .sql file and when the sql was executed in the file, along with the selected information, it would output 'old ... my sql here with the params not replaced' and then 'new... my sql here with the params replaced'. Thanks for that, but I know which params I'm replace, I don't need more notification of it. It turns out getting rid of this notification is fairly easy. At the top of the script, just put 'set verify off' and no more 'old...new' junk.
In the second problem (same script) I was doing some division and there were instances where my divisor could be (and was) 0. Sql doesn't like to divide by 0 at all (like pretty much every other language I've worked with). There is a neat little fix to get around this as well. My divisor looked like 'select count(a.blah) from ....' and if you add 'select decode(count(a.blah),0,1,count(a.blah)) from ...' it will substitute a 1 if the selected count is a 0. It worked super.
Messing around with Perl some more, I discovered some good functions. @myArray = split(/~/,$var); will take make an array of strings, seperating them by every '~' found in the string. Working with arrays, push(@myArray, someValue) pushes a new value onto 'myArray'. Pretty basic stuff, I know. I like to celebrate small victories (and remember them for next time).
Can you believe it, I hit a dog riding my bike on the way home from work today. A big doberman. He ran right infront of me. I slammed on my brakes and my rear end came up. I didn't hit him hard - but enough to put my handle bars out of alignment with my front tire a bit. I fixed that at the first red light I stopped at. I also just about hit a snake warming himself on the pavement.
Friday, September 7, 2007
Random assimilations and Business ideas
Today I learned that you can pass in parameters to .sql scripts that are destined to be run with sqlplus. It looks like this: 'sqlplus -s dbuser/dbpasswd@dbname @scriptname.sql param1 param2' and then in the sql file you output the params using &1 and &2. I was finding though that for the replacement sqlplus was being verbose and telling me about every replacement it made. I didn't like that so much, but couldn't figure out how to turn it off. I've already got 'set headers off' and 'set feedback off' set at the beginning of the script. I tried 'set logging off' but it didn't like that (because logging is set to off as a default I believe). Anyhow, the replacements were working.
With Oracle SQL, if you want to select back by a time interval, do something like this: 'select count(*) from my_log_table where logdatetime > current_date - interval '15' minute;' or you can use '- interval '6' hour' ... or '- interval '2' day' etc. Single quotes around the number!
Back to cron: to set cron to run every minute go '*/1 * * * * /scriptToBeRun.sh' Every 3 minutes: '*/3 * * * * /script2BRun.sh'
One problem I've run into with FusionCharts is the limitation of the Flash plugin to handle a big data dump. Put more than a few graphs with, say, 50 datapoints each on a page, and the browser hangs and the plugin throws our of memory errors.
Interesting IT Business Ideas:
- Reusing software development tools for other industries/applications. For example: other than the obvious issue with binary file types, why don't architects and lawyers use a repository like SVN, or Monotone? ( I left out the ones you have to pay for :-) We've tossed this idea around wondering if anybody has tried to market repositories this way....
- Becoming a freeware software consultant for small businesses. You can get everything from a good OS to all the 'openOffice' applications for free, not to mention what Google and others are putting on line (word processors and spreadsheets, etc), and universally accessible too! Seems to me if you're good at training, you can really help small businesses save a buck on software by showing them how to use all the free stuff out there. It wouldn't surprise me if people are doing this one already.
- write a GOOD, scalable, secure, extensible front end framework for web applications. There's a tonne of them out there now, but it seems like every one of them (Ruby, JSF, Struts, Facelets, Tapestry, SpringMVC, etc) has a downside. I've had conversations with a number of knowledgeable architect types and they agree that there is no good front end web solution out there right now. So, one could code a good freeware framework, consult using it, and then sell it to Red Hat (like the JBoss consultants did).
With Oracle SQL, if you want to select back by a time interval, do something like this: 'select count(*) from my_log_table where logdatetime > current_date - interval '15' minute;' or you can use '- interval '6' hour' ... or '- interval '2' day' etc. Single quotes around the number!
Back to cron: to set cron to run every minute go '*/1 * * * * /scriptToBeRun.sh' Every 3 minutes: '*/3 * * * * /script2BRun.sh'
One problem I've run into with FusionCharts is the limitation of the Flash plugin to handle a big data dump. Put more than a few graphs with, say, 50 datapoints each on a page, and the browser hangs and the plugin throws our of memory errors.
Interesting IT Business Ideas:
- Reusing software development tools for other industries/applications. For example: other than the obvious issue with binary file types, why don't architects and lawyers use a repository like SVN, or Monotone? ( I left out the ones you have to pay for :-) We've tossed this idea around wondering if anybody has tried to market repositories this way....
- Becoming a freeware software consultant for small businesses. You can get everything from a good OS to all the 'openOffice' applications for free, not to mention what Google and others are putting on line (word processors and spreadsheets, etc), and universally accessible too! Seems to me if you're good at training, you can really help small businesses save a buck on software by showing them how to use all the free stuff out there. It wouldn't surprise me if people are doing this one already.
- write a GOOD, scalable, secure, extensible front end framework for web applications. There's a tonne of them out there now, but it seems like every one of them (Ruby, JSF, Struts, Facelets, Tapestry, SpringMVC, etc) has a downside. I've had conversations with a number of knowledgeable architect types and they agree that there is no good front end web solution out there right now. So, one could code a good freeware framework, consult using it, and then sell it to Red Hat (like the JBoss consultants did).
Wednesday, September 5, 2007
Got Something done today!
...or at least, it felt like it. After doing housekeeping with our production application yesterday at work, today was a 'sit down and code' day. Boy did it feel good. I had told myself that I had to get this charting solution finished today or it would turn into a waste of time. It turns out that FusionCharts are super easy to implement, and boy, do they look sharp.
In my 'solution', I'm using Nagios to provide the data, with its 'service-perfdata' process. That file gets big quickly. I just enabled it in the Nagios configuration on Friday last week, and I already had 12 Megs of data. Going through the Nagios documentation and forums, there doesn't appear to be any mechanism to 'roll' this file or archive it or buffer it.... It had me stumped for a while. Then I realized I could just do a simple 'tail -1000 service-perfdata.out > service-perfdata.out' in a shell script with a cron job, and presto - a simple fix.
So, mental note to self.... whenever you're coding a shell script (or any kind of script) that gets run by cron, make all the file paths in the script(s) absolute. I keep on running into this problem. Cron is ignorant about everybody's profile and position.
I just started coding with Perl this summer on this project, and I really like it. Working with arrays is tricky and not very intuitive. Otherwise, though, Perl is fantastic for whipping up something quick. Today I found out that you can use && and || in conditional 'if' statements. That was good. Also, something I've noticed in the past and ran into again today - the 'chop' and 'chomp' functions in perl don't seem to work like the documentation says they should. I ended up having to something like this to get rid of spaces '$var =~ s| ||g' - basically using sed (or the like) to get rid of spaces I didn't want. Perl's localtime() function to convert unix to to something readable worked slick for me today. Another thing I ran into not too long ago - the proper way to concatenate strings in Perl is with '.'
Rode my bike into work today. Just had the pedal axle fixed, and wow, what a difference. The aphids are all over the place right now. After a ride they are just plastered all over me. It's hard to not breathe them in while one rides.
In my 'solution', I'm using Nagios to provide the data, with its 'service-perfdata' process. That file gets big quickly. I just enabled it in the Nagios configuration on Friday last week, and I already had 12 Megs of data. Going through the Nagios documentation and forums, there doesn't appear to be any mechanism to 'roll' this file or archive it or buffer it.... It had me stumped for a while. Then I realized I could just do a simple 'tail -1000 service-perfdata.out > service-perfdata.out' in a shell script with a cron job, and presto - a simple fix.
So, mental note to self.... whenever you're coding a shell script (or any kind of script) that gets run by cron, make all the file paths in the script(s) absolute. I keep on running into this problem. Cron is ignorant about everybody's profile and position.
I just started coding with Perl this summer on this project, and I really like it. Working with arrays is tricky and not very intuitive. Otherwise, though, Perl is fantastic for whipping up something quick. Today I found out that you can use && and || in conditional 'if' statements. That was good. Also, something I've noticed in the past and ran into again today - the 'chop' and 'chomp' functions in perl don't seem to work like the documentation says they should. I ended up having to something like this to get rid of spaces '$var =~ s| ||g' - basically using sed (or the like) to get rid of spaces I didn't want. Perl's localtime() function to convert unix to to something readable worked slick for me today. Another thing I ran into not too long ago - the proper way to concatenate strings in Perl is with '.'
Rode my bike into work today. Just had the pedal axle fixed, and wow, what a difference. The aphids are all over the place right now. After a ride they are just plastered all over me. It's hard to not breathe them in while one rides.
Subscribe to:
Posts (Atom)