Tuesday, October 16, 2007
Network Map Update
The ANML publishes a map of regional fiber-optic networks that are owned/run by educational and research institutions. The map gives an overview of the regional-scale connectivity in the United States. We just updated the map (this typically happens every few months - things don't change especially fast) so if you're interested, you can read more about the map, and download it, from the RON Map's web pages.
Monday, September 24, 2007
Do not write down your paswords..
"Dont write down your passwords" is a common mantra of computer administrators /secuity aware users. (Actually a "dont write down your passwords in cleartext" is the true recomendation). However many users ignore this. This weekend someone showmed me this: organizer. From their website:
Now a thief can have access to all your identification tokens in one shot. This would be gold for 'finantial impersonators' ("Identity Thiefs" IMHO is a very incorrect description of the crime). Please do not recoment this product to others..
Trying to remember your ID and password for all the various websites you frequently visit, such as online banking, travel reservations, shopping sites and many, many others can be a daunting task. This handy booklet is the answer to your worries.
....
Includes room for recording:
# The date an account was opened
# The company name and URL
# Your user name and password
# Your upcoming renewal date
# Online bank and other account numbers
Now a thief can have access to all your identification tokens in one shot. This would be gold for 'finantial impersonators' ("Identity Thiefs" IMHO is a very incorrect description of the crime). Please do not recoment this product to others..
Tuesday, September 18, 2007
Total geekery at the ANML, Redux
As a follow-up to the earlier entry about the old TRS-80 Color Computer: the distinguishing feature of the system in that picture is that it's got a silver case, indicating that it's definitely a Color Computer I (released circa 1979). The keyboard, however, has two extra keys in the lower right corner -- which are "F1" and "F2" keys that didn't appear on preinstalled Color Computer keyboards until the introduction of the Color Computer III in 1986.
Those blurry little keys served as evidence that this wasn't a CoCo that somebody had bought and then chucked in the closet without using, since the keyboard upgrade couldn't have been done at the factory. That meant that maybe this wasn't just another old CoCo with the standard 4KB of RAM and Color BASIC ROM...
And that's exactly how it turned out: once the system arrived, a quick popping-open of the case revealed that besides the new keyboard, it had been expanded to the full 64KB and had the Extended BASIC ROMs installed, increasing its value by at least a factor of four over the purchase price.
Of course, half the keys on the keyboard were stuck up or down because of poor storage conditions, but because this is a product from the days of real keyboards, that's nothing some careful disassembly and a kitchen sink full of warm, soapy water can't solve.
Those blurry little keys served as evidence that this wasn't a CoCo that somebody had bought and then chucked in the closet without using, since the keyboard upgrade couldn't have been done at the factory. That meant that maybe this wasn't just another old CoCo with the standard 4KB of RAM and Color BASIC ROM...
And that's exactly how it turned out: once the system arrived, a quick popping-open of the case revealed that besides the new keyboard, it had been expanded to the full 64KB and had the Extended BASIC ROMs installed, increasing its value by at least a factor of four over the purchase price.
Of course, half the keys on the keyboard were stuck up or down because of poor storage conditions, but because this is a product from the days of real keyboards, that's nothing some careful disassembly and a kitchen sink full of warm, soapy water can't solve.
Bootstrapping trust
Who do you trust and for what realms?
This is one of the key issues of security... do you trust every root certificate for your browser? (There are ~43 builtin root certificates in firefox)
How can you trust the first ssh connection to a new host?
And what about context? some of the people you know can good very good recomendations but only on some contexts. At the ANML we are helping develop a tool Nettrust to help users make some decitions while browsing the web. An alpha release of this tool is Available here.
This is one of the key issues of security... do you trust every root certificate for your browser? (There are ~43 builtin root certificates in firefox)
How can you trust the first ssh connection to a new host?
And what about context? some of the people you know can good very good recomendations but only on some contexts. At the ANML we are helping develop a tool Nettrust to help users make some decitions while browsing the web. An alpha release of this tool is Available here.
Monday, September 17, 2007
Good passwords
How to pick a good password? There's all kinds of advice out there on this topic. But if you want the right advice, you need only ask the ANML. We're never wrong. What never? Well, hardly ever, as they say.
Sometimes it's obvious
Computer and networking hardware can go bad in all kinds of ways. Sometimes it's obvious what the problem is, and sometimes it isn't. We recently had one of our machines lock up, apparently due to an issue with the storage subsystem. FWIW, The machine in question uses a 3ware IDE RAID controller with half a dozen drives hooked up to it. (We had a bunch of old 120GB drives lying around - six of them configured as a RAID-5 array (with one as a hot spare) was a super-economical way to get almost half a terabyte of somewhat reliable storage, alhough 0.5TB isn't much these days. Anyways... the problem was proving hard to diagnose, since it was intermittent, and manifested itself in different ways - kernel panics... refusing to boot... booting then locking up after variable periods of time.
At one point, we pulled the drives with the aim of re-seating the cables, and a sharp-eyed staff member noticed... well, see if you can spot the problem. Drive removed, all seems to be well. Dry join? Metal fatigue from years of fan and drive vibration? Who knows.
Tuesday, September 4, 2007
Total geekery at the ANML.
Among the geeky hobbies enjoyed by some of us at the lab is old computers -- if it's out of date, obsolete, and has a narrow data bus, there's a good chance that one of us is somewhat interested. If you pool our mental resources, we could probably write a book of trivia on just about any major 8-bit computer of the 80s.
Even so, one of us had a moment this week that provoked a full-fledged, "Wow, I really am a dork about this stuff."
The guilty party had just bought this lot on eBay, which was advertised as an old TRS-80 and two Odyssey2 consoles. See if you can guess why the photo was so interesting -- there's something unusual there. (Have no idea? Don't worry; we'll post again.)
Even so, one of us had a moment this week that provoked a full-fledged, "Wow, I really am a dork about this stuff."
The guilty party had just bought this lot on eBay, which was advertised as an old TRS-80 and two Odyssey2 consoles. See if you can guess why the photo was so interesting -- there's something unusual there. (Have no idea? Don't worry; we'll post again.)
Tuesday, August 28, 2007
This game sucks!
Here at the ANML we make fairly heavy (although not exclusive) use of Linux-based operating systems. We've also been known to indulge in the occasional video game. Mario Kart Double Dash on the Nintendo Gamecube (yes, we know it's not the latest technology) is a perennial favourite, but a couple of lab staff members are known to possess a Nintendo DS. Naturally, we could not resist combining Linux and the DS. The entire distribution fits in a few megabytes of flash memory. It's got wireless networking support, an ssh client, perl (it might not be clear in the picture there, but that's a perl "hello world" being run... what more could one need? Okay so the user input method leaves something to be desired, and if we're honest, we admit that this probably won't be pressed into service as anyone's desktop workstation, but it's a neat proof of concept sort of thing. Sometimes it's fun to do things just because you can.
Fundamentals of Logic
Every good geek should know what a logic gate is. If you dig down through the layers of software and hardware, they're one of the building blocks of every modern computer. Now, you can learn all about them with the help of logic goats.Never again will you have to refer to a boring old truth table! (One lab member suggests cross-coupling two of the NAND goats - instant perpetual motion machine!)
Monday, August 27, 2007
Passin' the time, passphrasing
Ok, so what did we do at the Indiana State Fair? We built the passphrase-o-meter! What the heck is that? It's a machine that rates how good a passphrase you made.
What's a passphrase? It's like sliced bread, only MUCH better! You remember passwords, right? Easy-to-remember things like sn00k!14
Well a passphrase is like a password except that: 1) It's a phrase, several words. And 2) It's much easier to remember, while also being much more secure, than a password.
What's a good passphrase? Something like "We built a passphrase-o-meter at the fair!" Or "My dog, fluffles, has fleas!"
You see, those are easy to remember, but it's not likely that someone is going to guess what they are, either!
All hail the coming of the new kingdom of passphrases. Passwords are dead! Long live the passphrase!
(We wrote short article about passphrases recently that was included in IU's Living Well pages, and also got picked up by a couple of other places, including Science Daily and even John Tesh's site. Does this mean we're famous?)
What's a passphrase? It's like sliced bread, only MUCH better! You remember passwords, right? Easy-to-remember things like sn00k!14
Well a passphrase is like a password except that: 1) It's a phrase, several words. And 2) It's much easier to remember, while also being much more secure, than a password.
What's a good passphrase? Something like "We built a passphrase-o-meter at the fair!" Or "My dog, fluffles, has fleas!"
You see, those are easy to remember, but it's not likely that someone is going to guess what they are, either!
All hail the coming of the new kingdom of passphrases. Passwords are dead! Long live the passphrase!
(We wrote short article about passphrases recently that was included in IU's Living Well pages, and also got picked up by a couple of other places, including Science Daily and even John Tesh's site. Does this mean we're famous?)
Polishing up some ANML software packages...
Processing gi-normous data sets like we often do at the ANML has required writing quite a bit of custom code, and we're getting ready to make some of that software available to a wider audience. One of the first bits will be a set of libraries for searching very large collections of Netflow data with boolean queries and pretty-printing the output in the format of your choice.
The "flowseek" system doesn't offer quite the flexibility of SQL, but it's nice to be able to quickly select, say, all the flows with a total size between 15,000 and 20,000 bytes, from a particular prefix, destined to either port 9001 or 9002, but not from that one host you already know about. And it's nice and fast, since it actually writes out your query as C code, compiles it, and imports it again as a shared object module!
More details later...
The "flowseek" system doesn't offer quite the flexibility of SQL, but it's nice to be able to quickly select, say, all the flows with a total size between 15,000 and 20,000 bytes, from a particular prefix, destined to either port 9001 or 9002, but not from that one host you already know about. And it's nice and fast, since it actually writes out your query as C code, compiles it, and imports it again as a shared object module!
More details later...
Thursday, August 23, 2007
porting from 32bit to 64bit architectures
Besides making sure you are using the right interger size when using interoperable files, this week we 'rediscovered' the dangers of the NULL pointer in x84_64.
When using a c function with ellipses, the compiler does not 'know' the size of the null pointer and convers the appareance on 'NULL' into a 0(zero). Thus, making some functions not work correctly unless the NULL pointer is casted to an 'appropiate pointer'. (Why this? this is already a pointer..)
When using a c function with ellipses, the compiler does not 'know' the size of the null pointer and convers the appareance on 'NULL' into a 0(zero). Thus, making some functions not work correctly unless the NULL pointer is casted to an 'appropiate pointer'. (Why this? this is already a pointer..)
Tuesday, May 8, 2007
Going to West Point
We just got a paper accepted to the 8th annual Information Assurance Workshop in West Point NY (IAW2007 ). Our paper: "Improving Honeynet Data Analysis" is about some of the long term changes done to the honeynet project's Honeywall data capture and analysis engine to improve performance, transparency, usability and forward expansion.
The paper describes a dataflow language for packet processing and an implementation of that language in C++.
The paper describes a dataflow language for packet processing and an implementation of that language in C++.
Thursday, March 22, 2007
Fun with MatLab!!!
Q. In MatLab, if you issue the following command:
save 'file.txt' a b c d e -ascii
in what order will the variables a, b, c, d and e be written to the file?
A. Who knows?
Presumably the variable names are being stored internally in a hash table. Iterate over that hash, and the order of the variables will be undefined. Gah!
save 'file.txt' a b c d e -ascii
in what order will the variables a, b, c, d and e be written to the file?
A. Who knows?
Presumably the variable names are being stored internally in a hash table. Iterate over that hash, and the order of the variables will be undefined. Gah!
Airport? Airport!
So we got one of them fancy new Apple airports here in the lab. It's actually something that someone bought for themselves, but I spent some time playing with it before it got gobbled back up.
The good: It looks cool. Apple seems to have a serious crush on the "I am a box" look -- think recent iMacs, but this one is turned on its side, like AppleTV (or whatever it's called).
Also good is the USB port, which allows you to hook in a printer for network access (nothing really new with that) and also a storage device, which can be shared as a file share. That's new. Note that if you want to do both, you'll have to hook in a USB hub.
The so-so. The box now considers a lack of a WI-FI password an "error." You can have an open network but, if you do, you have to watch an annoying yellow light blink on the outside.
The "what were they thinking?" 802.11n, which this box now supports, has a theoretical max data rate of over 500Mb/s (it's true, I read it on wikipedia) and a "typical" rate of 200Mb/s.
I did some benchmarking with an 802.11n-equipped Mac to the unit and could not get, under best conditions, better than about 80Mb/s to or from it. Sure, that's a lot better than standard 802.11g speeds, but only by about 3-4x.
I did some playing around to try and find out what was going on. Then I suddenly realized I only had the hub plugged into a 100Mb/s ethernet (wired) port. So I plugged it into a gigabit port. Guess what? The "I'm talking to a gigabit device" light on the gigabit port didn't turn out.
Long story short: It only has a 100Mb/s ethernet port on it, and appears to be wired internally only for 100Mb/s. So it's never gonna give you all that gooey, gooey 802.11n love.
The good: It looks cool. Apple seems to have a serious crush on the "I am a box" look -- think recent iMacs, but this one is turned on its side, like AppleTV (or whatever it's called).
Also good is the USB port, which allows you to hook in a printer for network access (nothing really new with that) and also a storage device, which can be shared as a file share. That's new. Note that if you want to do both, you'll have to hook in a USB hub.
The so-so. The box now considers a lack of a WI-FI password an "error." You can have an open network but, if you do, you have to watch an annoying yellow light blink on the outside.
The "what were they thinking?" 802.11n, which this box now supports, has a theoretical max data rate of over 500Mb/s (it's true, I read it on wikipedia) and a "typical" rate of 200Mb/s.
I did some benchmarking with an 802.11n-equipped Mac to the unit and could not get, under best conditions, better than about 80Mb/s to or from it. Sure, that's a lot better than standard 802.11g speeds, but only by about 3-4x.
I did some playing around to try and find out what was going on. Then I suddenly realized I only had the hub plugged into a 100Mb/s ethernet (wired) port. So I plugged it into a gigabit port. Guess what? The "I'm talking to a gigabit device" light on the gigabit port didn't turn out.
Long story short: It only has a 100Mb/s ethernet port on it, and appears to be wired internally only for 100Mb/s. So it's never gonna give you all that gooey, gooey 802.11n love.
Get the ball rolling!
Someone has to make the first post!
The idea here is that we can present a more informal account of things going on at the lab - what we're doing, what's captured our collective and individual imaginations, what's frustating us, who won the last round of Mario Kart Double Dash, that sort of thing. Posts might be more or less technical, depending on the mood of the individual making the posting. (Who that individual might be on any given occasion will remain a fascinating mystery.)
The idea here is that we can present a more informal account of things going on at the lab - what we're doing, what's captured our collective and individual imaginations, what's frustating us, who won the last round of Mario Kart Double Dash, that sort of thing. Posts might be more or less technical, depending on the mood of the individual making the posting. (Who that individual might be on any given occasion will remain a fascinating mystery.)
Subscribe to:
Posts (Atom)