(no subject)
I haven't updated in forever and a day. I suck.
I'm tired. I'm busy all the time. I guess this is a good thing, instead of the typical wandering ennui I usually exist in. Got several 'projects' I'm working on. yum. If they turn out fruitful, you may hear about them; if not, at least I've learned something. I hate to discuss things in their zygote stages; I'd rather introduce them once something formative is available for scrutiny. So yeah. I'll do that then.
Tomorrow I have the 3pm-11pm shift, so I feel obliged to stay awake late and do something meaningful with my time, like brew a pot of espresso and hack hack hack.
I don't know why I'm talking about my life here.
I'm acquiring computers like mad. I was gifted a very usable Windows workstation, complete with vmware (shh) and some other delectible devel goodies on board -- the only issue is the hdd is very limited at 10 gb. So I'll have to get a new one. On Thursday I acquire my very own powerbook G4, which I am buying second-hand for USD $850. What a score!!!! Dude, also, this will be my first mac. I was told I was Not Allowed to Install Linux On It. Ha. I may have to break that rule, depending on how well OSX and I interact. I suspect we will regard each other with a smidgen of suspicion, hesitance and resistance, but after a set period of adjustment take to each other like white on rice. heh. I'm feeling whimsical tonight, can't you tell?
In lieu of these new developments, I've converted the spare room into my office. Hopefully this will serve as a better working space than slumped on the couch with a knocked over ashtray bracing the armrest.
My todo.txt file is a bit out of control at the moment.
Lately I'm obsessed with (linux, specifically) rootkits. I don't know. I guess it's a good way to learn kernel internals. I started writing a paper/some code for my GIAC cert (have to get them for work) but it's quickly spiraling into something outside of scope of the GIAC stuff and basically, um, having little to no value in infosec. :) Basically, it is an in-depth analysis of a certain rootkit-detection package coughchkrootkitcough and writing some proof-of-concept (gay word or no? I prefer 'case study') patches for a certain popular public rootkit that permits said rootkit to elide detection from said popular rootkit detection software.
I like reading case study papers about crafting exploits. Often, there's some unique hackery involved that makes things more difficult to take advantage of than your typical Aleph1 overflow. See the recent BSD shmat(2) bug for example. Everything about the bug is pretty straightforward until:
One would then invoke some magic trickery and execute a suid binary which will reuse the freed vm_object for its stack segment.
In other news, I got in trouble at work for something partially to do with that particular advisory. Oh, it's a funny/embarassing story, but no time to elaborate right now (riiiight).
Other tangential goals of mine I am too lazy/retarded/embarassed about to discuss in detail:
- learn to use IDA pro and be awesome [rationale: I help disassemble some new worm and I am quickly a hero @ work and maybe I don't have to do dumb stuff anymore]
- learn about windows internals (related to above)
- get a hard drive for new workstation
- reed mor bookz
- create and configure some totallyawesomecool vmware images for use in honeypots, devel/breaking stuff.
- learn sparc assembly/ppc assembly [note: way at the back of the priority queue for now]
Worst study ever? [nothing against Macs but COME ON??? Where did they pull the stats and what sort of retardedly biased methodology did this organization use??]
And on a final note, I hate worms/viruses[insert dumb propagating malware here]. The end. And I do realize NIDS will never go away; I mean, we've had non-technological intrusion detection systems [e.g., rent-a-cops] for forever, no matter how ineffective they might be. However, hopefully the technology will progress.
I'm tired. I'm busy all the time. I guess this is a good thing, instead of the typical wandering ennui I usually exist in. Got several 'projects' I'm working on. yum. If they turn out fruitful, you may hear about them; if not, at least I've learned something. I hate to discuss things in their zygote stages; I'd rather introduce them once something formative is available for scrutiny. So yeah. I'll do that then.
Tomorrow I have the 3pm-11pm shift, so I feel obliged to stay awake late and do something meaningful with my time, like brew a pot of espresso and hack hack hack.
I don't know why I'm talking about my life here.
I'm acquiring computers like mad. I was gifted a very usable Windows workstation, complete with vmware (shh) and some other delectible devel goodies on board -- the only issue is the hdd is very limited at 10 gb. So I'll have to get a new one. On Thursday I acquire my very own powerbook G4, which I am buying second-hand for USD $850. What a score!!!! Dude, also, this will be my first mac. I was told I was Not Allowed to Install Linux On It. Ha. I may have to break that rule, depending on how well OSX and I interact. I suspect we will regard each other with a smidgen of suspicion, hesitance and resistance, but after a set period of adjustment take to each other like white on rice. heh. I'm feeling whimsical tonight, can't you tell?
In lieu of these new developments, I've converted the spare room into my office. Hopefully this will serve as a better working space than slumped on the couch with a knocked over ashtray bracing the armrest.
My todo.txt file is a bit out of control at the moment.
Lately I'm obsessed with (linux, specifically) rootkits. I don't know. I guess it's a good way to learn kernel internals. I started writing a paper/some code for my GIAC cert (have to get them for work) but it's quickly spiraling into something outside of scope of the GIAC stuff and basically, um, having little to no value in infosec. :) Basically, it is an in-depth analysis of a certain rootkit-detection package coughchkrootkitcough and writing some proof-of-concept (gay word or no? I prefer 'case study') patches for a certain popular public rootkit that permits said rootkit to elide detection from said popular rootkit detection software.
I like reading case study papers about crafting exploits. Often, there's some unique hackery involved that makes things more difficult to take advantage of than your typical Aleph1 overflow. See the recent BSD shmat(2) bug for example. Everything about the bug is pretty straightforward until:
One would then invoke some magic trickery and execute a suid binary which will reuse the freed vm_object for its stack segment.
In other news, I got in trouble at work for something partially to do with that particular advisory. Oh, it's a funny/embarassing story, but no time to elaborate right now (riiiight).
Other tangential goals of mine I am too lazy/retarded/embarassed about to discuss in detail:
- learn to use IDA pro and be awesome [rationale: I help disassemble some new worm and I am quickly a hero @ work and maybe I don't have to do dumb stuff anymore]
- learn about windows internals (related to above)
- get a hard drive for new workstation
- reed mor bookz
- create and configure some totallyawesomecool vmware images for use in honeypots, devel/breaking stuff.
- learn sparc assembly/ppc assembly [note: way at the back of the priority queue for now]
Worst study ever? [nothing against Macs but COME ON??? Where did they pull the stats and what sort of retardedly biased methodology did this organization use??]
And on a final note, I hate worms/viruses[insert dumb propagating malware here]. The end. And I do realize NIDS will never go away; I mean, we've had non-technological intrusion detection systems [e.g., rent-a-cops] for forever, no matter how ineffective they might be. However, hopefully the technology will progress.