How I got started in information technology

Posted on August 17, 2010 by Stephen Reese

Every once in a while someone asks me how I got started in working in the information technology realm. Usually someone that is not in the industry or they are interested in working with computers as a career and are not really sure where to start. I do not think I have been able to come up with a great answer but here is how it has worked for me thus far.

I have always had a mechanical inclination. I was one of those kids that would rather take apart their toys (read break) then play with them. I originally had a love affair with cars, especially engines. I would have one of my parent’s take me to the junk yard (before I could drive) just so I could pull old V8’s and bring them home to disassemble them. This was entertaining but then our family got a new computer. I had worked with friend’s computers but was careful not to break them as I knew their cost. You can imagine my dad’s face when he brought home our first computer and shortly thereafter I had the internals of it laid out across the floor. Lucky for me I somehow was able to put it back together and it still worked. I was hooked as there seemed like an endless amount of possibilities to keep me occupied.

I continued on my quest of learning more by installing other operating systems such as Redhat 6 besides the Windows 95 install as a dual boot installation. Not a very interesting feat now but at the time it was amazing for me. Fast forward a few years and I had gotten various jobs working for firms setting up and maintaining computer systems. I eventually got bit but the security bug while working at a university. I find the aspect of securing computer systems quite interesting as not only are you concerned with how information systems are implemented but also what vectors may be used to attack them and so much more. Enough about that here’s what I told the last person that was interested in getting into the technology scene. Opinions vary greatly here.

It depends upon what you see yourself doing in 10, 20 years from now. Computer Science (CS) degrees are great and they usually cover the spectrum when it comes to the world of computing. I was going to get a CS degree but was undecided the first two years and by the time I pulled it together I realized I would need two years of Calculus and Physics before most universities would even consider me for their programs. I instead went the Computer Information Science (CIS) route. This worked well for me as they are well recognized and the prerequisites were less demanding and time consuming.

Many universities now offer a number of programs such as Decision Information Science (DIS), this example focuses on more of the business perspective. I know one person whom has gone this route but they have done well. Most jobs will say they want a technology oriented degree though are not always specific. Regardless do your research. This ultimately depends upon what you expect to do and where you want to work. If you know the type of position you might see yourself in then look a position descriptions and figure out what the firms desire in that field. There are plenty of jobs out there but just more competition for them.

Due to competition in the market I would definitely recommend three things. One, if feasible, regardless of the bachelors program get a masters, these seems to open more doors and some schools have 3/2 programs that allow you to pretty much get a masters and bachelors at almost the same time. Two, get an internship and/or job working with computers, helpdesk at a university or work for a small company maintaining their network, etc. Besides education, experience is highly regarded in the industry regardless of your concentration and this will help you figure out what you want to do career wise. Three, look into certifications such as a CCNA, Security+, MCSA. Even entry level certifications may help get you in the door though this is debatable by some.

I will state that I know people that rely purely upon their experience and others that are more academically focused. I do not think there is a sure fire method but for me a combination of both has worked fairly well.

Posted in education, technology | Leave a comment

Information Technology Podcasts

Posted on May 25, 2010 by Stephen Reese

I travel quite a bit so I always like to keep a nice stock of audio on hand. Basically another source of information to keep me up2date on what’s going on in the information technology realm. Note some of these may be explicit so please use discretion. This list is an update from this post of 2008.

AudioParasitics – The Official Podcast of McAfee Labs
Blue Box: The VoIP Security Podcast
CBS Technology Podcast – Larry Magid
CERT’s Podcast Series: Security for Business Leaders
Cisco Security Podcast Series
Crypto-Gram Security Podcast
CyberSpeak’s Podcast
Exotic Liability
My Hard Drive Died – w/Scott Moulton
Network Security Podcast
NPR: Technology Podcast
Off The Hook: high-bitrate MP3 feed
OWASP Security Podcast
PaulDotCom Security Weekly
Podcasting For Dummies
RB2
Risky Business
SANS Internet Storm Center StormCast
SECTHIS.COM Security Podcast
SecuraBit
Security Buzz
Security Justice
Security Now!
Security to the Core | Arbor Networks Security
Security.Exe powered by The CISO Group with Alan Shimel & Mitchell Ashely
Sophos Podcasts Speaking of Security, the RSA Blog and Podcast
SploitCast
Tenable Network Security
The CyberJungle (Formerly The Data Security Podcast)
The KCBS Hi-Tech Report
The Linux Action Show! MP3
The Rear Guard
The Security Catalyst — The Security Catalyst
The Silver Bullet Security Podcast

Posted in podcasts | Leave a comment

Finally migrated from Blogger to WordPress

Posted on May 23, 2010 by Stephen Reese

I haven’t posted in a while because Blogger finally did away with their FTP/SCP publishing ability meaning if I wanted to continue using Google’s Blogger platform I would have to allow them to host my content for me. I don’t mind this except there are small annoyances such as having to still use a third party host for files that are not part of a blog post. I have also never been a real fan of their themes. I’m not much of a designer when it comes to websites, my focus is usually on the technical operations and not making things aesthetically pleasing. WordPress has Blogger beat hands down in this department as there are thousands of freely available themes and plug-ins for their platform.

The flip-side is securing WordPress. There are countless known vulnerabilities to the WordPress platform. There are ways to stay on top of these. First use the general lock-down suggestions provided by WordPress and other sites. Secondly or maybe primarily, stay up on new releases that fix bugs and security vulnerabilities by subscribing to the mailing-list or keeping an eye on their blog. Overall I look forward to the new platform and hope you enjoy the content to come.

Posted in wordpress | Leave a comment

Redirect Blogger URL using Mod Rewrite and shell scripting fu

Posted on February 13, 2010 by Stephen Reese

Blogger is doing away with the option to host your blog via your own host and migrating everything to the cloud. I wanted to have the option to continue hosting my blog on my own server even though as of now I am still hosting with Blogger. The main concern I had was redirecting URLs that blogger had created to a new blogging platform such as WordPress. I looked around and found several methods here, here, and here for redirecting one URL to another. The two primary method were HTTP redirects by modifying the page header or Apache’s mod_rewrite. I like Apache so I opted for the latter.

I only had about 60 posts so creating a few mod_rewrite rules is not a big deal. There were a number bloggers had complaints about Blogger removing FTP/SFTP publishing capabilities and they were considering a migration away from Blogger. This got me thinking about how to help others in transferring thousands blog entries.

I decided to try to automate this process somewhat with a little scripting fu. This could be scripted into a single script and if there is enough interest, I will make it happen.

The first step is to import your Blogger posts into your WordPress database. Blogger can export it’s posts but WordPress does not have a native plug-in for importing the posts in the XML format that Blogger is capable of exporting. WordPress can however import posts and comments from a Blogger Blogspot hosted profile. Create a Blogspot host and import the posts that you have backed up from your main profiles XML file. Make sure to disable search engine indexing for the temporary site so that you don’t hurt your SEO.

The second step is to import the posts into WordPress. This is relatively easy to do, basically login to your WordPress administrative tools and import the blogger posts from your Blogspot profile that you created in the first step. I tried using the recommended tools per WordPress and a third party tool but they did not work very well for me.

Now your WordPress install should have all of your content and comments and your WordPress install is working correctly. This tutorial also assumes you are using the following permalink format for your WordPress posts, if not you will have to adjust this tutorial to your liking:

/%year%/%monthnum%/%postname%/

You will notice that your URL conforms to the WordPress install and not to Bloggers. This means that when you migrate your DNS to point at your shiny WordPress install all of the links that users have bookmarked and the search engines have crawled will no longer be valid. Worse, this could hurt your search engine rankings as it will take time for search engines to realize the new content and during that time you will have duplicate content floating around. Not an ideal situation.

Third step is to determine all of the URLs that your Blogger account was using the XML file that you exported from your Blogger blogs profile. This will produce a file with your Blogger file names. It should be the same as the number of posts you have published on Blogger or in other words imported to WordPress. Note you will need to change the XML file name and domain name to match your settings:

# Produces blogger file names.
sed "s/\(href='[^']*'\)/\1\n/g" blog-02-04-2010.xml | \
grep "href='http://www.rsreese.com/20.*html'" | \
sed "s+.*href='http://www.domain.com/\(20[^']*\)'.*+\1+" | \
sort -ut/ -k3 | xargs -I{} basename {} | sort -u > /tmp/blogger.txt

Next you want to generate a similar listing from your WordPress install that is populated with all of your Blogger content. This involves logging into your MySQL install and exporting a little data.

mysql -u wordpress_user -p
mysql> USE wordpress_db;
mysql> SELECT post_name FROM wp_posts INTO OUTFILE '/tmp/wp.txt';

Next you want to ensure that your post line up from the two files. In my case I had some that were not sorted exactly right, this basically let me know how much manipulating I would have to do. Paste this into a file on your Linux and provide executable permissions such as ‘chmod +x filename’. Then run the file ‘/filename’. Note you will need to specify the paths to your wp.txt and blogger.txt in the small script.

paste blogger.txt wp.txt | while read Line
do set $Line
echo "This is from FileA: " $1
echo "This is from FileB: " $2
done

Lastly lets actually generate the mod_rewrite rules for Apache. Again when this runs the sort function may not match up the file names exactly right so you may have to do some manual manipulation.

paste blogger.txt wp.txt | while read Line
do set $Line
echo 'RewriteRule ^([0-9]{4})/([0-9]{1,2})/'$1'$ $1/$2/'$2'/ [NC,R=301,L]'
done

You probably want to redirect the output to a file so you can go in and fix the values that have not sorted correctly.

The last part of the configuration here’s a section from my Apache configuration file. I have also included a little bit to redirect the feeds though for me this was not very important as I syndicate through FeedBurner allowing me to modify my feed without effect subscribers.

# This has two of my rewrite rules, I have many more but kept it brief for readability.
<Directory /var/www/apache2-default/wordpress/>
RewriteEngine OnRewriteBase /wordpress/
RewriteRule ^atom.xml$ feed/ [NC,R=301,L]
RewriteRule ^rss.xml$ feed/ [NC,R=301,L]
RewriteRule ^([0-9]{4})/([0-9]{1,2})/adding-character-to-line-using-perl.html$ $1/$2/adding-a-character-to-a-line-using-perl/ [NC,R=301,L]
RewriteRule ^([0-9]{4})/([0-9]{1,2})/authenicating-kerberos-against-active.html$ $1/$2/authenicating-kerberos-against-active-directory/ [NC,R=301,L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /wordpress/index.php [L]</Directory>

Finally you should test your setup to determine that all of the links redirect.

sed "s/\(href='[^']*'\)/\1\n/g" blog-02-07-2010.xml| \
grep "href='http://www.rsreese.com/20.*html'" | \
sed "s+.*href='\([^']*\)'.*+\1+" | \
sort -ut/ -k3 > /tmp/full_blogger_urls.txt

Next you can use wget to test the URLs to make sure they all redirect correctly.

wget -i /tmp/full_blogger_urls.txt

This tutorial is not an end all solution is not perfect by any means. It still requires some manipulation of data but if you have a large number of URLs to redirect then you may find it useful. Your mileage may vary though if you have problems or recommendations than drop a comment…

Posted in technology | 2 Comments

A few tools that may help rid of malware

Posted on February 9, 2010 by Stephen Reese

These tools may help rid a computer system of malware but be warned they can be very destructive to your system. In other words if you don’t know what you’re doing then backup what you can and take it to a professional.

  • Ad-Aware – This seems to be a popular click and point tool
  • Spybot – Search & Destroy – Same as above
  • RootkitRevealer – Older tool but still useful
  • GMER – Great manual tool but can cause more damage than good if you do not know what you are doing.
  • HijackThis – Similar to above, if you do not know what to remove manually then be careful as you could damage your system.
  • McAfee Labs Stinger – Detection tool from McAfee
  • Sophos Anti-Rootkit – Requires sign-up to download, annoying to say the least

Of course keep your current anti-spyware and virus installs and definitions up2date.

Posted in security, technology | Leave a comment

Setting up maildrop with Courier MTA

Posted on February 8, 2010 by Stephen Reese

Setting up maildrop with Courier MTA

Before I get into the maildrop here’s a few notes to myself for setting up Courier.

Before running ./configure you should add ssl bin directory to your path
To receive local mail indifferent of caps touch {your/etc/courier/dir}locallowercase

Account postmaster@ HAS to be set up as well in the /usr/lib/courier/etc/aliases/system file

To tell courier about hosted domains,

add domain to, /etc/courier/hosteddomains

then,as root, run makehosteddomains

and to tell courier to accept esmtp connections for the domain

add domains to /etc/courier/esmtpacceptmailfor.dir/domains

then,as root, run makeacceptmailfor

Also, the email account postmaster@ HAS to be set up as well.

Here’s the maildrop stuff:

1. Edit the “/usr/lib/courier/etc/maildroprc” to have “| /usr/lib/courier/bin/maildrop” as your delivery method

2. Create a “$HOME/.mailfilter” file to be read by maildrop, there is no need for the most part of a “.courier” since mail drop is already being used!

3. Make sure your “/usr/lib/courier/etc/maildroprc” doesn’t kill the install IE:

#attempt at a maildroprc file…
if ( $SIZE < 26144 )
{
exception {
xfilter “/usr/bin/spamassassin”
}
}
if (/^X-Spam-Flag: *YES/)
{
exception {
to “$HOME/Maildir/.Trash/”
}
}
#else
#{
# exception {
# to “$HOME/Maildir/”
# }
#}

The commented out part is no good since your “.mailfilter” will never be read so DON’T specifiy the default delivery since no matter what unless specified other wise by an exit command will courier deliver to the default “$HOME/Maildir” also goes for the .mailfilter, no matter where u send the mail to there is no need to send it to the default location unless you have some crazy kaos going on that is beyond my lame howto =)

4. The contents of your “.mailfilter should be something like the following:

“| /usr/lib/courier/bin/mailbot -t autoresponse -s ‘AutoGoAwayMessage’ -A ‘From: test@prcdigital.com’ /usr/sbin/sendmail -f ”

A “autoresponse” file should be created and placed in the same $HOME directory as the “.mailfilter” is located, though a universal file can be created from multiple users to access if desired.

5. “chmod 600 .mailfilter autoresponse”

Also the same user:group that is owner of the Maildir should also own these two files so “chown user:group .mailfilter autoresponse”

or Once you get to maildrop, you don’t want to bounce it. Your best bet is to just drop it. Also, I would suggest using spamc/spamd if at all possible. This is what I would do:

  if ( $SIZE < 204800 )  {      exception {          xfilter "/usr/bin/spamc"      }  }

  if ((/^X-Spam-Flag: YES/))  {      if ((/^X-Spam-Level: \*\*\*\*\*\*\*\*\*\*\*\*\*\*\*/))      {          echo "***** Dropping 15+ Spam *****"          EXITCODE = 0          exit      }      else      {          to "$HOME/Maildir/.Trash/"      }  }  to "$HOME/Maildir/"

You can get rid of the echo if you don’t want an entry in the log when it drops an email.

if ((/^X-Spam-Flag: YES/))

Why double parentheses? This is what I am using and it is not working, though it seemed to work until recently:

if (/^X-Spam-Level: *\*\*\*\*\*\*\*/){      exception {              to "/dev/null"      }}
Posted in administration, technology | Leave a comment

Migrating from Blogger to WordPress

Posted on February 4, 2010 by Stephen Reese

Blogger is removing the functionality to host your own “Blogger” content by disabling the FTP/SFTP functionality from their system. I’m considering their hosting solution or migrating to a WordPress solution.

If I stick with Google’s Blogger hosting then bandwidth should not ever be an issue as they have a distributed computing system. The only downfall is that I’ll probably have to use a sub-domain to host any static files. If I move to hosting my own WordPress then I’ll probably have to increase my virtual host resources since PHP and MySQL will be required therefore using more system resources. This also increases my hosts vulnerability footprint. Not only am I essentially increasing adding two services but WordPress has had its fair share of security issues.

If you want to stick with Blogger the simple alternative is just to migrate to a hosted Blogspot and use custom domains. You can simply point your DNS host domain.com or sub.domain.com to Google’s DNS servers and within a short amount of time you will be up and running again. With this said there are a number of variables that come into play.

Google’s Blogspot does not support subfolders, one alternative is to use a URL redirection to point to the new host which means you will need to search around for the code to insert into the header of your template to accomplish this. Per the migration tool there is no sub-folder support.

domain.com/blog/ –> blog.domain.com

Since Google would hosting your blog there really isn’t a wonderful way to handle this as there is not a provision to use Mod_Rewrite or something similar though with the number of complaints Google has received on their blog they may implement a feature.

If you are considering hosting with another solution such as WordPress then you have more options available to you depending on your hosting solution. WordPress has an integrated import function to import other Blogging but you must first convert you existing hosted Blogger account to a Blogspot solution. Blogger does have an export function but it seems broken per these posts. WordPress also has custom URL functionality so it would be easier to match the format that blogger was using especially if you can utilize Mod_Rewrite.

Personally, I’m still undecided…

Posted in Uncategorized, technology | Leave a comment

God Mode – Give Windows users an easier way to destory their computers

Posted on January 6, 2010 by Stephen Reese

Windows 7 and Vista (latter can be buggy) has an interesting feature that allows quick access to allow kinds of administrative tools.

To create God Mode simply create a new folder on your desktop and name it the following:

GodMode.{ED7BA470-8E54-465E-825C-99712043E01C}

Now you’ll have a quicker way to change settings that will probably lead to the demise of your operating system. Have fun.

Posted in technology, windows | Leave a comment

Google namebench helps find happy nameservers

Posted on December 15, 2009 by Stephen Reese

I was recently checking name servers that I was using to resolve hosts on a network. After using tools such as ping, traceroute, and dig I decided to search around and found Google has a new tool called namebench. Intrigued I decided to give it a shot. There is support for several platforms including Linux and Microsoft Windows. I pulled down a NIX copy and fired up the python script. By default in CLI the tool tests the top 10000 Alexa sites, as a note the GUI tool can test sites from your browsers cache. The tool compares your DNS hosts to several top resolvers around the net including their own. This was neat but I found the real usefulness was the ability to only specify the name servers you want to test. Very cool IMO.

$ ./namebench.py -O 68.87.73.242 68.87.68.162 68.87.74.162 8.8.8.8 8.8.4.4 208.67.220.220namebench 1.0.5 - data/alexa-top-10000-global.txt (weighted) on 2009-12-14 22:09:40.248541threads=40 tests=200 runs=1 timeout=2.0 health_timeout=4.0 servers=10------------------------------------------------------------------------------- Checking connection quality...- Connection appears healthy (latency 55.15ms)- Building initial DNS cache for 6 nameservers [40 threads]- Waiting for health check threads for 6 servers: 0/6.6/6.- 6 of 6 name servers are healthy- Waiting for wildcard check threads: 1/6.....6/6.- Waiting 4s for TTL's to decrement.- Waiting for cache collusion threads: 0/30.30/3030Final list of nameservers considered:------------------------------------------------------------------------------68.87.68.162    68.87.68.162     48  ms |208.67.220.220  208.67.220.220   59  ms | www.google.com. hijacked (google.navigation.opendns.com.), NXDOMAIN Hijacking68.87.73.242    68.87.73.242     62  ms |68.87.74.162    68.87.74.162     78  ms |8.8.8.8         8.8.8.8          86  ms |8.8.4.4         8.8.4.4          88  ms |

- Reading test data from data/alexa-top-10000-global.txt- Benchmarking 6 server(s), run 1 of 1: 1/200.........10.........20.........30.........40.........50.........60.........70.........80.........90.........100.........110.........120.........130.........140.........150.........160.........170.........180.........190.........200/200200- Rendering template: ascii.tmpl- Saving rendered ascii outputFastest individual response (in milliseconds):----------------------------------------------68.87.68.162     ############################ 32.3729568.87.73.242     ################################# 38.33604208.67.220.220   ################################# 39.3879468.87.74.162     ########################################## 49.346928.8.4.4          ##################################################### 63.433898.8.8.8          ##################################################### 63.49301

Mean response (in milliseconds):--------------------------------8.8.4.4          ########################## 67.3568.87.73.242     ################################## 90.548.8.8.8          #################################### 95.2468.87.68.162     #################################### 95.31208.67.220.220   ######################################### 108.8568.87.74.162     ##################################################### 142.74

Response Distribution Chart URL (200ms):----------------------------------------http://chart.apis.google.com/chart?cht=lxy&chs=720x410&chxt=x,y&chg=10,20&chxr=0,0,200|1,0,100&chd=t:0,20,20,20,21,21,21,24,27,49,59,67,116|0,1,12,40,57,63,69,73,77,80,84,87,91|0,16,17,17,18,19,25,26,29,35,39,51,77,95,102|0,1,14,28,48,53,56,60,65,69,72,76,80,83,87|0,19,20,20,20,21,21,23,24,26,36,56,69,90,112|0,1,8,30,45,50,54,61,64,70,73,77,80,84,87|0,25,25,25,26,27,45,46,49,51,57,71,77,91,116|0,1,5,33,39,47,50,54,58,62,65,69,73,77,80|0,32,32,32,33,33,34,34,35,38,48,53|0,1,7,28,55,65,80,88,91,95,98,100|0,32,32,32,33,33,34,34,34,37,41,50,63,78,126|0,1,7,28,44,54,66,70,74,77,81,85,89,92,96&chco=ff9900,1a00ff,80ff00,ff00e6,00e6ff,fae30a&chxt=x,y,x,y&chxl=2:||Duration+in+ms||3:||%25|&chdl=208.67.220.220|68.87.68.162|68.87.73.242|68.87.74.162|8.8.4.4|8.8.8.8

Response Distribution Chart URL (Full):---------------------------------------http://chart.apis.google.com/chart?cht=lxy&chs=720x410&chxt=x,y&chg=10,20&chxr=0,0,1333|1,0,100&chd=t:0,3,3,3,3,3,3,4,4,7,9,10,17,23,62,100|0,1,12,40,57,63,69,73,77,80,84,87,91,94,98,100|0,2,2,3,3,3,4,4,4,5,6,8,12,14,15,19,22,24,60|0,1,14,28,48,53,56,60,65,69,72,76,80,83,87,90,94,97,100|0,3,3,3,3,3,3,3,4,4,5,8,10,13,17,20,23,25,32|0,1,8,30,45,50,54,61,64,70,73,77,80,84,87,91,94,98,100|0,4,4,4,4,4,7,7,7,8,9,11,11,14,17,19,22,25,28,45,67|0,1,5,33,39,47,50,54,58,62,65,69,73,77,80,84,88,91,95,98,100|0,5,5,5,5,5,5,5,5,6,7,8|0,1,7,28,55,65,80,88,91,95,98,100|0,5,5,5,5,5,5,5,5,6,6,8,9,12,19,55,69|0,1,7,28,44,54,66,70,74,77,81,85,89,92,96,99,100&chco=ff9900,1a00ff,80ff00,ff00e6,00e6ff,fae30a&chxt=x,y,x,y&chxl=2:||Duration+in+ms||3:||%25|&chdl=208.67.220.220|68.87.68.162|68.87.73.242|68.87.74.162|8.8.4.4|8.8.8.8

Recommended configuration (fastest + nearest):----------------------------------------------nameserver 8.8.4.4         # 8.8.4.4nameserver 68.87.68.162    # 68.87.68.162nameserver 68.87.73.242    # 68.87.73.242
Posted in Uncategorized, technology | Leave a comment

I’m certified to handle ninjas and stuff

Posted on December 3, 2009 by Stephen Reese
After passing my previous certification the GPEN I decided to take on the GIAC Certified Incident Handler (GCIH). I decided to save a few dollars this round and challenge the certification without purchasing the full course which comes with a test voucher since I had done well on the GPEN. The test was straight forward and the topics closely resemble the Certification bulletin. I guess my fu was strong yesterday as I was able to pull off a passing grade and add another great certification to my list of skllz.
Posted in Uncategorized, technology | Leave a comment