I found a todo list from when I was in college. I was such an ambitious young chap…

• Convert DIP -> FreeBSD
• DNS
• SMTP (Aliases for archives,jobs) + Appropriate

mailing list filters (test on DUALLY-procmail?)

• Web Server
• Configure DIP’s kernel on DUALLY for expedient upgrade
• Make sure UID’s & GID’s line up
• Configure NFS, NIS+? on DIP
• Make move to qmail?

Here’s some other interesting ones from work.

• at rdisk /s - every workstation - 1 hour
• at “windowsupdate” ??? - 1 hour
• Disable unneeded services on servers - smtp, ftp - 1/2 hour
• Network Documentation - 1 day
• What do I have to restart upon server reboot, what Oracle databases - 1/2 hour

Hehe, I always enjoy finding old stuff like that.

I was going through all my stuff in preparation for my move tonight, when I came across an old newsgroup posting I had printed out back in ‘97 - How to send fake mail. This was where I first learned how to connect to an email server and send email using SMTP commands.

Ah, memories…

A couple next door just recently got a new little lab pup. I don’t think I’ve seen them take it more than 20 ft. from the house. Now I’m not always around, but I’ve been home more often than not lately due to my move coming up and I could swear I haven’t seen that poor pup go farther than just down the street. It’s always jumping around and trying to play, too, and they just yank the poor thing back inside.

I don’t know if I could ever have a dog, or at least a decently-sized dog in the city. It just seems so cruel.

The worst is this other family that plays fetch with their dog on the sidewalk. They toss a stick and it clatters quite sadly down the sidewalk. Oh well, at least they’re playing with the pup.

I was talking to somebody recently (although I can’t remember who now…) who said that I absolutely must try Ignotz Ristorante in little Italy if I like authentic Italian food.

Back to packing…

MusicBrainz - Now I can tag my entire collection!

A few random links before I upgrade Firefox.

• MPLS is growing
• Enumerate AS/400 users with POP3
• Tired of your music selections?
• Build a bluetooth sniper rifle
• CSS Zen Garden …I love this site
• How to play mp3’s on your website
• Some code I want to hack up sometime…

Yea, that’s about it…except for this linguistic profile I took…

Oh boy, do I hurt. It’s been quite the weekend.

Friday was the annual busy-season party at which I played a couple games of some serious volleyball, giving me tight neck and shoulder muscles the rest of the weekend.

On Saturday, we went for a 20-mile bike ride out in the burbs, making my leg muscles tight for the rest of the weekend.

And today, Stacey, Zoe and I all did a 5K and we all meet or beat our goals. It’s the first race I’ve ever run and while I feel like I am going to die now, it was pretty fun.

Holy cupcakes, Batman.

Anything that’s got ganache in the recipe has to be good.

iDefense announced a vulnerability today in Microsoft’s HTML Application Host (MSHTA).

Note: As of today, this issue has been addressed by MS Security Bulletin MS05-016 - Make sure you’ve updated!

MSHTA’s are a notorius problem and are still in use as a very convenient means of executing code on a target host. Since I have nothing better to do but clean up my place and pack all my belongings so I can move in a couple weeks, I figured I’d write up a little proof of concept.

The only difficult part was determining how the CLSID was stored in the file, as it is not formatted the same way it is in the registry. A little trial and error proved to be quicker than finding MS documentation.

Instructions are in the doc. This will not do anything malicious to your system. I would recommend saving this to your system. Double-clicking it to read the Word doc and then renaming it to some unknown extension “.bob” and double-clicking it again.

Enjoy: iDefense MSHTA PoC

I must be tired or something, but ponder this while pulling down your Monday morning donut and coffee.

Imagine for just a second that Apple wifi-enables the iPod. Now the F-Secure weblog has all kinds of information about mobile phone viruses and even have a new job opening for just such a position. So, as predicted, that sector is growing quickly.

Now let’s go back to the wifi-enabled iPod. Let’s assume for the sake of ease that bluetooth has also been enabled. With 4.5 million iPods sold in the last quarter of 2004 alone, the estimated iPod userbase is estimated to be around 15 million at this time. 15 million iPods. 15 million runners and joggers and iPods all talking to each other. 15 million iPods getting infected by malware and launching a DoS attack on the Internet. *ouch* Now let’s not be vendor-biased here. Since iPod decks out their mp3 players, all the other vendors will as well. But the virus will be smart and able to jump from mp3 player to mp3 player via bluetooth, infect it, and sit patiently waiting for orders from it’s master.

Just a wacky scenario that popped into my head this morning, but could you imagine the chaos? Not to mention you’d probably lose all of your songs…bummer.

I’m not saying this will happen or that Apple will enable the iPod in this manner and this will actually play out in our universe, but man that would hurt if it did.