The folks at WebProNews.com are carrying my MRTG article series.  Check it out here: http://www.webpronews.com/authors/beaumonday.html

It's been a busy week, and I'm working on an advanced MRTG article (and a secret project that you will all love!), so I haven't had much time to post.  I've had a few things I wanted to quickly mention, so I'll do it all in a quickie post and we can all get back to our beers, eh? Another Addison-Wesley book that I need to buy as soon as it ships: Windows Forensics and Incident Recovery My friend Mixa sent me a link to SecurityDocs.com, which links to over 2200 docs on information security topics.    I'll add that to my list of good...

I was just telling someone on Monday that the IP address on my cable modem never changes.  And since I'm Fate's favorite plaything, it has changed 2 times in the last 36 hours. For some reason, the dyndns feature of my router is not working, so the changes are not getting picked up.  I am running a client on one of my computers now, and it will check my IP address every 10 minutes and update my DNS servers at dyndns.org if it changes. And now that I've done all that, it probably will be another year before it changes again.

This just in:  BSQUARE announced today that it has discontinued manufacturing for the Power Handheld device (codename: Maui). From the press release: BSQUARE (Nasdaq: BSQR) announced today that it has ended the manufacturing of its Power Handheld hardware device and restructured the Power Handheld business unit. The company will continue to sell the enabling software included in the device to smart device makers as a complement to the consulting services and software that the company offers today. [...] As a result of this action, the majority of the Power Handheld personnel were terminated with the remainder reassigned into product development initiatives or retained...

The fine folks at NetworkNewz.Com have reprinted my recent article on using WMI with MRTG.

A book that I have been anticipating all year has finally started shipping: Richard Bejtlich's The Tao of Network Security Monitoring. My copy is inbound.  I suspect this will be a cover-to-cover job as well, after taking a look at the table of contents (pdf). You know, I just realized that over half of my (substantial) book budget over the past 12 months has gone to Addison-Wesley productions.  Those folks have put out some damn fine books lately.

Those who know me, or have looked at my (outdated, I just realized) Bookshelf, know that I consume technical books.  But I don't read them cover to cover, that's boring.  I buy books mostly on the depth of their index, because that's probably the first thing I am going to look to if I need something answered. However, there are a number of exceptions. The latest exception to this trend is the 2nd edition of Know Your Enemy, by the fine folks at The HoneyNet Project.  And that's not just because of my borderline-stalker admiration for a certain former tank commander either (Lance is...

Dana linked to a great article at BleepingComputer.com that explains some simple steps you can take to see if your system has been hacked. It doesn't cover everything, but it's a pretty good start, and the process will expose 90% of the rootkits script kiddies are currently using.

If you followed my instructions for setting up MRTG on a Windows platform, you are probably logging every MRTG cron job to %SYSTEMROOT%\system32\mrtg.log.  And that log, by now, is probably in the several hundred megabytes range. I deleted a 700MB log file from an MRTG system that monitors about 30 systems yesterday. To disable logging entirely, which I recommend once you get things working smoothly, simply remove the “--logging=mrtg.log” bit from each of the cron jobs in c:\mrtg\cron\crontab and copy that to %SYSTEMROOT%\system32\crontab (you will need to halt the cron service before you copy the file over, then restart it again afterwards).  You...

Nothing personifies the collective “Fuck you” we each give to our fellow man more than a visit to the movie theaters, and I'm about fed up. Pretty much every time we've gone to the movies in the past 6 months, SOMETHING happens that makes me look wistfully skyward, hoping to see a meteor, comet, that bunch of nukes Superman threw at the sun but they missed because the sun moved and now they went around and are slingshotting back at us, SOMETHING to put the human race out of our collective misery so the rest of the planet can go on...

Rob over at NetSec linked to an IIS Hardening Checklist over at the UW.  While IISLockDown takes care of many of these issues for you, there are some good permissions tips in the checklist. There's a couple things on it that will make it onto my Data Center Team's hardening procedure, I think.

Logger.pl is a perl-based analysis tool for analyzing the Security Event Logs from one or more Windows-based systems, aggregating “interesting“ events in a format that is much more manageable.  It's a great tool, and one I intend to start using much more often. After struggling with getting Logger.pl working on a system today, I figured I would write a quick how-to on getting it up and running: Basic Analysis of Windows Security Logs with Logger.pl I hope someone finds it useful.

I've received a number of emails from people getting the error “Possible precedence problem on bitwise | operator at c:/mrtg/mrtg/bin\..\lib\mrt g2/BER.pm line 619“, usually when running the Update_MyRouters.bat script. I've found the solution, after much investigation. Open BER.PM in your favorite text editor and change line 619 to read: return error ("Sequence expected") unless $result == sequence_tag or constructor_flag;(Changing the "|" to the word "or") Save the file, and you're golden.

A few years ago, in 2000 I guess it was, I took a 2-week tour through Italy and Greece.  I'm just now getting around to going through the pictures.  At least *act* surprised, you bastards. In the “Image Galleries” section on the left, you will see a bunch of new image galleries that I stayed up all night making.  I tried to break them out by city. My recommendations: Florence:  The center of the intellectual universe for centuries, and the final resting place for the likes of Galileo and Michaelangelo.  Pics include Michaelangelo's David, among other great works of art. Vatican:  I smuggled some pics from...

James Lileks opens a can of whoop-ass on poor Michael Moore.

If you get bored, there is a quite lengthy roundup of good news coming out of Iraq over at Arthur Chrenkoff's blog.  It's a fantastic read if you can spare the 15 minutes or so.  It's part 5 in a series.

On a belated note, I wanted to wish Iraq a happy Independence Day, during a time of the year when Americans also reflect on what it means to be free.  Let us hope that America and Iraq can continue to celebrate such times together in the years to come. I wanted to point out a few gems from some of the Iraqi blogs I follow regarding the recent handover of power to the Iraqi people: Alaa, of The Mesopotamian writes a heart-felt missive about his feelings on the day Independence came to Iraq: Never has the world known such a nation, willing to...

As I mentioned ever-so-briefly before, I traded my old faithful grocery getter in on one of those new stretch Wranglers.  The Wrangler Unlimited, as they are now called, are 15 inches longer than the usual Wrangler, which brings their cargo capacity inline with my Liberty.  But instead of the Liberty's offroad-challenged suspension, the new Wrangler Unlimited has all the off-road prowess that is synonymous with the Wrangler name. It's truly the best of both worlds. It sure was nice to say “I want a 4-inch lift and 33-inch tires” and hear the guy say “You got it” instead of “What, on THAT?” For...

Chris Dos, of Open Innovations fame, stopped by about a month and a half ago now (yeah I suck) to let me know he has updated his MRTG bundle with the latest binaries for MRTG and associated apps. This is the core package used in my recent article Installing MRTG on a Windows Platform. You can get the updated bundle at http://www.open-innovations.com/mrtgbundle.html. Thanks Chris!

It's been way (way) too long since I did a BSQUARE Alumni Page update, and for this I apologize wholeheartedly.  Between my recent flurry of travel, my big June deadlines, and setting aside some time for my wife, the Alumni page has languished.  But I'm here to make it up to you, good readers.  Bear with me here. First the updates: Added: Art Opmeer Johnny Yi Updated: Chao Chen Dave Orvis Jeff McLeman News: On the weekend of July 14th, BSQUARE will be moving into new offices at 110 110th Ave NE in Bellevue.  Unless their cable guys decide to dyke off the T1 lines again, that...

June is finally behind me, and the projects I had to get done in June got done.  Though it was a good thing that June didn't end at 5:00 PM on the 30th! I should be able to get back on track here on the blog.  I have a number of things that I have been meaning to post about: BSQUARE Alumni Page updates are long overdue, my email is full of them The guy responsible for the MRTG Bundle has updated it to include the latest binaries, and I owe him a post on that subject. Speaking of MRTG, a couple...