Monthly Archives: August 2003

I didn’t do it.

Posted on by
Reply

I hesitate to mention this for a variety of reasons, but the fact that I found a Simpsons reference to fit the situation compels me to post it: I’ll apparently be live on Greta Van Susteren’s “On the Record” tonight at about 7:00pm PST on the Fox News channel (cable – check your local listings).

Yup, it’s about Smart Mobs, FlockSmart and that whole jazz. I’m a shade nervous and completely, totally bemused by it. I feel like my 15 minutes ended at least 30 seconds ago, but perhaps my watch is broken. When this thing runs it course, look forward to a full writeup of the experience. It’s been positively surreal.

I mean, why does no one want to interview me about RobZazueta.com, dammit?

Retouched

Posted on by
Reply

I am both humbled and made to feel more comfortable about my photographic abilities by this. Wow.

Protecting You And Your System From Network Attacks

Posted on by
Reply

by Rob Zazueta
Aug. 12, 2003

Many IT professionals across the world are currently scrambling to remove a malicious piece of code that was secretly installed on some machines due to a vulnerability in the Windows operating system. Anyone running Windows NT 4.0, 2000 or XP has the potential to be affected by this, including home users.

This is not the first time – nor will it be the last – that a Windows vulnerability threatened so many users. Many will take this as yet another reason to switch to another, perceivably more secure, system such as Linux or one of its variants. However, some simple maintenance and good network planning can help to minimize the threats to your system’s security no matter what operating system you use.

Worms, Trojans and Viruses – Oh My!

The word “virus” gets thrown around a lot as a description for any malicious program set loose on your computer. What is often termed a virus, however, may be a trojan or a worm. The difference is how they spread.

A virus is a small piece of code that attaches itself to a legitimate program. It can be accidentally run in the normal course of using that program and spreads by copying itself to other vulnerable programs. Eventually, the virus may activate and perform some activity that can damage your computer or its data or send some of your personal information to a place where malicious users, known as “crackers” (NOT hackers), can get it and use it to potentially steal your identity or purchase items on your credit. Often times, a virus may infect a computer and simply do nothing other than take up space.

A worm is a program that copies itself from machine to machine as a separate program, often disguised as a system application. A worm can also take advantage of open ports and software vulnerabilities (as described in the article) to spread itself and, potentially, wreak havoc on the network. Many recent worms have been used to perform “distributed denial of service”, or DDOS, attacks on public servers. A DDOS attack works by having dozens, sometimes hundreds or thousands, of computers simultaneously begin sending data to a specific public server. That machine can become so overwhelmed with network requests that it shuts down or simply stops responding, effectively taking it offline.

Trojans, so named for the famous Trojan Horse of ancient Greek literature, are often actively downloaded by users who think they are games or useful applications. They are often spread in emails or found on dubious websites that tell you that you are downloading something other than what you expect. The best way to keep from downloading a Trojan is to never open email attachments from people you don’t trust or grab a program from a website that you know little about.

Most of these malicious programs, often called “worms” or “trojans” depending on how they proliferate, can be prevented from being installed on your system by following some simple rules:

  • Never open an email attachment unless you know what’s inside. This typically means that you should never open an attachment from someone you don’t know. But, with the spread of small programs that can replicate by automatically sending themselves to other users using the email address of an infected system’s owner, it’s smart to ask even your friends what they sent you before attempting to open it.
  • Install a commercial virus protection program that also scans incoming and outgoing emails from your computer. Always make sure that the virus definitions are up to date. See the resources box for some suggestions.
  • If your home computer connects directly to the Internet through a cable or DSL modem, purchase a commercial firewall program or install a hardware router with a built-in firewall. Make sure that, whichever solution you choose, you block incoming access to any ports that you do not actively run a server on. For suggestions on software and hardware firewall solutions, see the resources box.
  • Always make sure your operating system and any applications are completely updated. Many operating systems, including Windows and RedHat Linux, have update applications that compare the state of your system with the most up to date patches available for it and make recommendations about what you should do to get up to date. Usually, installing these patches is free and is as easy as clicking a couple of links. A good plan is to check for and install any updates at least once a week.

Firewall Solutions – Protecting Your Network

The most useful of these suggestions is often also the most intimidating for people new to the Internet. A firewall acts as a configurable barrier between the Internet and your personal network. Even if your personal network consists of just one computer, a firewall can go a long way to protecting your system from intrusions.

Firewalls can be configured to control access in both directions between the Internet and your personal network. Computers connect to one another across the Internet using “sockets”, which can be thought of as invisible pipes that transmit information. In order for one computer to create a socket to another, it must use a free “port” to access another, predetermined “port” on the other computer. For instance, in order for your web browser to access a web server, it must use one of its free ports to access the port numbered as 80 on the computer serving web pages. You computer knows to connect to the other computer’s port 80 because that is the standard port used for serving web pages. Keep in mind that these are “invisible” software ports and are not the same thing as the holes on the back of your computer.

If you don’t serve web pages from your computer or, for that matter, your network then there is no need to leave your port 80 open for outside access. For most personal computer users, the same can be true for a majority of standard ports. Leaving these ports open to the outside world can leave your system vulnerable because some applications on your machine may listen to those ports for connections without your knowledge. The Blaster worm, for instance, takes advantage of the fact that most Windows machines use ports 135, 139 and 445 to listen for connections for Microsoft’s Distributed Component Object Model, which allows applications to use code located on remote machines. While not every machine running Windows uses this functionality, it is installed as part of the default configuration in many instances.

A firewall solution allows you to block the ports from outside access that your network doesn’t need open while still allowing you to freely access the Internet from the inside. While it wouldn’t keep you from downloading malicious code as part of your regular Internet surfing (the only way to prevent that is to never download anything you don’t trust and to install an antivirus application and keep its definitions up to date), it does keep malicious programs and user from taking advantage of certain vulnerabilities without your knowledge.

Software firewalls like Zone Alarm and Black Ice Defender can be installed on a computer in your network to protect it from any malicious activity. In situations where you have one machine connected directly to the Internet through a cable or DSL modem, that may be all you need. For larger networks that share a network connection, however, it’s advisable to either configure a computer as a “gateway” that all other computers on the system must go through first before accessing the Internet and install the firewall software on just that machine or, an even better and simpler solution, install a hardware firewall between the Internet and your network.

A hardware firewall is a device dedicated to nothing else than protecting your network using the rules you provide it. Many commercial DSL and cable modem routers, like the ones from Linksys and D-Link that allow you to share a single Internet connection, include a hardware firewall inside the device. These firewall/router combos can typically be configured using a web browser from within your network and are a quick, inexpensive and effective way to protect your systems from intruders. If you have one of these devices, check the manual to see whether it includes a firewall and how to configure it.

With the combination of a good antivirus program, a solid firewall and a little bit of diligence on your part, there’s no reason to assume the worst the next time you hear about a serious network vulnerability.

Resources

Firewall Software

Consumer Firewall Hardware
The following companies offer consumer-grade routers and switches with firewalls built in. They can also be used for small business solutions. I personally have experience with both Linksys and D-Link and like them both, but the differences are often just a matter of price and taste.

Antivirus Software
Both Symantec (Norton Utilities) and McAfee (now owned by Network Associates) have long been leaders in this space, but with security concerns on the rise the market has been blown wide open.

Staying on top of Threats
There are all kinds of bogus virus warning out there as well as security vulnerabilities not well publicized. The following sites help separate the real threats from the fake and keep you informed of threats to your system.

  • Trend Micro’s Security Information – Get the scoop on the latest works, trojans and viruses and make sure your software is up to date.
  • CERT Coordination Center – Operated by the Carnegie Mellon Software Engineering Institute, CERT is the place professionals turn to for the latest in all security vulnerabilities. Get on their CERT-Advisory list to be among the first alerted to an issue.
  • The SANS Internet Storm Center – One of the leading authorities in system security, SANS maintains this site to track the spread of certain vulnerabilities and assess the danger they pose.

Star Struck

Posted on by
Reply

Sometime around 1991, a geek from Finland posted some code he had written to create a small Unix-like operating system for Intel x86 processors for other geeks to review, use and improve upon as they saw fit. In the more than ten years since, that little piece of code has become a screaming success, powering hordes of corporate computers and embedded systems around the world and offering up some very real, very tough competition to established stalwarts like Sun and Microsoft, making the guy who first wrote that code something of a legend of mythical proportions in the eyes of geeks everywhere.

And today I got to shake his hand and thank him.

LinuxWorld is in town at Moscone Center this week and I grabbed a free “Exhibition Only” pass a few months ahead of time in anticipation. I’ve spent the last two lunch hours roaming the hall and gathering swag, as well as some interesting information. Truth be told. I sincerely doubt the AAC will ever drop Microsoft in favor of Unix, despite the fact that Microsoft products have already proven themselves to be a massive headache. There is entirely too much opposition against anything new here, which is why innovation is so hard to come by and there’s such a severe morale problem. So events like LinuxWorld offer a little bit of an escape for me. They let me get back in touch with my geek roots and show me that, no, the tech world is not as bleak as it seems.

As I sat through a Red Hat demonstration (I wanted one of the cool red hats they were giving away… and I had some time to spare) I glanced over and saw a woman who looked *exactly* like an ex-girlfriend of mine. I found myself suddenly sitting somewhere between panic and the desire to say hello (no, I don’t know what I was thinking. “Hi, *****, how are you? Oh, me? Great! Getting married in November to a great gal who I am very much in love with. Wanna come to the wedding?”) and decided, as always, that the best move was to remain still and do *nothing*. Besides, it was highly unlikely that it was her – what the hell would she be doing at a Linux conference? She HATED computers. So I sat through the presentation, got my hat, then ambled around the hall, half looking for her so that I could debate whether I wanted to run into her or not.

All of a sudden, I saw a glimpse of a very familiar face walking in front of me. The quest for the ex took a sudden detour as I tried to figure out why I knew this guy. He kinda looked like a picture I’d seen, but he also kind of looked like a guy I used to work with named Karl. He was heading in my direction, so I sort of followed him while I put it all together. I quickly jumped ahead of him and, finally, turned around.

“Excuse me, but has anyone ever said that you look a lot like Linus Torvalds?”

He smiled and, in a light Scandinavian accent replied, “Yes, I hear that often.”

“That’s ’cause you are Linus Torvalds, huh?”

He smiled bigger and nodded.

I shook his hand, “Thank you for all of your contributions. I genuinely appreciate it.”

He smiled like a guy who got this treatment a million times a day but never really tired of it and said thanks. And that was that. I had my camera phone on me and flirted with the idea of being a major dweeb and asking for a picture, but he was clearly on his way somewhere and, frankly, this is a guy who seems to like a little bit of anonymity. I figured the last thing he needed was some start struck geek (ok, probably the 40th of the day, or possibly hour) fawning all over him.

But I find it remarkably refreshing that he was just wandering around the show floor, bag in hand, just another geek in the geek kingdom. I know a couple of people recognized him – they gave him those waves you give people that you know but they don’t know you and they wave back like, “Yeah, it’s me, thanks for acknowledging.” – but they didn’t flock around him or anything. And, really, that’s why shaking his hand is so cool, way cooler to me than shaking the hand of a Hollywood celebrity or whatever. This guy is just a geek. He’s a geek who worked with other geeks to develop the platform that is now considered the de facto geek platform. He took a little risk – according to his book, he wasn’t really sure if his code was even good enough to release – and it paid off big.

And that, to me, is something of an inspiration. I’m remarkably risk-averse. For the most part, when it comes to finances and emotions, I tend to play it safe. This explains while I’m still toiling away for someone else instead of working for myself and why it took me so long to find “the one”. With Dani, I felt I took a lot of risks. I really put myself out there. And now look at us: in four months she’ll be my wife, and I genuinely couldn’t be happier about that, or really much else for that matter. It’s just plain, freakin’ wonderful.

When I was writing, I read all the time about folks who complained that they were failures as writers, not because of all of their rejections, but because they never submitted their work to begin with. They were too afraid of criticism and having to face the possibility that they may be fooling themselves. Then you look at the successful authors who tell their tales of being rejected over and over again until, finally, someone recognizes the brilliance of their work, publishes it and makes them successful beyond their expectations. Linus could have chosen not to post his work for fear that the other geeks, who are a notoriously rough and critical bunch, would peg him as a fake. But he posted it anyway and took that risk. And it paid off big time.

I need to take more risks. I need to take a clue from Linus and, frankly, from myself and just lay it out there. Of course, you never just take the risk of jumping off a building and hoping to survive without first planning how you will obtain a parachute and whether it will open in time to save you from the inevitable concrete bellyflop. So I need to take a more calculated risk. May take some time to calculate and wait until the weather is good for it (getting married in and of itself is a big risk, so I may want to wait until that’s complete), but I’ve felt very strongly about this for some time now and I’m resolved to take some action. Besides, I’ve seen both sides of the coin and, frankly, I don’t feel I have a lot to lose.

P.S.

…LINUS FREAKIN’ TORVALDS!!! </geekout>

Smart Mob Tips from the Community

Posted on by
Reply

I shot off a couple of quick questions to the folks on the SFBA Mob list this morning. Before anything else, let me just say that the folks on that list are, by freakin’ far, the coolest people on the planet. They have been shockingly positive and supportive in the face of everything and have given me nothing but positive, useful feedback. You guys are the best!

So, here’s some of the feedback so far:

  • Flocks are best held in the after-work hours, usually around 6:30-7:30. It’s generally just easier that way.
  • Despite their purpose of spontaneity, it generally helps to have at least a day’s notice before the mob should commence. This seems counterintuitive to me, but it also happens to be reality – not everyone can drop everything to spin across an intersection, go to a bar or play kazoo in a Santa hat.
  • Performance art isn’t for everyone. I had quite a few people tell me they specifically didn’t attend the kazoo flock because the idea of playing kazoos in public like that kinda bugged them out a bit. I figured folks would be cool with it if they were able to blend into the crowd. And, of course, while I’m usually up for making myself el dorko grande, I should understand that I’m a bit, shall we say, unique in that area.
  • Mystery rules. A *LOT* of people are put off by the fact that I announce the whole event ahead of time. I don’t do the “slips of paper in a bar” thing because I kind of want to use the personal tech that folks have for the announcements. Then again, I also send emails that are necessarily longer than the 160 character SMS limit.
  • Lots of folks are from other parts of the SF Bay Area (duh, kinda). It’s hard for them to get to the city. The East Bay and South Bay are both crying out for flocks. We should heed that call.

So, in two flocks that I have organized (both disappointingly small), I have learned A LOT. Again, you guys freakin’ rock. I’m gonna get back on the horse, hopefully some time this week. As for mystery, I’m still somewhat against the “slips of paper in a bar” thing, primarily because it’s been done. But I also want some of our younger flockers to take part. So I’ll be looking for some better ideas there, and I welcome any you may have.

Thanks a bunch!