Friday, December 31, 2010

little depressing

just did a home body fat % check. Using the same site and tools I've used in the past

Waist (at belly button) - 45
hips - 44
forearm - 13
wrist - 7

(inches)

BF% - 24.9.

Saturday, December 25, 2010

training Log 2010-12-25

Went for a 1.89mi c25k run/walk today Same route as day 2. Finished it faster. Thought I was going slower, but hit what was the "finish" with a minute left to go on the cool down

Friday, December 24, 2010

training log 2010-12-23,24

Forgot to log them last night.
Pullups for 12-23
3, 3, 2, 1

--------------------------------

pull ups for today
4, 3, 2, 1

--------------------------------

Not feeling good, so probably going to skip the run until tomorrow.

push ups later.

played around with the suspension trainer a little tonight, but just feeling ugh over all.

Wednesday, December 22, 2010

Training Log 2010-12-22

Day 2 of couch to 5k.
28 minutes 30 seconds
341 calories. Felt better than Monday.

Sucky thing, the GPS didn't work so no idea how far I went.

--------------------------------------

Fighter Pullup
3, 2, 2, 2, 1. Lost count did an extra set of 2.

--------------------------------------

Push-ups.

10, 12, 8, 8, 15 (53)

--------------------------------------


Not going to be doing the ETK this week after all. Haven't been able to fit it in time wise. Maybe after the first of the year, when I finish studying for a cert.

Tuesday, December 21, 2010

training log 2010/12/21

Didn't get to ETK last night, something else came up.

Pavel's Fighter Pullup Challenge
Max Rep 3 day 2
3, 2, 2, 1 (7 pullups, with my thickest band)
Calorie count: ?? probably 19 like yesterday.

-----------------------------------------------

Tonight's plan:
ETK week1 day 1

Monday, December 20, 2010

Training Log 2010/12/20

Ok, this is going to get updated several times today:

Morning run (couch to 5k)
Day 1: 1.87 miles in 28 minutes 30 seconds (roughly 15 minutes 15 seconds per mile).
mix of walking 5 minute (warm up), eight 1 minute runs / logs, and 90 seconds rest between, with 5 minute cool down.

Calorie count: 375

-----------------------------------------------

Pavel's Fighter Pullup Challenge
Max Rep 3 day 1
3, 2, 2, 1 (7 pullups, with my thickest band)
Calorie count: 19

-----------------------------------------------

100 pushup challenge week 1, day 1.
set count, 10, 12, 7, 7, 10 (46 total, but at a much slower pace than usual).
Calorie Count: 60

-----------------------------------------------

Still to go:

ETK week 1, day 1.

Saturday, December 18, 2010

no more games

2011 will be a hell of a year. I will get in way better shape or destroy myself trying.

I will do 100 push ups. I will get to the point I can do pull ups without assistance. I will loose weight. I will do ETK (workbook) from beginning to end with 16kg.

I will run a 5k (4/3/2011).

It's going to be a busy time between now and race day. All of the above are my goal by then. Pain starts Monday. I'll be using the couch to 5k program. Already downloaded training material to my phone.

Monday, December 13, 2010

passwords below

yes, I know I posted passwords below. The only place they were ever used, to my knowledge, was on Gawker, and they have been changed since then.

Gawker breached prior to nov 8th.

So normally, I'd not jump on the sky is falling bandwagon. Really all you can do is change your password everywhere, and then move on.

I have a Gawker account for Lifehacker. I also tend to forget my Gawker password a lot, since I don't leave many comments at LH. So, since I tend to forget it, I just leave it the temp password they send me, and get it reset when I need to.

I saw this tweet from @0ph3lia on twitter tonight:

RT @georgevhulme: RT @headhntr: Gawker source code and database on The Pirate Bay - http://thepiratebay.org/torrent/6034669

I figured what the hell, I'll get the file, see if I'm in it, and what my password is. My password wasn't in the parse_db.txt file, so for fun, I ran John the Ripper against my hash. I'm still learning the tricks with JtR.

First thing I noticed there are 2 hashes for me in the full db text file.

username ::: oKIw1WwUpNP3E ::: $2a$10$f42plGhxPm5Xv1K37keWiO3onjZEfoFWCAIQRWPvYRW5.BZiZ5sCa ::: username@webemailprovider.com

The first one is DES, the second one is Blowfish.

I copied that into 2 files on my BT4r2 box. 1 for each hash. Then I created a password file with my saved password from firefox, and the most recent email I got from Gawker.

Neither password matched. So I went through my email archive and got every password reset email I still had from Gawker.

The password that worked was from September 4th 2009.

============================================
Email from 2009
============================================

Gawker Comments to me show details 9/4/09

You (or someone you know) has requested that your username and password for Gawker Comments be emailed to you. For security purposes, your password has been reset.


Login: username

New Password: ZMvnRxw


============================================
email from November 8th
============================================

noreply@gawker.com to me show details Nov 8

You (or someone you know) has requested that your username and password for Gawker Comments be emailed to you. For security purposes, your password has been reset.


Login: username

New Password: Usql2Aw
----------------------------------------------

I know that I changed my Password on 11/08/2010, as you can see from the emails. Since the files were using a password from before than, I know that the breach happened prior to 10:20 am on 11/08/2010.

Don't know if anyone else is really interested in that part.

Tuesday, December 7, 2010

interesting

So a year ago, the company I work for moved. One of the thing that needed to be done was readdressing our Citrix XenServers. I was busy working on Layer2/3 switch problems, so someone else did the address change. Unfortunately one of them didn't work right after. The address was changed (by following Citrix's documentation). However networking and XAPI would fail to start. Networking had to be started by hand. (By the way, you have to bring up both the physical and xenbr interfaces for it to work).

This week I'm looking at erroneous traffic on the network. One of the things I noticed was the bad XenServer trying connect via port 443 to an old ip address.

Looking at it, /etc/xensource/pool.conf had the old address in it. So I commented it out. Then rebooted. Brought the network up by hand, and decided to try and figure out what the deal was.

Googling around, I found information to try using the xe commands to make network configuration changes. Problem is, you need xapi running for xe to work. restarting XAPI doesn't give the world's greatest error message in /var/log/messages. Exit status 2. Watching from the CLI, the error was xapi failed to start.

Someone else on the Citrix Forum said that they recreated the files in /etc/sysconfig/network-scripts. So I copied those files from a working box, and changed what I needed too.

Still not going.

Hunting around, I found /opt/xensource/xapi, which I think is what "service xapi restart / xe-toolstack-restart" are trying to run. I tried to start that. Got the following error: xenserver exception Failure("cannot parse pool_role from pool config file")

Google was next to useless trying to find information on that. So I fired up find on the box and tried to find anything with the filename pool (based off what little information Google did give me).

The /etc/xensource/pool.conf came back up. So I went back into the file I changed last night, took out the comment character(#) and figured for grins to change the line to read slave:.

Restarted xapi and it worked.

Rebooted and the box came up right, everything working.

Long way of saying: if you're running Citrix XenServer in a pool, have to re-address and things brake, check the pool.conf file.

Interesting what happens when you're trying to fix one problem and in the process end up solving another.

Monday, November 22, 2010

I worked out

Yeah, little out of shape.

7 pull ups
ETK week 1, day 1, 16kg kettlebell.

41 push-ups

While listening to Pauldotcom Security weekly

Thursday, November 11, 2010

Off to a good start

So I'm trying to start an Ann Arbor Lockpicking group. We had our first meeting last night. Other than a lock getting damaged, it wasn't too bad. There was 11 people that showed up. I'll be interested in seeing what the turn out next month will be.

Saturday, October 30, 2010

picked up

While I was out getting food, I picked up a cheap dead bolt to reconfigure as a progressive lock. Going to pick it as a lock first. Just to see how tough a 10.00 dead bolt is.

busy

I've been busy. I finally finished writing the review for the course. I like the way it turned out. Just waiting for some feed back before trying to post it anywhere.

I'm going hard on skill building. I'm working of the following things:

Perl - Reading Learning Perl 5th edition. Waiting for the book to arrive in dead tree format. So reading it online through my Safari account.

Apache - Seems if I want to stay a Linux administrator, I'll have to get better at Apache. I picked up a used copy of Essential Apache today for $0.25 at a local used book store. I'm also waiting on Apache The Definitive Guide with the Perl book.

Lock picking - I'm reading (in dead tree format) Practical Lock Picking. I like it. I'm also trying to start an Ann Arbor Chapter of TOOOL (The Open Organization of Lock-pickers). I have a few friends that are helping now too.

Pentesting Lab - Reading Professional Penetration Testing: Creating and Operating a Formal Hacking Lab

Secuirty+ Certification - Security+ Deluxe study guide.

and for leisure I'm reading Rob Roy and Robotech the Zentraedi Rebellion.

Saturday, October 9, 2010

WiFu test in 14 hours

I wasted much of my study time (4 months) and banged most of it out this week. We'll see how we do. There was only 1 lab I couldn't complete. The WEP Shared Key Authentication attack (SKA Broken).

If you found this post from google, hit up the Backtrack forums, the WIFU OFFSEC student forums and a few other places. There is a filed bug on the problem and I won't be linking to it in this post.

I'll do a full write up after the exam tomorrow or on Sunday depending on how long it takes to send my report.

When I say a full write up, I mean a full on review. The Ethical Hacker Network gets first dibs on it, since I got the class from them.

Tuesday, October 5, 2010

It lives

So a couple of years ago, the box I built in 2003 died. Stupid user mistake. Don't use you're dive equipment as an air cleaner on a computer. Even if you have the air gun adapter.

when I did it, I traced the problem down to the video card. Ordered a new one, and even that didn't work.

I'm working on the WiFu stuff, and I was getting tired of the constant reboot mess between my normal OS and BackTrack3. Because of some other things running on the laptop, I couldn't get BT3 to work as a virtual and do what I needed it too.

So I figured I'd try to resurrected the dead. I got out an old Voodoo 3 video card. Nothing happened. Pulled everything out and it worked. Got a new video card last week. I've been trying the rebuild the box since. It was a busy weekend.

Anyway, there is still some taming to do, but I got the box up and running. After Saturday, I'll do some real playing around on it and try some different linux distributions.

So what is this box?

An old 32bit AMD with 1 gig memory (max for the mother board), and 1.1terabytes of accessible hard drive space. The video card is an nvida GeForce 6200 with 512 meg of memory.

The funniest thing, this box is faster with VNC over SSH than the laptop with more memory and a more powerful CPU. But really that's because of the video card. At least I'm convinced.

Monday, September 6, 2010

Actual workout with the straps.

Got a decent workout with my home made suspension trainer. I used the TRX FitDeck. I made it through just over half the deck. 20 cards, I had 12 left to do.

Things I'm thinking right now. The handle straps are too long. Might cut those back to 6 feet, like the to strap. The foot straps are too long. Going to try them at 14 inches instead of 18.

But I'm going to wait on feed back from Jenn and Sarah first. (They're 2 trainers trying them out, with clients).

Going to stick with the red straps (at least for the handles, Sarah has named the thing Big Red).

Sunday, September 5, 2010

wow I suck.

Just found out, it's been almost 2 years since I kept a food journal. I didn't realize it was that long.

Wednesday, September 1, 2010

HEY AUDIENCE (cross posted)

Copy and pasted from my Live Journal:


HEY AUDIENCE DO YOU KNOW WHAT DAY IT IS?


THAT'S RIGHT!

IT IS MY DEATH DAY.

7 years of being a zombie.... Braaaaaaiiiiinnnnnssssssss


For those not keeping track, September 1st, 2003 was the day the Paramedics tried to declare me dead at the scene (pedestrian (me) vs. drunk driver).

I'm only 7 years old today. (Second birthday).

Monday, August 9, 2010

wow, out of shape

Got out the Enter the Kettlebell Workbook today. I've wanted to do it for weeks, but never did. I'd make excuses.

I figured with trying to do Jiu-Jitsu 2 days a week, and Tang Soo Do 2 days a week, I'd be in better shape.

Day 1, 16 kg was enough to make me take breaks. I'll be repeating this week, that's for sure. Going to have to try and do it early in the morning before work. After work is just a little too hard.

Thursday, July 29, 2010

the prototype works

I took it to the walking path where I live last night, around 1am. I attached it to the top of the pull up rings they have on the path.

What I know to do with them is very limtied so far, I'll fix that tomorrow by ordering the TRX fitdeck.

Since it was wet and muddy out, large storm yesterday afternoon, I didn't try any ground work yet.

I tried body weight rows, bicep curls, single arm rows, angled push ups, and (the real reason I've wanted one a suspension trainer) single leg squats aka PISTOLS.

I was fairly impressed. I'll need to double check the stitching today though. Just to see how it held up.

When I first started hooking it up, I realized a 13 foot top strap is a little over the top. I ended up making a smaller loop with it, and then tossed that over the bar and anchored to both parts of the loop. Worked pretty well. I don't want to cut the strap though.

Wednesday, July 28, 2010

Prototype testing

How it's anchored at home

that didn't go well.

Have it hooked on my pull up bar. The carabiner by itself was some odd popping noises (from the pull up bar).

Put the top strap over it... counter weight isn't good enough to keep the thing flat with my weight against it.

The black band in the picture is the band I use to help with pull ups. I just pushed it out of the way.

Prototype

I can't get the pictures to load, so you'll have to click on the links.

If you follow my twitter stream, you saw these as I was putting it together. For those that have followed me for a while, you know I have no problem saying I have too much debt and some day I'd like to buy this, that or something else.

One of the things on the list, was a suspension trainer. Be it rings, AOS Bandit Loops, or (what I really wanted) a TRX system.

A couple of weeks ago thefightgeek from the pound online tweeted about a cheap $10.00 version (video on "the pound online"). Which caught my eye. I was impressed and through, i could do that, and it'll be good enough. I replied to his tweet saying as much.

Which lead him to tweeting this page to me. I was really blown away. I liked the option in the second video. Where the guy got the longer one, and then cut it down and used the left over for the foot holds instead of rope.

I was on a mission. But there was one thing I didn't like. The knots. I didn't think the ones in the foot loops would feel good, so I decided to sew them. The bowline is a nice knot, but I prefer the figure 8 knot I use on my harness for rock climbing.

However... being me. I decided if I was going to sew part of it, I'd do all of it.

I got 2 packs of lashing straps, 1 inch by 13 feet from Mejier, a locking carabiner out of my climbing gear (not used), some pvc, and some tape (picture here) They work out ok. The do need to be re-enforced though. I found that out after trying them, the factory stitching was pulling away.

So I decided, based on the factory part, to make 3 inch tabs. This is the taped 1 1/4 inch pvc and the tab. This is the handles pinned together, waiting for the needle.

Then I realized I needed more information first. 1 strap, marked up with everything. Handle points, tab, where it joins the strap.

I didn't take any pictures while I was sewing... I was on the phone, and couldn't take any pictures.

The next night, I moved from the lap desk in the bedroom to the desk in the spare room.

YES IT WAS ALL BY HAND!

Oh no... the strap was binding after I made the first one... Cut off the tape, still binding, get the dremel, and fix it.

One done, and ready. The white specks are beeswax from the thread.

My parrot, Captain Errol Blood (but we just call him Captain) checking on my work. No he was not impressed.

I was asked after I finished, and was showing them off, how I could know to trust my skill. The short answer is I don't, but each set of stitches (minus the re-enforce) look like this (from handle 2).

Now, time to pin the foot loops in place.

The foot loop, got the same treatment as the handle, as you can see from the first completed one here. A close up of the handy work.

I have yet to get a picture of them hanging, or of me using them yet. I'll post a video when ready. So far I've only played around. Inverted rows, elevated push ups, push ups to knees in (foot straps), and very little else.

I've noticed I don't really need the top strap with my pull up bar, since the carabiner goes over the bar quite well.

Things I've learned:
I hate sewing... No kidding, I don't sew enough, show it takes a while to get back in the swing of it.

Make sure the straps aren't twisted before you start. I have one that is, but it's not noticeable.

The next 3, will be done on a sewing machine. I just have to find one to use first.

Yes I said 3. I'll be giving 1 away, one to the lady I'm seeing. Although she wants her's to be pink with hearts and stars on it, 1 to Sarah Rippel and 1 to a guy at martial arts. I had offered to make one for Jen B, but she already has something. :)

Originally when I said I was starting this, Sarah took note, and wanted to see how it worked out. She said she was tempted to try and make her own based on my work. I offered to make one for her. I just want to put mine through a few more paces first.

Wednesday, July 21, 2010

that was fun.

Wrote a shell script for work. Don't do that enough. Could have been done a million and one ways, but I did it this way (see below).

The itch:
Person who maintains the FTP server's user accounts is not a GNU/Linux person. She's asked for help and simplicity in the past for creating user accounts. Need to create the user, the home directory, set the password and set file permissions and file acl permissions.

The solution (slightly modified):
#!/bin/bash
# program to create new ftp users. Creates directory, sets permissions and ACL. Will ask for password.
# password section for Redhat Based systems

# get user name from command line

if [ -z "$1" ]
then
echo "$0: Usage: $0 user-name "
exit 3
fi
name="$1"

# create user account, and directory
useradd -d /FTPDIR/"$name" -s /bin/bash -g 502 "$name"

# get new password for user
echo "enter password for user $name"
read user_password
echo $user_password | passwd --stdin $name

# change ownership of directory
chmod 777 /FTPDIR/"$name"

# set acls for directories
setfacl -R --set u::rwx,g::rwx,o::rwx /FTPDIR/"$name"
setfacl -d -R --set u::rwx,g::rwx,o::rwx /FTPDIR/"$name"

# let user know it's done
echo -e "\n User $name is ready to log in. \n"

Saturday, July 17, 2010

weekend plans

Things to do this weekend. Set up a test lamp server. Want more practice with Apache2 web server Read more of the Wifu Book, and get a keyboard mouse combo for the test computer. I might switch Sidux for Debian testing too... not sure though. Haven't decided.

Tuesday, June 15, 2010

intimidating

Finally got around to opening my class manual for WiFU... little intimidated by the size. I don't think I'll be sneaking it it work to print off on the color printer. :)

Sunday, June 13, 2010

sigh

Weekend did not go according to plan. But when does it ever.

The laptop is re-installed. Still missing some things. Need to install some programs.

Offensive Security sent me the 72 hour links to download the programs last night too. Got the files I need now.

Still haven't crash coursed what I need to. I'll have to work on that yet.

Saturday, June 12, 2010

I don't have time for you right now computer

So today, I finally finished going through the gyrations to get WiFu set up. Got through the payment voucher and now waiting the 3 business days (no rush please) to get the course material. I even picked up a used WRT54GL to finish out my wireless lab. Yes really. I was almost late for Jiu-Jitsu because of it.

However... I have to do crash course studying on something else this weekend instead. Apache, Tomcat, OpenLDAP at the very least.

And it looks like I picked the wrong day to upgrade my laptop. Cleaned out some old kernels and in the process did an upgrade. Of course, while I care about business continuity at work, and don't do that there without a backup... I'm not as stringent at home. Looks like I might have upgraded to the Pre release for Sidux 2010-1, and things are not working right.

I'm also still working on getting the box I bought a month ago set up.

Thursday, June 10, 2010

WiFu

Finally got around to doing the application for it. I sent them data 9 days ago, got the app back. They ask not to use a free web based email on the form, however it's the only address I'm willing to give. There are many reasons why.

So now I get to wait and hear from them.

Last night I started working on the box I'm calling Ihack. It's the Gateway PC I bought for $40.00 a few weeks ago. I still have to get it set up with the right stuff... When I went to bed last night it was doing the apt-get dist-upgrade from Debian Stable to Debian Testing.

Going to put a gui on it, either lxde or xfce, and then I'll have to get the wireless card working.

Still need to re-setup the access point.

Wednesday, June 9, 2010

lock picking

So I got a new set of Lock Picks. The old M No.1 is giving me problems with the new set. I bought a No3 today. I have picked it several times.

I'm finding though, I probably have more picks than I really need. I probably could have gotten away with either this set, or this set.

When I ordered my set, I had a question. I emailed and asked. I got a very quick response. I know I'll be buying some of my practice locks from there.

Wednesday, June 2, 2010

looks like I found that problem

The last several weeks, since I rebuilt one of the boxes in my office (not sure which one), I've been having problems with Synergy.

I had Synergy2 installed on my Windows box and acting like the server. I thought I had synergy2 installed on the nix box working as the client.

When ever I changed screens I had problems with the text. On the linux box all the text would be in caps, and the nubmers were acting like the shift key was held down. So instead of numbers, I'd get special characters.

Turns out that I had synergy-plus installed on the Nix box. I had installed from repository. I found that out today, after upgrading from Fedora 12 to Fedora 13.

I had decided to try reinstalling Synergy from the repository only to notice it was saying synergy-plus. I updated the windows box to Synergy+ and everythings seems to be working...

Well expect for the changes I had made to /etc/gdm/..../Defaults. Synergy starts with the login screen but not after I logged in. I may have a work around for that now. I'll have to find out later.

Sunday, May 30, 2010

what did you learn today?

In order, I learned how to put up a hammock made out of just about anything.

I learned of the monkey fist ball knot. They say to put something in the core, but mine doesn't have anything in it. It just is. It isn't pretty, but it functions. I would have liked to known about that when I was scuba diving and had to pass lines between boats.

I used my 100 foot repelling rope (that I've had since I was about 18) to make the monkey fist. Problem was I had it wrapped pretty tight. In making the fist, I ended up with a mess of rope on the floor. So then I went and learned how to do a backpack coil, and a mountaineering coil.

Then I finally, after watching about 30 minutes of youtube videos, figured out how to pick a pad lock. I've had a Master M1 (it's older than I am) that I've been trying to pick for about 10 years or so. I would get discouraged easy, and then I lost my picks for a long time. Found them a couple of months ago, but still got discouraged easy. Tonight, I've picked the pad lock 6 times already. still want a new / better set.

Then looking at the coil of rope, I undid it again. Put a monkey fist on the end, and then recoiled it.

Thursday, May 27, 2010

thinking about breaking it up

I'm thinking of breaking my blog up. It's a wide mishmash of things right now. I'm thinking it might be better to break the computer stuff out into another blog, and leave this part Kettlebells, politics, and rambles.

What does everyone else think?

it's a start

So... I've mentioned the WIFU class a few times now (see the wifu tag below). I've gotten the first wireless card I needed. I still need at least 1 more. I don't have to have another of the same type, but why not? I've got an old desktop I'm going to hook it up on. I haven't started the class yet, but I have started playing around.

Anyway I've tested the usb wireless card in Backtrack4 from the live DVD, in my normal Sidux install on this box (my laptop), and now in the BackTrack4 virtual machine (VM) running on top of my Sidux install.

Tonight, I followed along with the Aircrack-ng tutorials while using the VM with the USB Wifi adapter. I was mostly interested in trying packet injection with the card from the Virtual.

Getting the packet injection to work took some set up. First you have to get the card in monitoring mode, and the test injection had a link to that tutorial. However I don't think it worked every time I tried it from the VM. Sometimes the packet injection would work, sometimes it would fail. I usually had to do airmon-ng stop on both the mon0 and wlan0, then start it again on wlan0 before the injection would work. Annoying but not enough to make me give up.

I was rather excited about getting injection to work, even if it was a bit dodgy. However, I'm not the kind that is willing to leave well enough alone. Since I don't have everything set up yet for the wireless lab I'm building, I decided to jumped ahead to the WPA/WPA2 cracking. (Note I have yet to crack WEP).

I got airodump-ng running on the network I wanted (my U-Verse 2WIRE access point), and could even see the only client (the Sidux install on the laptop, using the built in 3945 wireless chip). However I didn't see any authentication packets in airodump-ng. No biggy, the tutorial tells you how to fix that if you're not patient or only have 1 client.

I was able to deauthenticate the host operating system (Sidux), and even watched was WPA_Gui would reconnect. However airodump-ng never seen the authentication handshake. I tried looking at what was going on with wireshark,and could see the deauth packets going out. But no auth packets. The VM wasn't using the network either.

I'm going to have to get more hardware, I'm ordering the second card this weekend. There are some other things I'd like too... Netbook, desktop, multiple monitors, but that will take longer to get.

I was a little surprised at how easy it was to deauth a wpa/wpa2 connection, and wondering how many people around me are messing with other people by sending deauth packets. I mean after all, I live near one University that has an Information Assurance Program, and the other University I live near is well know for having a great Computer Science / Computer Engineering program. :-)

Monday, May 24, 2010

WaHoo!

Did the pull-ups with the inch band.

3-2-1-1 1 minute rest. the elbow didn't care for it, but I'm excited. 3/4 of an inch really does make a difference.

Edit: elbow doesn't like it because my form is a little off.

Friday, May 21, 2010

Yes....

I should be able to. If you didn't read the post before this one. You need to. This one picks up where the last one left off...

I can do it. I can skip the 1.5 inches and move straight to the 1 inch. Which... hopefully means I can move to no bands in 2 weeks.

choice

Spent the last 13 days doing the 3RM pull up program. It was supposed to be a 12 day program. But it took me 1 extra day. I've been trying to decided what to do on Monday. Move on to the 5RM program, using the same band for help, or swap bands and restart 3RM. I'm going with the band swap.

2 days to rest. then do it again with a 1 inch and a 1/2 inch band. After that 12 days, down to 1 inch. The swap with the half inch.

Unless.... I wonder if I could.... Time to find out.....

not as thrilling

Brought the laptop, the wireless adapter, and both antennas to work. We work in a office park, but it doesn't have a lot of businesses in it.

So I think the most were 15 probe networks, and 5 actual networks. 2 of them don't have any encryption enabled. One of those does have it's bssid turned off.

I sat here probably an hour or more with everything set up, and no one paid attention. When I found I did bring the holder, and attached it to the back of the laptop, people started gathering around and asking questions.

something funny from yesterday

So yesterday (5/19/2010), I went to the Ann Arbor Virtual User Group meeting. It was my first one. I was told about the group after talking about VM production systems at an ARBSEC meeting.

I was talking to the guy that was running the show yesterday, Rod, (while hitting the pizza buffet), and mentioned my one "big" complaint about Virtualization. It's how the Virtual Host passes the network to the Virtual Guests.

The host will take the wired, wireless, or carrier pidgin based network, and display it to the Virtual Machine Guest as a wired network. Even though you're connected over wifi, the VM thinks it's got an Ethernet cable plugged into it. Which 99% of the time is fine. However, if you WANT you're VM to have wifi, you have to have a system that will pass the usb adapter (VirtualBox and VMWare both do this, or so I'm told and read). This is also part of the reason I bought the Alfa Wireless Adapter for the WiFu class.

Rod asked why I would want a wireless card on a VM anyway. I said for packet injection. My main interest is computer security, I'm here because I maintain the VMs at work. He looked at me and said I should go check out ArbSec and meet Jon O, the guy that runs it, if I was interested in security. I started laughing. I looked Rod in the eyes and said "but he's the one that told me about this group, at an ArbSec a couple of months ago".

The other cool thing last night, I ran into one of my former college professors (had him back in 1999 I think). He was sitting across from me. Started talking. I stopped him, asked his name. He really didn't remember me, but that's ok. I could have told him a few things that would have reminded him of who I was, but didn't want to scare him. Like the fact I'd been to his house when I was his student. Had to do with losing my text book right before the final, and he had found it.

that was enlightening

So the mail came today. In it was my new alfa (1000mw) wireless adapter. I hooked it up a little while ago.

It took a while to figure out how to make it work. First to make sure it would turn on. dmesg, lsusb, iwconfig all saw it. Sadly I'm used to ifup and ifdown. Which only work if the interface has a configuration file. I was able to get up with ifconfig.

Then I wanted to get it working with Kismet. After googling around, even though it's the rtl8187, I found you have to use the rt8180 capture device in the kismet config. I copied this line from a forum posting (changed wlan to 1 because 0 is the built in, and using it for net connection):

source=rt8180,wlan1,RTL

Then I got kismet to work. I ran it for about 30 minutes.... I found 92 networks (networks as kismet's info display on the side claimed). Some of them were probe devices.

But it was interesting to see what I could see from my laptop sitting in my bed.

I really think I'm going to take this to work tomorrow (including the laptop) and see what can see.

And I'm even more excited to take the wireless pen-testing class. Not because I have 92 networks to attack, that would be unethical, but because there were 8 to 10 boxes probing and I want to make sure they won't be using my wireless to surf porn. (IE use the skills from OSWP to secure my home wifi).

In case you're wondering, I live in a 1000+ unit apartment complex. I'm sure if I wasn't on the ground floor (took ground because I was afraid of dropping kettlebells), I would have seen even more. I might have to go over to the tower (7 floor unit), and see if I can get roof access, and then see how many networks there are.

Wednesday, May 19, 2010

fail.

I'll have to repeat today, tomorrow.

Pull-ups:
4-4-3-2-1. Minute between sets. Problems is, I goofed. All the other ones, I gripped the bar (last 9 days). Tonight I hanged just from the fingers, thumbs tucked at the side, but not around the bar like usual.

First 4, were trouble. Only got my nose over the bar. Second 4, I had to stop and adjust the grip and then finish. 3 I realized what I did wrong. Last 2 sets were better.

I also psyched myself out on doing the pull ups. Looked at the number and first though was no way. Should have been bring it. but just not feeling it today over all. Just physically zapped. Had to rely on caffeine to not fall asleep at work.

Oh well. It the set back like this that makes you push harder the next time. Means I'll finish Friday instead of tomorrow.

Other thing, with today's grip, my elbow hurts. not bad, just hey you messed up dummy kind of way.

Monday, May 17, 2010

knowing your tools

It would have been nice to know last week that rsync had an include and exclude feature for doing copies, so I wouldn't have had to waste 2 days writing shell scripts.

My own fault for not reading the man pages. I like rsync, but really don't use it to it's full potential. Mostly when I use it, I'm copying over ssh and need all the files, or between 2 hard drives and need all the files.

A current project at work is the first one where I needed to exclude directories. Still trying to figure out exactly how the include feature works.

*edit - I completely erased the original text and re-wrote the post. Last version was too negative.

really need to have someone else help with that

re measured today. (note I felt bloated yesterday). 42 inch waist, measured in the same spot, 43 inch hips, measured in the same spot.

21.4 % body fat.

I'm going to split the difference and say 22.9%, which puts me at just under 55lbs of fat on of my 240lbs.

Sunday, May 16, 2010

been a while...

It's been a while since I talked about % body fat, and weight. Back in February I got sick. The every other year visit to the hospital kind of sick. Like usual I got treated for dehydration. This year's cause was a stomach flu like virus.

I lost a bit of strength, and I'm still working on getting it back. I was doing pretty good, or so I thought, for a while. But in the last 2 weeks I've put on about 7 lbs. Which wasn't a problem until Friday when some of my clothes started to feel tight. :(

weight, 241 lbs (was higher yesterday)
waist 44 inches
hips 45 inches
forearm 13 inches
wrist 7 inches
24.4 % body fat. +/- 2% for margin of error in math, and me actually measuring the right spots.

Wish, but glad I didn't, do this about 3 weeks or so ago, when everything fit much loser, and the weight started to go up.

In other news, with the 1 3/4 inch super band, I made it through day 7 of the fighter pull up. My body hurts from Friday's kettlebell workout though, but I got the chin over the bar all 11 times. Although the first 4 at the end (1st set) got a little sloppy, still made it over.

Saturday, May 15, 2010

And it's almost sunday...?

Haven't been sleeping well. My body is short circuiting at night. As I understand it, the body's motor controls are supposed to shut down during dream state so as not to injure self.

However the last 2 nights, in the middle of the night, I've had bad dreams. Not nightmares, but just not happy dreams where I do something martial arts related in defense. Be it attacked by R.O.U.S (and I haven't watched or read the Princess Bride in months) or snapping a front kick at a zombie President Barack Obama trying to do a cyberman upgrade on me... (Maybe too much Doctor Who). In each case, I did the action in bed, and woke up while doing it.

Friday I went to Joust Fitness and had a decent kettlebell workout. Didn't kill me like other ones there did. I actually enjoyed it. Did another set of pull-ups around 9:30pm.

Saturday, I went to a Tang Soo Do seminar put on by Grand Master Kang Uk Lee. Even volunteered to be elbowed in the chest by him. It was interesting. That required me to be up at 6am, and I didn't get to sleep until after midnight. (Note I was up at 6am Friday and Saturday after fit full nights of rest).

Came home from that (got home, a little after 2) and proceed to take a nap. about 3 hours worth, and still tired.

My core hurts (shoulders, abs, ribs (not sure where that one came from), and lats).

And now it's almost Sunday. I really think I need a weekend to recover from this weekend. :)

Wednesday, May 12, 2010

Wow

So I did pull-ups last night. Same as Monday. I was sore when I got up today. Lats were very sore.

Did tonight's when I got home from work. 3-2-2-1.

I've already seen an improvement. Usually, I could only get my chin over the bar on the first one. Nose over on the rest. I was looking down on the bar each time tonight.

I know I'm going to be sore again tomorrow, but I'm happy.

Wifu - not ready

So I just got done watching the WiFu demo. I'm really looking forward to taking this class.

I'd start playing around with stuff now. but as the topic says, not ready. I still don't have all the gear I need to even begin to play.

Tuesday, May 11, 2010

more on the Cert

So I mentioned in a little shocked. I got picked for a free cert course.

After some emails around on who was going to take what, I'm taking WiFu. I actually offered to take it, kind of. I still would have preferred Penetration Testing with Backtrack. But I have a better chance of getting a cert with WiFu and I think that is a little more important.

So for the last week or so (little longer probably), I've been looking at getting things together to do the course.

I'm going to get 2 Alfa AWUS036H and 1 BU-353 USB GPS Unit. The GPS isn't needed but will be fun to play with. And I'll finally be able to do Wardriving / Warwalking and map the data out, instead of just saying hmmm... But that's for another post.

I picked up a cheap old Gateway Celeron, 256 meg, 15 gig hard drive. I'm going to toss straight Debian on it, and attach one of the USB Network Devices to it.
I'm going to dig out my old Linksys wireless router, flash it with Linksys firmware (I can put dd-wrt back on it later), and hook the other Wifi device to my laptop running BackTrack. (If don't pick up another cheap PC first).

I'll update the blog as I go along.

Monday, May 10, 2010

that was nice

So I'm struggling with pull-ups still. Jennifer has the same problem. She's pointed me to Pavel's pull-up program. I'm doing the 3 Rep Max program, with a band.

3, 2, 1, 1. It wasn't that bad. I'm looking forward to tomorrow's workout. Hoping in 12 days to either go back down a band size, or not have them to use at all.

I guess we'll see.

what to work on.

I have about 2.5 hours left to my shift at work. I've been playing with FTP all day again. Still trying to get 260 gigs worth of data to rsync across the network.

The down side is, I can only do it when there is no FTP traffic. So I have to sit here and watch the 1 server and then make the copy when no one is connected. Then stop said copy when someone connects.

I'm sure if I was better at scripting I could script it, but meh. I'm also wondering if SSH is adding overhead slowing it down.

I don't want to set up an rsync server on the boxes. I have also had problems with it running over night and over the weekend via cron.

Anyway, I've been trying to catch up on work related reading (Hackin9 and Linux Journal)

Sunday, May 9, 2010

sore

Did a kettlebell workout Friday. A real workout. First real kettlebell workout in months... I'm sore. Have been since Friday. (I still think it's Saturday).

But I needed it, and it was worth it.

Thursday, May 6, 2010

hmm...

Should be working on another book review. I lost a month destroying (cleaning out) the office. But I don't want to move the hardware to the office tonight to play along at home.

I really need to get a couple of more computers. Desktop (Server) and a netbook.

quote from last night

Heard a great quote about security last night. Might be paraphrasing, but the underlining point remains.

"[Computer] security is where you go when you know how to do everything else."

Guy at Arbsec (works for Vistion) said it.

Wednesday, May 5, 2010

This week's fun at work

So last week, on my day off (personal day), I got an email from the Senior Developer. He was asking if we'd be ready for the DNSSEC roll out today. I didn't know.

Came in Monday:
Tested our systems using the directions found on the dns-oarc.net page. It came back saying "X.X.X.X lacks EDNS, defaults to 512"

Call to Cisco. Stayed late working with Cisco TAC Security Engineer to put the work around in for CSCta35563.

Test still failed.

Tuesday:
Spent more time testing from both in front and behind the firewall. Found that some of the servers I was using for testing would work, some wouldn't. From both sides of the firewall.

Go back to my office. Start reading up on it. Some sites saying I'd have to upgrade the ios on the firewall to 8.2(2) or newer. Some saying the problem was the DNS server for our internal network not supporting it. Windows 2003.

Came across a test page from RIPE, that said if DNSSEC isn't supported by the resolver don't worry. (We're not using DNSSEC with our 2003 servers as far as I can tell, but I'm not a windows expert).

Wednesday (Today):
Built 2 Bind9 based linux servers to handle dns for us, if things break. Has taken most of the morning.

It's after 1pm now, the time that DNSSEC was supposed to roll out, and so far so good. We're not seeing problems yet. People are not screaming yet. the 2 servers are sitting here ready to roll (mostly).

Now it's just a wait and see. Going to wait 24 hours to see what happens.

Tuesday, May 4, 2010

I knew I was stressed but.....

I knew I was stressed with the Dan test but I didn't realize it was THAT BAD.

I've felt great since the test. Before I got the certificate even. Like a huge weight was lifted off me. Actually, I felt that way during the test, even though I was making mistakes.

The thing is, I knew the upcoming test was stressing me out, but I didn't realize how bad. There were things I said I'd do, like the FTP server (not working from the outside), and I started cleaning up the crap from the spare bed room / study.

Even though I could have used the space, I left the back room a mess for a whole month. I'd look at it and feel like it was too much. Actually I felt that way about a lot of things lately. However since Saturday, I haven't felt that way as much. The room is still a mess, mostly with empty boxes or stuff waiting to go to the Recycling center. However, I got the room back to a working condition. I can actually get to things in there now, like my study desk. The stuff I'm keeping has been boxed back up, and put back along the wall. Might move things around not sure yet.

But mostly I feel good.

Sunday, May 2, 2010

mostly done

I think I've got it all completed (server side) except for a password on an account. Nothing major there. And changing to a static IP address.

All that's let is to set the 2wire system to point port 20/21 to the server, and release it to the public.

FTP configured

I've got vsftpd configured. While I'm a fan of Debian, and Debian based systems (not Ubuntu), I like how Redhat Systems work with VSFTPD, over Debain.

I faked it, setting up a /etc/vsftpd directory, and then making a simlink (could have done a hard link) to the conf file, but it works.

Now for NTP, Fail2Ban, and maybe logwatch.

more on FTP

So thinking about it, I don't think I'll do a true anonymous download. Instead it'll be semi-anonymous. If it was just videos of the adults from the school, I wouldn't care. However there will be videos of kids from the kids class too.

Mostly the videos are of us doing our forms so we can see what we're doing wrong instead of just being told what we're doing wrong.

Stats on the ftp server:

Server: old desktop p3, 30gb hard drive
OS: Debian Testing
packages: vsftpd, ntp, tripwire, snort, fail2ban, xfce4, xdm, minicom, cutecom, and putty (this is also the box I use for console access to my cisco lab).
Accounts: root, mine, one of the masters, and a download account (shared for everyone).

All that's left to do is get the FTP, NTP, and fail2ban configured. Oh and the accounts.

Installed from net-inst cd, slimline (see linux journal) without the laptop. Used the article for the X windows manager.

Saturday, May 1, 2010

finally building it

I'm building the FTP server for the Korean Karate Academy. We're not sure if the web host allows or could have one on it. This is just a stop gap until we can look into it.

There are several videos that need to be loaded, setting it up with upload for a couple of us, and the rest will be anonymous download.

Offered to do this weeks ago, but never did it.

Going to load the Bo form on it. I should be able to get a copy of my test from it. One of the Masters brought his camera. One of the gups filmed it.

a 14 oz uniform makes it harder.

Note, this will not be my best writing ever. Lots of things jumbled up in my head.

Tested for my First Dan (pronounced don) today. Wasn't the hardest test ever. In fact I really enjoyed it. Stretching out before the class, one of the 3rd gups said I looked so relaxed. Truth was, I was. Felt good, in the zone.

I messed up forms, but didn't let it show. I kept going through instead of stopping. I was told if I was going to mess up it would be on the test, and to move through it.

I missed ki-haps, added extra motions, left motions out, and added more, on my bo form. I'm sure my arm wasn't high enough, and I over extended on o-dan and bassai. I almost fell over on Bassai.

The snap of the uniform around me was very distracting. The weight of it, trapped the heat and humidity that my body was generating and soaked up all the water coming out of me.

I rocked the knife and club. I didn't get to use a real knife though. I was really looking forward to it. We got it out, we were set to go. However my partner for it, even though all he was doing was challenging, didn't feel comfortable. He hadn't worked with me much with the real knife, just the rubber ones. But we've worked the club together the most. Mostly he was worried about getting injured and not having insurance (lost his job, after he unionized his store).

Doing the 1 steps, the self defense, the knife and club (After the forms), I was soaked in my uniform. I was also breathing hard. The uniform started off fine, but once the cotton started soaking up the sweat it got heavy and harder to move it.

Actually, one of the masters, when they were giving me my cert said that, that was the best knife and club they've seen on a Dan test in a long time.

Felt sorry for Jason (3rd gup). He hasn't been there for a while, but came just for my test. He's been with the club off and on longer than I have been. He was a Green belt (6th or 5th gup) when I was still a white belt. Anyway, Jason was my partner for 1 steps, take downs and self defense. I threw him around like a rag doll. The only surprise was when we switched to kick 1 steps. I took a round house to the side of the face. Thought it was a side kick, messed up the block completely.

Sparing, pretty much at the start of it, I threw a bad kick (meant to pull the guy down for a punch to the face) that was blocked. the block was between the smallest toe and the one next to it on the right foot. My foot hurts, the toe is swollen and purple.

Sparing was 5 on 1 at one point. Exhausted, dripping sweat from everywhere. Turns were causing the sweat to fling out of my hair. Got in some bad situations, but didn't stop. Figure if one guy is holding me, I don't have to worry about him while I attack everyone else with kicks. :)

I grabbed a few people and threw them back into the groups of 3 that would from coming from one direction when I'd move around the floor. But between the Uniform, sucking air (all the work it took to get the moves going with the weight of the uniform getting heavier with each minute), and just the length of the sparing bit.

Got some of the history wrong. So it goes. Did sparing, then the basic motions, then the history. Like I think I said, the toe was causing problems with my basics. Couldn't even do a front stance with it being the back leg. At the end of the basics I was asked to do a Tornado kick. I can do them from time to time, but not with my toe, ended up on my butt. No biggy.

The breaks... I messed up the first one, I tried to stop / change strike in mid motion. Ended up just tapping the board. Supposed to be a palm, threw a fist. The second strike was clean hammer fist straight through 2 boards. The side kick, the holders moved back with the kick. The second attempt was a jump side kick. No ki-haps, and all the wood fell... Then I had to do the speed break. I've practiced it 2x and never broke. Ki-happed on the speed break, and the board exploded, like it should have. (It was a very nice board. 10 years old or so. Dried out to the point it was starting to crack).

Got my cert, my belt buckle. I'm the 11th person to go from Gup to Dan under our current masters (going back to 1994). But we're a small school, and have a hard time keeping people. It's a cheap class, but people keep leaving for work, school, whatever.

I started as a kid in December of 1985. It took me until May of 2010 (24 1/2 years) to get here.

Along the way, I stopped because I didn't want to be there as a kid. I wanted to play baseball, football, do cub scouts, etc. I swam for 4 years in high school. Looked into going back in 95, but was told the school was no more after Grand Master Ormanian passed away. I was giving bad information.

In 97, I really wanted to go back and at least get a black belt. I felt like I was missing something from my life that the Black Belt should have gave me. I signed up at an expensive school a couple of miles from home. After doing that, I felt nostalgic and drove by the community center the old school was in. Just happened to be the right day. Drove by, there was a master and 2 black belts in there. I actually stopped dead in the middle of the road. I parked, ran in, and talked to them. Found out it was the same school.

After that, I had to keep missing classes because of college (classes were only available on the same night as Tang Soo Do (just like the sports and scouting when I was a kid)). But I always made a point to come back. I got there early most nights and worked with the kids class (because if I didn't I'd have slept through the class, working midnight).

Then in 2002 I got a job working in a bar. Best I could get at the time (only thing I could get at the time). Working the same days and times as the classes. In 2003, I got ran over by a drunk driver. Lost 4 years of training because of that.

Even when I went back to training in 2007, I would still miss months of class at a time, because of work.

They wanted me to test in December, but I knew I wasn't ready. Forms I needed to know, I didn't know. I'm glad I waited. Now my goal is not not take another 25 years to make Master. :)

Wednesday, April 28, 2010

a little shocked.

I was speechless earlier. That's been happening a lot lately. But it was bad enough today that a couple of co-workers asked if I was ok.
There's a site I try to hit 10 to 20 times a day, Ethical Hacker Network Forum. There are usually a lot of great conversations going on there. I've came across some really decent stuff to read from there:
  • Hacking for Dummies
  • Daemon
  • Freedomtm



They've had some great challenges for skill building, on the main page, and some really great give aways.

The most recent one, was a chance for 1 of 5 certification classes. The class includes the cert test at the end. I got an email today saying I was one of the 5 winners. My mind was going 1000 miles per minute with thoughts, my mouth could only get a couple of letters out at the time.

This is great, but an oh crap at the same time. Like my friend Jen B, I've been feeling a little over whelmed lately. My feeling comes from between the things I HAVE to do, NEED to do, and WANT to do.

Getting 2 of the possible certs I could take are on the Want to do list, but so are a lot of other things. There are items on the Have and Need to do list that would be nice to get out of the way, because getting past those items would go a long way towards helping me make sure I can get the most out of the course.

All I know is, it's going to be an interesting couple of months. (Which will just keep adding to the interesting year I have had so far).

Wednesday, April 21, 2010

Books

I read Daemon and Freedomtm
by Daniel Suarez. really good story divided between 2 books. Really enjoyed it. Sci-fi / Cyberpunk / thriller.

There was a lot of things in Freedomtm
, that mirror our world today. Little frightening when you stop and think about some of it.

I highly recommend both books.

Thursday, April 8, 2010

martail arts tonight was awesome

Got to work grappling with someone. Someone very skilled. Feel good, enjoyed it. Defended my school's honor. However if it would have been an all out fight, he probably would have wiped the floor with me.

Thursday, April 1, 2010

Wrote a book review

So I said I was reading Hacking for Dummies, 3rd edition. I finished it a while ago. Part of the reason I was reading it was to write a book review for an online magazine.

The book review is up: Ethical Hacker Network Book Review

Wednesday, February 17, 2010

Learning so much

So I read Hacking for Dummies, 2nd edition. And I didn't feel like I learned as much as I probably should have. I also read it differently than I'm reading the 3rd edition. Most of what I did learn in the 2nd edition, I think I forgot, or just filed in the back of my head.

I'm actually learning this stuff this time. Not just reading it but looking into things and trying to figure the things out when they don't work instead of shrugging and saying ok next.

Some of it is, oh yeah, I remember that. It's just a much better read this time. Wish I could read more often and faster than I currently am, and I could play with things.

Saturday, February 13, 2010

scratching my head

Sometimes, no matter what, you're left scratching your head. Tonight is one of those time. See, I'm a time addict. I have been for years. I constantly want to know what time it is. I usually have ntp running on my computers.

Turns out the latest install of my laptop doesn't seem to. Yet it kept it's time pretty current. Maybe there is something hidden somewhere in KDE / the system I couldn't find. Anyway. I installed NTP, and made sure it was set as a client. it was only about 91 seconds off compared to the server I used to do an ntpdate against.

However, that's not what made me scratch my head. I spend most of my time on Red Hat based systems at work, and do more work on them than I do on my boxes at home. Even though every computer runs Linux (Debian) at home. One thing I'm used to, and type mostly out of habit is the service command for starting and stopping daemon processes.

I have never seen this work on Debian. Until tonight. I don't know how many times I've typed service something restart or stop or start, and have the system tell me service (the command) not found. But tonight, out of habit I typed it and it worked. After I hit enter I remembered, not on a work system. won't work, then saw the message that was displayed... So now I'm scratching my head wondering if I found it somewhere and installed it, or what.

Wednesday, February 10, 2010

oy.

Deleted the last post.

Things have gone strange in my world again.

Not going to go into details. Just.... Its all good with gravy. I'd say what my best friend says in situations like this, but I try to keep it closer to pg around here. Not always. Just all good. Strange but all good.

Monday, February 8, 2010

hmmm.... again

I've gotten my current work to do list down to 3 items today. 2 of which I could do and are both rather easy.

One I'll do.

The other requires driving to another site, so I might put that off, I have until Friday to have it done.

The last item is waiting on things beyond my sphere of influence right now. I could probably go take care of, but would require driving to a 3rd site, and dealing with scorn for being at the site by the people who work there. They don't like it when I show up.

I'd love to read today, work on that book some more... but I'm fuzzed out from a bout of insomnia last night. Less than 3 hours sleep, and I'm feeling it now.

Saturday, February 6, 2010

hmm...

Still have too much to do.

Work is getting harder. Having more and more thrown at me, while having to go back and work on or over see things from people who are "trying" to help me. I do appreciate the thought and sentiment, but when they end up increasing my work load, it's not helping. I've got things prioritized on my list of what I'm working on. If it needs to go sooner explain why you think so to me, and I'll adjust it's priority.

I started a weekly (4 weeks) Python class. I did learn some things, but I'd rather be doing it in a different way. So far all we did was print hello for the code writing. I was told up front that this was more of a class for helping people get more out of the Maker Space (they call it a hacker space) by giving them some tools to help them with their projects. I however just learn better in a class environment than I do self-study (sad as that is to say). I do think the better way to teach the coding is to show us how to write it, but mostly we've used stuff the instructor has written and he's talked about what is going on. Just not my learning style I guess.

I picked up Gray Hat Python, at least the digital version of Safari Books, and read some of that last night. Starts off saying that it's designed for Windows users, and that's not what I use. Sigh.

I've never really had much of an interest in Python, but it seems to be the current popular language for hackers. So learn it I shall. I still need to get back to learning Perl. I start but never finish (been trying for 10 years now). Remember what I said about not being good at self study. A Gray Hat Perl book would be nice. More incentive to learn it.

I'm way behind on where I wanted to be reading the Hacking For Dummies book. I actually wanted to be finishing it up and writing the review by now, but between work, and other things. I'm just not there.

I'm finding it harder to focus in general right now. Not sure why. But the computer has played a nice sized part in the distraction game. Wanting to do too many things at one time hasn't helped either. Finite amount of time, with an infinite number of things I want to do. I haven't quite gotten to the point where I've tried to schedule things, but I know when I do, do that, it doesn't work anyway.

I'm also way out of shape. Dave "The Iron Tamer" Whitley has declared February Inter-galactic Swing month. My goal is 2800 swings this month. Increasing the weight from 16kg to 32kg over the course of the 28 days. I'm 5 days behind so far. My goal was to do 100 swings a day, without putting the kettlebell down. I tried it today, and only got to 50 swings in the first set, and 25 in the second 2 sets. I used to be able to do 100 at a time without a problem. But it seems those days are behind and in front of me, instead of being where I am.

Today was also the first day in weeks where I didn't wake up exhausted. Which is funny considering I kept waking up during the night, and then had to fight to get back to sleep. Last few weeks, I'd go to bed, and when the alarm would go off, I'd be so tired I'd hit snooze forever.

Now that I've cleared my mind some in this long ramble, I'm going to try and focus on the reading I'm behind on.

Monday, February 1, 2010

sometimes its hard to be ethical

I was doing a work related windows install over the weekend. Since it was a laptop with a wireless network card, and windows, it popped up the different access points around me. Most were 2wire, or 2wire with their names changed (I remember there being more 2wires systems (AT&T) before).

There were some intersting names. One the default linksys name (but was locked down) one with the person's name "MzSomethingorother" (and not locked down). One even had wireless with the apartment number behind it (Wifi1234)

One however, was listed as "We are not Scared". It was showing locked. But no idea what kind of protection, wep, wpa, wpa2, etc.


I kept staring at it, and so wanted to try and pen-test it. Just to see how well protected they were to toss out a "challenge" like that. However that wouldn't have been ethical.

I did take the higher path and not messed with it, but I'd still like to find out if there are people in the area who have taken the lower path, and have gone after it.

Wednesday, January 27, 2010

yeah, I'm out of shape

Tonight was a gross reminder of that fact.

set of 10 one handed swings per side. 2x without putting the bell down
set of 10 right shoulder presses
set of 10 left shoulder presses
set of 10 right snatches
set of 10 left snatches
set of 5 per side cleans

set of 10 one handed swings per side. 2x without putting the bell down
set of 10 right shoulder presses
set of 10 left shoulder presses
set of 10 right snatches
set of 10 left snatches

set of 10 per side one hand swings (only made it one time this time)
set of 10 per side rows

set of 10 chest press, bell in each hand.

everything was done at 16 kg. I'm wet, I'm regretting the 3 vegie dogs at dinner, and the triskets and cheese. I'm mad at myself for being this out of shape. I'm mad that I couldn't do more (I only got to the half way point of doing 100 per side).

I'm in general not happy with my lack of performance. I needed to take long rests through out the stupid workout. I didn't have a plan when I walked in the room I did the workout in. All I thought I'd do was grab a kettlebell and swing it while listening to the Ramones.

Sunday, January 24, 2010

Finally

I don't remember when I started reading it, but I have finally finished Bruce Schneier's Beyond Fear. It was worth the read, but just took forever.

I finished it lat night at work, while waiting for virtual servers to identify themselves on boot, so they could be put in the right places.

Saturday, January 23, 2010

Because I just don't have enough to do

Even though I'm working on a full plate right now:

  • Studying for the Security+ exam

  • dealing with post move crap at work (testing tools, working 6 days+ a week, etc)

  • signing up for a 4 week Python class

  • training for my Black Belt test

  • learning electronics from Make:Electronics

  • trying to finish a book I've been reading for too long, a couple of months



I've decided to volunteer to do a book review. Earlier this week I got a Hacking for Dummies, third edition. I posted on a forum (part of a much larger site) I'm on that the book is out, and asked if anyone else has had time to read it yet.

The site admin asked if anyone wanted to review it. I said I'd like to but was too busy. Then about 30 minutes later I edited the post and said yeah I'd like to, but it'll take me at least 2 weeks to get it done. I haven't heard anything since then, but I've gone out and got a new pen and a note book just for taking notes while reading the book. I read the 2nd edition of the book but didn't have anything to play along with as I was going. This time I'm going to follow along on the laptop, which has 3 operating systems on it right now, and will have a few more before I'm done. (VirtualBox is nice).

I think it'll make some decent resume fodder.

Still been busy

I got a new battery for my laptop. It's a 9 cell. Cost way more than I wanted to pay for one. But it's nice to sit in other places than my desk to do things on my laptop. It's also nice not having to be tied to a power outlet. The old battery was so dead, that if the battery was in the laptop, it wouldn't even boot.

The other night had an interesting conversation in it. I stopped by Kim's Martial Arts Supply in Ann Arbor before going to class. I had to pick up 2 uniforms. One for the Master's son, and one for my brother. Since the parking garage gives dirty looks and complain when they're given anything larger than a $5.00 for less than an hours worth of parking (and they complain about 5s too) because it's 45¢, I stopped and got a coffee.

I didn't have the uniforms, they come wrapped in a clear bag, in a bag to carry them. So I set them on the counter while I got my money out. The guy behind the counter looked at the bagged white cloths, and asked what they were. I told him. He asked the usual questions, are you on the way to class, what do you study, how long have you studied, where's the school. I told him all the answers. When I said where the school was, he got a blank look on his face for a minute, and then realized where it was, and was blown away. I was in A^2, and had to drive to Allen Park. 40 miles away from class.

I think I broke his mind on that one.

Sunday, January 17, 2010

I've been busy....

Work has rough been. I went most of November, and December without time off (even weekends). There were some insane hours (as you've seen below). Mostly, the only days I got off were company holidays, but that didn't even hold true for all the holidays.

I've picked up hobby electronics. Make: Electronics is a great book. I've just finished exercise 4. I had some issues with my Multi-Meter not working right in the circuit when I wanted to test the current. Using a 1k resistor, a 5k potentiometer, and 4 AA batteries. I was getting a number higher than the possible current of the circuit. Bought a non-auto-ranging Meter today at Lowes. It did what the other one wasn't supposed to do. Now I just need some lemons for Exercise 5.


Haven't been working out. I did 30 swings last night with my 16kg kettlebell and man did I feel it in the glutes. They're still sore.

But over all I'm in a fairly good mood (Today). I even skipped across the parking lot at whole foods. Yes, I said skipped. It was fun.