I’ve been doing web application development for years in several languages. I’ve spent time with PHP, Java, but primarily Perl. I consider myself a “Perl Programmer” first, everything else second. Until recently, most people would equate that to “Dinosaur.” However, there’s been a revival of Perl these days! There are a number of reasons for this.
For several years I’ve managed to bend cfEngine 2.0′s architecture to my will. Being an experienced Perl programmer, I was able to abuse the configuration language snytax in order to accomplish a number of strange things including Copy Back and automated management of OSSEC-HIDS. However, there comes a point when the managing the cfengine configs becomes a burdensome and incredibly unmanageable. I mean, sure, I know what they do. How will any of my co-workers understand them?
After several colleagues recommending Puppet, I hesitantly began the slow, brain fscking process of:
- Understanding exactly what I had accomplished with cfEngine.
- Understanding Ruby (ugh, I’m so thankful for Perl)
- Understanding how to express my cfengine feelings in a way Puppet will understand without hurting it’s feelings
- …
- Profit.
I had the pleasure of speaking at the 2008 Pittsburgh Perl Workshop. Due to some rather depressing news on the home front, I was only able to attend Saturday’s track and the Event Dinner. Everything was awesome as usual. I was even surprised to learn new things in the Advanced Pattern Matching talk.
My talk was titled Network Introspection with Open Source Tools and was an overhaul of the presentation that I did at LinuxWorld earlier this year. I took the feedback of the audience and tuned the talk to a Perl centric audience. I wasn’t heckled badly on IRC, which is the ultimate gauge of success.
I’d like to thank the organizers, CMU, sponsors, and The Perl Foundation for another successful year of the Work Shop. Next year, Pittsburgh is hosting YAPC::NA, and will not be hosting the Pittsburgh Perl Workshop. I look forward to being able to drive to YAPC!
If you saw the talk and want to rant about it, feel free to do so here.
Domestic Security
Just a little comic to remind ourselves what we’re giving away for “Security.” This is not what our founding fathers had in mind. I’m disappointed in the US Government and it’s people.
I had the privilege of speaking at LinuxWorld 2008 in San Francisco this year. It was a lot of fun and I certainly enjoyed the discussions with folks after my talk. My talk was on “Network Introspection with Open Source Tools” and I threatened to post updates on my progress here.
I’ve been working on packaging the code that I have into something that might be useful to the general public. I’ll post another blog entry when I have a rough cut version of the package available for testing/breaking.
If you’ve noticed (probably not), recently the server has been unreachable. A few weeks back this was due to a bad hard drive. I finally transferred everything over to the new hard drive and got the sites back up and running thanks to a few friends and The Planet.
Then this weekend, the data center that hosts this server exploded. The site is back up and running now, but there should be a few more hours of downtime on the horizon as they install and integrate a permanent electrical infrastructure to the data center.
Also, I’ve been selected to speak at the Linux World Expo in San Fransisco this year! My talk is “Network Introspection with Open Source Tools.” If you’re going, please stop by and heckle me!
I may start updating this blog at some point.
I’ve attended 4 Perl Conferences in the past 2 years. This year’s Pittsburgh Perl Workshop is the first that I’ve presented at. My talk was titled Security through Detection, Prevention, and Introspection. I have slides available.
I originally wanted to present a bunch of code, but I couldn’t really find a way to make the code very interesting. I wanted to teach people that security is part of all of their jobs. I made it a point to reveal some of the idiocy of the Federal Government Mandates in relation to IT Security. I also gave an overview of the security system I’m building with Perl at work.
There were laughs, smiles, and a lot of people woke up. All in all, I’d say it went very well. I’d like to refine the presentation and possibly resubmit for YAPC::NA this year. Bigger audience, and an opportunity for me to conquer a large slice of my stage fright.
If anyone out there reading this saw the presentation and has feedback, please comment on this post!
UPDATE: If you enjoyed the content of my talk on security, please check out these articles I’ve written:
- Trust – Paradoxical Structure of Trust in Employers
- Eating Your Own Dog Food – Hypocritical IT Security Policies In the Real World
- Full Disk Encryption – In Theory and Practice
- Is Security Theatre Good Enough? Frustrating observations into poor Risk Analysis in the general populace.
In our first installment, we looked at some solutions to provide a hospitable environment for proxy evasion. Today, we’ll dig deep into how to do this with my favorite protocol of all time, SSH.
OpenSSH is a glorious implementation of a critical network protocol. Most networks have disabled and banned the use of telnet, rsh, and ftp in favor of the more “secure” SSH protocol. OpenSSH runs on every platform I’ve encountered (using CygWin on Windows). SSH provides an encrypted channel for data transfer. Usually that’s Keyboard Interactive Sessions or Files (using SCP), however SSH is capable of setting up multiple channels and acting as a SOCKS4 or SOCKS5 Proxy.
I love cfengine. There are tons of resources out there for managing all kinds of common and uncommon system administration tasks. Rather than regurgitate all that information I wanted to share how I worked around what has been noted as a short coming of cfengine, clients copying information back to the master server.
Gizmodo is stepping up to declare March, Boycott the RIAA Month.
This needs to happen. Justice must be swift and unrelenting. Back when the RIAA conned Metallica to lead the charge against Napster, they killed a significant portion of the internet. I’d go as far as to blame them for being the catalyst of the dotCom Bust.
Both the RIAA and MPAA need to shut the hell up and embrace new technologies.
(I promise I’ll post the Proxy Evasion Article as soon as I can get my Virtual Machine running!)
