divisionbyzero

“People who know a little bit of statistics – enough to use statistical techniques, not enough to understand why or how they work – often end up horribly misusing them.  Statistical tests are complicated mathematical techniques, and to work, they tend to make numerous assumptions. The problem is that if those assumptions are not valid, most statistical tests do not cleanly fail and produce obviously false results.”

“People who know a little bit of IT Security – enough to use an IDS or SIEM, not enough to understand why or how they work – often end up horribly misusing them.  Security tools use complicated technical techniques, and to work, they tend to make numerous assumptions. The problem is that if those assumptions are not valid, most security tools do not cleanly fail and produce obviously false results.”

I’ve been schooling myself on Evolutionary Biology for about 3 or 4 years.
I dropped out of college after my freshman year because Undergrad was then,
and is still is today a lifeless process of rote memorization.  During that
time, I didn’t learn to learn, or learn anything more than “here are the
rules, and if you don’t follow them, there will be consequences.”  I’m not
sure if the topic of this essay is relevant to anyone outside of
Catholicism, but I’ve not heard much about it in the Skeptic / Science
Community.
Read the rest of this entry »

Being able to do analysis, sorting, or database storage of syslog messages is incredibly useful. There are tons of solutions on the market to do just that. If you’re working on a system developed in house that you’d like to incorporate syslog messages into, then it may be easier to hook directly into the syslog stream than to introduce another piece of software into the environment which needs to be glued.

Syslog-ng facilitates easy integration with Perl binaries as the Perl program is spawned once during the daemon start up and a handle to that program’s STDIN is maintained for dispatching of messages. Using POE, we can turn this into an event driven model, making additional complexity simple.

In this example, we’ll create a POE Master session that receives all of the syslog-ng input from STDIN. Using off the shelf components, we’ll run a TCP Server on port 9514 that will allow clients to connect and subscribe to feeds based on the “program” name of the message being dispatched.
Read the rest of this entry »

I got back from YAPC::NA #10 yesterday. There was a lot of sleeping required to recover from a tech conference with 8 am talks! A Twitter Search for “yapc” indicates I’m not the only one slow to recover those missing hours of sleep.

Overall the conference was a fantastic success. There were highs and lows, and I just wanted to take an opportunity to thank the conference organizers!! They did a wonderful job putting together another spectacular conference.

Also wanted to thank all the speakers as I know firsthand how much work goes into presenting at a conference like YAPC. All the talks I attended were great, however several stood out as exceptional:

• Trapped in a Room with Schwern – Michael Schwern is an excellent speaker, and this free room talk with back and forth between him and members of the community at all levels of mastery provided insight into projects I was unaware of, as well as some relief that most of my concerns about Perl 5 were being discussed by people far smarter than myself.
• The Future of DBIx::Class – Matt S Trout (MST) is a speaker for the real programmers. His volume, accent, and excessive use of profanity actually keep people listening. Getting yelled at by Matt Trout was the highlight of this conference for me. He has good ideas and opinions and he’s not afraid to beat them into your head. Kid gloving is great for Managers, but his presentation style and content really clicks with the people who don’t have their heads so far up their own asses to understand things need to change. Excellent talk about the past, present, and future of DBIx::Class which is the most significant ORM in the Perl Community currently.
• Take Advantage of Modern Perl – chromatic’s speaking style is the complete opposite of MST’s, but his message synced with Schwern, MST, and the The Enlightened Perl Organisation: Encourage people to write better Perl. Write Better Perl. Teach others how to write better Perl. Embrace the language where it is now, and transition away from the bad things in the past. Fantastic Talk.
• perl5i: Perl 5 Improved – Michael Schwern echoing chromatic’s plea for leveraging the best of what Perl 5 offers today. He’s got a module on cpan, perl5i, which implements the best of Perl 5 Tribal Knowledge.
• Catching an ::Std – MST again. He very honestly covered the trials, tribulations, and evolution of “Best Practices” in the Perl community.
• Drop in REPL for CGI Applications – Brock Wilcox floored everyone demonstrating his ridiculously cool module CGI::Inspect. I went in expecting “neat” and found “amazing.” We’ll be abusing this in development very soon.

These were my favorite talks, but like I said, every talk I went to was fantastic. I did miss a few talks I wanted to see due to schedule conflicts, but I’ll be checking the YAPC website for slides and video/audio. The conference organizers were not able to record anything, but a few attendees brought recording equipment with them. If nothing else, I’ll hopefully see those missed talks next year or at the Pittsburgh Perl Workshop in 2010!

I’m recommitting to the Perl Iron Man. I was an idiot and jackass for bailing after 1 post! :)

I’ve been doing web application development for years in several languages. I’ve spent time with PHP, Java, but primarily Perl. I consider myself a “Perl Programmer” first, everything else second. Until recently, most people would equate that to “Dinosaur.” However, there’s been a revival of Perl these days! There are a number of reasons for this.

Read the rest of this entry »

For several years I’ve managed to bend cfEngine 2.0′s architecture to my will.  Being an experienced Perl programmer, I was able to abuse the configuration language snytax in order to accomplish a number of strange things including Copy Back and automated management of OSSEC-HIDS.  However, there comes a point when the managing the cfengine configs becomes a burdensome and incredibly unmanageable.   I mean, sure, I know what they do.  How will any of my co-workers understand them?

After several colleagues recommending Puppet, I hesitantly began the slow, brain fscking process of:

1. Understanding exactly what I had accomplished with cfEngine.
2. Understanding Ruby (ugh, I’m so thankful for Perl)
3. Understanding how to express my cfengine feelings in a way Puppet will understand without hurting it’s feelings
4. …
5. Profit.

Read the rest of this entry »

In our first installment, we looked at some solutions to provide a hospitable environment for proxy evasion. Today, we’ll dig deep into how to do this with my favorite protocol of all time, SSH.

OpenSSH is a glorious implementation of a critical network protocol. Most networks have disabled and banned the use of telnet, rsh, and ftp in favor of the more “secure” SSH protocol. OpenSSH runs on every platform I’ve encountered (using CygWin on Windows). SSH provides an encrypted channel for data transfer. Usually that’s Keyboard Interactive Sessions or Files (using SCP), however SSH is capable of setting up multiple channels and acting as a SOCKS4 or SOCKS5 Proxy.

Read the rest of this entry »

I love cfengine. There are tons of resources out there for managing all kinds of common and uncommon system administration tasks. Rather than regurgitate all that information I wanted to share how I worked around what has been noted as a short coming of cfengine, clients copying information back to the master server.

Read the rest of this entry »

There are a ridiculous number of organizations using transparent proxying as a means to limit access to external resources. The idea is that by proxying all web traffic, they can keep employees from visiting porn sites. I’m not necessarily convinced that this does them much good. My general experience has been that the type of people looking at porn during the day will not become more productive as a result of losing the freedom to look at porn at work. They’ll still be useless employees that you have to performance review instead of firing for inappropriate use of technology.

Additionally, these proxies do very little to increase the security of the network. I’m fairly certain that by the time the Proxy Vendor is alerted to malware distributing websites, an anti-virus company has already issued an update. This is redundant. Normally, I’d fully support this redundant – ok, I’ll drop the buzzword – Defense in Depth solution.

However, piggy-backing on the heels of ay real security value, which is best described as the graph of 1/x, are made up categories of websites to deter your users from doing things that your CEO believes are inappropriate. Interestingly enough, if the CEO is involved in Fantasy Football, you’ll be hard pressed to find an IT Infrastructure that denotes that classification of sites as inappropriate. I digress.

Read the rest of this entry »

The American Populace is being inconvenienced, spied on, stripped of Constitutional Rights, and taxed without any idea where that money is going. The perpetrator is not some foreign, militant, activist group, it’s our own Government. There’s no outcry. All of these treacheries are being committed to increase security while the fact remains that all of these drastic measures have failed miserably. The one constant is the relentless pursuit and protection of these programs by our elected officials. They should be the voice of the populace, and perhaps they are. Perhaps, ‘Security Theatre’ is good enough for the masses.

Read the rest of this entry »