Wednesday, December 24, 2008

Discouraging brute force SSH login attempts

We have an appliance that offers site-to-site VPN and firewall protection where the connections are built based on business logic (using the business intentions to drive network configurations).

One of the problems with appliances (any devices that you need remote access to) is that ssh (an encrypted mechanism for remote terminal access) has been subject to pervasive brute-force attacks with common usernames and dictionary passwords.

Of course choosing a suitable password and username combination makes you pretty safe from these attacks, but your device still gets bombarded with ssh attempts which fill up the logs and use up your bandwidth.

A solution that we employ is to have a blacklist that notices people who attempt to connect to ports other than those that the appliance specifically listens on.  This also has a rate limiter on ssh connection attempts to dissuade these connection attempts.  Our appliances also connect to 3com and cisco edge-routers so we have to manage ssh access there as well.

Slashdot today has an article with a number of suggestions on ways of getting around these.

DNA in mosquitoes blood finds thief

This is a very cool story that I picked up on in my daily trawl through Slashdot 

A car thief was caught after some smart investigators noticed a mosquito in the recovered car that had been sucking blood.

They got a dna match from the blood and found it matched someone in their criminal records.  The guy claims that he was hitchhiking and was given a lift in the car so the story may not end well for the police.

Using an insect and blood to solve the case is cool, thinking of catching the insect to do so is even cooler.

Bluejay in snow

Bluejay in snow
Originally uploaded by bowtoo
Although Bluejays and Cardinals are common around here, they generally don't get close enough for good photographs.

Cardinals in particular are more likely to come to your feeder in the evening when the light is low and will not let you get within more than about 8m (24ft).

Winter makes them a little less reticent - especially when there is snow on the ground. The feeder becomes a much bigger attraction and if you are still, you can wait for them to come.

Thursday, December 18, 2008

A year in photographs

The Boston Globe is carrying an article that features the year's best photographs.  The pictures are absolutely staggering.

This is the first part of a series

Part 2 and Part 3 of the series have also been posted.

Monday, December 15, 2008

Jasper and Mouse

Delicate morsel
Originally uploaded by bowtoo
This hawk is apparently often seen at the audubon reserve in Topsfield, MA and has been named Jasper by staff at the reserve. I happened upon him this morning just after he caught a mouse. I photographed him for about 45min so have so many pictures to go through,

For the first 10min or so fur was flying and then he devoured the mouse over the next 10min or so and flew off to a field where I was able to take a few more photos.

Why climbers die on Everest

In my daily Slashdot read I came across an article describing why climbers die on Everest.

ScienceDaily (2008-12-15) -- Researchers have conducted the first detailed analysis of deaths during expeditions to the summit of Mt. Everest. They found that most deaths occur during descents from the summit in the so-called "death zone" above 8,000 meters and also identified factors that appear to be associated with a greater risk of death, particularly symptoms of high-altitude cerebral edema.

This reminded me of the first South African expedition up Everest in 1996, close on the heels of the first democratic elections in '94.  Everyone in the country was feeling the euphoria of a peaceful transition and the promise of the "Rainbow Nation" and this trip was touted in the newspapers because it was sponsored by Nelson Mandela and was originally a multiracial team.

I knew two of the people who went on this expedition: Cathy O'Dowd and Ed February.  Cathy was working at the Journalism department at Rhodes University in the few years before and I met Ed later through a close friend and climbing icon in the Eastern Cape (Keith James).

Ed is a towering figure in the South African Climbing community and he and Andy De Klerk (another famous South African climber) resigned from the expedition early on after conflicts with the leader, Ian Woodhall.  The rest of the expedition was full of controversy.  We read about it in the newspaper (the Sunday Times withdrew support for the expedition) and heard accounts via climbing friends of Ed and Andy's unhappiness with the organization and how Woodhall handled it.  Cathy gives gives an account of this on her web site.

A massive storm that year took the lives of 12 people.  John Krakauer, in his book Into Thin Air makes a short critical mention of the South African party's unwillingness to allow others to use their powerful radio to help co-ordinate rescue efforts during the crisis.

In 1998, Ian Woodall and Cathy O'Dowd returned to Everest and were forced to abandon the summit attempt when they came across a stricken climber (Francys Arsentiev) about 800ft from the summit.  She begged them not to leave her and after struggling for more than an hour to help her, they were forced to descend without her.  They returned to summit the next year and could clearly see her body where they had left her.  That year Cathy became the first woman to complete ascents of Everest from both sides.

Ian Woodall returned to Everest in 2007 with the intention of burying the woman they had been forced to abandon.   He located her and dropped her body off the North face after a brief memorial.

Saturday, December 13, 2008

Fire and Ice

This week on Flickr's PCA  Group (Photographic Critique Assignments) the assignment was "Fire and Ice".

I had hoped to photograph the local school Ice Hockey game, thinking that it would provide me with the subject matter, but I had also recently watched a stop-motion movie that a friend made in Boston.  It inspired me to capture a movie of ice melting in front of a fire.

While I was taking the 360 odd photographs, I realized that, although it was technically quite an interesting thing to do (I later had a second attempt at this with 76 photographs).  I decided that it was too literal a take on the assignment, so I thought of trying to make a glass statuette that my wife was given look as though it was ice melting.  

I noticed that the melting ice had ares that were clear and other areas that were milky and I wanted to try to simulate that with the glass.

So, to start with, here is the end result of the process.

The steps involved are illustrated in the following image. 
  • First a shot of the fire with the statue in front. I took a couple of pictures of her and decided that I needed to get something that showed her melting, so dribbled some water over her and captured some drops about to fall off her legs.
  •  Then I took a shot of an ice cube on the log which I imported and added as a layer on top of the statue. I selectively copied only the statue and grouped the ice block on top of it and set the ice block into overlay mode so that I got the texture of ice in the glass. It is arguably overkill because the horizontal crack on her back is the only really obvious result of this process.
  • Then I cut and pasted pieces of an in-focus shot of the fire and embers in layers obscured by the statuette's body. I obviously had a bit of deleting to do to make sure that the horizontal and vertical edges of the cut pieces were not obvious anywhere in the final version.
  • Once I had these in place I used a eraser that was well feathered on its edges to erase the places that I wanted to have the ice appear clear. For me this was fairly obviously the places that had the most orange in them in the original image... the places that were already letting a lot of light through.
The splashes of water, unfortunately don't look enough like melting ice and I suppose I could have enhanced the effect by selectively erasing parts of the glass to make melting more obvious.... but I settled for leaving it because I quite liked how it looked. So below is an image with three separate views of the process.

Thursday, December 11, 2008

Swim meet

Swim meet: Matt
Originally uploaded by bowtoo
Matt and Nick have taken swimming again after a year off.

The first meet was last night and they swam against the very strong North Andover school team.

They both did well, placing second and third in their events. I can see plenty of opportunity to photograph them over the next few weeks.

The light is not great - with the 400mm lens I get 125 at F5.6 at 1600ISO which makes for a lot of blurred action.

Here Matt is going for length 3 of 4 inches ahead of the person coming 3rd. He pulled ahead in the last length by a few feet.

Cool air traffic video

An article in the Wired Blog describe a video that shows all the air traffic in the world over a 24 hour period compressed into 72 seconds.

The USA is saturated, as is Europe and the South East Coast of Australia. The other very cool thing to watch is how the traffic changes over the daylight, versus during the night.

Tuesday, December 9, 2008

Genetic programming and Art

Genetic programming has evolved over the last decade with computer programmers using biological evolution as an inspiration for how computer programs can respond to an environment (set of values that make up a solution).

The idea is that a program can somehow evaluate the "goodness of fit" of the solution it comes up with in a particular environment and adjust some elements of its operation to improve that fit.

A Slashdot article today showcases a blogger who wrote a genetic program that uses an arrangement of polygons and was set to compare the arrangement with an image of the Mona Lisa. Having evaluated whether the arrangement is an improvement (is closer to what Mona Lisa looks like) the program adjusts the "DNA" (elements that it is using to create the approximation of the image) and tries again.

The resultant series of images is quite impressive.


Monday, December 8, 2008

More nasty viruses

I thought that I had seen the last of this virus after my post last week.

This weekend we discovered an infected machine at home (one of the few that we have available for family use) that was launching multiple internet explorer windows and trying to take us to a sports betting page. We couldn't figure out how the trojan had been downloaded until I heard that this happened after trying to catch up with some missed TV shows. Visiting the site - which appeared to be the site of one of the major TV stations here - resulted in a notice that in order to view the shows you had to download and install a new video viewer. Without really suspecting anything, the new video viewer was installed and the TV show continued. Googling for trojans and tv shows has several links to articles describing in general how this might happen but nothing directly related - but I have to assume that is how it got there.

It was a mission to remove this program. It was a close relative to Antivirus 2009 (it even had a similar name) and kept on launching new IE windows that were not really going anywhere. Eventually I downloaded a tool mentioned in one of the articles that I referred to in my earlier post called Malwarebytes which took care of the problem.

At work today, we discover that the staff member's computer from last week has worsened over the weekend. My colleague who was dealing with it had managed to remove most of the obvious traces of the application by following some manual procedures but must have left some of the core in place (or our collegue is not getting the message about avoiding downloading executables) and the machine was re-infected with a vengeance this weekend.

So I suggested trying Malwarebytes - only to discover that on this machine - not only could you not download this program, you could not install it either. We used a disk share to get the program copied onto his desktop (when we gave up trying to download it) and had to rename the installation file to get it installed. Once we had it installed we could not run, it hung! The forums for Malwarebytes provided a recipe to get around this and we were able to clean off something like 16 adware and trojan programs on the machine. So not only was this trojan inserting itself onto the machine, but it was actively looking for a copy of malwarebytes to make it harder to clean.

There is an interesting eZine Article on how trojans can put your banking information at risk that is a worthwhile read.

An exhibition at the MFA

Glass - and Yousuf Karsh
Originally uploaded by bowtoo
Went to the Museum of Fine art in Boston on Sunday and was pleased to be able to take my camera.

I didn't realize this until we got there, but there was an exhibition of some of the images of Yousuf Karsh who famously took the cigar out of Winston Churchill's mouth for the portrait that has him glowering at the camera.

The exhibition is quite stunning. The quality and size of the prints and the depth of the character of the subject portrayed is truly impressive.

Outside of the hall that housed this exhibition is a cabinet with these glass containers arranged with some mirrors to give a really cool effect.

Friday, December 5, 2008

A week for viruses

This week has seen quite a few new viruses pop up.  

On Facebook, a virus that presents itself as a link to a video and then seduces you to click on what looks like a youtube video site.  When you try to play the video you are told that you need to upgrade your video player by downloading this program...... simple as that.

The result is that your computer becomes part of what has become a zombie.  It will forward passwords that you use to connect to banking sites or places where you might use your credit card numbers.

Then, a new virus that installs itself into Firefox also targeting sensitive information for links to banking and credit card payment information that you might have on your computer.

Of course there was also the virus that I mentioned earlier this week that one of my colleagues managed to get on his computer.

We are so used to people sending things to us on social networking sites and via email that we often don't really check what it is that we are opening before we do.  I have to say that I really don't open ANY of the attachments that are mailed to me if they are unexpected or appear to be files of a type I don't trust. 

So usually, I would be fine opening images that are jpg formatted, but not slideshows that are sent around as executables.  I am more trusting of links to established web sites that host images or movies (youtube, flickr etc.) but it is entirely possible that the link you get sent in your mail message is a fake link that sends you to a different location.

So be cautious of what you click on when you get sent stuff!

Thursday, December 4, 2008

The end of Wall Street

A friend forwarded this link to me with an article describing some of the Wall Street practices and people who took note early on of how messed up things were.

The article reminded me of a very good podcast that NPR had sent out on the global pool of money called: The Global Pool of Money Got Hungry which described some of the practices in mortgage sub-prime lending that resulted in that collapse last year - the beginning of the economic crisis.

Of course I am feeling this quite dramatically both at work and at home. We had been waiting for a few years for the value of our newly bought house to get high enough to refinance for a more attractive rate and I am seeing the value drop (this month it lost $30 000 and is close to what we originally paid for it 4 years ago). No doubt it is going to go down more.

Tuesday, December 2, 2008

Overberg Mountains

Overberg mountains, originally uploaded by bowtoo.

The light in the mountains on our way from Grahamstown to Cape Town was quite impressive. I shot a photograph from the moving car of the mountains with light coming through the clouds.

I think this was near to Swellendam.

Virus like an anti-virus

We are all pretty gullible actually and unless you have had direct experience of this you may get taken by a phishing attack (fake web pages or email messages designed to coax you into typing in passwords and credit card numbers) or rogue security software.

Today a colleague of mine has had his computer more or less off line all day because of a fake security application called Antivirus 2009.  He is not sure how he got it - it could have been by clicking on a link advertising antivirus software or by opening an attachment in email.

The program installed a very convincing little icon in the system tray (bottom right of the screen) that said that his computer had a security problem.

After some searching, our IT guy came across a link that explains this trojan program and how to remove it.  The amazing thing for me is how (except for the incredible persistence that it showed) this trojan masquerades as an antivirus program and does a fairly convincing job of persuading you to buy it to fix the problem.

One of the horror stories in the link above - which you should read - is a person who clicked on the alert and was led to a web site asking for $20 to download the "full version" of the program.  Since then he has had all sorts of charges going against his credit card.

Be aware of links that offer anti-virus software, spybot detection software and (of course) emails that have attachments that you haven't asked for.....

On a related note - I see today that Slashdot are reporting that Apple is quietly recommending anti-virus software for their operating system.  Sad, but inevitable.


I have been amused by adults and children playfully announcing that a sister or brother has cooties and wondered what the origin of the expression is.

I didn't have to look further than Wikipedia which describes the term's origin as follows:
The adoption of the term into English can be traced from the American
occupation of the Philippines, in 1898-1945, and before that to British
soldiers' presence in Malaysia. In most Austronesian languages (e.g.
Malaysian and many Philippine languages such as Tagalog) the term for head lice, lice or fleas of any kind, is
kuto. Foreign troops had ample opportunity to become familiar with the term and made a slang pluralized form ("cooties") of kuto. How the term subsequently entered the vocabulary of grade school children is unknown.
I am not aware of anything like this in South Africa - although the article describes similar expressions in Europe (Scandinavian) and it is a pretty cool shared joke for pre-pubescent children to use about the opposite sex.