I’ll Tell You What…

So I’m sitting there at work minding my own business when a co-worker walks up and tells me that the “powers-that-be” are testing the security of the UNIX/Linux systems by intentionally doing things that trigger events in our audit logs. I just roll my eyes and think happy thoughts for a minute or two while the situation sinks in. It’s never a good idea to let non-technical people do technical things unsupervised, I think. I’m told that “they” are just trying to make sure that everything we say that we review during a weekly audit gets reviewed. That’s ok. I would hate for someone to gundeck the logs and miss something important. That someone would learn an alternate meaning to “man on the street” I can assure you.

Anyway, much of what we see come to the UNIX/Linux side of the house with regards to security policy comes from the Windows side and the plethora of problems that are encountered there. One thing that is checked is date/time continuity. Let me first say that I am all for ensuring that the time does NOT change in any way except via ntp. Any other change in the date/time of the machine indicates tampering and warrants further investigation.

If you have used a Windows computer for any length of time you’ve discovered the wonders that is the Windows Clock on the Taskbar (also known as the Date and Time Properties). It is one the most useful items in Windows (any version). This thing has been around for so many years that it’s use is part of everyday (or every other day) computer life. Imagine, if you will, an email from a co-worker asking if you can attend a concert or sporting event on a particular date. Your first thought is, “What day of the week is that?” That’s usually my first thought. What’s the quickest way to find out? Yep. Double-click the clock in the Taskbar and check the visual calendar. Virtually everyone I know has done this a few times in their life.

Now imagine a situation where you would not want people to change the date/time because you log important events that are security relevant. One of the programs you would lock down is the Date and Time Properties. Now, if anyone tried to change the time by double-clicking the clock he or she would be told that he or she did not have permission to do that. Also, an event would be logged for the auditor to find. I can’t remember the event number off hand. My point is that this warning and subsequent event can be avoided (for the most part) if another policy were set in place removing the clock in the Taskbar altogether! It’s not that hard to do and can be pushed down from your domain controller so you don’t have to touch each machine.

In the Windows registry (XP or Vista), look for the key

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer

It should be there but if not just create it. In fact, it may be in a couple of places. F3 is your friend.

If you examine this key, you will see a few of No* DWORDs. You will want to look for NoTrayItemsDisplay in particular because setting that value to 1 (TRUE) will prevent the Taskbar from displaying all the mini-icons on the right-hand side. If this 32-bit DWORD does not exist just create it.

Once you have logged off and back on the little annoying icons should be gone. They’re still running but the mini-icons are block from being shown.

Save yourself a headache or tow or three or four and set that key so the auditors can look for the really important date/time events such as 520 and 577 (assuming that Audit privilege use is set in your Audit Policy)!

I’d forgotten how much I enjoyed xkcd.

Some of the things Bruce Schneier says reminds me of me. In his latest commentary in Wired.com, Bruce points out that it takes a different kind of person to see through security-tinted glasses.

In the continuing saga that is my professional life and programming, I seem to be doing more in Perl than anything else at the moment. Even with the motivation to read and study Java and Python I seem to be falling back on what I know better. And that’s not a bad thing, mind you. I just think I’m falling victim to the old jump in the deep end before you can swim routine with these other languages.

For the most part, though, I think that it’s good to jump into a project and just flail away at the new APIs, functions and such. But there are other times when trying to learn a language on the side is tedious. Life gets in the way sometimes and the time between picking up the books lengthens. The fundamentals that you read about in the beginning didn’t stick like they should and you find yourself going back and reading it again. That sounds pretty negative but if you think about it we learn a lot when that happens. I had a Murphy’s Law page a day calendar several years ago and one of the days said, “Snider’s Law: Nothing can be done in one trip.” All the things I know really well took a lot of repetition to learn. Sometimes it just takes time and a little patience goes a long way.

There a few big projects that I would like to attack but the foundation just isn’t there and I think it would only disappoint more that educate. For example, I would like to create a Java app that would serve as the central control panel for the the tedious things we have to keep up t0 date at work such as updating the Message of the Day, managing the sudoers file, ssh keys, etc. Not necessarily like the Solaris Management Console but similar, I suppose. Who knows if that project will come to fruition. But, the idea is there and there’s a need so who knows. I like to create and solve problems.

So, where am I now? A little further along in … some direction. And some direction is better than standing/sitting still.

I think it’s time to trade this body in for a new one.

Two bottles of beer on the wall.
Two bottles of beer.
Take one down.
Pass it around.
One bottle of beer on the wall.

One bottle of beer on the wall.
One bottle of beer.
Take it down.
Pass it around.
No more bottles of beer on the wall.

#!/usr/bin/perl -w

use strict;
use Lingua::EN::Inflect qw( NUMWORDS );

my ($beerNumber, $beerNum, @num_word);
my $word = "bottles";

$beerNumber = 99;

while ( $beerNumber > 0 ) {
	$beerNum = wordize($beerNumber);
	
	print "$beerNum " . $word . " of beer on the wall.\n";
	print "$beerNum " . $word . " of beer.\n";
	
	if ($beerNumber == 1) {
		print "Take it down.\n";
		$word = "bottle";
	} else {
		print "Take one down.\n";
	}
	
	print "Pass it around.\n";
	
	$beerNumber--;

	if ($beerNumber == 1) {
		$word = "bottle";
	}
	
	$beerNum = wordize($beerNumber);
	
	if ($beerNumber > 0) {
		print "$beerNum " . $word . " of beer on the wall.\n\n";
	} else {		
		print "No more bottles of beer on the wall.\n";
	}
}

sub wordize {
	my (@beerNumWord, $beerNumReturned);
	
	@beerNumWord = NUMWORDS ( shift @_ );
	$beerNumReturned = ucfirst(shift @beerNumWord); 
	return $beerNumReturned;
}

/**
 * Simple program that prints out the words
 * to the 99 Bottles of Beer on the Wall
 * song.
 *
 * Based on the BeerSong example in the
 * _Head_First_Java_ book with corrections.
 */
public class BeerSong {
    public static void main (String[] args) {
        int beerNum = 99;
        String word = "bottles";

        while (beerNum > 0) {

            System.out.println(beerNum + " " + word + " of beer on the wall.");
            System.out.println(beerNum + " " + word + " of beer.");

            if (beerNum == 1) {
                System.out.println("Take it down.");
                word = "bottle";
            } else {
                System.out.println("Take one down.");
            }

            System.out.println("Pass it around.");
            beerNum--;

            if (beerNum == 1) {
                word = "bottle";
            }

            if (beerNum > 0) {
                System.out.println(beerNum + " " + word + " of beer on the wall.\n");
            } else {
                System.out.println("No more bottles of beer on the wall.");
            }
        }
    }
}

public class hello
{
    public static void main(String[] args)
    {
        System.out.println("hello, hello...");
    }
}

So I’ve been wondering lately about programming languages.  I’d like to thoroughly learn one but I’m stuck as to which one.  Over the years I’ve used many different languages from a variety of BASICs to Pascal to Perl to Java and so on but I’ve never really sat down to dive in head first and learn it as if my job depended on it.

I don’t really see a future for me using BASIC even though RealBASIC looks really nice given that it’s a cross platform compiler.  If I were writing programs and selling them it would probably be the way to go.  I just don’t see how it would benefit my career any at the moment.

The company I work for uses Ada is many of their programs.  I’ve taken the internal course and like the structure of the language.  In fact, I think that it looks an awful lot like Pascal.  They appear to share various key words and such.  But as I look at the newer programs and the requirements in the job market I
just don’t see myself going there.

I took a Fortran class in college and received the dubious honor of being the only one in class that thought the language looked like BASIC.  My instructor took offense to my half-joking comments but I had an almost perfect score in the class so he didn’t say much about it.    That was 16 or 17 years ago (yikes!) and I never used the language outside the class so I think it’s safe to say that Fortran is off the list.

PHP is just a hobby language for me because the only thing I’ve used it for is my own website.  It’s not used hardly at all at work.  I did make a file browser-type application for some friends but that’s about it.  There are several things I like about the language.

I almost forgot my OS/2 days and REXX.  The only thing worth while I did with REXX was to write a desktop background changer that stored the history  in extended attributes.  I thought it was cool.

A few languages that I’ve looked into but never really got very far (disclaimer: I have studied them enough to perform code walk-throughs while providing meaningful input): C, C++.

This just leaves Perl, Python and Java.  Of the three, I have the most experience with Perl.  In fact, my employer has sent me to classes to study the subject.  We have a ton of home-grown applications written in Perl.  The most complicated program I’ve written is server-client application that checked with NIS to check on password expiration on successful user log in.  There are plenty of opportunities to make use of Perl expertise but they would be limited to server maintenance, which isn’t all bad I assure you.  Is this skill portable?  As a sys admin, yes but there just aren’t that many jobs needing Perl programmers.

There’s not much Python expertise where I work, unfortunately, but there are some groups that use Mentor Graphics and Python appears to be integrated fairly well.  I bought a book to learn Python a while back and have been slowly reading through it and trying it out.  I really like the structure and object oriented code that’s used.  What I really like is the idea that one would code for maintainability and readability!  I know a Perl programmer or two that write code at such a level that it can’t hardly be maintained at all.  I look at the code and think that it’s overly complicated.  To be honest, I just wanted to check it out to see why so many Perl guys hate Python so much.  As I search around the Internet there appears to be more Python programmer positions that Perl but there’s still not a huge demand for them.

A few years back (5 or 6), I was in between projects at work and thought that I might learn Java since I had heard that an upcoming major contract was going to need Java programmers.  It was web-based and pseudo-interactive with a somewhat limited amount of knowledge to convey.  However, it did whet my appetite concerning objects and GUI programming.  I think I spent 2 months studying Java but, in spite of my enthusiasm and constant nagging, my manager never approached the software engineering group about a job. Being too good can prevent you from expanding your horizons, evidently.  Anyway, the whole episode just depressed me and I trudged on like a good corporate robot.  That was then.

The reason I’m even bringing it up now is that the IT group in my division is laying a few folks off across the corporation (50 total) and even though I’m not on “the list” I’ve been looking anyway.  What I’ve found is an over abundance of Java positions and some of them are fairly high paying jobs.  In fact, some of them even require a certification such as CISSP of which I am a holder. 

I think for now I’ll just do some Python and Java reading with the hope that one of them will jump out at me and say, “I’m the one you’ve been looking for.”  We’ll see what happens.

Very interesting Blizzard and World of Warcraft data.

09 f9 
11 02 
9d 74 
e3 5b 
d8 41 
56 c5 
63 56 
88 c0

The word for the upcoming 2007 year is:

Permanicity - It is defined as the measure of an object, idea, concept, etc.’s permanence.

This was posted just to increase the so-called SE Rank for that word.