Today I prefer Windows, not for any logical reason, but just a feeling that battles are bruising experiences. Creativity does not stem from war. Creativity stems from a desire for fun and something different.

I suspect that using Red Hat 7.1 is a dead end and I have to get the upgrade. Too many hours to risk being online. Perhaps someone I know has CDs. Now Linux once again feels good. I can ask for copies of the new release without thinking about licence expiry and so forth...

More on Linux security

Okay, Linux is easily rebuilt, got the Apache patches. Now the little bits of housekeeping to make a workbench and restore the data. It is so amusing to read the articles defending and attacking Hackers for exploiting exploits and being the 15 year old immature posers that they may just be. Nothing to get upset about here, boys, okay?

Examined the attack. Log file shows access via anonftp. wu-ftp buffer overflow bugs are probably the cause.

The attack seemed more sophisticated than the last one I encountered. And it seemed more interested in finding out all about my system with modprobes into every port.

So the hackers probably now have a complete library of my poetry, but sadly no credit card details.

The attack payload consisted of an infector file called sk and a logcleaner and a password sniffer (in another hidden file).

Analysis of the attack

Now I understand the blip in the financials. Why confidence in technology dried up.

We evolved computer viruses and hackers to compensate us with vulnerabilities we never expected to have, perhaps as some of us became intollerably rich.

So what can we do to evolve further. How about looking at what the hackers do, and learning from them?

The confrontational approach to dealing with terrorism seems to work, but seems to destroy evidence, and infurate people into suicide bombings.

It is Jonestown on a giant scale and using flyspray to eradicate them is a solution, but you know how the flys come back every year?

Preventing cultures from getting rich may be another way, but surely the Borg example is the best. Make us more like them where it counts, and make them more like us where it also counts.

With what's going down in Washington these days, I would imagine that the huge growth in nastiness of hack attacks on many popular platforms is related to the above, rather than an outbreak of grossout spottiness in the McDonald's munching set.

It has been really interesting to reinfect my system with the attacking files and watch it spend ages doing absolutely masses of things on the system. If I was writing a virus I wouldn't go to town and make myself so obvious to just wipe a server for no reason and neither would any hacker worth their sneeze. Is it more likely someone who wants to know what am doing? What if it was a government and they had laws that allowed them to do this? Or if it was Al Queada? Now that is what I see as the blip. No sooner than you trust your system, and a new set of circumstances exist.

Perhaps the true glory of an Open Source system over something a hidden system is that I can actually see what the hacker is doing, and quantify the damage.

It is important - vital - these days to keep Linux and Windows up to date with patches. We don't even know what these do either, and if their release notes match. At least Open Source patching makes it more difficult for the seriously diseased person to invade you.

It is strange to note that a leading Anti virus product bears the name of an antibiotic which we all know are not much cop when you have a viral infection, not in the medical world anyway. Immunisation is the key to defeating the security impasse. Not a patch city.

dshield.org deserves your donations.

Hey - make the web a safe place to have fun again and respect our rights to privacy, individuality and honesty. It is stupid to risk your business hacking into other websites unless you want the FBI to eat you for breakfast. What do you think US$40 billion is buying but our talent, that the fallen stockmarket can no longer afford. Well those of us that are employed by a national pride seriously dented by its intellegence shortcomings.

Only the real snake oil can save us now.

dmoz to the rescue

Styled in the same fashion, dshield.org has a method of fighting back! They provide good logging of intrusion, and allow you to anonymously or as a member become involved in dialog with ISPs to deal with the offending source, most often these are viruses.

Having read one article in attrition.org that complained that anyone over 40 will only install 'off the shelf' solutions, be warned that this anti-hacker has only just started living and believes that most/all hackers are inexperienced in living as happy people, so are probably in their twenties, or younger.

My advise to these little geniuses - anger mangement. It seems that a lot of this wasted energy is either political (shame on our governments!) or personal vendettae.

Interesting. A web board I found via netscape site told me what happened to my Linux server and probably many others. The insecurity was not Mozilla. It was an attack from within a bug recently discovered in Apache. Next time I am online, I will have the patched version. So that may work until the next vulnerability is exploited.

Kind of like a playground with bullies bearing menace.

Like the good old buffer overflow bugs in Sendmail, it seems that there is a nasty little oversight lurking in Apache and a new copy is required to be secure. Get it (urgently) from www.apache.org.

On June 18th some wonderful people published the Source Code of a C wrapper to demonstrate how to exploit a bug in Apache servers.

In the "wrong hands" it could bring down large numbers of servers. It seems it only took a couple of days for the attacks to start.

But I turned my machine off before they destroyed my message log. And there are several Anon FTPs and a modprobe right before it. All this complete with IP addresses (probably fake ones).

Frankly I do not think they are wrong to exploit a weakness in Apache, but as one ardent Windows fan pointed out, it has been waiting for someone to have a go at it for two years or so. Microsoft attackers then say similar bugs existed inside Windows and IIS for ten years.

What are we doing? Are we not in the middle of a recession caused largely by our own greed? Aren't tech stocks continuing to fall while employees spend their time blogging nonsense when they are not busy and rebuilding sytems when they are?

Why people persist in causing grief to others who are no threat to them is beyond me. I am just one person, and expected to cope with someone sabotaging my business every so often?

Are hackers are playing too many war games riveting into their little minds that commiting acts of war gives them some kind of nobility?

In the meantime, Linux is proving easy to inspect and recover by mounting the disk they hit on another machine to inspect them. I have heard of backup, also. But they waste my time.

My Windows ME in the meantime started in Safe Mode. Scarey. Its failsafe go back methods indicated that no system files had been changed. I wonder how to possibly check this. I will still be wondering in 3 months but my Linux machine will be running again by morning.

Good night, then.

Linux may not be fully secure, at least one of our RedHat 7.1 boxes just got munched via an attack which seemed to start with anon ftp. Life. I think I will switch that machine to being a DVD player and stop working for now.

Hackers are really just sad thugs and bullies behind a keyboard. A few of them get hired by corporation and given Porches, fat cat salaries and lots of CPU power. Scarey, if you think about it.

Maybe better to watch the film, then.

Linux use in
Aotearoa (New Zealand)

This is a little country of individualists and do it yourselfers who value independence and expect to excel in the world. Witness NZ accomplishments: The America's Cup, Lord of the Rings, Shrek. Linux had more than one hand on the rudder of this country's success, yet it has perhaps felt in the past that to deviate from "standards" (actually evolutionary limitations) was somehow wrong. Opinions are starting to change. Microsoft software is being revealed as simply an alternative operating system with its own strength and weaknesses as a platform.

Government organisations are starting to examine Linux and the commercial world is just starting to understand that there are legal independence and cost benefits issues simply resolved by installing Linux on a fresh hard disk and copying your Windows data file over by mounting the old one. That way it can't go wrong. How, well that's where you can get a Linux Consultant to help you for about fifty bucks an hour.

For Linux, Red Hat seems certainly is the "accepted standard" in these parts. Starfish Software, for example, aims to forward Red Hat acceptance, installing it and making applications useful for any business, and training users. We have had some success in the home. Linux installed on an ancient PII/400, far too slow to be useful under Microsoft Windows, now teaches a child all about Linux, and she greatly prefers it to Windows. She loves Gimp. Free software again proves it's superior.

There are so many business opportunities for Linux in this country, but few seem to realize just how much money they can save, and how much time, simply by switching.

I rebuilt Linux again, and then discovered it was probably the Mozilla browser and some spam merchant that was probably behind the intervention. So I went to the friendly red dinosaur site and downloaded release 1.0 "Candidate 3". And tightened up the firewall and installed tripwire. No problem since. Touch wood.

But there is a problem. Not since before I instaled Zone Alarm on a Windows machine had I felt so intruded upon. And it suddenly becomes apparent that email is less than secure so why not let your inner thoughts run wild in the weblogs? Want the world to think you are mad or something?

Well, back when my house was burgled, I went a little crazy - and this is, I am told, a reasonable reaction to the stress of some stranger trambling on your fresh ironing and looking through your family fotos... so when someone highjacks email, or listens to phone calls, we all should get concerned.

It is very upsetting to believe that someone may try and steal your work, until you remember that this blog and every other word now collected on this vast web is probably being scanned copied and re-presented by about fifty post moderm programs tripping on certain key words or notions.

What is this web then? Is it how Big Brother planned to watch us all along? Perhaps that is why it was invented (ARPANET) by the USA DoD, afterall.

To encourage things like encrypted email (hushmail.com) seems like a good idea to those who may donate $50 to Amnesty but probably would not volunteer to serve in a third world country, even if asked nicely.

It makes me wonder about intellectual ownership, what intellectual property properly consists of, and when something like the GNU and Open Software is now being embraced by Governments, you have to cheer. Its about time they stopped wasting tax payer dollars.