Systembot: Adventures in system monitoring.

If you've been following the development activity of Systembot, the bot I wrote to monitor my machines (physical as well as virtual) you've probably noticed that I changed a number of things around pretty suddenly.  This is because the version of Systembot in question had some pretty incorrect assumptions about how things should work.  For starters, I thought I was being clever when I wrote the temperature monitoring code when I decided to use what the drivers thought were high or critical values for sending "something is wrong" alerts.  No math (aside from a Centigrade-to-Fahrenheit conversion), just a couple of …

Read more...

Website file integrity monitoring on the cheap.

A persistent risk of websites is the possibility of somebody finding a vulnerability in the CMS and backdooring the code so that commands and code can be executed remotely.  At the very least it means that somebody can poke around in the directory structure of the site without being noticed.  At worst it would seem that the sky's the limit.  In the past, I've seen cocktails of browser exploits injected remotely into the site's theme that try to pop everybody who visits the site, but that is by no means the nastiest thing that somebody could do.  This begs the …

Read more...

My gkrellM config strings.

On most of my desktop machines I use a system monitoring application called GKrellM to keep an eye on the amount of memory in use, aggregate network activity, swap space, and battery life. It's a handy utility and is very configurable. I have a couple of tweaks that I like to make to my settings to make its output a little more useful by increasing the granularity. I'm going to assume that you're interested enough in GKrellM to play around with the settings (right click on the GKrellM panel, Configuration). In the interest of full disclosure, I also intend on …

Read more...

Saloncon, unashamed gamers, and a beacon in your pocket.

Word has come down from the state of New Jersey that Saloncon, the first known neo-victorian convention in the United States, is no more. Following the tribulations of 2009, including the economy floating upside down in its fishbowl, the organizers are not able to set the wheels in motion for the foreseeable future. In the meantime, the organizers have branched out in new directions in their personal lives and do not have the time or energy right now to put on a convention as a result. saloncon will certainly be missed; I know I shall miss the yearly trek to …

Read more...

Last weekend, by this weekend.

Late on Friday afternoon, Lyssa and I hurriedly packed our bags, jumped into the TARDIS, and set course northward once again for southwestern Pennsylvania and the general direction of home. As I've alluded to a few times, we're getting married in October and thus there are many plans to make, things to get, and arrangements to hammer out. In the early twenty-first century we can do many of these things over the net or on the telephone, but sometimes matters require the up close and personal touch. Things like tasting samples of wedding cake and taking recon photographs of the …

Read more...

It seems that the one book they read was 1984.

George W. Bush, while at NSA headquarters yesterday, asked the US Congress to turn the NSA program that allows any and all communications to be monitored without a warrant into a law rather than letting the program expire in February of 2008. While this law does not give operatives carte blanche to break into a home and plant monitoring devices or copy data from computers (that's covered by another set of statutes entirely), it does mean that they can record and analyze telephone calls, e-mails, and other forms of communication without oversight or legal record. As to why he didn't …

Read more...

US Army worries more about bloggers than leaks back home.

Since almost the beginning of Iraq II, the US military has been concerned about bloggers leaking information about upcoming operations and situations in the field that hadn't been cleaned up yet. Lately, they've been commanding troops to police their weblogs and clear all posts through a superior officer before actually posting in the hopes of minimizing the amount of sensitive information that gets out, which makes sense when you think about it. Remember what Geraldo Rivera did back in 2003? URLs and names of blogs have to be registered with the chain of command so that they can keep an …

Read more...

For the system administrator or parent that has everything, how about a RAT?

'Remote access tool', that is - a little beastie (usually considered malware, though there are legit incarnations of this sort of software) that hides itself inside a workstation and lets someone connect remotely at any time and go through the system and silently monitor what the user is doing. Crackers have been using them for years for recon before an infiltration attempt, but only recently are the white hats finding uses for them. Such as watching what your kids are up to. Presenting Snoopstick, an all in one package for infecting someone's box with a RAT that lets you keep an …

Read more...