Long, long time readers of my blog might remember Leandra, the server that I've had running in my lab in one configuration or another since high school (10th grade, in point of fact). She's been through many different incarnations and has run pretty much every x86 CPU ever made since the 80386. She's also run most of the major distributions of Linux out there, starting with Slackware and most recently running Arch Linux (all of the packages of Gentoo with none of the spending hours compiling everything under the sun or fighting with USE flags). It's also possible to get …

I don't ordinarily write much about work, mostly because it's not that interesting but also because it's a bad habit to get into, lest I let something critical slip and get in trouble. However, the last two days were sufficiently rough (and strange) that I feel that I have to write something about it, if only to give my fellow BOFHes something to go on if they find themselves in the same particular position I was. The past two days have been by far the strangest problem I've ever run into working in IT or information security.

Let's set …

Windows XP, let me be clear. And they won't let you download it unless you're using IE on a known valid (by WGA) copy of Windows, but there are ways around that (thanks, cow-orker!).

Microsoft has released a utility for Windows XP that parses the System Restore data and shows you everything that's changed for a specified period of time to aid in debugging. It can show you what software has recently been installed, what hotfixes and Windows Components have been installed, what BHOs (browser helper objects - read 'call it spyware and be done with it') have infected IE, what …