Tools

Syntax highlighting with nano

Ok, I will be the first to admit that this is nothing new, however I just found out it about today! It seems that all this time I have been using for my default linux editor, completely unaware that it has the capacity for syntax highlighting. (DOH!)

It seems that with a simple file you can set the highlighting colors for just about any kind of file. I found a very good example at http://osx.hyperjeff.net/MyApps/nanorc, although the Python highlighting he has uncommented has a mal-formed regex in the first line. (I just deleted that one and uncommented the one above and it works great.)

There are two examples at the bottom of the page at http://article.gmane.org/gmane.linux.gentoo.user.german/9565 – the page is in German but the .nanorc files are there. The first is for use with a black screen, the second for use with a white screen. (The hint here is don’t use black on a black screen or brightwhite on a white screen, and brightyellow is unreadable on a white screen as well.)

There are enough examples to get you started, and it shouldn’t be too difficult to come up with your own color schemes that fit the way you work best.

Firefox

Mozilla / Firefox bookmarklet for similicio.us

If you haven’t yet heard, there is a nifty new site, , that helps you find sites similar to what you are currently looking at. As the site author puts it:

This is a mashup of del.icio.us and easyutil.com. It’s an experiment on my part to see whether I can quickly find relevant web sites based on people’s tags/bookmarks on del.icio.us, using the engine from easyutil.com. It answers the question “people who tagged this site also tagged what other sites”. I am using it mostly to find blogs that are similar to the ones I read, and to find new popular web sites that are in my area.

To make things easier I have created a Mozilla / Firefox bookmarklet. To add this just click and drag the link below to your bookmark bar.

Search similicio.us

Security

Spamming for script-kiddies

Well, this has got to be the most annoying piece of spam I have received recently. It seems that now even the crack-scripting community is using spam to advertise their “services.” I have included a copy of the email – the more disturbing items I have emphasized in bold. The email:

From: noreply-52@ww-nn.web-hack.ru
Bcc:
Return-Path: noreply-52@ww-nn.web-hack.ru
X-OriginalArrivalTime: 06 Mar 2006 13:36:47.0450 (UTC)
FILETIME=410ABA0:01C64123]
Date: 6 Mar 2006 04:36:47 -0900
Dear Sir/Madam, Hello!
We are internet hackers crew – Web-hack. We propose you for sale some interesting things: – private exploits – http://forum.web-hack.ru – stolen credit cards and bank accounts – http://forum.web-hack.ru – we infect users pc’s with your trojan for low prices (10000 infected pc’s for 25$) – http://forum.web-hack.ru – bulletproof domains and hosting – http://forum.web-hack.ru Best offer – bulletproof domain + hosting =0 usd/week. You can use this hosting for any scam/fraud and nobody will close it! For more information look at – http://forum.web-hack.ru P.S. We are registering bulletproof domains on our partner site http://www.r01.ru/ there we have “our” people to guarantee stability of our domains and hosting so any organization like spamhaus.org cannot down our hosting and domains. We are now spaming 5 000 000 people look out the domain is alive as always and never gonna be down !! Please go and order our services at: http://forum.web-hack.ru Msg-ID: 12543

Whois:

forum.web-hack.ru
ww-nn.web-hack.ru

217.107.217.167
217.107.217.168

OrgName: RIPE Network Coordination Centre
Address: P.O. Box 10096
City: Amsterdam
StateProv:
PostalCode: 1001EB
Country: NL
Comment:
RegDate:
Updated: 2004-12-13
OrgID: RIPE
Address: P.O. Box 10096
City: Amsterdam
StateProv:
PostalCode: 1001EB
Country: NL

ReferralServer: whois://whois.ripe.net:43

NetRange: 217.0.0.0 – 217.255.255.255
CIDR: 217.0.0.0/8
NetName: 217-RIPE
NetHandle: NET-217-0-0-0-1
Parent:
NetType: Allocated to RIPE NCC
NameServer: NS-PRI.RIPE.NET
NameServer: NS3.NIC.FR
NameServer: SUNIC.SUNET.SE
NameServer: NS-EXT.ISC.ORG
NameServer: SEC1.APNIC.NET
NameServer: SEC3.APNIC.NET
NameServer: TINNIE.ARIN.NET
Comment: These addresses have been further assigned to users in
Comment: the RIPE NCC region. Contact information can be found in
Comment: the RIPE database at http://www.ripe.net/whois
RegDate: 2000-06-05
Updated: 2005-07-27

# ARIN WHOIS database, last updated 2006-03-05 19:10
# Enter ? for additional hints on searching ARIN’s WHOIS database.

www.r01.ru

195.24.65.17

% This is the RIPE Whois query server #2.
% The objects are in RPSL format.

% Information related to ‘195.24.64.0 – 195.24.71.255’

inetnum: 195.24.64.0 – 195.24.71.255
netname: PARKLINE-1
descr: Garant-Park-Telecom
descr: Science Park, MSU
descr: Lebedeva St., Leninskie Gory
descr: Moscow 119899, Russia
country: RU
admin-c: PAN-RIPE
tech-c: PAN-RIPE
status: ASSIGNED PI
mnt-by: PAN1-RIPE-MNT
mnt-by: RIPE-NCC-HM-PI-MNT
mnt-lower: RIPE-NCC-HM-PI-MNT
mnt-routes: PAN1-RIPE-MNT
source: RIPE # Filtered

person: Alexander V Panov
address: MSU, Science Park, Garant-Park-Telecom
address: Moscow
address: Russia
remarks: phone: +7 095 7898207
phone: +7 495 7898207
remarks: fax-no: +7 095 9308800
fax-no: +7 495 9308800
e-mail: panov@parkline.ru
nic-hdl: PAN-RIPE
mnt-by: PAN1-RIPE-MNT
source: RIPE # Filtered
remarks: modified for Russian phone area changes

% Information related to ‘195.24.64.0/21AS25537’

route: 195.24.64.0/21
descr: Garant-Park Telecom Block 3
descr: Science Park, Moscow State University
descr: Lenin’s Hills, Moscow, Russia
origin: AS25537
mnt-by: PAN1-RIPE-MNT
source: RIPE # Filtered

Definitely ones to watch for in your log files.

Linux

Test of gtk+ installer: VMWare 2, Gentoo 0

Well, I tried the gtk+ based graphical installer on a VMWare virtual machine. I am sad to say it failed painfully – and did so after many hours of emerging and compiling. Part of the problem was in the fact that I had selected to install enlightenment, fluxbox and blackbox (to play around with some different wm’s I hadn’t messed with previously) and the installer chose to install those and gnome and kde. Needless to say, it was many hours to go. Thankfully (?) after about 4 hours the installer failed on some ebuild or other (I don’t recall what it was right now) and that was that.

I tried it again. With the exact same results. The definition of insanity: doing the same thing over and over and expecting different results. So, now I have a working VMWare install of Gentoo 2006.0 using the minimal install disk and am building enlightenment, fluxbox and blackbox the “older fashioned” Gentoo way – via a simple emerge call.

Final score: VMWare: 2, Gentoo Graphical Installer: 0, Gentoo minimal installer: The winner by default.

Linux

Graphical installer with gtk+

Gentoo have finally released a version with a graphical installer: 2006.0. The gui uses gtk+ and is available on the x86 Live CD .

I haven’t had a chance to play around with it yet, but I can tell you that it has reduced the installation instructions by what seems to be more than half! All you gui installer fans: here you go!

Security

Security reminders

While looking through my del.icio.us links I found a couple that I haven’t had time to check in on lately. It is telling, really, that the sites I have not visited recently are those related to security best practices.

It is really entirely too easy to get sucked into other areas at work and rely on past practices to maintain security. But as things go in the world of tech, the rules, tools and environment change almost (it seems) daily.

With that in mind it is time to look again at the NIST Information Technology Security guidelines and the Center for Internet Security benchmarks.

Internet

VeriSign-ICANN deal: much ado about nothing?

There has been a large amount of FUD generated in the last week regarding the ICANN VeriSign settlement. It seems that most that I have seen has been coming from name registrars, and notably the blog of Bob Parson (founder and president of GoDaddy).

It seems that Bob is trying to encourage people to write to their congressmen to get involved and squash the deal. I find this interesting that this post is from last Wednesday (2/15/06) while the deal was penned sometime prior to October 24, 2005. If this is such a big deal why did it take Bob so long to respond?

Most of the FUD is along the lines of an evil empire-type scheme to raise the prices for .com registration so VeriSign can fill their coffers with the money of the poor, down-trodden netizens. This is, of course, based on the pricing information in section 7.3.d which states:

Maximum Price. The Maximum Price for Registry Services subject to this Paragraph 7.3 shall be as follows:

  1. from the Effective Date through 31 December 2006, US$6.00;
  2. for each calendar year beginning with 1 January 2007, the smaller of the preceding year’s Maximum Price or the highest price charged during the preceding year, multiplied by 1.07.

Does this mean that VeriSign is going to rush out raise the price as much as possible? No. VeriSign is a solid, reputable company that has been in the market long enough to know how to set (and if need be raise) prices in a manner that will not negatively impact the market.

ICANN was never meant to be a regulator, but a coordinating body. I’m sure that Paul Twomey and Vinton Cerf knew what they were doing in setting up this deal. For a more logical look at the implications check out this article by Keith Teare from November 30, 2005, or look at the documents yourself and make your own decisions.

Security

Pulling viruses out of the AVG vault

I was over at the Internet Storm Center and saw a simple how-to on retrieving viruses from the AVG vault for sending in to malware testers.

From the article:

Steps to export viruses from the AVG vault for analysis.

  1. Create a directory to store the files in.
  2. Open avg.
  3. Select the virus vault.
  4. Click on the virus you wish to restore.
  5. Choose restore, that will prompt you for the directory to restore the virus into.
  6. Select the directory created in step 1
  7. avg will alert again if its in active monitoring mode. choose continue.
  8. Turn off avg resident shield protection if you plan to package the viruses up for submittal for malware analysis.
  9. Select the AVG resident shield and unselect “turn on avg resident shield protection”, Click apply.
    Remember to turn resident shield back on as soon as your [sic] done with the virus.

There are further instructions in the article, including how to package a virus for sending for analysis. If you want to test this on your own machine so you know how to do it use the eicar test file (literally the following 68 characters: X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H* saved as a .com file) which will show up as a virus without actually doing or attempting to do any damage to your system.

Community

Offend me! Please!

In the interest of transparency and owning up to my own idiocy, I have left this story. I came on it while looking at some of my earliest posts, laughing at the links to nowhere and the rather hasty wording of many of these posts.

This one, however, strikes a different chord for me now, in December 2020, especially in light of BLM, a racist administration, and the spread of fascism not just in the US but globally. This article was in response to the outrage over a cartoon in a Danish newspaper that depicted Mohammed. (The cartoon was incredibly insensitive, but no more than cartoons depicting the pope during the Catholic Church’s sex scandals, and myriad cartoons pointing out hypocrisy in other religious settings.)

Yes, there are things that are genuinely offensive. There are things that are (or should be) objectively offensive. There is never a right time or place for those, whether in speech or action.

Does this mean I posted things I regret? Yes. I was so focused on the things that were labeled offensive without being so that I ignored the truly offensive shit that’s been around forever. By the way, I’m sorry if you don’t like that I have a mouth like a trucker or a soldier, but I’ve been both of those things.

I should have paid attention to my own advice in this post: “The trick is to focus on making your communication clear, intelligent and well-thought-out.” Hey, I never said I don’t make bone-headed mistakes.

So, just to clarify a few things:

  • The extra-judicial killing of African-Americans is not okay. Black Lives Matter
  • Women are not less than in any way.
  • Love is love, regardless of gender (including gender expression). What consenting adults do behind closed doors is not my business or yours.
    • Personal opinion here: PDA (kissing, hugging, holding hands – not tonsil-hockey or groping in public) is sweet, regardless of the genders of those involved. If it bothers you, walk away. If you can’t, let them know, politely, that you feel uncomfortable.
  • Transgender people are who they say they are, not who you think they should be. It’s not that hard to use the proper pronoun, and if you slip up apologize and move on.
  • Public officials who refuse to denounce racism/violence/hatred should be held accountable for the actions of those they empower. Being elected should not be a “Get out of prosecution” card.
  • Businesses are not people, and as such should not be allowed to claim “religious reasons” to discriminate against women, LGBTQ+, BIPOC, or any other protected class.

With all that said, here is the original article, in which I come across as a complete and utter ass:

It seems that an inordinate amount of energy is being expended on who is offending whom with what speech . I say let it go already!

We have connected the world, and made communication between continents and countries and cultures trivial. There is no way that anyone can communicate with that broad of an audience and not offend someone, sometime. The trick is to focus on making your communication clear, intelligent and well-thought-out. Those who will take offense will be offended no matter what. Those who are more open to new ideas are going to judge your communication based on its merits. And with that in mind, I am rarely ever offended at anything intelligent. (Yes, poorly thought-out, muddy and unintelligent conversation annoys me, but it is much harder to offend me.)

Of course, I think a large number of cases of “offense” are actually annoyance. And as long as we are on the subject, why is that those who are most offended are usually trying their hardest to offend right back ? It is the inability to laugh at ourselves that leaves us fragile and easily injured. Bah! I laugh at myself all the time. That’s why the article over at comicbookresources.com made me smile a bit. The headline says it all: Israeli group announces anti-Semitic cartoons contest!

I challenge anyone who is currently taking offense at something being said to take a moment, and try to come up with your own, even more offensive remark or statement about the same subject and see if that helps you to put it into perspective. Now that I’ve got that off my chest I can get off my fat ass and get back to doing something productive!

Read More

  • February 15, 2006
  • December 15, 2020
  • sjan
2DL

Who’s buying?

Despite the fact that our album has been available for while now, and we have had scores of people tell us that they were in a hurry to buy it, we haven’t managed to actually sell many at all.

Makes one wonder – do people say that so they don’t have to say they didn’t like it? Maybe, but I would rather hear what it is they don’t like about it – We never claimed to be perfect, just doing what we love. And if we can do something to enhance the listening experience, we will.

So who is buying? A couple co-workers, and a radio station in Brazil. After they asked our permission to play our music on the air. Well, that’s something at least.

So if you haven’t checked it out yet, do so. There are samples (low-quality) on the site. The store is linked. Buy our album!!! Please?