Simple Nomad's Blog

sep 2005 | oct 2005 | nov 2005 | dec 2005 | jan 2006 | feb 2006 | mar 2006 |  apr 2006 | may 2006 | jun 2006 | jan 2007 | feb 2007 | aug 2007

29Aug2007 - Not Exactly Timely

Well it certainly has been a while since I have updated this thing. I wish I could simply try to update everyone on all of the interesting things that have happened since the last update, however that would probably be rather lengthy, and since most of it occured ages ago I could give a shit at this point. However I will say a few things in reference to the recent past:

There are some really fun feds that attend Black Hat and DefCon. I don't trust them, but I love drinking and shooting the shit with them.
Yes I did drink shots of liquor from the glow-stick-lit ass of an inflatable pig. However in my defense for doing such a henious thing, I thought it was an inflatable sheep. Honest.
Probing from your own dark IP space and watching the reverse lookups is not only fun and entertaining, at times it can be downright scary, especially considering who is appparently "monitoring" the Internet.

Enough of that, on to more current events.

Well it does seem like the only time I do update this fucking thing is when I am on the road. As I type this up, it is 1am central time, and I am due to land in about 2 1/2 hours or so. Thanks to bad weather in Texas, my Friday night flight home from San Jose was delayed by almost 5 hours. So much for getting home and having a nightcap with the wife before calling it a week. I don't sleep on planes at all, and considering I got up early this morning to pack and get a presentation together for work, well, by the time I land, get to the car, and drive home, I will have been up for 24 hours straight. At least I have a power adapter for the laptop on the plane, and soothing death/industrial metal to make the time pass during the flight.

Speaking of flight, I remember when the GTE Airphones were on all American Airlines flights. They had a feature where you could send and receive AOL Instant Messages via this phone handset, assuming you had a modem. How did they implement security to ensure you could only IM and not do other things? By firewalling ports. Port 5190. That's it. If you had say, an SSH server running on port 5190 on a home system, you could SSH into that system, and set up tunnels etc etc. Granted it was dialup speed, and you were paying a premium per minute rate, but a clever road warrior would talk their boss into expensing it. It kicked ass. Ah the good old days.

Ok I guess that isn't a current event. A current event is that you can still do the inflight hacking stuff I talked about at ShmooCon in my Hacking the Friendly Skies talk from a year and a half ago. Not on this flight, I am the only idiot with a laptop out, but for the most part if the laptops are out, you can certainly find targets. Man, wireless is so fun.

My next speaking gig will be at IT Security World 2007 in San Francisco next month (September 17-19). I'll be doing a talk on fingerprinting IPS systems by using various attacks and watching reverse lookups. I'll do a live demo as well, should be fun. Look for my laptop running Ubuntu Satanic Edition, which I just loaded up (not because I'm Satanic, but because the artwork is pretty cool). I am also appearing on a panel called Security Rock Stars which I am probably going to bring liquor to so we can do shots during the panel. I mean if they are going to act like we are rock stars, I guess we should play the part.

I will try to keep this thing updated a bit better....