Wednesday, December 24, 2003

U SCAN (Unless U are an idiot)
I really didn't want to go shopping today. At all. But I had to go to the grocery. As you might guess, it was a fucking nightmare. All the lanes were open, and the manager of the store was literally running around trying to make things run smoother. He had my pitty. But they were just not keeping up. Lines were backing into the aisles, and the line to the U-Scan's were heading into loops.

They really need a sign on these machines. Something to the effect of "if you have trouble working simple machinery, go stand in the other line (dumbass)". I watched some woman squint her eyes and bare her teeth (that DUH look) as she scanned something twice and not put it in the bag. Meanwhile, the machine is yelling at her in that calm female voice, "put the last scanned item back in the bag". After repeating it about 3 times, the machine gives up and says, "please wait for cashier assistance". I think I also heard it mutter, "you fucktard" under it's breath.

On the other side of U-Scan land, I watched this guy put a $20 into the machine, which it rejected. He shoved it back in, it came back out. So on the third try he held his finger over the slot and kept it from being rejected! SMART MOVE!!! That'll teach it! Oh wait, it JAMMED??!? Why? Call the technician! This line will be getting longer in a moment.



As I was escaping the store, I bumped into a guy who took one look at the solid mass of people and simply said "holy shit!". And I replied, "yeah, good luck". He turned around, following me back out of the store and said "Fuck this! I'm going to Speedway!". Not a bad idea really, that's what I should have done.

Oh yeah, Merry Christmas.

Monday, December 22, 2003

Been a while!
I apologize to those of you who have been checking in and hoping to find something interesting to read. I have been a lazy bastard. Seems I been climbing into bed at night, and I just haven't had the urge to 'blog out my day' like I had. So here is what has kept me so busy.

I celebrated a birthday! Yay for me. It's a birthday party! Ray is now 28 years old. One step closer to 30. I got some fun stuff for my birthday. Some clothes, socks, you know. But I also got a pencam to do some blog shots. It works great ... but my iBook hates it. I plug it into the USB port, and it just blinks. Low and behold neither of the webcam/digi-cam driver efforts cover this model. What a bummer. I have gathered the specs and sent them to the "IOExperts" who hopefully will be able to aid me in making it work. In the meantime it works fine on my PC. If I am really desperate, I can run Windows with Virtual PC on my Mac, and then run the camera utilities on that! It's slow as shit, but it actually works.

Two days ago we went thrifting. We had a couple bucks to blow, but we didn't want to try and attack the mall crowds this close to Christmas. So we hit the thrift stores. About 5 in all, along with some "discount store" that has popped up next to an old thrift store we rarely visit. It was a little like odd lots. Some prices were low, while others seemed a bit unreasonable. They had quite a bit of refurbished electronics ... but they were asking too much. And you have to run fast from those "No Returns" signs. Eeek.

I was impressed with the aisle of plastic though. Everything was under a dollar. Neat. That's a lot of discounted tupperware!



I was also pretty excited to find Randy Savage Slim Jim collector tins! They were about 1 inch off from being the perfect cantenna measurements. Too bad. It would have looked nice on my dashboard. Still, $1 for a Randy tin ain't too shabby. Oh, and he had his arm around some whore named "George". Nice touch!



I was disappointed with the thrift store junk. I like a good deal on old shit when I can find it. But there were no good deals. A few shops had nothing but clothing (bad clothing too), while others had piles of good junk, that was way overpriced.



There were dozens of monitors at one shop. All of them priced around $30. It's also fun when you pick up an old 486 and find a price tag for $69.99. What the hell? My guess is that the hicks working the price-guns have no idea how to judge the value of electronics. And I guess that they can't take a hint when nothing sells.

After picking up the kids (they stayed with their aunt all day) we made a quick pass through Taco Bell. I don't know that it was a good idea with all of us on the verge of being sick, but I think we all managed to keep our food down.



And speaking of being sick. Blah! My stomach feels like its full of rocks. This flue just won't leave me be.

This morning we let the kids open their Christmas gifts. We have all been trapped in the house, bored to death. And later this week we will be running house to house for all the various family christmas get togethers. So Santa came early.

Santa brought me "The Art Of Deception" by Kevin Mitnick. I have been longing to read it, so it's first day in my hands, I have all ready read the first 4 chapters. Not a bad book. Each chapter so far reveals some interesting stories which are meant to guide you into a better social engineer. Gooood stuff.

I have also been reading some Cisco study materials. I got my hands on a few eBooks, and also a big rar archive off of the eDonkey network. After about 5 days of waiting for it to finish, I was pleased with what was in it. Not only did I get both Cisco Press books (821 and 811 exams) I also got all four Cisco Academy's. The Adademy stuff is flash based content and HTML. It's self study reading, with a lot of visual aids, exams, and other things to keep it entertaining. I was happy! I also found the Sybex 801 book, which prepares you to take the one big CCNA exam. Great book! It's a much better read than the Cisco Press stuff.

Now I must go. I need to go to the store between my visits to the restroom. God damn this flue.

Friday, December 12, 2003

IP THIEF
Seems like it's been a while since I blogged. Truth is, I did about two days worth on my laptop and then didn't copy it off before replacing the hard drive. You wouldn't believe what a pain in the ass that was. But Audrey has gone from 3.2GB to 18.6GB. I had suspected that little drive was going bad. When I pulled it out, it rattled. Are they supposed to rattle?

Well now I am getting ready to start a night class. Hooray. Been a tough day really. I thought I would play on lunch in the McDonalds parking lot like I had been. But when I got there I found that my bandwidth was SUCKING. I needed to download a few things. A few packages to make ethereal work, the newest version of KisMac for wardriving, and maybe a few songs to listen to on the way home.

I was getting an average of 1.2k per second on my downloads. What the hell? I thought maybe my signal was weak. So I re-parked the car a few times. No difference. Seeing how I didn't have Ethereal, it would be tough to see what the hell was happening. So I ran tcpdump. Sure enough, someone was stealing all the bandwidth for gnutella traffic. Ass monkey.

I decided I would let him know what I thought about him.

Ray-Haques-Computer:/sw/bin root# smbclient -IM 216.206.239.145 "You should turn off some of your filesharing bullshit. You are saturating this network. Have some respect."


Then I got pissed and drove off into town in search of better bandwidth. I found a pretty nice AP serving up a signal strength of 32! Nice! It seemed to be a tunneled network of some kind though, and the AP was ignoring me. I thought "hell, now is my chance to change my MAC address". I was sure that this AP was using MAC filtering as a means of security (no WEP). Imagine my disappointment when I was told "not permitted" when changing it. I would later learn that I can change the MAC address of my built in Ethernet, but not the WiFi card. That's gay.

After some frustration, and a dirty look from a redneck on her porch who was probably calling the local police on my loitering ass, I was headed back to McDonalds. Still, all the bandwidth was being consumed and I was pissed.

Here is how I achieved vengeance.

  1. Run tcpdump to get the IP address of the evil bandwidth hog.
  2. Assume that IP address as an alias to my own network card (ifconfig alias)
  3. Ping the gateway/router.
  4. Laugh, and enjoy all the bandwidth


It's not nice at all. But what I basically did is tell the router that the bandwidth whore's IP address had moved onto a new MAC address (my own). The router then starting sending his packets to me. Realizing what had happened, his computer stated a conflict to the user, and then went back to the router asking for a re-association through the ARP process. Naturally, he didn't stand a chance. I was playing a much more aggressive game at this tug-o-war battle.

Watching the packets dumping by in terminal I could see all of his downloads were timing out, and bombing, until I was seeing very little traffic headed his way. My downloads shot up to 34k. Not bad.

Thursday, December 04, 2003

Teaching Monkeys Philosophy
Let me quote to you a line from one of my favorite films of all time, A Fish Called Wanda. In it, Kevin Kline plays the best role of his acting career in the character Auto. Auto believes that reading philosophy makes him an intilectual. Which is what he strives for. Jamie Lee Curtis playing Wanda, sees through this front and knows that he is just a big dumb american who thinks he is cool. In an arguement, Wanda calls Auto a 'big dumb ape', and then we cue the lines.

Auto: Apes don't read philosophy!
Wanda: Yes they do Auto, they just don't understand it.

This morning, my mission will be teaching the monkeys how a computer works on the inside. We have a book to shoot through, which should be an 8 hour class done in two four hour sessions. I am doing the whole thing in four, and I am going to skim the material. I wonder if my students would care how a processor actually registers information. Or how physical memory handles binary code. Only about half of these students have really used a computer, that is more or less to play 'soli-tairy' or to 'do e-mail'.

The whole concept of this particular course is rediculous. I plan on zipping through it, and focusing on what a 'monitor' is versus a 'liquid crystal display'. I would like to leave a nice long lunch in place so that I might explore the network I found this past Tuesday. Yes, I plan on setting up shop in the McDonalds parking lot again. This time, I WILL be getting out on this network. I brought with me a secret weapon ... Ethereal.

Ethereal is really simple Packet Analyzer for just about any flavor of *nix that runs X-Windows. What I found is that I needed something called 'Fink' which will allow me to install Ethereal as a package. It was a pain in the butt to get running, and it failed to find Ethereal, or download a current package list. After some searching I came across a utility called Fink Commander. Basically, it's a front end for fink that beats the piss out of the terminal based front end that came with the binaries. From the Commander, I was able to get a current package list, and install not only Fink, but also all the gnome libraries I was missing. I also had to install a dev-compat package of some kind that fixed some broken lib dependencies. Thankfully, a Google search lead me to someones Blog that explained that whole process that lead me to an error message.

Now I have Ethereal running like a champ under the X11 utility for OS X. It's neat. I can't wait to start grabbing those packets. It was such a busy network, it shouldn't be long before I have enough to discover my gateway, and DNS servers to use.

Now, it's class time. Wish me luck with my monkeys.

Big Mac Attack Part II
Today was the day I would invade the McNetwork. Pulling into the McParking McLot and checking the time, I had a good 2.5 hours to blow. I went ahead through the drive through and got a small Coke, so that I could call myself a McCustomer. Then I parked the car, and went to work.

Once again, connecting to the non-WEP network was a breeze, but I was unable to obtain an address from DHCP. I went ahead and started up Ethereal. I am really impressed with the speed and ease of use with Ethereal. Like most packet analyzers, when you start it up you are opening a 'fish net' for packets. Once you have tallied up a handful or more, you can stop the scan (retrieve the net) and see what you picked up.

I was interested in finding two pieces of information. A gateway to send traffic through to the Internet, and a DNS server to resolve host names. After several searches I was finding nothing. Strange thing about networking. I was seeing packets coming from the local network and going to the outside world. I could also see packets coming from the Internet back to local hosts. Never are you getting a hint about the router, or the gateway that took the packets there. This would be a problem. I threw out the net about four times before I was 'shown the way'. When it finally appeared in my scan, it was like Indiana Jones when the light shined into the small temple, exposing the location of the Arc of the Covenant.



If you notice in the photo, the line I have highlighted is the router. It stuck out like a sore thumb because the protocol for this packet was marked as an "arp request". Arp is a process by which a host knows the IP address of a destination, but it needs the MAC address. We only need this information for someone we plan on sending information DIRECTLY to without the use of another router. Generally, you need to know the MAC of your router or gateway, and you ask for that information on the network. I happened to catch it. It was either luck, or patience. Once you have the MAC, you will not ask for it again for probably 10 minutes or more.

Now I had to add the gateway like this.

audreyii:/Users/rayhaque root# route add default 216.206.239.188


To test my gateway to the outside world, I pinged the DNS servers I use at work. I got a reply which was good. I also needed a DNS to use, since I hadn't discovered the local DNS being used on this network. Here is how we add a DNS server really quickly for immediate use.

audreyii:/Users/rayhaque root# echo "nameserver 65.24.0.167" > /etc/resolv.conf


Now I have Internet, to test I connect to #thebroken on irc.gloop.net. The gangs all there! I also open up my Instant Messager and say howdy.

Then I am back out with Ethereal capturing more packets and having a look at this network. Two users on this network are abusing the hell out of it with Kazaa and Gnutella traffic. As you can imagine, it was hell digging through all that crap to get to the interesting stuff. Pretty quickly, I start coming across AIM info. Every time someones AIM buddy hops online, their 'presence' is sent to one of my two active users and I am picking it all up in my packet logs.

Here is a recieved message. Something about going to sleep later. Whatever.



Why stop with reading someone elses message. Why not message these people myself? I don't have to tell them how I came to meet them. I just want a new friend. I cannot resist, and I start adding these new found buddies to my list and messaging them.



I don't know who this guy is, but all of his friends suck. I messaged three of them and I never got a reply back. With all the AIM spam I get, I would probably ignore them too. But damn, I'm lonely here. Who else can I bother? I go back to fishing, picking up LOTS of Kazaa and Gnutella crap. But then I see this.



Oh man. This jerkwad is using Kazaa to download Charlie Brown's Christmas mp3's. He is probably the type of filetrader that has porno' with movie titles on it. So you download the latest hit film, and it's two bald German guys screwing each other.

A couple of times I pick up on some users who are checking their e-mail. But most of them have empty mailboxes, so I never get any messages to read through.



I thought it might be fun to message one of these people and ask "Hey, have you read your email today?", and when they say "yes" I could reply "well I read your e-mail too!".

Somehow I wasted well over two hours capturing packets and looking at them. I had a few conversations along the way on IRC and on my messengers. But damn did I waste some serious time. And boy was that fun.

I should do this EVERY Tuesday and Thursday that I am in this damn town.

Tuesday, December 02, 2003

Deep Forest
If you have never heard the musical stylings of the group Deep Forest, you should really give them a listen. I recommend the first two albums. These two guys travel deep into remote areas of the world, and record singing and chanting from villiagers. Then they bring it back home into a studio and lay it over a drum machine beat. The end result is very ambient and spiritual melody. You can close your eyes and imagine you are in a soft quiet wooded forest.

But I'm just not feeling it this morning. You can shove those woods up your ass. I am trapped in the middle of nowhere once again in a youth detention center without Internet access. My view of the woods is obscured by barbed wire, and meshed windows. The only sounds I hear are of the heating equipment just outside of this room, and of juvenile correction officers yelling at youth in the hallways.

What the hell am I doing here? My only comfort is in knowing that my resume is out there in postal mail, making it's way to what I hope becomes my next employer. I even dreamed about it.

In my dream, I was introduced to my new office. It had a nice window through which the sun came in and lit up my empty, but spacious suite (with a door). In all liklihood, my office will be a cubical in a farm of other cubicals. But this is my dream, so shut up. I am then shown an old computer that was left behind, and I am welcome to use it. It's a Blue and White Macintosh G3. Slightly outdated (I'm realistic in my dreams now) but very usable. My display is a flat panel too. Nice touch. As I make my way to my desk I notice the carpet is in need of vacuuming. Should I clean it? I just started here. I probably hadn't even met anyone. Should I get out the vacuum? Sometimes when you are dreaming you get carried away with the technical details.

I was probably awakened by my son, who decided he would get up at 4:00AM to get ready for school, which wouldn't be for another 3.5 hours. No one is sure why he insists on getting up before the roosters.

Now I am checking the time and thinking "shouldn't I be getting ready for class?". I have one student who has shown up. He is telling me that two people won't be here for reasons unexplained. My class tally for the morning should weigh in at two or three. I guess I will go teach now.

This mornings key thought: What the hell will I eat? I forgot my lunch, and I would have to drive about half an hour to get back to even a gas station. About 40 minutes to the nearest Subway. God, please deliver me to new employment.

Big Mac Attack
So I ask around and find out that there is a tiny town (called 'Mohican') just north-east of this forest. I spot it on the map, and head for it on my lunch hour. Audrey is being a slut, and my wireless card keeps coming up 'missing'. After like 5 reboots I get it to work, at which point I have made it into town, and so I swing into a McDonald's parking lot to straighten shit out! As soon as my war-driving utility comes up 'DING-DING!'. I found two access points. And they are right here at McDonalds! I look around. To me left there is a grave yard. On my right is a small chiropractors office. And far off in the distance on a hill sits a few large homes.

I don't know who's network I was on, but it was not WEP'd. Unfortunately, I tried to get an address, and I couldn't obtain one through a lease. So ... here is my journal of activity.

Step one, connect to the access point.



Step two, monitor traffic with tcpdump.

Here is me looking for an address, and them ignoring me. Thanks for nothing!

-4:-6:-50.070444 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, length: 300
-4:-6:-50.071727 arp who-has audreyii.local tell 0.0.0.0
-4:-6:-50.088531 audreyii.local > ff02::2: icmp6: router solicitation
-4:-6:-50.373447 arp who-has audreyii.local tell 0.0.0.0
-4:-6:-50.375797 arp reply audreyii.local is-at 00:30:65:05:57:a1
-4:-6:-50.676804 arp who-has audreyii.local tell 0.0.0.0
-4:-6:-50.679154 arp reply audreyii.local is-at 00:30:65:05:57:a1
-4:-6:-49.079821 arp who-has audreyii.local tell 0.0.0.0
-4:-6:-49.085764 arp reply audreyii.local is-at 00:30:65:05:57:a1
-4:-6:-49.382469 arp who-has audreyii.local tell audreyii.local
-4:-6:-49.512818 audreyii.local > ff02::2: icmp6: router solicitation
-4:-6:-49.688122 arp who-has audreyii.local tell audreyii.local
-4:-6:-49.919839 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, length: 300


But are there people on this network? I see a couple of addresses, and it's people surfing Kazaa and Gnutella.

-4:-7:-11.768330 81.64.117.21.gnutella-svc > 216.206.239.145.26700: P 6196:6239(43) ack 1135 win 33304 (DF)

-4:-7:-11.407034 24.132.10.126.kazaa > 216.206.239.132.qadmifevent: . ack 5425 win 17520 (DF)


Jerkies! I want to play too! I guess I will make up an address.

Step 3 - Make up an address on this network.

audreyii:/Users/rayhaque root# ifconfig en1 216.206.239.140 255.255.255.0


Step 3 1/2 - Test connectivity!


audreyii:/Users/rayhaque root# ping 216.206.239.145
PING 216.206.239.145 (216.206.239.145): 56 data bytes
64 bytes from 216.206.239.145: icmp_seq=0 ttl=254 time=8.198 ms
64 bytes from 216.206.239.145: icmp_seq=1 ttl=254 time=13.366 ms


I need a gateway!! Don't know where I will get that from. I guess I monitor a while longer.

I find interesting stuff.

-3:-53:-45.162631 64.12.24.172.aol > 216.206.239.132.tclprodebugger: P 50934078:50934132(54) ack 3062354438 win 16384 (DF)


Dude, all my friends are on AOL!

What's this here?


-3:-51:-59.001017 216.206.239.140 > 224.0.0.2: igmp leave 224.0.0.251
-3:-51:-59.002131 216.206.239.140 > 224.0.0.251: igmp v2 report 224.0.0.251
-3:-51:-59.032699 216.206.239.140 > 224.0.0.2: igmp leave 224.0.0.251
-3:-51:-59.033963 216.206.239.140 > 224.0.0.251: igmp v2 report 224.0.0.251
-3:-51:-59.042814 216.206.239.140 > 224.0.0.2: igmp leave 224.0.0.251
-3:-51:-59.043752 216.206.239.140 > 224.0.0.251: igmp v2 report 224.0.0.251
-3:-51:-59.583053 216.206.239.140.mdns > 224.0.0.251.mdns: 0 [6q] [2n] PTR (Class 32769)? _register._mdns._udp.local.[|domain]
-3:-51:-59.833230 216.206.239.140.mdns > 224.0.0.251.mdns: 0 [2q] [2n][|domain]


This guy looks like a router!! Oh wait ... that guy is me. It looks as if Audrey here keeps sending out routing updates in attempts to learn about neighbors Too bad they all ignore me and pretend not to be my friend.

Maybe I can find some DNS servers to use? If they are outside of this network, I am screwed, because I still have not found the gateway to get traffic out through.


audreyii:/Users/rayhaque root# tcpdump -i en1 | grep dns
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on en1, capture size 96 bytes
-3:-41:-28.028391 216.206.239.140.49188 > 224.0.0.251.mdns: 53105+ PTR? 135.81.254.169.in-addr.arpa. (45)
-3:-41:-28.028878 216.206.239.140.49188 > 224.0.0.251.mdns: 53105+ PTR? 135.81.254.169.in-addr.arpa. (45)
-3:-41:-28.030732 216.206.239.140.mdns > 224.0.0.251.mdns: 0*- [0q] 1/0/0 (Class 32769) PTR[|domain]


224? That's not a valid address. Thats a class D (multi-cast address). My grep trick didn't work. Perhaps I should use tcdump the way I am supposed to ... that is, specify a port to search under (53 for DNS). That proves unsuccessful too.

I will open my search up again and monitor all traffic. Most is gnutella traffic to the 145 host. He is probably downloading some serious pr0n.


-3:-26:-55.474190 216.206.239.230.domain > 3.0.21.18.streetperfect: 1*- 1/0/0 A[|domain]
-3:-26:-53.417247 216.206.239.230.domain > 216.206.239.133.65464: 18090 NXDomain* 0/1/0 (138)
-3:-26:-53.433757 216.207.226.3.domain > 216.206.239.133.65465: 18090* 2/0/0[|domain]
-3:-26:-45.794876 216.206.239.230.domain > 3.0.21.20.1046: 1478*- 1/0/0 (59)
-3:-25:-51.399881 216.206.239.230.domain > 3.0.21.20.1046: 1479 1/0/0 (59)
-3:-25:-50.393049 216.206.239.230.domain > 216.206.239.133.65466: 24224 NXDomain* 0/1/0 (138)


Who the heck is this 3.0.21.20 guy, and what is he doing on this network? This is some puzzling traffic.


-3:-22:-43.077715 216.206.239.230.domain > 3.0.21.18.passwrd-policy: 1 1/0/0 (59)


Another schmoe from this 3.0. network. Doing something with a password policy? Tcpdump may be confused. It's probably just making assumptions based on the /etc/services file.

Oh crap! I'm going to be late getting back for this damn evening class. I will have to try to get out on this network again Thursday when I come back here in Mohican country. Be on the lookout for the Big Mac Attack Part II!

Monday, December 01, 2003

thebroken is busted
I come in to work this morning, park Audrey on an empty desk and get my messenger going, then log into IRC. Then after some coffee I decide it's high time I check the threads on thebroken forums. I log in, I start looking at threads ... then I realize I am seeing day-old stuff. So I reset my browser (dump the cache, etc) and go to log back in ... but ... it's dead. I get some SQL error. Woops. Wonder what happened there?



With Kevin on vacation, it could be a week or so before this gets repaired. But oh well. It's will give everyone some time off, namely me!

Last night I did it. I finished my resume. I went through my cover letter, dressed it up real nice. Then I began printing. This expensive 100 percent cotton paper I bought is crap. Half the sheets had some random cotton fibers stuck in them that were dark in color. But it did have the nice watermark on it, letting everyone know "I wasted money to print this". It's a sign of utter class. The envelope I put it into was also the nice 100 percent cotton kind. Now I wait. Please God, bring me a new job for christmas.

Meanwhile back at the office I am laying out my schedule for the week. Today ... nothing. I can play all day (and I have). Tomorrow, I go to Mohican again. Out in the middle of nowhere. No Internet. No nothing. Its a forest. Wednesday I go to Applecreek OH. This town consists of about two long roads. At least they have Internet access. But still ... it's a drive. Thursday, back to Mohican. Love it. Friday I get to come back to the office and sit some more.

I dread this week. I could really go for some aspirin. I don't know why I even bothered to show up. It's silly that I have to come in here and sit at a desk all day so that I can get paid for showing up. Even more rediculous that my hours of driving do not count as 'work time'. Again, get me out of here. If I get an unrecognised incoming call on my cell phone this week, I am dropping what I am doing to answer it. Operator, I need an exit.

Saturday, November 29, 2003

A Popped Grape
A few years ago, I worked with a guy named Dean. Nice guy, worked as a saleman for our company. Unfortunately, he never sold anything, and he liked to look at porn on the clock. But that's a whole different story. Dean had high blood pressure. On some days his face was all red and he would shake a little bit. He would joke with me about it, and say things like "the Deansters going to just pop", or "I feel like a grape getting ready to be popped". And he looked that way too.

I know nothing about high blood pressure, other than I seem to have a case of it. It started with me feeling really strange, and getting red in the face. My chest would ache, I felt very tense, and I just suddenly realized, "I was a grape!". A couple of times I was asked "why is your face all red?". So I did what any concerned person would. I went to the grocery store and stuck my arm in one of those machines that check your weight and blood pressure. The first time I tried it I was in teh very high normal range. No sweat. But I wasn't really 'feeling it' at the time. A few days later, I was feeling like 'the grape', and I was at the grocery, so I gave it another shot. I don't know what "Hypertensive" means exactly, but it was flashing red with all sorts of warnings so I know that's not good.

So what the hell causes high blood pressure?

  • Diet - Too much fat, not enough veggies.
  • Excercise - Stand up once in a while and walk around.
  • Stress - Get a new job.


That seems to be about the right order too. Which tells me I need to eat better, and just chill out.

Anyhow, I love thanksgiving. This is a bad time to think about 'eating better', because I have been eating like a fucking pig. You're supposed to this time of year right? Just half an hour ago I stuffed a turkey into the oven for dinner tonight. He is a healthy 20 pounder. We will be enjoying him with sides of stuffing, sweet potato caserole, and possibly some mashed potatoes. Yum.

Well ... about time to rotate and baste that turkey.

Historic Comments
You're a hard man to find an email address for. Email me!
Zachary Miller | Homepage | 07.22.05 - 7:15 am | #

Also, I guess I could post it to you. That might help. znmiller at sbcglobal dot net
Zachary Miller | Homepage | 07.22.05 - 7:16 am | #

Sunday, November 23, 2003

Wireless Retards

Unfortunately retarded people are not a good source of wireless networking. If they were, I would have myself the wireless equivelant of an OC-768 out here. It's 7:23AM here in Warrensville Ohio. I just drove a couple of hours to get here to teach an Office Integration 2000 course here at a State Run retardation care community. At least the second half of it as I understand. I am guessing really. This course was supposed to be completed by another instructor who put it off, and then got sick for two weeks. So lucky me, I get to finish it off.

I have not been here in months. It's been nice. We have no network connectivity here. We did at one time. But one day, the connection went dead. I inquired with the local administrator here and he was a snooty little bastard. Looks like we stepped on his toes. I was very nice on the phone, but it didn't cheer him up at all. I imagine that if I managed a network for retards, I would be an asshole too. He did not want our classroom on his network. Nobody asked him about it. So when he 'found' it on his network, he pulled the plug from the wiring closet. He sure showed us! The conversation ended something like this.

Me: Well, I am sorry that we were on your network. I certainly hope our network did not harm yours?
Mr. Switzer: No, but again nobody asked me about it.
Me: Right, sorry again about that.
*pause*
Me: Hey, are you related to a Shane Switzer in Columbus?
Mr. Switzer: No, I'm not (sounding annoyed).
Me: All right, well thanks for your time.
Mr. Switzer: Uh-huh. *click*
Me: How you doin'? Hello? How's your babies?
*dial tone*

Now I am in the middle of nowhere, with no network to speak of. It really sucks. When I rolled in this morning I was overjoyed to have picked up a signal. But it's several buildings away, and far too weak to make it's way to where I will be. And I would rather not roam the halls around here. There's retards everywhere. And I mean EVERYWHERE. You couldn't swing a laptop bag here without striking a blow to one. I have all ready heard my favorite retard wandering the halls this morning. She will ask you "How you doin?" and usually before you can answer that question, she asks "How's your babies?". This is the extent of her conversation skills. She is retarded afterall. So I always answer with something to the effect of "I'm great", and "they're just fine". But sometimes I get the feeling she just doesn't even care. Damn retards are so inconsiderate. She's all ready up the hall asking someone else about their babies.

Now I should probably get this classroom ready. I think they come in here at 8:00. But then, there is no way to know for sure. Since the previous instructor left me no paperwork.

8:05AM - Normally my students would come strolling in about now. But not this morning. I just called back to the office in Columbus. I have a class from 10 to 2:00PM with NO evening class. That makes me happy. I am a bit disturbed that I was 2 and a half hours early for class. But I don't care. I am just happy I won't be trapped here all day. Thank you o' Lord.

I am sick of working on my resume. I like it. I'm ready to mail it pending some peer approval. So now I think I will look through what I captured in the way of networks this morning with Audrey.



GRDAP1 is the one that's right around the corner, just out of reach. If I wasn't so lazy I might drive over there and leech it. But the parking lot is probably filling up now with staff so it would be a bad time to idle there.

Wris.com? Well aren't we proud. Congratulations, you WEP'd it dudes. What we are seeing here is the Goofus and Gallant of networking. The upper guy WEP'd everything, the lower guy secured nothing. These buildings are only about 300 feet apart. Perhaps they thought the SSID was their biggest concern, so they hid it. That will make it harder to connect surely. But still pretty easy to grab data from.



My capture runneth over! Damn you Cisco and your clever WiFi traps! I forgot Cisco has an office up this way. As I pass it on the freeway I am bombarded with hundreds of non-existent access points all at once. It makes me want to go exploring Cisco even more. If I could make my way through this haze, and attack their network anyway, wouldn't I be cool? Bah, I'm sure any real AP's in there are WEP'd.



3m3ra1d - DUDE J00 ARE TEH L33T!!!

ashlandscales - I can't be 100 percent sure, but I think this access point is attached to a weigh station for the highway patrol. It would make sense. I understand some trucks are WiFi equipped to provide quick trade offs of information for their "home base".



Sounds like a nickname for 'giving someone the finger' doesn't it? The FlyingJ is a gas station and also an eatery. It's one of those havens for truckers that slightly resembles the Star Wars Cantina. Among other things, they feature 2 full service counters, a foodery, baked goods, a CB shop, DVD selections, pay showers, and an Internet Station. These are little booths that you chuck 5 bucks into and then you can surf the web for a while. Silly. Sillier yet, is that you can sit in their parking lot and use their connection for free. Save the five bucks and put it towards some of those silver ladies mud flaps in aisle 3.



Hello Mr. Car Salesman. I would like to purchase a car at cost. I have those figures here with me. If you will not sell me the car at cost, I am afraid I will have to mail these figures to your past 200 customers. They may be irritated when they find what your markup is on these vehicles.



A neighborhood that would like to be explored. Applejacks? But if it doesn't taste like apples, why do you like it? Them: "We just do, all right?". Sorry. That was an Apple Jacks cereal commercial joke.



Now here is something interesting. I have had people ask me "Ray, if the SSID is hidden how do you connect to it?". My answer is generally, "if I look under the networks available, there are blank lines I can click on".

But then the SSID must not be hidden, it must be blank. If it's hidden, I should be asked to put in the SSID. So look at the above picture. We have a blank one, a hidden one (its' marked hidden) and then another blank. Odd. Perhaps I have been confusing "hidden" with "blank". I will have to explore this on my next war-driving expedition. Hopefully Discount Man and I will hold one this weekend.

That is about the extent of the interesting things I found this morning. I have spared you the countless 'linksys' and 'default' SSID's I came across. Not bad considering I hit every one of those from a highway where I was passing them at 80 MPH. You see, these things WANT to be explored. They are calling out to me as I speed by them.

Current Mood: Comfortably numb.
Musical Inspirations: Moby's 18 album, and Lord's Of Acid's Lust (The Most Wonderful Girl) I WANNA TOUCH MYSALF'!!
Casualties Of War
Just got back into town. Man is it good to be home. We were only gone for 2 days, but it seemed much longer. And now it feels good to be in my own bed, with Audrey in my lap, blogging again. Oh yeah, and Casualties Of War is on one of the movie channels. Michael J. and Seann Penn in their finest team-up film.

On Saturday we took the trip from Ohio on down into Huntington West Virginia. Oddly enough, I had a map to get there. About a year ago we took a trip to Virginia beach, and we must have passed through this town. The trip took about 3 hours. Once in town, we checked into our room at the Red Roof Inn. What a dump. The recliner had cigarette holes burned into it. The bed had big mattress dents. And we discovered later that we didn't even get shampoo. Nevermind about the missing iron and coffee maker I was supposed to have. The extra 10 bucks I paid for the room only got me a little desk that my huge laptop didn't even fit on.

The only good thing about the hotel is that there was an access point right across the street. I was happy because I thought I might be able to hit an AP from the room. We hit lots of access points. In fact, for being such a small town, they sure had a LOT of access points. My wife had Audrey in her lap and was reading me off SSID's and who was WEP'd as they sprung up.



Once inside the hotel, we got dressed up in our wrinkled clothes, and then it was back in the car to go find the funderal home. It was a short ways from the hotel. We were just outside of downtown, and the funeral home was on the other side. Downtown was only about 10 small blocks of single story buildings. It was actually a nice little town.

One we made our way to the wake, we greeted the few relatives we knew of this man and made some small talk with friends. It was a while before we got into the line to the casket. Once there, it was awkward. We were not direct relatives, or really direct friends. But we wanted to support Arthur Jr. Art Jr. is my wifes, brothers, 'special friend'. Basically, they are partners. The church doesn't like to accept that some people are gay, and have homosexual relationships. Therefore they are 'special friends'. I'm getting away from the story. There we are at the casket, greeting the widow. She is a very sweet woman. And her husband was an extremely nice man.

Looking at him in the casket was like seeing a stranger. I hadn't seen him in more than a year. We usually conversed with him at parties and get togethers around the fourth of July. But within a year, he had taken ill with a disease that ended his life quickly.

It was painful for the family. They had just recently all been together to celebrate the couples 40th wedding anniversery. I got the impression that they knew this might be their last anniversery party together. And that made you feel even worse. Arthur Wills was only 61 years old. And up until 1 year ago he was a perfectly healthy, happy man.

This morning we woke up around 8:30AM. It was nice sleeping in, even if it was in a dirty hotel bed. I was so ready for breakfast. Rotary's brother called inviting us to go to a park. We declined. Instead we went to Shoneys for a greasy breakfast buffet. The food wasn't bad. It wasn't fine dining, but it was all you can eat redneck style. I was pleased until I got a $17.55 bill. Whoah! No wonder they feed you so well here.

We had a lot of time to waste before funeral services. Several hours. So we did some shopping. But we didn't want to drive too far away from the small dowtown area where the funeral home was located. Wouldn't want to come to a funeral late. We hit a few shops, and then I just had to pull a quick war drive.

With Audrey in my wifes lap, I drove down the Marshall University strip. Access Points galore. Most un-WEP'd. The problem was, no parking. Like most campus areas, you need a special parking pass to go anywhere.

After cruising a few residential areas, I came across a nice strong signal, with a good parking spot. Location? Someone's law office. I know, because the building said "LAW OFFICES" on it. Pretty cheap looking law firm. I hopped right onto their access point, and grabbed an IP address. By subtracting a number, I found the one other compuer on this network and attached to it. Username: guest Password: guest

It was Windows XP. So I should have only had access to "ShareDocs" which never has anything in it. Here is what I got.



So basically, some weenie went against Windows XP's better judgement and shared the entire C: drive. I immediately went in and started poking around. Maybe I just wasn't in the mood, but I didn't find anything all that interesting. Some documents, a few odd programs that must be DOS based. I took a .wpd file from a Documents folder. I think it's a Word Perfect Document. Which, when opened with a plain text editor can be made somewhat readable. Just some losers file. Boring really. We decided to move on.

Our search for a coffee shop was hopeless. In this small town everything is closed on Sunday. So on to the funeral we went. It was a tremendous turn-out. We seated ourselves in the rear of the parlor to let the familys have the front seats. After a while, the funeral patrons were bringing out extra chairs to seat people behind us. Art Wills was a loved man, with lots of friends.

The service was really nice. They had a friend of the church lead the service, versus a minister. And they had a man sing some songs such as "amazing grace", and oddly enough "wind beneathh my wings". I hate the song, but it was done very tastefully. When that song hit the radios, it made me want to vomit. And the fact that everyone was acting like it was the song of the century made it worse. To top it off, this song means a lot to my wife who lost her aunt. It was very emotional.

We went on to the cemetary where two highly decorated soldiers removed and folded a flag that covered Art Wills casket. Very respectful. Art was a vietnam veteran. We then went by to the widows house where the family returned.

It was very uncomfortable, but I was glad we went. It seemed to be more family than anything else. And the night before my wife and I had a brief conversation with the widow that made me glad we made the trip. She told us how happy she was that we came. And how happy she has been to have Michael (my wifes brother) around during this dificult time. She told us how they compliment one another. And she shared some stories about how they were opposites of each other which always gave them a strong marriage. As she spoke with us, I looked around at all the photos. It was like a timeline of their loving marriage. It was terribly saddening.

This trip has served as a reminder that all good things come to an end. One day, my marriage will end. Not in divorce, but in death. It certainly makes you appreciate who you have in life.

It's getting late now, and I am beat. My wife is all ready dead asleep, and I am not far behind her.

Historic Comments
Idiot.
I hope you get arrested, what you did is illegal and connecting your wireless card to a CB antenna more than likely fried it's transmitter
Anonymous | 09.28.05 - 9:53 pm | #

Thursday, November 20, 2003

my favorite is cheer

Today's oddball title was stolen from a student I had this morning who was 'fat fingering' in a mail message to send to a partner. I was showing them how to use Outlook Express as documented in Windows 2000 Module II form Computer Prep. He intended to say something about enjoying cherry pie. But when he spelled cherry wrong, he didn't know how to correct it. So he just stopped typing. This simple phrase gave me a chuckle on an otherwise ho-hum day.

I was dreading coming back to this location in the forest this morning. Once I was here it wasn't so bad. I only had two students for my morning class. And they were pretty good students. They learned a little bit about folder structuring, file names, and even a few tidbits about e-mail. I am now between classes and dreading my 4 to 8 PM class. I all ready have about 8 people in the class, and there will be a 9th tonight. Trying to do simple labs becomes difficult when nearly all of your students have a hard time interpreting instructions. It gets even tougher when they begin reaching over and helping each other out. In fact, I had a guy Tuesday night look at the background properties of windows and tell his partner "you can have this thing look for new wallpaper on your computer". "How?", she asked. "You click there where it says search", he yells back. That got my attention. Had he discovered some new feature? Then the girl hollers back to him, "Uhm ... that says *stretch*". They're not all bright bulbs.

I have spent my day rather well. I just put a good hour into my resume and cover letter for a position I am applying for. I know it's not good to obsess over something like this ... but that's how I am. Perhaps it's part of that manic depressive living deep inside of me. Once i start thinking about something I want, it won't go away. Now I am spending endless hours of time working toward it. It's going to turn into depression when I find out that this position has all ready been filled. But I'm going to try and imagine that's not the case. I have to be optimistic. Even so, I will have worked pretty hard on a resume. And that's a good first step to admitting it's time to do something else with my career.

I like training. If I get out of it, there will be things I will miss. Namely the performance. When you teach to a group, you are like the star of your own show. You have all their attention. They are hanging on your every word. What you are saying is so important, that they take notes. There is a certain satisfaction in that. And I just like teaching people something new.

I'm really sleepy now. I think I will have Audrey play me some ambient Moby tracks while I get some shut eye between classes.

Wednesday, November 19, 2003

QUACK!

Know what that sound is? It's what you hear when you are a fucktard. This morning I come to work. The drive was miserable. A little bit of rain hits the road and suddenly everyone is wanting to steer into you. But let's forget about that.

So I walk in the door and find that this contract instructor has all ready started her class. She was brought in to teach a 3-day Oracle class. She is from Texas. And she is an idiot. About half an hour earlier I got a phone call from the office. It seems that there was a problem with her classroom setup. She was missing her powerpoint viewer! You would think an exerienced instructor with Internet access would know what to do. But who said she was experienced. She was obviously a certified Oracle instructor. And that is about the extent of her knowledge.

Our receptionist thought fast. She knew in the back offices we had copies of just about any Microsoft software. So she brought out an Office 2000 CD and handed it off to our instructor. She stared back blankly. "You can install Office 2000 ... custom install, and get powerpoint from this". But it was no good. She had no idea what to do. So she was told "someone will be in shortly to help you".

That someone was me. When I arrived, I threw open the door, and there were 12 students staring back at me. The instructor pointed to the open CD-ROM drive and said "that's the computer you need to put it on, not that other one". That was helpful for me. Because I knew that that other computer was actually a router. She also let me know that her D drive was "inaccessible". So I sat down, installed the powerpoint viewer, and headed out of the room.

That was easy. I grab some coffee and head into the server room to see how sick our mail server was this morning. As soon as I sit down, my door is opened, and there is numb-nuts. "It's telling me my D: drive is inaccessible". So I go into the room again. Now her students look slightly annoyed. I know this stupid game. She will soon be bashing this 'damn training center' for it's failing hardware. But I detect that some of these wiser students have all ready figured her out. I can *FEEL* them rolling their eyes at her. I walk to the machine, put her disc in, and bring up her stupid slides with ease. No problem. As I try to sneak out of the room again she turns and asks me (in front of her class) "so what was wrong with that thing?". I explained "You have to let the little disc spin around a bit before you try to access it" *wink*. It's hard to explain, but I put on my 'big boy' voice. The kind of tone you take when you are telling a 3 year old not to put twinkies in the VCR.

This was just the beginning of the idiots I had to deal with today. By 10:30AM I was full of rage. Partly because of the idiots, and also because of my work schedule. I am facing solitude for what will probably end up being weeks on end. Several times a week I will be driving out to a forest to teach the monkeys how to use Microsoft Office products. 2 hours out, 2 hours inbetween classes. 2 hours to drive back home. That's six hours from my 14 hour days that I will not be getting compensated for. I'm not exactly sure how this is a fair working relationship.

So I did what anyone would do. I hit the job sites. I have hit them before in the past. But today I felt like I was really looking. I think I have been slowly but surely talking myself into walking away from this job. It's futureless now. The longer I stay, the more meaningless my roles become. How will I ever get a raise when I go from teaching routing, to how to use a mouse. I am moving in reverse, and that is unacceptable.

I made the move to document a few jobs that sound really cool, and would probably pay very well. I even went out to the office supply store and bought some really nice paper to put my resume on. That %100 cotton stuff. So you will be taken seriously. Then I began work on my resume. And boy does it need work. I figure I have a couple of hours of downtime tomorrow I can use to work on it.

Well now bedtime is near. I need to get up early so I can drive into the forest again for class. Can't wait.

Tuesday, November 18, 2003

Wireless Cows

When I traveled to Tiffin just the other day I kept thinking to myself "what a barren wasteland". When I tell people I live in Ohio, they automatically thing I live amongst cows and cornfields. Traveling around I see why. After you travel about 30 miles outside of a city. There's nothing but cows and corn for miles.

Throughout my 2 hour+ journey to "Mohican" today I had Audrey trucking along looking for access points. I puposely waited until I was long outside of city limits before starting up the scan. Just to see what's active out here. What did I find? Nothing. No surprise really. In fact, I found so little that I decided to chart my trip for you all. I pointed my cantenna towards all sorts of things, yet none of them registered on my stumbler tool.



It wasn't until I hit the town of "Buttler" that I found anything. And that was only one or two access points. Before I knew it I had left the town. I saw one sign welcoming me, and another sign about two miles down the road that thanked me for my visit. The next little town I came to is what I think is "Perrysville". They registered a few access points on my list. But still only a small handfull. In the photo below you will see the entire list. Sad isn't it?



Unfortunately I had to drive about 7 or 8 miles past of these access points to get to my current location. A juvenile youth correction facility in the middle of a forest. And I do mean "a forest". Behind me I havd a giant ugly fenced in compound full of bad kids. In front of me a beautiful forrest loaded with old pines. The trees out here are so thick here it's amazing. Looking into the woods there is no sign of civilization. In fact. I was standing outside of my car on the cell phone and I couldn't believe how quiet it is out here. Creepy really.

Now I am in my car avoiding the wildlife (like a spoiled city dweller) and playing on my laptop. Unfortunately we are holding two classes a day out here. The first runs from 9:30AM to 1:30PM. Then I have a second class from 4:00 to 8:00PM. This sucks because although I am here all day long, I am only teaching 8 hours of it. Therefore I don't see a lick of bonus for it. It's a rip off. I guess the good news is that I don't have any classes tomorrow (Wednesday) or Friday.

So here I sit between classes with 2 hours to waste. At least I have my lappy! *hugging Audrey* And of course, I have YOU the reader. At least I think I have readers. People sometimes tell me that they enjoyed my journal. Please do leave comments. I read those (even if my counter doesn't really work).

Teaching Monkies To Fly

Last night I went home feeling rather stressed out. I downed several white russians. Not a bad drink. It's a nice way to get good and loaded without the bad taste of hard liquor. Before I knew it, I had drank about four. I slammed two (and I mean slammed) before even starting dinner. After eating and having a couple more I headed down to check my e-mail etc.

I saw that Kevin Rose was online and had messaged me. I gave a hollar back and let him know I was around (even though my away message said otherwise). I also explained to him that I had quite a long day. So I was going to remain in hiding with my messenger. He said he knew the feeling. Then I went on to tell him that my day consisted of teaching Word 2000 to computer illiterate state workers.

There is a certain sadness to my job that I know other instructors pick up on. For that matter, many IT people have to understand my pain. Sometimes I feel that I am not making a difference. Not that I should go home and cry. I get my paycheck. Who cares right? But what is the reason for all this? What do people take away from one of my classes? Often I figure the skills they do learn will not do them any good.

I'm not training doctors to find a cure for cancer. I'm not educating geologists who will later develop energy saving methods. I'm not training soldiers to murder our enemies. I am teaching Word to someone who will never use it.

I could only compare myself to Mathew Broderick and the monkies. When I laid down my analogy to Kevin and told him it was like that movie (with Mathew and the monkies) to which he replied "which one?". Now that I think about it ... there have been multiple titles with Mathew and a monkey But I was referring to that movie where these evil people are teaching monkies how to fly.

Why teach monkies how to fly? What the hell was the point of flying monkies? It's not as if we will ever put monkies into 747's and have them piloting commercial airliners. If you remember the film, there is a dark secret plot. The monkeys are being used as guinea pigs to see the effects on a pilot whos been exposed to radiation.

So what's with the monkies? I am teaching monkies how to fly. I give people skills they won't ever use. Why? Because I'm paid for it. They walk away feeling they have gained something. And sometimes they have. But not in these classes. Perhaps if I felt that I reached just one person. More often though, I feel that people really don't care. They see that they can get some classes and learn some computer related things. But once they are in the class they realize "I don't care about this stuff!".

Remember in the Matrix when Morpheus found Neo? Neo had actually been looking for him. That was important. Neo wanted to know things. He had been seeking answers. Imagine if Morpheus tracked Neo down, and Neo wasn't at all interested in learning the truth. Would he still train so well? Would he aquire the same skills if he knew in the end all of his work was pointless? It is my belief that the average person has the desire to become an IT-ish person, until they find that it's an unrewarding career. Sure, you can make good money. But you devote your life to a machine that will never thank you for it.

Like anything else, you have to be interested in something to learn about it. To work with it day in and day out. I can teach those who care. Yet, I can't teach someone to care. And sometimes, I feel that's what I'm really teaching. I teach people why they should care about IT.

Thats enough rambling. I had to get that off my chest.

Monday, November 17, 2003

Farmers Use WEP

While driving out into the wide open country that is 'Ohio' this morning I had Audrey (the laptop) at my side looking for Access Points. One of the few complaints I have about her is that her speaker kind of sucks. It's very small and music sounds really lousy on it. However, when I listen to music, I always plug in headphones. So who cares. On this drive, I wanted to play tunes, so I plugged my little FM stereo sending unit to the headphone jack. So I could play tunes from iTunes, and still hear the bells go off when KisMac stumbled onto an access point. And did it ever stumble!

Oddly enough, I was still hitting access points FAR out into the country. At times I was looking around a dead wasteland of weeds and left wondering "where in the hell could the access point be?". When there is nothing but farm, I must be picking up farms. It didn't surprise me really. Exploring southern Ohio I have also picked up many farms. I imagine the 'modern farmer' probably keeps things well synched with one another. Perhaps even use some tools for measuring crops, soil, etc. Or hell, maybe they want to ride around on their John Deere tractors listing to mp3's off a mapped drive back in the barn. Who am I to judge?

Below is a sample. Notice that all the access points have a MAC address that starts the same. The first three pieces of the MAC address (BSSID) indicate the 'vendor' of who manufactured the Access Point device.



Must be the same farm. Or connected farms? Who knows. Blew my mind. Notice that most of the points are WEP'd, some are not. All were found in the same stretch of road (a few miles) which is indicated by the time they were discovered in the far right column, and the fact that I was plowing down a 55mph highway at about 80mph trying to get to work on time. I know, I need a laptop battery. Forgive that it's suddenly 1969 again. *singing* In the summer of 69' - Whooaaahh!

Now here I am in Tiffin Ohio. Its lunchtime for me (2:15PM). No Internet. This sucks. I have about 2 hours before my next class. I was hoping for some wireless signals out here that I could leech on. No such luck. Closest wireless signal I could sniff out is about five miles closer to the residential areas of "Tiffin Ohio". I am now in the upper floor of a very old building. I asked a student when I arrived "any wireless connectivity out here?". His response, "wireless what?" was a good indication that they were behind a bit on this technology stuff.

I should have known. I'm coming out here to teach people how to use Microsoft Word. I guess it's a break from the kind of classes that I had been teaching. But I doing these courses requires a LOT of patience. My students are generally lacking in basic point and click skills. Anyhow ... off to eat my lunch and pray that 8:00PM comes fast so I can buzz back to Columbus.

Sunday, November 16, 2003

My Head Hurts

Man, this weather sucks. I woke up this morning with a wierd feeling in my skull. I think it's my sinus's. Whatever the hell it is, I don't like it.

Our bud Jeremy comes over today. Which is cool because we ain't seen him in ages. I'm sure we'll get our drink on, as well as engage in some other fun activities like movie watching.

Yesterday I finally sat down and read the 30 messages that had piled up on my KisMac mailing list mail folder. A few of the questions involved "changing a MAC address". This is something that has always bothered me. Changing a MAC address in Unix is cakework. But when I tried it a few weeks ago I got some wierd error message. After some reading I find out that it's never really worked in OpenDarwin (the basis for OS X), and the only way to force it to work is to edit the kernel. Not exactly my idea of fun. So I let that one go.

Now I come to find out that with the latest OS X release (panther) it is now possible to change that MAC! Pretty good news. Now 'ifconfig' has complete standard Unix functionality. This morning I cracked open my iBook and gave it a shot.

Ray-Haques-Computer:~ rayhaque$ su
Password:
Ray-Haques-Computer:/Users/rayhaque root# ifconfig
lo0: flags=8049 mtu 16384
inet6 ::1 prefixlen 128
inet6 fe80::1 prefixlen 64 scopeid 0x1
inet 127.0.0.1 netmask 0xff000000
gif0: flags=8010 mtu 1280
stf0: flags=0<> mtu 1280
en0: flags=8863 mtu 1500
inet6 fe80::20a:27ff:fe89:a22c prefixlen 64 scopeid 0x4
inet 10.3.0.1 netmask 0xff000000 broadcast 10.255.255.255
ether 00:0a:27:89:a2:2d
media: autoselect (100baseTX ) status: active
supported media: none autoselect 10baseT/UTP 10baseT/UTP 10baseT/UTP 100baseTX 100baseTX 100baseTX
en1: flags=8863 mtu 1500
ether 00:30:65:05:57:a1
media: autoselect () status: inactive
supported media: autoselect
Ray-Haques-Computer:/Users/rayhaque root# ifconfig en0 lladdr 00:40:01:02:03:04
Ray-Haques-Computer:/Users/rayhaque root# ifconfig
lo0: flags=8049 mtu 16384
inet6 ::1 prefixlen 128
inet6 fe80::1 prefixlen 64 scopeid 0x1
inet 127.0.0.1 netmask 0xff000000
gif0: flags=8010 mtu 1280
stf0: flags=0<> mtu 1280
en0: flags=8863 mtu 1500
inet6 fe80::20a:27ff:fe89:a22c prefixlen 64 scopeid 0x4
inet 10.3.0.1 netmask 0xff000000 broadcast 10.255.255.255
ether 00:40:01:02:03:04
media: autoselect (100baseTX ) status: active
supported media: none autoselect 10baseT/UTP 10baseT/UTP 10baseT/UTP 100baseTX 100baseTX 100baseTX
en1: flags=8863 mtu 1500
ether 00:30:65:05:57:a1
media: autoselect () status: inactive
supported media: autoselect
Ray-Haques-Computer:/Users/rayhaque root#


As you can see, it worked. I changed my MAC address. Some other proof would be nice eh? How about I connect to my router, and have it tell me who it's connected to (by MAC address) using arp -a.

Ray-Haques-Computer:/Users/rayhaque root# ssh ray@router
The authenticity of host 'router (10.0.0.1)' can't be established.
DSA key fingerprint is (removed).
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'router' (DSA) to the list of known hosts.
Password:
Last login: Sun Nov 16 13:32:55 2003 from gloop

Welcome to Ray's router.

Watch your step. Don't forget to visit
our salad bar. And please, no spitting!

$ arp -a
? (10.0.0.1) at 00:20:78:05:4d:c1 on dc0 permanent [ethernet]
gloop (10.0.0.10) at 00:08:c7:6b:2c:37 on dc0 [ethernet]
tina (10.0.0.11) at 00:10:4b:71:cc:8c on dc0 [ethernet]
? (10.3.0.1) at 00:40:01:02:03:04 on dc0 [ethernet]
d60-65-(removed) (65.removed) at 00:50:57:00:a5:46 on fxp0 [ethernet]
$


You see me on that list? I am 10.3.0.1. And that is the MAC address I made up. Man, ethernet is so easily fooled.

What does this mean? Some Access Points rely on MAC filtering. That means that they have a dynamic/static list of the "hardware based" addresses they will talk to. Since hardware addresses cannot be 'changed' it's a pretty good system. As you have just witnessed though, Unix makes it easy to 'front' a new MAC address. I didn't change the physical address (thats near impossible). I am simply lying to the network. Using this same trick, I can effectively monitor a wireless network, steal away a client's MAC address, and begin using it.

The effects may not be good. I will be using their hardware address, and so will they. This will most likely confuse the hell out of a router if that PC and I are both connected. Traffic coming back from the AP will be collected by both of us. You have to wonder what that PC will be thinking when traffic comes back that it did not initiate.

Only experimentation will tell. Looks like I will have to plan a wardrive expedition.

Thursday, November 13, 2003

Laws Of Wardriving

So last week I am stumbling around a server room, knee deep in cables, dead PC's and general techno-trash. I am waiting for the MAIL server to make it's next move. To entertain myself I pop open my iBook and see a few new updates. So I attempt to install them and find that my access is SHOT. It's sooooo slow. Eventually I figure out, I am not connected to my access point at the office, I was on someone elses.

Today I finally made the decision to step onto the access point and check out the network. I have a feeling that thie access point is one I found a week or two earlier named 'linksys'. The name had now been changed to reflect the name of the firm. Yes, a law firm on an unprotected wireless network. Interesting.

The approach: I took my usual first approach with the network. I checked out my IP, and then starting working my was backward pinging for hosts. My IP ended in 8, so I tried 7,6,5,4, 3, and 2. Most answered, and I didnt check out the IP ending in 1, because that was the access point.

Next I ran a nice util called "smbutil" to check out the first target. Here is what it returned.

Ray-Haques-Computer:~ rayhaque$ smbutil view //(removed).4
kextload: extension /System/Library/Extensions/smbfs.kext is already loaded
Password:
Share Type Comment
-------------------------------
IPC$ pipe Remote IPC
print$ disk Printer Drivers
SharedDocs disk
awest printer HP LaserJet 1200 Series PCL
Printer2 printer Canon Bubble-Jet BJC-85
ADMIN$ disk Remote Admin
C$ disk Default share

7 shares listed from 7 available
Ray-Haques-Computer:~ rayhaque$


This was interesting. A SharedDocs folder indicating that it was probably Windows XP. And a couple of printers. Perhaps a Windows 2000 box serving as a print server? I make a couple of bad attempts to connect to the admin share. No dice. Oh well. NEXT!

Ray-Haques-Computer:~ rayhaque$ smbutil view //(removed).2
kextload: extension /System/Library/Extensions/smbfs.kext is already loaded
Password:
Share Type Comment
-------------------------------
E disk
PRIVATE$ disk
SHARED_DRIVE disk
IPC$ pipe Remote Inter Process Communication

4 shares listed from 4 available
Ray-Haques-Computer:~ rayhaque$


I wonder what's on E? It says 'disk', but more likely it's a CD-ROM shared out. Reguardless, I couldn't guess the admin password so we won't know. But did you notice the private share? It's funny how Microsoft hides shares ending with a dollar sign ... but using a *nix SMB client obviously ignores the 'hide me' aspect of it. Neat! - NEXT!

Ray-Haques-Computer:~ rayhaque$ smbutil view //(removed).3
kextload: extension /System/Library/Extensions/smbfs.kext is already loaded
Password:
Share Type Comment
-------------------------------
D disk
HP_DISK disk
IPC$ pipe Remote Inter Process Communication

3 shares listed from 3 available
Ray-Haques-Computer:~ rayhaque$


By now I am getting discouraged ... but I hit the goldmine. This "D" share turns out to be a very open share that is used to dump backups to. Funny how the whole network is nailed down pretty tight. Yet, a shared folder with guest access has everything important put into one place. My initial view is below.



I wonder what's in that backup folder? Click-click!



Two backups to chose from. Neither one is really current. I'll check out the newest one though and see what I can dig up.



Was this really important Tammy? What the hell? Does your employer know you are wasting his drive space for this trash? Let's see what else you are holding onto.



I am wasting my lunch hour on this. I could be out in my car, surfing a real network, in search of interesting tidbits. Still, Ricky made me do a double take. Sad thing is, this is only one about about 20 different stuff animal with penis photos. Finally, I stumble onto something worthwhile.



A law firms complete client database, organized by name. Inside each directory is a couple of MS Word documents. They detail each clients history with the firm, the status of their case, etc. It's a pretty large database. I poke in and out of a few records, and continue onward. This would prove to be the highlight of my search.

Ray-Haques-Computer:~ rayhaque$ smbutil view //(removed).6
kextload: extension /System/Library/Extensions/smbfs.kext is already loaded
Password:
Share Type Comment
-------------------------------
IPC$ pipe Remote IPC
print$ disk Printer Drivers
hpdeskje printer hp deskjet 940c series

3 shares listed from 3 available
Ray-Haques-Computer:~ rayhaque$


What the hell is this, a print server? Everybody in this joint has a printer it seems. The admin shares aren't showing, but I try and access them anyway. My attempts are fruitless, and I am unable to uncover their administrative password.

Running out of lunch hour, I decide to check out one more thing. The access point. Surely whoever set it up must have changed the password.



Nope! I walk right in. Maybe I should have started here? It occurs to me that I could have gotten some hints for those administrative passwords by seeing the resgitered PC name in the DHCP client table. I bring it up and see some hostnames. I blurred them for 'privacy' if there is such a thing.




I also poke around the other areas of the WAP's settings, and take interest in the WAN connection, which is using PPPoE. That's Point-to-Point-Protocol Over Ethernet. This is more or less what I consider the poor man's VPN connection. Interesting way of keeping connected to what looks like the ISP.



All in all, not a bad days wardriving adventure. And I never even left my desk. I am pleased not only that my new Cantenna rig on my lappy pulls in some serious WiFi signals, it still works just fine without any external attachment. That was a conern I had doing that little operation.

And now if you excuse me, I need to help my son and daughter pass the next level of Odd World (the best Playstation game ever). And in a short while, I will be laying the pipe to my wife. So please, do not message me. KTHX!

Tuesday, November 11, 2003

Happy Birf'day To Rotary

Tomorrow is actually my wifes birthday. But it's been a crappy day for both of us, so I thought getting her a birthday gift would make us both feel better. It worked!

I went up to Best Buy to look for what they didn't have yesterday. Napster 2.0 'credit cards', and the new Pink CD. I had watched several nights ago as she tried for probably a few hours to download a few songs. Sometimes filsharer's can be real idiots. It's like, if you download a song that's incomplete, or bugged, delete the damn thing. Instead people keep this retarded broken loops, and my wife ends up downloading them. So I thought I would buy her some download credits with the new pay-per-download Napster service. Yet these "credit cards" for Napster aren't out yet ... and probably won't be out until Christmas.

I did have luck getting the Pink CD which turned out to be a good purchase. Along with the CD you get a second DVD disc with a music video, some interviews, and some other perks on it. Looks like she's really happy with the music too. Which was cool. I hate when I buy a lousy gift.

I also did some war-driving today with my freshly modified iBook. Right after pulling out of my driveway, I was all ready picking up new access points. Driving through my neighborhood I was hitting points that I knew were a block or two away, and some that I had never heard of.



Heading along the highway on the way to work I was hitting access points by the dozens. I will have to plan another expedition this weekend to have a longer war-drive with it and see what kind of results I can get. Should be good!

Monday, November 10, 2003

Punting Puters'

I know it's a little immature, but about an hour ago, I about broke my toe kicking a PC. I am on about my fourth or fifth computer trying to make a PC for my son that works. The poor boy asked me for Linux. He liked the fact that he could have an operating system that is *not* Windows. How could I say no? Why have I waited so long to give him something other than windows? What kind of father am I? So I have been trying since Friday to pull together parts from my various scrap piles that will work. I need to dispose of some of this buggy old hardware.

This is actually my first project of the weekend. My second was to add an external Cantenna connector to Audrey (my iBook). I thought I had better first find a BNC connector to use. I am all out of old network cards. I have gone through several of them salvaging the tough BNC mounts off of them. Then I came across something I used to carry around in my bag called an Ether-Pocket. This little device hooked to your parallel port to provide basic SLOW network connectivity. It had a RJ-45 connector AND a BNC. So there was my part. Trouble was, I liked it a little too much. I also found that it would be hard to mount the BNC connector to my iBook sideways, and still allow a BNC connector to attach to it. So I decided to mount the whole damn thing to my iBook, and run a wire to the inside.

It took about 6 screws to take the iBook screen apart. As I suspected, inside the plastic covering were little dangling antenna thingies on either side of the iBook display. One was labeled "MAIN" and the other was labeled "AUX" (Auxilary). I thought attaching to main was my best bet. Doesn't look like it mattered, they both went to the same place.



I ran a cable straight from the "MAIN" on down to a hole I drilled near the bottom of the screen. It was easy running the cable inside of my Ether-Pocket thing and soldering it down. For my next trick, I will take it on a war drive with a cantenna and see if my mod did any good. I certainly hope so. This project was a pain in the ass!

By the way, if you have been calling my house asking for Doddie, the bitch doesn't live here. Stop bothering me when I am trying to drink!

Sunday, November 09, 2003

Campus Wardriving

We had a plan for the night. Try out some new war-driving innovations. I had a few new new tricks to try out. One was a long magnetic CB antenna. I had changed the end from an N-type to a BNC to fit my mod'd WiFi cards. Further fun could be had with what we have been calling 'the bazooka'. This is four soup cans duct taped together which gives roughly a 43 decibal gain to your WiFi card.

The magnetic mount antenna failed to give us anything. Perhaps because the cable was too long, and it was in no way focused to the range we needed. The bazooka was just too damn big. It probably wouldn't have even fit into DM's truck cab. So we left it all behind. The weapon of choice for the evening would turn out to be the "Kaluha-tenna", and the first WiFi mod we did with a D-Link card.

Before leaving out, we got drivers loaded onto Discount Mans VAIO, and loaded up his truck with our lappys, the inverter, and our winter caps. It was damn cold. We headed out to the OSU campus area, picking up access points all the way. DM offered to purchase me a fine coffee brew, so it was onto Stauffs the coffee shop. We could barely get in the door. It was packed. After a few minutes we scored a table with an outlet. Which was good, because I have no battery in my lappy, and DM's is on it's way out.

DM played some UO games, and sent many instant messages. Sometime looking around, seeming confused, and then going back into his deep state of concentration. All the while I attempted to access file shares on neighboring yuppy coffee drinkers. The banter around me made me sick. I got a guy behind me talking about heat sinks. For about 40 minutes. Heat sinks. This other fat idiot plopped himself down and broke his coffee mug. It was this hideus looking vase thing that he probably made himself. I wanted to pick up the larger of the two pieces and beat him with it.

video

I also played with DM's QuickCam and took some fun pictures, which you are seeing decorated my Blog nicely. The coffee ran right through DM and he hopped up to piss. There was a guy sitting behind him with a chick who really seemed happy to the fact that a camera was pointed at him. I thought this shot of him "cheesing" for the camera is priceless. His date looks real amused with him too.



So we took a drive through campus. And all I can say is "wow". It was a goldmine of activity. In many ways. It was Saturday night, and you couldn't swing a dead cat without striking a drunken college student. Heading through some alleys with the Kaluha-tenna at hand we got some strange looks, and some nasty comments. DM heard one guy call us "the fuzz", indicating that we might be the undercover campus cops. We got mooned. Nothing like staring down 5 or 6 hairy asses. At which point we moved on.

We headed up and down the sorority and dorm areas and were finding mass amounts of access points. Sometimes as many as 8 at a time that were all serving handfuls of active computers. The bad news was there was absolutely nowhere to park. When DM was finally able to find a parking spot, it was hard to reach the WAP's. The trouble with using a cantenna is that your receive strength is always much greater than your send.



I found a few open shares and some stuff I really wanted. Like "I'm fixin' to die rag - By Country Joe and the Fish". It's a great song about Vietnam, and a tough MP3 to acquire. Yet ... it was *just* out of reach. It irritated me. And everyone in the dorm was running Windows XP. Most of them were sharing nothing. Jerks. We'll teach them. We'll rename their access point.



As the WAP rebooted there was a long pause before it started advertising again. But it came back. Here is us reconnecting to it under it's nice new name.



Discount Man then drove me through his neck of the woods to explore some University owned areas. Naturally, they were all WEP encrypted. Boring.

We went by DM's house so he could let his dog out. And I was also able to attach to his access point. He has his set to hand out IP addresses on a 192 network. Yet, he runs a 10. network. Other than that little gag, it was wide open. So we decided to make some security changes on it, and also rename it. The name is based on a Flash show someone made about Papa Smurf having his ass licked. Inspiring.



Driving through the 'dirty dorms' we came across a residential network. It's referred to as 'ResNet'. DM says his students are always talking about "haxx0ring res-net" like it puts you right up there with Kevin Mitnick. So we thought we might try and get into the WAP. It was simple. Default passwords. We contemplated changing the name of the point to the full name of one of the students. Just to incriminate them. I know ... not nice. But we decided to try and use a question instead. Complete with a question mark which I wasn't entirely sure would work.


There was a LONG pause there. Something didn't seem right. Just as we're driving off, it showed up with it's new name.




Whew! We wouldn't want to leave college students without connectivity. DM was more than ready to move on. There were about 3 security vehicles patrolling a very small area. And we were getting some odd looks. DM was ready to head home. I was too. It was about 2:15AM.

On the drive home I continued to review our results on DM's lappy in Netstumbler. It was awe inspiring. I just *have* to get a cantenna rig going on Audrey (my iBook). As it was, DM's VAIO had all the fun this time. Poking around DM's hard drive I come across that awful "Magic Stick" song and begin playing it. He's rolling his eyes saying "when did you download that?". I sware it was on his hard drive. So I play it full blast. He had his bass booster plugged in to his VAIO's accessory bay. So it sounded real nice.



All in all, it was a great adventure. DM headed back to the place he is house-sitting. And I ran up to bed with Audrey to begin this blog. But it was 3:00AM at this point and I was tired. So I put Audrey down and watched some TV with Rotary who I had woken up a few times being so noisy. Sorry. :-( The coffee was keeping me up. And Rotary seemed to be kept up with a cold. I eventually passed out.

Now, its the following morning and I need to get my son's computer going. I promised him Linux, and his computer is just hosed. Locking up, losing the CD rom. It's just broke. I think I need to start over with different parts.

See you later.