Best Book Bejtlich Read in 2010

It's the end of the year, which means it's time to name the winner of the Best Book Bejtlich Read award for 2010! I've been reading and reviewing digital security books seriously since 2000. This is the fifth time I've formally announced a winner; see 2009, 2008, 2007, and 2006.Compared to 2009 (15 books), 2010 was a good reading year -- 31 technical or security books, or my fifth highest total since 2000. Incidentally I read a decent number of...

Read More

Reflections on Four Tufte Books

This week I finished the four main books written by Edward Tufte, namely The Visual Display of Quantitative Information, 2nd ed, Envisioning Information, Visual Explanations, and Beautiful Evidence. I decided not to review them individually at Amazon.com for several reasons. First, I received them as a set 2 1/2 years ago at The Best Single Day Class Ever, what I call Tufte's class. Tufte's class and written work present a single set of ideas...

Read More

2010 Review - 11 Best Tutorials for Learning Inkscape

This list is not necessarily the best Inkscape tutorials per se, but this is a list that will help someone become an expert using Inkscape. If you are a beginner just starting to use Inkscape, completing these tutorials will help you understand a great variety of the tools that Inkscape has to offer.!-- google_ad_client = "ca-pub-1243617165883857"; /* Graphic Design - Large Rectangle */ google_ad_slot = "7827579024"; google_ad_width = 336; google_ad_height...

Read More

Review of The Dragon's Quantum Leap Posted

Amazon.com just posted my five star review of The Dragon's Quantum Leap by Timothy L. Thomas. I'm posting the entire review here because it's the sort of content that I believe should get wide exposure.The Dragon's Quantum Leap (TDQL) is the third in a trilogy by Timothy L Thomas. A colleague introduced me to all three books, and an expert on the Chinese hacker scene was kind enough to secure a copy of the book. I thank all of them for the extraordinary...

Read More

Review of Decoding the Virtual Dragon Posted

Amazon.com just posted my five star review of Decoding the Virtual Dragon by Timothy L. Thomas. I'm posting the entire review here because it's the sort of content that I believe should get wide exposure.Decoding the Virtual Dragon (DTVD) is the sequel to Timothy L Thomas' 2004 book Dragon Bytes. A colleague introduced me to both books, and an expert on the Chinese hacker scene was kind enough to secure a copy of the book. I thank all of them for...

Read More

Review of Dragon Bytes Posted

Amazon.com just posted my five star review of Dragon Bytes by Timothy L. Thomas. I'm posting the entire review here because it's the sort of content that I believe should get wide exposure.A colleague introduced me to Dragon Bytes (DB) by Timothy L Thomas, and an expert on the Chinese hacker scene was kind enough to secure a copy of the book. I thank all of them for the extraordinary journey presented in DB. Published in 2004, DB is an historical...

Read More

Steve Jobs Understands Team Building

I stumbled upon the following excerpt from the 1998 book In the Company of Giants by Rama Dev Jager and Rafael Ortiz. They interviewed Steve Jobs, who had the following to say about team building, as printed in BusinessWeek:Q. What talent do you think you consistently brought to Apple and bring to NeXT and Pixar?SJ. I think that I've consistently figured out who really smart people were to hang around with. No major work that I have been involved...

Read More

Trying PC-BSD 8.2-BETA1

After reading PC-BSD 8.2-BETA1 Available for Testing last week I decided to give the latest version of PC-BSD a try on my ESXi server. I failed earlier to get the installation to succeed using PC-BSD 8.1, but I had no real issues with the new BETA1 based on FreeBSD 8.2 PRERELEASE. (PC-BSD will publish their final 8.2 version when the main FreeBSD project publishes 8.2 RELEASE.)For this test I downloaded the 64 bit network installation .iso and...

Read More

Trying VirtualBSD 8.1

Reece Tarbert sent an email announcing the availability of VirtualBSD 8.1, a version of FreeBSD 8.1 aimed at demonstrating FreeBSD on the desktop. It's a 1.3 GB zipped VMWare image that expands to 4.1 GB. I downloaded the image via Bittorrent, expanded the image, and then used the VMWare Converter to transfer the VM from my laptop to my ESXi server. I accepted all the defaults and successfully converted the VM. However, after booting the VM I...

Read More

FreeBSD on Amazon EC2

Thanks to Colin Percival you can try FreeBSD on Amazon EC2! According to Colin's blog more is to come, but for now you can try FreeBSD 8.2-RC1 and FreeBSD 9.0-CURRENT. I decided to try spinning up 8.2-RC1. I used the command line tools for Ubuntu rather than the Web interface.richard@neely:~$ sudo apt-get install ec2-api-toolsrichard@neely:~$ export EC2_PRIVATE_KEY=$HOME/.ec2/pk-GO7RNG3LZTNPOUD5TH4YRCA4LFNGP5SB.pemrichard@neely:~$ export EC2_CERT=$HOME/.ec2/cert-GO7RNG3LZTNPOUD5TH4YRCA4LFNGP5SB.pemrichard@neely:~$...

Read More

Bejtlich Teaching at Black Hat DC 2011

Over the holiday break I've been putting the finishing touches on TCP/IP Weapons School 3.0, to be presented first at Black Hat DC 2011 on 16-17 Jan 11. This is a completely new class written from the ground up. I'm very pleased with how it has developed. While keeping the distinctions from other offerings that I described last year, I've extended this third version of the class to include explicit offensive and defensive portions. Students will...

Read More

Speaking at RSA 2011

Mike Rothman and Rich Mogull were kind enough to invite me to speak at their e10+ Experienced Security half-day event on 14 February 2011 at RSA 2011 in San Francisco. I'll participate in the "What's Going to Keep Me Up at Night?" panel. (The joke possibilities write themselves.) I'll stay for a few days of the conference as well. I like the idea of an event aimed at senior security people, i.e., 10+ years of experience. Please consider checking...

Read More

Courtesy of APT

The photo at left is Bill Sweetman's take on a photo posted to an aviation forum (.jpg) that is probably China's Chengdu J-20 fighter, claimed to be their "stealth fighter." Bill's comment caught my attention:I think that we can count on China to start delivering more technological surprises - and in some cases they will be aided by cyber-espionage. Remember that's what the Advanced Persistent Threat is all about, and the great thing about cyber-espionage...

Read More

Tip of the Day - Scraping ice off your windshield

Living in Utah, many mornings I get the joy of scraping ice off my windshield.  There was a trick I learned last year that was a great time saver.If you live in an apartment complex, or park in a parking lot, look for a spot near a tree.  If you can park under a tree (evergreen trees work best), it will prevent ice from forming on your windshield.Last year I found a nice big juniper tree to park near and I never had to scrape ice off my c...

Read More

Enhancing the colors of your photos

There are many different ways to enhance the colors of your photos using the Gimp. In this tutorial, I will show you the basic process for color enhancement, then I will show you differences in each method so you can decide which way is best for you. Read article...

Read More

Tip of the Day - Backing up Important Documents

For a few years, I worked in a computer lab giving technical support. The saddest thing I would see is when students would spend hours and hours on a document and have it all lost because they reset the computer or there was a power outage.  There is a simple solution to making sure you never loose a document: Use Google Docs.  Google docs will save your document every 5 minutes. You can access it anywhere you get the Internet, and it is stored on a very secure server.People may argue that Google Docs does not allow you to do what Microsoft...

Read More

How to remove elements from your photos without using the clone tool

NOTE: Resynthesizer no longer seems to work well in newer versions of Gimp. It has been replaced with the tools Heal Selection and Heal Transparency. I did a tutorial on those tools here. Frequently, you will have a need to take an element out of a photo. In the past, I have always used the clone tool, but recently, I discovered the Gimp plugin called Resynthesizer. When I first used it, my mind was totally blown! In this tutorial, I will show...

Read More

Tip of the Day - Running Programs from your USB Drive

One thing that I have been doing for the past 5 years or so has been running all my programs from a portable or USB drive.  This allows me to take my software wherever I go.  If I need to use certain programs on other people's computers (or on school computers where they don't allow you to install software), this has been a perfect solution.I recommend using portableapps.com or liberkey.comBoth of these come with custom start menus and other options.I started out using portableapps, but recently I have been using liberkey.  Liberkey...

Read More

Powershell LSOF/Parsing Netstat Part II

Two 'lsof for Powershell' scripts covering v4 and v6 have been placed here:hhttp://rmfdevelopment.com/PowerShell_Scripts/PS_LSOF.ps1http://rmfdevelopment.com/PowerShell_Scripts/PS_LSOF_gwmi.ps1This is a second update to this script which matches the port to the process in Powershell by parsing netstat for TCP and UDP and then appending 'ps' or 'gwmi' information associated with the process related to that port.  There's nothing in this function...

Read More

Tip of the Day - Using someone elses computer to use the Internet

Ever been to a friend's place and needed to use their computer for just a bit?  You get on, then log off their Gmail, log off their Facebook etc just so you can log into the same websites.Next time you need to do that, try this: Use the browser's incognito or private browsing mode (CTRL+SHIFT+P for Firefox or CTRL+SHIFT+N for Chrome).  This way, it keeps the existing user logged in to their email or Facebook, and you can still log in.  It won't keep track of your history or passwords and it is a quicker and hassle free way to use...

Read More

How to make money from your blog

I think there are a few types of bloggers.Those who blog because there are passionate about something, or want to share something with others.Those who blog just to make money.A combination of the previous two bloggers.If you are reading this, you are probably the third type of blogger. You probably already have a blog and have begun wondering if you can make money on your blog or not. This post will talk about why you should or shouldn't try to make money on your blog and what you can expect in your attempt.Read article...

Read More

More WikiLeaks News

Pro WikiLeaks hacker group’s DDoS tool downloads top 40,000 (12/13/10)Imperva, the web security specialist, has reported that the tool released by the Anonymous Hacker Group for would-be WikiLeaks protesters has been downloaded over 40 000 times, with the majority of downloads occurring in the US. Imperva said there were three versions of the denial of service tool that members have been able to use:http://www.infosecurity-magazine.com/view/14611/pro-wikileaks-hacker-groups-ddos-tool-downloads-top-40000/ Anonymous attacks more websites, as second...

Read More

Edit Movie Poster Text Using Gimp - Chronicles of Narnia

Yesterday I had a friend ask me for help editing a movie poster for Chronicles of Narnia. This will be a long and in-depth tutorial that will focus a lot on replicating existing text. Read article...

Read More

Tip of the Day - How to Bowl a 200+ game

I think that most people have the following two misconceptions about bowling:You should bowl straight down the center, hitting the pins head onYou should force spin on the ball and curve it into the pinsThis tip of the day/tutorial will tell you why these are not the best options, and what you can do to improve your bowling game. Read article...

Read More

WikiLeaks

So Wikileaks recently made the news headlines on all major media. Companies with dirty secrets needs to be on extra vigilant and watch out for attacks. The next attack target, BAC??? Are controls and processes in place?? What mitigation techniques are effective? Let's monitor and watch for now. :)Attacking BAC The Hacka ...

Read More

Taking advantage of Facebook's new layout to make a cool screenshot using the Gimp

Facebook's new layout has a bit more pictures on it, which makes it handy if you want to make a creative screenshot. This will be a quick and easy tutorial.Read article...

Read More

How to make a flash diffuser and reflector from your existing built in flash

There are hundreds of easy ways you can build a flash diffuser and reflector, but I think this is by far the easiest and cheapest. Read article...

Read More

How to make Wassail - The cheap and easy way (the geeky way)

Yay for Christmas! Yay for wassail. This is the quick and easy way to make it. Since this is a blog for geeks, this is NOT a recipe; just a general easy way to do it. Recipes are lame.Read article...

Read More

How to make a Christmas card or flier - Elegant style

This is another Christmas card/flier/invite tutorial using Inkscape. This one will be a bit more elegant and feature a Christmas tree made of snow flakes. Read article...

Read More

How to make a Christmas card or flier - Christmas present style

For this tutorial I will show you how to make a Christmas card or flier using Inkscape. The end result will be a card that looks like a Christmas Present. Read article...

Read More

Splunk 4.x on FreeBSD 8.x using compat6x Libraries

Two years ago I posted Splunk on FreeBSD 7.0 showing how to use the FreeBSD compat6x libraries to run the 3.4 version of Splunk compiled for FreeBSD 6.x. I decided to try this again, except using the newest Splunk on an amd64 FreeBSD system.As you can see below, it took me only a few minutes to get the system running thanks to the precompiled compat6x-amd64 package. If I needed to install on i386, I could have used the ports tree.r200a# uname -aFreeBSD...

Read More

Tip of the Day - Portrait photography using a zoom/telephoto lens

Usually when you want to take nice portrait pictures, you will use a nice, fast lens, and adjust your aperture to get a blurry background.The reality is that most people have a simple point and shoot camera that does not allow manual aperture settings, or they don't know how (or why) to change the settings.Next time you are trying to take a portrait photo, try zooming in all the way and standing back a bit. This will create a blurry background and have a nice effect.  When you do this, make sure to have steady hands and good lighting (this...

Read More

How to switch the face of someone famous with your face

A few years ago I started making a lot of cheesy Valentines with my face inserted on the body of someone famous. Then I would write something super cheesy for the Valentine. I have gotten better over the years and thought this would make a great Gimp tutorial. The tutorial is mainly concepts, so you could probably do this in Photoshop as well. Read article...

Read More

Tip of the Day - File organization

We often create folders to contain a set of organized folders.  For instance, we can create a folder called "Pictures" and have many picture folders inside, or a folder called "Music" and have folders inside that are albums.When we want to organize some of these folders, we will usually create a folder called "organize" or "sort me."  Something to let us know the content needs to be sorted.Next time you create a folder like that, call the folder "0rganize."  Use the number 0 instead of the letter o.  It looks almost identical,...

Read More

Tip of the Day - Better file navigation

Suppose you want to go to another Window to navigate to a file, but you still want to keep your current window open. Instead of opening a new window, hold the CTRL key down while pressing the folder icon for going up a level. This will open the level in a new wind...

Read More

Tip of the Day - Deleting files

Next time you want to delete a file, hold the shift key down while pressing delete.  This actually deletes the file rather than sending it to the recycle bin. This is a good way to delete sensitive da...

Read More

How to eliminate your cell phone bill

I have never had a cell phone plan. I pay about $20 a YEAR to use my cell phone. I always try to explain how it is I do this, and recently my friend suggested I do a tutorial on it. So here it is!Read article...

Read More

Pimp your blog - Make your blog look less bloggy and more like an actual website

Before and AfterThis tutorial is to show you how to change your blog from something ordinary or boring, to something that looks less like a blog and more like an actual website (or to just become a better looking blog). Read article...

Read More

Wedding Photo Enhancement using The GIMP

I have been giving a lot of love to Inkscape lately, so I thought I would do a Gimp tutorial today.I recently did a photo shoot for a wedding. I will show you how to do some enhancements to the photos using the GIMP. Read article...

Read More

Bruce Schneier, Cyber Warrior?

Do you remember the story from the Times in 2009 titled Spy chiefs fear Chinese cyber attack?[UK] Intelligence chiefs have warned that China may have gained the capability to shut down Britain by crippling its telecoms and utilities.They have told ministers of their fears that equipment installed by Huawei, the Chinese telecoms giant, in BT’s new communications network could be used to halt critical services such as power, food and water supplies.The...

Read More

How to change your Blogger Favicon - Pimp your blog Part IV

If you look at the left corner of this open tab, or the left side of the URL box, you will see a small icon. This icon is called the favicon. If you have a blogspot blog, then your favicon will look like an orange B. In this tutorial I will show you how to change that icon using Inkscape and Gimp.Read article...

Read More

How to make a simple text logo for your website or blog - Pimp your blog Part III

Now that I have thought of the name "Tutorial Geek" for my blog, I am going to make a simple text logo rather than just having simple text. I will show you how to do this in Inkscape. This is similar to my post on Textures. Feel free to refer to that for additional ideas. Read article...

Read More

How to change your Blogger domain URL - Pimp your blog Part II

This is going to be about how I changed my blog name and URL from mckayhead.blogspot.com to tutorialgeek.blogspot.com and kept all my stats and links in tact. Read article...

Read More

How to make a blog background - Pimp your blog Part I

Paper texture for a blog.http://mckayhead.blogspot.com/2010/11/creating-business-card-using-inkscape.htmlNow that I am getting somewhat serious about blogging, I figure I might as well have a blog that looks somewhat decent. The background sets the tone for your entire blog, so this is my first step.The look I am trying to go for is kind of a geeky designer look. I have kind of been liking the grunge look recently and think I want to go for something...

Read More

How to Draw Hello Kitty

Hello Kitty!So the last post I did was drawing a pumpkin. I am not too happy with that so I wanted to get something new up quick. Being in a somewhat Asian mood this morning, I decided a nice simple project would be to use Inkscape to draw Hello Kitty. Read article...

Read More

Trying Ubuntu 10.10 in AWS Free Usage Tier

After trying 60 Free Minutes with Ubuntu 10.10 in Amazon EC2 yesterday, I decided to take the next step and try the AWS Free Usage Tier. This blog post by Jay Andrew Allen titled Getting Started (for Free!) with Amazon Elastic Cloud Computing (EC2) helped me. One important caveat applies: this activity will not be completely free. The AMI chose uses a 15 GB filesystem, and the terms of the free usage stipulate no more than a 10 GB filesystem....

Read More