Re: Hackers. Bust. Prison. Oh, my!

Hmm! When was the last time I fudged a couple of grades on a couple of my professors’ systems?

Haha. Tongue-in-cheek, tongue-in-cheek! :-P

Hackers. Bust. Prison. Oh, my!

Two female students have been sentenced each a year in prison for breaking into one of their professors’ system, assigning grades to nearly three-hundred students, and using professor’s personal information to send empty CDs and magazine subscriptions to the professor’s home. Interesting!

It reminded of a brief conversation I had with a then-friend and now colleague over breaking into public systems.

Colleague: “Don’t you break into systems?”
Me: “No. The most I do is attempt a thorough network reconaissance, and that’s it.”
Colleague: “Why not?”
Me: “Because I’m afraid.”
Colleague: “Why? Afraid of being caught?”
Me: “Yes!”
Colleague: “Haha. Nothing happens. No-one gets caught. I have been breaking into public systems in the past four years and I have yet to get caught.”
Me: “Lucky you! I don’t quite feel comfortable breaking into a system, knowing full well that I don’t completely and precisely know the ways to remove one’s tracks.”
Colleague: “:-)”

Often, the excitement and thrill gets the better of most wannabe hackers. It is not like they play ignorant to the fact that breaking into systems without consent is illegal and considered a crime. They are well aware of that. It is the frivolous attitude and irresponsibilty that acts as the Achilles heel for them.

Sure, if a system is left open and is as easy to break into as it is to steal a candy from a baby, it is a sure bet that once the system has been broken into, the administrator would either not notice the break-in, or would get alerted to it way too late, and even if so, would not have the required expertise to perform a proper forensics analysis of the incident or would not care enough to give it a second thought about it. In such cases, you get away with it with impuntiy. It is only a matter of time, though.

I agree: If you break into a system, cover your tracks, keep everything hush-hush and get out, there is a great likelihood the break-in will hardly get reported or noticed. But when you are too cocky to consider the consequences of your actions, and too eager to show-off your escapades to your peers, you are treading on thin ice. Wannabe hackers are prone to just those: cockiness and the desire to boast off their accomplishments to peers. And that is exactly why it gets all so dangerous. If you keep everything quiet, no-one will suspect a thing. Not any sooner any way. The moment you either make it blatantly obvious that a system has been shagged by explicitly posting mock comments just about everywhere in the system, or you disrupt normal functionality and operability of the system, you’re stepping on the sleeping lion’s tail. Even then, wannabe hackers get away with it. I attribute it to sheer luck and to the inability of the attacked system’s administartor to track what happened. Nevertheless, I never let a chance pass to advice friends against breaking into systems, or at most, not damaging the systems they break into. You never know when the ball will rebound and hit you in the back.

You can’t deny that almost 80% of network/system administrators are barely security conscious and vigilant. However, remember that, breaking into systems is still a crime punishable by law, and that it merely takes a single mistake, a vigilant system administrator, and a handful of attorneys to have men in suits knock at your door the next morning.

Disclaimer: Just because people consider me a hacker does not make me one. I am not a hacker, and I surely don’t break into systems that I can’t find a way into.

Packeted, again!

Argh! I got engaged in a senseless, heated argument with an asshole a couple of nights back. I seemed to have managed to piss him off pretty bad. Acting out of sheer anger, he flooded my puny dial-up communications line with garbage. The incoming garbage inundated the link, and after capturing data for an upwards of a quarter of an hour, I disconnected, and leased a new IP. Immediately, I foolishly taunted him again and found myself at the receiving end of his wrath once more. Having collected incoming data for another fifteen minutes, I logged off and went for dinner.

I did some initial manipulation on the collected data. During the time the IDS was busy detecting threats it marked as “possible DoS attempts”, the IDS saw anomalous traffic from almost about four-thousand unique IPs. I have some 500-KB worth of compressed packet headers and payload data to analyse, but I am not sure when I’ll be able to squeeze out some time to do it.

Unlike last time’s flood, this one was targetted at me with a clear-cut malicious motive. I bet that wimp had a good laugh or two that night. Sheesh!

listps: Detecting hidden processes.

listps detects hidden processes on *nix-based operating systems which support the /proc filesystem. It is important to clarify what is meant, here, by hidden processes. If a process, in any defined process state, on a system is hidden from view of the standard ps utility, it is, in effect, a hidden process.

listps detects hidden processes in an awfully simple way. It exploits several features of the /proc filesystem to its advantage to determine whether a process is hidden or not. The /proc filesystem maintains separate directories for each process existing in any of the defined process states. The name of these directories correspond with the process IDs (PIDs) of the corresponding processes. listps loops through the range 1 to 33000, inclusive, and for each number in that range, it tries to discern whether the /proc filesystem has a directory entry corresponding to that number. Having found an existing directory, listps descends into the directory and reads the name of the process from two files, “cmdline” and “stat”. At the end of the loop, listps lists down all the processes it found as having a directory entry in the /proc filesystem heirarchy, highlighting those that are hidden.

Nothing fancy!

Hypocrite!

I snapped, withholding my emotions, “Honey, I have done all the crying I had to. I am not going to shed a single tear.”

The letters on the small, luminous screen of the cellphone turned blurry. A tear rolled off the left eye. Then another. And another. With eyes glistening with tears, I pressed the send button, and pushed the cellphone into a dark corner of the desk.

Whoever said men are born emotionally strong and indifferent should be taken out and shot point-blank.

It is just not possible, I’m afraid …

It is nature’s way of saying, “I am sorry. I know you two love each like nothing, and that if you were to get together for the rest of your lives, you would lead a wonderful, beautiful life, loving and cherishing each other. But, I am afraid, it is just not possible.”

I don’t know why I so desperately wanted to say this.

Parking annoyances!

The office where I work is situated along the main Shahrah-e-Faisal road. This road is one of the longest running roads in Karachi, stretching the maximum distance. It connects the posh areas of Karachi together with the rest of city, including almost all of the three-, four- and five-star hotels. It also passes through most governmental institutions and government houses, as well as the airport. If you get to look at a route map for Karachi, you would find this road depicted as the skeleton of the city.

It is no wonder every time there is a high profile government entity landing at the Karachi International airport, the entire run of this road is cleared off in the name of security measures. It makes sense to tighten up the security, given the number of assaults on political leaders and the likes soaring in the city of late. But for the common man, these security measures amount to nothing but nuisance. Pure annoyance!

Shahrah-e-Faisal connects together countless offices. On a daily basis, it sees a rush of traffic comprising people going to work and coming back. If the arrival of a high profile entity is scheduled in the morning, then people find themselves reaching offices hours late. If the entity is coming during evening time, people get awfully late before they reach their homes. If you have ever driven a car in Karachi, you would know that one of the most annoying things to suffer from is to get stuck on road for hours at ends. Nothing beats that!
There is a service lane next to the building in which the office where I work is situated. People park their cars along that service lane. Yesterday, as I slowed down to manouevre a turn into the service lane, I noticed it was barricaded with thick metal pipes. A couple of law enforcement officials — calling them law enforcement officials leaves behind pretty impression, which is, actually, pretty far from the fact — were sitting besides the barricade. In hopes of finding a turn right ahead into the service lane, I moved along, only to realise that the entire service lane had been marked off limits. Reason? Some high profile entity was to pass through the side of the Shahrah-e-Faisal that is adjacent to the service lane. There is another service lane across from the office where I sometimes park. I decided to move there, but realised that there were turns to switch to other road. I had to drive another 30 minutes to get to that other service lane to park the car. I stepped into the office 30 minutes late.

Today, nearing the office, I to go straight past the first turn I usually take and head for the for the service lane where I parked yesterday. As I switched roads, I was shocked to find that service road blocked this time. I cursed under my breadth. I stepped on the axel and … after 30 minutes of fruitless, tiring hunting for a place to safely park the car, I found myself turning into the first service lane eventually to find a place to park the car RIGHT outside my office building. Sigh!

Ever met a prick?

I met a developer roughly an year ago on irc.freenode.net. Apart from being developers and Linux and Open Source advocates, we both had one more thing in common: Our views towards religion, or lack thereof. We went out together once, to the Oxford book shop, then to another book store, and finally dined at KFC. After that, we kept in touch over IRC, and then, he disappeared. I contacted him once on his cellphone, but had no luck. As time passed, I forgot about him.

It wasn’t until earlier this week that I confronted him out-of-nowhere on Freenode again. For two people meeting after more than an year, he seemed a tad bit too unsurprised. We had a very brief chat. I enquired, out of common courtesy, how he is doing and how things have been, to which he curtly replied with, “It is ok, but there is a reason why I write blogs.” I shrugged it off and asked him for his blog address. His reply was anything but polite: “Google it.  It is all over the syndicate.” I don’t know how I retained myself from snapping back. I got so furious at that!

Some people are just pricks, plain and simple!

Hashes of Hashes in Perl!

Hash is a powerful, flexible data construct in Perl. It is flexible because a single hash can contain within it multiple hashes and arrays. It is powerful because of its key-value nature of storing data. Anyone who plays around with arrays and other complex data structures should give at least a passing look at Perl’s hashes.

At work, I am writing a set of scripts to be run on behalf of a security monitoring client on Linux systems. Fifty percent of the job of the scripts revolves around doing pattern matching and parsing to extract tokens of meaningful data. While most of the task of pattern matching and parsing is doable through only the use of simple hashes, today, I found myself in dire need to use hashes of hashes. Having never used one before, I found myself floundering. I ran a search and found this. It is a neat, clear, and nice introduction to hashes of hashes, along with clear-cut examples. It saved my ass today. :-)

In addition to introducing hashes of hashes, it mentions the Data::Dumper module. I had heard about it, but never before had I seen it used, nor tried it myself. But, god, it is one heck of a nice module to print the contents of any kind of hash, be it simple or complex, with a single call to a function. It makes debugging nightmare a dream. Heh! Enjoy!

Random Musings #18

I am a blogger who seems to have lost his edge!

Going rusty on the ol’ Lappy keyboard!

Ever since I started work, I have been punching away on a standard keyboard. And while I have only been working a little over half a month, I have noticed I can no longer type on my laptop’s keys with the same ease with which I used to fluently type.  The keys on the laptop have come of age, and a couple of them are already showing signs of wear and tear.  A month ago, the ‘A’ key popped out. It freaked me, since, unlike standard PC-style keyboards, you can’t easily replace laptop keyboards. It wasn’t broken — it had merely come out. I tried to budge it back in, and while it would fit nicely in its socket, no sooner than my finger would touch it, it would propel out again. Having no other choice, I decided to live on with it. It was annoying — having the key jump out here and there and having to put it back in, only to have it lying on the side after a few punches, gentle or otherwise. I somehow retained my composure, but, eventually, it gave way, and, angrily, I smashed the key into its socket.  And, voila! It fit right back in. Surprised at first, I poked at it a few times. I punched at it from different angles, and was jubilant to find that it had settled in properly and firmly.

It wasn’t until a few weeks after that I realised that most of the websites I was trying to open by typing their addresses into the address bar resulted into a “Website not found” error. On looking carefully at the address bar, I couldn’t help noticing that the ‘m’ in the ‘.com’ TLD was persistently found missing. I thought it strange. I attributed it to lously typing initially, but as the frequency with which it started to occur increased, and the frequent missing ‘m’ in anything I typed became apparent, I quickly suspected something was amiss with the ‘M’ key. And, indeed, it was. It still is. Something is wrong with it. The key looks suitably held onto its socket, but it has to be punched real hard for it to make contact. And as any touch-typist would tell you, you just can’t type with ease if you have to smash your fingers at the keys. I guess that is the reason why I feel more at home typing on the keyboard at work than on my laptop.

Fatalism!

The Oxford Advanced Learner’s Dictionary defines fatalism in the following manner:

fatalism /fa-tal-ism/ noun [U] the belief that events are decided by fate and that you cannont control them; the fact of accepting that you cannot prevent something from happening.

Almost everyone I interact with, including my parents and family, in real life associate themselves to this belief. When someone is upset over something that has gone wrong, it sometimes helps to console them by re-enforcing this belief. However, every time I do this, I inadvertently leave behind the impression that I too subscribe to fatalism. I would like to take this space to clear it up a bit.

I think a one-liner would do. I am not a fatalist.