Diary of a Network Geek

As a result of my ranking in Google, I occasionally get silly spam.

This morning, for instance, I got this e-mail:

Let me know if you’re looking to get a higher listing with search engines. I can send you the details first, just let me know how you would like to communicate.
Sincerely,
(insert marketer’s name here.)

I responded with:

Higher than what? I’m already the number one hit on Google for Network Geek. After all, how was it that you found me to try and sell to me?

No, thank you, but I enjoy doing it myself.

Sincerely,
Jim Hoffman

I mean, really, half the fun of having this site and doing this blog is that I use it to manipulate one of the biggest search engines ever!  Ah, well, maybe if he’d actually read my blog, he’d know that I made most of the money I paid my divorce lawyer back optimizing his site for the search engines and getting him connected with an URL submission service.

Silly spammers.

I highly reccomend checking yourself on Google.
Why? Because your next employer may be Googling you, that’s why. At least, according to this article on the New York Times, that’s what’s been happening.  I certainly know that I’ve been found on Google on more than one occasion.  Not only by employers, but also by potential dates and, well, obviously, dates.  This blog did, after all, start as a marketing scheme, a way to get the search engines to find me and catalog me.  It worked.  Very well, in fact, as this page has a Googlerank of Five out of Ten.  And, if you Google Linux Resume, I’m the second hit.  If you Google CNE Resume, I’m the first two hits.  If you Google Jim Hoffman, I’m the sixth hit.  So, I think about what I say here, and how I say it, because I know people might actually read it.  People I might care about and people who’s opinion matters to me or can effect my life.  And, I’m told that in the dating world, it’s more and more common to Google potential dates to see what mischief they’ve been up to on the web.  Obviously, one never knows what might turn up.

This is a special concern for bloggers, of course, who put themselves “out there” on a regular basis.  Do you want a potential employer reading that last rant?  Or about your after-hours antics?  Or about the slacking you do at work to post to your blog instead?  All things to think about.  So, what do you find when you Google yourself?  If you don’t know yet, maybe you should try it and see what turns up.

Advice from your Uncle Jim:
"I'm always amazed that people take what I say seriously. I don't even take what I am seriously."
   --David Bowie

Attack someone’s network or website, that is.
Okay, this has been on my mind lately, not because I’ve done any actual hacking recently, since: a) that would be illegal and b) I haven’t done that sort of thing in, well, years. No, I’ve been thinking about it because, according to a friend of mine, at least one fan (short for “fanatic”) seems to think that I am not only capable of doing such things, but that I, in fact, have. And recently, too! As the French say, “It is to laugh…” So, as a thought experiment (that’s a mental exercise for you vocabulary impaired), here’s how I’d go about doing this, if I were, in fact, to do “ownz” someone’s “box”.
First off, I wouldn’t use a computer that I own, that can be traced to my ownership, or that uses an IP address that has ever been associated with my name. There are several ways around this, of course, including IP spoofing, anonymous remailers and other redirectors, and a compromised, third-party’s machine. That last one is the best, and, ironically, the easiest method. Surprised? You shouldn’t be. Compromised Windoze machines are a dime a dozen. There are hordes of script kiddies out there just hammering away at every weak Windoze machine they can ping. Also, there are more and more insecure Linux machines floating around out there, too. (Have you applied all the latest patches to your penguin box?) Or, if you know of any systems that you left behind at an unhappy employment situation, that are still vulnerable, you can use them. Usually, a corporation will have a nice, fat data pipe which makes your “job” faster and easier. Of course, if they have half a brain, after you leave, they’ll change all the passwords, but sometimes someone slips. (The last place I knew of like that from my own past finally, after three years, changed the passwords as part of an upgrade.) Or, you could simply go to a coffee house that offers free Internet access via a wireless network. Every time you change coffee houses, you change IPs. And, while I normally am just fine with industrial-strength institutional coffee, a nice cafe au lait from Cresent City is always nice. Or, according to this article on Slashdot, Panera Bread Company is a good place to find a free wifi link.
So, now you have one or more launching platforms from which to case your mark. (That there’s criminal slang that means “look at your ultimate hacking goal”.) What do you use to look for a way in? Well, there’s three that I’d recommend, based on reviews; Snacktime, Nessus and NMAP. Of the three, NMAP is, arguably, the more robust and well known. In fact, NMAP was used in The Matrix movies. Now, that, my faithful readers, is “geek cred”! Though Snacktime is interesting to me because it’s PERL-based. Now, if you’re not familiar with these three tools, just stop reading and go play with your IIS 6.0 webserver. We’re about to talk “big boy” stuff here and you just won’t be up to it. So, if you’re still man enough to be following this, you’d load up your lookeeloo tool of choice on your remote launch platform at this point and get a fingerprint of your target system’s OS.
Now, we get to the meat of this little mental exercise… Okay, you’ve got your “open door”, or “doors”, as it were, into your target system. At this point it’s a matter of taking the information from the nice, clean results that NMAP, or whatever, gives you and applying your exploit. What and how you do that really depends on what you’re attacking, but it’s pretty much a paint-by-numbers affair now, thanks to the legions of script kiddies that keep us up to date. Right, root access (or Administrator, if your target is foolish enough to run Windoze). Now what? Well, that sort of depends, doesn’t it? Do you want data? Start a background transfer to a third party that you can collect later. (Use ftp, tftp, or, for loads of sneaky fun, telnet, to transfer your data. Many admins disable logs on these protocols because they don’t think they’re running. Double check.) Want to install something? Go for it! (Try a keylogger. Now you’ll get loads of target passwords to compromise other machines for further adventures!) Just want to crash the system? You should have skipped all this hassle and just hit your target with a DDoS attack from your many compromised machines, stupid. (Incidentally, for you Windoze admins out there, the entire Code Red scare you sloppy bastards caused was all about a Distributed Denial of Service “issue”. )

Of course, this is all very illegal and somewhat morally questionable as well, so I would NOT do it. What’s more, I would not recommend that anyone else attack, hack, assault, fold, spindle or mutilate any system other than your own. In short, the Network Geek, RyuMaou.com and Jim Hoffman (yes, we’re all the same entity) does not in any way endorse any of the above listed activities, except the cafe au lait from Cresent City. In fact, I suggest that you do NOT do anything that I’ve written about in this entry, including flinging wild accusations that cannot be proven. That’s called “libel”, or, if you say it instead of write it “slander”. That’s against the law, too, the last time I checked.

Advice from your Uncle Jim:
"There is no pit so deep that Jesus is not deeper still."
   --Corrie Ten Boom

Well, now that I’ve finally set up my news and updates page, namely Diary of a Network Geek, I’m going to start adding to it. My dear, sweet girlfriend, Anne, suggested that I chronicle my quest for a new job. I’ve decided that I like that suggestion, so I’m going to start with a little background.
The company I started working for when I moved to Texas, Harbor Financial Mortgage Corporation, filed Chapter 11 bankruptcy in December of 1999. Currently, I’m a contractor for the liquidation company that is disposing of Harbor’s assets. Without going into too much detail about why they filed Chapter 11, let’s just say it was a bit of a surprise. When I joined the company in June of 1998, we were in a period of explosive growth. We gained over 200 employees in less than 8 months, and continued to add employees slowly for a year. Less than two years after I signed on, we’re all but gone. At last count, there were about a dozen employees left here, including myself.
So, you ask, what have I been doing since December? Well, for starters, I separated the Dallas network from the combined Houston-Waco networks. I was in charge of the Houston-Waco end of things. It all happened just like it’s supposed to in the on-line documentation at Novell. Well, after the router guys at Sprint got the right routers disconnected, that is. *Sigh* Nothing’s perfect, I suppose. On the upside, the Houston separation from Waco went without even that much going wrong. Not every day that a Network Engineer gets to purposely break then fix a network!
After that, mostly what I did was maintain the system as it’s been. I kept the backups running and made sure that the sad, little ISDN connection to the Internet was up and running. Of course, from time to time I had to perform some other regular maintenance, but that didn’t take much time. So, in between times, I studied for my CNE (Certified Netware Engineer, for the uninitiated) update test. Which I passed, BTW. So now I’m a genuine CNE 5. In fact, the last time I called Novell, I was the only Jim Hoffman that was a CNE! Cool!
And, the rest of the time, I spend catching up on all the tech reading that I’ve been missing out on. I setup a Linux machine, too, just to brush up my Unix skills, which are far too out of date for my taste. Oh, yeah, I’ve been talking to people about jobs, too. See, I’ll be totally out of work at the end of June. At least, that’s what they’re saying today. Who knows, though, next week they might tell me to get out. Or they might tell me that they’re extending the contract until the end of July! I just don’t know what’s going to happen from day to day.
So, this Diary of a Network Geek will chronicle my trials and tribulations as I go out job hunting. I promise to change the names of the people involved to “protect the innocent”!