Sunday, October 26, 2014

SplunkLive: Reflections from Nashville


SplunkLive recently came to Nashville, Tennessee for the first time.  Although it was somewhat of a strain to make it due to the current load at work, I was determined not to miss it.  Coming away from the day long event, I was stoked from the info presented as well as from meeting and talking with other Splunk users.  If you use Splunk, or are just considering doing so, you should definitely make it to SplunkLive if it comes your way.

I know a lot of folks may look at such an event as a day long sales pitch, but this was not the case.  Granted, Splunk sales is there should you want more info, but the whole point of SplunkLive is getting current Splunk users more bang for the buck.  Multiple breakouts are held covering different topics aimed at different users of varying experience, but all have one thing in common - making Splunk do amazing things that you never thought possible.

If you are scratching your head wondering what Splunk is, let me sum it up this way.  If you ever have the need for pulling a needle out of a haystack of logs (or any kind of machine data for that matter), you seriously need to check out Splunk.  You can even run it for free, indexing up to 500MB of data per day.

Back to SplunkLive - as I said before, if it comes to your town, GO!  You will get a lot of great info and best of all, it's free!

Friday, October 24, 2014

Ubuntu 14.10 - Much ado about nothing?

I really hate to pile on to all of the lukewarm reviews for Ubuntu 14.10 (Utopic Unicorn), but I'm going to anyway.  There has been a lot of buzz about this release, being that it is the 10th anniversary of the distributions initial release.  Unfortunately it's more of a maintenance release than anything.  While stability and security updates are a good thing, I guess we just all expected something flashy or innovative with this release.  As always, update servers are slammed, so I wouldn't worry too much if you aren't one of the first ones to upgrade.  You're not missing much.

Wednesday, October 22, 2014

When MySQL joins become disjointed

I honestly don't know how I've managed to avoid this until now, but I ran into an issue today where I could not get a SQL query with a join to execute properly.  I kept getting errors saying that I had referenced an unknown column.  After rewriting the query several times and questioning my sanity, I decided to do a quick search online.  Much to my surprise, I quickly found the answer.  The way joins are handled changed ever so slightly in MySQL 5.0, such that they are now more closely aligned with ANSI SQL standards.  By tweaking the query and adding parentheses in the from clause, all worked perfectly.

Many thanks to jbrinkmann for his excellent article on the subject at MySQLjoin.com.

Tuesday, October 21, 2014

The Benevolence of Microsoft

I really must hand it to Microsoft.  For all of the bad publicity and general ill will that a lot of people harbor toward them, they still want to help the little guy out - even when that little guy is running Linux.

(Just for clarification, this does not involve the real Microsoft.)

A few minutes ago I received a call to my cell phone from a rather nice, if somewhat hard to understand, gentleman who informed me that Microsoft had received highly unusual traffic from my computer.

 "How did they get my number," I thought to myself.  "Must be some lucrative agreement with the NSA."

Directing my attention back to the kind soul on the other end of the line, no doubt a descendant of those long oppressed by the British Empire in their search for the perfect curry blend, I asked for more information.  He went on to say that the insidious network traffic was being sent as we spoke.

Monday, October 20, 2014

Who let the dogs out?

Here we go again - yet another "major" security vulnerability.  This time it is SSL 3.0 (why is anyone even using this anymore?) that has fallen victim.  Read more about the POODLE exploit at US-CERT.

Edit: The plot thickens!  This might be a good thing...

After reading a bit more on the subject, I realized that there might be a silver lining to this dark dog-shaped cloud after all.  All modern browsers support TLS and only fall back to SSL as a failsafe, so disabling SSL should not present an issue.  Notice that I said modern.  How many web developers out there consider IE6 and its nearly fossilized users to be thorn in their side?  Yes, there are some entities that insist on maintaining compatibility with this dinosaur of a browser.  Guess what IE6 does not support?  You guessed it... TLS!  What better reason to justify discontinuing support for IE6?

Dilbert.com
sed 's/WINDOWS XP/INTERNET EXPLORER 6/'

Wednesday, October 1, 2014

Are you patched?

I'm sure by now you've heard of the Bash vulnerability Shellshock.  Not going to beat a dead horse, but if you haven't patched yet, stop reading this and do it now!  After you're done, check out shellshocker.net and see if you're still vulnerable.

Friday, August 15, 2014

The future of IT

Ran across this amazing video the other day where the self-described "NextGenHacker101" graciously shares his expertise in network forensic techniques:


Poor kid should stick to a Mac.