Buffer Overflows

Buffer Overflows tend to happen in C or C++ when a program writes data beyond the allocated space of a buffer in memory. The system can then be used to execute malicious code. To prevent this use software that utilizes bounds checking.
Java manages memory automatically it is nearly impossible to code a overflow for Java.There are a couple of security patches for Linux distributions such as exec-shield and PaX. OpenBSD comes with kernel and memory security enabled. There are also practically no remote exploits for OpenBSD.
I love Open Source for the fact that you can read the source code, therefore find these exploits and bugs and communicate with a community of developers that can create a solution instead of ignoring the problem. I dont feel I should have to get Service Packs every time a hole is found in Windows, let alone pay for such security-prone software.

Saturday Evening

This has been a good weekend so far. I have been getting alot done. First I'm having fun with Knoppix STD, security tools distribution, looking at PERL code, and learning more than ever about TCP, IP, ARP, SNMP, and HTTP Tunneling. Ive been dabling with web services such as XML, SOAP, and UDDI, which are basically protocols to exchange data between, servers, applications and even cell phones (WPA). I will be taking programming logic this semester to further ehance my skills in coding.
The book I have just finished reading called Introduction to Engineering has given me alot of insight into problem solving and design.

Cisco Systems

Cisco has been in the news a lot. A security researcher at ISS quit his job to give a presentation on a vulnerability that exist in Cisco IOS. It is possible to do a buffer overflow or heap overflow, two different types on memory attacks. This was given at the black Hat briefings in Las Vegas. Both ISS and Cisco are suing this researcher. (Freedom of Speech?) Cisco was aware of this flaw.

RFID ?

Radio Frequency Identification in my opinion is a violation of privacy. It uses radio waves to identify merchandise or people. Most vendors do not deactivate it when you purchase a product,so your product is basically ready to transmit the information embedded on the chip. They have antenna's on them to transmit the signals to a reader that converts radio waves into digital information.That can then be processed by a computer. RFID has been around since 1970 RFID has problems around metal and water.

Alphabet Soup

The SEO industry s full of confusing terms and acronyms to people not following it. i.e. PPC, CPC, ROI, SEM, drip systems, Link Popularity, optimization, Page Rank. These are also the tactics needed to succeed online. Most professioanls I speak with are to busy to work on their website let alone learn all the new technologies. We have blogs, Podcasts, MLS systems IDX. Some of the busiest professionals I know are real estate agents. They hire SEO companies to get traffic. Traffic that does not produce sales is useless. They need a website to capture this "traffic" and turn them into leads.This is a growing field, that needs constant training and research. This is what I do on a daily basis.

Search Engine Optimization

My job requires me to understand and keep up with the ever changing world of SEO. I'm a website marketing specialist who can identify keywords,analyze competition, and look at link structures.I can optimize meta tags, body, text, title and internal links to get more traffic.Building links with realated sites will help with ranking as well. Search engine submission. Tweeking of websites to ensure maximum exposure to the search engines. Web statistics have to be monitored and tactics changed based on trends in traffic.

Shuttle Debris

Listening to the radio this morning I heard the shuttle did a 180 so the astronauts could get some pictures of the underside of the shuttle to check for damage, foam fell off during launch.They are supposed to do a spacewalk later this morning. I do not want to see us lose another shuttle. I watched Challenger STS-51 blow up on live TV in grade school, it still haunts me to this day.

Widgets

When I was surfing the web the other day I came across Apple's Widgets, I wanted some for my PC so I searched and didnt find much, yesterday I came across http://widgets.yahoo.com

IT problems

I love IT at my work, our Exchange server is having problems, cant locate my contacts,and my calendar is out of sync and cant be shared,thank god for backups. Next my permissions are changed so that I cannot save to my desktop and I have this standard Orweillian desktop controlled by the man.

Wednesday Morning

Last night I played around with Whoppix, it's a security based Linux (Knoppix).Whoppix is made for penetration testing.I realy like this distribution because of the amount of tools around on the disk. It has tools for enumeration, scanning, wireless, and even a vulnerability DB.Some of the tools are Nessus, Nmap, also Nmap with a GUI. Netcat, Snort, Most open source databases and tons of other software.I was analyzing C code most of the night to learn more about control structures. After that I pretty much relaxed with my lovely lady.

Another day at work

The space shuttle launched today at 7:39am, so far so good.Space shuttle frequencies for rebroadcast in Southern California > 145.280 446.900 447.200 448.500 449.300
145.300 146.880 1241.250 1277.000 1283.250 1284.150 147.000 147.270 224.080 434.000
147.705 147.930 224.900 445.200 223.960 145.320 224.940 224.700 145.460 146.655 147.150 224.040
It made it to orbit, which is a good thing :)Today I realized I need more of an online prescence. I work for a real estate website design company, at night I research or do consulting work. My interest's are networking, network analysis, computer science, search engine optimization, programming, and open source solutions. I enjoy all flavors of Unix and Linux, but prefer OpenBSD and Gentoo. Computer forensics is a subject Im looking into.