woensdag 30 september 2009

Posting drafts: duh!

It happens at moments I am not paying any real attention to the posting itself. Something arouses my typing finger and boom, off it goes. I forget a picture, links, spell chekcing, and post right out nonsense that is soo totally off the wall not even the conspiracy specialists see anything useful in it.

So what do you do with incorrectly posted material? Of course I have the option to alter the text and up scale it and even to retract it, but that feels like cheating. It's like clearing up that blatant hole 'someone' left in the firewall ruleset and silently close it... it's just wrong. It's wrong because errors are an excellent stepping stone to knowledge.

As a rule I like asking the people I work for|with "So how many major incidents have you seen lately". The answer is often more revealing then one might expect. The classics are "None!" and "Define incident" and "That is classified". The one I really like is "One major last 6 to 12 months".

Companies claiming 'none' are more at risk then the others. Thing -do- go wrong and you not knowing is plain dangerous. The people asking for clarification work in a back stabbing culture where bad news shall and will be punished and thus manipulated till the color scheme of the report is all white, yellow and green. The final answer "one" gives me an indication that "major incident" is a weighted value where the worst incident of the year is major, a nice relative scale that I feel most comfortable with. Threats and risk do change, no matter what metrics one uses, no matter how many 'risk managers' and 'risk analysis standards' one uses.

Good [and a little lucky] security officers have the gift to correctly context incidents and know when things are really going down hill and when incidents are more defcon red in the political arena. Both requiere a different approach and a different toolset. Most of us love technology issues:
- Man in the Browser
- Sly holes in firewall
- Rogue route advertisements
- Script kidies
- Lack of bandwidth
- Application layer exploits
- Arp storms

These are in our comfort zone, we deal with them daily and enjoy the puzzle and the diffs we see in the pre and after traffic dumps. A few people I have met in the availability scene like the part of corporate culture where the presentations kick in. The moments of debriefing not-so-hot technical aspects to people who know more about golfclubs then we know about ASM. However, more often then not, that is where the real difference is made: they p0wn the resources and set the priorities.

So when I go out and look for a person to lead the availability department, I look for the person who gets his coffee from the machine that is closest to the techies. The person who actually gets the autistic CCIE to share anecdotes about his holiday and at the same time dares to make a remark about the drawing at the whiteboard.

They're few and far between but easy to spot as they stand out like wolf among sheep.

PS Click on the picture. It will take you to a free download of the whole album of 'The Slew'. A band that just loves to mingle rock, instruments & DJ's in a refreshing mix that is a perfect example how a healthy mix of different 'character & ability' upscales the individual parts of the sum.

dinsdag 29 september 2009

IPv6? Nowhere to be found!

IPv6 has basically disappeared from the wireless router landscape. Try finding a current one < 100 euro. Except for some obscure releases, like the DIR-615 Wireless b/g/n Router but only the hardware revision C with firmware 3.01

Hard to find, and certainly online nearly impossible to get any assurance about the hardware revision level.

Oh wait, my good old loyal WRTG54 [V4 with plenty of RAM] to the rescue! Oh no, not now, with the current 2.6 kernel and the open source b43 broadcom chipset and it's issues. Only with kernel 2.4 and it's 'limited' IPv6 support. You can roll your own WRT54 dd-wrt, if you feel adventures but the drawback is that there is no way to use the GUI. Not a nice plan if you plan to send the devices to parts far far away from home to end users.

There is the Fritz!Box 7270 but that goes for about 200 euro. That is nearly Cisco level pricing. And only with a lab release of the firmware, that is RC in dialect in the rest of the software world. Cisco of course does support IPv6 too but using the word Cisco and a price tag of <100 is like demanding justice from a African dictator.

So is there no solution? Oddly enough, there is... and it is produced by Apple: the AirPort Extreme [ and the AirPort TimeCapsule but for a >100 price tag]. Unfortunately there are gazillion stability issues specially in combination with Apple MBP's but they do IPv6 well with a simple interface.


Not too bad! Native IPv6 ADSL for 7 euroos a month.

And Fritz!Box 7270 is indeed the only commercial IPv6 enabled home grade device available, also used by XS4ALL

dinsdag 8 september 2009


na een dampend optreden
aanbeden door een uitverkochte menigte
de zoete geur van succes in de hersenpan
viel het de dichter tegen
dat niemand op de Afsluitdijk
met vlaggetjes staat te zwaaien

die eens zo toegejuigde aanbedene
vermakelijke tot nadenken stemmende hersenspoelende
alle handen opelkaar gekregene
zet thuis de televisie an
as een uitgebluste brandweerman

ton lebbink