July 25, 2010
Nash Metropolitans
I found this somewhat ambitious restoration project a while back. They are even smaller than they look; think smaller than a 1980s civic; honda beat sized. This one is a 1958 as far as I can tell (by this I mean wikipedia) because it has no trunk lid.
This pretty blue and white thing is still a driver; I heard from people in the neigborhood that the original owner's son drives it occasionally since she passed away. I think it's a 1960, but it could be 1959. In doing my car research I found this exact car on the wikipedia article for the metropolitans.
(By the way if you like old cars, this pair showed up on my cars blog, rust chronicles, a while back. I try to post a different shot here when I cross-post a car just to keep it interesting.)
candice at 22:38 | link to post
July 14, 2010
forensics puzzles
I found out last week that I made the tail end of the finalists list for the most recent SANS forensics puzzle contest. It was an "operation aurora exploit" based thing that came through javascript and had shellcode in it, which downloaded a metasploit-built exploit with meterpreter run over ssl. That at least, is the consensus. I was digging about studying the exploit mechanisms, which, as I don't do this for a living, is new to me. "That looks like shellcode, how do I make it into something I can read" and such.
I got possessed to write a file carver in the middle of the night in the middle of this. I could have used foremost, but, having it drilled into my head that foremost sucked, since the people I learned forensics from wrote scalpel, I thought, well, it can't be that hard to pull a PE file out of a snippet of raw data; it really isn't, that was maybe two hours of leisurely C. (Yes, I know I should be using python like a good modern security person. Have you seen how fast I am at C?)
Anyway. If you want to check out my writeup it is here, and it is really probably better written than anything I turned in for forensics class last semester because I had time to put it together while Clay studied for the professional engineer exam. I decided on the Tuesday before it was due that I was going to finish the puzzle and really make a go at it; so this is only really about eight or ten hours worth of work over a few nights.
I really have no idea what to do with all this free time since I've graduated and the wedding is thankfully overwith. It's not like there isn't work; one of my companies is expanding and the other one wants more hours. Every spare moment in the last few years was eaten up by something; now all I have outside of work is ballet. And malware. But what do I do with it?
candice at 20:47 | link to post
July 07, 2010
here goes nothing
We are coming to you live from egobsd n-point-0. Because I honestly have no idea how many revisions this site has been through in its ten years.
I read this post last year about static blogging and thought it might work very well with movable type. So far it does, as I've
been able to build and update via rsync. I've got shiny new disqus comments set up here, and the old comments on entries are all visible, but not imported. (I dislike it when people import my comments into disqus without permission, so I will not do that to you.)
As a bonus I moved the site back home so when it breaks I can call my dad to walk out to the shed and hit it with a hammer, at least until it moves thirty miles to a proper server room.
Oh yeah, and I actually managed to graduate back in May. Novel concept.
candice at 23:36 | link to post
« June 2010 ... Current ... August 2010 »