Kool Tools
Volume Number: 20 (2004)
Issue Number: 12
Column Tag: Programming
Kool Tools
by Michael R. Harvey
Zero-Day Exploit
The other day I was browsing the aisles at my favorite local bookstore when this book cover
caught my eye. Zero-Day Exploit. Hmm, wonder what this is about. I pick it up and check out this
quote on the front cover:
"So much of our critical national infrastructure hinges on technology, which is so fragile, that
a zero-day bug in the wrong hands could lead to any equally bad attack. I'm not, for a moment, going
to speculate on what or how that attack may come, but suffice to say that the potential is there;
the threat is real."
OK, so they had my attention. Turns out, the quote was by David Litchfield, Managing Director at
NGSSoftware (http://www.nextgenss.com). NGS stands for Next
Generation Security, and that's what this book is about.
But wait, there's a twist. This book is actually a fictionalized account of the evolution of a
zero-day exploit. In essence, a cyber-thriller, but a cyber-thriller that is technically deep and,
hopefully, accurate. I found the book both interesting and educational. I get so tired of books that
misuse technology. Whether the author was misinformed or simply too lazy to do the right amount of
research, when a book gets the technology really wrong, I feel I've wasted my time.
This book succeeds wildly. I learned a lot and had fun in the process. For example, I learned a
lot about IDS technology. An IDS is an Intrusion Detection System, used for real-time monitoring of
a network and capable of analyzing the network's data for potential vulnerabilities and possible
attacks. I found the discussion of security fascinating and I was able to follow most of it. There
were times when the jargon got a bit ahead of me, but it didn't keep me from enjoying the book.
Zero-Day Exploit does an excellent job exploring one possible cyber-attack scenario. I highly
recommend it. Very entertaining. I give it 5 out of 5 packets.
Oh, and if you enjoy this book, check out Stealing the Network: How to Own the Box and Stealing
the Network: How to Own a Continent. All three of these books are published by Syngress Publishing
and distributed by our friends at O'Reilly. Cool!
By Dave Mark
MacAlly USB Combo Kit
Now here is a great gadget. A retractable cable is always handy. It eliminates tangle, and takes
up less space. One that handles multiple interfaces is indispensable. The MacAlly USB Combo Kit is
indispensable.
It's a four and a half foot retractable USB 2.0 and 1.1 A to B flat cable. That is only the
beginning, though. It comes with a slew of connectors, and a handy pouch, that make it so much more
than that.
To start, there are two other flavors of USB adapter, that allow you to connect to USB in every
way possible. There are RJ-11 connectors to turn the USB cable into a phone cable. Likewise, RJ-45
adapters make for a fine Ethernet patch cord.
All that, and it takes up less space than two cables this thing replaces. Did I say
indispensable? Well, it needs saying again. This one is a perfect stocking stuffer for everyone on
your list. Get one for yourself while you're at it. $30
By Michael R. Harvey
Belkin Digital Camera Link
Your iPod has a ton of hard drive space in it. Iive got just about every CD I own on mine, and
Iim not using half of the available space. So, what to do with all those extra blocks? How about
store photos.
The system software of the iPod supports the storing of photos, after all. The Belkin Digital
Camera Link is a handy little device that lets you make use of the extra space, and built-in
capability to store images on your iPod. Itis a box powered by two AA batteries, and plugs into the
docking connector of the iPod. It also has a USB port to connect to the USB port on your digital
camera. Use is simple. Connect the iPod and the camera to the Camera Link, then push the button it
to initiate the transfer. The Camera Link has an LED that indicates what it is doing. Deciphering
the signals is easy. Just check the table on the back of the Camera Link. Easy as that. And, it
works with many digital camera models. Check Belkinis web site for a complete list of supported
cameras. This thing is handy to have along on vacation. You donit have to worry about having enough
flash memory cards, or hauling a laptop along. The Digital Camera Link is light weight, and nearly
the same size as the iPod. The only thing I wish it had was a built-in USB cable, to match the
docking cable integral to the box. It would save having to take along another wire. $80.
By Michael R. Harvey
LetterRip Professional 4.0 Mailing List Server
LetterRip Pro is an easy-to-use, high performance mailing list server for Macintosh. You can
easily get a server up and running in minutes. The server is optimized to send email to hundreds or
thousands of recipients with ease. A mailing list server can be used to set up email discussion
groups, manage moderated discussion lists or send announcements to large groups.
Email discussion lists are one of the fastest growing areas of the Internet. They allow people to
easily communicate with each other via email. They foster a sense of community. It's common to find
customers helping customers on a discussion list. When someone from your company answers a question
on a discussion list, it benefits not just the one person but all the people on the list.
LetterRip Pro can be used to get announcements to your current or potential customer base. Using
email (a very cost effective means of communication), messages can be sent quickly and easily.
Optionally, you can include message banners and footers with every message that goes through a list.
Banners and footers let you include advertisements or other information.
New Features
LetterRip Professional 4.0 is the newest release of LetterRip Professional. It is the first
release to run natively on OS X. New features in 4.0 include;
- OSX native server and administrator. Administrator was completely re-written.
- Much improved bounce handling features. You can now select an email header (from, subject,
body, etc.) and specify a header value for the server to reject those messages. You can even set an
expiration date and time for these.
- Subscription confirmation built into the server, no need for a separate processor
- Email administration built into the server, also no need for a separate processor
- Personalization on the "to" line of outgoing messages. You now have the option of the
recipient getting a message addressed to "joe@smith.com" instead of
"recipient_list@server.domain.com"
- Improved support for servers that limit the number of messages that can be sent at one time.
This is crucial for some internet providers that believe that a message that is addressed to many of
their users (even if the addresses are valid) is spam. You can now select a default number of
recipients per message, or specify a particular domain and the number of recipients for that domain.
- Support for stripping html portions of email messages as well as blocking html on a list by
list basis. So, if your list gets infiltrated by a spammer those lengthy, graphic filled emails can
be rejected by the server.
Upgrading
We were running LetterRip 3.0.6 on a Centris 610. Since version 4 requires a PowerPC and OS 8.5
at a minimum, we upgraded the machine to a PowerMac 7200/90 and OS 9.0.4. While this is certainly
not the fastest machine available, it is a good use of some older, but still functional hardware you
may have laying around.
Upgrading to the new version could not have been easier. All of the necessary files are stored
in folder (LetterRip Files) in one of two places. They are either in the documents folder or in
"System Folder: Application Support". The files were then copied from the old machine into their
new location.
At this point, we install the new version of the server. Ready? Open the disk image and copy
the new version of LetterRip into the application folder. Launch it. Enter the serial number and
you are pretty much finished. I also copied the new admin application over so I could have a local
copy on that machine.
New Install
There is also an OS X native version of the LetterRip server and Admin tool on the disk image.
The instructions are simple, and easy to understand, you can view them at
http://www.letterrip.com/
LR_Quickstart/LR_QS_Index.html
The website also has a pretty thorough, but simple tutorial for setting up the server from
scratch. You can have a list mail server up and running in a few minutes!
System Requirements and Cost
A PowerPC computer and an Internet connection is necessary to run LetterRip 4.0. For non-OS X
installations, Mac OS 8.5 or later (9.2 recommended) and 128MB of RAM. For OS X installations, 10.2
and 256 MB of RAM is recommended.
LetterRip Pro can be downloaded from
http://www.letterrip.com/lr_download.html
The download will operate in a "demo" mode for a 30 day evaluation period. If you wish to
purchase, the cost is $395.00 (upgrades are $175.00). They accept credit cards, PayPal and purchase
orders.
By David Breffitt
STM Large Loop Backpack
This is one product space that seems to have something new and improved being introduced every
other Tuesday. We just got done covering a slew of great back packs in issue 6. There seems to be no
end to the variety of packs to be found. So, here we go again.
STM, an Australian company, was showing off their wares at MacWorld Boston last July. Their booth
was swamped. For good reason, too. They have a large array of packs, shoulder bag, and carrying
accessories for any sized laptop. Here, we look at the big one, the Large Loop. This back pack is
great. The materials and stitching are very good.
It's extremely comfortable with padded back, and very comfortable shoulder straps. This pack
would work great as a day hiking pack with the chest and belly straps. It's got two pouches for
holding water bottles, always an essential add-on that I wish more manufacturers would include. STM
putting it on their packs puts them well above the crowd.
It has three massive internal pockets. Closest to the back is a maw that can hold anything.
Really. Anything. Files, books, accessories, the kitchen sink. That previously mentioned padding on
the back keeps you from feeling any of it, too. The middle pocket is the high security zone where
you keep your laptop. It is very well padded all around. If you are putting something smaller than a
17" computer in there, you have an additional pad you can put in the bottom for added protection.
The zipper is a waterproof style, like the kind you might find on a diving dry suit. Just an added
bit of protection. The outer pocket has several pouches for holding accessories, phones, PDAs,
cables, etc.. It would be nice if there were a few more of these bigger internal pouches that could
be completely closed for managing the multitude of cables every mobile user carries. There are also
a few, smaller outside pouches that I will let you find. One of those outer pouches has a hole you
can run your ear buds through.
This pack is perfect for the mobile user who carries a lot of stuff on the road. It's extremely
comfortable, the ideal pack for anyone in need of a cool travel bag. In the U.S., STM products can
be purchased from Radtech (radtech.us). $95
By Michael R. Harvey
Griffin GarageBand Guitar Cable
In all the years I have been jamming on my guitar, I have only been able to record using a tape
recorder. I have looked into digitally recording into the Mac with some programs like Pro Tools and
Cake Walk, but just reading about them made my head spin. It wasnit until I recently purchased a new
eMac that I realized it could become reality.
The thing that really got me excited was the iLife application GarageBand that was preloaded on
the eMac. I goofed around with it for a bit, but it wasnit until I opened the Help that I discovered
it was possible to plug my guitar directly into the Macintosh, and record using GarageBand. All I
needed was an instrument cable that could do this.
Enter Griffin Technology and their GarageBand Guitar Cable. One end plugs into the guitar and the
other into the Audio In on the eMac. It couldnit be any easier!
After that, getting sound into GarageBand is simple. First, select New Track from the File menu.
Then hit New Track under the Track menu. There are two choices here. Real Instrument or Software
Instrument. Software Instrument lets the user pick a variety of pre-recorded instruments that can be
played using a provided digital keyboard. For this example, choose Real Instrument. Also, select
Monitor On in order to hear the guitar.
The Track Box gives you a few pre-set guitar sounds, plus clean. Choose any that catches your
fancy (I went with British Invasion). Also, give the effects a try (called Details in GarageBand).
The great variety of Details will floor you. This gives you far more control than looping some stomp
boxes through an amp.
So, how to record. Well, click the record button, then rock on. One thing GarageBand can do is
help you with timing. It has a metronome tool included (it definitely will help me improve my
playing).
I have a Gallien-Krueger guitar amp that is all transistor, and came with a Direct Out that I
wanted to try out. I was worried, though, that I would need a preamp to prevent damaging the
computer with too much input. I emailed technical support at Griffin Technology to ask. Their
response was prompt, and they told me it was perfectly safe as long as I had an Audio Input on the
eMac.
So, plug the guitar into the amp, and the amp into the eMac using the GarageBand Guitar Cable.
Back in GarageBand, I set up another track, and played along with my previous track. Damn, Iim good!
Well, Iill definitely get better with the ability to record my guitar into GarageBand now thanks to
the Griffin GarageBand Guitar Cable, and so will the musicians on your list. $25. p another track,
By Michael R. Harvey
