bicetech.com



Welcome to bicetech.com. There's not much here at the moment. This server only serves as my personal mailserver, but I may be putting some more interesting content out here from time to time. I'm told I should be "blogging" all of the interesting, geeky things I do at work (or at play) as a CyberSecurity Admin. As a result, you may find odd, disconnected ramblings here from time to time about things I'm doing or ideas I've had.

Wow, I haven't updated this in a long time. I felt the urge to scratch the writing itch a while back (once upon a time I published a few articles in SysAdmin Magazine, back when magazines were still "a thing"), and I'd just heard about a social media site that wasn't banning people for thinking wrong think (I truly detest being told what I'm allowed to think or what opinions I'm allowed to hold), and whose end-user agreement didn't say silly things like "anything you upload to our site is owned by us, not you" and so I setup an account on minds.com. I posted a gaggle of blog posts there on "Principles of CyberSecurity" where I tried to boil down Cyber Security to it's most basic essentials. I hope they're of some use to someone. I also posted a variety of thoughts, notes, alerts, and interesting videos 'n stuff there too.
Stop using email alerts in cron jobs E-mail notifications for hardware and cron/scheduler jobs always lead to trouble. A better solution is to use passive service checks in whatever your monitoring solution of choice is.
Some Security Visualizations I screen-captured a bunch of visualizations of security-related log data recently to show some examples. These aren't too fancy but they're good examples of how to make the most out of the simpler viz tools and how useful visualization of security logs can be!
linuxgeek I've been posting some articles over on minds.com lately. Some of those posts are just things pointing here, some are articles that I'll someday put together as larger/longer posts here.
Biscuit Fish Some recipes for buttermilk biscuits and "biscuit fish" - a recipe for fish with breadding using leftover biscuits and some sauteed veggies to go with the fish. Tasty!
The Risks of Internet-accessible email servers I noticed something odd in our email logs recently.
Learning about Node.js and making my own syslog daemon I spent the recent holidays teaching myself a bit about Node.js and making a stab a writing my own syslog daemon.
A cool new tool for visualizing data I took a neat new tool for a test drive last night that can do some really cool things with security log data...
Drawing Snort alerts on a map I made some rudimentary PHP code for drawing stuff (snort alerts in this case) on a digital map image. Was a fun weekend project.
Improved my .270 rifle I'm finally seeing some improvement in one of my rifles...
DNS Response Rate Limiting with Bind I found myself needing to do rate-limiting in bind and on a whim searched for "bind rate limit" and whaddya know, there's a feature for that. :-) Gotta love bind...
Making a multithreaded grep I needed a better tool for grep'ing through big log files or for fgrep'ing log files for really large numbers of patterns...
Improving Security at Work I've been making a bunch of changes to improve security at my day job. Have been testing/using a bunch of security-related services...
Symantec Marketing Sucks Ok, marketing departments USUALLY suck, no matter the company. But Symantec's has earned a special place in my liver. I truly loathe and despise them...
Marketing people who won't leave me alone.
New OpenLDAP MDB backend I started playing with the new MDB back-end in OpenLDAP this weekend. At first blush it looks very promising, though for the DBs where I could really benefit from it I'll probably need to run it on a 64 bit linux.
Stumbled across a bug in RPZ in bind 9.9.4rc1 Whoops! I ran across an odd bug in RPZ that affects servers where the RPZ is a slave zone. When changes are made to the master RPZ the slave servers stop honoring rpz-ip rules in the new version of the RPZ until you kill and restart named. There's a patch for it though it's supposed to be part of the official 9.9.4 release of bind. (coming soon, no doubt)
How to build a Champagne VTL on a Beer Budget I recently built a new VTL at work using some SGI MAID storage I happened to have on hand and some open-source software.
How to use BIND Response Policy Zones to filter DNS queries I recently setup some DNS filtering at work using a new feature in BIND called Response Policy Zones. We're also using the new RPZ zone data provided by spamhaus.org (you gotta request access to it), but I wanted to augment it. So I've got a way to automate fetching a list of known-hostile domains and known-compromised IPs that I want to rewrite DNS responses for. The spamhaus RPZ seems to be anti-spam-centric, and my RPZ stuff is more about preventing the userbase from pointing their browsers at the malware-du-jour and/or to prevent any malware they do pick up from phone-home. My list of domains and IPs isn't nearly as complete as I'd like, so I've augmented it some with what I see in my own spam logs and reports I run across in the SANS internet storm center or any malware our network intrusion detection systems finds. It works pretty well, so far...
How to make an asset tracking tool using OpenLDAP I finally took some time this weekend to bang out some info on how I used OpenLDAP to replace an asset tracking tool we used at SGI. It's simpler, faster, more reliable, and there's no internally-developed application to maintain. The user interface is simply whatever your favorite LDAP browser/editor tool is. Simple. It could easily be extended to track other things too. I started making (as a proof of concept) some other attributes/objectclasses for tracking licensing and even backup tapes but we already have other solutions in place. But keeping track of what servers are where and all the sorts of info someone on-call might want to know about those servers and the applications they run is sure useful. When you get a page in the wee hours it's nice to just click on an icon in nagios and immediately have a page full of info about what apps the server runs, who cares about the server and/or those apps, pointers to documentation for the server or it's apps, info on what backup server backs it up, how to get remote console access to it, where it's physically located, serial numbers and contact info if you need to open a support ticket for it... All sorts of useful info can be stored here...
My Dad, David Bice, has done a bunch of Geneaology work on Emil Daniel Winona and has uploaded some files here. In particular, the primary document of his work can be found in in this document. It's an interesting read!
I finally took some time to finish a nice light, aerobatic glider.
I moved to Longmont, CO!
I made another large improvement to the nagios server at work...
I finally got some film developed and uploaded a few more pictures from the recent track event at Laguna Seca. You can find them and a link to some video of one of the attendees going around the track here.
I attended the (now annual) Miata Track Event at Mazda Raceway at Laguna Seca yesterday and today. It was a blast! Even better than last year (at least for me).
The new nagios server at work is coming along nicely...
At work (SGI) I'm currently building a new monitoring infrastructure using nagios. I'm trying out a variety of new (to me, at least) tools along with nagios which I've used for ages. Check it out.
At work (SGI) I recently rewrote the nagios plugin we use for monitoring Dell systems. Check it out.
I recently (ok, not all that recently but I've been either too lazy or too busy to put anything up about it) visited a car museum here in Northern CA called the Blackhawk Museum. It was a good trip and I snapped a bunch of photos. I had no idea how dark the interior of the museum was (though the cars are well-lit) and I'm afraid my flash just didn't always do the cars justice - there are some truly beautiful and fascinating cars there. Next time, I'm bringing a tripod if they'll let me. I've put a bunch of photos and some random ramblings about them here.