Network Security for work and play - time to upgrade to NMap 5.0

If you haven't used NMap before, here's what it does in a nutshell:

NMap is short for "Network Mapper", and it is used to determine what hosts (computers and other network-enabled devices) are on the network, what services they offer (apps), firewall and AV or filtering they have installed, plus OS type and version.

It's obvious to see the benefit if you're a network administrator. Just start it sniffing on the company network and it will report back all this information, allowing you to do inventory, security compliance audits and vulnerability testing.

Of course, the more subversive of you out there will probably think other uses. Whether your hat is white or black, you can have a lot of fun with this. Sniffing for hosts to attack, or just to play about with is easy and rewarding. However, I wouldn't run it on a tightly-controlled, corporate network unless you're really tired of your job ;-)

The latest version is NMap 5.0. It came out in July, and unfortunately no-one told me until now :(

I upgraded my not-so-old 4.75 version on my Win XP machine, but I haven't done the same for my Ubuntu box. Zenmap, the front-end, looks slightly tweaked, and overall (I might be imagining things, it's not as if I benchmarked it) it seems to run faster.

If you haven't tried it, maybe now is a better time than ever. Considering what it does, and how powerful it is, it really isn't much of a hassle to install and configure. It has a really great tutorial, and the NMap site it a treasure trove of tools, tutorials and ideas. It's well laid out too.

Further reading

• IPwatchD an IP conflict detection tool for Linux (slumpedoverkeyboarddead.com)
• GitHub, Firewalls, and Freedom (autonomo.us)
• Top-Rated Firewall Back by Request (chris.pirillo.com)
• Protect Yourself With A Bank Firewall [Fraud] (consumerist.com)
• Introducing The Virtual Machine Trojan (elasticvapor.com)
• How to set Windows as Default OS in Grub (techie-buzz.com)
• Why Is Linux Notebook Battery Life Still Poor? (hardware.slashdot.org)
• Migrating to Linux, Part 2: Avoiding Separation Anxiety (slumpedoverkeyboarddead.com)

Tech support cheatsheet

Your most invaluable guide to tech support, courtesy of xkcd.com

It was 40 years ago today

OK, it was 40 years ago a few days back...
But it's still hard to believe that Unix is really that old.
I still don't know as much about it as I'd like.

Further reading

• 40 years of Unix (slumpedoverkeyboarddead.com)
• Do one thing, and do it well: 40 years of UNIX (crunchgear.com)
• Unix at 40 (news.bbc.co.uk)

Firefox 3.5 really is faster and better

Image via CrunchBase

I know, this isn't exactly news, but if you haven't upgraded to Firefox 3.5 by now, you probably should - and I think you'll be pleasantly surprised.

All the good things that made the majority of users choose Firefox (other than those who just blindly accepted IE because they had no idea how to do otherwise) are still there. But there are a few new features. Some are new (native JSON support, web worker threads), and some are just new to Firefox (private browsing). Other features were available in add-ons, such as Tab Mix Plus and Session Manager (closed tabs, closed windows, tab tearing).

These new or borrowed features are important factors that will contribute to Firefox staying ahead of the competition, but I think I'm not the only one who was starting to get tired of every bell and whistle slowing the browser down. Safari wasn't going to tempt me away, but Chrome - while it didn't impress at first - started to really grow on me. Thanks to Chrome View, I could set certain sites to load up in Chrome instead. I'd noticed that Firefox 3.0.x, while it felt like an improvement at first, seemed to have terrible trouble with sites with deeply nested links. It simply took a ridiculously long time to load such sites, making the browsing experience pretty unbearable in the process.

So, the main area for improvement for Mozilla to look at, for me, was speed. Chrome and Safari had it. Chrome had some neat features too (even if Safari had nothing), but it had no add-ons (and probably never will). Once I heard that Firefox 3.5.x was much faster than Firefox 3.0.x I was very nearly sold. It was just a matter of time before all my favourite add-ons were confirmed compatible with 3.5 and then I'd be on my way.

My favourite add-ons (all FF 3.5 ready :)
- Ad Block Plus (essential)
- Greasemonkey (essential)
- Personas
- Tab Mix Plus (quite redundant now though)
- Selenium IDE (essential)
- Flashgot
- Firebug (essential)
- Speed Dial (essential)
- Stumbleupon
- Forecastfox
- Zemanta

Now that I have upgraded, since all the add-ons listed above are supported, I can vouch for greatly improved performance. The claims from Mozilla were that FF 3.5 is over 2x faster than FF 3.0, while benchmark tests on many sites claim it's up to 2.5x faster. All I can say so far is that I can feel a huge improvement. Most of the frustration has been removed, and I don't think I'll be reaching for Chrome quite so often from now on.

Performance index comparative (OS: Win Vista) from lfie.net

Futher reading

• Tab Mix Plus Beta For Firefox 3.5 (techie-buzz.com)
• New hint of gallery for Chrome themes emerges (thaibrother.com)
• Firefox 3.7a1pre Portable lets you try before you install (downloadsquad.com)
• Google building 3D hardware boost into Chrome (thaibrother.com)
• Firefox 3.5 performance 250% (lfie.net)
• Top 5 Killer Features in Firefox 3.5 (mashable.com)
  

Cowon S9 - looking good

Cowon's new flagship offering looks fantastic, but then again, most of their products do.

It features a 3.3" screen and it looks like it will be extremely high def, with perfect colour.
That seems to be the main improvement (maybe the UI and controls were made more intuitive), because the sound quality is exactly the same as the models that have been available for the last few years:
20Hz - 20kHz freq. range and ~30mW per channel max output @ 16 Ohms
I suppose it doesn't need to be any better than that for consumer use - but they could easily take on the pro market if they wanted to.

It has a lot of nice additional features: flash playback, wireless, bluetooth, AV output in PAL/NTSC - I wouldn't mind some of that.
Pity they never did anything about the recording facility. This seems to be the only thing missing - a really good stereo condenser mic instead of a pinhole, and a good sampling bitrate (say 160kbps - 320kbps mp3, instead of 96kbps WMA).
With that, musicians (and bootleggers ;-) wouldn't need the Zoom H-2

Google opt-out

Tired of Google dominance? Walk away with Google (tm) opt-out

Pro-Georgian blogger is targeted

Cyxymu, a Georgian who has blogged extensively on the Russo-Georgia conflict and the land grab of South Ossetia was apparently targeted in a DoS attack lasting around two hours yesterday.

His Live Journal blog (which I won't link to), Facebook page and Twitter profile were hit hard, probably by a botnet set up to silence him.

The side effect of the DoS attack was that Live Journal, Facebook and Twitter were heavily affected, with Live Journal an Twitter being brought down, unable to handle the millions of requests, while Facebook performance was greatly reduced. Google and YouTube were also targeted, but their architecture greatly limits the effects of such DoS attacks, so they were able to absorb most of the impact and no end users were impacted.

It is not yet known who was responsible, although there was the suggestion (from Cyxymu himself) that the Russian authorities were involved. There is more evidence that an individual or a small group was responsible, leveraging the power of hacked PCs (known as zombies) around the world to stage what is quite a traditional type of denial of service attack - flooding target pages with a very high and volume of requests, sustained for long enough to bring down the site or service serving the page.

Cyxymu's Live Journal blog is still offline - presumably as a precautionary measure from Microsoft, to spare other users from further outages. Understandable, if a bit cowardly.

Whether the KGB was behind this, as some suspect, or if it was a disgruntled diametrically opposed (in the political sense) hacker or group of hackers remains to be seen. It is unlikely that this is the last we will hear of it.

Further reading

• Bits: Attack on Twitter Came in Two Waves (bits.blogs.nytimes.com)
• Web attack blogger blames Russia (bbc.co.uk)
  
• The Most Hated Man Online? (mt-soft.com.ar)
• Russian hackers launched Twitter attack 'to silence Georgian blogger' (telegraph.co.uk)
• Twitter attack aimed at political blogger (cbc.ca)
• Twitter and Facebook DDoS Attacks Targeted One Man (mashable.com)
• Twitter still struggling to recover from DOS attack (macworld.com)