Using tshark to find the man in the middle

This post is targeted at people that understand ip addresses, default gateways and have heard of arp, but don’t play with them often enough to realize how vulnerable we are to man in the middle attacks. Back in the old days, the network hardware was often a hub, and hubs had a property that all the computers connected to a hub could see each others traffic.  This meant if my computer and tori-the-lori were on the same hub tori-the-lori could see all my network traffic. This sound like weak security.  In time the world invented switches, and now almost all networking uses switches. Switches...

Read More

The whitespace and indentation debate

Nothing annoys me more than having to argue over whitespace and indentation. Where should we stick the braces? Spaces vs Tabs? Can't we find something more useful to argue over? Long ago I read the only to end the pointless whitespace debate, is to have the compiler reject random whitespace. I thought that was a very good idea, and today I'll talk about it. In the beginning whitespace didn't matter, it was there for the human, and the program ignored it.   But that caused an annoying problem - you ended up needing tokens like '{' ';' and '(' and then you needed to argue about how...

Read More

Salting your hash, chasing rainbows and cracking passwords

Henry Ford takes 3 of his division presidents out for diner to decide which of them will be the new CEO. As soon as they start eating Mr. Ford chooses Bob, the man to his left, to be the new CEO. The other division presidents are shocked, and ask why Bob was picked over them. Henry replies: Bob was the only man who tasted his food before salting it. Unlike at dinner time, hashes should always be salted. A hash is a one way function that maps something, for this discussion a password, to a short string. The point of a hash is if you're given the hash, you can't figure out the password. A common...

Read More

How do you thumbprint a certificate?

You often use thumbprints to find certificates, but what is the thumbprint?  The thumbprint is the hash of the certificate. In the case of the CLR’s X509Certificate2 class, the thumbprint is the SHA1 hash of the certificate. If you want to compute the thumbprint of a certificate yourself it’s pretty simple: function get-CertThumbprint ($cert){ $sha = new-object System.Security.Cryptography.SHA1CNG $hashOfRawBytesOfCertificate = $sha.ComputeHash($cert.RawData) ( $hashOfRawBytesOfCertificate| % {"{0:X}" -f $_} ) -join ""} PS cert:\LocaLMachine\My> dir Directory: Microsoft.PowerShell.Security\Certificate::LocaLMachine\MyThumbprint...

Read More

A better blog editor - Windows Live Writer

I've been complaining about the blogger online blog editor forever. Today I took Windows Live Writer out for a spin and I like it. It's free, and it works with blogger without a hitch. My favorite feature is its preview pane which shows an actual preview of your post in the blog, which the blogger editor doesn't do at all. In my heart of hearts I’ve always believe a rich client application should be more powerful then web applications, and in this case it is....

Read More

Keyboard shortcuts in Windows WYSIWG editors

I have a day job, and in that job I use Word, OneNote and Outlook.  For style I only use bold, italics, underline, headings 1-3 and lists. For some reason, I never learned the keyboard shortcuts for some of these, and thus I need the mouse to apply these styles. In case you suffer like me, here’s are the shortcuts that will set your mouse free. Style Word OneNote Heading 1 C-A-1 C-A-1 Heading N C-A-N C-A-N Bulleted List C-S-L C-....

Read More

Powershell is dynamically scoped, and that will confuse you.

Lets start with an example, as the concept of dynamic scoping is a big string for most programmers. Python Program x = 5def printX(): print xdef setAndprintX(): x=7 printX()printX()setAndPrintX()printX() Output From Python 555Powershell Program $x = 5function printX() { echo $x } function setAndprintX(){ $x=7 printX}printXsetAndprintXprintX Output From Powershell 575 What is this dynamic scoping? Most programs use static, also called lexical, scoping because it's easy to understand. You figure out what is in scope by looking at the source code. In the python example,...

Read More

Syntax Highlighting Take 2

Readers of my blog complained that they can't see the code I was syntax highlighted in RSS readers like Google reader. The reason is moderately interesting so I'll explain it: HTML likes to gobble up white space, so if you're pasting in source code you use the PRE (preformatted text) tag. PRE shows up in fixed width font and preserves spacing; however you can't place < or > in PRE tags since they denote HTML tags, instead you need to use &lt or &gt (character entity references if you speak techno babble). This is annoying, especially given the blogger text editor gets confused when...

Read More