evilrouters.net

I’d love to give credit for this because it’s awesome, but I have no idea where it originated.

'Twas the night before Christmas, when all through the LAN
No malware was stirring, not even LoveSan;
The firewalls were racked by the router with care,
In hopes that no hacker soon would be there;

The users were nestled all snug in their beds,
While visions of emails danced in their heads;
And me with my MacBook, and fresh packet cap,
Had just settled down for a long winter's nap,

When out from the pager there arose such a clatter,
I sprang to my desk to see what was the matter.
Away to the browser I flew like a flash,
Came through the VPN and refreshed the cache.

The sign on the certificate gave me to know
The session was safe, so I opened it - Lo!
When, what to my wondering eyes should appear,
But a miniature email, and in text that was clear,

With a new device driver, with a quick "ho ho ho",
I knew in a moment it was our CSO.
More rapid than eagles his memos they came,
And he whistled, and shouted, and called them by name;

"Now, firewall! now, filter! now, intrusion detection!
On, event correlation! deep packet inspection!
Build layered defense! to the top of the wall!
Now block away! block away! block away all!"

As alarms that before the wild network worm fly,
When they meet with my console, mount up to the sky,
So up to the network the sensors they flew,
With the rack full of gear, and the CSO too.

And then, with a twinkling, I heard on my cell
The custom ring-tone - the network was well.
As I drew in my hand, and was turning around,
Down to my inbox he came with a bound.

His message was brief, what was afoot?
Were servers and systems safe at the root?
A bundle of appliances stacked on his rack,
And he looked like a peddler just opening his pack.

Their lights -- how they twinkled! Their vendors - how merry!
They stopped all attacks, they paged my BlackBerry!
The poor little hackers were drawn up like a bow,
And tied up in knots in the honeypot below;

The stump of net packets held tight in our teeth,
With logs all analyzed, traceroutes were a breeze;
Our policies sound, vulnerabilities patched,
Our security systems just could not be matched.

He was chubby and plump, a right jolly old elf,
And I laughed when I saw him, in spite of myself;
A wink of his eye and a twist of his head,
Soon gave me to know I had nothing to dread;

He spoke not a word, but went straight to his audit,
tested the firewalls; then turned to report it,
And laying his finger aside of his nose,
And giving a nod, up our T3 he rose;

He sprang to his limo, gave his consultants a whistle,
And away they all flew like the down of a thistle.
But I heard him exclaim, ere he drove out of sight,
"HAPPY CHRISTMAS TO ALL, AND TO ALL A GOOD-NIGHT!"

To whomever wrote this, thank you. Excellent piece.

"A" is for Arrogance, properly done.
"B" is for Bastard, the New Zealand one.
"C" is for Cynic, jaded and tired;
    it's also for Caffeine, which keeps us all wired.
"D" for Delete, we'll do it to you;
"E" for 31337, the skr1pt-k1ddie's due.
"F" is for Format(1M), we use it on disks,
"G" is the middle name of the guy who does RISKS.
"H" for the Hubris that makes lusers luse;
"I"'m the Important one, the person who su(8)'s.
"J" is for Jaded, see "C" above;
"K" is for Kill(1), a command we all love.
"L" is for Luser, the sysadmin's bane,
"M" with a "4" keeps the mail gurus sane.
"N" is for No, whatever the question,
"O" is for Octal, the way of permissions.
"P" is for Password, have you changed yours lately?
"Q" is for Quotas, which simplify greatly.
"R" is for Random, a most useful quality,
"S" I can't tell you, it's against policy.
"T" is for TECO, a very old editor,
"U" is for Unix, which has no competitor.
"V" is the System whose Release 4 we wrestle with,
"W" is for W(1), to see who(1) we nestle with.
"X" is the windowing system from Hell,
"Y" do we use it?  The rest suck as well!
"Z" is for Zero, indicating success
    It terminates programs -- and alphabets, yes.

–Unknown

Several weeks ago, Chris at IIS Hacks posted a rant entitled “What Ruined the Internet?”. I just came across it and am linking to it just because of the awesome intro paragraph that took me on a quick trip down memory lane:

“I’ve been around the Internet since long before the “Dot-Com Bubble”, when we had to get our MP3s from IRC and use Blade’s Encoder for the command line. Slashdot was just starting up, ICQ was the only instant messenger around, and Winamp really did whip the Llama’s ass. Those were the days…or were they?”

I don’t necessarily agree with the rest of his rant, but he got one thing right: Those really were the days…

Two 7200s connected back to back via their serial 2/0 ports. Bring up a link, establish a BGP neighbor relationship between them and then kill your router. The cool thing is, you can even do it from unprivileged mode:

c7200-b# conf t
c7200-b(config)# int loopback 0
*Dec  6 19:36:57.871: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed state to up
c7200-b(config-if)# ip address 192.168.1.1 255.255.255.0
c7200-b(config-if)# interface serial 2/0
c7200-b(config-if)# ip address 10.0.0.2 255.255.255.252
c7200-b(config-if)# no shutdown
c7200-b(config-if)#
*Dec  6 19:37:13.875: %LINK-3-UPDOWN: Interface Serial2/0, changed state to up
c7200-b(config-if)#
*Dec  6 19:37:13.879: %ENTITY_ALARM-6-INFO: CLEAR INFO Se2/0 Physical Port Administrative State Down 
c7200-b(config-if)#
*Dec  6 19:37:14.883: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0, changed state to up
c7200-b(config-if)# do ping 10.0.0.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/13/24 ms
c7200-b(config-if)# router bgp 65001
c7200-b(config-router)# neighbor 10.0.0.1 remote-as 65000
c7200-b(config-router)# network 192.168.1.0 mask 255.255.255.0
c7200-b(config-router)# end
c7200-b#
*Dec  6 19:37:36.911: %SYS-5-CONFIG_I: Configured from console by console
c7200-b#
*Dec  6 19:37:40.919: %BGP-5-ADJCHANGE: neighbor 10.0.0.1 Up 
c7200-b# show ip bgp
BGP table version is 3, local router ID is 192.168.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 192.168.0.0      10.0.0.1                 0             0 65000 i
*> 192.168.1.0      0.0.0.0                  0         32768 i
c7200-b# exit

Then, while in unprivileged mode…

c7200-b> show ip bgp version 3

…and that’s it. From the other router, we see that it’s down:

c7200-a> ping 10.0.0.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.2, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
c7200-a>

And a moment later we’ll see the BGP adjacency go down:

*Dec  6 19:42:59.419: %BGP-5-ADJCHANGE: neighbor 10.0.0.2 Down Interface flap
c7200-a>

I’m real tempted to ditch Twitter.

I interact with Twitter in three ways:

• through their web site
• through SMS
• through ping.fm

Most of my interaction with Twitter is through SMS. Nearly all of the updates that I receive from Twitter are via SMS. I “follow” a number of people (74, as I write this) but receive updates via SMS for perhaps only a third of those. I started out having everyone’s updates sent to me via SMS, but some people either 1) post way too frequently and end up annoying the shit out of me or 2) just don’t say enough interesting things (e.g., the “signal-to-noise” ratio is way outta control).

Most (but not all) of my updates are done through ping.fm. My BlackBerry has an AIM client and that’s how I communicate with ping.fm. I send updates to “pingfm” on AIM and those are broadcasted out to Facebook, Pownce (which I hardly ever use), and Twitter. This is nice because I can update Twitter and Facebook at the same time. Because I don’t want every update going to Facebook (e.g. “@ replies”), I usually send those back to Twitter as an SMS.

Last, if I’m at home and on the computer I usually keep Twitter open in a tab and occasionally refresh it, just to keep up on everyone that I don’t receive SMS updates for.

When I first signed up for Twitter, my primary method of interacting with it was via IM. The “track” feature was awesome and allowed me to find others who had similar interests as mine. Once the shit hit the fan with regard to IM (in other words, when it became massively unreliable), they pulled support for it. Suckage.

Then, several months ago, the Twitter service as a whole became extremely unreliable for a good period. A number of folks jumped ship then. I almost did, but I stuck around.

Today, I read on the Twitter blog that they pulled support for receiving SMS updates in Canada (due to rising costs). Since Twitter has no apparent business model (and, it seems, isn’t generating any revenue), it makes sense to assume that eventually the cash supply will be running low. At some point, they’ll pull support for SMS updates in the U.S. as well, at which time I’ll really have no use for the service anymore.

Maybe I should just get out now.

Are there any viable alternatives? It’d be nice to be able to send and receive updates via SMS. I’d be content with receiving updates via SMS and sending updates through another method (e.g. ping.fm, web only, etc.). What are my choices?