Travcom - Travis' Homepage

Hi, you've reached Travis's homepage. I figure most people come here for stuff I've done, so it's up front. For information about me, see the bottom of the page.

Free Security Publications

In God We Trust: From Everyone Else, We Need Source Code

I'm writing a book on security in which I'm trying to capture what I know about security. There may be many books on security, but I hope that this one has some unique insights, and is relatively comprehensive but also timeless.

There are also many other security presentations around here somewhere.

Google Android Links

Python Microframework Evaluation

privilege.py - a safe way to drop privs from root

DFD - The Dynamic Firewall Daemon

Safe Firewall Editing Scripts

These scripts allow you to safely edit the firewall rules by scheduling an "at" job to restore the last working configuration in two minutes in case you get locked out. These are a "must have" for remote adminstration.

• safety Fedora, possibly RHEL
• deadman OpenBSD, possibly other BSDs

metaprox

• metaprox - a non-forking HTTP proxy proxy... pick which proxy you want to use on a per-domain basis, or change the default proxy without leaving your browser (it's web-controlled)
• metaprox init.d script - for running metaprox on a Fedora system
• Mostly outdated, use foxyproxy firefox extension instead

Linksys BEFSR41

• Linksys DHCP fix - for periodically renewing your DHCP lease on a Linksys BEFSR41 after applying the buggy security fix firmware revision 1.45.11 - NB: new firmware 1.46.00 fixes this
• Linksys router SNMP trap handler

The Post-Intrusion Forensic Toolkit

• unhide, a tool to show you all the process IDs in use on a system, even in the presence of a trojan-horsed /bin/ps (see comments for usage)
• viz, a tool that detects if anyone has attempted to hide their presence from you by zeroing out their entries in the wtmp log file, a technique used by the popular post-intrusion zap and zap2 programs. NOTE: This has not been tested on Linux, only BSD, and may show false positives on Linux.
• nmap, a tool to detect what open ports you have on your system, even in the presence of a trojan-horsed netstat
• lsof, a tool that lists the open files on your system
• fstat, a native BSD tool for showing open files

Intrusion Response Tools

• denycomm is a small, simple, customizable command-line tool that will deny communication with an IP by blocking packets on a variety of packet-filtering firewalls. My hope is for this to become a standard so that IDS implementers do not have to hard-code different commands into the IDS configurations depending on what firewall topology they are using. Just run denycomm and let it do the work. This fits into a greater scheme that I am working on, so check back here later. Currently it supports ipf, pf, iptables and route.

.profile

The .profile configuration file is perhaps the most important in Unix. My philosophy is to create one that works everywhere.

• Read the ;login: magazine, June 2003 article
• This is my more recent article
• Click here to download the code!
• addpath, another neat tool

Misc Programs

• chcvsroot - change CVS/Root entries
• urlgrep - print all URLs from a file
• readlink - a tersely-written command-line symlink processing tool
• directory_to_dot - create dot-style graphs of directory hierarchies
• shadowcaster, a program that detects executable programs in your PATH that are "shadowed" by other executables with the same name earlier in the PATH
• Very unofficial OpenBSD ports

Misc Publications

• My Ultimate Email Config
• Atom Age HWRNG
• usenet news links - all about Usenet News
• interesting email I wrote
• an introduction to X10 - an inexpensive home automation system
• a review of file distribution systems
• how to firewall some non-standardized but popular protocols
• keyboard input in Unix
• HOWTO chroot daemons
• my article on my CFS travails (now with cryptanalysis)! ;login: magazine, August 2004
• Good ideas I don't have time to implement
• Using the "envelope From" in filtering email

Documents about Microsoft

Microsoft is very effective at what they do, which is to dominate numerous kinds of software markets with relatively mediocre software. These documents describe how they do it.

• The Halloween Documents, a collection of documents related to the Halloween Memo, including Microsoft response, with edifying comments by Eric Raymond.
• The Halloween Memo, a confidential Microsoft memo that was leaked on Halloween, laying out Microsoft's strategy for dealing with free and open-source software.
• The Microsoft Anti-Trust Case, a series of documents which deal with the legal and social aspects of the case against Microsoft.
• Making Microsoft Safe for Capitalism, a document on how Microsoft gains and exerts its power.
• NetAction's Microsoft Archive, a library of documents on Microsoft, including "From Microsoft Word to Microsoft World", an analysis of Microsoft's practices and strategy.
• The De-commoditization of Protocols, an essay describing one facet of Microsoft's strategy, namely their "embrace and extend" approach to "free" protocols.
• The USDOJ complaint against Microsoft, surprisingly good reading.
• All the court documents regarding the current case against Microsoft by the DOJ.
• Good enough software, a design principle that seems to come and go in proportion to Microsoft's stock. This article doesn't address the fact that Microsoft software seems to be written with a process that produces a tremendous number of bugs. They brag about fixing such large numbers of bugs that it's easy to overlook the fact that they started with a great deal more than other design processes produce.
• Another treatise on good enough software. This one has a link to the excellent "The Rise of Worse-is-Better" paper, a must read.
• Is Microsoft software a monoculture that threatens the security of our critical infrastructure? Some well-known security experts think so.
• There's a lot of people that think Microsoft sucks. This one is the most interesting one. If you don't know what's bad about Microsoft, they have you covered.
• Microsoft allows OEMs to customize the XP install CD so that they can make it only install on the OEM's machines. This is a case where you must reverse engineer (crack) this protection in order to use your legal XP license. Until the DMCA this was legal (after all, *you own the license*), but I don't know if DMCA makes this practice illegal.

Autobiographical

• my public key
• giving thanks to all the people who deserve it
• On the Myers-Briggs Personality Inventory, I am an INTP ("The Architect")
• On the Enneagram I am a Type 5 (Investigator)
• My role model and personal hero is Nikola Tesla. I found his biography to be very interesting, and quite a bit more insightful and credible than his autobiography.