Leap Day

So, tomorrow is Leap Day.

Shouldn't you have some special plans? A day off with the kids or spouse? A special road trip?

It should be something out of the ordinary. After all, it only happens once every four years.

Got plans?

Saturday at Home

Put up a cabinet for Pam's scrapbook room today. Used some screw-in anchors, along with my fancy new level. Only required one trip to the hardware store, which is quite unusual.

While there, I got a quart of paint that matches the generic off-white walls around here. I went into the hall closet, and used a razor blade and chisel to gouge out a large square of the painted wallboard surface. I just cut deep enough to get the paint and the underlying paper covering of the wallboard. Put the sample in a baggie, and the paint guys at the local Lowe's did their color-matching trick.

I then covered up the thin gouge with some repair stuff (it goes on pink, and dries to white). I'll paint it later.

That whole project didn't take long. I spent the rest of the day working on a new web site, and generally goofing around the 'net.

The weather dweebs have been warning about a big storm tonight; wind and rain and snow. So far, not too impressive. But the weather dweebs are sure excited.

Web Filter Resurrection

After a bit of work with the tech support guys, the world (at least, the company) is safe from improper web browsing. Turned out to be an authentication problem with the database. Even though the database was properly created, it didn't have the right permissions for the user account that could read the database for the filtering sessions.

That only took two hours, with a bit less than an hour on hold. (Don't you hate those "we're really busy but keep hanging on" messages that repeat every two minutes, along with the generic music that also repeats every 90 seconds....)

An interesting sidelight of the web filtering software is the ability to determine how much time employees spend on the Innertubes. I can run a report of the top 500 users by their Innertubes time, assigning an hourly value of $30, and determine how much that web surfing is costing the company. Turned out to be a very large value.

Right now, we're in a budget crunch. I figure that we could save a bunch of labor dollars by looking at employee's browsing times. Say the employee is on the 'net 2 hours a day. So the assumption is that the employee really does 6 hours of work each day. So that's what they get paid for. A 20% reduction in labor costs would go a long way towards helping the budget crunch.

Of course, if they had supervisors who could manage their employees time and work output...

(He says while he posts this entry during working hours...)

Web Filter Dies

This afternoon, the web filtering software stopped working. The service wouldn't start, complaining about some sort of database error.

So I went through the process of creating a new database, and it the service still wouldn't start. Tried that several times, no joy. Deleted the new databases, recreated them with different names, still no joy.

By this time it was 440pm, and a call to the tech support line went unanswered, as they close at 500pm. I tried several other tricks, but still no joy.

The database exists on the SQL server. The web filter server shows connections to the database (with a NETSTAT command), but the service still won't start.

I'm toying with the idea of removing and reinstalling the web filter program. Or rebuilding the SQL server. But that won't happen until tomorrow morning. I could do it from home, but too tired to go through the effort.

Besides, I want to see what the vendor tech support tries to do.

Hearts and Scraps

A quiet Heart day around here. After work, a bit of relaxing at home, then off to dinner at Pam's favorite spot, at her request.

Pam's off in the 'scrap room' playing with her scrap-toys, and I'm watching an old Glen Ford movie. And wandering around the 'net as usual.

I did get some new content on Jason's web site (www.jasonhellewell.com). Pam scanned a lot of the scrapbook pages she was working on, and I found a nice simple PHP script to display them. The image files had to be resized a bit (I use the XAT Image Optimizer programs; you'll find them at www.xat.com). I set the width to 800px, and the result is quite readable on the screen.

And I posted a few new car crash pictures on www.carcrashpix.com . The site is somewhat experimental, but fun to goof around with.

Lovely Storm Worm Spam

I'm seeing what appears to be a new round of spam email from the "Storm Worm" gang. The messages are very short, wtih a subject related to Valentines' Day, and a short message with a link to a web site. An example: a subject of "Blind Love", and a message of "Rockin' Valentine" along with a link to a web site.

Clicking on the web link (or even typing it in manually) will get you an attempt to download some malware automatically. Current anti-virus may protect you against the download attempt, depending on the web page payload. Current patches will be another protection layer.

Note that Microsoft has released 12 patches today, many of them critical. Of course, all of ourusers are following Safe Computing Practices, and have their computer set up for automatic updates. And they have updated Adobe, Apple Quicktime, Firefox, and Linux kernal updates...

More info about the 'lovely' Storm Worm spam is here: http://isc.sans.org/diary.html?storyid=3976

Stuff To Do

A light commute today...was able to go the "speed limit" the whole trip in, thanks to all the CA State workers who get a holiday today. But I was running late, so didn't get to IHOP for "Free Pancake Day".

Some more forensic programming today is on the list. Although the list could change at any minute. I need to write a program that checks whether Group Policy has been done on a list of computers. I'm sure that somebody has written one that does that, so I'll do a bit of searching to see if there is some available code I can borrow.

Back to Work Stuff

On tap today: some mail server problems with undelivered mail that should have been allowed through via an exception (that was a 90 minute call with tech support). Some bad coding for forms found on the company web pages (no form field checking, so SQL and mail injection possibilities). Some other undeliverable mail problems (the usual, usually on the other end, not our servers).

And some thought about firewalls. Off we go!

The usual Monday Morning

I understand there was some sort of sporting event this past weekend. Don't know much about it. Anyone hear anything about this?

I found the story about the failed undersea Internet cables in the Middle East more interesting. The fact that there were two of them caught my eye. (Was there a third?)

There were some false reports about connectivity to Iran being lost; but that was incorrect.

Brings to mind whether one is prepared for Internet connectivity loss. Sort of like my "Digital Choke" story (which was written several years ago). Could it happen?

Back in the real world, some more forensics is on tap today, with a bit of web browsing analysis thrown in. Should be interesting.

This Week and Less

Work has been interesting. There's been an investigation of some inappropriate surfing by a user. Some external attacks against a web page submittal form that didn't do validation checking on form fields. Some analysis of web browsing activity by staff, and the lost productivity resulting from same. And working on a VBS program that moves old files into an archive directory.

And the weather has been a mixed bag. Rainy and cold (hovering around 50F) most days, although today is sunny and cold (still hovering around 50F). Yeah, not cold compared to some in the frozen north (Hi, John D) or east (that would be you, Brian B.) But cold enough that I have to wear gloves while driving until the heater warms up.

No big plans for the weekend. I've heard rumors of some big sporting event, but don't know the details, so not sure that it affects me.

Maybe some NCIS and Dirty Jobs reruns could be on the weekend list. Or perhaps work on the computer.

Or both. At the same time.