And the crowd goes wild
&& [ ] && 0 comments
It’s amazing how little I could care about baseball. I don’t know the rules, or the players names. What the hell does RBI stand for, anyway? I definitely never made it past t ball as a kid (you mean the other team pitches at you? F that! ) but now that the Giants are in the world series its hard not to get caught in the action. Bars are fun during these games. I guess I’m more of a fan of the fans than the game itself.
Speaking of non fans:
He’s a rep. Can you tell?
Who’s down for some celebratory champagne? We know Jillian is. Sleep well sf and keep rolling!
Dat Butter
&& [ Cycling ] && 0 comments
When I'm too Wrecked to Race my Bike
&& [ Video ] && 2 comments
I’m taking up rally car racing. Specifically, I’ll be going back in time to race Group B. Try and stop me.
[youtube=http://www.youtube.com/watch?v=TtR5OOHZSp4]
THAT VIDEO SUCKED! Said nobody, ever.
Road Bike Party Outtakes
&& [ Video ] && 0 comments
Remember that video of the dude on the road bike tearing it up that went viral a few months ago? Hes posted an outtakes video, pretty good stuff.
Cruzin for a Bruisin
&& [ Rides ] && 0 comments
Great weekend in Santa Cruz. Kicked it off on Friday with a quick, dark ride with local legend Jeff Kendall-Weed. No really, it was dark. The light ran out somewhere while inside of mailboxes, and being the rookie that I am, had no lights. Luckily Jeff had some which helped me get down without injury. Thanks man!
Saturday was the big boy ride. Headed up to SDF with Ben for a few laps with what seemed like a few hundred other riders. Good stuff, a bit rough on the hardtail but nothing the ‘ol handjob couldn’t handle with ease. After seeing Ben and the boys off, I rode back up to the top of SDF to descent some ripping singletrack back down to Aptos. Perfect day.
[caption id=”attachment_31” align=”alignnone” width=”567”]
Failed Panorama[/caption]
Warming up with the devil.
&& [ Rides ] && 0 comments
Sunday
&& [ ] && 0 comments
Sunday, Oct 21st, 2012. I have not ridden my bike. I can feel my sanity slipping away.
The 6 Month Festival
&& [ Cycling ] && 0 comments
6 months. 11 races. Countless rivers, towns, mountains and hours listing to Metallica in the car. A few too many tight corners and occasionally, one too many beers. The 2012 season was the kind of stuff that you live for, and today was my last day. After graduating from SOU last year I moved to Fairfax, CA where I lived until April when I decided a summer in the PNW was just too good to give up. And it was. The main focus of my time here consisted of racing bikes and good stuff that goes along with that.
Racing is amazing. Pushing myself so hard definitely puts me in a place that I rarely find myself in otherwise. It is an intense, raw feeling that I haven’t been able to find doing anything else. But the reason I really fell in love with racing was the whole lifestyle, which I didn’t know about until I participated in a few. I suppose I got a hint at my first race, the Cascade Chainbreaker, 3 years ago in Bend, OR: I woke up the morning of the race in the back of my car on the side of some dirt road in the middle of the desert outside of town. Cereal in a water bottle with some soy milk poured in, and shaken, was what was for breakfast. I then proceed to ride my bike as hard as possible for 3 hours for no real reason, at a far too early hour in the morning, and finish in so much pain I could barely stand. And we were in some cool town that I had never been to before surrounded by a bunch of cool people with cool bikes. The end result was the kind of weekend you talk about until the next one.
Fast forward 2 years and its that first race every weekend for the last 5 months. Except this time around school was not an issue for any of us, so the “weekend” races usually started sometime on Thursday, and ended on Sunday (but usually the wee hours of the morning, Monday) Although I started of the season strong with some XC races, the focus shifted mainly to Enduro and All Mountain races in which practice is crucial. I don’t think there was a single race we did not preride at least a day for. Some races we prerode for 2 or 3 days. All in different places, all with amazing trails, cool towns and cold water to jump in to. Hood River had the best food. Portland involved some firsts. Bend, the best locals. Downieville, also the best locals. Nevada City is home to the best river. And Ashland was home to me, I guess. But looking back, I didn’t really spend too much time there. When I was in Ashland, I worked. But that’s ok. I couldn’t think of a better place to call home base - you can even find some world class riding here!
I want to express how thankful I am for all the hardworking people that put on these races, and all the amazing and talented riders I met at them. It was great riding with ya’ll. I want to thank the BLM for providing most of my sleeping areas and taquerias everywhere for providing most of my meals. Most of all, thanks those couple of dudes I know for putting up with me through all of it. You know who you are. I’m looking forward to seeing everyone again next season.
Summer : Success. Come visit me in California!
Goodnight Oregon!
Blur LT - Build Video
&& [ Cycling ] && 0 comments
Ben and I putting the beast together:
Fun and Trickery with the Kippo SSH Honeypot
&& [ Linux, Technology ] && 4 comments
I was recently tasked with setting up a honeypot for an organization that wanted some better insight into who was snooping around in their network. For those of you too lazy to read, what is a honeypot? Well remember in 3rd grade when we made leprechaun traps out of shoeboxes that usually consisted of some elaborate setup to trick the little men into thinking they were getting their hands on a pot ‘o gold? Well think of it like that, except with computers. And networks. And hackers, espionage, subterfuge… etc. Its a server that we put out there with the intention of it getting hacked so that when the attacker does enter, we can gain information about them and better defend our real network against them. Basically:
This particular honeypot I was to set up didn’t need to be too complicated. Really all we wanted was to be able to listen on SSH and get notified if anyone connected - that’s enough because there would be no reason for any of use to ever connect to this server. That’s when I found Kippo. Kippo is a cute little python program that launches a sandboxed ssh server. It is semi interactive, meaning that to anyone who connects it would appear (at least for a while) that they have actually connected to a real server. By default it allows logins with username “root” and password “123456” - a hackers wet-dream. What can kippo do once an attacker has connected?
- Understands most unix commands. mkdir, ls, tar, cat, etc.
- Has a fake filesystem you can actually read/write to.
- Allows use of wget (!) and stores any files downloaded this way in a folder accessible by us.
- Of course, logs all commands.
- Cool tricks: You can create commands that do nothing but output text. This can make an attacker very confused. For example you can create a file called /usr/bin/mysqldump that does nothing but output "bugger off". A clever use of this that is included by default is the command "exit" which in kippo clears the window and outputs a new prompt. This makes it appear that you have disconnected from the server back to your machine when in reality you are still connected to kippo and it is logging all your commands!
- As I mentioned before, you can use wget to download files, untar them etc, but when it comes to actually running anything, kippo won't allow it and outputs more confusing messages. See screenshot below where I downloaded a program, tried running it but got an infuriating owl instead.
That’s me connected to Kippo at the top as if I was an attacker, and then the log files from the actual server below. Good stuff. My only concern with this program is its security. Its a honeypot, but how secure is it? Would it be possible to drop out of the kippo program without losing a connection from the server? Or somehow execute commands from within kippo that can make it out of the sandbox? From what I can tell, it seems pretty secure, but it is hard to tell.
Damn funny though. So far I recommend it, and I’m thinking of setting one of these up in amazon open to the world just to see what kind of people wander in. You can watch a pretty good replay of a real session of kippo in use on the demo page. Grab the popcorn.