How spammers get past spam filters

My boss pointed something intersting out to me.  A penis enlargement email that keeps slipping past my spam assasin and his outlook client based anti spam software.


Check out this source…


at l<kwriomldwis>east 3 I<kophixzbmfahpt>NCH<kukntyadvxfru>ES or ge<kjgdkhybxvmbj>t
y<kggudaubtbo>our mon<kxeytamotthnl>ey bac<kpkevvobnpdeccq>k!


They throw giberish tags in between all the words so the spam filters dont find the words and the mail client just ignores all of the nonsense tags.


Spam filters should parse out all HTML and just look at the text IMO.

Linux Intro

A long time friend and colege (and MCSE and long time MS Advocate) recently asked me via email what the best choice of Linux/Unix distros are for someone interested in learning.


With the proliferation of distributions available I would imagine this is a pretty intimidating decision for someone starting out so I took a little bit of time to craft my answer.  Here it is for all who are intersted…



Hi, it was good to see you guys too.  We should do that more often. 🙂

 

Congrats on the choice to investigate the *nix world. Its not really hard at all, just a completely different way of thinking about things.  Once people get over the initial shock of it being so different the learning curve gets tiny. 🙂

 

As to a specific distro, it all depends on what you are looking for.  FreeBSD Unix is pretty popular right now.  In a recent article on slashdot (http://slashdot.org/article.pl?sid=04/02/21/142239&mode=thread) it is said to be (statistically) one of the most secure OS ' around.  OpenBSD is also bunched in with this figure I believe.  OpenBSD is built for security.  It makes an awesome firewall/router and because of the way PF (its firewall implementation, packet filter) is set up it will act as a router for a large network on a P1 with very little RAM.  OpenBSD has AMAZING online documentation and help, but is a very different install than any other unix or linux flavors.  By default Bind, Apache and Logd are chrooted.  This can cause problems to someone who is new to unix as its very hard to work with in some cases.  Especially any sort of virtual hosting on a chrooted apache box.  Ick.

 

The linuxes are in a strange place right now. Before RedHat anouced the retirement of the free basic RedHat OS they where the best choice for any business related linux implementations.  They had the biggest hardware and software support.  Most of the large computer manufacturers (Dell, HP and so forth) where all making servers with RedHat on them by default.  Then they announced they where switching to the Enterprise (pay) model and have a developer ver (fedora) available.  Now everyone who was using it is scrambling to find a new distro. 

 

For the raw configurability of it I like Gentoo.  Gentoo-Hardended specifically.  It uses the NSA 's SELinux permissions system, Pro Police Stack Smashing protection (if an overflow existed in code this should stop it from being exploitable) and a ton more.  Its a good solid OS.


Debian has wide speedy support is becoming one of the most popular free distros.  Its Apt-Get package system is great and allows you to set up OS and software updates via a scheduled command (Cron Job).

 

Gryphn and I just installed Suse a day or two ago on one of her mighty dell servers.  So far I -REALLY- like it.  Its very similar to redhat and even uses the RedHat Package Management system.  Its very easy and is available both free and commercially.  Although we haven 't had much time to give it a thorough evaluation I rather like it.  You can get the remote install cd for free here http://www.linuxiso.org/download.php/499/boot.iso or you can get the “Live eval cd”.  This boots right from the cd and lets you play with it… http://www.linuxiso.org/download.php/491/SuSE-9.0-LiveEval-i386-Int-RC1.iso

 

LinuxIso.org is a unix geeks best friend.  Download all the distros you want and try em out.  The only cost is that of blank cds and the time it takes to run through the install. 🙂

 

I hope this helpful, I don 't know your current level with *nix so I may have either spoke down to you or up to you.  Sorry. 🙂

 

I think the best choices to learn on would be either Debian or Suse (suses install was cake) and if you like what you see try OpenBSD or FreeBSD.  They all have different things going for them so its not always cut and dry which one to get/use.  It all depends on how you want to implement it.

 

Let me know if you have any other questions.  I love talking unix. 🙂

Still alive (barely)

Wow, its been a long time since I last bloged.  I will be sure to post more regularly from now on.


I have War.c and Glamkookie crashing at my place for a wile.  They are both in here Canada.  Every day has been a blast and I am glad they are around. 🙂


GuardianLogic has been incorporated.  Now that all of the nit picky legal crap is out of the way I can officially change the name of my biz from Sigil Studios to GuardianLogic, Inc.  If you are a client you should receive an email shortly explaining it all.


I began studying for my CISSP exam.  I never realized how crazy it is.  Its a 6 hour test and is only offered once this year in MI.  I bought two books and have some practice tests.  I have never been much into the certification classes.  Why pay $2000+ for a class when you can pay $100 for a couple books and still pass?!


I have also been sick for the last couple of weeks.  I have lost my voice on a couple of occasions and constantly hack stuff up.  I wish I could be well again.  Can 't wait till I finally get my health insurance from work.  Its sad that I 'm looking forward to going to the Dr, but I have had a lot of health problems “stacking up” over the time that I was self employed and without insurance.  One of the first things I will have done is getting these damn wisdom teeth yanked.  All four (yes 4) are impacted.  One is cutting into nerves in my jaw and I get Hellaciose headaches from it.  It also causes sinus and inner ear infections.  And I tell ya, if you have ever had an inner ear infection you would be looking forward to having the bastards pulled too. 🙂


As I said earlier, I will be posting with more regularity again and updating the page a bunch.  Keep checking back. 🙂

Technology Spontaneously Combusts In Sicily

“According to MSNBC, ever since mid-January, various electronic devices have been spontaneously combusting in the now evacuated town of Canneto di Caronia, Sicily; at this point, the fires are almost daily. The town has been disconnected from the larger electrical grid and was hooked to a generator, but that, too, caught fire. Even unplugged items have succumbed. Nothing seems to have burst into flame except where there is someone present to witness it, but the police no longer suspect a prankster -- after witnessing wires catch fire without cause. Scientists have yet to explain the phenomenon (although unproven theories abound), leading many people to look to supernatural causes.”

GMail

Google has taken the last 10 years of systems software research out of university labs, and built their own proprietary, production quality system. What is this platform that Google is building? It 's a distributed computing platform that can manage web-scale datasets on 100,000 node server clusters. It includes a petabyte, distributed, fault tolerant filesystem, distributed RPC code, probably network shared memory and process migration. And a datacenter management system which lets a handful of ops engineers effectively run 100,000 servers. Any of these projects could be the sole focus of a startup.


http://blog.topix.net/archives/000016.html

Laid off

I got laid off from work today.  There is not enough client work to keep me busy and not enough development/support work till the release of the new product.


I 'm not horribly bothered by it as I have seen it coming for about a month now.  Now I just collect unemployment and try and my CISSP and GLI swinging.

Stuff

We went to Nic 's over the weekend in Gross Point and had a freeken blast!  Its always fun over there. 🙂


I should have a new backend for this entire site in the very near future.  Fear, for it shall be cool!

Busy

For the last few months I have spent all of my time concealed in my house working on a  big top secret project.  I just got back from dropping my co-conspiriters back home in Canada.


Now details of the project will slowly start surface on this page and metazoa.ca.


Im going back to bed.

Sick and tired of being sick and tired

Bah, I.m sick again.  I keep getting these awful freaken dizzy spells.  They make it hard to concentrate on anything.  So I find myself paying upwards of $100 to visit the Dr. tomorrow to figure out what my problem is.
The whole thing really pisses me off.  I got a job about 9 months ago at SiteObjects and received a contract, signed by my employer, stating that I will have medical insurance after 3 months of employment.  I was REALY looking forward to this because I could get these dizzy spells taken care of as well as my wisdom teeth.


So after 9months of employment I get laid off and never saw insurance one.  That.s 6 months that my employer was contractually obligated to provide insurance and never did.  Now I.m unemployed and paying for it all myself with my unemployment money.


Let this be a lesson to you… research potential employers.  Its not fun to be taken advantage of.


On another note& Metazoa is coming along nicely.  The details that everyone wanted?  It.s a Content Management System secured to the teeth.  Its compliant with many security standards right out of the box (HIPPA, NSA DITSCAP and many others).  I have never seen a CMS that is as full featured as the one that war.c and I have created.  It.s in early alpha right now and should be available in beta very soon.  Look for all of my sites to be switching to it in the near future.