Saturday, September 17, 2011

[Geek] The Ubiquitous Computer Mouse

Xerox Alto Mouse (1973)
The computer mouse has been a basic part of computing for about 20 years now (25 if you were a Mac early-adopter, and even longer if you are a Xerox Alto power-user).  Up until recently, innovations with mouses have been about adding more buttons, and scroll wheels.  Now, with Smart-Phones becoming more and more popular, things like multi-touch and gestures are being added too.

So, Jen and I were in an Apple store a few weeks back browsing (well, playing with) the new laptops.  The touch-pads on these things are very sensitive, and accidentally letting a second finger graze the pad while trying to move the pointer does unexpected things.  Two fingers, and the app switches, three fingers, and you are thrown to another desktop.  I was thinking to myself that it would take a few hours with it to really get used to it.  Jen says that the care required to work it was more than she is willing to put in (paraphrased).

[Geek] Attack Vectors and Twitter

I wrote a script some time ago, that basically parsed the auth logs on my web server looking for IP addresses that try, and fail, to log in, multiple times.  Over the years, I've continued to expand what it does, and what it could do.

At first, it would note something, and send me an e-mail, and I'd get to it, and it would continue to e-mail me once every hour until I did.

Then, since it was really only dealing with sshd (a remote login program), I had it automatically add entries to a file that sshd cares about.

Well, then I got it in my head, that I should also be scanning the web logs for evil hits.  So I did that, and added about 150 common signatures.  But, web server doesn't care about file based deny statements.  So, then I brushed off my firewall documentation, and worked on setting these things automatically into the firewall.

Once all that was done, I wrote a script that would run this thing much, much more often.

So, now it will e-mail me, but what fun is that?  When I get the e-mail, there's nothing more to do.

A few times, I posted IP addresses that had been blocked on my Twitter account.  I got a complaint that also sounded like a challenge.  "I hope that isn't an automated script tweeting"

It took me a few weeks to really go into it, but now I've done that too.  I didn't use my primary Twitter account though.

I'm interested to see what happens to this program in the future.