rss subscription

We're having a son! 2010-1-6
Valeska is due at the end of May. Here are some sonogram photos and a registry.

LinkedIn 2007-1-5
LinkedIn is a social networking site for business and professional relationships. I've recently updated my profile and am now using the site more often. If you've worked with me and use LinkedIn, please feel free to view my profile and add a connection to me.

New sites 2006-6-1
Recently I've created a few new sites, including,, and So far MapWoW has gotten quite a bit of Internet media coverage via sites such as fark, digg, and slashdot. 2005-12-11
Recently a friend and I did a google maps mash-up with DC real estate information. It currently maps properties that have sold in DC along with their prices. We've even thrown in some statistics about the data that we have collected. So far we have data on over 70,000 property sales from the DC-area. Soon we'll add in detailed assessment information about every property in Washington DC. If there's enough interest we'll start adding information from more states. And of course here's an easy link to the site:

I'm engaged!!! 2005-1-2
On January 2, 2005 I got engaged to Valeska in Grenada! :) There are lots of pictures of my beautiful fiance and beautiful Grenada up here: After a day of hiking and seeing the rainforest in Grenada, I proposed on a ledge between two waterfalls. There are even pictures of the actual proposal here.

I got this as feed back from something I bought off of eBay. It cracks me up. Apparently this guy would trust me with his life. I mean that's flattering and all, but come on. I probably bought something from him for $20. Oh yeah, and of course the requisite AAAAAA++++ at the end of every eBay feedback is amusing. It reminds me of all the weird credit rating systems that people actually use.

MySQL password cracking capability for John the Ripper 2003-1-17
I just whipped up some quick code that gives John the Ripper the ability to crack MySQL password hashes. It runs about 75% faster than other MySQL bruteforcing tools and takes advantage of JtR's intelligent password guessing. You can get my patch here. (signature)

TxTEC Scholarship 2002-12-11
I was awarded a TxTEC scholarship, which means that now I'm listed here (and that I'll get some money).

Paper Accepted for PET2002 2002-2-9
I just found out that my paper was accepted for the Workshop on Privacy Enhancing Technologies. The paper details a traffic analysis attack against SafeWeb's anonymous web proxy. The paper will also be published in the Springer Lecture Notes in Computer Science. This will be my first-ever paper to be published. yay! (:

DNS Presentation at BlackHat 2002-2-7
Along with Jay Beale, I presented at the BlackHat Windows Security 2002 Briefings in New Orleans. We talked about how to secure both Microsoft's DNS server and ISC BIND for Windows.

NASL for Alchemy Eye HTTP Vulnerability 2001-12-1
I just wrote another quite simple nasl for Nessus. This one checks a computer to see if it's vulnerable to the Alchemy Eye HTTP vulnerability which was recently released by Rapid 7. You can read the bugtraq thread on the vulnerability here. You can download my nasl here.

NASL to detect ActivePerl Buffer Overflow 2001-11-22
I just coded up a quick NASL script for Nessus that checks a server to see if it's vulnerable to the ActivePerl perlIS.dll buffer overflow which was discovered by NSFocus. You can read the bugtraq thread on the vulnerability here and the SecurityFocus vulnerability report here. You can download my nasl here.

Installing VNC using a Remote Command Prompt 2001-10-13
I've created a page on how to install VNC onto a remote Windows 2000 computer using a command prompt on the remote computer. You can check out the page here.

Traffic Analysis 2001-10-4
One aspect of privacy on the Internet that I feel has been neglected is that of traffic analysis. I recently gave a report to my technical communication class on this subject along with a (somewhat impractical) solution to the problem. The presentation is very skimpy on technical details, however I'm working on a paper which will contain all the gory details. Here are the PowerPoint slides and a shady HTML version.

IO Wargames Presentation 2001-9-21
I gave a presentation entitled Deceiving Information Systems in the Modern Enterprise at the IO Wargames computer security conference. Here are the PowerPoint slides and a shady HTML version.

Finished CRAM-MD5 Authentication for Mail Check 2001-9-11
w00t - It's 3am and I just finished my little quest of adding CRAM-MD5 authentication to the Gnome mailcheck applet. Info on it and patch files can be found at my projects page for the mail check applet.

Adding CRAM-MD5 Authentication to Mail Check 2001-9-03
So the other day I was sniffing my network, like a good little boy, and noticed that my email password was traveling over the wire in *gasp* plain-text. Although I've switched mutt and evolution over to use CRAM-MD5 authentication, I was running the Gnome mail check applet (which only supports plain-text passwords). I decided that this plain-text password nonsense must be put to an end. In order to help slay the plain-text demon, I'm going to add CRAM-MD5 support for IMAP into the Gnome mail check applet. The applet is a part of gnome-core and the source file that I'm mainly messing with is popcheck.c. Once I finish my addition, I'll post plenty of info (including diffs) in my projects section.

Access Point Mapping 2001-6-30
Doug sent me a link to Net Stumbler (screenshot here) which got me thinking. There have been several projects started to let people contribute locations/info about 802.11b access points. All of the ones that I have seen require the contributer to manually type in the information that they're contributing. However, why not have a site on the Internet where everyone can upload logs of what they find with Net Stumbler? This central site could then create a huge map/database of the locations and availablitily of access points across the globe. I think that this type of system would be able to effectively map a HUGE number of access points... imagine hordes of people driving around with laptops, 802.11b cards, and GPS receivers.

New Pictures at 2001-6-10
Bryan's posted some new pictures on his website, Among the recent additions are pictures of my dorm room from last year (it's the one with all the stuff in it), my team's spectrometer (the first two pictures), and our climbing trips to Enchanted Rock, Hueco Tanks, and Reimer's Ranch. 2001-5-18
I just registered the domain, which will be the new address for my node on the 'net. The name comes from the official way to pronounce GNU (as in the GNU Project). BTW, you can send mail to any address and I'll get it.

GNU/Linux 2001-4-23
I've officially switched my main computer over to GNU/Linux. I'm running DeadRat 7.1 on it and Slackware on my NAT/firewall. In the long run, I'm planning on switching my NAT/firewall over to OpenBSD, and my main computer over to Debian.

WebCam 2001-4-7
Late last night I finally got a WebCam running. You can check it out here.
The software I'm using (Webcam32) doesn't work well behind a NAT box. So if you know of any good Linux (or even Windows) WebCam software, please let me know.

All your base STILL are belong to us. 2001-2-27
I've created yet another 'all your base' picture, this one even has UT's very own Dr. Wagner. You can see my creation here.

All your base are belong to us. 2001-2-27
If you have no idea what I'm talking about, go here before reading any farther.
Last night I thought I had a little extra time, so I created my own 'All your base are belong to us' picture, you can see it here.

Fortune Magazine 2000-12-27
I just found out that my picture was in the September fourth issue of Fortune magazine. The pictures I'm in are here and here. If you want to actually read the article, the text can be found here.

First Post! 2000-12-25
Your Mom is so dumb that she tried to minimize a 12 variable boolean expression to a minimal sum of products expression using a karnaugh map instead of the Quine-McCluskey Algorithm.