Disqus - Latest Comments for Doc Rice

Re: Building a Virtual Server for the House

Doc Rice — Mon, 17 Mar 2008 20:28:56 -0000

I use an older dual-CPU AMD-based system for my VMs (I run a few Server 2003s and a couple of BSDs on VMware Server 1.0, which itself is running on top of 2003). In my experience, loads of processing power really isn't mandatory unless each of these machines are crunching numbers simultaneously (or booting all at once). Memory requirements - well, that one's obvious.

Disk utilization is my common bottleneck. Windows has a lot of read / write operations going on all the time, especially when AV is installed.

That said, if you're planning on deploying 2008, well, that's gonna up your hardware requirements a bit, even with the Server Core option. When I was testing Server 2008 (beta) on a Dell 2950 with two sets of RAID10 (dual Xeons, 8 GB of memory), those VMs ran pretty slow while XP and 2003 VMs were snappy (I ran about 10 VMs on this box). Then again, perhaps that version of ESX wasn't calibrated for it.

Noise is definitely another consideration. I thought about getting a dedicated rack-mount machine as well for home, but I can't put it in the garage or closet (no cooling in my case) and it's just too much noise in my office.

In the end, I'd consider what kind of average load these VMs will run and what your expected responsiveness is. I'm assuming this is just for you, not for public services.

Re: The Best in Beatbox

Doc Rice — Tue, 01 Apr 2008 01:44:56 -0000

There are some who say that beat-boxing really should have been designated the fifth element of Hip-hop.

Re: Signing with Initials

Doc Rice — Sat, 31 May 2008 21:36:29 -0000

I've come to the point where I don't even use a signature when sending internal company e-mail to folks I normally interact with. None of that, "Hi John," and ending with, "Thanks, Bob." The formality feels unnecessary and artificial, plus it physically makes e-mail threads longer to parse.

That said, I'd agree most would use initials as a short-hand because it's easier. Sending something to an official contact outside the company would require the complete diplomatic package - full name, company logo and all.

Re: Tired of Mincing Words

Doc Rice — Wed, 02 Jul 2008 19:48:43 -0000

Wait, wasn't the Earth flat back in those days?

Re: Why I Carry A Gun: A Personal Anecdote

Doc Rice — Tue, 22 Jul 2008 15:28:45 -0000

Anyone who claims it's safe in this country hasn't lived in the "sketchy" parts of town or known people who were pretty desperate. Maybe they're living in those well-to-do, low-crime areas where the most visible civil offense is pit-pocketing. Unless you have Jedi skills, the odds aren't in your favor when the other party has the weapon and you don't.

Re: George Carlin: Please Wake Up

Doc Rice — Tue, 30 Sep 2008 22:50:30 -0000

That was one of the best parts of his "Life is Worth Losing" album. Smart guy - he saw how it all works since he apparently lived outside of the human continuum, or something like that. R.I.P., George.

Re: Age and Health

Doc Rice — Sat, 04 Oct 2008 03:33:32 -0000

It's what happens when you stare at monitors one too many hours, a mistake I made a couple of decades ago with TV. I'm at the same age you're at and I'd better get on the LASIK pretty soon.

Re: Home Network Upgrades

Doc Rice — Fri, 17 Oct 2008 15:21:56 -0000

For extra credit, add the NPS / RRAS roles and set up an SSTP server. Watch out for the CDP nitpicks (at least, that's where I ran into issues with the client did the CRL check). What's the OpenBSD box for?

Re: The UNIX Configuration Rosetta Stone

Doc Rice — Mon, 27 Oct 2008 14:25:00 -0000

There's an older book called the Universal Command Guide which did the same thing. It doesn't seem like a newer edition is out though with more recent *nix info:

http://www.amazon.com/Universal-Command-Guide-Operating-Systems/dp/0764548336/ref=pdbbssr_1?ie=UTF8&s=books&qid=1225131802&sr=8-1

Re: A Crazy Idea Regarding the Obama Administration and Security

Doc Rice — Fri, 07 Nov 2008 02:31:28 -0000

Nice idea and I'd like to be optimistic and believe something like this could happen. But that said, political leaders (including those in Congress) also have to cater to the uninformed masses and their perceptions. While I'd like to hope we'd become much more efficient in assessing our real security risks and addressing the root causes of issues rather than just the symptoms, I fear that useless security theater will prevail for some time due to the general public's ingrained biases and dependencies on easy, emotionally-satisfying results rather than complex strategies that directly address the underlying problems.

Re: VMware Server 2.0 For Linux Doesn’t Have a “Send Ctrl-Alt-Del” Button

Doc Rice — Sat, 08 Nov 2008 17:08:44 -0000

Why even use VMware Server instead of ESXi? I tried VMware Server 2.0 when it was in alpha and it was horrible compared to 1.x. Of course, it was an alpha, and I could see how they're trying to make the management interface more like their Infrastructure offerings (VC, VIC), but I still thought it was bad.

ESXi, on the other hand, works quite well for free.

Re: The True American Divide

Doc Rice — Fri, 14 Nov 2008 14:32:49 -0000

I only quickly parsed through the article (I skipped a lot of it because I got the general idea)...

I have friends on both sides and it's interesting (but no longer surprising) that the various marketing campaigns have greatly influenced their attention. Lots of folks resolve their demons by exercising convenient, emotionally-based judgments rather than ones based on some degree of critical analysis. When you have common values skewing towards glamor self-image and lifestyle conveniences over hard work and the paying of dues to improve oneself, you inevitably end up with unskilled, undisciplined, and unmotivated grown-up kids who can't deal with the real world. A lot of people are completely unaware of the gears driving their behavior and actions underneath the hood.

Relying too much on your sense of smell to guide you in life is eventually going to lead you into a trap.

Re: Whole Foods Elitism

Doc Rice — Tue, 18 Nov 2008 22:10:44 -0000

I think I know what you mean, but for me it's the whole, "I keep my body in a highly natural / optimized state by digesting 'organic' and 'clean' foods because it makes me feel healthier and one with the Earth" subliminal message everytime I go there. Don't get me wrong, the food there is generally good (their produce tastes way better than what's at Safeway), but it also costs a nice penny or two more. That pisses me off.

I guess I'm just jealous that I'm not as financially comfortable as all those yuppies who shop there and seem to be able to afford it easier. Or something.

Excuse me while I go check the logs on my brain's IDS...

Re: Sign Fail

Doc Rice — Thu, 20 Nov 2008 02:49:26 -0000

You should check out engrish.com.

Re: Insanely Fast Clip Change

Doc Rice — Fri, 17 Apr 2009 01:22:05 -0000

Clip, or magazine?

Re: Insanely Fast Clip Change

Doc Rice — Sat, 18 Apr 2009 01:10:51 -0000

I think you're referring to a tactical reload where you release a mag that still has ammunition in it, catch it with the other hand while inserting a new one, and pocketing / holstering the old mag. A combat reload is where you drop the mag and insert a fresh one as soon as the old one is out of the well.

Or, at least this is what I remember from a defensive pistol course I took a while back.

Re: It Really Doesn’t Get Old

Doc Rice — Sat, 18 Apr 2009 01:41:43 -0000

These are two of my favorite variants of the original:

http://www.youtube.com/watch?v=3GJOVPjhXMY
http://www.youtube.com/watch?v=3lIDRGOHI1E

Re: Prominent Infosec Personalities That Use OS X

Doc Rice — Sun, 19 Apr 2009 23:57:27 -0000

I can somewhat see why Joe Average IT Guy might not understand your choice in OS X, but I'm surprised you'd be questioned by infosec types. I touch OS X myself sometimes, but I'm more Windows / Linux focused for my tools given the kind of work I do. That said, I personally wouldn't hesitate to use OS X as my platform if I did mostly security work.

If you have to justify your use of a particular platform to someone, I'm not sure if merely stating that x other security pros diong the same thing is going to make a convincing statement because it's still somewhat vague. Especially for people doing security, it's probably more helpful to understand exact reasons rather than "because a bunch of other folks doing the same work likes it." I do some minor "security" work and I know I prefer specific answers rather than broad, generalized references that really don't clarify anything.

Maybe it's also because many people have the image of over-zealous Apple fanboys in their heads.

Re: Wireless: WPA2 Enterprise Integration With Active Directory 2008

Doc Rice — Mon, 15 Jun 2009 05:03:16 -0000

Good stuff. I did a similar write-up, although it's mostly based on Server 2003 and it covered PEAP, EAP-TLS, and PEAP-TLS.

http://wicked-styles.com/bitsandpieces/articles...

Re: Building a Virtual Server for the House

Doc Rice — Mon, 17 Mar 2008 20:28:56 -0000

Disk utilization is my common bottleneck. Windows has a lot of read / write operations going on all the time, especially when AV is installed.

In the end, I'd consider what kind of average load these VMs will run and what your expected responsiveness is. I'm assuming this is just for you, not for public services.

Re: The Best in Beatbox

Doc Rice — Tue, 01 Apr 2008 01:44:56 -0000

There are some who say that beat-boxing really should have been designated the fifth element of Hip-hop.

Re: Signing with Initials

Doc Rice — Sat, 31 May 2008 21:36:29 -0000

Re: Tired of Mincing Words

Doc Rice — Wed, 02 Jul 2008 19:48:43 -0000

Wait, wasn't the Earth flat back in those days?

Re: Why I Carry A Gun: A Personal Anecdote

Doc Rice — Tue, 22 Jul 2008 15:28:45 -0000

Re: George Carlin: Please Wake Up

Doc Rice — Tue, 30 Sep 2008 22:50:30 -0000

Re: Age and Health

Doc Rice — Sat, 04 Oct 2008 03:33:32 -0000

It's what happens when you stare at monitors one too many hours, a mistake I made a couple of decades ago with TV. I'm at the same age you're at and I'd better get on the LASIK pretty soon.

Re: Home Network Upgrades

Doc Rice — Fri, 17 Oct 2008 15:21:56 -0000

Re: The UNIX Configuration Rosetta Stone

Doc Rice — Mon, 27 Oct 2008 14:25:00 -0000

There's an older book called the Universal Command Guide which did the same thing. It doesn't seem like a newer edition is out though with more recent *nix info:

http://www.amazon.com/Universal-Command-Guide-Operating-Systems/dp/0764548336/ref=pdbbssr_1?ie=UTF8&s=books&qid=1225131802&sr=8-1

Re: A Crazy Idea Regarding the Obama Administration and Security

Doc Rice — Fri, 07 Nov 2008 02:31:28 -0000

Re: VMware Server 2.0 For Linux Doesn’t Have a “Send Ctrl-Alt-Del” Button

Doc Rice — Sat, 08 Nov 2008 17:08:44 -0000

ESXi, on the other hand, works quite well for free.

Re: The True American Divide

Doc Rice — Fri, 14 Nov 2008 14:32:49 -0000

I only quickly parsed through the article (I skipped a lot of it because I got the general idea)...

Relying too much on your sense of smell to guide you in life is eventually going to lead you into a trap.

Re: Whole Foods Elitism

Doc Rice — Tue, 18 Nov 2008 22:10:44 -0000

I guess I'm just jealous that I'm not as financially comfortable as all those yuppies who shop there and seem to be able to afford it easier. Or something.

Excuse me while I go check the logs on my brain's IDS...

Re: Sign Fail

Doc Rice — Thu, 20 Nov 2008 02:49:26 -0000

You should check out engrish.com.

Re: A Company to Watch

Doc Rice — Sat, 27 Jun 2009 21:00:54 -0000

But would one have to think in Russian?

(10 points if you know which movie I got that from...)

Re: Updated PGP Information

Doc Rice — Wed, 01 Jul 2009 19:18:10 -0000

My problem is that almost everyone I correspond with don't know what encryption is and wouldn't be bothered to use it even if they did. They probably figure that since their web-based mail interface is running with "the yellow lock icon," their messages are transmitted securely. Well, we know how that goes...

Re: Updated PGP Information

Doc Rice — Wed, 01 Jul 2009 20:44:24 -0000

I suspect the demand for its use isn't there simply because most people's e-conversation are 1) not deemed sensitive enough to require privacy, 2) Average Joe isn't going to understand the concept of signing especially if you try and relate what private / public keys are, and 3) folks probably expect e-mail messages to be already private, just like they expect phone conversations to be so, even if they somehow know that phone lines can be tapped because unlike physical messages (such as on paper) you can't "see" network transmissions unless you've heard of the term "packet sniffer."

This kind of rolls into the same thing with PKI. Many browsers (until recently) didn't do automatic CRL checks. Almost all users blindly click "accept" when they see a server certificate that's self-signed or signed by an untrusted authority. One could argue the old "user education" rhetoric, but the average person's expectation of security is grossly over-simplified when it comes to things like this to make it practical, IMO.

Re: X-Wing Close Call

Doc Rice — Wed, 30 Sep 2009 16:10:54 -0000

I guess this is the result of the ship slingshotting around the sun and traveling back in time from... Oh, wait. Wrong, show.