Saif Blog

Tip 1: Hackers cover their tracks. Experienced hackers cover them more thorougly, but amateur hackers sometimes leave things behind. Don’t expect them to leave any really big evidence behind; expect more of little things here and there you might find surprising. For example, if you’re writing a term paper and a black hat hacker accidently saved it when he took a paragraph out- that’s suspicious. Where did that paragraph go? Well, for one thing, now you know he was in that area. Check the folders surrounding the file- you might find something.
———— ——— ——— ——— -



Tip 2: Decipher between the type of hackers that are attacking you. Experienced hackers will have a more in depth look around when they penetrate your system. They won’t touch much because they know that that won’t add too much to their knowledge. But if you know a hacker’s been in, and some files are messed with, and you have a log of someone guessing passwords to a file or something of that sort, its probably some newbie who’s just starting out. These are the easiest hackers to catch. They usually get so caught up in thoughts like “I’m in!” that they forget the basics, such as work behind a proxy.
———— ——— ——— ——— -
My friend was setting up a webserver once. His first time too, and he wasn’t to anxious to set up some good software to protect against hackers and viruses. He didn’t put up one IDS, and before you know it, the obvious happened. But this time, a newbie had struck. The nice log files showed, bluntly across the screen, multiple instances of a foreign IP address that stood out. Some stupid newbie had tried to login as “uucp” on my friend’s XP computer, with a password of “uucp.” Well, that’s great, but he also had tried the same user/pass combination three times, enough to get himself logged nicely. Even a semi-brainless user with some form of neurological system knows that uucp isn’t a default XP account. Again, excitement toiled this hacker’s brain, and maybe if he hadn’t done that, along with a few other stupid things, he wouldn’t have gotten caught. What other things did he do? Well, lets see. He openned 35 instances of MS-DOS. He tried to clean the printer’s heads, and he edited a .gif in notepad. Then he uninstalled a few programs and installed some html editor, and replaced four files with the words “14P.”
———— ——— ——— ——— -
He might as well have posted his phone number. In a few days, we had tracked him down to a suburban town in Ohio. We let him go, not pressing any charges, because he had done nothing really damaging and had provided me with an example of a moron for this guide.
———— ——— ——— ——— -
Tip 3: Don’t go crazy if you lose data. Chances are, if it was that important, you would have backed it up anyway. Most hackers nowadays wish they were back in 1989 when they could use a Black Box and having a Rainbow Book actually meant something. Most hackers aren’t blackhat, they are whitehat, and some even greyhat. But in the end, most hackers that are in systems aren’t satisfied by looking around. From past experiences, I have concluded that many hackers like to remember where’ve they been. So, what do they do? They either press delete here and there, or copy some files onto their systems. Stupid hackers (yes, there are plenty of stupid hackers) send files to e-mail addresses. Some free email companies will give you the IP of a certain e-mail address’s user if you can prove that user has been notoriously hacking you. But most of the time, by the time you get the e-mail addy it’s been unused for weeks if not months or years, and services like hotmail have already deleted it.
———— ——— ——— ——— -
Tip 4: Save information! Any information that you get from a log file (proxy server IP, things like “14P”, e-mail addresses that things were sent to, etc.) should be saved to a floppy disk (they’re not floppy anymore, I wish I could get out of the habit of calling them that) incase there’s a next time. If you get another attack, from the same proxy, or with similar e-mail addresses (e.g: one says Blackjack 123 @something.whatever and the other says Black_jack_45 @something.znn. com) you can make an assumption that these hackers are the same people. In that case, it would probably be worth the effort to resolve the IP using the proxy and do a traceroute. Pressing charges is recommended if this is a repeat offender.
———— ——— ——— ——— -
Tip 5: Don’t be stupid. If you’ve been hacked, take security to the next level. Hackers do talk about people they’ve hacked and they do post IPs and e-mail addresses. Proof? Take a look at Defcon Conventions. I’ve never gone to one, but I’ve seen the photos. The “Wall of Shame”-type of boards I’ve seen have IPs and e-mail addresses written all over them in fat red, dry-erase ink. Don’t be the one to go searching the Defcon website and find your e-mail address posted on the Wall of Shame board!
———— ——— ——— ——— -
Tip 6: Don’t rely on luck. Chances are, sometime or another, you’re going to be targeted for an attack. Here you can rely on luck. Maybe they’ll forget? Maybe they don’t know how to do it? If you think this way, a surprise is going to hit your face very hard. Another way you could stupidly rely on luck is by saying this: It’s probably just a whitehat. On the contrary, my friend, it’s probably just a blackhat. A blackhat with knowledge stored in his head, ready to be used as an ax. It’s your data. You take the chance.

Gas Pumping Tips from someone in the Petroleum pipeline business!!

I’ve been in petroleum pipeline business for about 31 years, currently working for the Kinder-Morgan Pipeline here in San Jose, CA. We deliver about 4 million gallons in a 24-hour period from the pipe line; one day it’s diesel, the next day it’s jet fuel and gasoline. We have 34 storage tanks here with a total capacity of 16,800,000 gallons. Here are some tricks to help you get your money’s worth.


1. Fill up your car or truck in the morning when the temperature is still cool. Remember that all service stations have their storage tanks buried below ground; and the colder the ground, the denser the gasoline. When it gets warmer gasoline expands, so if you’re filling up in the afternoon or in the evening, what should be a gallon is not exactly a gallon. In the petroleum business, the specific gravity and temperature of the fuel (gasoline, diesel, jet fuel, ethanol and other petroleum products) are significant. Every truckload that we load is temperature- compensated so that the indicated gallonage is actually the amount pumped. A one-degree rise in temperature is a big deal for businesses, but service stations don’t have temperature compensation at their pumps.

2. If a tanker truck is filling the station’s tank at the time you want to buy gas, do not fill up; most likely dirt and sludge in the tank is being stirred up when gas is being delivered, and you might be transferring that dirt from the bottom of their tank into your car’s tank.

3. Fill up when your gas tank is half-full (or half-empty), because the more gas you have in your tank the less air there is and gasoline evaporates rapidly, especially when it’s warm. (Gasoline storage tanks have an internal floating ‘roof’ membrane to act as a barrier between the gas and the atmosphere, thereby minimizing evaporation) .

4. If you look at the trigger you’ll see that it has three delivery settings: slow, medium and high. When you’re filling up do not squeeze the trigger of the nozzle to the high setting. You should be pumping at the slow setting, thereby minimizing vapors created while you are pumping. Hoses at the pump are corrugated; the corrugations act as a return path for vapor recovery from gas that already has been metered. If you are pumping at the high setting, the agitated gasoline contains more vapor, which is being sucked back into the underground tank so you’re getting less gas for your money.

Hope this will help ease your ‘pain at the pump’!!!

An interesting article on USA’s Spending, written by an Indian Economist:

Japanese save a lot. They do not spend much. Also Japan exports far more than it imports. Has an annual trade surplus of over $100 billions. Yet Japanese economy is considered weak, even collapsing.
Americans spend, save little. Also US imports more than it exports. Has an annual trade deficit of over $400 billion. Yet, the American economy is considered strong and trusted to get stronger.


But where from do Americans get money to spend?
They borrow from Japan, China and even India. Virtually others save for the US to spend. Global savings are mostly invested in US, in dollars.
India itself keeps its foreign currency assets of over $50 billions in US securities. China has sunk over $160 billion in US securities. Japan’s stakes in US securities is in trillions.

Result:

The US has taken over $5 trillion from the world. So, as the world saves for the US, Americans spend freely. Today, to keep the US consumption going, that is for the US economy to work, other countries have to remit $180 billion every quarter, which is $2 billion a day, to the US!

Otherwise the US economy would go for a six. So will the global economy.
The result will be no different if US consumers begin consuming less.

A Chinese economist asked a neat question. Who has invested more, US in China, or China in US? The US has invested in China less than half of what China has invested in US. The same is the case with India. We have invested in US over $50 billion. But the US has invested less than $20 billion in India.

Why the world is after US?

The secret lies in the American spending, that they hardly save. In fact they use their credit cards to spend their future income. That the US spends is what makes it attractive to export to the US. So US imports more than what it exports year after year.

The result:

The world is dependent on US consumption for its growth. By its deepening culture of consumption, the US has habituated the world to feed on US consumption. But as the US needs money to finance its consumption, the world provides the money. It’s like a shopkeeper providing the money to a customer so that the customer keeps buying from the shop. If the customer will not buy, the shop won’t have business, unless the shopkeeper funds him. The US is like the lucky customer. And the world is like the helpless shopkeeper financier.

Who is America’s biggest shopkeeper financier? Japan of course. Yet it’s Japan which is regarded as weak. Modern economists complain that Japanese do not spend, so they do not grow. To force the Japanese to spend, the Japanese government exerted it self, reduced the savings rates, even charged the savers. Even then the Japanese did not spend (habits don’t change, even with taxes, do they?). Their traditional postal savings alone is over$1.2 trillions, about three times the Indian GDP. Thus, savings, far from being the strength of Japan, has become its pain.

Hence, what is the lesson?

That is, a nation cannot grow unless the people spend, not save. Not just spend, but borrow and spend. Dr. Jagdish Bhagwati, the famous Indian-born economist in the US, told Manmohan Singh that Indians wastefully save. Ask them to spend, on imported cars and, seriously, even on cosmetics! This will put India on a growth curve. “Saving is sin, and spending is virtue.”

Before you follow this neo economics, get some fools to save so that you can borrow from them and spend.

The bottled water industry is global in nature. But it is designed to sell the same product to two completely different markets: one water-rich and the other water-scarce. The question is if this industry will have different outcomes in these two worlds? Or will we, for two opposite reasons, agree that their business costs us the earth and that it is not good for us?In the water- and economically-rich world, the bubble is bursting. Last month, San Francisco’s mayor banned the use of bottled water in government buildings, incriminating billions of disposed plastic bottles that filled landfills in the US state. In the US, a staggering 60 million plastic bottles are thrown away each day, a minuscule proportion of them are recycled. Greenhouse gas emission from trucks which transported the bottles across the state — and often across countries — was also cited as a reason for the ban.


But equally importantly, the mayor stressed that his city’s municipal water came from pristine sources inside a national park. This was as good, if not better than bottled water sold by companies, he said.

He is not alone. Last year, Salt Lake City’s mayor asked public employees to stop supplying bottled water at official events. And now New York has launched a $1 million campaign to encourage people to drink its famously clean public water. Another slap has come from top-notch restaurants, who in reverse snobbery, are refusing to serve bottled water. Only tap water makes it to their expensive menus.

But the worst is coming. Last week, junk food giant Pepsi was forced to admit in the US that its brand of bottled water, Aquafina, is nothing more than tap water. Under pressure, it has even agreed to label its bottles to say precisely this.

The bottled water industry is in damage control mode. But I believe that this scream could easily become a shout as people realise the environmental cost of this product and more importantly, they see the sheer stupidity of paying hugely for something that is readily available.

In our world too, the bottled water industry is growing big time. The demand has increased from 2 million cases in 1990 to an estimated 68 million cases by 2006. But in India, bottled water is growing as an item of necessity: private industry is meeting the drinking water demand left increasingly unfulfilled by public utilities. In most cases, people are paying prices that they cannot afford to because they have no alternative source of clean drinking water.

In India, this water does not come from municipal taps. It comes instead from groundwater that invariably is also used by villagers. Companies simply drill a hole in the ground, pump and clean (sometimes) the water before bottling and then transport it to cities. Simply put, this is the privatisation of drinking water.

The only real cost in this business is the container — plastic bottle and the cost of transportation. The fact is that bottled water is no different from water that should come from our taps. The only difference is that it is packed in plastic and not conveyed in pipelines. But while the rich in India can afford to buy and drink bottled water, the poor cannot. In other words, the rich have the choice and they opt out of the failing municipal systems.

However, what is not said is that water systems in India are failing because the rich in the country, those who can afford bottled water, are still supplied water at tenth of what it costs the municipality. Worse, our wastewater is conveyed and pumped from our homes and even treated (at times). None of this cost is recovered. In other words, it is our subsidy which is leading to poorer and poorer delivery from water agencies. It is we, who have options to drink bottled water, who are failing the system.

I am not even talking here of the mountains of plastic waste of this industry, which we use but don’t pay for. I am talking here of the imperative that we should fix water for all in all taps. Water in bottles costs the earth everywhere.

A business executive was deep in debt and could see no way out.
Creditors were closing in on him. Suppliers were demanding payment. He sat on the park bench, head in hands, wondering if anything could save his company from bankruptcy.

Suddenly an old man appeared before him. “I can see that something is troubling you,” he said.


After listening to the executive's woes, the old man said, "I believe I can help you."