-
03-13-2008
I had some free time the other day while sitting at my desk at home,
so I continued on my never ending quest to KCA certify every web application
I come across so that I can legally use it on our network here :-P
The application this time was dokuwiki, and I was successful! KCA cert
based authentication plugin is ready to go.
Technically this plugin can work with any certificate, you just need to
modify the .htaccess file to suit your site.
-
01-15-2008
Ok, so I haven't gone missing, I just haven't written anything here for
a long time because nothing I've been doing would be considered relevant
to the outside world.
Someone asked me when a new version of nessquik would be available. Honestly,
I don't know. It'll be ready when it's ready. I added a Pidgen on SLF 4 tutorial
in the tutorials section.
-
10-25-2007
I just posted nessquik 2.5.1, a bugfix release, on the left hand side
of the page. It fixes some pretty serious bugs imho. Many thanks to Andy
and Joe for helping find and fix these bugs.
When upgrading, be sure to backup your nessquik-client config file and
then blow away your old nessquik-client code, replacing it with the new code
-
09-21-2007
I felt like being generous today so I fixed an open bug in the PEAR
Date package, but the Pear website is massively broken and wont let
me create an account or even log in with my existing account. Since
I'm not anticipating anyone is actually going to help me out (even
though I've asked) I'm providing the fixed file to the left under
my code section.
The supplied TimeZone.php file fixes bug #10349 and #11682 in the PEAR Date package.
Download it here and replace your existing one.
As I fix more bugs I will update the files on this page
-
09-15-2007
In my free time I'm refactoring some of the nessquik code. I don't have
an ETA for 2.5.1 but when it does role, it will be a bugfix and refactoring
release. I'm also adding some small features to it in preparation for 2.6
feature requests.
Part of the refactoring process has been the creation of my modified PEAR Date
class which you may have seen to the left. Well tonight I finished a new addition
to the codebase that came as a result of refactoring; watermark.js. It's a port
of a similarly named piece of code that I found through Ajax Rain. The original
code was a jquery plugin though and I only use Prototype. My port is for Prototype.
As with all the code that I post on this area of webspace, you're free to take it
and use either it or the PEAR Date code as you wish. Drop me a line if you find it
helpful.
-
09-06-2007
I've posted my gpg public key there on the left under the other
section.
-
09-04-2007
More videos for SAD have been posted. I also posted a tutorial on how
to use vpnc to get around Datacom's mandate of using the Cisco VPN
client software. Tutorial is under the appropriate section.
Have fun
-
08-29-2007
NetIDMgr videos for use at SAD (Security Awareness Day) have been posted
-
08-21-2007
As part of another in-house app I was writing, I needed to modify the
PEAR Date classes to add some needed functionality. I've included the
code and the added functionality under the code section on the
left side of the page.
Lemme know if you find it useful. Thanks.
-
07-06-2007
Geez, where does the time go. nessquik 2.5 is out the door. I'm sick
of hanging onto it any longer. This release is huge because of the
number of enhancements and fixes that have gone into it. The changelog
really doesn't do justice to the release.
If you run into any problems upgrading or installing the software, don't
hesitate to contact me. Remember that it requires PHP 5 though.
Also feel free to use the mailing lists and bugtracker provided on sourceforge
or google code. I still accept PM's from people too so if you're not a mailing
list type of person, just send me a personal email; my address is to the left.
Time permitting, I'll be adding more videos related to 2.5. I'm kinda swamped
with other coding atm though so it may be a while.
As always, I'd like to hear about your experience using 2.5. If you've got the time,
drop me an email.
-
05-31-2007
Created a new OpenAFS deb package for the new Feisty kernel. Enjoy
-
05-25-2007
I'm in the process of registering with a number of code places
like Google Code and Sourceforge in the hopes of getting better
and more feedback. Sourcecode will also be put on these services,
but development will not take place primarily on these services.
I'll probably do a daily sync between our own subversion server
and the public ones.
Here are the links to the hosted projects at this time
Google Code
http://code.google.com/p/nessquik/
Sourceforge
http://sourceforge.net/projects/nessquik/
Use of either service is encouraged. Mailing lists will be made
available when the Sourceforge one is ready.
-
05-22-2007
nessquik 2.5 beta3 is available. Among other things there's
a fix for the monthly recursion because of a very bad bug
that was pointed out to me.
-
05-08-2007
botcheck 2.5 is available. Get it if you want it. Report
any bugs that you find.
-
04-27-2007
nessquik 2.5 beta2 is available. Get it and test it. Report
bugs you find.
-
04-22-2007
Cisco VPN client doesn't compile on Feisty Fawn because of the
newer kernel. I found a patch online that gets it working though.
Get it here
On another note, a second beta of nessquik 2.5 will be available
this week. As will a new version of the botcheck code.
-
04-20-2007
Feisty Fawn came out yesterday and I wanted to see how it would
fare on the network here. The only thing that really threw me
for a loop was that there was no OpenAFS binary kernel module.
So I built one. See the link on the left. I'll do my best to
keep it updated as new kernels are released.
-
04-05-2007
Posted the presentations I gave at SysAdmin Roundtable (04/2007)
so that anyone interested can re-read/watch them. They're to the
left under presentations and videos.
-
04-04-2007
Screenshots of portscan-me-now are available on the 2.5beta*
page near the bottom. A second beta is forthcoming but lately
I've been busy at work with other things. I'll post it when
it's available.
-
03-17-2007
nessquik 2.5 beta 1 is available for download. Give me some
time to finish uploading screenshots, videos, notes, etc. I'm
at the Regional CCDC Computer Security competition this week
and won't have much time to be putz'n with nessquik.
Downloads are to your left as well as a partial list of screenshots.
Note that if you download just the 'nessquik' link, you'll also
get scan-me-now, portscan-me-now, and the nessquik client. Only
the nessquik-client is needed by nessquik. The other's are
optional software that you can install at your convenience. They
will gradually become more integrated with nessquik as time
progresses.
scan-me-now is a "point and shoot" Nessus scan tool that
you can offer to end users which lets them only scan the
device they are coming from.
portscan-me-now is a "point and shoot" nmap scan tool that
you can offer to end users which lets them only run a portscan
against the device they are coming from.
Please test and report bugs as you find them. More beta releases
will be coming until I feel more at ease with the code.
-
03-02-2007
So some good news and some bad news. The good news is that
nessquik 2.5 is ready for beta testing to the general public.
The bad news is that I've had to retract my initial promise that
2.5 wouldn't require PHP 5.
well...
2.5 requires PHP 5
After I had finished 2.5 Fermi and had ported the code to
2.5 General, I installed it on my PHP 4 machine and found that
I had used quite a bit of PHP5-isms accidentally. Well, too
late to go back now.
I may be alienating some people here but I don't have the
cycles available to fix it, and since 2.6 will require PHP 5
anyway, this just gives you more reason to upgrade now.
-
02-14-2007
botcheck about page and download added. Send me
feedback on how you use it. It keeps me motivated and it helps
keep upper management happy. Proves that I actually do work :-)
-
02-13-2007
Feature-wise, nessquik 2.5 (fermi) is finished. We'll beta test
it until the end of the month.
Beginning of next month I'll be bringing nessquik 2.5 (general) up
to date. In 2.6, user authentication code will be added. I expect
this will shorten the interval between Fermi and general releases,
as up until that point the biggest pain in the neck is ripping out
all the Fermi specific code (that largely has to do with the fact that
we have a user accounts system in nessquik)
So I should also mention that 2.6 will require PHP 5. I'll include
configuration suggestions with 2.6 in case you're in the position
(as I am) where you have to compile it from source. I base all my
suggestions off of Scientific Linux Fermi 4.x which is a recompile
of RHEL4. I'll welcome any other suggestions sent to me by people
who use nessquik on other distros.
Thanks everyone for your emails and interest in nessquik. If you're
up for beta testing 2.5, I can point you to a tarball when I am
satisfied it's ready for testing. I don't have a mailing list available
so just send me an email. My address is under one of the nessquik
bullets to the left.
-
02-07-2007:
Added a video for my suggested "proper" Azureus configuration to
prevent autoblocker from picking you up.
I'm shootin for the end of February to have Fermi's nessquik 2.5 ready.
After that, I'll need to make the necessary changes to the code
for the general release.
-
01-23-2007:
A demonstration video on how to schedule a simple scan
using nessquik 2.0 is available to the left.
Speaking of the software, the Fermi version is very close to being
ready for beta testing.
-
01-11-2007:
Several people have emailed me with particular
problems that are showing up in PHP 5; lemme explain.
nessquik has this file called compat.php. It provides throwing
and catching functions that I use in my database classes. These
database classes were taken from another pile of code I wrote
some time ago that required PHP 5.
I didnt want to change the way these database files worked
because I was already familiar with the way they generated
errors that I use when debugging.
Problem 1: PHP 5 and nessquik
PHP 5 already has a throw method and chokes when it tries to load
this file. I forgot to add checks for PHP 5 to all the files that
include the compat.php file.
Solution 1: PHP 5 and nessquik
If you open up, for example, the file scripts/scan-maker.php, you'll
see this at the top of the file.
require_once('../confs/config-inc.php');
require_once(_ABSPATH.'/lib/compat.php');
require_once(_ABSPATH.'/lib/functions.php');
To fix said problem, change these lines to resemble the following
require_once('../confs/config-inc.php');
if (!_PHP5)
require_once(_ABSPATH.'/lib/compat.php');
require_once(_ABSPATH.'/lib/functions.php');
In addition to that problem though, another issue was raised on
some ubuntu systems that install php-mysqli instead of php-mysql
(notice the extra 'i').
Problem 2: mysqli and nessquik
This is a PHP 5 only package. nessquik does not support
mysqli directly because the author (me) wasn't even aware the
library existed.
Solution 2: mysqli and nessquik
I've added a mysqli database layer in nessquik 2.5 so this problem
will go away when 2.5 comes out.
This is probably a good time to point out though that when Scientific
Linux 5 is released, support for PHP 4 will quickly fade to black.
Please, if you can upgrade through your distribution, please consider
doing so, or else you'll be stuck with lesser versions of nessquik.
-
12-12-2006:
added a roadmap for the next release of nessquik
-
11-29-2006:
nessquik development is moving forward post the 2.0 release.
I've got a list of features that need to be added that's a mile long.
Suffice to say, next release feels like a 2.5 release.
It has a new look, and lets you do so much more that frankly it's silly.
If you've shyed away from the 1.0 or 2.0 releases because it's missing
one thing or another, shame on you. 2.5 will cure your angst though.
I expect it's going to take me at least 3 months to finish the next version
of nessquik. In the meantime feel free to download versions of nessquik
available here.
Note that with each new release I will no longer support old releases. cmon
though, if you really want to continue to use antiquated versions, don't you
think you should check your head? New versions are more stable anyways.