Of Trojan Horses, chatty devices, and Wireshark, part 1

One of the things that bugs me is wondering if at night some trojan horse on my mac is sending all my data to some Eastern Bloc hacker while I am sleeping. It strikes me that the best tool to look into this is the free network sniffer program, Wireshark. I also got a managed gigabit switch with port mirroring ($130) so I can see that the other computers in the home network are sending out into the world when we aren’t looking.

My router/firewall is configured for stealth mode, which means it will not respond to pings from outside, and it has stateful packet inspection. I am pretty confident that nobody can get in from the internet, except maybe for some back-door that the federal government secretly forced vendors to install on all routers… The only internet traffic allowed in the firewall is that which is part of an exchange initiated from the local network.

So I bring up Wireshark. First thing I notice is that the router is constantly broadcasting arps for non-existent IP addresses on the local network. I am wondering if this is the result of some internet traffic getting in, or maybe a bug in the router program. Also I wonder what sort of arp cache it has as it arps existing addresses every second or so as well. There is no router setting about how long the arp cache entries are kept, so nothing to be done.

I get a new router, and this seems a bit less chatty, at least in the arp department. Then I notice the router is emitting STP broadcasts. How cute, my 4 port switch on the back of the router wants to have a spanning tree protocol root bridge election. Just for the fun of it, I log into the managed switch and enable STP. By the time I get back to the Wireshark window, the STP broadcasts have stopped, so the switches must have already had their election.

Now the mac (mavericks) is constantly emitting broadcasts for things like network printers and other discovery protocols. As is too often the case with OSX, there is no user interface to shut these things off, and one has to fire up VI and turn off some daemons. Not a priority right now and I am not eager to delve into FreeBSD network configuration.

At this point, I am looking at a well behaved mac, chatty with its broadcasts, but nothing leaving the lan. Then I bring up Safari… Now I am seeing all sorts of TCP misbehavior with the outside world. TCP conversations initiated on the mac and going to ip addresses located in Ireland and various soviet countries. Packets are highlighted in red indicating protocol misbehavior such as out of sequence acks, and uncompleted TCP handshakes. Wireshark has no way of knowing what processes running on the mac are initiating network traffic, but I notice it goes away when Safari closes. I look at Safari a bit and see some sort of uninvited Safari extension has been installed.

I purchased some backup software online, and apparently the vendor was in the hacker’s paradise in Russia and Eastern Bloc countries–I learned after I made payment. I guess installing the program, which of course required administrator privileges to install, put its own little trojan horse in my browsers. I make a note to look for other inappropriate things this install may have slipped under the covers.

Once I deleted the Safari extension, the interior of the mac appeared to transmit nothing but the usual chatty local discovery broadcasts I mentioned before. Not a bad catch for the first couple of times I cast the net for Trojan Horses…


Inflation in ancient Rome

My view of human nature, and behavior in groups and governments, is that it has changed little over the last few thousand years. Perhaps less barbaric in the last few hundred years, but the dynamics are basically the same. The advance of technology makes dramatic changes in the appearance of things, and the fallacious view currently held that human progress inevitably advances can distract from what I consider underlying common threads.

Machiavelli’s Prince, published in 1532, provides political advice to a prince in a monarchical setting. Yet the advice he gives, which some decry as horribly cynical, is in most respects the same sorts of things things that help a politician get elected in 21st century America, a nominally democratic form of government. For instance Machiavelli advises the prince to attend church in a public manner to assure the populous that he shares their beliefs and is devout.

Swift published Gulliver’s Travels in 1726, and his wry and dark satire portrays human vanities and vices that we can easily recognize in our contemporary world, with some political commentary that again translates easily from a monarchy to our own democracy. In one journey he even goes so far as to satirize academic types who are proud to have developed things that are patently useless such as hairless sheep.

Given the notion that human and governmental behavior has evolved little, if at all, over the centuries, it follows that a familiarity with history can prove instructive when one takes today’s world and attempts to predict future developments. One such category of prediction is the notion, advanced by adherents to the Austrian School of economics, of which I am one, is that when governments control currency, they inevitably enrich themselves by debasing the currency–often in order to finance foreign wars. In older times, when currency consisted of precious metal coinage, governments would direct their mints to dilute the precious metal content of the coins, or reduce their diameter while maintaining the face value of said coins. When the public recognized this and hoarded the older more valuable coins, the government would attempt to confiscate said coins and make it illegal for the public to possess them.

Fast forward a few hundred years, and President Franklin Roosevelt, in 1933, criminalized the possession of gold coin. In 1971, President Nixon formally severed any link between the value of the dollar and underlying stores of gold to back up its value. This set the stage for the inflation of the 1970s which continues unabated.

Given these thoughts, I found the following article of interest. There is no consensus view that the causes of the decline and fall of the Roman Empire are accurately known, but the currency side of things has not been much discussed, so I commend you to this interesting discussion:


The Making of Whole Lotta Love

I was interested to read some studio/production stuff about the making of Led Zeppelin’s Whole Lotta Love. I was surprised to learn that the pre-echo of Plant’s a capella parts (‘Way down inside…’) was not a brilliant idea, but rather an artifact of print-through or cross-talk on the magnetic tape.

I noted that this was another track where Jimmy recorded the drums by placing them in a large reverberant room and miking them with essentially a stereo pair. He also did this to get the great drum sound on The Levee Song. Most engineers and producers close mike the individual drums and toy with the mix to get the sound they want. I think Page’s approach sounds better.

I was also interesting to read how Jimmy Page disfavored releasing singles, and intentionally produced songs that would be hard to cut up into singles.

The Wall Street Journal: The Making of Whole Lotta Love

Living the Dream

When I was young, I had many dreams and few achievements. Now I have many achievements and few dreams, and I wonder if I am truly the richer for it.

Member of Motown House Band

Robert Willie White, member of the Motown house band.

Many years after Bob Willie White was a member of the Motown house band, playing guitar on songs that sold tens or hundreds of millions of records, Bob and some friends were having dinner at a restaurant in LA, and on the movie ‘Standing in the Shadows of Motown’ one of his friends related the following tale:

While the waiter was taking their order the song ‘Ive Got Sunshine’ began playing. After the waiter left, Bob White said he almost told the waiter that he was the guitarist who played those opening notes, but he just couldn’t quite bring himself to do it. His friend ruefully observed that Bob still didn’t recognize his supreme accomplishments as a musician, he still wasn’t Living the Dream…

Those words resonated with me and I have thought about Bob’s timidity many times in the years since I watched that movie. The words ‘Not Living the Dream’ became a metaphor in my mind for the notion of being successful but not feeling successful. But then there is the more difficult question: How does one address this, how does one ‘Live the Dream’? I don’t think its an invitation to boorish bragging or a sense of elitism.

Many understand the importance of respecting all people. And many know that being modest, or at least appearing modest, is an essential social skill. In addition, doesn’t a sense of failing in one’s duties have an important place in the scheme of things? Shouldn’t those who shirk their responsibilities out of laziness, or excessive self-indulgence, feel some heat? Shouldn’t they kick themselves in the butt, cowboy up, or whatever it takes, and start doing their part? Absolutely.

But what if one has a sense of unease caused by the feeling that one has come up short, and that the apparent cure for this unease is to drive one’s self harder, to take more risks, to embrace stress? What if one’s sense of insufficient success is in fact impervious to achievement, making life a difficult and narrow-minded journey with an ever-receding Shangri La just over the next hill? I take no pleasure in acknowledging that this mode of thinking is not entirely unfamiliar to me, and reflecting on a life lived this way can be a grim exercise.

So what is Living the Dream? Another ever-receding Happyland? I hope not. Surely its something that must be done in the moment if it is to be done at all. I encourage my sons to Live The Dream, to feel their success and know that at any given moment they are more than I could have ever hoped they would be. I came to this place late as a father and as a man.

I reflect a lot on Tennyson’s poem Ulysses–a warrior’s defiant howl in the face of mortality. And now I wonder: is Ulysses driven by an implacable inner master to ever greater conquests, or is he thirsting to drink in the glory of the moment, an exhilarating joy of adventure?

for my purpose holds
To sail beyond the sunset, and the baths
Of all the western stars, until I die.
It may be that the gulfs will wash us down:
It may be we shall touch the Happy Isles,
And see the great Achilles, whom we knew.

I hope and believe it is the latter. I seek that my own journeys be embraced with a joyful and eager heart, that I in spirit may smite the sounding furrows at Ulysses side. That is The Dream.

WordPress love and hate

I have had a website for 14 years as of 2014. I got the URL and created the website primarily to host my essay ‘The Remarkable Criminal Financial Career of Charles Ponzi’. Initially I coded it myself using html and css. It wasn’t very striking, but it was functional for many years. Occasionally I would spruce up the visuals a bit, and at for a few years, I used it to sell a piece of software I wrote which tuned computers for more efficient recording of music. I have always had in the back of my mind a to-do to clean it up a bit.

A few years ago, I decided to add a blog, and did so with wordpress. Recently I both tired of html coding and became aware that wordpress could be configured to host an entire website in a convenient manner, and resolved to convert my site over to a blog only. My initial wordpress install was in a subdirectory named blog, as is required for this software. To convert my entire site over, I needed to have any accesses to www.mark-knutson.com go directly to the blog.

This is where things got hairy. Despite its widespread acceptance and support, wordpress is internally hard-coded to the initial url you give it when you install the software. There is no elegant, supported, way of changing this. There are many articles on the web about various approaches to resolving this, all involving getting under the hood of wordpress–the database data, php code, and webserver configuration files. I initially switched my website domain to point directly to the blog subdirectory, but this broke the wordpress installation as it was looking for the blog subdirectory reference. I edited data in the database and for a while it looked like things were all set.

Then I noticed that on other browsers, my website showed as nothing more than a blank white screen. Apparently this is a common problem with wordpress, and hours of googling presented no sure answers, only various things to try. My efforts to resolve this became a fiasco, and I ended up learning how to back up and restore my database and various other programming-type tasks that I had hoped to avoid learning about when I picked a mature purportedly easy to use blog software.

After a couple of late evenings and early mornings, I think I do have it working this time. Ultimately I found three lines of code to paste in an apache webserver configuration file which took care of everything.

So, nice software, a bit fragile in the face of foreseeable environment changes, though. Hopefully I can use it more and fix it less going forward.