Thursday, November 07, 2002

First Night and Day Home with Hanna Ruth Google Search It Well, last night was not particularly fun.  Elisabeth was up most of the night feeding constantly and I was awake for quite a bit of the time too.  In the end we agreed that she would be sure that Hanna was fed and then I would take over.  This happened at about 4 or 5 AM (I can't remember which now).  I eventually quieted her down.  I put her in bed but by the time I reached my bed she was screaming again.  I got her up and we came down and I worked a wee little on the computer with her sitting on my chest.  Today she has been great.  Talk about following Baby Wise.  Hanna pretty much went by her own 3 hour schedule today with the exception that one time she didn't spend any time awake but instead went from feeding to sleeping to feeding.  It is now 11 PM and she last fed at 7 PM so she is going on 4 hours at this point.  She has been really cute.  The thing I have enjoyed most is having her sleep on my chest while I work on the computer.  There is just nothing like it. Benjamin has been pretty great too.  Perhaps he has acted up more than normal but I think this is totally understandable.  As we expected he is sometimes more helpful than is truly helpful bet even this has been minimal.  Several times today he had Hanna on his lap and he liked that.  He has no concept that she is a person rather than a thing (based on the way he handles her sometimes) but for the most part he tries to be very gentle and take care of everything that is out of place such as when her hat falls of or she whimpers. P.S.  We have intentionally decided not to follow Baby Wise the first week and perhaps even the second week.  I suspect this is consistent with the Baby Wise recommendation but regardless, we are taking things as the comes in terms of feedings and sleepings etc. 10:59:17 PM   []    comment []

New Box Car Ramp Google Search It Today Benjamin and I took a couple pieces of hard cardboard (they were were wrapped around the new blinds we purchased for the childrens rooms) and sent box cars down them onto the kitchen floor.  We had great fun.  After a while we made a tunnel and sent the cars zooming through that.  He burst out laughing when he put the cars into the out end of the tunnel and then lifted it up so that the car zoomed back and hit me in the tummy.  He thought this was the greatest. 10:46:28 PM   []    comment []

Today I purchased a Canon PowerShot S40 Digital Camera Google Search It Today I purchased a new digital camera.  The camera chosen was the Canon PowerShot S40 and I purchased it from Tristate Camera for $428.99 and another $34.69 for shipping 2nd day air.  I spent quite a bit of time researching what I wanted and it came down to the following criteria: Small size such that I can carry it to work on a daily basis and take it on business trips.  (Note that I ride my bike to work and already have to carry my laptop and a change of clothes.) 3X optical zoom.  (Digital zoom is a joke as one can always do this with there computer. 3 Mega-pixel minimum This is an interim digital camera purchase until the prisms get introduced into consumer cameras.  (The prisms are placed between the CCD sensors and the lens so as to reduce the amount of light lost via the color filters on each CCD.) Although there is obviously a ton of options out there I decided to limit myself to Canon digital cameras for their lens quality and reputation.  After making that decision I narrowed the search down to the S230, S40, G2 and G3.  The advantage of the G3 over the G2 was the 4X optical zoom rather than the 3X.  The price difference was over $200 and I couldn't justify the additional cost.  The G2 seems perfect except for two things.  (a)  It would be my long term choice for a camera once the prism was added, but more significantly,  (b) the size is not conducive to an everyday camera that I could carry with me where ever I go.  This leaves me with the S230 and S40.  Of these I simply loved the size of the S230.  I so badly wish they had this with a 3X zoom rather than the 2X.  This would have been all I needed to sink my money into the S230 rather than the S40.  The S230 metal case construction is great for durability and it really had everything else I was looking for.  In the end, however, I couldn't give up the extra zoom and my wife I think would prefer a slightly bigger camera anyway so I went the middle road between the G2 and the S230 and purchased the S40 (see reviews here and here). By the way, I was most grateful for camera reviews on the following sites: Digital Photography Review Fantastic!  This is a great site and should not be missed when searching for a new camera.  I recently signed up for their newsletter too. Next came ZDNet's Digital Camera SuperCenter This site was not as detailed as the previous but it is great for getting an overview and narrowing down your search.  For the items at the Digital Photography Review site that did not have full reviews it was actually better. A good introduction on buying a digital camera and what to look for can be found on PC Magazine's Digital Camera Buying Guide or general Digital Camera Product Guide. Last of course you can check out Canon's PowerShot comparison but this was the least helpful of them all.  The web page UI was cool, however.  This is the second site I have found that support drag-and-drop.  (Microsoft Exchange 2000's Outlook Web Access is the other)   10:12:20 PM   []    comment []

New Spammer Detection Techniques Google Search It The November 6th, 2002 edition of the Security Update from WinNet magazine had a great summary of some of the most recent email spam counter efforts.  I have quoted the relevant portions of the email here.  To subscribe check out Security Update. * ANTISPAM HONEYPOTS GIVE SPAMMERS HEADACHES Filtering spam is a good idea, but keeping filtering rules up-to-date without eliminating legitimate email traffic takes skill and effort. In addition to using mail filter software, you can fight spam in other ways, such as by using an antispam honeypot. As you know, honeypots are traps or decoys that deliberately lure intruders to help prevent unwanted activity against network sources. Honeypots also gather forensic evidence, thereby helping us better understand intruder methodologies. Other Windows & .NET Magazine authors and I have written about various types of honeypots in use today. You can find links to honeypot-related articles at the URLs below: http://www.secadministrator.com/articles/index.cfm?articleid=26114 http://www.secadministrator.com/articles/index.cfm?articleid=25679 http://www.secadministrator.com/articles/index.cfm?articleid=22911 http://search.winnetmag.com/query.html?col=secadmin&;qt=honeypot Last week, Security UPDATE reader Brad Spencer brought antispam honeypots to my attention. Antispam honeypots are services that pose as legitimate mail servers to thwart spammers. Spencer, who runs an antispam honeypot (see the first URL below), described to me what antispam honeypots do, how they operate, and where you can get one or find out how to build one. According to Spencer, the real heroes of this technology are Michael Tokarev, who operated an antispam honeypot in Russia (see the second URL below) and Jack Cleaver, whose program you'll read more about in a moment. http://fightrelayspam.homestead.com http://www.corpit.ru/cgi-bin/h0n5yp0t An antispam honeypot operation first detects potential spammers, then thwarts their efforts to send spam through the mail server. Spammers often use mail systems that allow open mail relaying to deliver spam. An open relay lets anyone use the mail server to deliver email messages to anyone else, which is a spammer's dream. In the past, people offered open relays as a courtesy to Internet users to help facilitate easy email delivery. Now, operating an open relay will eventually land your mail server on a blacklist that might prevent legitimate email from arriving at your system. For more information about blacklists, visit the Mail Abuse Prevention System (MAPS) Web site at the URL below. http://west1.mail-abuse.org Typically, spammers test a mail server for open relaying by simply sending themselves an email message. If the spammer receives the email message, the mail server obviously allows open relaying. Honeypot operators, however, can use the relay test to thwart spammers. The honeypot catches the relay test email message, returns the test email message, and subsequently blocks all other email messages from that spammer. Spammers continue to use the antispam honeypot for spamming, but the spam is never delivered. Meanwhile, the honeypot operator can notify spammers' ISPs and have their Internet accounts canceled. If honeypot operators detect spammers who use open-proxy servers, they can also notify the proxy server operator to lock down the server to prevent further misuse. If enough users take time to operate antispam honeypots and contact ISPs and open-proxy server operators, they'll systematically make spamming more difficult. Spencer believes that eventually spammers will find it so hard to distinguish honeypots from actual open relays that at least some of them might quit such activities altogether. Two tools that can help you set up and run an antispam honeypot are a Windows-based version of Sendmail (see the first URL below) specifically configured as a honeypot and Cleaver's Jackpot Mailswerver program (see the second URL below). Jackpot is written in Java and runs on any system that supports the Java platform. http://www.sendmail.com http://jackpot.uk.net Spencer uses a UNIX-based version of Sendmail to operate his antispam honeypot. (I haven't used the Windows version recently but assume that it's still a direct port that works well.) Spencer details his configuration methods for using Sendmail on his related Web page. Spencer also describes what happens when you operate Sendmail as he does and what to do when Sendmail traps a potential spammer's message. Jackpot is an SMTP mail server that prevents spam delivery and saves mail traffic information for evidence and research. Jackpot also creates Web-based reports that simplify analysis and tracking. Cleaver writes, "Jackpot saves full details of all spam mail submitted to it as a collection of web-pages. The information is organized into lists, with messages sent from a given host grouped on a page. Jackpot tries to gather some information about the host that sent the spam ... [it also checks to see] if the source [of potential spam] is a known open-proxy or a [known spam operation and uses sources such as] abuse.net to see whether there's a registered [mail] abuse address for the host." Spencer mentions two additional resources that can help thwart spam: SpamNet and Distributed Checksum Clearinghouse (DCC). According to its Web site, Vipul's Razor, commonly know as SpamNet (see the first URL below), "establishes a distributed and constantly updating catalogue of spam in propagation. Clients use this catalogue to filter out known spam." According to the DCC Web page (see the second URL below), DCC resembles SpamNet in that it's "a system of many clients and more than 90 servers that collects and counts checksums related to several million mail messages per day, [mostly] as seen by Internet Service Providers." SMTP servers and mail user agents can use the counts to "detect and reject or filter spam or unsolicited bulk mail." http://razor.sourceforge.net/ http://www.rhyolite.com/antispam/dcc/ To help prevent spam, explore the resources I've mentioned in this article and consider using them on your networks. Thanks to Brad Spencer for his help in bringing this information to Security UPDATE readers. 5:06:26 PM   []    comment []

© Copyright 2004 Mark Michaelis.