Down to This

"You get the ankles, and I'll get the wrists."

Zen Motivation

(download)

I read an interesting article on zenhabits that inspired me to create a simple little motivational poster for myself.  Here's the PDF if you'd like a copy for yourself.

Loading mentions Retweet
Posted August 27, 2010
// 1 Comment

My Work-From-Hammock Office

Perhaps the most relaxing work environment I've ever used. Productivity boost!

Loading mentions Retweet
Posted August 17, 2010
// 1 Comment

Giant Spider

This is the coolest looking spider! Anyone know what kind it is?

Loading mentions Retweet
Posted July 30, 2010
// 0 Comments

UPS cares for your shipments!

All the loving care I've come to expect from UPS.

Loading mentions Retweet
Posted July 27, 2010
// 0 Comments

Can I get a lot of corn?

Loading mentions Retweet
Posted July 8, 2010
// 0 Comments

Flip Face-off

@basecase and I have started a Flip Face-off.  We each have a single Flip HD and are alternately posting videos at http://flipfaceoff.posterous.com/ for everyone's entertainment.  The rules are simple, each of us have 2 weeks after the last post to submit a video response.  The idea is to somehow top the other's last video.  Witness the travesty of geeks with video cameras for yourself at http://flipfaceoff.posterous.com/

Loading mentions Retweet
Posted July 8, 2010
// 1 Comment

Patriotism

Tires are the last place I expect to see any display of patriotism.

Loading mentions Retweet
Posted June 30, 2010
// 0 Comments

Curb-Side Service no more

It's interesting what you find when you get off the beaten path.

Loading mentions Retweet
Posted June 30, 2010
// 0 Comments

Fancy SSH Tunneling for a Highly Restrictive Environment

For my penetration testing work, I frequently leave a Mac Mini hooked up to a client site so that I can remote into it to run any scans or manual validation while not on site. Very often, I will ship one pre-configured to the client without going on-site. This minimizes travel expenses for the clients and minimizes airport time for me. Somewhat recently, I had a client who was strongly opposed to making any temporary firewall changes for me to SSH into the Mac Mini. They also informed me that due to their highly restrictive firewall rules, I wouldn't be able to create an outgoing SSH tunnel, either.

First is a shell script that uses some of the SSH Control Channel features (intended for connection sharing) to determine if the connection is already up and if not, start it back up. I run this script every 5 minutes out of cron. I'm also tunneling back to port 22 from the destination box so I can connect back.

With the "highly restrictive" proxy at this clients location, outbound SSH did not work out of the box. I also tried running SSH on port 443 and 80 which usually works, but needed something more to "hide" the connection. I made some changes to my Apache config making it a proxy for SSH connections two specific hosts.

Additionally, using ProxyTunnel to wrap up the SSH connection, some extra configs are needed to the ssh config. (The first two lines are for the SSH Control Channel changes.)

Fork my Gist for yourself.

Loading mentions Retweet
Filed under  //   coding   security  
Posted June 19, 2010
// 0 Comments

New Shoes

Got 'em for climbing and mountain biking.

Loading mentions Retweet
Posted May 20, 2010
// 0 Comments