Travcom - Travis' Homepage
Hi, you've reached Travis's homepage. I figure most people come here for
stuff I've done, so it's up front. For information about me, see the bottom
of the page.
- chcvsroot - change CVS/Root entries
- urlgrep - print all URLs from a file
- readlink - a tersely-written command-line symlink processing tool
- directory_to_dot - create dot-style graphs of directory hierarchies
- shadowcaster, a program that detects
executable programs in your PATH that are "shadowed" by other executables
with the same name earlier in the PATH
- metaprox - a non-forking HTTP proxy proxy...
pick which proxy you want to use on a per-domain basis, or change the default
proxy without leaving your browser (it's web-controlled)
- metaprox init.d script - for running metaprox
on a Fedora system
The Post-Intrusion Forensic Toolkit
a tool to show you all the process IDs in use on a system, even
in the presence of a trojan-horsed /bin/ps (see comments for usage)
a tool that detects if anyone has attempted to hide their
presence from you by zeroing out their entries in the
wtmp log file, a technique used by the popular post-intrusion
zap and zap2 programs
a tool to detect what open ports you have on your system,
even in the presence of a trojan-horsed netstat
a tool that lists the open files on your system
- fstat, a native BSD tool for showing open files
Intrusion Response Tools
- denycomm is
a small, simple, customizable command-line tool that will deny
communication with an IP by blocking packets on a variety of
packet-filtering firewalls. My hope is for this to become a standard
so that IDS implementers do not have to hard-code different commands
into the IDS configurations depending on what firewall topology they
are using. Just run denycomm and let it do the work. This fits into
a greater scheme that I am working on, so check back here later.
Currently it supports ipf, pf, iptables and route.
Publications and Information
Documents about Microsoft
Microsoft is very effective at what they do, which is to dominate
numerous kinds of software markets with relatively mediocre software.
These documents describe how they do it.
- The Halloween
Documents, a collection of documents related to the Halloween Memo,
including Microsoft response, with edifying comments by Eric Raymond.
Halloween Memo, a confidential Microsoft memo that was leaked
on Halloween, laying out Microsoft's strategy for dealing with
free and open-source software.
Microsoft Anti-Trust Case, a series of documents which deal with
the legal and social aspects of the case against Microsoft.
- Making Microsoft
Safe for Capitalism, a document on how Microsoft gains and exerts
- NetAction's Microsoft Archive,
a library of documents on Microsoft, including "From Microsoft Word to
Microsoft World", an analysis of Microsoft's practices and strategy.
De-commoditization of Protocols, an essay describing one facet
of Microsoft's strategy, namely their "embrace and extend" approach
to "free" protocols.
- The USDOJ complaint
against Microsoft, surprisingly good reading.
- All the court
documents regarding the current case against Microsoft by the DOJ.
enough software, a design principle that seems to come and go in
proportion to Microsoft's stock. This article doesn't address the
fact that Microsoft software seems to be written with a process that
produces a tremendous number of bugs. They brag about fixing such
large numbers of bugs that it's easy to overlook the fact that they
started with a great deal more than other design processes produce.
- Another treatise on
good enough software.
This one has a link to the excellent "The Rise of Worse-is-Better" paper,
a must read.
- Is Microsoft software a
that threatens the security of our critical infrastructure?
Some well-known security experts think so.
- There's a lot of people that think Microsoft sucks.
This one is the most interesting one.
If you don't know
what's bad about
Microsoft, they have you covered.
- Microsoft allows OEMs to customize the XP install CD so that they can
make it only install on the OEM's machines. This is a case where you must
reverse engineer (crack) this protection in order to use your legal XP
license. Until the DMCA this was legal (after all, *you own the license*),
but I don't know if DMCA makes this practice illegal.
The tripod web server
maps the pl extension to an HTTP Content-Type
of text/html, so these programs are likely to look strange,
unless you view them as HTML source (i.e. don't parse them).
Don't blame me; it's free and I don't work here.
(NOTE: may be full of spam)