Travcom - Travis' Homepage

Hi, you've reached Travis's homepage. I figure most people come here for stuff I've done, so it's up front. For information about me, see the bottom of the page.

Software

• chcvsroot - change CVS/Root entries
• urlgrep - print all URLs from a file
• readlink - a tersely-written command-line symlink processing tool
• directory_to_dot - create dot-style graphs of directory hierarchies
• shadowcaster, a program that detects executable programs in your PATH that are "shadowed" by other executables with the same name earlier in the PATH

metaprox

• metaprox - a non-forking HTTP proxy proxy... pick which proxy you want to use on a per-domain basis, or change the default proxy without leaving your browser (it's web-controlled)
• metaprox init.d script - for running metaprox on a Fedora system

Linksys BEFSR41

• Linksys DHCP fix - for periodically renewing your DHCP lease on a Linksys BEFSR41 after applying the buggy security fix firmware revision 1.45.11 - NB: new firmware 1.46.00 fixes this
• Linksys router SNMP trap handler

The Post-Intrusion Forensic Toolkit

• unhide, a tool to show you all the process IDs in use on a system, even in the presence of a trojan-horsed /bin/ps (see comments for usage)
• viz, a tool that detects if anyone has attempted to hide their presence from you by zeroing out their entries in the wtmp log file, a technique used by the popular post-intrusion zap and zap2 programs
• nmap, a tool to detect what open ports you have on your system, even in the presence of a trojan-horsed netstat
• lsof, a tool that lists the open files on your system
• fstat, a native BSD tool for showing open files

Intrusion Response Tools

• denycomm is a small, simple, customizable command-line tool that will deny communication with an IP by blocking packets on a variety of packet-filtering firewalls. My hope is for this to become a standard so that IDS implementers do not have to hard-code different commands into the IDS configurations depending on what firewall topology they are using. Just run denycomm and let it do the work. This fits into a greater scheme that I am working on, so check back here later. Currently it supports ipf, pf, iptables and route.

Publications and Information

• usenet news links - all about Usenet News
• interesting email I wrote
• an introduction to X10 - an inexpensive home automation system
• a review of file distribution systems
• how to firewall some non-standardized but popular protocols
• keyboard input in Unix
• HOWTO chroot daemons
• my article on my CFS travails (now with cryptanalysis)! ;login: magazine, August 2004
• .profile (write once, use everywhere) ;login: magazine, June 2003

Documents about Microsoft

Microsoft is very effective at what they do, which is to dominate numerous kinds of software markets with relatively mediocre software. These documents describe how they do it.

• The Halloween Documents, a collection of documents related to the Halloween Memo, including Microsoft response, with edifying comments by Eric Raymond.
• The Halloween Memo, a confidential Microsoft memo that was leaked on Halloween, laying out Microsoft's strategy for dealing with free and open-source software.
• The Microsoft Anti-Trust Case, a series of documents which deal with the legal and social aspects of the case against Microsoft.
• Making Microsoft Safe for Capitalism, a document on how Microsoft gains and exerts its power.
• NetAction's Microsoft Archive, a library of documents on Microsoft, including "From Microsoft Word to Microsoft World", an analysis of Microsoft's practices and strategy.
• The De-commoditization of Protocols, an essay describing one facet of Microsoft's strategy, namely their "embrace and extend" approach to "free" protocols.
• The USDOJ complaint against Microsoft, surprisingly good reading.
• All the court documents regarding the current case against Microsoft by the DOJ.
• Good enough software, a design principle that seems to come and go in proportion to Microsoft's stock. This article doesn't address the fact that Microsoft software seems to be written with a process that produces a tremendous number of bugs. They brag about fixing such large numbers of bugs that it's easy to overlook the fact that they started with a great deal more than other design processes produce.
• Another treatise on good enough software. This one has a link to the excellent "The Rise of Worse-is-Better" paper, a must read.
• Is Microsoft software a monoculture that threatens the security of our critical infrastructure? Some well-known security experts think so.
• There's a lot of people that think Microsoft sucks. This one is the most interesting one. If you don't know what's bad about Microsoft, they have you covered.
• Microsoft allows OEMs to customize the XP install CD so that they can make it only install on the OEM's machines. This is a case where you must reverse engineer (crack) this protection in order to use your legal XP license. Until the DMCA this was legal (after all, *you own the license*), but I don't know if DMCA makes this practice illegal.

Autobiographical

• my public key
• giving thanks to all the people who deserve it
• On the Myers-Briggs Personality Inventory, I am an INTP ("The Architect")
• On the Enneagram I am a Type 5 (Investigator)
• My role model and personal hero is Nikola Tesla.

The tripod web server maps the pl extension to an HTTP Content-Type of text/html, so these programs are likely to look strange, unless you view them as HTML source (i.e. don't parse them).

Don't blame me; it's free and I don't work here.