When DHL says location: Shipper’s Door. WTF does that mean? it is sitting on outside on the door step waiting for someone to steal it? What city is this shipper’s door in? It says estimated time of delivery to be tomorrow which would be nice.

[LJ2ME]

Not looking good. They are saying that we can push off from the gate at cleveland but. air trafic control can’t find a route that works for them so we are going to wait on the tarmac again. They are saying fly time to vegas is 4hours. So we get in at em no idea 🙂

[LJ2ME]

I got suck in baltimore on the run way for an hour while a storm system rolled through cleveland ohio. I am now in ohio waiting for the flight crew to show up.. another flight crew did the boarding to get us on our way. They are saying we will get into vegas about midnight

[LJ2ME]

Since sean did it. I wanted to abuse my crackberry and try lj2me to see how it works. I have used the web browser on the phone before to post but this looks like it will be quicker. Sarah is being all cute sitting on my lap and wanting to be petted

I now have suse 9.3 running on a computer. mp3 playback is in an optional multimedia package and the C key didn’t work on my keyboard which is really strange. I deleted the .kde files and eveything seem happy now. This is the first time I have ever tried to do an upgrade rather than a fresh install. Seems fairly smooth so far.

Initial thoughts,
eye candy, but I like the graphically background on the console window,
I like amoroK. It might even do somethings better than itunes.
KDE takes a really long time to start up.
If they ever want people to use stuff they need to call things by something that is meaning full, what does KluJe do for example? Oh it a live journal poster. I wonder if I installed that when it was 9.0? or was it 9.1?
Sound seems to works perfectly on my on board sound card. I was having a couple issues with the old install.

What a storm. The first crack of thunder woke me up Ok so it was 10:30am. its now 12:30 and it is still thundering and I have a river running down the alley at the back of the house. I guess direct tv will be out due to all the rain.

Kind of fun when you kick off a deployment to 12,000 machines. This has been the result of about 2 weeks personal testing, 3 weeks pilot testing and some negotiation about deployment. Its all over now over and I get to runs some stats tomorrow about how many items of spyware were detected and deleted.

This all met I was late for the a meeting with people from Baltimorespokes. I thought taking the light rail might be quicker but I forgot it wasn’t running north of pen station. I now know how to get to hampden on a bike so I wont have to do that again.

Another icky virus today. I found a machine that kept downloading W32/Opanki.worm.gen and W32/Kelvir.worm.gen. I ended up finding c:\windows\system32\5la.exe, c:\windows\system32\busyboy.exe, c:\windows\system32\busyboya.exe, c:\windows\system32\manstfu.exe. These turned out to be zero day virus that McAfee wasn’t detecting. I got the extra.dat about 1:50pm from Lysa at avert. I didn’t push out the enterprise since I was only seeing this on one machine, it should be in tomorrows DAT release. I have a nice perl script that loads the data from EPO to snortui. I don’t think the version on source forge has the latest version of the import script. So I can watch in semi real time. EPO only periodically updates to the EPO database so I normally watch the epo sensor with an hours worth or data or more.

If you are running the enterprise version of mcafee virus scan 8 then I recommend that you enable the access protection rules, leave the “block creation of new files in the windows folder” and the “block creation of new files in the system32 folder” enabled but change them to warn. leaving them set in block mode in a large enterprise will cause all sorts of things to fail unless you really have you package installs locked down. When you find something suspicious you can jump over to the access protection log at C:\Documents and Settings\All Users\Application Data\Network Associates\VirusScan\AccessProtectionLog.txt and view interesting things like application a.exe copied a file called b.exe to the system32 directory.

From tracing back the history I found that the route of all evil was a process called clip-bowl[1].ex. This then created xmconfig.exe (still waiting on an extra.dat that detects this). I saw that lltvr.exe created zkppnsd.exe (still waiting on an extra.dat), 5la.exe created 5b.exe (w32/sdbot.worm.gen.ak, extra.dat available), 5la.exe created nn.exe (detected as W32/Opanki.worm.gen (Virus) no extra.dat needed), 5la.exe created indexx.exe (Downloader-XZ (Trojan) no extra.dat needed), 5la.exe created 5353.exe (W32/Kelvir.worm.gen (Virus) no extra.dat needed),5la.exe created (W32/Opanki.worm.gen (Virus) no extra.dat needed) ,5la.exe created busyboy.exe (w32/kelvir.worm.dw extra.dat available), xmconfig.exe created fhhy.exe (W32/Opanki.worm.gen (Virus) no extra.dat needed). There were probably some other files that I haven’t listed since the virus software caught them

So the conclusion is that this machine was a mess.