Welcome to bicetech.com. There's not much here at the moment. This server
only serves as my personal mailserver, but I may be putting some more
interesting content out here from time to time. I'm told I should be
"blogging" all of the interesting, geeky things I do at work (or at play)
as a CyberSecurity Admin. As a result, you may find odd, disconnected
from time to time about things I'm doing or ideas I've had.
Wow, I haven't updated this in a long time. I felt the urge to scratch the
writing itch a while back (once upon a time I published a few articles in
SysAdmin Magazine, back when magazines were still "a thing"), and I'd just
heard about a social media site that wasn't banning people for thinking
wrong think (I truly detest being told what I'm allowed to think or what
opinions I'm allowed to hold), and whose end-user agreement didn't say
silly things like "anything you upload to our site is owned by us, not you"
and so I setup an account on
I posted a gaggle of blog posts there on "Principles of CyberSecurity" where
I tried to boil down Cyber Security to it's most basic essentials. I hope
they're of some use to someone. I also posted a variety of thoughts, notes,
alerts, and interesting videos 'n stuff there too.
Stop using email alerts in cron jobs
E-mail notifications for hardware and cron/scheduler jobs always lead to
trouble. A better solution is to use passive service checks in whatever your
monitoring solution of choice is.
Some Security Visualizations
I screen-captured a bunch of visualizations
of security-related log data recently to show some examples. These aren't
too fancy but they're good examples of how to make the most out of the
simpler viz tools and how useful visualization of security logs can be!
linuxgeek I've been posting some articles over on
minds.com lately. Some of those posts are just things pointing here, some are
articles that I'll someday put together as larger/longer posts here.
Biscuit Fish Some recipes for buttermilk
biscuits and "biscuit fish" - a recipe for fish with breadding using leftover
biscuits and some sauteed veggies to go with the fish. Tasty!
The Risks of Internet-accessible email
servers I noticed something odd in our email logs recently.
Learning about Node.js and making my
own syslog daemon
I spent the recent holidays teaching myself a bit about Node.js and making
a stab a writing my own syslog daemon.
A cool new tool for visualizing data
I took a neat new tool for a test drive last night that can do some really
cool things with security log data...
Drawing Snort alerts on a map
I made some rudimentary PHP code for drawing stuff (snort alerts in this
case) on a digital map image. Was a fun weekend project.
Improved my .270 rifle
I'm finally seeing some improvement in one of my rifles...
DNS Response Rate Limiting with Bind
I found myself needing to do rate-limiting in bind and on a whim
searched for "bind rate limit" and whaddya know, there's a feature for
that. :-) Gotta love bind...
Making a multithreaded grep
I needed a better tool for grep'ing through big log files or for fgrep'ing
log files for really large numbers of patterns...
Improving Security at Work
I've been making a bunch of changes to improve security at my day job. Have
been testing/using a bunch of security-related services...
Symantec Marketing Sucks
Ok, marketing departments USUALLY suck, no matter the company. But Symantec's
has earned a special place in my liver. I truly loathe and despise them...
Marketing people who won't leave me alone.
New OpenLDAP MDB backend I started playing
with the new MDB back-end in OpenLDAP this weekend. At first blush it
looks very promising, though for the DBs where I could really
benefit from it I'll probably need to run it on a 64 bit linux.
Stumbled across a bug in RPZ in bind 9.9.4rc1
Whoops! I ran across an odd bug in RPZ that affects servers where the
RPZ is a slave zone. When changes are made to the master RPZ the
slave servers stop honoring rpz-ip rules in the new version of the RPZ
until you kill and restart named. There's a patch for it though it's
supposed to be part of the official 9.9.4 release of bind.
(coming soon, no doubt)
How to build a Champagne VTL on a Beer
Budget I recently built a new VTL at work using some SGI MAID storage
I happened to have on hand and some open-source software.
How to use BIND Response Policy Zones to filter
DNS queries I recently setup some DNS filtering at work using a new
feature in BIND called Response Policy Zones. We're also using the new
RPZ zone data provided by spamhaus.org (you gotta request access to it),
but I wanted to augment it. So I've got a way to automate fetching a list
of known-hostile domains and known-compromised IPs that I want to rewrite
DNS responses for. The spamhaus RPZ seems to be anti-spam-centric, and my
RPZ stuff is more about preventing the userbase from pointing their
browsers at the malware-du-jour and/or to prevent any malware they do
pick up from phone-home. My list of domains and IPs isn't nearly as complete
as I'd like, so I've augmented it some with what I see in my own spam
logs and reports I run across in the SANS internet storm center or any
malware our network intrusion detection systems finds. It works pretty
well, so far...
How to make an asset tracking tool using OpenLDAP
I finally took some time this weekend to bang out some info on how I used
OpenLDAP to replace an asset tracking tool we used at
SGI. It's simpler, faster, more reliable,
and there's no internally-developed application to maintain. The user
interface is simply whatever your favorite LDAP browser/editor tool is.
Simple. It could easily be extended to track other things too. I started
making (as a proof of concept) some other attributes/objectclasses for
tracking licensing and even backup tapes but we already have other
solutions in place. But keeping track of what servers are where and
all the sorts of info someone on-call might want to know about those servers
and the applications they run is sure useful. When you get a page in the
wee hours it's nice to just click on an icon in nagios and immediately have
a page full of info about what apps the server runs, who cares about
the server and/or those apps, pointers to documentation for the server
or it's apps, info on what backup server backs it up, how to get remote
console access to it, where it's physically located, serial numbers and
contact info if you need to open a support ticket for it... All sorts of
useful info can be stored here...
My Dad, David Bice, has done a bunch of Geneaology work
on Emil Daniel Winona and has uploaded some files here. In particular,
the primary document of his work can be found in
this document. It's an interesting read!
I finally took some time to finish a nice
light, aerobatic glider.
I moved to Longmont, CO!
I made another large improvement
to the nagios server at work...
I finally got some film developed and uploaded a few more pictures from the
recent track event at Laguna Seca. You can find them and a link to some video
of one of the attendees going around the track
I attended the (now annual) Miata
Track Event at Mazda Raceway at Laguna Seca yesterday and today. It
was a blast! Even better than last year (at least for me).
The new nagios server at work is
coming along nicely...
At work (SGI) I'm currently building a new
monitoring infrastructure using
nagios. I'm trying out a variety of new
(to me, at least) tools along with nagios which I've used for ages.
Check it out.
At work (SGI) I recently rewrote the nagios
plugin we use for monitoring Dell systems.
Check it out.
I recently (ok, not all that recently but I've been either too lazy or too
busy to put anything up about it) visited a car museum here in Northern CA
called the Blackhawk Museum.
It was a good trip and I snapped a bunch of photos. I had no idea how dark
the interior of the museum was (though the cars are well-lit) and I'm afraid
my flash just didn't always do the cars justice - there are some truly
beautiful and fascinating cars there. Next time, I'm bringing a tripod if
they'll let me. I've put a bunch of photos
and some random ramblings about them here.