Saturday, August 28, 2010

Learning PowerShell

My professional goal for 2010 is to start using PowerShell. The developers back in Chicago use it for everything and it seems to be the new scripting language of choice for the Window world. (Pash is a cross platform open source version was started but no news for a couple of years.)

Lots of resources on the net; blogs, script repositories, books, podcasts and such.

I have been reading a tutorial designed for people who don't know object oriented programming. As my scripting skills were developed a century ago. There hasn't been an opportunity to think OOP since the LISP days at IntelliGenetics. This introduction with explanation of OOP terminology/thought is very helpful. I imagine it would be a bit slow for someone versed in .NET or C++. Check it out on the Microsoft site, Sesame Script.

I am using the book Microsoft Windows PowerShell 2.0 Programming for the Absolute Beginner by Jerry Lee Ford to great effect. Reading it cover to cover and doing the example assignments. After completing chapter 3 I felt that I could re-write any script I've created in csh|sh|ksh into PowerShell. So no problem going forward building scripts at work (check off one 2010 job goal;).

Friday, August 27, 2010

Penetration Testing

I am listening to a class from East Tennessee Status University (ETSU) taught by David Frazier, Ethical Hacking CSCI 4957 (iTunes U). This wiki page defines to term Penetration Testing, an active analysis of a system's security primarily by utilizing common ways of compromising the system.

One of these days I would like to go through the class exercises and homework myself. A lot of tools and resources are discussed. I liked the concept of "competative grading", the person who has the best/biggest/most of the assignment gets the top grade and all other get a percentage of that top score.

In the mean time, I vow to improve my personal security by maturing my use of passwords. After learning more I'll investigate the tools. (Can't do it from work because Big Brother doesn't allow access to "potentially malicious" sites, good job IT.)

Read this article, Digital Wallets and Whistle Blowing. What do you think. Good problem for an ethics discussion.

Here is a launching point; Software Engineering Ethics Research Institute.

Good list of penetration test ideas on the SANS site: CWE/SANS Top 25 Most Dangerous Software Errors.

Google Hacking Database

Tuesday, August 24, 2010

Hip, 8 months

Going contra dancing again this weekend. Two weeks ago I dance for 90 minute over a 3 hour period with NO side effects; no pain, no stress on hips, fair workout and good time.

The fact that I have had an artificial hip installed is primarily an intellectual exercise now. By that I mean that my body doesn't seem to notice any more.