Socat compilation on Cygwin


While compiling socat-2.0.0-b5 on cygwin (Windows) I got a few errors and here’s how I fixed it:
xioopts.c: In function 'applyopts_single':
xioopts.c:3998: error: 'struct single' has no member named 'fd1'
xioopts.c:4000: error: 'struct single' has no member named 'fd1'
make[1]: *** [xioopts.o] Error 1

Edit the file xioopts.c in your favorite editor and replace ‘fd1’ by ‘rfd’ in both lines (3998 & 4000). That fixed this error but then I got my next error.

xio-ip.c:480: error: structure has no member named `ipi_spec_dst'
Edit xio-ip.c and comment out the entire snprintf statement in xio-ip.c line 480.

Continue compilation and it should now work fine.


A disaster called Silsilay


Silsilay, the latest movie by Khalid Mohammed, a critic famous for his Sunday Times articles, is a disaster to say the least. Mr.Mohammed, who has torn apart most of the movies in his journalism career, to my disappointment, has not proven himself any better than the pack he tore apart. I think if he himself saw the movie impartially he probably would have given it negative five stars.
Silsilay, as the movie is called, is a movie of three stories running one after the other albeit aimlessly. The first story is of a film actress (Bhoomika Chawla) who falls in love with a bookie (Rahul Bose) who is two-timing his girl-friend, who in turn is two-timing him…sounds complex…don’t bother…it’s not complex but just kiwi drainex!
The second story is of a young girl (Riya Sen) who looks stunning in the movie and is afraid to lose her virginity and is consoled by her overly promiscuous friend to do *it*. Ashmit Patel steps into the story as her boy toy (read “snuggies”) and Jimmy Shergill, who is her co-worker from work and is looking to gain her attention. Some good (aimless) smooches result between Ashmit and Riya and Khalid Mohammed succeeds in spinning a story that is as ridiculous as Riya and Ashmit’s acting. For god’s sake Riya, Nirma soap advertisements were better!
As if the torture was not enough, Mr.Mohammed had a life-saver (or at least as he thought) a still more ridiculous story. Well, some B-grade films would have called this 3rd story a *saga*…but I frankly think that Khalid Mohammed doesn’t think!
It’s a combination of a love triangle…sorry…love quadrilateral with a diagonal (please figure out what this means on your own…watching the movie wouldn’t help anyway). In this story Tabu plays a housewife whose husband (KK) is going out with a (super hot) air hostess (Celina Jaitley) and whose son suffers from Oedipus Complex ( where a person falls in love with his own mother). As if this carcass did not stink the theatres…there was more bull**** coming across in the form of Shah Rukh Khan in between stories and scenes. Mr. Khan there are many ways to win Filmfare awards…this is probably the last way to *buy* the awards. Mr.Khan does a saving act by signalling to the audience how he behaves when nature calls arrive…how he insanely goes about dancing for no reason whatsoever.
This is all a part of the crap that I call Silsilay!
Awesome Japanese Artifacts!


List of Security Conferences


I wanted to have a list of all the security conferences around the world for a quick reference so I compiled together a list.

DefCon http://www.defcon.org
BlackHat http://www.blackhat.com/
shmoocon http://www.shmoocon.org/
ToorCon http://www.toorcon.org/
you sh0t the sheriff http://www.ysts.org/
Hack.lu http://hack.lu
WOOTCon http://www.usenix.org/event/woot08/
Source Conferences http://www.sourceconference.com/
InfoSecurity Europe http://www.infosec.co.uk/
SyScan http://www.syscan.org
CONFidence http://confidence.org.pl/
CEICConference http://www.ceicconference.com/
RSA Conference http://www.rsaconference.com/
CanSecWest http://cansecwest.com/
EUSecWest http://eusecwest.com/
PACSec http://pacsec.jp/
BA-Con http://ba-con.com.ar/
Hack in the box http://www.hackinthebox.org/
Clubhack http://clubhack.com/
Xcon http://xcon.xfocus.net/
T2 Conference http://www.t2.fi
LayerOne http://layerone.info/
Owasp Conference http://www.owasp.org
DeepSec Conference https://deepsec.net/
FrHack conference http://www.frhack.org/
Shakacon http://www.shakacon.org/
Secrypt conference http://www.secrypt.org/
HackerHalted Conference
SecTor Conference http://www.sector.ca/
Microsoft Bluehat http://www.microsoft.com/technet/security/bluehat/default.mspx
ReCon http://recon.cx/
Hacker space festival http://www.hackerspace.net
RAID Conference http://www.raid-symposium.org/
Sec-T Conference http://www.sec-t.org/
BruCon http://www.brucon.org
DIMVA Conference http://www.dimva.org
SeaCure Conference http://seacure.it/
ColSec http://www.univ-orleans.fr/lifo/Manifestations/COLSEC
Auscert http://conference.auscert.org.au
RuxCon http://www.ruxcon.org.au/
uCon http://www.ucon-conference.org/
Chaos Communications Congress http://www.ccc.de/
Bellua Cyber Security http://www.bellua.com/bcs/
CISIS Conference http://www.cisis-conference.eu/
ATC Conference http://www.ux.uis.no/
NDSS Conference http://www.isoc.org/isoc/conferences/
EkoParty Conference http://www.ekoparty.com.ar/
No Con Name http://www.noconname.org/
KiwiCon http://www.kiwicon.org/
VNSecon http://conf.vnsecurity.net
EC2nd Conference http://www.ec2nd.org/
IMF Conference http://www.imf-conference.org/
BugCon http://www.bugcon.org/
Cyber Warfare http://www.ccdcoe.org
POC Conference http://www.powerofcommunity.net/
QuahogCon http://quahogcon.org/
NotaCon http://www.notacon.org
PhreakNic http://www.phreaknic.info
PlumberCon http://plumbercon.org/
Internet Security Operations and Intelligence http://isotf.org/isoi7.html

Error: Installshield Engine could not be launched


I was being troubled by the error:
The InstallShield Engine (iKernel.exe) could not be launched.
The RPC Server is unavailable.

If you start the service “DCOM Server Process Launcher” you should be able to do away with this error.


WPA2+TKIP on Kubuntu with IPW3945


So I decided to use WPA2 Personal with AES+TKIP on my new Linksys WRT54GL router after my old D-Link router died. However, there were some issues in getting it to work on Kubuntu 6.10 Edgy Eft with my Intel Wireless IPW3945abg.
So I decided to put my /etc/network/interfaces and the /etc/wpa_supplicant.conf files up here for reference:
Suppose BLAH is my ESSID name. The psk value is an altered value for elucidation purposes only:


proto=WPA RSN

The value of the PSK command was obtained by using the value associated with the prefix “psk=…” after issuing the following command:

# wpa_passphrase BLAH passphrase

The /etc/network/interfaces looked like this:

auto lo
iface lo inet loopback

auto eth1
iface eth1 inet dhcp
wpa-conf managed
wpa-driver wext
wpa-ssid BLAH
wpa-ap-scan 2
wpa-proto RSN
wpa-pairwise TKIP
wpa-group TKIP
wpa-key-mgmt WPA-PSK
wpa-psk aaaa3fa7bbbbccccf6d44e199ecb2bebccccad25a0778beeee104db0b3fffff7
pre-up wpa_supplicant -Bw -Dwext -i eth1 -c/etc/wpa_supplicant.conf
post-down killall -q wpa_supplicant

Once I was done with this configuration all I had to do was, issue the following command to get wireless working with WPA2 and TKIP:

# /etc/init.d/networking restart

Start the Blog!


Just started blogging…actually getting pretty late into the blogging culture! Studying and doing projects to complete graduation at USC. My homepage is at http://www-scf.usc.edu/~swarup/.


The case of an ID theft scam


An interesting incident happened this past week to a friend – he had his identity stolen. More specifically, someone got a hold of his social security number (SSN), his date of birth (apparently) and his address. What the scammers or their “mules” (a term used to describe criminals who act on behalf of the actual criminal at their behest) did was that they went to the bank and requested to wire a huge sum of money to an account. The neat trick they played was before actually going to the bank they called the Verizon helpdesk and suspended my friend’s phone service. When they reached the bank and showed the bank agent the ID (some sort of a non-standard / fake ID) and gave the SSN to the bank agent, he/she grew suspicious and tried to contact my friend. However, due to Verizon suspending his phone service, the bank agent couldn’t get a hold of my friend. Luckily, the bank agent also sent my friend an email to which he responded promptly. The culprits were arrested and the investigation is still on.
What was quite interesting was, the modus operandi where the criminals know that banks rely on calling the customers if they suspect fraud and they had this covered. Quite intelligent.
So, you know what you need to do if your phone suddenly stops working – check if ID thieves have had a run on you, change all your passwords including email, change your credit card accounts and bank accounts and PINs and place a hold on your credit history with the credit reporting agencies such as Experian, Equifax and TransUnion.