Duffbert's Random Musings

About Duffbert...

Duffbert's Random Musings is a blog where I talk about whatever happens to be running through my head at any given moment... I'm Thomas Duff, and you can find out more about me here...

Email Me!

Search This Site!

Custom Search

I'm published!

Co-author of the book IBM Lotus Sametime 8 Essentials: A User's Guide

Purchase on Amazon

Co-author of the book IBM Sametime 8.5.2 Administration Guide

Purchase on Amazon

MiscLinks

Downloads

LotusScript Progress Meter
Removing Icons In Workspace
MS Constants Notes database
My Writing/Speaking Credits
Privacy/Disclosure Statement

Visitor Count...

View My Stats

05/31/2004

Book Review - Excel Hacks by David & Raina Hawley

Category Book Reviews

If you spend any time working with Excel as part of your job, you'll really like this book... Excel Hacks by David & Raina Hawley (O'Reilly). This book contains 100 tips and tricks related to the Excel spreadsheet package from Microsoft. The tips are divided into the following chapters:

Reducing Workbook And Worksheet Frustration; Hacking Excel's Built-in Features; Naming Hacks; Hacking PivotTables; Charting Hacks; Hacking Formulas And Functions; Macro Hacks; Connecting Excel To The World

This particular Hacks book has an advantage that many other Hacks titles don't have. The subject matter relates to a single program, so nearly all the hacks are applicable to an Excel user. Contrast that to a Hacks title like Network Security Hacks, where your choice of operating system limits the number of tips that you can use. While there are some Windows-only Excel hacks included, most all the tricks work on both the Windows and Mac version of Excel. Nobody should feel left out here.

I especially liked the chapter on the charting hacks. They outline a technique for building a speedometer chart that is really impressive.

If you are an Excel power user (or know someone who is), this is the book for you.

Posted by Tom Duff At 1:45 PM Location In The Basement... | Permalink | Comments (1)

05/31/2004

Book Review - Network Security Hacks by Andrew Lockhart

Category Book Reviews

If you're at all responsible for or mindful of the security aspects of your network, here's a book you'll enjoy... Network Security Hacks by Andrew Lockhart (O'Reilly). As with all the Hacks titles, this book contains 100 various tips and ideas on how to improve your network security through the use of various software packages or procedures you can implement. The Hacks are grouped into the following chapters:

Unix Host Security; Windows Host Security; Network Security; Logging; Monitoring and Trending; Secure Tunnels; Network Intrusion Detection; Recovery And Response.

This isn't a primer on all you need to know about system security, nor is it meant to be. Network Security Hacks is most helpful for the system or network administrator who understands security but is always looking for various ways to enhance their level of security or ease the administration processes. For instance, in the Monitoring and Trending chapter, you are introduced to a number of free tools you can download that will verify your services, graph your bandwidth trends, monitor real-time network stats, and audit the traffic on your network. While not every hack will appeal or apply to you, you will find plenty of gems that will give you a real and quick payback.

The only "gripe" I have about the book is that it is heavily weighted towards the Unix environment. The Windows chapter is pretty small, and even some of the Windows hacks involve allowing you to work with the data like you can with Unix. So, if you're looking strictly for Windows security tips, you will probably find less satisfaction than you might if you were a hard-core Unix admin. Even so, there is material there that will interest you, such as how to use Snort to set up an intrusion detection system or how to use built-in features of Windows to create your own firewall.

Very good book, and worthy to hold a spot on your bookshelf...

Posted by Tom Duff At 8:40 AM Location In The Basement... | Permalink | Comments (0)

05/30/2004

Book Review - Bitter Sweets by G. A. McKevett

Category Book Reviews

While I was up half the night with what seems to be the flu, I was pretty much able to start and finish Bitter Sweets by G. A. McKevett. This is the second book in the series, and you end up getting a fair amount of character development devoted to Savannah's grandmother. She shows up on Savannah's doorstep, wanting to experience a trip to Disneyland. Unfortunately, Savannah has a few other things going on.

Savannah's new detective agency gets its first case, and it's a request to track down a missing sister. They take all the necessary precautions to make sure the person requesting the trace is actually her brother, and they start the hunt. When they finally find her, they learn she's in hiding from her ex-husband who has threatened to kill her and their daughter. Before Savannah can arrange a meeting between brother and sister, she finds out she's been duped. The sister is murdered, the child is kidnapped, and Savannah now has to track down the killer. To make it worse, the chief of police is seriously considering charging her with being an accessory to the murder.

A nice number of twists and turns, and some ethical questions at the end where you have to figure out whether justice would be served by doing the "right" thing.

Posted by Tom Duff At 6:13 PM Location In The Basement... | Permalink | Comments (1)

05/30/2004

Book Review - Death By Chocolate by G. A. McKevett

Category Book Reviews

In Death By Chocolate, Savannah Reid is hired to be a bodyguard for a TV cooking celebrity who is known for her chocolate recipes. But once Savannah meets her, she realizes that the lady is really a bitter old woman who is bossy and irritating. She's been receiving hate mail, and wants Savannah to figure out who is sending it. The investigation is barely underway when the Chocolate Queen is poisoned, and now Savannah has to figure out who killed her. And everywhere she turns, she finds people who fit the bill.

To complicate Savannah's life, her sister Cordele shows up unannounced and wants to work out some "family issues" with her. Cordele can't seem to get past her "horrible" childhood, and wants to relive all her pain and agony, while Savannah just wants to send her back home.

Light reading, fun story, and all the twists and turns you expect in a G. A. McKevett novel.

Posted by Tom Duff At 5:59 PM Location In The Basement... | Permalink | Comments (0)

05/29/2004

Book Review - Creating Cool Web Sites With HTML, XHTML, and CSS by Dave Taylor

Category Book Reviews

Book Review – Creating Cool Web Sites With HTML, XHTML, and CSS

Title
Creating Cool Web Sites With HTML, XHTML, and CSS
1st edition, 2004, 405 pages, Wiley

Target Audience
Beginning web designers or web designers who want to grow beyond single page designs.

Contents
This is a reference/tutorial guide to web technologies that are necessary to build web sites. The book is divided into three parts:

Part 1 – Building A Wicked Cool Web Page – So What’s All This Web Jazz?; Building Your First Web Page: HTML Basics; Presenting Text Attractively; Moving Into The 21st Century With Cascading Style Sheets; Lists And Special Characters; Putting The Web In World Wide Web: Adding Pointers And Links; From Dull To Cool By Adding Graphics
Part 2 – Rockin’ Page Design Strategies – Tables And Frames; Forms, User Input, and the Common Gateway Interface; Advanced Form Design; Activating Your Pages With JavaScript; Advanced Cascading Style Sheets; Site Development With Weblogs
Part 3 – Expanding Your Pages Into A Web Site – Web Sites versus Web Pages; Thinking About Your Visitors And Your Site’s Usability; Validating Your Pages And Style Sheets; Building Traffic And Being Found; Closing Thoughts; Appendix A: Step-by-step Web Site Planning Guide; Appendix B: Finding A Home For Your Web Site; Index

Review
If you’re just starting out with learning how to build Web pages or sites, you no doubt have a wide number of books to choose from to help you learn those skills. But you can easily get bogged down in the minutiae of every little HTML tag and still not know what CSS means. You need a readable book that gives you solid coverage of essential information. With that in mind, you should check out Creating Cool Web Sites With HTML, XHTML, and CSS by Dave Taylor.

To position this properly, let’s make sure you’re the right audience. This isn’t a book that will teach new tricks to an experienced web designer who earns their living developing corporate web sites. This book does an excellent job in covering a lot of ground without needing 1000+ pages to do so. Taylor takes you through the basics of HTML and XHTML, as well as how to use CSS to add formatting and presentation to your page. There’s even some coverage of JavaScript as well. As you continue to gain expertise in each of these areas, you will probably want a hard-core reference manual to continue your education, but Creating Cool Web Sites will give you the necessary foundation to get started.

While targeted more towards beginners, the information in part 3 is a worthy read for a larger audience. To properly build a web site, you have to think of it as a cohesive whole, not just a collection of separate pages. The author helps the reader think through site issues, such as traffic, accessibility, and so on. Once again, any one of these topics could be a book on its own, but this is a nice level of coverage for initial exposure and to get started.

Conclusion
Beginners will find this to be an approachable coverage of web technologies, while intermediate designers will probably gravitate to the Web site design and CSS information.

Posted by Tom Duff At 12:53 PM Location In The Basement... | Permalink | Comments (1)

05/29/2004

Saturday morning random musings...

Category Everything Else

I'm sitting here on Saturday morning, paying bills and watching the college lacrosse playoffs on ESPN2. I just have one question... Is there any more useless position in sports than the goalie in lacrosse? The goalie in hockey can make or break a game. The goalie in soccer is critically important. The goalie in lacrosse seems to be there to dig the ball out of the back of the net whenever a shot happens to be on goal...
We saw the movie The Day After Tomorrow last night (that can get confusing if you think about it too hard)... Not too bad. Stunning visual effects and camera work. So-so acting and plot line. I know there's been a lot of talk about this being a political statement about the current administration and global warming. To that I say... it's a weather catastrophe flick... sit back and enjoy it. Oh, and whoever was responsible for the wolf CGI work in the ship.... that was really bad. They didn't look real, they didn't move right, and you could have lost that whole scene and improved the movie.

Posted by Tom Duff At 8:52 AM Location In The Basement... | Permalink | Comments (1)

05/28/2004

e-Pro Family Relaunch...

Category IBM/Lotus

While there have been a few references to the event on a couple blogs, it's now official... the e-Pro Family Relaunch.

While there won't be a print magazine any longer, that doesn't mean e-Pro is gone. The focus is just switching to electronic delivery of the information you've come to expect from the magazine and Penton. The various newsletters have been reorganized and rebranded, so head on over to the link above and make sure you subscribe.

And yes, I do have a vested interest in you signing up. You see, I've been given the opportunity to write and edit the e-ProWire: Lotus Developer Tips newsletter each month. On the first Tuesday of each month, you'll get developer tips and information covering the Lotus family of products. And of course, I get to tell you what I think about things, too... :-)

So, hurry on over and sign up to keep that information flowing your way.

Posted by Tom Duff At 8:49 PM Location In The Basement... | Permalink | Comments (0)

05/27/2004

Book Review - In Search Of Stupidity by Merrill R. Chapman

Category Book Reviews

In Search Of Stupidity - Over 20 Years Of High-Tech Marketing Disasters by Merrill R. Chapman (Apress) is a wickedly funny read with some very real lessons on how to snatch defeat from the jaws of victory.

Chapman takes a look back at the first two decades of the high-tech industry to see how companies with dominant product leads squandered those advantages to become irrelevant (or non-existent). The examples are numerous... IBM and the PC, Micropro and Wordstar, Novell and Netware. He actually worked for some of the companies that are under the microscope, so there is an insider's color and flavor that you don't normally see from a customer perspective. Because of the biting style of writing, the book doesn't suffer from a lofty "anyone could see this coming" attitude that so many of these historical examinations seem to adopt.

Back to the writing style... Chapman has a satirical, wicked wit that is used to maximum advantage here. Even if you weren't terribly interested in the content, it would be worth a read for the laughs. I haven't enjoyed a business book this much in a long time.

And by the way... Don't pass up the glossary at the end. It's the cherry on top of a great sundae.

Posted by Tom Duff At 7:38 PM Location In The Basement... | Permalink | Comments (0)

05/27/2004

Humor Thursday....

Category Humor

I was forwarded a number of emails today that just struck a funny bone with me... So, if you want a laugh (or want to experience my warped sense of humor), read on...

Posted by Tom Duff At 7:04 PM Location In The Basement... | Permalink | Comments (0)

05/26/2004

Book Review - Reckless Abandon by Stuart Woods

Category Book Reviews

I recently finished Stuart Wood's latest, Reckless Abandon. While I like the Stone Barrington series, there seemed to be something missing in this one...

Wood brings together Stone Barrington and Holly Barker, the character from the Orchid series. She's up in New York, tracking down a mobster who has committed a series of murders in her jurisdiction. He's still a killer, but now he's being protected by the feds under the witness protection program. She wants to somehow break that protection and see him brought to justice. Barrington is helping her out since she's staying with him and he's got the hots for her.

I'm not sure what it is that's missing. Not enough action? Not enough mystery? Light on plot? I don't know. I just can't put my finger on it. It's an OK read, but I expected more...

Posted by Tom Duff At 6:44 PM Location In The Basement... | Permalink | Comments (0)

05/26/2004

Book Review - Stealing The Network - How to Own a Continent

Category Book Reviews

I recently read and reviewed Stealing The Network - How to Own the Box (STN) by Syngress Publishing. Great read. When I saw there was a follow-up titled Stealing The Network - How to Own a Continent (STC), I had to read it too. Once again, a great read for computer and security people.

Much like STN, STC is a series of fictional episodes involving system attacks and exploits. The episodes aren't real, but the techniques and concepts outlined are definitely true to life. The main difference between the two is that STC is a cohesive series of attacks coordinated by a mysterious person in the background who wants to disrupt a continent and make a huge financial score. So while each story in STN was a stand-alone chapter, STC is more like a mystery techno-thriller that is light on plot but heavy on technical detail.

In addition to learning about attacks and how they can occur (which you can get in just about any security book), STC once again adds the color of the attacker's personality into the equation... Why they do it, what they stand to gain, and what level of effort they are willing to expend to gain their prize. I feel that most security departments fall flat in this area. They can configure and set up proper security "by the book", but they are unable to think like a cracker and anticipate the unexpected. That's probably where this book (actually, both books) adds the most value to the collection of security knowledge and wisdom that's available on the technical bookshelves today.

If you're looking for a techno-thriller novel that reads like Tom Clancy, this isn't your book. But if you're looking for solid security information told in a colorful and unusual manner that will cause you to question your own security awareness, you found what you're looking for...

Posted by Tom Duff At 5:21 PM Location In The Basement... | Permalink | Comments (2)

05/25/2004

Microsoft behind $12 million payment to Opera...

Category Microsoft

From ZDNet: Microsoft Behind $12 Million Payment To Opera

Now when you are sitting on a gazillion dollars in cash, $12 million to settle a potential lawsuit is like you or I taking your coworker to Starbucks for a coffee. But it makes me wonder...

Microsoft has been in a major settlement mode as of late. Pending lawsuits are being settled, and potential lawsuits are being paid off. Why? Is it because Microsoft has developed a corporate understanding of right and wrong. Nah... that'd be too easy and no fun!

I'm wondering, going down the conspiracy path, if this is an attempt to divert attention away from a slowing growth period ahead of whenever Longhorn is released. Announce lower than expected earnings, or even, *gasp*, a LOSS, and peg it to the abundance of legal actions being settled. Hopefully no one will notice that the cash cow (Windows and Office) are starting to run a little dry, and the forays into other areas (MSN, XBox, etc.) still aren't pulling their weight...

Just a thought...

Posted by Tom Duff At 4:33 PM Location In The Basement... | Permalink | Comments (0)

05/25/2004

Microsoft's Aging Monopoly Losing Ability To Dominate

Category Microsoft

For those who think that Microsoft dominates every market they enter, think again...

Microsoft's Aging Monopoly Losing Ability To Dominate

Since most of the media we're exposed to has a short memory, it's worthwhile to read the article and remember some of the attempts in which Microsoft has not been completely successful. And as a company grows up and becomes more *mature*, it becomes even harder to be the 800 pound gorilla.

Posted by Tom Duff At 4:12 PM Location In The Basement... | Permalink | Comments (0)

05/25/2004

Gates Touts Blogging As Business Tool...

Category Blogging

I don't know whether to be happy or dismayed at this article...

Gates Touts Blogging As Business Tool

On one hand, if Microsoft starts touting (I like that word!) blogging in a business environment, it will lend legitimacy to those of us who use it to share ideas and thoughts centered around our professional careers. Conversely, if Microsoft tries to *own* the blogging world and/or software related to blogging, it will be one more tool to make Microsoft ever-present in the workplace.

Interestingly enough, I've had two requests in the last week for blogs to be set up to allow some teams to communicate with various areas. I took my BlogSphere template, did a little modification, and they seem to be happy with the results.

Posted by Tom Duff At 4:03 PM Location In The Basement... | Permalink | Comments (0)

05/23/2004

Cool arrangement... I get free books, I get to read and review them, and I learn stuff in the process!

Category Everything Else

Just the other day I finished up the review for Digital Photography Hacks. One of the hacks involved doing panoramic shooting with your digital camera. Take a series of pictures, overlap them by a 1/3 or so, and then use a stitching program to turn the results into a wide-angle composition. Since it sounded so easy, I downloaded a couple of stitching packages from the web and just took a quick sequence from my messy office basement. The results...

A picture named M2

That's three of the four pictures in the sequence. I cropped the first one as the coloration didn't allow the program to integrate it too well. The little yellow blotches are the watermarks from the shareware version of the software I used. Not that I'll do this with all my shots, but it could be a lot of fun to add this to my digital bag o' tricks.

Posted by Tom Duff At 7:49 PM Location In The Basement... | Permalink | Comments (1)

05/23/2004

Book Review - Never Threaten To Eat Your Co-Workers - Best Of Blogs

Category Book Reviews

If you're a blogger and enjoy the act of expressing your views and emotions online, you'll enjoy Never Threaten To Eat Your Co-Workers - Best Of Blogs (Apress). This collection of blog entries edited by Alan Graham and Bonnie Burton is a fun look at various blogs and bloggers that range from the well-known to the obscure. On one end you have a few blog entries by Wil Wheaton (Wesley Crusher of Star Trek: TNG fame). On the other end might be Ali Davis, the writer for True Porn Clerk Stories (she is a clerk in a video porn shop and writes about her experiences). The format is pretty simple... random samplings of some of their blog entries, along with short interviews asking about their motivation behind blogging and their views on the concept.

Some of the entries may have you laughing to tears ("Dear Cranky Old Bitch") and some will make you think ("Clutching For Answers In Baghdad"), but all them will reflect the person behind the keyboard, no matter how quirky and real they may be. And in the interviews with the writers, you'll most likely see yourself, a fellow blogger who is sharing a small part of themselves with the world.

Posted by Tom Duff At 5:08 PM Location In The Basement... | Permalink | Comments (1)

05/23/2004

Book Review - Adopting The Rational Unified Process

Category Book Reviews

Book Review – Adopting The Rational Unified Process

Title
Adopting The Rational Unified Process – Stefan Bergstrom, Lotta Raberg
1st edition, 2004, 245 pages, Addison-Wesley

Target Audience
IT professionals who are looking for instructions on how to implement the Rational Unified Process (RUP) in their project or organization.

Contents
This book is an instructional approach on how to implement RUP in an organization.

The book is divided into the following chapters: How To Adopt RUP In Your Organization; The First Meeting With RUP; What Is A RUP Project?; Assessing Your Organization; Motivating The RUP Adoption; Planning The RUP Adoption; Obtaining Support From The Organization; How To Adopt RUP In Your Project; Deciding Upon Your Process; Documenting Your Process; A Guide To Successful Mentoring; Experiences From Actual Implementations; Adding Another Project Management Method To RUP; Glossary; Recommended Reading; Index

Review
The Rational Unified Process, or RUP, is a software engineering methodology that attempts to map out and document all parts of a software development project. It’s extremely comprehensive, but it’s also adaptable to whatever level of effort is appropriate for your situation. This book, Adopting The Rational Unified Process, will not teach you RUP, but it will help guide you during the implementation process.

The authors have had extensive implementation experience with RUP, and they share their methodology of what works and what doesn’t when it comes time to consider a RUP implementation for your organization. While RUP can be overwhelming to look at and imagine within your company, Bergstrom and Raberg help you understand each step of what is needed during an implementation. Plenty of time is spent assessing your organization and processes so that you can get a good fit and determination of what RUP pieces make sense given your particular situation.

In my view, this book is probably best used by a project manager or team leader who is responsible for implementing a RUP project. If you are reading this material in conjunction with an actual real-life implementation, you’ll get the most out of the information.

Conclusion
If you’ve had instruction in RUP and now need to take the next steps for implementation, this would be a good choice to assist you in that process.

Posted by Tom Duff At 5:00 PM Location In The Basement... | Permalink | Comments (0)

05/22/2004

Book Review - Digital Photography Hacks by Derrick Story

Category Book Reviews

Are you a digital photographer who is always looking to try something different or learn a new technique for your shooting? If so, you'll like Digital Photography Hacks by Derrick Story (O'Reilly). Like all Hacks titles, the book is made up of 100 ideas or techniques that you can use to do something different or unusual. The hacks fall into the following chapter areas:

Digital Camera Attachments; Daytime Photo Secrets; Nighttime Photo Hacks; Magic With Flash; The Computer Connection; Photoshop Magic; Camera-Phone Tricks; Weekend Photo Projects

The thing I like most about the Hacks series is that if you don't like or can't use one tip, the next one may be exactly what you have been searching for. And this book is no different. To get the absolute most out of the material, you should have a digital SLR or a high-end digital camera that gives you a wide range of control over shutter speeds and aperture settings. You should also have a copy of Photoshop CS, as that tool will allow you to do everything in the PS hacks chapter. But even if you only have a good consumer level digital camera, you'll be able to try out some tricks you may never have thought about.

I particularly enjoyed the hacks on nighttime photography and panoramic techniques. I've always loved the vividness and colors of great night scenes, and there are some great ideas on how to capture those elements. There are also some cool tips for using longer shutter speeds to get light movement effects, such as head and tail lights of cars. As for panoramic photography, I've seen it but never knew how it was done. This book shows you how it works and how best to line up your shots for that type of shooting.

Very good book, great ideas, and you'll enjoy looking at your photography in new and unusual ways.

Posted by Tom Duff At 7:12 PM Location In The Basement... | Permalink | Comments (0)

05/22/2004

Book Review - Freelance Writers' Guide

Category Book Reviews

I finally finished up the last freelance writing book I had checked out from the library. This one is the Freelance Writers' Guide put out by the National Writers Union. And all I can really say is "eh"...

It's a series of chapters written by different authors on various issues related to the publishing industry. Because the NWU is a group advocating the rights of writers, the tone and direction is more militant and confrontational than most of the other books I've read. There is plenty of "we believe this is grossly unfair to..." type statements scattered throughout, and it seemed to get a bit old after awhile. But conversely, if you are a freelancer trying to make a living at this, I suppose you have far more at stake here than I do.

Information you should know, but probably not the first book on how do do freelance writing that you want to read. Little instruction on how, and more emphasis on running your business.

Posted by Tom Duff At 10:16 AM Location In The Basement... | Permalink | Comments (0)

05/21/2004

Microsoft cuts perks with eye on bottom line...

Category Microsoft

From the Seattle Times: Microsoft Cuts Some Perks With An Eye On The Bottom Line

These cuts are expected to save around $80 million a year. Now, I don't see this as the beginning of the end for Microsoft, but it does remind me of when they stopped stocking the Coke machine with free cans at our Enron Broadband office shortly after the closure was announced... :-)

I think it does say a couple of things, though... The company is becoming more formal and corporate, and less the free-wheeling techie haven that it's been for most of its life. And second, I wonder if the numbers are starting to show that with Longhorn too far out and software assurance contracts coming due (with very little to show for them), profits are in bigger danger than the sub-10% growth that's been mentioned already...

Posted by Tom Duff At 6:58 PM Location In The Basement... | Permalink | Comments (4)

05/21/2004

A, ahem... "unique" way to protect your valuables while on vacation...

Category Humor

http://www.shomertec.com/item.cfm?Action=Index&variable=1164

Posted by Tom Duff At 6:51 PM Location In The Basement... | Permalink | Comments (0)

05/19/2004

Book Review - Killer Calories by G. A. McKevett

Category Book Reviews

No, not a diet book... Another Savannah Reid mystery.... Killer Calories by G. A. McKevett. This is one of the earlier ones in the series (the 3rd), and it is definitely a fun read.

A disco movie star (who happens to run a "health spa") is found dead in a mud bath. All indications point to an accidental death involving too much heat and too much alcohol. But Savannah gets an anonymous note with a load of money asking her to investigate the death. The letter seems to point to either suicide or murder. Savannah, who loves her food and her size, checks into the spa to do some undercover work. But between the horrible food and the excessive exercise, she wants to wrap it up as soon as possible.

Everyone seems to have loved the dead star, but there are an abundance of suspects who would benefit from her death. The harder Savannah pushes, the more her own life seems to be in danger. Plenty of twists, and you don't find out the killer until the very end.

A shorter novel, a quick read, and excellent humorous writing and character development. I'm really going to hate finishing up this series...

Posted by Tom Duff At 8:05 PM Location In The Basement... | Permalink | Comments (0)

05/19/2004

Book Review - Network Security Assessment by Chris McNab

Category Book Reviews

Book Review – Network Security Assessment

Title
Network Security Assessment – Chris McNab
1st edition, 2004, 371 pages, O’Reilly Publishers

Target Audience
Network administrators or security administrators who want to assess the security of their systems.

Contents
This book is a series of assessments that you can do to your systems to determine the level of your system security

The book is divided into the following chapters: Network Security Assessment; The Tools Required; Internet Host And Network Enumeration; IP Network Scanning; Assessing Remote Information Systems; Assessing Web Services; Assessing Remote Maintenance Services; Assessing FTP And Database Services; Assessing Windows Networking Services; Assessing Email Services; Assessing IP VPN Services; Assessing Unix RPC Services; Application-Level Risks; Example Assessment Methodology; TCP, UDP Ports, And ICMP Message Types; Sources Of Vulnerability Information

Review
Every day brings word of new exploits and new security bugs in various operating systems. Some are new and unique, and many are rehashed exploits made possible by the failure to patch and secure your systems. In order to see your system as a cracker would, you need to understand the mindset and toolsets that are used against you. This book, Network Security Assessment, will help you do just that.

Each chapter starts with a brief explanation of the area being discussed, as well as some of the overall security concerns related to that service. The rest of the chapter is then devoted to various exploits and tools that can be launched against the different operating systems. Chris McNab uses extensive illustrations and output listings to show the reader how the tools work and what type of information can be exposed to an attacker. Since many of the tools are Unix-based or are expected to be used against Unix-type systems, the author does assume familiarity with administration of Unix variants.

There are a lot of things to like about this book. The assessment methodology is organized and well thought out. It’s not just a random scattering of exploits. The author also takes great pains to provide the sites where you can download the tools. In addition to that, the tools are also mirrored at the O’Reilly site so that you are protected against websites that may move around. The argument could be made that this provides a fledging cracker with all the information they need to break into your system. True, but the information already exists, and they will find it with or without this book. This book levels the playing field by making security information available to corporate administrators so that they have a chance against attackers.

Conclusion
A worthy addition to the bookshelf of network and security administrators. By following the exploits and processes outlined, you’ll be able to sleep well knowing that you’ve covered as many bases as you can.

Posted by Tom Duff At 7:57 PM Location In The Basement... | Permalink | Comments (0)

05/19/2004

The Oregon Primary was held yesterday...

Category Everything Else

It doesn's surprise me that Kerry won the Democractic side for President with 81% of the vote. It scares me that 2% of the voters (8365) cast a ballot for Lyndon LaRouche. <shudder />

Posted by Tom Duff At 5:56 PM Location In The Basement... | Permalink | Comments (3)

05/18/2004

So does your family read your blog?

Category Blogging

So I was wondering... For those of you who are bloggers, do you know if your family reads your writings?

My wife doesn't even know how to get here. Ian (my older son) reads it at least some of the time. He was laughing about the credit card cancellation incident and was shocked when I wrote that I couldn't support or vote for Bush. Of course, he thinks he's responsible for bringing me around, but that's another story... Cam (my other son) was joking about hacking into voting machines so as to cancel out my vote for Bush. He was a little surprised when I told him I wasn't voting that way this time. So he apparently doesn't read it. My niece follows along occasionally and keeps my sister updated as to what I'm up to. There could be others, but I don't know about them if they are lurking...

Posted by Tom Duff At 5:54 PM Location In The Basement... | Permalink | Comments (2)

05/18/2004

Team-TSG has article #3 in Lotus Advisor this month!

Category Software Development

A picture named M2

June's issue of Lotus Advisor has the third article in Team-TSG's Java For The Domino Developer series. This one is titled Parse A Web Page From A Domino Java Agent.

Posted by Tom Duff At 5:01 PM Location In The Basement... | Permalink | Comments (0)

05/18/2004

From Riding The Internet Boom, To Not In Demand...

Category Everything Else

Bob Congdon had a link to an article on his blog the other day... From Riding The Internet Boom, To Not In Demand

This article made me stop and think... I'm more sensitive to being laid off now since the Enron experience. As I was looking for work, I had more than one moment where I wondered if I would ever be able to get a job in IT again. Reading this, I was reminded that everyone has a story, and you never know how or why someone is doing what they do to earn a living. And how often do *I* conveniently "not see" people who are working in service jobs that are deemed unimportant by society?

Does it really cost me anything to say hello and offer a genuine smile? To notice that they exist and do a job that in some way makes things a little nicer for me?

Posted by Tom Duff At 4:49 PM Location In The Basement... | Permalink | Comments (2)

05/18/2004

Glass half empty, glass half full, and...

Category Humor

After following some forums of late, I've come to the conclusion that IT is made up of three types of people...

There are "the glass is half full" people...

There are "the glass is half empty" people...

And there are "the glass is full, but it's going to be empty some day, and when it's empty all hope will be lost, and even if they refill it when it's empty I'm sure the new contents will be different from what used to be in there, and I'm sure I won't like it, so rather than be happy right now I'm going to start whining because we all know that we're doomed anyway" people...

Posted by Tom Duff At 4:40 PM Location In The Basement... | Permalink | Comments (3)

05/16/2004

Information on the Undocumented @LocationGetInfo Function

Category Software Development

I didn't know about this feature... From the KnowledgeBase...

Information on the Undocumented @LocationGetInfo Function

Document Number: 1094302

Problem
The @LocationGetInfo function is used in templates supplied with Lotus Notes (it specifically is used within the Mail templates and may be used in others as well). The Designer Client Help file does not contain any information on this function. Is any there any information on the @Function?

Content
The following is known about the @LocationGetInfo function:

It is used to return information from the current Location document. Some of the known parameters for the function are:

[HomeServer] - which returns the entry in the MailServer field
[SametimeServer] - which returns the entry in the SameTimeServer field
[MailProtocol] - which returns a numerical representation of the entry for the MailServerProtocol field

Note: This @function is undocumented, and therefore, is not supported for use by customers. Areas of Lotus templates which make use of undocumented functions should never be modified by a customer. Notes Support does not recommend that customers make use of undocumented @functions within their own applications. Undocumented @functions are not documented for a reason. Development may decide to change the way the @function works in future releases.

Posted by Tom Duff At 7:55 PM Location In The Basement... | Permalink | Comments (0)

05/16/2004

Controlling Spellcheck with a field entry...

Category Software Development

Jerry Glover of Optimus Solutions, LLC ran across this item on Spellcheck and shared it in the Business Partner Forum. He gave me permission to share it here, too. Thanks, Jerry...

Spellcheck is controlled by an item on the message - $AutoSpell. Even if you don't have Auto-spellcheck turned on in your profile, if $AutoSpell="1" on a given message it will launch the spell checker. So, you could modify the Memo form to include this field calculated or defaulted to "1" for its value. "0" of course would turn it off.

I stumbled on this after creating a stationary while I had it turned on temporarily and then turning it back off and having messages created from the stationary still launch the checker.

Posted by Tom Duff At 7:51 PM Location In The Basement... | Permalink | Comments (5)

05/16/2004

Book Review - Designing With Web Standards by Jeffrey Zeldman

Category Book Reviews

Book Review – Designing With Web Standards

Title
Designing With Web Standards – Jeffrey Zeldman
1st edition, 2003, 436 pages, New Riders

Target Audience
Web designers who want to move towards coding pages according to standards and forward compatibility.

Contents
This book examines the use of CSS and XHTML for web page coding in order to adhere to standards and make pages that are readable on all platforms.

The book is divided into the following chapters:

Part 1 – Houston, We Have a Problem – 99.9% of Websites Are Obsolete; Designing and Building with Standards; The Trouble with Standards; XLM Conquers the World (And Other Web Standards Success Stories)

Part 2 – Designing and Building – Modern Markup; XHTML: Restructuring the Web; Tighter, Firmer Pages Guaranteed: Structure and Meta-Structure in Strict and Hybrid Markup; XHTML by Example: A Hybrid Layout (Part 1); CSS Basics; CSS in Action: A Hybrid Layout (Part 2); Working with Browsers Part 1: DOCTYPE Switching and Standards Mode; Working with Browsers Part 2: Box Models, Bugs, and Workarounds; Working with Browsers Part 3: Typography; Accessibility Basics; Working with DOM-Based Scripts; A CSS Redesign

Part 3 – Back End – Modern Browsers: The Good, the Bad, and the Ugly; Index

Review
Even though I’m a developer, I hate books on web design. Simply put, they all seem to be written by “experts” who push their opinions and studies as hard-core truth, and woe to all who don’t design based on their recommendations. I really dislike dogmatic ranting in tech books, and I must admit I was not looking forward to this book with much enthusiasm. I knew I needed to read it, but it was going to be one of those things that was “good for me”, but not enjoyable. Imagine my surprise when I found myself actually liking the book! There’s some really good material in here…

Zeldman approaches the subject of standards-based web design from a pragmatic viewpoint. By using XHTML and CSS correctly, you can design pages that render beautifully in modern browsers, but degrade gracefully when you view them in older browsers or other devices like PDAs. The goal isn’t to write pages that render exactly the same in all platforms, but to use XHTML to structure your page content, and allow CSS to control the presentation aspects of the page. By maintaining that structure/content division, other browser devices can adequately display the core content of your site without losing all page visibility. And by using CSS to control the presentation of the site, you can dramatically cut the size of your pages down, thereby reducing your overall bandwidth usage.

What I appreciated most about the book was Zeldman’s humor and practicality. For instance, using nested tables to control a unique page design is bad. You can do the same thing with CSS. But rather than absolutely declare tables as being bad, he suggests a hybrid approach that may use a basic table for simple layout that would be difficult to do in pure CSS. Rather than being dogmatic about it, he focuses on what’s practical to get the job done. And the writing style is very humorous and enjoyable. He definitely writes “to the reader”, and there are plenty of asides and jokes that make the book approachable and “real”, the perfect antithesis to other web design standards books written by “experts”.

Conclusion
Quite possibly the best web design book I’ve read, and one that will completely change the way I write web pages.

Posted by Tom Duff At 7:38 PM Location In The Basement... | Permalink | Comments (0)

05/16/2004

Persistent customer service...

Category Everything Else

Today I decided to close out one of my credit cards I was no longer using. All part of Ed's admonition not too long ago to not let dormant cards lie around. So I called FirstCard and told them to close it out. "Why?" Because I'm no longer using it. "Why?" Because I don't need a card I'm not using and that could possibly be a victim of identity theft. "Would you like to buy a special package that..." No. I want to cancel the card. "You wouldn't like to just keep it open?" NO! "OK... Let me transfer you to special services..."

Dum-de-dum-de-dum...

"May I help you?" Yes, I'd like to cancel my card. "Why?" Because I'm no longer using it. "Why?" Because I have another card I use instead. "What features does it have that makes it more appealing?" It's a Disney card, and I just want to cancel this one. "We could convert your existing account over to a Disney card." No, I just want to cancel the card. "Would you like to hear any of our programs to enhance your account?"

NO!!! JUST CANCEL THE FREAKING CARD!!!!!

"Thank you. It's cancelled. Bye."

If Cam hadn't been laughing so hard listening to my end of the conversation, waiting to cut up the card, I might have gotten upset. :-)

Posted by Tom Duff At 12:06 PM Location In The Basement... | Permalink | Comments (0)

05/15/2004

Beautiful...

Category Book Reviews

With apologies to Volker... My current stack of books to review...

A picture named M2

Posted by Tom Duff At 12:33 PM Location In The Basement... | Permalink | Comments (6)

05/15/2004

What do we in IT fear?

Category Software Development

From Paul Glen in Computerworld: What We Have To Fear

Similar to the famous quote: "The only thing we have to fear, is fear itself." It's not offshoring that paralyzes the IT staff, it's the fear of offshoring. It's that dark lurking cloud of uncertainty that taints an environment and saps our productivity. Rather than submit to the fear and give in, there are steps to take to combat the fear and uncertainty, and to prepare yourself to survive if it does happen to you. Very good article...

Posted by Tom Duff At 10:32 AM Location In The Basement... | Permalink | Comments (1)

05/15/2004

Bad code can be produced anywhere...

Category Software Development

Interesting article from Peter Coffee in eWeek: Offshore Coding Myth

Cheaper doesn't always translate to better, and US programmers are not lazy coders who just don't care.

Posted by Tom Duff At 10:29 AM Location In The Basement... | Permalink | Comments (1)

05/14/2004

Book Review - Peaches And Screams by G. A. McKevett

Category Book Reviews

I'm getting close to being current with this series... :-)

In Peaches And Screams, Savannah Reid heads back to Georgia to be a bridesmaid in another sister's wedding. But when she arrives, she finds that her youngest brother is being held for the murder of a town judge. She, like a good sister, doesn't believe he did it, but the signs are not encouraging. She starts her own investigation to see if she can clear her brother. Tammi and Dirk arrive from California to help her, and with their assistance she starts to piece together the puzzle of who dun it.

There is probably less action in this installment than in any other I've read so far. Much of the story that doesn't revolve around her investigation explores how her Grandmother is dealing with the lazy leeches that make up most of her siblings. By the end of the book, Savannah has gotten her to set some new ground rules to avoid being taken advantage of. She also has to deal with an old flame from her past, who just happens to be the head cop in the town.

While a good story, I was probably less enthralled with this one than any of the others. There just didn't seem to be that sense of urgency about it.

Posted by Tom Duff At 6:11 PM Location In The Basement... | Permalink | Comments (0)

05/14/2004

Book Review - Sour Grapes by G. A. McKevett

Category Book Reviews

This time, Savannah Reid is in the middle of a beauty pageant in Sour Grapes. Savannah's been asked by a friend to provide security for a teen beauty pageant at a posh winery. She takes the job, thinking this will be some of the easiest money she's made in awhile. But one of her sisters shows up nearly unannounced to compete, and one of the contestants turns up missing (and is later found dead). Savannah now has to figure out if the death was a murder or a suicide, while trying to also keep her sister safe if there's foul play going on...

Pretty good plot line with the usual number of twists and turns along the way. Of all the Savannah Reid novels I've read to date, this one probably has more character development of a sibling than any other. The story also touches on accepting oneself without trying to fit into society's mold, when Savannah finds out her sister is taking laxatives to maintain a already low weight.

Still enjoying the series...

Posted by Tom Duff At 6:01 PM Location In The Basement... | Permalink | Comments (0)

05/12/2004

Another numeric milestone!

Category Book Reviews

A picture named M2

I've cracked the 2000 barrier in my Amazon.com reviewer ranking! I'm shooting to break into the top 1000. What I won't do to feed my book addiction!

If you ever want to go over and rank my reviews on Amazon, you can see my list here...

Posted by Tom Duff At 4:30 PM Location In The Basement... | Permalink | Comments (1)

05/12/2004

Blog hit counter milestone...

Category Blogging

A picture named M2

OK... I know people like Volker get that many hits in a matter of days, and it's taken me since April of 2003 to get here.

It takes a long time to hit refresh on my browser that many times... :-)

Posted by Tom Duff At 4:11 PM Location In The Basement... | Permalink | Comments (3)

05/11/2004

How to Determine the Installed Client Type Programmatically

Category Software Development

One more potentially useful little script... From the KnowledgeBase...

How to Determine the Installed Client Type Programmatically

Document Number: 1094622

Problem
Using LotusScript, how can you determine the type of install a user has performed (for example, Notes Client or Designer)?

Content
There are several programming methods to collect this information. One method is illustrated below.

1. Create a database that contains at least two fields, one for the user's name and one for the user's installation type. (In the sample script below, the fields are called UserName and LicenseType, in a form called Main.)

2. Create a script that runs when the user performs a particular action, such as opening the mail file. Place the script in the PostOpen Event of the Database Scripts.

3. The NOTES.INI in R5 has a new entry that indicates the Installation Type. For example:

InstallType= #*
*0 = Designer License
1 = Administration License
2 = Both Designer and Administration License
3 = Domino Mail Server
4 = Partitioned Servers
5 = Domino Server
6 = Notes Client

4. With this NOTES.INI entry in place, the following script can be used. (Note that this script is provided as an example and can be enhanced further to met your needs.)

Dim Session As New NotesSession
Dim DoneCheck As String
Dim TargetDB As NotesDatabase
Dim doc As NotesDocument
' Make sure the sever is specified in the following line.
Set TargetDB = Session.GetDatabase("","license.nsf")
If Session.GetEnvironmentString("DoneCheck") = "Yes" Then
Exit Sub
Else
Set doc = TargetDb.CreateDocument
doc.form = "Main"
doc.username = Session.CommonUserName
doc.LicenseType = Session.GetEnvironmentString("InstallType", True)
Call Session.SetEnvironmentvar("DoneCheck","Yes")
Call doc.Save(True,True)
End If

Posted by Tom Duff At 7:57 PM Location In The Basement... | Permalink | Comments (5)

05/11/2004

What Is the LastHistoryPruneTime Notes.ini Entry for?

Category Software Development

Just a little something for the Google search engines... From the KnowledgeBase...

What Is the LastHistoryPruneTime Notes.ini Entry for?

Document Number: 1106719

Problem
What is the function of the Notes.ini parameter, LastHistoryPruneTime?

Content
The LastHistoryPruneTime= parameter in the Notes.ini is new to Notes/Domino 6.x; it represents the last time the history records in your bookmark bar were pruned (cut) by an internal process called Housekeeping Daemon.

The Housekeeping daemon checks for the LastHistoryPruneTime parameter in the Notes.ini, and compares the difference between current time and the last prune time. If the last prune time is more than 24 hours ago, the Housekeeping daemon runs and deletes all history records older than the cutoff date. Also, if the time specified in LastHistoryPruneTime is somewhat into the future (in other words, if the difference between the current time and the parameter is negative), Notes also runs the Housekeeping daemon to delete history records older than the cutoff date.

The history records are the ones you can see in the bookmark bar on the left side of the Notes 6.x Client user interface. The cutoff date is set to 7 days by default, so the Housekeeping daemon deletes records older than the last 7 days when executed.

Users may see more than 7 days of history information in the bookmark.nsf.

For example, say there are two users, A and B. User A's Housekeeping task last ran today at 8 am. User B's Housekeeping task last ran yesterday at 5 pm. At 9 am today, both User A and User B look at their bookmark history. User A will see 7 days of history. User B will see 8 days of history because User B's Housekeeping task has not run to remove the 8th day of history. Once the Housekeeping task runs, any history that is older than 7 days will be removed, but the Housekeeping task must run in order to remove this data. Checking the LastHistoryPruneTime will show the last time that bookmark history was cleared.

Posted by Tom Duff At 7:52 PM Location In The Basement... | Permalink | Comments (0)

05/11/2004

How Do You Restart Notes/Domino 6.x After It Hangs?

Category Software Development

Like most people, I have one or two of the Notes utilities that allow you to kill off processes when Notes crashes. I didn't know about this tip... From the KnowledgeBase...

How Do You Restart Notes/Domino 6.x After It Hangs?

Document Number: 1108182

Problem
Your Notes/Domino 6.x client or server has stopped responding and you need to end any processes that are still running. Normally in this case, you would need to reboot. Is there an easy way to terminate any Notes processes that are still running without having to reboot?

Content
In Notes/Domino 6.x you have the ability to run nsd -kill on both the server and the client. This will kill any Notes processes that are still running, prohibiting you from starting the Notes client. The command should be issued from the Notes program directory from a DOS window. For example:

1. Open a DOS window. Using Windows, this would be: Start, Run, Command.com
2. Change directories to the Notes program directory; for example, cd \Lotus\Notes
3. Enter the command: nsd -kill

Note: Although nsd can be executed from the program directory, it is really designed to be run from the data directory.

Posted by Tom Duff At 7:47 PM Location In The Basement... | Permalink | Comments (7)

05/11/2004

These phishers so need help...

Category Everything Else

I've said it before, and I'll say it again... If you're going to run a scam, at least use a spellchecker first! While I wouldn't want anyone to be defrauded by something like this, I also feel that anyone falling for this particular email has no one to blame but themselves...

------

X-Apparently-To:	twduff@yahoo.com via 206.190.39.129; Tue, 11 May 2004 12:17:15 -0700
Return-Path:	<itay@ezagenda.com>
Received:	from 80.37.211.214 (HELO 214.Red-80-37-211.pooles.rima-tde.net) (80.37.211.214) by mta359.mail.scd.yahoo.com with SMTP; Tue, 11 May 2004 12:16:52 -0700
Received:	from ezagenda.com (ezagenda-com.mr.outblaze.com [205.158.62.181]) by 214.Red-80-37-211.pooles.rima-tde.net (Postfix) with ESMTP id 8A3B6E0A08 for <twduff@yahoo.com>; Wed, 12 May 2004 03:07:24 -0400
Message-ID:	<101101c437ef$318953bf$cc1fbb17@ezagenda.com>
From:	"CitibankOnline" <itay@ezagenda.com>
To:	"Twduff" <twduff@yahoo.com>
Subject:	Citibank e-mail Verification - twduff@yahoo.com
Date:	Wed, 12 May 2004 03:07:24 -0400
MIME-Version:	1.0
Content-Type:	text/html
Content-Transfer-Encoding:	quoted-printable
X-Priority:	3
X-MSMail-Priority:	Normal
X-Mailer:	Microsoft Outlook Express 6.00.2800.1158
X-MimeOLE:	Produced By Microsoft MimeOLE V6.00.2479.0006
X-Virus-Scanned:	Norton
Content-Length:	825

Dear_ Citbiank _User_,

This_ LETTER was sentt by_the_ citi_bank _server_ to veerify _your E_Mail adderss_.
You must complete this process by clicking on the_ link bellow and enttering
in the little _window your Citibank Debbit full Card number and Pin that
_you use in_the Atm Machine. That_is donne for your protection -2- becouse some of_our
_members_ _no_longer_ have access to their EMAIL _address_es and we must verify it.

<link clipped out>

To verify your_ E_MAIL adress and acces your citi_bank
account, clic on the_ link bellow.

5OtVfPGWKJegNE1c MYEkLryX RfM95DoWkT4AYTe

Posted by Tom Duff At 4:41 PM Location In The Basement... | Permalink | Comments (0)

05/09/2004

Book Review - The Rational Unified Process - An Introduction

Category Book Reviews

Book Review – The Rational Unified Process – An Introduction

Title
The Rational Unified Process – An Introduction – Philippe Kruchten
3rd edition, 2004, 310 pages, Addison-Wesley

Target Audience
IT professionals who need to learn about the Rational Unified Process (RUP)

Contents
This book is a relatively high-level overview of the entire RUP process.

The book is divided into the following chapters: Software Development Best Practices; The Rational Unified Process; Static Structure: Process Description; Dynamic Structure: Iterative Development; An Architecture-Centric Process; A Use-Case-Driven Process; The Project Management Discipline; The Business Modeling Discipline; The Requirements Discipline; The Analysis and Design Discipline; The Implementation Discipline; The Test Discipline; The Configuration and Change Management Discipline; The Environment Discipline; The Deployment Discipline; Typical Iteration Plans; Implementing the Rational Unified Process; Summary of Roles; Summary of Artifacts; Acronyms; Glossary; Bibliography; Index

Review
The Rational Unified Process, or RUP, is a software engineering methodology that attempts to map out and document all parts of a software development project. It’s extremely comprehensive, but it’s also adaptable to whatever level of effort is appropriate for your situation. This book, The Rational Unified Process – An Introduction, is a good start to begin your understanding of RUP.

First off, let me say this is not an easy read. It’s a good book with all the information you need to know to start using RUP, but the information is dense and highly detail oriented. Like most developers, I’m more oriented towards coding and testing. But realistically, you need to know what the system should do before you get to the coding piece. RUP helps to put all that into a formal framework so that the necessary things will get done in the proper order.

While the entire RUP framework might feel overwhelming, the author makes sure to let you know that you can adapt the RUP to meet your situation. If you are adding a function to an existing system, you will be more focused on use cases, development, and deployment processes. The author does a good job in segmenting the information so that you can more easily focus on your needs.

You should also not consider this the end-all volume on RUP that you will ever need. Kruchten doesn’t try to detail specific techniques like use cases or UML. You will learn where they fit in to RUP, but you will need additional information on how to implement use cases or UML diagrams. Consider this the volume that allows you to place everything in a mental framework so that you can figure out what you will need to know going forward.

Conclusion
If you are considering or in the process of implementing RUP, this is a book you should be studying. It’s not an easy read, but it will give you the overview you need to understand the process and concepts.

Posted by Tom Duff At 6:32 PM Location In The Basement... | Permalink | Comments (0)

05/09/2004

43 years old today...

Category Everything Else

Sometimes I wonder if I'm getting too old for all this stuff... :-)

A picture named M2

But seriously, it's been a pretty good year. I took steps to deal with my dysthymia, and I feel more alive than I have in a long time. Life around the family is much better without me being a grouch all the time. My freelance writing continued to grow, both in magazines and with my book reviews and blogging. And there was the speaking engagements at Lotusphere and with e-Pro. That's stuff that would have terrified me a year ago, and now I look forward to it all. I'm at a different job than I was a year ago, and it's working out well.

All things considered, I can't complain.

So let's see how year 44 shapes up.

Posted by Tom Duff At 12:00 AM Location In The Basement... | Permalink | Comments (7)

05/08/2004

Book Review - Scene Of The Cybercrime by Debra Littlejohn Shinder

Category Book Reviews

I'm currently in the middle of the book Scene Of The Cybercrime by Debra Littlejohn Shinder, but I decided to do a review right now. This is a really good book on a number of levels...

Most books on computer and network security are written for the techie trying to secure their assets from outside attack. Obviously, there's a huge need for that information. But it seems that there is virtually nothing written from the law enforcement perspective on computer security. That's a major problem in two ways... For one, there are too few law enforcement personnel that understand exactly what cybercrime is and how it can be detected, fought, and prosecuted. That's probably the audience that would benefit most from this book. Second, most technical personnel don't know what to do in order to successfully build a case and prosecute an attacker once an intrusion has occurred. That's the other audience that will gain the most from reading Shinder's work.

The book includes the following chapters: Facing the Cybercrime Problem Head On; Reviewing the History of Cybercrime; Understanding the People on the Scene; Understanding Computer Basics; Understanding Network Basics; Understanding Network Intrusions and Attacks; Understanding Cybercrime Prevention; Implementing System Security; Implementing Cybercrime Detection Techniques; Collecting and Preserving Digital Evidence; Building the Cybercrime Case

The hardcore network security administrator will probably already know most of the information in the "Understanding..." chapters. But unless they are adept or experienced in forensic analysis, the last three chapters will be crucial information for them. Without the knowledge of how to preserve evidence, there's a good chance that you'll never have the satisfaction of seeing your attacker prosecuted. Higher level managers of a corporate security department will find all of this information useful, as they may not be as hands-on as the administrators and may not understand what threats and risks are present in today's environment.

From the law enforcement perspective, it's all good. Fighting cybercrime is so different than regular law enforcement. This is the perfect volume to give the budding cybercop all the information they need to get up to speed with how crime is conducted electronically. I would recommend that this book be required reading for law enforcement and prosecution personnel.

The book is well written with plenty of real-life examples of criminal activities and legal scenarios. It's one of the most engrossing technical reads I've had in awhile. A definite recommended read...

Posted by Tom Duff At 7:31 PM Location In The Basement... | Permalink | Comments (0)

05/08/2004

Book Review - Data Structures Demystified

Category Book Reviews

Book Review – Data Structures Demystified

Title
Data Structures Demystified – Jim Keogh and Ken Davidson
1st edition, 2004, 277 pages, McGraw-Hill Osborne

Target Audience
Developers who want or need a practical course on data structures in computer programming.

Contents
This is a practical guide on data structures and how they are used in a programming environment.

The book is divided into the following chapters: Memory, Abstract Data Types, and Addresses; The Point About Variables and Pointers; What Is an Array?; Stacks Using an Array; Queues Using an Array; What Is a Linked List?; Stacks Using Linked Lists; Queues Using Linked Lists; Stacks and Queues: Insert, Delete, Peek, Find; What Is a Tree?; What Is a Hashtable?; Final Exam; Answers to Quizzes and Final Exam; Index

Review
If you went the traditional college route to make it into programming, you no doubt had a course or two on data structures. But if you’re like me and more into the self-taught method, data structures are one of those things you hear about but never probably take the time to understand. You may use them, but you don’t really understand the theory behind what they are and when they should be used. For you (and me), Data Structures Demystified helps get you up to speed in a practical, straightforward manner.

Each chapter follows a standard format. The subject (such as linked lists) is likened to some real world situation. The structure is then explained and illustrated in generic terms using C++ or Java code. The methods necessary to manipulate the data structure are explained, followed by an implementation in both C++ and Java code. Finally, there’s a short quiz at the end to test your understanding of the concepts just discussed.

As a Java programmer, I found this book helpful in conceptually fleshing out some of the array constructs that you can use in the language. While many reference books might tell you that you have a HashMap class along with certain properties and methods, not too many books actually go into any depth about what a hashmap is and how it should be used. Having an understanding of these “whys” can make all the difference when you’re trying to decide how best to structure your program.

And if you’re tending to shy away from this title thinking it would be too simplistic, don’t. This is not an entertainment book that treats you like a newbie. You’ll have to think about what you’re reading, and it will take some effort to understand the details. But it’s all presented clearly, so at least you have a chance if you’re not Einstein to begin with.

Conclusion
This book is very good for C++ and Java programmers who have not taken formal courses in data structures, and need a better understanding of the subject.

Posted by Tom Duff At 4:35 PM Location In The Basement... | Permalink | Comments (0)

05/08/2004

Book Review - The JFC Swing Tutorial (2nd Edition)

Category Book Reviews

Book Review – The JFC Swing Tutorial

Title
The JFC Swing Tutorial – A Guide to Constructing GUIs – Kathy Walrath, Mary Campione, Alison Huml, Sharon Zakhour
2nd edition, 2004, 770 pages, Addison-Wesley

Target Audience
Java developers who want to learn to develop graphical applications using the Swing classes

Contents
This book is part of the Sun tutorial series, and concentrates on the Swing classes of the language.

The book is divided into the following chapters: Before You Start; Learning Swing By Example; Using Swing Components; Laying Out Components within a Container; Writing Event Listeners; Performing Custom Painting; Component Reference; Layout Manager Reference; Other Swing Features Reference; Event Listeners References; Troubleshooting Reference; Index

Review
Most of the coding I do in Java involves background agents that don’t involve any sort of a user interface. But that’s not to say that I haven’t wanted to put a front end on some of my routines and allow for some user interaction. In order to do that, I need to learn more about how to use the Java GUI classes. This book, The JFC Swing Tutorial, is definitely what I need.

The book is a nice blend of tutorial and reference guide. The first six chapters are definitely tutorial in nature, with a number of examples and things you are asked to try and work through. At the end of each of those chapters, you’ll find a series of questions and exercises that will allow you to assess your understanding of the material. Starting in chapter seven, the book moves more towards a reference manual, but not in the typical “here’s the documentation” format. Each reference section has a series of “How To…” topics that give you more detailed information and examples about that feature. For instance, the formatted text field section has a demo of that feature, instructions on how to work with features in the JFormattedTextField class, and an API chart of the related classes and specific methods in JFormattedTextField. The blend of information and examples helps you to bridge the gap between theoretical and practical use.

The only “complaint” that one might have about this book is that much of the information can be found online at the Sun Java site. To that I say, “so what?” When I’m looking up a quick answer to something and I don’t have my library available to me, online references are great. But when I’m learning a new skill, give me a book that I can carry around, mark up, and have open in front of me at the keyboard. It’s how I work best.

Conclusion
This is a very complete and well-written volume on how to use the Swing GUI classes. If you need to learn how to move your Java programming in a graphical direction, you’ll like this book.

Posted by Tom Duff At 3:04 PM Location In The Basement... | Permalink | Comments (0)

05/08/2004

The Disney/Michael Moore story: The Other Side

Category Everything Else

Most of my more liberal friends are all twitterpated over Disney's "censoring" of Mirimax and the Michael Moore film "Fahrenheit 911". But according to this article, Moore isn't exactly lilly white in this controversy...

Michael Moore Lied About Disney Ban

Apparently the decision about the film was made over a year ago, and Moore knew about it all along. And Mirimax's role in the film was financing, not distribution. Most of the New York Time's information (the "source") was from Moore's agent. Sounds like someone's trying to generate some heat prior to the Cannes Film Festival.

I'm not saying that Disney was right or wrong in deciding not to back the film, nor whether the decision to do so was politically motivated. Let's just not hold up Michael Moore as the "defender of truth" that so many want to make him out to be.

Posted by Tom Duff At 2:29 PM Location In The Basement... | Permalink | Comments (3)

05/07/2004

Book Review - Digital Photography Expert Techniques by Ken Milburn

Category Book Reviews

O'Reilly has a book out called Digital Photography Expert Techniques by Ken Milburn. If you're ready to take your digital photography to the next level (close to professional grade), this is a book you'll want to see.

First off, the chapter contents: The Digital Photographer; Be Prepared; Bringing Out The Best Picture; Panoramas; Photoshop Selections, Masks, and Paths; Basic Digital Photo Corrections; Converting Photos to Paintings; Special Photographic Effects; Retouching and Rescuing Photos; Creating Fictitious Photos; Color Printing; Use Pictures to Sell Yourself; Sell It on the Web

This book targets the professional, or serious, digital photographer who is using an SLR digital camera with at least six megapixels and plenty of memory. It also assumes the use of Photoshop as the base editing tool for manipulating the images. But rather than stick with Photoshop as the only tool, the author will also educate you on other tools or plug-ins that will give spectacular results beyond what you could get by sticking with the base software. Another target for this book is the film photographer who wants to move to the digital realm, but doesn't quite know how best to set up the workflow of processing images. Because a digital photograph can take many forms after image enhancement, there are a number of good ideas here to help you know what to save and what to delete.

Each chapter is made up of a series of "tips" on how to do something interesting with your images or with your camera. For instance, in the retouching chapter, you'll find tips with the following titles: Restore Youth; Remove Stains; Eliminate Junk from the Landscape; Cosmetic Emphasis; Focus the Light on Points of Interest; Punch Out the Paunch; Proboscis Pruning and Changing Expressions; and Clone Detail from Another Photo. Each tip or technique is well documented as to the steps necessary in the software to accomplish the effect. He also usually shows before and after full-color comparisons so that you can visually grasp how the effect works and how you can use it in your own work.

Now, if you're like me, puttering around in the consumer world of digital cameras, you can still get some great ideas from this book. The tips on composition, image correction, and other basic skills are valid regardless of what level you're at. Your final result may not be quite as good as his due to not having an original image of the same resolution, but you can still end up with some stunning shots that will wow your friends.

Bottom line... quality information, well written, beautiful book that should be considered by any serious digital photographer.

Posted by Tom Duff At 7:49 PM Location In The Basement... | Permalink | Comments (4)

05/07/2004

Oh, just wonderful...

Category Everything Else

On cnn.com, Rumsfeld's talking about more unreleased photos that are worse than what we've seen: "If these are released to the public, obviously it's going to make matters worse."

http://www.cnn.com/2004/WORLD/meast/05/07/iraq.abuse.main/index.html

I can only imagine how much "worse" it's going to get. It wouldn't surprise me to see the UN put the US on a list of countries that don't respect human rights.

Another excerpt from the story:

"The American public needs to understand we're talking about rape and murder here. We're not just talking about giving people a humiliating experience," Republican Sen. Lindsey Graham of South Carolina told reporters after Rumsfeld testified before the Senate Armed Services Committee.

"We're talking about rape and murder -- and some very serious charges."

Um... I'd hate to see what's more "serious" than rape and murder.

Posted by Tom Duff At 7:04 PM Location In The Basement... | Permalink | Comments (0)

05/07/2004

The latest offshoring opportunity... "medical tourism"

Category Everything Else

The following item was part of our company newsletter this week...

Apollo Hospital Enterprises has set up private hospitals in India to attract "medical tourists," according to the Wall Street Journal. The chain has 37 hospitals with more than 6,400 beds and it capitalizes on the high cost of health care in the United States as well as consumer demands in other countries for medical services that are fast and inexpensive. Apollo has treated more than 60,000 foreign patients in the past three years. One example of the contrast in price for services is cardiac surgery for about $4,000 compared to about $30,000 in the United States.

I found a link to a non-subscription article referencing this setup: http://www.indolink.com/displayArticleS.php?id=050104034529

That should be something that strikes fear into the entire medical establishment. Indian doctors, most likely educated as well as US doctors, treating US patients in Indian facilities at a fraction of the cost of a US establishment. Far fewer litigation/malpractice issues, less overhead, lower salaries, equivalent care. There are so many places this could end up going.

US healthcare starts to become an emergency-only and office visit care service. Insurance companies offer to fund the travel costs of a patient to a foreign hospital, knowing it will still cost them less than half of what a US procedure would be. Major downward price pressure on hospitals as beds are empty and high-dollar procedures are being done offshore. Doctors and the AMA lobbying Congress for federal protection against "unsafe foreign medical practices".

Yes, I've blown up some of those issues... somewhat... Just goes to show that in a global economy with open boarders, nothing is sacred and no one is safe.

Posted by Tom Duff At 5:41 PM Location In The Basement... | Permalink | Comments (5)

05/06/2004

Book Review - Stealing The Network - How To Own The Box

Category Book Reviews

Book Review – Stealing The Network

Title
Stealing The Network – How To Own The Box – Ryan Russell, Tim Mullen, FX, Dan “Effugas” Kaminsky, Joe Grand, Ken Pfeil, IdoDubrawsky, Mark Burnett, Paul Craig
1st edition, 2003, 303 pages, Syngress

Target Audience
Anyone with an interest in network security and wants to look into the mind of a network cracker/hacker.

Contents
This book is mostly a series of fictional stories written in first-person narrative on what happens during a network attack or an investigation into an attack.

The book is divided into the following chapters: Hide And Seek; The Worm Turns; Just Another Day At The Office; h3X’s Adventures In Networkland; The Thief No One Saw; Flying The Friendly Skies; dis-card; Social (in)Security; BabelNet; The Art Of Tracking; The Laws Of Security

Review
All too often the topic of network security becomes an academic exercise, until it’s too late. Companies might know what they should do, and they might even think they are beyond attack. But to a motivated person, your system may be nothing more than swiss cheese. Stealing The Network takes you beyond the technical and into the psychology of an attack.

Stealing The Network is a series of fictional stories about network attacks of various sorts. Hide And Seek is an attack on a company’s network by a person upset with poor customer service. He steals a credit card file and posts it for others to use. The Worm Turns is an all-night hacking session to dissect the latest internet virus and post a patch before any of the other anti-virus firms do so. Just Another Day At The Office is a story of hacking for organized crime against a firm developing a new type of land mine, and involves both network and physical building intrusion. While it might be easy to dismiss these as the result of a vivid imagination, the reality is that all of these attacks are done on a daily basis. They may even have happened to you at your company, and you just don’t know it yet.

The final chapter, The Laws Of Security, is a discussion of computer security and how you need to be thinking in order to secure your network. So it’s not just a series of stories with no opportunities to learn what needs to be done. Also, each story is detailed with specific software and techniques used to accomplish the hack or the trackdown of the intruder. So as you’re reading the story, you’re actually picking up the necessary information you need in order to understand the network weakness and how to defend against it.

In my opinion, it’s this blending of fictional reality that makes this book so valuable. I’d definitely recommend this to any security professional who is looking to understand the person behind the attacks.

Conclusion
An excellent read… Takes the subject of network security out of the academic and theoretical and places a face and attitude behind it all, while also teaching you the nuts and bolts of how attacks occur.

Posted by Tom Duff At 7:28 PM Location In The Basement... | Permalink | Comments (2)

05/06/2004

Book Review - Sugar And Spite by G. A. McKevett

Category Book Reviews

Another Savannah Reid mystery... Sugar And Spite. And I'm still liking this series a lot...

Savannah's ex-partner on the force, Dirk, is called by his ex-wife Polly (who Savannah can't stand) in what looks like a kiss and make up attempt. But Savannah gets a call from Dirk that turns their world upside down. Polly is dead, shot in Dirk's trailer, with Dirk's sidearm, her blood is all over Dirk, and neighbors heard them fighting before the gunshots. He says he came out of the shower to find someone there who had just shot Polly, but was unable to grab him before the intruder escaped. The chief of police seems to have it out for Dirk, and pushes hard to bring him up on murder charges. Savannah and the members and friends of her detective agency have to figure out who really did it and save Dirk from a lifetime of jail or worse.

The subplot here involves why the chief might want to have Dirk out of the picture, and what he may know about the crime. There is also a Savannah family subline (as there are in all the stories) that didn't work quite as well as the ones in the other stories. Her father who deserted the family when she was young has shown back up and wants to talk with her.

Fun read, good pacing, and some excellent themes of friendship, love, and loyalty. Probably one of the more emotionally satisfying stories I've read to date in this series.

Posted by Tom Duff At 6:53 PM Location In The Basement... | Permalink | Comments (0)

05/06/2004

Hello... My name is Tom, and I'm a book addict...

Category Everything Else

... and I can quit any time I want... just not today... :-)

I really did have a goal to not seek out any more books for review until I whittle down my backlog. Really. Then today happened...

I am part of the StudioB mail list. That group is made up of tech book authors, tech publishers, and various people who are interested in that field. Lately the talk turned to publicity and reviews, and I got involved. The people on the list are aware of my reviewing, and a few of them have been mentioned by StudioB. When the talk turned to specific publishers and review copies, I mentioned my favorites and my "won't return emails" companies. Wiley was in the latter group, which is too bad. I wanted to take a shot at Rocky's book... :-)

Anyway... The executive editor of Wiley contacted me today via email and told me he'd be more than happy to get me whatever I wanted for review. That led to an exchange with another editor over there, and I now have about 8 to 10 titles due to be shipped both immediately and when they make their debut over the next couple of months. Then, Apress contacted me to let me know they'd be happy to work with me. I'm holding off for a month there so that I can get my pile taken care of. And on top of that, three different authors emailed me with specific titles I could review. Yes, I accepted.

So... Don't be surprised if my reviewing goes into hyperdrive for the next few weeks. Yes, I do have a gear above what you see here. I was thinking six hours of sleep each night was too much anyway... :-)

Posted by Tom Duff At 6:37 PM Location In The Basement... | Permalink | Comments (5)

05/04/2004

I don't think I can support our involvement in Iraq or the administration any more...

Category Everything Else

Yes, I'm straying into one of those areas you aren't supposed to discuss in polite company... So be it.

Until now, I have been relatively supportive of our efforts in Iraq. While our reasons for getting involved appear to have been manipulated or bogus, deposing Saddam was a good thing (and I still feel that way). It is starting to feel more like Vietnam all the time, but I still thought it was probably necessary.

That all changed with the Iraqi prison scandal. What *Americans* did over there to prisoners is no different than what Saddam's henchmen did to the population. And we are their *liberators*? On top of that, the military tried to get the media to sit on the story so as to not endanger our troops. What about the endangered people being abused? And today we have the gall to walk out of the UN during Sudan's inclusion into the human rights committee. And we now have room to talk?

No administration is without deceit and corruption. We're dealing with power-hungry people. But the lies and abuses have gone too far for me to continue to support the current administration. I'm not sure that makes me a Kerry fan (and no, Barry, I will *not* vote for Nader). But I'm not pro-Bush/Cheney any more. The "war on terror" does not justify these abuses.

And for those who have loved ones serving in Iraq... No, I was never a soldier, and I never served time in a war zone. I'm sure what goes on in a situation like that changes you. And I'm confident that most soldiers are *not* like the criminals who were running the prison over there. I just feel it's time for us to be out of that region, and that there is nothing we can do to improve the situation.

Posted by Tom Duff At 5:13 PM Location In The Basement... | Permalink | Comments (14)

05/03/2004

How to Purge Document Deletion Stubs on the Server Immediately

Category Software Development

In case you need to know how to do that... From the KnowledgeBase...

How to Purge Document Deletion Stubs on the Server Immediately

Document Number: 1095683

Problem
A customer would like to purge all of the document deletion stubs on the server database now, instead of waiting for the set purge interval. How can this be done?

Content
There are two options.

Option #1:

All document deletion stubs in a database can be purged by selecting File, Replication, Settings and setting the "Remove Documents Not Modified in the Last" setting to 0 days. Once this is done, click OK and close the database. Open the database again to purge the deletion stubs immediately. Next, change back the "Remove Documents Not Modified..." setting to 90 days.

IMPORTANT: If you place a checkmark next to "Remove Documents Not Modified in the Last" setting, and place a "0" in the Days field, all of the documents will be deleted from the database. Do not place a checkmark in that box; only change the number of days setting to "0" (see Figure 1 in the Supporting Information section below for an example of this).

Once this is done, you can return this setting back to the original number.

Option #2:

All document deletion stubs in a database can be purged by setting the cutoff date ahead two days from the current date. Once this is done, the deletion stubs are purged immediately. To do this, select File, Replication, Settings, Other, and set "Only replicate incoming documents saved or modified after."

Be sure to replace the 2 days ahead date immediately once the deletion stubs have been purged.

WARNING: If the "Remove Documents Saved More Than XX Days Ago" option is enabled in a database's replication settings when the cutoff date is set ahead, all documents saved before the cutoff date will be removed from the database. Notes behaves this way because both the cutoff date and "Remove Documents..." feature are designed to save space in local replicas. The cutoff date sets the maximum age for documents to be received by the local replica. When the "Remove Documents..." option is enabled, Notes automatically removes (leaving no deletion stub) any document saved before the cutoff date, ignoring any interval specified in the "Remove Documents..." option.

Depending upon the Notes platform, it may also be necessary to set the purge interval to one day as well as setting the cutoff date ahead. This is not required for all Notes platforms. On early 3.x versions of Notes for UNIX platforms, the Cutoff Date option is not available, and the purge interval cannot be used to purge deletion stubs immediately.

You can see the approximate number of document deletion stubs in a database by adding up all of the shared fields and all of the documents, and then subtracting this number from the total number of documents shown, when a new replica of the database is created.

To view deletion stubs, Notespeek can be used. Notespeek is available on the Lotus Developer Domain website (in the Sandbox).

Supporting Information:

This information does not apply to deletion stubs for design elements (eg. forms, view or macros). Refer to the document titled "Removing Design Element Deletion Stubs From a Database" (#132699 ) for additional information.

Figure 1:
Example of Replication Settings
A picture named M2

Posted by Tom Duff At 7:40 PM Location In The Basement... | Permalink | Comments (8)

05/03/2004

What Is the Purpose of the Notes CACHE.DSK File?

Category Software Development

A nice writeup about the cache.dsk file... From the KnowledgeBase...

What Is the Purpose of the Notes CACHE.DSK File?

Document Number: 1155947

Problem

What is the Notes CACHE.DSK file and what does it do?

Content
This special file contains design elements (forms, subforms, and LotusScript libraries) of databases located on a Notes server, in addition to cross-replica journaling information. Storing these items in this file helps improve client performance when accessing databases located on a Notes server and automates the process of read-mark synchronization.

Important points about the CACHE.DSK file include the following:

1. The CACHE.DSK is created automatically whenever Notes starts, if the file does not already exist. Therefore, if this file is deleted, it will be recreated the next time the Notes Client is started.

2. The CACHE.DSK is actually a Notes database with no built-in forms or views. Therefore, this file can be compacted to recover unused space. The Compact option for the CACHE.DSK is found on the Information tab of the Workspace Properties dialog box (right-click any part of the Notes Workspace and select Workspace Properties from the pop-up menu). Note that compacting the CACHE.DSK in this manner also compacts the DESKTOP.DSK. Also, the value in the Size field that appears on the Information tab reflects the combined size of the CACHE.DSK and the DESKTOP.DSK.

3. The CACHE.DSK, by default, is located in the Notes data directory. There are, however, two methods for relocating the file: (1) the database redirection file and (2) a NOTES.INI redirection parameter.

4. To achieve reasonable balance between cache performance and disk-space consumption, the default maximum size of the CACHE.DSK is set at 5MB. For additional information on setting the CACHE.DSK size limit, refer to the document titled "Is it Possible to Limit the Size of CACHE.DSK in Notes? (#1091866)".

5. Design elements (forms, subforms, navigators, scripts, etc.) for a database are cached locally in the CACHE.DSK. This speeds up access to commonly used design elements. When a database is opened, it is determined whether the design elements need to be re-cached from the database, based on an internal time stamp.

Notes 6.x Client:
In the Notes 6.x Client, the Cache file has been renamed to CACHE.NDK.

Even though all information above applies to the Cache.ndk file in Notes 6.x Client, please refer also to the following document for specific changes regarding the data stored in each of the Cache, Desktop, Bookmark, etc. files: "Cache.NDK, Desktop6.NDK and Bookmark.nsf in ND 6" (#: 7002715)

How to Specify a Different Location for the Cache File:
The CACHE.DSK / CACHE.NDK can be placed in a directory other than the Data directory, if desired. You can add the following line to the NOTES.INI file:

In Notes 5.x: CACHE=[drive]:\[directory]\CACHE.DSK

In Notes 6.x: CACHE=[drive]:\[directory]\CACHE.NDK

If the file does not already exist in the newly specified directory, the file will be created. If there is an existing CACHE.DSK / CACHE.NDK in the Data directory, the CACHE.DSK / CACHE.NDK will not be propagated. Note, however, that when you enable the CACHE= parameter to redirect the Cache file to a directory other than the Notes Data directory, a "File Does not Exist" error can occur. Refer to the document titled "File Does not Exist' Error After Using CACHE= to Redirect CACHE.DSK File" (#1090872) for additional information.

In releases prior to those cited above, the CACHE.DSK file can reside only in the Notes data directory. The data directory is identified in the NOTES.INI file with the following parameter:

Directory=[drive]:\[directory]

where the path is the DOS path to the data directory.

Posted by Tom Duff At 7:36 PM Location In The Basement... | Permalink | Comments (0)

05/03/2004

Book Review - Cooked Goose by G. A. McKevett

Category Book Reviews

Another fun read by McKevett... Cooked Goose. Savannah Reid, the "big boned" detective and ex-cop works on trying to solve a case where a rapist is dressing up like Santa Claus and terrorizing the women of San Carmelita. Her ex-partner Dirk is also on the case, and together they are trying to bring this crime spree to an end. But things get complicated when the Captain's daughter (who is only 16) is picked up by the rapist. She escapes after running her car into a obsticle and fleeing the scene. Her dad's a jerk (he also fired Reid from the force), and she wants nothing to do with him. The captain asks Reid to be her "bodyguard", and you see an interesting relationship develop between Savannah and the daughter.

But what's a good crime novel without a subplot? At the same time Savannah and Dirk are trying to find the rapist, a number of the cops in San Carmelita are murdered. There seems to be some tie to the rapes, but no one can figure it out. It isn't until the end that the two cases come together.

Great recreational read, and I just love her dialog writing between Savannah and others given her Southern upbringing. For instance, her sister is pregnant and calls to complain about her life. "My tummy is hu-u-u-ge! And so's my butt. I'm the size of a barn door and gettin' bigger every day. I hate being pregnant!" Savannah's response... "Don't worry, honey... Your butt was big before you got pregnant, and... " :-)

Posted by Tom Duff At 7:06 PM Location In The Basement... | Permalink | Comments (0)

05/02/2004

Book Review - JavaServer Faces Programming by Budi Kurniawan

Category Book Reviews

Book Review – JavaServer Faces Programming

Title
JavaServer Faces Programming – Budi Kurniawan
1st edition, 2004, 503 pages, McGraw-Hill Osborne

Target Audience
Developers who want to start using JavaServer Faces (JSF) technology for their web applications

Contents
This is a comprehensive tutorial on the JSF technology, how it works, and how to code an application using it.

The book has the following chapters: Overview Of Java Web Technologies; Introduction To JavaServer Faces; Objects For Request Processing; The User Interface Component Model; JSF Simple Components; JSF Advanced Components; JSF Event Handling; Page Navigation; Validators; Converters; Internationalization And Localization; Renderers; Custom User Interface Components; Online Store Application; The Application Configuration File; Summing Up: How JSF Works; The JSP 2.0 Expression Language; The JSP Standard Tag Library; Installing And Configuring Tomcat 5; The Web Application Deployment Descriptor

Review
JavaServer Faces technology is gaining steam in the Java community as a standard framework for building web applications, much like Struts has become. If this is a primary part of your development activity, you’ll need to get up to speed on how JSF works. This book will help you get started.

Budi starts by reviewing servlet and javaserver page concepts, which is what JSF is based on. Once that area is reviewed, he starts with the basics of JSF coding and gives you plenty of examples of how they are coded. To me, the writing style and examples are clear and appropriate for someone just starting out in this area. The chapters build on each other and it all comes together in chapter 14 where an entire online application is built. After working your way through the book, you should have a basic mastery of the technology.

With a little additional research, I found that there is a later release of the technology (JSF beta 1) that supercedes the release on which this book was written (JSF Early Access 4). Not yet being a JSF wizard, I can’t tell you how much of a difference that will make in the accuracy of the information presented. The author has updated the examples on his web site to work with the beta 1 version, so be prepared for some of the examples to work a little differently than what you see in print. Unfortunately that’s one of the drawbacks in trying to get a book in print about a technology who’s foundational concepts are still in development. That’s probably why they call it the “bleeding edge of technology”.

Conclusion
I thought this was a well-written, understandable book on an emerging technology. Just keep in mind that what you currently read and what may be in the final release could change.

Posted by Tom Duff At 5:40 PM Location In The Basement... | Permalink | Comments (6)

05/02/2004

Book Review - Enterprise Java Security

Category Book Reviews

Book Review – Enterprise Java Security

Title
Enterprise Java Security – Marco Pistoia, Nataraj Nagaratnam, Larry Koved, Anthony Nadalin
1st edition, 2004, 581 pages, Addison Wesley

Target Audience
Developers and architects who are looking for an overview of Java security

Contents
This book is a wide-ranging coverage of security technology in J2EE and J2SE environments.

The book is divided into six parts:

Part I – Enterprise Security And Java – An Overview Of Java Technology And Security; Enterprise Network Security And Java Technology
Part II – Enterprise Java Components Security – Enterprise Java Security Fundamentals; Servlet And JSP Security; EJB Security; Enterprise Java Security Deployment Scenarios
Part III – The Foundations Of Java 2 Security – J2SE Security Fundamentals; The Java 2 Permission Model; Authentication And Authorization With JAAS
Part IV – Enterprise Java And Cryptography – The Theory Of Cryptography; The Java 2 Platform And Cryptography; PKCS And S/MIME In J2EE; The SSL and TSL Protocols In A J2EE Environment
Part V – Advanced Topics – Enterprise Security For Web Services; Security Considerations For Container Providers; Epilogue
Part VI – Appendixes – Security Of Distributed Object Architectures; X.509 Digital Certificates; Technical Acronyms Used In This Book; Sources Used In This Book

Review
Once you get past the Hello World applets and JSP pages, you will start developing applications that interact with the user and display dynamic content. And once that happens, you need to know who is asking for the data and whether they should be allowed to see it. You need to start understanding how security works in the Java world. And Enterprise Java Security is a good place to start gaining that knowledge.

The authors cover a lot of different concepts and technologies in this book. While nearly any of the subjects (like cryptography or web services security) could be expanded into a book in its own right, enough information is provided to give you the concepts necessary to grasp the essentials. From there, you can continue in your learning for the areas that apply to your situation. As I continue on in my Java education, I’ll be able to use this book to come up to speed more quickly than I would be able to if I had to find the resources in multiple other places.

Code junkies may be a little frustrated with the book, in that there’s more concept than code. While there are coding examples, you’ll see less than you may be used to (or may want). I view it this way… I’d use this book to get an overview of Java cryptography. Once I understood the fundamentals, I’d seek out a book that dealt specifically with that subject to take me beyond the basics. But by understanding “what I don’t know” first, I’ll be better prepared to get the most out of more advanced texts with plenty of code included.

Conclusion
A good selection for Java developers and architects who need a comprehensive overview and understanding of security for Java-based systems and environments. From here, you can delve more deeply into the specific areas that apply to your project or environment.

Posted by Tom Duff At 1:13 PM Location In The Basement... | Permalink | Comments (0)

05/01/2004

Book Review - Teach Yourself Unix In 24 Hours by Dave Taylor

Category Book Reviews

Book Review – Teach Yourself Unix In 24 Hours

Title
Teach Yourself Unix In 24 Hours – Dave Taylor
3rd edition, 2001, 536 pages, Sams

Target Audience
People who have a need to learn how to work with Unix at the command level.

Contents
This book is a hands-on tutorial on the Unix operating system divided up into 24 lessons.

The book contains the following chapters: What Is This Unix Stuff?; Getting Onto The System And Using The Command Line; Moving About The File System; Listing Files And Managing Disk Usage; Ownership And Permissions; Creating, Moving, Renaming, And Deleting Files And Directories; Looking Into Files; Filters And Piping; Wildcards And Regular Expressions; An Introduction To The vi Editor; Advanced vi Tricks, Tools, And Techniques; An Overview Of The emacs Editor; Introduction To Command Shells; Advanced Shell Interaction; Shell Programming Overview; Slicing And Dicing Command Pipe Data; Job Control; Printing In The Unix Environment; Searching For Information And Files; Archives And Backups; Communicating With E-mail; Using telnet, ssh, And ftp; C Programming In Unix; Perl Programming In Unix; Working With The Apache Server

Review
I’m seriously considering starting to explore the use of Linux as an alternative to using Windows. And fortunately for me, the Linux desktop has evolved to the place where you can use it much like a Windows environment. But like earlier versions of Windows, there is a lot of power if you delve under the graphic layer of the operating system. In Windows, that was DOS. With the Linux, it’s the command line interface. If you don’t know where to start when you get there, Teach Yourself Unix In 24 Hours will get you off on the right foot.

Dave Taylor takes you through a hands-on approach to the basics of maneuvering and manipulating a Unix-style operating system. By working through the examples and exercises, you’ll start to grasp the commands that are needed to do the basics. From there, you learn how to string commands together to create scripts that will automate many of your tasks. And that’s where the real power starts to come into play. You’ll also learn about permissions and ownership of files and directories, which you’ll run into with many other systems you may work with during the course of your job.

I found this book useful on a number of levels. First of all, it helped me to understand some of the Unix concepts I need to know when I’m working with other departments that use Unix as their base platform. It’s also giving me the fundamental knowledge I’ll need when I start with my Linux work. Even though I’ll be doing a lot of work at the graphical layer, I want to be able to feel confident to go beyond that when I need to. Until I get beyond the basics, this book will stay close at hand in order to figure out what I just did or what I just broke.

Conclusion
This is an ideal text for someone who has to work with Unix and doesn’t have much, if any, prior experience. The hands-on nature of each lesson will appeal to those who want to learn by doing.

Posted by Tom Duff At 9:08 PM Location In The Basement... | Permalink | Comments (1)

05/01/2004

Book Review - Fahrenheit 451 by Ray Bradbury

Category Book Reviews

Yes, I *do* read classics once in a while... :-) Our local library was sponsoring a program called "Everyone Reads" where a number of people all read the same book and have discussions about it. Fahrenheit 451 was the featured book, and I've been meaning to reread it anyway. You probably already know the storyline... Reading books is a banned activity, and firemen are not used to put out fires, but to burn down houses where books are being covertly hidden. Fahrenheit 451 is the temperature at which paper burns, hence the title. The main character, Montag, starts to wonder why people would still risk having books, and ends up becoming a book hoarder himself. His house is burned down, and he flees before he can be arrested. He meets up with other readers in the countryside and decides to remember and preserve books rather than return to the city, which, by the way, just got anniliated by atomic warfare...

This isn't so much a novel as a longer short story critiquing society's ever-decreasing attention span and lack of time spent actually thinking. Everything is based on entertainment, and ideas and concepts are spoonfed to the public in short, repeated soundbites. Sound disturbingly familiar? I found it amazing that, 50 years after having written the book, Bradbury's view of the future isn't that far removed from reality. We don't burn down houses with books, but we try to censor ideas and make everything "politically correct" so that no one is offended.

This particular paperback edition is the 50th anniversary edition of the book, and features an interview with the writer at the end. He also expounds on what the characters in the book would say and do now if the book were to be expanded.

Well worth reading (or reading again if you haven't done so lately).

Posted by Tom Duff At 7:41 PM Location In The Basement... | Permalink | Comments (2)

05/01/2004

Book Review - Adobe Photoshop CS one-on-one by Deke McClelland

Category Book Reviews

To say I am "graphically challenged" would be an understatement. For whatever reason, I just have a hard time envisioning what I can do with images and colors. To help solve that issue, I got a copy of Adobe Photoshop CS one-on-one by Deke McClelland. In short, this book is packed.

The book is organized into the following 12 lessons: Open and Organize; Highlights, Midtones, and Shadows; Correcting Color Balance; Making Selections; Crop, Straighten, and Size; Paint, Edit, and Heal; Creating and Applying Masks; Adjusting Focus; Building Layered Compositions; Text and Shapes; Layer Styles and Adjustments; and Printing and Output.

Each lesson starts out with an "About This Lesson" page, which gives you an idea of what you're going to cover. It ends with a "What Did You Learn?" exercise where you match the concept with the description. And in between is the excellent material on how to do what it is that's being covered. Interspersed throughout the text are "Pearls Of Wisdom" which are short 5 to 10 line sidebars that explain a concept or a slant on the material that you may not have realized. And McClelland doesn't just explain how to do things, either. He goes into the concepts behind how graphics and color work, such as how to read a histogram or the difference between 8 vs. 16 bits per channel. So when you get done with the book, you should have a greater understanding and appreciation for the art of graphical manipulation.

But you're not done yet. The book comes with a CD that includes video lessons that follow along with the book, as well as the files you'll need to do the exercises. Unlike most CDs that are included in a book, this is one that actually enhances the value of the material instead of just allowing the publisher or author to charge more for stuff you may never look at.

On the aesthetic side of things, the book is really stunning. High-quality paper and beautiful colors on the examples. The only flaw I can mention is that my copy must have gotten a bad batch of paper at the printers. A small number of pages are flawed (ingrained folds) and a couple of the graphic screen shots are blurred to the point of not being able to read the text. Even with that, there is nothing that takes away from the usefulness and quality of this effort.

If you use Photoshop and want to learn how to utilize it to the fullest, you owe it to yourself to check out this book.

Posted by Tom Duff At 5:33 PM Location In The Basement... | Permalink | Comments (2)

05/01/2004

I'd hire him in a minute... :-)

Category Humor

From Friday's Shark Tank email...

----------------------------

Shark Tank: And what would you say is your weak point?

Manager asks this techie pilot fish to sit in on the interview of an applicant for a new technician position.

And what an applicant. "The candidate is a rather large person with short-cropped hair, who is wearing a suit that appears to be too tight," fish reports. "He's sitting ramrod straight with his resume in front of him and arms by his sides.

But when fish and the manager walk into the room, he leaps to his feet and remains standing until the manager invites him to sit down.

Fish looks at the resume. "Oh, I see you just got out of the Marines, where you've been for the last 20 years," he says.

"SIR! YES SIR!" the job candidate barks. "I have been the IT person in the Marines for 10 years!"

While the manager climbs back into her chair, fish asks, "Uh, what did you do?"

"Sir! I would jump out of a plane to our new location and run the cabling for our systems!" says candidate.

"Uh, OK," says fish. "Let's go through a few scenarios. We have a unique situation where a lot of engineering users can be rather difficult to work with, since they feel they are very knowledgeable. How do you handle conflict when an engineer is being rather difficult?"

Candidate turns, leans down and, with an intimidating glare and an icy voice, says, "I usually do not have problems getting people to see things my way."

And that's it for the interview. "The manager quickly asks some fluff questions and gets HR to show the candidate out," says fish.

"I thought it would be fun to hire him -- just to turn him loose on a few of our more difficult users."

Posted by Tom Duff At 7:37 AM Location In The Basement... | Permalink | Comments (0)

Want to support this blog or just say thanks?

When you shop Amazon, start your shopping experience here.

When you do that, all your purchases during that session earn me an affiliate commission via the Amazon Affiliate program. You don't have to buy the book I linked you to (although I wouldn't complain!). Simply use that as your starting point.

Thanks!

Thomas "Duffbert" Duff

Duffbert's Random Musings

Technology, books, and anything else that interests me...

About Duffbert...

Search This Site!

I'm published!

MiscLinks

Downloads

Visitor Count...

05/31/2004

Book Review - Excel Hacks by David & Raina Hawley

05/31/2004

Book Review - Network Security Hacks by Andrew Lockhart

05/30/2004

Book Review - Bitter Sweets by G. A. McKevett

05/30/2004

Book Review - Death By Chocolate by G. A. McKevett

05/29/2004

Book Review - Creating Cool Web Sites With HTML, XHTML, and CSS by Dave Taylor

05/29/2004

Saturday morning random musings...

05/28/2004

e-Pro Family Relaunch...

05/27/2004

Book Review - In Search Of Stupidity by Merrill R. Chapman

05/27/2004

Humor Thursday....

05/26/2004

Book Review - Reckless Abandon by Stuart Woods

05/26/2004

Book Review - Stealing The Network - How to Own a Continent

05/25/2004

Microsoft behind $12 million payment to Opera...

05/25/2004

Microsoft's Aging Monopoly Losing Ability To Dominate

05/25/2004

Gates Touts Blogging As Business Tool...

05/23/2004

Cool arrangement... I get free books, I get to read and review them, and I learn stuff in the process!

05/23/2004

Book Review - Never Threaten To Eat Your Co-Workers - Best Of Blogs

05/23/2004

Book Review - Adopting The Rational Unified Process

05/22/2004

Book Review - Digital Photography Hacks by Derrick Story

05/22/2004

Book Review - Freelance Writers' Guide

05/21/2004

Microsoft cuts perks with eye on bottom line...

05/21/2004

A, ahem... "unique" way to protect your valuables while on vacation...

05/19/2004

Book Review - Killer Calories by G. A. McKevett

05/19/2004

Book Review - Network Security Assessment by Chris McNab

05/19/2004

The Oregon Primary was held yesterday...

05/18/2004

So does your family read your blog?

05/18/2004

Team-TSG has article #3 in Lotus Advisor this month!

05/18/2004

From Riding The Internet Boom, To Not In Demand...

05/18/2004

Glass half empty, glass half full, and...

05/16/2004

Information on the Undocumented @LocationGetInfo Function

05/16/2004

Controlling Spellcheck with a field entry...

05/16/2004

Book Review - Designing With Web Standards by Jeffrey Zeldman

05/16/2004

Persistent customer service...

05/15/2004

Beautiful...

05/15/2004

What do we in IT fear?

05/15/2004

Bad code can be produced anywhere...

05/14/2004

Book Review - Peaches And Screams by G. A. McKevett

These phishers so need help...