Fighting with computers

Computers are not always friendly.

Thursday, March 30, 2006

The beauty of RFC-2217

Recently, I was involved in a development where remote access to a serial port was required. I was doing my development with a Rabbit core and I needed to get Internet access to a serial device and to simulate a serial port on the host PC. I learned that you could use RFC-2217 which is an extension to the telnet protocol. I went to nabble to get some help but I found out nobody seemed knowledgeable about that protocol. So I did my job, and when I got it running I wrote an article for an engineers magazine. Once I get the "go" from the editor I'll let you know where it is published.
I used with quite success Fabula Tech's Serial Port Redirector which is RFC-2217 compatible, but it is not free. For a free redirector you could use HW-group's Virtual Serial Port but be warned this latter software does not handle break signal generation. The same thing applies to Digi One SP device that, although the manufacturer claims it to be RFC-2217 compatible, it is not capable of generating arbitrary-length break signals over the serial port.

Tuesday, March 28, 2006

Fired for porn surfing

I was approached by a lawyer whose client was an employee fired for porn surfing. The company threw some logs at the employee as a proof of his wrongdoing. However, the employee rejected these claims as erroneous and sued the company to get his job back.

I was asked to double check what those logs really showed. Just to play safe, I decided to conduct my "research" from my home network instead of my employer's network. What I learned was somehow baffling, as most of the logs appeared incomplete showing only one small gif or jpeg per site with almost no html pages visited. While some of the images had some sex contents most didn't. Still, the names of the servers talked by themselves about the contents of those sites. Multiple visits to the same gifs suggests no caching on the browser, or ..., multiple clients. It reminds me the Migmaf trojan but that was way back in 2003.

Unless I get access to the employee's computer I cannot make a better judgement now. At any rate, be warned, your browsing activity could be monitored. Your computer could cause you to be fired, even if you are not doing anything wrong. So, I believe you should keep an eye on what your computer can be doing without you knowing it. It is time to completely revoke the idea that "I do not care, I do not have any important data in my computer". Sometimes the bad guys are not for your data but they just want to use your computer as a way to hide their activities. In this case, the porn surfing could well have been caused by a third party, either other employees or some sort of worm trying to cash in by visiting some paid links with the right http Referer tag.