From sam at uchicago.edu Wed Oct 9 23:58:50 2002 From: sam at uchicago.edu (sam th) Date: Thu May 18 12:41:34 2006 Subject: [Cs22800] the GNOME HIG and AbiWord Message-ID: <1034225930.29952.51.camel@bur-jud-175-069.rh.uchicago.edu> Many of you (at least the ones who use GTK/GNOME) have heard of the GNOME Human Interface Guidelines[1]. They specify guidelines for the interface of all programs that are part of the GNOME desktop. In order to be a good citizen of the GNOME desktop, AbiWord should follow these guidelines to the extent that it is reasonable. However, no one has put much (or any) effort into this as yet. So, since I have the opportunity to do this as part of a class (A is for Abi :), I have begun work. Some of the decisions embodied in the document are controversial, and as far as they go, I will discuss them on this list beforehand. I hope not too many of them will be problematic. I'm going to be using bugzilla to be keeping fairly close tabs on this, for the purpose of my class. I'm using bug 4142 as a metabug to keep track of everything. happy hacking -- sam th From bsjohnso at midway.uchicago.edu Thu Oct 10 12:15:12 2002 From: bsjohnso at midway.uchicago.edu (Ben Johnson) Date: Thu May 18 12:41:34 2006 Subject: [Cs22800] Sebek Update Message-ID: I am now working on porting the sebek code (the loadable kernel module rootkit + helper applications) over to FreeBSD. I will really dive in this weekend. This may be fairly easy, or it may involve a lot of rewriting code. Once this is done, I believe I will be able to port it to Mac OSX. If this takes a long time, it will probably be the bulk of my code. If it is fairly easy, I will either work on porting it to Solaris or will try to make the package more hidden from hackers and make the log traffic more covert. I'll keep everyone updated. If you now know what project you're working on, please e-mail me so I can update the webpage. Unless anyone has any objections, once we all start sending out our 1-page descriptions of the project / project goals, I will post them on the website as well. Thanks, Ben From bsjohnso at midway.uchicago.edu Thu Oct 10 21:59:14 2002 From: bsjohnso at midway.uchicago.edu (Benjamin Johnson) Date: Thu May 18 12:41:34 2006 Subject: [Cs22800] CS 228 Project Proposal Write-Up Message-ID: <1034305180.18055.3.camel@localhost.localdomain> CS 228 Project Proposal Write-Up SEBEK BSD, OS X, Solaris, Covertness Sebek is a part of the honeynet project (www.honeynet.org) designed to provide insight into the world of the hacker and cracker. Sebek's part is to capture session traffic, mainly keystrokes, when sniffers and intrusion detection systems are not useful. This mostly constitutes ssh and scp sessions due to their encrypted nature, but in the future necessity for sebek could be much more common. Sebek does this through a loadable kernel module and a few "helper applications". Sebek acts as a rootkit, where it loads into kernel memory space, intercepts system calls and captures any desired data entering the kernel from user applications (such as ssh). Currently sebek works in a beta-level on linux operating systems. I believe it is most commonly tested on and developed for RedHat Linux, but other flavors of the OS are also supported. My initial goal is to determine the degree of hardness for porting Sebek over to FreeBSD. More specifically, I will install and configure a normal FreeBSD 4.6.2 installation. I will then attempt to straight up compile and install sebek in its current form. Here I expect to run into compilation errors, as kernel functions and system calls may differ between the two. For this I will need to learn more about BSD programming. I already have a few good links into loadable kernel modules for BSD systems, which has given me a good start. If the porting to FreeBSD is not straight forward, that will take up my first few weeks into the course. Regardless of whether or not that takes a long time, once it has been completed I will try to port sebek over to Mac OSX. I believe this should be straightforward as OSX has a BSD core. Once this step has been completed, I plan to work on the covertness of sebek. Since sebek has the same traits as other, more malicious rootkits, there are plenty of rootkit detectors that would alert a hacker to the presence of it (and therefore alert them to the machine being a honeypot / honeynet). Another option is that once I the FreeBSD version working (and hopefully the OS X one as well), I could work on porting this system to Solaris. Solaris boxes have been good internet servers for a while and remarkly seem to still be doing alright. So that's what I assume my quarter of CS 228 to consist of. I plan on completing a few ports and possibly making sebek more stealthy / covert. If time permits, I hope to research a new way of sending data covertly through headers and other parts of various protocols. I hope Sam is pleased -- I wrote this entire message in Abiword, and after doing a new install of linux did not even attempt to download OpenOffice. Long live Abiword! ;-) Peace, Ben From wes at uchicago.edu Sat Oct 12 20:22:22 2002 From: wes at uchicago.edu (Wesley Pegden) Date: Thu May 18 12:41:34 2006 Subject: [Cs22800] html writeup. Message-ID: <3DA8CACE.5050606@uchicago.edu> Here's the html I wrote up regarding gcc and what I'm planning on doing with it.

Beginner GCC Projects

Though there are many projects in this category (see