innismir.net

Apparently, in order for me to claim my weblog on Technorati, I need to smear their link feces on my weblog in a visible manner.

You fail, Technorati, but here it is anyway:

Technorati Profile

Nepenthes is a wonderful tool that is great for collection of various malware nastiness. It’s extremely useful and has provided me a fair share of amusement when I review the logs seeing all the various trash the Internet’s tubes try to dump onto my computer. I love Nepenthes.

Unfortunately for me, Nepenthes also completely sucks.

Nepenthes does some amazing things in the areas of collecting malware, examining payloads, and automatic analysis. However, from a user perspective, it’s a fetid pile of yak’s droppings and an abomination in the sight of God. The software seems to be in a perpetual state of debugging, which, by itself is OK, but it seems to constantly want you to run it from the console. This makes it difficult if you ever want to run it unattended, which in most cases you will want to do considering you’re essentially trawling for malware. Also, the logging facilities also seem to reflect this, as extracting meaningful messages from the log file is pretty close to reading tea leaves.

The thing that really drives me batty is trying to get Nepenthes and Honeyd to work together. The author seems to know that people want to do this and tries to explain what has happened, but provides a next-to-useless explanation and ends it with an update of “The Honeyd guy managed to do this, but I don’t know how.”

I know that almost all open source software is on some level classified as a hobby, but wouldn’t you at least try to make inquiries as to how to make it work, and or adjust the codebases to make this kind of setup easier? Instead, you have people like me who are using duct tape and bailing wire solutions to “fix” the problem, and are unable to recommend the software for use in production environments because of specifically that.

Which is sad, because I love Nepenthes.

Yeah… No matter what I do, I always seem to like the idea of having a weblog, but I never seem to keep it updated. With me finding out that Wonko has released his blog engine that I’ve been wanting for a while, I decided to once again take a crack at writing something.

I’m sure I’ll take it down and put up a static page again within a few months…