OK so its only a minor upgrade from 1.8.4 -> 1.8.5 but the really cool thing from a pen testing and tools point of view is that they back ported non-blocking IO from the 1.9 dev tree.

So now my Ruby network based tools got a massive performance shot in the arm. A few scripts broke and needed some tweaking but one of my scripts "fixed", I was only ever able to reliably allocate 6 threads with this script, now it is happily running 96.

Looking forward to Ruby 2.0 slated to arrive in December 2007, with the move from interpreted code to compiled bytecode running on a virtual machine ala Java. This will bring massive performance boosts to all Ruby code (including RoR) and maybe make it palatable for the enterprise if it gets the right backing.

I have never been happy with the text editors on either Linux or Windows. I have at various times used vi, nano, Notepad2, EditPad, Crimson Editor, NoteTab, Vim (blah). They all had something that I disliked but I have finally found the perfect text editor - SciTE.

I really like SciTE because:

• it supports syntax highlighting for most programming/scripting languages including Ruby,
  
• its multi-tabbed,
• its cross platform,
• has Regex search and replace, and
  
• it understands backslash expresssions in search and replace (i.e. \n -> \t)

Couple of SciTE tips - under global options set position.width=-1 and position.height=-1 so that SciTE opens up maximized. You might also want to modify check.if.already.open=1 which will open new files in a new tab instead of a new editor instance. Also get hold of scitecmd - it allows you to pipe data directly into SciTE - e.g. dir | sort | scitecmd -s

After some messing around with a bunch of OSes and bootable pen testing CD's I have settled on a configuration for my attack builds.

On my Dell I went for Windows 2003 Server Standard Edition. There are bunch of really cool things about using W2K3, including raw sockets, built in HTTP, SMTP and FTP servers. Speed has actually been better than my corporate build on the same hardware. Found a nice web site which tells you how to convert W2K3 to a workstation including XP themes and system restore. http://www.msfn.org/win2k3/

And after several Linux OSes on the new Toshiba Portege I went back to Gentoo. Gentoo was noticeably faster than the runner up Ubuntu, but Ubuntu was prettier, so I ripped the Ubuntu theme into Gentoo. Gentoo was also the only mainstream Linux that had the most pen test attack tools in the main source tree. So updating my tools is as simple as emerge --update world.

Its been a while since my last post. Finally back on the "tools" after a 2 month security procedure gig.

Life has consisted of a mixture of pen testing (successfully :), coding and home renovation. The coding has all been in Ruby of course: written some base classes for use by the other tools I am writing, DNS tools and a couple of utilities. Its been a good exercise for learning classes, threads and sockets under Ruby.

The home renovation consists of the conversion of our formal dining room into a home theatre. Gone a bit overboard and gutted the room to add a wall, some serious sound proofing plus data and electrical cabling. Was also a good opportunity to add some more network points around the house.