At about 9am yesterday morning, I noticed on my server monitor that the CPU utilization of one of my servers was abnormally high, in addition to a sustained 1mbit/sec of inbound traffic and 2mbits/sec of outbound traffic. syslog messages from Asterisk showed it to be a SIP brute force attack, so I dropped the offending IP (an Amazon EC2 instance IP) into /etc/idiots to block it and went back to my work.
A while later, I noticed the traffic still hadn't died down, so I reported the incident to Amazon and my server's network provider. No luck on either front; Amazon just sent back a form reply stating the incident was forwarded to the EC2 instance's owner (yeah, seriously) and the network provider said they wouldn't bother adding an ACL to their border equipment unless it was needed to protect their entire network. With the IP blocked on my server, the CPU utilization had died down and it was no longer sending out reply traffic, but I was worried about the inbound garbage traffic counting towards the server's monthly bandwidth cap.
posted on wednesday, november 11th, 2009
with tags
mac
I've always formatted my Mac OS partitions with case sensitivity enabled, which
usually means formatting a new system and re-installing Mac OS X as soon as I
get it.
After installing the 10.6.2 update, I lost my system menu bar icons and was
forced to restore from a 10.6.1 backup made the day before.
Following
Apple's instructions,
I booted to the Snow Leopard installation DVD, chose the "Restore System from
Backup" option and thought I was on my way.
About 50% into the recovery, the recovery application crashed:
posted on saturday, november 29th, 2008
with tags
web
The buzz around and traffic to
goingtorain.com
is slowing down now and I'm amazed how many people responded positively and
thought it was actually useful.
While talking to Dave about it yesterday, he remarked something along the lines
of, "of all the awesome, useful shit you've ever made, the thing that finally
became famous was this stupid little site."
posted on monday, september 29th, 2008
with tags
mutt
I've been using
mutt
as my MUA for over 8 years now.
Long ago I would ssh to my server and run it on local Maildirs, but as soon as I
started using smartphones and multiple computers I had to switch to an IMAP+SSL
setup.
Mutt's header_cache option has long made accessing large mailboxes snappy, and
the recent message_cachedir option available in 1.5 makes browsing through
messages with attachments equally snappy over IMAP.
A useful side effect of message body caching is that it provides an offline copy
of entire mailboxes which get synchronized automatically and can easily be read
in Mutt as a local mailbox… well, almost.
posted on wednesday, july 30th, 2008
with tags
openbsd
I received an e-mail asking me how I got started with OpenBSD, so I thought I'd write the answer here in case anyone else wanted to read it.
I started using OpenBSD in 1998 (version 2.3 or 2.4) to host a BBS that I was running.
I chose OpenBSD because of its security record and because I was getting fed up with Linux (Slackware) at the time.
I think the machine was a Pentium 75 or something, and OpenBSD worked quite well on it.
During the course of building the BBS, I had to install some 3rd party software, so I got interested in OpenBSD's ports system to make installation of that software cleaner.
I submitted some ports to the ports@ mailing list and got them committed by other developers.
I tested others' ports and supplied feedback where I could.
I hadn't done much unix development back then, so writing simple makefiles for ports was an easy way to get involved.
posted on sunday, february 17th, 2008
with tags
openbsd and
thinkpad
I started working on an ACPI driver this evening to make my ThinkPad X61 work
better under OpenBSD.
I just finished it and so far it matches on the IBM0068 ACPI HID device,
checks it for the appropriate version, enables the Bluetooth device (which is
required before the hardware toggle switch can power it on and let the ubt0
device show up), and sets up a callback to run whenever a special button (e.g.,
Fn+F[1-9], brightness, ThinkLight, etc.) is pressed.
I'm pretty sure it will work on most other ThinkPads but I haven't tried it on
my X40 yet.
I mapped out all of the events that get generated, which on my X61 Tablet
include the screen rotating around, the lid opening and closing, and even the
pen being ejected from its little slot.
When the brightness buttons (Fn+Home and Fn+End) are pressed, it sends a CMOS
command through ACPI to actually adjust the screen brightness accordingly, so
now it's working just like my X40 did on its own.
Being able to turn the brightness down when on battery is the main reason I
wrote this.
posted on saturday, november 24th, 2007
with tags
hardware and
openbsd
Friday afternoon I decided to install a package on one of my OpenBSD servers,
but it was from a recent snapshot and the snapshot I was running on the server
was too old to run it.
No problem, I'll just upgrade the server. a usually quick task; just drop a new
kernel into /, reboot, untar the new disk sets over /, run mergemaster and
reboot again.
Remotely rebooting servers that are 350 miles away is always a nerve racking
experience.
You reboot it, your SSH connection drops, you start a ping waiting for it to
reply as you visualize it booting up and thinking about how long each piece
usually takes.
Occasionally something takes longer than normal and you start to panic, but
before you reach whoever you need to reach, it starts responding and suddenly a
wave of relief comes over you and you resume your work.
posted on saturday, august 18th, 2007
with tags
voip
I had to install an OpenBSD firewall at a customer's office yesterday and wanted
to check that all of their VoIP phones still worked afterwards.
Since everyone had left the office by the time I got there, it was a bit tricky
testing all of the phones at the same time by myself.
I thought about writing a little routing snippet on the Asterisk server so I
could dial a number at each phone and it would just play music until I hung up,
but I wanted to make calls out to a PSTN number to double the bandwidth going
out of the PBX server and make sure the voice quality was ok.
I bought a
Sharp Zaurus
and put OpenBSD on it with the intention of making a lap timer for my car.
I tried to use
this
timer on my Treo in my R32, but it's so buggy and would crash the phone all the
time, and trying to reboot a phone while racing around a track is not something
I'd recommend.
There are of course some
commercial timers
but they are expensive and usually require a laptop running windows to be able
to see the
gps-acquired data.
What's the fun in that?
The other day I thought about whether it would be possible to legally change my
name to all lowercase letters.
I did some research and found out a few things.
In the United States, changing one's name can be as easy as simply using the new
name consistently in practice.
It doesn't necessarily need to be done in court, and using a different name is
not illegal as long as it's not being used for fraudulent purposes, or
inconsistently (which would then be considered an "alias").
The most common reason to have it done in court is to have a formal record of
the name change showing the new name for proof to other government agencies,
companies, and universities that may require proof of that new name.
posted on tuesday, december 26th, 2006
with tags
windows
While doing some research for something, I came across a website still hosting a
shareware windows application that I wrote a long time ago in Visual Basic.
It was a stupid little utility that sat in the system tray by the clock and sent
out data to a specified TCP/IP host at a specified interval to keep a dialup
connection alive (I think I wrote it for someone to keep their ISDN line up).
posted on saturday, june 24th, 2006
with tags
rails
Carl woke me up early this morning by jumping around on my chest.
I got ready and drove back down to Chicago for day two of RailsConf.
The first session of the day for me was Obie Fernandez's Thoughtworks on Rails
which was a broad overview of the rails projects that Thoughtworks has done for
its customers after introducing it into their development environment.
Nothing too technical, but useful to see the lifecycle for a rails app from the
point of meeting with the customer to creating "stories" as they put it, to
coding individual pieces, to quality assurance testing, to final deployment.
I couldn't help but think about how many people are involved in these "normal"
development processes versus things at DLS where one developer has to take a
request from another staff member and develop, code, test, and deploy an entire
app himself.
I woke up at the crack of dawn and drove to the Wyndham in Rosemont for
railsconf 2006.
I registered and got some free crap, grabbed some food and found a seat in the
ballroom.
Dave Thomas gave a keynote presentation about the big three things that he
thinks Rails needs to become better.
For my first session I opted for Introduction to Capistrano by Mike Clark,
just because the other two didn't really look very interesting.
Mike's presentation was pretty good and I picked up a few ideas for using cap
that I hadn't thought of before (namely for basic system administration tasks
not related to Rails).
Some time in March, DLS was served with a subpoena for information about one of
the IP addresses assigned to my co-located server, namely the one I have
specifically setup for a
Tor
exit node.
They of course complied, and I didn't think much of it.
I've personally processed quite a few subpoenas in my time while in charge of
the abuse department at DLS.
In early April, I was contacted by one of the lawyers for the case asking me
about the subpoena.
I told him I hadn't personally received one yet, but I explained what Tor was,
how it worked, and that I didn't have any logs to give them for whatever they
were asking for.
