|
|||
HomeGraffitiWebCamAboutSiteVisualDevGPG Key |
Welcome to Orb Graffiti, a place for me to write daily about life and computers. Contrary to popular belief, the two are not interchangeable. EMAIL - I publish email sometimes. If you send me an email and you want privacy or anonymity, please say so clearly at the beginning of your message.. |
MONDAY
Tues
Wed
Thu
Fri
Sat
Sun
January 28, 2001 - Updates at 0730
Good morning... Not much here to start with, as I'm staying home ache-y and icky with some form of flu bug. Yeah, I've gone to work feeling worse, but I don't see the need today to do more than take care of myself. If I have the inclination to be up and around on the machines, then I'll post interesting tidbits throughout the day. If, OTOH, I nap all day, then you'll hear no more from me, and that'll be OK too. On the gripping hand, I may just putter, and find nothing of interest. Of course, you can always explore other nooks and crannies in this place, from the Site Map. It covers better than two years of daily writing, special reports and whatnot (a over fair-ish amount of whatnot if you ask me). See you later, perhaps.
Mon
TUESDAY
Wed
Thu
Fri
Sat
Sun
January 29, 2002 - Updates at 0710
Howdy. I'm starting a bit slow, and don't feel all that much better, but I have some things that need doing at work, so I'm going in for a while at least. Yesterday I didn't get much done except napping, a spot of reading (less than one hundred pages over the course of a couple hours, which should tell you I'm under the weather in itself), and mucking about with Procmail some, and Tripwire, too.
Procmail is interesting. It's home online is http://www.procmail.org/. It's used as a local mail delivery agent and the basis of a mailing list package called SmartList. One of the most common uses to which Procmail is put is that of a mail filter. This permits sorting inbound mail into appropriate folders or, in the case of well-defined spam, straight to /dev/null, without a stop in the local trash folder. I've got it working, a little bit, and need to do some more recipe tuning (the rules that govern how Procmail routes messages are called recipes) before I'll feel comfortable talking more about it. I was hobbled a bit by the number one recommended site for getting started with Procmail being offline all of yesterday. More on this topic soon.
Regarding Tripwire, the version that's been a part of Debian forever and a day has been the old old old 1.2.x version that predated the commercialization of Tripwire. Last year, Tripwire Inc. opened the package back up (it's based at http://www.tripwire.org/). The remaining copyright holder questions have apparently finally been answered, as Tripwire 2.3.x has made it finally into the Debian distribution, and it's no longer under the Non-Free designation, but is parked in Non-US since it uses encryption. That provides an added level of security... What?
Oh, sorry. Tripwire is a file integrity checker. By checking key system files against a variety of secured signatures in an encrypted read-only database, Tripwire can be used as an IDS (or Intrusion Detection System). This is a fallback tool. It doesn't keep people out. For that I keep an eye on the security lists, implement packet filtering, keep my services up to date and don't run anything that I don't need. However, one must assume that all those measures will go for naught one day. On that day, it'll be a good thing to know that if the kiddies get in, at least I'll be able to know about it and take appropriate timely action. Sure, tripwire can be hacked, but since I put the configuration, binaries and databases all on CDROM, there isn't much of a possibility that those can be changed.
Now I'd best get going. I don't have enough energy for a full day, so I'd best give them what I have got. See you later.
Mon
Tues
WEDNESDAY
Thu
Fri
Sat
Sun
January 30, 2002 - Updates at 0715
Good morning. I'm tired, but I feel better, I think. This was a light bout. Fortunately, I don't get stomach flu, but what I do get is varying levels of muscle and joint aches, combined with fever and headache. I often lose my appetite (which is a flare-lit tipoff that something's not right with Brian). This was fairly mild, but it's hard to tell going in.
In the meantime, we've been coping with some really cold temperatures (for coastal California). Earlier in the week there was snow falling in downtown Sacramento (the State Capitol), for the first time in 26 years. Overnight the same day, snow fell in all the hills surrounding the SF Bay area, as you can see from the pictures linked by thumbnails to the left and right. Those are the hills to the east above Fremont and San Jose respectively. On the west side, they're pretty too, but relatively shrouded in clouds and not very photogenic. Up in Petaluma (up past North Bay) there was four to six inches, which in a lowlands city unprepared for such, closed the joint down. Heh.
Then there's Googlewhacking... Jon Sturm brought this to our attention on the backchannel. What fun, especially the concept of the Dixon/Greeble Heisenwhack Principle. Yes, you need to go read that page for yourself - but the goal of Googlewhacking is to hit Google with a two word search phrase (valid words according to dictionary.com) that results in a SINGLE result being returned. My first success took four or five tries: piffles breaker. Yeah, now that I've posted it here, it's history once Google re-spiders my site. That phrase has been Heisenwhacked.
Time for me to roll. See you on the flip side (or in the webcam).
Mon
Tues
Wed
THURSDAY
Fri
Sat
Sun
January 31, 2002 - Updates at 0823
Good morning. Today I'm doing the morning update from the office, via SSH. I took an extra 20 minutes of sleep this morning inadvertently. Really. Only a few interesting tidbits this morning, so far...
First off, the new Sharp Zaurus, a Linux-powered PDA (though still only available in developer models), is making a bit of a hit at LinuxWorld NYC, at least among the Agendaroids that are there. I'm even lusting a bit after one. The major drawback from the standpoint of the Agenda developer community (from the perspective of new or ported applications) is that the Zaurus is that it's GUI is based on QT-Embedded rather than a chopped down version of XFree86. It's harder to develop for, I understand, and I don't know if there are any licensing restrictions when working in the QTe environment. Still a cool-looking widget though (especially with that hidden keyboard), here's a link to the Sharp site
Ok, just the one interesting tidbit at the moment. Sorry. And there I was, thinking I was feeling better and all. Here comes the mind-numbing headache, though. Hope you're day is going better than mine. See ya!
Mon
Tues
Wed
Thu
FRIDAY
Sat
Sun
February 01, 2002 - Updates at 0710
Good morning and TDIF. Been a long week, and while it isn't over quite yet, clearly the end is in sight. Whether the light at the end of the tunnel or an oncoming train, the end is in sight. I did find a new use for the webcam yesterday... no, not that, get your mind out of the storm drain, son. I was on the phone with a vendor, and we were "arguing" over parts that I had been sent by his company. So I held up the bag, with the part number clearly visible. Then I took the part out of the bag, and held that up. Poof. OK, now he understands both what I have, and what I need. All right there during the conversation. Most excellent.
I ran across an interesting site yesterday: AlterSlash. It's a digest site for Slashdot, with the current articles and a selected few of the highest moderated comments for each. There's links into the message threads if you want. I think this is cool, because often I like both the story selection and some of the comments, but it takes a lot of wading through hip-deep shit to get at the gems. Here someone's done the work for me.
More linkage: Michael Swanwick's Periodic Table of Science Fiction, for each element, a popup window brings us a short-short written in the context of the element. Now that you've had your entertainment, you might want to check out Securing and Optimizing Linux. It's a Red Hat oriented document, but if you're in shape to secure your own box, then you can generalize the instructions to adapt to any of the filesystem layouts used by the various distributions. Good job on this one.
I guess I'd best hit the road. Have a great day... Oh, oh, wait, there's one more tidbit. I'm working with a patched kernel, as I may have mentioned. Since I started the process, I had at least three separate incidents where the system locked up on me hard, to the point where I had to reboot. I was getting an error message, though, about Too many open files in the system.
bilbrey@garcia:~$ cat /proc/sys/fs/file-nr
2109 816 8192
8192 is the maximum count of available file handles (resettable by echoing a new value to /proc/sys/fs/file-max), the first number is the number that have been allocated, and the middle one, currently 816, is the number currently in use. I was maxing out the usage, and locking the system. But which process was the culprit? Other than the set of kernel patches, I'm not really running any software that I wasn't before. Mmmmm. After much experimentation last night, I found that if I invoked XMMS (a MP3/OGG player, like Winamp) a few times, I could start running that middle number quickly up into the thousands without any effort at all, in a matter of 10 minutes or so after a clean boot. So I've banished XMMS. Since I'm back to KDE, I'll just run the KDE Media Player. FYI. Ooops, gotta run. Later.
Mon
Tues
Wed
Thu
Fri
SATURDAY
Sun
February 02, 2002 - Updates at 0900
Whew. I'm really, really happy to be on Saturday. The stress from the job has become rather intense, distressingly so. I'm losing sleep over it, and it's affecting my health. I may need to evaluate my options, although it pains me greatly to say so. We'll see what shakes out over the next couple of weeks.
I've been up and at'm for a while now, mostly doing the email thing. There was lots of it this morning, including a number of system log reports from Grendel, the Gateway G6-233m. Grendel is our generous host for this site (running Apache), my mail (Postfix) and list (Mailman) server. I did a bit of housecleaning in Grendel last night, removing packages that weren't needed from both the original installation, and a few abortive experiments along the way. While most of the listening daemons were protected by firewall, I feel even better about them being gone from my system. Since I'm not using them, they weren't in the front of my mind, and didn't get the attention to security and maintenance that a running service requires..
Once that was done, I had to reconfigure the IDS (Intrusion Detection Systems) to reflect the rebuilt state of Grendel. Otherwise the error reports get too long to cope with. Oh, and yes, there are backups, too. The IDS only tells me that someone got in past updated services and a firewall, it's purpose is NOT to stop interlopers, but to alert me to their trail, that I might tear down the castle, and rebuild again. The ideal solution would incorporate a separate logging server that doesn't appear on the network (linked by serial connection only is a good thing), but I don't have room or power budget for yet another box here. One day...
Marcia's off to quilting class today, and I've got a variety of chores to attack, from yard maintenance to a bath for the mutt, so I'd best start organizing my day. I'll be back later with more, if I find anything that interests me.
Mon
Tues
Wed
Thu
Fri
Sat
SUNDAY
February 03, 2002 - Updates at 0930 and
1715
Good morning. Did I mention that I hate spammers recently? Well, actually, the recently applies to the mention part, rather than the hate part, as Spam has been part of the bane of my existence for many years now. I have many, many mail boxes. I can and do use a variety of tools to keep the riff-raff outside the gates (or at least penned up safely in quarantine for later evaluation). However, I had 18 copies in a row of an 819K message about someone's home for sale. It purported to include their home phone and fax numbers, and was sent through an apparently open relay box from an ATTBI customer. I wrote a less than pleasant response to the sender, and registered a complaint with full headers, host information and a copy of the offending message to ATTBI abuse.
So far, the rest of my morning's been eaten the same way. Every hour or so I have a batch of messages from the server, and I have to evaluate them and decide whether to add the attempted interlopers to my fully blocked list or not. I usually err on the side of caution. However, I think I might just reinstall Portsentry, as right now I spend 15 to 30 minutes a day evaluating attack reports from the server, and responding to them. Best I automate that procedure, don't you think? What? Yeah, no joke - there are probably 20 to 50 attack or wrong connection attempts to my home IP every hour (sometimes much more), from between 4 and 20 hosts. Some number, perhaps 30%, are spoofed source IPs. I know because I run a host command on all of them, and when they don't exist - well...
Anyway, instead of finding interesting things to talk/write about, I've just been responding to attacks and spam so far this morning. Now I've got to get ready for the Costco run. However, that's about it for today, as yesterday I bathed the dog, weeded and cleaned up the back and front yards, mowed the back lawn, cleaned the kitchen and the bathroom, and did four loads of laundry. So today is for relaxing, perhaps. See you back this afternoon, for sure.
1715 - Well, it's still light out, I count that as afternoon. Click on the thumbnail at right to see the excitement around Hovel Bilbrey on Superbowl Sunday afternoon... Heh, yeah, me too, which is why I snapped those pictures. Actually, we have broken down and are watching the game - I'm a second cousin, once removed, of Tom Brady, after all.
Now I guess I'll go prep dinner, and listen to the U2 halftime show. See you next week!
Mon
Tues
Wed
Thu
Fri
Sat
Sun
Last Week
<-- * -->
Next Week
Visit the rest of the DAYNOTES GANG, a collection of bright minds and sharp wits. Really, I don't know why they tolerate me <grin>. My personal inspiration for these pages is Dr. Jerry Pournelle. I am also indebted to Bob Thompson and Tom Syroid for their patience, guidance and feedback. Of course, I am sustained by and beholden to my lovely wife, Marcia. You can find her online too, at http://www.dutchgirl.net/. Thanks for dropping by.
All Content Copyright © 1999-2002 Brian P. Bilbrey.