Welcome to Orb Designs

Home

Graffiti

About

Sitemap

Visual

DevWork

Email Brian Bilbrey

Email Brian

GPG Key

GRAFFITI -- March 13, 2006 thru March 19, 2006

>> Link to the Current Week <<

Last Week << Mon   Tues   Wed   Thu   Fri   Sat   Sun >> Next Week

Search this site :

Welcome to Orb Graffiti, a place for me to write daily about life and computers. Contrary to popular belief, the two are not interchangeable.     About eMail - I publish email sometimes. If you send me an email and you want privacy or anonymity, please say so clearly at the beginning of your message.

 Ron Paul in 2008

Creative Commons License

Read LinuxGazette, get a clue.

MONDAY    Tues    Wed    Thu    Fri    Sat    Sun   
March 13, 2006

0631 - Good morning. I see that for the second month in a row, Friday the Thirteenth falls on a Monday. Somehow, given the rep that $FRI_XIII has, Monday is an utterly appropriate place for the dreck to be deposited. After all the hard labor I did on Saturday, yesterday nearly became a day of rest. But instead I cleaned up the woodshop, built a wall-mount radio stand for high up in that space, and cleaned up again. That was after sleeping in and shopping, and took me through most of the afternoon.

My favorite server OS these days is OpenBSD, now that I know enough about it to open the package and get things going without cutting myself (metaphorically, or otherwise: grin). I have several servers at work that I've built up in OpenBSD, and I have several good mentors there, so that I can get timely feedback on my configurations and learn from their input. The next release of OpenBSD is version 3.9, and the Pre-Ordering for that opened up quite recently. I put in my order yesterday, and ordered the t-shirt, too. That's an important step, because then the CD jewel case is securely wrapped in the t-shirt, greatly improving the mailing survivability of the case. And it's wearable!

Current stuff:

I let myself sleep in a little bit so... it's time to roll. Have a passable Monday.

1024 - Good morning, again. There's been another update to GnuPG recently, as a further code audit has revealed that good signatures can be returned for bad data. This has been fixed in upstream release, and many distributions have already released updated binary packages. This is not true of Xandros, unfortunately, as yet. So I pulled down a source debian package from a Sarge repository, got all the needed dependencies, and built gnupg_1.4.1-1_i386.deb on my Xandros 3.0 box here at work, which means that it installed fine there without requiring a libc6 update. You can download that package from me (if you like), and check the md5sum from this file I uploaded to another system (making it less likely to be simultaneously owned and trojaned). I hope this helps. Please note that because the version is considerably higher than that Xandros is using, that any official Xandros package for this vulnerability will not update over the deb I built. You'll have to download the package from Xandros, and use the same type of install command to get the Xandros version into place. Speaking of which, here's the command you should use (as the root user) to install the above package:

dpkg -i gnupg_1.4.1-1_i386.deb

Hope this helps out some of you. Back to work, now.

Top  /  Email Brian

Mon    TUESDAY    Wed    Thu    Fri    Sat    Sun   
March 14, 2006

0719 - Good morning. I've got a good start on the day, with a morning commute that wasn't too heinous. But now I've got a data search to undertake, so I'll leave you with this one thought: When you take a medication (let's call it Ambien, for sake of argument), and it turns out that you either sleepwalk or sleep-eat (!!!) while taking it, do you (A) Stop taking the medication or (B) Sue the makers of the medication. Apparently the answer is (B). Damn, but I despise our litigous society. Get a grip, people! Okay, on with work for me. Ciao.

Top  /  Email Brian

Mon    Tues    WEDNESDAY    Thu    Fri    Sat    Sun   
March 15, 2006

0825 - Good morning. After a bit of a lie-in this morning (until nearly 0615), I am now at work. As I was thinking on Jerry's story in Byte, mentioning Alex's printing work on a Xerox Phaser, I remembered...

To: JerryP, Thompson
Subject: A side note about Xerox Phaser printers

One of the reasons that Phasers make such nice printouts is that they are
direct dye transfer printers. The "toner" is large waxy crayon-type stuff.
That's great, and the saturation and vibrancy is wonderful.

Do not, repeat, DO NOT, use a Phaser to print onto a CD Label that's going
onto a disc that is going into the dash of a car that's been sitting in
the sun. At the temperatures ambient inside that dashboard disc player,
the "waxy crayon-type stuff" goes all soft. Then you spin the disc. Grin.
Waxy crayon-type stuff spattered inside your dash-mounted disc player.

It might just be cheaper to get a new car.

Grin.

best,

.brian

And on that note, I'll get on with my day, and let you get on with yours. Ciao!

Top  /  Email Brian

Mon    Tues    Wed    THURSDAY    Fri    Sat    Sun   
March 16, 2006

0945 - Good morning. On Monday the temperatures were in the mid-80's. Overnight tonight we're due for snow. I blame Global Confusion.

Top  /  Email Brian

Mon    Tues    Wed    Thu    FRIDAY    Sat    Sun   
March 17, 2006

0622 - So, it's supposed to be snowing outside. Lightly, mixed with rain, and the snow's not sticking, but still ... a 40° daytime high swing from Monday to today. Very freaking weird. Especially since (except for the temperature bit, which is true), it's actually dry outside. Gray and grim, but dry.

I was going to talk bad about the ricer in his little tweaked Honda who nearly ruined my life on Wednesday's drive home when he cut in front of me with about half an inch to spare and jammed on his breaks. What saved my ass was watching him bob and weave through traffic for the previous few minutes, and I was on the brakes milliseconds before he was, just because I could see what was coming. The funny thing is how upset he appeared to be that I honked at him after the fact.

I learned something new yesterday about PF, as I had not read the FAQ or man pages for the last couple of releases. There's now some new options for stateful packet tracking - the source IP can be accounted for and counted using new options documented here. I'm able to use this to handle the brute-force SSH attacks that come my way:


# Tables
table <abusive_hosts> persist
 ...
# Rules
block in quick from <abusive_hosts>
 ...
 
pass in log on $if_eth0 proto tcp from any to $if_eth0 \
   port ssh flags S/SA keep state \
   ( max-src-conn 5, max-src-conn-rate 3/10, \ 
   overload <abusive_hosts> flush global )

I already allow whitelisted hosts in on another rule, wo they're not subject to the max-src-conn limit of 5 connections from a given IP address, nor the connection rate limit. If a host making multiple SSH connections gets as far as the rule above, and violates either of the state tracking options, the IP address is added to the abusive_hosts table, and any further connection from that host to ANY service on that system is blocked outright. That's a big win! Apparently this capability was added at the 3.7 release, and I just missed it. I'm glad I took another look yesterday!

I'm turning two micro-cubes into a double-wide today, so I need to be on my way. Happy Friday, have a great day!

Top  /  Email Brian

Mon    Tues    Wed    Thu    Fri    SATURDAY    Sun   
March 18, 2006

1245 - Good afternoon. Breakfast was coffee, string cheese, an oatmeal bar and a glass of cranberry juice. Lunch was just a half-a-box of Girl Scout Thin Mints. They're "thin", so that's all right, right? In the interval between meals, I picked up supplies for several projects, from rescreening some windows and replacing the weather stripping on a couple of external doors, to a bit of fence repair. I suppose that with Linda Rose coming over for dinner later, I'd best do some of what I planned to get done. Have a great day!

Top  /  Email Brian

Mon    Tues    Wed    Thu    Fri    Sat    SUNDAY  
March 19, 2006

1627 - Good afternoon. Here in the greater DC Metro Area, we don't get news. We get spin. It is so utterly obvious that Big Leftist Media deeply wants a sectarian civil war to break out in Iraq, just so that they can blame W for everything. This means that they have to put a slant on every bit of news that is Iraq-related. The other side of the story isn't any better: The Monocratic Party, lead by Sir Spendalot W. Bush himself, is falling over itself to paint as rosy a picture as is possible while there are still casualty reports to explain. I'm quite sure that the truth is someplace in between, with a crapload of Iraqis that just want things to stabilize so they can get on with their lives. However, as the nutjobs running the assorted insurgencies over there will happily kill people for any reason whatsoever, including not wanting the boat rocked, I'm sure that it's unpleasant for civilians. Imagine your neighborhood Imam saying, "You can back us, and hide us and our weapons, and you'll probably live to see next year. Or you can side with the Americans. Then we'll kill you, your family, and most of your neighbors, if they don't kill you for us." Meantime our young men and women are doing the best job they can to help the slightly more rational majority of Iraqis survive long enough for a government and self-policing to take effect. And they're taking casualties while giving much more than 110% ...

I just lost another 120mm stock Antec chassis fan. Back in October of 2004, I purchased two Antec Sonata cases to house Vimes and the machine known as Goldfinger. Today those two cases hold Vimes and Vroomfondel, running Gentoo and Debian respectively. The other thing, besides Linux, that those cases have in common is that both of them have lost their large chassis exhaust fan. Both fans seized up. I replaced the one in Vroomfondel about 4 months ago, shortly after the 1 year warranty expired. I probably should have replaced the one in Vimes at the same time. It finally gave up the ghost today. I'll pick up another one during the week. Yeah, shit happens, and I do keep insisting that this consumer-rated gear work flawlessly 24/7.

After the standard weekly shopping was done this morning, we headed over to Pottery Barn in White Flynt Mall to use the gift certificate my brother sent us for Christmas. We got some placemats and coasters, a soap dispenser for the master bedroom, and a pepper grinder for the kitchen. Then, in a fit of insanity, Marcia suggested we drop by Ikea on the way home. There we joined 7500 other cattle wending our way through that store, big enough to actually hold the entire population of Sweden. The one thing Marcia wanted, a queen-sized futon/sofa, was out of stock. So we got a couple of table-top lazy susans, a couple of utensils, and ran the heck away from there.

Now I've got a couple of chores left that I want to complete. Have a great rest of your day!

Top  /  Email Brian

Last Week << Mon   Tues   Wed   Thu   Fri   Sat   Sun >> Next Week

Visit the rest of the DAYNOTES GANG, a collection of bright minds and sharp wits. Really, I don't know why they tolerate me <grin>. My personal inspiration for these pages is Dr. Jerry Pournelle. I am also indebted to Bob Thompson and Tom Syroid for their patience, guidance and feedback. Of course, I am sustained by and beholden to my lovely wife, Marcia. You can find her online too, at http://www.dutchgirl.net/. Thanks for dropping by.

All Content Copyright © 1999-2011 Brian P. Bilbrey.

Creative Commons License
Except where otherwise noted, this site is licensed under the
Creative Commons Attribution-Noncommercial-Share Alike 3.0 United States License.