Rantings of a Lunatic

I try to remember this always, though I am not always the best at it.

In 2002 I went to Ireland, and I just recently got a scanner, so I have been scanning all of the old negatives from then. I have uploaded about 40% of them to flickr at http://www.flickr.com/photos/dnovotny/sets/72157623940320048/. I will upload more later. These are old photos, and I haven’t done any retouching on them, and the captions are really basic, mostly pertaining to my notes of where I shot each roll, but, I am happy to be uploading them.

I have a few more images to retouch from my recent Medium Format excursion, then I will start uploading those too.

So, I was looking at my logwatch report the other day, and saw one of my webservers was getting hammered via sshd. No big surprise, it happens, but, I started thinking about denyhosts, which was suggested to me by a friend a while back. It may work, but because its a log parsing application, it falls prey to a couple of oportunities which I am not interested in. Such as spoofing the user/pass name on the SSHD log to lock the localhost out, or to lock out the root user. While I was looking into it, I noticed a page that had another alternative:

/usr/sbin/iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent -set
/usr/sbin/iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent --update --seconds 60 --hitcount 4 -j DROP


I am no iptables guru, but, after some research, I can now read what this says. And its beautiful. Its simple, it does what I am looking for, and best of all, its already installed and working, its just an added configuration I needed to add. I did alter it to better handle what I think are appropriate settings, but, the spirit of the two lines is intact.

Now, for some results:

Sunday --

Failed logins from:
    58.61.37.210: 24 times
    58.223.251.93: 16 times
    95.59.142.130 (mail.nurecom.kz): 28 times
    95.173.185.132 (client-132-185-173-95.reverse.ni.net.tr): 528 times
    143.106.108.7 (hadar.bc.unicamp.br): 13 times
Illegal users from:
    58.61.37.210: 1353 times
    58.223.251.93: 1227 times
    95.59.142.130 (mail.nurecom.kz): 37 times
    95.173.185.132 (client-132-185-173-95.reverse.ni.net.tr): 325 times
    143.106.108.7 (hadar.bc.unicamp.br): 2 times

Total: 3553 times

Monday --

Failed logins from:
    61.155.177.2: 13 times
    82.91.129.34 (host34-129-static.91-82-b.business.telecomitalia.it): 1 time
    91.93.186.11: 92 times
    203.92.45.70: 1 time
    213.79.108.35 (mail.zelcom.ru): 30 times
Illegal users from:
    61.155.177.2: 2 times
    82.91.129.34 (host34-129-static.91-82-b.business.telecomitalia.it): 6 times
    91.93.186.11: 1110 times
    213.79.108.35 (mail.zelcom.ru): 9 times

Total:  1264 times

Tuesday --

Failed logins from:
    79.188.50.35 (hly35.internetdsl.tpnet.pl): 757 times
    80.153.186.212 (p5099bad4.dip0.t-ipconnect.de): 1 time
    121.157.1.125: 31 times
    125.7.229.86: 1 time
    125.141.195.190: 1 time
    202.100.91.157: 12 times
    221.165.162.4: 193 times
Illegal users from:
    79.188.50.35 (hly35.internetdsl.tpnet.pl): 42 times
    121.157.1.125: 206 times
    200.69.209.129: 1 time
    202.100.91.157: 98 times
    221.165.162.4: 44 times

Total:  1387 times

Wednesday --

Failed logins from:
    114.113.17.152: 1 time
Illegal users from:
    62.149.203.228 (host228-203-149-62.serverdedicati.aruba.it): 1 time
    67.205.112.113: 1 time
    190.84.234.186 (static-ip-cr19084234186.cable.net.co): 1 time
    218.75.79.18: 1 time

Total:  5 times

I know that this is not the ultimate of solutions, as a script could be written very easily to get around this sort of thing, but, it has obviously made a huge difference. And, I intend to keep working on this sort of thing when I have a few minutes here and there. I am currently looking into Public/Private Key Pairs, to see how that will impact the situation as well, and if its feasible within my infrastructure.

Last night was the beginning of SxSW, which means that masses of mindless drones are in town for a music festival. As you can probably already guess, I love it when lots of people flock into the place that I live, and act like they are from here in a very short period of time. I don’t mind tourism. In fact, I love tourism. I enjoy watching people who aren’t from here while they are on vacation. However, I hate when everyone comes at once, because all of the sudden the order of life gets flipped, and these people from other places end up exerting their idiocy on everyone else. I know this is a part of life, and I learn to accept it and get around it, but, that doesn’t mean I can’t complain about it. One of the major problems of living in Austin on a day to day basis is that the infrastructure has not kept up with the population growth. The road system just isn’t expansive enough to deal with the number of cars on the road, and whenever new roads are added, they seem to be toll roads, so they sit unused. My feeling on toll roads is not the point here, my point is that on a good day we already have plenty of idiots who don’t know where they are or where they are going. Now we are going to temporarily add in tons of people who have even less of a clue where they are or where they are going, and randomly include alcohol into the mix. That just sounds like a good idea to me.
Knowing all of this, I should have taken my vacation now, and just left. Sort of like burning the houses and salting the earth when the viking ships appear on the horizon. I didn’t though, so I am here now, and I am just having to plan around it. In one positive twist of fate, its Spring Break, so the number of cars on the road during my morning commute is cut in almost half, so I don’t actually sit in traffic. Because of this, I would completely support a law denying UT students driver’s licenses. And before people complain, I would also willingly support an expansion of public transportation. I am eagerly awaiting consistent service on the metro line. When it comes time to leave, I am however into the method of just planning for it to take a long time to make it home. So, I am hanging around downtown for a while to let the congestion subside. Yesterday, I went with Evan to REI and Bookpeople after work to kill some time. I ended up getting a hat that I really liked, and was way to expensive, but, oh well. I will wear it, and it sort of makes me look like I would fit in with Castro’s Regime.

Viva La Revolución

Before I headed home, we decided not to go out and hangout at the packed bars for St. Patrick’s Day, so on the way I stopped by the grocery store, and got some fresh fish and some beer. Being St. Patrick’s Day, I of course got a 6 pack of Guiness. For the fish, it was a 1lb fillet of Steelhead Trout. When I got home, I put on some rice, and coated the trout in lemon juice, then sprinkled it liberally with dried rosemary leaves, salt-free lemon pepper and some sea salt. I then broiled it on the top rack for 5 minutes, and moved it down to the 4th rack for another 8 minutes. It was delicious. We had rice and peas on the side, and the Guiness to wash it down. Pardon my dirty coffee table, for some reason we tend to eat dinner there more often than not. I guess thats because I don’t really have a dining room, only a bar into the kitchen, and thats got a bunch of stuff on it right now.

Steelhead Trout and Guiness

So, I have recently made some changes to my computing environment at home. I will update the farm page soon, but, I haven’t finalized all the changes yet. I can say that I upgraded a motherboard, which allowed me to put all of the original parts back in my Dell Dimension E520n, and set it up as a FreeNAS NAS device. It had its own set of issues in setting it up, but, its currently running a Core2Duo @1.86Ghz, with 4Gb of RAM, and 4.5TB of HD space. I ended up setting it into a RaidZ ZFS filesystem, using 1 disk for parity. Which ends up giving me around 2.6TB of usable space I believe.
I have started copying most of my online data to the array, however, I had a problem with the EXT4 file system that my old Linux workstation used to run off of where the superblocks had become corrupted. I tried everything over the last 5 days to get it working, and had nothing but problems. One of the biggest problems was using a SATA -> USB bridge on my netbook to try and run fsck against it. At 12Mb/s, USB1.1 really sucks for any kind of serious data transfer, and when you consider that fsck is going to read the whole 500Gb, and then write the whole 500Gb, I may have gotten impatient one or two times, and killed it so that I could try to get it to go over the SATAII bus. I finally got it to repair the superblocks by booting from a Gparted Live CD with it connected into the SATAII ports last night. And now I am sitting here booted off of an Ubuntu 9.10 Live CD, so that I could mount my NAS over NFS, and salvage what data I could from the drive before I wipe it. I know of about 6 files that grew from 1.5Gb to about 17Gb in the corruption, and there are another 4 more that I saw had shrunk to 16Kb. I am not worried about any of those files, as I can always reconstitute them from backups in one way or another. Unfortunately, when I signed up for Uverse, I just let them use their router, and as I haven’t had to do too much inter-machine transport, I hadn’t ever noticed that it has a 100Mb switch built in. I am now really wishing I had a 1Gb switch, as I can litterally see where that is the weak point in my current setup.

Anyway, its transfering over, and I will salvage what I can. Then I will do a low-level clone of the drive in my Hackintosh, which is what I built with all of the upgrades that I had stuffed into the Dell over time, and expand its root drive from 250Gb to 500Gb. I already have TimeMachine backing up to a dataset on the NAS, and its sharing through with AFP just fine. I don’t have Zeroconf/Bonjour working correctly yet I don’t think, but, it does work if I use the Go -> Connect to server path, and I know how to do that, so I am not too worried about it.