Another Meme

Stolen from http://dannimatzk.co.uk/?p=245

1. What time did you get up this morning?
7:20 am

2. Diamonds or pearls?
Diamonds

3. What was the last film you saw at the cinema?
Iron Man.

4. Favourite TV show?
Firefly, Startrek, Doctor Who.

5. What do you usually have for breakfast?
Cereal

6. What is your middle name?
Paul

7. What food do you dislike?
Raw tomatoes.

8. What is your favourite CD at the moment?
ZOEgirl – room to breathe.

9. Favourite sandwich?
Chicken, sweetcorn and mayonnaise.

10. What characteristic do you despise?
Selfishness

11. Favourite item of clothing?
Jumpers.

12. If you could go anywhere in the world on holiday, where would it be?
Germany

13. What colour is your bathroom?
White

14. Do you make friends easily?
No

15. Where would you retire to?
Somewhere warm.

16. What was your most recent memorable birthday?
21st

17. Favourite sport to watch?
Snooker.

18. How many towns have you lived in?
Three

19. How many do you think will send this back?
0

20. What’s on your bedroom floor right now?
Books. Wires. Multigangs. Some clothes. Bag of Books. Some computer parts.

21. Favourite saying?
Real stupidity beats artificial intelligence every time. Terry Pratchet – The Hogfather

22. When is your birthday?
1987

23. Are you a morning person or a night person?
Night.

24. What is your shoe size?
Size seven and a half

25. Pets?
none

26. Any new and exciting news you’d like to share with us?
I’ve managed to process one photo out of the nine I wanted to.

27. What did you want to be when you were little?
A firefighter.

28. Which talent would you most like to have?
To be able to pick up different languages quickly.

29. Which words or phrases do you most overuse?
Aye.

30. What is your favourite flower?
Bluebells.

31. What is a day on the calendar you are looking forward to?
Monday 19th. End of Phase 3 of a project we’re working on at work.

32. What colour are your eyes?
Brown.

33. What was your favourite toy as a child?
Woofy. A teddy. Quite small and fragile. Still got it, somewhere, although its falling apart.

34. Summer or winter?
Summer. I hate the cold.

35. Hugs or kisses?
Hugs.

36. Chocolate or Vanilla?
Chocolate.

37. Do you want your friends to send this back to you?
It would be nice.

38. When was the last time you cried?
A month and a bit ago. Old memories.

39. What is under your bed?
No idea.

40. Who is the friend you have had the longest in SL?
Not played in SL.

41. What did you do last night?
Ate. Read my email. Slept.

42. Favourite smell?
Lavender.

43. What are you afraid of?
Needles. Strangers. Lots of people in a room. Not knowing where I’ll be tomorrow.

44. Plain, sweet, or salted Popcorn?
Salted.

45. How many keys on your key ring?
9.

46. How many years at your current job?
0.1 ish.

47. Do you have any scars?
One on my cheek, and one on my tummy.

48. Favourite day of the week?
Sunday.

You are quite welcome to do this, and please trackback so I can see :)

Move Complete :)

My blog’s move is finally complete 🙂

As I said, my new RSS feed is available from https://kirrus.co.uk/feed/

With the move, my commenting system is now open, and does not require registration. Be patient for comments to be posted – the first time you post, your comment will be moderated. Also, I have a set of spam filters that may be a little too exacting; if a comment hasn’t gone up after a while feel free to contact me.

As well as the blog move to WordPress, had all three interviews. On the final interview I was offered the job and I accepted it. I started two days after the interview (thursday). Yay! Currently, my commuting time is a total of 5 hours a day, so I’m already thinking about moving closer to the office.

Interview – I had to take a brief test, which was interesting. The first section was grammar, one of which we had to find what was wrong with “LCD Display” and “PIN number”. Later, it turned out, that the website of the company which I’m now working at has a very similar error, with “ZDR reboot”. Fun fun.

I will be working on a theme for this blog shortly – this is a stock “K2” theme. I saw that elwoodicious is using K2, and it seems to be quite handy 🙂 (Look at the footer for a link to info about K2)

Photographs – My memory card reader is ready and waiting next to my laptop for me to download another batch of photos from my camera, so the next post will be the best out of that batch.

Computer – I’m back on my laptop, because my new hard-drive has failed in a very similar way to the old one. I’m guessing that theres’ a problem with the PSU or SATA PCI control card.

General Update Ramble

The following is a random update, covering everything from my explorations of Linux to life stuff. Feel free to skip if you don’t care 🙂

Hardy Release Party

Was really nice, once I’d got past my initial reluctance to go and the butterflies in my stomach as I traveled to it. I said on IRC before I left, that the first person to recognise me, would get a drink on me. Daviey failed, he was outside having a cigarette when I finally arrived. To be fair, he wasn’t on the IRC channel when I said about the free drink… I managed to get lost, walking from the tube (Embankment) on the way to the pub – asked directions three times. Had the obligatory chat with Daviey about asterisk (I like asterisk!) and some of the pros and cons of the FreePBX interface add-on. (As suggested by Popey on the mailing list. Thanks!)

I went in with Daviey, and saw Alan Pope. He was in the middle of a conversation, but was about to say “hello Kirrus” to get his free drink, when Josh (Jerichokb) popped up, and nabbed it first :). Funnily enough, we had this conversation on IRC before I left:

<jerichokb>    Kirrus: thank you in advance for the beer :)
<Kirrus>       jerichokb, don't count your chickens...

Heh… I guess he can count them after all 🙂

I had a really nice time, which is *really* unusual for me in a room with that many people in it. (I don’t do lots of people… I normally can’t cope, and leave asap, or sit in a corner hiding…). Sad to leave at 9, but I got lost 4 times(!) on my way back to the tube station, (asking for directions each time… one guy gave me dogy ones…).  Next time I find a good map. Missed the train I was aiming for, and ended up taking the last train, got home midnight. (Yes, three hours travel. Missing the train will do that for you.)

Distro Experimentation / Hard Drive Failure

Well, my CentOS install died with my harddrive, about 2 days after my posting about it. CentOS is useable, and is quite nice, though I didn’t reinstall it when my new drive arrived. Unfortionatly, it turns out that my new drive has some bad blocks on it. Repaired the filesystem using “e2fsck -c” on the live cd, and reinstalled gutsy. Upgraded to Hardy RC. A lot of work. I’m going to have to boot back into the LiveCD sometime and check the filesystem again, to see if there’s any more corruption. If so, I’m going to have to get another Harddrive, and RMA this one. Just what I didn’t need with my dwindling savings and no job. Update:(Thanks, as always, to the Ubuntu-UK irc guys for the help and advise as I tried to repair my partitions)

Jobs

I’ve had 2 interviews so far, one at Codian, one at Canonical. I’d  really like to get the Canonical one (working in a datacentre, looking after servers), as it sounds like an enjoyable thing to do, that and giving me plenty to learn. But, I don’t think I will. (Heh – my natural state after any interview. Then getting the job is a pleasent surprise rather than a disappointment.) Millbank tower is NICE, and the commute into Vauxhall fairly simple.. I just take a slow train from a town about 3 and a half miles away… an hours walk, or 15/30 minutes cycle depending on the traffic, and which way you’re going. (To is easier. One big hill up, then mostly downhill to the station.) I’m still awaiting a reply from Canonical HR about blogging guidelines as applied to interviewees, so I won’t go into too much detail about that interview here. Suffice to say, it was interesting.
The Codian interview was by far the most difficult, I was asked a tonn of questions by three different people, over 2 hours. Decimal to binary (on a whiteboard).. I’m a bit rusty at, not having done it much before, but got there in the eventual end. Decimal to Hexadecimal, mathmatics is not my strong point, but again, got there in the end. (6E == 110).Very friendly receptionist 🙂

I’ve one interview/meeting left, at Positive Internet. Sounds interesting…

If you know of any Junior/Trainee Linux/Ubuntu-Based jobs in London going around, let me know.

To Do:

  • Process, upload and blog photos. Recharge camera’s battery (rarely need to do!)
  • Continue Job Hunting.
  • Look at the feasibility of moving onto a new blogging platform, but staying with my current email and domain host.
  • Hunt for jobs.
  • Bug Triage.
  • Think about applying for temp work to tide me over.

Centos

Well, its a couple of days into my trial and I’ve settled into Centos. (I went with Centos instead of Fedora, as its closer to RedHat according to the #ubuntu-uk guys andylockran & popey [Thanks!], which is the OS I really was aiming to play with.)

I’ve had a couple of niggles, like the old version of Firefox (1.5x series instead of 2x) on Centos, the ease of installing java etc… Its only when you step away from Ubuntu that you realize just how advanced it actually is!

So far, I’ve installed 4 rpm packages manually, and compiled one successfully. (I tried to compile the last.fm client, but it wasn’t playing ball. I’ll get it working eventually…)

The package I compiled was pamusb, a really cool utility to allow you to use a USB key for authentication on your system, literally, you can use it to login with, use sudo commands without passwords, etc. I’ll probably post a guide at some point. From looking around on the web, it works better with Ubuntu than Centos as the packages you need are in Ubuntu’s repos. I’m not sure whether that includes the pam configuration you have to do, but I’d expect so.

You can get pamusb here: http://www.pamusb.org/ (or as mentioned, in the Ubuntu Repositories) [Update: Don’t use the Ubuntu Repository version: its out of date]

Centos’s graphical package manager isn’t anything as nice as Ubuntu’s, but the command line “yum” is certainly better, giving more information in “yum search <package or purpose>” than a “apt-cache search <package>” would.

With this reinstall I put /home/ on a separate partition, so that should make jumping easier. I’ll probably try Fedora at some point… and Debian….

</blog-entry>

Bugs, a failed walk, and photos

Bugs

Since my rant about the state of bugs in Ubuntu, I’ve been going over my bugs, one by one, poking them and re-triaging them. I did this to one bug for gweled, 110268. One of the people who had experienced this one tagged it “bitesize” (easy to fix) and “packaging”. I reset it into “confirmed” state, assigned it to the MOTUs. (I tend to set them to “incomplete” whilst poking them to make sure they’re still an issue – that way if there is no response and I randomly disappear, launchpad will automatically mark them for expiration). As a result of my poking it, Effie Jayx was asked to it, and the bug is no-more in Hardy. Nice 😀

Thinking about it, I probably should have chucked that particular bug upstream earlier. The reporters had done all the work tracking down the bug… there we go, live and learn. I’m slowly poking all the bugs that haven’t been fixed, that I’ve triaged, making sure they all go to the right places…

A failed walk

‘How can a walk fail?’ I hear you ask. Quite simple, I was attempting to find a few geocaches, in a long walk around my local area. Geocaches are basically small hidden caches, which you find with a hand-held GPS.

So, I parked up with my recently repaired car (long story), and set off. However, I managed to go the wrong way (yes, even with a gps with topographical maps of the area), so I didn’t get anywhere close to finding any geocaches. I’ll probably try a completly different route next time…

On the way though, I did manage to take a couple of nice photos, so here are the best of them. As usual, all photos are under the Creative Commons share-alike attribution licence, click on the photos to see a bigger version on flickr.

This one is looking through a wire fence, fairly close to where my next one was taken. Sorry the background is blurry, should have put it into macro mode. The hill was quite steep here and my footing was tenuous so I wanted to move on quickly…

Hillside fence

Went past this wall whilst walking back to my car in the woods. Its falling to bits, but not being kept up, as it’s been replaced by wire fences. There are quite a lot of crumbling dry-stone walls in this particular wood.

Crumbling Wall

Weir

As usual, my water photography continues 😉
I took these two at a local park, which is very close to where I work. I go there to eat lunch sometimes, and there’s a artificial pond created by this weir/dam.

Dark Weir Weir

6 Random Photos

I decided it was about time I made another camera card-dump. I also picked a couple of pictures out of my archives and uploaded them. If you can guess the location of any of these, comment here or on the flickr photo page! (Virtual cookies for anyone whom gets it right!)
But no cheating, if you know me in person, and know where these are, don’t say anything 🙂

All photos are under the Creative Commons Attribution-Sharealike licence. Click on the photos to go to the flickr page. Enjoy!

Steam Railway

Went to a steam railway somewhere in Wales for the day (April 2007), with my cousins. There was a marquee with a wooden floor there.. on which somebody had at some point stuck an Ubuntu sticker! They certainly get around 🙂

This is the bottom of a hose used to refill the steam engines with water. It dribbles a bit all the time, whilst the railway is active. Was a really sunny day, light enough that the shutter time was quick: 0.004 sec (1/250th of a second).

Steam Engine Hose dribble

I then took a photo (second one) of the puddle where this water was going. Wind was blowing it about a bit, took a couple of shots to get a really nice one. Again, really sunny day helped, shutter time was 0.004 sec again

Steam Engine Puddle

Welsh Ponds

My grandparents came and visited me last year. (I have photos of them, but I’m not putting them on the ‘net.) We went and visited a fairly famous place in Wales. If you’re welsh, I would be VERY surprised if you haven’t visited here at least once. Not sure you’ll work out where this is from this photo though. Didn’t spend long there, just enough time to get this photo and have a bite to eat in the cafe.

Welsh Ponds

Christmas 2007

I’ve not many photos of Christmas just gone, because as mentioned, I managed to leave my camera behind when I left Wales for my family home. Anyway, I have a certain urge that fills me every Christmas. never acted on it, never will, but I want to find and use a pair of wire-cutters every time I see garden decorations. Don’t know why, but I do. This particular example has a very visible wire, and I saw it quite regularly over Christmas.

Christmas Sleigh

Night Shots

As you may have noticed, I quite like taking photos at night and in the rain. Well, both of these fill the “night” slot, and one of them also fills the “rain” slot. (It was more like torrential downpour, but there we go.. shame you can’t see it on the photo.)

Cold night, dark, walking home. The water on the road is runoff from the (large) hill about half a mile down the road. Sorry about the blurryness of this photo (the larger version is even worse.) Shutter time on this one was 0.3 sec (3/10ths of a second)

Empty Road

And last of all, this one I took tonight (3rd of Feb). During the torrential rain that stopped me walking to Church this evening. My camera went a little odd on this one, and didn’t take it in its full high-resolution, so there’s not a bigger version, I’m afraid. Shutter time was 0.125 sec (1/8th of a second). I overrode the camera to shorten the shutter time, else it would have been too long, and I’d have ended up with a blurred mess.

Dark Street in the Rain
Hope you liked all those. All comments & constructive critique would be appreciated 🙂

Heavy Rain

A couple of days ago, it was raining really heavily. So, out came the trusty digital camera, and here are the best three shots of the night. (I took about 25. I’m glad that digital film is free!)

Car splash
Falling rain, Running Water
Headlights running water

The really interesting thing about taking all the photos was holding the camera still whilst I was getting pelted with rain and wind. I had to tweak the shutter timings to try and get a good photo without the flash: the flash destroyed the image, the falling rain all reflected the light into the lense, and it ruined the photo. I’ve still got the images, if you want to see…

I’ll post about my car in the not-too distant future (and why I was walking through the rain instead of driving…)

For the person found this blog through google with the Ubuntu terminal command:

cd / && sudo rm -rf

as your search term, DO NOT RUN IT! It will destroy your computer! In fact, don’t run ANY terminal command with “rm” in unless you know exactly what its doing!

Notes / MySQL Transactions

Why should you not use your notepad as a coaster? This is why:

Notes
The notes did say this, before my lovely hot black coffee destroyed them:

“begin” == Start transaction
“commit” == End transaction, saving all changes
“rollback” == Undo all changes that you’ve made in the transaction

What are they? In mySQL 5, with a table storage type of “innodb” you can use transactions. This means, that you can make a set of changes together, like recording the removal of a credit, and the adding of an advert to a website, at one instance, even if it’s multiple mysql transactions within one connection.

You do that, by sending the command (literally “BEGIN;” or “begin;”) to start a transaction, run all the queries you need to run, and then run the commit if you want the all the changes to take, or rollback if you don’t. If any one of the sql queries fails after you’ve made a begin, and it shouldn’t have, you can rollback *all* the changes you’ve made to the database. Obviously, this needs one mySQL connection, but if you’re using more than one each run of the program you’re using, I’d be very surprised.

Xen Gutsy Links

A post full of links and unsorted info about using Xen on Ubuntu Gutsy Gibbon, so that I don’t forget. (This lot has taken ~2 days to collect…) May make a full howto sometime… probably not though, as my boss knows this stuff better than I. Xen is pretty cool though…

https://help.ubuntu.com/community/Xen (useless for gutsy…)

The Xen console doesn’t work (xm console <domU>), network works once, and then never again… Going to paste this here as its in a pastebin, not sure when it will expire… (Have tweaked slightly, snipped a couple of things out, added couple of things in)
http://rafb.net/p/49Ku5e10.html

>> OK, I have made a little progress on this.  I mounted my VM image on a
>> loopback and chroot'd to it.  I opened /etc/init.d/hwclock.sh
>> and /etc/init.d/hwclockfirst.sh and added the following to the top of each
>> file:
>>
>>   exit 0

ALSO SEE: http://lists.cvsrepository.org/xen-tools/Jul07/0332.html

sudo xm create -c </path/to/config/file>

-----------------

# Ever-increasing network device names?

# Just disable the correspondent udev rules by deleting/renaming your
/etc/udev/rules.d/<NUMBER>persistant-net.rules. (number was 70 for us...)

guest# mv /etc/udev/rules.d/{,.}z25_persistent-net.rules

# And then make sure your vif (in your instance config file) contains your mac
# address like:
vif = ['ip=192.168.0.45,mac=<random valid mac addy>']

Just be sure to stop the instance (domU), and then restart (re-create) it again when needs be…

Also, when in the Xen console, try hitting enter before using the escape sequence (CTL +]) if it’s not working. Sometimes it enters into the console after the “login:” prompt has been printed, and doesn’t seem to pick up that its just had a new connection…
The ALSO SEE link: http://lists.cvsrepository.org/xen-tools/Jul07/0332.html

Using Serial console & xen console (serial console conflicts with xen console):
http://phaq.phunsites.net/2007/06/30/xen-console-grabbded-devttys0

/boot/grub/menu.lst stuff, to enable us to use a serial console as well as xen:

serial --unit=0 --speed=115200 --word=8 --parity=no --stop=1
terminal --timeout=2 serial console

Goes in the top of your menu.lst, outside the automagic sections…

## additional options to use with the default boot option, but not with the
## alternatives (These options are not used with the Xen Kernel!)
# defoptions=quiet splash console=ttyS0,115200n8

For the default kernel, (NOT the xen kernel).
Goes inside the AUTOMAGIC section of your menu.lst, adding to the options already there.

## Xen Linux kernel options to use with the default Xen boot option
# xenkopt=console=tty0 console=ttyS0,115200n8 xencons=ttyS9

Note the xencons=ttyS9. Use a serial port (ttyS<No.>) that doesn’t already exist.

Your Xen kernel definition should look something like this, after you’ve run “update-grub”:

title           Xen 3.1 / Ubuntu 7.10, kernel 2.6.22-14-xen
root            (hd0,0)
kernel          /xen-3.1.gz
module          /vmlinuz-2.6.22-14-xen root=/dev/mapper/volume-root ro console=tty0 console=ttyS0,115200n8 xencons=ttyS9
module          /initrd.img-2.6.22-14-xen
quiet

The guys on irc ##xen @ freenode are really helpful…

Attacked by the Storm Botnet

Once upon a time there was no internet crime. Then humans came along…

Recently, we came under attack from the Storm / Nuwar Botnet. The post I made about it on the third of October: We had mis-identified it as a referral spam attempt. Close, but no cigar.

Now, I’ve always tried to keep my name & employer from becoming too widely spread on the interweb, although there is a couple of really, really easy ways you can find it, just from this website. (One of them being, ask me 😉 )

It appears, that as a result of the two posts I’ve made about the Storm Worm, someone decided to DDOS not this blog, but my employer’s un-related servers, attacking one of our customers’ managed servers, and then our webmail server. (This blog is hosted from servers in  the same rack as those servers.)

At its peak, the attack was drawing 8Mbps of data transfer. (About 1MB per second.)

Encryptec ddos attack

Graph is read from right to left. <<<<<<< Time Flows that way. <<<<<<<

You can see at 0930, when I got in work and started combating the attack. We only really stopped it the morning this graph just ends on…

Only problem, was that they were flooding our server with requests, literally using every available incoming connection on the server all the time.

For non-techies, a web site is hosted by a computer somewhere on the interweb,
that never gets turned off, connected to a really thick pipe to the internet.
Its configured to accept a certain number of new people visiting its website(s)
at once.

We’ve now completely mitigated this attack (to the point, where at most now its drawing 50kbps 1). Technically, we can mitigate (and sustain) a much more serious attack. This was basically a “Get Lost, and STOP POSTING ABOUT US” poke.

An expensive poke. A sustained 8Mbps transfer rate is expensive in bandwidth!

So far (*wanders off to check*) we’ve identified 23,265 ip addresses which have tried to attack us. That’s a lot of infected computers, but it could have been worse.

It appears the attack has been petering out, we are identifying one new bad ip (infected computer) once every 30-60 seconds. At its peak, we were picking up at least one new ip every second.

If we have another look at that graph of the attack:Encryptec ddos attack

The attack started at 1AM GMT, and ramped up to full power in about 20 minutes. That means that it takes the Nuwar / Storm botnet about 20 minutes for a command to filter down into its bots.

At the beginning of the attack, the pattern we were seeing was a bad request from one ip, then 3 different bad requests, then back to the first IP. Sometime during the attack, I think about 1400 or 1500 (2 – 3pm) they switched to hitting us repeatedly from one ip address, showing that someone was probably monitoring at least a small part of this attack, and had noticed that we’d started to block the attacks.
Now, this happened quite a while ago.

Encryptec DDOS attack - 4 week

So why haven’t I posted about it yet? Why has it taken me 2 weeks to blog about this?

Because, its only now that we feel that we are able to safely weather another attack, should the Zhelatin Gang decide to start poking us again. If they didn’t like me posting what I have, they’re not going to like me posting this.

A message to them: I do not like bullies. Go pick on someone your own size for a change.
Thanks to stopddos.org, for analysing the logs and identifying Storm as our attackers.

UPDATE 20/10/07: A little while ago I sent a part of our logs for geographical analysis to one of the nice guys at castlecops.com.
Here is the graph that resulted from that. This is the top 5 attackers from country, in a pie chart. As you can see, Germany (Country Code DE) was the biggest, closely followed by the US. If you want to see other attack graphs, go here: http://www.spamtrackers.eu/wiki/index.php?title=Botnet_hosting (ours is listed there as BB, moved around to match up with the others, and slightly tweaked.)

  1. 5KB per second