i ended up at the office briefly this afternoon. was doing some stuff, and checked one of the servers and … no response
so i check the window i have up for monitoring it (a holdover from a previous build where part of hte pipeline broke a lot, so i would watch for that on this system so i could fix it before it became an issue) … that connection crashed. so i reconnect, but not getting anywhere
so i end up at the office, where apparently my desktop’s wireless kbd needs new batteries. makes it harder to check things from there :o
down to the lab, bring up console … bring up console … check all the other switches on the kvm and all the other active connections are, in fact, active. go back, bring up console …
nothing. nada. zip. zilch. it’s like the screen is in saver mode, but not waking up. which usually means kernel crash (wakeup is a signal from the system, triggered by an internal event or a keystroke … except the keystroke isn’t passing to wakeup b/c the system isn’t there anymore)
reboot it. reboots itself a few times, then has me manually check the drives for errors. but it finally all came back up. works fine, too, it seems, now.
no idea what caused a crash like that. i’m guessing a brute force attack/dos on the sshd (seeign as thats the only port actually listening on that machine). so i locked ssh to only allow my two regular login points. meant to do that a while ago, but i was working on a tool to allow open ssh and lockouts for password attacks. never finished it, oops :)
Posted in:
work
by
attriel /
1 Comment
stayed up way late (2am) last night trying to set up my systems for the conference today. ended up with just the one really working system (emachines: bad drive; HP: slow as heck, and may be having drive problems, linux install kept kvetching)
got up at 6 or 6:30, got my stuff together , ran down to the office to hit the credit union for a check for home depot, then rushed back up to baltimore :o actually got there only a couple minutes late for my session. counting the checkin and stuff.
good session, an’ all. incident handling and response. I’m not really part of the IH/R team of course, they’re the guys that come steal my harddrives when something goes bad. but the rest of the session is intrusion techniques and attack vectors, so it’s useful knowledge and not too much to wade through for hte good stuff.
Turned out that we didn’t need our laptops today (FUCK! i coulda gone to bed at a reasonable fucking hour???).
I took my work laptop (powerbook 12″) figuring i’d hook up to the conference wireless and be able to do some work, maybe chat in irc with folks. no wireless. no networking in the conferene rooms. Not taking that back tomrrow :o
got a book of notes for the session. Actually got 6. one for each day. we went through 250 slides today !!!
stayed after for the vmware session, b/c the directions in the notes didn’t make any sense. there was a typo. just where i thought it was too. convenient, but i figured I might get something else. and it was 20 minutes or so
I left before the intro linux session. i might get some bits from the rest of the week, but i didn’t need to stay for 90 minutes of intro :o
Posted in:
work
by
attriel /
No Comments
going to a SANS (http://www.sans.org/) conference this week. Hacking, intrusions, and general attacking of systems. Or the detection thereof.
basically “here’s how they’re gonna try to get in. learn it, love it, live it. now stop it”
so, we need a win and a RH boot. i figure i’ll gather some boxes and take in multiple laptops, and throw in a slack install (b/c the last day is an attack period where it’s basically capture the flag/etc, to see how much we’ve learned about the attack vectors and the defense). I fiure I don’t run win or RH, so the slack box lets me see how I REALLY stand up in security.
Except i could only find the power supply for one of my laptops. so i check the spare hardware room at the office. no working laptops. so last weekend we went out and bought me one at a computer show (emachine, 2.8G amd chip, 512 ram, 60g drive. not a bad machine, 600$). it works fine at the shw and the couple times i messed with it this weekend. so this morning i go to install windows updates. long ass online time as it makes me download the validation tool, then validates me, then has me download 30 minutes (i’m on a good conn!) of updates (and 30 minutes to install them i swear). THEN it says “Oh. You should REALLY get SP2!!! You’re not secure until you do!” duh. get it.
another half hour/45 minutes, its downloaded the 80M patch, verified that it downloaded it (i swear it doesn’t do that by a simple MD5 check, it re-downloads it or something). it installs it. it scans my harddrive for everything. it backs up everything it finds. it really installs it. it makes me reboot. and now it don’t talk to the harddrive.
WTF!
first thought: SP2 went fuck. but after some testing, i can’t get even a boot cd to talk to the drive (as in, i can’t even repartition/reformat the fucker). looks like a hit. during the TWO HOUR process of downloading fucking updates it looks like the system got hit. with something good. that locked the bootsector.
mother fucker!
Posted in:
work
by
attriel /
No Comments
so BMNG (Blue Marble, Next Generation) goes live tonight. They decided midnight was a good time for it to go live. Like they pay me enough to be up at midnight working on their shit
Today, however, I spent trying to get the last bits in place (I failed). Never even got NEAR the idea of installing the servers. Heck, I didn’t get that close to the concept of making builds for the install CD. Oops.
but that’s OK. have to get firewall openings signed, approved and, lest we neglect, IMPLEMENTED before an installed server would help anywhere anyway :o
(more…)
Posted in:
work
by
attriel /
No Comments
spent the afternoon face down in the server rack today. i’ve come to the conclusion that PS/2 connectors are the brainchild of some moron who’s never had to reach through a crowded rack and try to hook them to something.
belkin’s KVM cables have other problems, too. first off: it’s a male-male cable. Works fine for the female end on the back of the system. works POORLY on the male connector for the belkin KVM. you’d think their cbles would fit their kvm! Also, the PS/2 plugs? other than looking head on, or near enough, there’s no distinguishing marks. Some setups it has a little arrow or something, that still wouldnt’v'e been that helpful, but itwould have been something. top and bottom are IDENTICAL, down to where it says BELKIN on it. i mean, come ON! just put that on top, so i can tell top from bottom!!!
spent an hour with my torso, head and arms stuck into a rack trying to hook up the KVM for the new boxes.
not that i have port waivers to let me USE them for anything yet. oi. and 100G at 1Mbit SUCKETH!
Posted in:
work
by
attriel /
No Comments
new job? 28 September, 2005 at
9:48 pm
job listing came across my email yesterday. perl programmer, unix admin, mysql DBA …
it’s all stuff I can do. heck, it’s all stuff I AM doing.
and it comes with a nice raise attached
(more…)
Posted in:
work
by
attriel /
No Comments
tomorrow we have an “awards ceremony” with the office. they invited 7 of us in an email this afternoon.
Posted in:
work
by
attriel /
No Comments
ah details 23 September, 2005 at
1:32 pm
So, I finally cornered my boss(es) today for details about the ginormous files. apparently we ALWAYS had 12 (they’re monthlies) so I don’t know where 6 came from. But the 97G is b/c we have 3 sets of those 12, and so each trio averages 8G. But now they’re telling me we don’t want to host all of them. So I’m not sure why we made them since we ARE the main host here. But now I have to find out (or guess) which ones we DO want.
Oi.
Posted in:
work
by
attriel /
No Comments
when someone tells you that you have 6 3G images, you do the math and figure out that it’s 18G. Some more math shows that at 6mb connection, it takes about an hour to download one, and you can fit 15 people on a 100megabit pipe. more math shows that that’s approx 2 requests each hour for each image, and that if you get more than that things fall apart.
imagine, if you will, a world where that’s all BS. now you have 12 images, they totalto 97G … i think this changes my numbers a little bit. 8G apiece means we’re now talkign ~3 hours to download. and 12 images means we would have 1 req/hr. except it’s really 1 req/download period. so instead of 2 reqs per image per “hour” we have 1 req per image per 3 hours …
and apparently some of these images, which were supposed to go live next week. well, 3 weeks ago. well, technically 8 weeks ago, but now 3 weeks from now … apparently some of this stuff isn’t done.
but somehow I’m sure it’s all my fault now .. go me?
Posted in:
work
by
attriel /
No Comments