05.09.08
Posted in Computing, Linux at 11:28 pm by DeusExMachina
Checked the system logs yesterday and saw a bunch of write errors. Checking the RAID status showed this:
# cat /proc/mdstat
Personalities : [raid6] [raid5] [raid4]
md1 : active raid5 hdg[2] hde[3](F) hdc[0]
398296960 blocks level 5, 32k chunk, algorithm 0 [3/2] [U_U]
unused devices:
Normally, the last part of line 3 shows [UUU]. The underscore means it’s a bad drive. Unfortunately, I don’t know exactly when the drive fails, which just illustrates the need to have some kind of log monitoring. Ok, so now I have to figure out how to get EVMS to replace a drive. I want to do it as quickly as possible because another drive loss means a total loss of data. Which brings up another good point: RAID isn’t a substitute for backups (which I’ve been delinquent in doing). So I went to to my local Fry’s to get a replacement drive, but they don’t seem to make 200 GB drives any more. I ended up getting a 250 GB but the array will only use 200 GB of it. The other caveat is that the failed drive is IDE and the replacement is SATA. Will it work? In theory it will, I guess I’ll find out soon. Oh yeah, and I hope I pull the right drive out (they all look the same in the case). This is why making backups is a good idea. Meanwhile, changing out drives means shutting down the system. There goes my 81 day, 13 hour up time.
Permalink
01.28.07
Posted in Computing at 12:19 pm by DeusExMachina
Seems like it was around this time last year that I was talking about upgrading the Linux server to a dual Athlon XP machine. Well, things didn’t work out exactly as planned. Unfortunately, it seems making hardware do what it’s not supposed to do isn’t the best strategy if you need a totally stable system. Almost as soon as I got the system up and running, there would be random crashes, freezes, and strange error messages. Sometimes a simple reboot would fix things but at other times, the system would just freeze again immediately and repeatedly. Worst of all, the crashes would often result in a rebuild of the RAID array. Any drive failure during a rebuild and it’s (to quote Burke from the movie Aliens) Adios Muchachos.
So, it’s out with the old and in with the new. Well, not quite. The old is still in while the new is still being built and configured. The new system is set up as a bench build and if you’re wondering what a bench build is, allow me to direct you to the image below.
It’s literally a computer built on top of a bench, or in this case, a desk. For the most part, just put the motherboard on a static bag (to make sure it’s not grounded) and hook up all your components. Of course, this is a temporary setup and you really should put everything in a computer case. Like a human, it is possible to walk around with your internal organs hanging out, but you don’t see anyone doing that (for very long).
Let’s take a quick look at the what and why, as in what are the parts you’re looking at and why did I pick those.
- Processor - AMD Athlon 64 X2 3800+ - This is the low end of the AMD dual-core (meaning there are 2 CPUs on one “chip”) line. At this price point, AMD is still price/performance king. As an extra bonus, the X2 lineup comes with virtualization support, more on that later.
- Motherboard - Abit NF-M2 - This motherboard uses the Nvidia nForce 6150 chipset. A non-gaming system doesn’t have a need for a high end video card and even a discrete video card adds extra cost to the system, so the integrated video in perfect. It’s also got all the modern amenities you’d expect including a DVI connector, SATA connectors, and PCI-E slots. My only complaint is the motherboard only comes in mATX form factor. I would have preferred the extra flexibility of having a full ATX motherboard.
- RAM - 2×512 MB Corsair DDR2-800 - It’s important to match the speed of your RAM to the speed of the rest of your system. In this case, it’s 800MHz or DDR2-800. The next question is how much to get? 512 MB is usually enough in this case, but I went with 1 GB for hopefully a bit of future-proofing. The next question is one stick or two? Cost wise, the 2 options are about the same. If you use 2 sticks, you get to enable dual-channel access (for slightly increased performance) at the cost of using an extra RAM slot.
- Hard Drive - Seagate 7200.10 250GB - Initially I was thinking to just get the cheapest SATA hard drive, but looking at the prices, $80 for 250 GB (vs. $50 for an 80 GB) is pretty much a no brainer. Seagate offers a 5-year warranty on all of its hard drives, most other manufacturers only offer 3, nice to have a little extra piece of mind.
- Power Supply - Seasonic S12-430 - It’s a sad reality that you pretty much have to upgrade your power supply every time you upgrade your system. Manufacturers these days are releasing ever more power hungry devices that also require new and exotic connectors. It’s getting bad enough that you’re starting to see power supplies output power measured in the kilowatts. Ok, enough ranting. Seasonic has a reputation of make very quiet, reliable, and efficient power supplies (these are all very good things). The 430 W unit seems like a bit of overkill for the system specs, but a little extra room in case of future upgrades never hurt.
The rest of the parts will be carried over from the old system. Now I’m looking for a case to house this new computer. Although the current Inwin Q2000 case is nice, I have to take the whole damn thing apart every time I want to change something. Well, that’s all for the hardware. Next is the delicate process of moving data from one system to another. This includes physically moving the RAID array, and while I have any idea how it’ll work in theory, theory has a funny way of being very different from real life. In addition, I need to make sure that all of the old services get reinstalled on the new machine. But that’s going to have to wait for another day.
Permalink
01.25.06
Posted in Computing at 7:29 am by DeusExMachina
If you’ve looked on the About page on the main site, you may have noticed that the server we’re hosting this site on is a dual Intel Celeron 433 server. In addition to being a web server, it’s also acting as an email server, Windows domain controller, file server, and some other miscellaneous network tasks. For the most part, the performance is quite adequate… that is until we start trying to compile stuff to keep the system up to date. Last time I had to do a compiler update, it took nearly two entire days to recompile the system (the cool part was that we had almost zero downtime). And recently we’ve been having some really serious stability problems, which I partly blame on having really old hardware and partly because the system has been totally hacked together to get it to work.
I’ve been pondering doing an upgrade on the server for a while now. I have a spare Athlon XP 1600+ just sitting around. I could just put that into the server and call it a day, but then, what kind of computer geek would I be? Nope, we’re running a dual-CPU system now, and we’re going to keep it that way, for no reason other than because we can. Including the other Athlon XP 1600+ I’m running in my workstation right now, I’ve got my CPUs covered. Now all I need is a dual-processor motherboard. This is where we had hit a major bump in the road, as the only motherboards capable of running dual Athlon XP/MP was the AMD 760MPX chipset, and they stopped making those a long time ago.
Well, after a lot of searching, I finally found someone selling a Tyan Tiger MPX so a snatched it up. Got the board back home and hooked it up to a bench build and it seems to be in good working order. Now we’re ready to get our upgrade on, right? Well not quite. There were two versions of the Athlon XP 1600+ made. For the most part, they were the same, performance wise. One of the big changes, however, is one version had multi-core capabilities enabled, the other version has it disabled. I, in my continuing string of terrible luck, happened to have one of each. So before I can upgrade, I’ll need to re-enable the multi-core “stuff” on one of the CPUs. I’ll update this post once I figure out how to do this, or blow up my system in a spectacular way.
So that’s one issue. The second issue is if I take my current processor out of my workstation, I’m going to have to replace it with something. My original plan was to go with a Mobile Athlon XP, as you could actually scale the CPU speed up and down depending on how much computing power you needed. Well, as my luck would have it (again) I can’t find any major retailers that are still selling them, I guess they stopped making these too. Some might say to just upgrade to an Athlon 64, but I think that is a waste right now, as there are no viable operating systems that support it (Windows XP 64 is out, but there are no drivers for it; it’s DOA until Windows Vista comes out), which to me defeats the purpose of having a 64-bit CPU. Add to this, the cost of getting a new motherboard, RAM, and graphics card (note: the latest generation of motherboards don’t have AGP slots any more) and my cheap server upgrade suddenly turns into a major upgrade for both of my systems. The option I’m leaning towards is just getting a SocketA Sempron as a drop-in replacement. Hopefully, this will hold us over until the new technology coming out new stabilizes and matures.
Permalink
12.16.05
Posted in Computing at 8:05 pm by DeusExMachina
Among the more annoying things to get in your inbox are these fishing scams. You’ve probably seen them before, your ebay account is about to be terminated or your bank needs you to confirm some change. Of course, these emails are playing on peoples’ inherent trust that what they read in emails are true. For most people, it’s best just to delete the offending email, but how can they recognize it and what can they do about it?
Lets first take a look at the email as it appears to the mail client. The client I’m using Mozilla Thunderbird 1.5, it’s nice to see clients starting to recognize fishing scams like this.
Thunderbird has automatically sanitized the email for my safety, but I’m sure it would have been official looking with nice graphics and whatnot. It’s covered up in the picture, but there’s a spoofed “@ebay.com” return email address. We can also see some of the legal jargon they use to make it more official looking. If you mouse over the link that says “click here”, the URL that it’s forwarding you to says “http://62.68.180.125/ebay/login4101/”, that’s your first clue that it’s a scam.
At this point, we’d delete the email and move on with our lives, safely knowing our Ebay account information is still safe. But does is the little vigilante voice in your head telling you to find the people who did this and send them to the eternal fires of Hell? Well, we won’t go quite that far, but there are some things we can do. It’s off to WAR!
As any military leader will tell you, the most important thing before engaging the enemy is to do reconnaissance. So lets do some information gathering to find out a little more about our scammer. Time to venture into enemy territory (before trying this for yourself, always make sure you have some security setup). Clicking on the link takes us to the scammer’s web page.
It looks pretty official. Even the links take you back to actual Ebay pages. What he wants you to do is enter your account name and password in those fields, then it’s game over. Lets take a look at part of the page source.
<meta content="text/html; charset=ISO-8859-1" http-equiv="Content-Type"><meta content="Microsoft FrontPage 5.0" name="GENERATOR"><script language=javascript>eval(unescape("%77%69%6E%64%6F%77%2E%73%74%61%74
%75%73%3D%22%65%42%61%79%20%2D%20%54%68%65%20%57%6F%72%6C%64
%27%73%20%4F%6E%6C%69%6E%65%20%4D%61%72%6B%65%74%70%6C%61%63
%65%22%3B%5F%64%77%3D%64%6F%63%75%6D%65%6E%74%2E%77%72%69%74
%65%3B%64%6F%63%75%6D%65%6E%74%2E%77%72%69%74%65%3D%6E%75%6C
%6C%3B"));
Looks to be encrypted javascript so it’s not going to be of much help. Going to the root address of the site shows our scammer has made a mistake. We see the default Apache page included with Fedora Core. Now we know what operating system and web server he uses. Moving on.
Another great tool for us to use is DNSStuff.com. The result below is a WHOIS lookup on the scammer’s IP address.
% Information related to '62.68.180.0 - 62.68.180.255'
inetnum: 62.68.180.0 - 62.68.180.255
netname: ENTERNET
descr: ADSL lines of Enternet 2001 Ltd.
country: HU
admin-c: ENT2-RIPE
tech-c: ENT2-RIPE
status: ASSIGNED PA
remarks: INFRA-AW
notify: ********@enternet.hu
mnt-by: ENTERNET-MNT
changed: *************@enternet.hu 20040216
source: RIPE
person: Enternet Hostmaster
address: Enternet 2001 Ltd.
address: H-1134 Budapest
address: Csango u. 8.
address: HU
phone: +36 1 888 2001
fax-no: +36 1 888 2099
e-mail: ********@enternet.hu
nic-hdl: ENT2-RIPE
notify: ********@enternet.hu
mnt-by: ENTERNET-MNT
changed: *************@enternet.hu 20031118
source: RIPE
Some more good information. The .hu TLD (top level domain) means the web server resides in Hungary. Going to the enternet.hu website reveals they are an ISP and if the information is correct, our scammer is hosted on a broadband ADSL line.
Now that we have all this information, what can we do about it? One thing we can do is send an email to abuse@enternet.hu and hope somebody does something about it. This is the internet equivalent of “telling mommy” so the likelihood of someone taking action is very small. Other possibilities are, to use a euphemism, extra-legal. I’ll be purposefully vague about how to do this, but since we know what operating system he runs, we could test if he’s diligent about applying security patches. The ultimate purpose being to gain control of the system and make it unusable for the scammer. Or we could deny traffic coming into his site by overloading it with bogus connection attempts. In the end though, it’s probably best just to leave the internet vigilante-ism to the professionals, or the law.
If we have the time, in future articles, we might talk about overall systemic changes to email, such as requiring the use of cryptography and message hashing, to make sure our emails are secure and private.
Permalink
