I had no part in building this one: all credits go to Clemens.
Author: otmar
I like this one:
This time, I only provided the initial crossing and the switches branching out, the rest was done by Clemens.
Heavy lifting
Carrying both kids used to be easy. No more. 17 + 21 kg is heavy lifting.
Clemens is a bit sick today, so I’m staying home with him and we built this set of tracks together:
Moving …
The disks in my old root server are finally both failing, so I’m moving all my stuff to a new machine.
As usual in IT, you get a lot more power for the same money now, and so I’m quite pleased with the performance of the new server. I’ve tried to do a more secure and cleaner setup this time and distribute the service over domUs in a XEN setup. We’ll see how that works out in real life.
One thing is different this time: I can’t take my old, free /29 with me to the new server. Additional IP-addresses cost extra money now, and I’m not prepared to pay extra for them. Instead, I’ve got a block of IPv6 addresses and will run anything that I can’t DNAT/proxy via v6.
I moved email service over two weeks ago, yesterday evening this blog. If something is not working as expected, tell me.
My favorite tools for looking at the I/O load of Linux boxes are iotop and iostat. Running “iostat -xm 5” is one of the first things I do whenever I have the feeling that a server might be I/O-bound. The output is perfectly fine and useful on your typical one-disk box, but once you throw in either Xen or DM-Crypt, then the output is not so intuitive any more as it is no longer clear what each of the dm-XX devices is actually holding.
So I whipped up the following quick perl script to translate them:
#!/usr/bin/perl -w # # Replace dm-x names in stdin with names from /dev/mapper, e.g. # iostat -xm 5 | $0 # # Otmar Lendl, 2012/08/24 # use strict; my %m; foreach my $l (split(/\n/, `ls -l /dev/mapper`)) { # lrwxrwxrwx 1 root root 8 May 3 18:49 vg1-abusehelper--swap -> ../dm-21 if ($l =~ /\d\d:\d\d ([\w-]+) -> \.\.\/(dm-\d+)/) { $m{$2} = $1; } } while(<>) { s/(dm-\d+)( *) /substr($m{$1}. (' ' x 80),0,length($1.$2)).' '/eg; print; }
The quotes in substitution line should be plain single quotes, not the typographic nonsense that wordpress insists on inserting.
Share and Enjoy!
Link Dump
Once again, I have collected too many tabs in my browser session. This blog-post will collect them:
- The War on Nuns
- Blitzortung
- MS SIR on Austria
- Zabbix: A monitoring solution
- Nicter from Japan, I met one of the authors in June.
- NetSA from CMU or CERT/CC
- CIF
- Das Ende der AV-Ära
- uRPF Blackholing
- IODEF
- CybOX
- Free the Network
- Mitigating DNS DDOS
- DDOS resources
- Emerging Sigs
- Who fights for the users?
- Debian Xen
- Debian Bridge Setup
- Hetzner IPv6 Config
- Ferm Manual
- Ferm Examples
- Debian Perl Packages
- FPGA Security
- Security Visualization
- CERT-EU Latest News
- HuffPo on Anonymous
- RISWhois
- RIS Raw Data
- Suspicious Domains
- What CMS?
- Heimdal
- OSSIM
- FCC Anti-Botnet code
- Botnet metric: households
- Botnet Metrics
- IT der Jugend
- YARA
- Software patents
- Suricata
Dear Niki/AirBerlin
- 2003: RIPE offers to rent out PCMCIA wifi cards to attendees of the RIPE conference.
- 2007: Every attendee has a laptop with built-in wifi.
- 2012: Every attendant brings a Laptop and at least one smartphone, some bring tablets as well.
We have ~500 attendees at #FIRSTCON this week; I wonder how many distinct clients the wifi net has seen.