Centroid.EU Blog

(this blog is mostly encrypted - adults only)

Previous Page

Crackers are getting more careful

March 7th, 2015

Captured from an IRC session:

13:13 <@pbug> # grep 182.100.67 authlog | wc -l     
13:13 <@pbug>      543
13:13 <@pbug> # grep authlog | wc -l 
13:13 <@pbug>       44
13:13 <@pbug> these pesky things!
13:14 <@pbug> they change their IP and continue trying to log in as root
13:15 <@pbug> oh what's more they are careful not to overload my pf tables now
13:15 <@pbug> # pfctl -t bad_hosts -T show | grep 182.100.67       
13:15 <@pbug> # 
Good thing I disabled root logins they have been trying to crack it a long time now while evading my overload pf tables.


Purchased Reggae

March 7th, 2015

This month I got Luciano - Special Edition (2014).


Oldlaptop's github repo

March 5th, 2015

I had the opportunity to talk a little to oldlaptop on efnet. We talked a little about popcon.debian.org and noticed that openssh-client had >170K users at debian, and sed being the most popular package. Oldlaptop has a github page where he designs software and packages for UQM (/usr/games/uqm in OpenBSD). His github page is here. Thanks for chatting oldlaptop!


OpenBSD's httpd with webalizer

March 5th, 2015

I like using webalizer to give me an idea how much international traffic I get with the GeoIP extension. Well when I switched to openbsd's httpd something was broken. It took me a few weeks to find time today and I figured out that the combined logfile prepends a %v (in apache speak) which is a virtual hostname. I wrote a script to remove this (apache recommends a program called split-logfile):

$ more webalizer.sh

TMPFILE=`mktemp /tmp/blah.XXXXXX` 
awk '{$1="" ; print ; }' /var/www/logs/access.log | sed -e 's/^[ ]*//g' > $TMPFILE
cd somelocation && webalizer -w $TMPFILE
rm -f $TMPFILE
Granted the USA and China are usually 1st and second place because of their aggressive search bots googlebot and baidu. How many people found this blog through a search engine? I hate to tell you your search engine is breaking the rules because I am maintaining a /robots.txt file which should exclude bots from going into my blog. I am not mad about you being here though just mad for being indexed.


Softraid Crypto seems secure

March 5th, 2015

Sometimes I do pesky things such as asking OpenBSD developers if their stuff is secure or not (or if they wrote certain parts). I do this in part out of curiousity and lazyness at the same time. And so it came that I asked OpenBSD developers the following questions:

  • Why is there duplicate blocks in a crypto softraid disk image?
  • If it's because ECB mode is used would a counter mode be better?
Now Ted Unangst answered with some helpful answers. He understands code much better than I and his answers seemed very helpful.

Another developer Joel Sing answered but his answers didn't hit my satisfaction factor as much. In fact Joel wanted to make me work and overcome my lazyness factor and he asked the following questions:

  1. What encryption algorithm/mode is used for disk block encryption?
  2. Where do the keys come from that are used for the disk block encryption/ decryption
  3. How are the keys that are used to encrypt the disk blocks stored?
  4. When creating a new softraid crypto volume, Where does the key come from?
  5. What happens if you use a keydisk instead of a passphrase?
Now Joel knew that I had picked the function sr_crypto_encrypt() next to randomly because it was the closest looking function to having a crypto component. I guess I must have picked the wrong function. If ECB is not used for question #1 then perhaps it's AES XTS which is also mentioned in the code. I know very little about this mode and found only a little wikipedia entry on it.

I'd like to rant about this a little more but I need to do more research. Spending 30 minutes reading /usr/src/sys/dev/softraid* and /usr/src/sbin/bioctl is not enough to make a concrete picture of this. And this isn't easy code either. I have much respect for Marco Peereboom and Joel Sing and others who wrote this for their perseverence in understanding such a complex thing. I'm just not at their level and likely never will be. Whether I was even helpful for anyone is debateable. But then again if noone looks and asks questions even if seemingly ignorant who is? I for one want OpenBSD tested and questioned in order to find what works best. If it didn't have that I wouldn't use it and I'd feel a lot more insecure. I'll give you another example, when W^X came out I was not satisfied with just them telling me that stack overflows are now protected. I wrote my own test programs to really test this to the extend of knowledge that I had on stack smashing. Had I not done this I would never have guessed that a program exits on SIGABRT when W^X detects a smashed stack.


God Speed Spock!

February 27th, 2015

         ##         ##
          ##       ##
           ##     ##
            ##   ##
             ## ##
RIP Leonard Nimoy, 83.


OpenBSD donations reached 397,000 dollars in 2014

February 26th, 2015

Ken Westerback of the OpenBSD Foundation has said this about 2014:

We received $397,000 in new donations and paid out $129,000 to support the activities of the OpenBSD and related projects.

And this year in 2015 they plan to raise $200,000. If you haven't donated yet please consider a small amount here or look up how to do donations otherwise.

I personally don't know if my money made it to the OpenBSD Foundation because I donate directly to Theo de Raadt's Munich bank account. So that money may be higher than $397,000. This year I decided to donate 50 euros quarterly and the first quarter is not up yet. But in a month it will be, I'll let you know when I do the second donation of the year.


Got a washing machine

February 25th, 2015

Two years after moving into this apartment, I've finally got a washing machine. Picture here:

I used to take my laundry to my parents house but it's too much work now that my mother is home after having a stroke (she was in hospital for a few months), so I got this thing.


Nearing 20 years UNIX experience

February 24th, 2015

In 1995 I first installed GNU/Linux on my sole computer (a 486/66). A year later it ran FreeBSD 2.1-RELEASE, another year later in 1997 I got my first sysadmin job (starting pay $10/hour, soon after $36K a year). All in all I'm nearing 20 years experience as a UNIX user and 18 years experience as a UNIX sysadmin. It should really be UNIX-like although we did use Solaris in 1997 and BSD is not a clone. A lot has changed in those 20 years. For one I don't have the body I had back then. Back then I was slender and carried a Basketball. Now I carry the basketball in my stomach, lol :-). But I'm also wiser, I admit. And I'm getting smarter, I recently worked out how much raise I should be getting after inflation from what my salary was in 2000. If I had any advise to young people is: "don't underestimate how much you're worth, make them pay" and "stay physically fit despite those long hours they want you to put in". Whether I'll be doing this another 20 years? Time will tell.


Ordered three books

February 23rd, 2015

I have ordered three books that generally interest me.

  • It's about Time: Understanding Einstein's Relativity - Mermin, N. David
  • Quantum Computer Science: An Introduction - Mermin, N. David
  • Quantum Computing verstehen: Grundlagen - Anwendungen - Perspektiven (Computational Intelligence) - Homeister, Matthias
Other than being about Quantum computers they don't really deal with computers much.


Next Page


RSS Feed

Click here for RSS

On this day in

Other links

Have feedback?

By clicking on the header of an article you will be served a cookie. If you do not agree to this do not click on the header. Thanks!

Using a text-based webbrowser?

... such as lynx? Welcome back it's working again for the time being.

Older Blog Entries

Powered by BCHS