Yesterday, I purchased an ipod touch. I have several books on IOS programming
and intend to write my own apps for it. Also I may be using it for my
video blog entries as the camera is about the same quality as my webcam,
we'll see.
Goodbye goldy. It was a good 3 years. I do hope I have everything set so
that its expiration will not cause problems on my operation. And I have
one less domain to worry about.
This article talks about a new 6000 kilometer cable with landing stations in
Panama. As you may or may not know, my host americas.centroid.eu is located
in Panama and it's going to be interesting whether I will profit from this or
not. The profit would be in stability and reachability.
I have added a squid proxy to mars. It is transparent (used with divert-to)
rules. Because of the nature of asymmetric routing going on it took me around
45 minutes to isolate where a route was going, and it was getting stuck on
my AVM Fritzbox router. I can't really blame them, but laying a static route
from mars to Gaia fixed it up. Here is the new network again:
Because the tunnels are MTU 1280 there was some sort of mismatch between
mss and fragmenting (which I don't know how well openbsd does it). It
turned out to be that Videos being loaded by Gaia would get stuck 10 minutes
into the video. I don't even try to figure that out, I placed the squid in
the network and it has a more direct route to the AVM Fritzbox which rewrites
mss and mtu anyhow becuase it uses PPPoE. The squid fixes all these things
and I'm pretty happy.
Here is the code written by Figz in awk and shell script:
#!/bin/sh
awk 'BEGIN { for (i = 65; i < 91; ++i) { c = sprintf("%c", i); h[c] = \
h[tolower(c)] = i - 64 } } { tot = 0; for (i = 1; i <= length(); ++i) \
tot += h[substr($0, i, 1)]; print tot, $0 }' /usr/share/dict/words | \
sort -n
Here is the ruby 1.8 code (took me a long time to get it right):
jupiter$ time ./syn.rb | sort -n > blah.2
0m5.10s real 0m4.78s user 0m0.06s system
jupiter$ time ./syn.sh > blah.1
0m3.45s real 0m3.38s user 0m0.04s system
jupiter$ diff -u blah.1 blah.2
I was made aware of slides from a talk by Ed Lewis from Neustar.
Here they are.
While some intention is lost by reading slides, I think what he means to say
is that in an ever evil-growing Internet, UDP DNS needs to be replaced.
I agree to this and wonder if he's been reading my contribution to
Hackepedia
regarding amplification attacks. So what's the big deal? The big deal is
that people either purposely or innocently leave recursive dns servers on
their VPS's and colocated servers. These are amounting to great numbers and
can be used for amplification attacks to great bandwidths, as a recent attack
on Spamhaus was huge.
As you may know I write a DNS server, and it's not easy, but I have some
familiarity with the protocol. What Ed Lewis is saying is true and right.
We can't wish the evil people away, we must fix the protocol to keep it from
being used for evil. One way to do that is to use TCP. Now TCP is a state-
ful protocol, it has a PCB (protocol control block) in the kernel that keeps
track of its state. In the past DNS over TCP was restricted to AXFR, and
one would not dare mention (taboo) using DNS over TCP for other resource
records. Mainly because Operating Systems wouldn't be able to keep up. But
it's the 21st century and RAM has gotten cheap. There is lots of RAM for
many PCB's and CPU's have also increased in efficiency and speed. So...
Why not? I agree something must be done.
Today I've written a small PHP script to convert my blog to XML and RSS.
On the right hand side is now the RSS button with the feed. I'd appreciate
it if someone who knows their stuff about this would send me an email if you
noticed something wrong with this feed. Right now it only dumps the last
10 articles but I can make it higher or lower if need be. My PHP really
sucks I noticed but somehow I managed to write this out.
I found a condition that made the kernel
panic
when I'd execute a certain code. It took less than a day to get an interested
OpenBSD developer to produce a patch, after review it'll be committed before
5.4 hopefully. This is why OpenBSD and open source in general rocks!
![[Valid RSS]](graphics/valid-rss-rogers.png "Validate my RSS feed")
Click here for RSS