Centroid.EU Blog
(this blog is mostly encrypted - adults only)
|
Previous Page
August 24th, 2010
This story was written August 25th, 1995. Windows 95 is now 15 years old.
I never had Windows 95, 98, 2000 but skipped them all other than XP and
Windows 7. Back in 1995 I chose another true 32 bit Operating System. It
was called Linux and I got it in spite of Windows 95. I think I made the
right decision even though I switched to FreeBSD half a year later. It took
only 2 odd years after this feat that I got a System Administration position
at an ISP. I don't think I would have been a UNIX sysadmin had I installed
windows 95 back in 1995, it was a turning point.
0 comments
Worry about IPv6?
August 22nd, 2010
Someone (tydel) made me aware of this article named
Why you shouldn't worry about IPv6 just yet. I'd like to counter-argument
this article somewhat. I'll focus on the highlights.
Cassidy says that "According to these networking experts, we're only a
matter of months, or maybe weeks, from network Armageddon".
What you have to realize
is that converting to IPv6 on the server side isn't the end of the migration.
All your customers will have to move to IPv6 as well and some will be left
behind because some owners of networks are probably a bit lazy to do a migration.
So that means that if you want to run your business online, in order to get
the full potential customer base you'll have to run IPv4 and IPv6 dual stacked
so that you can satisfy both, until everyone is speaking IPv6. And since
space is running out on IPv4 an IPv4 address may be a lot more expensive than
an IPv6 address due to scarcity. Eventually there may not be any more IPv4
addresses to give out so this is the reason for dooms day calls.
Cassidy goes on to say "In fact, IPv6 starts to look a lot like
IPv2 if you consider that the default v6 address for your machine finishes
with its MAC address".
So I'm unsure what he means to say here. Perhaps he's worried that a
MAC address is a secret thing and that if you know the MAC address you can
use the MAC restricted access point? AFAIK an 802.11 packet encrypted or not
still has 3 MAC addresses in its header (see /usr/src/sys/net80211/net80211.h)
so these aren't secret to someone close to sniffing the radio. So he has no
point really.
Cassidy goes to conclude in the second last paragraph: " Is there an IPv6
"killer app" yet for smaller networks? No. Is there any reason based on
security or ease of management - unless you're running a 100.000-seat network
or national-level ISP - for you to move up to it? No.".
I think he's wrong there. Sure there is no "killer app" unless you call
facebook a killer ap (but facebook runs on IPv4 as well). But it's especially
the small ISP's that could benefit from a migration to IPv6. National level
ISP's have huge resources and are out to compete with small ISPs and steal
their customers, and IPv6 means independence from these large networks. It
means that small ISP's keep their customers from switching to large ISP's that
have IPv6 enabled. This is a bonus. Plus, being on a small ISP means that
they give you something that the large ones don't and not usually the opposite.
0 comments
Stupid Nettricks
August 21st, 2010
On February 24th, 2009 I blogged about the traceroute tricks. Here is the
link. I've updated
this to include IPv6 now and I've written a small hackish program that does
this as well. This took up 1.5 days of mine for a show such as this:
cordelia$ traceroute6 mimas.centroid.eu
traceroute6 to mimas.centroid.eu (2001:a60:f074::20) from 2001:a60:f074::1, 64 hops max, 12 byte packets
1 xxx.hello.xxx.centroid.eu 1.066 ms 0.269 ms 0.378 ms
2 xxx.why.xxx.centroid.eu 0.464 ms 0.503 ms 0.358 ms
3 xxx.are.xxx.centroid.eu 0.614 ms 0.658 ms 0.897 ms
4 xxx.you.xxx.centroid.eu 0.556 ms 0.361 ms 0.338 ms
5 xxx.tracerouting6.xxx.centroid.eu 0.472 ms 0.499 ms 0.411 ms
6 mimas.centroid.eu 0.3 ms 0.478 ms 0.318 ms
cordelia$
It's just vanity. It's a net-trick. Well at least I didn't play civilizations
and waste time. In the meantime I've learned about divert(4) sockets in OpenBSD
and even submitted a documenatation fix for pf.conf(5).
0 comments
Cryologd fixes a memory leak
August 10th, 2010
The program in cryologd with the name of "cl" had a memory leak. It wasn't
apparent when there was little data that it processed, but with lots of
concatenated encrypted data which it decrypts to plaintext, the memory leak
was apparent. 2 lines change, here is the
source.
0 comments
SSL_accept error from host: -1
August 2nd, 2010
My dad has a mac powerbook (or macbook or something) and I tried to make it
work with my mail server. POP3 SSL worked but postfix SSL for SASL
authenticated relay did not. I use a self-signed certificate and that was
the problem. I couldn't paste the error message from the Apple Mail.app
but it said something like the remote host did not accept SSL. I wasn't
about to try it without SSL because the password is sent in the plain then.
The postfix server gave this error message:
Aug 1 22:57:42 proteus postfix/smtpd[12251]: connect from p54AAB41C.dip.t-diali
n.net[84.170.180.28]
Aug 1 22:57:42 proteus postfix/smtpd[12251]: SSL_accept error from p54AAB41C.di
p.t-dialin.net[84.170.180.28]: -1
Aug 1 22:57:42 proteus postfix/smtpd[12251]: lost connection after STARTTLS fro
m p54AAB41C.dip.t-dialin.net[84.170.180.28]
As a first diagnosis I tried the openssl s_client method to see if it can
connect to my postfix server, and it could so it must have been in the Apple
Mail. Also for self assurance it worked in Ubuntu and Windows 7 so why not
in Mac OS X Leopard.
So I did a bit of googling and learned that Apple's mail program did not accept
the certificate given to it because the hostname in the certificate was wrong
and just gave up (in the process blaming the server for giving up!). There is
a way to force it though. I downloaded the servers CA certificate file which
has a .pem extension (this is not the private key!) and double clicked on it
in Mac OS X.
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
It then asks you if you want to import this
certificate into the keychain manager and from there you can tell the system
to trust and allow this certificate everywhere. Soon after that I had to
set the outgoing mail server again in Mail.app but it worked this time and
a few test e-mails made it out SSL encrypted.
I thought I'd write this down as I'm probably going to be faced with it again
some time in the future.
0 comments
Watching the ISS
July 9th, 2010
The past few days in Germany have been hot but the nights are cooler with
mostly clear skies. This gave me an opportunity to see the ISS twice in the
late evening (around 11PM). Once it was unexpected and we weren't sure what it
was. The second time I got the data from the NASA sightings page, which
is found
here.
The space station looks like a flying jet but you'll notice that it doesn't
blink nor does it have red and green lights. It's just a continuous and
steady crossing of the sky mostly coming from the west towards the east.
Without the moon and planets it's probably the brightest object in the sky
as it zips at 28,000 Km/h's into the night. Anyhow it was a nice experience
seeing this (it was my first time).
0 comments
Fire has SSL support
July 7th, 2010
Believe it or not I have made an IRC client. It's called fire and I've
coded SSL support into it yesterday and today. The SSL functionality
seems to be stable, you can download the source code
here.
0 comments
Next Page
|
Search
RSS Feed
Click here for RSS
On this day in
Other links
Have feedback?
By clicking on the header of an article you will be
served a cookie. If you do not agree to this do not
click on the header. Thanks!
Using a text-based webbrowser?
... such as lynx? Welcome back it's working again for the time being.
Older Blog Entries
March, 2023
February, 2023
January, 2023
December, 2022
November, 2022
October, 2022
September, 2022
August, 2022
July, 2022
June, 2022
May, 2022
April, 2022
March, 2022
February, 2022
January, 2022
December, 2021
November, 2021
October, 2021
September, 2021
March, 2021
February, 2021
January, 2021
December, 2020
November, 2020
October, 2020
September, 2020
August, 2020
July, 2020
June, 2020
May, 2020
April, 2020
March, 2020
February, 2020
January, 2020
December, 2019
November, 2019
October, 2019
September, 2019
August, 2019
July, 2019
June, 2019
May, 2019
April, 2019
March, 2019
February, 2019
January, 2019
December, 2018
November, 2018
October, 2018
September, 2018
August, 2018
July, 2018
June, 2018
May, 2018
April, 2018
March, 2018
February, 2018
January, 2018
December, 2017
November, 2017
October, 2017
September, 2017
August, 2017
July, 2017
June, 2017
May, 2017
April, 2017
March, 2017
February, 2017
January, 2017
December, 2016
November, 2016
October, 2016
September, 2016
August, 2016
July, 2016
June, 2016
May, 2016
April, 2016
March, 2016
February, 2016
January, 2016
December, 2015
November, 2015
October, 2015
September, 2015
August, 2015
July, 2015
June, 2015
May, 2015
April, 2015
March, 2015
February, 2015
January, 2015
December, 2014
November, 2014
October, 2014
September, 2014
August, 2014
July, 2014
June, 2014
May, 2014
April, 2014
March, 2014
February, 2014
January, 2014
December, 2013
November, 2013
October, 2013
September, 2013
August, 2013
July, 2013
June, 2013
May, 2013
April, 2013
March, 2013
February, 2013
January, 2013
December, 2012
November, 2012
October, 2012
September, 2012
August, 2012
July, 2012
June, 2012
May, 2012
April, 2012
March, 2012
February, 2012
January, 2012
December, 2011
November, 2011
October, 2011
September, 2011
August, 2011
July, 2011
June, 2011
May, 2011
April, 2011
March, 2011
February, 2011
January, 2011
December, 2010
November, 2010
October, 2010
September, 2010
August, 2010
July, 2010
June, 2010
May, 2010
April, 2010
March, 2010
February, 2010
January, 2010
December, 2009
November, 2009
October, 2009
September, 2009
August, 2009
July, 2009
June, 2009
May, 2009
Powered by BCHS
|