The Latest Map Of The Internet

 Computing, Security  No Responses »
Mar 242013
 

The above links to an interesting browser which allows zooming and selection of different data sets. It’s worth a look if you’re into that sort of thing. Although it’s rather surprising that it doesn’t like IPv6 addresses!

The most controversial thing about this map of the Internet gathered during 2012, is that it was produced with the aid of a botnet or in other words this researcher stole the resources they needed. Which is obviously wrong – no matter how good the cause – but now that it has been done, there is no reason not to look at the results (whilst wrong this isn’t really evil).

The first interesting discovery here is that this anonymous researcher managed to write a simple virus that would load the Internet scanner onto many devices with default passwords set – admin accounts with “admin” as the password, root accounts with “root” as the password, etc. You would have thought that such insecure devices would have been driven off the Internet by now, but it turns out not to be the case – there are at least 420,000 of them!

You could even argue that the owners of such machines are asking to have their devices controlled by anyone who wants to. Perhaps a little extreme, but certainly some people think so or this Internet survey wouldn’t exist.

But now the results. If you look at the default settings in the browser above, you will encounter large swathes of black squares where apparently nothing is in use. The trouble is that whilst it is true that an IP address that is pingable, or has ports open is “in use”, there is no guarantee that an IP address that is just registered in the DNS is in use or not, and finally unregistered IP addresses that do not appear to do anything may very well still be in use.

Essentially the whole exercise hasn’t really said much about how much of the Internet address space is in use, although that is not to say that the results are not useful.

One special point to make is that many of the large black squares that appear unused, are allocated to organisations that may very well want to have proper IP addresses that are not connected to the global Internet. That is not wrong in any way – before the wide spread adoption of NAT, it was common and indeed recommended that organisations obtain a public IP address before they were connected to the Internet to avoid duplicate network addresses appearing. And an organisation that legitimately obtained an old “class A” has no obligation to return the “unused” network addresses back to the unallocated pool. And even if they did, it would not make a big difference; we would still run out of addresses.

The answer to the shortage of IPv4 addresses is IPv6.

 

Awesome: Fixing The Titlebar

 Computing, Working Notes  1 Response »
Mar 242013
 

The default title bar provided by Awesome is not quite to my taste. And this posting is about fixing that.

The first part is to select some colours. For me, I prefer window decorations to be subtle … grey scale; the window decorations should disappear until you focus on them. And I’m choosing to have a lighter grey for focused windows, and darker for others. The colours are set in the default-theme.lua file :-

theme.titlebar_fg_normal = "#000000"
theme.titlebar_fg_focus = "#000000"

theme.titlebar_bg_normal = "#cccccc"
theme.titlebar_bg_focus = "#e8e8e8"

The next step is to restrict the number of buttons that appear in the title bar – this is of course a matter of choice, but personally I believe that there are too many buttons by default. This is done within the main configuration file and by deleting the buttons you wish removed, which in my case means removing the lines :-

right_layout:add(awful.titlebar.widget.floatingbutton(c))
right_layout:add(awful.titlebar.widget.ontopbutton(c))

Lastly, and in keeping with making the titlebar less obtrusive, there’s shrinking the titlebar to a sensible size :-

awful.titlebar(c, { size=16 })

Which is added after the line: awful.titlebar(c):set_widget(layout) (it could be merged). There are two features I’d like to use with no method easy enough for a thicko like me to spot :-

  1. There seems no obvious way to put the title bar on the left (or right) side of the window; it seems an obvious thing to try given that screens are usually far wider than tall. There are hints that there is an attribute (if that’s the right word) called “position”, but I don’t see a way of setting it.
  2. I have removed a certain number of options for controlling the window, partially because I can never remember what those silly icons mean. But I would quite happily add a menu with all of the relevant methods – and this would be a good place to add the keyboard shortcuts (us old foggies need some helpful hints like that).

 

Adventures in IOS Land: Netflow

 Cisco, Computing  No Responses »
Mar 122013
 

Netflow (or perhaps IPFIX if you want to be vendor agnostic) is a means by which information on network traffic flows can be stored and sent on to an analysis workstation. As such there are two parts to the process of getting it all up and running – getting flows exported from the router, and getting something to read the flows for analysis.

Configuring The Flow Export

The first thing to do is to determine what interface(s) to monitor network traffic on as each interface needs to be independently configured. In most circumstances, the WAN link is the interface of interest, so we enable things on that interface :-

# conf t
config# interface dialer 0
config_if# ip route-cache flow
config_if# end
# wr mem

The guide I followed also suggested setting the bandwidth value to enable percentage utilisation calculations. I was lazy and skipped this. It also noted that for accurate flow statistics it is necessary to enable flow collection on all participating interfaces. Once this has been enabled, it should be possible to see something of what is going on with the show ip cache flow.

It is also a good idea to export the flows somewhere :-

# conf t
config# ip flow-export destination scrofula 9996
config# ip flow-export source dialer 0
config# ip flow-export version 9
config# snmp-server ifindex persist
config# end
# wr mem

The use of version 9 is dependant on what your analyser software can support. The snmp-server command keeps interface indexes persistent across reboots.

Analysing with NTOP

The installation of this package was accomplished with :-

# apt-get install ntop

This rather depends on the server in question running Debian of course! The details of configuring Ntop are left as an exercise!

 

Raspberry PI Alternatives

 Computing, Linux  No Responses »
Feb 222013
 

The Raspberry PI is a pretty cool device, but it is not the only small cheap computer around, and given that the PI is more hardware hacking orientated I thought I’d dig up some links for some of those other devices. Especially as I’ve got two Arduino projects on the go.

There’s actually a surprising number of devices out there; some running Linux and some running Android. And in a surprising variety of form factors; I’ve avoided looking at the simple boards – the point here is to look at devices that are different :-

  1. The Trim-Slice looks quite an interesting device, but all seems to have gone quiet since March 2012.
  2. The Giada Q11 is a similar device which is about the size of a VCR … or a 3.5″ external hard disk enclosure.
  3. The Cloud Client mini PC is a touch smaller being roughly the size of a double-CD case.
  4. The CuBox is more square than the rest and is roughly the same size as a mains plug.
  5. The Cotton Candy is an ARM in a USB stick; a cheaper option but possibly via Ebay is the U2, although most cheaper options don’t have quite the same features as the Cotton Candy.

This is not to imply that there are not others out there, nor that these are “better” in any way. I’ve not used any of them.

FreeBSD: Increasing The Size Of Disks In A ZFS Pool

 Computing, Working Notes  No Responses »
Feb 112013
 

One of the obvious things to do with a ZFS storage pool is to increase the size of the disks in it – after all disks get bigger and cheaper over time. Not that it is a very difficult thing to do, but it is always worth doing a quick search to find out what others have done before setting forth. And if nobody blogs their own experience, there’s nothing for anybody to find!

So I started off with four 2Tbyte drives configured as two vdevs each of which was a mirror. And I had two 3Tbyte disks to swap in. So I was going to be swapping one of the vdevs (consisting of two 2Tbyte drives) with the 3Tbyte drives.

In the details below, I have a storage pool called zroot and the two disks being replaced are gpt/disk3 and gpt/disk2. As you will notice, I am growing the storage pool I boot off; however the disks I am using do not contain a boot partition with the boot code.

The first job was to swap out one of the 2Tbyte drives. This was done by :-

  1. Take disk to be swapped out offline: zpool offline zroot gpt/disk3
  2. Shut down the server and take the selected drive out. Swap over the disk caddy onto a new 3Tbyte drive, and swap that back in.
  3. Power on the server.
  4. Create an EFI partition table: gpart create -s gpt ada3
  5. Optionally create a swap partition: gpart add -t freebsd-swap -s 4G -l swap3 ada3
  6. Create a ZFS partion: gpart add -t freebsd-zfs -l disk3 ada3
  7. Replace the device: zpool replace zroot gpt/disk3

Now is the time to wait for the resilvering process to complete. Once that has finished, the steps above can be repeated for the other drive in the vdev. Once the resilvering for that replacement has finished, you may want to check the size of the pool.

If the size has not increased, you may need to do: zpool online -e zroot gpt/disk2 gpt/disk3.

 Older Entries  Newer Entries