Mostly Harmless

For months my Xbox 360 has been complaining about the MTU being too small on my Internet gateway. This meant no updates and Xbox Live stopped working. I’ve been busy so I did not give it much thought.

My brother Alek bought a new one  for his apartment and hooked it up at my house.  I figured that the MTU problem was an issue with my old Xbox 360. Naturally it wasn’t.  His had the same problem so I looked at my Linux gateway.  Running ifconfig on my server showed me that the MTU on the external interface was set to 576.

How did that happen? I thought it defaulted to 1500. I ran the command “ifconfig eth1 mtu 1500″ and that fixed the problem right away.  On my openSUSE server I edited the file /etc/sysconfig/network/ifcfg-eth1 and made the MTU line read MTU=’1500′. This way when my box reboots the MTU setting should go to 1500.

After that was done, Alek was able to download the “new Xbox Experience”.  The irony is that Friday night my Xbox 360 finally gave up the ghost and died.  It’s out of warranty so I’ll be heading to Best Buy to get the holiday bundle.

My upgrade from Ubuntu 6.06 LTS = FAIL.

Last week I created a VPS on Slicehost.  I’ve been using Tektonic for a while now and have no complaints.  The support is very good and I can backup my VPS for when I need to.

I’m using Slicehost because I don’t want both of my domain DNS servers on the same provider. They offer Ubuntu 8.04 LTS, runs on top of Xen, and provide console access via an Ajax web front end.  You need to pay extra for a backup option. Aside from that one little point, using Slicehost is ridiculously easy and very manageable. They eat their own dog food and it shows.

On my Tektonic VPS it’s running on top of Virtuozzo.  No console just ssh but I do get to make a backup of my VPS and re-installing is a breeze. My only complaint is that it’s running Ubuntu 6.06 LTS which is a little dated.  For example the subversion client is 1.3.2 and I’d like to see more current versions such as 1.5.x.  On Ubuntu 8.04 LTS I just added the backports repository and I get current versions of packages.

Switching to Ubuntu 8.04 LTS should be simple. As root I ran these commands:

apt-get update
apt-get upgrade
apt-get install update-manager-core
do-release-upgrade

This is a seamless process and aside from asking me some questions, I had no issues.  The only issue I had is when I rebooted my VPS, it left the VPS un-bootable.  The support tech that I chatted with had not seen that before.  My VPS would not even start and I had to re-install it.

I’m now restoring the VPS to the backup I made yesterday, so it’s not all a total wash.  Most likely I’ll work with Tektonic to get 8.04 LTS on that slice provided they offer it.  Ubuntu 6.06 LTS is still supported so aside from consistency across servers, this is not a big deal for me.

Get your latest copy of Firefox 3.0 here. Thursday openSUSE 11 comes out.  It’s like an open source cosmic alignment of the planets.

I’ve avoided the openSUSE 11 beta only because I don’t have the time.  I’ve been kicking around Firefox 3.0 RC version and a couple of days ago, even Greasemonkey got updated for version 3.

Over a week ago I complained about WordPress users crying security wolf and not being able to recover their blog when the “Bad Thing(tm)” happens.

Since then a real brawl developed on the support forum that could be summed up like so:

1. One or more users is insisting that there is an XMLRPC exploit in 2.5.1.
2. The same one or more users refuses to back this claim up with data, or apparently send the WordPress security e-mail alias any info (maybe, how would other people know what was sent via e-mail?)
3. Many people tried to reasonably explain that such an exploit may exist but without data there is nothing to solve.

This discussion was just plain nuts and went around in circles.  Complaining about a problem without providing any proof and then getting all pissy about it is totally useless.  It is entirely possible that such an exploit exists and many people replied so.  But without any providing data other than saying “I can assure you that the hack occurs via XMLRPC”, then everyone’s time gets wasted.

Fortunately, Donncha provided a page that covers the issue succinctly and today he added another post on setting up aide.  His two posts are good and anyone considering monitoring their WordPress files for modification should give this a try.

Aide will let you see if your installation files and directories have been tampered with.  It won’t protect you against HTTP POSTS or database attacks but it’s very good if someone succeeds in modifying your files.

There are ways to log what’s being sent via an HTTP POST and examine that information; if (or even when) I get hacked, I’ll try to start looking at that data.  MYSQL database monitoring, that could be interesting but for now I’m not aware of a good tool to do that.

On my OpenSuSE installation, installing aide is simple.  As root run

zypper install aide
aide --init
mv /var/lib/aide/aide.db.new /var/lib/aide/aide.db
aide --check
cp /usr/share/doc/packages/aide/examples/etc/cron.daily/aide.sh /etc/cron.daily/

All of which I just did.  I ran the check option to make sure I did not create any issues with the aide.conf file.  I’ll play with the aide.conf file and see what kind of output I get when the daily cron job gets run.  If I add and modify files and I set it up correctly then I should see that in daily cron job’s output.

Update: this worked but in /etc/aide.conf change the line verbose=1 to verbose=5.  That will get you a useful output of which files and directories changed.

My Ubuntu T40 laptop is “only MOSTLY dead”.  The built in LCD display is too dark to read and I replaced it with a HP laptop running Vista Home Premium.

I feel slightly guilty about running Vista on it but it runs really well so ptthhhhppp.  I put the T40 onto it’s docking station and hooked it up in the basement with the other equipment.

The upgrade was easy as usual.  Just sudo su - and update-manager -d.  It took a while to download the files but a reboot later and I’m running.

This new Ubuntu feels faster.  It’s hard to really quantify that with old hardware, but it does.  So far the only issue I have is that the spell checker in Firefox 3 beta 5 is broken sometimes (I had to use the one built into WordPress for this post).

It’s like a refined version of 7.10.

Today is not exactly how I intended to enjoy Easter Sunday. I’m baby sitting my main server in my basement right now. This morning at 6 AM I noticed my server in the basement was not passing traffic since 2 AM. So I rebooted the server and it came back.

I like to attend the 8 AM mass at St. Mathews because I don’t like crowds. Today we got the kids dressed up and went to church. Afterwards we went to Friendlies for breakfast. 9 AM Sunday is a great time to go; no crowds at all.

At 9:45 AM I received an e-mail on my Blackberry that my server was down again. I use the free service from Service Uptime. Yes I snmp monitor my cable modem, server CPU, server throughput, etc. and no I’m not an Uber Geek. We got home, we snapped some pictures (we were all dressed up after all) and I got to work rebooting my server.

Hard rebooting a Linux server is odd. I generally only run tested packages on my servers and I’ve had Linux boxes go for months until I had to reboot it for some kernel patch. So when this one started acting up I’m getting worried. One of my disks sounds like the fan from an old car so that might be a hint.

I pulled out a 300 GB from the Netgear SC-101 since I was not using it. I have a ton of data on the old drive so right now I have both drives mounted and am copying data from the lawn mower and onto the new 300 GB drive.

Going from one ATA bus to the other is about 8 MB/sec so it’s taking a long time. Copying data from your disk is like cleaning up your basement. If you have not looked at it for more than 6 months then you can probably lose it. Once I get what I want of the old drive, I’ll place it on the shelf and close up the server.

If it keeps happening then I’ll just get a Dell refurb PC.  In the meanwhile the kids are having a blast playing in the basement while their Dad waits for his server to finish.

I did not really mean to upgrade my home server today, it just worked out that way.

Weeks ago I cleaned up my basement computer room and Alek had dropped off an old PC for my use. It is a dual Pentium III 800 MHz machine with 700 odd megabytes of RAM. It does not work well with my old WinTV PVR-350, Windows Media Center Edition 2005, and can’t play most AVI or MPEG files.

My server is a 3GHz P4 with 1 GB of RAM and a okay Geforce 5600 FX in it. So I figured I’d swap the drives and just use the server as a workstation and vice versa. Just to be on the safe side I moved my blog to the backup server on my VPS.

The server hard disk would not boot on the PIII box. The initrd image did not have the drivers for the ide system in the new box. Getting the initrd updated would have required the openSUSE 10.1 which I could not find.

I did have a recently burned openSUSE 10.3 DVD lying around so after a couple of hours I was able to get my server working by upgrading from 10.1 to 10.3. The updated 10.3 YaST is faster than before and I’m going to start using zypper to keep my system up to date.

Once I get the system to a point where I am comfortable then I’ll move the blog back to my basement.

Today it’s President’s Day, it’s raining, and the kids are off this week.  So naturally I am goofing around with my PC. I’ll head to the basement soon to play with the kids but first I want to setup something on my workstation.

My main workstation is a Dell 700 720 with a Core 2 Duo and a pair of nvidia GeForce 7900’s.

It’s a great machine and I am currently playing Call of Duty 4, Crysis, and a couple of others.  But I really enjoy working in Ubuntu. I just don’t want to give up the games.

I installed Virtual PC 2007 on my workstation and enabled hardware-assisted Virtualization.  I captured an Ubuntu 7.10 iso on my disk and began running the installation. I created a disk for the virtual PC and began the installation.

I knew that once the live CD booted up I would have problems with the X11 driver.  So I ctrl-alt-F1 and ran “sudo vi /etc/X11/xorg.conf”. I replaced the “Depth 24″ with “Depth 16″, saved the file, did alt-F7 to switch back to the X11 screen and then alt-backspace to restart the X11 server.

The mouse still did not work.  Google is my friend and I learned that when I boot the CD press F6 and append the following to the kernel boot parameters ” i8042.noloop”.  The article suggested running the Virtual PC in safe graphics mode but that went very low resolution on me.

Wash, rinse, repeat the “Depth 16″ portion.  I’m now installing on my Virtual PC 2007 Ubuntu with a color depth of 16 and a working mouse.  My system has only 2 GB of RAM but since I upgraded to the XPS 720 motherboard I can go nuts with the 800 Mhz stuff.

Vista 64 with 8 GBs of RAM, that sounds like a good upgrade.

After the install I modified the /boot/grub/menu.lst to add to the kopt line i8042.noloop as well as to the end of the kernel line.  That’s probably not the place to put it but it works for now and I’m going to continue working on it. I’ve just got the networking going and I’m putting on 187 updates since the iso image was created.

Yesterday around 12:36 AM my main server mowgli went into a temporay coma (a disk volume fell down and did not get back up) and was not receiving mail.

No problem, thanks to the magic of DNS MX records, mail goes to my backup server dixie. Good thing I was clever and had dixie forward all mail to Optimum Online’s mail relay… when the mail relay got the dembowski.net mail it tried to deliver it to mowgli (who was down) and then back to dixie. The mail dixie got was sent into a loop with my ISP’s mail relay.

Each hop is added to the messages SMTP header and when an MTA sees that it is looping with itself then it typically sends the sender a non-delivery message and discards the original mail.

I lost about 20 hours of mail messages for my domain. Once mowgli was fixed I made a change to mowgli’s Postfix configuration. In the main.cf file I changed this line from

smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, reject_rbl_client zen.spamhaus.org

to now include a whitelist

smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, check_client_access hash:/etc/postfix/whitelist, reject_rbl_client zen.spamhaus.org

The /etc/postfix/whitelist file just contains one line for dixie’s IP address

24.46.186.255 OK

I ran postmap hash:/etc/postfix/whitelist and tested. From dixie I was able to telnet to mowgli on TCP port 25 and send mail by typing in the SMTP commands directly. Before this I would get an error message like

554 Service unavailable; Client host [24.46.186.255] blocked using zen.spamhaus.org; http://www.spamhaus.org/query/bl?ip=24.46.186.255

Now my main server accepts mail just from that IP address on the whitelist before the Spamhaus check occurs. The reject_rbl_client check is still working (open mail relays are BAD) it’s just my one IP address that gets a pass.

The configuration on my backup server dixie was simple. I added to main.cf one line

transport_maps = hash:/etc/postfix/transport

The file /etc/postfix/transport contained

dembowski.net smtp:[mowgli.dembowski.net]

I ran postmap hash:/etc/postfix/transport and restarted postfix. Now when dixie needs to deliver mail to dembowski.net it sends it directly to mowgli. If mowgli is unreachable it will just queue up the mail until mowgli becomes available. Every other domain gets forwarded to my ISP’s mail relay and all is good.

Last night ran the command ’sudo update-manager -c’ and after a few prompts left the laptop running the distribution upgrade to Ubuntu 7.10 Gutsy Gibbon. This morning I rebooted it at the prompt and poof I’m upgraded.

I usually don’t think that Linux has a real chance on the desktop; it’s just not the consumers choice. But seamless upgrades and making it so easy to use keeps me wondering. No way a Microsoft upgrade is this easy.