and again?

ohhhhhhhhh yes…the damn spambots found a way to bypass all measures agorf had taken. So it was time for the gd library to come in handy.

I found a patch for wordpress that creates a random text string on one image and someone has to copy that text to a text field to “validate” his comment.
The url to the patch is here: http://www.gudlyf.com/index.php?p=376
Then I had to install libjpeg, freetype,gd and recompile the latest php to use all that…DAMN these spambots!

Let’s see how long it will take until the spambots find ways to figure out text out of images…I am not sure if I really want this to happen or not …If it happens it will be a great improvement for AI in general…but all that authentication measures based on images will go down the drain….

Btw I’ve learned today that gentoo is not a “random” word for a distro…but rather a “penguin race”…You can find some info here:
http://www.siec.k12.in.us/~west/proj/penguins/gentoo.html
http://www.antarcticconnection.com/antarctic/wildlife/penguins/gentoo.shtml

New spam attack

And again another spam attack in my blog comments! It seems I am really famous! This time the ads were about medicines and diets and crap like that. Agorf re-patched my blog to stop this attacking pattern too.

The spam comments looked like this:

#

Name: buy phentermine online | Email: byob@y1049o.com | URI: http://phentermine.one-phentermine.com | IP: 148.244.150.58

1049 phentermine.one-phentermine.com
adipex.one-phentermine.com
tramadol.one-phentermine.com
ambien.one-phentermine.com
cialis.one-phentermine.com
viagra.one-phentermine.com
diet-pills.one-phentermine.com

Posted Nov 23, 4:46 AM | Edit Comment | Delete Comment — Edit Post “Infosystem 2004” | View Post

There’s a number inside the email of the “poster” and the beggining of the comment:
email: byob@y1049o.com
body: 1049 phentermine.one-phentermine.com

Let’s see who’s next!

another patch made by agorf

For the ones that are not aware of the refer 2.1, I will quote a text from the website:

What is it?

Refer is a web application that tracks incoming referrers (visitors who followed a link found elsewhere) to your website.

Check on the demo link: Demo

Agorf has patched it a bit because I wanted on the who list to be able to lookup ips from the ripe database. He added a field to the database and changed the phps to enable the RIPE queries.

Get the patch from here: refer ripe patch by agorf

Blog comments update

The official php coder of this blog has made a change in the way comments are being posted. agorf has added a checkbox that you HAVE to uncheck in order for your comments to be posted. Else your comment get’s ignored.

No more comment moderation! I hope we won’t get outsmarted by the spambots…at least for a while!

Cheers and thnx to agorf!

PAT-NEEDS-YOUR-HELP + blog comment notes

I guess that most of you reading my blog are already aware of Patrick Volkerding’s health problem that he chose to make public. (public announcement). I am not an MD but I think that he’s a bit overreacting here. He went to 2-3 MDs and noone told him exactly what he had…and he googled and found it ? Is this the way we will get medical treatment in the future ? Google our symptoms ? I wonder why a man like Patrick can’t get proper medical diagnosis, either the US medical system is a TOTAL wrack or Patrick chooses to go to the wrong ppl at the wrong time to examine him.

Anyway…I hope he really gets well because he is a very important part of the linux community. Slackware is more than a simple distribution…it’s more like a symbol for linux and without Patrick this “symbol” will get lost…

A friend of mine in his blog (out.of.sync) says that he is against blog comments in general and user comments could be posted on their own blogs. Well I disagree with this for 2 basic reasons. First of all not all ppl that are able to express an opinion on something they see written on a blog, have a blog of their own. Whether they should or not is a very long discussion and am I not willing to start it here. Secondly comments make the blog alive. Someone can corrent you on something you have written. Trackbacking is not always that usefull, and I wouldn’t really like visiting blog search engines every day to see whether someone has posted a note about my ideas and posts.
Comment spamming is a serious problem for blogs…I’ve had 2 attacks so far (but only one showed up on the blog because when the second attack hit my blog comments were already under moderation). I wonder if it is possible to have a hack for wordpress that will only allow someone to post a comment when he writes on a text field some numbers that are created randomly on a image (using gd probably). Another quicker solution would be to force ppl that want to write comments, to write some predefined text to another field under the current ones. I think that the spambots on the net are not able to scan for extra fields in blog forms apart from the predefined ones in them. Any php coders around ? 🙂

blog update

Last night I updated (by mistake) my blog. I overwritten wordpress ver 1.2 with wordpress version 1.2.1. Unfortunately most (if not all) “hacks” that agorf had made from time to time were lost. I used a patch that agorf had made and restored 2-3 hacks though. I’ll see what’s missing cause I can’t remember right now and tell him to do them again 🙂 (and create a new patch file this time, hehe).

Trying to play an Internet Game

Yesterday me and a friend were pretty bored and we want to play an online game. We installed warcraft3 and were anxious to start….but..nooooo we couldn’t.
We r both sitting at our homes behind dsl lines (and of course behind nat) and we couldn’t play because there was no internet game option inside the game…apart an option to play on battle.net. I thought that there should be another way to do it. I started googling and found out that I had to setup my own battle.net server called bnetd. (During this time I was uploading the latest patch I had for warcraft (ver 1.12) so that my friend would have the same version with me. ) But bnetd was no longer available because blizzard sued the creators.
What now ? keep searching. I came up with another battle.net replacement called pvpgn. Latest stable ver was 1.6.6. I downloaded, read the configs, downloaded a loader for the warcraft3 client it needs and started it. Server was up but I couldn’t connect my warcraft to it. After some googling I came up with the Battlenet Gateway Editor. I changed my battle.net server settings and now I could log in to my battle.net server and create a new account. But still I could not play…That’s the part where one goes crazy…
Googling and googling I found out that there’s another, newer, official patch (ver 1.17). I started downloading…it was “just” 35Mb…After it was finished…I applied it…but then I needed a no-cd crack. After some swearing and googling I’ve found that too. So now I had warcraft3 ver1.17, a no-cd patch for it and a loader to be able to connect to pvpgn. Still I could connect to server and create an account but I could not login and play.
Googling and searching inside forums I found out that there’s a newer pvpgn version (1.7.3). I got that version and it’s supporting files and fired up the server once again. FINALLY I could create an account and log in to the server.
Then I had to explain all these to my friend. I’ve spent more than 2 hours searching google and downloading various software just because I did not know the name of the battle.net server (pvpgn) and because I had bumped to a semi-official mirror with older version of the files I needed.

(Then we had to configure our NAT rules for the dsl modems in order to be able to connect to each other)

How hard can it be to have some fun ? AND I DON’T WANT TO STICK WITH NETRIS for the rest of my life!

Usefull links:
PvPGN
PvPGN Files to Download
ver 1.17 crack and loader

Project Ronja

A couple of days ago while visiting some wireless forums I came across this link: http://ronja.twibright.com/. Quote from the website

What is Ronja?

Ronja (Reasonable Optical Near Joint Access) is an Free Technology (like Free Software) project of optical point-to-point data link. The design is released under the GNU General Public License: you get all the necessary documentation and construction guides free. The construction costs are minimal; it’s probably the cheapest wireless system ever. The operation is reliable and immune to interference.

So someone can create cheap point-to-point links just with optical technology. The materials needed (not the tools) cost less than 100E to create a receiver and a transmitter. What’s really shocking is the speed of these links..10Mbit Full Duplex with simple led lamps. It might be possible to change the led and the circuit to gain in distance and/or in speed. And that’s what me and some friends from the university will try to do. Unfortunately I have no idea to help with electronics…so my only contribution in the beggining will be ideas and money.

I hope we finish this sometime because it’s both interesting as a project and usefull. Wireless noise inside cities is steadily raising…it wouldn’t be bad to replace some backbone links with a couple of these…if they work as expected. And why shouldn’t they….a lot of ppl use them alredy.

Check this: http://images.twibright.com/tns/7a3.html

News and Updates

Today I am going to become one of the most hated people in the University. My supervisors told me that I have to block the free downloads from and to the dormitories. The traffic from and to the dormitories the last months is growing really fast and that annoys a lot of people (it’s almost 35% of the university traffic), that’s why they will only be allowed to have access to remote web servers(http,https) and ftp servers. There’s even a chance that they will use a transparent squid proxy for all these. I think that such drastic solutions will create more problems than solve. It would be wiser if people were warned before these actions so they would auto-regulate themselves.
Anyway…we will see.

I have the links from the GrNET-Tech and IPv6 meeting presentations…
GrNET-Tech Presentations
IPv6 Presentations

I have no more “tech-news” due to the classes I have everyday that take up all my time. I don’t have the time to “create” anything new…I hope I find some …soon.

First Spam Attack on my Blog

Yesterday I had the first spam attack on my blog. Some bots posted about 30 spam messages as comments to various posts of mine. It was something I never expected cause my blog neither famous nor has any “famous keywords”. Anyway, from now on I have explicitly set an option to moderate all posted comments, that doesn’t mean however that I won’t allow any posts that don’t agree with my ideas but I will not tolerate spam on any comments.

So you are free to flame me…with my permission 🙂

cheers

GrNET VNOC meeting + Ipv6

During the past weekend I went down to Athens, Greece to attend the vnoc (virtual noc) teams of GrNET meeting and a meeting about ipv6. GrNET is the ISP/company that interconnects all greek universities and big research centres in Greece. It is the place where true broadband links (up to 2.5Gbps) in Greece take place and one of the very few “places” in Greece where you have the chance to work with real hi-tech equipment as well as to meet people with advanced knowledge of networking.

The convention-meeting-conference-(give-your-own-name-here) was fun and tiring at the same time. The speeches started at 9:00 in the morning and finished at 19:00 in the afternoon. In order for me to get where the speeches took place I needed about 1 hour from the place where I lived during these days. So it was kinda tiring to have to travel for so long and then listen to various speeches for about 10 hours (including some breaks of course).

The most interesting day was day1. All the speeches were about the backbone of the network and about new services (like QOS, VoIP, MPLS, VoD, and many many others) that were already implemented or being designed. It was a great experience to find out about new technologies that will help this network grow bigger and more efficient.
The second day about ipv6 was kinda troubled. It had originally be designed for concurrent sessions-speeches, introductory and more advanced ones, but the place where the speeches would originally take place were taken over by some students protesting about how people are kept inside jails in Greece, so the speeches had to move to another building that had only 1 auditorium. So some speeches were skipped and introductory and advanced ones were mixed to one session. The most interesting speeches were about ipv6 mobile ip and about an ipv6 ip security draft (Network Address Protection) presented by a cisco engineer.

I will post the link to the place where the presentations will be uploaded when I get informed about it(possibly in the next couple of days). Some of those should be read by anyone wanting to implement some serious services to his network whether in Greece or not…

Infosystem 2004

Most of you probably won’t know what infosystem is. Quotting their site:

The 18th I.T., Telecommunication and Digital Technology Exhibition, INFOSYSTEM 2004, is about to take place once again, at the International Exhibition & Congress Center of HELEXPO, in Thessaloniki, Greece.

I visit this exhibition every year for more than 10 years now and I can assure you that it’s getting worse every year. A major reason for that is that there’s now a Comdex exhibition in Athens, Greece while 5 years ago there was no other IT exhibition (in Greece). So, most companies prefer to “show” their products on comdex than infosystem due to the more visitors going there…

So what was this years’ Infosystem about ? Hmmm…to be sincere…nothing…nothing new was presented. The “new” word on this year’s exhibition was “ERP”…while last year it was “SOHO”. Every year new words are presented to the IT market…but very few customers can understand and use them. But the greek companies still persist on these stupid marketing techniques. Well presenting the same software with different “name” every time doesn’t help the market nor the companies.

What was I doing there ? Meeting friends mostly from Hellug and TWMN mostly. Not as many friends as I expected came…but it was fun meeting the ones who came. I helped a bit at the hellug pavilion by explaining to ppl what Linux is, how to install it, how to overcome problems, etc. I was surprised by the number of ppl that had already some experience with linux, through live cds, installations, presentations, etc. It was the first time I ever saw that many people getting interested on Linux. Hellug and TWMN was co-hosted under the same pavilion and I can say that we surely had the most visits than any other pavilion, even from companies like Microsoft. The highlight was when a couple at around 30-35 years old came to the pavillion. The male asked me some questions about linux..I gave him some cds (Knoppel and Suse 9.1 Personal Edition) and then his wife said:

“Let’s go…these are freaks” and he answered
“They are not freaks honey…they are users”

That trully made me think…what are we ? Why do we want to promote Linux ? And why some people see us as freaks ? what’s so strange about us ? Why is it “bad” to have the will to get the max out of your pc ?

Anyway…another bad exhibition is over but a new “force” is rising again. The greeks are again forming communities and that had many many years to happen (maybe since Fido-net).

RAID5 + LVM2 + recovery + resize HOWTO

I was looking forward to creating a big fileserver with disk crash recovery capabilities. LVM2 with reiserfs partitions couldn’t do the trick for me. I had 3 200Gb disks “united” under a logical volume, and formated them with reiserfs and I want to test what would happen if one disk “crashed”. So I created a fake crash..I shut the machine down, pulled the plugs of a disk and rebooted. I managed to see the logical volume using the latest lvm2 sources and the latest version of the device mapper:

# lvm version
version LVM version: 2.00.24 (2004-09-16)
version Library version: 1.00.19-ioctl (2004-07-03)
version Driver version: 4.1.0

Unfortunately I had no luck in reading the reiserfs partition. The superblock was corrupted and the reiserfsck –rebuild-sb /device did not work… Salvation was impossible.
While googling the web and trying to find out possible solutions I came up to the wonderful idea of creating a software raid5 array of the 3 disks and have LVM2 on top of the raid. I would lose 1 disk in “space”…but I gained the ability to recover after an error and to be able to add more disks if that was necessary.

Before we continue I must say that it’s necessary that you HAVE worked before with raid and lvm so some commands are familiar to you. This is NOT a step by step guide…but more like a draft of how things are done.I am not going to explain every little detail…man pages and google are always around if you have any questions.

Enough of this…let’s start.

  • Initialization
  • First of all let’s say that we got our 3 disks on /dev/hde, /dev/hdg, /dev/hdi
    1) We create 1 partition on each one covering the total space using our favorite disk managment software (fdisk, cfdisk,etc). (btw, drives MUST be IDENTICAL).
    2) Then it’s time to create the /etc/raidtab file. Our contents should look like:

    raiddev /dev/md0
    raid-level 5
    nr-raid-disks 3
    nr-spare-disks 0
    persistent-superblock 1
    chunk-size 32
    parity-algorithm right-symmetric
    device /dev/hde1
    raid-disk 0
    device /dev/hdg1
    raid-disk 1
    device /dev/hdi1
    raid-disk 2

    3) Now let’s create our array:

    mkraid /dev/md0

    4) It’s time for LVM2 now…let’s edit the /etc/lvm/lvm.conf so that we add support for raid devices. My filter line looks like this:

    filter =[ “a|loop|”, “a|/dev/md0|”, “r|.*|” ]

    5) Start initializing the LVM:

    pvcreate /dev/md0 (you can issue a pvdisplay to see if all things are correct)
    vgcreate test /dev/md0 (you can issue a vgdisplay to see if all things are correct)

    6) Time to create a small logical volume just for testing:

    lvcreate -L15000 -nbig test

    (you can issue a lvdisplay to see if all things are correct)
    7) Now there’s something that’s distro-specific. “Usually” lvm is started on init script before software raid. But in our case, when a reboot occurs, we want a) start the raid b) start the lvm. I am using gentoo as a distro and gentoo had these things the other way round…It first started the lvm and then the raid, which resulted in errors during the boot process. This case is easily solved in gentoo by editing /etc/init.d/checkfs and moving the part about the LVM below the part about the software raid. The config file is really easy to read so I don’t think anyone might have a problem on that…
    8) Let’s test what we’ve done so far…Let’s format that logical volume we’ve created with ext3.

    mke2fs -j /dev/test/big

    9) Make an entry inside your /etc/fstab to point to a place you want to mount that logical volume…and then issue a:

    mount /dev/test/big

    10) You are now ready to start copying data onto that volume…I’d suggest that you copy 5-10Gb out of the first 15Gb that we’ve created (remember that -L15000 ?).

  • Now it’s time to simulate a crash! 🙂
  • 11) We first stop the raid device (after unmounting it and changing the activation of the logical volume, lvchange -a n /dev/test/big):

    raidstop /dev/md0

    12) Let’s destroy one disk. Open up again your favorite disk managment tool and pick up one disk to destroy…let’s say /dev/hdi. Delete the partition it already has…and create a new one. All previous data is now lost!
    13) If you want to make sure that you are on the right path of destroying everything…reboot your machine. Upon reboot you should get errors on the software raid and on the LVM not being able to activate the volume group “test”.
    14) Upon the root prompt issue:

    raidstart /dev/md0

    and then do a: cat /proc/mdstat
    You should probably see something similar to this:

    cat /proc/mdstat
    Personalities : [linear] [raid0] [raid1] [raid5] [multipath]
    md0 : active raid5 hdi1[2] hdg1[1] hde1[0]
    390716672 blocks level 5, 32k chunk, algorithm 3 [3/3] [UUU]
    [========>…………] resync = 43.9% (85854144/195358336) finish=115.9min speed=15722K/sec

    15) When that is finished, it will mean that raid5 has rebuilt the array after recovering from the “faulty” disk, that we’ve created, and the placement of the “new” drive. (both destruction and the new disk placement was done on step 12)
    16) Issue: vgscan
    It will make the volume group active again.

  • Resizing the Logical Volume
  • 17) Say that you need more space to that logical volume you had created…15Gb is not that much after all…

    lvextend -L100G /dev/test/big

    We’ve now made that previous 15Gb logical volume to a 100Gb one…already feels much better…doesn’t it ?
    18) But that’s not all, we now need to extend the ext3 partition to cover up all that “new space”

    e2fsck -f /dev/test/big ; resize2f /dev/test/big

    We first check that the partition is ok…and then resize it to the full extends of the logical volume.
    19) We are set! We just need to mount our new partition…and we now have 100Gb of space! You can now extend that even further or create more logical volumes to satisfy your needs.

  • Extend the raid5 array
  • This section is to come in a few days…stay tuned.

    I hope that all the abobe helped you to create a better and more secure fileserver. Comments are much appreciated.

    Igniting The Web (or the budget)

    There has been an ongoing campaign in order to spread Firefox any have as many users as possible install Firefox 1.0PR. In my trully humble opinion this is tottaly wrong and I can’t understand why people from the Mozilla.org are so anxious about this campaign.
    First of all I have to admit that I am a firefox fan for more than 8 months (I can still remember installing and testing it for the first time, somewhere around version 0.6). I am very happy about this project..it serves me well and I do my best to “spread the word” for a long time now. I liked it’s stability, even though it still has severe crashing problems with Acrobat 6, Windows Media files, and several other minor or major problems. I liked they way extensions can be used…and of course the interface.
    Having the Netscape example in my mind, which is somehow related in many ways to the mozilla engine..and mozilla developers/managers should know very well what happened when netscape needed to be updated every 10-15 days, it strikes me pretty bad to see the same scenario come out of netscape’s grave and apply to firefox “promotion” campaign. Netscape was by far more superior than the IE at the time…but it kept releasing products with errors and people had to download it from scratch…15Mb every 15 days…There were no patches for netscape like MS did for IE. It’s very different to download 300kb every week than 15Mb every 15days…even though IE’s probs were bigger…who could understand ? Have you ever read what the windows updates “fix” ? Most of them cannot be understood by the computer illeterate users that are the vast majority of the internet.
    I can’t get what’s the point in promoting a PreRelease to as many people as you can, when even you as a developer know that this is a PreRelease and it will have problems (as previous versions did). Firefox’s “strong” point is that it doesn’t have that many security problems as IE. What happens though if you promote firefox as a flawless broswer that’s here to replace IE …and then suddenly..as more and more people start messing around with it a big security hole is found? Then people will surely get back to IE because their “dreams” of secure surfing were crippled by the only one left to magically make that dream come true.
    MS has chosen not to release another broswer until the new windows…that’s about 1-2 years ahead. What’s the rush for creating a rumour for a “perfect browser” NOW…and spreading it NOW…when you know as developer that it DOES have probs ? (else it would be called Firefox 1.0, no PR after it)
    What will you say to all those poor 56K modem users than will have to download another 4.5Mb in 10-15 days ? You become from their beloved one..to the one they hate the most…cause at least MS is “accepting” that their product has flows..and so have the users accepted that fact. And they keep downloading MS’s patches whatever happens (cause it’s on windows automatic updates) , but who would download one patch after another(or one release after another probably because firefox does not provide patches…just like netscape) from an “unknown” company and accept this fact and keep doing it for as long as it takes ? For computer and Internet illiterates…mozilla is an unknown company…it’s certainly not MS…and I don’t think that firefox managers would like only to target the computer literate..cause that would be devastating for their economics.

    I am really happy that in 5 days firefox has passed the 1.300.000 downloads but I am really anxious to see what will happen if a major error appears.What will all those users say? In my opinion Firefox 1.0PR stands for 1.0Public Relations, and some people rushed a LOT to get this product on the market…and to raise their budgets. The PR team of firefox looks pretty bad to me…

    Looks like the netscape example didn’t teach them anything…

    Me, Myself and my bad luck

    Yesterday morning I did a chkdsk on my pc at home just to make sure all was ok…just in case. What I saw made me furious! My boot disk had 1 bad sector!!! The disk was just 1 year old…a Western Digital 120GB JB model. What’s going on with Western Digital ? They keep making one crappy disk after the other. More than 4 200Gb JB models I have owned for the past 1-2 years have crashed. Now this 120GB…I was more than cautious with this machine because it’s the machine I use for project development. It’s on a UPS…it has seperate hard disk fans…so what went wrong ? I can’t get it….
    Luckilly I had a spare 120GB without any data on it. I booted my slackware and did a dd_rescue from the disk with the bad sector to the other. It took around 10..maybe more hours…but now I am working on the “spare” disk (that I have double checked it for bad sectors) and all look fine.

    I am not going to buy another Westerd Digital disk…I am not even sure I want to send the disk back to the company to send me another for refund (warranty is for 3 years…so I can send it back anytime I want). I think I might sell the new one that they will send me to someone while it’s inside the company’s packaging and buy another disk from another brand. But what should I buy ? Maxtor disks go toooo hot when used for a long time (I have hard disk fans…but how secure would you feel ?), Seagate disks are rumored to be very good (as far as stability is concerned) but they are a lot slower than all others. I am willing to hear/view any suggestions as comments…

    Waiting for the next problem to appear.