Syzygy Tech

A few weeks ago I installed DenyHosts, a small deamon (can also be run as a cron job) that runs on my server to block IP’s that make brute force SSH login attempts.  The script has worked great, blocking over 500 hosts on the first day I used it (including myself a few times…).  One of the features of the script is the ability to send an email each time it blocks a host.  Although getting a few hundred emails at first was very annoying, setting up a few rules in gmail prevented me seeing them in my inbox (they go directly to a folder).  I did, however, start to look at the times when the various hosts get denyed.  They seem to come in large groups, so that there will be 50 or so hosts blocked in a rather short length of time, around 10 minutes or less.  The IP’s of the computers also come from all over the world, but most seem to come from Asia, South America, and Russia.  I think it would be interesting to do a more complete statistical analysis of the data in regards to the time and location of where the login attempts are coming from.  Maybe I’ll write something to do this later.

I recently bought 2 new 500GB hard drives and am in the process of migrating the array to double its size to 2TB. The current 1TB over 3 drives was 100% full, so it was something that had to be done. The expansion took about 26 hours on my 3ware 9650SE-8LPML controller, which is quite good from what I see of other peoples experiences. Of course, all important data was backed up before the RAID expansion.

The primary issue I had after the expansion was the proper partitioning of the free space. When the RAID expansion was complete, I now had 1TB of used space using a JFS that was the original partition, and 1TB of unused, unpartitioned free space. Attempts to use Gparted to expand the partition failed due to a known bug that prevents partitions over 1TB. I tried to use Parted, the CLT tool that Gparted is based on, to expand the filesystem but was unable to do so. This seemingly left me with two options, either use multiple smaller partitions, or to reformat and restore the data from the backups. I decided that smaller partitions would be a lot of extra work in terms of keeping tabs on the free space on each partition (and may require more frequent partition modifications) which is something that should not be necessary. Restoring from backups was not welcome due to the time involved. Deciding that those options were not acceptable, I was determined to find the solution I wanted, having a 2TB partition without going through a backup restore process. If anything, it would be worth doing simply on the principle of the matter: that having large partitions on a modern filesystem that supports volumes up to 32000TB should not be a problem. Several Google marathons and man page studies allowed me to successfully perform the operation that I wanted.

My main problem was a lack of understanding of the way that fdisk actually works. With fdisk, you can delete and recreate a partition without actually destroying the filesystem that lives on the partition. I am not sure exactly what the limitations are, but it seems that as long as you do not change the starting point of the partition, the filesystem will remain there. In my case, the drive in question (/dev/sda) had a 1TB partition starting at the beginning of the disk (/dev/sda1) with 1TB of unpartitioned free space residing after the JFS partition (created by the RAID expansion). I deleted the JFS partition (/dev/sda1), and recreated the partition, but this time using the full 2TB of space. In the tests that I did, the free space MUST come after the partition. I wrote the partition table, and them mounted the drive. All the data was still there, but the JFS partition was only showing up as 1TB with the command dh -h. This was rather concerning until I realized the state that the drive was in. fdisk only edits the partition table, not the actual filesystem. When it writes out the partition table, it is just redefining where the partition begins and ends and does not touch the filesystem. Thus, although I had expanded the partition, I did not expand the filesystem. Doing some more searching, I found this article that gave me the last piece of information I needed. The command mount -o remount,resize /mount/point tells the JFS filesystem to expand to fill the entire space of the partition. The command is unique to JFS and will not work on other filesystems because the options passed are used by the JFS kernel driver. When you issue the mount command, note that the partition must be mounted.

Perhaps most frustrating is the lack of data on the JFS filesystem. It does not seem to be very popular in the Linux community, most of whom use ext2/ext3. Those that do use an alternative filesystem tend to use ReiserFS with a small number using XFS. In the limited, unscientific testing I have done, JFS performed very well performance wise and used far lower CPU than ext3 or ReiserFS. JFS has worked out well for me so far and, despite my initial difficulty in expanding the filesystem, is the filesystem I will use in the future.

Yesterday was another opportunity to fly without presenting any ID at the airport. The man at the US Airways counter didn’t give me much trouble beyond the puzzled look and a few questions about how it’s possible to not travel with ID. Going through security was easier this time than last time as they did not frisk me, but they did give me a little bit of trouble while going through my bag.

The first item that got me a few questions was my all metal mechanical pencil (click here for a review). As you can see in the review, the pencil is quite heavy and solid, so I can understand their complaints. In the end, they did not take it away. What was more amusing, was the concern that the two security guys had over my laptop. I currently am missing 1 key off the keyboard from switching the layout to Dvorak (I still have the key, but need to modify it for it to go back on). The guard spent a minute looking at the missing key to see if there were any apparent modifications to the laptop, when he noticed that the keys were not in the right places. He had never heard of the Dvorak layout and, apparently, did not know that layouts other than qwerty existed. I guess my explanations of a more efficient layout were not good enough, and they asked me to turn the laptop on to verify that the “internals have not been modified”. I really wanted to tell them that I have modified the internals, but discretion got the better of me. So I turn the laptop on, and they get to see LILO in all its glory boot Gentoo. Although they were satisfied that the machine was operational, they were not happy that it was using software that they had never heard of. I explained what an operating system was to them and the difference between Windows and Linux, but I don’t think I cleared much in their minds. To see their reaction, I refused to login to the machine when they asked, which prompted them to bring aver their supervisor (an actual TSA agent rather than hired security). I explained the whole Dvorak and Linux thing to the supervisor, who seemed to be a little more understanding. She felt that turning the computer on was enough and let me go.

The trip through security was relatively painless despite the issues that they had with my computer. I think that this shows that there is a fundamental lack of understanding of how computers and electronics in general work. If I had told the security that I was an electrical engineering student, I’m sure that they would have given me more of a problem with the computer. If security really wants to deal with modern electronic threats, they need to start educating their guards in the matter. There are much more dangerous things than Linux that can be brought onto an airplane, not to mention things that are much less conspicuous than a laptop running totally unfamiliar software. Something that comes to mind would be a radio jamming device that could easily be concealed within an operational laptop, calculator, etc. I understand that I am in a much different position than many people who do not use such electronics everyday, but if people are going to spend billions of dollars on security, shouldn’t they actually be familiar with the kinds of threats that can occur? Or, perhaps, it is just the notion of “security” that is the aim. It is clear to me that actual security is trivial, a superficial glaze is all that is necessary to make people feel safe. Personally, I think the fear that people have in regards to air travel security is absurd, so maybe its a good thing that there still is no real security at the airports. Life is hazardous to your health. Deal.

In researching information about using a webcam as a low cost camera for astrophotography, many people recommended the Philips SPC900NC camera due to its use of a good quality 1.3 megapixel CCD sensor at a decent price. I bought mine from ebay, but its also available on Amazon and Newegg. My first attempt at playing with this camera was on my main desktop running Windows XP x64. This proved useless, however, as the drivers will not work. The Philips software will install fine but it cannot recognize the camera. Windows detects that a USB device is plugged in but can’t do anything with it because of the incompatible driver. I currently do not have a 32 bit version of Windows XP, so the next course of action was obviously Linux.

My laptop currently runs Ubuntu (was running Xubuntu until yesterday, just did a little swap of GUI’s) and was a prime choice. The camera did not work “out-of-the-box” as can be expected, but a little searching netted me a working driver for the camera, known as pwc. The pwc driver works for many Philips cameras, including the SPC900NC that I’m using. Installation is very straightforward for anyone who has compiled programs. Once the driver was installed, Camorama didn’t have a problem detecting the camera and capturing images from it. Next step is to work on capturing video from the camera, which mplayer may do for me.

Since the camera is working, I took a few pictures to test it out. Image quality is pretty good and should work perfectly for my astrophotography plans. Here is a picture of my Tele Vue Pronto refractor that I’ll be using for this project:

Now that I’m safely at my destination, I can continue where I left off.  Recently I’ve been trying to see how long I can extend my battery life on my Thinkpad T30 (aka darkstar, running xubuntu).  One of the methods I’ve been trying is not starting x (and thus not starting xfce).  Of course there are a lot of variables that determine battery life, but so far under normal use I seem to get about 30 more minutes.  Normal use would be internet (elinks vs firefox) and typing (nano vs open office).  I’m going to continue to track battery life over time to get a better estimate over longer periods of time and for different amounts of CPU usage.

In an airport just doing a test of elinks. Working better than I expected on wordpress, glad to see that they’ve included text only support. I’ve discovered that my battery life is extended when I don’t start X on my laptop. More on this later, they just called my flight.