Syzygy Tech

A few weeks ago I installed DenyHosts, a small deamon (can also be run as a cron job) that runs on my server to block IP’s that make brute force SSH login attempts.  The script has worked great, blocking over 500 hosts on the first day I used it (including myself a few times…).  One of the features of the script is the ability to send an email each time it blocks a host.  Although getting a few hundred emails at first was very annoying, setting up a few rules in gmail prevented me seeing them in my inbox (they go directly to a folder).  I did, however, start to look at the times when the various hosts get denyed.  They seem to come in large groups, so that there will be 50 or so hosts blocked in a rather short length of time, around 10 minutes or less.  The IP’s of the computers also come from all over the world, but most seem to come from Asia, South America, and Russia.  I think it would be interesting to do a more complete statistical analysis of the data in regards to the time and location of where the login attempts are coming from.  Maybe I’ll write something to do this later.

I recently bought 2 new 500GB hard drives and am in the process of migrating the array to double its size to 2TB. The current 1TB over 3 drives was 100% full, so it was something that had to be done. The expansion took about 26 hours on my 3ware 9650SE-8LPML controller, which is quite good from what I see of other peoples experiences. Of course, all important data was backed up before the RAID expansion.

The primary issue I had after the expansion was the proper partitioning of the free space. When the RAID expansion was complete, I now had 1TB of used space using a JFS that was the original partition, and 1TB of unused, unpartitioned free space. Attempts to use Gparted to expand the partition failed due to a known bug that prevents partitions over 1TB. I tried to use Parted, the CLT tool that Gparted is based on, to expand the filesystem but was unable to do so. This seemingly left me with two options, either use multiple smaller partitions, or to reformat and restore the data from the backups. I decided that smaller partitions would be a lot of extra work in terms of keeping tabs on the free space on each partition (and may require more frequent partition modifications) which is something that should not be necessary. Restoring from backups was not welcome due to the time involved. Deciding that those options were not acceptable, I was determined to find the solution I wanted, having a 2TB partition without going through a backup restore process. If anything, it would be worth doing simply on the principle of the matter: that having large partitions on a modern filesystem that supports volumes up to 32000TB should not be a problem. Several Google marathons and man page studies allowed me to successfully perform the operation that I wanted.

My main problem was a lack of understanding of the way that fdisk actually works. With fdisk, you can delete and recreate a partition without actually destroying the filesystem that lives on the partition. I am not sure exactly what the limitations are, but it seems that as long as you do not change the starting point of the partition, the filesystem will remain there. In my case, the drive in question (/dev/sda) had a 1TB partition starting at the beginning of the disk (/dev/sda1) with 1TB of unpartitioned free space residing after the JFS partition (created by the RAID expansion). I deleted the JFS partition (/dev/sda1), and recreated the partition, but this time using the full 2TB of space. In the tests that I did, the free space MUST come after the partition. I wrote the partition table, and them mounted the drive. All the data was still there, but the JFS partition was only showing up as 1TB with the command dh -h. This was rather concerning until I realized the state that the drive was in. fdisk only edits the partition table, not the actual filesystem. When it writes out the partition table, it is just redefining where the partition begins and ends and does not touch the filesystem. Thus, although I had expanded the partition, I did not expand the filesystem. Doing some more searching, I found this article that gave me the last piece of information I needed. The command mount -o remount,resize /mount/point tells the JFS filesystem to expand to fill the entire space of the partition. The command is unique to JFS and will not work on other filesystems because the options passed are used by the JFS kernel driver. When you issue the mount command, note that the partition must be mounted.

Perhaps most frustrating is the lack of data on the JFS filesystem. It does not seem to be very popular in the Linux community, most of whom use ext2/ext3. Those that do use an alternative filesystem tend to use ReiserFS with a small number using XFS. In the limited, unscientific testing I have done, JFS performed very well performance wise and used far lower CPU than ext3 or ReiserFS. JFS has worked out well for me so far and, despite my initial difficulty in expanding the filesystem, is the filesystem I will use in the future.

Through the gracious efforts of a friend, I have managed to come by a Sun Fire V120 server with a 650MHz UltraSPARC IIi processor.  It is in need of a hard drive, but is otherwise in working order.  I’ll be getting some cheap 80 pin SCSI drives on ebay in a few days, but in the meantime, my issue is the serial (or LOM) connection used to administrate the server.  There is no video card, so serial is the only way to go (there is a PCI slot, but normal video cards will not work due to Sun using an Open Boot PROM rather than a BIOS).  Perhaps more annoying is the RJ-45 connector that is used for the serial port.  Because of this, I am unable to connect to it.  I may be able to make an RJ-45 to DB9 adapter tonight and attempt to connect.  I haven’t come up with a use for this machine yet, but I’m sure that it will be making use of the Gentoo SPARC project.  I’ve never used Sun hardware before, so this should be fun.

Yesterday was another opportunity to fly without presenting any ID at the airport. The man at the US Airways counter didn’t give me much trouble beyond the puzzled look and a few questions about how it’s possible to not travel with ID. Going through security was easier this time than last time as they did not frisk me, but they did give me a little bit of trouble while going through my bag.

The first item that got me a few questions was my all metal mechanical pencil (click here for a review). As you can see in the review, the pencil is quite heavy and solid, so I can understand their complaints. In the end, they did not take it away. What was more amusing, was the concern that the two security guys had over my laptop. I currently am missing 1 key off the keyboard from switching the layout to Dvorak (I still have the key, but need to modify it for it to go back on). The guard spent a minute looking at the missing key to see if there were any apparent modifications to the laptop, when he noticed that the keys were not in the right places. He had never heard of the Dvorak layout and, apparently, did not know that layouts other than qwerty existed. I guess my explanations of a more efficient layout were not good enough, and they asked me to turn the laptop on to verify that the “internals have not been modified”. I really wanted to tell them that I have modified the internals, but discretion got the better of me. So I turn the laptop on, and they get to see LILO in all its glory boot Gentoo. Although they were satisfied that the machine was operational, they were not happy that it was using software that they had never heard of. I explained what an operating system was to them and the difference between Windows and Linux, but I don’t think I cleared much in their minds. To see their reaction, I refused to login to the machine when they asked, which prompted them to bring aver their supervisor (an actual TSA agent rather than hired security). I explained the whole Dvorak and Linux thing to the supervisor, who seemed to be a little more understanding. She felt that turning the computer on was enough and let me go.

The trip through security was relatively painless despite the issues that they had with my computer. I think that this shows that there is a fundamental lack of understanding of how computers and electronics in general work. If I had told the security that I was an electrical engineering student, I’m sure that they would have given me more of a problem with the computer. If security really wants to deal with modern electronic threats, they need to start educating their guards in the matter. There are much more dangerous things than Linux that can be brought onto an airplane, not to mention things that are much less conspicuous than a laptop running totally unfamiliar software. Something that comes to mind would be a radio jamming device that could easily be concealed within an operational laptop, calculator, etc. I understand that I am in a much different position than many people who do not use such electronics everyday, but if people are going to spend billions of dollars on security, shouldn’t they actually be familiar with the kinds of threats that can occur? Or, perhaps, it is just the notion of “security” that is the aim. It is clear to me that actual security is trivial, a superficial glaze is all that is necessary to make people feel safe. Personally, I think the fear that people have in regards to air travel security is absurd, so maybe its a good thing that there still is no real security at the airports. Life is hazardous to your health. Deal.

After using Dvorak for several months now, I am quite comfortable with the layout. Far from my initial struggles, I am no longer annoyed at the layout, but rather enjoy its benefits. I am faster than my Qwerty days, but am not quite to the level of touch typing. I was never much of a typist to begin with, so perhaps being faster in not that much of an accomplishment. Currently, I cannot see myself going back to Qwerty.

On the Linux front, my total conversion over to a Linux based desktop is going along great.  All of my computers currently run Gentoo,  as I just switched one of my servers from Xubuntu to Gentoo.  I do still have my Windows install around so that I can play the occasional game and get a file or two when necessary.  To maintain as much connection to my home computers as possible, I have started to make extensive use of SSH.  Thus, even when I am stuck in the computer labs at school, I can SSH into my box and get all the functionality I would normally have.  Cone has proved to be an excellent command line mail client (with POP and IMAP support) and naim is a functional command line AIM replacement, two common programs that I like to use.  mp3blaster is also a nice program to listen to music.

With the quarter winding down, I should be able to get back to my neglected projects, and maybe start some others.

After several years of dabbling in Linux and a few months of server administration, I’ve decided to make the switch and use Linux, specifically Gentoo, on my primary machine.  Although I do still have my Windows XP x64 install, it will be used only when necessary.  Based on my experiences running Gentoo as a server, I think the transition will not be as harsh as some changes I’ve made recently (i.e. Dvorak, and still using it).  Since I already have a familiarity with Gentoo, the main issue will be learning alternative programs for what I used on Windows.  My current frustration is finding a music player that compares to iTunes.  Rhythmbox works, but lacks some of the features that I liked about iTunes, like automatically organizing my music library.  I’ve heard good things about Banshee but have not tried it yet.

In terms of games, two excellent games run natively in Linux: Unreal Tournament 2004 and Quake 4.  With Gentoo, installing them was easy as pie, just emerge ut2004 and emerge quake4-bin and follow the instructions.  I might try to install Counter Strike Source under WINE, but that will be a project for a later date.

After many hours of configuration and frustration, my 1TB RAID 5 file server, named felix, is now complete (but not without some assistance). To gain maximum control over the server, I choose Gentoo as the OS, but perhaps the most prominent feature of the server is the 3ware 9650SE-8LPML controller being used. The 8 ports will make adding more space a breeze (do I hear 2TB by year end?) and a quick look around the 3ware website shows the the company fully supports Linux. There is a driver built into the kernel, however I compiled the newest driver from the 3ware website as it is open source. The next steps are to add CUPS functionality to share my printer, and add FTP to give me off-LAN access to the data.
Full server specs:

• AMD Athlon FX-55 processor (overpowered, but better than sitting useless in a box)
• 3ware 9650SE-8LPML RAID controller
• Gentoo 2.6.20
• 3, 500GB Western Digital RE2 SATA II hard drives in RAID 5

I was excited to learn that a major PC manufacturer is finally deciding to offer a Linux distribution on their machines and actually support it, however, there are some very disappointing aspects to the new offerings from Dell. Since I build all of my computers, the only PC’s I would be interested in are the laptops. My Thinkpad T30 is great, but theres a lot of times that I feel the need for a little more power, usually in the realm of a faster video card. So when I started to look at the Ubuntu laptops that Dell is offering, it was a bit of a letdown to see that only one model is available, the Inspiron E 1505N. The worst part about this offering is the lack of choice in terms of the video card that is installed, which is limited to a Intel integrated chip. This is made worse by the fact the the Windows version of the laptop has the option of a 256MB ATI chip. Hopefolly, this is just temporary, because limiting the graphics system in such a way does not place the system on an even footing with other products.

EDIT:  It seems that Dell has changed the system and now allows  the selection of a 256MB GeForce Go 7300 graphics chip.  I’m glad to see that they choose an nVidia chip over an ATI because of the far superior Linux drivers available.  So most of this post is now useless, but I still wish that they offer Ubuntu on more models.  I imagine the main issue with expanding the product line is lack of drivers for the hardware.  This, I hope, will change over time.

Now that I’ve had some time back from vacation, I decided to do a full investigation into what could be causing my primary Windows machine to fail. After a few hours of experimentation, I’m quite certain that the power supply is what was causing the issues. I currently running it from another 500 watt power supply that was being used in a different machine. The old power supply works, but doesn’t seem to be able to output the same amount of power that it used to, thus causing the problem.

Since I enjoyed using Ubuntu with my flagship hardware, I instituted a dual boot setup on my primary machine, using different hard drives for each OS.

On a different front, I’m contemplating buying a decent video card for the Myth box so that I can get that up and running again with decent hardware. Looking at current prices, one of the fanless GeForce 7600 cards looks appealing. Depending on how the cash situation turns out (aka need a car), that may not happen anytime soon.

The motherboard in my one and only Windows machine (aka ompy) has threw in the towel after a few months of agony. The Asus A8N-SLI Premium motherboard has had problems coming online from a cold boot. When I try to turn the machine on, it only stay on for about 5 seconds and then shut off. It will keep doing that , but once in a while it will start. Once the computer boots, everything is dandy, which makes me wonder if theres a flaw in the motherboard itself causing a short early in the boot sequence. Its also possible that the system is drawing too much power too quickly, causing an in-rush current spike, and tripping the built in short circuit protection. I haven’t had the time for do a proper investigation of the problem, but from what I’ve been reading on various forums its a problem with one of the motherboards power regulation transistors.

Since that machine is down and out, I decided to give my main Ubuntud Linux machine (aka gizmonic) a little boost with the EVGA GeForce 7900GT video card that was in my Windows machine. Gizmonic was using a very old PCI video card that was laying around, but after experiencing Beryl with a good video card, I may just have to buy a new card for Linux use only.

Of course the main reasion I was anxious to get a computer up and running was the fact that I just bought Supreme Commander and was really looking forward to playing. Wine was the next best thing, but the install would error after about 95% with the cryptic “Error 25″. I’ve looked around Google, but no one else seems to have tried to get it working under Wine. The only good news is that I sucessfully got Counter Strike Source working.

Since I don’t know when I will have a Windows machine running again, I’m going to take this opportunity and work exclusively with Linux. At the very least, I’m going to turn my main desktop into a dual boot machine so that Linux too can bask in the glory of dual core FX-60 goodness. I plan on putting all my media onto a network storage machine, so that my music, movies, and other fun stuff will be available to both systems, as well as my servers. I want to implement RAID 5 for my network storage, but the good RAID adapters go for $350+. More on my homemade NAS in a later post.