no more band-aids
I ran [EtherApe](http://etherape.sourceforge.net/) on my Ubuntu Server system for about 45 minutes this afternoon, sniffing network connections on the office LAN. Nothing snoopy/creepy, just network addresses and protocols. Man, there are a LOT of machines involved…
The node at around 10 o’clock is my desktop Mac.
when Telus hooked us up to TelusTV last year, they sent out a network tech to install the extra switches to drive the LAN that hooked the TVs up to their network. We finally decided to clean up the spaghetti they left behind. Our home network consists of a DSL modem, an Apple Airport Extreme base station, an ethernet-to-coax converter, and at least 3 5-port 100MB ethernet switches. I remember when it was simple to get a TV signal. I miss rabbit ears.
I’m firmly in the @injenuity “The Network is People” camp. And I freaking LOVE my network.
I’ve been experiencing an annoying glitch on my MacBook Pro since upgrading to MacOSX 10.5 – nothing serious, but occasionally it’d bug me. What happened was, if I opened a Finder window to /Users – it would show every user’s home directory except mine. I mean, I know it’s there, because all of my files are there. And if I used Terminal or remote SSH login, the directory was certainly there, as were all of my files. If I used Finder’s Go to Folder command (Command + Shift + G) I could enter “/Users/dnorman” and all was well.
But it was annoying.
Every once in awhile, I’d try to debug. I’d use Terminal and navigate to /Users. I’d run ls -l and I’d see this:
$ ls -l
total 0
drwxrwxrwt 7 root wheel 238 23 Mar 15:17 Shared
drwxr-xr-x 13 demo demo 442 14 May 2006 demo
drwxr-xr-x@ 47 dnorman dnorman 1598 31 Mar 18:12 dnormanThe other user directories had either a + or no symbol after the file mode section. My directory had a @. WTF. I’ve tried looking through man. man ls. man chmod. Couldn’t find any mention of @. Try googling for @. Not helpful. This is where the gaping holes in my *NIX geekery are exposed. I was completely stumped.
Finally, I decide to try checking with the LazyWeb. I posted a tweet to roughly describe the problem – as best I could in the 140 character limit – and…
Waited 3 minutes before @thepatrick responded with a hint, and another one.
So, a few seconds later, I was running a new (to me) command via the command shell, finding out about xattr to list extended attributes about files.
$ xattr -l /Users/dnorman
com.apple.FinderInfo:
0000 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 ........@.......
0010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................Bingo. There’s some funky bit set. So, how to nuke it. I ran man xattr and found it has a -d flag, which is used to delete attributes by name. So I ran this:
$ xattr -d com.apple.FinderInfo /Users/dnormanDone.
My home directory now properly shows up in Finder. Everything’s hunky dory.
The power of my Network, harnessed with a simple LazyWeb plea, solved in 3 minutes what I’d struggled for 5 months to solve on my own.
I love my Network. It’s the people.
Thanks, Patrick. I owe you a $beverage.
Looks like our on-campus networks are being hammered by W32/IRCbot.worm – the Learning Commons webserver, Pachyderm, APOLLO, as well as the main U of C website are all being affected by terabytes of virus traffic taking over the network.
Even though our servers aren’t running the Biggest Security Hole Known to Man, and are themselves quite safe, they don’t have any bandwidth available due to the predominance of lesser boxes on the network.
I’m wondering if we should have a separate isolated network on campus for risky and untrusted machines, and just move all Windows machines onto that. We could then disconnect the whole lot of them when they get infested again (not if, but when).
Looks like our on-campus networks are being hammered by W32/IRCbot.worm – the Learning Commons webserver, Pachyderm, APOLLO, as well as the main U of C website are all being affected by terabytes of virus traffic taking over the network.
Even though our servers aren’t running the Biggest Security Hole Known to Man, and are themselves quite safe, they don’t have any bandwidth available due to the predominance of lesser boxes on the network.
I’m wondering if we should have a separate isolated network on campus for risky and untrusted machines, and just move all Windows machines onto that. We could then disconnect the whole lot of them when they get infested again (not if, but when).
I just found a new site in my referrer stats – someone trying to customize Mambo to have a Kubrick-based theme rather strongly inspired by my (and Cole’s) tweaks to it. That’s cool. Have at’er.
But, it’s not cool to just go ahead and use the images directly off of my server. Sorry for being a jerk about it, but I don’t feel the need to use part of my bandwidth allocation so you don’t have to bother copying my files to your server to use them in your site… It’s simple to do. I’m all for people exploring and experimenting with stuff, even/especially with my stuff – that’s why it’s online – but please host your own website rather than sneaking into my hosting package.
Not sure how I feel about seeing my banner images elsewhere, either… I mean, they’re nothing special or anything, and I certainly haven’t protected or copyrighted them or anything, but really… Grab a camera, take a photo that means something to you and use that. It’ll take all of 5 minutes, and you’ll be much happier with your banner.
Of course, I’m also very stressed out with the neverending crush of a project that has been in perpetual panic mode for the last month, so I’m a little pissier than normal.
I just found a new site in my referrer stats – someone trying to customize Mambo to have a Kubrick-based theme rather strongly inspired by my (and Cole’s) tweaks to it. That’s cool. Have at’er.
But, it’s not cool to just go ahead and use the images directly off of my server. Sorry for being a jerk about it, but I don’t feel the need to use part of my bandwidth allocation so you don’t have to bother copying my files to your server to use them in your site… It’s simple to do. I’m all for people exploring and experimenting with stuff, even/especially with my stuff – that’s why it’s online – but please host your own website rather than sneaking into my hosting package.
Not sure how I feel about seeing my banner images elsewhere, either… I mean, they’re nothing special or anything, and I certainly haven’t protected or copyrighted them or anything, but really… Grab a camera, take a photo that means something to you and use that. It’ll take all of 5 minutes, and you’ll be much happier with your banner.
Of course, I’m also very stressed out with the neverending crush of a project that has been in perpetual panic mode for the last month, so I’m a little pissier than normal.
I spent the morning off campus (well, at another non-university-of-calgary campus) working in a place that actually made me appreciate the openness of the U of C networks.
I was installing a web application on a new server for them – something that usually requires a network connection (both to download the bits to install, and to let people use the thing after it lights up). The server was behind a scary virtual lan setup, and couldn’t see anything outside of its own hub. No internet. No WAN. Nothing. And, nobody can see the server. You have to physically go to the server room, and plug into the same hub as the server in order to see it.
Apparently, if their IT notices a new machine on the LAN, they kill the switch. They block all IM traffic (I tried IMing Julian for some advice at one point, only to be blocked by the IT Nazis).
Frustrating as hell. I literally could not (would not?) work under such a restrictive network regime. Any place where you can’t google to find what’s going wrong, or to find a quick answer, is just plain unproductive. Any place that restricts communication (for whatever reason) is doing more damage than good. They may be saving money, though…
I firmly believe that putting the demands of IT ahead of the needs of the users is a dreadful thing to do. Without the users, there is no need for IT. IT is there to SUPPORT the people, not reign them in. It shows a pretty insane level of mistrust, and that is no way to run a post-secondary institution. It’s a pretty crappy message to send your people – we don’t trust you, and your needs are secondary to ours.
The U of C network folks, in spite of my complaining about them, are several orders of magnitude better than what these people have to settle for. I’m slowly learning to appreciate them a bit more 😉
I spent the morning off campus (well, at another non-university-of-calgary campus) working in a place that actually made me appreciate the openness of the U of C networks.
I was installing a web application on a new server for them – something that usually requires a network connection (both to download the bits to install, and to let people use the thing after it lights up). The server was behind a scary virtual lan setup, and couldn’t see anything outside of its own hub. No internet. No WAN. Nothing. And, nobody can see the server. You have to physically go to the server room, and plug into the same hub as the server in order to see it.
Apparently, if their IT notices a new machine on the LAN, they kill the switch. They block all IM traffic (I tried IMing Julian for some advice at one point, only to be blocked by the IT Nazis).
Frustrating as hell. I literally could not (would not?) work under such a restrictive network regime. Any place where you can’t google to find what’s going wrong, or to find a quick answer, is just plain unproductive. Any place that restricts communication (for whatever reason) is doing more damage than good. They may be saving money, though…
I firmly believe that putting the demands of IT ahead of the needs of the users is a dreadful thing to do. Without the users, there is no need for IT. IT is there to SUPPORT the people, not reign them in. It shows a pretty insane level of mistrust, and that is no way to run a post-secondary institution. It’s a pretty crappy message to send your people – we don’t trust you, and your needs are secondary to ours.
The U of C network folks, in spite of my complaining about them, are several orders of magnitude better than what these people have to settle for. I’m slowly learning to appreciate them a bit more 😉
I intentionally refuse to set an email autoreply (those annoying “I’m out of the office, but your email is very important to me” messages that get spewed onto mailing lists).
Autorepliers are too dump to not spam lists, and I generally check email regardless of where I am, so it’s not like important messages get dropped. Sure, less important messages might get neglected, but that should be the rule rather than an exception…
The NMC list is a perfect example of this. Someone sends a message, and (especially during conference season) it’s immediately answered by a bunch of “I’m not here…” messages. Annoying. I get it. You’re out of the office. Your email shouldn’t care where you are…
ps. this post is the first one I’ve written using the fancy new WordPress Dashboard widget. It’s rather barebones at the moment, but the idea is pretty cool!
I intentionally refuse to set an email autoreply (those annoying “I’m out of the office, but your email is very important to me” messages that get spewed onto mailing lists).
Autorepliers are too dump to not spam lists, and I generally check email regardless of where I am, so it’s not like important messages get dropped. Sure, less important messages might get neglected, but that should be the rule rather than an exception…
The NMC list is a perfect example of this. Someone sends a message, and (especially during conference season) it’s immediately answered by a bunch of “I’m not here…” messages. Annoying. I get it. You’re out of the office. Your email shouldn’t care where you are…
ps. this post is the first one I’ve written using the fancy new WordPress Dashboard widget. It’s rather barebones at the moment, but the idea is pretty cool!
The thoughtful and friendly folks at the U of C decided to upgrade the electrical infrastructure in the Learning Commons today. That meant that apollo.ucalgary.ca would be without power. “No problem, thanks for the notice,” I thought – assuming they’d be shutting down the server before yanking the plug.
They didn’t.
And now the server is struggling to get back up again. I’m kinda remote from the server right now, hunkered down at SSU with the rest of the Pachyderm developers. Trying to show stuff on the pachyderm instance on apollo.ucalgary.ca – can’t SSH in to reboot it from California. Can’t FTP in. Apache is up, but WebObjects is cranky. MySQL is down. Doh…
I’m really hoping someone reboots the server so we can do more work tomorrow…
So, until then, apollo.ucalgary.ca is down. And, since it’s hosting weblogs.ucalgary.ca and wiki.ucalgary.ca, they are down now, too. crap. Remind me why I left the office?
Update: It’s back! Something had gotten wedged on the reboot after the power cycle. Some services came up, but others simply refused. Kirk just gave the server a nudge, and all is happy again (thanks, Kirk!)
I’m really hoping the bipolar nature of this trip settles down Real Soon Now™.
The thoughtful and friendly folks at the U of C decided to upgrade the electrical infrastructure in the Learning Commons today. That meant that apollo.ucalgary.ca would be without power. “No problem, thanks for the notice,” I thought – assuming they’d be shutting down the server before yanking the plug.
They didn’t.
And now the server is struggling to get back up again. I’m kinda remote from the server right now, hunkered down at SSU with the rest of the Pachyderm developers. Trying to show stuff on the pachyderm instance on apollo.ucalgary.ca – can’t SSH in to reboot it from California. Can’t FTP in. Apache is up, but WebObjects is cranky. MySQL is down. Doh…
I’m really hoping someone reboots the server so we can do more work tomorrow…
So, until then, apollo.ucalgary.ca is down. And, since it’s hosting weblogs.ucalgary.ca and wiki.ucalgary.ca, they are down now, too. crap. Remind me why I left the office?
Update: It’s back! Something had gotten wedged on the reboot after the power cycle. Some services came up, but others simply refused. Kirk just gave the server a nudge, and all is happy again (thanks, Kirk!)
I’m really hoping the bipolar nature of this trip settles down Real Soon Now™.
I just got a couple of popup/popunders for DeVry Institute of Technology – despite the fact that I have a popup blocker installed and activated.
DeVry doesn’t provide contact information on their website (perhaps that’s a sign?), and this is really pissing me off. Do you people realize just what a shitty thing popunders are? They are almost as bad as Casino/Viagra/Texas-Holdem spam! You are diluting any reputation your institution may have had, and further negating the value your alumni may realize due to the crap you fling across the ‘net in a desparate attempt to gather new students.
DeVry: please stop polluting the internet with your insipid popunder ads. If I was a betting man, I’d wager the benefit to your organization is pretty minimal (most click-throughs will likely be accidental or inadvertent – meaning they cost you money with no benefit to you), and the negative spin it puts on DeVry is pretty darned big (just ask anyone who has ever been hit by your popunder ads – whatever your marketing/advertising drones are whispering into your ears is wrong).
These types of advertising techniques would be best suited for impulse buys – and a multi-year educational program is hardly an impulse buy. Work on building up the reputation of your organization, and raise awareness by participating in the community, not by polluting a medium with annoying and distracting advertising.
I can’t even imagine what the backlash from the faculty, staff, students, and alumni at the University of Calgary would be if they tried this crap – why is it OK for DeVry to do it? It’s not.
I just got a couple of popup/popunders for DeVry Institute of Technology – despite the fact that I have a popup blocker installed and activated.
DeVry doesn’t provide contact information on their website (perhaps that’s a sign?), and this is really pissing me off. Do you people realize just what a shitty thing popunders are? They are almost as bad as Casino/Viagra/Texas-Holdem spam! You are diluting any reputation your institution may have had, and further negating the value your alumni may realize due to the crap you fling across the ‘net in a desparate attempt to gather new students.
DeVry: please stop polluting the internet with your insipid popunder ads. If I was a betting man, I’d wager the benefit to your organization is pretty minimal (most click-throughs will likely be accidental or inadvertent – meaning they cost you money with no benefit to you), and the negative spin it puts on DeVry is pretty darned big (just ask anyone who has ever been hit by your popunder ads – whatever your marketing/advertising drones are whispering into your ears is wrong).
These types of advertising techniques would be best suited for impulse buys – and a multi-year educational program is hardly an impulse buy. Work on building up the reputation of your organization, and raise awareness by participating in the community, not by polluting a medium with annoying and distracting advertising.
I can’t even imagine what the backlash from the faculty, staff, students, and alumni at the University of Calgary would be if they tried this crap – why is it OK for DeVry to do it? It’s not.
I just found out (almost by accident) that the U of C has decided to block ping. I knew ping wasn’t working – hasn’t been for what feels like forever. I just heard today that it was a deliberate move to block the port used by ping – to prevent hacking of unsecured Windows boxes using those ports.
So, let me get this straight. You’ve got a bunch of renegade unpatched Windows boxes on campus. Possibly 0wned. And, instead of, you know, fixing the problem by patching and securing the boxes, you block frigging ping. Great. Because, of course, ping has no useful purpose aside from hacking lazily managed Windows boxes. It’s not handy at all for doing things like diagnosing network problems, or monitoring servers, or whatnot.
On a positive note, I discovered that the U of C has (at least temporarily) decided to allow access to the iTunes Music Store. I was able to connect today and download Tuesday’s Free Song.
I just found out (almost by accident) that the U of C has decided to block ping. I knew ping wasn’t working – hasn’t been for what feels like forever. I just heard today that it was a deliberate move to block the port used by ping – to prevent hacking of unsecured Windows boxes using those ports.
So, let me get this straight. You’ve got a bunch of renegade unpatched Windows boxes on campus. Possibly 0wned. And, instead of, you know, fixing the problem by patching and securing the boxes, you block frigging ping. Great. Because, of course, ping has no useful purpose aside from hacking lazily managed Windows boxes. It’s not handy at all for doing things like diagnosing network problems, or monitoring servers, or whatnot.
On a positive note, I discovered that the U of C has (at least temporarily) decided to allow access to the iTunes Music Store. I was able to connect today and download Tuesday’s Free Song.