K-19 The Widowmaker

Just sort of hanging out today. Watched K-19 the widowmaker in the living room, one of our recent rentals from Netflix. It was a fairly decent movie. The ending of which I did not expect, but you have to be willing to let the movie turn out different than you thought it might if you want to enjoy it.

It's amazing how frustrated I felt initially when the plot turned in an unexpected manner. Guess i've been conditioned to expect the "hollywood" plot style.

Also managed to catch "The Island." A very cool movie. Of course I've always been a big fan of Scarlet Johannsen. The car chases were excellent, and I loved the way that the buildings and the cars were designed. Not as over the top in my opinion as Minority Report, with the exception of the random and completely unneccessary insertion of flying Jet bikes. The movie made some interesting points about how willing people are to make moral sacrifices in order to stay alive and prolong their happiness. More specifically those people were more than willing to let the dirty work be done without their knowledge, not working particularly hard to figure out the details of their fountain of youth.

Debugging hardware

I honestly dont know why I ever agree to fix other people's computers (note that I say this every time). Every time you open up a machine that someone else gives you there is no telling what sort of wierd strange obscure crap that will come up while you are reparing it.

I have swapped power supplies, video cards, memory, etc, to get this thing going again. I'm a step away from just returning it as it was saying sorry.



I'm just self destructive I guess, staying up until two AM trying to fix stuff. Every single time I tell myself, dont fix residential stuff, there's just no margin in it. in that way of thinking I should send cheap guys computers $40, since I talked them out of a bench fee the last time I brought a computer to them. The bench fee is completely deserved, they should keep it in a fund for psychiatric counseling.

I must just be getting spoiled with all the lovely Dell Optiplex 170L's I run at work. Bless Dell and their ultra reliable Optiplex line. I wouldnt be able to run all the machines that I do if I hadnt made sure that all the systems at work were purchased at the same time, and with the same 3 year warranty.

Time to get excited about inline skating

The Walt Disney World Inline Marathon is coming up again shortly. In the month of April 2006 we will once again get a chance to skate through the them parks at Walt Disney World. I have been each time for the last three years and have had a blast every single time.

I am definately a recreational skater, with some rather horrificly slow times. But hey, i sit in front of a computer all day, so you cant blame me too much. Yes i know there are probably tons of really athletic computer programmers out there.

Time to start training so I can finish within the max time for my class :)

No more booth babes?

I feel depressed that I will never get to see an E3 conference in it's full glory.

Reading articles about how E3 decided to ban booth babes at the 2006 show is rather depressing.

Revisiting past mistakes in webhosting.

I do my own hosting for jonnyro.com, and i'm still working my way through it. It's running Gentoo Linux. It'a a fairly powerful distribution, but it requires a fair amount of attention to make sure that it stays running well.

As for server setups, I generally use the more mainstream pre-compiled distributions. I generally dont have the free time to wait for Gentoo to compile. But when Tek Alchemy came out with their Gentoo self-setup special I had to jump at the chance.

The first revision
I made a few mistakes the first time out.

The first was setting up a webserver without a seperate /tmp partition. Through the course of many php scripts it may become neccessary to create a temporary file. /tmp is usually where this happens since apache will usually be allowed to write here, but under no circumstances should it ever be neccessary to execute any file stored in /tmp. This is why you need a seperate tmp partition so that you can mount it noexec. This will prevent ANY file, ever, from being executed inside that partition.

The second mistake I made was moving over a pre-existing b2evolution installation that was a few versions back in the release cycle of b2e. It had worked fine (or so I thought) on the old webhost, so why bother upgrading right? Well, within a few days my site had been hit by a worm that exploited a vulnerability in the b2evolution xmlrpc.php file.

This worm with the combined power of mistake 1 and 2 managed to download a file called cback to my tmp partition and execute it. This file created a reverse shell out to some random IP in the middle of nowhere. This file was executing at the permission level of apache, which means that it could access any php source files that could be used to store authentication information for users, and even more likely, access codes to mysql servers used by the scripts. This is bad.

Luckily for me, one of my other partners in this webhost setup had installed an ultra paranoid grsec setup, and it captured the series of events that led to the running of cback. He had first noticed through netstat that there was a shell listening on a port that it should not have been.

Jeep Pictures

I had posted in my other blog a while back about the recent Jeep upgrades, but the pictures came out so great that I thought i would toss them back up.

Here are the before pictures.




And Here are the after.

Issues with webserver setup

I had some issues with my webserver setup, especially regarding the b2evolution portion of my site.

I'm using the version that comes as a Gentoo E-Build, and it had worked fine for a while. Lately however someone has been trying to mess with it, likely through an automated script by overflowing inputs and probing for vulnerabilities.

I apparently did not have the server set up very well, since this let the cpu usage climb up to nearly one hundred percent and consume all available memory.

Testing out blogger

The interface looks really cool. Maybe I will start posting here.