Erlang foredrag

November 13, 2008 at 11:51 · Filed under Danish, Erlang, Open Source, Programming Languages, SSLUG

Onsdag d. 26/11 kl. 19 – til SSLUGs onsdagsmøde på CBS, vil Jesper Louis Andersen snakke om sproget Erlang.

I den virkelige verden foregår der mange ting samtidigt. Mennesker samt maskiner arbejder parallelt ved siden af hinanden — det er tydeligt at interaktionen mellem forskellige computersystemer bliver større og større.

Erlang er ikke det første sprog som forsøger at modellere maskinen som mange små systemer, der samarbejder om at løse en opgave — men det er et system med en del success’er bag sig. I dette foredrag vil jeg ikke forsøge at gå i detaljer med sproget, men i stedet forklare den model, som danner dets fundament. Jeg skal endvidere komme med et bud på hvor Erlang kan benyttes i gængse softwaresystemer allerede i dag.

Om foredragsholderen

Jesper Louis Andersen er Bachelor i Datalogi og er i skrivende stund igang med at tage sin kandidatgrad. Han interesserer sig for programmeringssprog af alle slags, samt hvad teknologien bag også kan anvendes til uden for sprog-feltet. For tiden køres der med Ubuntu Linux, men han har tidligere kørt Redhat, Debian, FreeBSD, NetBSD og OpenBSD.

Tid og sted

Mødet foregår på: CBS – Copenhagen Business School, Howitzvej 60, 2000 Frederiksberg og døren vil være åben fra kl. 18.00. Foredraget starter kl. 19.00.

Se eventuelt SSLUGs wiki.

Leave a Comment

Hello from Open Source Days

October 4, 2008 at 8:07 · Filed under Open Source Days

First picture from Open Source Days:

Zebrapig

Leave a Comment

Inkpot theme for Mutt

August 3, 2008 at 21:36 · Filed under English, Mutt, Open Source, Vim

I am using Mutt as my e-mail client and I have done that ever since I started using Unix. I have for many months been annoyed by my very ugly theme that I created when I was around 13, but I have never actually spend a few minutes on making something shiny that didn’t piss me off.

Inspired from Ciaran McCreesh’s Vim theme called Inkpot, I decided to create an inkpot’ish theme for Mutt and here is the result that you can put in your .muttrc:

color   attachment  color30 color80
color   header      color10 color80 "^(From|Subject|cc|date|To|X-Spam-Level|User-Agent|X-Mailer):"
color   signature   color39 color80
color   tree        color26 color80
color   message     color26 color80
color   status      color85 color81
color   normal      color78 color80
color   error       color79 color64
color   indicator   color80 color73
color   markers     color26 color80
color   index       color64 color80 ~D
color   index       color64 color80 ~F
color   index       color30 color80 ~T
color   tilde       color80 color80

color   body        color10 color80 "(http|https|ftp|news|telnet|finger|irc)://[^ \">\t\r\n]*"
color   body        color10 color80 "mailto:[-a-z_0-9.]+@[-a-z_0-9.]+"
color   body        color26 color80 "[;:=][-][)/(|]"

color   quoted      color52 color80
color   quoted1     color22 color80
color   quoted2     color71 color80

Note: This probably only works in urxvt since that’s what I am using :)

There is, of course, a screenshot:

Mutt

Mutt

Update: Henrik Stuart claims to have converted it to support xterm-256color as well. Here is the code:

color   attachment  color61 color232
color   header      color10 color232 "^(From|Subject|cc|date|To|X-Spam-Level|User-Agent|X-Mailer):"
color   signature   color63 color232
color   tree        color63 color232
color   message     color37 color232
color   status      color247 color235
color   normal      color229 color232
color   error       color231 color196
color   indicator   color232 color215
color   markers     color37 color232
color   index       color196 color232 ~D
color   index       color196 color232 ~F
color   index       color49 color232 ~T
color   tilde       color63 color232

color   body        color10 color232 "(http|https|ftp|news|telnet|finger|irc)://[^ \">\t\r\n]*"
color   body        color10 color232 "mailto:[-a-z_0-9.]+@[-a-z_0-9.]+"
color   body        color37 color232 "[;:=][-][)/(|]"

color   quoted      color130 color232
color   quoted1     color25 color232
color   quoted2     color207 color232

Comments (2)

Follow-Up: Attack on Exherbo.org machine

June 29, 2008 at 21:28 · Filed under English, Exherbo, Gentoo, Open Source, Security

Some of you might have read my previous blog post about the attack on Exherbo’s quote database that I wrote about yesterday. As promised I am going to write a follow up post about how this was handled and what the result of the cooperation with Gentoo’s infrastructure team was.

First of all I would like to thank Gentoo’s infrastructure team for acting quickly and very professionally. They reacted immediately after I posted the bug and asked for the information they needed (log files) to compare with their own auditing results.

I would especially like to thank robbat2, KingTaco, Ramereth, solar and fox2mike who worked on the issue, reviewed log files and discussed how they were going to handle this incident.

I would like to clarify that Exherbo harbours no ill will towards any of the companies (GNi, Bytemark and OSUOSL). They are providing much needed hardware and infrastructure for many open source projects but have no role beyond as a sponsor.

No company is able to prevent their users from carrying out malicious actions from their network.

I also promised to give you an update based on the information that we received after the blog post and the bug was created:

  • Alex Howells (Astinus) has been removed from all Gentoo infrastructure and as you can read on bug #229895, Gentoo’s infrastructure team has informed all the developers via the gentoo-core mailing list about what happened.

    The developers received the following message (taken from the bug):

    As reported on bug #229895, on 27 Jun 2008 at 19:04 UTC, there was unwarranted traffic sent to http://quotes.exherbo.org/ and some of the traffic involved originated from various Gentoo Linux infrastructure machines. The Gentoo infrastructure team conducted an audit based on logs from the machines as well as those provided by Exherbo’s infrastructure team. Based on results of our audit and the user’s admission via email, we have concluded that the said actions were taken by one of our developers named astinus.

    We have taken appropriate action and have removed the developer in question from Gentoo Linux infrastructure. We sincerely apologize to the administrator of quotes.exherbo.org for the involvement of Gentoo infrastructure machines.

  • Alex Howells also decided to “remove” his LinkedIn profile so the link from my former blog post is not working anymore.
  • Since Gentoo’s infrastructure team handled this so well I see no reason to contact their abuse contact from the respective networks where the machines are located.
  • I would also like to point out that Astinus was not kicked out of Gentoo. He left on his own after the bug was filed. Astinus and I talked on IRC and while we still disagree about whether it was an attack or a prank we agreed that this is now a closed chapter and Astinus apologized to me and I accepted.

Once again I would like to thank the Gentoo infrastructure team on behalf of the Exherbo development team for their quick response and their very professional way of handling this issue.

Alex.

Comments (2)

Attack on Exherbo.org machine

June 28, 2008 at 13:34 · Filed under English, Exherbo, Failure, Gentoo, Open Source, Security

Yesterday Exherbo’s Quote database experienced a very primitive attack. The purpose was to turn all the rank values on our quotes into negative numbers.

In this post we are going to analyse the log files from the attack and see “who did this”.

By simply reading the log files I can see that the attack was done via the program called wget which is a fairly shiny little Unix tool for fetching websites and wget is ideal for this kind of attacks.

The first thing we did when Ciaran discovered that all of our quotes had negative values was to fetch our access log file for further analysis.

Anyways, lets get started:

First thing we want to do is to remove all the legal traffic and only get the wget clients. And then, the only really interesting stuff for us is their IP-addresses. We fire off a simple Unix command:

grep -i 'wget' access_log | cut -s -d' ' -f1 > wget_attack

The wget_attack file is available here.

Now we have a file called wget_attack that contains only the IP-address of these requests to our webserver.

I wanted to get an idea about who was behind this attack so it would be fairly nice to do a simple reverse DNS lookup of these IP’s to get an idea about where these attacks were launched from:

for host in $(cat wget_attack | sort -u) ; do
    host_info=$(host "${host}")
    amount=$(grep "${host}" access_log | wc -l)

    echo -e ">>> ${host}:   \t${amount}   \t${host_info} ...";
done

Running this script really gave me a shock:

>>> 140.211.166.168:  18    168.166.211.140.in-addr.arpa domain name pointer osprey.gentoo.osuosl.org. ...
>>> 140.211.166.183:  322   183.166.211.140.in-addr.arpa domain name pointer smtp.gentoo.org. ...
>>> 64.127.104.142:   27    142.104.127.64.in-addr.arpa domain name pointer miranda.amd64.dev.gentoo.org. ...
>>> 86.10.230.114:    554   114.230.10.86.in-addr.arpa domain name pointer cpc3-york1-0-0-cust625.leed.cable.ntl.com. ...
>>> 89.16.163.100:    348   Host 100.163.16.89.in-addr.arpa not found: 3(NXDOMAIN) ...
>>> 89.16.163.108:    345   Host 108.163.16.89.in-addr.arpa not found: 3(NXDOMAIN) ...
>>> 89.16.163.110:    349   Host 110.163.16.89.in-addr.arpa not found: 3(NXDOMAIN) ...
>>> 89.16.176.11:     338   11.176.16.89.in-addr.arpa domain name pointer albatross.gentoo.org. ...

(the integer after the IP-address is the amount of requests in the access_log. The attack started at 18:53:26 UTC and ended at 19:39:46 UTC.)

Yup, that is right. 4 of these machines are Gentoo controlled.

If I recall correctly then smtp.gentoo.org is the main developer machines where Gentoo developers are able to run their IRC clients from, fetch e-mail, etc. so every Gentoo developer has access to this machine. So basically, we now know that a Gentoo developer is behind this.

If we look at Gentoo Infrastructure Server Specifications page, we will see that miranda.amd64.dev.gentoo.org is not listed, but that is probably because it is a machine available to the AMD64 developers in Gentoo (you can see the full list of available developer machines here), but osprey.gentoo.osuosl.org is listed on the infrastructure page about non-developer machines, but albatross.gentoo.org isn't.

The funny thing about the osprey machine is that it is listed as being Gentoo’s master mirror which probably means that not many people have access to this machine.

Doing a quick whois on the IP-addresses reveals that both osprey.gentoo.osuosl.org and smtp.gentoo.org are hosted by OSUOSL which is a very nice company that hosts various hardware for FOSS projects.

Doing a whois on the miranda.amd64.dev.gentoo.org machines shows that it is hosted on Gentoo’s own netrange at a company called Global Netoptex — a company also knowns as GNi which is one of Gentoo’s sponsors and a company that has two Gentoo developers as employees.

The last interesting machine is albatross.gentoo.org one. Doing a whois on that reveals that it is located on the network of the company called Bytemark Computer Consulting Ltd which among other things also hosts one of Freenode’s IRC servers.

But, uh, the 3 IP-addresses without a reverse DNS entry seems to appear on the same network as the albatross.gentoo.org machine, which is also in Bytemarks IP-range.

Oh, but the fun doesn’t end here. The last IP which looks like a normal “personal” IP-address has something interesting in it. If we just look at it we will see that: cpc3-york1-0-0-cust625.leed.cable.ntl.com. Apparently this IP looks like coming from the city of York in England (I am not sure about that though — and it is not really important either).

Normally I would just fire up Google now, but I thought that the network service called LinkedIn might be useful for this.

Spending two minutes on the site shows that the only person in my network that works for Bytemark is Alex Howells who lists himself as being System Administrator at Bytemark Hosting and Developer at Gentoo Linux. According to his LinkedIn profile, Alex Howells lives in York, United Kingdom.

This begins to look like it is one person who is behind all of this, but a person in the secret IRC channel on Freenode known as #gentoo-infra posted this after we discovered the attack:

[ ... ]
18:55:51 * astinus has a funny idea
18:56:56 astinus: for i in $(seq 1 25); do   wget -O /dev/null http://quotes.exherbo.org/?ratingminus\&id=$i;   sleep 6; done
18:58:55 astinus: additional brownie points if you use -q with wget and CFengine it for a one-time run on 500+ machines
18:59:13 astinus: "Hey guys! All your quotes suck!"
18:59:21 * astinus sighs
[ ... ]

(Timestamps are in UTC.)

In case you wonder: astinus is Alex Howells’s IRC nickname. Doing a simple /whois on IRC shows that as well:

hostmask : astinus!n=alex@gentoo/developer/astinus
ircname  : Alex Howells <alex.howells@0wn3d.us>
channels : @#gentoo-dev #gentoo-userrel #gentoo-server @#gentoo-ops @#gentoo
info     : is identified to services
info     : is signed on as account astinus
idle     : 0d 1h 13m 22s [signon: Sun Jun  8 23:57:52 2008]

From the integer value after the IP-address in the scripts output, we can see that 1380 requsts came from the network of Bytemark and 1934 requests if what we believe is his home machine is included. The other 367 other requests came from either OSUOSL or GNi.

I must admit I am very disappointed with Gentoo these days and this just tops the list. I used to like working for the Gentoo project, but these days this kind of stuff appears to be accepted which is really silly. Gentoo should rather spend some time kicking people like Alex Howells out.

Conclusion
Gentoo should avoid giving people like Alex Howells access to their infrastructure to avoid these very embarrassing issues.

What now?
I have filed a bug to Gentoo’s Bugzilla about this (bug #229895) plus I am going to write an e-mail to the abuse contacts from the various networks where these machines are located.

I will keep this post updated with information when I get it and maybe even write a follow up post.

Comments (20)

Framebuffer and Xen

June 27, 2008 at 18:46 · Filed under English, Gentoo, Open Source, Xen

I am currently using Xen for my virtualization needs and it works pretty well. I am using it on my laptop, my workstation and on my IA64 server.

On my workstation and my server, not having framebuffer support with Xen is okay, given that I never use anything but X on my workstation and I don’t have any console attached to my IA64 server; it is SSH access only.

On my laptop it is a completely different story though. I mainly use my laptop when I am out and I tend not to start X on it, because I don’t have much need of it, so it would be really nice to have working framebuffer there.

Anyways, I hate long blogposts. Here is my solution to get working framebuffer with Xen:

title Gentoo Linux
root (hd0,0)
kernel /xen.gz vga=gfx-1024x768x32
module /kernel-2.6.21-dom0-selinux root=/dev/sda2 vga=0x317 selinux=1

Notice the vga statement on the kernel line.

The vga statement on the module line is probably redundant, but I haven’t removed it yet to see.

Comments (1)

Logo

June 10, 2008 at 22:40 · Filed under English, Exherbo, Open Source

Exherbo has finally got a logo thanks to Ida Jensen. Here it is:

You can find the svg file in the exherbo git repository.

Update: I completely forgot to thank the person who actually draw the logo. It was Christel from the Exherbo team who draw the initial cartoon and Ida then later turned it into a digital version! Sorry Christel, I owe you a cookie ;)

Comments (4)

Random Exherbo stuff

May 30, 2008 at 18:35 · Filed under English, Exherbo, Open Source

Infrastructure
We have just enabled gitweb browsing of our Git repositories on git.exherbo.org. It is now possible to look at our repositories without cloning them.

Conference
For those of you who read Planet Exherbo you will know that the reason why we announced so early was that Bryan is going to do a talk about Exherbo at FOSS Aalborg, which is going to take place in Aalborg, Denmark next week. Bo, Bryan, Kim and I will be present at the conference.

Leave a Comment

Planet Ex-Gentoo

May 15, 2008 at 17:41 · Filed under English, Gentoo, Open Source, Paludis, Planet Exgentoo, Planets

There has recently been some massive changes in the relations with the general public in Gentoo. One of these changes is that former developers are no more allowed to be on the unofficial planet for Gentoo users, called Planet larry the cow – apparently because former developers can’t be Gentoo users after they have retired.

Because of that, Bryan and I decided that we would create our own Planet where only former developers are welcome. We were unfortunately, unable to come up with a non-retarded name so we ended up with “Planet Exgentoo”.

Planet exgentoo does currently consist only of some former Gentoo developers who are also active in the Paludis project, but every former Gentoo developer is more than welcome.

If you are a former Gentoo developer who are still active in the FOSS-world, you should either write a comment here or send me an E-mail if you want to be added.

You can find Planet Exgentoo at http://planet.exgentoo.org/.

Leave a Comment