Disk space emergency
About six months ago, I got an Infrant ReadyNAS NV+ with 2TB of usable storage. At the time I had nearly filled my existing 1TB homebuilt NAS box, and was in desperate need of more space.
Here I am, six months later, having exhausted 96% of the 2TB of capacity of my ReadyNAS, and find myself contemplating paying the $1800 to get a second one. It’s a bad time of the year for significant technology investments, but I don’t know how long I can limp along without an upgrade.
How could I possibly use 2TB of space, you ask? Well, between videos, photos, music, software, backups from other machines, and personal files, it’s not that hard.
UPDATE: I ordered another NV+
Help Wanted
AppAssure Software is looking for a QA lead. As the lead developer, let me assure you we definitely need one!
The description follows. Good luck.
AppAssure Software Inc, a Reston-based software company, is seeking an
experienced quality assurance professional on a full-time permanent
basis to stand up a dedicated QA unit within the company.
The successful candidate will transition the internal QA functions from
current staff and form the foundation of a dedicated QA unit. Candidate
will have wide discretion with regard to QA policies, tools, and
methods, and will be accountable primarily on the basis of software
quality. The software under test will be Windows based, a combination
of server-side and client-side technologies, with and without GUI-level
components. Position will initially consist entirely of hands-on
software quality assurance activities, and will likely evolve into a
team lead role as additional QA staff are added.
Requisites:
- Proven experience as a senior QA professional on one or more
large-scale software projects - Commercial software experience is a plus
- Demonstrable ability to take initiative and get things done
- Three positive professional references
Skills:
- Familiarity with software engineering tools including defect tracking
systems, revision control, and automated builds - Attention to detail and patience are mandatory
- Ability to write meaningful and actionable bug reports is an absolute
necessity and will be tested - Successful candidate must be comfortable working independently and
with minimal direction, and at the same time must integrate effectively
into the software team and accept direction on an ad-hoc basis - Outstanding written communication skills required. Effective verbal
communication skills are necessary as well.
Responsibilities:
- Review existing test cases and expand/adjust to suit
- Update test cases as bugs are found and software evolves
- Establish and execute test plans for upcoming and fielded releases
- Perform quick-turnaround smoke and regression tests for new builds
before shipping - Develop and execute the QA portion of project plan for upcoming
software releases - Document software bugs as actionable and meaningful bug reports
- Interact with developers as needed to resolve bugs
- Verify bug resolution
- Interact with Customer Support as needed to provide in-house
reproduction of customer issues to facilitate developer analysis.
Work environment:
Position is located in AppAssure’s offices in Reston, VA. Environment
is casual, and work hours are flexible. AppAssure has no 9-5 jobs;
employees are accountable for their performance, not the number of hours
spent in the office.
There are no divas, prima donas, or curmudgeons on the team. You’ll be
working with dedicated professionals who are smart, easy-going, and get
things done.
Comp:
- Commensurate with experience
- W-2 only
No recruiters please.
To apply, send your current resume to jobs@appassure.com, with ‘QA Lead’ in the subject line.
Upgraded to OpenBSD 4.2 today
This past weekend I upgraded my home firewall, wintermute, and one of my internal servers, aragorn, to OpenBSD 4.2. aragorn was running 4.1, and wintermute was kicking ass on 3.6!
wintermute is the first computer I ever owned; a Sony VAIO PCV-90. It’s a 90MHz Pentium with 64MB of RAM and an (upgraded) 3600 RPM 8GB PATA drive. aragorn is an ancient PowerEdge 1300 I bought for a contract many years ago; it’s a two-way Pentium II 400MHz box with something like 128MB of RAM and a couple of SCSI disks.
The upgrade went fine, though I did get tripped up by the fact that the ftp-proxy in 4.2 is a total rewrite from 3.6, so I had to adjust my pf.conf with three special anchors and enable the ftp-proxy service. I also screwed up during the disk labeling and created a swap partition that was 500 sectors, not 500MB, so I keep running out of swap space, doh!
I use aragorn to monitor my wireless network traffic using an EDIMAX PCI card with a Ralink rt63 chipset. Let me just say that the rt63 support in 4.2 is just as unreliable as it was in 4.1 and 4.0; kismet lasts between 20 minutes and a day before a kernel panic. I could get a card with decent support, but I don’t want to accept defeat just yet.
Overall the upgrade was painless. I strongly recommend it. It’s practically the last credible OS that’s actively hostile to those trying to use it. Now that my grandmother can get Ubuntu going, a retarded ten year old can figure out Slackware, and a booze-addled pop star can probably get FreeBSD to boot, OpenBSD is the only niche OS that a n00b lamer can’t get to work. Whenever some little shit starts to get a little too full of himself coz he’s so over Micro$loth and does all his 1337 hax0ring on Ubuntu Gutsy, I find an OpenBSD install CD and a dare are all that’s required to reduce him to tears. Puffy p0wnz Tux every time.
Major Improvements to Ruby Wireshark Wrapper
It’s been a while since I last reported on the status of my Wireshark wrapper for Ruby. This past Thanksgiving weekend I put alot of time into it, and I’m pretty pleased with the progress.
I’ve made a few major changes to accommodate my long-term use for this wrapper, which is to index and analyze hundreds of gigabytes of captured network traffic.
First, I added the ability to dump a whole packet into YAML for storage as a blob. This was a compromise, in that I wanted to preserve the dissected structure of each packet, but obviously didn’t want to create a database schema to accommodate the dozens of fields one finds in a typical packet. I figured I’d save off each packet’s YAML representation in a BLOB, then retrieve and display the whole packet’s hierarchy in a GUI if needed. Any fields that would be involved in querying or reporting would obviously need to be hoisted into database fields, but that would be a small subset of each packet’s fields.
My initial YAML implementation used the Syck engine as exposed in the Ruby standard library’s YAML class. Unfortunately, this required I query each field’s name, value, display name, and display value, which causes the creation of five Ruby wrapper objects per field. The whole reason I modified the field wrapper to defer creation of Ruby objects is to avoid the huge performance hit this incurs.
So, using the slow-but-working Syck-based implementation as a baseline, I wrote a pure C++ YAML serializer specifically tuned for serializing field hierarchies and using the C++ stringstream to efficiently build the YAML string in memory. Based on my performance numbers, this results in a mean serialization time between 0.016 seconds, and effectively 0.000 seconds (in other words, faster than the measurement resolution of the Benchmark class, compared to 0.5 seconds on average with YAML. To be sure, this is not a reflection on YAML‘s serialization performance, but rather the significance of the performance gain I get from avoiding the creation of dozens or hundreds of Ruby objects per packet.
Once my C++ YAML serializer was producing YAML that parsed to a structure identical to the reference implementation based on YAML, I started to worry about large binary field values. As an example, I captured the traffic caused by downloading a 50K JPEG over HTTP. This capture contained a bunch of TCP packets, which Wireshark reassembled so the final TCP packet in the session included not just the data from the packet’s frame, but also the reassembled data consisting of the entire TCP payload for the HTTP response.
Obviously, serializing this out to YAML is somewhat inefficient. Instead, I reverse-engineered the Wireshark tvbuff_t stuff a bit more and figured out that each packet has a GSList of data_source objects, where each data_source has a name and a tvbuff_t. Normal packets have only one data_source, Frame, but the last TCP packet in a TCP segment also contains a Reassembled TCP data_source which contains the data from the entire segment. By exposing these separately, and modifying each Field object to return which data source contains its value as well as the offset into the data source where the value is located and the length in memory of the value, I can feasibly store the BLOB or BLOBs that make up each packet into the database as a binary object, and still reliably reassemble the packet or extract raw field values at will.
I think the next step is to build a basic data model for storing packets, and start loading it up then implementing some basic analysis like correlating IP addresses with hostnames, detecting interesting traffic, etc.
As usual, Commissar Richard Stallman requires I make my code available under the Marxist GPLv2; the SVN repository has the details. Note that the GPL doesn’t say anything about helping others getting shit building; it took me days to figure out the build process for Wireshark and Ruby, so I bid you good luck and godspeed.
Christmas 2007 Wishlist
For my family and few friends close enough for gift-level intimacy, here’s my wishlist for Christmas 2007.
Shooting Stuff
- Shooting Rest — If I had this a month ago, maybe I wouldn’t need a new range bag (see below)
- Shooting Rest Front Bag
- Shooting Rest Rear Bag
- Range Bag — NB: Luci technically owes me this bag, seeing as how she put a few 5.56mm rounds through my old one
- Red dot holo sight
- AR-15 Mags, anywhere from one to ten
- AR-15 Brass Catcher
- AR-15 bore brush
- Brass punch set
- Aerosol degreaser
- Surefire M85 Mid-Length Handguard
Computer Stuff
- Canned Air
- 700MB CD-Rs
- A new mouse for my laptop. It needs to be small and portable. I prefer corded since there are no batteries to replace, and I further prefer the sort that coil up the cord with a spring, like the one I have, only not a fragile piece of shit. Optical only, of course.
Expensive unjustifiable toys
Amazon Stuff
Geeky Kitsch
- Browncoat T-shirt, XL
- Zombie Repellant T-shirt, XL
- Frack Me T-shirt, XL
Misc
- Helping Hand tool
- Replacement tips for my ColdHeat Pro soldering iron. I need one conical, one bevel, and one chisel
- New laces for my boots (seriously, if you can find laces made from a steel braid that would be preferable)
- CR123 batteries for my SureFire
- One or more canisters of green gas for my AirSoft Glock pistol
- Replacement label tape for my label maker (It’s a Brother P-touch which takes “TZ” tapes between 1/4″ and 3/4″; I like the 1/2″ kind)
- AC adapter for my label maker (DC, 7V, at least 1 amp, center negative)
- New work surfaces for my office. Currently I use old industrial shelving for my desk surfaces, which isn’t very ergonomic and doesn’t provide me enough space. Ideally I’d have something that offered:
- Ergonomic work surface for my primary computer (currently a laptop mounted in a laptop stand), secondary monitor, keyboard, mouse, speakers, light, land line phone, UPS, power strips, subwoofer
- Secondary work surface for computers I’m working on, and space to put mail and tech boxes before I dispose of them
- Another secondary work surface for gun cleaning, maintenance and cleaning work on bike parts, and other tool-related work, including room for all my tools, a task light/magnifier
- Enough tertiary storage space that I don’t clutter up my work surfaces with crap that doesn’t belong there
WPA Cracking with rt73, aircrack-ng, and Ubuntu Gutsy
There’s been a dearth of tech posts around here lately, but that’s about to change.
I’ve previously mentioned the Alfa AWUS036S USB WLAN adapter that I got a while back for OpenBSD wardriving. It’s been reliable for that purpose, but lately I’ve been interested in using it with aircrack-ng to crack WPA pre-shared keys.
Normally this isn’t the kind of thing I’m into, but then I learned about the Church of Wifi’s WPA Rainbow Tables, which consist of 40GB of compressed pre-computed WPA keys and their hashed derivations for the 1000 most common SSIDs and a selection of common passphrases. I downloaded the torrent (tip: the CoW link is bad; the torrent is here, and the Church of Wifi cracking tool CoWPAtty which reads the rainbow tables and uses them to crack WPA.
I ran them against a capture I’d taken using OpenBSD and kismet, only to find that I had not captured any of the WPA handshakes required to crack the WPA PSK. This led me down the rathole of actively forcing the WPA handshake by knocking a client off of an AP and monitoring the client’s attempt to reconnect, using the aircrack-ng suite of tools.
Rather than fight with getting aircrack-ng to inject packets with my USB wlan device on OpenBSD, I bit the bullet and went with Ubuntu Gutsy 7.10 instead.
Running Gutsy i386 on a VMWare Workstation 6.0 virtual machine, I plugged in the Alfa USB adapter, enabled it in VMWare with the VMWare UI, and did an ifconfig to confirm my adapter was detected. It showed up as wlan0 and that was that. Or so I thought.
Once I downloaded and built the latest 1.0 beta of aircrack-ng (an uneventful proces; just make sure the libssl-dev and libpcap0.8-dev packages are installed). Then I ran airmon-ng start wlan0 11, which unexpectedly failed. I could not get the wlan0 interface into monitor mode; attempts kept failing with an error about the mode not being supported. I then booted into a Backtrack 2 Live CD and ran airmon-ng there, but despite forcing a WPA handshake (first with aireplay-ng and later by manually disconnecting and reconnecting a client to the AP I was cracking) I wasn’t getting any WPA handshakes in any of my captures.
Now is a good time to digress for a bit about the Linux WLAN driver situation. If you’re going to use a wireless adapter on Linux, you have to wonder, what wireless chipset does the adapter use, are there drivers available, are they reliable? If you intend to use the adapter for wardriving, WEP cracking, WPA cracking, etc, then you also have to figure out if the tool you want to use supports the chipset, if the drivers you’re using support what you’re doing with the tool, and whether or not the drivers are so unstable as to kernel panic your machine at random.
In my case, I’m using a USB wireless adapter so I can use it from a virtual machine, which makes the situation even worse as USB wireless support is hit or miss at best, especially if you’re capturing all traffic on a channel which requires monitor mode.
As wireless USB devices under Linux go, there aren’t many options. The Alfa AWUS036S, based on the Ralink RT73 chipset, is the best option I’ve found. I’ve also read about the Alfa AWUS036H, based on the Realtek RTL8187. The aircrack-ng and Kismet sites both list a few other USB adapters, none of which I’ve read particularly good things about.
The RT73 driver situation is pretty complicated. Gutsy 7.10 ships with RT73 support, though I don’t know where the drivers came from. A while back I tried to get the serialmonkey drivers working with my shitty EDIMAX USB adapter and had nothing but problems under Linux; I’ve not tried the new RT73 stuff from serialmonkey but I assume it’s unstable.
Finally, there’s p_larbig’s stuff, which seems based on the serialmonkey code but is patched for stability, packet injection, and compatibility with aircrack-ng. He has drivers for rt73 and rt2570-based hardware, though I’ve not worked at all with the rt2570 drivers.
I finally had luck with the latest p_larbig rt73 driver, 2.0.1. It was the usual download tarball, make, make install, which installs the rt73 kernel module. However, that’s not enough.
I also had to disable the modules Ubuntu shipped with, which otherwise insist on loading instead. I’ve read elsewhere about a guy suggesting you actually delete the built-in modules from /lib/modules, but that seems a bit heavy-handed. Instead, I added the following lines to /etc/modprobe.d/blacklist:
# Disable the USB ralink drivers other than the custom build one
# AJN 11-2007
blacklist rt2500usb
blacklist rt73usb
blacklist rt2x00usb
I also added alias ra0 rt73 to /etc/modprobe.d/aliases.
Then ran sudo update-modules. After that I plugged in my Alfa and it came up at rausb0.
Using beta1 of aircrack-ng 1.0 I ran a few simple tests.
First, airmon-ng stop rausb0 and airmon-ng start rausb0 11, both of which worked this time.
Next I ran aireplay --test rausb0, which reported successful injection.
After that I used these instructions to force and capture a WPA handshake. I would note that it’s important to verify you can capture these handshake packets before you declare victory. I thought I had it made when I booted the Backtrack 2 live CD, which has built-in support for rt73 chips, only to find that I could capture everything but the WPA handshakes. Be sure that’s working if you intend to crack WPA PSKs.
Once I got a WPA handshake, I ran it against cowpatty with the WPA-PSK rainbow tables, and tried one million keys in about 20 seconds, roughly 50k keys/second. If you’ve every tried brute-forcing a WPA PSK with just aircrack-ng and no rainbow tables, you’re probably more used to 10-50 keys/second; that’s right, it’s an improvement of three orders of magnitude. Insane.
The final moral of the story is: change your access point’s default SSID, and choose a secure WPA passphrase. Failure to do either will result in vigorous pwnage.
Yay! SCOTUS Granted Cert. on Heller
I’ve just learned that the US Supreme Court has granted certiorari on the Heller vs. DC case in which the Washington DC ban on possession of functional firearms in homes was ruled unconstitutional by the Court of Appeals for the DC Circuit.
The court wrote their own version of the question to be decided:
Whether the following provisions — D.C. Code secs. 7-2502.02(a)(4), 22-4504(a), and 7-2507.02 — violate the Second Amendment rights of individuals who are not affiliated with any state-regulated militia, but who wish to keep handguns and other firearms for private use in their homes?
That question is fairly narrow, and doesn’t address bans on the basis of cosmetic features (ie_, Clinton’s harebrained Assault Weapons Ban), caliber (.50 cal rifle bans), registration requirements, or possession outside of the home (concealed or open carry). Assuming the court upholds _Heller and rules narrowly on the question at hand, I don’t see a wholesale nullification of US gun control laws (more’s the pitty), though obviously any explicit acknowledgment of an individual Constitutional right to arms is an improvement over the current situation in the federal courts.
Here’s hoping the attention generated by this case spills over into the presidential election, in which case the leading Democratic candidates and Guiliani are particularly weak.
Excellent description of the modern Southern relationship with the Civil War
I don’t always agree with the rhetoric over at Gates of Vienna, but I just read a great post over there wherein the author, a Southerner with Virginian ancestry back to the Civil War, attempts to describe his relationship with and attitudes towards that conflict.
Being born in Colorado, raised in the midwest, and having no American ancestors before the late 19th Century, I have no cultural or historical tie to the Civil War, and thus grew up understanding it as a fight between people who were against slavery (the good guys) and people who were wanted to keep slavery (the bad guys). However, as a transplant to Virginia (arguably the sine qua non of the secession movement and indeed the war itself) my understanding of the Civil War has evolved.
Much like the author, I deplore slavery and regard it as a stain on the early history of our country. I am glad it was ended, and I think it was a sufficiently grave evil as to warrant the violent conflict required to suppress it once and for all. However, having said that, I also empathize deeply with the Southern cause inasmuch as it was the resistance of invasion by a foreign army intent on forcing them to remain a party to a Union that no longer reflected their own values.
Were I a poor farmer in rural Virginia, watching Union troops march across my lands, pillaging and looting and killing, I’m quite sure I wouldn’t cheer them from my window for freeing the black slaves, but rather take up arms against them in the defense of my home and family and way of life.
Put simply, I would fight for the South, but pray for the North to win.
I think this is part of what made the Civil War such a wrenching conflict, for participants on both sides. How can you choose between the defense of your family and the eradication of a grave evil? Is slavery wrong enough to justify fighting your own brothers in the name of its elimination? If so, when both slavery and your Confederate kin lie dead at your feet, have you won, or lost?
Thankfully I’ve never had to make such a horrible choice, and hopefully I never will.
Interesting thoughts on Constitutional implications of PA Marriage License fiasco
I recently read about the kerfluffle in Pennsylvania over ministers ordained online officiating at weddings. Via InstaPundit I ran across a blog post railing against the admittedly stupid decision, titled ‘What part of ‘Make No Law’ don’t they understand?‘. At the time I thought this argument was specious, since the First Amendment reads:
Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof” [Emphasis mine]
This being a state Judicial and then Legislative decision, Congress was not involved.
Thus, I was interested to read a post on VC by a real-life legal scholar contesting the simplistic “What don’t they understand” argument. If you, like me, don’t understand how recent courts have construed what seems to be a ban on Congressional meddling with religion into a large and growing ban on religious expression in the public sphere, the post provides some background, and discovers a new theory of Constitutional interpretation: Smug Textualism.
Now we just need the definitive paper establishing the tenets of Smug Textualism and we’ll finally have a theoretical home for all those pseudo-Constitutionalists who wrap themselves in some snippet of the text without regard for the rest.
The Founders Couldn't Possibly Have Forseen Alcohol
I’ve ranted before about the fight against drunk driving expanding into a de-facto fight against drinking at all, with due process and the Fourth Amendment as collateral damage.
Today I ran across a Reason magazine Hit and Run posting calling attention to four DWI-related abuses of police power and presumption of guilt. Of particular note to me is the first item:
As more and more states are now allowing police officers to forcibly extract blood of DWI suspects, the New Jersey State Supreme Court recently took the practice a step further. The court ruled that not only may police forcibly draw blood, they may use extreme force in doing so, including force that inflicts permanent physical damage on the suspect.
In America today, if you happen to be driving in the wrong state, the following can happen with the blessing of the state and federal Courts Supreme:
- Stopped by police at a DUI checkpoint with no probable cause
- Subjected to a sobriety test without consent
- Subjected to a Breath-a-Lyzer test without consent or access to counsel
- Forced to submit a blood sample for blood alcohol analysis, taken by a police officer with no medical training
- Permanently physically injured by police offers forcibly extracting a blood sample should you refuse to provide one willingly
If stopping people who drink and drive is a sufficiently compelling state interest as to justify the above wholesale disregard for the Constitution, what steps would the high courts declare acceptable in the name of the War on Terror, the War on Drugs, or National Security? What does it say about us as citizens that we allow this sort of thing to happen? At what point will a sufficient number of us say ‘Enough!’ and push back against those meddling tyrants who regard free and individually responsible adults with such disdain?