Storage in the Cloud

1216703_58267031_web

Caught up in “cloud” technology? Think it’s useful or just some hype? This post will provide an extensive review of the pros and cons of cloud storage. We’ll also provide a definition of “cloud” storage and the difference between a public and private cloud.

Cloud Overview

There are a few different types of cloud storage. The main goal of the term “cloud” is to separate and decentralize storage. Systems should be expected to fail, fail often (more often than enterprise class hardware) and be easily replaced when they do. There are many providers of public cloud storage and quite a few vendors which provide cloud storage software so you can start your own cloud.

Public Cloud Providers

Private Cloud Providers (Software)

Cloud Benefits

There are many benefits to utilizing cloud storage. One of Powering Cloud Storagethe best benefits of using public storage is to diversify and distribute storage across the nation. Utilizing a private cloud allows you to decentralize your storage and possibly speed up largely parallel reads and build fault tolerance into your storage systems. I’ve personally had experience with ParaScale and it seems to work great. The software allows you to build your own private cloud storage system. In testing it has proved to be very fast and efficient.

Cloud Cons

Utilizing a public cloud can be a bit scary for some. Of course it requires a level of trust and assurance to allow your data to be on a public system. I’m sure most responsible persons will keep copies of their data elsewhere beside a public cloud. Private clouds are still somewhat new and require special software. If the software (or any underlying proprietary system) fails, it will require custom services (provided by the software vendor) to recover the data. Private clouds can be very helpful but we must weigh the benefits against the risks.

Conclusion

Cloud storage has been very successful in both private and public practice. Cloud storage provides cheap and distributed storage for files and can add speed if used privately. This technology is still very new and it must be considered with a “grain of salt” – we’re talking about our data here! In conclusion, Cloud storage technology is very efficient, decentralized, highly fault-tolerant and can offer us many benefits. The only way for the technology to mature is to provide more use and refinement. When cloud storage platforms are fully matured we can place more hope in the “cloud hype.”

Facebook – The New MySpace?

Remember when Facebook was fast, purpose-built and generally beat the pants off MySpace? That doesn’t necessarily seem to be the case anymore. With all the extra bloat, advertisements and the insufferable “apps” available now it’s hard to remember what the real purpose of Facebook was- To communicate.

 

It seems like once they opened registration to all, allowed user-created apps and tried to keep being everything to everyone the purpose and Facebook message has disappeared.

 

The Pros

* Facebook is a LAMP (Linux, Apache, MySQL, PHP) powered system. They have great technology behind their site and have developed many interesting technologies around their core applications.

* Facebook is still very “light” compared to other social networks (e.g. MySpace)

* Large user base (who hasn’t heard of Facebook?)

* Find people you’ve been searching for from way back (also see Cons for the opposite of this)

 

The Cons

* Insufferable annoying Apps that seem to do absolutely nothing but clutter my “requests” section. I don’t care if someone superpoked me or gave me a flower. I can’t believe people pay to send these things.

* Open to everyone. (This isn’t necessarily a bad thing as long as the openness doesn’t contribute to what Facebook has become)

* Too many ads, too much clutter. Get back to what Facebook was supposed to be!

* People you didn’t want to know you or check up on you can (unless you block them)

* Allows for some “social stalking” How many times have you talked to someone else on Facebook in real life only to have them bring something up from the social network? Great.

* Time vampire. I believe that there are quite a few people out there addicted to this particular social network.

 

Conclusion

While I use Facebook sparingly, I can say that it has a purpose but it has been a bit over-done. I believe that simple is better. Facebook, can we have the site from about a year ago back? Can there be a “bloat-free” lite version available? How do I get rid of all the junk that has been added over the years? Please make us a version that is simple, works and provides what Facebook originally set out to do.

Replace Nintendo Wii Brick with PC Power Supply

If it’s 12AM and your Nintendo WII power supply goes on the fritz and you can’t locate one at your local Wal-Mart and you’re jonsin’  to play a new game have no fear! I too found myself in this situation recently. Like most computer dudes I have a plethora of computer parts lying around in my parts closet. It’s really not all that uncommon to have a power supply or two lurking in the parts bin. In this document I’ll teach you how to juice up your Wii and get back to gaming with simple items almost every geek has. Amazingly the Nintendo Wii’s power brick is rated at 3.0A (Amps) and normal PC power supplies rate at least 5-7A (Amps) on the 12 volt (yellow-wire) side.

 

There are some other articles online outlining the procedures to replace a small soldered-in fuse inside the power brick. We didn’t have a fuse or the time to try to remove the strange shaped screws holding the brick together.

 

Disclaimer: We do not claim that the below will not harm your Nintendo Wii. We have tested it and everything appears to work but we cannot speak to the “cleanliness” of the power delivered by the power supply used nor can we assure that any other issues may be caused. Please use this document at your own risk.

 

What’s Required

* Wire strippers (or equivalent)

* Wire cutters
* A small shiny (non-coated) paper clip

* Electrical tape

* Optional: Soldering Iron w/ Solder

* A small Molex to SATA Adapter (these come in almost every retail hard drive box)

* A small or old PC power supply (ATX is what we’re using here)

 

Steps to Power

1. Since you’re not going to use your old power brick anymore, cut off the end which plugs in to your Wii closest to the brick as possible.

2. Strip the grey sheathing from the wire. This will reveal a white wire surrounded by another wire.

image

3. Take the wire around the outside and twist it together to form one wire.

image

4. Strip the white wire. Be careful to leave enough insulator between the white wire and the outside wires we previously twisted.

image

5. Locate your Molex to SATA converter. Cut the black and yellow wires closest to the SATA connector.

image

6. Strip the black and yellow wires.

7. Connect Yellow to White (the inside wire)

8. Connect Black to the outside wire we previously twisted.

9. Use electrical tape to make the connections or optionally solder the connections together. Use plenty of electrical tape or heat shrink tubing to secure the connections and insulate them.

10. Plug in your molex connector to the power supply.

 

At this time your Nintendo Wii is connected to the power supply.

 

11. Unbend your silver paper clip and insert one end in to the ATX connector’s green wire. Connect the other end to the black ground wire next to the green wire. This sets the ATX power supply to be on at all times.

12. Plug in your ATX power supply to wall power.

13. Plug in the newly-frankenstiened power adapter to your Nintendo Wii

13. Power on your Nintendo Wii

 

 

Polarity for the Nintendo adapter is printed on the bottom of the brick but does not outline which wire (the outside or inside) is positive or negative. The outside wire is DC negative (-) and the inside white wire is DC positive (+).

 

Conclusion

To power a Nintendo Wii with a PC power supply is very easy and certainly feasible. I’m not sure the long term affects of using this solution but it does make complete sense to use a PC power supply because that is, essentially, what a Nintendo Wii is – a computer. To this day the solution is still working and I haven’t found a need to buy another power brick yet. This solution/fix was a bit overkill but at the time it made sense to get the gaming system back online.

BIND 9 DoS Update: CVE-2009-0696

image BIND, the Berkley Internet Name Domain service, provides forward (authoritative) and recursive (non-authoritative) DNS lookups for the majority of the internet as we know it. A security vulnerability outlined here shows that a specially crafted packet can cause the DNS daemon to stop functioning. It is imperative that all “master” DNS servers get updated immediately. More general information on BIND can be found on their site here.

CVE Information: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0696

RHEL Bug Information: https://bugzilla.redhat.com/show_bug.cgi?id=514292

 

The NVD at NIST reports the following overview of this issue:

The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an ANY record in the prerequisite section of a crafted dynamic update message, as exploited in the wild in July 2009.

 

Updating BIND on RHEL/CentOS (4/5)

Updated packages are available to assure you are running the latest release.

Use this command to update bind on yum-based systems:

# yum –y update bind

Updating BIND on Debian / Ubuntu

1
<font size="1"> # apt-get update       <br /> # apt-get upgrade        <br /> # /etc/init.d/bind9 restart</font>

 

 

The RioRey DDoS Solution

 

Product Overviewimage

The RioRey solution is a DDoS protection device not widely used or heard of … yet. First of all let me assure you that I am in no way associated with the RioRey company and my focus is to give an honest and unbiased opinion of their product offerings.

 

The RioRey device is a rack-mountable device with one copper management port and two copper or fiber (Multimode SX/LC or Singlemode LX/LC) ports. Their products tier in the volume of packets per second they are able to mitigate under a real DDoS attack. They range from 150K packets per second (PPS) to their newest eight rack unit 16M packets per second model. The model I have had the most experience with is their entry-level 150K PPS model. This will be the model I talk about in the remainder of this article. 

 

imageInstallation

Using the device is a breeze. Installation is as simple as installing it in line to the closest “edge” of your connection. For most companies and hosting providers this would be at their handoff from their bandwidth provider (e.g. Cogent, ATT) The device can be purchased (at no additional cost) with the ability to fail to bypass. This means that if the device has a  hardware failure the device will act as a straight-through cable and continue to pass traffic. In testing this device did not even trip external monitoring when simulating failure.

 

Usage

The device comes with a very primitive web interface which is used for setting up low-level functions like syslog reporting and IP addressing of the management interface. The device comes with a pre-configured IP address to access this web console for first installation. The device also comes with their management software called “rView” This software allows you to view the status of the device, perform reports, get real-time insight into current attacks and customize how the device behaves under attack. The device also has the ability to send SNMP traps, log to syslog and email when an attack is detected.

 

Real World Experience061309-RioReyUDP-2

I’ve personally and (un)fortunately had this device work for me. This device was blocking a 1.3GBit/sec UDP flood and was currently only linked at 100mbit. All sites/devices/services behind the RioRey were still responsive. The sites did notice a small uptick in response time but no dropped packets or requests. The device performed as advertised and their patented Micro Behavioral Analysis (MBA) algorithms performed beautifully. Within 60 seconds the attack was mitigated and “polluted” traffic was removed. The graph on the right illustrates how fast the traffic was blocked. Notice the blue line grow and then almost instantly disappears. This blue line is the “after filtering” traffic (the traffic passed to the LAN interface.) The attack traffic was almost instantly mitigated- all without human intervention.

 

Summary

This device is a very valuable tool. It’s kind of like a fire extinguisher, when you need it you really need it; when you don’t need it you never really even know or care to know that it’s there. Was it worth the investment? It’s hard to gauge these things after an attack is mitigated. If we didn’t have the device under attacks it would be much harder to identify the attacker and the victim and would cause more downtime simply analyzing the traffic to find the source(s).

I believe the device is well worth it. It’s entry-level pricing is second to none (when compared to other solutions) and it allows a level of protection that most never thought possible for the price. To obtain more information and pricing please visit The RioRey Site.

If you have any questions about the device and would like to contact me for more information please post a comment or email Adam [at] Admo.net for more information!

Basic Commands: Symbolic Links

Symbolic links allow an administrator to point a link (file or directory) to another real location.

 

How do I create a symbolic link?

# ln –s [target file/directory] /link/location/to/file/or/directory

 

For example, you wish to link /etc/httpd/conf to point to the real location of /usr/local/apache/conf

The command would look like this:
# ln –s /usr/local/apache/conf /etc/httpd/conf

 

Assure that the destination for your link (in our example this would be /usr/local/apache/conf) does not already exist.

How to Calculate IOPS (I/O’s per Second)

 

IOPS (I/O’s per Second,
or iostat "tps")

Data Transfer Rate
(MB/sec)

Minimum Number of Disk Drives to Support Workload

Random I/O (10k RPM)

125

0.5

n = (%R + f (%W))(tps)/125

Random I/O (15k RPM)

150

0.5+

n = (%R + f (%W))(tps)/150

Sequential I/O

2000

50

n = (MB/sec)/50

Where:
%R = the percentage of disk I/O’s that are reads.
%W= the percentage of disk I/O’s that are writes.
f = 1 for ordinary disks, 2 for mirrored disks, 4 for Raid 5 disks.
Assumes data is distributed evenly across all disk drives.

 

Using the above formula, here’s the minimum number of disks required to support a random I/O workload, at 1000 IOPS,  80% read, 20% write on 10K RPM disk drives.

 

Ordinary disks:  (0.8 + 1*0.2)(1000 IOPS)/(125 IOPS/disk)  = 8
Mirrored disks:  (0.8 + 2*0.2)(1000 IOPS)/(125 IOPS/disk)  = 10
Raid 5 disks:      (0.8 + 4*0.2)(1000 IOPS)/(125 IOPS/disk) =  13

Full Article Here

How to Start/Stop Dell OMSA on Windows

From Dell’s Support Site:

 

To start Server Administrator, perform the following steps:

  1. Click the Start button and point to Settings® Control Panel® Administrative Tools® Services.
    The Services window appears.
  2. Right-click the Secure Port Server icon.
  3. Click Start.

 

To stop Server Administrator, perform the following steps:

  1. Click the Start button and point to Settings® Control Panel® Administrative Tools® Services.              The Services window appears.
  2. Right-click the Secure Port Server icon.
  3. Click Stop.

Linux CLI (Command Line Interface) Tricks

Here is a small(ish) list of Linux CLI tips and tricks I have learned and researched over the years. This list is by no means completely comprehensive but contains a list of some of the tricks I use on an everyday basis. Living your life “in the shell” can be very cumbersome if you aren’t using the tricks outlined below. Good luck and happy Linuxing.

 

I will say this: Do not give in and use all the tricks all the time if you are just starting with Linux. It’s always best (in my opinion) to learn the ropes and background to everything before using the GUI or any related tricks. I believe this is true with almost any learning process – technology-based or not.

Command Line File Name Completion

Tired of typing the whole path to a single command? Some commands can be very large and cumbersome. Try “tabbing it out”.

Try for example: where<tab>

The above should return whereis. If you have more than one binary in your path that contains the word where you may not get a result. In this case hit tab again and you’ll be presented with all options.

 

Print Working Directory (pwd)

imageThe pwd command is useful to tell you what directory you are currently in. Depending on your shell configuration, you will be presented with your full working directory in the title of your shell program. For instance, I use putty and it always shows my Current Working Directory (CWD).

 
Command History

Forget what the last few commands you completed were? Want to diagnose a system and you have no idea what the person before you executed? Try the “history” command in Linux.

Type “history”. This provides a list of all recently entered commands and can be very large. If you type “history 10” it works much like the tail command and shows the last 10 commands in history.

Type “history –c” to clear your command history.

 

Output Redirection

Tons of information from the command you just executed? Redirect the output to a file or another program.

> – Output Redirection >> – Append to EOF (end of file)  
1> – Redirect STDOUT (Standard Out) < – Input Redirection  
2> – Redirect STDERR (Standard Error)    
&> – Redirect all    

 

Examples:

# echo “foo” > bar (this example will echo the text “foo” to the file called “bar”)

# echo “foo2” >> bar (this example will echo the text “foo2” to the end of the file “bar”)

# wc –l < bar (this example will do a line count on the file bar)

Typically commands read, by default from STDIN. For instance I could also run wc like this:

# wc -l bar

I would still obtain the same results as explicitly telling the CLI to use STDIN (<).

 

Aliases

Using aliases is another way to make entering common commands easier. Think of an alias as a simple shortcut to a longer command. Let’s say you want to remove a directory and you’re tired of always typing “rm –rf <directory”. You can make an alias by typing “alias rmdir=’rm –rf’. Now you can type “rmdir <directory>” on the CLI and achieve the same result.

 

Symbolic Links

A symbolic link is simply a pointer to another file/directory. To make a shortcut to a program shorter or as a link inside your home directory use a command like this:

# ln –s /usr/local/program/bin/program ~/program

– or to link an entire directory –

# ln –s /usr/local/program ~/program

Symbolic links appear when performing an ls –lt like this:
image

 

apropos Search Whatis Database

Ever wanted to find a command but never knew the name? Do you know what the command does or a description but can’t put your finger on it? Use the command apropos to search the whatis database.

Just type apropos “string to search for”

image

 

Whereis – Find a binary or man page

Ever needed to find the location of a binary easily? Try “whereis”. Simply type whereis “binary” and you will be presented with a location to the binary and/or manpage for the given binary.

image

 

There are a ton of other shortcuts I am missing but this is just a small list. Have a great day!

Acronis True Image Home (Run List Corrupted)

I started to receive a message on my new Vista box in Acronis True Image Home that looks like this:

 

Information    12/15/2008 8:07:49 AM    Locking partition C:…
Error    12/15/2008 8:10:00 AM    Operation with partition "2-0" was terminated.
Details:
Run list corrupted (0x7001C)
    Tag = 0x89D94B01B483E221

 

To rectify this issue just run a "CHKDSK C: /R" which should clean up a few NTFS attributes. This usually will happen if you hard-cycle your system for some reason.