October 11, 2009 / 0 Comments
Caught up in “cloud” technology? Think it’s useful or just some hype? This post will provide an extensive review of the pros and cons of cloud storage. We’ll also provide a definition of “cloud” storage and the difference between a public and private cloud.
Cloud Overview
There are a few different types of cloud storage. The main goal of the term “cloud” is to separate and decentralize storage. Systems should be expected to fail, fail often (more often than enterprise class hardware) and be easily replaced when they do. There are many providers of public cloud storage and quite a few vendors which provide cloud storage software so you can start your own cloud.
Public Cloud Providers
Private Cloud Providers (Software)
Cloud Benefits
There are many benefits to utilizing cloud storage. One of 
the best benefits of using public storage is to diversify and distribute storage across the nation. Utilizing a private cloud allows you to decentralize your storage and possibly speed up largely parallel reads and build fault tolerance into your storage systems. I’ve personally had experience with ParaScale and it seems to work great. The software allows you to build your own private cloud storage system. In testing it has proved to be very fast and efficient.
Cloud Cons
Utilizing a public cloud can be a bit scary for some. Of course it requires a level of trust and assurance to allow your data to be on a public system. I’m sure most responsible persons will keep copies of their data elsewhere beside a public cloud. Private clouds are still somewhat new and require special software. If the software (or any underlying proprietary system) fails, it will require custom services (provided by the software vendor) to recover the data. Private clouds can be very helpful but we must weigh the benefits against the risks.
Conclusion
Cloud storage has been very successful in both private and public practice. Cloud storage provides cheap and distributed storage for files and can add speed if used privately. This technology is still very new and it must be considered with a “grain of salt” – we’re talking about our data here! In conclusion, Cloud storage technology is very efficient, decentralized, highly fault-tolerant and can offer us many benefits. The only way for the technology to mature is to provide more use and refinement. When cloud storage platforms are fully matured we can place more hope in the “cloud hype.”
August 9, 2009 / 2 Comments
Remember when Facebook was fast, purpose-built and generally beat the pants off MySpace? That doesn’t necessarily seem to be the case anymore. With all the extra bloat, advertisements and the insufferable “apps” available now it’s hard to remember what the real purpose of Facebook was- To communicate.
It seems like once they opened registration to all, allowed user-created apps and tried to keep being everything to everyone the purpose and Facebook message has disappeared.
The Pros
* Facebook is a LAMP (Linux, Apache, MySQL, PHP) powered system. They have great technology behind their site and have developed many interesting technologies around their core applications.
* Facebook is still very “light” compared to other social networks (e.g. MySpace)
* Large user base (who hasn’t heard of Facebook?)
* Find people you’ve been searching for from way back (also see Cons for the opposite of this)
The Cons
* Insufferable annoying Apps that seem to do absolutely nothing but clutter my “requests” section. I don’t care if someone superpoked me or gave me a flower. I can’t believe people pay to send these things.
* Open to everyone. (This isn’t necessarily a bad thing as long as the openness doesn’t contribute to what Facebook has become)
* Too many ads, too much clutter. Get back to what Facebook was supposed to be!
* People you didn’t want to know you or check up on you can (unless you block them)
* Allows for some “social stalking” How many times have you talked to someone else on Facebook in real life only to have them bring something up from the social network? Great.
* Time vampire. I believe that there are quite a few people out there addicted to this particular social network.
Conclusion
While I use Facebook sparingly, I can say that it has a purpose but it has been a bit over-done. I believe that simple is better. Facebook, can we have the site from about a year ago back? Can there be a “bloat-free” lite version available? How do I get rid of all the junk that has been added over the years? Please make us a version that is simple, works and provides what Facebook originally set out to do.
August 8, 2009 / 8 Comments
If it’s 12AM and your Nintendo WII power supply goes on the fritz and you can’t locate one at your local Wal-Mart and you’re jonsin’ to play a new game have no fear! I too found myself in this situation recently. Like most computer dudes I have a plethora of computer parts lying around in my parts closet. It’s really not all that uncommon to have a power supply or two lurking in the parts bin. In this document I’ll teach you how to juice up your Wii and get back to gaming with simple items almost every geek has. Amazingly the Nintendo Wii’s power brick is rated at 3.0A (Amps) and normal PC power supplies rate at least 5-7A (Amps) on the 12 volt (yellow-wire) side.
There are some other articles online outlining the procedures to replace a small soldered-in fuse inside the power brick. We didn’t have a fuse or the time to try to remove the strange shaped screws holding the brick together.
Disclaimer: We do not claim that the below will not harm your Nintendo Wii. We have tested it and everything appears to work but we cannot speak to the “cleanliness” of the power delivered by the power supply used nor can we assure that any other issues may be caused. Please use this document at your own risk.
What’s Required
* Wire strippers (or equivalent)
* Wire cutters
* A small shiny (non-coated) paper clip
* Electrical tape
* Optional: Soldering Iron w/ Solder
* A small Molex to SATA Adapter (these come in almost every retail hard drive box)
* A small or old PC power supply (ATX is what we’re using here)
Steps to Power
1. Since you’re not going to use your old power brick anymore, cut off the end which plugs in to your Wii closest to the brick as possible.
2. Strip the grey sheathing from the wire. This will reveal a white wire surrounded by another wire.
3. Take the wire around the outside and twist it together to form one wire.
4. Strip the white wire. Be careful to leave enough insulator between the white wire and the outside wires we previously twisted.
5. Locate your Molex to SATA converter. Cut the black and yellow wires closest to the SATA connector.
6. Strip the black and yellow wires.
7. Connect Yellow to White (the inside wire)
8. Connect Black to the outside wire we previously twisted.
9. Use electrical tape to make the connections or optionally solder the connections together. Use plenty of electrical tape or heat shrink tubing to secure the connections and insulate them.
10. Plug in your molex connector to the power supply.
At this time your Nintendo Wii is connected to the power supply.
11. Unbend your silver paper clip and insert one end in to the ATX connector’s green wire. Connect the other end to the black ground wire next to the green wire. This sets the ATX power supply to be on at all times.
12. Plug in your ATX power supply to wall power.
13. Plug in the newly-frankenstiened power adapter to your Nintendo Wii
13. Power on your Nintendo Wii
Polarity for the Nintendo adapter is printed on the bottom of the brick but does not outline which wire (the outside or inside) is positive or negative. The outside wire is DC negative (-) and the inside white wire is DC positive (+).
Conclusion
To power a Nintendo Wii with a PC power supply is very easy and certainly feasible. I’m not sure the long term affects of using this solution but it does make complete sense to use a PC power supply because that is, essentially, what a Nintendo Wii is – a computer. To this day the solution is still working and I haven’t found a need to buy another power brick yet. This solution/fix was a bit overkill but at the time it made sense to get the gaming system back online.
July 31, 2009 / 0 Comments
BIND, the Berkley Internet Name Domain service, provides forward (authoritative) and recursive (non-authoritative) DNS lookups for the majority of the internet as we know it. A security vulnerability outlined here shows that a specially crafted packet can cause the DNS daemon to stop functioning. It is imperative that all “master” DNS servers get updated immediately. More general information on BIND can be found on their site here.
CVE Information: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0696
RHEL Bug Information: https://bugzilla.redhat.com/show_bug.cgi?id=514292
The NVD at NIST reports the following overview of this issue:
The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an ANY record in the prerequisite section of a crafted dynamic update message, as exploited in the wild in July 2009.
Updating BIND on RHEL/CentOS (4/5)
Updated packages are available to assure you are running the latest release.
Use this command to update bind on yum-based systems:
# yum –y update bind
Updating BIND on Debian / Ubuntu
1
| <font size="1"> # apt-get update <br /> # apt-get upgrade <br /> # /etc/init.d/bind9 restart</font> |
July 30, 2009 / 1 Comment
Product Overview
The RioRey solution is a DDoS protection device not widely used or heard of … yet. First of all let me assure you that I am in no way associated with the RioRey company and my focus is to give an honest and unbiased opinion of their product offerings.
The RioRey device is a rack-mountable device with one copper management port and two copper or fiber (Multimode SX/LC or Singlemode LX/LC) ports. Their products tier in the volume of packets per second they are able to mitigate under a real DDoS attack. They range from 150K packets per second (PPS) to their newest eight rack unit 16M packets per second model. The model I have had the most experience with is their entry-level 150K PPS model. This will be the model I talk about in the remainder of this article.
Installation
Using the device is a breeze. Installation is as simple as installing it in line to the closest “edge” of your connection. For most companies and hosting providers this would be at their handoff from their bandwidth provider (e.g. Cogent, ATT) The device can be purchased (at no additional cost) with the ability to fail to bypass. This means that if the device has a hardware failure the device will act as a straight-through cable and continue to pass traffic. In testing this device did not even trip external monitoring when simulating failure.
Usage
The device comes with a very primitive web interface which is used for setting up low-level functions like syslog reporting and IP addressing of the management interface. The device comes with a pre-configured IP address to access this web console for first installation. The device also comes with their management software called “rView” This software allows you to view the status of the device, perform reports, get real-time insight into current attacks and customize how the device behaves under attack. The device also has the ability to send SNMP traps, log to syslog and email when an attack is detected.
Real World Experience
I’ve personally and (un)fortunately had this device work for me. This device was blocking a 1.3GBit/sec UDP flood and was currently only linked at 100mbit. All sites/devices/services behind the RioRey were still responsive. The sites did notice a small uptick in response time but no dropped packets or requests. The device performed as advertised and their patented Micro Behavioral Analysis (MBA) algorithms performed beautifully. Within 60 seconds the attack was mitigated and “polluted” traffic was removed. The graph on the right illustrates how fast the traffic was blocked. Notice the blue line grow and then almost instantly disappears. This blue line is the “after filtering” traffic (the traffic passed to the LAN interface.) The attack traffic was almost instantly mitigated- all without human intervention.
Summary
This device is a very valuable tool. It’s kind of like a fire extinguisher, when you need it you really need it; when you don’t need it you never really even know or care to know that it’s there. Was it worth the investment? It’s hard to gauge these things after an attack is mitigated. If we didn’t have the device under attacks it would be much harder to identify the attacker and the victim and would cause more downtime simply analyzing the traffic to find the source(s).
I believe the device is well worth it. It’s entry-level pricing is second to none (when compared to other solutions) and it allows a level of protection that most never thought possible for the price. To obtain more information and pricing please visit The RioRey Site.
If you have any questions about the device and would like to contact me for more information please post a comment or email Adam [at] Admo.net for more information!
