/var/log/orava

Petri Wessman's weblog

oh you've got green eyes...

Oh, you’ve got green eyes
Oh, you’ve got blue eyes
Oh, you’ve got gray eyes
And I’ve never seen anyone quite like you before
No, I’ve never met anyone quite like you before
Thoughts from above hit the people down below
People in this world, we have no place to go

Up, down, turn around
Please don’t let me hit the ground
Tonight I think I’ll walk alone
I’ll find my soul as I go home.

-New Order, “Temptation”

Tuned to Radio Paradise today and was instantly given one of the things that made the ’80s great musically – old New Order. There’s just something about their old material that just works, on so many levels, despite Bernie’s limited (to be charitable) singing voice. Maybe it’s the lyrics, maybe it’s the bleak yet strangely cynical/romantic mood inspired by the stark synth + bass lines… I don’t know. I have no idea if New Order works at all for someone who didn’t grow up listening to it, without all the flashback memories associated with the songs. Music is funny that way.

These guys were one of the greats, at their peak. Nowadays they do “ok” dance pop, nothing to be ashamed of but far from the old stuff. I guess they’ve earned their right to do whatever the hell they feel like doing.

Published on by Orava, tags , ,

More specific Maxtor drive specs

Some more info from DataPrey, it seems that the actual “must match” data of the drive I’m looking for is the following:

Maxtor
Model: 33073H3 
Code: YAH814Y0 
N,M,B,E 
PCB code: C9DLA

The other codes are not that important. Pity, since I managed to track down one eBayer with drives that matched everything except that “N,M,B,E” code. Back to the hunt, but it’s looking pretty iffy I have to say.

Published on by Orava, tags , , ,

Pale people in black, with cards

Looks to be another big Ropecon VTES tournament, the pre-registration page already has 42 entries. Nice.

Haven’t done much about the tournament yet other than to gather those pre-regs, but tomorrow or Thursday I’ll have to gather up the required pile of Stuff(tm) and print out another ton of Stuff(tm). Work work.

The prize support, EC qualifier t-shirts, and other stuff is still at Fantasiapelit, I’ll have to arrange to pick those up, too, before Friday. Janne has (again) done a great job in providing logistics for the tournament and communicating with White Wolf, thanks are due in that direction.

Published on by Orava, tags , ,

No luck with data recovery, but...

DataPrey threw in the towel with the disk recovery, saying that they were unable to fix it, sorry.

However, since they had earlier told me that the problem revolved around getting a spare matching disk, I called them and asked for details. Well, turns out that yes, the problem was their inability to find an exact match for the disk, and they had closed the case because they were unable to resolve it in the maximum promised time.

As for the problem, turns out that at the time this disk was made, Maxtor was in the habit of changing the internals of the drives all the time, even within one model. So in addition to needing a Maxtor model 33073H3, it needs to be a very specific instance of that model. (3-4 other things also need to match, in addition to the model number).

Anyway, DataPrey has a long-term “seeking component X” list, so we put this drive there and reopened the case for the time being. They will continue to scan for matches for this drive, and they’ll send me the exact drive details needed so I can hunt for a match on my own, too. The world is a big place, and you never know, I might get lucky on eBay (DataPrey polls eBay too, now and then :).

So for now it looks like the data won’t be coming back. But there’s a small glimmer of hope, still.

As I was writing this I got email from DataPrey with the info, so I’ll jot that down here too. The drive needs to match to:

Maxtor
Model:33073H3
hda:13A
pcba:03A

and it would be nice if it would also match to:

unique:11A
Code:YAH814Y0
N,M,B,E 

Those codes can be found on the label that is attached to the disk. If anyone has an old Maxtor (30,7 GB) drive that matches to those specs, I’d be very interested in it. I already sent queries to the few matches that I found on eBay.

Published on by Orava, tags , , ,

People++

Jiivonen moved in with us today, yay. Most of the day has consisted of lots of people moving piles and piles of boxes into the house. I expect it’ll take quite a few weeks (months?) before things settle down, but it’s nice to have a fourth person in the house; now we don’t have two echoing empty rooms, but instead one occupied one and one gaming-room-to-be (at the moment acting as moving box storage).

Right now the house looks like a refugee camp more than anything else, but one of these days we’ll actually have cash to buy a… sofa! With luck, a nice one. And a comfy chair or two (sans the Inquisition). And… and… lots’o’stuff.

Published on by Orava, tags , ,

New firewall

On Saturday I finished reading Linux Firewalls, and promptly got to work writing version 2.0 of the new server firewall. The book was very good – while it didn’t teach me all that much totally new (I’ve been tinkering with iptables for years), it did present a lot of “best practices” and scenarios. My favorite thing about the book was how it condensed various protocols and scenarios into tight recipes, so I could just go, “hmm, I want to enable DHCP for my LAN, what’s the bare minimum I need to allow for that?”… and find a nice, concise answer. I guess the biggest boon I got from the book was tips on how to tighten up the firewall; it isn’t all that hard to write a simple firewall, but it gets tricky fast when you want to block and check all that you possibly can without impeding the server systems or users of the local LAN in any way. Good book, I can warmly recommend it to anyone who is interested in the subject.

Anyway, I spent a large part of Saturday building a new firewall. Took quite a bit of effort and required some mishaps (like me locking myself out of NFS for a while) before it was working and polished… but now I have a pretty nice and tight new firewall setup, with filtering on INPUT, OUTPUT and FORWARD chains. My previous firewalls have only had INPUT rules, the new one has OUTPUT added to check that the server communicates to only those services it’s supposed to (makes life harder for potential intruders). Also added some light FORWARD filtering, mainly anti-spoofing sanity checks and a block on SMTP traffic (to catch and stop possible spam robots in LAN). All it all, I’m pretty satisfied with the setup.

I also have logcheck and aide running on the system, along with various other boobytraps, intended to give me warning of any intrusion attempt (or even a successful one). I have no illusions about being able to stand up to a serious, targeted custom attack, but that’s not a very likely scenario in any case. The intention here is to armor the system against automated attacks and script kiddies, and make life as difficult as possible even for successful intrusions that haven’t elevated to root yet. On that latter note, I intend to look into the GRSecurity extension and PaX one of these days, ideally I would massively reduce the rights that high-risk user accounts (apache, mainly) have in the system. One thing at a time.

Security is always about layers and procedures, and it’s always a tradeoff between it and ease of use. There are limits to how far it’s reasonable to go in a home server setting in any case. But it’s fun to tinker.

Published on by Orava, tags , , , ,

Powered by Publify – Thème Frédéric de Villamil | Photo Glenn