Queen Vic ‘Night’ Market

Shane and Kel came over last night and we walked down to the Queen Vic market, to test-drive their summer Night Market. I heard good stuff about it from Stretch, but it wasn’t really that good.

Most of the market is roped off, because they have stalls where you can buy beer and food (which is cool) but the whole place was kinda expensive. There were heaps of different types of food, but it lacked that good quality food at a cheap price that the market generally offers. Everything was expensive and kinda dodgy.

Later, we installed the new Xbox Media Center on Shane’s newly bought and chipped Xbox. Let me just say for the record, Xbox Media Centre is tha shit. It has the most awesome interface, plays just about every media format you can think of, will play files from network shares and can even play shoutcast streams. This thing is incredible. Apparently you can also grab the MythTV plugin for it, and hook it up to a MythTV backend (running on a remote computer) and schedule TV recording and playback pre-recorded streams.

XBOX Media Center – Main Menu

Check out JonÒ€ℒs Thoughts On Everything: Xbox Media Center for a heap of awesome looking screenshots to give you an idea πŸ˜‰

Posted in Geek, Personal at December 1st, 2005. No Comments.

I scored a UPS!

I scored myself an APC Backup-UPS RS 500 the other day. It’s a small unit designed for running pretty much one machine on it.

APC Backup-UPS RS 500

The nice thing about this is that it has a USB interface which I have connected to my server hosting andybotting.com, and allows me to monitor it using apcupsd software. It even comes with some basic CGI scripts so I can monitor it online. If there is a power-out, then the UPS alerts the apcupsd, and at a certain point, can instruct the server to gracefully shut down.

Although, my ADSL modem isn’t plugged into it yet because it uses different plugs. I need to find some way of converting the IEC power socket to something I can plug my Australian power plug into. One possible solution might be a standard 4-port powerboard, but with an IEC plug on the end. I can’t say I’ve actually seen one though.

Posted in Geek, Gentoo, Linux at November 19th, 2005. 3 Comments.

An update for the last couple of weeks

Haven’t blogged for a while, so he’s a quick update of what’s been going on.
At work late tonight, helping out because of a function. It was supposed to be finished at 9pm, but it’s now 10:15pm and they’re still here. Let’s bring on the tear gas and tasers πŸ™‚

We started getting pissed off with the builders across the lane from us, so we started hassling the council about it, and maybe something’s going to get done. I moved my webcam server home, and set up two cams outside our window, so at any time, I can see what they’re doing. You can check it out at http://andybotting.com/webcam. Whatever you do, don’t leave it running too long, it kills my bandwidth πŸ™‚

My old man is going to salary sacrifice a new laptop for me. This is nice because it means that i’ll only have to pay about 52c in every dollar. I was tossing up between an IBM ThinkPad and an Apple 15″ PowerBook, but I think the PowerBook is going to be the choice. I set up a Wiki page on everything I could find about running Linux on the new hi-res (powerbook5,8 Oct 2005) model PowerBooks here. It seems that there are a couple of little issues (current kernels don’t have support for the ATA controller, AGP and the Gigabit Ethernet but can be patched), but is basically ok. I should be ordering it in 2 weeks time.

I broke the Segway at work (not sure how…) but it’s back today. They couldn’t tell me exactly what broke, but it was under warranty anyway. Looks like i’m going back to my old rotation at IP Voice next week. They’ve got plenty of work and need some more bodies, so I’m going back to help out.

Also, the fuckwits managing this company decided to Not go ahead with the graduate intake for 2006. This does mean that the grads who were promised jobs, and signed their contracts will now be sacked. The Age ran an article about it, and there is also a Whirlpool forum on the subject. If you’re wondering, Nelsie’s still got her spot for next year. Phew.

Jezza has done some terrific work on his new Melways frontend. You can now search for an address to bring up the melways map to fill your full brower window, and even switch to the corresponding Google Maps satellite image. It’s the best we’ve got until Google bring maps to Australia

… also, I found this which made me laugh.

Note to self: blog more often πŸ™‚

Posted in Geek, Linux, Personal, Work at November 9th, 2005. 3 Comments.

Cool stuff at Work

I hung back at work to score a couple of beers and some nice finger food πŸ™‚

Jeremy, Rob and Andy @ the IC

I’m also getting close to finishing my webcam server. You should be able to see me (in the store room) on the cam at batman.andybotting.com. Everybody’s favourite telco is hosting this box on a 100Mb link to the net. Rock on πŸ™‚

Posted in Geek, Work at October 13th, 2005. No Comments.

You know you’ve made it when…

… you recieve a plaque with your name on it πŸ™‚

Although, I thought mine was kinda lacking something, so I added it in myself.

A plaque with my name on it

This is a photo of where I have been working currently. The store room. The advantage of this is that nobody can find you to harass you to do stuff for them. Jeremy, Adam and I have been chilling in here on and off for about a week. I like it. Kinda reminds me a little of the ‘pit’ from VPAC, but dingier.

I’m going to start playing with Xen today. Basically by making some small modifications to the Linux kernel, I can do VMWare style machine virtualisation, but without the overhead. Open source is the shiznit!

Also, if you’re bored, check out the Wikipedia definition for -izzle. Fo shizzle my nizzle πŸ˜›

Posted in Geek, Personal at September 21st, 2005. 7 Comments.

Google Talk

I was just reading on Slashdot about the new Google IM service, called Google Talk which is due to be announced tomorrow. They’re using the open source Jabber protocol, which is fantastic because this means that anyone on any system can use it on any client the supports Jabber! You rock Google!

How to get on:
Username: your gmail username (everything before the @gmail.com bit)
Password: your gmail password
Server: talk.google.com

That should be all you need. Just make sure that you don’t have encryption or any other fancy stuff turned on.

UPDATE: I have just been logged off, with the error “Not Allowed”, and I can’t log back in πŸ™

Also, Shane has just put up a pic I took of him on the Segway and a short video of me too.

Posted in Geek at August 24th, 2005. 4 Comments.

Eat my Segway dust biiach

Earlier this week, we got a Segway at work. Here is an action shot:

Andy on a Segway Andy on the Segway
Andy on the Segway

These things are amazing to ride. They have some incredible gyroscopic electronics which keep this thing upright… and they also go at about 20 km/h, which doesn’t sound like much, but feels very quick. It comes with three electronic keys, a black, a yellow and a red. Each one with a different profile on maximum driving and turning speed. I can’t wait until we belt this thing around Telstra dome late one night πŸ˜‰

Posted in Geek, Work at August 18th, 2005. 4 Comments.

Gnome 2.12

I haven’t blogged in about three weeks, which is pretty slack. The major thing to happen within that time is that I have moved to another group at work. I’m now working at the Big-T Innovation Centre, down at Docklands. Coolest place i’ve ever worked πŸ™‚

What this post is really about is GNOME 2.12. Davyd Madeley has created a summary of all the new stuff in GNOME 2.12 here.

From just reading this stuff, it reminds me how much GNOME rocks! I’m really glad that they seem to be switching to the new ClearLooks theme too. It’s a very snappy looking theme.

I have found blogs of two seperate people making ebuilds for it. Albert Hopkins and Raphaël Slinckx. It looks like Raphaël’s are much more complete.. but I think I might wait until it hits hardmasked in portage.

Posted in Geek, Work at August 2nd, 2005. No Comments.

andybotting.com system monitoring

I have been using LogWatch for a while now and I have been very impressed. It sends me a daily email (at about 3am) summarising the important parts of the logs that were generated throughout the day. It was actually LogWatch that tipped me off that something was not quite right when my server was compromised not long ago. Since then, I have been quite interesting in some system monitoring applications for linux so I can keep a close eye on what’s happening, so that if something bad happens again, I should know very quickly.

I had a poke around with LogWatch and found that it stores some configuration scripts in /etc/log.d/conf/services, and there are plenty of scripts there for a variety of services. I found that many of them were incorrectly set to monitor the wrong log files, and therefore were not sending me any information about them. I modified the httpd, amavis, openvpn and postfix to use the right logs, and I suddenly started getting information about these in my email. It can now tell me about how many spam emails it has dropped, how many emails have been sent and recieved and how many hits apache has had.

Another thing I have been playing with is Cacti, which is a PHP based SNMP monitoring tool. I was easily able to start monitoring simple things like the number of users currently logged in, available disk space, CPU load average and memory usage without any SNMP support, but once I recompiled both php and mod_php and installed net-snmp, then I was able to get all sorts of network interface statistics, which I find to be very informative. You can have a look at my stats here.

I’m also playing with Webalizer and Mailgraph to show me Apache and Postfix statistics. You can see them here and here.

Posted in Geek, Gentoo, Linux at July 8th, 2005. No Comments.

I got 0wn3d

Ok, it was my own stupidity, but somebody logged onto my box yesterday through the clamav account which was used for my mail scanning and filtering. I get an email every day from the logwatch cron job which gives me a summary of what had happened throughout the day, and in this case, I just happened to see that the user clamav had logged in three times through SSH, from three different IP addresses. I had changed the default shell from /bin/false to /bin/bash to set up some anti-virus scanning stuff with ClamAV, and I forgot to change the shell back to /bin/false when I had finished and the password was still set to clamav.

I logged on to find the process own running at 100% cpu. I killed it quick smart and started investigating. The user didn’t have any home directory, so no bash history was available, unfortunately. What I did find was a folder called local with some goodies in it.

total 3588
-rwxr-xr-x 1 clamav clamav 19599 Feb 21 16:23 a
-rwxr-xr-x 1 clamav clamav 307990 Apr 10 11:46 aVe
-rwxr-xr-x 1 clamav clamav 452101 Oct 16 2004 brk2
-rwxr-xr-x 1 clamav clamav 4491 Mar 14 02:24 buffer
-rwxr-xr-x 1 clamav clamav 26584 Jan 15 12:49 elf
-rw-r--r-- 1 clamav clamav 10828 Jan 27 14:56 ex_gpsd.c
-rwxr-xr-x 1 clamav clamav 164 Apr 2 19:35 exim.pl
-rwxr-xr-x 1 clamav clamav 5939 Jan 15 12:49 gcc
-rwxr-xr-x 1 clamav clamav 445809 Feb 15 2004 h2
-rwxr-xr-x 1 clamav clamav 468696 Jan 15 12:50 kmx
-rwxr-xr-x 1 clamav clamav 9176 Mar 13 22:35 krad
-rwxr-xr-x 1 clamav clamav 27841 Jan 15 12:49 loc
-rwxr-xr-x 1 clamav clamav 551 Dec 14 2004 mailbomb
-rwxr-xr-x 1 clamav clamav 446714 Jan 8 15:50 mmap2
-rwxr-xr-x 1 clamav clamav 408978 Jan 8 15:52 mremap_pte
-rwxr-xr-x 1 clamav clamav 428551 Feb 12 09:18 op
-rwxr-xr-x 1 clamav clamav 19910 Mar 20 2003 own
-rwxr-xr-x 1 clamav clamav 14282 Mar 13 22:40 pwned
-rwxr-xr-x 1 clamav clamav 7745 Mar 23 05:28 root
-rwxr-xr-x 1 clamav clamav 9870 Apr 2 19:31 stackgrow2
-rw-r--r-- 1 clamav clamav 8366 Jan 16 17:30 stackgrow2.c
-rwxr-xr-x 1 clamav clamav 468689 Jan 8 15:56 w00t

I have had a poke around, and it seems that this is the only thing that has happened on the box. From the looks of it, they are a random bunch of local root exploits. Also a mailbomber too. There are no rootkits (I have scanned with rkhunter and chkrootkit) and currently no unaccounted open network connections, so I think i’m ok.

I have been noticing the amount of SSH attempts at random accounts appearing in my PAM logs. Mostly to root, but some to other accounts like test, admin and various common names. Out of interest sake (and I know that Timmy blocked email from all of China), I have decided to have a look at where these SSH attempts were coming from. I installed an IP-to-country converter on my server and checked the location of some of these attempts. The short list is:

  • Korea
  • China
  • India
  • Hong Kong
  • Hungary
  • Romania

I found a script on the net to generate iptables rules based on IP ranges of countries. I hope that it helps…

So, the lesson of the day is: don’t leave any accounts open with a default password and a valid shell! πŸ™‚

Posted in Geek at June 22nd, 2005. 4 Comments.