Tag: technology

ssh bruteforce attacks become sophisticated

SSH scans and bruteforce attacks that have have been common since my first SSH enabled server was attacked in 1996. Back then, attacks were so rare that monitoring logins and manually adding attackers IPs to /etc/hosts.allow (TCP Wrapper) was sufficient to keep systems secure.

In the mid 2000’s, the rise of botnets resulted in distributed bruteforce attacks, in which dozens of IPs (bots) would attempt to bruteforce my SSH daemons. I wrote a shell script that collected the IPs and added them to the TCP Wrappers deny list. A while later, denyhosts, was released and I started using it instead of my shell script.

Since installing denyhosts, I only monitor logins and scan the nightly security reports. In the past few years, the frequency of attacks has slowly risen but occasionally there are significant changes in attack frequency and duration. The last significant escalation I can recall was in the months leading up to McColo being shut down. Immediately after their shutdown, I noticed a dramatic reduction in bruteforce SSH attacks.

It was during that time of increased activity that I wrote Sentry. Like my original shell script and denyhosts, it adds attacking IPs to the TCP Wrappers deny list. Sentry also adds their IPs to my PF firewall. Sentry worked much the same as denyhosts, except that when someone attacks one of my IPs, they got blacklisted on all of them. The number of attacks that made it into my security logs dropped accordingly.

Months later, after McColo was shut down, the distributed attacks all but ceased. Since then, attacks have remained sporadic, perhaps 10 a week. In the last couple weeks, the number of attacks spiked. I’m seeing dozens of new IPs getting blacklisted each day. Unlike previous attacks, the usernames the attackers are using are not being duplicated, which means the command & control network behind this latest round of attacks is more intelligent than most.

less paper, no regrets, part 3

To get a single document into Paperless while accomplishing the goals listed in part 2 requires several steps:

  1. Scan documents to PDF files
  2. Process PDFs through OCR engine
  3. Import  PDFs into Paperless.app

The ScanSnap comes with ScanSnap Manager. SSM allows you to create scan profiles, which specify scan quality, destination (file, OCR app, Paperless.app, etc), and simplex versus duplex (one or both sides of the paper). There are 4 quality choices: Normal (150dpi, 18ppm), Better (200dpi, 12ppm), Best (300dpi, 6ppm), and Excellent (600dpi, 0.6ppm). Excellent is very slow. I use it only for scanning photos.

I ran a few OCR tests to determine what settings would result in the highest degree of OCR accuracy. Adobe suggests scanning in Black & White at 300 or 600 dpi. The tips I found on Abbyy’s site suggested that the higher quality the scan, the better the results. After experimenting, I reached the following conclusions:

  • Acrobat Pro goes a good job on high quality text documents
  • Acrobat does a poor job on halftone text (i.e., receipts printed on thermal printers, dot-matrix, faded documents)
  • On documents that Acrobat does poorly at, it does no better if the document is scanned in B&W versus color.
  • When scanning in B&W, faded receipts are often illegible. Scan in color instead.
  • Abbyy FineReader does a great job on most any legible scans
  • The difference between 600dpi and 300dpi is not significant

Factor in that disk is cheap, my time is not, and I’ll never be able to scan these documents again, and the settings I use for all documents is: Best, Duplex, and Color. Color is easy to desaturate to greyscale, the ScanSnap will omit the back side of the page if blank, and I can downsample images later if I need to. With Best quality, it takes about the same amount of time to scan a stack of documents as it takes me to sort, organize, and jog a fresh stack for the document feeder.

ScanSnap Manager will feed new scans directly to an application. So, I tested by configuring it to scan the document directly to FineReader for OCR processing. While that may work well for day-to-day SOHO needs, it is too slow when staring down a mountain of papers. For that, raw speed is required and nothing will get you through step 1 faster than saving to files.

There is one more setting to deal with. This dialog box describes the choice:

If I have a stack of 50 sheets in the document feeder, do I want them to end up as 50 PDF files, or one PDF with 50 pages?  If the 50 pages are each individual receipts, then I want them each as individual files. When I have more than one page in a document, such as a phone bill or American Express cardholder statements, a multipage PDF is perfect. The ScanSnap can’t really know my intent so I must tell it. I do so by creating two profiles, one called ‘Standard’ which is a multipage PDF. It takes everything I drop in the hopper and outputs a single PDF. My second profile is named ‘One file per page,’ and it does just that.

Next time, “the shortest path between 8 file drawers of paper and 10,000 PDFs”

less paper, and no regrets, part 1

Last year, our office bought a document scanner. Unlike every other scanner I had purchased or used, this thing was tiny. Its footprint on a desk is smaller than a piece of paper. It is designed specifically for turning pieces of paper into PDF documents. I had to try it. It scanned both sides of my paper in 3 seconds. One pass, both sides!

Such a gadget is very exciting because I have a lot of paper. I’m not a compulsive hoarder, but I do keep financial records longer than the minimum 7 years. Combine that with the documents retention required for our business and before long we had two 4-drawer file cabinets of documents. And a couple desk drawers. And the pile on Jen’s desk. And the pile in my hutch.

The prospect of making all that paper disappear helped me get over the resistance I had to parting with $400. So I purchased the SnapScan S510M (since replaced by the S1500M). While waiting for it to arrive, I started thinking about how I was going to organize the thousands of PDF files that would soon be residing on my hard drive.

I had nightmares of the days before iTunes when I had to painstakingly tag all my music by hand, and then organize the music files into directories so I had a slight chance of finding what I was looking for. I needed an iTunes equivalent for PDF documents. Google led me to ReceiptWallet, which has since become Mariner Paperless. It promised to be iTunes for documents, so I bought it. Instantly.

The SnapScan comes with several software packages: Adobe Acrobat Pro 8, CardIris, Abbyy FineReader OCR, and the SnapScan drivers.  With a large bucket of tools in place, it was time to do some planning.

To be continued…

My favorite iPhone/iTouch Apps

Grocery IQ ($0.99) – shopping lists

– organizes by store & aisle, includes a large DB of items, and you can email the list to your SO if they’re going to be stopping by the store. My only wish for this app is that it would sync shopping lists between phones.

The Weather Channel (free) – An excellent weather app, with hourly, 36 hour, and 10 day forecasts, doppler radar, etc.

AIM ($2.99) – Instant Messages with push

– Instead of IMs being sent via SMS to my phone while I’m ‘mobile’, they are sent via push (which is completely free).  If you want a multi-protocol client, have a look at beejive ($9.95). I prefer being ‘offline’ from my other IM accounts (jabber, MSN, facebook, etc) when I’m away from my computer.

Facebook (free)

– if you use facebook, this app is a must have. Upload photos and status updates from your phone. This app provides a second reason to have your phone in your hands while sitting with Uncle John. The first being, keeping your phone as far from the bowl as possible. 😉

Remote (free) – remote control for iTunes and Apple TV.

PasswordWallet – sync your PW  between your mac and iPhone. I find this app is essential since I use one time passwords everywhere. I wouldn’t be able to use many iPhone apps without this one.

WordPress (free) – write blog posts and upload photos.

Amazon.com (free) – Use it to check prices while at the store. Place orders. Buy stuff. Because it’s an app, it loads pages and performs searches faster than using amazon.com in Safari. It’s fast enough that it’s actually useful while you’re at the store. Or just buying something that you remembered while lying in bed.

E*Trade Mobile Pro (free) – useful app if you have an E*Trade account.

Skype (free) – Place skype calls via WiFi.

Motion-X ($3) – a full featured GPS application.

– Uses the iPhone build-in GPS and compass for navigation. Caches map data, which is extremely useful. I’ve taken tracks while out fishing and also used it while geocaching. Just make sure to have a spare battery pack available.

Lose It (free) –  weight loss app

– set some weight goals (mine is lose 1 lb per week). Each day, enter the food you eat and any exercise you do. Step onto the scales and record your weight. Makes calorie counting fast and fun.

TextFree ($6) – free unlimited SMS messages on iPhone and iPod Touch

Trapster (free) – Get alerts sent to your phone as you approach speed traps, red light cameras, and live police patrols.

iDisk (free) – Access to your .mac iDisk. Another handy way to get files to/from your iPhone.

Air Sharing ($5) – Launch this app and you can mount your iPhone on your Mac or PC as a remote disk (webdav). Drag and drop files to it.

Wikipanion (free) – Wikipedia interface. Faster than using Safari.

HPA, Host Protected Area

I’m a big fan of technology that helps users. HPA could be one of those “helpful” technologies. HPA is a “feature” of some motherboards whereby they steal hard disk space (typically the last few megs of your disk) and use it for backing up the system BIOS, a recovery partition, etc.

I just purchased a GIGABYTE GA-EP45-UD3P motherboard, RAM, and CPU to drop into my file server. Today I assembled the trio, stripped my old mobo out and dropped this new one in.

The machine booted up but there was a little problem. Two of my disks (members of a ZFS mirror) were corrupted!?  That effectively destroyed one of my filesystems, which made me very unhappy.

A few Google searches later and I learned all about HPA. This nasty little surprise was tucked away in Advanced BIOS Features -> Dual BIOS Recover Source = HPA (page 49,51 in the manual). My version of BIOS doesn’t have this option, but I found accounts online of older versions that do. It seems that changing that setting didn’t actually work (ie, disable HPA), so Gigabyte removed the feature. They have left me no way of disabling this destructive feature.

After hours of fiddling, I have worked around it by:  a) moving the disks off the first two SATA connectors b) rebooting onto the HDD GURU Magic Boot ISO, c) removing the HPA partition from both disks, d) rebooting into FreeBSD. Finally, my ZFS mirror was back with one disk, because the motherboard had helpfully restored the HPA on the first disk.

If you’re using this mobo and migrating disks to it, I’d suggest installing a sacrificial disk on the first SATA controller. That will appease the HPA demon and let you successfully migrate your RAID volumes to it. I’m stuck moving the data off the disk I recovered. Then I’ll recreate the array on the disks with the HPA partition and all will be well.

Is it worth upgrading to the iPhone 3GS?

Short answer: yes.

Longer answer: Absolutely!

Hillbilly answer: You betcha!

Beancounter answer: I purchased my first iPhone 4GB (2G) in Oct 2007 for $300, direct from Apple. Today, I sold it on Craigslist for $225. I purchased my 16GB iPhone 3G for $300 in July 2008. That phone is about to get sold on Craigslist as well, for about $375. My cost to own for both iPhones is $0. I expect to sell my 32GB iPhone 3GS next year, for more than I paid. It’s an unbeatable deal.

Geek answer: The combination of a faster processor and more RAM makes a huge difference. I would bet the RAM is contributing more than the faster CPU. A good analogy would be using OS X with 1GB of RAM and then upgrading to 2GB (just enough). With the memory pressure relieved, nearly everything is more responsive.

The previous iPhones lagged when switching apps, [re]loading web pages, and especially when taking and saving photos. All those little pauses are gone. Switching back and forth between apps is nearly instantaneous. That alone is worth upgrading for. Seriously.

But I upgraded for the better camera. The previous iPhone camera was quite poor. The 3GS camera is not yet good, but certainly better.

TV in the 21st century

Projector technology finally became bright enough to use in daylit rooms (~2000 lumens) and dipped below $1k for HD models. I picked up a projector last year and then an AppleTV over the holidays. My entertainment center is now miniscule compared to times past.

  • Epson Powerlite 720P HD projector
  • 26″ LCD HDTV
  • HDMI 4 x 2 switch
  • Logitech Z-5500 5.1 speaker system
  • Apple TV
  • 4 HDMI cables (projector cable is 30′ long)
  • 1 Toslink cable

The only ‘analog’ cabling is from the Logitech amp to the speakers. The HDMI switch is a splitter with one cable going to the Projector and another to the TV. It drives both simultaneously with no hiccups. It has 4 inputs, with one from the AppleTV, another for my laptop, and 2 for future use. Audio is routed to the TV via HDMI and from the TV to the Logitech control center via Toslink.

The only fiddling with cables required is when using my laptop. I have to connect a HDMI<->DVI adapter to my MacBook Pro for video, and connect the Toslink cable from the Logitech to my laptop. Between the Apple TV and laptop, I can stream iTunes, NetFlix, and Amazon movies to both screens.

beat the heat, on the cheap

Our house sits high on a ridge, facing West towards Puget Sound, and the setting sun. From mid-day through sunset, our kitchen, dining room, and living room are bathed in sunshine, rising as much as 20°. All the windows have wooden blinds, but they are dark colored. Instead of reflecting the heat, they absorb it and radiate it into the room. They are effective at controlling light, but not heat.

Because high temps are rare in Seattle, houses here don’t have A/C. After the first day of last week’s heat wave, I took action. I did some research on cooling methods, including whole house fans, rigging up a cool air intake to my furnace’s intact duct, window films, etc. Because we rent, I can’t just start cutting holes in the house and moving ducts. So I settled on a less invasive (and costly) solution: box fans and window film.

I purchased two box fans ($15 ea) to place in windows. (Why do box fans not come in sizes larger than 20″?) The fans draw air in the shaded East side of the house, creating a cool breeze that pushes warmer air out the West side. Turning them on at 7PM is sufficient to cool the house down to 70° by bedtime. What a relief!

Window films have come a long ways since I last used them. Good film is now reasonably priced, uses water to ‘set’ the adhesive, and doesn’t require a ‘pro’ to get good results. Lowes had Gila Platinum Heat Control Window Film in stock so I picked up 4 rolls, enough to tint most of my 15,000 sq/in of West facing glass. I stripped the blinds off the windows and went to work. It took me about an hour per pane to apply the film, with half that spent cleaning the glass, scraping the crusties off, and cleaning it again.

The results are outstanding. Amazing. Phenomenal.

4:02 PM Jen: Wow the kitchen is much cooler!  Great idea and thanks.

We should not be surprised at how effective the film is, yet we are. The product fulfills the claims made by the manufacturer, and exceeded our expectations. And just when we thought it couldn’t get any better, window film qualifies for a 2009 Tax Credit.