Category: Uncategorized

Joi Ito’s Pack
And so many others.
Man…my man purse (2 year-old Targus backpack) is not that geeky…<pout!>

Someone has been abusing the Anonymizer system and hammering my system. Again, IPTABLES is my friend.

/sbin/iptables -A INPUT -s 168.143.113.125 -j DROP

This IP Address points to vortex.anonymizer.com.

dig -x 168.143.113.125
; <<>> DiG 9.3.0 <<>> -x 168.143.113.125
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52723
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; QUESTION SECTION:
;125.113.143.168.in-addr.arpa.  IN      PTR
;; ANSWER SECTION:
125.113.143.168.in-addr.arpa. 10800 IN  PTR     vortex.anonymizer.com.
;; AUTHORITY SECTION:
113.143.168.in-addr.arpa. 10800 IN      NS      ns1.infonex.net.
113.143.168.in-addr.arpa. 10800 IN      NS      ns2.infonex.net.
;; ADDITIONAL SECTION:
ns1.infonex.net.        172693  IN      A       168.143.113.201
ns2.infonex.net.        172693  IN      A       168.143.113.202

If someone at Anonymizer can bring these requests under control, I will turn the access back on.

The Encyclopaedia Galactica defines a robot as a mechanical apparatus designed to do the work of a man. The marketing division of the Sirius Cybernetics Corporation defines a robot as “Your Plastic Pal Who’s Fun To Be With.”
The Hitchhiker’s Guide to the Galaxy defines the marketing division of the Sirius Cybernetics Corporation as “a bunch of mindless jerks who’ll be the first against the wall when the revolution comes,” with a footnote to the effect that the editors would welcome applications from anyone interested in taking over the post of robotics correspondent.
Curiously enough, an edition of the Encyclopaedia Galactica that had the good fortune to fall through a time warp from a thousand years in the future defined the marketing division of the Sirius Cybernetics Corporation as “a bunch of mindless jerks who were the first against the wall when the revolution came.”
© Douglas Adams (c/o PlanetClaire)

Describes many marketing teams I have worked with.

Seems that some firewalls with Content Filters are brain-dead. I found another firewall that provides the same anti-compression “service” for its customers. [here]
Thanks to Alexy Titov for the link.

Here is a little tidbit that we discovered while trying to debug an issue at work. One of my colleagues found that the Symantec/Norton Personal Firewall/Internet Security mangles the “Accept-Encoding” header sent out by any application — browser, streaming media, etc.
More can be found here.
This is a serious problem, and has a negative effect on Web performance in general, as one of the key methods for improving bandwidth consumption and user performance is Server-Side Compression of as much content as possible.

What the client wants to send:  Accept-Encoding: gzip,deflate\r\n
What is sent:                   ---------------: ---- -------\r\n

What is the problem? Is this because Symantec can’t parse compressed content on the fly?

Made it home before the weather got hideous. And it is hideous out there.
Looks like I might work from home tomorrow.

I made the attempt. No one can fault me for that. However, I was defeated by the twisted, anarchic madness that is the ARIN database.
A step back: I was considering refining the GrabIP database to more accurately reflect the true countries where IPs are used.
APNIC, LACNIC and AFRINIC are all sanely managed. Countries and IP blocks are accurately mapped. RIPE gets a little messier, but there is no real problem with it. Just have to watch out for the blocks tagged as EU instead of their host countries.
ARIN is complete madness. As the only IP registrar on the block for a long time, there are a number of archaic nooks and crannies to watch for. Like this gem: 65.165.84.11.

OrgName:    Sprint
OrgID:      SPRN
Address:    12502 Sunrise Valley Drive
City:       Reston
StateProv:  VA
PostalCode: 20196
Country:    US
NetRange:   65.160.0.0 - 65.174.255.255
CIDR:       65.160.0.0/13, 65.168.0.0/14, 65.172.0.0/15, 65.174.0.0/16

Nothing too earth-shattering here…but wait, there’s more information!

OrgName:    COMMUNICATION ENTERPRISES LTD
OrgID:      CEL-30
Address:    KM # BLVD DEL NORTE
City:       SAN PEDRO SULA
StateProv:  SAN PEDRO SULA
PostalCode: 00000
Country:    HN
NetRange:   65.165.80.0 - 65.165.87.255
CIDR:       65.165.80.0/21

A whole chunk in the middle is assigned to a company in Honduras? Oh great, so now I have to write exceptions to weed out the child CIDR blocks that are in completely different countries.
Needless to say, this attempt to refine the data lost its appeal quickly.
Just using the high-level data in the GrabIP database, it is clear that there is still a great deal of overlap in the ARIN data.

code	country			NUMBLOCK
US	UNITED STATES		30935
CA	CANADA			 4903
PR	PUERTO RICO		   29
GB	UNITED KINGDOM		   24
DE	GERMANY			   22
JM	JAMAICA			   18
BM	BERMUDA			   17
FR	FRANCE			   13
JP	JAPAN			   12
BB	BARBADOS		    9
CH	SWITZERLAND		    6
HK	HONG KONG		    5
NL	NETHERLANDS		    5
SE	SWEDEN			    4
IT	ITALY			    4
NO	NORWAY			    4
BS	BAHAMAS			    4
BE	BELGIUM			    4
VI	VIRGIN ISLANDS, U.S.	    3
ES	SPAIN			    3
AG	ANTIGUA AND BARBUDA	    3
AU	AUSTRALIA		    3
CZ	CZECH REPUBLIC		    2
SG	SINGAPORE		    2
DO	DOMINICAN REPUBLIC	    2
FI	FINLAND			    2
LU	LUXEMBOURG		    2
IE	IRELAND			    2
MX	MEXICO			    1
AT	AUSTRIA			    1
LC	SAINT LUCIA		    1
TR	TURKEY			    1
PL	POLAND			    1
LB	LEBANON			    1
GD	GRENADA			    1
HU	HUNGARY			    1
IL	ISRAEL			    1

However, when I originally started this project 2 years ago, some of the blocks for Iceland were listed as ARIN. Now, all of Iceland’s blocks are in the RIPE database.
Hopefully in the next year, the registries can get the counrty assignment mess sorted out.
A sidenote: Right now, ARIN is still the biggest fish in the sea.

arin	36051
ripencc	14588
apnic	10445
lacnic	 1457
afrinic	  437

Maybe I should post the Weekly Breakdown of IP Blocks by registry and country.

We went through the detritus of my life downstairs today.
Well, as dramatic as that may sound, this involved going through nearly a dozen boxes of books and magazines that are down there. The vast majority of the contents can be directly associated to me, and not Samantha.
Books from University 15 years ago. Papers I had written. Books bought, then never read. Technical books, once relevant, now dated.
400 pounds of books to be sold at 10 cents a pop (6 for $1) when we have a garage sale. If you need novels, books on Canadian and Medieval History, novels, Jungian Psychology, novels, and metaphysical reading material, we will keep you posted on the date.
It’s just hard to go through this stuff without connecting each of the items to a time and a place. Most were impulse buys, but connected to some point in my life where they were relevant and even important to me.
Now, like so much in my life, they have to fade into the background. I have moved on. I had forgotten the person who bought these books until today, and it is like having the dust kicked up in a house: disturbing to the senses.
I will be happy to see them go.

We tapped the three Sugar Maples we have in our front yard this afternoon, and have already extracted about 2 gallons of sap from the trees. Now, it takes about 40 gallons of sap to make 1 gallon of syrup, so don’t expect to be getting truckloads of the stuff anytime soon.
On the biggest tree, I hit the carotid artery; we have extracted nearly 2 gallons from that one tap. It should be even faster once the temperature starts to rise more.

Want to know more? Look here.
It is interesting to read this author’s posts on a regular basis. This blog should be a mandatory read for all hiring managers and HR personnel. He has nailed the problem with companies: it’s not the quality of the candidates, it’s the quality of the hiring process.