donderdag 30 juli 2009

OpenDNS, in Holland soon.

Some days ago I read something about OpenDNS [thinking of] getting a new location [AMS-IX] for their excellent DNS service. Since it is based on anycast, endusers need not to change any addresses in order to benefit from the added location. Silly me, I can't find the article anymore.

Last week I had some issues with slow dns lookups/slow Internet on Leopard again. It is plagued with issues. My setup with an Apple Airport and Apple iPhones, and an iMAC, a G4 & more [all running 10.5.7] is often experiencing issues with name resolving. Unfortunately, I am not the only one with this. I have googled my arse off and tried every 'tip' I found, from turning of ipv6 in Firefox & the Airport & on my laptop to moving the resolving from my laptop to the Airport. Nothing works reliable.

Last week however the issue was another:

My traceroute [v0.75] macbookpro-meij-net.local (0.0.0.0) Thu Jul 30 01:40:51 2009 Keys: Help Display mode Restart statistics Order of fields quit Packets Pings Host Loss% Snt Last Avg Best Wrst StDev
1. 10.0.1.1 0.0% 96 1.0 1.3 0.7 4.2 0.7
2. 10.15.158.129 0.0% 96 8.3 9.7 6.8 33.1 3.8
3. 212.142.21.161 0.0% 96 69.4 12.1 7.6 69.4 8.5
4. 212.142.32.65 0.0% 96 13.3 11.3 7.0 32.2 3.5
5. 213.46.183.93 82.1% 96 8.9 11.7 8.3 24.5 4.5
6. 84.116.131.6 87.4% 96 10.0 12.2 8.9 31.8 6.3
7. 213.46.183.93 80.2% 96 9.1 10.5 8.2 18.8 2.7
8. 84.116.131.6 95.8% 96 19.2 15.0 11.6 19.2 4.0
9. 213.46.183.93 82.3% 96 16.8 11.9 8.9 20.6 3.5
10. 84.116.131.6 93.7% 96 9.0 12.5 9.0 26.8 7.0
11. 213.46.183.93 82.3% 96 10.3 11.8 8.4 31.6 5.6
12. 84.116.131.6 95.7% 95 9.4 12.3 9.4 17.4 3.7
13. 213.46.183.93 76.5% 86 9.9 13.0 8.9 33.5 6.5
14. ???
15. 213.46.183.93 83.5% 80 11.8 10.5 8.7 12.3 1.2
16. ???
17. 213.46.183.93 82.9% 77 10.6 10.3 8.2 16.7 2.2
18. 84.116.131.6 95.7% 24 11.7 11.7 11.7 11.7 0.0

A simple routing loop at my provider. It took me over 30 minutes to find, focused as I was on the 'normal' DNS problems with OSX. Only after the reliable 'turn Airport off' & 'turn Airport on' trick did not work I checked the availability of the OpenDNS servers...

Other sillies with OSX:
- Calling an IP address in the 169.254./16 range 'self assigned' even if you get it from a DHCP server
- Falling back to 'old' IP addresses even if a new lease has been accepted and used
- Slow poke ethernet link setup [need to nail arp settings to flash routers fast enough]

dinsdag 14 juli 2009

Israel distributes libido-increasing gum, and I want some!

Hamas: Israel distributes libido-increasing gum in Gaza


Islamist group claims Israeli intelligence operatives transfer merchandise to Gaza dealers that increases sex drive, even encourage them to distribute them free of charge in order 'to destroy' young generation. Affair exposed after young girl chews gum, complains of bizarre side effects

Is Israel targeting the Palestinian population in Gaza by distributing libido-increasing chewing gum in the Strip? A Hamas police spokesman in the Gaza Strip Islam Shahwan claimed Monday that Israeli intelligence operatives are attempting to "destroy" the young generation by distributing such materials in the coastal enclave.

Shahwan said that the police got their hands on gum that increases sexual desire that, according to him, reaches merchants in the Strip by way of the border crossings. According to him, a Palestinian drug dealer admitted that he sold products that increase sex drive. The dealer said that he received the materials from Israeli sources by way of the Karni crossing.

A number of suspects have been arrested.

The affair was exposed when a Palestinian filed a complaint that his daughter chewed the aforementioned gum and experienced the dubious side effects.

Shahwan even claimed that Israeli intelligence operatives encourage dealers in Gaza to distribute the gum for free.

"The Israelis seek to destroy the Palestinians' social infrastructure with these products and to hurt the young generation by distributing drugs and sex stimulants," said Shahwan.
However, he noted that drugs reach the Gaza Strip by way of Rafah tunnels, and said that the police keep a close watch on the illegal activities going on in the tunnels between Gaza and Egypt.

Shahwan added that the police have recently seized large amounts of drugs and alcohol attached to the underside of automobiles passing through Erez crossing. The automobile owners admitted receiving help for smuggling the materials from Israeli intelligence operatives.

maandag 13 juli 2009

Watson Research Center ssh scan

# grep "129.34.3.3" /var/log/messages
Jul 11 15:31:50 meij sshd[19894]: Failed password for root from 129.34.3.3 port 35477 ssh2
Jul 11 15:31:51 meij sshd[19896]: Failed password for root from 129.34.3.3 port 35702 ssh2
Jul 11 15:31:52 meij sshd[19898]: Failed password for root from 129.34.3.3 port 35873 ssh2
Jul 11 15:31:53 meij sshd[19900]: Failed password for root from 129.34.3.3 port 36003 ssh2
Jul 11 15:31:54 meij sshd[19902]: Failed password for root from 129.34.3.3 port 36177 ssh2
Jul 11 15:31:55 meij sshd[19904]: Failed password for root from 129.34.3.3 port 36332 ssh2
Jul 11 15:31:57 meij sshd[19906]: Failed password for root from 129.34.3.3 port 36462 ssh2
Jul 11 15:31:57 meij denyhosts: Added the following hosts to /etc/hosts.deny - 129.34.3.3 (vserv.watson.ibm.com)
Jul 11 15:31:58 meij sshd[19913]: Failed password for root from 129.34.3.3 port 36666 ssh2
Jul 11 15:31:59 meij sshd[19915]: Failed password for root from 129.34.3.3 port 36795 ssh2
Jul 11 15:32:00 meij sshd[19917]: Failed password for root from 129.34.3.3 port 36937 ssh2
Jul 11 15:32:01 meij sshd[19919]: Failed password for root from 129.34.3.3 port 37086 ssh2
Jul 11 15:32:02 meij sshd[19921]: Failed password for root from 129.34.3.3 port 37215 ssh2
Jul 11 15:32:03 meij sshd[19923]: Failed password for root from 129.34.3.3 port 37333 ssh2
Jul 11 15:32:04 meij sshd[19925]: Invalid user oracle from 129.34.3.3
Jul 11 15:32:04 meij sshd[19925]: Failed password for invalid user oracle from 129.34.3.3 port 37454 ssh2
Jul 11 15:32:05 meij sshd[19927]: Invalid user test from 129.34.3.3
Jul 11 15:32:05 meij sshd[19927]: Failed password for invalid user test from 129.34.3.3 port 37538 ssh2

Unfortunatly there is more amiss at IBM's Watson Research Center:

The original message was received at Mon, 13 Jul 2009 09:11:05 -0400
from
spamguru010.watson.ibm.com [9.2.250.70]

----- The following addresses had permanent fatal errors -----
<
nrt@watson.ibm.com>
(reason: 550 Host unknown)

----- Transcript of session follows -----
554 5.0.0 Service
smokum@gmail.com unknown
550 5.1.2 <
nrt@watson.ibm.com>... Host unknown (Name server: -f: host not found)

Final-Recipient: RFC822;
nrt@watson.ibm.com
X-Actual-Recipient: RFC822;
nrt@mailhub4.watson.ibm.com
Action: failed
Status: 5.1.2
Remote-MTA: DNS; -f
Diagnostic-Code: X-Unix; 550 Host unknown
Last-Attempt-Date: Mon, 13 Jul 2009 09:11:06 -0400

So I guess they'll need to read this blog to find out about their issues ;)
Good luck