So for a while this afternoon, I was worried that I wasn't going to be able to generate enough traffic using Click Router on a Compaq DL-145G3 to flatten (meaning, cause packets to drop/stop being forwarded, cause the CPU Interrupt Utilization was around 30%) its big brother/sister.
But if you were always wondered what it took to bring on an interrupt storm on a Compaq DL-385G2 (Opteron with 4 Cores + Quad Intel PCIe NIC) it is around 425 kpps UDP (using 60 byte packets)
Tomorrow I find out what it takes on the Intel counterpart (DL380G5)
Thursday, February 28, 2008
Monday, February 25, 2008
Java6 on Nexenta
Anyone have any luck?
The x86 .sh installer script failed for me -- said it was corrupt
And pkgadding the .Z started out promising enough
but ended in .deb dependency hell
and then
The x86 .sh installer script failed for me -- said it was corrupt
And pkgadding the .Z started out promising enough
root@myhost:~# pkgadd -d . SUNWj6cfg
sunwj6cfg_04-1_solaris-i386.deb generated
sunwj6dev_04-1_solaris-i386.deb generated
sunwj6dmo_04-1_solaris-i386.deb generated
sunwj6jmp_04-1_solaris-i386.deb generated
sunwj6man_04-1_solaris-i386.deb generated
[snip]
dependency problems - leaving unconfigured
Setting up sunwjavadb-common (1.0-1) ...
Setting up sunwjavadb-core (1.0-1) ...
Setting up sunwjavadb-demo (1.0-1) ...
Setting up sunwjavadb-docs (1.0-1) ...
Setting up sunwjavadb-javadoc (1.0-1) ...
dpkg: dependency problems prevent configuration of sunwj6jmp:
sunwj6jmp depends on sunwj6man; however:
Package sunwj6man is not configured yet.
dpkg: error processing sunwj6jmp (--install):
dependency problems - leaving unconfigured
Setting up sunwjavadb-client (1.0-1) ...
Errors were encountered while processing:
but ended in .deb dependency hell
and then
root@myhost:~# apt-get install -f
Reading package lists... Done
Building dependency tree
Reading state information... Done
Correcting dependencies... Done
The following packages were automatically installed and are no longer required:
sunwj6jmp sunwj6man sunwj6rt sunwj6cfg sunwj6dev sunwj6dmo
Use 'apt-get autoremove' to remove them.
The following packages will be REMOVED:
sunwj6cfg sunwj6dev sunwj6dmo sunwj6jmp sunwj6man sunwj6rt
0 upgraded, 0 newly installed, 6 to remove and 0 not upgraded.
6 not fully installed or removed.
Need to get 0B of archives.
After unpacking 82.4MB disk space will be freed.
Do you want to continue [Y/n]? Y
(Reading database ... 37360 files and directories currently installed.)
Removing sunwj6cfg ...
Removing sunwj6dev ...
Removing sunwj6dmo ...
Removing sunwj6jmp ...
Removing sunwj6man ...
Removing sunwj6rt ...
Sunday, February 24, 2008
Intro to Solaris Zones: Part I
The Intro to Solaris Zones chapter isn't actually that bad and helped filled in some gaps in my knowledge regarding these virtualization features I've been hearing about (but never actually used) and there are detailed instructions so detailed in fact after working pretty much everday since last Sunday and getting back from the data center again early in the moring, it is putting me to sleep. Yeah, whine! whine! Not much good it will do you.
Nexenta: It's Solaris Except Sort Of Usable
I was amazed a functional Solaris box in less than 30 minutes. Must be a world record. And perusing through dpkg -l I found lots of cool stuff: WPA/wireless tools, xen, Solaris Zone utilities, Python, Perl, ipfilter (of course, but not ipfmeta), gcc, sqlite, iSCSI/FCIP junk, wireless driver for 4965AGN (what the...) Package repositories seem sort of light. What kind of lame distro dosen't have precompiled versions of nmap or ngrep? Also tried to apt-get install openbox but no love. Definitely lose points for that. But all in all I'm impressed and it will give me a chance to play around with some cool Solaris-only stuff (like ZFS and these zones/container things I've been hearing about) without the headache of a real install.
Here's some juicy bits
root@myhost:/# df -k
Filesystem kbytes used avail capacity Mounted on
syspool/rootfs-nmu-000
7676928 880835 6781991 12% /
/devices 0 0 0 0% /devices
/dev 0 0 0 0% /dev
ctfs 0 0 0 0% /system/contract
proc 0 0 0 0% /proc
mnttab 0 0 0 0% /etc/mnttab
swap 631648 704 630944 1% /etc/svc/volatile
objfs 0 0 0 0% /system/object
sharefs 0 0 0 0% /etc/dfs/sharetab
/usr/lib/libc/libc_hwcap1.so.1
7662826 880835 6781991 12% /lib/libc.so.1
fd 0 0 0 0% /dev/fd
swap 630952 8 630944 1% /tmp
swap 630976 32 630944 1% /var/run
/dev/dsk/c1t0d0s2 421636 421636 0 100% /media/Elatte_InstallCD
root@myhost:/var/adm# mount
/ on syspool/rootfs-nmu-000 read/write/setuid/devices/nonbmand/exec/xattr/atime/dev=2d90002 on Sun Feb 24 19:47:58 2008
/devices on /devices read/write/setuid/devices/dev=4bc0000 on Sun Feb 24 19:47:35 2008
/dev on /dev read/write/setuid/devices/dev=4c00000 on Sun Feb 24 19:47:35 2008
/system/contract on ctfs read/write/setuid/devices/dev=4c80001 on Sun Feb 24 19:47:35 2008
/proc on proc read/write/setuid/devices/dev=4cc0000 on Sun Feb 24 19:47:35 2008
/etc/mnttab on mnttab read/write/setuid/devices/dev=4d00001 on Sun Feb 24 19:47:35 2008
/etc/svc/volatile on swap read/write/setuid/devices/xattr/dev=4d40001 on Sun Feb 24 19:47:35 2008
/system/object on objfs read/write/setuid/devices/dev=4d80001 on Sun Feb 24 19:47:35 2008
/etc/dfs/sharetab on sharefs read/write/setuid/devices/dev=4dc0001 on Sun Feb 24 19:47:35 2008
/lib/libc.so.1 on /usr/lib/libc/libc_hwcap1.so.1 read/write/setuid/devices/dev=2d90002 on Sun Feb 24 19:47:56 2008
/dev/fd on fd read/write/setuid/devices/dev=4f00001 on Sun Feb 24 19:47:58 2008
/tmp on swap read/write/setuid/devices/xattr/dev=4d40002 on Sun Feb 24 19:48:04 2008
/var/run on swap read/write/setuid/devices/xattr/dev=4d40003 on Sun Feb 24 19:48:04 2008
/media/Elatte_InstallCD on /dev/dsk/c1t0d0s2 read only/nosetuid/nodevices/noglobal/maplcase/rr/traildot/dev=3580002 on Sun Feb 24 19:48:25 2008
Starting Nmap 4.20 ( http://insecure.org ) at 2008-02-24 19:50 CST
Interesting ports on 192.168.1.113:
Not shown: 1693 closed ports
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
111/tcp open rpcbind
4045/tcp open lockd
MAC Address: 00:1D:09:28:B9:85 (Unknown)
Device type: general purpose
Running: Sun Solaris 9|10
OS details: Sun Solaris 9 or 10
Uptime: 0.005 days (since Sun Feb 24 19:43:04 2008)
Network Distance: 1 hop
root@myhost:/usr/local/bin# irb
irb(main):001:0> puts RUBY_PLATFORM
i386-pc-solaris2.11
=> nil
irb(main):002:0>
Nexenta Core 1.0 Release
Just to prove that I'm not a Linux bigot, I'll admit that I've played around with some of the OpenSolaris distributions over the past few years but a couple of things have always pissed me: 1) the same god-awful (blue and red colored) x86 installer I first used back in 90s 2) they were huge, bloated, and desktop focused.
I'm only about 10 minutes into the install
Nexenta Core seems to addressed seems to have addressed both of these concerns:
List of the changes and highlights
======================
# OpenSolaris b82 based (x86, 32bit and 64bit, non-debug)
# Ubuntu/Dapper based
# Project integration: NWS, AVS, COMSTAR, in-kernel CIFS client
# apt-clone: ZFS-integrated safe upgrade via remote APT repository
# Support for in-place (live) and safe upgrades
# Installer: multiple improvements; installs from USB
# Small memory requirement: 256MB
# Nexenta Zones: multiple improvements; integrated automatic Zone upgrades
# CIFS client included in the default installation
# Xen DomU and Xen Dom0 (32bit, [2])
# GRUB-integrated memory test
# Nexenta ISO Builder ([3])
# APT repository - status complete. Stable repository (elate-stable)
ready for usage.
About Nexenta Core Platform (NexentaCore)
=============================
Nexenta Operating System is a free and open source operating system
combining the OpenSolaris kernel with GNU application userland. Nexenta
Operating System runs on Intel/AMD 32/64bit hardware and is distributed
as a single installable CD. NexentaCore is a minimal (core) foundation
that can be used to quickly build servers, desktops, and custom
distributions tailored for specialized applications. The latest and
previous NexentaCore releases are available at [4]. With the power of
Debian tools behind it, NexentaCore could be customized for any vertical
application or distribution: KDE, GNOME, XFCE centric Desktops, LAMP
servers, Xen Dom0 ZFS-powered servers, and more. Unlike NexentaOS
desktop distribution, NexentaCore does not aim to provide a complete
desktop. The overriding objective for NexentaCore is....
Welcome Back Daily Dish
Here are the highlights, but definitely check out The Clinton's Last Stand:
and
Clinton is a terrible manager of people. Coming into a campaign she had been planning for, what, two decades, she was so not ready on Day One, or even Day 300. Her White House, if we can glean anything from the campaign, would be a secretive nest of well-fed yes-people, an uncontrollable egomaniac spouse able and willing to bigfoot anyone if he wants to, a phalanx of flunkies who cannot tell the boss when things are wrong, and a drizzle of dreary hacks like Mark Penn. Her only genuine skill is pivoting off the Limbaugh machine (which is now as played out as its enemies). Her new weapon is apparently bursting into tears. I mean: really.
and
Of course some this argument hinges on the assumption that well-run campaigns (which seems to be the case for Obama?) have a higher probability of producing well-run executive branches and competent presidencies. I wasn't nearly as obsessed with '04 or '00 to know whether Dubya's/Rove's campaigns were as disciplined and competent but the White House tenure has obviously been far from that...
How did they come this close to losing this? They had all the money, all the contacts, all the machine levers, the entire establishment, the biggest Democratic name in decades, and they've been forced into a humiliating death-match by a first-term black liberal with a funny name. It seems obvious to me that the Clintons blew this because they never for a second imagined they could. So they never planned to fight it. Once put in a fair contest, they turned out to be terrible campaigners, terrible politicians, bad managers, useless executives, wooden public speakers. If you're a Democrat, that's good to know, isn't it? All that bullshit about Day One and experience? In retrospect: laughable.
Wednesday, February 20, 2008
MoinMoin Vulns
Courtesy of a Secunia Feed I ran across the vulns in MoinMoin -- which I my wiki of choice for work or play. I don't allow any authenticated users to edit pages or upload files (apart from me) but I was paranoid enough to take my wiki down for a bit until I've had a chance to understand the issues more or until Ubuntu releases a package.
Update
franz-g4:~ mdfranz$ python hackmoin.py
MoinMoin host: i.e: http://127.0.0.1:8000/
MoinMoin host ( include http and /): http://www.threatmind.net/secwiki/
Ok, the file: README was created, and you can logging setting the cookie MOIN_ID='README' in your browser.
Yeah the exploit does indeed create (overwrite?) a README file in your data/user directory that looks like this:
aliasname=ilikecolombianpeople
css_url=
date_fmt=
datetime_fmt=
disabled=0
edit_on_doubleclick=0
edit_rows=20
editor_default=text
editor_ui=freechoice
email=just@nonrootuser.co
enc_password={SHA}hzAn1bupZwrTEQuFWlZA3TsEcVc=
language=
last_saved=1203553839.72
mailto_author=0
name=nonroot
quicklinks=podriamos-insertar-codigo-php-aqui-verdad-que-si
remember_last_visit=0
remember_me=1
show_fancy_diff=1
show_nonexist_qm=0
show_page_trail=1
show_toolbar=1
show_topbottom=0
subscribed_pages=
theme_name=modern
tz_offset=0
want_trivial=0
wikiname_add_spaces=0
So the question is, so what? Can this be used to erase/reset the password of the Admin user? Not sure. But I did discover a shitload of user preference files in my wiki, yikes! I'm sure they are harmless... I guess the key issue is whether this exploit would allow you to overwrite an existing admin users (through the web UI you can't create a new user for one that already exists, IIRC).
It would definitely appear that if you can guess the time based filename etime.time.anothertime you could.
And here is what the exploit looks like in your logs:
stinkmonkey.cable.rcn.com - - [21/Feb/2008:00:29:47 +0000] "POST /secwikiUserPreferences/ HTTP/1.1" 404 229 "-" "Python-urllib/2.4" "-"
stinkmonkey.cable.rcn.com - - [21/Feb/2008:00:30:10 +0000] "POST /secwikiUserPreferences/ HTTP/1.1" 404 229 "-" "Python-urllib/2.4" "-"
stinkmonkey.cable.rcn.com - - [21/Feb/2008:00:30:39 +0000] "POST /secwiki/UserPreferences/ HTTP/1.1" 200 23341 "-" "Python-urllib/2.4" "-
And yeah it took me 3 times because I kept forgetting the slash (as you can see) and because I'm a "jackass" (to use tqbf's favorite expletive
Tuesday, February 19, 2008
Deb of the Day: conntrack
So I was trying (unsuccessfully) to get pyctd installed and was looking doing the dselect dependency dance (yeah, I'm old school) and I ran across conntrack
Being spoiled with PF (or pfctl actually) I always wondered how you could do this in Linux.
# conntrack -E
[UPDATE] tcp 6 30 LAST_ACK src=192.168.2.170 dst=72.14.205.83 sport=52241 dport=80 packets=9 bytes=2262 src=72.14.205.83 dst=24.136.2.99 sport=80 dport=52241 packets=7 bytes=606
[UPDATE] tcp 6 120 TIME_WAIT src=192.168.2.170 dst=72.14.205.83 sport=52241 dport=80 packets=9 bytes=2262 src=72.14.205.83 dst=24.136.2.99 sport=80 dport=52241 packets=8 bytes=658
[NEW] tcp 6 120 SYN_SENT src=192.168.2.170 dst=72.14.205.83 sport=52242 dport=80 packets=1 bytes=64 [UNREPLIED] src=72.14.205.83 dst=24.136.2.99 sport=80 dport=52242 packets=0 bytes=0
[UPDATE] tcp 6 60 SYN_RECV src=192.168.2.170 dst=72.14.205.83 sport=52242 dport=80 packets=1 bytes=64 src=72.14.205.83 dst=24.136.2.99 sport=80 dport=52242 packets=1 bytes=60
[UPDATE] tcp 6 432000 ESTABLISHED src=192.168.2.170 dst=72.14.205.83 sport=52242 dport=80 packets=2 bytes=116 src=72.14.205.83 dst=24.136.2.99 sport=80 dport=52242 packets=1 bytes=60 [ASSURED]
[NEW] udp 17 30 src=192.168.100.25 dst=216.106.191.180 sport=123 dport=123 packets=1 bytes=76 [UNREPLIED] src=216.106.191.180 dst=24.136.2.99 sport=123 dport=123 packets=0 bytes=0
[UPDATE] udp 17 30 src=192.168.100.25 dst=216.106.191.180 sport=123 dport=123 packets=1 bytes=76 src=216.106.191.180 dst=24.136.2.99 sport=123 dport=123 packets=1 bytes=76
# conntrack -L | wc -l
41
Being spoiled with PF (or pfctl actually) I always wondered how you could do this in Linux.
# conntrack -E
[UPDATE] tcp 6 30 LAST_ACK src=192.168.2.170 dst=72.14.205.83 sport=52241 dport=80 packets=9 bytes=2262 src=72.14.205.83 dst=24.136.2.99 sport=80 dport=52241 packets=7 bytes=606
[UPDATE] tcp 6 120 TIME_WAIT src=192.168.2.170 dst=72.14.205.83 sport=52241 dport=80 packets=9 bytes=2262 src=72.14.205.83 dst=24.136.2.99 sport=80 dport=52241 packets=8 bytes=658
[NEW] tcp 6 120 SYN_SENT src=192.168.2.170 dst=72.14.205.83 sport=52242 dport=80 packets=1 bytes=64 [UNREPLIED] src=72.14.205.83 dst=24.136.2.99 sport=80 dport=52242 packets=0 bytes=0
[UPDATE] tcp 6 60 SYN_RECV src=192.168.2.170 dst=72.14.205.83 sport=52242 dport=80 packets=1 bytes=64 src=72.14.205.83 dst=24.136.2.99 sport=80 dport=52242 packets=1 bytes=60
[UPDATE] tcp 6 432000 ESTABLISHED src=192.168.2.170 dst=72.14.205.83 sport=52242 dport=80 packets=2 bytes=116 src=72.14.205.83 dst=24.136.2.99 sport=80 dport=52242 packets=1 bytes=60 [ASSURED]
[NEW] udp 17 30 src=192.168.100.25 dst=216.106.191.180 sport=123 dport=123 packets=1 bytes=76 [UNREPLIED] src=216.106.191.180 dst=24.136.2.99 sport=123 dport=123 packets=0 bytes=0
[UPDATE] udp 17 30 src=192.168.100.25 dst=216.106.191.180 sport=123 dport=123 packets=1 bytes=76 src=216.106.191.180 dst=24.136.2.99 sport=123 dport=123 packets=1 bytes=76
# conntrack -L | wc -l
41
"Against" Globalization and Other Laws of Nature
So the Wisconsin Exit Pools show Dems are "against globalization." What the hell does that even mean? I supposed these clowns are against gravity, death, getting pregnant if you don't use contraception, seasons, what else? Maybe they'll vote for Hillary, too.
Sunday, February 17, 2008
YouTube and SCADA: Even Better
Yeah I really need to get some sleep, but out of diapers.
No More SCADA Lists for Me!
At least when I'm irritable from lack of sleep caused by high availability fun. Rad's post on fuzzing was the final straw and bridge began to creak and buckle with SCADA-Drug-Dealer-Gate. Waste of time. Raises blood pressure too much. See ya. Zero tolerance for this... Long story short, not only is L2 fuzzing with SPIKE *not* a topic worth following, has nothing to do with SCADA.
Industrial Defender and "The Wire"
I've been wanting to blog about Season 2 of The Wire (and Omar, one of the best characters, who is supposedly Obama's favorite character, on his favorite show) for a while, but an amusing email forward on the SCADA mailing list from Full Disclosure, called SCADA Security Corruption gives me the opportunity to blog about SCADA and my favorite TV show.
Several years back JP and I spoke at some "security day" at Rockwell Automation in Cleveland, afterwards we got lost on the way to the airport (my driving, no doubt) in some pretty scary areas that looked like The Wire. Based on that experience I don't think JP or any members of Industrial Defender are involved in any sort of illegal activity I've seen on Season 2 of The Wire including customs violations, murder, or sex slavery.
But then again, what is more accurate, google search results or HBO shows? I guess we'll never know. Maybe there is a vast conspiracy of SCADA Security Consultants, Vendors, and Researchers all plotting to not only to annihilate critical infrastructive in a single decisive blow (ordered from abroad, no doubt) and sell drugs.
This reminds me of the time I saw a message thinking that I was the one who stole the IOS source code back in 2005, after all my name was Franz, too.
Several years back JP and I spoke at some "security day" at Rockwell Automation in Cleveland, afterwards we got lost on the way to the airport (my driving, no doubt) in some pretty scary areas that looked like The Wire. Based on that experience I don't think JP or any members of Industrial Defender are involved in any sort of illegal activity I've seen on Season 2 of The Wire including customs violations, murder, or sex slavery.
But then again, what is more accurate, google search results or HBO shows? I guess we'll never know. Maybe there is a vast conspiracy of SCADA Security Consultants, Vendors, and Researchers all plotting to not only to annihilate critical infrastructive in a single decisive blow (ordered from abroad, no doubt) and sell drugs.
This reminds me of the time I saw a message thinking that I was the one who stole the IOS source code back in 2005, after all my name was Franz, too.
Saturday, February 16, 2008
Ruby vs. Python (.NET Style)
If Ruby has the lead on the JVM it appears the opposite is true for Python, as Iron Python is miles ahead on .NET (or should I say .DLR/.CLR?). Still trying to build Iron Ruby it about 3-4 CPU-hours in. Of course slow ass Thinkpad-IO which is killing VMWare isn't helping, and the bloat of Visual C# Express 2008 which itself took an hour or two to install over the network.
Wednesday, February 13, 2008
12,008
I actually think McCain is right on Iraq (there was an interesting piece on NPR yesterday with a LTC who is retiring, how the average low-intensity conflict last 10 years and only 40% of insurgencies are successful) but this is pretty damn funny.
Tuesday, February 12, 2008
No Thanks I Make...
If you haven't seen this from Season 2 from the BBC Office it is a must watch. How many computer security professionals does this bloke resemble?
SCADA Superheroes!
Continuing on a theme I obviously lack the self discipline that Dale has when it comes to IT vs. SCADA debates as I've been rehashing impossible issues with the SCADA Security Comic Book Crowd over on the new SCADASEC mailing list. Of course it is difficult (if not impossible, but entertaining nonetheless) to have a dialogue with folks that have no idea what you are talking about and are not interested in technical discussions and whose "hearts are hardened" (to get Biblical for a moment) but its been fun to blow off steam (while waiting for the Obama landslide) and sharpen my email skills which have been sort of languishing since I left Cisco. Ah for those happy days of arguing with PSIRT about the dangers of releasing tools that would bring down the Internet.
I did learn that Walt doesn't want me to be involved in securing the refinery "down the street" from where he lives. Well that makes two of us. But of course Jake get's the best line and is once again at least rational.
Matt, I think this point is sort of like asking whether Superman or Batman would win if they got in to a fight. There is no point in asking the question because neither character is real.
See in the upside down of the control systems security not only is CERT arming attackers when they release advisories but the most dangerous enemy is an IT security consultant that has not drunk down the SCADA Kool Aid (patch-free) down in long draughts!
Any security expert who has not carefully internalized these significant differences between enterprise IT security requirements and plant and SCADA security requirements can actually be an active danger to the plant or SCADA implementation-- as dangerous as an uncontrolled attacker.
And kudos to Leif Erickson for being a good sport!
Sunday, February 10, 2008
S.M.A.R.T. on Gutsy T-61
After my my dismal report on my T-61's SATA performance I've been wondering about whether I have everything tweaked right and I tonight I ran across an entry on Thinkwiki about SMART.
Basically if you install the smartmontools package you get a utility called smartctl that allows you to do stuff like
Here is an article that explains all this junk and smartmontools and this runs on FreeBSD too so this is something to consider on that front, too.
Basically if you install the smartmontools package you get a utility called smartctl that allows you to do stuff like
root@gutsy61:~# smartctl -a /dev/sda
smartctl version 5.37 [i686-pc-linux-gnu] Copyright (C) 2002-6 Bruce Allen
Home page is http://smartmontools.sourceforge.net/
=== START OF INFORMATION SECTION ===
Device Model: ST9120822AS
Serial Number: 5LZ1Q720
Firmware Version: 3.CLF
User Capacity: 120,034,123,776 bytes
Device is: Not in smartctl database [for details use: -P showall]
ATA Version is: 7
ATA Standard is: Exact ATA specification draft version not indicated
Local Time is: Sun Feb 10 19:49:22 2008 CST
SMART support is: Available - device has SMART capability.
SMART support is: Enabled
=== START OF READ SMART DATA SECTION ===
SMART overall-health self-assessment test result: PASSED
General SMART Values:
Offline data collection status: (0x00) Offline data collection activity
was never started.
Auto Offline Data Collection: Disabled.
Self-test execution status: ( 0) The previous self-test routine completed
without error or no self-test has ever
been run.
Total time to complete Offline
data collection: ( 426) seconds.
Offline data collection
capabilities: (0x53) SMART execute Offline immediate.
Auto Offline data collection on/off support.
Suspend Offline collection upon new
command.
No Offline surface scan supported.
Self-test supported.
No Conveyance Self-test supported.
Selective Self-test supported.
SMART capabilities: (0x0003) Saves SMART data before entering
power-saving mode.
Supports SMART auto save timer.
Error logging capability: (0x01) Error logging supported.
General Purpose Logging supported.
Short self-test routine
recommended polling time: ( 1) minutes.
Extended self-test routine
recommended polling time: ( 57) minutes.
SMART Attributes Data Structure revision number: 10
Vendor Specific SMART Attributes with Thresholds:
ID# ATTRIBUTE_NAME FLAG VALUE WORST THRESH TYPE UPDATED WHEN_FAILED RAW_VALUE
1 Raw_Read_Error_Rate 0x000f 100 067 034 Pre-fail Always - 196651010
3 Spin_Up_Time 0x0003 099 099 000 Pre-fail Always - 0
4 Start_Stop_Count 0x0032 100 100 020 Old_age Always - 822
5 Reallocated_Sector_Ct 0x0033 100 100 036 Pre-fail Always - 0
7 Seek_Error_Rate 0x000f 059 055 030 Pre-fail Always - 111693386018
9 Power_On_Hours 0x0032 100 100 000 Old_age Always - 149348897784391
10 Spin_Retry_Count 0x0013 100 100 034 Pre-fail Always - 0
12 Power_Cycle_Count 0x0032 100 100 020 Old_age Always - 902
187 Unknown_Attribute 0x0032 100 100 000 Old_age Always - 0
189 Unknown_Attribute 0x003a 048 048 000 Old_age Always - 52
190 Temperature_Celsius 0x0022 062 052 045 Old_age Always - 656801830
191 G-Sense_Error_Rate 0x0032 100 100 000 Old_age Always - 26
192 Power-Off_Retract_Count 0x0032 001 001 000 Old_age Always - 4294967291
193 Load_Cycle_Count 0x0022 026 026 000 Old_age Always - 148448
194 Temperature_Celsius 0x001a 038 048 000 Old_age Always - 38 (Lifetime Min/Max 0/16)
195 Hardware_ECC_Recovered 0x0012 070 042 000 Old_age Always - 196651010
196 Reallocated_Event_Count 0x0010 099 099 000 Old_age Offline - 157255932577023
197 Current_Pending_Sector 0x003e 100 100 000 Old_age Always - 0
198 Offline_Uncorrectable 0x0000 100 100 000 Old_age Offline - 0
199 UDMA_CRC_Error_Count 0x0032 200 200 000 Old_age Always - 0
200 Multi_Zone_Error_Rate 0x0000 100 253 000 Old_age Offline - 0
202 TA_Increase_Count 0x0000 100 253 000 Old_age Offline - 0
SMART Error Log Version: 1
No Errors Logged
SMART Self-test log structure revision number 1
SMART Selective self-test log data structure revision number 1
SPAN MIN_LBA MAX_LBA CURRENT_TEST_STATUS
1 0 0 Not_testing
2 0 0 Not_testing
3 0 0 Not_testing
4 0 0 Not_testing
5 0 0 Not_testing
Selective self-test flags (0x0):
After scanning selected spans, do NOT read-scan remainder of disk.
If Selective self-test is pending on power-up, resume after 0 minute delay.
Here is an article that explains all this junk and smartmontools and this runs on FreeBSD too so this is something to consider on that front, too.
Tuesday, February 05, 2008
Nothing more to say about California
4 Speeches Tonight (and Kansas!)
What's up with these Home Depot's up here closing at 9:30? So I had the misfortune of catching Romney's speech on NPR on the way back. The usual Pre-Globalism cliches that might have worked in the 80s. Make America Great Again, because some country in Asia (where kids still starve and need our vegetables) might surpass us by the end of the 21st century.
Countries (or continents) that have the education level or the fortitude (my 2 weeks in China back in 2004, when we adopted my daughter, convinced me the place was on fire and a force to be reckoned with) deserve to take our jobs away, whether manufacturing or software engineering.
Deal with it! Read some Tom Peters! Go PSF!
McCain's speech was gracious and classy but expectedly mediocre.
I'm so sick of his "my friends" schtick.
No comments on Hillary (except the yellow has to go, Blondes should not wear yellow), but Obama's was amazing. He nailed it. Among the best I heard so far.
If my wife is any indication of change in traditional Democratic voters (vs. fed up Independent Republicans like myself who voted in a Democratic primary for the first time in their lives today) over the last months, the tide has turned.
Around Thanksgiving she liked the idea of Obama (and had actually read his book) but didn't think he had a chance and saw Hillary as the safe choice. And saw defeating the Republicans as the #1 goal.
But with 73% of Kansas (where I was born, actually, but hardly ever lived) for Obama?
And the national unity message continously being refined (along with softly sticking it to the Clintons).
Truly Amazing.
If California no more than a 5 point spread, how can this not be seen as an Obama victory?
Countries (or continents) that have the education level or the fortitude (my 2 weeks in China back in 2004, when we adopted my daughter, convinced me the place was on fire and a force to be reckoned with) deserve to take our jobs away, whether manufacturing or software engineering.
Deal with it! Read some Tom Peters! Go PSF!
McCain's speech was gracious and classy but expectedly mediocre.
I'm so sick of his "my friends" schtick.
No comments on Hillary (except the yellow has to go, Blondes should not wear yellow), but Obama's was amazing. He nailed it. Among the best I heard so far.
If my wife is any indication of change in traditional Democratic voters (vs. fed up Independent Republicans like myself who voted in a Democratic primary for the first time in their lives today) over the last months, the tide has turned.
Around Thanksgiving she liked the idea of Obama (and had actually read his book) but didn't think he had a chance and saw Hillary as the safe choice. And saw defeating the Republicans as the #1 goal.
But with 73% of Kansas (where I was born, actually, but hardly ever lived) for Obama?
And the national unity message continously being refined (along with softly sticking it to the Clintons).
Truly Amazing.
If California no more than a 5 point spread, how can this not be seen as an Obama victory?
Sunday, February 03, 2008
Waiting for Super Obama Ad?
So I'm guess Obama's Supposed Superbowl Ad: Join isn't going to show in IL, but look where some of the footage for this ad is shot? Yeah, that's Zilker Park. And that's the Hyatt there on the right, where I presented at in 2000 for some SBC seminar about the February DDOS attacks. That's where we (back when it was just three of us) saw Lucinda on a hot September. I'm guessing there are quite a few Obama bumperstickers in my old neighborhood. And I'm not a huge football fan but I'm pleased with the first half and of course I'm rooting for the Giants.
After watching the ad 3-4 times, what is interesting is the sense of momentum (and of a growing movement?) that it conveys in just 30 seconds. I hope this is real. There isn't that much substance to it, but for someone who is approaching 40 (and more a child of Reagan than Nixon) and only saw videos of protest marches from the 1960s, it seems to have a "60s feel" to it. And In a good way. I wonder how boomers view this ad? Do they resent Obama co-opting this imagery? Although it is upbeat, I like the deft swipe near the end:
We want something new. We want to turn the page. The world as it is, is not the world that it has to be.Much like his platform, I do not agree with everything in the ad, but I like it anyway. This doesn't mesh with my favorite John Chambers quote from the tech crash in 2001 ("deal with the world the way it is, not the way you like it to be") but I like it anyway. I certainly do not care for the the burned out HMMV juxtaposed against privileged college kids who have not and will never don a uniform, but it is better than the sanctimonious alternative.
Saturday, February 02, 2008
Stupid T-61 vs Dell Optiplex 330 Gutsy Shootout
So I was wondering graphics performance on my son's new workstation is so much worse than on my Thinkpad. In particular bzflag, because I thought they both had the same Intel graphics card, when I bought it. And I was sure it wasn't the CPU? Well it turned out I was wrong and my little benchmark to unzip the Thoughtpolice FreeBSD 6.2 VM had some suprising results. Yeah I know I should get some real benchmarking software but I didn't feel like it.
-rw-r--r-- 1 mfranz mfranz 230671277 2008-02-02 18:08 freebsd-6.3-i386.zip
Intel(R) Pentium(R) Dual CPU E2140 @ 1.60GHz (1GB)
82G33/G31 Express Integrated Graphics Controller
real 0m22.276s
user 0m10.480s
sys 0m1.540s
Intel(R) Core(TM)2 Duo CPU T7300 @ 2.00GHz (1.5 GB)
Mobile GM965/GL960 Integrated Graphics Controller
real 0m45.863s
user 0m10.669s
sys 0m1.492s
Just as I suspected (after finding how fast is your disk it is the IO that is killing my Thinkpad.
root@nikplex330:~/vms# hdparm -t /dev/sda
/dev/sda:
Timing buffered disk reads: 278 MB in 3.02 seconds = 92.13 MB/sec
root@gutsy61:~/torrents# hdparm -t /dev/sda
/dev/sda:
Timing buffered disk reads: 120 MB in 3.04 seconds = 39.44 MB/sec
Of course I'm also using reiserfs on my laptop (out of habit and b/c I've never had any issues) but doubt there should be double.
No wonder my VM's lag so bad some times.
-rw-r--r-- 1 mfranz mfranz 230671277 2008-02-02 18:08 freebsd-6.3-i386.zip
Intel(R) Pentium(R) Dual CPU E2140 @ 1.60GHz (1GB)
82G33/G31 Express Integrated Graphics Controller
real 0m22.276s
user 0m10.480s
sys 0m1.540s
Intel(R) Core(TM)2 Duo CPU T7300 @ 2.00GHz (1.5 GB)
Mobile GM965/GL960 Integrated Graphics Controller
real 0m45.863s
user 0m10.669s
sys 0m1.492s
Just as I suspected (after finding how fast is your disk it is the IO that is killing my Thinkpad.
root@nikplex330:~/vms# hdparm -t /dev/sda
/dev/sda:
Timing buffered disk reads: 278 MB in 3.02 seconds = 92.13 MB/sec
root@gutsy61:~/torrents# hdparm -t /dev/sda
/dev/sda:
Timing buffered disk reads: 120 MB in 3.04 seconds = 39.44 MB/sec
Of course I'm also using reiserfs on my laptop (out of habit and b/c I've never had any issues) but doubt there should be double.
No wonder my VM's lag so bad some times.
Subscribe to:
Posts (Atom)