I first wrote this back in 2005, and had a number of comments on a blog from people about how it had helped them, so I thought I'd dig it up and repost it here.

First of all, grab Knoppix, burn it to a CD, and spend a few days (or a few weeks, whatever you feel comfortable with) playing with it. Unless you go into the install option, the base CD doesn't install anything to the hard drive, so you can't harm anything. This is a completely safe, non-intimidating way for you to initially get your feet wet.

2. While you're exploring Knoppix, there are a few things to read which will really help you. This [tldp.org] will give you a very good introduction to Linux, in terms of a little history of the system, how to begin using it, and how some basic things work. Here [tldp.org] is another in-depth document about using Linux, leading on from the previous one.

3. Once you've gone through those two, (take as much time as you need) this [tldp.org], written by the same man as the introduction, will introduce you to the Bash shell, the textual command interpreter where with Linux, you'll likely be spending a lot of your time. This will ease you into scripting in what I think will be a very non-intimidating way. You will be able to try out all of these exercises with the Knoppix CD, and again, because the CD doesn't install anything to the hard drive, you needn't worry about destroying your existing system's contents while you learn. This [tldp.org] is another book on Bash scripting which to a degree follows on from that one, and will go into somewhat greater depth. Both of these should lead to you feeling very comfortable writing shell scripts and moving around to a degree on the system.

4. Here [tldp.org] is where we get to some meat. This document goes into compiling and installing generic Linux/UNIX software, and offers some basic applications and examples. Once you've gone through this, coupled with the material above, you should now have sufficient understanding to be able to compile and install at least a basic application yourself.

5. The [tldp.org] Pocket Linux Guide will take you step by step through the process of learning to make a small, bootable Linux system on two floppy disks. Although compiling a basic custom kernel is part of this process, the Guide contains a link to another document which explains very clearly how to do this, and given the background you will have received from the previous documents, this should not be difficult.

6. Once you have completed the Pocket Linux Guide, you will then be ready to proceed to this [linuxfromscratch.org] site, which is the homepage of the Linux From Scratch Project. Here you will be able to read an HTML-formatted book which will give you the necessary information to successfully build an entire base Linux system of your own, and a more pure boot CD than Knoppix to initially build it upon. The Linux From Scratch Project also has a sequel book, Beyond Linux From Scratch, which describes how to install, among other things, a full graphical user interface with the X Windows system.

Someone just tried to spam my CAKE wiki via IPv6. The attack came from 2002:c26a:c164:0:216:cbff:feab:b3f5 which is a 6to4 address (you can tell from the beginning 2002) meaning that it corresponds to the IPv4 address of c26ac164, also known as 194.106.193.100 which is the address of some computer in Poland.

It also looks like they're on a network that's using EUI-64 based IPv6 address assignment, so the MAC address it came from is 00:16:cb:ab:b3:f5. Looking that up at the MAC Address Vendor lookup page reveals that this MAC address belongs to an Apple.

Someone's poor hacked Mac is trying to spam my wiki, or this is the computer of the hacker who's running the botnet trying to figure out why none of the spam is showing up.

I run a public DNS server for my own domains and I've been getting a lot of outside attempts to run recursive queries through it. This is something I haven't seen before and I'm wondering if DNS cache poisoning is on the rise.

Here is a sample of the logs:

May 15 01:57:38 foo named[2310]: client 125.17.226.217#4921: query (cache) 'nirvana.admins.ws/A/IN' denied

May 15 02:40:15 foo named[2310]: client 208.72.168.114#54341: query (cache) 'aa36.com/ANY/IN' denied

May 15 03:41:06 foo named[2310]: client 192.172.226.155#56099: query (cache) 'c40431ec875aa6d0.a4a1b82e01a13ddb.test1.openresolvers.org/A/IN' denied

May 15 03:44:21 foo named[2310]: client 124.173.20.186#2898: query (cache) 'nirvana.admins.ws/A/IN' denied

May 15 05:09:01 foo named[2310]: client 88.228.100.29#1598: query (cache) 'nirvana.admins.ws/A/IN' denied

May 15 06:08:46 foo named[2310]: client 201.47.54.80#61320: query (cache) 'nirvana.admins.ws/A/IN' denied

May 15 19:33:27 foo named[2310]: client 221.208.250.186#12899: query (cache) 'nirvana.admins.ws/A/IN' denied

May 15 23:24:55 foo named[2310]: client 71.110.123.103#4547: query (cache) 'nirvana.admins.ws/A/IN' denied

One of these is a definite probe for poorly configured DNS servers in an attempt to be helpful. And that's the query for c40431ec875aa6d0.a4a1b82e01a13ddb.test1.openresolvers.org.

The others appear to be an attempt to query for the DNS records of a spam trap. This could be one of two things. It could be an attempt to get emails destined for the trap to go elsewhere. It could also be an attempt to get unwitting open DNS resolvers to be a part of a DDOS attack against the spam trap. I don't know which.

Does anybody reading this have any idea?

In looking at the various logs I keep to monitor what's going on on my home network, I've noticed an interesting fact about Vista that I haven't seen published anywhere. This is something of a guess, but it's supported by the increased activity in my logs, the fact the packets are coming from the US, the User-Agent strings and the curious and regular form of most of the new IPv6 connections I've been seeing. This fact is that Vista is fairly aggressive in supporting IPv6.

Now, Windows XP supports IPv6 fairly passively right out of the box. If you put it on a network with other nodes that speak IPv6 and a router or DHCPv6 server advertising a prefix, it will happily pick it up and gain a globally routable IPv6 address. But Vista goes one step further. If it figures out that it's been assigned a globally routable IPv4 address it sets up its on 6to4 tunnel so its IPv4 address can be used to route IPv6 packets to it.

This is slightly worrisome as the IPv6 packets stuck inside the IPv4 packets represent a potential attack vector that may slide by all the filtering. But so far all the machines I've been able to portscan with some confidence that the computer at the IP I saw was still there look like they're heavily firewalled. This is better than I expected, but I did notice a different, more worrisome trend.

I expect that what firewall manufacturers will do when they learn of this is just block all IP packets with a protocol field of 41 (0x29), the IPv6 in IPv4 protocol. This is because in most Internet discussions IPv6 is treated either with "it will never happen" or "it's evil and stupid and NAT is enough". Basically, people are afraid of something new and don't want to have to learn it, so it's easier to dismiss it than embrace it.

I have some evidence that this is already happening. I think all the Vista originated 6to4 tunneled packets all have IPv6 addresses of the form 2002:hexip_upper16:hexip_lower16::hexip_upper16:hexip_lower16. When I ping the associated IPv4 address I often get a response, but when I ping the IPv6 address I don't. But I do in a very small number of cases. My guess is that something is filtering incoming IP packets with a protocol field of 41.

This means that whenever such computers try to visit my website (which has an IPv6 address) they will likely get absolutely nothing in response, or a long wait until the browser decides to fall back to IPv4.

This is actively hostile and wrong. IPv6 is happening. Learn it and get used to it. Fix your broken hardware and software. The specs have been relatively stable for the base protocol now for more than 4 years. There is no excuse for not knowing something about it.

Useful links

• The TCP/IP Guide is a ridiculously comprehensive book and includes these bits of info:
  • A whole section on IPv6: Internet Protocol Version 6 (IPv6) / IP Next Generation (IPng) (IPng was the old name for IPv6
  • And in specific, this very helpful chapter: IPV6 Global Unicast Adresss Format
• This Wikipedia entry on 6 to 4 (IPv6 inside IPv4), though this isn't all that great.
• This Cisco page on 6 to 4 gateway routers that's fairly decent but has no decent overview, just an explosion of technical details. It does talk about how ISPs should do things to better support IPv6 though, so that's helpful.
• The Numbers Resource Organization maintains a helpful page that allows you to set up a nice nameserver for doing PTR lookups of your 6to4 IPv6 addresses. Here is a link using their name: http://6to4.nro.net/. If you're running IPv6, your browser should be smart enough to go to the IPv6 version first. If it isn't, this IPv6 link should work: http://[2001:dc0:2001:7:2d0:b7ff:feb7:f7f9]/ (Slashdot (in an example of the kind of stupidity I'm talking about) mangles the href badly, so cut & paste it).

In fact, that's a big problem here. No pictures, no overview, just an explosion of technical detail. There are some sites that have an overview that are put up by the IPv6 task force, but they are so badly designed I don't want to link to them for fear of crashing someone's browser with the evilness.

(This is my response to the article with the same name)

I've only been playing since May.

I tried forming my own guild a bit back...everyone ended up leaving at around level 40 to go and be a member of one of the "leet" end-game guilds on our server. (Jubei'Thos) I let them go and didn't protest it or complain in the end...although in the process of forming the guild, I lost a real-life friend who started power tripping and getting me to resign as GM. I kicked him out...but it broke up soon after anywayz. Now I just do WC and other lowbie instance runs, recruit newbs, help them get to level 40, and then let them leave if they want to...as well as playing on the auction house. Either that or log on, have a few rounds of wsg, and log off again.

The competitive and guild aspect really started stressing me out for a while as well...I learned some lessons.

a) If you're going to play this game at all, make the only person who you compete with yourself. Don't care about what anyone else is doing, if they have a mount, etc. Make your advancement about you and only you. I'm near level 45 and I still don't have a mount, but I don't really give a shit...I'm farming and using Auctioneer, and I'll get there eventually...but there are MUCH more important things in life.

b) Do not go near guilds. Any guild at all. Do not form one, and do not join one. Guilds are the *sole* reason for the addictive element of this game. They're also the sole reason for any pain and suffering that you will experience. If you play unguilded, you will have no trouble playing casually. 90+% of this game's addictive factor is associated with guilding, social interaction within said guild, social *pressure* within said guild, and competing with others within said guild. So, remember the mantra:- Play unguilded, play safe.
Don't worry about instances, either. pickup groups are always available. Yes, they're a bit more hit or miss in the short term, but they won't do you anything like the long term damage that a guild will.
The justification for the guild system is primarily that you won't get to experience raid content (or are at least very unlikely to) without guild membership. That is true, but here's something else that's true which you probably didn't know. The largest raid instances in the game are generally only played by >5% of the entire playerbase, whether you're in a guild or not, and that is by deliberate design. The 25-40 man instances at least are there specifically for the hard core no life crowd, and usually, they require having no other life in order to be able to access them. You have to be a member of a guild, you have to put up with all the social/political bullshit that goes along with that, and in many instances you have to do a horrific faction reputation grind as well. Stick to 5 mans or pvp; you'll be able to do your own thing, and will experience a lot less pain generally.

c) Do not play this game with real life friends, or with anyone with whom you have a relationship that you do not want to lose...ESPECIALLY do not guild with them. Some of the rl friends I lost I had been friends with for close to a dozen years before playing this game.

d) Realise that for the most part, this game dies after around level 30. Once you get past that point, there is simply a long, hard, fairly tedious slog up to the end game instances.

Has anybody else noticed how the tagging system seems to have changed. Gone are the tags like 'fud', 'itsatrap', and 'haha'. No more 'slashvertisement' and the like either. I find the current set of tags bland and useless. They are OK for hunting down an article, but horrible for being able to tell anything about an article before you click on it.

I found 'slashvertisement' and a few of the other tags about chronic problems that the Slashdot editors tend not to acknowledge to be particularly helpful. Does anybody know how or why the tags became so bland?

The Rules of Slashdot

1) You can't talk about the rules of Slashdot.

2) Never read the article before commenting on it.

3) Anything proprietary is bad. Anything open-source/free-software is good.

4) Information wants to be free. So IP theft is OK and encouraged.

5) All patents are BAD and should be abolished.

6) Practicality is irrelevant. Running Linux on any piece of hardware that was not meant to run Linux such as a toaster, toilet, or toothbrush is considered uber cool and totally 133t.

7) If you have stolen source code from a previous employer (see Death Star) use the GPL to liberate and protect it, then post it anonymously on the Internet. Using a free hosting site like SourceForge(tm) works best.

8) Open-source/free-software really is communism but you can't admit this publicly. Flame into submission anyone that even hints at the communist connection.

9) Software licenses don't destroy jobs, CEO's do. It is OK for open-source/free-software to destroy domestic software jobs. It is BAD when domestic software jobs are sent overseas "off-shored" to countries with cheap labour rates such as India or China. Yes, hypocrisy is sweet.

10) Those who actually do the work don't waste their time posting on Slashdot.

11) Trolls that push the Slashdot agenda are GOOD. Trolls that offer a differing viewpoint are BAD. Yes, the hypocrisy is again sweet.

12) Slashdot is the new world order and all your base are belong to us!

The above was written by MajorDongle in response to Rob Enderle. I agree heartily with all of it, particularly Rules 8, 10, and 11.

People who've read what I write on Slashdot will know that I'm generally a vicious troll. (I actually just had one commenter suggest that I try suicide as a form of therapy)

That being the case, I decided to mention something which I *do* feel enormously positive about...a couple of wonderful Linux distributions, and why I like Linux in general.

• First off, Slackware. I love this. It's the first distro I used. It's very clean, clear, and (for me anyway) simple. A base install has an extremely small memory footprint. Also, if you add pkgsrc to it you'll have a great form of package management as well. You can read some testimonials about pkgsrc here, and you can also read about how to install pkgsrc with Slackware here. It might not be as good as Ubuntu for new users, but for people who know their way around and who want a hardware efficient system, (maybe for use on older hardware, or just if you like keeping ram free) you might like it.
• Gentoo. From what little I've seen, it seems to have a wonderful design, and I've also read about Daniel Robbins being a truly masterful Bash scripter. The package management system was inspired by ports, which I'm also very fond of, and apparently the discovery of the source building process was instrumental in forming the Linux From Scratch Project.
• Linux From Scratch. Although I'm a great fan of Slackware, LFS is overwhelmingly my distro (if it can be called that) of choice. As the book for it says, it produces a wonderfully clean, compact base system, which you can then use to install whatever else you like. Needless to say, there's also no better way than LFS to learn how a Linux system works at a deep level. LFS's other main virtue is that you don't get anything that you don't want or aren't likely to use, which in other cases might either waste system resources or even pose a security risk.

• FreeBSD. This of course isn't a Linux distro, but is the other FOSS *nix system. I recently did a couple of network installs of 6.1-RELEASE, and aside from some initial hiccups with fdisk, found it a joyous experience. The Ports Collection is the single greatest form of package management that I have ever used, and for me anyway the combination of freshports.org and the portaudit and portupgrade commands were a dream not only in terms of user friendliness, and ports is also considerably more robust than forms of package management for Linux that I have used. The handbook is great, and I was also amazed at how much more simple it is to compile a FreeBSD kernel. Compiling the Linux kernel usually takes me a lot longer. Installing VLC in FreeBSD was also actually easier for me than an initial codec install is in Windows...pkg_add meant I was literally watching video in minutes, and I had no codec issues either. An easy (if a bit more time consuming) install of the nVidia video card drivers meant I was able to play Neverball, a visually beautiful, fully 3D FOSS game which is also available from Ports. I was able to install GAIM in order to use the MSN messenger service as well.

  Some people will probably find the early stages of a FreeBSD install a bit bumpy, and it's true that FreeBSD hasn't quite caught up to Linux in terms of hardware support yet, (although it's still very comprehensive) but if you can forgive those two nitpicks, it's very much worth the download, especially considering how good ports is. I was particularly surprised at how good multimedia support is via ports these days, and precocious newbies shouldn't have too much trouble following the handbook 's instructions for compiling their own kernel.

So why do I use Linux or FreeBSD? I will admit that I come down very strongly on the Raymondian/"open source" side of the ideological fence. My use is motivated primarily by a passionate belief in the technological superiority of UNIX in general, and an appreciation of the vast additional flexibility which the availability of source code allows. Specifically, however:-

• Automation. I can start a make script for LFS, turn the monitor off and go to bed, and wake up nine hours later with a fully installed Linux system. For most Linux/BSD users, such a thing is probably very old news, but as far as I know that degree of unattended automation simply is not possible in a Windows environment. As is written here, a need for automation was one of the motivations behind UNIX's early design, and it is still an enormous strength of the operating system, to a degree that Windows has never been able to match.
• Robustness. Except for some minor issues with X Windows at times, I can have total assurance when using a Linux or FreeBSD system that the only time anything is going to go wrong is when *I* screw up, unlike in Windows where I can be entirely passive and the system will decide to entirely randomly die on its' own. Although my own usage scenarios probably aren't anywhere near as demanding as most people's, I also still feel a need for an operating system that can take whatever I have to throw at it. Slackware/LFS and FreeBSD can do that.
• Security. For the most part, the malware problem endemic to Windows simply does not exist with Linux or FreeBSD. I also have the option to do hardened compiles of my system's software which largely eliminates the possibility of buffer overflow/asm shellcode based attacks. There is also a tremendous degree of psychological peace of mind. When in a Windows environment, I periodically feel a need to monitor running processes in order to ensure that they all actually belong to me and that the system is not being compromised by a rogue process. With a sound firewall under Linux or FreeBSD, that is largely a given, allowing me to relax.
• Flexibility. When, for example, I wish to run a 3D game within Linux/FreeBSD, I can write a custom .xinitrc file so that either Wine or the game itself is the *only* thing which X Windows runs. I can also kill *all* background processes, effectively turning my desktop PC into the equivalent of a console with regards to the machine's entire hardware resources being devoted purely to the game. This allows a level of gaming performance which again, simply is not possible within a Windows environment. More generally, I never have to have anything on my machine other than exactly what I want, with none of what I don't.
• Price. Although the commercial Linux distributions are not free as in beer, the ones I generally use are. Linux or the BSDs allow the possibility of a corporation hiring a consultant/s to put together an entirely customised operating system, built from scratch, for zero software or registration cost. The TCO implications of this are surely staggering, even if education is taken into consideration, and I do not understand why more organisations haven't done this.
• Consistency. Both Debian and the BSDs have the capacity for the operating system to be installed once, and then never have to be re-installed for the life of the hardware. The entire operating system and applications can be maintained/upgraded on an incremental basis, within a system the programming API of which has remained stable for over 30 years. No other operating system on the planet that I know of can make that claim, and for change averse corporations or governments, I don't know why you'd use anything else. Contrast it in particular with another operating system we are well acquainted with, but shall here remain nameless. ;)

  The capacity for incremental upgrades of a stable base over time also means that organisations are able to deploy the latest innovations, but not at a rate faster than their retraining budget/timetable is able to cope with; that's the best of both worlds.

So in closing, if there's anyone reading this who by some chance has still only ever used Windows, I definitely recommend grabbing Slackware and diving in. As a convenience, Windows has it's place...I still use it for a few different things. However, depending on what you do with a computer, you may find that you can discover some uses for FOSS UNIX as well. If nothing else, a rescue CD for the next time Windows crashes could just end up being a lifesaver.

So, I'm looking for a job now. My résumé is updated and I've called a few people I know. I'm curious if any of you know anybody.

Here is what I'm looking for:

Ideally someone would point me at an investor who was interested in funding CAKE development for a couple of years with possibly another couple of people. The focus would be on creating a web-service that provided various services for CAKE users, not selling CAKE itself. A business model like LJs is the idea.

Barring that, I would really like to work for a company that wasn't so interested in someone who was capable of cranking out code. I'm not any good at that. I can program well, but I'm not fast, and I'm very cautious about working with a system I don't fully understand, especially if it's not easy to play with and test. OTOH, I am pretty good at talking to people about technical stuff, talking about design, pointing out flaws in designs, and creating new ones. So, a job that focused on the latter more than the former would be good.

And here's a few bullet points:

• Working on code that was going to be published as Open Source code would be a huge plus.
• I know Python and C++ best out of all the programming languages I know.
• I would really vastly prefer working with a POSIX-like environment like Linux. :-)
• I do best when working with systems level software, not UI software

Another entry in the "RAM saver" category, this is one which was mentioned by someone on the #lfs-support IRC channel earlier today.

Although I haven't actually tried it out myself yet, the verdict on #lfs-support was that it's very good, and apparently also very fast and resource-efficient. If you're needing to put together a FOSS desktop environment for an older machine, or just like resource-efficient desktops yourself, you might want to give it a look.

For any of you who don't already know about these, I recently came across this article outlining a number of useful config modifications for Firefox. The main one I was interested in was the "minimise hack," which can radically reduce Firefox's memory consumption while it is minimised. Might be good for people without a huge amount of RAM.

I made this LJ entry recently. If you feel inclined to comment, please do it there. I have anonymous commenting enabled. I always do. :-)

If people would like to get together anyway, despite the cancelled meetup, let's use this entry to arrange a time and place. :-) I was thinking of doing that anyway, and then droleary suggested it as well, so I'm all for it. :-)

I bought a new PowerBook as well, so I'd have a toy for people to ogle. :-)

I'll be working for Amazon in Seattle. I'm going to have to move. So please, people here in Minnesota, sign up for this month's Slashdot meetup so I can say goodbye to you all before I go. :-)

Well, I'm off to my job interview with Bloomberg in NYC. Wheee!