okay so i built a diy intrusion detection box for my network, even though i now know the infection came from inside the network. suddenly my network went from 1.0-2.0 MB/s to 4.0-7.5MB/s. we are paying for 7.5MB/s but due to wireless limitations only one wireless box has 1300 mbit dual channel wireless n/ac. that one gets the full speed connection, the rest get what their laptop wifi does. except the ones using ethernet over powerline. someone told me that it was probably line noise because of the number of devices we have, which doesn't make sense to me, but ok. also the diy box has squid transparent proxy enabled, another reason could be multicast, the wifi router is a decent one but consumer grade was putting a real cpu (quad core) that big a difference in ability to multicast and cache data efficiently?

the cpu was the cheapest low watt cpu i could find, but the box still idles at 26 watts (inline power consumption measuring device) which i know is a lot for just an idps box. still it was cheap but is only as well configured as i know how to which isn't much knowledge at all, i tried about 7 different distros before picking one. it is amazing it made that big a difference in network performance though.

the only other reason i can think of for the bandwidth is a botnet is being blocked by the new firewall that the old router didn't fix/block.

So i don't control everything that happens on my network and i had people besides me able to install programs. well i found the culprit and my network was compromised 2 months ago. http://imgbin.org/index.php?page=image&id=20501 i have since closed the hole (allowing other people to install software) at least on my network. checking logs to see if the scan caught the files already and quarantined the file or if i have to reinstall windows.

2 things. One is longer than the other so I'll start with the shorter.

Synergy has decided that they'll charge for downloads. This is totally fine with me and they are fully within their rights. They have not changed the licensing on the code, it is still FOSS. So I went to their nightly build directory and grabbed the rpm I needed today from there. It's a good project to support I just figure I'll do it on my terms. This was easier than grabbing the source and going that route.

Now to the longer part. A little while back the hard drive in my Fedora box starting getting flaky. I was going to buy a new drive but a friend offered one he wasn't using so I took that instead. Then that one started getting flaky so the other day I went out and bought a new hard drive. Same size, different manufacturer.

Then I tried to clone the old drive to the new drive with Clonezilla. The process completed but the new drive wouldn't boot. It mostly did but got stuck - I think because so much hadn't been able to be copied due to bad sectors on the original disk. So I figured it's not hard to do a fresh install and I went that route.

I put the new disk in, pulled the old disk out and installed Fedora. I have done it enough times that I can step through everything pretty quickly. But that quickness made me forget about a couple items on the old drive that I wanted. So I grabbed our little harness that lets me connect sata drives via usb.

When I install Fedora I let the installer configure my storage and I take the defaults. No problems. But when I plugged in via USB I saw the root partition right away but not the LVM partition. Checking with the lvm tools I see that I have two volumes with the same name and I'm not sure which is which. Fortunately vgdisplay will tell you lots of interesting things about your volume groups including their UUID. So for two items that looked identical to me, I could see the UUID of each. And fortunately vgrename takes a UUID as an argument and that let me rename the old volume and then bring it up. Once I activated it, it was automounted and I could use Dolphin to see and grab the files I wanted.

In the future when installing I should probably choose a non-default volume name to avoid this kind of thing. Or make it a post-install step to change what's on the box.

so since all my machines were compromised, i need to know what is the best solution for this problem. our wifi has a good router with firewall, but was unable to stop the infection of my systems.

the router is i believe linux based. is smoothwall still the best firewall? or should i roll my own using a BSD? which hardware makes the best firewall, should i install freebsd or linux to it.

which anti virus/anti malware/anti root kit is most reccomended. i am making it so no one but me can install software to the windows machines but even my home dir on linux was hacked. is there a good tut for rolling linux on my own and use clamtk and firefox as a secondary scan for usb sticks etc.

norton was useless at stopping the infection. only one windows machine had it's files overwritten and thus that was the only one to be factory reset. how about intrusion detection with the add on firewall? i use bittorrent for linux i am not real big on jigdo and debian because it is not 'easy' to do yet. i can follow step by stem guides but that is painful so please only give me better links than simple googling...

I haven't posted in a bit. I was travelling and then busy when I got back.

I spent a week-end in Vajta and then a few days later I was in Athens for a week. Greece is a very pretty place. The weather was fantastic. Vajta was also really nice. Here in Hungary we are getting into fall and that may be my favorite season. Growing up in the Southwest I didn't experience such a high degree of change every year and I'm really loving it now.

I finally figured out something today that was really unexpected. When the 64 bit version of Chrome became available for Linux I installed it. It's nice but I did notice something right away. Mouseover wasn't working. This is a huge pain. Especially as I'm a heavy user of gmail and google drive. But even little things like reading the mouse over joke for xkcd became a pain.

Anyhow I just figured it was a problem with Chrome. Today as it was bugging me again I decided to look and see if anyone was talking about it. I found this synergy bug report. I would never have guessed that synergy was the problem. And I have the server automatically start when I log in - so even when I don't have my laptop at my desk, the server is still running on my desktop. So even when I "wasn't using" synergy I still had the problem.

Now that it is fixed I'm pretty happy.

When I read this report, I immediately shut the server down and instantly Chrome became normal and everything worked. The comments for the bug report said that turning off hardware acceleration in chrome helped. So I did that. And now I can use synergy and Chrome is working normally. Very interesting stuff.

edit - is the free beer at work part of the problem? (In the paragraph under the heading "Life at Synergy Si..." -- and I'm kidding. I want free beer at my work now.)

Google struggles dealing with people who are in one place but want to use a language from another place.

It's gotten better in chrome on a computer. I can pretty much search in chrome and get my results in English. But on android it's a mess.

When I search in Android Chrome - I get google.hu and I haven't found a way to get it to use google.com

Today I decided to start using 2 factor authentication with gmail. Seems like a good idea and it's free so why not? Once I turned it on and set it up on my computer then I went to my phone. On my Android phone it said, "Now you need to go to the web." and took me to a form in Hungarian. There was no option to switch it to English.

Everything in my phone is set to use English but this is all completely ignored in favor of where the browser has decided that I am physically located. Does that make sense to you? It does not make sense to me. I want it in US English - no matter where I am in the world.

It's a weird thing. On the one hand I love that they are willing to sms the codes to any number world wide (though I switched to the app). So in some ways they are way ahead of others. But then you run into something that is just so backwards. And finding a way to send feedback to Google? Not so easy.

I enquired about when subscription renewal would be available again and the reply I got was that the subscription process will not be coming back. Must not make enough income to make it worthwhile. I liked seeing stories a little early and would try to quickly email and warn of dupes when I could. But it is a business. So it goes.

A long, long time ago I registered a domain that I thought would be awesome to use for a number of purposes. SleepingArmadillo.com Actually I thought the best use of this would be as a name for a craft beer. But I thought it would be good for almost anything but I never actually did anything with it. I just had a static html page with a photo of a 'sleeping' armadillo taken on a road near my home when I was living in Florida.

I ended up selling it to a band. The page they have now has a cool little cover image - I like it. I didn't make any profit on the deal but I enjoyed doing it.

It made me want to register something else that may be useful someday. It's not easy to do. I ended up with busypenguin.com I have no idea what I'll do with it. Right now I think it could be a clever Linux site but I don't have the time or desire to do it. I don't think it would be a good beer name. Sleeping Armadillo was genius. Busy Penguin was just the best I could get that day. I like it, don't get me wrong, just not sure at all what I'll do with it.

Look, I have an iPhone 5. I've owned iMacs, Mac SE, and my first software I paid for was for the Apple II+.

But I'm not that impressed today.

A watch? Why? Who wears those things? Just look at your phone.

Pay by phone? That was around in the 1980s in Japan and South Korea.

Seriously, what's next, Apple VCRs and Shoulderpads?

Went with some friends tonight to watch Hungary play Northern Ireland in their Euro Cup qualifier match.

It was held at Groupama Arena. It was my first time there and it is a very nice facility. We bought lower priced tickets but it still felt like we were very close, especially compared to what it is like at Ferenc PuskÃs Stadium.

It was 0 - 0 through the first 75 minutes. I felt like Hungary had the majority of the possession over that time and the bulk of the scoring chances. They had a corner and I told one of my friends, "It would be a shame if Hungary don't get something more than a draw out of this match." Seconds later they scored.

It was fun and I was pretty excited. Unfortunately Hungary appeared to finish playing defense at around 80 minutes and ended up losing 2 to 1. Really a disappointing result. They could have and should have won.

Take my money please.

The drive died but not before I got copied what I wanted copied. Clonezilla failed and then it just totally tanked. So I just put in the drive I was trying to clone over to and did a fresh install. Now I'm copying back some stuff.

My Slashdot subscription ended and you can't buy it any more. The page seems to say this is temporary but I wonder if that is going away?

As I was doing my setup after installation I found some helpful notes from past journal entries. I need to collect all that stuff in one place.

Booted up my Fedora box at work this morning but instead of starting normally it put me in emergency mode with a message to check the logs. On the whole I'm very pleased with this development. It gave me a prompt to give it the root password and then I could view the logs with journalctl from there.

Unfortunately though the resolution of the text was such that I couldn't read most of it - it went off the screen. So that's a bit of a problem. I had the system start up to the default state and then I was able to look at the logs in Konsole - which was a lot nicer. Looks like the hard drive is on its way out the door.

I ran smartmon and double checked. So now I'm copying everything off that I might be worried about. (In addition to my normal backups. I like to do this just in case.) And I think I've found the Western Digital drive that I'll be buying to replace this Seagate drive that is toast.

From what I've read WD is much more reliable than Seagate. Though I can't complain. It is the original drive that came with the machine and I bought in 2010. I don't think 4 years is an impressive time for a drive to last but I don't think it is terrible either.

But kudos to Fedora for alerting me to the problem and giving me time to plan ahead. The system still seems to run fine, I'm typing this JE from it - but I know that this wont stay true. And probably I could route around the damage for a while but I'd rather not. Storage is too cheap nowadays. I'll be picking up another TB drive for about $50.

A while back due to a freak accident, the glass broke on my S3. I decided to buy a kit and replace it myself. It went o.k. but I wasn't too crazy about the result. Touch didn't work as well afterwords and the home button was a little too recessed. I figured either I didn't get the adhesive set right or the glass was thicker.

Not long after I fixed it ( within 6 months?) my daughter knocked my phone off a counter and the glass broke again. So I ordered another kit.

This one came with a sticker on the glass packaging. It said, "There is a thin layer of plastic on the glass that is very difficult to see. Be sure to remove it."

As I pulled up the glass I installed the first time it broke - it pealed away with a layer of plastic under it. The first kit hadn't had that warning and I installed the glass without removing the plastic. Now that I have it in correctly it fits much better and everything works much better. I celebrated by updating Cyanogenmod and now I'm running KitKat.

So my daughter did me a favor busting the glass on my phone.

So right after I wrote my last je I googled a bit and set it up so that I could access my Fedora vm from the host OS (Mavericks).

It was pretty simple though I had to piece together exactly what to do from a few different places. These instructions work well though they leave out one part. The first part about creating a new interface - for me vboxnet0 wasn't already there. I needed to do go into the VirtualBox preferences, then in the networking section I needed to create a host-only network. Then it made it possible for me to create the host-only connection.

Now I can ssh to the guest and browse to it. Very nice. This will allow me to be a lot more productive when I travel.