Read 2019-02

Leave a reply

Reading list for February:

  • Star Trek: Deep Space Nine: Worlds of Deep Space Nine #1: Cardassia and Andor – I finished the Cardassia part some time ago but it took me quite some time to finish the Andor part. If you like DS9 (and Enterprise) this book will give you some background information about both world. You’ll may meet some characters from the TV series and the other books of the DS9 universe.
  • The Chemistry of Death – Time for some non SF. I really enjoyed this and bought all other volumes right after finishing.

Read 2019-01

Leave a reply

A little late but here is the list of books it finished in January 2019. I’ll do this every month from now on.

  • Dictator – Part 3 of Robert Harris Cicero trilogy. Started this ages ago, stooped, started again, somehow I was faster with the other two volumes.
  • Der weg des Schmerzes (German) – Volume 64 of the Ikarus series and not one of my favorites. Just read it to the how the story continues.
  • Nacht über ZyKlon (German) – Volume 62 of the Nebular series. The story continues. Waiting for volume 63.
  • Kampf um Terra (German) – Volume 49 of the Heliosphere 2265 series. The story arc will end with volume 50 and I’m waiting for this too.
  • The Gable – Collection of short story’s from the Polity universe. Provides some background in information about the Polity universe. Some part of this you may no from the introductory parts of the other novels.

(all links got to amazon.de)

Plans

Leave a reply

The original plan for this weekend was to migrate my DNS setup from Bind to PowerDNS. Before starting with this task I decided to improve my monitoring. While trying to decide how to improve my monitoring I decided to take a look at Prometheus and Grafana. Now I working on improving my Ansible playbooks and other automation scripts to better integrate VMs and Prometheus.. I think a Netbox VM is up next (I need an IPAM, I lost track of my IPv4 addresses). I also discovered some VMs still running Debian old-stable.

So quite some stuff to do and to write blog posts about (which is, as every year one of my plans for next year). And only about two weeks of “free” time.

MySQL update RedHat

Leave a reply

I recently updated a RedHat Server from 7.4 to 7.6. The server is running a MySQL server and after the update I found the following error message in the mysql_err.log:

“Fatal error: Can’t open and lock privilege tables: Table ‘mysql.columns_priv’ doesn’t exist”

Running mysql_upgrade helped getting rid of the message.

Being part of a DDOS attack

3 Replies

Recently I was contacted by my provider. They got a complain from another provider that a host with an IPv4 address I’m using was part of a DDOS attack.  The mail from the other provider looked liked automatically generated and even contained  a hint how to check the IP:
dig www.google.com @IP

I checked as soon as I could. Yes the Server the IP belongs to runs a resolver. But: The resolver listens only to IPv6 and has an access list for the IPv6 prefix I’m using. Of course the check via dig failed. I looked deeper into the problem and I think I found out how my resolver become part of the DDOS.

Yes I’m guilty. Guilty of reading some blogs and running a web based RSS reader on my server. And the RSS reader is just doing it’s job: Getting RSS feeds. In order to do this it has to do DNS lookups several times a day. The provider that complained hosts several blogs I read and so their DNS server got several request over the day. And that  triggers the DDOS detection appliance  which send out an automated mail. Would have been nice if it would follow it’s own advice using dig to check if the alleged open DNS resolver is really open.

I think about writing an invoice for an hour of troubleshooting.

Just wondering

Leave a reply

you might have noticed that I joined twitter (https://twitter.com/QuuxBerlin/)  some time ago as a tool to contact the support of different companies. Writing a short message in a public place beats being on the phone for hours.

I stopped using twitter for other things than contacting customer support a little after the RIPE meeting in May this year because their support never answered my question about IPv6 support.Maybe you want to give it a try.

One other  thing that using twitter is this blog. There is a Tweet for every post. So now I’m wondering when people will complain that the blog ist not working (in the vintage IP world).

 

 

Tools: draw.io

Leave a reply

I do have a Windows installation for two things:

  • customer VPN (I’ll rant about this some other time)
  • Visio

I ran across draw.io some time and installed it as in App in my NextCloud installation. There is also a Desktop version available. The newer version can now read and write Visio files. I only tested this feature with a small number of files but so var everything worked.