May 13th, 2006

Some time in March, DLS was served with a subpoena for information about one of the IP addresses assigned to my co-located server, namely the one I have specifically setup for a Tor exit node. They of course complied, and I didn't think much of it. I've personally processed quite a few subpoenas in my time while in charge of the abuse department at DLS.

In early April, I was contacted by one of the lawyers for the case asking me about the subpoena. I told him I hadn't personally received one yet, but I explained what Tor was, how it worked, and that I didn't have any logs to give them for whatever they were asking for.

Continue reading 998 words...


We're coming out with a managed firewall product at work that is basically an OpenBSD machine running pf that supports VPNs and all the usual malarkey.

An issue we run into a lot with our hosted PBX service is that some customers have networks with firewalls that cause problems with TFTP, SIP, latency, etc. It makes diagnosing problems harder and often the customers think the problems are with our phone system when they're really with their firewall. So if they get our firewall, we know everything will work and we'll have the ability to change things if something doesn't work.

Continue reading 594 words...

Apple PowerBook G4 12"

My new 12" PowerBook arrived yesterday. I've been wanting to switch (back) to a PowerBook for a while to have working niceities such as Bluetooth, Firewire, iMovie, Automator, etc. The 15" PowerBook i had before was too big for me to carry around everywhere, so I figured a 12" would be somewhat comparable to my X40.

The first thing I did when it arrived was re-partition it to make a 6GB partition for OpenBSD and reinstall Mac OS on the large partition. I played around in Mac OS and got everything setup, but when I tried to install OpenBSD in its partition, the disklabel was occupying the entire drive space (even though the OpenBSD partition was only 6GB in fdisk) and it decided to format the entire drive. By the time I realized what it was doing it had already screwed everything up.

Continue reading 1,011 words...

January 18th, 2005

While poking around in /tmp on one of our shared-customer web servers the other day, I noticed a /tmp/... directory owned by www. Seemed a bit odd, so I looked inside and found such gems as hide.c, psybnc, and As I was busy at the time, I killed the IRC bot that was being run and cleaned up the directory and moved on.

Today, however, I noticed the same set of files had been put back, with timestamps of yesterday. I looked into it some more and it appears to be a root-kit-of-sorts (that doesn't actually get root, and its only purpose is to run an IRC bot/bouncer).

Continue reading 612 words...

October 3rd, 2004

Finally committed my nvram driver. I have my tpb port ready but since i made the /dev/nvram device owned by group kmem and mode 440, tpb has to run setgid kmem which might not fly so well. I looked at the code and I don't see any easy way to drop privileges since it has to open /dev/nvram, read it, and close it every time it polls. I'll post it to ports@ and see what people have to say.

tpb makes no mention of how the permissions should be handled and Linux's NVRAM driver is 640, owned by root.root. Maybe tpb needs privsep. Ugh.

June 6th, 2004

Since I've gotten my X40, I've been conversing with markus@ about OpenBSD support since he also owns one. I've since ported a driver for the TCPA/TPM security chip and one thing I always wanted to do was hook into the blue "Access IBM" button to run xautolock -locknow for one-touch locking. The tpb program can hook into this button on Linux, but all of the work is handled by an NVRAM driver in the Linux kernel. Apparently the X40's BIOS toggles various bits in the CMOS RAM (NVRAM) when certain buttons are pushed, like the volume buttons, ThinkLight, and of course, the blue "Access IBM" button.

Last night I started looking into making an NVRAM driver for OpenBSD, which turned out to be relatively easy, since the i386's clock code already has functions for reading and writing to the NVRAM. I put together a simple driver to provide user-land read-only access to the NVRAM through a /dev/nvram device:

Continue reading 322 words...

June 19th, 2004

I got a new Cisco T1 router with enough flash memory to run an IOS version that supports IPv6. I reconfigured my network a tad and now the Cisco does the freenet tunnel and passes traffic for the rest of the machines.

Apparently the neteng group at DLS is supposed to start working on IPv6 soon. Hopefully I can get native IPv6 routed here and can support it as well.

May 22nd, 2004

This morning, I woke up early and stumbled over to the computer. My VT510 was blank, which is never good. It either means I lost power or is down. I hit a key and see this scrolled over and over:

Which all stop at around 5:30. sd1 is the new /mirror drive which I just upgraded to a month or so ago. After a shower I went to DLS with the old /mirror drive to bring the server back up, but my keycard wouldn't open any of the doors at the NOC. Maybe i'm being fired…

Continue reading 342 words...

January 4th, 2004

I gave up on making the kernel emulate right-clicking from the keyboard since X11 already has all of this built in. Someone on the ppc@ list hinted at binding PointerButton2 and Pointer_Button3 with xmodmap.

This is basically what I'm using now, to have middle and right mouse buttons through the Apple/flower key and the square 'Enter' key, respectively:

Continue reading 89 words...

December 18th, 2003

Someone on the ppc@ list posted about a CVS tree containing drivers for a lot of macppc hardware that hasn't been committed to NetBSD yet. I took his snapper and i2s drivers and whacked them into shape to link into OpenBSD. The snapper0 and audio0 drivers attach, but the kernel panics in the DMA code when trying to play audio.

My iMic finally arrived, so I kind of stopped working on making the internal snapper work. With functioning sound, I've been able to boot into OpenBSD at work. konq-e sucks, though, but Mozilla doesn't work so I'm stuck with it for now.

December 7th, 2003

So now that X works on my PowerBook, I've been running OpenBSD when I get home from work to continue making other things work so I can eventually run OpenBSD all the time. The awacs audio driver seems to be for older chipsets and doesn't support the new "snapper" chip on my machine, so I'll need to port something from Linux or use an external USB audio system. Neither sound appealing.

While playing around in OpenBSD, I've found the keyboard to be very annoying. At random times a key will appear to be stuck and continue repeating until some other keys are mashed to get it to stop. I was rdesktop'd into a Windows machine when this happened with the Enter key, so after clicking on the Start Menu, it immediately selected "Shut down" and then hit Enter on the confirmation screen. Luckily the drop down was on "Reboot" and not "Shut down"

Continue reading 438 words...

December 1st, 2003

I finally got X working on my PowerBook!

After reviewing Linux kernel and XFree86 code for weeks, hacking the hell out of radeon_base.c adding random debugging everywhere, searching mailing lists for clues, and lots of guessing, I finally did the make && startx that resulted in a clean display coming up.

Continue reading 164 words...