Tales of an IT Nobody

devbox:~$ iptables -A OUTPUT -j DROP

Funny break January 28, 2011

Best strip ever:

VIA: http://xkcd.com/838/

No Comments on Funny break
Categories: linkspam linux

On: ntp, ntpd. link dump! January 14, 2011

So, in order to quickly have a (debian) machine up and running on ntp, you’re bound to do something like this ‘apt-get install ntp ntpdate’.

The problem is that this installs ‘ntpd’ too. The default configuration is to allow your server to answer to NTP queries from anywhere.

If you want to give the crackdown you’ll be somewhat frustrated with pre 4.6 config options as they’re somewhat nontraditional to what we usually see; without further ado, here’s a simple ‘link dump’ for a configuration guide.

On ntp 4.x? Guess what? Doesn’t work =[ – must be done with iptables.


Here’s the cheatsheet /etc/ntp.conf :

driftfile /var/lib/ntp/ntp.drift
server my.server.address


restrict default ignore
restrict -6 default ignore

restrict 127.0.0.1

restrict my.server.address

This will allow you to poll things, e.g.: ntpq -p; and keep everyone else from sending packets to your box either on purpose or by accident. Note: You -have- to have your ‘servers’ in restrict lines or else it’ll hang on the first poll. (Indicated by ntpq -p )

When ntp isn’t working right, this is what ntpq -p looks like:

 box:/etc# ntpq -p
     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================

123.123.123.123  .INIT.          16 –    –   64    0    0.000    0.000   0.000

Note the 0.000’s in the delay/offset/jitter – it’s also stuck on the sync request at INIT.

A properly functioning ntpq -p should look something like this:

box:/etc# ntpq -p
     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================

123.123.123.123  123.12.1.12      3 u    3   64    1    1.349  2446.01   0.000


No Comments on On: ntp, ntpd. link dump!

Crossing the line January 10, 2011

It’s always fun to watch a huge entity like Google develop a sense of humor. Things like custom logos – the pacman google logo, 1e100, the messages on youtube takedown notices saying ‘sorry’ with a little sad face.

There’s a fine line between being ‘professionally cutesy’ like that, and crossing the line and making yourself look like a teenage kid or worse is working on things behind the scenes.

Google just added a new ‘cutesy thing’ that goes past the line of ‘profesionally cutesy’ to ‘childish’. Basically, it’s a contextual menu for the HTML5 youtube player that has a ‘save video as’ option – when you click on that you’re directed to the ‘Rick-roll’: http://googlesystem.blogspot.com/2011/01/youtubes-html5-rickrolling.html

It’s a humorous touch; but it’s destined to confuse users who aren’t experts in the “terms” – and what stands out to me, is the immature handling of their ‘video saving’ problem by a bait and switch link. The repercussions of something like this delve deeper than just saying “get a sense of humor”. Corporations and institutions looking to leverage youtube expect a somewhat professional conduct of the site.

Interestingly enough – a few years back my peers and I were evaluating PHP frameworks – one of them was CodeIgniter ( http://codeigniter.com/ ). Something of a little nitpick I pointed out while we were talking about it – was that the main phrase in the graphic on the CI site said “… that helps you write kick-ass PhP programs”. I mentioned it might be a poor decision because people like us research, pawn and direct others to it; to other professionals it might look tacky to have ‘kick-ass’ written on there when you want to utilize it in a professional matter. The verbage on that graphic has changed … wonder if google will figure it out…

No Comments on Crossing the line
Categories: rant