November 2005

The Archives

• Christianity

  Putting the Thanks in Thanksgiving

  November 25th, 2005 (7 years, 6 months ago) by Jeff | Permalink | Comments Off

  Thanksgiving is truly an American holiday, created here in the United States and celebrated only here and in Canada. But the concept of thanksgiving is an old one, and one that should never be forgotten. The secular world has done much to rob many Christian holidays of their true meaning (Christmas and Easter specifically), but it’s hard to completely remove the meaning of a holiday that at its core is about giving thanks to one’s Creator. Sure, most folks only think about football, parades, or gorging themselves on turkey, and the commercial sector looks at the holiday as a minor speed bump on the high-speed expressway to Christmas shopping, but at its heart Thanksgiving is about giving thanks. Such a novel concept. Maybe they should name the holiday after that or something.

  Here’s a few selected verses that come to mind:

  Give thanks to the LORD, call on his name; make know among the nations what he has done — 1 Chronicles 16:8 (NIV)

  Let us come before him with thanksgiving and extol him with music and song. — Psalm 95:2 (NIV)

  Enter his gates with thanksgiving and his courts with praise; give thanks to him and praise his name. For the LORD is good and his love endures forever; his faithfulness continues through all generations — Psalm 100:4-5 (NIV)

  But thanks be to God! He gives us the victory through our Lord Jesus Christ. — 1 Corinthians 15:57 (NIV)

  But thanks be to God, who always leads us in triumphal procession in Christ and through us spreads everyone the fragrance of the knowledge of him. — 2 Corinthians 2:14 (NIV)

  Thanks be to God for his indescribable gift! — 2 Corinthians 9:15 (NIV)

  Do not be anxious about anything, but in everything, by prayer and petition, with thanksgiving, present your requests to God. — Philippians 4:6 (NIV)

  Give thanks in all circumstances, for this is God’s will for you in Christ Jesus. — 1 Thessalonians 5:18 (NIV)

  Therefore, since we are receiving a kingdom that cannot be shaken, let us be thankful, and so worship God acceptably with reverence and awe…. — Hebrews 12:28 (NIV)

  

• Internet, Technology, Webcomics

  That’s why there’s no “CSI: TCP/IP Network Debugging”

  November 16th, 2005 (7 years, 7 months ago) by Jeff | Permalink | Dump Core

  Just an amusing anecdote that occurred yesterday within the sacred, hallowed virtual halls of Keenspot. None of the names have been changed because… everyone is guilty.

  In addition to the public comic sites, Keenspot has a number of private internal sites to provide information and communication channels for its members who are scattered across the globe. One of these sites just happens to be a Wiki that stores information about how the various Autokeen tags, how and when people get paid, how to set up a Keenspot print book, etc. In a highly unofficial capacity, I’ve become the wikimaster of sorts at Keen, largely because I’m the one who has taken the time to learn the entire Wiki markup and enter the largest volume of information. This site is a highly valuable resource for us, especially when somebody new is “Spotted” (that is, invited to join Keen), because we can just point them to the Newbies section of the Wiki and say, “Have fun.”

  However, recently the Wiki had to be moved from one hosting service to another, as Keenspot is slowly but steadily moving away from its old ISP. There was also a question of security as a Wiki, by its very nature, is designed to be edited by anyone. Needless to say, since the Wiki contains somewhat delicate internal information like financial disbursements, we want to make it freely available to our members but not available to those outside the organization. So the Wiki was down for quite some time as the Keen Tech Crew determined where to move the database, the best way to secure it, and… well… when they could dig up the spare time to devote to it. (Sometimes, when there are a lot of forest fires to put out, the little sparks get left to smolder for a while.)

  Recently, though, the Wiki was reopened. So I heartily typed in the URL to check it out, as there have been several articles I’ve wanted to add since it went down. However, when I tried to reach the site, I could never connect. I started pulling out all of my network analysis tricks. The DNS resolved to an IP address, but pings never responded. A traceroute seemed to die at one of Keenspot’s ISP’s internal routers. I could reach other Keen sites without a problem, so I determined the trouble must be over on Keen’s side, or at least at their ISP. I posted all the evidence on the private members forum and waited to hear back from Keen’s chief whipping boy and co-founder, Darren “Gav” Bleuel.

  Darren looked over the post and was befuddled. He asked if I could reach Keenswag, Keenspot’s online store, because the Wiki was housed on the same physical machine. Sure enough, I couldn’t. I hadn’t been able to reach Keenswag in months… ever since it had been moved to this new machine. Now that the Wiki was there, my network traffic to it was going into a black hole as well. What made this even more confusing was that Chris Crosby, Keen’s other founder, hadn’t been able to reach Keenswag either… with virtually the same symptoms.

  Ah, a mystery. Please don your deerstalker caps here.

  Darren began to hypothesize. His theory was that certain machines (i.e., Windows) have an annoying knack for choosing a single network path to a given machine and not wanting to let go of it. The Internet is designed to be flexible, so if one router goes down, alternate paths can be resolved. However, once a Windows box finds a given path it wants to continue using it, even if more efficient paths (or paths that actually work, if a router in the old path completely goes down) can be found. It’s an odd theory, but I’ve heard it before and seen evidence to support it. If both my machine and the Crosbys’ machine locked themselves into a path to the old server which was no longer up, they wouldn’t see the new machine.

  This didn’t explain, however, why my DNS was resolving to the correct IP, and why my Linux box (which should have a more robust TCP/IP networking stack) was producing the same result. I even SSHed into the GPF server and pinged the Wiki machine and got the same IP. So that couldn’t have been the problem. The Crosbys are physically in South Dakota, while I’m in North Carolina; that makes it unlikely (not impossible, but improbable) that we were going through the same backbone router and thus the same path to the machine. Darren said that the Crosbys were able reach the site through their AOL account, so I tried using my work machine. Although I use the same cable modem as my home machines to access the company network via VPN, all outbound traffic from the company goes through a proxy server, so it should have another route. Like clockwork, I was able to reach the site through there.

  By now, Dan Shive was in on the sleuthing. Bear in mind, of course, that none of the three of us are networking experts. Dan and I are both software guys, used to writing high-level languages that call lower level APIs, while Darren is a nuclear physicist who just happened to have system administration thrust upon him. I know the fundamentals of how TCP/IP networking works, but I’m certainly no guru. All three of us were trying to wrack our brains to find out why one set of IPs could reach the site while others couldn’t. And if the Crosbys and I were having problems, who’s to say how many others may be having problems? With Keenswag “down,” this could theoretically be revenue impacting.

  I came up with another theory: What if someone DDoSed the ISP’s subnet, and one of the machines attacking them was in the same subnet that my ISP assigned to me. As a defense mechanism, Keen’s ISP blocked all traffic from that subnet, killing the attack but effectively cutting off anyone in that subnet from reaching theirs. Perhaps it wasn’t a DDoS, which is more of a brute-force attack, but more of an individual hacker trying to crack their systems. That’s akin to banning a block of IPs on a forum; you stop a hacker or spammer from messing up the board, but you can potentially keep legitimate users from getting in as well. At Keen, we only choose IP banning as a last resort, and when we do it’s only temporary. Maybe Keen’s ISP had enough problems out of my cable modem’s IP pool that they kept the block up indefinitely.

  Darren didn’t seem to agree. While Keen had been the target of a recent DDoS, it was against the forum server, not Keenswag; those are two separate machines. Plus, he didn’t give Keen’s ISP that much credit. In the past, they haven’t been very helpful when it’s come to thwarting DDoS attacks.

  I started trying a few more experiments based on his suggestions when Dan suddenly IMed me. While I was typing a response, Darren had posted a new message to the forum. He had checked ifconfig on the Keenswag/Wiki machine and the broadcast IP and netmask were set incorrectly. He asked me to give it another try. Sure enough, I was able to reach the machine just fine. Undoubtedly, the faulty netmask was, purely by chance, blocking both my IP and the Crosbys’ from accessing the machine.

  I IMed the results back to Dan, to which he quipped, “How very anti-climatic.”

  “That’s why there’s no ‘CSI: TCP/IP Network Debugging,’” I responded.

  

• Internet, Software, Technology

  The wolf will live with the giant red T-Rex…

  November 14th, 2005 (7 years, 7 months ago) by Jeff | Permalink | 1 Core Dump

  Okay, so I paraphrased Isaiah 11:6, but it did come immediately to mind….

  Every so often, I like to spin through the Firefox extensions site, just to see what interesting things are out there. Most often, I don’t see anything particularly useful. I mean, I make extensive use of the Web Developer extension, and I’ve got a few others (User Agent Switcher, DictionarySearch) that I use on rare occasions. I use a few others for Thunderbird, but that’s a different application. Most of the extensions out there, though, don’t seem very practical or are too site-specific. But every once in a while there’s something so out there, you just have to give it a spin.

  The extension in question is IE Tab. In a nutshell, it’s a plugin/extension that imbeds an Internet Explorer window in a Firefox tab. It’s freaky. The site shows a screenshot of a Taiwanese copy of Firefox running Windows Update. I couldn’t help myself. I installed the plugin and tried it myself. It took a little bit of copying and pasting to get the right URL; by default, the plugin accesses a site with Firefox, which obviously won’t work with Windows Update and Firefox. But you can configure this thing to always open certain sites in the embedded IE, and sure enough, it worked like a charm. (Of course, I run WU at least once a week anyway, but that’s another post.)

  Some people would probably scratch their heads over this. Why in the heck would anyone want to do this? Everyone who uses an “alternative” (i.e., not IE) browser knows there are still sites out there that are IE-specific, refusing to comply with Internet standards. But why not just fire up an IE window and just browse those sites there? (After all, there’s an extension to make that easier too.) Of course, doing that completely removes the benefits of Firefox, like the tabbed browsing. Imagine that… IE with tabs. Essentially, with this plugin, that’s what you get. No taskbar clutter. It’s downright spiffy.

  Of course, turnabout is fair play. But personally, I doubt I’ll ever use that one.

  

• Personal

  Okay, so it isn’t official…

  November 12th, 2005 (7 years, 7 months ago) by Jeff | Permalink | Dump Core

  I haven’t bothered to sign up, because I know I’m not going to finish in time. But, dang blast that Chris Wright, he finally got to me. After my little tantrum about NaNoWriMo, he’s been needling me in my comments and IM to at least give it a try. So I’m doing it. Unofficially. It’s unofficial because I know I don’t have time to work on it, but I’m doing it anyway because this has been the first chance I’ve had to actually write something other than GPF for a long time. And I really need to get this particular project out of my head and into a more tangible format anyway before senility sets in and it’s lost forever.

  I’ve put my word count over in the blurb under the calendar so I can be thoroughly embarrassed in front of the entire Internet when I don’t break 10k (out of a winning number of 50k words) by the deadline. Of course, since I’m not officially participating, I have nothing to be embarrassed about. I can also continue to write after November 30th guilt free. Unofficialness is my friend.

  I told Wright he could officially gloat, which he officially did over ICQ. And I officially don’t care.

  

About

Jeffrey T. Darlington is the creator of the popular online comic strip General Protection Fault. He is also the creator of a number of other inconsequential things, but seeing as they are inconsequential, he didn't think you should be bothered by mentioning them. More...

Search

Capitalism

Recent

• Weekly Twitter Updates for 2012-10-06
• Weekly Twitter Updates for 2012-09-29
• Weekly Twitter Updates for 2012-09-22
• Weekly Twitter Updates for 2012-09-15
• Weekly Twitter Updates for 2012-09-08

Tag Cloud

Twitter GPF Security Writing Technology Recycle Bin Software humor WinHasher TWiT .NET Webcomics Linux Star Wars server cookie podcast meta WordPress Microsoft Security Now Steve Gibson virtual machine Doctor Who C# mod_rewrite Fedora Wii schedule Apache Windows PHP HTTPS Star Trek blog iPod advertising To Thine Own Self hard drive comments DoubleClick authentication anniversary gifts Christmas