A colleague here at LISA told me yesterday that he had observed approximately a 50% drop in traffic on his E-mail servers. Naturally, this was first a cause for concern, but then he learned about the disconnection of McColo - a major botnet command and control hosting site in Northern California, USA. Their two up-stream ISPs pulled their plugs on Tuesday afternoon. See the story in the Washington Post.

Naturally, I experienced an immediate urge to check $employer's anti-spam system for its observation on the situation.

Last weekend we went to LinuxFest NorthWest 2008 in Bellingham, WA. It was a great time, we handed out a bunch of Tee-Shirts, met a lot of good people, and saw some interesting presentations. I even spoke with around half a dozen potential summer interns.

Someone on the sage-members mailing list asked about checking SSL expiration dates. We use the following script to check them via nagios (actually, we use a slightly older version that takes hostname and port instead of URL, but this is the next version we plan to roll out). I thought I'd post it here (with the permission of the author, who is no longer at Tufts) for others to use:

#!/usr/local/bin/perl
###########################################################################
#####                                                                     #
#####     check_cert.pl -- check  HTTPS,  IMAPS,  LDAPS or SMTP (with     #


  

NTP 4 introduces some interesting new things that few people seem to know about, are sparsely documented, and are difficult to setup correctly, however they can help with synchronization in the event of total external network failure (even if you don't have a reference time source).

Now, some reference time sources aren't expensive (others are), but sometimes you care more about node-to-node synchronization than you do about absolute time accuracy. One example might be a large computational cluster where, if the network is disconnected from the Internet for a while, or if the primary time source is down, you don't want the individual nodes to drift apart.

Solved -- The box didn't retain my permissiable SELinux environment after a yum update. With a 'sudo setsebool -P samba_enable_home_dirs=1' there was a mighty noise and it started allowing public read-only access to the share.

Someone liked my work (that they help me do) so well, that recently they requested I share the file with everyone on the LAN. I set out to create a publicly readable Samba share for the file. As a user, I issued a 'sudo yum install samba' and soon after started working on the default config file in /etc/samba/smb.conf.

Here's the mix I came up with (which, keep in mind, doesn't work; I could use some help!)

Anthony Spina writes an interesting article on the Splunk blog (here). Using network databases like this can make distributed operations much easier. How do you tag your machines?