SRHuston Dot Net

Got in to work yesterday, and thought a couple things looked a little off. After a little digging, someone had broken in with a stolen password from offiste, and was still in the process of making a mess.

After yanking the network cable out of the firewall, and powering off the machines that looked like they’d been compromised, I then spent the rest of the day cleaning it up. Namely booting the machines off a CD, checking binaries and removing signs of the intrusion, saving copies of stuff off to another disk for later analysis, all that junk. Finally got to bed around 0230 this morning.

Needless to say, I’m not at work right now. Just woke up a little while ago, and am watching the storms go by. Kinda neat weather, I love big rain/thunderstorms.

Just something to type. Need to kill time while waiting for the RAID to finish rebuilding on the Beowulf cluster’s fileserver. It’s been giving me some headaches the last two days, dying at 0400 every night for no apparent reason. So I forced a reiserfsck (which came up with two errors that it corrected), and then forced a reindex.

Now I’m contemplating yanking one of the drives when it’s done, and twiddling it a bit since only that one drive has ever given any errors. Probably a loose cable. That’ll really make my day.

So I’ve been getting back into the long-term project I’m working on at work, namely setting up an LDAP server to replace our NIS system. And of course I found that there’s some objects and attributes that I’d like to associate with entries in the directory, so I’m writing a schema to cover those things. And I quickly found that there isn’t quite as much documentation as I’d like to see. Granted, the one book that I have (“Understanding and Deploying LDAP Directory Services (2nd Edition)“) covers a *lot* of the information that one needs to know before setting up a LDAP directory, but it does lack a little bit in the information for creating your own schemas. Oh well, nothing like the tried and true trial-and-error method :>

So I got a couple interesting emails on the morning of the 13th. Seems a story was posted on Slashdot that had a link to our website at work (original story here). Okay, so I’m wondering how many pieces my poor webserver will be in when I get to work. But, it survived intact, and handled it quite well.

For those who like that sort of thing (I’m certainly one of them), here’s a graph of the traffic through our firewall during that time period. No wonder sites that have dynamic content tend to get flogged when a story goes on the front page:

So I’m working on deploying LDAP at work… we’re using NIS currently, and it’s a mess and ugly and doesn’t let me play with things I’d like to do (read: web-based account maintenance) without a lot of even uglier work… so LDAP is the way to go, for that and more reasons. Only problem is, I’m going cross-eyed reading all the information about how to go about doing it. Yeah, I could just forge ahead and make something, but then a year from now when I realize I’ve doomed myself to having to recreate the entire database just to add a certain bit of functionality, I jump off a bridge. Nah, books it is.

Just ordered two, “Understanding and Deploying LDAP Directory Services (2nd Edition)” and “LDAP System Administration” from Amazon. We’ll see I guess. They should be here around the 15th.

Mean time, I’ve got no pending issues going on at work, and only this as a long-term project that had been put off many times in the past and is now finally in the forefront. In other words, I’m spending a lot of time catching up on websites and magazine articles in between learning the internals of LDAP. Ugh. Oh well, back to something resembling work…