bmt online - archives - September 2003

On bmt online

Archives

Sunday ride

Steph and I are just back from a big-ass tour on the Ninja. I picked her up this morning at her girlfriend's house in Oakland. We then proceeded to ride to San Mateo, south bay, via Bay Bridge and through San Francisco.

Stupid-ass me almost got himself in trouble on the bridge. Duh! On the Oakland->San Francisco way, you are to pay a $2 fee to cross the bridge. I kinda forgotted to do so :-D I was not sure whether I had to pay or not, and as I was riding up to the lady, she wasn't looking at me. I assumed it meant she wasn't expecting me to pay her, so I took off. That's when Steph started hitting me hard on the back. Oops, after all she was expecting payment...

Anyways, after stopping a few yards further and walking the way back to pay what I owed, we finished riding to San Mateo, to have a look at Steph's Dad kite-boarding. He'll have to teach me one day, yeah!

Finally, we took off rather quickly, as Steph had some homework to do. It being sunday, though, we rode back on the back streets of the Valley, through Edgewood Rd, in San Carlos, to 280, in the nice part of the freeway, back home.

Gosh, that was a 140 miles trip overall. Plus with Steph behind, my arms got very sore from braking (and supporting both our weights). Pretty nice, but pretty tiring.

The 919, suite...

I spotted a 919 for sale on Craig's list in Oakland, so I took advantage of having to pick up Steph down there to also have a look at the bike. Man, I test-rode it: I got confirmation that it is really a serious contender for my next bike. In the words of the current owner: it's an injection engine, so the gas is a bit twitchy. Riiiight. Just a bit. Like you crash into the car in front of you every time!

One thing is certain, though: the power to noise ratio on the 919 is without comparison with that of the Ninja. Not that it comes as a surprise...

sun 2003-09-28

The all-rider weekend

This weekend, Steph and I are going the rider way full throttle. See, now that I am riding the little Ninja 250, we thought that we might as well go on a ride together, even though the bike is so small. But for that, Steph needed some gear, starting with a helmet.

So this morning, we raided Road Rider, our local bike accessories shop. After long deliberations, Steph opted for a Shoei 900F. Same as mine, nice, huh :-).

I wanted to have a look at the boots. Commuting on 25 miles on 280 keeps me thinking about that one time I am going to go down. When that time comes, I'd like to be well protected. I thought I was only going to have a look at the boots, but after trying a pair of Alpine Stars riding boots, and pushed by Steph, I could not resist and got the pair. Oh well, after all, money is made to be spent...

Helmet and boots

So, as far as riding, Steph and I were planning that I would pick her up from her girlfriend's house in Oakland tomorrow morning, that we would then ride all the way to 3rd Ave to meet with her dad that would be kiteboarding down there, and then ride back home. However... after getting all our gear, when we got back home, Steph wanted to get a feeling of how it would be to ride in the back of the bike, only to find out the foot-rests were not there!

After quickly asserting that the foot-rests were indeed supposed to be there, I called Riccardo, the owner of the bike who matter-of-factly confirmed that yes, he did have the foot-rests, somewhere at his place. Sometimes, I feel like strangling him right there and then! And the bastard didn't come back home before 10pm! So, around 11, I finally got the foot-rests and the six screws to fasten them to the bike. Only thing left to do was... to do the fastening.

So, at 11pm, on saturday night, I find myself on Riccardo's parking lot, which, contrarily to mine, is lit, unmounting part of the faring of my bike, getting my hands into all the grease projected by the chain onto the bottom of the bike, desperately trying to fasten all six screws. Sometimes, I feel like my life is a comic book.

sat 2003-09-27

Radiohead

I didn't get to set an entry into the blog yesterday. Well, I am not so much to be blamed, as the reason was I went to the Radiohead concert at the Shoreline amphitheatre in Mountain View, CA. Radiohead is definitely a band worth seeing live (admittedly, live might be an abuse of language in this context as the amphitheatre is big enough that you can't really see the stage from the lawn…) However, the show they put on and the improvisation in their themes definitely make it a worthy experience.

Grinning monster from Amnesiac

As was noted on this review of the concert, there was a little quirk during the closing song, Everything in Its Right Place. My impression is that Thom got pissed at the effect of his own voice distorted and mangled and had to finally get up and kick his band member into stopping it.

Biking around

One of the big highlights of our return from France is that I finally concluded the motorcycle business. I got Riccardo's little Ninja 250 repaired, and he's going to lend it to me for a few months (at least until I can get myself a real bike >:-))

As it is, I currently enjoy riding from San Jose to San Carlos, via Hwy 280, exiting on the deliciously winding Edgewood Road. I also get to ride around with Manu and his brand new CBR-600 F4. This morning, we went on a short 11/2 hour ride, starting on Hwy 17 South to Santa Cruz (and, man, aren't those first turns in the hills sharp !), then proceeding on the very winding Bear Creek Road, to reach Skyline Blvd (Hwy 35). I was not aware that Hwy 35 was so small, and, again, winding towards Hwy 17. After a few miles of sharp, leaning low turns, we reached Hwy 9, that we followed down back to Saratoga. Those hills south of San Jose are the bikers' paradise.

Stupidass Manu is going to be out of town for more than a week, but I can't wait to get back on the road in the hills. We already had that planned two weeks ago, only to find out, as we finally reached the foothills that the second key for my bike, that Riccardo had given me and that I gave him back, was actually the key to the gas tank… Of course, we found that out as I was trying to get gas before losing ourselves in the hills. Pfff…

Dream bike

Of course, I had to visit the Honda website to find the link for Manu's bike above. So, of course, I had to take a look at what was on there. Damn. I thus had to come across what I'd call my dream bike.

Honda CB900F 919

Pretty nice, huh?

wed 2003-09-24

Yosemite rocks!

Dudes, Yosemite rocks! But that's no news. Everybody knows that. It is just so nice to be reminded once in a while that, barely a few hours drive from home, there's that little piece of paradise.

As Steph is pretty strained by her work, we decided not to overdo it this time. We of course avoided the valley (full of common tourists) and headed straight to the Tuolumne Meadows. However, this time we did not attempt some high peak or pass of some sort, but settled for a little stroll (still 13 miles round trip) along the river. We paused in a little corner of paradise, lying on the smooth rocks along a pool in the river, in the shade of pine trees. While Steph and our friends Sim and Mike were resting, I was doing some hydraulic engineering in the stream. Yes... happiness.

The wisdom gathered from the trip, though, is that you don't have to travel to remote places to enjoy exotic food. Our dinner at the Cedar Lodge, like our breakfast in Mariposa were just that: exotic... I think we'll have to consider bringing our own food next time we travel to Yosemite. I want to also point out that in Mariposa, I went to the only Mexican restaurant I know in California where all the staff is white. I think this is part of the reasons for the exotism of the place.

Geekisms

Earlier this morning, I was toying with my Mozilla Firebird browser's quick search abilities. To sum up: if you want to use the google quick search, type "google your_search_items" in your address bar, and you'll be taken to google with the right results for your search items. So, to test it out, I entered "google test". Of course.

Among the results, there was the geek test page. Funny, I must say. I could not rank so high however, since there is so much material about Star Trek, and Star Trek really is an american thing. Bah, no matter, I still ranked as a geek, and that's what matters.

However, I would like to challenge the geekiness of the author! Please, look at that page! Could the HTML and the presentation be any poorer? If the resident geek master was really one, he would have produced a much better looking page... Anyways... Just wanted to be stingy >:-)

mon 2003-09-22

No bozos

This startup I am working for needed a new logo to truly express our commitment to serious business. As a *cough* talented graphic artist, I felt it was my duty to prepare them a new logo. Here goes:

No bozos !

b-day | big day | birthday

Talking about bozos, today's my birthday. The big twenty-five, as they say. Some would say I'd better be out there partying my head off instead of sitting at my desk filling up my blog. But oh well. I'll be partying tonight, and in the meantime I get to work from home. Well… actually, I won't be quite partying. I'll actually be on my way to Yosemite, which is rather cool.

In the meantime, I have to finish writing the ton and a half of thank-you cards for all the attendants of my wedding celebration in France. Who said weddings were the best moment of one's life? A pain in the butt, rather!

fri 2003-09-19

Busy day

I was out yesterday night. Steph's little cousin's birthday. You know, family functions. That's always nice, but it doesn't let you finish your blog for the day ;-)

On the way over there, I was on the phone with SBC. Of course, the dial tone wasn't back up by 6pm. If it had been, they wouldn't have qualified as a true phone company. Anyways, I just wanted to check with them regarding the trouble ticket they had issued to me. I was expecting to be dealt with by some automatic answering machine and so be it. But instead I got to talk to a customer representative, or was it a support technician. Anyways, they had no idea about what happened during the day, and I had to explain that yes, the DSL service was back up, but no, I did not have a dial tone and could not make outgoing calls, but yes, I could receive incoming calls, and yes, all this is very weird, thanks, you don't need to tell me !

The situation was weird enough that all the lady could advise me to do was to check that I had all my filters back on when I got back home and that I call them in the event the phone was still (partially) out of order.

Obviously enough, what happened when I got home ? Phone was working ! Tsk tsk tsk.

Anyways. Since then I have been fighting with some cool feature on the web site. I found out on some W3C page that there was this cool feature of a menu that didn't move when you scrolled your page. Cool, huh ? Of course, I immediately proceeded to add the feature to bmt online, and that worked good enough... except that apparently IE doesn't deal with the CSS very well. As you would already had noticed if you looked at that W3C page up there with IE.

Anyways. Looks shitty as hell on IE. I apparently found a workaround, but now I have page setup issues. IE does not seem to want to understand that 14em plus 0.5em equals 14.5em and is half an em less than 15em...

Another busy day's over. I got to meet the CEO of Sleepycat today. Now, that's my kind of company: they're small and extremely profitable. Instead of going the corporation way, they know how to keep it small and simple.

I was out tonight too. A fundraiser for Steph's department at San Jose State. You have dinner at Chevy's and 20% of your bill goes to the department. We were there with her brother who's doing way better then he has. That's always nice to see. Hopefully he manages to keep going forward...

thu 2003-09-18

A ping flood on my DSL connection

A dedicated network admin

As a dedicated webmaster, and a true geek, I am trying to create a clean, straightforward network organization for bmt-online...

(What ? Does this strangely look like the beginning of my other article ? Ah, I am just fooling around.)

This is true enough, though. Over here, at bmt-online, I have two computers sharing the DSL connection. Bebbe is a regular PC with a quite modest configuration (PIII 800MHz) and acts as my server for mail, web and a few other services. FoneBone is my laptop and main work tool. Instead of using the connection sharing abilities of my OS, say, on Bebbe, I decided that I wanted a cleaner setup and got myself a little router-firewall-hub from Netgear. Not that I am a big fan of advertisement, but the little buddy does a good enough job that I want to the appropriate credit to Netgear.

Anyways. So I set up the router to handle my DSL connection on the one hand, and to share it to both PCs, adding a little firewall by-port filtering in the middle. The rules are simple: block all incoming traffic, including ICMP, while leaving the necessary ports open. These include http and smtp, imap and Ident, all on their default ports, plus a few webmail ports on some custom ports. Same goes on the outgoing side: block all ports except those I know I need to use. And when some application is unable to connect, I almost know for sure that it is trying to use a "non-standard" port. I know this is not a perfect setup, and that a port that is open without trying to know who is using it is a gaping security hole, but oh well. That's good enough for my purpose.

Logging the incoming activity

Not only can my little router open and close ports individually (plus a few other options), but it is also able to log traffic in a pretty fine tunable manner. In particular, I decided to log all bounced incoming traffic. Note that I am paranoiac or anything. Just thought it would be interesting to see whose trying to go through, and go through to what. It turned out that results where not only interesting, but also quite peculiar ! The size of the log file grew quite quickly (it is now 12MB big and growing), so that I needed to find some way to comb through and squeeze interesting statistics out of it.

As there wasn't any log analyzer adapted to the format I get from the little Netgear guy (or maybe I didn't look hard enough), I wrote my own little analyzer in C. As I said at the beginning of this geek-ism piece: I am a geek. When the tool was finally ready, I noticed a quite strange evolution in the pattern of incoming traffic.

I started to log on June 30th 2003. Up until August 18th 2003, blocked incoming traffic is mostly TCP: 

  ** Blocked attempts by protocol **
  TCP : 3920 [50.75%]
  UDP : 2617 [33.88%]
  ICMP: 1187 [15.37%]

  ** Top 10 attempts by port **

   1. 137: 1694 [21.93%]
   2. ICMP: 1187 [15.37%]
   3. 139: 714 [9.24%]
   4. 135: 688 [8.91%]
   5. 445: 668 [8.65%]
   6. 3557: 557 [7.21%]
   7. 1434: 404 [5.23%]
   8. 4662: 378 [4.89%]
   9. 37852: 287 [3.72%]
  10. 17300: 183 [2.97%]

  231 other ports: 964 [12.48%]

  Analyzed 7724 inbound records in 0.30s (25746.67 records/s).
  Skipped 0 outbound records and 0 invalid records.

  There are 21023 entries in the resolver cache.

Now, starting on August 18th, and for some reason that totally escapes me, there was a huge increase in the number of ping attempts to my IP address. The following report shows the overall stats from June 30th to Sept. 12th: 

  ** Blocked attempts by protocol **
  TCP :  7784 [10.31%]
  UDP :  4605 [ 6.10%]
  ICMP: 63087 [83.59%]

  ** Top 10 attempts by port **

   1. ICMP: 63087 [83.59%]
   2. 137: 3204 [4.25%]
   3. 135: 1907 [2.53%]
   4. 445: 1247 [1.65%]
   5. 2334: 1143 [1.51%]
   6. 139: 922 [1.22%]
   7. 1434: 614 [0.81%]
   8. 3557: 557 [0.74%]
   9. 4662: 396 [0.52%]
  10. 17300: 302 [0.40%]

  491 other ports: 2097 [2.78%]

  Analyzed 75476 inbound records in 1.73s (43552.22 records/s).
  Skipped 2387 outbound records and 0 invalid records.

  There are 21023 entries in the resolver cache.

So, the traffic rised ten-fold, and that's almost exclusively accounted for by ICMP traffic. I can't really call that a DOS attack, as in the end, that's no more than a few ICMP echo requests per second, at most. It is just... weird.

But there's more. The next good question to ask is: Who is thus pinging me to death ? Well, my little log analysis tool does actually produce a few more stats. I added a little NS lookup service in it, and proceeded to sort the pingers by domain name and name. Results are quite interesting. For the full period from June 30th to September 12th, we have: 

  ** Top 10 attempts by source **
  
   1. pcp559076pcs.rthfrd01.tn.comcast.net: 650 [0.86%]
   2. 161.58.176.160: 578 [0.77%]
   3. 195.6.68.30: 491 [0.65%]
   4. node-c-22a4.a2000.nl: 408 [0.54%]
   5. pl150.lodz.sdi.tpnet.pl: 306 [0.41%]
   6. adsl-67-124-128-105.dsl.sktn01.pacbell.net: 160 [0.21%]
   7. dsl-200-67-127-105.prodigy.net.mx: 156 [0.21%]
   8. adsl-63-198-115-243.dsl.snfc21.pacbell.net: 155 [0.21%]
   9. adsl-67-124-5-58.dsl.scrm01.pacbell.net: 152 [0.20%]
  10. adsl-67-124-44-234.dsl.pltn13.pacbell.net: 152 [0.20%]
  
  21005 other sources: 72268 [95.75%]

Not very conclusive, is it? There is no single main source of pings. Not even a very definite tendency of one provider to be the main source of pings. Granted, PacBell (SBC) has four entries in the top-10 but they are towards the bottom of the list. Besides that, there is that Mexican guy, the Polish guy, and the Dutch guy who have been tickling me a little, plus the dude on Comcast. Nothing fancy.

Oh but wait! Let's see what happens when we count attempts by domain! Maybe that will be more interesting: 

  ** Top 10 attempts by domain **
  
   1. .pacbell.net: 60822 [80.58%]
   2. not resolved: 5888 [7.80%]
   3. .comcast.net: 721 [0.96%]
   4. .level3.net: 619 [0.82%]
   5. .a2000.nl: 412 [0.55%]
   6. .tpnet.pl: 374 [0.50%]
   7. .net.mx: 361 [0.48%]
   8. .t-dialin.net: 292 [0.39%]
   9. .rima-tde.net: 227 [0.30%]
  10. .dialsprint.net: 182 [0.24%]
  
  765 other domains: 5578 [7.39%]

Now that's more interesting. The one top source of bounced access to my home network is the PacBell (SBC) network… to which I belong! So, all those echo requests I am getting originate from a big number of machines, maybe 15000, all located on the same network as I am, and none really hitting me much more than the others.

Today, I contacted my ISP for an unrelated—but equally important, like, my DSL connection is down—issue and mentioned my findings to them. You'd think they would know about what goes on on their own network. Naaah. Nobody was able to tell me what was going on and what could cause such weird behaviour. So, as with the PHP and Apache issue, I am leaving this open, for anyone who has a reasonable explanation to chime in and let me know…

wed 2003-09-17

DSL down

Pff... as we say in France: Problèmes du matin, chagrin. This morning, the stupid DSL connection died on me.

That's when you realise how hooked you are on the Internet. What ? No email for more than an hour ? But, what am I gonna do ? What if someone writes me, and I have to reply right this second. And how am I going to work with my employer - from home, I should specify - if I can't connect ? Argh ! This is the end of my life !?!

It's not that bad, though. I have been on the phone with the IT service of my provider, SBC, and the little lady has a charming voice. I guess this makes up for the inconvenience :-). Doesn't put me back on, though.

...

After an hour and a half on the phone and as much on site at my place, nothing is resolved, really. DSL is somewhat back up, but I don't have a dial tone anymore :-/ Apparently, they are commited to get things back up and running within their installations by 6pm. We shall see...

wed 2003-09-17

Starting a blog...

Today, I pretty much spent the day working on my web page, switching it from HTML 4.01 to XHTML 1.1, tuning up some of the layout and updating some of the content.

As I was so doing, I realized that the way I had designed it, the layout was quite perfect for a blog: a fixed position menu on the left and a series of boxes as the main content. As I also have some exhibitionist tendancies, I decided to start my very own blog, this article being the very first of (hopefully) a long line of witty comments about my life. I guess the main issue with blogs, as with intimate journals (ah... I don't think so... this is the litteral translation for the French journal intime), is to actually stick to writing them. Short term, it should be ok, as I do have some time to spare :-D

There's much background I feel I should give right now. When you have an ongoing blog, it's easy. You refer to past entries in your current entry. But what with the first entry ?

At the very least, I should say a word about Stephanie. She's my wife. We have been married since shortly earlier this year, so that it feels weird to call her my wife. In private, she's my Bebbe. But for the purpose of this blog, I guess I'll stick to Stephanie :-) Here she goes. Isn't she cute ?

Stephanie in Mexico in July 2002

Right now, the time to spare I was mentioning above, it has to do with me not working. At least not quite. Anyhow, I am pretty much being a house-husband, living on Stephanie's income. This needs to change. Not that I mind her making the money or anything, but that's not in our plans. Our plans right now are for her to study and for me to bring the bacon home. Also, her current job is pretty... shitty. She gets quite emotional over it and that's not something we want to last either.

tue 2003-09-16

Creative Commons License 
© 2002-2007 - Bertrand Mollinier Toublet