Rusty's Blog

Oh, the world is far from perfect, and this really isn’t a significant’ step along that path, but hopefully it simplifies things in the long term.

About a month and a half ago, or two months ago, one of The New York Times advertisers was hacked. Their servers were used to propagate some windows specific virus or another. I don’t know that this is the source of the infection that afflicted my dad’s computer, but I do know that his computer did get infected with a virus of some sort.

I’ve heard some people claim that they can clean up any infected Windows computer. Whether I believe them or not, Is not important. I certainly won’t make that claim, and more specifically I won’t make such a claim of being able to do that over half a continent.

There were three choices. 1 my dad could take his computer to a shop some place and have them clean it up. Best buy would certainly be willing to help him. for a fee. If you think about it, the fee involved almost puts him at a place where he could just as easily give them the computer as a gift, and buy a netbook in place of it. And he is curious about netbooks, more on that later.

The second option was that he could send it to me. I could see what I could do, which probably was not a whole lot, and I could send him back his computer with the possible effect that I just gave him back an infected computer. I’m not a big fan of that.

Or I could introduce him to Ubuntu.

I took advantage of a program that has been essentially a part of Ubuntu from day one, but which is changing this next release, which allowed me to go to a web page and get a copy of Ubuntu shipped to my dad for free. This took a couple of weeks, but he was more than happy to use the local public library a few times, and he waited. If he had shiipped the computer to me, he probably would have waited longer anyway. He booted up the CD, and decided to install Ubuntu on his laptop.

The first time he used the free space on the end of the hard disk. Ubuntu will install in as little as 2 gig of space, but that doesn’t leave any room for doing updates, etc. In any case he had a chance to try Ubuntu for a week, and decided he liked it. From what I’m reading in my e-mail from him Yesterday, it sounds like he went ahead and reformatted the hard drive and is now running Ubuntu only. He has decided to put off buying a netbook for the time being.

Before anyone starts claiming that he’s in little better of a position now than he was before, I’ll note that actually he is in a better position. He’s installed for himself a distribution of Linux. I don’t think he ever installed Windows himself. He didn’t need help from his internet provider to get in the internet once Ubuntu was installed, he did under windows. If things go wrong, he can always re-install from that CD now, compared to having to send a computer to a shop, that is a significant savings for him.

Is it possible to get a computer virus under Ubuntu? Sure. Ubuntu supports Wine, and as a result can run many Windows specific programs. Of course Windows specific Viruses are a sub-class of windows specific programs, and many will run under Wine. However the default install of Ubuntu does not include Wine the last I checked, so that’s not exactly a tremendous vector for him. Likewise the default install does not include Flash, so that vector is tentatively out. About the only thing that’s left is Linux specific viruses. There are a couple on the loose, but they seem to be targeting servers rather than desktops, and the default install of Ubuntu desktop does not include server software (A couple of peer-to-peer apps, but not servers.) So for the time being that’s not a significant worry. We should have time for me to walk him through getting a decent anti-virus installed and running. We’ll see.

And no, my experience with having a hacked WordPress blog doesn’t impact this either. That was primarily specific to versions of wordpress, and did happen on multiple platforms.

About half a year ago my dad picked up a story from some place where the theme was ‘just enough is enough.’ The idea was the same as you might find in a kitchen, in a car, or any of a wide variety of areas, but it is reasonably easy to explaine to many computer users with the idea of the netbook. And that idea is if the computer you use does the things you need it to do, then it is sufficient for your needs, and you don’t need to go beyond it. If all you need to do is stuff you can do using google docs, google, bing, amazon.com and other online resources, then it doesn’t suggest you need a computer that will run the latest games. It suggests that you very well may be able to get along on nothing more than a netbook pc.

I’m personally inclined to think that my dad has taken that to the next level. If that’s all you need to do, and the computer you have will do it, there’s no need to go out and buy another computer, not even a netbook. Getting Ubuntu on his computer gave him the tools to do all that he is looking to do. So it is enough.

No I am not suggesting that this solution is perfect for you specificaly, or anyone else. I learned a long time ago that there are a large number of variables involved in getting the appropriate sollution for each person. And while ‘just enough’ is enough for my dad, I go through a lot more resources each day computer wise than he uses in a month. Ubuntu works for me as well. It might work for you, or it might not.

When or how will I know for sure that Ubuntu works for my dad? When he convinces my sister to switch.

…about where people draw the line for the phrase ‘That was a waste of time!’

By way of explanation for why I am curious, I just spent a significant part of today first working on, then ‘upgrading’ my server.

I have several ’servers’ I supose, my video server my sip serer, I suppose I should include my print server as well, but when I think of ‘my server’ I’m not really thinking of these. I’m thinking of my file, web, jabber, mail and so on server. The box has gone through a few upgrades in the past. In fact I don’t think there is a single component in it that was in the original box that bore it’s name. That was my first Linux box. Built from an old 386sx 16 motherboard that I had pulled out of my OS/2 server, and put into an old Northgate 286 case that I picked up cheap. I do remember compiling my own kernel at the time. I wasn’t interested in ‘X’ yet, but what I was interested in was setting up a dial on demand gateway.

I went through a few different modems with that box. I think the earliest one I used was a 14.4kbps internal modem. I think I tried a US Robotics 14.4 hst DS modem that I had picked up a couple of years earlier for running a BBS, but by then it was showing it’s age, and half the time I wasn’t getting a stable connection. Oh there were other reasons for that sort of a situation, but the important partwas that I didn’t trust it.

For a few years I would try one modem, use that until it stopped working, then go get another modem. I finally found a stable modem in a ATI Supra 33.6 that is actually still working. I’ve seen this modem connect to a modem that wouldn’t accept a connection from a peer that was a speed and model duplicate. I’m sure that there are situations where this modem won’t work well. But it’s worked reliably now for over 10 years where modems that were considered to be comercial grade with support, don’t even come close.

A few years after I got the Supra, I ended up with a cable-modem. No more need for dial on demand routing, but while I did need nat routing, my server wasn’t going to do that. Oh I could have done that, but I realy wanted to set this box up to do some different things. Actually, it had picked up the task of being my mail server along the way, and because I was doing dial on demand routing in the past, and I didn’t want every web page querie to initiate a dial command if it was pulling back stuff that I already had, I had been running a squid cache. I don’t think I had started running a web server of my own yet. But I was playing around with file serving using a fairly early edition of Samba.

About this time I was working with BeOS as my primary desktop platform. I still have that box, all set to go. It’s got an early Pentium in it, but for analog video, I think it would outperform the boxes I’m using today. I don’t know about for digital video though. I think i twould probably run into some throughput issues. That said I was doing things with it in the audio realm that I have yet to see anything like them being done on Linux, MacOS or Windows. I wouldn’t be too surprised if there was something feature wise similar on MacOS and Windows, but they either came with BeOS, or were a free download.

For that matter, it’s only been in the last three years that I’ve seen Linux handle multiple audio streams at once. BeOS did that out of the box. And from post completion to a usable desktop was 20 seconds. Linux is getting there now, but  It’s a safe bet to go brew a cup of coffee with just about anything else.

In any case I had decided that I needed an actual firewall, and I didn’t want it running as my file server at the same time. After several years, and a few itterations with cases and motherboards, I finally gave up and bought a broadband router. I haven’t looked back there. Oh I’ve thought a couple of times that it would be nice to have a multi-port box, with different internal and external networks on them in the mix. However for the moment the boxes that I’m using are working, and I don’t really see a good reason to replace them. Ok, I have one reason I might want to replace what I have, but ti would need a significant amount of permanent storage as I would like to be able to block certain traffic sources as far out in my network as possilbe. Oh well.

Well, over the years I added a web server, print services, Jabber, and so on. I’m not using the Mail feature quite as much any more. Well, I take that back. In the past couple of days I’ve started using it a bit more, but I’m wondering if I want to do that long term. The current network infrastructure that I’m working with says that i should be able to run my own mail server for incoming and outgoing e-mail. Howeer since I am in a dhcp scop from my cable provider, there are many mail servers that will blackhole e-mail from me directly from here. If I can figure out how to source my own e-mail through g-mail or something like that, perhaps, but for the moment I’m comfortable with g-mail getting all my e-mail. So as you might imagine, the box, as a server, has become pretty important to me. In fact if you are reading this, it either came directly from my blog, or was hosted there till someone decided to republish it for me. Hopefully ther eis attribution attached. If not I certainly wouldn’t mind if the malicious ‘publisher’ were to find his servers mysteriously going through a DDOS from time to time. Though I’m not suggesting you should do that.

So A month or so ago I decided that it was time to start looking at some higher availability solutions. The easiest would be to set up a small box to pick up my web stuff. In reality, it might not be a bad idea to move the database for the blog, and other stuff off of the server and into a dedicated database server system. From a database demands perspective, I would be surprised if all of my database environment put together was using more than a couple hundred megabytes. That includes information about all the recordings I’ve made, the next 2 weeks of TV schedules, the metadata on all my audio recordings, and so on. If you throw in my e-mail, perhaps a couple of gigabytes. Yes things get different once you add in all the music itself, and if you were to add the video itself things would be even more different. However I’m not quite ready to consider collections of photos, music and videow to be ready to be database object collections yet. Even if they are at some level.But I do have a substantial amount of information in my home directory on my server. Just under 200 gigabytes. And I figured it would be a bood idea to get copies of the data stored elsewhere as well.

So I picked up one of my favorite little machines, a v.50 at Microcenter, upgraded the memory and hard drive, Installed Ubuntu Linux Server on it, and started rsyncing from my server.

That was about a week ago. I took a look at where I was today and realized that I had gotten a bit over a quarter of the way through my collection. I wasn’t very happy about that. Or the fact that I had to reload my server several times over the past week. So I went and picked up a blank 320 gig 3.5″ drive and put it into a case I already had set up, plugged it into the server and started the process all voer again.

The server didn’t immediately crash. Not that that’s all that much of a positive comment on what the server did do. Over the next three or four hours it locked up about a dozen times. So I pulled out Spinrite thinking that perhaps I was dealing with a corrupted hard drive, and ran it against my internal drives. Nope, they seemed to be OK. So I over the next 2 hours spinrite ran. And gave thedrives a clean bill of health. Well, ok. So I grabbed a copy of the Ubuntu server lts install CD and poped it into the drive and tried doing a backup from within that box. No luck. Still ended up with lockups randomly occuring. So I knew the problem was not specifically with the operating system.

I then ran memtest86. Problems. Before it had completed a single pass I knew what the problem was. My server had bad memory. So I looked around. No matching memory. In fact the next closest memory was almost twice as fast, and the systemwouldnot boot with it in the memory slots. Well for that matter, the system wouldn’t boot when I put the old memory back in, so either the problem expanded on the memory module, or I also damaged the motherboard. I wouldn’t put it past either option.

About a month ago I decommisioned my primary workstation and moved to a much smaller box. (Yes another of those v.50’s.) As a result I had a ready solution sitting right next to me. Well, mostly. There were a couple of differences between the boxes. First of all the old box had a single sata drive in it, which was hanging off of a SATA card. It also had two IDE/PATA hard drives in it along with a PATA CD-Rom Drive. Now some time ago I picked up a module that allows me to plug a sata port on a motherboard into a PATA hard drive. I’ve got a couple of them. Nice little devices. In any case that device pretty much made evertying else work together well. The new motherboard had a single PATA port on it, along with just two SATA ports. I added the PCI SATA card from the old server into the new box (Also pulled the gigabit ethernet card and included that.) and I was able to plug everything into at least one usable port. Actually I had 1 internal and theoretically an external interface as well. I added another hard drive to the internal side. Long term I expect that will be my first stage backup location. In other words back up the transient information there, then back that up to a different location without having to take the box offline for long periods of time while backing that information up.

Of course watching the stream of file names passing by, I have a very strong suspicion that I could merge a few directories and save myself nearly a quarter of the space I have allocated.

Of course once I do that I have to tidy up the backup collections as well. Oh well.

In any case back to my original question. Obviously by now I consider the steps I’ve taken to get a stable server and backups made to be important time spent. In the next couple of months I expect to build a server pair that should have even faster processors, perhaps quad cores, more memory, and probably more storage. Hopefully I can find a way to get it into less space. Of coure if I do everything ‘right’ I’ll also ofload the video storage from my media center. When contemplating doing that I think it might be a good idea to add a completely separate network dedicated to storage that is back ended through my server and one or two platforms that will store data to the network. The clients all go through those platforms that make it look as if there is a single contiguous storage device that all the content is stored on.

The down side is figuring out how to handle ‘ofsite’ backups for something like that. Oh, I suppose a couple of 2T drives for now, then a couple of 4T drives down the line, and so on. But even that seems like overkill. When it comes down to it, the video data is all stuff that if I lost all of it tonight, I could probably end up going a couple of days before I found out that I had lost anything at all. And I might not even notice it then.

So was this a waste of time? The initial issue where bad memory was causing problems during the backup process, probably. That said I think that the interim solution of moving the data to a ‘larger’ platform is going to be helpful. And since I’ve done another ‘upgrade, I have a bit of an idea of where things stand as far as the next upgrade. And I can start making plans.

And before someone suggests ‘Carbonite’ remember I’ve been archiving hundreds of gigabytes of content. I get about a 128 kB/s upload speed through my ISP. A 2 .2 gig video takes at least 2 hours to upload across my connection. So we’re talking about 4 days of continuous full network utilizaion tup upload my archive for every 100 gig, or about a week to a week and a half for the entire collection of my data. Ok longer than that because pretty close to half way through I would probably be getting a call from my ISP asking what the heck I’m doing tieing up all that bandwidth for so long.

I have other reasons for not wanting to dump that much data into a carbonite storeage block. Though most of them I won’t go into now. Now? I’m thinking sleep is a really good idea.

To give an answer to the ‘best use’ question. I don’t know. I didn’t have anything else planned for today. It rained through a good portion of the day, so I would not have been out on the bike. I got some reading done. But if there was someone who I could have sat and talked with, that probably would have been a much better use of my time.

Mixed.

I’m not sure how diverse my readership is, and some of my readers are not really interested in the tech end of what I play around with, so let this be a bit of warning that this will be on the tech end of what I am interested in.

I am in the process of building a PBX. In case you are wondering, PBX is short for Private Branch Exchange. Some of the big names in the industry are Avays, Nortel and Lucent. There are many others, but those are pretty much the big names. Where a PBX is primarily used is when a business has more than 4 phone lines coming in to the office, and they need to be able to transfer calls from one phone to another.

Related to the PBX is the Voice Mail system. Octel is the ‘big’ name here. Why this is ‘related’ and not ‘part’ of the PBX is that for most systems a voice mail system is a computer with a few phone lines coming into it that acts as an extension off the PBX and usually is not part of the PBX itself, though that is changing as well.

Another related platform is the Voice Response Unit, VRU, or the stupid phone system firewall that tries to isolate tech support from customers. I don’t immediately have a need for one of these, however that may change. Most of these are little more than a collection of recordings along with a touch tone recognition system. Some of the more advanced systems can handle verbal responses as well, recognizing numbers, letters, words and occasionally short phrases (usually on the lines of ‘tech support’.

My immediate interest is in building a small phone system that allows me to place calls from one IP or WiFi phone, to another. Over time I would like to add the ability to connect to the phone systems, being able to use one of the phones I’ve gotten working to place and receive calls to normal phones and IP phones on the internet.

The obvious question is ‘Why do you want to do this? Up front I’ll admit that I don’t need a bunch of phone numbers, or phone lines into my apartment. II may very well run a small business of sorts in my spare time, but it’s not taking a significant amount of my time right now, and I’m not really expecting to do a lot of expansion any time soon.

My own reason is that I’m interested in the underlying technology. I’ve been doing network related stuff for over 25 years now, Everything from maintenance and repairs on multi-channel phone backbone hardware on up to Wan, Lan and related technology. I think the idea of a PBX is really just an extension to that.

Ok, time to get down to what ammounts to brass tacks. I’m not going to be buying a PBX from one of the big guys. As noted I don’t have the commercial interest, and at least in part it defeats the objective of learning through implementation. Instead I will be using a platform called Asterisk that runs on a number of different operating systems, though is most recognized under Linux. In the short term the idea is to get a couple of IP phones to talk to each other. Longer term will be to replace several phone systems and hopefully be able to extend the coverage of my phones from strictly within my apartment to most of the city block that I am on. A much longer term objective will be to add a sytem that will handle unknown callers in a method I consider reasonable, though those callers may not. (I’m not a big fan of telemarketers, so they are probably not going to be very encouraged to keep trying to call me.

I have a few ’strange’ requirements. As an example, any phone that picks up and dials ‘911′ should be immediately forwarded to the external 911 system. WiFi phones should be able to connect to the system locally and remotely. If I’m in a coffee shop with an open access point, I should be able to place calls. This applies to soft phones on laptops or tablets as well. There may be a requirement for those devices to enter a passcode to establish a long distance call if the conversation is going to be billable, however I haven’t decided how I’m going to implement that. One possibility there is to use Perfect Paper Passwords from Steve Gibson’s systems discussed on Security Now, modified to be 4 or 8 digit numbers rather than text, but we’ll see. It’s a decision for the future.

One of the things that I am interested in doing is hooking this up so that I can also use my amateur radio hardware and software to take and place calls. That’s something for down the road though.

To get started I’ve already set up a server. For that I stopped at my local Microcenter and picked up a PowerSpec V50 small formfactor computer, installed Ubuntu on it, and installed the Asterisk software. i have also collected several wifi UTStarcom wifi phones that were originally provisioned for Vonage. These may, or may not, provide me with the phones I need, but if they do, I’ll be satisfied. As an alternative to the UTStarcom phones, and one that I will probably use first, there are several softphone systems available for Linux that will allow me to establish and test phone service withinmy network even before I get the UTStarcom phones set up.

As an example of what I am contemplating longer term, the following diagram may help:

The phones in the upper left would be cell phones, such as my own, or of family who would like to use my pbx for an alternate voicemail system, or the like. The ‘phones’ beside them are IP phones that plug into a network switch (the blue round thing below them) as are the computers with a V in them, PCs running phone software of some sort. Below those is a separate wifi network, possibly infrastructure, more likely ad-hoc, that the wifi phones connect to the PBX a little more directly through. Off to the left is my firewall setup, which will allow call traffic into and out from my network, to the Internet in general (below) or specific internet users such as cell phones above.

Obviously things can get very complicated pretty fast, so let’s start with some ideas of how to set things up. Each phone and computer above will have it’s own extension. Stuff in the ‘local’ network will have an extension in the range 2###, phones connected via wifi will be 3### series extensions. This is purely to keep track of what type of device is being used. If I need to at a later date, I may set IP ‘Phones’ (the type that look like a phone, and don’t interface directly with a computer) up in the 4### range. In the long run, I hope to use 1### for extentions that map to external phones such as cell phones, and family phones, but I may throw those up to the 8### range I don’t know. 9### is reserved for setting up various external call connections. 0 will be a virtual operator of some sort, but that’s for much later down the line.

So, that’s the plan at the moment. It’s subject to change, but if you don’t start out with a plan of some sort, you’re pretty much lost from the get go.