Silly Bandwidth

Very odd. I have just confirmed that in three separate states where I know people that have seen people lined up outside gas stations — some with gas cans.

Is it just me, or is this a dangerous situation? It’s not the situation that’s dangerous — we have reserves for just this purpose — it’s the perception of the problem that’s the issue. People just need to relax.

Anyway, for my part I’m going and donate some money to Katrina relief through the Red Cross. I encourage you to consider doing the same.

I’m confused. How is it that I can go for multiple years and never have a problem making a cell phone call only to be unable to connect like 20 times in a single week? Doesn’t technology get better over time? I don’t get it.

I can understand problems with features — IM, Web Browsing, etc., but making basic phone calls? So lame.

Cingular — get your crap stuff together.

Yes, there actually is such a thing as an invisible, pink unicorn.

(Take note that it’s both invisible and pink.)

If you haven’t read Paul Graham’s stuff yet, you’re way behind the curve. He’s an absolute genius on a wide range of topics, and his latest piece discusses how inequality relates to risk, which in turn relates to the overall success of a country. From the article:

If you try to attack wealth, you end up nailing risk as well, and with it growth. If we want a fairer world, I think we’re better off attacking one step downstream, where wealth turns into power.

I strongly suggest you head over and read the entire piece.

Many people are familiar with the concept of a mnemonic [nəˈmɑnɪk] — a memory device that uses a phrase based on the first letter of words in a list. Perhaps the most popular of these in the field of networking is the one for the OSI Model. The mnemonic is:

All People Seem To Need Data Processing.

Well, for those that deal with TCP a lot, I thought it might be helpful to have a mnemonic for the TCP flags as well. What I’ve come up with is:

Unskilled Attackers Pester Real Security Folks

Unskilled = URG Attackers = ACK Pester = PSH Real = RST Security = SYN Folks = FIN

The way this helps me the most is when isolating traffic to capture using Tcpdump. It’s possible, for example, to capture only SYNs (new connection requests), only RSTs (immediate session teardowns), or any combination of the six flags really. As noted in my own little Tcpdump tutorial, you can capture these various flags like so:

Find all SYN packets tcpdump 'tcp[13] & 2 != 0′

Find all RST packets tcpdump 'tcp[13] & 4 != 0′

Find all ACK packets tcpdump 'tcp[13] & 16 != 0′

Notice the SYN example has the number 2 in it, the RST the number 4, and the ACK the number 16. These numbers correspond to where the TCP flags fall on the binary scale. So when you write out:

U A P R S F

…that corresponds to:

32 16 8 4 2 1

So as you read the SYN capture tcpdump 'tcp[13] & 2 != 0′, you’re saying find the 13th byte in the TCP header, and only grab packets where the flag in the 2nd bit is not zero. Well if you go from right to left in the UAPRSF string, you see that the spot where 2 falls is where the S is, and that’s how why you’re capturing only SYN packets when you apply that filter.

Remembering these flags and how to isolate them can go a long way in helping low-level network troubleshooting/security work by isolating what it is you want to see and/or capture. And of course the more you can isolate what you want to see, the faster you can solve the problem. I encourage anyone not making use of this powerful feature already to go ahead and add it to their repertoire.

I’m sitting here in jury duty waiting for selection and it’s quite demoralizing to hear what the average person here finds interesting. Gossip and complaining — not a single decent conversation yet. :(

Like 80% of everyone in the room has been divorced (many of them multiple times), and ironically the conversations many of them are having are centered on them suing someone over something. Divorce, lawsuits, why their bosses are bad because they’re trying to make them work, and Church. Those are the main topics.

Edit: I was asked by one of the attorneys whether or not I could follow a particular Florida law blindly — specifically one stating that a rental car company is responsible for anything a renter does in one of their cars. I told the court that that would depend on what the law stated. I told them that if it said the rental car company was guilty of manslaughter if one of their renters ran over someone then I wouldn’t support it, but in other cases I would. I said it depended on what the law actually said.

So the judge stops the attorney and addresses me directly. She says that she appreciates my thoughts but that my only job is to interpret the facts according to the law. She gave the example of Marijuana use, saying that even if I didn’t agree with the law I’d have to rule according to it.

So that’s when I chimed in with, “So what you’re telling me, your honor, is that it doesn’t matter what’s right or wrong, but only what the law says?” She laughed and said, “Exactly.”

So anyway, for some strange reason I wasn’t picked for that jury. :)

This irks me. Here we are supposedly trying to restore peace and stability to a country where the Sunnis are fighting the Shites, and neither like the Kurds. Well it turns out there’s even infighting within the groups that hate each other.

In Iraq, fighting breaks out between rival Shiite Muslim militiamen in two cities. The clashes involved gunmen loyal to radical cleric Moqtada al-Sadr and members of the Badr Brigade, the paramilitary arm of the most powerful Shiite political party. (Source: NPR: All Things Considered)

I’m reminded of an interview I saw with a Jordanian shop owner the night of the invasion. He said something to the effect of Saddam being the one that held everything together, and that with him gone the people would wish for his return within 2 years. Interesting. I guess the moral here is that we should listen to Jordanian shop owners.

Steve Pavlina’s Favorite Meditation

Here’s a simple but powerful meditation exercise you may enjoy. Teaching you the basics of meditation is beyond the scope of this blog entry (maybe someone can post a comment with a link to a meditation primer for those who’ve never done it), but if you’re already familiar with it, I think you’ll find this one interesting and valuable.

I didn’t learn this particular meditation from anyone else — it’s just something I made up at one point and have been doing for around 10 years now.

First I get myself totally relaxed and into a peaceful state. Then I imagine a special room in my mind which has two chairs facing each other. I sit in one chair, and in the chair opposite me, I visualize my future self five years from now. He appears as the ideal “me” I’m striving to become. He’s physically fit, strong, brave, confident, driven, passionate, enthusiastic, etc. We have a conversation for 5-10 minutes where I ask him questions, and he willingly answers them…

(Source: Steve Pavlina)

An Illustrated Guide to IPSec

For a customer project, I had to dive into the IPSec protocols at a very low level, and it was a real learning experience for me. I’d been using IPSec to set up network-to-network VPNs for a long time,…

(Source: Steve Friedl)