The end of an era

In 1999 i subscribed to a usenet provider named Newsfeeds, the following year i didn’t renew the account but they forgot about me, so i cheated the following 10 years without paying a cent.
Thank you Newsfeeds, it’s been a huge joy downloading 10 years of binaries for free, too bad today it’s all gone, and not because they remembered about me.

This week marks the end of an era for one of the earliest pieces of Internet history, which got its start at Duke University more than 30 years ago. On May 20, Duke will shut down its Usenet server, which provides access to a worldwide electronic discussion network of newsgroups started in 1979 by two Duke graduate students, Tom Truscott and Jim Ellis.

News of the day is also the shutdown of the British Usenet indexer Newzbin today; the site sank under the weight of a lawsuit and outstanding debt. Merge these stories with the recent news of Microsoft shuttering its newsgroups, along with otherrecentstories, and the picture does not look bright for Usenet.

Automatically register hosts on Zabbix

When i was looking for a Nagios replacement i stumbled upon Zabbix and i suddenly fell in love with it. Too bad its auto-discovery feature doesn’t allow CIDR/16 classes to be scanned, but even if it did it wouldn’t be that nice to scan the whole Amazon EC2 network just to monitor my hosts.
I’ve read in Zabbix forums that host auto-registration will be re-implemented as of version 1.6 but until then i needed an automated solution, manually add each server is not tolerated.

I wrote therefore the following script, which basically simulates logging in and manually adding a new host through web interface.
Username and password are stored into an external file (first line and second line), this because i bundled this script into a RPM for Zabbix’s agent (which erases it through %post scripts) and i don’t want my server login credentials to travel with it (i know, you can always unpack the RPM…).
The IF statement checks whether the host on which the script is run is an EC2 host or not by merely seeing if hostname begins with “ip-”, it’s a shoddy method but it does its job.
I left out template linking since it was outside my scope but it would just take a couple of seconds in tuning the POST request.

I guess all the rest is kinda self explaining. Sorry for poor formatting (WordPress doesn’t seem to handle wordwrapping properly), orange lines are of course one line only.

#!/bin/bash
USERNAME=`sed -n '1p' /usr/local/zabbix/sbin/zabbix_credentials`
PASSWORD=`sed -n '2p' /usr/local/zabbix/sbin/zabbix_credentials`
URL=http://<your_ip_address>/zabbix   # NO trailing slash
HOST=`hostname`

if [ ${HOST:0:3} = "ip-" ]; then
IP=`wget -q -O- http://169.254.169.254/latest/meta-data/public-ipv4`
DNS=`wget -q -O- http://169.254.169.254/latest/meta-data/public-hostname`
else
IP=`ifconfig eth0 | sed -n 2p | cut -d ":" -f2 | cut -d " " -f1`
DNS=`hostname -f`
fi

wget --keep-session-cookies --save-headers --save-cookies /tmp/cookies -O- \
--post-data="form=1&form_refresh=1&name=$USERNAME&password=$PASSWORD&enter=Enter" \
$URL/index.php

wget --keep-session-cookies --save-headers --load-cookies /tmp/cookies -O- \
--post-data="form=Create+Host&form_refresh=1
&config=0&groupid=0&devicetype=&name=
&os=&serialno=&tag=&macaddress=
&hardware=&software=&contact=&location=
&notes=&host=$HOST&groups%5B%5D=2
&newgroup=&dns=$DNS&ip=$IP&useip=1
&port=10050&status=0&save=Save" \

$URL/hosts.php

Predictable random generator in Debian’s OpenSSL

Though i’ll always love Debian and its philosophy i remember i immediately felt happy since i moved most of my main servers to CentOS, and when such news reach me it gets even better.

It looks like keys generated with ssh-keygen from Debian or other Debian based distros (e.g. Ubuntu) have a case of weakness due to an error in the package and can therefore be guessed. Additionally, other systems can be indirectly affected if weak keys are imported into them.

If you run any Debian based system it is highly recommended that you upgrade as soon.
More info can be found at: http://lists.debian.org/debian-security-announce/2008/msg00152.html

Xname DoSed again

There are things you usually understimate, things with a remote possibility of failure, things that out of the blue turn the day before your departure into a living hell.

It happened yesterday, when the old, free and almost trusted Xname said goodbye to this world leaving many of my server forsaken in the darkness.

I now switched to EditDNS.net, which is free, well managed and provides lot of nice features and 5 world dislocated servers.
Hurry if your domains still lie in the dark.

Greetings from .nl :)