IPv6 is ready?

Tonight I did ran netstat (`netstat -plunt`) on my Debian server and saw that I had some ports listening via IPv6.  It’s a shame IPv6 hasn’t caught on as it’s better than IPv4 in virtually every way, and it should, especially since TCP/IPv4 was standardized in ARPANET RFC’s… in 1981!  Also, IPv6 provides network level security via IPSec, which enables authentication of sender and encryption of communication path, to secure communications, all fun stuff, but while some point to the fact that the Beijing Olympics used IPv6 exclusively as a point in how far it’s come, that’s hardly saying much when the protocol went Alpha… in 1996!  I mean I put things off and get distracted, sure, but come on!  So while its adoption can be argued to be a case of the chicken before the egg, since I’m not using anything IPv6, nor do I or my ISP even have the capability to use it, it’s silly and perhaps dangerous to leave it running with open ports.  So, if you’re not using it, disable it – it’s easy, just put on your pointy hat and follow along… First we need to edit:

/etc/modprobe.d/aliases

By default you will have a line like this:

alias net-pf-10 ipv6

Replace that line with:

alias net-pf-10 off
alias ipv6 off

(The second line may/may not be required with newer (2.26.+) kernels, but it won’t hurt anything)

Also, while we’re at it, on your desktop machines, help out Firefox by disabling IPv6 there too.  It’s simple, in the location bar enter:

about:config

Then search for:

network.dns.disableIPv6

and toggle its value to ‘true‘

Well, that’s it, you’re now surfing with 1980s technology (just like 99.098% of the internet!)

Tweet, tweet, bomb?

Hmmm…so the Army has claimed that terrorists may be ‘tweeting’ along to plan and organize attacks. Well yeah, I guess they could use Gmail, Slashdot comments and other things the same way, it seems their claim is that since this is more ‘real time’ it could be a danger. Ok, oh, and they take a swipe at Skype as well. Additionally they define a new name I would happily accept, “The report describes hacktivists as politically motivated hackers“. Hacktvist, that’s awesome. The report goes on with,

“The ‘Twitter’ member can send Tweets (messages) near real time to Twitter cell phone groups and to their online Twitter social networking page,” the author said, adding that “there are multiple pro- and anti-Hezbollah Tweets.”

Twitter members “can also mashup their Tweets with a variety of other tools including geo-coordinates and Google Maps or other electronic files/artifacts. Members can direct and re-direct audience members to other Web sites and locations from ‘Tweets’ and can engage in rapid-fire group social interaction,” the writer said.

The author outlined three scenarios where Twitter could be used by terrorists, and pointed out that terrorists have also talked about using other technologies, including cell phones, and Skype and other internet telephony services.

The author, who did not sign the paper, warned that most of the information came from “al-Qaida-like Web sites from ‘uncorroborated’ postings made by terrorists” and “persons sympathetic to terrorism.” Only “rudimentary Arabic language skills and the Google translating tool” were used.

There’s no doubt that ‘terrorists’ will use any means necessary to accomplish their goals, but is this really something to take seriously?

First, a great first introduction of what bittorrent is, and what it accomplishes:

“BitTorrent does not centrally manage resource allocation. Instead, each client attempts to maximise its download rate by controlling various protocol parameters. Clients make direct connections (using ports 6881-6889 by default) to one or more of the clients in the list, to exchange parts of the file. Direct connections between clients are duplex (bi-directional), and every client tries to maintain the greatest number of active connections. A client’s refusal to upload temporarily is known as choking. Connections are choked to prevent leeching a situation where another client is downloading, but not uploading.

To maximize the number of duplex connections, clients reward each other by reciprocating uploads. So clients unwilling to upload will find their download rate dropping as other clients choke in response. Clients decide which connections to choke or unchoke by calculating the current download rate of each connection, once every ten seconds. The connection is left choked or unchoked until the next ten-second period is up. This fixed interval cycle prevents clients from rapidly choking and unchoking, causing network resources to be wasted. Finally, a client does an “optimistic” unchoke, once every 30 seconds, to try out unused connections to determine if they might offer better transfer rates than current ones.” [link]

Now on to comments by others in how to use/harness this system for data propogation:

“One idea that does linger in my head is the idea of creating a bittorrent distribution channel for library cataloging data. In the podcast, a concern was raised on whether a single server such as Library of Congress’s might be serverely impacted if a lot of requests were made against its SRU server. If all the hopes of Casey Bisson’s gift to the library community are realized, what if libraries were to contribute their individual cataloging and authority records to a global torrent? Again, I don’t see the value of a single large file, like MIT’s Barton data, over distribution of individual records. In the real world, torrent sharing is mostly at the work-level and that would seem to be the logical way to handle library records.” [link]

“Institutional repositories – I don’t hear as much noise about institutional repositories as I used to hear. I think their lack of popularity is directly related to the problems they are designed to solve, namely, long-term access. Don’t get me wrong, long-term access is definitely a good thing, but that is a library value. In order to be compelling, institutional repositories need to solve the problems of depositors, not the librarians. What do authors get by putting their content in an institutional repository that they don’t get elsewhere? If they supported version control, collaboration, commenting, tagging, better syndication and possibilities for content reuse — in other words, services against the content — then institutional repositories might prove to be more popular.” [link]

“Of particular interest here is how such a description of BitTorrent intersects on certain points (which I have emphasized above) with larger conversations and concerns campus IT organizations are currently having regarding the increasingly prohibitive costs of owning, maintaining, and monitoring data services locally. In fact, this an issue with much larger scope that is not limited to the education sector by any means. Much of this is a result of our particular moment wherein a plethora of externally hosted options provide college communities the same, if not better, services with infinitely more storage space. And all of this at a fraction of the cost. For some campus IT shops in the business of supporting themselves financially, or even making money, the risks of not going in such a direction are much more dire. The recent news that the University of Washington’s IT department will be laying off 15% of their staff speaks directly to this. In fact, a number of schools have already begun offloading IT staples such as file storage and email to externally hosted solutions. Arizona State University was one of the the first large universities to do this in a deal with Google back in the Fall of 2006, and it is a trend we will continue to see much more of in the coming months and years, particularly as budgets shrink and the economy continues to tank.” [link]

“[...] bioinformatics networks present unique networking challenges that typically can’t be addressed by generic network installations. The first is that there is a huge amount of data involved. The network isn’t handling short e-mail messages typical of the corporate environment, but massive sequence strings, images, and other data. In addition, unlike networks that support traditional business transaction processing, data are continually flowing from disk arrays, servers, and other sources to computers for processing because the data can’t fit into computer RAM. As a result, the network and external data sources are in effect extensions of the computer bus, and the performance of the network limits the overall performance of the system. It doesn’t matter whether the computer processor is capable of processing several hundred million operations per second if the network feeding data from the disks to the computer has a throughput of only 4–5 Mbps.” [link]

function debug {
local severity=”$1″
shift
local message=”$@”

echo -n “`date -u`” 1>&2
echo -ne ‘\t’ 1>&2
echo -n “$severity” 1>&2
echo -ne ‘\t’ 1>&2
echo “$message” 1>&2
}

function fix_path {
echo -n “$1″ | head -n 1 | sed ‘s|^[/.-]*||’ | sed ‘s|/\.*|/|g’
}

function serve_dir {
local dir=”`fix_path “$1″`”
if [ "$dir" = "" ]; then
dir=”./”
fi
echo ‘HTTP/1.1 200 OK’
echo ‘Content-type: text/html;charset=UTF-8′
echo
echo LISTING “$dir”
echo ‘
‘
ls -p “$dir” | sed -e ‘s|^\(.*\)$|\1
|’
}

function serve_file {
echo ‘HTTP/1.1 200 OK’
echo ‘Content-type: application/x-download-this’
echo
local file=”`fix_path “$1″`”
debug INFO serving file “$file”
cat “$file”
}

function process {
local url=”`gawk ‘{print $2}’ | head -n 1`”
case “$url” in
*/)
debug INFO Processing “$url” as dir
serve_dir “$url”
break
;;
*)
debug INFO Processing “$url” as file
serve_file “$url”
;;
esac
}

function serve {
local port=”$1″
local sin=”$2″
local sout=”$3″

while debug INFO Running nc; do

nc -l -p “$port” < "$sin" > “$sout” &amp;
pid=”$!”

debug INFO Server PID: “$pid”

trap cleanup SIGINT
head -n 1 “$sout” | process > “$sin”
trap – SIGINT

debug INFO Killing nc

kill “$pid”
done

debug INFO Quiting server
}

function cleanup {
debug INFO Caught signal, quitting…
rm -Rf “$tmp_dir”
exit
}

tmp_dir=”`mktemp -d -t http_server.XXXXXXXXXX`”
sin=”$tmp_dir”/in
sout=”$tmp_dir”/out
pid=0
port=”$1″

mkfifo “$sin”
mkfifo “$sout”

debug INFO Starting server on port “$port”
serve “$port” “$sin” “$sout”
cleanup[/sourcecode]