Friday, September 01, 2006
“Failure to plan ahead on your part does not create an emergency on my part.”
Do You Give Out a Study Guide?
Hmm. The textbook simplifies a vast amount of material, then I simplify it more in lecture. Then you want me to extract the most important ten per cent of that and put it on a study guide, so if you know most of it you can get an A.
So what you're saying is the cutoff grade for an A should be 10%, right?
Via Columbia, Top Ten No Sympathy Lines (Plus a Few Extra)
An acerbic wit and also a university professor?
I'm surprised he's lasted this long.
I remember a few years ago talking to a friend of mine about the decline of the Computer Science and Engineering Department at FAU and I was told, point blank (since this friend worked in the department) that the department intentionally dumbed down the courses because too many students were complaining about the difficulty of the course, and the non-industry slant (I think they were teaching C at the time when C++ and Java were hot) of the courses (my response was, “What? They expect a university to be a trade school?”).
I'm still waiting for the day when people remember that an education is a priviledge and not a right.
Blogs as Marketing Tools
Smirk approached me at The Office. “Sean,” he said. “I'm thinking of starting a company blog.”
“Really?” I said. “A company blog?”
“Yes, J started one,” said Smirk. J owns the other company we share the Data Center with. “and he's using it to drive traffic to his company website.”
“So it's a marketing device,” I said.
“Yup. J said it's working too.”
“So who will have access to write on the company blog?”
“Well,” he said. “You. You know how you write what's going on with The Company?”
“Yes.”
“You'll do that, only with a more positive spin, and you'll have to be careful about what you say.”
“Of course.”
So there may be a Company Blog Real Soon Now.
Saturday, September 02, 2006
Obstensibly to collaboratively edit documents anywhere, but in reality, the new paradigm in software distribution, installation and upgrades
What does Writely do?
Writely allows you to edit documents online with whomever you choose, and then publish and blog them online.
Via Ceejbot, Writely Help Center
Yup, a word processor you use via your web browser. Google also has a spreadsheet and calendar program. And of course, who can forget Gmail.
About the only thing missing is a Powerpoint clone.
So what's with all this web based office productivity software? Or even sites like Flickr? I see this as the confluence of three things happening at once.
First off, in most cases, it's cheaper to ship a program via wire than it is via a disk. A producer does not need to invest in a ton of phyical material and the equipment to copy the bits to said physical material, nor does it need to invest in boxes, paper, postage and shipping. Of two programs sold at the same price, one only through a website, and one only through a retail chain, the company selling the program via the website will experience a higher profit margin than the company selling via the retain chain (in fact, about the only time shipping bits via a disk is cheaper is when the program being sold is of sufficient size that it would take longer to ship it via wire than by FedEx).
Second off, a producer of commerical software is under attack from three different fronts. First are the software pirates, that sell illegal copies of software at dirt cheap prices (why not? They didn't have to spend any money developing it, and copying bits are cheap cheap cheap). The more popular the software is, the more likely it'll be pirated. Software producers do have some recourse in organizations like the BSA, which, on the behalf of software companies, can levy hefty fines on corporations (and to a lesser degree, individuals) that haven't properly licensed the software they use, but in emerging markets like China, there isn't much a US or even Europoean software company can do.
The second front is the relunctance of customers to actually order and install upgrades. It's not like there's a vast difference between Microsoft Word 97 and Microsoft Word 2000 (much less Microsoft Word 2003) to warrent the price of an upgrade. Especially when upgrades can be disruptive (not always, but there are times when it is). Let's face it, the largest competeter to Microsoft is Microsoft of three years ago.
The third front is open source. There are more and more free (as in beer) alternatives to the major software packages and they are improving. And while they might not be able to compete at a high professional level (the GIMP vs. Photoshop? No contest: Photoshop. On price? The GIMP) but for most people, the free alternatives are Good Enough™.
And the third confluence relates to open source. There are several open source licenses out there, and one, the GNU General Public License, will tend to drive the actual purchase price of software towards zero. Also, companies that release programs licended under the GNU GPL are required to make the source code available at nominal charge, to those that have bought and used said program (heck, even if you just use one library licended under the GNU GPL you have to make the rest of your source code available in most cases). So it's a bit more difficult to make money using open source.
Google (along with other companies like Yahoo, who own Flickr and Six Apart, who own VOX) have found a way around these problems. There's no software to actually ship, since it all runs on computers owned and operated by the respective companies and all are accessed via the web. Second, there's no issues of customers not upgrading because the customers don't install the software to begin with. They can leverage the vast amount of code available as open source and by being careful to avoid any GNU GPL libraries, they can avoid having to give out the source code. Revenue can come via advertising, or by offering access to more functionality (much like LiveJournal).
And hey, if it causes Microsoft fits, so much the better.
Sunday, September 03, 2006
So when can we expect the velvetine pictures of Einstein?
As a scientist, Albert Einstein made great contributions in physics that have enriched our view of the universe. Many of his theories and postulates were received through his clairvoyance and thus advanced our scientific world to the threshold of a fourth-dimensional or an interdimensional physics. The concept of mass being nonexistent and an illusion, and that, in reality, an expression of pure energy; and the concept that the velocity of light was not a static, constant expression of energy but was relative to the plane of expression upon which the viewer exists are two examples that will be understood as precursors in our twenty-first century science.
Via James Randi's Swift—August 25, 2006, The Genius of Einstein: Where did it Originate?
Man, I just can't get enough of the crankpots on the Internet. The stuff they write makes for some highly entertaining reading (that is, if you can understand it).
For the record, Einstein's Theory of Relativity (both Special and General) state that the only thing constant in the Universe is the speed of light (at 186,282.39mph) and far from being received by clairvoyance it's the culmination of Newtonian physics and finishes the work started by Hendrik Lorentz.
Monday, September 04, 2006
Is that TODAY?
Oh.
I guess today was some sort of holiday.
Fancy that.
Guess that explains the relative lack of traffic today when I went to the office.
And it explains the relative lack of cars in the parking lot at The Office.
And the lack of critical participants in a meeting scheduled for today (no, not Smirk or P).
Ah well.
Tuesday, September 05, 2006
Perhaps the solution is to disable any form of bounce back message
I awoke to a phone call from a frantic Smirk, trying to get one of our new servers under control from a deluge of email (if I sounded angry today Smirk, that's because I got up a bit early, and it took nearly two hours for me to eay my way through lunch, so let me apologize).
The end result will probaby take as long to explain as it took to handle.
The server was drowning in email being sent to nicholas@seaton.biz. We don't host the website for seaton.biz. Nor do we handle email for seaton.biz. In fact, we have nothing, nada, zip, zilch, nothing what so ever to do with seaton.biz, except for a ton of email trying to be delivered to nicholas@seaton.biz from our server.
Got that?
Read that paragraph again.
Good.
Now, why were we trying to send email to nicholas@seaton.biz? Good question. At the time, the MX record for seaton.biz (which contains the address of the server(s) that handle email for seaton.biz) were resolving to 127.0.0.1.
Now, the IP address 127.0.0.1 is a special IP address—it's the “loopback” address; any network traffic sent to IP address 127.0.0.1 is sent to the box doing the sending—the data “loops back.”
So our server sent the email to nicholas@seaton.biz to IP address 127.0.0.1, which, since that's the “loopback” address, was sent right back to our server. Our server accepted the email because, hey, it has the permission to send email to itself. But since we don't host seaton.biz, or in fact, have anything to do with seaton.biz, the email got requeued up for delivery again.
Which begs the question why we were trying to send email to nicholas@seaton.biz in the first place. In checking the email logs, it seems that one “Nicholas,” who has the email address of nicholas@seaton.biz, sent a bunch of spam to all the sites on our server. And in typical spam fasion, it was sent to a whole bunch of addresses, the majority of which don't exist!
That's right. “Nicholas” here was sending email to alice@example.net, bob@example.net, carol@example.net, dave@example.net, etc. etc. with a return email address of nicholas@seaton.biz.
Now, our email server, like every other email server in existance, is configured to send an error notification back to the sender when the email address doesn't exist. So each spam that “Nicholas” sent that didn't get delivered because the destination address didn't exist created a message to nicholas@seaton.biz saying as much.
So that's why we had thousands upon thousands of messages attempting to be delivered to nicholas@seaton.biz, which, because the email server for seaton.biz was set to the “loopback” address, were being delivered right back to our server for yet another attempt at delivery.
Beautiful, huh?
Now, that's not to say that the owners of seaton.biz were the actual spammers—most likely they're not and they're the victim of a “joe job.”
So now the question is: who's doing more damage here? The original spammer “Nicholas?” Or the owners of seaton.biz when they changed their MX records to 127.0.0.1? (not that I can blame them for doing that—it keeps a bunch of useless email from being sent to them and wasting their bandwidth) And what can we do to keep this from happening in the future?
I suppose one way would be to immediately delete any email destined for a site we have nothing to do with, but with an MX record of 127.0.0.1.
Does anyone know how to get sendmail to do that?
You know, Google DOES have an incentive to spam, but not for the reason you think so
I was replying to a thread on Flutterby and about to mention how we here at The Company are this close to just shutting email off and telling customers that they can use Gmail when this weird thought just crossed my mind: Google has an insentive to spam, in order to take over everyone's email!
Now hold on!
Hear me out.
Google started archiving USENET and eventually offered an interface to it. Now, I can tell you that from an ISP point-of-view, USENET sucked. You needed gigs of space, and the server software that supported NNTP was not only a bitch to setup (much like UUCP) but also a bitch to maintain and keep running (it wasn't unusual for the server to collapse under the load of USENET, which meant finding and nuking whole portions of USENET to free up some space) and the users always bitched about how we didn't carry alt.fan.furry.disenchanted.vixen.sex.sex.sex and could we please increase the queue time for alt.sex.pictures.erotica and not delete the group every six hours, even though it could consume 75% of the disk space in six hours?
So Google taking it over meant that ISPs didn't have to anymore (okay, so there are companies that specialize in USENET, like Giganews and PowerUSENET, but free USENET access? It's Google).
And now we get to email.
Google is in a position to take over email much like it's taken over USENET. Take on the hassles (and they have the infrastructure to handle it) and slap on a decent interface (although the Gmail interface is way better than the USENET interface by far), and using the indexing and searching capabilities from the web search engine stuff, and you have a pretty compelling email engine and probably does a killer job on spam (I'm guessing—not using Gmail I can't say one way or the other).
Sure, there are companies now specializing in email (like AuthSMTP and SMTP.com) but for free email access? It's probably Google) but really, Google can make a ton of money on email, if only by selling targetted advertising on email (and hopefully, it's better than it's AdSense program) and until that point, Google can probably make a ton of money by spamming (I'm not saying Google is spamming, but that they have a nice insentive to spam).
Okay, wierd thoughs are over—back to fighting spam.
You know, setting the backup MX to 127.0.0.1 might not be such a bad idea after all …
- From
- Mark Grosberg <XXXXXXXXXXXXXXXXX>
- To
- sean@conman.org
- Subject
- Unung heroes …
- Date
- Tue, 5 Sep 2006 13:28:08 -0400 (EDT)
Hey Sean,
I just read your blog post about
seaton.biz. Good lord! What an ingenous way to XXXX things up! I never thought of setting an MX to localhost. That reminds me of the Apple mail disaster story from the UNIX haters handbook. The bounceback caused more problems. I guess in 20 years the reluctance to update E-mail software is still biting people in the ass. [HTML added —Editor]
I was thinking about this while I was shopping tonight.
The spammers are still sending spam to my MX server and about once an hour or so, my primary email server (which is my main machine here at Casa New Jersey) gets whacked with a ton of spam all at once. All my legitimate email? Comes directly to the primary MX server. Most (if not all) of the spam? Goes through the backup MX server.
Hmmmm …
It's sooooo tempting to set my backup MX record to point to 127.0.0.1.
Soooo tempting.
I think I'll keep my spam for the next 24 hours, and see just how much comes through my backup MX server, and then make that change. It'll be interesting to see how much that effects my spam.
If I break the Internet, blame the spammers.
Wednesday, September 06, 2006
Speaking of spam
The Court of Appeals of Virginia upheld yesterday what is believed to be the first conviction in the nation under a state anti-spamming law that makes it a felony to send unsolicited mass e-mails.
A North Carolina man was convicted in Loudoun County two years ago of illegally sending tens of thousands of e-mails to America Online customers. Prosecutors said Jeremy Jaynes flooded the servers at the Internet company's headquarters in Loudoun with bulk e-mail advertisements for computer programs and stock pickers.
Jaynes was sentenced last year to nine years in prison on three counts of violating the state's anti-spam law and was allowed to remain free on $1 million bond while his case was appealed. Thomas M. Wolf, an attorney for Jaynes, said he plans to appeal yesterday's decision.
Via Wlofie (in email), Anti-Spam Conviction Is Upheld
The headline is a bit misleading—it should be “Spam conviction is upheld” not “Anti-spam conviction is upheld” as it's a spammer that was arrested and sentenced to jail, not an anti-spammer.
But that nitpick aside, the good news is that spammers can now see their day in jail. The bad news—spam will probably not be done from the US much longer.
What I expect to happen
Do I really expect to mess up spammers that much by setting my backup MX record to 127.0.0.1? To cause their servers to melt under the load of ever lasting spam circulating through their servers, perpetually delivered back to themselves for anohter round of attempts?
Not really.
First off, the spammers that are sending email to the backup MX server is already using custom (or customized) software to begin with—the SMTP spec states that servers contact the MX servers in priority order (with the highest priority one being considered the primary), which is something the spammers aren't doing.
Second, it's likely that they're using botnets (large collections of compromised machines) to do the actual sending of email, and the chances of the machine in question running an SMTP server are pretty low. So the likelyhood of me causing their servers to melt down are very low.
What I am expecting to see is a drop in the number of spams I receive. And possibly causing a headache or two (hopefully).
Thursday, September 07, 2006
I learned a long time ago that no matter how much you think you know a person, you really don't
Via Flutterby comes this short and interesting article about Warren Buffett. I know that both Spring and Bunny would find it interesting to read (since both have an interest in Mr. Buffett) but not for the reasons you might expect.
Project: LOOPBACK SPAM started
I collected spam for 24 hours. 40% of the 275 spams I collected were delivered through my backup MX server, which was somewhat disapointing as I was expecting a larger percentage of spammers to use that techique.
But no matter.
I've gone ahead and changed the backup MX records to point to 127.0.0.1. I'm relunctant to leave it that way for very long (what happens if my primary MX server goes down?) but it will make for an interesting experiment for the next day or so.
And I hope to give a few spammers some headaches.
Friday, September 08, 2006
The Proto-Company Blog
When I wrote about the posibility of doing a company blog, Spring wrote (in a locked journal entry, so that's why there's no link here):
… though how on earth you're going to do the company blog is what I am wondering. I don't think you're the man for that job, not due to any inadequacy, but due to area of focus. I just don't see you getting that excited about the sorts of things that should be in a blog like that.
But in discussing this with Smirk, about 70% of what I write (as he said, probably taking about 70% of what I mention about The Company) is fine for The Company Blog, but that I would need to steer clear from certain topics (like complaining about customers) that really, I have no problem with. Also, the direction I'm thinking of going with The Company Blog is a “behind the scenes” type of blog, where I describe what goes on at a web hosting company, how this whole Intarweb thang works, stuff like that, with the hope that it'll give people a realistic expectation of what they can expect from a web hosting company.
I have a prototype up and running but there are still broken links, pages not finished, and I'm still playing around with the layout and even the name of the blog. If you are interested in seeing this prototype and giving me some feedback (and even a potential name) just send me an email and I'll reply with the link back to The Company Blog.
Saturday, September 09, 2006
So if I don't double my money, do I get a refund?
- From
- beowulf hamlet <kathreen37@mrg.com>
- To
- sean@conman.org
- Subject
- Bug in E-bullion system - double your bullion in seconds
- Date
- Sat, 09 Sep 2006 15:25:30 +0300
I found a bug in E-bullion system, which allows you to double your e-bullion deposit in seconds!
The bug is in the special administration account, all transfers sent to that account are not withdrawn from your account, but paid back to you instead.
Please send me $50 E-bullion currency to my account C49355, and write your email in the memo field. I'll send you the instructions by email. What I wrote is true, that really works!!!
Frank.
So, Beowulf “Frank” Hamlet (by the way, neat name, but an odd email address), that's a nice little scam you got going there. I send you $50 bucks from the system you claim to have a hack for, and you'll send me back instructions.
Hmmm …
Yeah.
Right.
So, let me ponder this for a second. There's a special account at E-bullion that supposedly adds any amount to transfer to this special account back to your account. Is this a bug that can be done only one time? Because if not …
I start with 1¢. Twenty “transfers” later I have $10,485.75. Sweet. And yes, I can see E-bullion not finding out about this bug at all.
But tell you what, I got this email from Dr. Luisa Estrada, wife of the former head of state and President of the Philippines Joseph Ejercito Estrada, who wants help transferring $18,000,000.00 and is looking for help.
Interested?
Project: LOOPBACK update
Project: LOOPBACK doesn't seem to be doing all that much good actually. I have 24 hours of spam since I started (well, a few hours after I started, to make sure the DNS records got propagated, and I have the same amount of spam now that I did prior to the start of this little experiement.
Sigh.
The results make me wonder if someone else tried this and the spammers have already taken this into account.
I could try changing the IP address I use (say, to a private address, or one of the link testing addresses), but I'm not sure if it's actually worth the effort now.
Sunday, September 10, 2006
Playing a SAX
There's a project that might start up at The Company involving lots of
XML and C programming, so
I've been poking around libxml. I'm thinking I might even want
to use this for mod_blog to validate HTML (since libxml has an HTML parser, and about a quarter of
the time I blow the coding on an entry and have to fix it).
One problem that crops up is the difficulting in getting errors as
libxml is reading the document into memory. Sure, I can suck the
HTML in with one call:
htmlDocPtr doc = htmlParseFile(filename,NULL);
(yes, it is that simple). But not seeing how to change the underlying reporting mechanism (not that I looked all that hard), I decide to switch to the SAX interface for parsing. The SAX interface allows you to register functions to be called during portions of the HTML (or even XML) parsing. Yes, I can grab the errors as they happen, but now I have to resort to building the document into memory myself (more or less). But that's okay, since in theory, this will allow me to not only capture the errors, but filter the HTML as I see fit.
Two thing that popped right out at me.
First, the callback when a tag is found:
void startElement(void *user_data, const xmlChar *name, const xmlChar **attrs); void endelement(void *user_data, const xmlChar *name);In these callbacks, the
nameparameter is the name of the element. Theattrsparameter contains the attributes for the start tag. The even indicies in the array will be attribute names, the odd indicies are the values, and the final index will contain aNULL.
Using the SAX Interface of LibXML (a tutorial)
Okay, seems simple enough. I write some code:
static void start_tag(void *data,const xmlChar *name,const xmlChar **attr)
{
int i;
/*--------------------------------------
; similar to printf() but functionally
; a bit better.
;
; And yes, this is how I format comments
; in C.
;--------------------------------------*/
LineSFormat(StdoutStream,"$","<%a",name);
for (i = 0 ; attr[i] != NULL ; i+= 2)
{
LineSFormat(StdoutStream,"$ $"," %a=\"%b\",attr[i],attr[i+2]);
}
}
And the first time this code runs it crashes.
It seems that the documentation is a bit misleading—attr is
only valid if there are attributes. Otherwise a NULL is
passed in, which means you have to explicitely check attr for
NULL!
Aaaaah!
Would it have been that difficult for the authors of
libxml to always pass in a valid attr, even if it's
two elements long that both contain NULL? (I suppose most
programmers would check anyway just because, and the bloat
continues)
The second thing. Catching the errors. Yeah. The call backs for those?
void sax_error(void *data,const char *msg, ... );
The errors (and warnings, and fatal errors) are passed back as a
printf() style message.
So forget about intelligently handling the errors unless you want to parse the actual error messages.
Aaaaaaaarg!
Monday, September 11, 2006
Another Project: LOOPBACK update
I went through another 24 hour period of spam and it looks like Project: LOOPBACK SPAM has cut the spam down a bit—only 194 spams from the last 24 hour period. I don't know if this is due to setting the backup MX server to 127.0.0.1 or the natural ebb-and-flow of spam. I'm hoping the former since in the past two weeks or so we've been inundated with spam problems at The Office.
Tuesday, September 12, 2006
“Why'd it have to be Outlook?”
For the past two weeks or so one of our customers (with a dedicated
server) has been having trouble either sending emails or receiving emails
(or both!). The customer in question uses Microsoft Lookout
Outlook (of course—sigh) so Smirk has been looking into the issue and
couldn't for the life of him get Outlook to work.
Yes.
Webmail?
Yes.
Outlook?
He spent so much time he decided to reinstall the server (there are some other issues with the server—namely centered around the control panel Ravencore) and start over with a fresh slate.
I had just finished installing a new server when P asked if this was the customer that had the security audit.
Oh.
Um.
XXXX!
I then talked with Smirk to get an exact clarification of the problem and it's a problem with one (1) email account. Just one. Everything else works fine. So Smirk left it up to me—if I could fix the original server, fine. Or if I could get the new server working, fine. Just get it working.
I did some tests on the original server and checked the logs.
Sep 12 16:31:23 XXXXXXXXX dovecot: POP3(XXXXXXXXXXXXXXXXX): pop3_uidl_format setting is missing from config file
pop3_uidl_format? What's that all about?
# POP3 UIDL format to use. You can use following variables: # # %v - Mailbox UIDVALIDITY # %u - Mail UID # %m - MD5 sum of the mailbox headers in hex (mbox only) # %f - filename (maildir only) # # If you want UIDL compatibility with other POP3 servers, use: # UW's ipop3d : %08Xv%08Xu # Courier version 0 : %f # Courier version 1 : %u # Courier version 2 : %v-%u # Cyrus (<= 2.1.3) : %u # Cyrus (>= 2.1.4) : %v.%u # Older Dovecots : %v.%u # # Note that Outlook 2003 seems to have problems with %v.%u format which was # Dovecot's default, so if you're building a new server it would be a good # idea to change this. %08Xu%08Xv should be pretty fail-safe. # # NOTE: Nowadays this is required to be set explicitly, since the old # default was bad but it couldn't be changed without breaking existing # installations. %08Xu%08Xv will be the new default, so use it for new # installations. # #pop3_uidl_format =
Outlook.
Why'd it have to be snakes Outlook?
Needless to say, it worked after making the required configuration change (and then it was getting it so that the control panel wouldn't wipe out said configuration change)
Wednesday, September 13, 2006
I think I'd prefer snakes at this point
It took a bit more than just setting pop3_uidl_format to get Microsoft Lookout Outlook
to fully work with the email system on the dedicated server. The
customer could receive mail, but not send.
I'll spare you the details (namely because I want to spare
myself the details) but to get Outlook to work with dovecot and postfix.
In /etc/postfix/main.cf:
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = $myhostname smtpd_sasl_path = private/auth smtpd_sasl_security_options = noanonymous smtpd_sasl_type = dovecot
And in /etc/dovecot.conf:
ssl_disable = no
auth default {
mechanisms = plain digest-md5 cram-md5 login
passdb passwd-file {
args = /etc/dovecot-passwd
}
# and because once isn't enough ...
userdb passwd-file {
args = /etc/dovecot-passwd
}
socket listen {
client {
path = /var/spool/postfix/private/auth
mode = 0660
user = postfix
group = postfix
}
}
}
# and from yesterday ...
pop3_uidl_format = %08Xu%08Xv
Oh, and make sure saslauthd is running.
“We have a customer that uses that?”
The other surprise today.
We've moved a few sites to new servers and as always, there are bound to be a few issues here and there. So it wasn't that unusual to get a ticket from a customer complaining about some missing content on their site. From the look of the page, it's the type of content that's dynamically generated, so it's either a database issue (“but we copied all the databases over!”), some configuration problem like different file locations (“but the layout is exactly the same on the new server”) or something easy like that.
The customer in question doesn't have a MySQL database, so I was expecting some file locations to have changed. So imagine my surprise when I found the following:
$MM_mdtap_HOSTNAME = 'localhost'; $MM_mdtap_DATABASE = 'postgres7:XXXXXXXXXXX_db'; $MM_mdtap_DBTYPE = preg_replace('/:.*$/', '', $MM_mdtap_DATABASE); $MM_mdtap_DATABASE = preg_replace('/^[^:]*?:/', '', $MM_mdtap_DATABASE); $MM_mdtap_USERNAME = 'XXXXXXXX'; $MM_mdtap_PASSWORD = 'XXXXXXXX';
We have customers using PostgreSQL?
We're have PostgreSQL running?
I guess so.
Well, that explains that problem then.
It then took me a few hours to get the database over and running, not having any experience with PostgreSQL.
It was a very hectic day today.
Beyond Beyond the Valley of the Dolls
I finally got around to viewing Beyond the Valley of the Dolls (rented from Netflix and it's been sitting on my desk for over a month now) and well … it wasn't a good film, but it wasn't a bad film either. In short, three girls form a rock band and with their manager (who's the boyfriend of the lead singer) they head out to Hollywood to make their fame and fortune, only to fall to sex, drugs and rock-n-roll. The ending comes completely out of left field (but it does explain the “out of left field” opening scene during the credits) and it was surprising in that “I can't believe they broke with the cliché” type way (but all the women in the film were very easy on the eyes—hubba hubba).
I think Mark Evanier's review is probably spot on.
And about the only thing it has in common with Pulp Fiction is kind of ending at the same point it started.
Kind of.
But not really.
But did I mention the women in the film? They were definitely worth watching.
Thursday, September 14, 2006
“Um … because it sucks?”
thanks, for your attention to this letter. add, I have another question … Why this problem in [contact form] is presented frequently? … I expecting about your answer.
Trouble ticket from this afternoon
Fractured English aside (English is not this customer's first language) I don't know how to answer his question.
Well, I do, because the reason he has constant problems with his contact page is that it's Frontpage, and that Frontpage sucks as it's a very fragile program that if you even look at the files wrong all the Frontpage extentions break and they have to be resintalled (which is pretty easy—just disable the extentions on the server, delete the Frontpage specific files, then reinstall the Frontpage extentions). It's so bad that even Microsoft has finally given up on it. Not many web hosting companies like Frontpage (because it's so fragile) and even those that do don't like it that much.
But how to tell the customer this, without pissing off the customer or Smirk with my answer?
Friday, September 15, 2006
Death and Taxes
There are only two certainties in life, death and taxes.
And today, taxes are due.
Yes, I realize it's not April 15th, the traditional date that Uncle Sam holds out his hands least he release the hounds IRS but September 15th.
Most people here in the US have their employers do the withholding (form W-2) and only have to square away once a year. But if you're self employed (or considered self employed, like I am) then you have the privilege of making estimated tax payments four times a year to Uncle Sam.
Aren't I lucky?
Saturday, September 16, 2006
Making Comics
I've always had an interest in cartooning. As a kid, I wanted to be a cartoonist and I could have probably become one, except I lacked the patience to actually do a daily comic strip (and never mind the fact that newspaper comics are nearly impossible to break into and are dying anyway) but I still have a soft spot for cartooning.
So when I heard that Scott McCloud had just released his new book Making Comics, I had to get it.
And I'm glad I did. He covers material that I've never seen covered in any of the “making comic” books I have. More than just drawing characters or how to use an ink pen, he goes into page layout, lettering, pacing, story telling, emotions (or rather, a theory of drawing emotions in chracters) and a dozen other topics I've never seen covered before.
It's also a logical extention of his other two books, Understanding Comics and Reinventing Comics (which is the weakest of his three books in my opinion).
Sunday, September 17, 2006
A low key day
Today is The Younger's birthday and it's been a low key type of day. I didn't go all out and make a cake like I did last year (we celebrated his birthday early last year because he was flying out to visit his dad). I did, however, make Sweet-n-Sour Chicken for dinner, which is one of the few meals I make that The Kids like.
Monday, September 18, 2006
Earwormed
Yesterday we were listening to a bunch of medival music (stuff from the SCA) and it reminded me quite a bit of Gordon Lightfoot.
And today?
I am now earwormed with The Wreck of the Edmund Fitzgerald.
I suppose it could be worse.
Ya know …
I'm turning yet another Cobalt RaQ into a firewall. It requires the use of another PC (with a particular setup—basically, the Cobalt RaQ CD boots off a PC which enables you to to a network boot of the RaQ, and that boot will reformat and install the operating system on the RaQ) which I didn't have on Friday. I have (or rather, Wlofie has) the proper setup at home, but when he did it, the install didn't care for the harddrive.
So now I'm at The Office. We dug out the computer I used to use for this (an older PC in a large case that sounds like a diesel truck that badly needs a tuneup). For the past two hours I've been trying a series of harddrives and none of them seem to work. I try different installation disks (thinking maybe one of them is bad) and still, none of the five harddrives I'm trying are working.
Then Smirk notices that the Cobalt RaQ has two IDE cables. “Sean, humor me,” he said. “Try plugging the drive in the other cable.”
“I don't think it should matter,” I said, not noticing that I said The Word.
“But maybe it does.”
“Maybe,” I said, plugging the drive Smirk wanted to use in the other IDE cable.
It mattered.
It's now working.
Sigh.
Tuesday, September 19, 2006
Arg. Aarg. Me … me mateys.
Aarg.
It's Talk Like A Pirate Day today … me … mateys (and it helps if you think of this as being spoken by Bob Newhart, who did a fantastic sendup of pirates in his show Newhart).
Avast, ye … ye … ye swabbies (what is “avasting” anyway?).
Update later this night
Bunny wrote in saying that “avast” is a nautical term meaning “to stop.” How that term came about I don't know (nor did Bunny mention in her email).
The Saltmine Chronicles
When I last wrote about The Company Blog, I was still working on the prototype.
Well, no more.
The Saltmine Chronicles, the Company Blog, has gone live. So if you're interested in knowing which company I work (and sometimes grouse about) now you can finally confirm your suspicions and know which company I work for.
Oh, I'll still call it The Company here, and I still work for Smirk with P as a fellow cow-orker, but if you're curious …
My plan is to write entries there on Tuesdays and Thursdays, and the entries there will be more about how webhosting works, how the Internet works—basically, the behind the scenes of how a webhosting company works (is that enough linkage for you, Smirk? That should boost the Google Page Rank of the sites a bit).
And yes, don't expect to see any grousing over there about the stuff I do. That's what this site is for.
Wednesday, September 20, 2006
That was certainly quick
- From
- "john keane" <XXXXXXXXXXXXXXXXXXXXXX>
- To
- <sean@pickint.net>
- Subject
- Book Reviewing
- Date
- Wed, 20 Sep 2006 13:29:04 -0400
Sean,
I am chronicling my journey to publication http://gettingpublished2006.blogspot.com/ and want to get an idea of the book review process. I believe today's authors need to understand how best to navigate the new publishing paradigm.
As you know, the old filters [agents, publishers, reviewers, bookstores] are being bypassed via a direct connection of authors to readers—with reviewers remaining as the major screeners of gold from dross.
I'd like to know at what stage [.doc, .pdf, paperback, et al.] a self-publishing author should seek a review—on-line and in print—and what are the odds of getting a serious review. I intend to explore the review stage and report on my findings.
Please join me at my Blog. I'm sure readers will profit from your comments.
V.N.
PS You and I share a common view of Dan Brown, technically clueless.
The Saltmine Chronicles, the unofficial official Office blog, is live less than one day, and I get email addressed from it. My own blog was live for months before I got an email from someone I didn't know.
Not that I'm complaining, mind you. I just found this amusing, that's all.
But it's nice to know that John also reads this blog, for which I'm grateful. And I'm sure that reading about the publishing industry will make for interesting reading.
Good luck, John.
Thursday, September 21, 2006
Two small tickets
Yeah … look into two tickets before I go home.
Sure.
I had come to The Office today to attend a networking meeting between us and the other company we share Internet resources with. At the end of the meeting I had asked Smirk if I could go home.
“Yes, but before you do,” he said, “could you look into two tickets?”
Sigh.
Both were networking issues, and both were along the lines of “the Intarweb is kinda broke.”
“Kinda?”
Oh, I also had to stick around to let R, our wireless guy into the Data Center as he did some wireless stuff.
By the time R left, I hadn't gotten anywhere. The one issue with XXXXXXXX was odd—they could get to some sites, but not others. And I was having major difficulty in getting into their managed firewall (we manage it for them). The other issue, with another company, was even worse—the Intarweb just … pauses … from time to time. There was nothing I could see from our side of the network.
So once R left, I decided to leave as well.
Just as I pulled into the driveway at Casa New Jersey, I got a call from R—he needs access to the Data Center.
Sigh.
And just before I pulled out of the driveway, Smirk called back. He was at a customer site trying to troubleshoot a networking issue.
More sighage.
Back to the office. Help R powercycle the wireless device. While there, help Smirk troubleshoot the networking issue at the customer site.
I got home around 9:30 pm.
Blah.
Loud and cheap. Expensive and quiet. Both are quite nice.
From Flutterby comes the link to the Ariel Atom, a sporty little car (for only £30,000) with a 300hp engine that can do 0–60 mph in 2.9 seconds.
Oh, and it only weights about a thousand pounds.
Also from the same Flutterby post is a link to the Tesla Roadster, another 300 hp sportscar that is entirely electric.
Although it's a bit more pricey than the Ariel Atom, at about $80,000.
Both of which I wouldn't mind owning.
Friday, September 22, 2006
The broadcast address is NOT the netmask
I was able to finally solve the issue with XXXXXXXX. It
was an odd problem though—they could get to some sites, not to others.
Even wierder, I could get to their router from outside, but not their
firewall, even though both were in the same network block. I could ping the
firewall from the router, but the implementation of ssh on
Cisco routers is … well … pathetic so that's not really an
option.
I was able to ping the firewall from an ISP in Boston.
Yup.
Boston (by the way, thanks Eve for not getting rid of the account—it comes in handy from time to time).
And since I could ping it, I tried to ssh into it.
Success.
A few minutes later, and I'm looking at the routing table of the firewall.
Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface XXXXXXXXXXXXX 0.0.0.0 255.255.255.252 U 40 0 0 eth0 66.0.0.0 0.0.0.0 255.0.0.0 U 40 0 0 eth1 0.0.0.0 XXXXXXXXXXXXX 0.0.0.0 UG 40 0 0 eth0
How odd. Every IP address
between 66.0.0.0 and 66.255.255.255 is being
routed back to XXXXXXXX's firewall. How
did that happen?
I come to find out that they had a power outtage a few days ago, and
that's when their problems started. I check the startup scripts and lo', I
had specified a broadcast address in lieu of a netmask. The command to
configure the interface rejected the value for the netmask and picked a
default mask based upon the IP
address (the address falls into the old class “A” network, which has a
default mask of 255.0.0.0).
Ah.
Well then.
That would certain explain why they were able to get to some sites but
not others. And it would explain why I was unable to get into their
firewall from The Office or Casa New Jersey (as both locations fall into the
66.0.0.0/8 network block).
Ahem.
It was an easy fix.
There's that word again …
“It should only take a minute,” said Smirk.
That was almost an hour ago.
It still isn't done.
Murphy strikes again.
Saturday, September 23, 2006
Spooky music from the Ether
I saw the documentary Theremin: An Electronic Odyssey with Bunny today.
The Theremin is the first all-electrical instrument made (in 1919) and is the only instrument (as far as I know) that does not require any physical contact to play, just near proximity.
In watching the documentary, I was struck that not only does the Theremin sound similar to a violin, but a melancholy, soulfull violin (with an electronic bent) and as such, it seems perfectly reasonable that it would be invented in Russia. But that may be because most of the music presented was melancholy to begin with (about the only exception being Good Vibrations where it wasn't the only instrument, or even lead instrument).
But the movie was as much about the Theremin as it was about Leo Theremin, the inventor. Both Lenin and Stalin were intrigued by the instrument and it's that intrigue that probably let him tour the States in the late 20s, only to be later kidnapped back to Russia and be forced to work with the KGB while in prison (possibly making electronic spying devices).
It was also interesting to note that Robert Moog (inventor of the Moog synthesizer) got his start in high school making Theremins.
Bunny also had several albums of Theremin music, but unfortunately has no way of actually playing the records, they being 78s. Nor do I have a way of playing such records. Pity, because it would be interesting to hear the music.
Sunday, September 24, 2006
Some more ramblings on editing HTML
Between the expanding scope of the Unofficial Official Company Blog (and yes, I realize I haven't updated that much since the Official Launch, but this past week at The Office has been rather horrendous) and discussion with Bunny about how I create entries (the physical act of writing, not the fact that I buy my ideas wholesale from a store in Schenectady) has me worrying over the mechanics of writing entries yet again.
Now, while I'm willing to suffer the limitations of my blogging software (and lament about them from time to time) I don't think others will. When I thought that I might be the primary author for The Saltmine Chronicles the rather poor state of hypertext editing wasn't much of an issue. But given Smirk's intent to have other people make entries (or comments—I'm still not entirely sure what he wants; heck, I don't think even he knows entirely what he wants) is another matter entirely.
The main problem is maintaining well formed HTML in the face of human editing. When I make a mistake, I can go in and fix the mistake, but that currently involves editing the entry on the server and regenerating the main page (if the entry in question appears on the main page). The workflow for mod_blog doesn't have much support for post-editing of entries (I think—and you would think that as the author of the software in question I would know, but there are some features that I just don't use that often), nor for queuing entries for later editorial aproval (a feature I never really thought of, to tell the truth).
I may have to switch The Saltmine Chronicles over to a more mainstream blogging tool, which is something I'd hate to do, and it's only partially due to having to admit defeat. One feature I haven't seen is the support of new entries via email (which is my preferred method of creating new entries), since my email client supports drafts, it rarely crashes and if it does, I can salvage anything I was editing at the time of the crash. No so if I have to edit in a browser (never mind that I can't stand editing in a browser). And one other small reason I don't like other blogging engines—I have to learn yet another templating system.
But if I have to switch, I have to switch.
And that still doesn't fully fix the editing problems though—it's endemic to blogging and most blogging editors seem to lie between “you write the HTML yourself” and “you never see HTML so you're stuck with what we give you.” And none of them look like they would work well with mod_blog (for example—they assume too much about tags, which are free form in mod_blog, not limited like in every other blogging system I've seen).
This is a hard problem.
Monday, September 25, 2006
It's magic!
One of our client's customer's site was being used for a phishing scam. The site itself had nothing to do with the scam, it's just that someone had uplaoded some pages that looked like a PayPal login screen. Our client wrote in:
We rec'd a call saying that a phishing scam was using XXXXXXXXXXXXXX (a site on XXXXXX) This is the email they rec”d:
Ticket from our client
And yes, the email was a typical phishing email. I had some exchanges with the client. It ended thus:
Did you already remove the problem files? If not, what should we do? And what can we do to prevent this in the future. I'm sure the client didn't know what was going on.
Response from our client
I didn't remove the files, as it's inaccessible anyway due to the Apache configuration. If you want, I can delete them.
As for prevention, remind the client not to let out their account information. Another thing to check is for insecure CGI scripts (PHP, etc) that might allow someone to upload such items.
My response
I think it's best to remove the infected files to prevent the site, or the server, from being blocked or placed on any blacklists or anything. Thank you.
Client respnose
“Infected files?”
These are not “infected files”—they contain no virus. They don't propagate on their own. They don't infect other files (I'm also tempted to question their reading comprehension, as I clearly stated the files were “inaccessible due to the Apache configuration” but I won't). These files were placed there by someone.
Does no one truely understand this stuff anymore? Does anyone read anymore?
Sigh.
Update a few minutes later
Why am I being so harsh?
I think it's because the client that wrote in is a web design and hosting company (and we do some of the hosting for them). If it was the end customer, the one who's site was being used, that wrote in, I would be more forgiving (or rather, I'd roll my eyes, fix the problem, and go on). But for a company that does web design? That also hosts some of their sites? Them, I would expect a bit more from.
In the end, I rolled my eyes, fixed the problem, and then went on to make a post about it.
Tuesday, September 26, 2006
“Am I done yet?”
Blarg!
That certainly took a long time.
I just finished a long article aimed at our customers into partially troubleshooting why their site is down (most times it's because of network issues between them and us) and it took entirely too much time to write.
Then again, I wasted a bunch of time making that XXXX table at the end. And I still can't figure out why I can't get the right margin larger than it is.
Ah well.
I'm also finding it amusing that Google AdSense is advertising Frontpage on the site.
Wednesday, September 27, 2006
Frustration
One of the things that really pisses me off is, when trying to troubleshoot one problem, I'm forced to sidetrack and solve a totally unrelated problem that's preventing me from troubleshooting the first problem.
This came up today at The Office. We received a bunch of equipment today, a Cisco router, some Cobalt RaQs. I also needed to get a managed power device configured for the Data Center Core Room. All these devices can be configured via a serial port. This is something I've done plenty of times before.
Only I can't talk to the Cisco router.
So I try one of the Cobalt RaQs.
Can't talk to it.
Try another Cobalt RaQ.
Can't talk to it either.
Try the managed power strip.
Again, can't communicate with it.
Okay, maybe the cable is bad. That happens.
Attempt to find a replacement cable.
Now, the cable I have is female-female. I have a male-male adaptor that I use, depending upon what I'm connecting to.
I can't find another female-female cable.
Male-male cables, yes.
Male-female cables, yes.
But not a duplicate of the one I have.
So my initial problem (testing the new equipment) is compounded by another problem—either the cable is bad, or the serial port is bad.
It is times like these that get me upset.
(Turns out it's the serial port on my workstation, which could either be a loose connection inside, or the serial port itself is completely burned out.)
Thursday, September 28, 2006
The “S” in “SMTP” is slowly going away …
Lots of major ISPs block outbound TCP port 25. Don't you support Port 587 (the message submission port)?
Customer in a support ticket
Really?
Oh … um … looky there.
Basically, it's running a restricted version of SMTP over port 587 and from what I can find, it's only been in the last two years or so has it been widely implemented, although this is the first I've heard of it.
Interesting. Looks like I'll be reading up on this.
Friday, September 29, 2006
Notes on a conversation between employer and employee about the relative organizational skills of various people in The Office
“Ah, so you found it! Great!” said Smirk. I was standing outside, behind the building looking for a document that he dropped when leaving the office.
“Yup, have it right here in my hand,” I said into the cellphone. “And I'll put it … um … ” Thoughts of Smirk's office danced in my head. And it wasn't a pretty sight. “I'll put it on my keyboard.”
“Yeah,” said Smirk, “don't put it on my desk. I'll never find it.”
“… with our use or exploitation of any Posting.”
You may not use any computerized or automatic mechanism, including without limitation, any web scraper, spider or robot, to access, extract or download any Content from our Service, and as an express condition of your use of our Service, you warrant to us that you will not use the Service for any unlawful purpose or purpose prohibited by this Agreement. If you violate any part of these Terms of Use, your permission to use Content automatically terminates and you must immediately destroy all Content in your possession or under your control.
DADA.NET™ SERVICES—TERMS OF USE (emphasis added)
So … I can't use a computer with a web browser to access the site?
Guess not.
We require all our users, including Registered Users and Subscribers, to respect all copyrights, service marks, trademarks and other intellectual property rights of ours and others. On notice, we will act expeditiously to remove Content that infringes the copyright rights of others and will use all reasonable commercial efforts to deactivate and disable access to our Service of anyone who uses our Service to repeatedly infringe the intellectual property rights of others and if you wish to send us such a notice, please use the following procedures: If you believe our Service contains elements that infringe your copyright or the copyright of anyone else, please click on the following link to go directly to our Notice and Procedure for Making Claims of Copyright Infringement and follow the procedures that are described. Of course, if you believe any Content violates any of our Terms of Use, please send us a message about it at mobi.us@dada.net. We cannot guarantee we will respond to your message and we reserve the right to take or refrain from taking any or all steps available to us once we receive any such message.
DADA.NET™ SERVICES—TERMS OF USE (emphasis added)
And there's no link to be found on that page.
Clue-by-four anyone?
If you have downloaded Content, it is your responsibility not to destroy or damage such Content because we are not responsible if any Content you download is lost, destroyed or damaged. We have no obligation to restore your Content if that happens or to maintain records for the purpose of our or your doing so and that is solely your responsibility. Once Content is transferred to your portable device as permitted, you may not copy, distribute, transmit or transfer it from that portable device to any other portable device or media. You are also prohibited from sharing downloads, enabling or allowing the sharing of downloads, with anyone else. Our Community Requirements contain additional rules, requirements and guidelines concerning your obligations with respect to Content, our Communities and the Service.
DADA.NET™ SERVICES—TERMS OF USE (emphasis added)
Now I'm beginning to think that English isn't their first language (then again, lawyers are not known to speak any known human language to begin with).
The rest of the document is your standard “we don't own your content but we can exploit it, resell it, use it, abuse it, or anything else we can think of without remuneration on our part” and “we don't really guarantee anything on this site will work at all” but the parts I quoted—quite clueless about this stuff.
Sheesh.
I'm also having a difficult time finding out what the site actually does or why anyone would sign up—the site itself is very unwieldy and horribly confusing.
Then again, given their Terms of Use, it's no wonder.
Then there's this beauty from their requirements page:
You acknowledge and agree that Postings from you, from your wireless or mobile device or from your User ID are your responsibility and therefore, you, not us or any other party are entirely responsible for the consequences of your Postings. We assume no responsibility for Postings, their deletion or any failure to store, transmit, receive, make available, display, forward or deliver Postings in any manner, timely or otherwise, even if due to our Service or Website, so don't rely on us, our Website or our Services for any Posting. With respect to each and every one of your Postings on our Website or in connection with our Services, you agree, represent and warrant to us that:
(a) you are placing your Posting in the public domain without reserving any rights or further control over your Posting or its use. You specifically, unconditionally and irrevocably authorize us, at our option, to use your Posting, in whole or in part, throughout the universe, in perpetuity in or on any and all media, now known or hereafter devised, discovered or developed, whether alone or together, in combination or as part of other information, content and/or material of any kind or nature, without compensation, notice or any accounting or accountability to you or anyone else;
(b) if your Posting incorporates a name, logo, brand, service or trademark, voice, likeness, image or other distinctive identification or reference to any person, firm or enterprise, you have the right to place that Posting in the public domain and grant us the right to use that Posting as described in our Terms of Use, including these Community Requirements;
…
(f) neither we, nor any other party, shall be required to pay or incur any sums or compensate you or any person, firm or enterprise as a result of or in connection with our use or exploitation of any Posting.
DATA.NET™ SERVICES—OUR COMMUNITY REQUIREMENTS" (emphasis added)
See? Exploitation.
I actually enjoy reading these Terms of Services, privacy statements and disclaimers because inevitably, they sound like they're written by people who have no clue how the Internet or even computers work. They even state all the evil things they'll be doing, like installing spyware, selling your information, and restrict what you can do on your own computer.
Clue-by-four.
Make that a clue-by-six.
Saturday, September 30, 2006
“In practice … ”
One of the services we offer is Internet connectivity and we have a few clients in this very building, and one of said building customers is freaking out because their firewall (which is managed by a third party) is blocking (and reporting as much) traffic from our network and of course such activity is causing problems on their network. I doubt it's our network causing the problem since:
- They are an exclusive Microsoft Windows shop.
- They have about 100 Microsoft Windows desktop computers in their offices across two floors.
- Their network is flat. As in, one logical segment.
- Microsoft Windows, espcially if you have file sharing enabled (aka NetBIOS), tends to be very chatty on a network segment (lots of broadcast packets looking for other machines with which it can talk to).
- It is my understanding that the majority of users on their network use a web-based application.
- This whole mess is behind a single firewall, which is connected to our network.
My diagnosis is that periodically, their firewall gets swampped with broadcast packets (even if the machines send out a broadcast at random intervals, given enough machines and time, you'll get a brief broadcast storm) or with a lot of people making requests with the web-based application they use (a similiar situation).
I was in their office yesterday with the network analyzer, and plugging it into a port on their switch revealed that about 33% of the traffic is broadcast, with peaks up to 80%. On a flat network, each station (and this includes the firewall) receive all the broadcasts.
This is not good.
But, seeing how they've even outsourced their network to a third company (and not the one that makes the firewall) fingers are being pointed everywhere, so that's why I'm in The Office at midnight on a Friday (technically, Saturday) trying to segment off their traffic.
You see, our network is rather flat at the moment. Not as flat as our customers, nor with the number of machines, but still, they're seeing some of our traffic (not a lot mind you—I've seen their logs) but enough to freak them out.
Now, we have managed switches, and it's easy enough to create a VLAN to isolate traffic (I've done so to a limited degree) but while it's easy on an individual switch, it's not something I've done between network switches, although in theory I know how it's done.
In theory you program the ports on either side of the connection that it's a tagged port (or “trunked”—I've seen both terminology used) and that Ethernet packets being sent down this cable are to be tagged with the appropriate VLAN they belong to.
So I spent much of Friday afternoon double checking my network maps and making sure I knew which ports of which switches had which network traffic, and planning on which VLANs go where.
I figured if I'm going to do this for one customer, I might as well go ahead and do it for everything, since the next chance I get to do this might be quite a while.
Physically, they're plugged into a switch, which is then plugged into a switch/router. If they were plugged directly into the switch/router then I would just isolate that port and be done with it, but since there's another swith between them and us, I have to set up the trunking port (or tagged port, or whatever the terminology is).
Three hours later, and it's not working. I can't get the switch and the switch/router to communicate when using VLANs.
Turn off the VLAN sharing and they talk fine.
And I think it has something to do with the terminology problems I'm having. The switch talks about tagged and untagged ports. The switch/router talks about having trunks. I'm not entirely convinced they're the same thing.
So for now, things are status quo.
Update later today
I talked to Smirk, and he suggested I just go ahead and plug that customer directly into the switch/router and isolate their port, and do that on Wednesday when I'm in The Office.
So, why didn't I do the simplist thing that could possibly work?
Well … because the way I originally wanted to be done would technically be better, as it keeps network traffic from straying.
![[The future's so bright, I gotta wear shades]](https://www.conman.org/people/spc/about/2023/1023.t.jpg "The future's so bright, I gotta wear shades")