Grrr! Monday

[altivo]

Usually Mondays aren't so bad. However, this afternoon I wasted two hours trying to figure out what was dragging our network performance down into the dust. It turned out to be a laptop user running bittorrent to download (probably illegal) video. He was pulling stuff from over a hundred different addresses at once. I thought that subnet was throttled to prevent this sort of thing, but evidently it wasn't affecting him at all. When asked to stop, he said he would but didn't do so. I had to work out the addresses of the tracker sites he was using and block them. He was saturating our T-1, so even the library applications like the catalog and book circulation were not working properly. Now I'll have to find a way to prevent this from happening again, which is apparently not easy to do with bittorrent.

Then this evening, pounding away on the NaNo, suddenly the "H" on my keyboard failed. Dead. Of course it couldn't be some rarely used key like the backtick or } or something. Had to move my files from the portable to the desktop machine so I could keep going, so I'm slipping farther behind.

I didn't vote early, so I'll have to go vote early tomorrow, if you take my meaning. I intend to be there when they unlock the doors at 6 am, so no staying up late noveling tonight.

NaNo Count: 3650
Opening Prologue now online here

Comments

[farhoug.livejournal.com]

Hmm, that's a nasty one, bittorrent can pull an awful amount of traffic to a network...

Even blocking the tracker sites won't give instant help in that situation, those hundreds of connections still persist even if the trackers are offline. Putting the troublemaker behind an IP/MAC address block for an hour or two would be more effective, but I don't know if that is applicable in this case...

[altivo.livejournal.com]

He was on a separate subnet reserved just for laptops and such that are brought in from outside. Unfortunately, the proxy machine between him and the firewall isn't easily reachable from the staff subnet or I would have just blocked him cold there. The only options I had at the firewall were blocking individual outside addresses, unless I wanted to shut down the entire user subnet. There were three other users on there at the time, and I didn't want to block them out if I could avoid it.

I'm going to have to put a console onto the proxy machine I think. The consultants who set it up used a dedicated network connection to the isolated subnet, and plugged their own laptop into that. I don't want to dedicate a whole machine just to be an ssh terminal though. The setup uses squid running on RedHat, and I don't like either one so I've been avoiding it until now and leaving it as it was originally configured.

[soanos.livejournal.com]

Sounds like you need to use alternate methods to approach the leecher... Wander around with a jug of liquid and a glass, and offer some to the leecher. Of course, you know how you can sometimes lose your balance suddenly just when you are pouring... ;)

Or just shout "Who the f*** is downloading illegal copies of movies on a library network?!?" out loud. :)

[altivo.livejournal.com]

Essentially we tried the last method, but he was too thick skinned to take the hint. If another such incident occurs, and I'm sure it will, I have official permission to simply cut the user off completely by blocking him at the firewall or disabling his network port.

[atomicat.livejournal.com]

What a dick! I mean, I'm that kind of a dick, kinda, in that I'm an unabashed and unashamed of meself pirate from hell but I've lived on the other side and would have certainly had the courtesy to say oh I'm sorry, didn't mean to disturb your network, could you tell me what level of leeching you would find acceptable and I'll throttle my app. So once again it all comes down to courtesy, and people not having much of it.

[altivo.livejournal.com]

I think it's worse than that. Not only do people not have courtesy, but they have no idea whatsoever of the implications of their actions. All they know is they get the latest episodes of some ratty tv show real quick. The idea that doing it that way actually affects other people's ability to do their work is so far beyond them that they can't even grasp it.

In a sense, it's just like fiscal conservatism: "I don't want to pay taxes for someone else's kids to go to school or have medical care. Why should I?" The broader implications of an overall healthy society in which people support one another rather than trying to screw one another out of everything they can is just too hard for them to grasp.

[atomicat.livejournal.com]

bradhicks did a post once reviewing a book that looked at various emergency situations and evaluated the outcomes. It was found that when people took a "No man left behind" attitude they tended to get through intact, "And devil take the hind-most" or "Leave him, he'll only slow us down" led to everyone dying. This is of course why Randroids would end up beating each other to death with sticks (much to my amusement) if they ever got it together to form their own little colony. :D

[altivo.livejournal.com]

Indeed. "Randroids." *snerk*

[bariki.livejournal.com]

Can you use a packet filter on the firewall, and just allow through 'trusted' connections on commonly used ports (21,25,80,110,443) and any others that you use? That'd stop most torrenting.

Blocking the BT protocol is hard to do now, as many clients support encryption which makes packet inspection nigh on impossible.. unless you have some kit from Cray lying about. >;)

[altivo.livejournal.com]

That's the problem. You can't block the protocol because it's nigh unidentifiable. You can't stop it by blocking ports, because the ISPs tried that and new stealth forms of the protocol were developed to get around them. Blocking what used to be the "standard" ports 6881-6999 worked for a while but doesn't matter any more. The clients just probe until they find usable port ranges. The tracking function operates via port 80 and looks like HTTP to firewalls and filters. The client can apparently announce via the tracking host that it is using any non-standard port range, so the individual links look like telnet or ssh sessions to a packet filter or proxy. It's really hard to block out using standard tools as far as I can tell.

[avon-deer.livejournal.com]

Good luck to you and your country today.

[altivo.livejournal.com]

I'm afraid we're going to need a lot more than just luck. This has turned into a culture war beyond anything ever seen here before, and if it doesn't lead to violence in the end it will have been an utter miracle.

[hrrunka]

I saw enough (allegedly) election-spawned violence for several lifetimes in Kenya at the beginning of the year. I truly hope you don't get anything unpleasant happening. All the best...

[altivo.livejournal.com]

Well, I don't expect we'll see violence associated with the voting itself.

The big risks are violence against either candidate, and/or violence when results are reported. In light of the accusations of cheating, especially in association with electronic vote counting in the last two presidential elections, if anything of that sort becomes an issue this time we could have a really serious problem. One would think officials could foresee that and would have avoided introducing new "suspect" equipment and devices, but no, they've pushed in all sorts of weird contraptions. A special commission was chartered after the 2004 election to approve and certify electronic vote counting equipment, but apparently they've never actually approved anything at all.

I just got back from voting an hour ago. Judging by what I saw, the voter turnout may be an all time record. State officials in Illinois are predicting an 80% turnout, compared with only about half of registered voters showing to vote in a typical election. We've lived in this rural area for ten years now, and even in presidential election years voting has usually been a matter of walking into a room that had about four times as many election workers as voters in it, going right up to the table, signing your ballot request, and getting a ballot.

This time, there was a line of about 100 people waiting, and things were moving slowly even though they had doubled the number of voting booths and the ballot in our district is short. My precinct is one of two that vote at this location, and usually has no line at all because the population density is much lower than the other precinct. This time I had about a dozen people in front of me and all eight voting booths were in use. Took about a half hour to get through, compared to less than ten minutes normally.

On the radio I heard that voters in the State of Georgia are being told to plan on taking the whole day off to wait in line.

[flamekist.livejournal.com]

You heard right about Georgia. In Gwinnett County (two counties away from me) last week's early voting lines frequently exceeded 10 hours. In Cherokee County where I am, the area is so rural and underpopulated that we waited only 30 minutes during rush hour on Friday.

[altivo.livejournal.com]

So do people in Georgia just never vote? Is that why they are so unprepared for an actual turnout?

I got to the polling place ten minutes after it opened this morning and there were 100 people in line, stretching out the door and across the parking area. Fortunately there are two precincts and I live in the rural one, so my line had only about ten people in it. Even that is unusual though. Normally I walk in and there's no line at all for either precinct, and more election workers than voters in the whole place. Something's definitely in the air this time and I sure hope it means major changes.

[flamekist.livejournal.com]

At the risk of offending Georgians everywhere, this whole damn state is chock full of hicks who aren't prepared for anything. Be it voting, traffic, weather, concerts, etc. If it's not a part of their daily routine, they can't handle it.

In Gwinnett County's defense, it's been one of the fastest-growing counties in the entire southeast region. But like I just said, no one here is prepared for anything. I'm pretty sure their event planning goes something like: "We had this many people show up last time. Let's just plan on that many showing up this time as well.", not planning at all for any additional people that might be showing up this time around.

[altivo.livejournal.com]

Heh. Sounds like the way the federal government has been operating for the last eight years too.