gettimeofday() should never be used to measure time

2010-09-05, Categories: coding, bugs

gettimeofday() and time() should only be used to get the current time if the current wall-clock time is actually what you want. They should never be used to measure time or schedule an event X time into the future.

Read the rest of this entry »

tlssh - a replacement for SSH

2010-08-05, Categories: security, unix, coding, network

I've started writing a replacement for SSH.

Why? Because SSH has some drawbacks that sometimes annoy me. I also wanted an authentication scheme that's more similar to SSL/TLS than what SSH does.

With tlssh you don't specify username or password, you simply connect to the server using a client-side certificate to log in as the user specified in the certificate. No interaction until you reach the shell prompt on the server.

Read the rest of this entry »

The rules of multicast

2010-06-11, Categories: multicast, cisco, network

The first rule of multicast is you don't talk about multicast

Most networks don't do multicast routing, which means most network guys don't have much experience with it. Sure they know that it exists, and it's probably used on their layer 2, but they don't do multicast routing. These "rules" list some things that you should know when configuring or troubleshooting multicast.

Read the rest of this entry »

It's duplex mismatch

2010-06-09, Categories: network

It's duplex mismatch

Print it out and put it next to your monitor. It will help you troubleshoot network problems.

Read the rest of this entry »

Redirecting to the closest site using Javascript

2010-05-13, Categories: coding, web

I'm sure this problem has been solved this way many times before, but I haven't seen it while idly browsing around sites about scalability and load balancing. So here it is, a Javascript solution to the closest-site problem.

Read the rest of this entry »

10 years of maintaining an open source program

2010-04-01, Categories: arping, coding

Arping 0.1 was released 10 years ago last month or so. It's since been included as a package in Debian GNU/Linux, Ubuntu, OpenBSD, FreeBSD and NetBSD, Gentoo and some other smaller and bigger OSs and distributions.

Read the rest of this entry »

Clipboard sniffer

2010-01-26, Categories: security, coding, unix

Yes clipboard, not keyboard. I've made a clipboard sniffer for X called ClipSniff.

It periodically saves whatever is in the clipboard (both the "PRIMARY" and the "CLIPBOARD") into a sqlite database.

git clone http://github.com/ThomasHabets/clipsniff.git

Read the rest of this entry »

Shaping and policing on Cisco

2010-01-09, Categories: cisco, network, qos

This post is about policing and shaping on Cisco routers and switches. This is a very big topic so don't expect this post to cover everything. What I'm attempting to to is cover some things that I found aren't explained very well by books or the Internets, while still being readable for someone who hasn't read all the other stuff.

Read the rest of this entry »