Monthly Archives: April 2010

Server 2008 – full of sadness and dilusion

0
Posted by rdsears on April 17, 2010 – 8:51 pm
Filed under Uncategorized

Alright. I’ll admit it first and foremost. I like Windows. Kind of. As I type I’m actually using windows 7, and whatever. I like it. My ATI graphics card isn’t acting like a retarded 4 year old, and I can watch youtube videos at full-screen without issues. Either way, that’s not why I’m angry.
I”m mad with Windows Server 2008. It’s true, it has a lot of easy stuff, and cool features like auditing (also known as PROPER LOGGING…finally), but it also has very retarded things about it. Take Server 2008 Standard edition for example. They restrict your maximum memory to 4GB – because they can. It in no way related to the fact that they can’t address above that amount of memory with 32 bits. They’ve developed PAE (physical address extention) so the kernel natively supports up to 64 GB. In case you don’t understand here’s how it works.

Windows (32 bit version) can only make calls to 2^32 bits of memory

2^32 = 4,294,967,296 bits OR 4.29 GB

With PAE instead of using 32 bits, they extend it to 36 bits

2^36 = 68,719,476,736

The numbers don’t add up exactly, but that’s because of things like overhead and whatnot.

If there’s one thing that pisses me off more than anything else in the IT industry it’s the trickle down effect. Limiting hardware with nothing more than software that refuses to use methods developed to make you pay another 100$ per license makes sense from a business standpoint, but it’s just greasy.

Another thing that really bugs me is the “server core” installs you can do. Having learned about them before I actually got to see what it was like was a huge disappointment. I thought microsoft had finally realized how much more flexible their operating systems can be if they would just get rid of their graphics all together. It’s not for everyone, sure. But don’t piss on my head and tell me its raining. If they REALLY wanted to actually reduce the load on their servers they would actually have a ‘headless’ mode. What the hell is the point in loading a graphical window system into memory to display a command prompt? Hundreds of dlls with unspecified functionality. Hundreds of calls made to your hard drive, scores of kernel modules loaded just to display something that people aren’t even going to be looking at!

It goes along with the Microsoft’s solution. Instead of actually fixing what’s fucking broken, they come out with patches. Instead of fixing their shitty code, or asking for help, they develop DEP. Good job, how’s that working out for you?

It’s not like you can STILL programmaticly disable it. Oh wait, that’s right YOU CAN. Obviously nothing’s perfect and combined with ASLR (Address space layout randomization) it makes it much more difficult, but as long as we’re in the 32 bit world there simply aren’t enough bits to sufficiently randomize memory locations. It just won’t happen for a while.

Keep in mind though this is a vast improvement over server 2003, but show me a windows network that I can’t maliciously become domain admin within a day (a VERY liberal time estimation), and I’ll show you a heard of buffalo that fly.

Just because you replace the shell with CMD.EXE doesn’t mean that you’ve streamlined crap.

Good job M$, that'll totally help.

Linux Forensics & Apple Hate

0
Posted by rdsears on April 6, 2010 – 6:26 pm
Filed under Uncategorized

At work I’ve *finally* completed documentation for a huge project I’ve been working on. A professor/linux nerd at Tech built a very impressive communication system to get weather and monitoring information from Pico Island, off the coast of Portugal:

http://bit.ly/9IA9z9

Long story short, he passed away. And left NO documentation.

That’s where I came in.

This system was quite impressively put together, unfortunately this professor took over someone’s work machine to do it. Keep in mind this project has being built and added on for the past 10 years or so (at least the data & scripts), so this thing needs 100% (or as close as possible) uptime, because it’s now considered ‘mission critical’.

Did I mention that if it *does* loose power, and restart it gets stuck on boot? Yep. A MISSION CRITICAL SERVER can’t boot up by itself. You have to drop into a shell, disable SELinux, kill the line printer daemon, and restart selinux. Jesus.

My job was to go into this house of cards, and extract the functionality of the server parts, and keep the desktop parts in-tact. I also was told not to access anything unless absolutely necessary. I had to be able to justify every single command I ran if anyone saw it. Financial information, passwords, and other sensitive information that are ‘for eyes only’ were stuff I had to avoid like the plague. It was definitely a trip.

It’s been a long, ridiculously complicated process, but I finally managed to finish tracing every script to environment variables set, files it interacted with, users affected, and research shares used.

I’ve also been given the task of re-installing osx on a macbook (yawn) and transfer settings from one -> another. Easy, right. Wrong. First of all I wanted to make an image. I know, I’ll just flip it over and….what!? There’s no hard drive cover!? Oh well, how hard can it be to get a hard drive out? Well 2 hours, 4 screwdrivers, 24 screws, 2 home-made tools, and 2 frustrated linux nerds later, me and my co-worker Greg finally managed to crack this thing open. Compare that to the 30 seconds it takes me to put my computer into standby, rummage through my drawer to find my screwdriver set, and remove my hard-drive panel. What the hell is wrong with Apple?

So I got it out and used good ol DD to image it (I don’t know any good HFS cloners), then proceeded to re-assemble it. Then I had to transfer the files. Easy enough, right? Hold down T while booting to go into target disk mode (which makes no god damn sense to begin with. Targeting WHAT?). Then use the migration app or whatever to suck all the config and files off. Easy, right? WRONG. “No mac OSX drives found attached to this computer”. Sweet. Thanks again Apple. On a whim (which I knew wouldn’t work) I hit CTRL + ALT + F1 to see if the apple gods would be merciful and give me a message shell. No dice. Of course that wouldn’t work. Why would Apple want to disclose any USABLE information. That’s like going to a murder investigation and just repetitively screming “SOMEONE DIED. SOMEONE DIED. SOMEONE DIED.” who the hell does that help?

The next logical step was to just gut the machine again (which I did), so another   24 screws later I hooked it up and sucked the stuff off. If I was able to diagnose why the target mode wasn’t working in the first place I would’ve saved myself lots of time, frustration, and urges to smash these laptops into a billion little pieces.

Long story short – fuck you Apple. I’ll buy your embedded devices, but your computers are over-priced pieces of shit.