Log in

Previous Entry | Next Entry

May links

Body modification - Stelarc implants ear in arm:

The Sarah Connor Chronicles (trailer for new TV show):

A fanfiction Terminator 4 Trailer (made by some guy on the web... not the real trailer, but still cool)

Bartenders with Flair:

OMG, this is not FFR (Fuck Fuck Revolution--a wonderful idea suggested at a party recently) but it's pretty close!
Intimate Video Game Controllers

David Deutsch: What is our Place in the Cosmos?
Interestingly, he argues toward the end that it's too late to do anything about global warming, so instead we should be focusing on learning how to adapt to higher temperatures.

Dean Kamen (inventor of the Segway) demos his new robotic arm technology (my favorite link this month--watch the last 30 seconds of this video!):

Autism: Not Just in the Head? (An interesting article, although it unfortunately a few unfounded stereotypes and assumptions in it)

Add facial recognition to the list of things computers can now do better than humans:
"Sponsored by the National Institute of Standards and Technology (NIST), the match up of face-recognition algorithms showed that machine recognition of
human individuals has improved tenfold since 2002 and a hundredfold since 1995. Indeed, the best face-recognition algorithms now perform more
accurately than most humans can manage. Overall, facial-recognition technology is advancing rapidly."

Wearable displays:

Paralyzed Mice Walk Again: Scientists Use Nanotechnology to Mend Broken Spinal Cords

Hilarious Onion New Network broadcast, via infopractical:
Gap For Kids By Kids

Male Restroom Edicate, via choiceful:

Apparently, I can post from work but not from home (whether I use the browser or drivel)... all signs point to ISP problems... unless I got hax0red or something.


( 14 comments — Leave a comment )
Jun. 3rd, 2007 04:19 pm (UTC)
Josie (Furfybird) has been having the same posting problem (it won't let her post things longer than a certain (very short) legnth. So it's probably not an ISP problem.


Someone suggested this

From lj: http://community.livejournal.com/lj_maintenance/


This is an update regarding the previously mentioned DDOS attacks impacting site performance. We've implemented several short term strategies to help mitigate the severity of the attack. While we've tried to handle these attacks with the fewest number of users impacted, there have been, unfortunately, times when the site has been unavailable or slow, and some users have experienced errors when posting.

These are all short term solutions until the attack subsides or until we are able to absorb the traffic. Information you provide us about specific problems posting comments or entries will be processed and used to help us best tweak our mitigation application. Also, these issues are unrelated to the recent suspensions mentioned in news.

We apologize for the downtime, and want to let you know we are working across multiple levels - network, hardware and application - to help prevent us from having more broad downtime going forward. As always look here or to LiveJournal Status for up to the minute updates about site availability.

But it seems like an odd problem to have just from processing Denial of Service stuff...I sort of don't buy it.

Anyways, it's clearly effecting both of you (and so it's probably effecting others) and colaberation is good.
Jun. 3rd, 2007 08:26 pm (UTC)
Thanks, that was helpful. Glad I'm not going insane. I think it must be some policy lj put in place that just effects certain systems, or perhaps people in certain areas/ISP's.
Jun. 3rd, 2007 04:52 pm (UTC)
Apparently, I can post from work but not from home (whether I use the browser or drivel)... all signs point to ISP problems... unless I got hax0red or something.

This is interesting. Most organizations that need high quality internet access (like universities and large internet based companies like LJ) have uplinks through multiple ISPs. So, the connection between your school and LJ may (?) have a greater tendency to send packets down different routes (expecially in the case of the DDoS attack) so maybe your packets from school are more likely to get to LJ out of order, or some packets get dropped while others don't. This may also just have more to do with the route your school takes to get to LJ being busier than the route your home ISP takes. In either case, if some of your packets are being dropped, then the fewer packets in your transmission, the fewer the number of TCP timeouts and the fewer the number of packet resends you have to perform. If you keep having problems with at work, you could try raising your office computer's TCP window size, and then more of those packet timeouts would be in parallel instead of in series. That would make it faster, but it could still take a long ass time, and it would also (ever so slightly) contribute negatively to the overall DDoS network troubles.
Jun. 3rd, 2007 07:08 pm (UTC)
Actually, my problem is the reverse... everything works fine from work. I just can't post something more than 500 characters from my HOME computer.

After hearing about all these DoS attacks, now I'm thinking maybe an attack is coming from someone using my same ISP, or in the same area. Increasing the TCP window size, that's an interesting idea... is there a way of doing that without recompiling my kernel?
Jun. 3rd, 2007 08:40 pm (UTC)
Yes but I don't know exactly how. I never worked in an environment where network speed was a serious issue, so I have a general working knowledge of tuning this stuff, but not as thorough of a knowledge of it as I could.
Jun. 3rd, 2007 09:05 pm (UTC)
This site http://proj.sunet.se/E2E/tcptune.html gives a really good concise description of how to tune TCP window sizes on multiple operating systems including linux. You just need to write some stuff to /proc/sys/net/... .
Jun. 3rd, 2007 07:14 pm (UTC)
tcpdump output
Interestingly, when I send a request to post something more than 500 characters, tcpdump gives me this message. any idea what it means?

12:06:58.315086 IP sixapart-scl-gw.customer.alter.net > ICMP livejournal.com unreachable - need to frag (mtu 1476), length 36
Jun. 3rd, 2007 08:33 pm (UTC)
Re: tcpdump output
The MTU is the maximum size of an allowed packet on a given link. The "standard" MTU is 1500 bytes. If a packet needs to be sent accross a link and that packet is larger than the MTU for the link, then the packet gets broken into parts (fragments) which have to be reassembled into the original packet further down the line. It's common for DDoS attacks to use things like fake packet fragments to overwhelm routers. The routers use up resources trying to store and reassemble the fake fragements which cannot be reassembled. So, someone fighting off a DDoS attack may turn off fragment re-assembly in their routers and just drop all incoming packet fragments. I believe that your TCP stack should honor the ICMP message and automatically turn down it's fragment size for that connection, but there have been tcp stacks with bugs that broke that behavior, so maybe it's not. You could forcibly turn down the MTU for all packets you generate, to be below the 1476 bytes indicated. I would think that 1300 or 1400 would be a safe size:

/sbin/ifconfig eth0 mtu 1300

Try that and see if (a) it's faster and (b) you get any more messages about needing to fragment from tcp dump.
Jun. 3rd, 2007 07:36 pm (UTC)
My best guess now is that lj has implemented a policy temporarily where they drop certain packets based on some criteria that my machine happens to fit. This would agree with the statement they released. Maybe I'll just have to wait it out.
Jun. 3rd, 2007 09:00 pm (UTC)
This may actually have nothing to do with fragmented packets. I just saw that I have the same problem you are describing when I try to post from my home. I ran wireshark on it and it looks like I'm just sending buttloads of packet re-transmissions during the HTTP POST, and eventually the webserver closes the connection before I finish the POST. If LJ has some routers which are overwhelmed and dropping packets (hence all the re-transmissions) and if LJ also turned down the timeout for HTTP requests on their webservers to avoid too many concurrent open sockets, then the webserver may just not be getting all of the packets for my HTTP POST before it hits its timeout and closes the TCP connection. That would explain why shorter posts (which are, in turn, shorter HTTP POSTs) would be more likely to succeed and succeed faster than longer ones. Maybe, like you said, the attack is coming down the same pipe that your home ISP uses to reach LJ, but not on a pipe that your school uses to reach them. I think this is the most likely problem, and sadly the solution is: wait until the attack ends, and in the mean time, post short things, or post from school. You can also retry failed posts. I had a couple that failed 3 or 4 times, and then succeeded. This would also be consistent with the theory outlined.
Jun. 4th, 2007 07:11 am (UTC)
Thanks for all the suggestions and help. I don't have any immediate intention of posting more for the time being, so I think I'll just wait and see what happens. If it's still broken in a few days or whenever I next want to use lj, I'll try out your suggestions.
Jun. 4th, 2007 03:26 pm (UTC)
Pat, you are so hot. :)
Jun. 4th, 2007 04:55 pm (UTC)
Hahahahahaha. Why thank you! :-)
Jun. 4th, 2007 07:25 pm (UTC)
Seriously... you are so totally "the man"! I never would have figured out without you. (And you should be glad your time spent working for horrible companies has at least taught you some damn useful skills!)
( 14 comments — Leave a comment )


domino plural

Latest Month

May 2017


Powered by LiveJournal.com
Designed by Lizzy Enger