Matt's Blog

How does one go about shipping a 65-pound box? Does FedEx have offices like the Post Office where I can mail it? Is it cool with them if I wheel the box in on a dolly? I’m looking into trying to ship it from work, since UPS and FedEx will come to our offices to [...]

A local DJ was talking the other day about how The Black Eyed Peas are always at the top of the charts, and how it seems like it’s probably a record. For the past month, Boom Boom Pow has been up there, and last week, I Gotta Feeling has surpassed it. And then there was [...]

Why does Debian (and thus implicitly, MySQL) feel compelled to replace the “root” user in MySQL with “debian-sys-maint”? If there was a debian-sys-maint for system stuff and a “root” user for root to use to administer MySQL, it would be fine. But instead, the only user created is debian-sys-maint, so the user is left to [...]

I’ve seen this a few other places and it didn’t quite work. Let’s say you download a half-gig barebones Linux VM to use with Xen. It runs great, but you want more than 500MB of disk space. Here’s exactly what I had to do: Shut down the virtual machine and make sure nothing is using [...]

Has anyone ever noticed that you’ll ask a question online, and people just parrot back things they’ve heard? I found a decent deal on an SSD disk, and was trying to poke around and see if I’d actually see a big boost. Here’s a summary of what I’ve found so far: SSDs have no seek [...]

One problem I run into sometimes is that multiple things on a server are trying to access the same disk. This is pretty unavoidable, and often you want the “default,” which is for them to share the disk. If I have two webserver threads, they’re equal. But sometimes this isn’t the case. A while back [...]

While setting up login credentials that would be used to have a script on one machine talk to a remote machine, I had an epiphany. There are two types of passwords: the ones you have to remember and type often, and the ones you don’t. I’d add a third category, really: the ones you occasionally [...]

Team Cymru is a pretty nifty site. I’ve found their IP-to-ASN mapping to be very helpful in the past, but just noticed that they also compile stats on malware, including a queryable malware hash database. It doesn’t aim to capture everything, but it looks like it could be a nice complement in identifying known badware. [...]

I posted earlier about how it seemed like one could use haproxy in front of Apache to help mitigate the damage that slowloris (Slow Loris) can do. In this (Part II), I put my money where my mouth was and tried it. And, unsurprisingly, it turns out that haproxy rocks. I had thought this would [...]

There’s a bit of buzz around slowloris, which aims to take down webservers via resource starvation via a low-bandwidth DoS attack. It’s actually somewhat like a SYN flood, but it targets HTTP servers specifically, not TCP. Basically, it opens many HTTP connections and “stutters” requests, forcing the server to handle a number of concurrent requests. [...]