Grandma Max

I don’t know what else to put up here, so the obituary will have to do for now.

Maxine Hari
CISSNA PARK – Maxine Hari, 80, of Cissna Park died at 11:15 a.m. Friday (Dec. 31, 2004) at Carle Foundation Hospital, Urbana.
Funeral services will be at 10 a.m. Monday at Apostolic Christian Church, Cissna Park. Burial will be in Apostolic Christian Cemetery.
Visitation will be from 2 to 6 p.m. today at Knapp Funeral Home, 219 W. Blaine St., Cissna Park.

Active Directory update

The student sites are now NT4 free! I reinstalled the last NT4 BDC with Windows 2003 Server today. I also moved the FSMO roles off the upgraded DC to a clean install server, so next up is to demote the upgraded DC and then reformat and reinstall it.
After that is the upgrade for the admin domain, but that involves an Exchange 5.5 server, so much more testing will be needed before we even start thinking about actually doing that.

iptables logging

Tired of reading iptables looking for bad packets? Wish all that confusing mumbo-jumbo was just a table in a database? Well, today folks, you are in luck, twice over!

If you just want to read the syslog output with a “tail –follow” (and deal with the cpu overhead), then the IPTables Log Analyzer is for you. The php web interface is quite nice and the database structure isn’t bad, but reading the log continuously might not scale well if you have lots of bad packets to log.

The more whiz-bang, bells and whistles loaded method is to use the ULOG target in iptables rules and ulogd and it’s associated plugins to log to MySQL. The lacking part here is a nice web interface. Maybe I can adapt the other interface to use this database layout.

This has applications in both jobs. One has a public side firewall that cries out for better log analysis, the other has boxes running portsentry as an early warning system for infected machines scanning hosts, primarily Windows ports.

Update: I’m reinventing the wheel for no reason, see Webfwlog