Older blog entries for wardv (starting at number 28)

9 Dec 2003 (updated 15 Apr 2004 at 16:05 UTC) »

This guy is unbelievable (warning: broken English ahead):


I had no idea there are such Microsoft zealots.

Check out this blog entry particularly about Microsoft's shared source initiative:


This is my answer to that page:

Do you _really_ believe all this? That is most scary. I mean, great software, great vision on software? Using standards?

Microsoft abuses standards (XML, Java, HTML, ...) by taking them and changing them ever so slightly that things don't work unless you're on their proprietary operating system.

Great software? Well, except for all the blue screens, the inexplicable hangs, and the hundreds of serious security problems every year.

Great vision on software? Don't make me laugh - MS has no vision on software other than 'make more money'. Name one innovative software product that has originated from Redmond? Right; there aren't any - when other companies or people innovate, Microsoft imitates. When that is too hard it buys the competition.

And this one made me laugh hardest: "The danger to create two systems on 'almost the same engine' which are completely incompatible".

I'm so glad that this doesn't happen with Microsoft software because they control the source. I mean, imagine that you would be able to create an ordinary text document on MS Word XP and save it in the default file format, and then not be able to open it on, say, MS Word 97! That would be so bad.

28 Mar 2003 (updated 28 Mar 2003 at 20:27 UTC) »
Warriors of the Net

This is just quite cool. It's also educational, and large, and an Mpeg movie about the travel of packets on the 'net. It plays very well with Mplayer on Linux. Haven't tried any other players.

An Atlas of Cyberspace

If you want to know more about how this whole internet is linked up, have a look at The Atlas.

Broken Music

Or rather, broken CDs. There are many lists of crippled, handicapped, 'copy-protected' CDs out there, but this one started by the renowned German CT magazine seems just a little more thorough than the average one. Deutsche Grundlichkeit, I suppose. In German, of course, but that shouldn't scare you as long as you click on the 'Datenbank abfragen' link.

Looking at this, it does feel good to boycot the music industry.


OK, I got curious. I'm trying to figure out what software the 13 root DNS servers run. With this little shell script:

  for i in a b c d e f g h i j k l m;
    do echo $i.root-servers.net; dig +short -c chaos -t txt version.bind
      @$i.ROOT-SERVERS.NET.  | grep -v "^;;" | grep -v "^$" | grep -v ";vers";

One can compile this list:

  a.root-servers.net "VGRS2"
  b.root-servers.net "8.2.5-REL"
  c.root-servers.net "8.3.3-REL"
  d.root-servers.net "8.3.1-REL"
  e.root-servers.net "8.3.3-REL"
  f.root-servers.net "9.2.2rc1"
  h.root-servers.net "8.3.4-REL" / "9.2.2" (try a couple of runs of the script)
  i.root-servers.net "8.2.3-REL"
  j.root-servers.net "VGRS2"
  l.root-servers.net "BIND-8.3.1-MA-PATCH-JMB-01"
  m.root-servers.net "8.3.4-REL"

Given that we know that K switched to NSD, we can ask it:

  dig +short -c chaos -t txt version.server @k.root-servers.net
and see:
That leaves us with one mysterious server, G.

A and J are the Verisign servers, and according to this article they may actually be running the proprietary ATLAS software Verisign developed (why is beyond me given djbdns exists, but hey they are a Big Corporation TM). However, I'm not convinced they actually are.

I used the (crude) dns fingerprinting tool available at darklab.org to look at the size of the packet returned after a query for and 'localhost'. This is what I saw:

A  VGRS2                  104  102
B  8.2.5            ->    111  102
C  8.3.3                  104  102
D  8.3.1                  104  102
E  8.3.3                  104  102
F  9.2.2rc1               104  102
G  ?????                  104  102
H  8.3.4                  104  102
H  9.2.2                  104  102
I  8.2.3                  104  102
J  VGRS2            ->    256  102
K  NSD-1.0.2              104  102
L  8.3.1-MA-PATCH-JMB-01  104  102
M  8.3.4                  104  102
Using ethereal to capture the responses, I looked at the result for the query about only (since all the 'localhost' response have the same size, and the couple I checked said NXDOMAIN). Here is what I found:
  • All servers except B respond with NXDOMAIN, and point to A as authoritative.
  • B kindly tells us that is LOCALHOST, which explains the slightly larger packet it returns. (Dig confirms this with dig @b.root-servers.net PTR
  • J also responds with NXDOMAIN, but returns all root servers except itself as list of authoritative nameservers (!)
  • K returns the authoritative information entirely in lowercase, all other servers respond entirely in uppercase. Potentially a way to distinguish NSD from BIND?

Given all this, my suspicion is that A and G are running BIND 8.x or 9.x. J, however, puzzles me. Maybe it is running that proprietary Verisign software. Maybe just some version of BIND. I guess I need better tools/more time to figure that out.

That is as far as I got. Any insights welcome :) And if you have pointers to better DNS fingerprinting software, I'd be grateful.


Last entry of the year! It's been a busy month, December, with an exam, lots of travelling, and a paper to write. I've been in the US for a couple of weeks, we were visiting my girlfriends' family. It was nice - and I even got to work some on my paper about the copyright legislation and its influence on innovation. I'm not quite finished yet, though.


I've just posted an Advogato Article, my first one :) It's about the Last Call Working Draft of the W3C Royalty-Free Patent Policy, for which the deadline for comments is tonight. Have are read and comment if you can...

18 Dec 2002 (updated 18 Dec 2002 at 05:27 UTC) »

Shudder. I helped my girlfriend's parents get a new machine, and it came with XP - no way around it. I wanted them to get an iMac, but they really wanted a PC...

The coolest part of this computer is no doubt the screen. It's a Samsung SyncMaster 171v, a 17" viewable LCD, and it's amazing. Crisp image, giant screen surface, 1280x1024, contrast ratio 400:1. And only $400, too (after $150 mail-in rebate)!

So my first real experience with XP (yes, I had been lucky so far :) Their machine has a P4 2.4GHz, 512MB RAM, and a 60GB 7200rpm hdd. You would expect it to fly. Well, not really. XP is slow. I'm currently looking at a tweaking guide, maybe that will help.

What blew me away, though, was when I selected 'Windows update', giving me no less than 26 'Critical updates and service packs', and another 20 or so less critical fixes. Wasn't XP supposed to be Redmont's safest OS ever? Yeah, right.

What a piece of crap.

27 Nov 2002 (updated 27 Nov 2002 at 00:06 UTC) »

OK, I need to rectify something here. I wrote yesterday that I was not aware of any coordinated action in Belgium against the crazy laws the WIPO is trying to make us swallow.

That is not entirely correct, I had forgotten about the AEL, as Liam R. E. Quin, Joao Miguel Neves and MJ Ray helpfully pointed out. Thanks, guys, much appreciated!

Time to start doing things - as far as that is possible from the UK.

25 Nov 2002 (updated 25 Nov 2002 at 20:56 UTC) »

I just finished listening to/watching the Flash version of Lawrence Lessig's 'free culture' talk. 31 minutes, HIGHLY recommended - and a transcript and MP3 (should really be Ogg/Vorbis) version are available.

One of his main questions to the audience (OSCON 2002) is 'What have you done?'. A very, very good question. I think the Campaign for digital rights is doing good work here in the UK. In Belgium, my home country, I'm ashamed to say that there is no coordinated action regarding this nonsense. So what am I doing? I'm going to try summing up here, not necessarily in order of importance.

First of all, I'm a member of EFF.

Secondly, when I write software, I GPL it.

Thirdly, after a happy couple of years working, I am now doing a masters in public policy. I am focussing my attention on intellectual property and its threats to innovation, freedom and democracy (amongst a few other things). As much as I prefer just writing code and being a unix sysadmin, I feel we need more people who understand the issues at stake (that's people like us) stepping from behind the screens, and more actively trying to influence the debate. I have to write a dissertation next summer - guess what that will be about.

The last thing I do is talk about intellectual property and its effects to people I know. Friends, family, classmates, etc. My girlfriend calls me a 'computer activist' - something she says she didn't know existed until she met me.

I've also written a few articles about the issue for a now defunct Belgian computer magazine (corporate.net).

All of this is something, but not enough. I want to do more - time permitting of course. Maybe more precisely, I want to be more effective. I would like to hear and learn from you what you are doing! E-mail me...

7 Sep 2002 (updated 8 Sep 2002 at 21:07 UTC) »

So now the IPSec tunnel I've been working on finally works. In the end we ditched the Symantec Firewall/VPN appliance 200, got a Cisco 1710, and it worked at once.

Frustrating. I am not happy with these Symantec things. They are really OEMs of a company called Nexland, and I suspect they are built on FreeSWAN - the log entries are identical, so...

But try to connect them to a Checkpoint FW/1 NG on the other side, and you can't even get the IKE to work properly. Connect them to a Cisco on the other side, and all seems to work (pinging through the tunnel works fine, etc), until you send some larger http packets, at which point the Symantec doesn't encrypt them properly anymore, the Cisco logs lots of errors when trying to decrypt them, and you get serious packet loss. Tunnel unuseable. Symantec posted a firmware update for the thing on August 26th, which has lots of bugfixes for things that sound rather serious. Even one to do with large packets. But it didn't fix this problem.

If this had been a GNU/Linux box with FreeSWAN, I wouldn't have lost as much time, I think. Hmmmm. I'll think twice before considering using these yellow boxes ever again.


I must say I've refreshed my knowledge about Cisco a bit with all this IPSec stuff. One of the more curious things I found out is that Ciscos work with standard PC RAM. Or at least the (old-ish) 3620 that I was using works just fine with old 'Compaq' 72 pin RAM. Interesting.


I'm leaving coming Monday, to spend some days in Oxford/London, and then move to Brighton with my alter ega. Can't wait! That same day I have an interview at the university - still looking at that MSc in Science and Technology Policy (STP). I hope I'll be accepted - if not I'll have to find something else to do!

1 million dollars

Someone donated 1 million dollars to Duke University to fight abusive copyrights. Now that's good news. The person is 'anonymous' - but if you add 1 and 1... Where is Duke University? Durham, North Carolina. Where is RedHat? Right, Raleigh, North Carolina. That's really close. Well maybe it is a coincidence...


Our good friends in Redmont are mystified about a mysterious wave of successful breakin attempts to Windows machines of all kinds that do not appear to be the result of a worm or virus. Backdoor, anyone?

26 Aug 2002 (updated 26 Aug 2002 at 22:51 UTC) »

So I've been playing with IPSec lately. More specifically with a Symantec Firewall/VPN appliance 200.

The good
It boots blazingly fast (3 seconds).
It has a nice web interface.
I suspect it's built on Freeswan.

The bad
It doesn't interoperate well with other IPSec implementations. With FW/1 4.1 alledgedly it works, but I can assure you that with FW/1 NG it doesn't. A VPN between two of these beasts works just fine as well, of course. It also seems to work with a Cisco router on the other side.
It's a 'black box' - well technically a yellow one. The logs are not very extensive, and the web interface, however nice, gives me a limited feel. I guess I just want a prompt, I'm a bit oldfashioned.


Setting up a VPN tunnel through a NAT device (in this case a Cisco 827) turns out to be slightly troublesome. The problem is the Port translation done by the NAT - IPSec doesn't really like that. But here's an article that tells you which line to add to your config to make it work. Beware, however, you might need to update your IOS....

Life, the universe,...

Last week at work. I'm getting my paperwork together for my application to the University of Sussex. It's complicated and involves translations of my diploma and transcript. I also need references - luckily I have built enough social capital to get a few of those.

22 Aug 2002 (updated 7 Sep 2002 at 08:43 UTC) »

I'm going to move pretty soon now. I'm excited - most of all to see my alter ega again. I'm looking at studying now, there's an interesting MSc in Science and Technology Policy (STP) there that I am going to apply to.


It's official now, I have resigned. It's a shame, I will miss my colleagues, the good atmosphere, and the cool job at ba.be. And the domain name, of course :) But the future lies before me, and the coming year, I will be in the UK!


Homewall, our trustworthy home server, has been working wonderfully since December 4th 1999. It was a Redhat 6.2 box with some firewalling and the usual other things. A couple of weeks ago I have rebuilt the software from scratch - now it runs a nice Debian Woody. This box is a good example of cooperation between me and my dad - he built the electronics to have it switch on automatically as soon as there is traffic on the LAN, and I did all other software bits. And it works just perfectly and independantly.

Sysadmin interview

After reading an ask slashdot about how to interview a sysadmin candidate, I took the brainbench general linux administration test again. Scored somewhat higher than last time - now I am in the top 4 percentile :)

The comments on the ask slashdot piece were quite interesting - especially since I might be doing some interviews soon. Anyone remember corewars? Now that was a cool game! I haven't played with robocode yet, but it looks like corewars' modern day's equivalent....

19 older entries...

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!