Print Story Five for fighting.
By blixco (Wed Jun 11, 2008 at 06:06:21 AM EST) (all tags)
Randomly chosen, though the title comes straight from Danger Room.

  1. Don't ask me to delete your windows partition, which allowed me to use the license on another desktop, then come back to me six months later and demand I immediately install windows onto your computer.  You'll find my lack of interest in your panic anything but charming.  I'm funny that way; the more you push, the slower I go.  Right now I have a helper monkey sorting through all of our windows licenses to find yours, and when I do find yours, I'll shred it and we'll take two more weeks to buy you another one, because it takes two weeks to buy anything here.  Yes, we're a geographic oddity: we're a fashionable two weeks from anywhere in the world.
  2. Banks will oftentimes have external signals that something is wrong inside the bank.  These signals are subtle and different for each branch, but they are used to signal approaching employees or security if there is something wrong with the branch.  These signals are only used to cover the time between "employees in" and "customers on."  For instance, if an armed assailant takes one of the early arrivals hostage or manages to plant a bomb or something, the employee will do something, fail to open or close a set of blinds or drapes, or fail to turn off an outside light.  Other employees and/or security will then spot these signals and know to call the police and not enter the facility.  One of the banks I worked in had regular drills.  Since I was overnight shift at that bank, I would sit with the security guard and watch him bust people who didn't catch the signal (in our case, a set of drapes that needed to be opened if all was clear).  It was funny, though, how many people caught the signal and called the cops (who'd been alerted to the drill); fully 98 percent of the employees were aware that something was amiss.  I mention this because this morning, I drove by a bank branch that is normally buttoned up until customer hours start.  This morning, though, the blinds on one side of the building (facing the parking lot) were open.
  3. Talked to my brother for the first time in months on Sunday.  He's a good guy, my brother, who has worked through a lot of crap in his life. His oldest son, my nephew Chris, was supposed to have graduated high school this year, but failed to do so.  They did go to the graduation ceremony to see a family friend graduate.  I wonder what Chris thought, seeing all of his peers and friends who are about to start their lives? I hope it was an encouragement, but I have a feeling that it may not encourage much.  I'm not sure how to motivate a 17 year old...that's the target demographic in the US, right?  Everyone over 25 wants to be 17?  So, how to motivate an unmotivated American.  I say, the draft.
  4. I have an ntop box that parses all of our network traffic and gives me the lowdown on who is doing what.  There's not much in the way of "illegal" activity.  We have a couple of users who stream music or movies at high bandwidth rates, so I've throttled them back.  We have a few others who download a shedload of zip / rar files.  Probably media of some sort.  I did have one user who kept trying to email pictures apparently taken via cell phone.  I don't have any problem with amateur porn, but not at work, please.  Heck, I'm OK if you hit a porn site once or whatever, but if it starts taking actual bandwidth and billable time, then you're going to meet our security folks.  That being said, this ntop box now locks up when I start capturing traffic.  It will capture 99 percent of the packets on the switch, but it won't allow any other service to run while doing so.  The ntop box is running debian, has a multi-core Intel proc, has 4GB of RAM and a ridiculously well-made Intel PCI-E NIC. But our backbone is now handling several GB per second average. My question is: how do people monitor extremely high utilization networks?  Distributed access?  One monitor per vlan?  How?  HOW?
  5. My sister-in-law was laid off, a couple of friends were laid off, one was shuffled down to minimal hours, and two people that I peripherally know are violently dead in a war that continues to make little sense. I am selfish in my happiness, apparently, and will do my best to farm it out a bit, get the word out that hey, you, over there! It will all be OK in the end. What we have, all we have, is this right now.
< A Day in the Life | Remember that time in 2006 >
Five for fighting. | 13 comments (13 topical, 0 hidden) | Trackback
Well by Gedvondur (4.00 / 1) #1 Wed Jun 11, 2008 at 06:17:02 AM EST
You generally don't capture all of the traffic on a network.  Most monitoring is just sampling.  sFlow would be a good example of this as well as Cisco's NetFlow in sampling mode.

The ntop documentation says ntop can:

"Act as a NetFlow/sFlow collector for flows generated by routers (e.g. Cisco and Juniper) or switches (e.g. Foundry Networks)"

So get your switches or routers to collect sFlow or NetFlow information and use ntop as a collector/analyzer.

"If you do not sin, then you too may some day float like a big pink Goodyear blimp of The Lord." -theboz

That's sort of where I was at by blixco (4.00 / 1) #2 Wed Jun 11, 2008 at 06:21:56 AM EST
when I gave up and decided to grab everything.  I'll have to dig back in to that; I could never get ntop to see the netflow traffic.
"You bring the weasel, I'll bring the whiskey." - kellnerin
[ Parent ]
Porn at work by dark nowhere (4.00 / 1) #3 Wed Jun 11, 2008 at 06:54:01 AM EST
So I've probably related this story here before, but I can't specifically remember doing so and the 'billable hours' thing specifically reminded me of it...

So one day a coworker was cleaning out some space on the file server. If you're like me, your home directory has accumulated a few gigs of data from installing tools and source and making data sets to analyze and all of that, over the course of 4 years. You'll get a reminder to keep the directory down in size if possible.

Well it turns out that if you're like $new_hire, your home directory has accumulated a few gigs of porn. In photos. In the "trash" folder. Over the course of 3 months. Forensics will reveal that you've downloaded these one-at-a-time (no zips, no browser extensions, etc.) You'll get fired and laughed at.

As for traffic monitoring, it's tricky when roughly at capacity. I find that networking tools are the kind that work well but have no flexibility. If you can split the traffic sensibly without making a mess of things, that's probably easiest on the head, though maybe not the best overall. We had split based on service for two links with different strengths and it worked well.

See you, space cowboy.

at two of my three post college jobs by MillMan (4.00 / 1) #7 Wed Jun 11, 2008 at 05:41:45 PM EST
my computer has come equipped with both performance reviews and resignation letters of various employees.

When I'm imprisoned as an enemy combatant, will you blog about it?

[ Parent ]
Five for fighting by wiredog (4.00 / 1) #4 Wed Jun 11, 2008 at 08:14:16 AM EST
Isn't that some emo band the kids listen to these days?

Earth First!
(We can strip mine the rest later.)

i remember working a show by gzt (4.00 / 1) #5 Wed Jun 11, 2008 at 08:42:59 AM EST
I remember ages ago working a show and Five for Fighting opened for Vertical Horizon. I was a stagehand, though during the show I worked security on the barricade. All I remember is how brazenly mediocre Five for Fighting was - this was shortly before that superman song hit big - and how the best song Vertical Horizon did was their cover of U2's "Beautiful Day". Man, it's always a bad sign when the best song in your repertoire is a cover.

[ Parent ]
Hey wait. by blixco (2.00 / 0) #6 Wed Jun 11, 2008 at 11:34:37 AM EST
I resemble that last remark.
"You bring the weasel, I'll bring the whiskey." - kellnerin
[ Parent ]
well, you're fine by gzt (4.00 / 1) #8 Wed Jun 11, 2008 at 05:56:29 PM EST
you're not a guy trying to make a living off of it

[ Parent ]
Five for fighting . . . by slozo (4.00 / 2) #9 Thu Jun 12, 2008 at 05:08:01 AM EST
. . . is a hockey reference. Ice hockey, for non-Canadians. In full, the referee will declare the penalty for fisticuffs as "five minutes for fighting", shortened to "five for fighting".

Other good ones are 'two for roughing', 'two for illegal use of a stick', and the more rare 'ten and a game'.

Danger Room by garlic (4.00 / 1) #10 Thu Jun 12, 2008 at 02:08:12 PM EST
Danger Room is pretty sweet, if the commenters are a little insane.

also re: 17 year old straightening out: by garlic (4.00 / 1) #11 Thu Jun 12, 2008 at 02:12:48 PM EST
My brother was definately straignted out by the Navy. Might be tough to get in without a GED though. And there's that whole mess in iraq, but they don't have much access to the sea.

[ Parent ]
There are comments?!?! by blixco (2.00 / 0) #12 Thu Jun 12, 2008 at 06:23:43 PM EST
I normally read Danger Room via rss, so no comments for me...but yeah, they're pretty fucking nutso.

It's my favorite dod blog though.

In re: the Navy, you'd be surprised how active the smaller ships are off the Iraqi oil ports....
"You bring the weasel, I'll bring the whiskey." - kellnerin

[ Parent ]
I can't help myself sometimes by garlic (4.00 / 1) #13 Fri Jun 13, 2008 at 06:23:58 AM EST
I dive into the comments.

[ Parent ]
Five for fighting. | 13 comments (13 topical, 0 hidden) | Trackback