Blog

News and views from the Clarksys crew on all things cloud, cybersecurity, and scale.

DNS GSLB Doesn’t Work

DNS based geographic server load balancing (GSLB) just fundamentally does not work when you need to provide any sort of QOS on the service. Why? What happens when your customer is in Los Angeles, but their ISP’s DNS server is in Texas? That’s right, you think that your customer is…

Read more...

Network Troubleshooting Made Easy

Draw a map! Yes that’s right, the golden rule of network troubleshooting is to draw yourself a diagram. How do the computers, switches, and routers plug in with each other on the network. Are you running VLANs, how is traffic supposed to flow from point A to point B. Put…

Read more...

It’s PAT not NAT

“Network address translation (NAT, also known as network masquerading or IP-masquerading) is a technique in which the source and/or destination addresses of IP packets are rewritten as they pass through a router or firewall.” Except 99.999% of what people think is NAT is really PAT. If you only have a…

Read more...

How GPS is Killing Lighthouses

See: How GPS is Killing Lighthouses: Lights Out along the German Coast The popularity of the satellite-based global positioning system has led to the closure of lighthouses along the German coast. Many more may soon be extinguished. But critics question whether the new system is reliable and safe enough…

Read more...

MySQL Cluster: Two webserver setup

There is a good HOWO available on the MySQL Developer Zone titled: MySQL Cluster: Two webserver setup. MySQL has supported Master->Slave replication for some time now. With the latest version of MySQL you can now run Master-Master replication. This allows you to load balance multiple MySQL servers for redundancy…

Read more...

SQL Injection Attacks by Example

A great read for anyone running a web based application. This goes to show how important it is to validate user imput before executing it. "SQL Injection" is subset of the an unverified/unsanitized user input vulnerability ("buffer overflows" are a different subset), and the idea is to convince the application…

Read more...

Filesystem Snapshots Rule

For those of you unfamiliar with them, the part of the reason the Network Appliance (NetApp) Filers became so popular (besides their speed and ease of administration) is the ability to create a filesystem snapshot. A filesystem snapshot is a point in time copy of the filesystem state (done with…

Read more...

OpenBSD continues to Innovate

The OpenBSD project is at times misunderstood by the population at large. A project driven by passionate people, OpenBSD bas contributed many things to the world that are sometimes taken for granted. If you have ever used SSH most likely you were using OpenSSH. Were would we be…

Read more...

Solaris: ok prompt hassles

If you have ever worked on a Solaris server at some point you have unplugged the keyboard or powered off a connected console when the system key was not in secure mode. What happens when you do this? The system drops to an “ok” prompt, and much fun ensues. Of…

Read more...