Giving a meaning to port scans

I am a strong advocate of judgment being the best anti-virus, anti-trojan, anti-worm and anti-etc, but when it comes to protection against intrusion well, judgement cannot be of any help, so I put my trust in firewalls. However, I have lately seen many of my 8-thoushandish (8000, 8001, 8002) ports that I use for development http servers being taken by unknown programs.

In order to identify the culprits, I portscanned all my interfaces (you can do that with nmap) in order to find the associated protocols in the hope that this would give me hints on what processes are to blame. Turns out portscans just give you the name of the protocol that is registed with that port through IANA, which gives you no guaranty the process bound to this port is using that particular protocol (I momentarily had forgotten that TCP and UDP do not care for what they transport). For instance, 8000 is reserved for irdmi, which seems to be lost technology as no ones has clue on what the hell its for.

The commands that are actually needed to find what process owns what port under *nix OSes (beside netstat, whose output I find painful to read) is lsof (list open files):

sudo lsof -i | grep “number of port”


sudo lsof -i | grep “protocol name”

If the port has an associated protocol, lsof will use the name of the protocol instead of the number. The output you get, when not piping to grep of course, is a list of every file (ports, sockets, ttys,, RS-232, etc are considered files by *nix OSes) open on your system with the number and name of the process that owns it.

So in the end, 8000 and 8002 belonged to eclipse while 8001 was Camino’s.

The BlacX

Look at this, its about time someone made good use of the hot-swappable physique of the SATA connector. I can finally take advantage of my many spare SATA drives without having to buy a external enclosure for each of them. I just take the drive out of its anti-static wrapping, mate it with the BlacX, and watch OSX’s Time Machine do its magic…

No seriously, I really needed to improve my backup system. As it stood, someone robbing my house could have easily taken all of my digital life with them, but now, I would still have that hidden drive. The next step is protection against fire and other natural disasters, but for that, I just need another loose drive that I could keep at a friend’s place. Aaaahhh, backups, sometimes, I wish I could still think like the profane, that computers contain a certain type of smoke, and that once the smoke is released, it stops working. But no, I have witnessed too many case of data loss (A few years ago, one guy showed at our service desk with his masters on a fried hard drive) and I still pride myself in saying that I have not been a victim of technology yet.

Philosophy aside, when I received the unit, it had a loose part inside of it. I then began to ponder whether I should return it or just void the warranty, but as it turned out, the unit did not have any sticker (I probably would have done it anyway), as if Thermaltake wanted you to have a look. Moments later, I had found the culprit: a screw. But before putting it back in place, I took a good glance at the insides of the unit and was surprised at how simple and well built it was. Sturdy plastics, thick PCB and simple mechanics that are not going to break any time soon and even if they do, it would be easily fixed. I want to see more products made this way.

If you are planning on getting one, consider the BlacX to be ISO me.

No comments

I have had many requests to enable comments on my blog, but the reality is not so simple… In fact, it would not be enable comments but rather implement comments. During the development of the Tree Framework (on which my blog runs), I had a primitive commenting system working, but for the version that I fielded, I decided not to use it because it was insecure. I do realize a blog without comments is not really a blog, but the Web is a wild place, and leaving a website on its own with unprotected HTML forms is asking for trouble. Spiders can generate canned spam comments faster than I can delete them.

But rest assured, comments are on the top of my priority list, and I have identified a very neat way of securing the whole thing: ReCaptcha. For those too lazy to click the link, ReCaptcha is a system that aims at validating whether the user submitting a form is human or not by having them solve a captcha; a test computers are notoriously bad at. We have all encountered such a thing when registering on a website, but ReCaptcha adds to the concept by using character blocks from books that are undergoing digitization. When the computer is unsure of the result of an OCR (optical character recognition), it submits the ambiguous text to the ReCaptcha system so a few humans can confirm the answer. What an ingenious way to harvest brain processing power.

Oddness and superficiality

The person that sits behind my cubicle just asked a newcomer whose voice I do not know how she was. She replied positively and returned the question just to receive the answer she was probably expecting: ” Fine, fine, the long week-end is coming.”

I have never heard anyone saying their day was “pretty shitty as usual” or “was fine until I met you” and probably never will, at least not in this environment. If you are not willing to respond with a negative, it makes the question invalid, since the same answer will implicitely ensue. It turns it into a statement, a statement of politeness.

When I approach someone, I try to avoid this idiom and come up with another way of being polite. Asking questions whose answer you do not care about because you already know is quite rude in my opinion, yet, I hear this one going through every single hour…

For my own posterity

I doubt very much my descendants will ever look into what I did with my free time during the course of my existence. Chances are it will not interest them, because few people enjoy listening to elders talk, especially about programming. But for myself, for my own posterity, I though it would be great to have a paper copy of all my projects. Not only to add a fair amount of resiliency to my backup system but also for history’s sake. Some will build murals with photos of the many vacations they went on. I printed hundreds of pages of uncommented code, organized them in nice binders with a cd-rom copy and stored them on shelves. Now anyone can browse through, and see for themselves that it was true I wrote 35 pages on a communication protocol that will never see the light of day just for the fun of it.

Most parents do keep some tracks of their children’s evolution, but the bookkeeping comes to an end once they quit the family’s nest. After which, it becomes financial institutions who remain keen at maintaining an history of one’s existence, a financial history. Although most of us do fancy looking at the many drawings we made when we were in pre-school, we have to admit that they all looked alike and were of relatively poor historical value (unless you grew up to be a graphic artist). What is the most interesting is the intellectual work that comes later-on, those painful essays in high-school, when producing a 150 work text was a chore. If you actually abstract the constant boredom while doing them, you can easily go back trough time and get a glimpse of how you thought back then, how different you were.

By printing my projects, I will be able to repeat the exercise a few years down the line, albeit with a much deeper analysis, as I never pretented to be a writer, but I do pretend to be a progammer and looking at how I programmed in the past, can surely help me improve even more in the future. Even now, I do go back to my previous creations, mostly to dig out a solution on a pattern I remember dealing with in the past. My work is evolutive and most of the ideas that I am implementing as I write these lines were though of a few years ago during the course of another project. Sadly, those ideas very often came with the realization that the work I did up to that point was inherently flawed, and ended up causing the abortion of that current project in most cases; I suppose it was a necessary step. After all, the relativity theory came from Newton’s celestial mechanics, which in turn was built upon the work of many the many obscure astonomers of those ancient times. The human race thinks upon its own intellect and creates upon its previous creations. We are long past the times where seing a boulder going down a slope gave someone the spark of genius that was the wheel. Things are much too complicated nowadays and history helps us avoid repeating the same mistakes, but it also helps us avoid reinventing the wheel every time.