Wednesday 15 February 2012

Breakinguard - How old is it now!

  As some of you may know, a long time ago I had a need to block persistant password attackers from various servers I managed (Working for a relatively large domain hosting company at the time), and because iptables didn't exist, ipchains wasn't everywhere I wondered what to do. I was learning Perl primarily through automating jobs at my job, and so I decided to write a little script that would 'watch' certain logfiles for attempts at gaining entry via repeated password or dictionary attacks. If the attack tried several attempts within a certain time-period, and from the same source IP, then flag it up, alert and then block using one of a few techniques. Not fool-proof, not perfect but it did the job.

Perl had a handy module called File::Tail that does exactly the same (sort of) as doing a tail -f /var/log/blah in the linux shell, so just run that in a script, watch for certain patterns and act accordingly. At the time the blocking action was either add an ipchains block rule, or add a route entry pushing the offender to the loopback interface. OK so this wasn't going to stop them DOS'ing us, etc, but it kinda did the job, and at the time internet connections weren't huge, if I remember rightly we had a 4Mb line or something like that, that was for a large domain hosting company, none of this 50Mb to the home, fibre or gigabit connections! So it did the job nicely.

Well, I started to install it on more and more servers that I looked after, or helped to look after, people asked about the script and slowly I started to pass it around, just by email at first. So I then decided to package it up and distribute it. My first bit of 'freeware'/GPL software was born! The software existed quite some time before it, but the official publication date was 5/5/2005 as that was when the package was created, however the release date that you'll see most other places was 27/7/2005 as that was the date that I released it on

The original code is still up there, but don't look! It's horrible perl code, badly written, but it does the job!

Just looking on at the site you'll also see very poor HTML design (something I can still never shake off, my design eye is terrible!) The release up there now is dated 08/01/2008 version 0.11 and hasn't changed a great deal since the original to be honest, a few filters and a few nicer tweaks and thats about it! I belive it is still used in some places, but to be honest its had its day.

Now, a lot of people would use simple iptables, as you can do the same natively such as:

<p>iptables -A INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent --set</p>
<p>iptables -A INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent --update --seconds 60 --hitcount 4 -j DROP</p>

Which does the same thing really, so I think my software is dead or dying! If you do still use it, do pop a comment on or a mention as I'd appreciate it. Unfortunately I doubt I'll be doing any further updates to it, but will keep it live just for historic reasons rather than anything else!


Wednesday 1 February 2012

Central Heating twiddles

 So recently I've been noticing that the heating in the house is on what seems like a lot of time, the radiators aren't always as hot as I'd expect and generally the house is a bit chilly. Now this is during the coldest time of year where I live in the UK, so temperatures outside are dropping to 1 or 2oC overnight and during the mornings not getting far beyond that. With everyone in the house out during the day I'm unsure what it goes to during this time, but on evenings/overnight is when we notice it. So I started to watch how the heating was setup and then started tinkering!

We use a gas-fired central boiler (not combi), that has timed on/off schedules for heating and hot water. The hot water/heating switch is done by changing the valve setting from the pump circulation (i.e. when hot water is set to on it will divert some/all of the heating hot water circulation into the hot water tank). So my first observation is that when heating and hot water are on at the same time then surely this will halve the efficiency of doing one or the other jobs quickly.

Radiators in each of the rooms, the majority have TRV (Thermostatic Radiator Valve)'s fitted on them, and have a 0-6 scale for setting the desired temperature. Most of these are set to maximum all the time. Only two radiators do not have TRV's, these are both in the living room/dining room (It's one large area, no partition walls, etc). This is also where the temperature room thermostat is located.

There is a single room thermostat in the dining room, this is a digital/electronic temperature sensor running off two AAA batteries (annoying when they run out), that switches the heating circulation on and off depending on the ambient temperature.

The other little niggle is that the house is quite open-plan. The downstairs is a large living room/dining room, open to the staircase, and obviously up to the upstairs landing. Therefore the majority of heat (in my limited knowledge) will escape straight upstairs to the top of the stairs! Not ideal.

So, my first steps were to change the heating programmer, to get different on/off times for the heating and hot water cycles, and to prioritise heating by only switching hot water on after I've giving the heating a chance to warm the place up. So I opted for 3 on/off sequences during the day. First one for when we get up on a morning, on 5am-8am heating only. Then for when we get home, 3am-9pm. Then one to keep the chill off at 10pm-11pm. I went for hot water going on once daily from 4pm-8pm. So that seems to keep the heating happily running and not letting the house get too cold, as I think that was an initial problem, the house dipping way too cold, so taking the heating too long to warm back up.

The room thermostat was then set to 20.5oC as that seemed a reasonable temperature that is warm but not boiling. This I think might not be helping things, as I think this might need to be higher, but more on that later.

I then attacked the radiators and the TRV's, as I know I had one of these fail in the kitchen and jam closed, so that TRV was removed, so that radiator is just on full all the time. A few of the radiators needed bleeding, so did that for a few days to make sure we didn't have any problems with air in the system. I then turned ALL TRV's down so they weren't sitting on maximum. This was because a few websites I had read stated that running a TRV at maximum is bad for the valve and heating system (can't find the quote to cite now, if you know please comment/post back!). Then went round each of the rooms and changed the TRV depending on if the room should be hot/warm/cold, the majority of bedrooms I set on 5 (one off maximum), bathrooms a little below that and thought I'd leave it at that.

Unfortunately the heating still wasn't really doing what I wanted, the children were complaining of a cold bedroom during the night/morning, our master bedroom got red-hot at night and early mornings, and the rest of the house was warm! So that didn't quite work it seems. My next discovery were the next generation of programmable TRV's. These you can set times/dates and temperatures and the unit will vary that individual radiator based on this. I thought this would be ideal for the master bedroom, as during the day/early evening it was pointlessly heating the room. So I purchased a programmable TRV from a heating/electronics firm in the UK (I'm not going to name them here, as I found their service SHOCKING, it took 2 devices and me piecing the working parts from the two together to get a single working TRV. Not impressed!).

I ordered "Radio energy-saver regulator" which is a german-manufactured device that simply plugs into your standard TRV fitting, so no draining the system, etc, just unscrew the old TRV top off and this on. You program it either via its LCD screen, or you can also use the USB computer programmer, which I chose. You then set what time-periods to use, temperatures and set it going. This has made a huge difference to the master bedroom, although some further tweaks to the schedule are needed as at the moment its like living in the antarctic! But that could also be due to the overall heating turning off too soon. Obviously the TRV will only heat the radiator up when three conditions are now met. The main heating timer is on, the downstairs thermostat is set to heat and the programmable TRV decides that its schedule and room temperature say it needs to heat. Unfortunately it has no control over the first two conditions, so therefore if the sequences aren't matched, then this fails, and I suspect this is where I'm going wrong at the moment. I'm setting the TRV schedule to warm the room before we retire to the bedroom, but at this time the rest of the house is warm enough, so the thermostat on the heating has cut out, so although our TRV wants to heat the room, it can't as the heating isn't firing. So more tweaking is needed here!


And thats about where I'm up to. I need to do some more tweaking with programs and temperatures to get things right, but I'm happy that I have much more control and I believe I can see where the problems are on the system now!