Asian earthquake brings virtual currency sales to a screeching halt

IGE, MySuperSales, GamerKing, EzGaming, Enotts (all really the same company), Mogs, FavGames, and Guy4Game are all reporting significant delays in virtual currency deliveries due to the earthquake in Asia. Vendors that do have stock available are being overwhelmed. In short, if you plan on buying any virtual currency in the next few days, expect some significant delays.

Debugging with strace

strace is a useful Linux utility for watching the system calls that a program makes. I usuall don’t have to dig this deeply into an application to debug it, but I’m running int a problem with one application, and the developer recommended doing an strace to see if anything looks suspicious. Here’s the command I’m using:
strace -Fft -o /var/tmp/strace.out -p <PID>

This command has a couple useful options. the “Ff” makes the strace follow program forks. The “-t” makes it print a human readable timestamp before each line. The “-o” argument dumps the output to the specified file, and the -p argument attaches it to a specific process.

The output is fairly cryptic, but I’m hoping that it catches something useful

Finally, a Page Rank of 4!

Google is a mystery to me. The home page of this site has had a Page Rank of 2 for quite a while. Right, now, if you check out my links on Google, it shows the same ones that I’ve had forever, bu somehow I suddenly have a page rank of 4!

I have been working on generating more content on this site (like the semi-regular blog postings). As part of that, I installed WordPress, which I supposed search engines might like. I’ve also been generating some incoming links by posting a couple things on Slashdot and various other places. In addition, I’ve noticed that I’m slowly getting a few more people that have installed my speedtest, which has a link to this site.

I guess everything is working. Now I need to start doing this to the sites that I make money from 🙂

Changing the IP Address of a DNS Server

We’re upgrading our DNS Servers from BIND to PowerDNS, and at the same time, will be changing their IP addresses to move them onto different networks.

I looked all over the Internet and could never really find a way to change the IP address of a DNS server. It seemed that there was a chicken and egg problem. Suppose you have a domain named mydomain.com. At your registrar, you’ve told them that the Primary name servers for mydomain.com are ns1.mydomain.com and ns2.mydomain.com.

Now, if you change the IP address of ns1 & ns2.mydomain.com, how does the rest of the Internet know how to get to them? The solution is that somewhere, there is a global registry of DNS servers that really define where ns1 and ns2.mydomain.com are at. I’m not sure where this is at, but fortunately, our registrar (Godaddy) has a way to edit them. All that was required was to log into our Godaddy account, find the “host summary” section, and change the IP addresses there that were assigned to ns1 and ns2.

I assume that once we changed that, Godaddy submits those changes to the mysterious database of name servers. They said it takes 4-8 hours for that to happen, but I noticed queries coming in to our new servers immediately. Queries will continue to go to our old DNS server for a couple days. dnsstuff.com has a cool tool called “ISP Cached DNS Lookup” where you can see how long your DNS records are cached at many major ISP’s.

With careful planning and an decent understanding of how DNS works, our switchover went flawlessly.

External authentication for PowerDNS built-in web interface

I’ve been working with PowerDNS recently to replace our old Bind servers. One small issue I’ve had with the program, though, is that it’s built-in Web interface that displays statistics about the running server only works with a username and password. I didn’t particularly like this setup, because it means that everybody that needs access to it has the same password.

So, I configured the PowerDNS web server to only listen on the localhost, and the created an Apache instance on the server to perform the authentication, and then do a proxy lookup on the PowerDNS Web Interface.

PowerDNS Configuration from /etc/powerdns/pdns.conf

## Start the webserver for statistical information
webserver=yes
webserver-address=127.0.0.1
webserver-password=
webserver-port=9099

Apache Configuration
I just put this file in /etc/httpd/conf.d/pdns.conf You can use any type of authentication here that Apache supports, just like you would use in a .htaccess file

<Location /pdns/>
  AuthType Basic
  AuthName “Admin”
  AuthUserFile /var/www/html/.htpasswd
  Require valid-user
</Location>
ProxyPass /pdns http://127.0.0.1:9099/
ProxyPassReverse /pdns http://127.0.0.1:9099/

Impressed with PowerDNS

I’ve spent the last couple weeks working with PowerDNS. We’re migrating our old BIND servers over to new PowerDNS servers that use a MySQL backend. Installation was fairly easy, because things were well documented. The application has worked perfectly, and when I emailed their mailing list to ask about a configuration setting that wasn’t documented, I got a useful reply within minutes.

Since PowerDNS is just the DNS Server, it doesn’t provide any user-interfaces for modifying the DNS information. I took a look at several of the possible applications that claimed to be “front ends” for PowerDNS, but didn’t find any that suited our needs. (I tried out WebDNS, Tupa, and a couple others listed on SourceForge). The existing tools were too complex, too simple, or too buggy. But, the database schema that PowerDNS uses, is pretty straightforward, so I wrote a PHP class that provides most of the necessary functions, and started our long-awaited customer interface that uses the class to allow our customers to maintain their own DNS records.

Overall, this has been a great project with great results.

Laughed for several minutes from this comic.

It’s not often that a simple comic will make me laugh for several minutes, but I thought this one was great.
Sudo

I found it at http://www.redhat.com/magazine/025nov06/features/gifts/xkcd.jpg

sudo” is Linux program that allows regular users to execute certain commands as root. Often, when working as a non-root user, you will type one command, and it complain that you need to be root to run it. You would then quickly add “sudo” to the beginning of the command and execute it again, this time running as root, and the command will run successfully.

Database encryption made easy

I’ve always wondered how one would securely store sensitive information in a MySQL database. A recent project has given me the opportunity to work on it, and I’ve been impressed on how easy it is to implement. MySQL provides an easy interface for encrypting data before storing it in the database. Simply use the AES_ENCRYPT and AES_DECRYPT functions when reading or writing to a table.

Simply make your column a blob field, then use something like this to write to the table

(using a PEAR::DB syntax)

$db->query("
UPDATE sometable
SET    some_col = AES_ENCRYPT( ?, ?)
WHERE something_else = ?
" array( $sensitive_value, $encryption_key, $index));

and something like this to read it back out

$value = $db->getOne("
SELECT AES_DECRYPT( some_col, ?)
FROM   sometable
WHERE something_else = ?
", array( $encryption_key, $index));