2004-11-18 00:42
by Vasil KolevToday I finished configuring the last server for the project, it worked ok, but for some reason I had a ugly cable between the machines, and drbd’s synchronization was running at 100mbps, not at 1gbps, so I had to watch it for a hour.
At IBB it was fun as usual , Peio gave me a DVD with some stuff of Noam Chomsky (known to most of us from the discrete mathematics), which I’ll encode today/tomorrow (when I remember the exact options of the mencoder). We had an interesting conversation with Rumen about FSA, and the firewall at his job…
He’s reading here, so I’ll explain it again – almost all proxies, local limitations, etc, can be routed around, if the proxy supports HTTPS (SSL) requests. The trick is really simple – the requests themselves go through a CONNECT request at port 443, and if the machine on the other end has a ssh running at that port, you can easily connect to it. More information can be found at тук. This, of course, isn’t really pleasant for me, because I’m also at the other side – I’m trying to solve this problem at the project, and I’m coming with only two ways – to limit what’s send as a quantity (which in the moment can be done only with a patch to squid), or to make a whitelist of SSL sites, and to filter everything else.
I hate trying to outsmart myself, I always lose.
Today with Velin we watched “Nochnoj Dozor” (Night watch), with subtitles in bulgarian (a bit patched by us), the movie is great, and the book is one of the many reasons to learn russian.
Tomorrow it’s the network security test. I wonder if we have to check the hall throughly, because the cat might’ve dug a IPSec tunnel, from which the students might be able to get information during the test…