CiaN:MinDMaP

Yes!  We are prepared.

That’s what we are now able to say when people ask us.  Basically we are processing DNS logs, scraping for any of the 90,000 Conficker A+B domain names.  As of tomorrow that won’t necessarily work, as it will be generating 50,000 new domains every day.

What we are doing is comparing all the DNS queries that come in with an in memory database of the conficker domains (very fast), then cross-indexing those IP’s / timedate stamps with user records.  Once done, this information is injected into our existing anti-abuse system.  While I can’t say what happens then, let’s just say that our existing process (people, machines, etc) deal well with viruses, and worms.

My current (un-verified) estimate is that there are anywhere from 0.001 – 0.002% of our customers infected.  This is lower than expected, as I think Canada makes up for about 5.8% of the entire 3 Million hosts, which would work out to a national average of 0.005 – 0.006 %.  I entirely attribute this to some of the super secret “we’ll take care of you” anti-abuse systems we’ve put in place for consumers.

I never realized how hard it is to talk about stuff like this, and remain confidential

Tags: botnet, computers, dns, systems, work
Posted in Personal | | No Comments »

So here I am working at 1:30 am. Man this job is fun. Today I was slicing a disk on a brand spanking new Sun box that I’m building from scratch. And to boot, no one to date seems to have been able to get Solaris Liveupdate to work on their machines. Why? I’m guessing that it’s probably because some of the disk slices were setup incorrectly. I looked at some machines today and they were attempting to use, or not using at all the reserved backup slice 2.

After I setup all the slices properly, I created a mirror accross the two disks. Sounds geeky but man it’s fun.

Just tonight I put a few DNS servers that I’ve been building for the last two weeks live. They are chugging away nicely. I’m very happy actually with how smoothly it all went – I had to port a web application that is used to make changes to an Oracle database, which holds all of our 15000 DNS zones. Then I had to make sure that this script which runs on each nameserver that generates all the zones from the db worked.

After that, I had to get routing setup for the two virtual OSPF IP’s that I was pulling from the current live servers in the other data center. It was really neat to just be able to turn up my interface, and pull traffic from two live servers on the other side of the city.

After coming from a world where you have either windows, or linux, and seeing a lot of frustrations with some of the ‘covenants’ that Solaris observes, it’s nice to see that it has a nice, solid interface to manage disks, their geometry and setup, and a real way to see what’s going on. As long as you have a calculator handy anyways :-p

Alright, just got my call, did some final tests and everything is a-ok! Bed time!

Tags: disk, dns, liveupdate, mirror, oracle, ospf, slice, solaris, work
Posted in Personal | | No Comments »