Tuesday, October 21, 2008

Ancient Greek Technology

An exhibition on ancient Greek technology titled "Greece and Technology: a perspective through time" will be soon be hosted at the premises of the "Teloglion Foundation of Art" in Thessaloniki, organized by the University of Thessaloniki (Faculty of Sciences).

 

Antikythera Mechanism
The exhibition will open on November 12 and will run through January 11, 2009. The purpose of the exhibition is to highlight the recent scientific findings which show that ancient Greeks were technologically more advanced that it was previously thought.
Within the framework of the exhibition a series of lectures has been announced to take place within 2008. 
Among the lectures delivered, one will focus on the famous Antikythera Mechanism , a device which could predict eclipses decades in advance and was also used to record the four-yearly cycle of the original Olympic Games.

 

Visit the co-organizing bodies: Thessaloniki Science Center and Technology Museum (in Greek)
and the Society for Ancient Greek Technology Studies; Ancient Greece OnLine

 

-- Robert

Wednesday, October 15, 2008

How shall I TADDM the network, if I don't know what it's like?

TADDM, which I've written before, is IBM's detective. It sniffs out and find everything that's connected to the network, interrogates them to find out what's inside and maps out the relationships (who's talking to whom and and who's ignoring whom).

Now, the first time I have to remove the dewy-eyed look from users is when I inform them that, yes, TADDM can discover their unique 3rd-party/in-house applications, BUT... we have to tell TADDM what these products look like so that it can "tag" them correctly. They want TADDM to be able to "guess" or even divine which of the thousands of processes and files scattered around the network are related to which business service they run. TADDM can do that, but it need at least a little help!

The other thing they don't like is when I have to feed TADDM the TCP/IP address scopes and user/passwords of their servers. They say "Why do I need to enter all these things if TADDM is supposed to discover everything by itself?". I must then reassure them that they do not want TADDM to be able to hack into their secure systems without the right credentials!
OK, so TADDM requires the users/passwords for the servers (it can also get the passwords from the organizations LDAP repository) but why does it need me to enter the IP addresses?

For two good reasons: (1) So that  you can give each IP list (scope in TADDM jargon) it's own set of credentials, i.e. IP 200.100.10.1 through 200.100.10.255 uses a certain user/password and a another scope uses a different one. (2) So that you can schedule discoveries by scope, and that way you're not doing the whole net each time.

But... what happens when an organization doesn't know how to split up it's IP range into separate environments? Say there are 200 servers, split into development, test, production and DRP environments all overlapping in the same IP scope. If I tried running discovery, I'd get tons of errors for using wrong user/passwords and I'd get a lot of unneeded devices when all I want is the production environment, unless I matched up IP to environment first.

Of course, the whole point of TADDM is that you don't necessarily know your network ahead of time. So what do you do?

The solution is a bit iterative, but you're not running into errors on the way and you don't need to feed TADDM any knowledge about the way the network is mapped ahead of time. What happens is that TADDM creates something called Logical Connections between devices when it detects that one uses the other. Logical Connections can be between application servers and databases, web servers and storage area network devices, switches and ... you get the idea). Now, once TADDM has completed a discovery, it maps out the Logical Connections between items which lie within it's scope. LC which go beyond the scope are listed, but not displayed on the map.

To leverage this, what we do is get our nose under the tent - we discover a few servers we know are in the right environment, find out which servers they are connected to, add them to the scope and continue till we have discovered everything in the environment we are interested in.

There are two ways of listing Logical Connections outside of the TADDM GUI:

  1. ./api.sh -u username-p password find LogicalConnection
    api.bat for Windows users.
  2. Connect to the database and run select distinct fromip_x, toip_x from logcconn

The first command will create an XML file with all the data, the second regular SQL. I used the second command (slightly modified to ignore 127.0.0.1 and output the data nicely) to create a script file which runs loadscope after the select and then I get an ever expanding scope which contains items which are talking to each other.

Don't forget that loadscope looks for a file formatted like this:

IP_Address/range/subnet, Exceptions, Description 
IP_Address/range/subnet, Exceptions, Description 
IP_Address/range/subnet, Exceptions, Description

Thanks to Byron for the help :)

Hmph.... This post seems a little too long for what I wanted to say... I hope I was clear in the end.

-- Robert

Tuesday, October 14, 2008

Hannibal - The Webcomic

Many people's first exposure to the ancient world of Rome is through the books they read as children. I first encountered Julius Caesar in reading the legendary comic book series Asterix. Mixing the old world with new technologies means that web-comic interpretations of the classical world  were just a matter of time:

From <http://newsok.com/hannibals-epic-campaign-comes-to-web-based-comic/article/3309191>:
=============================================================================
Hannibal's epic campaign comes to Web-based comic
WORD BALLOONS
BY MATTHEW PRICE
Published: October 10, 2008
Most have heard the story of the Carthaginian general Hannibal leading elephants across the Alps to face the Romans. Writer Brendan McGinley wants you to see it.
"There's already plenty of good prose about Hannibal, (but) no good visual medium for a story that crackles with so many unforgettable images, like elephants on the Alps or Mago Barca spilling dead Romans' rings on the Senate floor," he said. "Maybe Vin Diesel's long-stalled film will change that; Victor Mature's sure didn't."
McGinley and artist Mauro Vargas, along with colorist Andres Carranza, bring the Hannibal story to life — with some humorous asides — re-enacting the second Punic War on the Shadowline Web comics page, <http://www.shadowlinecomics.com/webcomics/#/hannibalgoestorome/>.

Vargas "really defines and expresses his characters; you need that where history meets comedy," McGinley said. McGinley said the trickiest part of creating "Hannibal Goes to Rome" is sorting which Carthaginian did what.
"There are so many Hannos, Hannibals, Hasdrubals and Giscos!" McGinley meshes historical accounts to create the tale, which he then passes on to Vargas to draw. "The historians and artist make it easy for me; all I have to do is throw a little observational humor into the mouths of the poor schlubs caught up in events," he said.
"Hannibal Goes to Rome" was first a candidate on DC Comics' Zuda site (www.zudacomics.com). Zuda is a site created to seek fresh talent.
After competing on Zuda, McGinley hooked up with Shadowline's Jim Valentino, who was looking to launch some Web comics.