Mon May 23 08:32:53 CDT 2011

Live remote display of packet capture with Wireshark.

I would never do this on a really busy server without a narrow capture filter, but it's a handy trick when the situation will allow it: 'wireshark -k -i <(ssh omessenger0 'sudo tshark -i eth1 -w - not port 22')'

Posted by arreyder | Permalink

Sat May 21 09:24:00 CDT 2011

Oh yeah... I'm a Racker now! :)

I was having a bad day at work and griped about it on irc. A few hours later I was approached by three different people about coming to work for them. Each of them people I respect very much in many ways. I ended up doing a whirlwind interview week out in Cali during which I started to get a very bad cold. First group was a start-up and I was very impressed. They made me feel very welcome the role had some key elements that were way too far out of my comfort zone. When you have limited funds, there's a lot riding on getting everything right the first time and I was afraid I'd let these guys down. I expressed this to the gentleman trying to hire me, and he patted my on the back and in the most assuring voice ever said, "I know you can handle it." I'm sure I could have and probably should have given it shot. It was very difficult saying no to those guys. Chances like that do not come often for old guys like me living in Iowa. I took the second gig at a recently purchased start-up, I was miserable from the cold by the time the third all day long interview with a red-eye flight rolled around. I canceled and took an earlier flight home. Never know what might have been in store for me there. -- So 4 months later. I work with the most awesome people ever, and I feel like I am contributing some value. At least of the guys bothers to tell me that now and then. I really appreciate it. It's a dream job, with only one catch. I work from home and miss out on 90% of the fun going on at the office. I also work way too much. Work has replaced all my gaming time and much of the time I should be spending at the vineyard. Work's fun though. *Really* fun, but I need to make some room for the rest of the stuff that used to be in my life. Wish me luck!

Posted by arreyder | Permalink

Sat May 21 08:57:39 CDT 2011

Fun with Tshark: Decoding and displaying select Mysql fields from a packet capture.

tshark -T fields -eframe.time_epoch -emysql.query -emysql.row.text -emysql.message Useful! I use the time stamps to merge in other info about the system and what else was going on at the time of each query. Examples of data that it might make sense to merge in, HTTPD logs, vmstat info from the local system, iostat, etc...

Posted by arreyder | Permalink