After Joost Support Team member under the name “Lodewijk” pretty much gave a response that told the Linux community to fsck themselves in regards to a Joost version for the Linux operating system, what could’ve been a regular Forum thread became mainstream today when it hit the digg.com homepage.

Read the response by the Joost Support Team:

Hi,

We’re currently working on improving the performance of the PC and Mac
versions available today.
Although there has been demand for a Linux version of Joost, we have to
prioritize our business objectives. As a result, we do not have plans to
release a Linux version at this time.

Kind regards,

Lodewijk
The Joost Support Team.

They say there’s no such thing as bad publicity, but this has turned into a “I rather go to hulu.com” comment party on digg.com, and some users say one thing that is absolutely right:

dazparkourdazparkour

They use linux servers. They use free software.
If they wanted to, they could have drafted in volunteer programmers.
They take from FOSS with one hand and they give us the finger with the other.

Joost could have at least put a subversion repository for open source developers to mess around with the open part of the code and at least give some instructions to run from source in Linux. As a devil’s advocate, yes, they run on XUL, yes they run on FFMpeg (with lots of different codecs probably), but there are portions of their work that are propietary and probably not ported to Linux yet.

Maybe this part of their technology has to do with modified versions of their P2P technology. If you fiddle a little bit with their binaries you’ll see references to Skype libraries (which works in Linux), but they must have done lots of optimizations for video streaming (we’d hope)

In any case, as much as I love Linux, we’re still a “desktop minority” (probably thanks to this same stupid circle of companies not wanting to develop software since we’re a minority) in comparison to the universe of Windows PCs out there. Joost is a company on a tough market, they came in early and they may have a technological advantage over their competitors, they’ll be able to scale for being p2p based, their bandwidth costs will probably a third of hulu’s, for now it will be a game of waiting for their web based version and a much needed redesign on their content navigation and search.

We’ll see if they get another round of funding this year, it’s been over a year since they received $45MM, a hell of a lot more content is available now, there’s a limited number of ads, I certainly don’t hope they’ll pull the plug, p2p tv is one of the ways to go, the product just needs to evolve.

I can’t stop playing this remix, here’s the file page at mybloop.com

We’ve noticed that most of our servers have been under heavy attack from random IP addresses to break via SSH.

With the help of the last post on how to ban an IP, and the following python script, you’ll be able to have a cronjob that runs once or twice a day and automagically bans all the offending ips from ever trying to brute force their way in ever again.

touch and make executable a file called “detect_ssh_hostiles”

touch detect_ssh_hostiles
chmod +x detect_ssh_hostiles

Then copy the following code inside:

# Usage:
# python detect_ssh_hostiles [auth.log file path]
#
# Requirement: There should be “ban_ip” and “unban_ip” command availability on the path
#
# Note: you gotta have read permissions on the auth.log file and sudo
#       permissions for the script to ban the ips.

#If an IP meets this number of failed login attemmpts it will be banned
BAN_THRESHOLD = 7
SUSPECTS = {}

#Put here IP addresses you trust, could be making genuine login errors
SAFE_IPS = ['81.73.111.49','101.73.111.160','72.31.171.235','72.36.23.234','82.36.180.210','202.132.82.16']

import os
import sys
import re

BANNED = {}
def loadBanned():
  ”’
  This function will load all the banned IPS into the BANNED Dict.
  It will also count how many times (by mistake) the same IP has
  been banned, and it will unban it, so that it will appear only once.
  ”’
  global BANNED
  command = ’sudo iptables –list –numeric’
  try:
    p = os.popen(command,’rb’)
  except Exception,e:
    print e
    sys.exit(1)

  line = ‘-’

  while line != ”:
    line = p.readline().strip()

    if line.startswith(”DROP”):
      parts = line.split()
      ip = parts[3]

      #add hit or register banned ip
      if BANNED.has_key(ip):
        BANNED[ip]+=1
      else:
        BANNED[ip]=1

  #Make sure banned IPs are banned only once
  for ip in BANNED:
    if BANNED[ip] > 1:
      print “IP %s has been banned %d times” % (ip, BANNED[ip])
      n=BANNED[ip]-1
      while n > 0:
        os.system(”unban_ip %s” % ip)
        print (”unban_ip %s” % ip)
        n=n-1

  p.close()

# —- here we go —-
loadBanned()

#read auth log
logfile = ‘/var/log/auth.log’

if len(sys.argv)==2:
  logfile = sys.argv[1]

command = ‘grep “Failed password for ” %s’ % logfile
#print command

try:
  p = os.popen(command,’rb’)
except Exception,e:
  print e
  sys.exit(1)

line = “123″

while line != ”:
  line = p.readline()

  #Sample line:
  # May 25 03:29:49 main sshd[6933]: Failed password for root from 202.118.236.132 port 54863 ssh2
  pattern = “(.*)(from\s)(\d+\.\d+\.\d+\.\d+)(.*)”
  matchObject = re.match(pattern, line)

  suspect = None
  if matchObject is not None:
    suspect = matchObject.groups()[2]

    #skip safe IPs
    if suspect in SAFE_IPS:
      continue

    if SUSPECTS.has_key(suspect):
      #add a hit
      SUSPECTS[suspect] += 1
    else:
      #add first hit
      SUSPECTS[suspect] = 1

p.close() #close the pipe

print “==”*30

import time
t = time.localtime()
#(2008, 6, 6, 9, 35, 21, 4, 158, 1)

timestr = “%d-%d-%d@%d:%d:%d” % (t[0],t[1],t[2],t[3],t[4],t[5])
print timestr
print “–”*30
if len(SUSPECTS) > 0:
  for suspect in SUSPECTS:
    if SUSPECTS[suspect] >= BAN_THRESHOLD and not BANNED.has_key(suspect):
      print “Banning %s with %d attempts” % (suspect,SUSPECTS[suspect])
      BANNED[suspect]=1
      os.system(”ban_ip %s” % suspect)
    elif BANNED.has_key(suspect):
      print “Ip %s has already been banned” % (suspect)
    else:
      print “Suspect candidate? %s with %d attempts” % (suspect,SUSPECTS[suspect])
else:
  print “Found no suspects to ban”

print “==”*30

Then add this as a cronjob of your root user, and it will automatically ban all those IPs that have tried to break in. See the script for configuration. You can always make some IPs immune to banning by adding them on the SAFE_IPS list.

In case you’re not an iptables guru, you might want to create a couple scripts and put em somewhere on your $PATH. I’ve created two scripts called ban_ip and unban_ip.

Create a file called ban_ip

touch ban_ip
chmod +x ban_ip

Edit it and copy the following code inside:

#!/bin/bash
sudo iptables -A INPUT -s $1 -j DROP
echo IP Address $1 has been banned
echo

To ban an IP, you must invoke

ban_ip <someIpAddressHere>

e.g.

ban_ip 211.32.44.111

And the IP will be banned.

Do the same now for the unban_ip script

touch unban_ip
chmod +x unban_ip

Open your fav. text editor and copy the following code inside:

#!/bin/bash
iptables -D INPUT -s $1 -j DROP
echo Unbanned ip $1
echo

Save it, and use it.

To unban an IP, you must invoke

unban_ip <someIpAddressHere>

e.g.

unban_ip 211.32.44.111

Requirements
Have sudo access, have iptables installed.