Monday, January 30, 2006

portsentry


Last night I found Portsentry that will notice port scans and will block future accesses from those hosts.  I followed these instructions to install Portsentry 1.2, and it went very well.  The only problems that I had was I had to remove an extra newline in portsentry.c when the compile failed, and the sample init script has an extra '<' character in it.


After I installed it, I wanted to test this out to make sure that it was working, so from my home machine, I ran nmap against it.  This recognized the port scan, and blocked it with iptables.  I knew that if I restarted iptables, the rule would be wiped out.  But when I tried that, I still couldn't ssh into the machine.  It took me a while, but I realized that Portsentry added an entry to hosts.deny.  Once I removed that entry, everything worked fine again.


Technorati Tags: , ,

Saturday, January 28, 2006

Installed DSPAM


I finally got around to installing DSPAM, that I wrote about before, on the MailBarricade servers.  This offers an additional spam filter to the Bayesian filter supplied by SpamAssassin.


I was able to follow these instructions for compiling DSPAM for use with amavisd-new, and they worked very well.  In addition, I trained  the database with the SpamAssassin Public Corpus (link on this page).


running command detached from console


I had used this command before, but I forgot it.  nohup is a program  that lets you run a command and lets it continue even when even when the user logs out.


The way you use this command is:



nohup <command to run> &


Then you can see the output by tailing nohup.out.


[via Compaq ProLiant Servers and Linux]


Technorati Tags:

Friday, January 27, 2006

Switched to Speakeasy VoIP

Today, I finally switched to Speakeasy VoIP service.  I finally got upset about Vonage, as they decide to start blocking incoming phone calls that have CallerID blocked, without warning us.

The switch was very easy.  I just connected the ATA to a switch connected to my DSL modem.  Speakeasy had allocated a new public IP address for the ATA, so I didn't have to switch the configuration of my firewall.



Wednesday, January 25, 2006

disable pop3 from cyrus


I don't use pop3, pop3s, or imap to access my mail server, but only use secure imap.  The other ports have been blocked by iptables, but cyrus-imapd runs all the daemons by default.


If you want to disable some of these services, you can comment out the services you don't want in /etc/cyrus.conf.


Technorati Tags: , , , , ,

eAccelerator


The page that has the optimizations for mysql also has a link to a walkthrough for setting up eAccelerator.  eAccelerator is a php extension that caches compiled php scripts, so that the web server doesn't have to compile the scripts for every access.


Technorati Tags: , ,

mysql optimization for VPS


Recently, I have noticed that the performance of my web sites have been pretty poor.  It appeared that any pages that connected to my mysql database, were the major problem.  When I looked at the output from top, I saw that the CPU usage for the VPS was reaching 100% when these performance problems were happening. 


The main problem is the processes running in my VPS did not add up to using even anywhere close to that much CPU.  It appears that some other VPS or the host itself was using a high processor time, and the process priority was not set correctly.


While I was trying to work around the problem, I found this page that describes a configuration for mysql that works well in a limited resource VPS.  These settings seem to work for me.


Update:  It looks like the problem was some other VPS, or the host.  The host was rebooted, and the problem hasn't happened since


Technorati Tags: , ,

iPod thoughts


I have been using my iPod for a while and I really like it.  It is a very cool, but pretty pointless device.  I have copied all of the music from my laptop onto it, have purchased some TV Shows from the iTunes Music Store, and have converted some videos with iSquint.


During this time I have thought of some things that I would like:


  1. Larger selelection of TV shows on the iTunes Music StoreThis post describes an error in the guide data that caused my Stargate Atlantis Season Pass to not record the latest programs.  I wish I could have just purchased these episodes.

  2. Extended battery pack.  You can only watch about 2 hours of video on the 30 Gb iPod.

  3. An Alpine iPod adapter that would support video output.  The iPod is a more compact  and resilient way to store videos for viewing in the car than DVDs

  4. An Apple iPod Universal Dock, to make it easy to connect the iPod to my laptop at work.


Technorati Tags: ,

Tuesday, January 24, 2006

Thank you Ronald


Thank you for spoiling such an incredible granddaughter, that I am lucky to have married.  Thank you for welcoming me into the family.  Thank you for showing the same love to your great-grandkids.


I will miss you.  We all will miss you.  But you will be in our hearts, and I know that you will be watching us.

Saturday, January 21, 2006

Update on phpBB and PostNuke permissions


I just found out today that the page, linked from this post, that described how to make phpBB respect PostNuke permissions is not up.  Here are the instructions that I used, as I remember them.


Update the following files:


faq.php, index.php, memberlist.php, search.php, viewforum.php, viewonline.php and viewtopic.php


and add the following chunk of code to the beginning:




// Begin PNphpBB2 Module
if (!defined("LOADED_AS_MODULE")) {
die ("You can't access this file directly...");
}
// Security check
if (!pnSecAuthAction(0, 'PNphpBB2::', '::', ACCESS_READ)) {
include 'header.php';
echo '<div align="center"><center><table border="0" width="400" height="100%">
<tr><td height="300" width="100%" valign="middle">     In or
der to protect the privacy of the home owers, you must login in order to access
the forums.</td></tr></table></center></div>';
include 'footer.php';
return;
}


Technorati Tags: , ,

iPod Video Guide


This page is a great guide about getting and playing video on the iPod.


Technorati Tags:

Thursday, January 19, 2006

BugMeNot


The BugMeNot Firefox extension is now compatible with Firefox 1.5.


[via roachfiend.com]


Technorati Tags: ,

MailPictures


There is a new version of MailPictures that is compatible with Mail 2.0 in Mac OS X 10.4.  This allows you to include your photo in your emails that you send.  Also, it will automatically import pictures from emails that you receive into your Address Book.


[via Hawk Wings]


Technorati Tags:

One of the "cool" kids


So now I am one of the "cool" kids.  My family got me a 30Gb iPod with Video.  I am in the process of copying the music, videos and photos onto it.


Since the iPod doesn't have firewire, and my laptop doesn't have USB 2.0, the transfer is taking several hours.  On the plus side, when the transfer is done, the battery will be fully charged.


Technorati Tags:

Sunday, January 15, 2006

Growl notification for S.M.A.R.T. status


I added growl notifications to the script that emails the S.M.A.R.T. status of a Mac OS X machine.  I just added the following line:



echo -e $SMART | /usr/local/bin/growlnotify -t "S.M.A.R.T. status"


Technorati Tags: ,

smtp with telnet


I can never remember the smtp commands when I am trying to test out a change to my mail servers.  This page gives examples of sending smtp commands through telnet.


One thing that is missing is that when testing authenticated smtp connections, you need to replace HELO with EHLO


Technorati Tags: ,

Saturday, January 14, 2006

Definition of broadband


We are staying in a Residence Inn for a while, and they claim to have high-speed internet in each room.  They are accomplishing this by making a 802.11b network available to all the rooms.


Is there a minimum definition of what can be considered high-speed internet connection?  This network connection is pretty slow.  The ping times from here to google.com, are in the 1000 - 2000 ms range, which is pretty poor.


Friday, January 13, 2006

Airport Express sharing Wireless


We are staying in a place, for a little while, that has a 802.11 network.  I wanted to try to  bring our Vonage ATA with us, so we could still receive phone calls.


I brought a Airport Express, thinking that I could use it to be a gateway from the wireless network to the Vonage ATA.  Unfortunatelly, this doesn't work.  Even though you can share a wired connection with wireless clients, when you set up the Airport Express to get it's network connection as a Wireless client, it disables the Ethernet port.


I assume that this is is because they don't want to take market from the Airport Extreme.


Technorati Tags:

Thursday, January 12, 2006

Setting up postfix


When I set up the mail server, I had some interesting problems. 


Fedora Core 2 comes with Sendmail installed by default.  I like using Postfix, so installed a Postfix and redhat-switch-mail.  I ran redhat-switch-mail, and switch the MTA to Postfix.  I then configured Postfix to only not relay mail spam mail, and only accept mail for our domains.


When I started Postfix, I noticed that a bunch of spam messages were getting through and being relayed.  I immediately shutdown Postfix so I could figure out what was going on.  It looks like the redhat-switch-mail program didn't actually removed the Sendmail xinit.d file.  So the Sendmail was accepting messages without any filtering, and was forwarding it to Postfix.  I immediately disabled this script.


Wednesday, January 11, 2006

Picture of car with new springs

I finally got around to taking a picture of our Sentra with the new springs. I'd have to say, I really do like the way that the car handles now.

With the springs:

Picture of Sentra with new springs



moved servers


I finally moved the rest of my sites from the server in our house to an external VPS.  Now when we move, all of the sites will be available.


When moving this blog, I did have to deal with the difference in mysql version number as I did before, but I found out that if you specify --skip-opt, the output is more compatible with versions of mysql earlier than 4.1.


iTunes security with MiniStore


Some people are considering iTunes to be malware for the MiniStore feature of iTunes 6.0.2.  They say that it is a violation of privacy that iTunes is sending information about your music to external servers.  This happens even if you are not explicitly in the iTunes Music Store.


There doesn't appear to be any personal information, other than the currently selected tracks, sent to the servers.  I can think that there should be an option that the user could set to disable this feature.  I personally, will leave this feature enabled.  In fact, I want the recommendations to show for the currently playing track, and not just the currently selected track.


Monday, January 9, 2006

Linksys KiSS DP-600


Kiss-Dp-600Linksys is coming out with a network DVD player that supports HD DVDs (in Windows Media Video format) and music files.  It has a 802.11g connection to access the video and audio files.  In addition, it can access the Internet to access online weather forecasts, games  and Video-On Demand.


It looks like it used to be the KISS DP-600, I assume that Linksys just bought it.  Unfortunately, it looks like this is only available in Europe.


[via Gizmodo, HD Beat]


Technorati Tags: ,

Oyster Speakers


I listened to the Geek News Central podcast recapping CES, and it mentioned Oyster Speakers.  It sounds like they will be coming out with speakers that will get the audio from a 802.11 signal.  They mentioned that it is possible to use them as a stereo setup, or in a surround sound system.


They mentioned that the speakers would be available later in 2006, and would be about $500 for a pair.  This would be a lot cheaper than the Polk Netstreams speakers.


Technorati Tags: , , ,

Securing MySQL


This page has some good instructions for securing a MySQL installation.


Technorati Tags: ,

Hopes for the MacWorld Keynote


Indextop20050111I am hoping that Apple announces a new Mac mini, that comes with FrontRow installed.  Since I have decide to move most of the external facing services from my server at home to a VPS, the main thing that my server is being used for is hosting my music.


If Apple announces a Mac mini that comes with FrontRow, I would go out and buy one and put all of my music on it and connect it to my TV.  Also, the DVI connection and the 1920 x 1200 resolution, would allow videos to look great.


Technorati Tags: ,

Sunday, January 8, 2006

Details of Mail.app's IMAP implementation


Transitioning between different mail servers is very easy when using IMAP.  All that you need to do is to configure your mail client for both accounts, and then just drag the mail messages and folders between the two.


I did this to move the mail to the new server, and I noticed some interesting things in Mail.app when transferring these messages.


  1. When copying a folder that has both mail messages and other folder, the messages in the root folder sometimes didn't get copied

  2. Mail doesn't deal well with a IMAP accout that is above it's disk space quota.  It just states "Unknown Error".  (Thunderbird handles this well.)



Saturday, January 7, 2006

Moving mysql database


In the process of moving to a Fedora Core 2 server, I have had to move some databases from one machine to another.  At first, I tried to just copy the database files, and then restart mysql.  This didn't work.  I then realized that Fedora Core 2 has version 3.23 of mysql, while Fedora Core 4 has version 4.1.


I then tried to run mysqldump, and then run that .sql file on Fedora Core 2, but I kept getting messages like this:


ERROR 1064 at line 21: You have an error in your SQL syntax near 'ENGINE=MyISAM DEFAULT CHARSET=latin1' at line 11


I was able to work around this by removing the "ENGINE=MyISAM DEFAULT CHARSET=latin1" string from each of the CREATE TABLE commands.  I knew that this wouldn't cause a problem since in mysql version 3.23 and later MyISAM was the default engine type.


Technorati Tags: ,

Configuring cyrus imapd


It has been a long time since I configured cyrus imap.  I found these instructions that worked pretty well.


Also, a while ago I posted some instructions that I used to setup ssl for imap.  I just found that the cyrus-imapd rpm includes a Makefile that can create the ssl certs.


Technorati Tags:

building db4 for Fedora Core 2


I am in the process of setting up a VPS to host my web and mail server.  With Tektonic, the latest version of Fedora that is available is Fedora Core 2.  The version of db4 that was included with Fedora Core 2 had a problem with non Intel CPUs.  Bug 91933 at Red Hat's Bugzilla system describes this problem.


This bug report also has a work around.  It requires rebuilding db4 with

spec file that doesn't use posix mutexes.


Here is the spec file


Here is a patch file


Here is a needed wrapper script.


Technorati Tags: ,

Monday, January 2, 2006

Foxmarks


A while ago, I wrote about Bookmarks Syncronizer, as a way to share Firefox bookmarks between different computers.  This stopped working in Firefox 1.5, and they haven't updated it.


This post describes Foxmarks, which also does the same thing.  You can create a free account that you can post your bookmarks to, but their server is currently down.  You are supposed to also be able to host the file yourself, but they don't really have instructions on what is required.


Technorati Tags: ,

Get a public IPv6 address


Earthlink R&D has created a version of the firmware for the Linksys WRTG54G that enables IPv6.  This allows, in addition to the WAN address of your router, all of your devices in your home network to have a publicly accessible IPv6 address.  This would make it easier to run a service on any machine on your network.


In order to run this software, you have to replace the firmware with that provided by Earthlink R&D.  Then you have to configure the router to set up a IPsec tunnel to an Earthlink routing server.


Unlocking Seamless Integration: Navigating Unexpected Hubitat Device Queries and VLAN Challenges for a Smoother Home Automation Experience

During my network debugging efforts , I came across an intriguing observation related to the two Hubitat devices on our network. The logs b...