My preferred server platform is linux. I have not yet been able to move to a linux-based system for my daily work, and trust me I’ve tried a number of times to move to a Fedora or Ubuntu desktop. Windows is still best for productivity and day-to-day tasks, as well as compatibility with other office workers. However that brings up the question of how to access resources on a linux system, securely, and easily enough to not take too much time out of your workflow.

I have previously used the free WinSCP to do this. However, much like the FTP clients of yore, you need to transfer the file to your local PC, do the actual editing on your workstation (I prefer PSPad by the way), and then transfer the file back to the server.

Windows fixed this particular issue by adding in Mapped drives, which can connect to an FTP source. This is all great, and it works fine, but it is not a secure way to transfer files which may or may not include sensitive information in them.

Recently a few programs have come out that connect to an SSH server via SFTP and map a drive on your system. The two that I have found and are viable are called Webdrive and SftpDrive. Both products offer a secure connection to your SSH server, including a mapped drive letter. Below is a short review of each product:

SftpDrive

SftpDrive is a program that does one thing and it does one thing well - it connects you to your server via SFTP. In my testing the speed was very fast, it seemed faster than my WinSCP connection even. It does not do caching, which in my mind is a good thing because it can cause problems with different versions of files moving between your system and the server source.

Their support is top notch - contacting them resulted in an immediate email back. They also have some great forums for user interaction, and the owner frequents there as well.

Price: $39 - unlimited upgrades to future versions

Webdrive

The other alternative is Webdrive. This software has a few more bells and whistles - notably:

• Ability to map WebDAV and FTP in addition to SFTP servers
• Caches remote directories locally

If you have the need to map a WebDAV or FTP connection, you can manage this right inside of this program. In this regards, this software will be a ‘one stop shop’ for mapping drives on your system.

It also can cache files on your local system. This has both advantages and disadvantages. The advantage, especially on a slower connection / link, is that when you edit a file on the drive you will actually be editing a file on your local PC, speeding up this process. The disadvantage with this, is that your server files may not be updated right away, adding a delay to when you edit a file and actually having it live on the server. This could add confusion when dealing with a configuration issue or other problem and adds a layer of complexity.

Price: $59.95 /w 1 year of upgrades, $79.95 /w 2 years of upgrades

Final Verdict
It was a close race but Sftpdrive comes out on top for my needs. Unless your organization has a need to keep mapped drives all under the same software, or you are working with a very slow connection, Sftpdrive will work fine for your needs. Also edging it closer to the win is the cheaper price, and the ability to receive upgrades to the software in the future without paying an additional fee. Using this software will increase the overall security of your day-to-day system administration tasks while reducing your time involved.

I would strongly recommend downloading a trial version of each software package and see which one fits your needs!

• WebDrive - A 20-day demo version
• SftpDrive - Get a trial 45-day key and download software

Note 1:
If you need an automated backup solution, I strongly recommend SyncBackSE. Using this backup software + Sftpdrive, you can have an automated, safe backup to an offsite location. Not only will your transfers be secure, but SyncBackSE will encrypt the contents of your backup on the remote location. This is great if you are using a server or other remote service to store your backups - although most services are reputable I wouldn’t want anyone to have access to my financial or other personal information.

Notes 2:
The faster your UPLOAD speed to the internet, the better performance you will see on your mapped SFTP drive. Currently the ISP which has the best upload speeds for the value in my area (Philadelphia) is Verizon Fios. Their lowest package offers 5mbit download, and 2mbit upload. This compares to Comcast which only offers a 384kbps upload on their basic package.

Looking for some small 16 by 16 icons for your website or other application? So was I. Here is what I’ve found:

• bulletmadness - large general use list, some brand specific
• urlgreyhot - (cool star trek reference) - a few mini and brand specific
• famfamfam - the motherload of small icons
• sweetie - pretty large icon set
• favicon.fr - its in french but easy enough to understand, and lots of icons here.
• paul armstrong designs - gallery2 icon set

Here is my contribution, a MySpace icon.

There appears to be an exploit in the wild which is automating the Cacti Command execution and SQL Injection Vulnerability [see Secunia alert 23528]. Via this exploit, any server running an older version of Cacti from before December 28th.

Of course it’s always best to keep your software up to date. Other tricks to keep your system secure:

• Do not use default directories. Instead of /cacti/, use /somethingcacti/. This will foil any scripts which find based on server IP and default location (scripts can still find via a search engine search).
• Run apache using mod_security - this will try to catch SQL injection and remote command execution
• Mount your temporary directory (usually /tmp) with NOEXEC flag. This will prevent any script kiddies who are able to exploit a vulnerability from running other programs from the /tmp directory that PHP usually dumps things to.

Let me know if you have any other tips like these!

Check out Clicky web stats. After you register, you add a piece of code to the bottom of your page and start collecting your stats. It’s really easy to set up, and the stats you get in return are awesome. You can see your stats by visitor, search term, page, etc. It is very clearly shown, and not as hard to figure out as some of the other webstats programs which really bog you down in data that you don’t need. I hate to say it, but it looks a lot nicer than Google Analytics. It is currently free - although I don’t see how they turn a profit at this point (it is in beta still) so I would look for either a pay service in the future, or maybe ad supported.

Check it out and see what you think! This stats service is great for simple blogs and other sites which do not require complicated ad and click tracking.

This seems like a pretty rare bug but annoying anyway. On my system I found that when logrotate would run, some log files such as /var/log/maillog did not rotate properly.

Typically, logrotate works like

Write to <tag>maillog</tag>
Daily, move maillog to maillog.1
Daily, move maillog.1 to maillog.2
etc...

However it was going

Write to maillog,
Daily, move maillog to maillog.1, keep writing to maillog.1
Daily, move maillog.1 to maillog.2, keep writing to maillog.2
etc.

According to this bug tracker entry and this post, it is a problem with the version of logrotate, and people having the /tmp directory on a separate mount (I did not even have mine set to noexec like I should have, and I still had this problem [fixed now, by the way]).

It is easily fixed by installing the version of logrotate from the CentOS fasttrack repository [link]. After installing this, it looks like logrotate is rotating the log files correctly.

Here are a few handy items for Postfix email server users:

1. If your system is acting as a spam / antivirus / relay server for secondary internal servers, and your destination mail server is down, postfix will queue your messages to resend at a later time. In order for postfix to instantly re-queue these messages you use:

postqueue -f

2. The mailq equivilant specific to postfix is

postqueue -p

3. If you want to delete specific messages in your queue, use an ncurses based open source software called pfqueue. It will give you a menu that shows mail currently queued, and allows you to delete specific emails.

I was looking for some software to save (rip) an ISO file from a CD drive that you have. This is great for making backups, or if you access a CD often, it can help you in that you will not have to insert the CD every time your program runs. Also it speeds up your “CD” access.

I had found this a while ago but I had a hard time finding it again, so I thought I would add an entry for future reference.

It is called ISO Recorder by Alex Feinman, there are versions for XP, 2003, and Vista (32 and 64 bit versions for all).

It adds an entry to your explorer menu in Windows XP - explorer integration is nice! Just right click and it presents you with the choice to “Create image from CD”. From there, just tell it where to save the ISO, and it does its thing, and a few minutes later you have your fresh ISO sitting on your HD.

Teaming this up with Microsoft’s free Virtual CD-ROM Control Panel and you can then mount this ISO image as a static hard drive. Point any software requiring you to insert a CD before running to that drive letter, and it will run as the CD is inserted.

A pay commercial version software which does the same thing, a little easier than the above, is called Alcohol 120%. I haven’t used it personally but I hear it works great as well.

powered by performancing firefox

I know I’m a day late and a dollar short, but I wanted to throw in my thoughts on Apple, Inc.’s newly introduced iPhone. Besides pending trademark issue with the Cisco/Linksys iPhone, this looks like a great device. Even if they change its name - a rose by any other name would smell as sweet.

A few years back, I predicted that in several years we would see massive convergence of three devices - the mp3 player, the cell phone, and the camera. You could also add in video player and web/email browser. Now, I’m not talking about the cameras we see on cell phones today - even the 2 megapixel versions that are out are really not that good at taking shots. The full convergence will be successful when it does each of these tasks well.

I knew it had not taken place yet, because the mp3 player/cell phones that have come out so far are pitiful. I bought a Motorola V360 last year, which has memory card support along with a built in mp3 player. However, the interface to this mp3 player was horrible. Every time you launched the java mp3 player applet, it would take up to a minute to load all of your songs. From there it took 30 more seconds to find the song you wish to play. This is not an experience you want to have.

Motorola then ditched it’s mp3 applet in favor of iTunes for cell phones. I was able to install it to my V360 via a hack - it wasn’t pretty but it worked and greatly improved the mp3 playing ability of the cell phone. However the full experience was still missing something.

Enter the new phone from Apple. It plays music, video, photos… and oh yeah it can make calls too. Apple has completely redone the interface, and it is different than any phone currently on the market. The call interface actually looks pretty Skype-ish, which is a good thing. The way you navigate the phone is different as it is a gigantic touch screen. I think there will be some resistance to this type of navigation (as well as the touch keyboard) but it will grow on people and eventually will become the standard on all cell phones. Why keep the whole keyboard there if you only need it a fraction of the time?

I want this phone. I want it bad. Personally, it will be great to have this phone. However, as a business class device, there are a few features I am concerned about, because if it does not support them then it is DOA in the workplace.

The first is its e-mail client. During the demos, you can see it handles photos flawlessly. What about office attachments? Word and excel spreadsheets? Being an Apple device I would not expect these functions to be built in but I am hopeful that Apple has enough sense that it will open it’s OS for development. This is tied into my second reservation. The OS it is running is based off of OS X:

All the power and sophistication of the world’s most advanced operating system — OS X — is now available on a small, handheld device that gives you access to true desktop-class applications and software, including rich HTML email, full-featured web browsing, and applications such as widgets, Safari, calendar, text messaging, Notes, and Address Book. iPhone is fully multi-tasking, so you can read a web page while downloading your email in the background. This software completely redefines what you can do with a mobile phone. [Source]

OS X is based off of BSD - will this be the case with this phone? If so, it should help developers add any kind of applet they can dream up of and will greatly enhance the usability of the phone. I hope Apple takes this direction.

My third reservation is the technology the phone is using. It is not a 3G phone, so the data rates seen on it will not be as good as the Cingular 8525, which uses the 3G UMTS/HSDPA network that Cingular is rolling out. However, the technologies used in this phone might just be enough to outweigh this drawback. It is also possible Apple decided not to use this new technology for cost reasons as the device is already at the upper end of what people will be willing to pay for a phone (especially on a 2 year contract).

Apple has a real winner with the iPhone. Expect this type of phone to really flourish in the next year or two. Apple has conquered my first two devices - mp3 player and cell phone. Once they get a quality 5 or 6 megapixel camera integrated, along with their famous Apple polished interface - Apple will finally have won the integrated device battle.

Developing web apps cross platform can be a pain sometimes, as the drivers used in Windows are typically not available (by default anyway) in linux. For example, if you are using perl based software in linux, and you need to connect to a Windows database (for example, MSDE 2000 or SQL Server)

There are two essential pieces of open source software you will need to use. The first one is UnixODBC [http://www.unixodbc.org]. This software provides the software to create an ODBC connection. Secondly, you will need the driver to connect to your Windows data source. This driver is provided by FreeTDS [http://www.freetds.org].

After installing this software according to their respective websites, if you are using perl you need to also install the module “DBD::ODBC”.

perl -MCPAN -e 'install DBD::ODBC'

You can now set up datasources in your configuration files. In my case, it would be located in /usr/local/etc/odbc.ini, but you can find the location of your driver file using the command
odbcinst -j
In addition to setting up your connection here, you can create a “DSN-less” connection using a connection string. Depending on how your system is set up, you may need to supply the connection password in your connection string anyway.

I’m not going to go over the coding of the database connection, for better instructions on how to use the UnixODBC software see their website:

• Perl ODBC Documentation
• PHP ODBC Documentation

The software I am using as a particular example is Lyris Technologies ListManager. You can synchronize your mailing lists with your database. Depending on your database software your needs will change, so you will need to talk to your software provider for specific information. The information I am providing below is for iMIS software from Advanced Solutions International (ASI).

For the connection string in ListManager, you will use the following syntax:
DRIVER=FreeTDS;SERVER=10.0.0.X;UID=dbusername;PWD=dbpassword;DATABASE=dbname;TDS_Version=8.0;Port=1433;

dbusername = database username, must have dbreader access to your database
dbpassword = password to match username
dbname = actual database name

Make sure your SERVER IP is correct, and the port for MSDE 2000 is 1433 by default. (As a gotcha, make sure any firewall installed allows connections between your servers and ports).

This allows your linux server to connect to your windows server running the database.

Additionally, you’ll need to provide the query string. I’ve found that Listmanager’s tolerance is not very good when dealing with SQL queries, for example it does not accept JOINs. You need to use an alternative method of joining tables. Refer to the Listmanager documentation to see what variables you can pull into their databases.

Below is the SQL statement for 2 different mailing lists.

Selecting a particular Committee or Section:
SELECT Name.EMAIL AS EmailAddr_, Name.FULL_NAME AS FullName_, Name.ID AS Additional_, 'H' AS MailFormat_
FROM Name, Activity, Product
WHERE Activity.ID = Name.ID AND Activity.PRODUCT_CODE = Product.PRODUCT_CODE AND Product.PRODUCT_MINOR ='TEC'
In this case, ‘TEC’ is the code used in iMIS for the committee. You use the WHERE clause to specify joins. I do not think this is the best way, but it works in this case.

To select all Active Members:
SELECT Name.EMAIL as EmailAddr_, Name.FULL_NAME as FullName_, Name.ID as Additional_, 'H' AS MailFormat_
FROM Name
WHERE ((Name.MEMBER_TYPE)='REG' Or (Name.MEMBER_TYPE)='AFF' Or (Name.MEMBER_TYPE)='HON' Or (Name.MEMBER_TYPE)='SEN') AND ((Name.STATUS)='A')

As you can see, it is not exactly simple but it is easy enough to do once you have the right software. Once your software is talking to your databases, it makes things a lot easier!