My preferred server platform is linux. I have not yet been able to move to a linux-based system for my daily work, and trust me I’ve tried a number of times to move to a Fedora or Ubuntu desktop. Windows is still best for productivity and day-to-day tasks, as well as compatibility with other office workers. However that brings up the question of how to access resources on a linux system, securely, and easily enough to not take too much time out of your workflow.

I have previously used the free WinSCP to do this. However, much like the FTP clients of yore, you need to transfer the file to your local PC, do the actual editing on your workstation (I prefer PSPad by the way), and then transfer the file back to the server.

Windows fixed this particular issue by adding in Mapped drives, which can connect to an FTP source. This is all great, and it works fine, but it is not a secure way to transfer files which may or may not include sensitive information in them.

Recently a few programs have come out that connect to an SSH server via SFTP and map a drive on your system. The two that I have found and are viable are called Webdrive and SftpDrive. Both products offer a secure connection to your SSH server, including a mapped drive letter. Below is a short review of each product:

SftpDrive

SftpDrive is a program that does one thing and it does one thing well – it connects you to your server via SFTP. In my testing the speed was very fast, it seemed faster than my WinSCP connection even. It does not do caching, which in my mind is a good thing because it can cause problems with different versions of files moving between your system and the server source.

Their support is top notch – contacting them resulted in an immediate email back. They also have some great forums for user interaction, and the owner frequents there as well.

Price: $39 – unlimited upgrades to future versions

Webdrive

The other alternative is Webdrive. This software has a few more bells and whistles – notably:

• Ability to map WebDAV and FTP in addition to SFTP servers
• Caches remote directories locally

If you have the need to map a WebDAV or FTP connection, you can manage this right inside of this program. In this regards, this software will be a ‘one stop shop’ for mapping drives on your system.

It also can cache files on your local system. This has both advantages and disadvantages. The advantage, especially on a slower connection / link, is that when you edit a file on the drive you will actually be editing a file on your local PC, speeding up this process. The disadvantage with this, is that your server files may not be updated right away, adding a delay to when you edit a file and actually having it live on the server. This could add confusion when dealing with a configuration issue or other problem and adds a layer of complexity.

Price: $59.95 /w 1 year of upgrades, $79.95 /w 2 years of upgrades

Final Verdict
It was a close race but Sftpdrive comes out on top for my needs. Unless your organization has a need to keep mapped drives all under the same software, or you are working with a very slow connection, Sftpdrive will work fine for your needs. Also edging it closer to the win is the cheaper price, and the ability to receive upgrades to the software in the future without paying an additional fee. Using this software will increase the overall security of your day-to-day system administration tasks while reducing your time involved.

I would strongly recommend downloading a trial version of each software package and see which one fits your needs!

• WebDrive – A 20-day demo version
• SftpDrive – Get a trial 45-day key and download software

Note 1:
If you need an automated backup solution, I strongly recommend SyncBackSE. Using this backup software + Sftpdrive, you can have an automated, safe backup to an offsite location. Not only will your transfers be secure, but SyncBackSE will encrypt the contents of your backup on the remote location. This is great if you are using a server or other remote service to store your backups – although most services are reputable I wouldn’t want anyone to have access to my financial or other personal information.

Notes 2:
The faster your UPLOAD speed to the internet, the better performance you will see on your mapped SFTP drive. Currently the ISP which has the best upload speeds for the value in my area (Philadelphia) is Verizon Fios. Their lowest package offers 5mbit download, and 2mbit upload. This compares to Comcast which only offers a 384kbps upload on their basic package.

Looking for some small 16 by 16 icons for your website or other application? So was I. Here is what I’ve found:

• bulletmadness – large general use list, some brand specific
• urlgreyhot – (cool star trek reference) – a few mini and brand specific
• famfamfam – the motherload of small icons
• sweetie – pretty large icon set
• favicon.fr – its in french but easy enough to understand, and lots of icons here.
• paul armstrong designs – gallery2 icon set

Here is my contribution, a MySpace icon.

There appears to be an exploit in the wild which is automating the Cacti Command execution and SQL Injection Vulnerability [see Secunia alert 23528]. Via this exploit, any server running an older version of Cacti from before December 28th.

Of course it’s always best to keep your software up to date. Other tricks to keep your system secure:

• Do not use default directories. Instead of /cacti/, use /somethingcacti/. This will foil any scripts which find based on server IP and default location (scripts can still find via a search engine search).
• Run apache using mod_security – this will try to catch SQL injection and remote command execution
• Mount your temporary directory (usually /tmp) with NOEXEC flag. This will prevent any script kiddies who are able to exploit a vulnerability from running other programs from the /tmp directory that PHP usually dumps things to.

Let me know if you have any other tips like these!

Check out Clicky web stats. After you register, you add a piece of code to the bottom of your page and start collecting your stats. It’s really easy to set up, and the stats you get in return are awesome. You can see your stats by visitor, search term, page, etc. It is very clearly shown, and not as hard to figure out as some of the other webstats programs which really bog you down in data that you don’t need. I hate to say it, but it looks a lot nicer than Google Analytics. It is currently free – although I don’t see how they turn a profit at this point (it is in beta still) so I would look for either a pay service in the future, or maybe ad supported.

Check it out and see what you think! This stats service is great for simple blogs and other sites which do not require complicated ad and click tracking.

This seems like a pretty rare bug but annoying anyway. On my system I found that when logrotate would run, some log files such as /var/log/maillog did not rotate properly.

Typically, logrotate works like

Write to <tag>maillog</tag>
Daily, move maillog to maillog.1
Daily, move maillog.1 to maillog.2
etc...

However it was going

Write to maillog,
Daily, move maillog to maillog.1, keep writing to maillog.1
Daily, move maillog.1 to maillog.2, keep writing to maillog.2
etc.

According to this bug tracker entry and this post, it is a problem with the version of logrotate, and people having the /tmp directory on a separate mount (I did not even have mine set to noexec like I should have, and I still had this problem [fixed now, by the way]).

It is easily fixed by installing the version of logrotate from the CentOS fasttrack repository [link]. After installing this, it looks like logrotate is rotating the log files correctly.