I just read this in the Postfix Release Notes… and thought I had to share.
[Incompat 20060806] Postfix no longer announces its name in delivery
status notifications. Users believe that Wietse provides a free
help desk service that solves all their email problems.
Who said coders don’t have a sense of humor? 
This neat - one of my favorite products, BeyondTV, records television (standard or HD) but it is only a Windows program. You can use BeyondTV Link to play video on any other PC on the local network (because of bandwidth constraints - if you want to view over the internet, use the BeyondTV Web Interface or Orb)
Your TV, both live and recorder, could also be done using Orb; however Orb lacks the nice interface BeyondTV Link has.
I’ve been contemplating moving to MaxOS X for my next Laptop purchase; this plus VMWare Fusion really makes it easy to switch over to a Mac for us Windows users.
If you are a system administrator, you should dread any time you use the normal “ls” command and receive a strange error in return. That is a sure sign that your machine has been hacked and ls has been replaced by an unknown program. Gnist blog has a nicely written step-by-step list of what you can do to track back an intruder.
In his case it sounds like the original owner of the machine may have used a weak root password on his machine, allowing for someone to crack it and break into the box. People, don’t forget to use a hard-to-brute force password, and finally disable root login s. Instead, use normal users and sudo.
Finally, if you are doing this in a legal setting and preparing for a possible future court case, don’t forget to make an image of the drive (using dd or Norton Ghost) before your analysis; otherwise the intruder can get your evidence thrown out.
Some other security resources:
Meebo, which I have recently been turned on to, yesterday released an iPhone client which is basically a web interface to their chat website (which integrates AIM, Yahoo!, MSN, gtalk, and more). It looks great, take a peek:
That is great that they are developing this and I applaud them for their efforts of releasing updates on mobile devices.
Now, maybe I have iPhone envy, but wouldn’t it make sense to release this for Windows Mobile since the market share that Windows Mobile has is MUCH greater than iPhone? According to Gartner, Windows Mobile shipped a little over 3 million devices in the 1st quarter of 2007 alone (and that number does not even include “Smartphone” devices). iPhone, according to their own estimates [MacNewsWorld], will sell a million units by Sept 30th.
I asked Meebo about their plans for Windows Mobile. Here is the response I received from Sue:
As far as a Windows Mobile version of meebo, it’s
something that we’ve thought about and are interested in, but at the
moment we don’t have development time and resources to add support for
every device we’d like to.
Here is where it gets tricky. There may be a great market penetration for Windows Mobile - but it is not easy to develop a web app for it because there is no standardized browser platform. Sure, you have Internet Explorer Mobile, but let’s face it - IEM is program is not very good at rendering web pages and would be a nightmare to develop for. Each version of Windows Mobile has differences in IEM that designers would have to be conscious of. The other browsers that Windows Mobile users have the option of using: Opera Mobile, Netfront, Minimo - do not have enough market penetration to make it development worthwhile. [on a sidenote, Opera Mobile is the best browser for Windows Mobile, give it a try if you haven't already.]
Hence, we have the major difference between Windows Mobile and iPhone OS. Windows Mobile, although an “open” system that allows developers to create their own programs, has the problem of having a high cost to develop because you need to have Windows Mobile programming experience.
On the other hand, the iPhone, with it’s “Closed” OS, has a standardized browser that works well and is easy to write web code for. Web publishers around the world are free to write code for it in their native programming languages because the browser is the component that renders the graphics and takes care of the network.
So how is this problem resolved? Nintendo seems to have fixed this very same issue by offering Opera for Wii via the Wii Shop channel. Wii users who install this browser have many options available out there for web interfaces that are designed specifically for the Opera browser on Wii - most notable of these is Orb, which has a beautiful interface for the Wii. Microsoft, ever the profitable company it is, wants users to use IE on Windows Mobile and therefore bundles IEM.
Microsoft needs to get with the program and make their browser easier to write for and more standards compliant. If that doesn’t happen, then we are definitely looking at an iPhone future for mobile devices.
If you use Windows Mobile, please contact Meebo and let them know that you’d like to see a Windows Mobile version of Meebo!
…and other MySQL Oddities.
If your MySQL binary log files are a “Growing” problem… there are a few simple steps you can use to curtail their growth and save your disk space from these huge files.
They probably look like:
mysql-bin.000001
mysql-bin.000002
mysql-bin.000003
mysql-bin.000004
mysql-bin.000005
…
And around 1 gig in size each.
These files are generated when you have log-bin=mysql-bin or other log-bin= line in your /etc/my.cnf configuration file.
There are two ways to fix this problem:
The first is to stop the MySQL server from creating these binary files. The only reason you would need the binary log files is if you are doing mysql replication from a master to a slave. In this case, these files are necessary, at least until the slave(s) has caught up with the master. To stop this from logging, comment out (using #) the line containing ‘log-bin’.
The second is to continue logging - this is necessary as stated above if you are performing SQL replication.
You can add a line to your /etc/my.cnf file which will only keep these files around as long as necessary. The line is:
expire_logs_days = X
Where X is the number of days you’d like to keep them around. I would recommend 10, but this depends on how busy your MySQL server is and how fast these log files grow. Just make sure it is longer than the slowest slave takes to replicate the data from your master.
Just a side note: You know that you should do this anyway, but make sure you back up your mysql database. The binary log can be used to recover the database in certain situations; so having a backup ensures that if your database server does crash, you will be able to recover the data.
I’d like to update systemBash more often, but I don’t have the material (or time) to do multiple updates per day. If you would like to write for us - any amount is good but I would like to see at least one post per week - please drop me a line! Posts are focused on System Administration and other technology items.
Get your name out there as a highly knowledgeable system administrator and have fun while you do it.
If you are a Google user - meaning Gmail, Google Docs, Google Calendar, Google Reader, etc - then you should know that by default, once you log in your sessions are typically not encrypted between your browser and the Google servers.
For some more technical information on this, check out dmiessler’s post on the subject.
He mentions using bookmarks to make force your browser to use Google’s secure connections - however I’ve noticed that occasionally depending on how you arrive to your Google services that you will switch to an unencrypted session without warning.
For that reason, If you are using Firefox and greasemonkey, I highly recommend installing the “Google Secure Pro” userscript. It automatically switches you from using http:// to https:// to ensure your data is encrypted to Google’s servers. This will increase your security greatly from using the unencrypted connections, which is good if you transfer confidential data over e-mail - like most normal people do!
New theme with hopefully a better design!
<?php
echo "testing!";
?>
Drop me a line to let me know what you think!
The situation is: you have an web application or URL that you would like to force your users (or yourself) to use the secure https protocol rather than the unencrypted http protocol. This is easy to do with Apache and .htaccess.
Create or add to the .htaccess file in the root of the web directory you would like to force redirect for. Add the following lines:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
This says that if https is off, reload the page at the same location using HTTPS instead.
I’ve been using the VPN Software Hamachi for several years now and thought I would share my experiences with it.
Previous to being purchased by LogMeIn, Hamachi was a smaller company which designed this great software. It is now offered in 2 versions, the free “Basic” version and the paid “Premium” version. The premium version is currently around 3.25-4.95 a month, depending on how many licenses you need and how much you pre-pay.
The free version gives you basic VPN connectivity and allows you to control smaller networks which is great for your own personal secured network. There are some pretty cool features in the “Premium” version - to see all of them click here.
The idea is that you install Hamachi on each of your PCs which you would like to connect to your VPN. In my case, I have my Home PC, my home File Server, my Work PC and my laptop all connected. The great thing about Hamachi is you are not just limited to Windows machine - my file server is Linux and works great with Hamachi. It officially supports Windows, Linux, and OSX - so you could install it onto your Mac as well.
Once hamachi is installed, follow the directions on how to set up each client. With the first client you set up, you will want to create a new Network that will include all of your personal PCs that you wish to connect. From there, each client you add you will need to add to this network so the can all talk with each other.
After all computers are connected to the network - you have your VPN up and running. It works just like with any VPN - those IP addresses can be accessed just like the PC is on your local area network.
So, what does this mean? You can map a network drive to be a local drive, which is actually being served off of your VPN. You can connect to VNC using this IP address - which is a secure way to do this so all of your traffic is encrypted over the internet. You don’t have to worry (as much) about sending information over the internet in plain text. I even have my media server connected so that I have my entire music library available through the program of my choice (MediaMonkey).
So if you haven’t tried it already, give Hamachi a try!
