Releases | drupal.org - Download page for Drupal modules
sysadmin - 26.3.2004 - 19.5.2004
Exchange loses emails
Mail loss is not a standard feature of mail servers? You'd think someone would have to explain that to Microsoft – they won't figure it out on their own ...
At heise online news you can find the original article.
Open Source release of Frontier?
Interesting for people still working with Frontier: the kernel is likely to become open source. As a result, this could mean that some of the uglier problems (e.g. the terribly poor performance under OS X) could be solved. After all, Frontier is still pretty cool in many corners even today (the OO database with outliner basis, for example, is something that doesn't exist in this form elsewhere - even if some people grumble that you don't actually need this particular combination).
At Second p0st you'll find the original article.
Freedom 0 [dive into mark]
I don't often agree with Mark Pilgrim, but here - it's about free software in the broader sense and Moveable Type's price changes in the narrower sense - he hits the nail on the head.
Longhorn goes to pieces | CNET News.com
Advanced search features that Gates has termed the "Holy Grail" of Longhorn, the next major version of Windows, won't be fully in place until 2009, Bob Muglia, the senior vice president in charge of Windows server development, told CNET News.com. - I find that frankly embarrassing what Microsoft is currently doing. Who cares about an operating system whose interesting features are supposed to come sometime in 2009 or so? In IT, that's an eternity. The whole thing Microsoft is pulling off really reminds me strongly of Apple before they bought NeXT.
Beware Mac OS X Trojan AppleScript applet
Cool. An AppleScript applet that has an icon that looks like a Microsoft installer. Absolutely horrifyingly terrible trojan. That's so trojan-like. I get genuinely scary anxiety thinking that I might accidentally deliberately download that thing, and despite having no Microsoft applications, feel immediately compelled by the icon to double-click it, only to be completely taken aback when my home directory gets deleted. People, if I hit myself on the head with a hammer, it hurts. That's pretty stupid of me, but the hammer still isn't a trojan. Even if someone writes chocolate on it... And no, completely doesn't fit well here either. I just wanted to use it once... At welcome to macscripter.net | applescript and script resource you can find the original article.
Unsafe Browsing with Safari
The apple seems to be a bit rotten on the inside...
At heise online news you can find the original article.
News: »Debian GNU/Linux« is back
YES!! No, I don't need the manual anymore. But I can use it to shut people up who bug me with questions
OpenBSD Chef de Raadt criticizes patented TCP fix
Great. Cisco wants to get a technique into TCP/IP that is patented and licensed by Cisco. I hope the IETF doesn't accept this nonsense. As Theo de Raadt correctly noted, there are better solutions. And what Cisco has so proudly patented is so trivial that you have to wonder why on earth anyone granted a patent for it...
That's all we needed, patent madness and patent absurdities in the basic internet protocol
At heise online news there's the original article.
Firewalls and Complexity
Ouch. =F6 reports on a rather silly article in Computerwoche that dreams of magical web validation firewalls ...
At The Wonderful World of Isotopp you can find the original article.
More Bluetooth Phones Vulnerable to Hacker Attacks
Now I've got the S55 and what's this? It's also vulnerable to Bluetooth attacks. But at least only Denial-of-Service and not Bluesnarf. The latter would be rather annoying - after all, I use the phone and Bluetooth for remote administration of servers ...
At heise online news there's the original article.
Rsync Vault Manager - Backup system based on rsync
Sven J has messed up...
What bothers me about this, though: now they've caught the stupid guy who produced Sasser. Ok, he's getting what he deserves - rightly so. But who's finally going to do something about Microsoft and their criminal neglect of security? Who's going to hold the real culprit responsible - the one whose crappy software makes all these worm waves possible in the first place?
At Die wunderbare Welt von Isotopp you'll find the original article.
Suse Live CD open to network attacks
Suse seems to have interpreted the "open" in OpenSSH a bit differently
At heise online news you can find the original article.
A.L.Digital : The Bunker : Press - More info about the Bluetooth hack
«Longhorn» only for super-PCs
Well, then Microsoft will just have to hope that the 4-6 GHz processors they're envisioning come soon. Or they could finally start learning how to program decently. New OS X releases, meanwhile, got faster rather than slower from release to release.
At NETZEITUNG.DE Internet you can find the original article.
Security Corporation - Nokia 6310i
And now guess which phone I have ...
What becomes of formerly interesting websites
Previously the source for Security Exploits. Today you can find information about warts and how to have them removed ... Here's the original article.
I'm back
After an unintended break thanks to a disk crash on my Hetzner server, I'm back now. And looking back, I have to say that Hetzner's support went well. I only have standard support, so support is only available during the specified service hours. Both days (on Monday because of the system setup on a new disk and on Tuesday because of the server restart due to a hang) they responded immediately in the morning. When I pointed out further disk errors (or rather CRC errors), they also responded immediately and rebuilt the system - apparently their disks are usually in swap frames, which also explains how they were able to install a new disk for me so quickly.
Well, let's see how long it lasts this time. In any case, I was able to test my crash recovery and have to say it works surprisingly well. Okay, there were a few minor issues of course, but it's all manageable. Only http://muensterland.org/ suffered, as the server's database file had to be rolled back one day since the most recent file didn't work. Well, manageable problems...
Accessfs: permission filesystem for linux - virtual filesystem for managing capabilities and port bindings
rssh - restricted shell for scp/sftp - Another shell for ssh that only allows certain commands
scponly homepage - Shell for ssh use that allows only specific commands
Debian: Free, but Delayed
That's just how it is with Debian. Philosophy is important - sometimes just as important or even more important than the releases. I like it anyway - or precisely because of this? Because no other distribution really puts so much value on the ideas of Free Software - and is really consistent in what it does.
Sure, it's annoying sometimes when releases take years to come out. On the other hand, that's exactly what the Testing and Unstable distributions are for. Although as a user, I really only use Testing, or Stable on production servers.
Backports are relatively simple and allow you to update individual packages - but of course you're then responsible for the updates yourself. Sure, for pure users that's certainly not an option - they just want to install and not compile. On the other hand, you should always keep in mind that Linux is just a Unix - and being afraid of the compiler when using Unix is pretty out of place.
One thing is certain: I've played around with many distributions and also experimented more seriously. Except for Gentoo, none really impressed me, and Gentoo is too heavy for me for smaller machines and servers - I don't really want to fire up the compiler for every package when the machine's main load is for something else (server) or it's simply too small to convert some monster packages.
At heise online news there's the original article.
heise Security - News - Microsoft wanted to prevent publication of exploit against IIS
Well, Microsoft will probably never learn ...
This must be fake.
Really. That can't be real. Here's the original article.
UNIX History - Unix History Chart
Apple Xsan: an Overview
Yummy! Do I have a chance to motivate my employer to switch everything to XServes? Probably not. Too bad, actually.
At Industrial Technology & Witchcraft you can find the original article.
MS Explorer 'Patch': Either 14 Holes or No SSL
It's kind of funny how this software monstrosity is falling apart these days. Not really high-quality software, that sort of thing.
At Industrial Technology & Witchcraft you can find the original article.
DarwinPorts Home
I was actually a Fink fan until recently (if only because it's based on Debian utilities). But since Fink has been behaving very strangely for me lately (for example, the Fink mirrors weren't all reachable because their nameserver apparently was misconfigured or because their SVN port simply didn't work, or because support for 10.2 is a bit strange), I decided to try DarwinPorts. And I have to say, I really like the system.
However, what I don't like so much is the fact that not every program works out-of-the-box. mtr, for example, complains about raw packets that it can't generate because it's not suid-root. True - it wasn't. I don't simply install ports as root - I use a normal user for the build. That all works fine because the user has the necessary permissions. But an mtr that is suid-gb can't generate raw packets anymore, even when used by root...
However, the normal user will probably rarely stumble over this, and normal applications should work pretty much right away.
What really puzzled me, however, was my attempt to install Subversion. Okay, I can understand that Subversion needs a web server - after all, it's essential for the server (although personally I would prefer a separation into a Subversion server and a Subversion client). But that Apache2 should be fetched just so a local installation of it runs on the machine, just because you might need the Subversion client - I think that's rather awkward. Especially since there are Port variants for exactly that purpose - but Subversion only offers a mod_dav_svn and a Python variant. In the mod_dav_svn variant, Apache is a prerequisite - but I actually just wanted normal Subversion. Strange. Okay, well, I admit - if you know what APR is, it also becomes clear where Apache2 comes in. Here's the original article.
GROKLAW - Linux as Security Risk and the Answers to It
At groklaw there is a summary of reactions to the nonsense that was spouted by the head of Green Hills Software.
Linux 2.6 and mISDN HowTo - HowTo for ISDN over CAPI with Linux 2.6
Embedded Systems Developer: "Linux is a Security Risk"
Oh man, there's someone who, in a desperate attempt to hold onto his slipping furs, shot way over the mark and made a fool of himself.
At heise online news there's the original article.
Wiki Software at Webware
An interesting wiki software in Python that works with restructured Text instead of any wiki markup language. Very interesting because ReST is very powerful and also very pleasant for web-based editing - no markup, but mainly just formatted ASCII text. Unfortunately currently only available via Subversion.
Zope.org - Readme file for ZopeEditManager 0.9.3 - Integrate External Editor in Zope under OS X
Sun discontinues development of UltraSparc V
Ouch. Ok, it was foreseeable - the new chips were announced repeatedly, but never appeared. Still - that's quite a debacle. SUN simply doesn't have enough resources to abandon a chip line in the sand without it having an impact on the company ...
At heise online news you can find the original article.
Spyware manufacturer wants to go public
Audacious. Data protection violations without end, fraudulent software installation (because nowhere does this garbage warn that data is being spied on and forwarded), and the whole thing packaged in a form that's more reminiscent of viruses and worms than proper software (namely piggybacking on other programs). And something like this wants to go public.
At heise online news there's the original article.
Dnsmasq - a DNS forwarder for NAT firewalls. - DNS proxy for small systems - Alternative to PDNSD
Fastpath and faster upstream for T-DSL without setup fee
The faster upstream would be nice...
At heise online news there's the original article.
ICANN Defends Ban on VeriSign's Sitefinder
ICANN does something useful.
At heise online news you'll find the original article.
Idiotic Mail Server Configurations Again
Found in the log file:
554- (RTR:DU) The IP address you are using to connect to AOL is a dynamic 554- (residential) IP address. AOL will not accept future e-mail transactions 554- from this IP address until your ISP removes this IP address from its list 554- of dynamic (residential) IP addresses. For additional information, 554- please visit http://postmaster.info.aol.com. 554 Connecting IP: 62.226.72.29
No, I don't want to deliver any mail at all. I just want to check the validity of email addresses. But AOL is already preventing me from doing that in advance - instead of waiting until a DATA command comes, which would actually initiate a real mail. As a result, I can't use the callback because AOL won't let me verify and I end up rejecting all mail from AOL users. That's ridiculous.
With their very strange actions against spam, such providers only make it harder for other people to protect themselves against spam too. Because I get the rejection before the first command - so I can't even do a VRFY or anything like that. I can't even establish a connection to the AOL mail server.
To explain what I do: when mail comes in, I check whether the technical sender (i.e., where bounces go) is a valid mailbox. This way I reject all mail that can't be bounced. If I can't send an error report for it, I don't want the mail. To do this, my mail server attempts mail delivery. However, only the first two commands are sent - MAIL FROM and RCPT TO. No DATA and especially no mail.
This is a common procedure to ensure that only real mail arrives at a server. But since AOL now prevents every connection to the mail server, I can't use this approach anymore - I can no longer verify AOL addresses the same way I can with other addresses. Which, given the fact that AOL addresses in particular are faked for spam, is quite audacious of AOL.
Index of /~erich/bricolage - Debian packages for Bricolage
Solution for previous problem
So, I've now simply moved my email validation to an external server, which I query via XML-RPC. It then performs the email validation - and since it runs on a static IP, it's also accepted by AOL.
Anyone who wants to play around with this, the service is accessible via SOAP or XMLRPC. The address for XMLRPC: http://simon.bofh.ms:1111/RPC2 and then call the method mailcheck.validateEmail(adr) there. The address for SOAP: http://simon.bofh.ms:1111/SOAP/mailcheck and then call validateEmail(adr) there. Documentation of the method for this module can be found at http://simon.bofh.ms:1111/API/mailcheck. A WSDL for .NET people and others who need that sort of thing can be found at http://simon.bofh.ms:1111/WSDL/mailcheck. By the way, the web service was created using TooFPy. The corresponding tool is included in the source package - or can be viewed directly in CVS.
The Mason Book - Bricolage Guide
Debian GNU/Linux -- apt-build
Debian's Answer to Gentoo Linux
(and if you use Xine or Ogle for example, you should definitely consider it - with those, optimized compilation makes quite a bit of difference in performance)
Various bits of software
Those who enjoy programming with OCaml will find some very interesting and especially practical programs under the link above. I particularly like spamoracle, a very useful filter for statistical spam analysis. I'm now using it on my new server. The original article can be found here.
SCO vs. Linux: IBM Sees Copyright Infringements at Work
And the IBM lawyers are having more fun: now they're turning the tables and attacking SCO.
At heise online news you can find the original article.
Worm 'Witty': Security patch only for money
But commercial firewall solutions are so much better than open source solutions. And of course a personal firewall on a Windows machine is equivalent to a dedicated firewall host based on Linux...
At NETZEITUNG.DE Internet you can find the original article.
Bill Gates: In 10 years, many important IT problems will be solved
Because in 9 years Microsoft will close its doors, after still no alpha of Longhorn is available?
At heise online news you can find the original article.
I like Debian ...
One takes: the Netinstall XFS Image, a new server (Mini-ITX board with Via Eden chip, if you're interested) and simply enters xfs at the boot prompt. After that, you let the hardware be detected, partition the disk as one huge XFS partition and a spacious swap space, then just enter the basic network configuration and simply wait until the computer is finished. As if Debian were complicated to install. Ridiculous.