Bluetrait

For some reason I decided to download Opera 8 beta today. I'm liking it. It has some nice styling, although maybe a bit out there. It seems to render most stuff very well, and maybe even better than Firefox.

The only problem I've had so far is that my admin panel which uses fckeditor doesn't work. I think I might need to search for a new wysiwyg editor, because it doesn't work in safari either (my browser of choice on the mac). Anyone know of a good one?

Anyway back on topic; Opera is cool. Go download and try it.

I received an email earlier today from a reader who has a better way to manage and run backups. Here is a slightly edited version of the email.

I tackled the same problem at my own company and I think my solutions a little nicer than yours so I thought I'd share it with you :)

Ok so this is how I do backup for the local server at my company:

General Steps:

1. Take a snapshot of everything I want to backup (every night)
2. Archive and compress that snapshot (once a week)
3. Upload that snapshot to a remote location (once a week)
4. Leave the compressed archive lying around in a samba share so I can  burn it to DVD from my desktop machine whenever I get around to it.

The process is very similar to yours, the main difference between our implementations is that I use rsync to speed everything up and my scripts log their actions. I also wrote a couple of tests scripts to automate testing and prove everything works. The whole thing is a little hacky and I'd like to make the format of the log files look nicer but it does work :) It's also a really really fast way to do backups. The technical details are:

1. Use rsync to copy your data from it's current folder to the snapshot folder. This is really fast as rsync only copies the differences not the entire tree. Logs on my server shows it usually takes about 3 mins. I call this script 'snapshot.sh'
2. Use tar to create an archive.
3. Gzip the archive with a version of gzip that has the '--rsyncable' patch applied[1]. I call the script that does 2 and 3 'archive.sh'
4. Upload the compressed archive to the remote server using rsync. I call this script 'upload_archive.sh' (I'm really creative)

I wrap these scripts in two scripts called 'everyday.sh' and 'weekly.sh' depending on what needs to happen on each of those days. There also a little timer script that writes the time each command takes.

For connecting to the remote server I use ssh with keys so I don't need to worry about storing passwords in any of the scripts.

The really cool part of this whole thing is in step 4 where rsync will only copy the different bits in the compressed archive. I don't know exactly how this brilliant piece of magic works[2] but it's save me and my clients quite a bit of time and money.

[1] The patch is already in redhat's gzip so hopefully it's in the default freebsd one. Nothing in the man page about it yet though.
[2] I first read about it here where the guy provides some explanation of what its doing: http://lists.ubuntu.com/archives/ubuntu-devel/2005-January/003327.html

--

Myles Byrne
Web Architect

I have setup an IPv6 tunnel through AARNET

E:\>tracert vee-six.telstra.net

Tracing route to vee-six.telstra.net [2001:360::3] over a maximum of 30 hops:

1 22 ms 19 ms 18 ms 2001:388:f000::246
2 39 ms 53 ms 40 ms gigether0-2-0.bb1.a.syd.aarnet.net.au [2001:388:1:5001:204:e0ff:fe00:1022]
3 19 ms 17 ms 19 ms gigabitethernet2.7304.syd.aarnet.net.au [2001:388:1:5006:20f:23ff:fea3:ef02]
4 26 ms 26 ms 39 ms 2001:388:200:4::2
5 26 ms 24 ms 26 ms vee-six.telstra.net [2001:360::3]

Trace complete.

I'll have a play around with it some more later. :)

Earlier this morning I made the jump to m0n0wall from Smoothwall. Both these programs are small operating systems that provide services such as NAT/Firewalls etc.

There were a few reasons I decided to move. I’ve been talking about it for a while and finally got the time to do it over this long weekend.

Smoothwall had done pretty well. It was hacked at a bit to provide better uptime but it was really starting to get dodgy.

Smoothwall has a built in intrusion detection system called Snort. It could be useful. It logs all possible intrusions, more than a basic firewall that just blocks stuff. But it had gotten to the point where it was filling up the hard drive EACH DAY with log files. So the system would start having issues as there was no drive space to do anything. The basic routing was fine because that was loaded into Ram, but everything else stopped. Smoothwall just decided to turn services off when it got to this point. Great.

There was no way to clean out logs via the webadmin and I was getting sick of SSH’ing into it all the time.

So time to give m0n0wall a run. The install process was very easy. Copy the .img file to the Smoothwall box via FTP over SSH. And run the following command:

There went Smoothwall. The funny thing was the box was still routing. It wasn’t until I rebooted and m0n0wall started did I loose internet connectivity.

I was greeted with a few options. So I configure the LAN interface. After that was setup I had access to the webadmin. Which is very nice. So from then on everything was done via a web interface.

I setup PPPoE and save the setting. Mmmm did that work? Tried whirlpool and it was going! Cool. The basic box was up in 5 minutes. This includes killing the old OS.

I then decided to setup incoming connections. I went to the firewall rules and setup a few. It didn’t work. The problem was that m0n0wall has two areas to handle connections. The firewall and the NAT section. Both can have different settings, which is cool I just didn’t realize that I needed to setup both. Anyway I did that and incoming connections were allowed through.

All I can say is that I am very happy with m0n0wall. There are so many options. The thing is very flexible.
It isn’t as easy to use as Smoothwall but it feels more like a real router.

The following is from the m0n0wall site:

m0n0wall is probably the first UNIX system that has its boot-time configuration done with PHP, rather than the usual shell scripts, and that has the entire system configuration stored in XML format.

Very cool. Here are a few more screen shots:

On another note, I am slowing syncing the web servers time so that it isn't 10 minutes wrong. Since I have the security level so high I can only change the time 1 second at a time. And I don't feel like rebooting it. ;) Give it a few more hours and it should be right.

So right now the time is 8:20am and not 9:20am EST aka GMT10+. It is also Easter Sunday. And my servers clock is about 8-10minutes fast. 

UTF-8 is an encoding method that allows you to mix languages and scripts within a single document without needing to switch between different character sets.
Everything is moving away from the old standard ISO-8859-1 to UTF-8.

UTF-8 is great because it allows you to use a wider range of characters. For example Greek:

Τη γλώσσα μου έδωσαν ελληνική
το σπίτι φτωχικό στις αμμουδιές του Ομήρου.
Μονάχη έγνοια η γλώσσα μου στις αμμουδιές του Ομήρου.
από το Άξιον Εστί
του Οδυσσέα Ελύτη

But sometimes there can be problems in the transition from ISO-8859-1 to UTF-8.

There are a whole range of examples:

• Inputting UTF-8 data into a Mysql 4.0 database while the html form is set to use ISO-8859-1.
• Reading UTF-8 data out of a database onto a ISO-8859-1 html page.
• Sending an email where the inputted data is using UTF-8 but is transmitted as ISO-8859-1.

The list could go on.

If you're planning on using UTF-8 (which you should) there is a simple way to set your website to this character set.
Using php:
<?php header('Content-Type: text/html; charset=UTF-8'); ?>

Now I could go into the Content-Type and using application/xhtml+xml if you're using XHTML 1.1 or higher. But I won't because IE is crap and doesn't support it.
I might talk about it later, because it isn't really related to the character set.

One thing to note. Mysql 4.0 doesn't *really* support UTF-8. So that Greek mightn't work. That is one of the reasons I am looking to moving to Mysql 4.1 (and also for sub-query support).

I’ve got a Generation 4 20gb iPod that I’ve had since late last year. It is a pretty cool device and is built well. But I always had the problem of it crashing on me once or twice a week. Worse than my Windows box!

Now I also used to charge it via Firewire on either the PC or the Mac laptop. But anyway a few months ago I decided to setup my dock for it properly. I didn’t want to have to turn the computer on to listen to music. So I decided to play everything through my iPod.

The dock is connect via the lineout to my amplifier and also connected to the 240v AC to Firewire power converter.

Since I’ve been charging my iPod through the mains power it hasn’t crashed since. It’s the same Firewire cable as I used to charge with on the computer. I also charged the thing on two different computers.

So for some very odd reason, the iPod crashes every now and then if you don’t charge it at least once a week through mains power.

So now my iPod is as stable as my Mac. Cool.

I've just been looking at my inbox and it is the biggest mess. I have about 24,000 emails dating back to early 2002 sorted into about 20-30 folders, but it’s just a nightmare! I don't properly sort my email. Most of it goes straight into my inbox and doesn't leave.

I have a few folders for certain people depending on how much email I get from them; I have a few for mailing lists and some folders for daily server reports. But it still isn't good enough. It not the easiest place to find things.

The only program that has a half decent search function (like I can search the body of emails) is Mail.app on the Mac. But I don't use that program because of the lack of Exchange support. So finding stuff isn't always easy.

I don't know, anyone have some ideas? How do you sort your emails?

After a long time in development we are finally happy with the finished product.

Our corporate website is now online!

 
base10solutions.com.au

As most of you know I changed over to FreeBSD for my web server a few days ago. Before that I was running Windows 2003. To backup my data I was simply using the built in "NT backup" in Windows with a scheduled task to run once a day. This backup would copy all the important data and replace yesterday’s backup (done nightly). Then once a month I would copy that backup to CD.

Now that worked well for about a year but there were two main problems
read more

Don't do this at home folks

chown -R root:wheel /

That was on my webserver with different users having access to their own home directory.

What did that command do? I over wrote the ownership of ALL files and made it owned by root. Which means things like sendmail don't work because it cannot access the sendmail file. Or users who cannot access their own files! Far out.

But I fixed it. I'm not too sure if there is an undo option (feel free to let me know) but I did the following.

Booted up my other freebsd box:

cd /

ls -la * | grep -v *root* > owners.txt

This outputted a file that listed all files that were not owned by root (there wasn't that many so I was safe), I then changed the permissions back on my server to match this.

I then needed to reset all the user home directories, but that wasn't too hard.

Far out! Don't do that EVER!

*logs out of root*

A "new" server has been built to take care of the security issue that we had. The reason I say "new" is that the server is older than the current one, but it will only be handling certain functions (shared web, sql, ftp, mail and ssh). The current server will continue to run primary mail, dns, active directory and backup web.

The new server is running FreeBSD4.10 which should cope with multiple users and virtual hosts much better. The main reason being full permissions for every file on the server.

The specs:

Dual Pentium 3 650MHz

768mb PC100 SDRAM

80gb HDD

I am planning on moving all web sites (everyone who has emailed me a new username) tonight. This means all hosted websites will be offline for a few hours. Primary mail will stay on the old server so there should be no mail downtime.

All accounts on this new server have SSH access. This gives users access to a unix command line. For those who have not used a unix system before understanding permissions etc may be hard. I will try and get some basic documentation up online to help everyone. If you have any questions email me and I'll add them to the FAQ.

More to come later. Just remember all websites will be offline tonight.

Updated Spring timetable can be found here

I am able to change that 4 hour networking session to Wednesday, but I'm unsure if I want to...

Okay I thought I should update everyone on the security problem that happened yesterday.

BACKGROUND: My main Windows shared hosted server was hacked into yesterday and a user gained full admin access over the system. All ftp accounts were shutdown because of this.

UPDATE: A cgi file was uploaded to the server via access to an ftp account. This file contained a script that created a user account on the computer with full admin access. The reason that this script was able to create this account was that apache was running as "SYSTEM" which as full admin rights over the computer.

The user who gained access was then able to login to the computer via Remote Desktop.

Thankfully the hacker had no "real" ill intent, logged off and let me know of the problem.

Although as a precaution all ftp accounts were locked and the system was checked for other possible files that could cause damage.

Apache is no logger running as "SYSTEM" but all ftp accounts are still locked. If you require access to your files via ftp you must email me for your account to be unlocked.

Because of this security issue I have decided to rethink the way this shared hosting works. An update on this will be available within the next two weeks.

I am sorry for the slower than normal update but I have been very with uni + work and only got a chance to look at the server today.

NOTE: No files have been damaged and the system is once again secure.

There has been a fair bit of noise about Google Desktop Search (GDS). Now I didn't really use search all that much, but my files are in a complete mess all over my hard drives. Anyway GDS came out of beta a few days ago and I decided I should try it.

I've *just* installed it and I am already very impressed!

You download a tiny ~750k file that you install onto your windows system. Once installed you get a small tray icon that gives you the status about the indexing of your files. So anyway I thought you'd search by some standard little windows app. But no! You're given the Google interface to search your hard drive! Holy crap!

Anyway the thing searches lots of stuff and you can get plugins for things it doesn't search. Here are some screen shots.

Have windows? Get this. I want a mac version now!!

Steve is bored of the content on this site and wanted sometime more interesting (for him anyway) so....My friend did an advanced driving course sometime last year. I have pictures that I may as well upload. So here they are.

There are also a few small videos:

here
here
here
and here

They're in standard AVI format as they came off a digital camera.

iinet today released a new list of exchanges that will be upgraded to their DSLAM technology, currently allowing for up to 8mbit down and 1mbit up. These DSLAM also support ADSL2+ which can provide about 24mbit/s for customers close to the exchange.

The updated list can be found here

Lucky me, Balmain is on the list to be upgraded in Quarter2 2005 :)

Chmod is the *nix way of handling file permissions. Often you will be asked to make sure to chmod a file with permissions such as 755. What does this mean?

Have a look at this table:

There are three groups. Owner, Group and Others.
Owner is often you, the person who created the file or folder. Group is the users who share the same group as you. Others is everyone else.
Now with file permissions we have 3 options. R (for Read), W (for Write) and X (for eXecute).
Under these options in the table you will see a number. 4 for read, 2 for write and 1 for execute.

Just say we wanted to give permissions to everyone to read, write and execute a file the chmod number would be:
777 ((4 + 2 + 1)(4 + 2 + 1)(4 + 2 + 1))

If we just want the owner to have these permissions it would be:
700 ((4 + 2 + 1)(0 + 0 + 0)(0 + 0 + 0))

For read and write for the owner and read only for everyone else it would be:
644 ((4 + 2 + 0)(4 + 0 + 0)(4 + 0 + 0))

And so on.

To chmod a single file we use the command:
chmod 777 filename

To chmod a folder we use the command:
chmod 777 foldername/

To chmod a folder and all files and folders inside we use:
chmod -R 777 foldername/

To list the files and permissions of a certain folder use:
ls -l

Anyway I hope this maybe useful for someone. Maybe if you have shell access on a *nix machine or something.

Argh spam is annoying. For most of the sites I visit I subscribe to their RSS feeds, but the spam in the comments RSS feeds is too much. From now on, the second I get spam in a comments RSS I am deleting that feed. I'm so over spam.

Although that is great thing about RSS, getting spam from a site? Just remove that feed. And for main posts (not comments) there is no chance of spam. RSS can be cool, just don't let your site output spammy feeds...

Well it is that time of month again, stats time! My awstats page is no longer public in an attempt to stop/slow the spam filling up my apache log files, bit of a shame really.

Anyway time for the stats (Feb 2005), not including bots etc. This site came online on the 2nd of feb if I remember correctly...

Unique visitors: 705
Number of visits: 2159
Pages: 17939
Hits: 25422
Bandwidth: 228.86 MB

I think overall that is pretty good!

Last month the router upload between 2 and 2.5GB of data, not a busy month.

Anyway, I've been slowly working on my blog script. You can now view a basic change log here
Yesterday I fixed up my authentication system so I can finally log into my admin panel from anywhere.

It's my brothers 13^th birthday today, Happy Birthday! I went out and got him a blue mini ipod yesterday. He hasn't had a chance to use it yet, but I'm thinking he'll like it :)