|
|
HomeGraffitiAboutSitemapVisualDevWork
Email BrianGPG Key |
GRAFFITI -- June 30 thru July 06, 2003>> Link to the Current Week <<Last Week << Mon Tues Wed Thu Fri Sat Sun >> Next Week Welcome to Orb Graffiti, a place for me to write daily about life and computers. Contrary to popular belief, the two are not interchangeable. About eMail - I publish email sometimes. If you send me an email and you want privacy or anonymity, please say so clearly at the beginning of your message.. |
WebCam
|
MONDAY
Tues
Wed
Thu
Fri
Sat
Sun
June 30, 2003 - Updates at 0645 EST
Good morning. It's Monday again, isn't it? Well at least tomorrow is a direct jump to Wednesday-A, followed closely by Wednesday-B, then Friday - all leading up the the three-day Independence Day weekend. Ah, a major holiday. This is a good time to spend figuring out where everyone is going to be, then planning to be someplace else entirely, away from the smell of the crowd and the roar of the grease paint.
Wow, I just realized, another half year's gone, and I hardly even paid heed. Let's see, what was distinctive about the last 6 months? I shovelled more snow than I have in the rest of my life, cumulatively speaking. Sally had and has fairly well recovered from her stroke, as has Marcia from her second knee surgery. I've worked hard and stayed busy. That sums up the last half year, and I'm okay with that.
Yesterday, I had so many choices of things to work on, of course, I took the painful route... After our shopping runs, I went back out to Home Depot and picked up a few things. A new extension ladder was high on my list, as Fred (the maintenance man who couldn't) dropped by the other night and picked up his old ratty piece-of-scheiss ladder, having apparently forgotten where it was for the last 10 months. Did I mention that when he swung by to pick it up, you could have run a car on the fumes from his breath? No, I won't be visiting him in jail when he runs down some kid.
Ah, I fell off track, didn't I? Along with the ladder, I got a few bags of hardwood mulch, a bug light, and a couple more quick clamps for my carpentry work. Then, in the 95 degree heat of the day, I started the chores just after lunch. It's been dry enough for the last few days that I could finally clean out the gutters low and high (thus the ladder, neh?). Then I raked out and put down new mulch on the two front beds, around the decorative cherry trees flanking the driveway, along the side of the house, and in back. In between, I made hanging brackets for the new ladder to get it up out of the way in the garage.
The back yard vegetables are a mixed bag. As you can see, the tomatoes are going like gangbusters. But the assorted squash is still pretty pathetic. They're producing male flowers like crazy, but no big leaf production, nor fruiting flowers. It's early days, though. The cilantro has already gone to seed, so I'll be yanking that and replanting one of these days. Meantime, Sally spent most of the weekend doing what she does best - charting inner space through the tool of frequent and deep naps. It's really too bad that I'm not a napping person by nature. She does look so content, most of the time. But when I have the choice of something painful, hot and sweaty or a nice comfy nap, I always seem to choose the former. There's only this one life (that I know of), and it seems such a waste to spend it sleeping more than necessary. But that's me, neh?
Then, in the evening, after a pasta and garlic bread supper, I remembered that I had to write bills this evening, so there went something else I might have worked on. One thing I'd really like is to be able to sync my Zaurus and Evolution. There are a couple of possibilities out there, but I just haven't had the time to explore them... Maybe this week. Just remember, we passed the halfway point in the Christmas shopping season last week, so you've already blown half of your opportunity.
We've made this early start on the day since it's end of quarter, and Marcia's got a long, long, busy day ahead of her. So I dragged out early too, and I'll head into the office shortly and get a start on the day. That as soon as I get the trash out, if I can remember by the time I get downstairs... Have a lovely day, see you around.
Mon
TUESDAY
Wed
Thu
Fri
Sat
Sun
July 01, 2003 - Updates at 0730
Good morning. I was awakened last night at nearly one a.m. by the crash of thunder, exacerbated by the nearly 90 degree temperatures on the upper floor of the house. When we went to bed, it was perhaps 80 upstairs, and still warmer outside than in. But the AC doesn't do much of a job at keeping the top of the house cool, to be honest. It's way better than nothing, but not nearly good enough. But it's not ours, either. So there you go. Anyway, I staggered about, opening upper story windows and putting up the box fans to pump some cooler air into the house. Within 15 minutes we were down under 80 degrees and falling, and I was fast asleep again.
Yesterday, after a bit more mailserver work, I went up to the Rockville client to help work on testing the fiber lines to a new facility. After some initial difficulties, we finally got a "carrier" connection - that is, we had green lights on all of the connecting equipment. However, we didn't get an ethernet connection yet. I must admit, they had things set up to loop back at the new facility, so that we were trying to make a connection at double the distance to the facility, with the added attenuation of extra connectors at the far end. It should have worked though. Today, without me, they'll setup and try the one-way test.
Meantime, on my plate, I've got some documentation and a mailman installation to do. Then I'll be off to a client site in Wheaton to check out a reception desk system that isn't connecting to the server as it should, apparently. Then I'll be working with the owner of that business to help clean up some accumulated duplicate data on the server shares. It should be a busy day.
For those of you interested in the ongoing SCO saga, here's a couple of informative and useful links. First, as a proposed replacement for any links on a site that point to Caldera or SCO as a purveyor of Linux, there's the TwikIWeThey site: SCO vs. IBM. Another useful link is the OSI Position Paper on the SCO-vs.-IBM Complaint Originally drawn as a draft Amicus brief, this paper by Eric Raymond and Rob Landley has been endorsed by the OSI Board of Directors.
Now I should prepare myself for departure. Have a great day!
Mon
Tues
WEDNESDAY
Thu
Fri
Sat
Sun
July 02, 2003 - Updates at
No post, no time. Sorry.
Mon Tues Wed
THURSDAY Fri Sat Sun
July 03, 2003 - Updates at 0658, 1515 and 2012
Post a little later, sorry for the delay. It's busy day's leading up to the Fourth, for a variety of reasons. See you later this morning.
1515 - Thanks for your patience. It's been a long day and it's not over yet. Some network design issues remain to be thrashed out up here, but mostly things are fine. On a different front, I'm having a hard look at a program called Sendpage (http://sendpage.org/). Of course, the machine that I wanted to install it on had the serial ports disabled in the BIOS. That made setting things up a bit exciting until I thought of that possibility. Anyway, hope your false Friday is going well... more from home later, perhaps. See ya!
2017 - And later still, I keep turning up. We made a little more progress before the day wound down. And glory of glories, today's drive home wasn't the 2+ hour nightmare that yesterday's commute was. Why is it that when I'm going to be trapped in traffic for some long period of time, with rain pouring down in buckets, and a sea of hardly moving cars in front of me, I spend almost the entire trip with my bladder complaining. Hell, I don't know - When we drove cross-country, I was doing 600+ mile days with one pit stop. It must be all the water metaphors that creep in to a bad traffic day during nasty weather that does the trick. Gotta go, gotta go, gotta go right now... I feel for the people in those commercials, at times like that.
So post-commute, last night was shot, which left me little to say this morning. I've also been working on a mail server howto. I may have mentioned that before. I'm going to work on it more tonight, since Marcia's over at the Viking store. I've made tomorrow's special edition Firecracker Salsa, and I'm ready for some sit down and muck about with computers time. I'll get to that, then. See you tomorrow.
Mon
Tues
Wed
Thu
FRIDAY
Sat
Sun
July 04, 2003 - Updates at 0923
I am proud to be an American, and glad to celebrate this day with my friends and neighbors, here and in real life. I don't agree with all of the policies, actions and laws that emit from our assorted levels of government, but the great good thing is the ability to disagree, and work for change without fear of prosecution. Nope, we're not perfect, and I'm far from that, but change is a constant. We can always vote the bastards out (though we rarely do).
Good morning. I've been busy, enough so that it's just now time for my first cup of coffee, so if you'll excuse me ... There, that's better. I just read my morning mail including the weekly A-Clue newsletter. I've composed an email to Dana Blankenhorn on a couple of topics:
Hi, Dana -
I followed that link about Microsoft being clued-in, Dana. Interesting, but I've been using a Linux-based PDA that does 802.11b for the last year. I plug in the CF Media 802.11b card (in my case a D-Link Air card), configure the system once to match the security settings of my WAP and it just works. Had I been running a wide-open access point, then it would have connected first pass without my intervention. Mifcrosoft appears to be following someone else's clue, once again.
The PDA? It is a Sharp Zaurus. http://www.zaurus.com/
On the topic of no money to be made in WiFi networks (from something you posted recently, I'd like to point out to you a particularly enlightened company, Speakeasy networks. Last Fall, they announced their official policy about having wireless systems connected to their broadband connections - they encourage it. See this:
http://www.speakeasy.net/main.php?page=pr111902
But wait, it gets better. In a recent announcement from Michael Apgar, the CEO of Speakeasy, they announced their NetShare progaram. Here's the core of this program:
"Because of the large number of our members already utilizing wireless networks, we thought it would be useful to develop a way in which you can extend their broadband connection to their community while also providing their neighbors with other traditional ISP services such as email and dialup access. NetShare is our answer to community wireless networking, providing you with the unique opportunity to share your Speakeasy broadband service with your neighbors while reducing your own monthly service fees."
So here, the money is made by both the Speakeasy member (who does the selling in to his in-range neighbors) and by Speakeasy, with a 50/50 split. Very clueful, IMHO.
The full announcement is in their member's area, so you'll need to contact them directly if you want more details, but I think it's great. I'll note by way of disclaimer that I have only a dial-up and email account with Speakeasy at the moment, and I don't work for them. My broadband connection comes via the cable company. But I've been a Speakeasy customer in the past, and when the right circumstances arise in the future, I'll be their customer for broadband service again.
I send this in hopes you find it interesting and pertinent to your work.
Best regards,
.brian
In other news, I've been slogging away at the latest HOWTO effort. Here's a taste of it: Securing a minimal Debian Sarge (Testing) installation (with some services already in place):
* Tweaking Debian's configuration *
Once everything's installed, it should actually be running in some default Debian mode, from Postfix to Cyrus and beyond. That's not necessarily what we want, and there's some dregs from the installation that can be cleaned up, too. First I'll have a look at /etc/inetd.conf and see what's left running from there (yeah, Debian hasn't made the transition to xinetd by default yet, even in testing, but it is apt-gettable.)
I find uncommented in inetd.conf the following services: discard, daytime, time, ident, imap2, and pop3. Research at several sites indicates that discard, daytime and time can be let go. The latter two can be replaced by NTP, if desired. The ident service really doesn't need to be running unless this is a machine that hosts shell accounts (and thus might need to identify connecting users to remote systems). In our case, we can lose that, too. Now, imap2 and pop3 are going to be in play with our server, but I'll be running them as daemons for improved response times. We can protect the services as appropriate through IPTables firewalling (in a later article, neh?)
So I'm going to remove (by commenting) all of these items from inetd's active monitoring. Then I'll restart inetd.
Let's see what other services are running, that need not be:
Okay, we can lose the first two, this is neither a print server nor an RPC host of any sort.
That ensures that those service I don't want running won't start up on next boot. Then I can shut each off with a command like this:
OK, that covers almost all the bases except sunrpc (aka portmap). That's someplace else, let's hunt that one down, too.
Runlevels 0 and 6 are Halt and Restart, respectively. So I'll just worry about rcS.d, and get the portmap and NFS stuff out from there:
That does it. I'll do a quick test here, by rebooting to see that it comes back in the state that I expect. Yes, I don't have to shut down to stop services, I've done that already, but this is a test of post-reboot condition. I want to see what I expect. If not, then I've made a mistake. So I'll run a shutdown -r now, and recheck for running services after boot. One moment, please...
Yep, that's much better. Now we can start configuring the services we're actually going to use.
Okay, I'm ready for a spot of breakfast and my morning vitamins. Have a nice long weekend if that's what you get. If not, then rejoice just because it's Friday. Take care!
Mon
Tues
Wed
Thu
Fri
SATURDAY
Sun
July 05, 2003 - Updates at 1000
Good morning. Marcia and I, sans Sally, went off to Lee and Jim's for a small Independence Day gathering yesterday, and a good time was had by all. It was also a small celebration for us, in part, of last year's first trip out here to house hunt before our move. We came home early and stayed in, only hearing the whistles and crumps of the distant fireworks. Late in the evening, a few local fireworks were set off - currently illegal in this county, but I don't mind so much. It's not nearly as bad as the AK47 and MAC-10 fire that would accompany any such event in East San Jose (where I lived for a number of years).
Roland Dobbins wrote in to remind me of something. Regarding yesterday's excerpt, about locking down a Debian install, Roland says that the time-honored method is not to delete any symlinks to initscripts, but instead to rename them from their "normal" SnnXXXX format (for starting a service) to a KnnXXXX - that is, just replace the 'S' with a 'K'. That is common, too, I must agree, although I make no bones about the actual goal: Lock down the box. I also noted in my reply to Roland that Red Hat's checkcfg utility does also remove the symlink, rather than rename it. Evidently some of us don't honor time quite enough. But it's good info! Thanks, Roland.
The warning about the 6Jul03 Defacement Contest has been everywhere, even making the local radio news here, and other mainstream media attention's been garnered, too. A final note of caution - If you maintain your boxes as you should, keeping up with vulnerabilities and patching them appropriately, only running services needed, and locking things down properly, then you really shouldn't have much in the way of problems. Another good way to defeat many attacks beyond simple edge security, is to not have any compiler on your system. Many root kits come in as an uploaded file that needs to be compiled and run. Without the compiler, the exploit dies on the vine.
I'm making a slow start this day. There are some mental motivational issues - I was just laying about, not feeling like doing much of anything. I don't particularly care for that state of being, so I've flung myself into action - first this post, then I'll get ready for our weekend shopping expedition. Later today I'll continue work on that mail server howto document (I finished up the MySQL configuration section last night). Perhaps I'll squeeze in some yardwork, too. See you around...
Mon Tues Wed Thu Fri Sat
SUNDAY
July 06, 2003 - Updates at 1004
Good morning. There's no new guest head today because I've been visiting with Richard Feynman again this week, and he's already been featured. What drew me back to Feynman is a comment about the .tv domain on Bob Thompson's site (you'll have to scroll a ways down to the 11:41 post of that morning). I couldn't remember whether Tuvalu was Feynman's last great intended journey or not, and who really got the .tv TLD. The answer to these questions is that Feynman was trying to get to Tanu Tuva - a "country" buried on the steppes abutting Mongolia, recognized by virtually no one at the time (prior to the fall of the USSR). It came to Feynman's attention because he had a stamp from there in his collection, and gathered more of his interest because the capitol has the consonant rich spelling of Kyzyl. Of course, it's hard to get to, too, and in a race between that trip and the terminal cancer, cancer won. If I recall correctly (I haven't read the book Tuva or Bust! in a long time), the visa granting passage by the USSR came through just a couple of weeks after Feynman died.
Anyway, at least one reference states that Tuva was the recipient of the .tv domain, when in fact it is the entirely distinct and distant Tuvalu, an island nation in the South Pacific with a lucrative country designation for their TLD. Just as an aside, a .tv costs $50/year. The most expensive one I can find in a brief search is the .fm TLD, which wants to charge me $185 for a year's worth of orbdesigns.fm. They charge up to $2000 for some domains, right off their registry home page (try buying sexual.fm).
Beyond that, I did some reading, we got the shopping done, and very little else yesterday. I continued to be motivationally challenged, and I'm not sure yet how today is going to shape up, either. There's plenty to work on, that's for sure. So I think I'll go have some coffee and see what sort of trouble I can stir up. Take care.
Last Week<< Mon Tues Wed Thu Fri Sat Sun >> Next Week
Visit the rest of the DAYNOTES GANG, a collection of bright minds and sharp wits. Really, I don't know why they tolerate me <grin>. My personal inspiration for these pages is Dr. Jerry Pournelle. I am also indebted to Bob Thompson and Tom Syroid for their patience, guidance and feedback. Of course, I am sustained by and beholden to my lovely wife, Marcia. You can find her online too, at http://www.dutchgirl.net/. Thanks for dropping by.
All Content Copyright © 1999-2003 Brian P. Bilbrey.
