Monday, October 31, 2005

GNU find

CLI Magic: GNU find

"Don't you just hate it when you can't find a file you need, but you know it's on your computer? Wouldn't you like an easy way to track down files anywhere on your computer? If so, I have good news for you, a command available to you at the friendly Linux CLI called find."

Thursday, October 27, 2005

Advanced Linux LDAP authentication

Advanced Linux LDAP authentication

"In an earlier look at LDAP, we set up a simple LDAP-based authentication system. We configured client machines to retrieve authentication information from a server running OpenLDAP. Now let's go further by enabling encryption and looking at how to make user modifications through LDAP.

If client machines are to authenticate through LDAP, administrators must make sure user changes are reflected within the LDAP server. Most user management utilities on a client system expect to find information in files like /etc/passwd and /etc/group. If such information is only available through LDAP, utilities may complain about unknown users. To make changes in these cases, an administrator must modify the corresponding LDAP entries. While utilities such as phpLDAPadmin can help with this task, you must know what you're doing if you're to use them effectively."

Wednesday, October 26, 2005

Dnstop - Stay on Top of Your DNS Traffic


"dnstop is a libpcap application (ala tcpdump) that displays various tables of DNS traffic on your network. Currently dnstop displays tables of:

* Source IP addresses
* Destination IP addresses
* Query types
* Top level domains
* Second level domains
* Third level domains"

Tuesday, October 25, 2005

CORE FORCE - Community oriented security solution for personal computers

CORE FORCE - Community oriented security solution for personal computers

"CORE FORCE is the first community oriented security solution for personal computers. CORE FORCE is free and provides a comprehensive endpoint security solution for Windows 2000 and Windows XP systems.

The security framework provided by CORE FORCE is leveraged by a community of security experts that share their security configurations for a growing list of programs. These security profiles can be downloaded by any user of CORE FORCE from the community Web site and they're also completely open so that they can be peer-reviewed to minimize security hazards. The community approach to endpoint security also allows end-users who are not security experts to work in a secure environment.

CORE FORCE can be used to:

* Protect your computer from compromises by worms, virus and email-borne malware
* Prevent your computer from being used as a staging point to amplify attacks and compromise others
* Prevent exploitation of known bugs in the operating system and applications running on your computer
* Prevent exploitation of unknown bugs (0-day) in the operating system and applications running on your computer
* Detect and prevent execution of adware, spyware, trojan horses and other malware on you computer

CORE FORCE provides inbound and outbound stateful packet filtering for TCP/IP protocols, granular file system and registry access control and programs' integrity validation. These capabilities can be configured and enforced system-wide or on a per-application basis for specific programs such as email readers, Web browsers, media players, messaging software, etc."

Web Application Security Testing Using "twill"

Web Application Security Testing Using twill by Nitesh Dhanjani --

"I just came across twill, a Python based tool for web application testing. I see how twill can be very useful in performing security assessments against web applications. Here is a quick example on how to use twill to POST to Google."

Nessus fork emerges -- GNessUs

NewsForge | Nessus fork emerges

"With news settling in that the makers of the network vulnerability scanner Nessus will not open source the next version of the software, the team behind the soon-to-be-renamed GNessUs project is growing fast and attracting attention."

klik: True click-and-run software

klik: True click-and-run software

"Debian’s APT makes installing software a breeze: you just run apt-get update&&apt-get upgrade to download and install the latest versions of all your software, or apt-get install widget to install widget on your machine. Pretty easy and painless. But now there’s something available that’s even easier and more painless: klik."

I am a big fan of APT, YUM, and even YAST... but this seems to be the next step towards what those applications may need to become for Desktop users to be able to have their "Windows Update" for Linux.

Poor Man's RAID

HowtoForge - Poor Man's RAID & Clone Script Tutorial

This is a very simple tutorial on how to do a simple "clone" of your disk without having to use software or hardware RAID. While I don't believe that this is the best method in most situations, there are times when it is necessary. It is also a "simple" method for those afraid of having to deal with software or hardware RAID.

Will AJAX Kill Microsoft Office?

Will AJAX Kill Microsoft Office? by Preston Gralla --

AJAX, which can build Web sites that look and work like desktop apps, may kill Microsoft Office. Google Office, anyone?

Monday, October 24, 2005

An open Studio to Go

NewsForge | An open Studio to Go

"Open source software developer and musician Richard Bown wanted to make Rosegarden, a popular MIDI sequencer for Linux, available to all people, even if they weren't fortunate enough to be using an open source platform. That was the genesis of Studio to Go, a Knoppix-based CD that allows Windows users to access a wealth of open source music creation and notation software without installing Linux."

Sunday, October 23, 2005

MogileFS - Distributed Filesystem


MogileFS is our open source distributed filesystem. Its properties and features include:

* Application level -- no special kernel modules required.
* No single point of failure -- all three components of a MogileFS setup (storage nodes, trackers, and the tracker's database(s)) can be run on multiple machines, so there's no single point of failure. (you can run trackers on the same machines as storage nodes, too, so you don't need 4 machines...) A minimum of 2 machines is recommended.
* Automatic file replication -- files, based on their "class", are automatically replicated between enough different storage nodes as to satisfy the minimum replica count as requested by their class. For instance, for a photo hosting site you can make original JPEGs have a minimum replica count of 3, but thumbnails and scaled versions only have a replica count of 1 or 2. If you lose the only copy of a thumbnail, the application can just rebuild it. In this way, MogileFS (without RAID) can save money on disks that would otherwise be storing multiple copies of data unnecessarily.
* "Better than RAID" -- in a non-SAN RAID setup, the disks are redundant, but the host isn't. If you lose the entire machine, the files are inaccessible. MogileFS replicates the files between devices which are on different hosts, so files are always available.
* Transport Neutral -- MogileFS clients can communicate with MogileFS storage nodes (after talking to a tracker) via either NFS or HTTP, but we strongly recommend HTTP.
* Flat Namespace -- Files are identified by named keys in a flat, global namespace. You can create as many namespaces as you'd like, so multiple applications with potentially conflicting keys can run on the same MogileFS installation.
* Shared-Nothing -- MogileFS doesn't depend on a pricey SAN with shared disks. Every machine maintains its own local disks.
* No RAID required -- Local disks on MogileFS storage nodes can be in a RAID, or not. It's cheaper not to, as RAID doesn't buy you any safety that MogileFS doesn't already provide.
* Local filesystem agnostic -- Local disks on MogileFS storage nodes can be formatted with your filesystem of choice (ext3, ReiserFS, etc..). MogileFS does its own internal directory hashing so it doesn't hit filesystem limits such as "max files per directory" or "max directories per directory". Use what you're comfortable with.


Thursday, October 20, 2005

Mappr! - An interactive environment for photos


"Mappr is an interactive environment for exploring place, based on the photos people take. By adding geographical information to the wealth of photographs found on Flickr, it allows new ways of looking at spaces and images. Mappr adds place to pictures."

How to Develop Web Applications with Ajax, Pt. 1 - -

How to Develop Web Applications with Ajax, Pt. 1

"In the past, web applications were limited because a web page had to be reloaded (or another page loaded in its place) in order for new data to be obtained. Other methods were available (without loading another page), but the techniques weren’t well supported and had a tendency to be buggy. In recent months, a technique that had not been widely supported in the past has become available to a large number of web surfers, giving developers more freedom to develop cutting-edge web applications. These applications, which asynchronously retrieve XML data via JavaScript, are affectionately known as “Ajax applications” (Asynchronous Javascript and XML applications). In this article, I will explain how to retrieve a remote XML file via Ajax to update a web page, and as this series continues, I will discuss more ways that Ajax technology can be used to take your web applications to the next level."

Wednesday, October 19, 2005

Spurious Warnings Atop Outlook Messages

Spurious Warnings Atop Outlook Messages

"Microsoft Outlook uses a rectangular bar above the message header to display information and warnings about the message you're reading. It may report that you replied on such a date, that an attachment was suppressed, or that line breaks have been removed. Sometimes, though, you might see a very different message—perhaps something like "This message violates the USA PATRIOT Act" or "ERROR: Microsoft Outlook detected. Get a REAL email client!" As it turns out, anybody who can control the custom headers for outgoing e-mail messages can cause such a warning to appear. E-mail server administrators have this level of control, as do spammers, hackers...and you! Here's how."

This isn't very "nice" to do to people... but still funny that you can do it.


DNS HOWTO : Basic security options.

DNS HOWTO : Basic security options.

This is a little silly, I suppose. Hopefully most people have already added these to their BIND configurations. I thought I had made these configurations long-ago, to MY DNS servers. However, yesterday I saw someone hammering away at one of my the servers. Although it is simple to do, it is also very important!

Tuesday, October 18, 2005

Automated Backups With rdiff-backup

Automated Backups With rdiff-backup

"This tutorial describes how to do automated server backups with the tool rdiff-backup. rdiff-backup lets you make backups over a network using SSH so that the data transfer is encrypted. The use of SSH makes rdiff-backup very secure because noone can read the data that is being transferred. rdiff-backup makes incremental backups, thus saving bandwidth."

Monday, October 17, 2005

Online Invoicing & Web Based Billing Service Includes Employee Timesheets


"2ndSite is a web based invoicing service that can be personalized to meet your needs. You only pay when you know 2ndSite is right for you. Try your own free no expiry account and see for yourself how over 20,000 businesses have found a better way to work."

It seems like a cool idea for those that may not have an e-business, but want to make use of the internet in their work-flow.

Project Net Tools - FREE

IP Address Scanner, IP Calculator, IP Converter, Port Listener, Port Scanner, Ping, NetStat, Trace Route (2 ways), TCP/IP Configuration, Online - Offline Checker, Resolve Host &IP, Time Sync, Whois, NetSender, E-mail seeker, Net Pager, Active and Passive port scanner, Spoofer etc..

read more | digg story

Tiny Tiny RSS

Tiny Tiny RSS

"Server-side RSS feed aggregator written in PHP and heavily based on XmlHttpRequest and related technologies for user interface and operation."


Saturday, October 15, 2005

AnnoCPAN - Annotated CPAN documentation

AnnoCPAN - Annotated CPAN documentation

"AnnoCPAN is a web interface for the documentation of all the modules on CPAN, where users can add annotations on the margin of specific paragraphs throughout the POD."

Thursday, October 13, 2005

RoundCube Webmail Project

RoundCube Webmail Project

"RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation and message filters. RoundCube Webmail is written in PHP and requires the MySQL database. The user interface is fully skinnable using XHTML and CSS 2."

fileNice - free php file browser


"fileNice is a free php file browser, particularly useful if you have a 'dump' folder on your server where you regularly upload files and you want to be able to see what's there."

A nice little AJAX based file browser. It has built in file viewing abilities, and can send pictures to Flickr.

Wednesday, October 12, 2005

100 More Free Fonts

The site contains many fonts that mimic famous brand names. (i.e. Coca-Cola, Walt Disney, Harry Potter, etc). Click HERE to check it out.


Tuesday, October 11, 2005

DenyHosts - Fight the SSH Server Attacks


"What is DenyHosts?
DenyHosts is a script intended to be run by Linux system administrators to help thwart ssh server attacks.

If you've ever looked at your ssh log (/var/log/secure on Redhat, /var/log/auth.log on Mandrake, etc...) you may be alarmed to see how many hackers attempted to gain access to your server. Hopefully, none of them were successful (but then again, how would you know?). Wouldn't it be better to automatically prevent that attacker from continuing to gain entry into your system?"

I discovered this awhile ago, but recently had a co-worker ask me about such a solution. I couldn't remember the exact name, and decided I better post it to keep track of it!


"Welcome to elfURL, where we make giant URLs shorter. Some say our elves make the smallest URLs around. Our URLs are not 'tiny' but they certainly are small. Why use our elves? They provide free stats, rel-tags and tags – that’s why"

It seems like an interesting idea. In a lot of ways they are taking the idea of TinyURL one step further.

Capturing Files from Network Streams

Capturing Files from Network Streams by Nitesh Dhanjani -- Here is how to capture images and files from the network.

Monday, October 10, 2005

HTTP Time Protocol (HTP)

HTTP Time Protocol (HTP)

"The time synchronisation problem...
Why would anybody need another time protocol, when ntp is already great?
A simple answer is "you don't", unless you don't have access to a ntp server, because you are behind a firewall and/or proxy server.

In order for ntp to work, you need to have access to outgoing and incoming packets from UDP port 123. In most corporate environments this is not the case and you must consider yourself lucky if you have Internet access via an HTTP proxy server. As long as HTTP or HTTPS connectivity is available, you can use htp."

Medium Format Pinhole Lego Camera

Thoughts About Photography: Medium Format Pinhole Lego Camera

This is an interesing project. While I don't think it is necessarily a practical project, I do think it helps people see how a camera works... or in some-ways how simple they are as well. Obviously a typical camera has more moving parts and features, it the fundamentals are there.

Call in Sick or Go to Work?

Call in Sick or Go to Work?

"Ever go to work with flu? For hard-working readers like us, I don’t think your manager would be worrying about absenteeism. They would be more worry about “presenteeism” instead - being contagious and spread it around to your colleagues. An article over WebMD Health can give you a list of symptons to determine if you should call in sick, or you are able to go to work. From symptons like sniffling, to Sinus Pain and Tummy Problems."

Sunday, October 09, 2005

Is your open source project ready for the daylight savings time fix?

Is your open source project ready for the daylight savings time fix?

"There are many open source operations that need to know the time in order to work properly. As open source moves into the enterprise, this number increases. And these projects must have patches in place, or their time-dependent applications won't work properly."

Star Wars - Widescreen vs Pan-and-Scan

Examples from "Star Wars: The Special Edition"

"In the following examples, you will see a direct comparison between pan-and-scan and letterbox. Take note of how much video you are losing by not purchasing letterboxed videos. Keep in mind that the letterboxed version is the way the movie was ORIGINALLY meant to be seen!"

I've always told people that widescreen is the better choice when buying movies. This is an excellent way for people to see the difference.

Thursday, October 06, 2005

Wishful Thinking? Silent Home PC For TV, DVD, Recording And Internet Connectivity

Wishful Thinking? Silent Home PC For TV, DVD, Recording And Internet Connectivity

"Why can't you just go out and buy a true home theater PC (HTPC) for your living-room? You've heard the grandiose marketing pitches from vendors touting the era of HTPCs, but at the end of the day, can you really find a PC that is quiet, looks like a DVD player and lets you do everything you want with a remote control that you can use while laying on the couch?

Many have already made their dream computer a reality in a classic midi-tower box version, complete with TV tuner, hard-drive recording and DVD burner. Now all that remains to be done is to pack it all into a small slim line case and make sure that this PC won't produce any major fan noises or overheat. "

I am a fan (an proud user) of the MythTV Project, which is why I found this article interesting. Many people have asked me how much it cost to build my MythTV box, and typically reply "Why? Tivo is much cheaper!?" While Tivo may be a cheaper solution, it is not as feature-rich in my opinion. MythTV provides "unlimited" amounts of recording space, as well as many features Tivo will probably never have. If you haven't looked at the project before, I recommend taking the time.

The FreeBSD Project - WebSite Updated

The FreeBSD Project

"The FreeBSD Project is pleased to announce the launch of a new website
today. Please visit and let us know what you
think. The new design was created by Emily Boyd, a student at Smith
College that we had the pleasure of working with through Google's
Summer of Code program."

Most projects update and change their website format on a regular basis. However, I believe that the FreeBSD website has been the same as long as I've been using it, circa 1996! I like the fact that they have several RSS feeds available (which Firefox detects). I still feel that FreeBSD is an excellent platform to use for server environments. If you aren't familiar with it, check it out!

How to break into a computer that is right at your fingertips

How to break into a computer that is right at your fingertips

This article is sad but true. In reality once an attacker has physical access to a machine, it is likely they will be able to do whatever they want. Security is always a trade-off with usability. If you truly want to keep a system safe, you have to worry about its OS, applications, and location.

Nessus security tool closes its source

Nessus security tool closes its source

"The source code of one of the world's most popular free security tools will no longer be available to all, with its creator stating its open source licence was fuelling competition against his company."

It is always sad to see an OpenSource project become closed. While I understand the problem they are experiencing, it seems like that was probably a known variable when deciding to make it opensource.

Thankfully the version 2 code will continue to be open AND receive updates. Version 3 will be closed source but apparently still freely available.

Ten Must-Have Bookmarklets

Lifehacker - Geek to Live

"A bookmarklet is a snippet of Javascript that can be bookmarked (or saved as a favorite) inside your web browser. Bookmarklets can enhance web pages, add special functionality and make your browsing experience a lot more efficient by offering one-click access to useful tools.

In this special feature, I present ten useful bookmarklets that always have a place in my browser chrome. Maybe there’s room in yours, too."


Wednesday, October 05, 2005

Spam Stock Tracker - tracking how much money people can lose with penny stocks from spam.

Spam Stock Tracker - tracking how much money people can lose with penny stocks from spam.

Hardly of any importance, but I think its hilarious someone has put this together.

Typetester – Compare fonts for the screen

Typetester – Compare fonts for the screen

"The Typetester is an online application for comparison of the fonts for the screen. Its’ primary role is to make web designer’s life easier. As the new fonts are bundled into operating systems, the list of the common fonts will be updated.

Tuesday, October 04, 2005

DHTML Online Tools

Dynamic Drive- Online Tools

Need to... optimize images? Create the FavIcon file for your website URL? Hide your email address from spammers? Build your .htaccess password protect files? Or create a gradiant image? Check out this site!


FONTpage: A quick and easy font viewer | FONTpage: A quick and easy font viewer

"The importance of an application has less to do with its size or popularity than it does with the importance of the need it fulfills. Recently I needed a font viewer, so I was happy to find FONTpage 0.2, a new font viewing utility written by Paul Sherman. FONTpage allows you to input text, display it in any of your system fonts, and, if you like, create a PNG image of the text. I found it handy for creating Web site logos."

Managing digital photos with Album Shaper

NewsForge | Managing digital photos with Album Shaper

"Even a novice digital photographer knows that finding a good application for managing digital photos is as important as having a decent lens in your camera. DigiKam and F-Spot are the most obvious open source tools for the job, but a lesser known but equally useful digital photo application called Album Shaper is also worth considering. This multi-platform software allows you not only to organize your digital photos, but also enhance them and share them with others."

Monday, October 03, 2005

Zoho Writer - Online Word Processor

Zoho Writer - Online Word Processor

"Zoho Writer is an online Word Processor to Create, Format, Store & Share Documents online.

Access Anywhere
-You can access, edit, share your documents from anywhere

Create and Edit document in your way
-You can create, edit or re-format your document using WYSIWYG editor

Share, don't attach
-With Zoho Writer, you can share your documents to your friends or publish it for public.

No more duplicates
-Zoho Writer allows versioning. No need to keep multiple copies"


HACKmyth for MythTV

NewsForge | Product Announcement: HACKmyth for MythTV

"BuLogics, Inc., an innovative provider of home automation technology, today announced the release of HACKmyth (Home Automation Control Kit for MythTV). The HACKmyth box allows technology-savvy consumers to configure their personal video recorder (PVR) and home automation to their personal preferences."

Zenphoto - AJAX Photo Gallery


"Zenphoto is an answer to lots of calls for an online gallery solution that just makes sense. After years of bloated software that does everything and your dishes, zenphoto just shows your photos, simply. It's got all the functionality and "features" you need, and nothing you don't. Where the old guys put in a bunch of modules and junk, we put a lot of thought. We hope you agree with our philosopy: simpler is better."

It doesn't seem to be as nice as Gallery, but it seems to be a pretty clean interface so far.


Sunday, October 02, 2005

Writing an Extension for Firefox

Duffblog: Writing an Extension for Firefox

"One of the best things about Firefox and Thunderbird is that they have a well defined extension mechanism. If there's some feature you feel is completely missing, you can go ahead and add it. It's relatively easy to do — you don't have to fiddle about with a C compiler because extensions are mostly written in a combination of XML and ECMAScript."


Netvibes - AJAX HomePage


" is a customizable web 2.0 homepage solution

This service is free and gives you the user the ability:

* to create a personalized page with the content you like.
* to put together data feeds and services from web 2.0 applications with a very simple interface
* to access your page anytime and from any computer .

Key features of Netvibes:

* Browse, modify, and import your RSS feeds with our integrated RSS/ATOM feedreader. You can easily import an OPML file as well.
* Import, download and listen to podcasts without any additional software
* Check your e-mail on one or many Gmail accounts; stick web notes and weather updates; and many more features to come!"


Default Passwords for almost any hardware vendor

Default Passwords for almost any hardware vendor

"Maybe there was a way to stay secured if you bought products by not well known vendors without web precense, well, those days are over, you will find a neat list of default admin passwords for a lot of hardware vendors here."


Saturday, October 01, 2005

Microsoft demos Xbox 360-to-iPod connection

Microsoft demos Xbox 360-to-iPod connection, notes limits

"During its first demonstration of “final” Xbox 360 hardware in London, Microsoft showed off its upcoming game console’s ability to interface with an iPod, and explained the link between the two devices."

eyeOS project: Internet based Operating System. Taking your life everywhere

eyeOS project: Internet based Operating System. Taking your life everywhere

"EyeOS is a free, cross-platform Personal Content Manager System based upon the style of a Desktop Operating System. The base package includes the whole Operating System structure and ten apps, as a Calendar, a File Manager, a Text Editor, an Internal Messenger, a Browser and a Calculator.

EyeOS's is thought to provide a complete, scalable and free (GPL Licensed) Organization and Work System. It's scalable, so everyone can port an existing PHP app to EyeOS and create a meta-package for installing it."