I have downloaded the new MT v3.16 but have not upgraded yet, I've got some time coming up at work soon with not much on so I will probably get bored and get around to doing it then.
In doing so, some of the other outstanding issues will probably get resolved, such as fixing MT-Blacklist.
A new version of MT has recently been released which mainly addresses quite a number of issues that had been previously reported. Check out the full list of changes and fixes here and the known issues list here. Check out the official release statement, which provides some more information. I'll be upgrading shortly.
I've always thought that this is a limitation of certain sites, but it seems that the limit on the number of downloads from the same site at any time is not usually limited by the source HTTP server, but rather by IE.
It complies with the RFC 2616 by limiting the amount per site to 2. I find this annoying, as a lot of the time I start more than two and could not automate the downloading of them all without using a 3rd party application. It seems you can change IE so that you can download more and although this would break the RFC, in this instance it's nothing to worry about.
Check out the article to change the value to a higher one, pointed out on the IE Blog. Another interesting tip is to always ensure you put a trailing "/" at the end of a URL as a URL without one will result in a 301 being sent to the URL with a "/" at the end anyway.
If you'd like to see what the next generation of X Windows rendering will probably be like, check out some of the videos from Seth Nickell. They remind my of Project Looking Glass a little, which is also nice eye candy. Combining the best of both would see a really great desktop develop. A desktop that looks better, really helps to attract more people that are not anything but a Windows user, over to the other side and of course they then discover a whole lot more is possible.
Even though I'm running MT v3.14, it seems that mt-comments.cgi is still causing a high load from comment spam attempts even though comments from users that are not registered are not currently enabled. I've been meaning to sort out MT-BL as I've not been able to get it working since upgrading to MT v3 as I'm experiencing a strange error I've not been able to figure out. I'll get it posted on the forum and hopefully get it resolved at which point I can enable the ability for unregistered users to post comments once more.
The load issues may also be sorted out once MT-BL is up and running again. I thought all of the load issues had been resolved, but obviously that is not the case in relation to comment posting and even when non registered user commenting is disabled.
Sun is taking the first steps to open the Solaris code to the public. Already you can find the code to DTrace on the Open Solaris site and more to follow. There are a number of reasons for the decision to open up the operating system but for the community it's mostly an all win situation.
For example, more eyes looking over the code will help with the elimination of bugs and security issues because of them. There are of course other advantages, with regards to security it may well work both ways as some potentially dangerous bugs might be found and proof of concept exploits could be developed without Sun being informed.
They could render customer systems vulnerable to attack and although this is the case anyway with any open or closed system, because the opening of the source is taking place now the initial influx of bugs that are identified could be quite high rather than being more spread out as would be the case with open source projects. Given the past record of Solaris security, I'll bet there are quite a few problems identified.
DTrace is part of Solaris 10 and one of the main new features. The code is already available for download and more code will be appearing over the coming months. Sun is hoping that this will give more people the opportunity to develop applications for Solaris and allow a more community based approach. In the past it has always been a pain getting things to work under Solaris, things should now change and with more applications being developed and supported we'll see more people using it on desktop systems.
More Sun products should see the light of the open source treatment in the future too. As we have seen in the past, if one company does something they all do. The question is, will we see the same actions from other big software developers with regards to opening the source code to the public, for their major software products?
I'm a proud user of Soulseek but recently I've been having problems that although have been reported, are annoying. It seem that Soulseek is now not compatible with a number of other applications. Some of the applications such as Netlimiter are required to be used with certain programs that use all of the available upstream bandwidth unless they are limited.
When you have ADSL, programs that don't have built in limiters are a problem so using Netlimiter or an alternative application to reserve a small amount of upstream bandwidth is required. Using Netlimiter poses a problem for me when Soulseek is no longer compatible with it. I don't want to have to change application, but at the moment Soulseek keeps exiting after a while.
I'm going to try updating as a new build has been released. Hopefully that might resolve the issues that I and others have been having. It shows you how much you rely on something when it stops working.
For some reason Veritas NetBackup has been ignoring the rules that I have set in place to exclude certain files such as logs from the daily incremental backup schedule. Over 200 megabytes of compressed data was being backed up on a daily basis which was way too much considering a backup of most of that data is was not required.
As far as I'm aware the configuration allows files to be excluded regardless of path & just by name but that does not appear to have been working. It looks like the full path must be supplied and then any wildcards can be used if required.
I've updated the configuration to include the full paths for the exclusions, which now falls in line with the full paths which were setup in the include file. It makes sense, but could create a lot more work when creating large backup policies of the same exclusions of the same files in different locations in the directory structure.
Another important thing to note is that when including a number of directories so that the directories are not lost when a full system restore is done, it would be a good idea to exlude the files in the directory like so:
/test/test/*
Instead of excluding the directory itself also, which would be the case if the configuration was as below:
/test/test/
It might not be an issue, but if a number of applications require certain directories to be present and they are not, more time might be experienced where the system or applications are down because of missing directories. Hopefully that should solve the issue, but I'll have to wait and see the results of the backup tonight, in the logs tomorrow. If not, it'll back to the documentation & Google for me!
After delaying it for a long time, I've finally upgraded to Movable Type v3.14. The upgrade went as planned without any problems, as far as the MT side goes. Everything appears to be working as it should, I've probably got some changes to make and some that I had wanted to do anyway so will work on getting those done soon since I've got more free time than usual, for a while at least.
I'm having a few problems with getting the latest version of MT Blacklist running correctly, but that might be down to me and the fact I've been up all night and could probably do with some sleep now. I'll continue with that and the other changes and updates later.
The main thing is I'm now able to enjoy one of the features of MT v3 that I've been looking forward to which is forced comment moderation, especially since MT-BL is not working right now and also the fact of all the recent "junk" spam, it'll save me having to delete a load of spam, since it'll never even make it to the live pages now and can sit in moderated state for a while, before I remove it.
There is more of a rush to remove spam when it makes it to the live pages because of the web crawlers picking it up and that's what the spammers want. Not removing spam from live pages causes links to your pages to show up for all kinds of search results you probably wouldn't want them to.
There's a whole list of other things that has and will make the update worthy of my time spent doing it, I'm sure you'll say the same if you currently run an older version of MT and decide to upgrade.
I've also paid for the personal license from Six Apart, to show my support which will also enable me to get support if required.
It's time for me to get some sleep.
The new version has recently been released to address the issues which have recently been reported, minaly in relation to the rebuilding of pages when a comment has been moderated. Rebuilds are no longer ececuted when a comment is moderated as there is no need and because of this process taking place regardless, some sites have experienced high server loads when being subjected to large spam attacks.
Check out the full announcement here and be sure to read the previous release regarding the issues and the up and coming fix which has now been released.
Some of you out there that have blogs that are powered by Movable Type will have recently experienced problems relating to high server load caused by a number of bugs in MT and the way it handles the rebuilding of pages. I can't say I have had any problems myself, but it looks like it is mainly relating to the newer versions of MT.
A fix will be out the door shortly and MT-Blacklist will be updated as well to help eliminate any issues relating to large spam attacks.
You can check out the full details here from Jay Allen. On another note, be sure to keep your blacklist updated from the master, check out my blacklist if you want to import that as well.
I've recently started to add single words to my blacklist which has blocked a lot of spam that would have got through otherwise. I just saw a post from Jay Allen about this as well, I think this will be the way forward in combination with blocking domains and using regular expressions.
I'm still to upgrade to MT v3 and MT-BL v2 but in the mean time and even after the upgrades, I think adding certain words will make spam a lot easier to block. For example, I have in the past few months been getting a lot of spam with "texas" & "holdem" in the contents of the comments. Since there were so many different domains getting through, some with the words in the domain and some not, it made more sense to block words such as "holdem".
That solved that issue straight away. There have been more instances as well. Looking back through the activity log I can see plenty of attempts using certain words such as "mortgages" and since the chance of this word being used in a genuine comment is far less than spam ones it makes sense to block the word. I have found that this approach is working pretty well. Of course, any blocked words that might want to be used by genuine users can still be posted in a modified form.
Now, why didn't we start doing this earlier?
Microsoft has recently released the latest version of MSN, version 7 beta build 0425 to the beta testers. Of course, it has been released to the world the second it was released to beta testers as someone always leaks a copy, you can download it here.
I've just installed it after using MSN 6.2 for ages on Windows machines and some of the changes are really good. The new look, extra features including being able to use the mouse to allow you to draw and write things are all pretty good.
You can also send flash based winks to people and also nudge them, which makes the chat window shake. That could get annoying, but it could come in handy as a noficiation method that you want someone as well if the sound is off.
There are a lot of visual changes as well, it looks better. The only problem is when I upgrade, usually Messenger Plus does not work any more which means I loose all the custom names I set for people and only see email addresses instead. Check out this thread for the latest beta of Messenger Plus v3.40.110 which works with MSN v7.0.
Messenger Plus adds a lot of functions which are really handy to MSN, some of which you will never live without after trying them out. Other things, such as changing the colour of your name on MSN, just allow you to make things a bit different and personal. Messenger Plus is really worth checking out, I've been using it since the early days of its development and like MSN Messenger has come along way.
You'll probably have to update when downloading v7.0 as there are new updates being relased quite often which you have to accept to continue using it. Anyway, if you use MSN on Windows at all, get the updates as they are worth it.
OpenNTPD 3.6 has been released, so for those of you that use NTP for keeping the time updated on your systems, if you have not checked it out then give it a try. I don't use NTP at all but for some applications that are distributed, having the correct & same time on all systems is required which is where OpenNTPD comes in.
It allows you to run an NTP server or just run as a client, receiving updates from another NTP server and is a free implementation developed by some of the OpenBSD team.
I've sorted out the problem I was having with MT-BL. As I thought it was due to some spam, for some reasons MT-BL did not like it and was throwing up the errors. I'm not sure why, but it's obviously a bug. Since most people are now running 2.0 and I have not found anyone else having the problem, it seems like it was an isolated case.
I'll be upgrading MT soon along with MT-BL so with regards to the spam fighting, things should improve even more.
I've been looking at various system monitoring applications. I've come over and used a few in the past, such as Big Brother. I've taken a recent look at BB and although it is good, I think a combination of this or another application and a third party monitoring service would be better so I've been looking around at paid services that can allow for monitoring of multiple servers and their services from various locations. Of course, there is a monthly cost attached but the options included for alarm notification are increased.
Although the notifications that I've found with software such as BB is good, paid for services allow for more control and variation in methods used for notification. One of the ones I've looked at is Alertra which seems to be quite popular with a lot of people. It allows you to setup notification via email, sms phone call, MSN and more although it does not monitor server internals. A third party monitoring service that allows for this would be good, I'm sure there must be one, obviously you would need to run an application on the system though.
The phone call option with Alertra is only available to the USA & Canada but the rest is available globally. I'm sure there are other paid for services and free ones also that are good so I'll have to check some more out and compare. I'll also have to see if there are any other monitoring applications that will be good for what I'm looking for. The other option would be a custom developed one either by a third party or our team but with everything else going on at the moment, something ready built and that just works would be great for now.
If anyone knows of a good system I should check out, let me know, it's looking like Alertra will do the job for now and maybe for quite some time depending on how good it works out to be. A future project will be to design and build our own system to a custom specification or have someone else do it.
Having the application monitoring allows for things such as disk space and CPU usage to be monitored, using most web based monitors don't allow for this which is where BB and other systems come in as they can monitor internally and externally, especially with BB as it can act as a distributed system. I will have a combination of both, to allow for more detailed monitoring of internal server statistics as well as from the outside to monitor web services from different locations.
For some reason I seem to be experiencing some issues with MT-Blacklist. I've upgraded since and reset the blacklist but still no change. For some reason it's displaying errors. I've found some things which relate to it but have not been able to resolve the issue.
The errors that I am getting when running a de-spam are:
--
jayallen::Blacklist=HASH(0x8297090) Malformed UTF-8 character (unexpected non-continuation byte 0xc5, immediately after start byte 0xf3) in substitution (s///).
jayallen::Blacklist=HASH(0x8297090) Malformed UTF-8 character (unexpected non-continuation byte 0xc5, immediately after start byte 0xf3) in transliteration (tr///) at /path-to/Blacklist.pm line 3159.
jayallen::Blacklist=HASH(0x8297090) Malformed UTF-8 character (unexpected non-continuation byte 0xc5, immediately after start byte 0xf3) in pattern match (m//) at /path-to/Blacklist.pm line 3103.
--
It's one of those times when something just stops working for no reason. The errors repeat all with the same line referenced (3103) but the first line is (3159). I thought it might have had something to do with some domains I imported as some of them had strange characters in. But I reset the list to test and it still made no difference so then I upgraded MT-BL and no still no change.
From looking at the code, I'm not sure what the problem is. I've spoken to Jay Allen about it but he has not really got time at the moment to investigate and would suggest the upgrades. There's nothing I could find on the forum, apart from one post from a while ago but with no replies.
I also changed the language so it is as shown below:
LANG="en_US"
SUPPORTED="en_US"
SYSFONT="latarcyrheb-sun16"
As the UTF-8 which was included before has been the cause of similar errors with other things reported by other people on their systems, but the change did not make any difference in this case. I'd not made any changes before the errors started but after some reading it might have something to do with some other things which may have been changed by Ben so I'll need to speak to him and check as I've not touched them - CPAN modules as an example.
I've covered all the angles I can at the moment, so will continue investigating later. Maybe this is another reason why I should hurry up and upgrade to MT v3 and MT-BL v2 to enjoy a lot of new features and things to make tasks easier and automated.
Soon, I will sort the upgrades.
I noticed this same days ago, but forgot to say at the time - a big well done to Jay Allen in accepting a job offer from the folks over at Six Apart to become the Movable Type Product Manager. After reading his post, I learned a number of things about the history Jay has had with MT. I was not aware that MT has played such a big part in his life and indeed will now play an even bigger part. With the great work he has done developing MT-Blacklist and the Spam Clearing House as well as other work, I'm sure he will now be able to better devote his time to improving MT. I think he's the best man for the job, going on past experience that he has with MT and even the devotion to write a book about it!
Check out the announcement from Six Apart.
Well done Jay!
I'm sure it has happened to everyone at some point or another. It's really annoying when it does. A certain software application decides to stop working for no reason and you have no idea what has caused it. I've got an application on my Nokia that monitors the amount of minutes I've used. It is great or was until recently.
One day it just decided to stop working, with no indication as to why. It just opens and then closes. I'm going to have to install it again, which should hopefully fix it. Just goes to show sometimes it is not the user that breaks things, they just do it on their own!
If you use MT Blacklist to keep the amount of comment and trackback spam on your blog down, then you may want to add the following to your list.
%2E or even % so that any URL / comment with % in is blocked as there could be a number of variations and there is no normal use of % in URL or comments, for the most part anyway. Once the bug is addressed MT-BL will decode the % variables first and then compare to the blacklist, which is what should happen already but adding % to your blacklist as well for now will stop any spam and show up any already posted via this method.
I just noticed some spam on my blog which should have been blocked by MT-BL but was not. Running a search did not find the comments either and I could not add the domains because they are already on my list.
%2E inserts a full stop so myspamsite%2Eorg would actually end up as myspamsite.org in your browser. Of course MT-BL does not pick it up and would let comments through like this as I have found & the links do work when clicked on.
I've already contacted Jay Allen about it and he states that MT-BL should address this but it's obviously a bug. There may be other holes in this form which will also need to be addressed either via the list or via MT-BL internally. I'd suggest running a complete scan of all your comments to find any that may have been there for some time after adding it to your blacklist for now, until the bug is fixed. This seems to be another method the spammers are using, but since it is so easily detected and then the hole is plugged it won't be of much use for long.
I'm using MT-BL v1.6.4, not sure if this is an issue with other versions at the moment.
UPDATE: 04/08/04
Jay has released MT-BL 1.6.5 which addresses this issue but since it is a simple code change, you could modify the code yourself:
Change:
$str =~ s/\%(\d{2})/chr(hex($1))/eg;
To look like:
$str =~ s/\%([0-9A-F]{2})/chr(hex($1))/eig;
The change needs to be made in Blacklist.pm
Bash 3.0 has been released and is now available on various mirrors as well as the master ftp site, of course. A few of the changes and improvements include as described in the announcement:
* Features to support the bash debugger have been implemented, and there
is a new `extdebug' option to turn the non-default options on.
* HISTCONTROL is now a colon-separated list of options and has been
extended with a new `erasedups' option that will result in only one
copy of a command being kept in the history list.
* Brace expansion has been extended with a new {x..y} form, producing
sequences of digits or characters.
* Timestamps are now kept with history entries, with an option to save
and restore them from the history file; there is a new HISTTIMEFORMAT
variable describing how to display the timestamps when listing history
entries.
* The `[[' command can now perform extended regular expression (egrep-like)
matching, with matched subexpressions placed in the BASH_REMATCH array
variable.
* A new `pipefail' option causes a pipeline to return a failure status if
any command in it fails.
* The `jobs', `kill', and `wait' builtins now accept job control notation
in their arguments even if job control is not enabled.
As well as a host of other changes, additions and improvements.
I've just stumbled upon MySQL Maestro which is a Windows based application for MySQL management. I've only had a quick play with it, but it allows for remote user and database administration with a nice interface and plenty of options.
Compared to command line it makes certain tasks a lot easier to perform, for example looking up data in a certain field in a table as you don't have to remember the SQL commands to perform the task. Although you could allow users to use this application to access their databases, phpMyAdmin would be better suited for this as to allow a user to use MySQL Maestro you would have to either allow external connections to the MySQL server or allow interactive shell access.
For administration, you can allow the MySQL connection to be tunnelled over SSH so you would not have to open MySQL up to the outside as the connection to the MySQL server is made locally once an SSH connection has been established.
I think MySQL Maestro is a handy tool that will be of great use to people that would like to do easy MySQL administration from a Windows application. There are a number of other tools available as well which offer varied functionality. Used in combination with command line and web based applications such as phpMyAdmin MySQL Maestro is another good tool to help administrators complete MySQL related tasks.
For POP3 I've always used Outlook Express on the Windows box, but recently I have been having a few problems in that some messages don't download and seem to hang the client. I've not figured out why, but they all seem to be destined for the same address, so I've just added local rules to ensure they are not downloaded. Also, the local rules don't seem to be working now, for some reason.
At work I currently use Evolution on Solaris, which is another nice client.
I've decided to give Mozilla Thunderbird a go on the Windows system at home. It seems to have the same problem with hanging on those certain spam emails, but that aside, it's a lot better. Another reason for me switching, is the total lack of proper spam filtering in Outlook Express.
Hopefully once trained Thunderbird will do a good job. Server side filtering is an option, which I will get round to, but having all mail delivered is better in some respects as it allows you to see all mail still, even emails that have been classified as junk - they might not be. Using server side filtering you don't really get this freedom unless you are alerted to blocked messages to check.
I've used 3rd party applications for local fltering, but have not found them to be any better, so using a built in function like in Thunderbird, should work just as well if not better.
Also, due to all the recent issues with IE, I'm probably going to start using Mozilla Firefox more. IE is lacking in a lot of features, such as tabbed browing, saved sessions and a lot more, Firefox and other good alternatives such as Opera fill these gaps in functionality. There are a whole host of things needed, MS really need to work on getting IE and Outlook back up there, by adding much needed functions that can be found in all the alternatives.
It's funny that the Microsoft offerings are still the most popular - due to the fact that they are bundled with Windows by default and are not better than the rest, but just easily available.
Sun will release Project Looking Glass under the GPL, which is good news for people who may want to add to it. I saw PLG in action a few months ago in London and as far as eye candy goes, it was rather impressive. It opened up a whole new look to what the desktop could look like and no doubt will look like.
It seems that gone are the days when to have a better looking and easy to use desktop environment you would be forced to use Windows. Other projects will also be released open source, including Solaris in some shape or form in the future but details remain unconfirmed at the moment as of course in the case of an OS, it's a hard thing to just distribute open source without considering a lot of things.
I've just been reading some interesting stuff about Movable Type 3 over at Dichotomy's Purgatory. I was thinking about upgrading to 3 at some point for a number of reasons, but after reading more about it, I'm not so sure right now.
Any current issues will obviously be sorted out so I think I can delay in moving over to version 3 for a while. We all know what they say about not touching something if it isn't broken so I've got to weigh up the advantages and disadvantages at the moment. For now I think, I can leave it.
Sometime soon though I'm sure I will upgrade.
I've just spend a good few hours setting up a whole host of domains for varoius people, near enough thirty. It's taken ages to manually configure them all.
Now it's all done, it's out of the way but it made me happy to think that soon doing stuff like that will be all automated. Well, not totally, but mostly which will save a lot of time and effort.
Doing these manually was the only option, as they had to be done quite soon, but I've got them all sorted in advance - setting customer expectations and all.
Doind one or two manually is not a problem, but for bulk loads all in one go - automation is the only way!
When restarting services such as Apache and other daemons, it is really annoying when there are various binaries and configuration files on the system and each time I come to edit the configuration and restart the daemon, things mess up because I restart the wrong binary or edit the wrong configuration file.
This calls for a clear out of defunct binaries and configuration files to make life easier. Also to note is the fact to find the log of standard procedures and processes to follow when carrying out tasks like this.
MT-BL v.164 has been released, I've just upgraded. It would be wise to upgrade, since a bug effecting all versions has been discovered which could allow people to leave comment spam that is filtered by your blacklist.
I think some recent spam was delivered this way to my blog, since I added some entries to the blacklist yet MT-BL was not picking it up. After the upgrade, it's all detected.
Go and upgrade.
I hate slow software, more than I hate slow machines. When the specification of the system is high, you would think that the applications would run fine. It's annoying having to wait around. I probably spend half the day waiting for our internal case management tool, which is written in one of our own technologies - Java.
The problem with it is it the amount of users, the face it is single threaded and also the fact the database is sitting in the USA, when I'm in the UK which causes some more latency issues.
There are some plans to make changes to help speed things up, but I think we'd need some major changes to get it working to an instant response, with no delays.
I've recently been reading the announcement made by Six Apart regarding the release of Movable Type 3.0 and the changes to the licensing. It seems that a lot of people are suprised at some of the points made and the thought of having to now pay for a product which was essentially free.
At first glance, I thought (instead of jumping the gun / assuming) people running versions previous to 3.0 would not have to pay, which is correct.
One thing to remember, is that Six Apart spends a lot of time working on the development of MT, especially the change to 3.0 and obviously have to make a living in real life. Since all the time is spent on MT, it needs to become a feasible business project.
If you use MT and are going to upgrade, depending on how it is implemented with Type Key, you may well have to pay to be given any access to Type Key to use on your blog. A move like this would ensure that more people would purchase a license.
The initial public release is called Movable Type 3.0 Developer Edition. It's for use by everyone, but is basically the foundations on which great plugins can be made. Along with it comes other changes, to help developers to work with Six Apart to make MT 3.0 even better.
So, if you keep using a version previous to 3.0, you will not have to pay anything. If you want to use version 3.0, then you can choose the free version. You could of course make a payment, which I shall call a "donation" that will enable you to receive support and a list of other things.
In the time that MT has been produced, it has been done so at the time and cost of the developers and if you like it and want to thank Six Apart then you now know how to do so.
At some point, I'm sure I'll get round to upgrading, but I normally allow the dust to settle on new major releases before doing so.
I've just had a play with DVD Shrink and from the first lot of results, I'm impressed. In addition to the fact it is freeware, it does a nice job of backing up DVD's. No messing around with compression or anything, as it does it all for you.
You can be sure that a source DVD will fit on a DVD-R or DVD+R disc. It does not take that long to process a source DVD, I did the deep scan which will ensure the end result will be of good quality - In fact, you can't notice any difference - it's a complete image of the original, with all the extras and menu system too.
With the advent of the dual layer drives and media coming around now, we'll have even better options to choose from. As long as the software keeps up, it'll be interesting. You can burn direct to another DVD or create a DVD image file.
I'd really suggest checking it out, if you're looking for this kind of thing.
I'm using Mozilla and sometimes Netscape, on Solaris in the office. When posting, for some reason both browsers do not display the buttons to allow for easy addition of links and italic / bold to the posts.
These only seem to be available on IE & Opera as well as other browsers on Windows systems.
It just causes extra work when adding links and such, which is a pain.
Maybe it is just these versions of the browsers that don't support the code to allow these handy functions to work.
Something that needs to be sorted!
Jay has released v1.63 as final due to no issues being found in the testing stage when it was called v1.63 RC 2. Along with this release comes the news that it should run without problems on all versions of MT from 2.6 - 2.661.
I'll be upgrading mine later, to take advantage of some of the new features.
Of course, make sure you keep your blacklist updated.
I've moved all of the data off the existing drive and wiped it clean. That's half of the problem solved. Now I just have the issue of the main boot disk. So, whilst sorting that out I think I shall get another 250gb sata disk and install again.
On this system, my Windows one - it'll be 2000 server again or maybe XP/2003 server.
Who knows when I'll sort it, as it is so much trouble having to start all over!
Good old Windows.
Whatever next? That's right, you can now get games for your iPod thanks to the people over at IPodSoft.
I'm yet to get an iPod, as I'm looking at alternative options with more capacity. I'm sure the next release of the iPod will have more storage capacity, so I'll probably go with it since it really seems to be the device with the most stuff available!
I just hope the new iPod's are more like their mini counterparts, in the colour department!
From iPodSoft, you've got:
iPod Agent which allows you to manage contacts, RSS feeds and other things & also iStory Creator, which allows you to create text based games on the iPod.
Go check them out, if you've got an iPod!
After a few wierd crashes and such whilst installing Linux on one of my old systems, to use as a test / development system, it is now all up and running. Aside from getting the system updated, that's another thing off the list of to do items.
No doubt more will be added to this list quicker than I remove things, but I suppose it is better being busy instead of having nothing to do.
I've just noticed that 4gb of mp3 albums I had backed up on my computer, seem to have vanished. The directory they were all in is now empty. I think defrag has caused some data loss. Until recently the data was there, but I ran a defrag as both disks in my Windows system were quite fragmented.
Funnily enough, the defrag completed, but afterwards the disks were still both fragmented, one at 25%. Something wasn't right. This data is the only stuff that I can see missing, but I need to get the fragmentation sorted out but I don't want to loose anything.
There are some other things that have started happening recently on the Windows system (Running Windows 2000 Server) which I put down to Windows being Windows. I'd re-install, but it's more trouble that it is worth at the moment. The main priority is to backup everything on the 120gb disk, wipe that clean to remove the fragmentation and start again.
As for the boot disk, not sure what I am going to do yet, without a clean install to fix the fragmentation. As it seems that the Defrag utility is not working correctly. Who knows why.
Maybe it is time to look for a 3rd party application to sort out the fragmentation.
A wider audience of people will now start to test Movable Type version 3.0, as recently announced by Six Apart.
Major changes to come with v3 will include a nw user interface which will be updated for easier localization & usability. One of the areas which will have received a lot of change is the comment management. A new user registration option will force users to register before posting comments if you want to work that way. There will be a lot of flexibility since user registration will be managed by a central service called TypeKey.
Version 3 will allow for better management and support registration and open communication. TypeKey will provide user authentication as well as allow for developers to build plugins and mods that are based on TypeKey's authentication hooks.
New support for the Atom API & syndication feeds will allow users to use this format as well as clients that operate through it's API. With support for many new hooks, developers will be able to create better, more varied plugins.
TypeKey seems like it will be a good solution to user registration on blogs. It will allow for one login, which will allow a registered user of TypeKey to post comments on any MT blog or other which is supported, without having to register on each blog.
It will mean that you can have the same identity on all blogs using TypeKey. Since this is a service of Six Apart who develop Movable Type, which is probably the most popular blogging application available, the user base will be great. That fact alone, will mean that more blogs can require authenticated users via TypeKey as the chances of a regular blog reader being registered with TypeKey will be high.
There may also be support for a blogger to use single registration that does not require TypeKey in v3 of Movable Type.
A good example of using TypeKey would be:
A spammer registers with TypePad and so can post spam to a whole host of blogs using TypeKey authentication. As soon as people report this user to be a spammer, the account can be terminated and such all of those blogs are free from that spammer for now.
Hopefully, there will be features which allow MT Blacklist type operations to centrally block URL's via TypeKey. In effect, your MT setup would check with TypeKey for blacklisted URL's before allowing the comment to be posted by a registered or non-registered user. Using this method you would not even need a local copy of the master blacklist as checks would be in real time, new spam could be added on the fly.
These ideas, which I would think will be the kinds of things implemented via TypeKey and MT v3 are the next stage from using MT-Blacklist. Jay Allen appears to have halted development of MT-BL due to the kinds of things we will see with TypeKey. Well done for the work so far Jay.
Of course, well done to Six Apart for their continuing work.
I await new updates with more details...
Ben has been busy updating stuff on the server today.
MySQL, Apache, OpenSSH & PHP all upgraded. Hopefully, amongst other things - the issues with Apache will now be resolved, we'll have to wait and see.
He made me feel guilty for a small period of time, due to me being lazy and not doing anything. I soon got past the guilt stage. I'll have to do something to make up for it.
Anyway, we should see some performance increases, mainly.
Apache died yesterday, due to the error log growing to over 2GB in size. I didn't know it would complain and die then not restart over log size. I noticed it was down at 7am when I got in from work, which reminds me to get the monitoring system up and running.
I had a quick look to see what was up and thought it was something relating to log file size, but when looking at the sizes, I thought the access log was bigger so moved that and tried but it did not work. It turns out the error log was the bigger file, but I missed that fact due to being tired - still can't believe I didn't notice though!
So I left it for Ben to sort out when he got up. It goes to show when you can't figure something out, especially when being tired - leave it and come back to it later, it usually all fits together then and works.
Another issue we've noticed with Apache on this server, is that every now and again it appears to eat all the CPU power so we have to go in and kill it off. As yet we've not established what is causing it, so the investigation is ongoing.
Strange!
The second release candidate of MT-BL v1.63 has recently been released, which comprises of bug fixes only over v1.63 beta rc1. v1.63 rc2 supports some new features available in MT v2.661 and is currently undergoing testing for an official production release.
Check them out.
The course is going along well so far - I am learning, which is always good!
I'm going over things that I have done before, but I am learning new subjects which are unique to Solaris or different in Solaris.
It's a long week, but I'm taking it easier this week!
MT v2.66 was just released, but update v2.661 has now been released to address some issues in v2.66.
There is some new protection to help prevent spamming by comment throttling, which is part of the new spam reduction features which will be present in MT v3.0.
So, go and upgrade - or wait for v3.0 / Pro.
On the storage course this week, I have been playing around with Fibre Channel & FC-AL. Below shows the output of luxadm, which is the Solaris utility to manage Fibre Channel. You can see the status of various GBIC's, temperatures of drives and other information. Having hands on experience with this kit in a lab allows you to play / break stuff without the worry of loosing data.
Consdering the cost of a Sun StorEdge A5000 for example, unless I was working at a company which uses them, the chance of being able to use one is slim - as I doubt most people would have one in their home. Fortunately for me, I will have access to this type of equipment in our labs, as we'll be supporting it all - so it makes sense.
# luxadm display DV
SENA
DISK STATUS
SLOT FRONT DISKS (Node WWN) REAR DISKS (Node WWN)
0 On (O.K.) 20000020370e104d On (O.K.) 2000002037070870
1 On (O.K.) 200000203704fa9c On (O.K.) 20000020370e3a89
2 On (O.K.) 20000020370e4f43 On (O.K.) 2000002037070bd8
3 Not Installed On (O.K.) 200000203707086e
4 On (O.K.) 2000002037078204 On (O.K.) 2000002037070835
5 On (O.K.) 20000020370c0a5b On (O.K.) 20000020370e1ade
6 Not Installed On (O.K.) 200000203714ecd0
SUBSYSTEM STATUS
FW Revision:1.09 Box ID:0 Node WWN:508002000001e3c8 Enclosure
Name:DV
Power Supplies (0,2 in front, 1 in rear)
0 O.K.(rev.-02) 1 O.K.(rev.-02) 2 O.K.(rev.-02)
Fans (0 in front, 1 in rear)
0 O.K.(rev.-05) 1 O.K.(rev.-00)
ESI Interface board(IB) (A top, B bottom)
A: O.K.(rev.-04)
GBIC module (1 on left, 0 on right in IB)
0 Failed(mod.-05): Not receiving a signal
1 Failed(mod.-05): Not receiving a signal
B: O.K.(rev.-04)
GBIC module (1 on left, 0 on right in IB)
0 O.K.(mod.-05)
1 Failed(mod.-05): Not receiving a signal
Disk backplane (0 in front, 1 in rear)
Front Backplane: O.K.(rev.-04)
Temperature sensors (on front backplane)
0:34ºC 1:36ºC 2:36ºC 3:34ºC 4:34ºC 5:36ºC
6:36ºC (All temperatures are NORMAL.)
Rear Backplane: O.K.(rev.-04)
Temperature sensors (on rear backplane)
0:33ºC 1:36ºC 2:37ºC 3:36ºC 4:36ºC 5:37ºC
6:36ºC (All temperatures are NORMAL.)
Interconnect assembly
O.K.(rev.-02)
Loop configuration
Loop A is configured as a single loop.
Loop B is configured as a single loop.
Language USA English
#
# cat wipe
for i in /dev/rdsk/c[!0]*s2
do
fmthard -s /dev/null $i
done
#
An easy way to destroy data on all disks that are not on controller 0. I just destroyed our array, on purpose of course. So now, I can re-create a new array and learn in the process.
One of the benefits of having labs to play with on courses or in general.
Below is a before / after status, after running the wipe script above.
Before:
# vxdisk list
DEVICE TYPE DISK GROUP STATUS
c0t0d0s2 sliced rootdisk rootdg online
c0t1d0s2 sliced - - online
c6t0d0s2 sliced - - online
c6t1d0s2 sliced - - online
c6t2d0s2 sliced - - online
c6t4d0s2 sliced - - online
c6t5d0s2 sliced - - online
c6t6d0s2 sliced - - online
c6t16d0s2 sliced - - online
c6t17d0s2 sliced - - online
c6t18d0s2 sliced - - online
c6t19d0s2 sliced - - online
c6t20d0s2 sliced - - online
c6t21d0s2 sliced - - online
c6t22d0s2 sliced - - online
After:
# wipe
# vxdctl enable (re-scan drives in Veritas)
# vxdisk list
DEVICE TYPE DISK GROUP STATUS
c0t0d0s2 sliced rootdisk rootdg online
c0t1d0s2 sliced - - online
c6t0d0s2 sliced - - error
c6t1d0s2 sliced - - error
c6t2d0s2 sliced - - error
c6t4d0s2 sliced - - error
c6t5d0s2 sliced - - error
c6t6d0s2 sliced - - error
c6t16d0s2 sliced - - error
c6t17d0s2 sliced - - error
c6t18d0s2 sliced - - error
c6t19d0s2 sliced - - error
c6t20d0s2 sliced - - error
c6t21d0s2 sliced - - error
c6t22d0s2 sliced - - error
#
The 2 drives on controller 0 are still active because we wanted those to be left alone, because they are the boot disk and another disk in the machine. All of the other drives are in the array. We could have messed the box up as well, as it could have had a jump start.
I'm currently spending this week working with A5000 / D1000 arrays. There is a lot to take in but obviously most people will not take it all in first time. I'm working with Veritas Volume Manager this week and will be working with Solstice Disk Suite soon too.
I'm back again in two weeks on yet another course.
It's all good.
I'm currently in the process of encoding some AVI files to DVD. It's a time consuming process, even on a nice box. The other thing to consider is if the file will fit on a blank DVD after being encoded.
Some files which I have obtained, encode but don't fit on single layer DVD's that you buy. I'm wondering, along with the new blue laser type drives that will be appearing, will there be multi layer devices / media that will make encoding a lot easier?
I think that some of these new HD-DVD technologies will be using multi-layer, but I'll also guess that they will be expensive to buy. With all the different formats available, it's no wonder we get confused without doing the reading. I think I just need to put more effort in initially to examile files, how they have been encoded to AVI/MPEG and so what settings to use in various applications to get the output I want.
I'd prefer it if everything would just work though. It would save a lot of time for one thing. In the mean time, whilst I am waiting for this file to encode, I can be doing some reading and thus learning.
I've only just noticed, but MT-Blacklist v.162 is available. Development is coming along nicely still. There are now RSS feeds for changes to the master blacklist and also a number of 3rd party utilities for updating your blacklist, which should also become a lot easier and automatic with the release of MT-BL v2.0.
Head on over and get it.
As reported by Ben, Six Apart have released Movable Type v2.65.
Also see the notes on the up and coming 3.0 release, which will probably be available in early 2004. The 2.65 release is mainly a big fix release. Development of MT Pro looks set to move forward, bringing advanced features to people that want them.
Time to upgrade, soon!
For anyone that is interested in trying out Solaris 9 or 10 (currently Express, as it's beta) then check out this review. I've not read it yet, but I will do shortly. So once I do, I'll probably post my comments to let you know what I agree or disagree with.
Along with Solaris now being free for non commercial use, you might as well give it a go - real UNIX, for free.
I've known about this for a while but as Ben has pointed out, after reading an article on The Register, Sun are giving away copies of Solaris 9 for free, for non commercial use.
But, if you want to go one step further search for "Express" or go directly here and download the latest beta of Solaris 10, again for free. I don't think this has been really advertised, but anyway now you know!
I'd head on over and install it, get a Sunblade 1500 or something similar and install on that, rather than the x86 version! Stay true to the Solaris roots!
This is another little bit of annoying spyware that seems to be on the increase at the moment, being shipped with various programs and installed behind the scenes to help the application developer earn some extra money, via the use of N-Case.
Of course this is only going to cause problems to Windows users. It's really annoying when you're browsing away and windows pop up with ads in. In some cases these windows even appear when you are not even browsing.
I think we're only going to see more and more of this, so lets hope the AV vendors add these applications to their definitions. On the other hand you could always install another 3rd party application to search for these applications and remove them.
I've just read over at The Register that Sharman Networks, the creators of Kazaa have ordered sites distributing Kazaa Lite to stop doing so immediately.
This is obvoiusly down to the fact that there are no ads in the Lite version.
If if you can still download it, it may not work on the network correctly. I'd advise moving away from Kazaa if you use it as there are much better alternatives available.
I don't use Kazaa, mainly because of all the rubbish that comes with it. I simply use WinMX, Soulseek & DC++, file sharing problems, solved!
I just noticed the Google Deskbar, which is a nice little way of searching google by adding a search bar to the Windows Taskbar. It saves you having to have the toolbar running all of the time and sits tidy and out of the way!
It seems that the old BIOS from 1996 in my P120 box doesn't support booting from all of the CD's I have tried, even though the settings are okay. The CD is read, because I get a nice message saying the CD could not be booted. The message is from Sun, as I was going to install Solaris 10. I've not got the BIOS version handy as I'm in another room. It should boot fine.
Looks like I'll have to make a boot disk instead - annoying!
Just reading an article over at The Register about a new scheme that Sony has devised. I'm glad they understand that these systems are always quite easily beaten. Simply because like stated in the matrix:
"there is no action without consequence - cause and effect"
In this context it simply means create protection, it shall be broken. Reverse Engineering software can be as much fun and as much of a challenge as development in the first place!
I use a few different P2P applications on my Windows box. Most of them have the option of limiting outgoing bandwidth. In some cases people will abuse this and use silly values, so when you download from them it is too slow.
BitTorrent combats this by making the download rate proportional to the upload rate. The problem people like me face, on UK ADSL conections is that the applications that don't allow limiting of outgoing bandwidth can cause real problems when trying to do anything else when people are downloading from you.
For example, the DC++ client doesn't have upload limiting, although because the source is available you can add support on your own. There are also a few modified clients publically available which already have this functionality and more.
I suppose in one respect it is good that the functionality is not included, so people won't be restricting their upload speeds for no reason. But for a lot of people, this will be needed. I have 2 megabit downstream & 256k upstream. When running DC++ as an example, I could be uploading to 1 user at circa 30k/sec which is using all of my upstream bandwidth. Slow web browsing, slow anything!
Instead of using a modified DC++ client I decided to use an external program called Netlimiter, which is transparent. It appears to be working well. Now I can use DC Hubs with DC++ and not worry about it eating all the upstream bandwidth. In fact, you can limit any program & schedule certain times when they are limited.
Obviously there are other methods of restricting bandwidth use, via hardware - but for this kind of scenario, a simple application can do the trick.
I have a contention of 20:1, which is the contention I have with Demon on the Home Gateway (L2TP termination point). Currently BT are not contending anyone on their Permanent Virtual Connections, but once there are enough ADSL users to start causing issues on BT's ATM network, they will contend the PVC's as well. So in effect, we will be contended twice!
If we took away the voice factor, there would be room to increase upstream bandwidth & or downstream. I can get 230k/sec down at the moment, I'd like some more! But the problem is finding people that can deliver even this much upstream. Doesn't happen that often, unless you find people on leased lines with 1:1.
We'll see how it unfolds, in the future...
I've just noticed that Jay Allen has released version 1.5 of his MT-Blacklist. Amongst other things, updates include the new Search & Despam feature, but there are a lot of other changes, additions and fixes. So, if you run Movable Type and have an earlier version of the blacklist plugin or don't have it at all. You know what to do. I've just upgraded to 1.5, in a matter of a minute!
That's right! It seems that the Mandrake 9.2 install causes LG CDROM drives to stop working! I've not heard of a case like this before. There is some funny discussion on the matter taking place over at Slashdot. It seems that setting these drives up for packet writing causes them to die, in this case it is Mandrake that is initiating the configuration, but it could be other software.
The drives firmware is at fault. The manufacturer will have to replace drives that get killed. Maybe this might spark downloadable malware in future, which when burned to CD and inserted into your PC, it really does destroy your CDROM or other hardware by exploiting other firmware bugs.
Funny & quite interesting at the same time!
I've noticed that when rebuilding posts within Movable Type, MT will re-ping listed Trackbacks which will cause repeat pings on the destination links. I suppose you could call this spamming in a way, as it is filling up a post with duplicate pings. A good feature for future releases of MT or a plugin, would be to detect if a post has been pinged already and not to ping again, or not to ping after X amount of times.
I have noticed that I have 3 pings on some other blog posts, simply because I rebuilt my post for one reason or another. I'll have to remember to remove the links after an initial build so that the duplicates don't appear.
Of course, that is just me thinking of other people and their blogs :-)
UPDATE: 29/10/2003
It seems that the pings only repeat, when the authored on date or time is modified.
You may remember me discussing Andrew Orlowski's article on The Register about how Trackbacks are going to destroy Google. In my post you can read about the problem with Google indexing virtually blank pages, and how you can fix this on your blog quite easily via the use of robots.txt.
I was just looking over on the Six Log, which is the blog of Six Apart - the company behind Movable Type. Mena has posted about the Trackback issues and there are also a list of Trackbacks to this post from other blogs, mostly the opinion is Andrew's story is incorrectly blaming the innocent Trackback & MT for Google indexing them. Really, it is Google that indexes them, so if anyone Google is to blame - but since MT is making the blank pages, does that mean MT is responsible for making Google index almost blank pages?
There is an easy fix, in my opinion. Although, you would probably be better to stop using popup windows for your comments at least if you adopt my method so comments can still be indexed easily.
"MT-Blacklist comment denial: (phentermine|viagra|vig-?rx)[\w\-_.]*\.[a-z]{2,}"
That is an example taken from my activity log, it seems to be blocking spam comments nicely.
MT-BL is doing a god job. Well done to Jay Allen. It seems that the MT spam comments problem is now over for most MT users.
Stopping things before they happen is usually the best policy!
I've just installed Jay Allen's MT-Blacklist, version 1.0-beta. Easy install and pretty effective I think. Of course there is more work to be done but it already includes a lot of features & there is a huge list of domains already included on the blacklist, plus you can add your own words & domains too. I just added the word "Viagra" as a test then tried posting a comment with this word in, only to be promptly told:
"This comment could not be posted due to questionable content".
Take a look at my current blacklist, at the moment, I've only added one word to it, but you can easily add words and domains as needed.
If you run MT and have a problem with comment spam or don't want to have a problem, then I'd suggest checking it out!
UPDATE: 18/10/2003
Some bugs have been fixed and will be part of the upcoming 1.1 release. You can of course fix a few problems with the blacklist in advance, just follow the instructions.
UPDATE: 30/10/2003
Version 1.5 has now been released.
Due to the code leak, it looks like the release will be delayed now, through to next year, according to a story on The Register. As I previously discussed, it seems that only a 3rd of the code was actually leaked so the impact may be even less that what was originally thought.
One wonders how things like this can happen, but usually if it could, at some point it will. There is a lot of talk about this at the moment, especially about how it will cause problems for Valve Software. If the code was stolen by someone from one of the development machines at Valve, it makes you wonder why they would have this code sitting on a box which in one way or another is net connected. The best thing to do would be to keep these machines away from the network, just having a firewall installed usually isn't going to be good enough as a network or system is only as secure as its weakest point.
The fact that the code is now out there in the wild, no matter how it was obtained, is a different concept entirely. Some people are talking about how others might use it to develop new games. Indeed, ideas could be used, but not actual code. For example, if the engine was used, there would be people that could notice which engine is being used straight away without an official license from Valve, so commercially I don't think the code leak will cause probems in that respect.
One of the main issues with this leak, will be relating to cheating in multi-player games. The code is all over the place now, there are even Bittorrents of it. We shall see how this unfolds... will the culprit(s) be caught?
It looks like Yahoo is following behind Microsoft, they must have realised they can license out access as well and make some money too!
Not a problem if you use the offical clients, but if you're used to using an all in one application like Trillian, it's a bit annoying.
We'll have to wait and see how it unfolds, who is going to pay for licenses or not?
UPDATE: 01/10/2003
3rd party clients are reconnecting!
I'm just trying out Zempt. It is a Windows application that will alow you to post to your MT blog without logging into the web interface on your site. Easy to install and configure and with plenty of features. All of what you can do on the web interface and a lot more. For example, what's currently playing on your PC can be entered into blog entries etc.
It is much like some of the applications you can get to allow the creation of auctions on Ebay and such without going to the site.
Pretty good! Yes, this post was made with Zempt v0.3
I wonder if there will be versions developed for other operating systems?
Since it is meant to be "Multi Platform".
As you may have already seen (should have done by now) A new bug has been discovered affecting versions 1.2.9rc2 through to 1.2.7 but earlier versions may also be vulnerable. See the ISS X-Force advisory here. For the moment at least, it seems there is a ping pong type game going on, bouncing between various popular server daemons, announcing new critical vulnerabilities. Lets hope these discoveries comfirms more code auditing is taking place to find and remove similar problems that may have not been detected yet. Lets hope it continues!
I just noticed on exiting Lynx, that I'm presented with the message "Do you really want to exit Links?" Never noticed that before, Lynx or Links?
[jasun@lab bin]$ ls -la lynx
lrwxrwxrwx 1 root root 5 Apr 8 18:13 lynx -> links
I've not noticed that before, thanks to Ben for pointing it out. Must be officially Links, but we all know it as Lynx.
I'm just testing posting via Lynx at the moment. I'm not so much interested in doing an entire post operation via Lynx, just testing to see if I can build pages okay. It should work, I hope so as it will save me some time when I want to make a new post as I still have not figured out why page builds stop on my other box (Windows 2000) heh. No matter what browser I use, it stops! Wierd! Anyway, read my previous post about this here.
Turns out, I can write entries etc, just not build the pages, Lynx doesn't understand that bit! Well, it seems that Internet Security was to blame on the Windows box, it stops stuff like referrer being sent out, so it was obviously doing something to stop the rebuilds working! Sorted!
Ah I remember the days when I used to play this, then Doom 2, Quake, Quake 2 etc... We've come along way since then but, in some ways the older games are the best! I've still got my Commodore Amiga 1200 & Spectrum. I probably won't start playing the spectrum games any time soon, but some of them on the Amiga I think I'll have to play soon - Cannon Fodder, Lemmings, Jaxuar XJ220 etc or find some good emulators to allow playing them on the PC. Otherwise I'll have to locate the PC versions!
What would be good would be to see updated versions of some of these games released, much like with Doom.. after all this time. Another one: Chase HQ on the Sega. Classic games like these will always be played, but I'd like to see some of them updated too!
Or what about Treasure Island on the Spectrum?! The Spectrum was my first proper computer, followed by the Amiga then onto PC. Although I did have some of those very old and simple arcade systems, they are to the XBOX/PS2 what the Spectrum is to the PC today I suppose! So along the way I was going down the road of the consoles too. At the moment I've got the PS2 & XBOX, but prefer the XBOX as you can do a lot more with it than just play games, without even making a physical modification.
What made me think about all this was me reading a story about Quake 3 on the Gamespy site. This game is well over due for many, but I'm sure it will be worth the wait, it looks great, but how will it play?
This new release fixes multiple bugs in the new PAM code, which are in addition to the other recent Buffer Management Bugs. As I previously posted about this issue, I was expecting this new release to come shortly & as always, the OpenBSD/OpenSSH team have not waited around. Like I already stated this issue does not affect OpenSSH on OpenBSD - only the portable versions 3.7p & 3.7.1p1 are vulnerable. View the advisory here, either upgrade or disable PAM support.
I thought it was just Internet Explorer playing up on my Windows box when I was talking about Movable Type page builds stopping, but it seems not. I've tried in Opera as well but to no avail. Strange, I'll have to have a think what might have caused this to happen, works fine on other machines.
Whispers of a new OpenSSH bug have been floating around & today an updated OpenSSH version, 3.7 has been released. The bug is affecting all versions prior to 3.7, so if you run OpenSSH on your OpenBSD boxen or a portable version on another OS, then upgrade or apply the patch.
Even though it's a bit up in the air regarding remote / local root exploitation at the moment, there are people stating they have copies of a private exploit which works.
Anyway, as we all know - Bugs (security releated or not) can be trouble and should be ironed out when possible.
minerva# ssh -V
OpenSSH_3.7, SSH protocols 1.5/2.0, OpenSSL 0.9.7-beta3 30 Jul 2002
UPDATE: OpenSSH 3.7.1 has been released, which fixes more bugs similar to the initial Buffer Management Bug. Again, upgrade or apply the patch (< = v3.6.1). If you're running 3.7, upgrade & if you're running old code also, you'd probably be advised to upgrade to 3.7.1.
minerva# ssh -V
OpenSSH_3.7.1, SSH protocols 1.5/2.0, OpenSSL 0.9.7-beta3 30 Jul 2002
It seems that MT was not at fault, I.E was on the PC I was using. For some reason, when trying to make a new post or rebuild pages, it was simply stopping at "Rebuilding new entry..." etc.
Strange!
A reboot should sort it...
Interesting idea and Ben has done some work on getting tos mobile to MT gateway working to his desire. I think I'll have to get this functionality added to mine along with better design and other things...I'm going to get it sorted soon!
Sigh!
Ghost 2003 is pretty handy when you want to create a complete replica image of a drive onto another drive, CD etc. However, there are a few things to remember. For example, when Ghosting Windows boxes, you'll obviously need to change things like the SID, Computer name, IP address (unless using DHCP) and other things which need to be unique to each box, unless this is a backup of the current system. The same applies to Linux and all other OS's.
Straight off though, Windows should boot on a new drive after being ghosted. Linux on the other hand, when using the Grub Boot Loader, will not (stops at the GRUB promt) What needs to be done? Well, you could see what Symantec say about it, but their instructions are not entirely correct.
How did I do it? Firstly I booted the box off the Red Hat 8 install cd (using 8 on this system), then at the prompt type "linux rescue". After choosing language / keyboard layout, you you are asked if you would like to mount the system partition, choose yes and it will be mounted as "/mnt/sysimage". You will then be dropped to a shell, type "grub" and you'll now be at the "grub>" prompt. Type "root (hd0,0)" which should be fine for most systems. Then type "setup (hd0)" which will re-write the Master Boot Record. Now simply type "quit" & reboot the system.
If damage to the cavalry is minimal, your system should now boot using the new drive!
There are some nifty things you can do with apache modules to allow you to do a whole bunch of stuff! Check out Ben's blog for something to stop the b/w leechers.