This nifty little script allows you to monitor log files for instances of brute forcing as well as popular exploits that show up in your server logs files. Anyone that has many servers should check this out.

BFD (Brute Force Detector) Home Page

There is also a nice little write up of how to implement BFD without AFP and some extended rules.

BFD rules for Jag servers

If you're using Exim4 and PHP as a module or as a CGI with suexec. You may have noticed some issues with your mail. Specifically you would have noticed that either the "From:" header was using "nobody@machinename" or "user@machine name, its also possibly that you had an additional header called "Sender:".

There are two things you need to do to fix this. You first need to make sure that your "php.ini" has the following value "sendmail_path = /usr/sbin/sendmail -t -i". Which is the default, double check this variable as it might be set to something else.

AutoMySQLBackup is a shell script that allows daily, weekly and monthly backups of your local and remote MySQL Databases. It's meant to run on Linux/Unix through a cron job. Its highly configurable, and easy to setup as I will show you today!

First you will need to acquire the shell script and drop it on your server. You can download AutoMySQLBackup on their SourceForge Project Page

I work up to a very big announcement today. I was browsing digg and found that MySQL was acquired by Sun Microsystems. You can read more about the acquisition on the MySQL blog of Kaj Arno about the acquisition of MySQL by Sun Microsystems. My take, with Sun releasing Solaris into the Open Source realm, this is just another piece of software that they can put under their belt and package with Solaris. I have included some blurbs from Kaj Arno's blog below.

XCache is an opcode cacher for PHP developed by the Lighttpd team. The full description directly from http://xcache.lighttpd.net/

I always thought there was something really strange about the WHOIS searches done at Registrars. Specifically the searches would have to be done on their website, a normal "whois" lookup through Linux wouldn't show up registered the next day.

A story is developing regarding domain name registrar Network Solutions front running domains. According to multiple sources on DomainState.com, it appears that domains searched via NSI are being purchased by the registrar thereby preventing a registrant from purchasing it at any other registrar other than NSI. As an example, a random domain which DNN searches such as HowDoesThisDomainTasteTaste.com can be seen in this whois search to now be unavailable to register at other registrars but at NSI it can be purchased

Full article at domainnamenews.com

So lets say you have a server with a bunch of users and they all have sites and data and you don't want them to be able to see each others data. A lot of distributions aren't setup to stop users from wandering and reading files within other users directories.

A Goverment Employee used an On Call IT service to perform a "seven level" format on his hard drive that possibly contained federal evidence.

Scott Bloch runs the Office of Special Counsel, an agency charged with protecting government whistleblowers and enforcing a ban on federal employees engaging in partisan political activity.

You can find the list of 100 of the first domain names ever registered at http://www.thelongestlistofthelongeststuffatthelongestdomainnameatlonglast.com

Which has the full list, and what rolls in at number one? Well its SYMBOLICS.COM!

You can check out the full list here.

I noticed quite a few of my visitors are finding my article about "MySQL Thread Caching and a Busy Site" article, looking for the http://www.ftatalk.com mirror. Heres the mirror http://www.satfix.net most of the articles on http://www.ftatalk.com are located on this site so just load it up, register and go.

Daniel J. Bernstein has stated he is releasing his future and previous work under the public domain. You can watch the video of his announcement here.

A New Zealand teenager was arrested and then freed of charges today for allegedly being the Leader of a Bot/Spybot network. The New Zealand E-crime unit arrested the teenager on suspicion of stealing over 9.7 Million Pounds from bank accounts around the world and breaking into an estimated 1.3 Million computers. The full quote from the Guardian..

The many governments around the world are facing a growing concern as the internet gains more popularity and becomes more accessible. You need to provide information or access to services or devices to many different locations across your country or the world, and the only way to do this is through private networks and the internet.

There is an interesting article posted on downloadsquad.com titled "Google removes thousands of malware sites". Google has purged its index of suspected sites that propagate malware to anyone that unsuspectingly visits one of the sites in question.

I know everyone is loving the new Asus Eee PC and they should, its a wonderful device. But if you want to go even smaller you can take a look at Aleutia E1 it only takes 8 watts of power and can be charged using solar power. Definitely for the out and out and about type traveler that needs a small computer that can be charged easily, combined with a sattlite phone for data and you have all that you need in a remote location.

Those pesky little compatible stickers on all of the machines at work and your laptop can finally be removed. Coming to a install Linux Distribution PC near you, Vista Incapable stickers!

I am definitely going to to print these out and paste them all over the PC's I own and even the ones I don't :D

The popular site Digg is know all over the globe, a site that allows user submissions of articles on the web. Once "Dugg" other users can vote for the articles they like, as the amount of votes rise the articles are put onto the front page of digg. Lots of sites have followed took this idea and based the their site on specific content as well as media.
Google is now providing the same type of idea, allow you to add, move or remove search results.

As the title states, a Senior Security Consultant by the name of Nick Breese is using a PS3 to crack MD5 hashes. Aside from this article incorrectly stating that the security expert is stealing passwords, as of now he has only shown how fast the machines can process MD5 hashes. This is just a small glimpse of what the software and hardware can do, the article compares how many cycles can be completed using Vector Computing:

An article written by Richard Koman from newsfactor.com talks about the performance increases that everyone will see once SP3 for Windows XP is released. The company Devil Mountain Software, has recently done tests on Windows Vista in regards to the up-coming release of SP1. The testing concluded:

"The hoped-for performance fixes that Microsoft has been hinting at never materialized," the testers reported. "Vista + SP1 is no faster" than out-of-the-box Vista, they said.

Theres a feature on Lifehacker about a free piece of software called DriveImage XML, that provides backups and images of your Windows Based Hard Drive. The software has four different functions that you can use to backup/image your hard drive:

I was setting up a bunch of monitoring at work as we hadn't have that much implemented. I ran into this application in a random fashion. Sys Junction is an application that graphs out syslog data from Cisco PIX firewalls.

I stumbled upon a little application called "evtsys" that was created by some Computer Engineering folks at Purdue University. The program runs on Microsft Windows 2000/2003/Vista 32-bit or 64-bit version and sends eventlog messages to a networked syslog server. You can then have syslog either print out the alert or write to a file.

I was wondering the web looking at random items, when I came along an article at http://www.worldwidecreations.com titled Stopping spam before the door with SpamCop and IPTables

Its a great article with a lot of information and code on how the author is able to grab the offending hosts and place them within IPTables.

After searching for some time on an easy way to protect an internal wiki. I found the following article useful. It goes in-depth into what you would need to change on a base MediaWiki configuration to only allow registered users to see the content within the Wiki. After following all the steps I know am able to login to my private Wiki over SSL! Thus allowing me to keep all my private and important notes online!

If you don't know about Thunderbird, then you've been living under a rock. Its a small, lightweight, Email application provided free by the Mozilla foundation. I was looking around for Thunderbird add-ons this evening and found a couple that I found to be a "Must Have" for anyone that uses Thunderbird as their primary email client. I'll list them off in no particular order:

Enigmail - OpenPGP message encryption and authentication for Thunderbird and Seamonkey.

Heres an article that helped me with an issue over at a friends site http://www.ftatalk.com
Their site was exploding and they need to tune out the current server as much as possible. One thing that I noticed was that MySQL wasn't tuned properly. So After making some changes and finding out that there was no thread caching, I searched the web and found this article.

Wow, it's been a busy week. I was totally swamped for several days dealing with the remember.yahoo.com MySQL servers and related stuff. And then I used a day or two to recover (sleep, shower, etc).
Anyway, I made some interesting discoveries along the way. The most surprising one had to do with thread caching on Linux when you have a busy MySQL server--busy in a particular way, mind you.

Read the full article at jeremy.zawodny.com

***UPDATE*** I have moved ftatalk.com over to lighttpd and its doing wonders! You can also check out the ftatalk.com mirror at http://www.satfix.net
I will also be writing an article about lighttpd and how it can help you get the most out of your hardware.

I was looking for a solution to backup three of my linux machines that I have running this site and many others. After searching for some time, I didn't actually need to go with a company. I found a friend that provided me some space. During this time I did find out some useful information.

Running out of space to place all those Applications you've downloaded and tried out on your iPhone or iPod Touch. Instead of using the small OS Partition which is where all the applications are saved, you can use the Media partition instead and continue on the installing spree.

PC World reviews the newest release of Apple's Max OSX version 10.5 codenamed "Leopard". In this review "Edward Mendelson" states one big remark.

"First: despite minor problems, it's by far the best operating system ever written for the vast majority of consumers, with dozens of new features that have real practical value—like truly automated backups, preview images in folders, and notes and to-do lists integrated into the mail program".

I have only played with Leopard in the last few days and seen it in action on a co-workers laptop, and I'm starting to thing more and more about purchasing a Macbook Pro!

Have you ever wanted an easy way to view all of your folders sizes, without have to Right Click and select Properties on each one. This application integrates with Explorer in Windows and provides a column that shows the folders size on disk. This is very useful if you're trying to find where a big file or if you're trying to free up disk space. An excellent download and a must need for System Administrators/Power users.