Friday, August 03, 2012

Blog test to Google+

This is just a a test to see whether blog posts will appear in my Google+.  If yes, then I might start using Blogger a bit more than I have recently!

Friday, December 02, 2011

Prof David H Phillips' valedictory lecture

Yesterday I went to the valedictory lecture by Prof David H Phillips, his swan song after thirty years of service before heading off to Kings College. It was a great lecture full of wit and humour and reminded me of how important environmental factors are in the cause of cancer. Obesity alone causes huge increases in risk (50-100%) of developing a large range of cancers (http://www.nature.com/nrc/journal/v4/n8/abs/nrc1408.html). He ended with a group sign song of "When The Music's Over" by The Doors! Obviously a class chap and I feel honoured that I have done bits of work with him over the years. Just a shame that the institute doesn't value preventive cancer research any more.

Thursday, December 01, 2011

Hacked

So I thought I had solved the problem with my mail server sending out spam messages by closing it as an open relay, but no the spam kept on pouring out.  I spent ages trying to work out where on earth it was coming from and eventually decided to look at the apache logs.  From there is was clear that a file called sm5so7.php was accessed every time a mail got sent out.  It turns out that there was a nasty exploit in zenphoto the gallery software that I run on the server.  More information can be found here:
  • http://www.zenphoto.org/news/alert-security-hole-in-zenphoto-1.4.1.4
  • http://www.zenphoto.org/news/security-alert-part-2
  • http://www.zenphoto.org/support/topic.php?id=9951#post-58366
So for now I have shutdown the webserver and the junk mails have stopped streaming out.  Now I have just got to find the time to sort out the mess.  It doesn't look like a root exploit so it should be just the web stuff I have to clean up.


Wednesday, November 30, 2011

Home server being used as an open rely

My email account got locked today because my home server was being using as an open rely so the spammers could send mail at will from brewer.me.uk. It looks like it started at Nov 28 15:33:49 and the account got locked at Nov 30 04:20:40, with a total of 5109 spam mails being sent. Doh!

What I can't understand is why my router was allowing access to the mail server i.e. port forwarding port 25. I have a vague feeling that it was another half completed project that I was playing around with years ago.

Anyway, firewall is working correctly and the mail server is configured a bit better now.  These are the changes I made to my postfix configuration file (main.cf):

smtpd_client_restrictions = permit_mynetworks, reject

smtpd_helo_restrictions = reject_invalid_helo_hostname, reject_non_fqdn_helo_hostname, reject_unknown_helo_hostname 

smtpd_sender_restrictions = reject_unknown_sender_domain 

smtpd_recipient_restrictions = permit_mynetworks, reject_invalid_hostname, reject_unknown_recipient_domain, reject_unauth_destination, reject_rbl_client sbl.spamhaus.org

smtpd_data_restrictions = reject_unauth_pipelining

One and one were very quick to unlock the account.

Tuesday, September 20, 2011

Fuse4X – The Easiest and Fastest Way to Create File Systems for Mac OS X

Fork me on GitHub

Fuse4X allows you to extend Mac OS X's native file handling capabilities via 3rd-party file systems. It can be used as a software building block other products.

As a user, installing the Fuse4X software package will let you use any 3rd-party file system written atop Fuse4X.

As a developer, you can use the Fuse4X SDK to write numerous types of new file systems as regular user-mode programs. The content of these file systems can come from anywhere: from the local disk, from across the network, from memory, or any other combination of sources. Writing a file system using Fuse4X is orders of magnitude easier and quicker than the traditional approach of writing in-kernel file systems. Since Fuse4X file systems are regular applications (as opposed to kernel extensions), you have just as much flexibility and choice in programming tools, debuggers, and libraries as you have if you were developing standard Mac OS X applications.

In more technical terms, Fuse4X implements a mechanism that makes it possible to implement a fully functional file system in a user-space program on Mac OS X (10.5 and above). It provides API compatible with the FUSE (File-system in USEr space) API that originated on Linux. Therefore, many existing FUSE file systems become readily usable on Mac OS X.

The Fuse4X software consists of a kernel extension and various user-space libraries and tools. It comes with C-based and Objective-C based SDKs. If you prefer another language (say, Python or Java), you should be able to create file systems in those languages after you install the relevant language bindings yourself.

  • Report about a Problem
  • An updated and maintained version of the outdated MacFuse

    Posted via email from danbrewer's posterous

    Monday, August 08, 2011

    Tuesday, June 28, 2011

    The Always Up-to-Date Guide to Managing Your Facebook Privacy

    Media_httpfastcachega_kfgjk

    A very useful page by lifehacker that is an up to date guide on all of facebook's privacy settings.

    Posted via email from danbrewer's posterous

    Basics of Photography: The Complete Guide

    Media_httpfastcachega_cdybh

    This looks really interesting. I've only read one of the articles but it was really useful.

    Posted via email from danbrewer's posterous