Friday, December 02, 2011

Prof David H Phillips' valedictory lecture

Yesterday I went to the valedictory lecture by Prof David H Phillips, his swan song after thirty years of service before heading off to Kings College. It was a great lecture full of wit and humour and reminded me of how important environmental factors are in the cause of cancer. Obesity alone causes huge increases in risk (50-100%) of developing a large range of cancers (http://www.nature.com/nrc/journal/v4/n8/abs/nrc1408.html). He ended with a group sign song of "When The Music's Over" by The Doors! Obviously a class chap and I feel honoured that I have done bits of work with him over the years. Just a shame that the institute doesn't value preventive cancer research any more.

Thursday, December 01, 2011

Hacked

So I thought I had solved the problem with my mail server sending out spam messages by closing it as an open relay, but no the spam kept on pouring out.  I spent ages trying to work out where on earth it was coming from and eventually decided to look at the apache logs.  From there is was clear that a file called sm5so7.php was accessed every time a mail got sent out.  It turns out that there was a nasty exploit in zenphoto the gallery software that I run on the server.  More information can be found here:
  • http://www.zenphoto.org/news/alert-security-hole-in-zenphoto-1.4.1.4
  • http://www.zenphoto.org/news/security-alert-part-2
  • http://www.zenphoto.org/support/topic.php?id=9951#post-58366
So for now I have shutdown the webserver and the junk mails have stopped streaming out.  Now I have just got to find the time to sort out the mess.  It doesn't look like a root exploit so it should be just the web stuff I have to clean up.


Wednesday, November 30, 2011

Home server being used as an open rely

My email account got locked today because my home server was being using as an open rely so the spammers could send mail at will from brewer.me.uk. It looks like it started at Nov 28 15:33:49 and the account got locked at Nov 30 04:20:40, with a total of 5109 spam mails being sent. Doh!

What I can't understand is why my router was allowing access to the mail server i.e. port forwarding port 25. I have a vague feeling that it was another half completed project that I was playing around with years ago.

Anyway, firewall is working correctly and the mail server is configured a bit better now.  These are the changes I made to my postfix configuration file (main.cf):

smtpd_client_restrictions = permit_mynetworks, reject

smtpd_helo_restrictions = reject_invalid_helo_hostname, reject_non_fqdn_helo_hostname, reject_unknown_helo_hostname 

smtpd_sender_restrictions = reject_unknown_sender_domain 

smtpd_recipient_restrictions = permit_mynetworks, reject_invalid_hostname, reject_unknown_recipient_domain, reject_unauth_destination, reject_rbl_client sbl.spamhaus.org

smtpd_data_restrictions = reject_unauth_pipelining

One and one were very quick to unlock the account.

Tuesday, September 20, 2011

Fuse4X – The Easiest and Fastest Way to Create File Systems for Mac OS X

Fork me on GitHub

Fuse4X allows you to extend Mac OS X's native file handling capabilities via 3rd-party file systems. It can be used as a software building block other products.

As a user, installing the Fuse4X software package will let you use any 3rd-party file system written atop Fuse4X.

As a developer, you can use the Fuse4X SDK to write numerous types of new file systems as regular user-mode programs. The content of these file systems can come from anywhere: from the local disk, from across the network, from memory, or any other combination of sources. Writing a file system using Fuse4X is orders of magnitude easier and quicker than the traditional approach of writing in-kernel file systems. Since Fuse4X file systems are regular applications (as opposed to kernel extensions), you have just as much flexibility and choice in programming tools, debuggers, and libraries as you have if you were developing standard Mac OS X applications.

In more technical terms, Fuse4X implements a mechanism that makes it possible to implement a fully functional file system in a user-space program on Mac OS X (10.5 and above). It provides API compatible with the FUSE (File-system in USEr space) API that originated on Linux. Therefore, many existing FUSE file systems become readily usable on Mac OS X.

The Fuse4X software consists of a kernel extension and various user-space libraries and tools. It comes with C-based and Objective-C based SDKs. If you prefer another language (say, Python or Java), you should be able to create file systems in those languages after you install the relevant language bindings yourself.

  • Report about a Problem
  • An updated and maintained version of the outdated MacFuse

    Posted via email from danbrewer's posterous

    Monday, August 08, 2011

    Tuesday, June 28, 2011

    The Always Up-to-Date Guide to Managing Your Facebook Privacy

    Media_httpfastcachega_kfgjk

    A very useful page by lifehacker that is an up to date guide on all of facebook's privacy settings.

    Posted via email from danbrewer's posterous

    Basics of Photography: The Complete Guide

    Media_httpfastcachega_cdybh

    This looks really interesting. I've only read one of the articles but it was really useful.

    Posted via email from danbrewer's posterous

    Friday, June 17, 2011

    Digital Camera Buying Resources

    My current camera, a Fijifilm F200EXR, died a death this week. This is the second time it has needed repair in the last year and so rather than pay the costly charge to get it repaired, I decided to purchase a new one.  I used to rate Fujifilm very highly, but they have let me down once too often.  The huge plethora of cameras that are available makes the task of choosing the ideal camera incredibly difficult, but there are resources out there that will help.  Here I have recorded some of the most useful

    Comparison tools and detailed specifications
    • snapsort A simply amazing site that allows you to look at the specifications of the cameras in detail and highlights where they are weak or string.  It is particularly good for comparing cameras and showing what other cameras are competitors. Invaluable.  It also recommends the best camera at a particular price according to their calculations.
    • Digital Camera Shutter Lag Comparison Table
    Great review sites
      Recommendation lists
      Outcome
      The two main criteria for the new camera was that it had to be good in low light conditions and it could film reasonable films.  In the end I decide that Canon and its newer "HS" (High Sensitivity) cameras were the way forward as they have amazing performance in low light conditions.  The two I looked at, the Ixus 115 HS and Ixus 220 HS, are equipped with a fast 12.1-megapixel CMOS image sensor, Canon DIGIC 4 processor, a new 1080p full HD video mode.  They are very similar, with the more expensive 220 HS being smaller, with a bit better lens, a 5x zoom instead of 4x, but a smaller LCD screen.  After much debate I plumped for the cheaper Ixus 115 HS as it was less of a risk on a new brand and there is £20 rebate offered at the moment.  Other cameras that we seriously considered:

      Monday, June 06, 2011

      Password Haystacks: How Well Hidden is Your Needle?  

      Haystack Logo
      ... and how well hidden is YOUR needle?
      This is an interesting idea from Steve Gibson on how to make secure and easy to remember passwords. There are two parts:
      1. Length is the most important ingredient, so pad a memorable password to a long length with some sort of padding character e.g. dog..........., <<dog>>>>>>>>>, !!!dog_cat!!!! (make sure you use your own style of padding)
      2. Make sure that there is at least one character of each of the following: upper-case letter, lower-case letter, number and special character (!, ., * etc.) e.g. !D0g......

      Facebook Status RSS feed: How to find it, and what to do with it

      Media_httpwwwannedork_hldgk

      Handy for how to get the facebook status RSS feed rather than anything else.

      Posted via email from danbrewer's posterous

      Wednesday, April 13, 2011

      R: Make sure command output is piped to sink()

      In an R script when using sink() to output the results of commands to a file you will often get a blank file whereas if you copy and paste the same command into the R shell it will work fine. There are two ways round this:
      1. Wrap all commands with the print() fucntion
      2. When sourcing the file make sure that echo is set to TRUE i.e. source("input.r", echo=TRUE)

      RStudio

      Media_httpwwwrstudioo_qadsh

      "RStudio™ is a new integrated development environment (IDE) for R. RStudio combines an intuitive user interface with powerful coding tools to help you get the most out of R."

      This is free and pretty great really. It does need some work though, especially making sure history and sessions are saved on a folder by folder basis and some vi key bindings would be nice.

      Posted via email from danbrewer's posterous

      Tuesday, April 12, 2011

      Homebrew

      Homebrew

      The missing package manager for OS X

      Homebrew is a smart alternative to macports and fink that attempts to use the libraries already in OS X where ever possible, so doesn't install a load of stuff you don't need. It seems to have all the unix type stuff I want so I am giving it a go.

      Posted via email from danbrewer's posterous

      TimeTracker - Monitor what files have been backed up in each time machine image

      TimeTracker

      TimeTracker is a quick-and-dirty application that displays the contents of your Time Machine backups, and shows what's changed since the previous backup. TimeTracker is in an extremely early state, and is as such very unpolished (for example, it doesn't yet have an icon).

      Posted via email from danbrewer's posterous

      CyanogenMod 7 Brings Gingerbread, SMS Gestures, and Built-In Overclocking to Android

      Media_httpfastcachega_bznuw

      Works with Orange San Francisco too.

      Posted via email from danbrewer's posterous

      Thursday, March 31, 2011

      Nokia C1-01 budget voicephone

      Media_httpregmediacou_newec

      This looks like an amazing well-featured phone for a budget price. No 3G, but it is a half-decent MP3 player and syncs your contacts with Google.

      Posted via email from danbrewer's posterous

      Thursday, February 03, 2011

      The Five Best Open Source Calendar Servers for Linux | Linux.com

      Finding Linux-based calendar clients, like Evolution or Mozilla Lightning, is easy — but what about the server-side software? You'll find some great calendar servers for Linux, if you know where to look. From light-weight to heavy duty, Cosmo to Darwin, we've picked five of the best open source calendar servers for Linux for you to try.

      Posted via email from danbrewer's posterous