2006/06/29

Body Combat 28 Tracks

I have been searching for BC28 tracks for some time but can not get a full list. Yesterday, I came across a site that gave the name of all the tracks :

01 - Listen To Your heart - ColorBox / Trouble - Pink
02 - The Final Countdown - HeavyDance
03 - Come With Me (Hixxy Remix) - Special D
04 - Push It Again - Dj Lawless Vs Oliver Swab
05 - Hymn - Tina Cousins
06 - Hung Up - SBI
07 - Fight - KopyKatz
08 - Reach Out - Maximum
09 - Switch - Will Smith
10 - Because Of You - Kelly Clarkson

The best I love in BC 28 are track 1,3,5 and 7. I guess BC29 will be released in early August.

2006/06/28

client port number

I always have the concept that client ports are from 1024 up to 65535. This is not correct. Only Windows machines use starting client port number of 1024. All Unix/Linux flavours have client ports starting from 32768. I have tested this using tcpdump on a Linux box.

Another interesting name related to this is ephermeral port which can mean port assigned temporarily to client.

Just wonder if Windows and Unix/Linux machines are on the same network segment, are there any special requirements or conflicts on firewall to manage traffic in the outbound direction as they are using different port number ranges. I guess NOT.

2006/06/26

Error 404 web page

Browsers have ugly information pages presented to users for error 404 (Page Not Found). It is a good practice for webamsters to create their own 404 error handling page such that some basic information can be presented to visitors why the page are not found or they have mis-typed URLs spelling.

Mine is simple with a straight forward message, no graphic :

"Woops ... The page you request can not be found.
Please make sure you type the URLs with correct spelling. Good luck, friend...."

In Apache, the directive for this task in httpd.conf is in the line :

ErrorDocument 404 /errors/custom404.html

2006/06/23

low cost server co-location service

A data center offers 1/4 rack for server co-location services with 8 IP addresses and only charge HK$1,500 per month. I read carefully about the service level and spot this :

- 99.5% Uptime Guarantee:
- Proactive 24 X 7 monitoring system:
- Redundant power supplies:
- UPS Power Failure Backups:
- Multi Internet Backbones (Network Redundancy):

How can a data center only offer 99.5 % uptime guarantee.
This translates to 1.83 days or 44 hours in a year where service will not be available.

I can not accept such a service level.

2006/06/22

yum port number

I am not sure which port number yum rides on. This triggers me to conduct a netstat test while doing yum installing packages.

Great, it works on port 80. Users need not worry that they will not be able to update or install packages since all ISPs allow port 80 in the outgoing direction. The same applies to icq, instant messages over port 80 and there is no need to worrying about firewall blocking.

2006/06/17

L7 filter and bandwidth manager

Just when I think iptables is the most powerful tool in Linux, then comes L7 filter. The name itself is interesting and L7 means Layer 7, the application layer. With L7 filter, one can turn a Linux box into a bandwidth manager thereby offering QoS, priority and queuing of traffic. Commercial grade bandwidth manager costs at least HK$100k.

Since it works in the application layer, every single packet will be analyzed. It eats up significant resources. The CPU must be fast and there must be large memory to support L7.

2006/06/16

wisely crafted spam

The following is the content of a spam email :

-S''ensationall r'evoolution in m''edicine!
-E'n'l'a'r'g'e your p''e'n'i's up to 10 cm or up to 4 i'nches!
-It's h'e'r'b'a'l solution what hasn't side e'ffect, but has 100% g'uaranted results!
-Don't lose your chance and but know wihtout d'oubts, you will be i'mpressed with results!

Clisk here: http://golfarmour.com/

Looking at the words I highlighted in red, no doubt you will agree that this spam email can bypass keyword filter and get into the inbox of the recipient.

2006/06/15

Fedora Core 5


FC5 was released in late March 2006. The most distinctive feature compared with previous releases is that it has 64-bit OS version to support 64-bit CPU.

I found a nicely packed FC5 box package with a single DVD and a colorful installation manual selling at HK$80. I better buy it instead of spending serveral days to download the iso images from mirror sites and then burn four CD.

2006/06/12

2300 IP addresses of i-cable listed by real-time blacklists

I tried to access Senderbase network and performed a check on hkcable.com.hk. Surprisingly, Senderbase returned that over 2300 IP addresses of hkcable.com.hk were put in realtime blacklists. Some IP addresses have mail volume of 4.7 - 5.1. These IP addresses were connected to compromised machines which are either zombies or open proxies.

The impact of zombies or open proxies will be reduced significantly if an ISP can barred TCP port 25 in the outbound direction. This is a worrying trend and I really hope the ISP in question can take some positive actions to reduce email spams arising from compromised hosts.

2006/06/09

Copyright video found on Google Video

A couple of days ago, I accidentally found the 1-hr video of BC24., BC25 and BP 56 of Les Mills could be seen in Google Video. I called a man who had some official connection with Les Mills to take actions. Google was quick to respond and the copyright materials were removed promptly.

Why Google commit such a careless mistake ? The copyright owner could file a law suit and Google would be in trouble.

2006/06/05

Email Honeypot

I want to set up an email honeypot which seemed to act as an open relay to attract spammers. The trick is to allow all IP addresses from 1.aaa.bbb.ccc to 233.xxx.yyy.zzz to relay in the /etc/mail/access file. However, the emails queued which are deposited by spammers must not be delivered out. Hopefully, there are some easy to understand settings in sendmail.mc to accomplish this task. I also start a cron daemon to move the files in the default mail queue directory to other protected path. With a bit of luck, my email honeypot is successfully operational.

2006/06/03

Openwebmail 2.52

I am deeply attracted by the new features of web disk and personal calendar in Openwebmail 2.52 which I tried yesterday. Web disk can be used as a ftp account and I would say Openwebmail has successfully integrated email and ftp in a web client interface. My PIII-450 MHz server is running RH7.1 which is not compatible with Openwebmail 2.52. I need to migrate the whole hardware to P4 CPU and upgrade the OS to Fedora Core 4.

2006/06/02

Dovecot

I installed a mail server with Fedora Core 4. The MTA package was of course Sendmail. However, there was no pop or imap daemons associated with FC4.

According to some experienced FC users, dovecot should be used. I followed instructions from web links and do a "yum install dovecot". The installation was successful but dovecot failed to start with the error message :

Starting Dovecot Imap:Fatal:Can't use SSL certificate /etc/pki/dovecot/dovecot.pem;Permission denied


Wooo.. dovecot's default settings come with SSL certifcate. After changing ssl_enable = yes to no in /etc/dovecot.conf, dovecot started up successfully.

2006/06/01

巴士阿叔

這幾天如果你沒有聽過這兩句口頭禪「我有壓力,你有壓力,你做乜挑釁我呀?」和「未解決!」,恐怕你都不可以稱得上是八掛的香港人。