Switching to Lighttpd

Recently a lot of people seem to be switching from Apache to Lighttpd, which is a webserver that is said to be a lot faster, but even better it is said to have a constant low memory footprint.

I`m currently compiling lighttpd on my vserver (on which this blog runs), and I`ll switch to lighttpd – which should be as easy as setting some configurations for lighttpd to fit in with the current /var/www model I`m using and simply switching off Apache and switching on lighttpd.

I hope there won’t be a lot downtime.

Update Lighttpd and fastcgi don’t seem to really go together on my server configuration, so no lighttpd for a while :(.

Enter HashCash 3.0

A new anti-wordpress-spam release of Elliott Back: HashCash 3.0.

Basicly it uses md5, javascript and a bit of AJAX, which is very hard to force except when a spam bot executes the actual javascript.Basicaly it just keeps an “undecipherable” secret which in theory you’d need javascript to decode. The problem with that is that it takes some time to execute the javascript and hopefully will scare the spambot away.

The method isn’t intrusive (although it does require javascript to be turned on), and pretty effective.

Good work Elliot!

Back from Rome

I`m back indeed.

Rome is a great city.

Giolitti‘s ice-cream tastes great as does tazza d’oro‘s espresso.

Best building I visited was the pantheon. I like it more than the sixtian chapel, which is overrated in my humble opinion.

(Go Bernini! Boo Michelangolo)

Anyway, I could fill a few pages with my experiences, but I`m to lazy and too excited with my new toy: google reader!

Binary Multiples

Data size prefixes always have caused confusion.

How much is one MB?

Originally it’s 1024 kB, each kB is 1024B. This makes a total of 10243 bytes (1073741824).

Using 1024 instead of 1000 has its roots in the fact that computers usually work with blocks of 1024 bytes (210).

Other people stick to the SI and deem one MB 10003 bytes (1000000000).

To get rid of confusion binary multiples were introduced. One MiB = 10243, where one MB would be 10003.

Factor Name Symbol Factor Name Symbol
10001 Kilo k 10241 Kibi Ki
10002 Mega M 10242 Mebi Mi
10003 Giga G 10243 Gibi Gi
10004 Tera T 10244 Tebi Ti
10005 Peta P 10245 Pebi Pi
10006 Exa E 10246 Exbi Ei
10007 Zetta Z 10247 Zebi Zi
10008 Yotta Y 10248 Yobi Yi

When buying something one should take notice of this, because the difference between one GB and one GiB is 74MB (or 70 MiB).

With ever increasing storage capability there would be a time where one VendekaByte would be half of one VendebiByte. (Vendika = 1030)

Spam, spam and more spam

I noticed I had an enourmous amount of spam in my moderation queue.

The plugin I used to protect myself from spam wp-hashcash, seemed to have been mastered by spammers.

A download of the newest version did the trick.

If anyone experiences problems with posting comments, please mail me.

Update I: Seems some spam prevailed even over this version. I’d better get to making my own custom changes to wp-hashcsah.

Update II: I changed the secret codes in the plugin. And I broke it for a while. Either one of those could have resulted in the fortunate (hopefully not temporarilly) stop of spam.

Update III: According to Elliot Back, the creator of hashcash, the spammers bruteforce the secret value. Changing it usually is efficient enough to keep them at bay for a while. He’s working on a newer version which features bigger, thus harder to bruteforce values. I just hope they won’t suck my bandwidth too much.

Update IV: Unfortunately there seems to be a lot of computing power or a hack behind the breaking of the hashcash security -_-, I keep getting spam :-/

Strange pagerank

Google uses pagerank to give a site a ranking of importance. Pagerank is strange.

One thing to note is that pagerank is logarithmic-ish. A pagerank of 2 is a lot better than just the double of pagerank 1.

By far the most visited site on my server, this blog, has got a page rank of 3.

Other pages on my server which are visited sometimes like w-nz.com, board.w-nz.com have got a pagerank of 2.

What catched my attention is that the page xr12.com, which basicly is a filler containing a link to the xr12 wiki has got a pagerank of 5. This is the same pagerank as a big site like newgrounds!

Maybe google values xr12.com a lot because it is about one topic and is the only site about that topic and that is xr12.com, where this blog has got tons of links about practicly everything from very various sources.

Pagerank itself isn’t the sorting factor for google but rather the context, although pagerank still is an indicator. Maybe google values a few links which are very specific above tons of links about very different topics.

Opeth’s Ghost Reveries

Sweden’s OPETH and Jens Bogren have finished the recording and mixing of the group’s latest opus, “Ghost Reveries”. The album was mastered on Thursday (June 16) at the Cutting Room facilities in Stockholm. The total running time will be around 65 minutes.

The two released tracks, Ghost of Perdition and The Grand Conjuration sound promising.

The album will be for sale on my birthday :-), the 30th of August.

And they will perform it during their Europian tour, which I`ll visit on the 11th of September in the 013 in Tilburg.

I`m thrilled.

Linux Mount Security

With the linux Set UID Attribute you can let the owner of the file be the one the execute it when another user executes the file. This feature has traditionaly be used for system tools in linux which require root access to run but also must be able to be run my users.

It came to mind that a floppy with the ext2 filesystem could contain files of the root user with this Set UID Attribute set. Which theoraticly would allow anyone who is allowed to mount floppy’s or other media with an filesystem that supports this attribute to gain root access for a program.

On my system I got this entry in my /mnt/fstab, which allows an user to mount the floppy:

/dev/floppy/0 /mnt/floppy auto noauto,user 0 0

I made a simple C program which would show the contents of /etc/shadow, which contains the password hashes of the users, and chmodded it accordingly. (chmod = showshadow; chmod go+x showshadow; chmod u+rs showshadow)

I ran my program, and it seemed to work! The contents of the /etc/shadow file was streaming on my console.

Euforicly I went to another linux computer and tried the same trick.

darkshines@darkshines-one /mnt/floppy $ ./showshadow
bash: ./showshadow: Permission denied

Dissapointed but releived it seemed that linux had already some precaution against a root Set UID-ed executable.

I copied the contents of the folder whilest preserving permissions to another folder outside the /mnt/floppy and it all seemed to work again, although I couldn’t do it with a normal user account for I can’t preserve the owner when copying a file as a normal user.

I wondered how linux would secure it and tried to run the program while it was unchmodded.

darkshines@darkshines-one /mnt/floppy $ ./showshadow.unchmodded
bash: ./showshadow.unchmodded: Permission denied

The warning is from bash which can’t seem to execute the program. (note that it isn’t the program that can’t acces shadow) . After recompiling it on the floppy itself it seems that linux prevents any program to be executed in an user mounted folder.

I recon that that security precaution is a bit too strict. Although copying the file from the medium to a normal folder and then executing is still possible, I find it a bit strange that nothing of the user itself can be executed.

This could result in trouble when dealing with netmounts where one user can has a share on a server where he puts his files and can access only that mount for space on a terminal, when dealing with an user mount which would be required for security.

London Bombings

One thing that amazed me about the bombings is that the people didn’t panic, but remained calm.

Even though the people of London and the rest of England were hurt, they weren’t terrorized.

Although it might sound harsh, the terrorists have lost this fight: they gained nothing by these bombings.

Update: although it is s a bit inconvenient, this post is my 100th blog post. And currently the 100th comment has been made too.

Welcome to 213.133.112.101

When you read this, this page has been served from my virtual server.

This also means that luckily the whole web content transfer has been a success :-D.

Sadly things haven’t gone as smoothly with the qmail configuration for my mail accounts.

So please mail me to bas.westerbaan@gmail.com instead of my @w-nz.com acccount.

Even though the minor setback with the mail (which is giving me headaches), it has been rather fun to do. And I learned a lot. (like that putting a restriction on the amount of memory that php uses isn’t just to annoy the customer but just to safe the server from some terribly php scripts)

When everything is working fine I`ll post some more on setting up your own server.

I desperately need some sleep.

Update: seems that there are quite some bugs in the transfer after all: ftp which only recursed a certain amount of times; .htaccess files not being transfered; permissions changing; php sucking too much memory (again); not enough sleep 😛
But seems to be working right now