Logging your FTP transfers to xferlog with ProFTPd is a nice thing. This can easily be done by a one-liner in /etc/proftpd/proftpd.conf:
TransferLog /var/log/proftpd/xferlog
This generates a nice transfer log which we could then parse for transfer statistics. But there is a much better way to accomplish this: MySQL. Let’s use MySQL for everything!
It’s pretty straightforwarded to get ProFTPd to log into a MySQL table.
A webserver usually is the primary target to intrude into any network. If you provide web hosting services for your customers you have to provide them with a lot of features to make them happy. The main requirement for any hosting provider is PHP, probably the widest spread web scripting language out there.
Some customers only start to get happy if you give them PHP without any safe_mode restrictions, if you provide them with custom CGI scripting next to the basic good old SSI features (which in my eyes no one really needs since we got PHP) by Apache HTTP Server, if you give them FTP access and let them manage their account by themselves.
In every feature there is always a hidden security risk. We cannot give all this to our customers without thinking about security and its consequences if a user gets hold of data which does not belong to himself or even breaks into the whole system. So, let’s start at the basics: No customer should be able to see any other running processes on the system except the ones that belong to himself. We want to hide all processes that the given customer is not allowed to see. That’s process hiding. And because on a Linux box it’s always smart to implement something from bottom up, we name it kernel based.
There is no simple solution for this problem. Some rootkits simply overwrite the ‘ps’ command. But we want something more trustworthy, somehow deeper anchored in the system (got that?). The only kernel patch I found was the one from RSBAC.org (Rule Set Based Access Control), a full blown kernel security patch. The only feature we actually need is “CAP process hiding”.
Finally I managed to totally redesign iezzi.ch. I gave up on my own site design which was on the net since January 2004. At that time I was already using WordPress as backend to manage my content. But as it got cluttered up so heavily by my own source code modifications it was nearly impossible to ever upgrade it. Also, iezzi.ch was not really a weblog. I somehow abused WordPress as a CMS and did not use any of it’s blogging capabilities. Its content has not been updated for years.
Starting with this redesign I would like to get again more active and publish some technical articles in the near future. You will find a lot about Linux system management and PHP programming coming up here. Also I would like to keep this site as my personal homepage like the first days on the net. Whether it’s silly or not, everybody needs his personal homepage.
My picture gallery and guestbook got separated from this site. As soon as I find some time I am going to integrate them again smoother.
Enjoy!
This tutorial tries to show you how to setup a wonderful quiet fanless system.
I’ve bought a LEX NEO, a terribly nice Mini-ITX fanless barebone which includes an onboard bootable CF-card slot.
Thomas Bocek (nope.ch) helped me out with the following configuration.
The idea was:
We decided to install Debian Linux by USB-install, using a USB-stick instead of running some PXE network install which seems to be far more complicated.
Here’s a short HOWTO (for more detailed instructions, please check Debian USB memory stick booting:
Download boot.img.gz (7.9 MB). Also, download the official netinst image (108 MB). If you can’t find it, check http://www.debian.org/CD/netinst/ and download the stable i386 version.
Rsync is a command line utility traditionally used in synchronizing files between two computers over the network, but rsync can also be used as an effective backup tool.
This article explains how to use rsync to backup your whole Linux system setup to a second drive attached to your system. You can use a removable drive, such as an external USB hard drive, so that you can store the backups in a safe place away from your working environment.
Hola todos!
El 2 de noviembre me voy a América del sur por un viaje de 3 meses. Viajaré por Ecuador, Perú, y Bolivia.
No será posible contestar a todos vuestros emails. Si encuentro tiempo y una conexión internet, voy a publicar los fotos en la gallery.
Hasta luego!
Soon, I’m leaving for my South America trip. On 2nd of november I’m flying over to Quito/Ecuador and will be travelling around for 3 months in Ecuador, Peru, and Bolivia.
I probably won’t be able to answer all your mail. If I find some time and some internet connection, I’m going to upload my pictures to the gallery.
take care and see you soon!
Finally I released them all…
The sourcecode of those projects has been made available to public. www.phpee.com is now based on coWiki, a nice Wiki which helps me maintain all project information and documentation.
There is a separate project site for Sourdough: sourdough.phpee.com. Downloads are now hosted by Sourceforge.net and CVS is viewable as a webtree on cvs.phpee.com.
I’d just like to publish this small kernel compilation HOWTO’s that I once wrote and used by myself each time compiling a new kernel.
They are just quick and dirty HOWTO’s that cover the commands used to compile a kernel, nothing more than that. But I’m sure someone might find them useful.
Kernel compiling is easy! Don’t be afraid of it. Just be careful when configuring your bootloader, e.g. LILO – first think and then act, especially if you’re compiling a new kernel on a remote host where you haven’t got any physical access.
If you wish further information about kernel compilation under Debian, consult this wonderful tutorial:
http://newbiedoc.sourceforge.net/system/kernel-pkg.html
again, to make it short, really really short, here’s what to do under Debian:
$> cd /usr/src $> dpkg -i kernel-source-2.4.xx_2.4.xx_all.deb $> tar -jxf kernel-source-2.4.xx.tar.bz2 $> ln -s kernel-source-2.4.xx linux $> cd linux $> make menuconfig $> make-kpkg clean kernel_image $> cd .. $> dpkg -i kernel-image-2.4.xx_10.00.Custom_i386.deb $> lilo
Good luck and happy compiling!
Finally I did some testing on those scripts and now they should work. You should be able to import all data from any Phorum 3.4.x version but I strongly recommend to first update to 3.4.6.
Both scripts have been tested on an import from Phorum 3.4.6 to phpBB 2.0.6c.
The main update script (phorum2phpbb.php.txt) has been taken from the i18n/Converters forum of phpBB and slightly modified while the user import script (phorum2phpbb_users.php.txt) has been written by myself.
Check my post on phpBB:
http://www.phpbb.com/phpBB/viewtopic.php?p=860473&highlight=#860473
HOWTO:
…Yet Another Browser Detector
First I thought about calling this script ‘ExtrAgent’, then I thought, hey,
there’s a whole bunch of other browser detection scripts around, so actually
it’s just yet another browser detector!
I have just updated this code and replaced the old function with the new class Sd_Yabd. It takes part of my upcoming PHP framework “Sourdough” which will be released in april/may 2004.
To get the filesize of a file that isn’t located on your own server is not such
an easy thing! There’s this nice function in PHP to get the size of your files,
filesize() – but it just works for local files.
This workaround should work. – kinda slow, as you need to make a connection to the
remote host, but that’s probably the only way to do it:
WP Cumulus Flash tag cloud by Roy Tanck and Luke Morton requires Flash Player 9 or better.
