Author Archive | Ted Roche

What’s on your network?

This article in ZDNet points to flaws in Microsoft’s SMB file sharing systems (“Windows networking”) that are, unfortunately, faithfully reproduced in Samba:

See also:

This means that an old Samba server you have could be be misused as a vector for malware to get a foothold on systems where local Windows machines could get infected. Over the weekend, I went through and cleaned out, updated, reconfigured, or blocked access at some of my client sites.

I also took a long look at our in-house dev network for stuff that could be a problem and found a couple of issues:

– An old Western Digital NAS device was running an *ancient* version of Linux and Samba, and unfortunately is no longer being supported by the manufacturer (last update, 2012). In addition to basic SMB file serving, it supplied media streaming over various protocols and offered ftp (turned off). Despite being in fine shape, mechanically and electronically, I had to turn it off, because, even though the source code is available (yeah, GPL), cross-compiling and rebuilding an ARM 2.6 kernel and utilities into a modern version, and getting it to work on an unsupported device is more effort than I have time for.

– A couple of our networked printers shipped from the factory with all their protocols turned on, even if not configured nor active: SNMP, Web server,  SMB, FTP, tftp, LPD, Raw port, IPP, AirPrint, Web Services, Google Cloud Print, SMTP, mDNS and LLMNR, several of which I had to look up. Surely, there could be no flaws there! And, to boot, two of them were running older versions of firmware, also worth updating.

I am a strong skeptic of the IOT marketing that drops devices into your home/office network that communicate with “the cloud” and can be run from your cellphones, or likely anyone else’s. Unlike PCs with firewalls, intrusion detection, malware scanners and intentionally secure devices like routers, IOT devices are trying to “Just Work” and security might not be in mind.

I knew this was the case for things like “Smart” TVs and voice-recognition devices, but it hadn’t dawned on me that printers would also be in that category.

Be careful out there.

Managing broken links

My WordPress site has thousands of links to other web servers. Inevitably, these links grow old and many get lost. I use the excellent and highly recommended Broken Link Checker for WordPress to scan all the blog posts, and flag the links that aren’t working. It sends me an email each morning. There are many reasons why a link wouldn’t work, and a variety of error messages that can result: the request could time out because the web server is down, the network is having a bad day, or the site is no longer available. The request for the link could be rejected, redirected, of forbidden with a variety of error results, some transient and some permanent. If I think the link is down permanently, I can try to find an archive of the page (which the plugin helps to find) or remove the links as irretrievably gone.

A broken link displayed visually.

Broken Link

When the plugin discovers a broken link, it wraps the link in an HTML element that allows you to highlight the error in a variety of ways. I’ve chosen a red wavy underline to highlight the broken link, and automatically added the text “(Broken link)” to the link. For links that I’ve reviewed and decided they are not only broken, but gone forever, I use a different highlight: an orange dotted underline followed by “(link removed)”. If the reader floats their mouse over the removed link, it will display a caption showing where the link used to go.

All this magic is performed thanks to the plugin, and a little bit of styling. The plugin allows the author to specify their own styles, and I’ve chosen to use the following CSS to create the effect:

.broken_link, a.broken_link {
    -webkit-text-decoration-line: underline;
    -webkit-text-decoration-style: wavy;
    text-decoration-line: underline;
    text-decoration-style: wavy;
.broken_link::after, a.broken_link::after {content: ' (link broken)';}

How do you learn to type such gobbledegook? Search the web, view other sites whose styles you like, and do your research. In this case, the text-decoration advanced styles (line, color and style) are fairly recent additions to most browsers. You can check on the appropriateness of using new styles at sites like, which can tell you which browsers and browser versions support the styles you’d like to apply. At the link above, you’ll s

Removed Link

Removed Link

ee the style won’t work in Microsoft’s Internet Explorer and Edge, which are another good reason not to use them. The style is supported in the most recent version of FireFox and Chrome, which is good enough for me. I also recommend looking at the “Usage relative” link on, as that shows what version people are actually using, rather than the latest cutting edge version. In this case, caniuse tells me that Google Chrome and IOS’ Safari work better with the -webkit- prefix, so that’s why the style is repeated with and without the prefix.

(Yes, the text-decoration has a shortened form which combines the color, line and effect in a single shortcut line:

.broken_link, a.broken_link {-webkit-text-decoration: red wavy underline;}

but I prefer the longer form, at least until I’m more familiar with the new styles, and the browser compatibility issues.)

ddclient fails with timeouts or errors

Recently, I’ve had to move around some of the TR&A infrastructure, and I’m testing out a couple of dynamic DNS providers. I’m using the classic ddclient software on Linux to update the providers with the IP address of these resources as they change. I ran into a couple of kinks getting ddclient to work properly on modern, recent Linux distros:

1. SSL errors: everything on the internet ought to be in SSL these days, to eliminate entire classes of Man-in-The-Middle attacks. Verifying that the SSL certificate is actually valid requires additional software not always available on some client sites, so this post has a work-around to silence the error:

2. Timeouts: some network infrastructures just don’t seem to be willing to access the same web site every ten minutes to check on the external IP address., and return a timeout. To work around this, I used the simple hack described here:

Working around ddclient’s “bad hostname” and “network is unreachable” problems

Finally, I’ve set up the dynamic DNS names (something like, but not: ) as CNAME synonyms to one of my utility domains that has excellent DNS support. This way, any code I used in batch files, scripts or configuration files can reference the stable even if I need to change the CNAME from one dynamic DNS provider to another. This is so much easier than having to scramble around a dozen different client installations to see where I may have used a DNS provider that’s no longer working for me.

A couple of quick references

Handy to have a blog to post bookmarks to. A little security research last week brought up:

6 Free Ransomware Decryption Tools


The Ultimate Malware Removal Guide: 

The wonderful Boing-Boing posted an article on “How to prepare to join the Internet of the dead” — no, not a fun zombie adventure, but a sobering look at the online chaos that occurs when someone dies, and some good suggestions on how to prepare for the inevitable. Read it, and think about building a plan. Or a legacy drawer. In the referenced Locus article, Cory points out that “by 2050 more than half of the Internet’s users will be dead.” Be one of the happy ones.

Quick Updates

Things are cranking along here at TR&A.

Ted’s just completed a project migrating a client off an older server whose software was no longer updateable onto a shiny new virtual machine. Moving software from old to new presents a number of challenges. The services provided by the OS get updated, renamed and replaced, so some basic features need to be recoded. Server software has been updated, so it’s unwise to just bulk-copy old configuration files to new, but rather review the settings and make changes appropriate for the new software.

Security has been an area of rapid change in the past few years, a situation that will likely continue to accelerate. Firewall technologies, intrusion detection systems, and malware detection need careful review, not simply upgrades.

Thank you for your understanding!

Please excuse our dust during our remodel!

I’ll be taking down the current web server for a well-deserved retirement and bringing up a new machine in its place. Please be patient during this transition as some services may not be available during the transition. I’ll do my best to make these downtimes as short as possible. If something seems to be down for a long time, don’t hesitate to drop me a line and let me know. We all dread the “it looks fine to me!” episodes. Thanks for your support and understanding.

Send and Receive Your Email with Gmail

Book cover for 'Send and Receive Your Domain Email with Gmail'

Book cover

Another book from Hentzenwerke Publishing available from Amazon: “Send and Receive Your Domain Email with Gmail.”

Whil tackles a number of different ways in which you can use Google’s Email facilities to send and receive email just as if you were running a big company and were paying for someone to host your own domains email server, without the overhead, administration or security hassles.

Whil sets up a couple of different situations: one person with a bunch of domains, several people on one domain, several people several domains, and goes through ways these can be configured via your ISP and Google to allow you access to email all in one Inbox or separately. There are also some very useful asides.

Check it out at:

SQLite book available in paperback!

Using SQLite in VFP book cover

Breaking through the 2 Gb barrier — get it?

In 2015, Whil Hentzen wrote and published an ebook on using SQLite with Visual FoxPro. I reviewed and edited the book. Now it has been republished from electronic to paper version.

It’s an interesting proposal: not using SQLite as the actual database for an application, but rather as an intermediary store when importing an impossibly large data set into the very limited native database size of Visual FoxPro (255-ish columns, 2 Gb max!).

Check out the book available via Amazon: Using SQLite to Bypass the 2 GB .DBF Filesize Limit (Amazon Affiliate Link)

“I Feel The Earth Move…”

Seismograph readout

Weston Observatory recorded the earthquake

Actually, it was more hearing than feeling. About 3 miles to the northwest of us, a magnitude 2.9 earthquake this morning made the most disturbing BOOM! And the dogs launched off the couch in a fury of barking. Unlike the stories of the dogs warning of the impending disaster, our dogs missed the memo. Fortunately, there was no damage here.

Bill Sconce, R.I.P.

I was sad to hear of the recent passing of my friend Bill Sconce. Bill was an active member of the Greater New Hampshire Linux User Group, the founder of its Python Special Interest Group, and an active advocate for the Free and Open Source Software movements. Bill and Ted had many excellent adventures, hosting Software Freedom Day events in Concord and Nashua, running a LUG booth at LinuxWorld Boston, teaching a LAMP course, along with Bruce Dawson and Dave Berube, at the NHTI’s former Business Center, road trips to the Dartmouth LUG and hanging out together. Bill was a Vietnam-era veteran and a former DEC employee. In addition to his many Linux activities, Bill was an active ham radio operator (N1BFK), an airplane pilot and flying instructor, and a volunteer ballot re-counter for New Hampshire. I will miss Bill. Thoughts are with his wife Janet and their extended family. Rest in Peace.

Bill (William Joseph) Sconce, age 72, Lyndeborough, NH, died on January 5,
2016 at Lahey Hospital in Burlington, MA. The cause was a cerebral
hemorrhage. He was a good man.

Bill was born April 19, 1943 in Indianapolis, IN, and came home to the
House on the Hill in Edinburgh, IN. Bill grew up there with his brother
David, who predeceased him. His parents were Eva Mae and Joseph Byce
Sconce. Bill soon became a proficient Spelunker and surveyor in the caves
of Indiana and Kentucky, and a motorcycle enthusiast. Graduating from
Culver Military Academy, where he earned his Amateur Radio License, he
received a Fulbright scholarship and rode his Norton motorcycle to CalTech
in San Francisco, CA where he studied Physics and worked in a
crystalography laboratory. He was drafted during the Vietnam war protests
at that school and served in Taigu Korea, where he studied IBM Cobol and
the Korean language, and rode a Honda 90 motorcycle in the mountains. He
returned to Louisville, KY and began a long career in computer science and
founded his company Industrial Specialities. He met the love of his life
in Louisville, Janet Levy, and with her encouragement he completed his
dream of becoming a pilot, holding a Commercial, Instrument, and Instructor
license. He continued studies at University of Louisville in linguistics
and computer science. Bill & Janet moved to NH in 1979 for Bill to graduate
from being Symposium Coordinator for DECUS to assume the position of
Product Manager for the RSTS Group at Digital Equipment Corporation. Bill
worked for and was layed off from DEC, Compaq, and Hewlett Packard, at
which point he revived his corporation, named it In Spec, Inc. and divided
his time between software engineering and flight instruction. Bill was a
devoted supporter of GPL and “free” Linux software and the Python
programming language. Bill was a member of the Vintage BMW Motorcycle
Owners, Ltd., the BMW MOVer Motorcycle Club of Vermont, the Contoocook
Valley Radio Club, a life member of the National Speological Society and
the American Radio Relay League. He supported the EAA and was a Regional
Judge for aerobatic competitions for IAC for many years. He loved aviation,
including hot air ballooning and skydiving. He participated in Young
Eagles at Boire Airport in Nashua, NH and enjoyed teaching young people to
fly. He taught spins in his Cessna Aerobat. And he was a Quiet Birdman. He
was a member of the Rex Stout Wolfepack Book Club and The Wodehouse
Society. Bill loved theatre, classical and rock music, and especially
lately, attending Dr. David Landman’s Poetry Nights of medieval poetry in
Lexington, MA.

He loved fixing things and if there were no parts available for a project
he promptly made them himself on his metal lathe, or just used his
ingenuity to create something needed.

He loved cigars, scotch, butter, reading, airplanes, old test equipment,
Paris, BMWs, his red convertible Cabriolet with red earmuffs, and his big
black 4 cylinder 4WD truck, bird watching (outwitting squirrels), camping,
hiking on Pitcher Mountain, William Blake, and he suffered not fools. One
of his favorite lead-ins: “As an engineer…”

Bill is survived by his wife, Janet Levy Sconce, his sister-in-law, June
Levy and her family, and many dear friends. Bill was a kind and loving
“daddy” to Virgil Fox and RDB, the cats of his home. Thanks to “The
Committee” and especially Donna Shea, Chris Levin, Ken Hamel, Donna
Giovannini, Tom Steger, Michelle Donovan, Simon Hutchings, John & Cathy
Gubernat and the surgeons, doctors, and nurses at Lahey Hospital. The
family is grateful to all of his many friends who offered support and love.

There will be a memorial for Bill on February 13, 11:00-2:00 at Nashua Jet
Aviation located on Boire Field in Nashua, NH. Call Air Direct Airways,
(603) 882-5606 for more information.

Powered by WordPress. Designed by Woo Themes

This work by Ted Roche is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 United States.