Archive | Linux

A UNIX-like operating system.

What’s on your network?

This article in ZDNet points to flaws in Microsoft’s SMB file sharing systems (“Windows networking”) that are, unfortunately, faithfully reproduced in Samba:

http://www.zdnet.com/article/its-not-just-windows-anymore-samba-has-a-major-smb-bug/

See also:

https://access.redhat.com/security/cve/CVE-2017-7494

This means that an old Samba server you have could be be misused as a vector for malware to get a foothold on systems where local Windows machines could get infected. Over the weekend, I went through and cleaned out, updated, reconfigured, or blocked access at some of my client sites.

I also took a long look at our in-house dev network for stuff that could be a problem and found a couple of issues:

– An old Western Digital NAS device was running an *ancient* version of Linux and Samba, and unfortunately is no longer being supported by the manufacturer (last update, 2012). In addition to basic SMB file serving, it supplied media streaming over various protocols and offered ftp (turned off). Despite being in fine shape, mechanically and electronically, I had to turn it off, because, even though the source code is available (yeah, GPL), cross-compiling and rebuilding an ARM 2.6 kernel and utilities into a modern version, and getting it to work on an unsupported device is more effort than I have time for.

– A couple of our networked printers shipped from the factory with all their protocols turned on, even if not configured nor active: SNMP, Web server,  SMB, FTP, tftp, LPD, Raw port, IPP, AirPrint, Web Services, Google Cloud Print, SMTP, mDNS and LLMNR, several of which I had to look up. Surely, there could be no flaws there! And, to boot, two of them were running older versions of firmware, also worth updating.

I am a strong skeptic of the IOT marketing that drops devices into your home/office network that communicate with “the cloud” and can be run from your cellphones, or likely anyone else’s. Unlike PCs with firewalls, intrusion detection, malware scanners and intentionally secure devices like routers, IOT devices are trying to “Just Work” and security might not be in mind.

I knew this was the case for things like “Smart” TVs and voice-recognition devices, but it hadn’t dawned on me that printers would also be in that category.

Be careful out there.

Please stay on the line, as calls are answered in the order in which they are received

Astute fans may have noticed the site seems to be having a little trouble. Yup. The site became non-responsive the morning of 20-Nov-2014, and the usual actions had little effect. There were few clues in the logs nor diagnostics easily pulled from the software. To get up and running quickly, I did the famous “WordPress 5 minute Install” and restored the essential configuration. I’ll be restoring the usual theme, fonts, plugins and assets (pictures, links, videos, etc.) from backups as time allows.

Thank you for your understanding.

Notes from Seacoast WordPress Developers Group, 4-Dec-2013

Seven people attended the December meeting of the Seacoast WordPress Developers group, held at the AlphaLoft coworking space in Portsmouth, NH. The main topic was “Best Business Practices,” which was a great topic but, as always, the conversations and netwokring and recommendations that went on around the main topic were also very helpful and informative. Among those tidbits:

  • The Ewww image optimizer can reduce the size of images and speed webpage loading with minimal quality change.
  • Matt Mullenweg delivers an annual “State of the Word” speech with lots of interesting insights.
  • Open question: What topics would YOU like to learn about? The group is about YOU. How can we get YOU to attend?
  • Which SEO are people familiar with? WordPress SEO by Yoast was the most popular mentioned
  • Question on speeding sites, and a recommendation for the P3 Plugin Performance Profiler

On to the main topic: “Best Business Practices” can easily degenerate into a “Client Horror Stories” session. Kudos to organizer Amanda Giles for keeping a tight rein on the discussions and getting us to focus on covering as much as possible. Andy provided a redacted proposal he had written up for a client and we reviewed and discussed it. There was a lot of good back and forth. Andy had some very insightful item in his proposal that made it clear what the client would see at each phase, what items were optional or deferred to a later project phase, and how client decisions could affect the outcome in terms of schedule and cost. This was a great launching point for a lot of discussion on terms, contracts (my stance: pay a lawyer for a few hours to draft a good contract!), how to handle open-ended items like design reviews and never-ending revisions, terms for stock photos and graphics, and so forth. The discussion was very worthwhile and everyone felt they had their questions answered and learned a few new things. What more can you ask for a meeting?

Our next two meetings are scheduled for TUESDAY (not the normal meeting night) January 7th and Wednesday, February 5th. Please consider joining the Meetup group to keep up on the details on upcoming meetings.

New post testing CDN support on WordPress

DSCN1940 So, the Content Distribution Network is in place and several tests indicate it is working well — page loads are much faster, the URLs of the CDN content are re-written properly — but the next question is whether new materials will be automatically added to the CDN. The picture at the left (and yes, this is an excuse to post a cute dog picture, too) should appear with a link to the high-resolution (1.8 Mb) image. On the blog itself, that link should be of the format http://blog.tedroche.com/wp-content/uploads/2003/12/NameOfPicture.jpg, while if the picture is picked up by the CDN synchronization software, it should upload to the CDN and the URL be rewritten to http://static.blog.tedroche.com/etcetera. Let’s try it out and see what happens…

Woah. Success first time. Pretty cool.

Some details on what I’ve got set up: I’m using the Rackspace Cloud Files service as the CDN. I had worked with Rackspace before on some hosting projects, and have a friend working there, so I thought I’d try them out first. It appears that their CDN services are in an early stage and don’t have all of the features of soe of the more mature products. In particular, it appears that the blog software is reponsible for pushing any new or updated content to the CDN. By contrast, the Amazon S3 offering has an ‘origin pull’ feature that will pull content from the original source when it is first requested, and subsequently cache it.

In order to get the contents of my local blog to sync with the CDN, I added the CDN-Sync-Tool plugin. A lot of web searching seemed to indicate I could find this in the WordPress Plugins directory online, but the tool has been pulled from the directory. Apparently, it is undergoing some redevelopment. The version I found was on GitHub under https://github.com/WDGDC/CDN-Sync-Tool and installation was not more complex that downloading the ZIP and unzipping it in the plugins folder. Bear in mind that you should be comfortable with using the command line and have the skills to review the files you are installing on your machine, as there has been no review by the WordPress folks, and the code is currently under development and you may need to deal with bugs, incompatibilities and support problems. So, this isn’t the path I’d recommend for less-technical WordPress developers, and likely isn’t the path I’d recommend for a client looking to put a CDN into production use.

Note that most cache programs and their CDN features are set up in such a way that logged-in users may see a slower site, but more up-to-date, site, and that in order to test caching you’ll need to log out of your WordPress session.

 

Linux printing on a Lexmark E312L via IOGear GPSU01 print server

Just updated the Lenovo ThinkPad T61 to Fedora 19, and it went pretty smoothly. I alternate between two distros on separate partitions, so one can act as the recovery partition for the other, and as a general fall-back. I can pretty much bulk-copy most of my home partition from one to the other and the fresh install will update what’s changed, while I can still retain much of the customization I’ve done.
In this case, I was updating from Linux Mint 12, which had gotten too old to keep up to date. I was replacing an even older Fedora 16 install. The initial versions of Fedora with GNOME3 had just proven too unstable to rely on as my primary development workstation. This new Fedora 19 install put most of the daily tools on the machine, and I’ve been installing utilities —— vim, vim-X11, GIMP, ack —— as I found the need for them.
One of the things that’s better to just redo from scratch is the printing configurations, as the Ubuntu-based Mint and RedHat-related Fedora part ways in this and several other aspects of running an OS. Both are running CUPS, but that’s about as far as it goes.
My laser is an old Lexmark E312L which has its own interesting story: the ‘L’ model was supposed to be Lightweight or Lame or something, sold cheaply in office supply stores, a weaker sibling of the 312 model, with a half-filled toner cartridge and limited to HP-PCL with no PostScript, but it seems that Lenovo had some issues and just slip-streamed the full 312 engine, PostScript and all, into the L models. The only clue are the internal diagnostics you can run by holding down the reset button on startup. Finding the PPD to run that was a bit tricky, but here’s the one that worked for me: PPD page at OpenPrinting.Org. Lesson learned: don’t judge a printer by its cover.

IOGear GPSU01 print server

IOGear GPSU01 print server, decade-old and humming along.

The print server is another thing. The Lexmark only came with parallel and USB ports, so to host it on a network, I bought a IOGear GPSU01 print server over a decade ago. That wild $60 extravagance doesn’t seem so crazy now, after a decade of nearly flawless printing. It serves up nearly every protocol under the sun from Apple File Sharing to Novell (remember them?) to its own HTTP and CUPS servers. The trick with this one was to remember which of the myriad protocols and settings to choose. I found a blog post that set me on the right track, and learned that the optimal settings for my use was to address the printer using the Internet Printing Protocol and the CUPS port as ipp://laser.in.tedroche.com:631/lp1 With those clues in hand, a couple of tweaks to my localhost:631 (my local CUPS server admin interface) and I was printing flawlessly.

Seacoast WordPress notes, October 2, 2013

The October meeting of the Seacoast WordPress Meetup was held on October 2, 2013, at the AlphaLoft coworking space. Thanks to owner Josh for encouraging groups to use the space!

Of course, you never get techies together when they don’t just jump into talking about what they’re up to! We had a question on using Content Delivery Networks (CDNs) to improve responsiveness for an international site. David talked about his experience with CloudFlare. A quick Google showed that there were a number of plugins that claim to offer some CDN functionality, and that initial offers the member had gotten might have been inflated.

David also showed the Dynamik theme add-on to the Genesis theme that generates a set of media queries to support mobile devices.

We started off the more formal meeting with a round of introductions: Amanda, Chris, me, Jim, Laurel, Dylan, David, Andy, Tina, and Tom.

Off we go into questions and comments. One member did some troubleshooting of a plugin-laden site using P3, the plugin performance profiler. Others offered their opinions that excessive plugin use can be the source of a lot of compatibility and/or performance problems.

The main presentation of the evening was from Amanda Giles and the Canvas theme from Woo Themes. Wow! This theme can do a lot, lay out in a number of different ways, and has great administrative functions off the dashboard to make lots and lots of changes from within the interface, and not having to fork off a child theme and mess with the code directly. The Premium theme is $119 for developer version or $99 basic. Both include a year of support and upgrades. The Developer version includes PSD files for designers to customize the theme in PhotoShop. A yearly upgrade is obviously what Woo would like everyone to do (who wouldn’t?) but Amanda indicated it’s okay to stick with the version you buy in perpetuity or until they come out with a compelling feature you want.

The number of features were remarkable. Here are a few I remembered to record: easy file structure, lots of hooks, extensive admin functions, support for short codes. Amanda set up a website for attendees to follow along with the various pages of the dashboard and do a little experimenting. Obviously, the access can’t be made public to the entire internet. See www.canvas.client-look.com. We worked our way through many the Canvas options, for an hour! If you don’t have Photoshop, check out pixLR.com for an online utility that will do many of the basic functions.

Woo Themes also includes “templates” within the theme that allows more complex layouts: Magazine has a full-width slider, followed by full-width article, followed by a grid of articles. Also, a second template, Business, with a different layout.

In the header of the Woo Themes dashboard, “View Theme Documentation” takes you to the WooThemes web pages of documentation, which are extensive!

Amanda reminded us that WordCamp Boston will be happening at the NERD Center October 25-27. Well worth the effort to attend. Seacoast WordPress folks will try to get together for a birds-of-a-feather session or lunch; watch the Meetup group for details.

Three Lightning talks at Alphaloft: September 2012 Seacoast Web Dev Meetup

An excellent time as always at the Seacoast Web Developers Meetup held at AlphaLoft in Portsmouth on September 25th.

Josh Cyr presented his initial research on Google Drive. Josh worked with a client to develop a workflow process using events occurring in Google Drive to process documents. The API from Google allows you to iterate through files and folders, change properties. up- and down-load.

Paul Finn presented Vagrant, a shell around virtual machines that allows simple and easy download of pre-made images, spinning up the VM and talking to it (ssh) via Ruby scripts. Paul’s slides are here: http://slid.es/paulfinn/vagrant/fullscreen

Ted Pennings (@thesleepyvegan) talked about cryptography: the basic concepts, aspects of concern, best practices and more! A very informative 20 minutes from a man who’s obviously deeply involved and enthused about the subject. Slides are here: http://prezi.com/kplh0mz6ptjt/cryptography-in-20-fast-minutes/

Keeping up: theme changes

Astute readers (and I know who you two are!) will notice a change to a newer theme. I’ve switched over to the WordPress Twenty-Eleven base theme, with a few of my own tucks, nips and tweaks. I wanted to check out the new theme and test out the new functionality and keep up with the latest stuff.

Child themes are a piece of cake to create, and a child theme lets me override the original without messing with the original source, so updates will not erase the changes. While they are not so difficult to do manually if you are familiar with the command-line, they are even easier with the plugin One-Click Child Theme.

With the child theme in place, I was able to shorten the gap between the site description (the motto) and the header picture, just by adding CSS to the style.css in the child theme (that’s the cascading part of CSS). I added a paper-curl edge effect based on the work of Craig Buckler, published on Sitepoint.

I was disappointed that my site was not valid HTML5, according to the W3C’s validator site. Category tags used in REL links aren’t standard, so I deleted those. The Creative Commons plugins want to use Dublin Core XML namespaces, and there are issues there I’ve got to clean up. And the “generator” REL tag on the bottom of the page isn’t too standard, either. Overall, though, the pages are relatively clean of excessive markup or poorly-formed structures. Stay tuned as I tweak the last few elements into line.

Seacoast WordPress Developers meeting, 2-March-2011

Five people attended the March meeting of the Seacoast WordPress Developer‘s meetup, held at the New Hampshire innovation Commercialization Center near Pease in Portsmouth. We did a round of introductions and welcomed two new members and discussed what the group could focus on. We discussed the boundaries of CMS and Blogging and Wikis and how they overlap (A professional in education provided us with some great insights on how we think about some of these items), the challenge in finding consultants and clients, and how we can build up a network. We talked about potential agenda items: what should we schedule, what should we have in free-form.
I think an FAQ we ought to be prepared to answer is “What is it that WordPress is?” It’s less than obvious. “A blog” is the wrong answer, as that is a form of document, and not an application. “A CMS” is such a vaguely defined answer that it’s not much more useful than “an application.”

Other questions we started to explore, and possible future topics:

  • What is it that others are looking for on the web?
  • Good resources for learning WordPress: Codex, FAQ, books, etc.
  • WordPress SEO
  • WordPress Security
  • Loop/structure of databases tables, templates
  • Popular plugins
  • WordPress Backup tips: data and files
  • WordPress Community

Finally, Amanda presented her talk on building a plugin. She’d done some excellent research and used clear examples and explained them well. Here are the notes and slides posted to the new Seacoast WordPress Developer’s website, running WordPress, of course, and BuddyPress.

So, it was a great second meeting of the Seacoast WordPress Developer’s group. Stay tuned for more news. Thanks to Amanda for organizing the event, and to the New Hampshire Innovation Commercialization Center for providing the great facilities!

Powered by WordPress. Designed by Woo Themes

This work by Ted Roche is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 United States.