Spambots are continuing to attack the old OFB archive (which runs PHP-Nuke). The new OFB site runs SAFARI, but I left the old site up as an archive of the first five years worth of articles. I ended up having to turn off comments because spammers were adding hundreds of spams to the articles.
While they are no longer able to add actual comments, these spammers also seem to hope to spread their names by using bogus referrer data when accessing the site (since many sites list what sites are linking to them). So, I still see hundreds of page views show up in my logs each day that try to access the comment pages that no longer exist and leave referrer links to insurance, pharmacy and poker sites. It is making it hard to gather relevant statistics with so much “noise.”
To combat this, I've moved some things around while trying to make it so real human visitors can still find the pages they want without additional hassles. We'll see if what I've done actually helps.
So, say you sign up for a DSL plan that comes with five static IP addresses. Let's also say you want most of your systems behind a NAT (Network Address Translation) system, nice and safe away from the internet, but you want a few systems to use those static IP addresses so that they can be easily accessed online. That's the scenario my church has at the moment.
In January, when we moved the offices back to the main building, I configured the network using two Linksys WRT54G routers. We only needed one wireless router, but for the small difference in price, it seemed advantageous to me to stick to one model for everything. We'll be deploying more WRT54G's as access points around the building eventually.
At any rate, I installed the first router directly connected to the DSL modem. I set it up to do PPPoE authentication. I tried to match the IP's and subnet on this unit to what the AT&T installer gave to me. The second router I assigned a static IP address to and told it act like a normal SMB router does — it assigned NAT IP addresses (in the 192.168.1.1-254 range). The majority of computers in the office connect to this second router either by wire or wireless. The second router is connected to a 16-port switch that helps fill in our wired needs.
At any rate, this worked fine for the NAT'ed computers, but for the one machine (other than the second router) that was hooked to the first router, things were amiss. This second computer is supposed to be accessible remotely for various reasons, and I assigned it one of our static IP's. It wouldn't connect from outside. Some other problems took over my time, and I only returned to this recently when it became more important. I reworked much of the network trying to figure out what was wrong. I ended up with the second router performing PPPoE and the first router acting merely as a switch. I thought maybe the Linksys router simply wouldn't work with static IP's (in fact, I was told by some that I was trying to do the impossible).
Well, I talked to AT&T support and found out at the install time I had been given the wrong subnet mask. I went in and tried the new subnet mask, but it didn't seem to work either. As it turned out, the problem once I had the right subnet was that I no longer had the routers setup like I originally had them. Once I returned the routers to my original configuration and entered the new subnet, everything sprang to life. It was frustrating that many, many hours were wasted because I was given the wrong subnet mask, but at least things finally work!
This is a far cry from the original network that was in place when I first started administering our systems in 1997. The network was not connected to the internet (everyone fought over getting a turn on using the fourth phone line to dial-up to Juno), was merely four computers hooked up to a switch, and the “wiring” was a multi-line phone cord that had been made to work as an ethernet line. We now have almost twenty systems running through the two routers and connecting via either 802.11g or high quality CAT-6 lines (in preparation for a future Gig-E upgrade); these systems run three different operating systems (Windows XP, Mac OS X and GNU/Linux). And, hopefully in the next few months, I'll be able to bring online some kind of GNU/Linux network authentication server that will allow granular access to the access points that will cover the building in connectivity.
I still have not had a chance to read my blog comments (sorry to all of you), but I'm determined not to miss a day so early in the month, so I'll just mention that I have a new post up on Open for Business contemplating the advent of the large hard disks we are using these days.
I'll return soon.
Here is a snapshot of my spam blocking statistics for the past two days (approximately). This is prior to re-enabling DUL blocking, something I did about a half hour ago. I'll let you know how it goes now that DUL is back on.
Total Spam Count = 17784 Total Success Count = 4914
Spam detected and blacklisted, by blacklist, since last refresh of exim log (2004-12-12 04:02:09.000000000 -0500).
Note: checks against blacklists stop after first positive match, therefore lower numbers from blacklists lower down should be expected and do not indicate performance of a given list.
sbl-xbl.spamhaus.org = 15306LAST UPDATED: Monday, 13-Dec-2004 22:05:03 EST
zombie.dnsbl.sorbs.net = 0
cbl.abuseat.org = 120
opm.blitzed.org = 0
dul.dnsbl.sorbs.net [disabled 2004.12.05 00:15 due to overactive blocking] = 0
relays.ordb.org = 3
spam.dnsrbl.net = 0
dnsbl.njabl.org = 1215
blackhole.securitysage.com = 0
hil.habeas.com = 1
list.dsbl.org = 1080
verify fail= 290
No Relay = 158
Weird news of the day: Spam Has Turned 100 years old. Shall we wish it a happy birthday? Nah, I don't think so.
I forgot to mention this on my blog yesterday. My latest commentary on Open for Business analyzes Sony's need to reanalyze its PC strategy in light of the PlayStation 3.
With the launch of the PlayStation 3, the fate of one of the world’s best-known brands, Sony, hangs in the balance. Although the technology, and the price tag, of the new system will likely lead to it moving at least partially into the realm of home theater enthusiasts rather than just gaming enthusiasts wanting the latest game system, presently Sony is staking much of its future on that market. For true security, it needs a complete digital ecosystem, and for that, it needs to change its PC strategy.
You can read the piece here.
Soul Survivor: How Thirteen Unlikely Mentors Helped My Faith Survive the Church
I am sure I did not fully appreciate the title of Philip Yancy's excellent book when I read it two years ago.
The phone I got back in December is suppose to support SMS messaging (and I don't doubt it does, really), but I ran into a rather peculiar problem. When a internet service tried to send me an SMS yesterday via the e-mail gateway Cingular provides, the arrival of those messages appeared in my phone's log but not in my phone's message inbox. Odd.
I don't know, maybe it's just me, but I actually like to read messages that are sent to me rather than being just told they arrived. Maybe my phone took care of them for me or something.
Seriously, has anyone else run into a problem like this?
I needed to setup a new web hosting account for someone today. Sounds easy enough. Of course all of my welcome message templates were stored in Evolution, which wasn't working (none of GNU/Linux was because I am in the process of reorganizing my disk). So, I had to speed up my reorganization, move 30 GB (or so) back onto GNU/Linux — which took forever even over Fast Ethernet, alas my PC doesn't have Gigabit nor does my router — so that I could get to the mail message. It finally just completed, so I can get that account setup before I go to bed.