JDPFu.com 2025

I’ve had dual monitors for years … many years.
I’ve had a KVM switch for longer. This lets us switch the main monitor, keyboard and mouse connections between 4 different physical PCs. KVM – Keyboard, Video, Mouse. Actually, you can chain multiple KVMs together and basically support over 30 different physical machines.

Brian Krebs Nails AntiVirus

I’m not saying AV is completely useless, just that users should behave as though it is.

Best statement I’ve seen about AV in years. If you don’t want to be infected with a computer virus, run an AV tool (if on Windows), but act like you aren’t running an AV tool when you use the PC.

• The AV advertisers claim 80-90% protection.
• Security experts believe the truth is closer to 50% blocks.

I know which I believe and it isn’t the advertisers.

Act like your antivirus doesn’t work when browsing the internet. That sums up internet safety.

I don’t know that email firewall is the right term for the ScrollOut F1 toolset, but that’s what the tool claims. It is definitely good at blocking spam. Most people would call this an inbound email gateway.

Setting it up was pretty easy on a stock Ubuntu 12.04 JeOS virtual machine following the instructions over at HowToForge . Understanding the settings was a little harder. A few minor issues were also solved.

The last few weeks, we’ve been using Ubuntu 12.04 Server for internal testing as a VM host running KVM. The VMs have been a mix of 12.04, 10.04. and 8.04 systems. It has been stable with zero issues on that front. Below are the other changes recently made that you may find interesting.

Sitting at my desk this afternoon and the power went out for the entire house.

The power here is really good, barely a flicker even during the worst thunderstorms, so I sat for about 15 seconds staring at 2 blank monitors before deciding that something needed to be done. I wasn’t worried about any computers. All have a UPS or they are laptops with a built-in UPS. No immediate worries.

Since the entire house was out of power, I thought it could be the circuit breaker and walked to the garage to check it. Oops. No lights. I need to find a flashlight. Found one, checked all the breakers – none were thrown. Is that good news or bad?

The entire time, a 1500VA UPS has been diligently beeping. It has been 3 minutes and the power doesn’t appear to be coming back. I should start shutting down systems. Remember that power issue last month – I still haven’t found a replacement UPS for the right price, so a switch and router aren’t on any UPS. That means the laptop screen that I’d planned to use to cleanly shutdown all the virtual machines and hosts wasn’t going to work wihtout some power reconfiguration. The best laid schemes of ….

Just as I was considering the next steps to be taken, pulling connectors out of the laptop to take it to another location where it could be opened and typed on, the power came back on …. and stayed on. After pressing the display button on the UPS, it said 10 minutes of power left. Bullet dodged. Life is good.

I really need to get another UPS. I really do.

Just saw that MySQL and MariaDB have a root authentication bypass issue

A remote attacker can gain the root login to MySQL and MariaDB RDBMS by trying any password 200-500 times

Basically account password protection is as good as nonexistent.

Said the security researcher.

Think of all the content that is only protected by MySQL tables around the world. Many very popular releases are vulnerable. Fortunately, Debian, RHEL, CentOS are not, but most other distros including Ubuntu, Arch, Fedora, and OpenSUSE are.

Time to rethink your webhost OS?

It is definitely time to lock down network SQL access to only the specific clients that require it. Of course, patched versions will be available shortly. An out of cycle patch could be a good idea this week.

I’m like many of you. I use a few websites for convenience. About 3 yrs ago, I had 10 reused passwords, based on the importance of the service. Social sites got shorter passwords, more important sites like banks got longer, more complex, unique passwords. At that time, it made sense, and I had all these documented inside a plain text file that I kept ZIPed with a password.

Then I started using KeePassX, my password manager of choice. 20 or 60 character passwords didn’t matter. I was never going to enter them anyway. Complexity was handled by the built-in random generator and having a different password for every login became easy to do. That’s how I do it now.

I’m lazy. I didn’t go back and change every one of the old passwords to be more secure. Seriously, how important is a LinkedIn password?

Sometimes you have the solution and don’t realize it. I’ve been using ccextractor for years – at least 4, probably longer, to pull Closed Captions from recorded TV and convert them into SRT files before including them in MKV containers. For years, I knew how to get CC1 and CC2 out – the ccextractor help was clear on that. However, there was no mention of CC3 or CC4 – which is where the English captions are placed by a popular Spanish language TV network.

I love how software is very interconnected these days – NOT.

This morning I needed some information about yard tonics that I know is here and discovered that the sidebar for the blog wasn’t working correctly. There was an error message, so no RSS, search, topics, categories, etc… I haven’t changed anything in the setup for months. Normal fixing steps:

• restart typo – no joy.
• restart the VM – no joy.
• check the logs for an easy answer – nothing.
• log into the admin interface and play around with the sidebar a little – that simply showed that all but the “static” plugin was broken AND that the drag-n-drop interface to manage sidebars was broken too.
• switch to a different browser and see all the same issues.
  Ok, so I think it is some remote javascript library causing the problems. I open the source for a page and see that only local javascript is used – I remember now, I didn’t like that remote code would run on my site, so I made a local copy. That’s why the first time you visit here, the page loads slow. Regardless, that’s not the issue.

Google – nobody else is reporting this problem since 2006 under IE6. I am definitely not running IE6 here.

There is a newer version of the code. With all the local tweaks, installing a new version can be a hassle. I’ve been meaning to move this VM to a different 12.04 host anyway … now is as good a time as any – plus it rained today.

In a few hours, this blog should be running on a new physical box, under a different hypervisor, the first VM in my long planned migration. I’d hoped to switch from KVM to LXC for this VM to use fewer system resources, but I’m not prepared for that today.

Wish me luck!

I still need to find that tonic recipe too. Got it, thanks to google again.

Over the last few days we had an outage here. A UPS used by the network infrastructure failed and nobody could physically get to it until sometime yesterday. Actually, nobody could trouble shoot the problem to know what actually caused the lack of connectivity.

Around here, we don’t have many failures and certainly not many failures that impact public-facing services for more than a few minutes. Sometimes the blog software is a little flaky and crashes, but since we are running a few instances behind a load balancer, the service shouldn’t be completely unavailable and should auto-restart if all instances fail. Overnight when we take backups, it is just easier to take down all instances of the blog for a few minutes, do the backup, then bring them back up. It takes just a few minutes – not a big deal in the middle of the night. Yes, there are other ways to do this in a non-impacting way.

Remember, this is a non-income-generating blog – like a front door to a small business. It is expected, but doesn’t make any money.

Perhaps a few readers would like to know more details?