AlanBarber.Org

Twitter Updates

Follow me on Twitter

Well the new home server is coming along nicely.  I ended up ordering a 430watt cooler master power supply from NewEgg.com on Monday.  Both boxes ended up arriving on Thursday.

I realized I had an Antec ks-188 full tower case down the basement.  Heh, how I managed to forget I had that I don’t know!  So I decided to use that instead of buying a junk mid tower with a no name brand power supply.  I set a budget of 200 bucks so I was very limited.  Using the Antec case allowed me to spring for a better quality power supply which is a good thing for a server.  Running 24/7/365 with lots of hardware you should have a good supply.  Nothing worse than some generic supply blowing out on you!

So anyways.  I tossed everything together and it booted up perfectly on the first try. 

The Windows Server 2003 SBS Install went easy enough as well.  I’m just slowly getting things setup and installed.  Really, I’m having fun just playing around with my new toy!

Right now the server isn’t doing much.  It’ll just cover my basic development needs.  In the future when I can afford to I’ll put in a large Raid-5 array so the server will become my central file and backup server too.

There is one issue I’m having.  I need to find an anti-virus scanner that will work with windows server.  I use the free edition of AVG on my system but it won’t allow me to install it on windows server.  Does anyone happen to know of a free/cheap AV scanner that would work?  Well I guess I could shell out 70 bucks for the AVG File Server edition if I have to.

quote:

---

The Release Engineering Team is happy to announce the availability of FreeBSD 5.4-RELEASE, the latest release of the FreeBSD Stable development branch. Since FreeBSD 5.3-RELEASE in November 2004 we have made many improvements in functionality, stability, performance, and device driver support for some hardware, as well as dealt with known security issues and made many bugfixes.

For a complete list of new features, known problems, and late-breaking news, please see the release notes and errata list, available here:

http://www.FreeBSD.org/releases/5.4R/relnotes.html

http://www.FreeBSD.org/releases/5.4R/errata.html
Dedication

The FreeBSD 5.4 Release is dedicated to the memory of Cameron Grant. Cameron was an active FreeBSD Developer and principal architect of the sound driver subsystem despite his physical handicap. His is a superb example of human spirit dominating over adversity. Cameron was an inspiration to those who met him; he will be fondly remembered and sorely missed.
Availability

FreeBSD 5.4-RELEASE supports the i386, amd64, ia64, pc98, sparc64, and alpha architectures and can be installed directly over the net, using bootable media, or copied to a local NFS/FTP server. Distributions for all architectures except alpha are available now. The distribution for alpha should become available within the next day or two.

Please continue to support the FreeBSD Project by purchasing media from one of our supporting vendors. The following companies will be offering FreeBSD 5.4 based products:

FreeBSD Mall, Inc. http://www.freebsdmall.com/

Daemonnews, Inc. http://www.bsdmall.com/freebsd1.html

If you can not afford FreeBSD on media, are impatient, or just want to use it for evangelism purposes, then by all means download the ISO images. We can not promise that all the mirror sites will carry the larger ISO images. At the time of this announcement they are available from the following sites. MD5 checksums for the release images are included at the bottom of this message.
Bittorrent

As with the 5.3 release we are experimenting with Bittorrent. A collection of trackers for the release ISO images is available at

http://people.freebsd.org/~kensmith/5.4-torrent/
FTP

At the time of this announcement the following FTP sites have FreeBSD 5.4-RELEASE available.
ftp://ftp.FreeBSD.org/pub/FreeBSD/
ftp://ftp2.FreeBSD.org/pub/FreeBSD/
ftp://ftp3.FreeBSD.org/pub/FreeBSD/
ftp://ftp5.FreeBSD.org/pub/FreeBSD/
ftp://ftp.at.FreeBSD.org/pub/FreeBSD/
ftp://ftp2.ch.FreeBSD.org/pub/FreeBSD/
ftp://ftp.cz.FreeBSD.org/pub/FreeBSD/
ftp://ftp.ee.FreeBSD.org/pub/FreeBSD/
ftp://ftp.es.FreeBSD.org/pub/FreeBSD/
ftp://ftp.fi.FreeBSD.org/pub/FreeBSD/
ftp://ftp.fr.FreeBSD.org/pub/FreeBSD/
ftp://ftp2.ie.FreeBSD.org/pub/FreeBSD/
ftp://ftp.is.FreeBSD.org/pub/FreeBSD/
ftp://ftp5.pl.FreeBSD.org/pub/FreeBSD/
ftp://ftp3.ru.FreeBSD.org/pub/FreeBSD/
ftp://ftp.se.FreeBSD.org/pub/FreeBSD/
ftp://ftp.si.FreeBSD.org/pub/FreeBSD/
ftp://ftp2.tw.FreeBSD.org/pub/FreeBSD/
ftp://ftp.uk.FreeBSD.org/pub/FreeBSD/
ftp://ftp2.us.FreeBSD.org/pub/FreeBSD/
ftp://ftp5.us.FreeBSD.org/pub/FreeBSD/

FreeBSD is also available via anonymous FTP from mirror sites in the following countries and territories: Argentina, Australia, Austria, Brazil, Canada, China, Croatia, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hong Kong, Hungary, Iceland, Indonesia, Ireland, Italy, Japan, Korea, Lithuania, Netherlands, New Zealand, Norway, Poland, Portugal, Romania, Russia, Saudi Arabia, Singapore, Slovak Republic, Slovenia, South Africa, Spain, Sweden, Switzerland, Taiwan, Turkey, Ukraine, United Kingdom, and the United States.

Before trying the central FTP site, please check your regional mirror(s) first by going to:

ftp://ftp.

.FreeBSD.org/pub/FreeBSD

Any additional mirror sites will be labeled ftp2, ftp3 and so on.

More information about FreeBSD mirror sites can be found at:

http://www.FreeBSD.org/doc/en_US.ISO8859-1/books/handbook/mirrors-ftp.html

For instructions on installing FreeBSD, please see Chapter 2 of The FreeBSD Handbook. It provides a complete installation walk-through for users new to FreeBSD, and can be found online at:

http://www.FreeBSD.org/doc/en_US.ISO8859-1/books/handbook/install.html
Acknowledgments

The FreeBSD Developers deserve the most thanks. Without their efforts FreeBSD would not exist.

Many companies donated equipment, network access, or man-hours to finance the release engineering activities for FreeBSD 5.4 including The FreeBSD Mall, Hewlett Packard, Yahoo!, Sentex Communications, Sandvine, Inc., FreeBSD Systems, Inc, and NTT/Verio.

The release engineering team for 5.4-RELEASE includes:
Scott Long

Release Engineering
Robert Watson

Release Engineering, Security
John Baldwin

Release Engineering
Ken Smith

Release Engineering, amd64, i386, sparc64 Release Building, Mirror Site Coordination
Hiroki Sato

Release Engineering, Documentation
Doug White

Release Engineering
Murray Stokely

Release Engineering, Documentation
Wilko Bulte

Alpha Release Building
Marcel Moolenaar

ia64 Release Building
Takahashi Yoshihiro

pc98 Release Building
Kris Kennaway

Package Building
Joe Marcus Clarke

Package Building
Jacques A. Vidrine

Security Officer
Paul Saab

Bittorrent Coordination
CD Image Checksums

  MD5 (5.4-RELEASE-amd64-bootonly.iso) = 6882dd5ce59cda1ba4a66ef45f017597
  MD5 (5.4-RELEASE-amd64-disc1.iso) = 26bca75d799c0a1690c6ae0bf0886234
  MD5 (5.4-RELEASE-amd64-disc2.iso) = 3da9debeae15a49158b01b1d92843fbc

  MD5 (5.4-RELEASE-i386-bootonly.iso) = 2afe65af7e7b994c3ce87cefda27352e
  MD5 (5.4-RELEASE-i386-disc1.iso) = 3dbb37485535e129354bc099e24aed99
  MD5 (5.4-RELEASE-i386-disc2.iso) = e4b748415ca783fce64cfafd6bd56f57

  MD5 (5.4-RELEASE-ia64-bootonly.iso) = 45b032bf952e7ea8b2c42f94c3fa4997
  MD5 (5.4-RELEASE-ia64-disc1.iso) = 2b1ad22da2ea0fe86345c99590049ebd
  MD5 (5.4-RELEASE-ia64-disc2.iso) = 62e589928628453f1813db7402b4f3ad
  MD5 (5.4-RELEASE-ia64-livefs.iso) = 6c05d71c36d84179923668faddf58e43

  MD5 (5.4-RELEASE-pc98-disc1.iso) = 003dee8647e9b2cbca7df0d92011800f

  MD5 (5.4-RELEASE-sparc64-bootonly.iso) = 91cb2304c2ecbcce0b312738649ba88d
  MD5 (5.4-RELEASE-sparc64-disc1.iso) = 5f77c9a20e09d5ef66fad9c60e17c2ac
  MD5 (5.4-RELEASE-sparc64-disc2.iso) = 7da34a32ca8196a34732548fe92d71e6

---

I’m about to build my first home server. Whoopie!

I’m making a system that will be:
- a file server
- a database server running MS-SQL
- a development server that runs code version control (Subversion), IIS for doing .net web development and vmware so I can run other OSes like FreeBSD, CentOS, solaris, etc for testing.
- a backup server for all the other computers in my network

It’ll be running Windows Small Business Server 2003 Premium.  Thanks to Microsoft for giving me a free NFR copy to use.  Man I love their developer programs.  I got this for being a “Microsoft Partner”.

So far I’ve ordered:
Mitsumi 1.44MB Beige Floppy Disk Drive
Biostar M7VIG 400 Socket A mATX Motherboard
AMD Sempron 2200+ CPU
512MB PC3200 DDR RAM

Parts I need to get:
Case
Power Supply

Parts I have:
13gig HD for OS/Apps
Creative 6x DVD Drive

Future Part when I can afford them:
IDE Raid Card that does raid5
3x250+ Gig HDs to put into raid5 array
Another 512mb or 1gig stick of pc3200 ddr ram

Inititally, the system will just cover my development needs but when I can swing it I’ll setup a nice raid array to cover my file and backup needs.

Those crazy boys and girls at Google have release yet another tool.  Called the Google Web Accelerator, it’s basically a proxy server/cache system.  It’s for broadband users only also.

The basic premise of the thing is this.  With Google having huge datacenters full of computers all over the place, you probably have a faster and more stable connection to Google’s systems then the random webservers floating out in the net.  So, instead of directly accessing websites you connect to the Google system and have it download the pages for you.  Then Google caches the pages and should another Web Accelerator users request the same page they just send the cached page.

In theory it sounds like a nice system but there are a few issues I have with it, and there’s one helluva big but too.

1) The boys and girls at Google know two things really well.  Searching and selling strategic ads for the searches.  I find it hard to believe that Google would offer this server if it doesn’t in some way allow them to incorporate one or both of these points.

My guess would be that they are monitoring all the pages that you visit using the Web Accelerator.  Why?  To improve search results of course.  Think of the raw data you can get from monitoring browsing habits of people.  If certain sites get lots of hits then there’s a good reasoning that the content of those sites are considered better quality to web users.  So give those sites a boost in their rank for their page content.  Do some sites draw in many visitors that only follow links to other sites?  In a similar reasoning you might decided that these sites link to good content that web users find useful.  So why not give these sites an improved rank worth to.

The paranoid might say that Google will get people hooked on the Accelerator and then start slipping in their Google ads into sites.  That’s what spyware programs do and I don’t think Google would be that low to pull a stunt like that.  They’ve taken a lot of time and money to convince people that they’re an ethical and upstanding company.  Pulling crap like that would kill them.

2) Since Google is working as basically a proxy server as a website operator and system admin I’m not too happy about that.  Website operators and system admin many times compile stats from their webserver logs.  The webservers log every page access and include the ip addresses of every computer that connects to the site.  You can do what’s called an ip lookup and find out some handy info about your visitors.  You can find out what ISP or company owns the IP address.  This lets you know a few facts such as the country the visitor is probably from and if they’re using broadband or not.  As a website developer these facts help you design your site better for the users. 

Problem is, Google is acting as a proxy server for users.  That means all the access logs show the users coming from a Google datacenter.  Now I have no ability to process those logs to get useful info from them.

The other part of this proxy thing that bothers me is the fact that I don’t like Google downloading my site content once, caching it and feeding it to others.  Well this is a good and bad thing.  The good being that it does reduce bandwidth and system load on my server but the bad is that I want visitors to access my site.  I like to know how many people are actually visiting my website!  I know I got one hit to my site from Google but no idea if 10 or 10,000 people visited my site today because they get their pages from Google’s servers not mine.

3) This is the big BUT that I have.  This isn’t 1995.  Web pages aren’t just static html pages that people upload to a server.  Most page content is built on the fly.  Web scripts pull content from databases and build custom pages for every visitor.  Many sites have people log in to view these pages too.  Currently, the Google Web Accelerator caches these dynamic pages and feeds them to other users.

Do you see the problem with this?  I sure hope you do!  This is a horrible security issue.  If you visit a page with the Accelerator, say a message board for example.  It caches the message board pages and will send them to someone else! 

Wait I still don’t see the problem with that you say?  People are actually get cached pages of other users.  Joe User is logged into the message board.  At the top of the page it says “Welcome Joe User”.  Sue User visits the message board too.  Guess what she sees at the top of the page, “Welcome Joe User”!  That’s right she’s seeing Joe’s pages and not her own! 

Again Sue clicks to view her private messages.  Good ol’ Google Web Accelerator gladly sends a cached page and Sue sees Joe’s Private Message inbox instead of hers!

Now luckily Sue is never actually logged into Joe’s account.  She could never change his password or post messages as him but she’s seeing his private pages.

This isn’t theory either people!  It’s actually happening!  There are posts at message boards where people are posting screen shots of their browsers with private message inboxes of other users!

Now as I said you are never actually logged in as another user but you still manage to see pages that are not really for your eyes.  Also, the Web Accelerator doesn’t cache encrypted https pages so there should be any stories of people’s credit card info, etc showing up on retailers’ sites.  Thankfully!

Now I’m no Google hater so don’t think I’m being mean for the sake of bashing Google.  I only use Google for searches and I do have a few GMail accounts, still, there are some terrible security issue here folks!  I won’t be using the Web Accelerator anytime soon and I highly advise others to think before just blindly installing it because it comes from Google.