If you need to measure uptimes on windows machines, then you need to download the uptime tool. It gives essentially the same information as:
net statistics server | find "Stat"
but it can be run against a variety of OSs from a single host. I run it on a Vista machine against XP, 2003 and 2008 servers.

We use a variety of software and services, and I have experience with a variety of companies, so I thought it might be helpful to share my experience and opinions.

* AIX - I've worked off and on with AIX for a couple years now and I've found it to be an extremely stable and reliable platform, but not a terribly easy one to work with. I'd recommend using BSD or Linux or even Windows if you're developing a new project instead, but if you need a stable system and have AIX available, it will do nicely. Support is expensive and you need RISC to use it, but uptimes and hardware are comparable to what you'd expect from big iron.
* CentOS - This is the Linux distribution I'd recommend for most enterprise systems. It has all the goodness of Red Hat's commercial software without the price tag. If you're capable of managing your own Linux systems and need enterprise class software as inexpensively as possible, then CentOS is a good choice.
* RHEL - Red Hat Enterprise Linux is going to cost you, but when you pay for it you get the benefit of updates from a team committed to providing secure and reliable systems. I recommend this for platforms that will be exposed to the Internet (for the sake of security) or for platforms where you expect more than a thousand users in a day.
* Network Box - This is a managed network gateway and security system. Essentially it will filter all your Internet traffic, scanning for viruses and keeping the system
* EMC - I loathe EMC. I've talked to several salespeople who promise everything that you can imagine and when you pay for something, they start having a vary hard time backing up any promises. They kill good companies like VMWare and Legato. Having talked to other IT people, I know I'm representative of the majority of their customers, stuck with them because they sold us something so expensive that we feel obligated to make it somehow work but with a deep loathing for the providers. (I got a new job, so I'm not stuck with them anymore.)
* SEP - I don't particularly care for Symantec as a company and I don't care for their software, but Symantec Endpoint Protection is a decent package for the money with decent network administration controls. SEP is definitively better than previous generations of anti-virus.

In the past I've experimented using NFS served from Linux and mounted on AIX. Some issues led me to far that sync was not handled correctly for AIX 5.3 with default choices, but just for reference, I'd now recommend exporting something like:
example.com(rw,insecure,all_squash,anonuid=0)

I've been getting dozens of spam entries as comments on my blog daily. They don't show up because I enabled a comment moderation script a long time ago and regularly delete all the entries. Today I decided to go ahead and test the associated spam block tool, just to keep down the amount of maintenance I've been having to do. If you've made a comment and wondered what happened to it, well I deleted it. So much spam on the blog means that I don't even take the time to read the comments anymore. Hopefully this will clean it up somewhat.

Update: This was applied on September 5, 2008. On that day I received 27 SPAM entries. After September 5th, I have received none.

Here is a bit that I did last night:

#!/usr/bin/bash
echo "Starting VPN initialization script."
echo "If all goes well, you will need to choose your configuration,"
echo "provide your decryption password and then leave this window"
echo "open until you are done with the VPN connection."

echo
cd /etc/openvpn
userchoice=''
thischoice=''
standardreminder="You may exit the VPN connection at any time by pressing\nCtrl and C keys at the same time.\n\n"
while [ -z "${choice[$userchoice]}" ]
do
ct=1
for i in *.conf
do
choice[$ct]=$i
let ct++
done
echo -e $standardreminder
for ((i=1; i<$((${#choice[*]}+1));i++))
do
echo "Choice $i: ${choice[$i]}"
done
echo -n "Choose your configuration by number: "
read userchoice
userchoice=`echo "$userchoice"|sed 's/[^0-9]//g'`
thischoice="${choice[$userchoice]}"
echo "Choice is: ${choice[$userchoice]}"
if [ -n "${choice[$userchoice]}" ];then break;fi
echo "Invalid choice"
echo
done
echo "DEBUG: proceeding with choice: $thischoice"
echo "DEBUG openvpn --config $thischoice"


Okay, this totally cracked me up:
http://www.angryalien.com/1205/starwarsbuns.asp
It's Star Wars reenacted in 30 seconds, by bunnies.


In other news, openbsd rocks, but the people who use it, not so much.

When I heard about the Freddie Mac and Fannie Maye "bailout" (actually relaxing of regulations and potential for additional credit) my gut reaction was displeasure. Now I hear that they are held in large part by foreign investors, and chartered by the US government.

On the plus side, the dollar gained again. Woo-hoo!

Ha, loved this:
http://tools.ietf.org/html/rfc2321

http://tools.ietf.org/html/rfc1149

I was just following a poll about identify theft and considered how much more effective enforcement would be in this area if the victims were allowed to go after the criminals.

After I pondered this for a couple minutes, I thought, so why can't they? Is it illegal to find someone committing identity theft and detain them until the police come to take them (and probably you) into custody? A quick skim over a wikipedia article on citizen's arrest and the answer is maybe. It certainly might be. Are we as a society unwilling to do anything about crime?

You need to know what is on your network, and you need to keep your information current. How? Well, why not ping everything in range and then do arp and dns lookups for the active ones? Here is the script I used:

sysresccd IPMgt # cat ipfinder.command
function main
{
quittingtime=`date +%s -d+5days+14hours`
while [ `date +%s` -lt $quittingtime ]
do
if [ -f NonLiveIPs.current.txt ]
then
mv NonLiveIPs.current.txt NonLiveIPs.old.txt
fi
touch NonLiveIPs.current.txt
touch LiveIPs.txt
firstpart='192.168.0.'
lastpart=1
while [ $lastpart -lt 255 ]
do
(
# # %03s - three characters, padded with zeros
strlastpart=$(echo $lastpart|(awk '{printf "%03s", $1}'))
thiscommand="ping -c3 -q ${firstpart}${lastpart} 2>/dev/null|grep '100% packet loss'"
cmdresult=$(eval "$thiscommand")
echo "DEBUG: thiscommand: $thiscommand"
echo "DEBUG: cmdresult: $cmdresult"|cut -b1-80
if [ -n "$cmdresult" ]
then
echo "DEBUG: noresponse processing"
thiscommand="grep ${firstpart}{strlastpart} LiveIPs.txt"
cmdresult=$(eval "$thiscommand")
echo "DEBUG: cmdresult: $cmdresult"|cut -b1-80
if [ -z "$cmdresult" ]
then
echo "DEBUG: noresponseX2 processing"
echo "No Response: ${firstpart}${lastpart}" | tee -a NonLiveIPs.current.txt
else
echo "No Response: ${firstpart}${lastpart} - Temporarily down?"
fi
else
echo "DEBUG: responded, processing"
arpresult="$(arping2 -c1 ${firstpart}${lastpart}|grep 'index')"
echo "DEBUG: arpresult: $arpresult"
macaddr="$(echo $arpresult|awk '{print $4}')"
echo "DEBUG: macaddr: $macaddr"
if [ -z "$macaddr" ];then macaddr="00:00:00:00:00:00";fi
datestamp=$(date +%s.%d%b%Y_%H.%M.%S)
echo "DEBUG: datestamp: $datestamp"
dnsname="$(nslookup ${firstpart}${lastpart}|grep 'name'|awk -F= '{print $2}')"
echo "DEBUG: dnsname: $dnsname"
if [ -z "$dnsname" ];then dnsname=" unknown.dtfcu.com";fi
echo "${firstpart}${strlastpart} $macaddr $datestamp $dnsname" |tee -a LiveIPs.tmp
fi
) &
let lastpart++
if [ $(expr $lastpart % 5) -eq 0 ];then sleep 1;fi
done
echo "DEBUG: pausing for a minute to ensure all processing finished"
sleep 60 #Make sure the delay stays here so everything finishes first
cleanlist
echo "Pausing for five minutes"
sleep 300
date
done
}

function cleanlist
{
sort LiveIPs.tmp|uniq >LiveIPs.txt #Must follow delay
rm -f LiveIPs.tmp;touch LiveIPs.tmp
for i in `awk '{print $1"_"$2}'<LiveIPs.txt|sort|uniq`
do
echo "i: $i"
searchstr=$(echo "$i"|sed 's/_/ /g')
LastUniqContact=$(grep -F "$searchstr" LiveIPs.txt|tail -n1)
echo "$LastUniqContact"|tee -a LiveIPs.tmp
done
mv -f LiveIPs.tmp LiveIPs.txt
}
cleanlist
echo "List cleaned";sleep 1;date;
main




I needed an easy way to get a report on what was going on on a Linux server, mostly just so we'd have an activity baseline.

I threw together this quick script to do it:

:~> cat bin/reportmaker.bash
#!/bin/bash
echo "<html><head><title>Report `date`</title></head><body>"
echo "<p>"
anchorct=0
for j in `find /proc -maxdepth 1 -type f 2>/dev/null | grep -Ev '.gz$'`
do
i=`basename $j`
var="cat $j|sed 's/^/$i: /'"
echo "Command: <a href=\"#anchor${anchorct}\">$var</a><br>"
let anchorct++
done
echo "</p>"

anchorct=0
for j in `find /proc -maxdepth 1 -type f 2>/dev/null | grep -Ev '.gz$'`
do
i=`basename $j`
var="cat $j|sed 's/^/$i: /'"
echo "<pre><a name=\"anchor${anchorct}\">$var</a>"
eval $var|cat -v
let anchorct++
echo "</pre>"
done


These are my rough notes on beginning to work with Server 2008. I expect to clean them up later.

Server 2008 is easy and fast to install and it has been painless to use so far.

Hyper-V did require me to change the Bios settings before it would start the hypervisor, but once running is very nice to work with.

Raw disks seem to work well.

Notes on migrating virtual machines from Virtual Server 2003 to Server 2008 Hyper-V:

* Set the IP to DHCP and if possible, remove the ethernet adapters
* You MUST be on Server 2003 SP2 if at all possible, the mouse and network will not work otherwise
* In Device Manager, select "Show Hidden Devices" and disable ParVDM (no parallel ports in Hyper-V

A ship in port is safe; but that is not what ships are built for. Sail out to sea and do new things.
- Grace Hopper

My website worked and it was not completely unattractive. It had tools, some content and hopefully a little humor. Yet, a website should not be static, the same thing forever, it should grow and become more useful, more interesting over time. So, my website has changed and I'm about to make the pages I've been working on become the primary pages.

The changes are mostly the rebuilding of three wikis as a single wiki. This enables almost all the content to be searched from one location and simplifies management. I've learned a bit about how to use the tools in the wiki over time, and this gives me a chance to do better what I'd done before.

It also gave me a chance to dig into the guts of the code a bit and learn how it really works. The program is not so complex that it is impossible to fully comprehend but it defies minor tinkering and so there was a good bit of reading involved as well. I was able to do what I aimed for though, that being to integrate my own PHP code into the system, building it dynamically within the confines of the CMS. Essentially I can now call any custom designed (and pre-approved) function of my own creation with <?php somefunction?> tags inserted into the wiki content.

Regular readers will also notice the Blog has been reformatted to be closer in color theme and layout to the primary pages. It is a completely different piece of software and in some ways as complex as the wiki. It could not be simply tacked into the wiki and had to be manually adjusted on several levels to get it to both appear to be a part of the same site and also contain the navigation configuration I like. As much as I like both, they do not play nice. I'd like to consider rebuilding significant portions of the blog and integrating them into the existing blog code and then tie that into PMWiki, but the work involved to take such disparate coding systems and rebuild so much of each is somewhat daunting. Perhaps another day.

I've also removed all the javascript that made the blog fade in and out. Essentially I decided it was too little payoff for too much bandwidth. It is a cool idea, but probably best not to use it that way.

Three Rings for the Elven-kings under the sky,
Seven for the Dwarf-lords in their halls of stone,
Nine for Mortal Men doomed to die,
One for the Dark Lord on his dark throne
In the Land of Mordor where the Shadows lie.
One Ring to rule them all, One Ring to find them,
One Ring to bring them all and in the darkness bind them
In the Land of Mordor where the Shadows lie.
- J R R Tolkien


Around a year ago, I realized that hand coding my website was taking more time than it would to use a good CMS. I decided to replace the habits I had of using vim to build all my web pages and put the content into a different system. I wasn't happy about the overhead of the main wiki (MediaWiki) I'd been using, and found PMWiki to be a better option. MediaWiki is powerful and has a rich feature set and is widely adopted, but it relies on a database system, which I didn't really want. I know from past experience that a personal site with meager funding can't afford to be too picky about hosting and thus there is a chance that if I lock myself into a database system, one day it might not be there at all. PMWiki doesn't use a database system, instead it uses files to manage content and indexing. Its widely used (although not as widely as MediaWiki) and the syntax isn't too tough to learn. Overall, it has served me well.

The next step was to gather content and put it into the wiki, but there was a pretty ungainly bundle of web pages on the site, and a lot of them used common resources and customized scripts I'd written over the years. To deal with that, I started gathering them into three groups, computer stuff, general writing and entertainment. In the process, each got its own wiki system and eventually pretty much everything that could be bundled had been bundled.

Now I'm consolidating the three wikis into a single wiki. This should make the entire site much easier to manage and make it search friendly. It will take some time, but I'm well on my way now. The trickiest bit is maintaining old paths that have been linked to externally. I have previously been hand coding wiki-like pages to fill the locations, but I'm going to switch to redirects shortly.

So I'm taking my three wikis, which were essentially binding together the site and combining them under one new one. Tolkien would be flattered I think. Read More...

I think a nerd is a person who uses the telephone to talk to other people about telephones. And a computer nerd therefore is somebody who uses a computer in order to use a computer. - Douglas Adams

Lets say you're staying at my neighbor's house and you fire up your laptop and jump on the wireless. Oops, you got my wireless, and why not? It's completely insecure after all. You check your gmail and check yahoo news, but then you try to go to myspace.com and you get some other page instead! Yes, my temporary neighbor, you're being blocked. My wireless now allows anybody on, and allows surfing to a list of pre-approved sites, but only those sites until you perform some other authentication. If you should happen to try to access something not white listed, you get a friendly replacement page with a handy list of pre-approved sites.

Its magic! Actually, it's a combination of OpenVPN with squid proxy and some pretty complex IP Tables firewall settings. Essentially it works this way, the wireless router will let anybody on, but the firewall machine assigns the DHCP with itself as the default route. Of course, you might be able to route yourself through the wireless router, but it makes no difference. Once you are connected, all traffic on port 80 is redirected through a transparent squid proxy, which allows traffic monitoring and more particularly allows only browsing to a specific list of domains. If you try to access something not in that list, you get the squid error message, the custom one that frames a page presented by my second http server. I'm running two because there is significant work on the main one, and only minimal interaction on the second so the first is Apache and the second is thttpd (tiny httpd.)

Periodically a cron job runs to update the list of sites in a file available to the thttpd server. It presents an error when you hit anything that doesn't exist, and the only other pages are one that builds the list (cgi written in C) and the index, which frames the error.

Its all invisible to the end user of course, as far as they see, they can only browse my approved sites through my wireless network, as a guest might expect, and they don't have to know anything at all to use it.

Next on the agenda is to set up a mailing system so that guests can request openvpn encryption keys or addition of whitelisted sites. I of course, already have an encrypted tunnel and therefore I can do pretty much anything I feel like on it.


"What really is the point of trying to teach anything to anybody?"
This question seemed to provoke a murmur of sympathetic approval from up and down the table.
Richard continued, "What I mean is that if you really want to understand something, the best way is to try and explain it to someone else. That forces you to sort it out in your mind. And the more slow and dim-witted your pupil, the more you have to break things down into more and more simple ideas. And that's really the essence of programming. By the time you've sorted out a complicated idea into little steps that even a stupid machine can deal with, you've learned something about it yourself. - Douglas Adams

Know ye therefore that they which are of faith, the same are the children of Abraham. And the scripture, foreseeing that God would justify the heathen through faith, preached before the gospel unto Abraham, saying, In these shall all nations be blessed. (Gal 3:7-8)

As a justified heathen, I say I am blessed to be one.


I have a network at home, about eight or so computers, but really three regular use ones and I don't care for stringing wire, and I have a wireless router, so making it work is important to me. Now it is possible, without too much trouble, to use an encrypted session (using WPI PKI not WEP, WEP is easily hacked, WPI is much safer) but that means that I have to have a long key handy whenever I want to log in, and hope that my particular card and OS support it. Typically Linux does support it, but I do try out various distributions from time to time and getting encryption working between different hardware can be tricky. There is a better alternative: introducing OpenVPN! (and you should hear a crowd cheering in your imagination at this point.)

OpenVPN is a way to tunnel all your traffic through a network connection, wireless or wired, and it works on Windows, Mac and most Linux, plus it is software so you don't have to do any special hardware work beyond the minimum. Essentially, it gives you a method of keeping your traffic secure without having to worry about special drivers.

I'm using it to let my wireless network be totally open (well, the admin of the router isn't but that's about it.) This means that I can connect to my wireless network without needing any passwords or encryption at all. It also means that anybody driving down my street or visiting the neighbors could too. I'm a friendly guy, and I do try to be helpful, but I'd rather not worry too terribly about what my Internet connection is being used for, so I'd rather that I was the only one allowed to use it. This is where a good firewall comes in. If the connection from the wireless network has to come in on VPN because the firewall blocks anything else, that means that VPN is now required.

Enough with the theory, the application was not bug-free. In fact, after much testing, I had found that I had no trouble using OpenVPN between machines on the wired network, but a whole heap of trouble when I tried to use it on the Wireless. Eventually, with a lot of testing and tracking packets, I was able to confirm that it seemed packets could come from the wireless, talk to the VPN, but then they couldn't come back across the wireless to the machine making the requests. It might be possible, but it is certainly not easy to change that behavior on the DI-524 D-Link wireless router I have.

So eventually, rather than trust the thing to manage my network, I just bypassed it by putting the OpenVPN (and Internet Gateway) server on the "LAN" side of the router. This means that now people connecting to the Wireless router can communicate directly with the OpenVPN server, without going through the standard router manipulation. It also meant I had to disable DHCP on the Wireless router since it couldn't make anything but itself the gateway and enable it on the interface that connected the OpenVPN server to the LAN side of the router. Not satisfied with that though, I set them both to be DHCP servers since the OpenVPN server seems to get precedence and just set them to assign non-conflicting ranges. Now it is possible to get on the Wireless even if the OpenVPN server isn't doing DHCP correctly, so it makes it possible to troubleshoot, but typically the OpenVPN server is doing fine.

Once I passed those hurdles, I have no trouble getting a wireless connection, and it does DHCP assignment as you'd hope, DNS assignment (and forwarding) and all that good stuff, but I still want to lock out the neighbors. Actually, I'm trying to lock out anybody that might be using it for anything illegal, but how well do you know your neighbors really, do you know their friends? So it is time for some healthy paranoia.

In with IP Tables. Here, I'm not really done. I've got something that works, but not as perfectly as I like so I'm going to refrain from passing on any advice on exactly how your firewall should look, suffice it to say that there are plenty of tools and manuals out there for you to consult, but I do have some other advice:

Suggestion 1:
Freenx and Nomachine rock, try them. It's like VNC (remote computer management) but smoother and better. Nomachine is clear that their product is not the same as Freenx, but you can use them together so I do. I would recommend trying Nomachine first if you have the option, since I had some initial trouble getting documentation. I had to do some experimenting to find out exactly how to set everything up with FreeNX, but if you're comfortable with that sort of thing, it isn't too bad. Of course you don't really need a GUI interface for your server, but why not have one if it is easy and, as far as I've been able to tell, secure. Freenx and Nomachine have a good system set up, using public/private key based ssh tunneling.

Suggestion 2:
Set up a simple "fix my router script" when working on your network remotely. For me, I have a script I call "insecurerouter.bash" which pretty much opens the system up to all traffic. I keep that machine pretty safe anyway, so it shouldn't be easy to compromise, but it does mean that anybody can connect to it or the Internet through it. I then set up an infinite looping script to check for the presence of a file every five minutes, and reset the router if it is there. Then I run another script on the connecting machine to remove it up to once a minute. One the router it looks like:
#!/bin/bash

while true
do
touch /home/unprivuser/.routerreset
chown unprivuser:unprivuser /home/unprivuser/.routerreset
sleep 300
if [ -f /home/unprivuser/.routerreset ]
then
echo "RESET ROUTER AT `date`"|wall
/root/bin/insecurerouter.bash
else
echo "No reset at `date`"
fi
done
and on the other machine I've got password-less ssh login set up (using encrypted keys and keyring to keep them in memory) and it has a screen session running with the command:
(while true;do date;ssh n 'rm -v ~/.routerreset';sleep 60;done) &
also inside a screen session. Sure, there is a little verbosity there that isn't really required, but sometimes it is nice to be able to check on what's happening, and screen has a very low overhead. Essentially, this means then when I'm testing a new firewall, if I manage to lock myself out, no more than five minutes later, I can log back in and try to figure out what went wrong. If you are building your own firewall, things will go wrong, and that leads to my next suggestion.

Suggestion 3:
This one is about IP Tables, and while I don't feel qualified to preach on the proper usage (I'm not currently filtering OUTPUT) I do feel it is worth noting that it is MUCH easier to troubleshoot if you log every unidentified packet you drop. That means that you can check your logs when something doesn't work and see if it is due to your rules, and if you're hand-coding your rules like I am, that is a lifesaver.

This entry was previously part of the site news section and was moved to the blog later.

My site has included a blog for a while now, but I've not been happy with the way it was integrated with the main site. I've now got it scripted to fade and disappear with a Hide link, so it should be friendlier. I've also had to put in verification of comments due to a surprising level of spam.

I changed the site to use a javascript managed window slide but it relied on frame resizing, and I couldn't stand that. Now it still uses a frame, but it's an inline frame and the hiding is managed by javascript controls on the div tags manipulating the opacity. The biggest trick is trying to guess how it will work in other browsers, so YMMV. I did try to deal with that by handling both opacity and filter settings, and also putting in modifiers to change both the delay between increments of change and degrees of change so hopefully it will work on all browsers ever created. And, if it doesn't, well my site doesn't require javascript, and non-javascript enabled browsers can just use the in page standard html links since the link to use the javascript fading controls is itself reliant on javascript to display.

I can't decide whether to hate or love javascript.

I should be asleep right now but I was just revisiting my article on the origins of the GUI and I thought it worth a moment to restate a quick summary here.

ARPA - Had a GUI and Douglass Englebart (sp?)
Xerox PARC - Got Douglass and made a GUI and personal computer at $40,000.
Apple - Had Steve Jobs who had stock in Xerox and visited and later released their own GUI
Microsoft - Made deals with Apple and then came out with a competing product

Lawsuits all around.

Now you can buy a home computer with Apple, Microsoft or Linux and all have an easy to use GUI.

FYIs:
The other major player in the OS world is Unix, which came out of Bell labs, but is now owned in part by several players.

Linux is not Unix, but it looks and feels a lot like Unix
Mac OSX Leopard is actually Unix and it feels a lot like Linux
Windows is the only OS that doesn't have strong ties to Unix and the argument could be made that the heavy development lifting done for Windows XP was done by Unix developers

I bring this up because I am typing this from an Apple and will probably be working on a Unix machine tonight. I'm going to head off to dreamland for a couple hours and I imagine that I'll be thinking somewhat of the question what makes Unix so special?

I suspect it is in large part because it is source code that is so widely spread it is nearly open. Linux is certainly due at least in part to the freedom that comes with Open Source software and BSD is nearly Unix, and in fact the Apple system is based on a BSD version that has been certified to now be Unix. AIX is what runs our major systems, and it is Unix.

What else is out there? There are a couple interesting players:
ReactOS - Open source Windows XP compatible variant, not quite ready for prime time.


Anyway thats enough for tonight.

Go Walmart, Go Walmart, Go Walmart, It's your birthday, It's your birthday
They're sold out of Linux computers!

Okay, a lot of people think Walmart is evil, but I'm far from convinced. I am convinced that they are run by savy marketing people with a keen sense of how to turn a profit.

If I could guess at their overall strategy though it would be:
Buy cheaper, transport cheaper, sell cheaper and sell a whole frickin lot!

Now I just read the news that they sold out of the $200 Linux Desktop machines they're selling.

I knew they were selling them but it sounds like they didn't even get to the shelves before they were ordered out of stock online.

It's the year of Linux people! I didn't think it would happen this year, but if Walmart started planning to stock and then sold out of them, it is the year of the Linux desktop.

Okay, so now my site is up for public review. It did not however get here as smoothly as I expected. First, I noticed that there were a lot of files not being uploaded and I've been using age controls so it turns out that many files have not been modified in a long time. I fixed that with find ./ -exec touch '{}' ';' and of course, now it had to upload every thing. That took me to the next step of setting an undocumented argument so that it could skip to the number of the file that it left off on. Finally, I finally had a timeout problem, and sure enough, it was not working correctly since I was not resetting the disconnected flag after reconnecting, essentially making a new connection for each file after a disconnect.

Now of course, it's bug free... this time. For those of you who don't recognize my phrase, it's what I now commonly use to indicate that while I've done my best to write a good program, I haven't tested it well enough to find out where the problems are, and there are always problems.

I've now added some scripting to the site and I think I can be happy with it. When you hit the index page now, the blog and normal pages are loaded in frames. If you have javascript enabled then the frames will be resized so that the blog is the full screen with the regular site hidden and then the regular page will seem to scroll over on top of the blog very quickly. I added a regular link to the blog on the main page and a javascript revealed link that scrolls the main pages back out of the way to the main menu bar. Essentially, the page remains as functional as it was, but now it has some javascript to make it obvious there is more content to see if you click the something. I'd like to ake it blink while the bar is scrolling away, but I don't feel it is worth the effort at the moment. I had to tweak the temlate I'm using a little though, now the "Hide Blog" link points to the main site. It's not quite as snappy as javascript all around, but I use noscript so I imagine others do too.

Today I decided I needed to update my site pages. I have a little 500Mz Annvix Linux server at home and I've been making a pretty steady stream of updates to my site on it, and when I'm satisfied with it, I copy down a backup of the existing site and then upload the one I've been working on. I've got some tools to make it easier, but they didn't work exactly as planned:

I use a version of the uploadsite.pl script (found on my software pages) to automatically push my site up. The copy down worked like a charm but the delete existing site script is still a little buggy. I got it fixed enough for now and then corrected the uploadsite.pl script a little to make it continue working after ftp timeouts. I set it up to do a check for connectivity before each upload and if it isn't there it will now reconnect. It had shown timeout problems before, so this corrects that.

The math flashcard front page (see homepage) didn't look right due to different default css resources between the local and remote server, so I changed it's layout to use tables more effectively. I don't like using tables to layout html, but sometimes it just works better than the alternatives.

Finally, I got around to creating the blog and got this nifty script which made most of the work very easy. As an added bonus, it appears to create files which will merge up and down nicely so I can post to either the home private server or public server blog and then sync them up later. As far as features go, it had everything I was looking for and an RSS feed tool which I didn't even realize I might want until I noticed it was there for the clicking.

I wouldn't have put so much time into my own stuff except that I don't have to work tomorrow (officially, though I may do a late evening update) so I can stay up until 3:00 and not suffer any terrible consequences, in fact, it may make it easy to take a late nap and thus be even better for the evening update process. I like to be well rested when I get ready to mess with production severs, especially when I'm going it alone.

Now the only thing I know I need to do is add the blog to something that will make it visible on the main page without being overbearing. I'm thinking that what I should do is put it in a div that starts out opaque but then shrinks the amount of the blog it shows and becomes mostly transparent. I'm still considering where to remove the site news information or not, since it basically does the same duty as a blog but it is much less active than I expect this to be.

On the learning curve process, this was (almost) all done from my new MacBook. Right now I'm still in the phase of trying just to learn how to use it easily. I've got the two-finger to scroll part down I think. I've got the Apple+Q to close and two finger tap for context menu (equivalent to right click for MS user) down. It still bugs me to have to use the Apple instead of the Control key for some things. I am still not used to not having real Page-Up and Page-Down buttons and the lack of an End key is irritating the heck out of me. Even the missing Delete key irritates me. It's a slick little machine, but it doesn't have all my creature comforts. I'm learning to get by without them though and to use the alternatives, it just takes time to break the old habits.

I have the Annvix server set to recognize the requested URL so I can have multiple websites on there, but it means I need to be able to tell the machine I'm using where to find that particular site. For Linux it means putting an entry in /etc/hosts, for Windows it means an entry in C:\Windows\drivers\etc\lmhosts and for the Mac it means that I put an entry in /etc/hosts and then update the host database with niload -v -m hosts . < /etc/hosts and finally clear the cache with lookupd -flushcache. All of this is made slightly easier by using a terminal called iTerminal instead of the default OSX one. It isn't much better and the arrow keys still don't send what the Linux terminal is needing, but it's good enough.

I hate to say it, but when I compare the ease of use between the MacBook and a regular Linux installation, it seems like the Linux is easier to me. I suspect it is just from long experience, but we'll see after a few months if I still feel the same way. For the most part it feels like I'm using Solaris with a much prettier interface than it used to have.

This entry was previously a part of site news and was moved to the blog later.

My child needed practice with multiplication and doing it orally and on paper didn't produce the desired results. This is sort of like a flashcard program, and it is free to use online, so I'm putting it out there for others.

This entry was previously a part of site news and was moved to the blog later.

Not exactly site news I'm officially and legally single again. It isn't exactly a good thing, but it is for the best.

This entry was previously a part of site news and was moved to the blog later.

I've been a fan of Wiki's for a while and have been becoming familiar with PM Wiki. I needed a CMS system and this seems to be a good middle ground. It needs some more fleshing but I think it will be easier to maintain and expand this way.

This entry was previously a part of site news and was moved to the blog later.

I actually liked Zeeblo.com when it worked. Now it seems to have disappeared off of the face of the Earth. The good news is that a geekier friend of mine is now hosting my site through 1and1.com. He is happy with it and he's been dependable for many years so I'm confident that this host will last.

This entry was previously a part of site news and was moved to the blog later.

The problems with my site were serious , and I couldn't give them the correct password to restore it since I store that sort of thing. Usually I have a backup but this time didn't have sufficient notes to figure out which of my backed up passwords it really was. They were able to recreate the space and account though and I just uploaded my staging site and was instantly back online. (Maybe not instantly, since I had to correct a permissions issue, but really fast.) I highly recommend doing your site development on your own computer. If you don't have a computer you can do it on, you can get a virtual machine from free from www.vmware.com which also works great. It doesn't rock as much as running your own server for testing, but it is the next best thing. Failing either of those options, you can install Apache with PHP and Perl on your machine and test that way. All of these solutions work with either Windows or Linux. Vmware will also give you the options to try out more arcane solutions like Minix or other Unixes. IIS by the way, is not as cool as Linux with Apache, but you can read more about my opinions on that on my opinions page.

This entry was previously a part of site news and was moved to the blog later.

They don't store your actual password and they had an issue with lost accounts. Fortunately for my afore mentioned associate, it didn't affect his site (or most of the others) but a few of us tried to hit our site and discovered they weren't there. Zeeblo responded extremely quickly to address the problem.

This entry was previously a part of site news and was moved to the blog later.

A friend and associate of mine also switched to Zeeblo since he was having trouble with his host. They've had problems from time to time, but they're offering an awesome service.
- March 06, 2006 - I received notice that I have a message waiting for me at Zeeblo with approval, however it looks like they are having trouble with their mysql server. I cannot read the text but I'm holding off purchasing other hosting until I get a chance to see if I can get started with them. Meanwhile, recoding continues.

This entry was previously a part of site news and was moved to the blog later.

I received notice that I have a message waiting for me at Zeeblo with approval, however it looks like they are having trouble with their mysql server. I cannot read the text but I'm holding off purchasing other hosting until I get a chance to see if I can get started with them. Meanwhile, recoding continues.