Sekiur My Thoughts

Peter Schiff predicted the financial recession two years ago.

Peter Schiff’s take on the BailOut Bill.

This book just jumped to the top of my reading list. (Crash Proof: How to Profit From the Coming Economic Collapse)

Great pic that just goes to show how small we (earth) really are.

Great sketch from Saturday Night Live I had to post.

Ever since I was a child I have been fascinated by Genealogy (the study of families and the tracing of their lineages and history.)

In the late 80’s I made my first attempt to compile my family tree using Clarisworks for Macintosh. After more than ten years, trying to get the non-standardized data from that program and damaged ZIP drives is almost impossible.

I started collecting data again about 3 years ago, after evaluating several offering including several desktop applications including the widely used Family Tree.

I came to the conclusion that I didn’t want to do this all by myself. I needed to enlist my family to gather and enter this information, so a web based application that allowed anybody to participate by entering information was ideal.

PhpGedView is an Open Source web application that runs on php with a MySql backend allowing more than one person to contribute to the family tree, while at the same time having the administrator approve content going into the family tree. Features include charts and lists, PDF reports, visitors and users options, GEDCOM 5.5 Support.

With everybody leading busy lives, its hard to get people to participate. Its just not fun entering information about your family into a site leading to my disappointing 60 entries.

Several months ago, I created a family group within Facebook and that group has almost reached 200 people as I write this entry in my blog. Having a hip web app within Facebook to gather this data would be so much effective.

There are now several Web2.0 startups that target this market. Geni, MyHeritage and Kindo, which MyHeritage recently swallowed.

Even though MyHeritage has more users and traffic, Geni has the Facebook application which would make it real easy when sending an invite to the group.

Only issue remaining of course is privacy. How do both of these companies deal with the privacy of all this data.

Thanks to my friend Jeff Pulver for an invite to Allofme.com.

A very interesting startup on collecting and sharing media known as digital assets over time. You can upload images, videos, web pages, as well as link to Picassa, Flickr, YouTube, Twitter, and coming soon will be facebook as well as Google Calendar. I see it as a kind of digital diary to look back upon. Applications are endless the more and more I think about it and see something great here.

Great looking flash timeline allowing you to easily navigate your timeline and any other timeline that you add or is featured on the site. After creating some of the timelines of your own, you can graphically see how your specific dates match other relevant dates on featured timelines or even people on your network.

Started by linking my Flickr and Twitter and had to come back a couple of days later to see if they had synch’d. Still waiting for Flickr to sync.

Will probably shoot some invites out and add some timelines to see what the hooked factor is.

This will give you the capability to scan e-mails for spam, viruses and phishing using a variety of open source programs before they arrive to your e-mail server.

From Sekipedia
Jump to: navigation, search

* Install CentOS 5.1 barebones (customizing the install with nothing checked.)

* Update the system

yum update

* Install Additional packages

yum install ntp

yum install vixie-cron crontabs

* Download and install Webmin

cd /opt

wget http://prdownloads.sourceforge.net/webadmin/webmin-1.430-1.noarch.rpm

yum install perl-Net-SSLeay

rpm -ivh webmin-1.430-1.noarch.rpm

* Disabled unneeded services

service iptables stop
service ip6tables stop
service netfs stop
chkconfig iptables off
chkconfig ip6tables off
chkconfig netfs off

* Install Postfix

yum install postfix

* Configure Postfix

myhostname = titan.corp.com
mydomain = localhost
myorigin = $mydomain
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain, $mydomain
mynetwork_style = class

* Configure Postfix to forward email

relay_domains = lab.net

This tells Postfix which domains it should relay mail. All mail destined for this domain (and only this domain) will be forwarded to its remote SMTP server. You can put multiple domains here, just separate them with a comma or whitespace.

Add line to end of main.cf

transport_maps = hash:/etc/postfix/transport
mailbox_size_limit = 20480000
mailbox_size_limit = 20480000

This tells Postfix what method to use to resolve the destination address for relayed mail:

Add line to end of “/etc/postfix/transport”

lab.net smtp:[192.168.2.225]

This command specifically maps the domain “lab.net” to the IP address 192.168.2.225 and tells Postfix to use SMTP as the transport. All mail destined for lab.net which is relayed through this Spam Gateway will be forwarded via SMTP to 192.168.2.225.

Then run command:

postmap /etc/postfix/transport

This command builds the hash table/file which Posfix will use to forward mail. If you don’t do this, it wont work.

Finally add this line to main.cf

append_at_myorigin = no

These lines will make sure your Spam Gateway does not add any of its own header domain info to the mail as it passes thru.

* Test Again

Stop and start postfix to make sure all changes take.

service postfix stop
service postfix start

I know this is redundant, but you really should test your system again before installing MailScanner. Make sure that mail gets passed through the system without problem. If you do encounter a problem, it will be a lot easier to fix it now than after you’ve installed MailScanner, SpamAssassin and ClamAV.

At this point incoming e-mail should go through the Mail Relay and be forwarded to the internal E-mail server.

* Install DAG’s GPG key

rpm –import http://dag.wieers.com/rpm/packages/RPM-GPG-KEY.dag.txt

* Verify the package you have downloaded

rpm -K rpmforge-release-0.3.6-1.el5.rf.*.rpm

Security warning: The rpmforge-release package imports GPG keys into your RPM database. As long as you have verified the package and trust Dag then it should be safe.

* Download and Install the package

wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.3.6-1.el5.rf.i386.rpm
rpm -ivh rpmforge-release-0.3.6-1.el5.rf.*.rpm

This will add a yum repository config file and import the appropriate GPG keys. At this point, you can set the priority of the RPMForge repository, and also of the CentOS repositories if you have not done so yet.

* Test with this command:

yum check-update

* Update the system

yum update

* Install perl modules and dependencies for MailScanner

yum install –enablerepo=rpmforge perl-Archive-Zip perl-Convert-BinHex perl-Convert-TNEF perl-DBD-SQLite perl-Filesys-Df perl-HTML-Parser

yum install –enablerepo=rpmforge perl-IO-stringy perl-MIME-tools perl-Net-CIDR perl-Sys-Hostname-Long perl-OLE-Storage_Lite

yum install tnef

* Download and Install MailScanner

wget http://www.mailscanner.info/files/4/rpm/MailScanner-4.71.10-1.rpm.tar.gz

tar -zxvf MailScanner-4.71.10-1.rpm.tar.gz

cd MailScanner-4.71.10-1

rpm -ivh mailscanner-4.71.10-1.noarch.rpm

chkconfig postfix off

service postfix stop

chkconfig MailScanner on

* Configure MailScanner Settings

Updates to postfix’s main.cf by adding this line:

header_checks = regexp:/etc/postfix/header_checks

In the file /etc/postfix/header_checks add this line:

/^Received:/ HOLD

Here are the edits to Mailscanner – place / update in /etc/MailScanner/MailScanner.conf

Run As User = postfix
Run As Group = postfix
Incoming Queue Dir = /var/spool/postfix/hold
Outgoing Queue Dir = /var/spool/postfix/incoming
MTA = postfix

Optional edits to MailScanner

Change %org-name%
Change %org-long-name%
Change %web-site%

Here’s some file permissions changes you’ll need to make:

chown postfix.postfix /var/spool/MailScanner/incoming
chown postfix.postfix /var/spool/MailScanner/quarantine

service MailScanner start

Its a good idea to test the server now. Send a message to the remote server and see if it goes through. It should, and then you can move to installing SpamAssassin.

* Install perl modules for SpamAssassin

yum install perl-Digest-SHA1 perl-Net-DNS perl-Archive-Tar perl-IO-Zlib

yum install –enablerepo=rpmforge perl-Encode-Detect perl-Mail-SPF perl-IP-Country perl-Mail-DKIM perl-Net-Ident

* Update the system

yum update

* Install and Configure SpamAssassin

yum install spamassassin

You don’t need to edit any of the SpamAssassin conf files because all of the configuration is done through MailScanner.

In /etc/MailScanner/MailScanner.conf we will make these changes:

Change this line:

Use SpamAssassin = no

to:

Use SpamAssassin = yes

Update the SpamAssassin User State Dir setting:

SpamAssassin User State Dir = /var/spool/MailScanner/spamassassin

and then run commands:

mkdir /var/spool/MailScanner/spamassassin
chown postfix.postfix /var/spool/MailScanner/spamassassin

Restart MailScanner to make changes stick.

service MailScanner restart

* SELinux exception for Clamav

setsebool -P clamd_disable_trans=1 or disable SELinux while Clamav is installed.

* Install ClamAV

yum install clamav clamav-db –enablerepo=rpmforge

* Configure ClamAV and MailScanner Settings

In /etc/freshclam.conf make the following edits:

Add ‘#’ in front of the word ‘Example’

Do the same in /etc/freshclam.conf

Now you need to update ClamAV’s virus signature files

[root@smtp]# freshclam

ClamAV update process started at Fri Sep 19 12:45:42 2008
main.cld is up to date (version: 48, sigs: 399264, f-level: 35, builder: sven)
daily.cvd is up to date (version: 8287, sigs: 29596, f-level: 35, builder: arnaud)

Update MailScanner’s configuration file to use ClamAV

‘Virus Scanners = clamav’

In MailScanner.conf, check the setting of ‘Monitors for ClamAV Updates’ to ensure it matches the location of your ClamAV virus database files.

This should be “/var/clamav/*.cld /var/clamav/*.cvd”.

* Installing Postgrey

yum install postgrey

* Configuring Postgrey

Edit /etc/postfix/main.cf and add the following to smtpd_recipient_restrictions.

permit_mynetworks,
reject_unauth_destination,
reject_unlisted_recipient,
check_policy_service unix:postgrey/socket

check_policy_service unix:postgrey/socket performs the greylisting while adding reject_unlisted_recipient before it enables Postfix to immediately reject unknown recipients instead of having clients go through the greylisting process before being informed that the recipient does not exist.

To disable greylisting for certain IP addresses or hostnames, add the IP address, hostname or regular expression to match hostnames into the file /etc/postfix/postgrey_whitelist_clients.local.

Hostnames are identified by performing a reverse DNS on the client’s IP address.

For sample entries, view the file /etc/postfix/postgrey_whitelist_clients.

* Update the system

Make one last final update to make sure your system is updated.

yum update

I really like Mark Cuban’s BailOut plan, making use of the free market to get us out of this mess and keeping it transparent by creating an exchange-traded fund (ETF).

I recently got an e-mail with another option for an economic recovery plan detailed below…. my kind of plan!!!

Now here's an idea!!!!

Subject: The JK Economic Recovery Plan

I'm against the $85,000,000,000.00 bailout of AIG. 

Instead, I'm in favor of giving $85,000,000,000 to in a We Deserve It
Dividend. 

To make the math simple, let's assume there are 200,000,000 bonafide
Citizens 18+. 

Our population is about 301,000,000 ± counting every man, woman and
child. So 200,000,000 might be a fair stab at adults 18 and up.. 

So divide 200 million adults 18+  into $85 billon that equals
$425,000.00. 

My plan is to give $425,000 to every person 18+ as a We Deserve It
Dividend. 

Of course, it would NOT be tax free.
So let's assume a tax rate of 30%. 

Every individual 18+ has to pay $127,500.00 in taxes.
That sends $25,500,000,000 right back to Uncle Sam. 

But it means that every adult 18+ has $297,500.00 in their pocket.
A husband and wife has $595,000.00. 

What would you do with $297,500.00 to $595,000.00 in your family?
Pay off your mortgage - housing crisis solved.
Repay college loans - what a great boost to new grads Put away money for
college - it'll be there Save in a bank - create money to loan to
entrepreneurs.
Buy a new car - create jobs
Invest in the market - capital drives growth Pay for your parent's
medical insurance - health care improves Enable Deadbeat Dads to come
clean - or else 

Remember this is for every adult U S Citizen 18+  including the folks
who lost their jobs at Lehman Brothers and every other company that is
cutting back. And of course, for those serving in our Armed Forces. 

If we're going to re-distribute wealth let's really do it...instead of
trickling out a puny $1000.00 ( "vote buy" ) economic incentive that is
being proposed by one of our candidates for President. 

If we're going to do an $85 billion bailout, let's bail out every adult
U S Citizen 18+! 

As for AIG - liquidate it.
Sell off its parts.
Let American General go back to being American General.
Sell off the real estate.
Let the private sector bargain hunters cut it up and clean it up. 

Here's my rationale. We deserve it and AIG doesn't. 

Sure it's a crazy idea that can "never work." 

But can you imagine the Coast-To-Coast Block Party! 

How do you spell Economic Boom? 

I trust my fellow adult Americans to know how to use the $85 Billion We
Deserve It Dividend more than I do the geniuses at AIG or in . 

And remember, The Birk plan only really costs $59.5 Billion because
$25.5 Billion is returned instantly in taxes to Uncle Sam.

Over the last 8 years I have come to hate meetings.

In the bureaucratic, red tape culture of higher education it becomes impossible to drink coffee without having a meeting. I have also found that over 90% of those meetings are completely useless.

Meetings for brain-storming, meetings for status updates, meetings for making decisions, meetings for gathering requirements, meetings for communicating whatever, etc, etc, etc.

Inefficiencies at its peak.

Having worked with the Japanese who are very big on meetings, I have tried daily update meetings with my staff to get a grasp on operations as well as looking to build a tight relationship with the team members, but unfortunately not very productive.

Being an efficiency freak I needed to cut down on the number of meetings, reclaiming 90% of my time and letting the techs do what they do best which is to solve problems.

Last year I adopted a process known as the “5-15 Report” invented by Yvon Chouinard and described in a great book I read – Growing a Business by Paul Hawken.

The 5-15 report is a powerful tool which allows you to cut meetings, keep a team on task, allows everyone to acknowledge what they have accomplished and what they would like to change.

The 5-15 should take no longer than 15 minutes to write and 5 minutes to read.

Anatomy of a report :

• A simple description of what you did during the week
• A blunt and frank description of the department’s/team morale
• One idea that will improve your job and/or organization

Not bad but why stop there. If efficiency is the ultimate goal, there is always a way to do something better and faster.

Even though the report might take 15 minutes to write in theory, gathering data on the events during the week might well take those 15 minutes or more. Being able to provide one updates in few words as the week progresses would make these reports real-time, ease the burden of having to gather the data and not spend 15 to 20 minutes writing the report.

First we used message boards for help, then we used 1-on-1 instant messaging and now we move to microblogging. Yammer is a twitter for businesses applying the messaging system to internal corporate communications. Anybody with a company e-mail can sign up and follow others in the company.

There are many times when as a systems admin you will need to do remote work and for whatever reason the connectivity is lousy. Whether you are compiling a program, running a program or installing patches; if you lose connectivity, you lose your work and in some cases you might get locked out or ruin binaries that did not install/upgrade correctly.

Being able to lose connectivity and log back in to continue were you left off is paramount and “Screen” allows you to do just that.

Installing Screen

#apt-get install screen

or

#yum install screen

Using Screen

#screen (launches screen)

Ctrl a c – Creates a new screen session so that you can use more than one screen session.

Ctrl a n – Switches to the next screen session (if you have more than one)

Ctrl a p – Switches to the previous screen session (if you have more than one)

Ctrl a d – Detaches a screen session (without killing the processes in it)

#screen -ls (gets you a list of your current screen sessions)

#screen -r 29362.pts-3.server ( will connect you to the screen session)

Enjoy!

Nortel stocks have plummeted after they annouced lower than expected sales for 2008.

It has seen its biggest declines since 1980 according to Jonathan Ratner article “Nortel faces tough timing as peers struggling too”.

“With softening demand and increased competition, Nortel may need to once again retool and refocus as it looks to find its position in a consolidating industry,” RBC Capital Markets analyst Mark Sue told clients.

After spending three days with the folks at ATT at the 2008 FOCUS Users Group, I got Nortel’s marketing spill which was all centered about going Green.

I am all for minizing energy use and saving resources, but something is seriously wrong when thirty minutes into the conversation all I am getting as a potential client is not how good the product is, not how much better it is than its competitors offering, not the features and how they’ll make all the issues I deal with on a daily basis go away but rather how much I will save on my electricity bill.

Nortel needs to go back to the drawing board, focus on the basics, be better than everybody else and then market it.