Has it really been 8  months since my last post?  Holy CRAP!  I need to get more simplistic when it comes to this whole blogging thing.

When I’m not working, reading books, studying for an exam, training for a race, or plotting to save the world, apparently I’m writing PHP?  I know–scary thought for a server/network guy.  Just the same… Happy Gilmore was a hockey player, not a golfer.

I’ve updated the site to include a projects page, where my latest & greatest will be available for anyone who wants to check it out.

Speaking of which, I’ve recently built a mobile application called Cybertool.  It’s a collection of utilities that might help to diagnose and resolve network issues.  For a while, I’ve used a handful of different sites to fix DNS, mail, or firewall stuff.  Cybertool is an aggregate of those sites for your mobile device.  As an added bonus, there are tools like Cisco password decryption, a default passwords list, and a subnet calculator.  It’s still a work in progress, so there’s a small list of bugs to iron out yet, but I’ve worked really hard to make sure it’s invulnerable to XSS/SQL injection, and have hardened Apache (obviously from my previous post, as well as part II about mod_security which is coming soon).  All activity is logged and monitored, so don’t try anything funny!  It will get you banned faster than Paris Hilton at a spelling bee… faster than Kanye West at a charity event… you get the point.

Be sure to leave comments over at the Cybertool projects page.

If you’ve ever been responsible for maintaining an Apache web server, you know how important security is.

Nikto provides an easy way to scan for known (and unknown) vulnerabilities within your Apache server.  Actually, it does a fairly comprehensive scan on over 200 web servers, not just Apache.  To run a security scan, download the tool, then extract the archive to the desired location.  To initiate a scan from the Nikto directory, type:

Note: when specifying an IP address, make sure you use the external IP of your webserver, not the internal IP.

Here is what my results look like:

I would then look up the results and fix each issue until there have been no issues detected.  See the OSVDB-ID?  These IDs are found in the Open Source Vulnerability Database.  Each ID will contain a description, classification, and solution.

To aid in your research, I have created an OSVDB Firefox search plugin.  Install the plugin and then search for 3092, 3268, 3233, etc.

Hopefully this makes securing your web server quick & painless.

The easiest way to get a CPU temperature readout from Linux is by looking at an ACPI function called temperature:

You could also try sensors-detect and then sensors, but I had some trouble detecting the correct modules on 8 year old hardware.

Trendy name aside, the uTrack mobile application is entirely responsible for my recent disappearance. Find out more about uTrack.

Hi, thanks for reading. I’m a friend of Ben’s and he’s letting me put down this post. I run a small electronic music blog at astropope.com. If you have seen the post about how to boost wordpress audio with Amazon S3, then you know we are the guinea pigs to test a new breed of online music blogging.

Pompous? Maybe. Fun? Yes. If you like music as much as we do, you probably want to be wearing it around your neck 24/7. In my case, you want it to listen to on your public transportation commute to work. Right? Or you’re having a hard time transporting 100+ gigs of music to your FreeBSD workstation. I know the feeling.

In this article, I am going to show how to set up your Sansa e260 as a “dual boot” with Sandisk’s original firmware and the Rockbox software.

I am not an expert on the technical differences between MSC or MTP, but in order to install the Rockbox software, you MUST have your Sansa in MSC mode. In Sansa’s original operating software, you will need to navigate to the “Settings” part of the wheel menu. Within there, you will find an option to switch between MCP and MTP. Many Google searches will give you quite intoxicating information of the minute details of both protocols.

The first thing it would be nice for you to do is update the firmware (since mine was refurbished, I had to update the firmware). Download the firmware updater and install it. I cannot always guarantee the accuracy of that link, but if it ever goes down, go to sandisk.com and look around.

Once you have updated what I called the “OG” Sansa software, you are ready to start installing Rockbox. You can begin by going to the install page and selecting the appropriate device.

At the time of this version, we are working with version 3.1 of Rockbox and SanDisk Sansa e200. I tried Option 1, the Automatic Install, but this did not work for me as it constantly claimed it could not detect my Sansa device, so I opted for the manual install.

Download the archive for the Rockbox installation and extract the contents to the root of your Sansa’s file system. For example, H:\.rockbox

Once that has been completed, you can access both the Rockbox software and Sandisk original firmware by installing sansapatcher.exe.

You should now have a pretty sweet “dual booting” mp3 player. Upon reboot, it will default to Rockbox, but you can get to the “OG” by pressing left on the main control.

You have any problems, please let us know!

http://www.sandisk.com
http://www.rockbox.org