A Ruby in one hand is worth more than a thousand Perls

Oh Ruby.. what a beautiful Gem you are. You grew more beautiful as the days went by.

My first encounter with the Ruby programming language was when I took Programming Languages my Sophomore year in college. This was about three years ago. Then, Ruby was listed as one - of about a dozen languages we could choose from - on which, we could present for extra credit if we wanted extra points. I must say, I wish I would have kept up with what I was reading back then about Ruby, because now I am so excited about RubyOnRails (RoR) that I am now revisiting Ruby.

Before RoR, I used PHPPear and loved it! Back then I thought PHPPear was the greatest to hit the web for developing database backends. I even used it to build my senior project before graduating in 2005. I was in for a big suprise when I tried ROR. I wish I would have known about Rails then.

Like most people I was a little skeptical about using Rails. I finally decided to purchase the book "Agile Web Development with Rails", by Dave Thomas and David Heinemeier Hansson and after reading and a rails article www.OnLamp.com I was convenced that Ruby with Rails will be the next killer app when it comes to developing database backend sites

With Rails I was able to develop a database app in the matter of minutes with out hardly any work. The Rails framework is an excellent one indeed. I still have a lot to learn, so back to the books for me.

Who needs Exceed Anymore?

I finally decided to try cygwin on my home machine. Previously I used Exceed to run an X server while working on my FreeBSD server. Now that I have Cygwin installed, I don't think I will ever use Exceed again. I will only have to sacrifice space, given Cygwin is taking over 100MB of disk space, while Exceed uses just below 40MB of disk space. This I don't mind, because I paid nothing for Cygwin and it can do what I want.

Exceed has officially been ditched!

Who needs Microsoft Office anymore when there is OpenOffice?

I finally decided to give OpenOffice a try since the major 2.0 release in October. I must say, I am impressed! The overall look and feel has changed drastically! I last used OpenOffice with FreeBSD about a year or two ago. At first glance I thought I was still using Microsoft Office with a few tool-bars missing.

I am almost tempted to de-install Microsoft Office, but I will wait a few months to make sure I do not have any incompatibility issues with Office documents. The best feature I like about OpenOffice is the ability to Export to PDF right out of the box! It exported just about all the MS Office documents to PDF fabulously with ease. This my friend is impressive. I am just waiting for the ability to edit the PDF's I open as well.

Installing Apache2 in FreeBSD

While installing apache2 I ran into some minor trouble.

$> cd /usr/ports/www/apache2
$> make -DWITH_EXPERIMENTAL_MODULES -DWITH_LDAP_MODULES -DWITH_MISC_MODULES -DWITH_PROXY_MODULES -DWITH_SSL_MODULES -DWITH_SUEXEC_MODULES -DWITH_THREADS_MODULES install clean


...
mod_mem_cache.c: In function `remove_entity':
mod_mem_cache.c:556: error: structure has no member named `lock'
mod_mem_cache.c:557: error: structure has no member named `lock'
mod_mem_cache.c:571: error: structure has no member named `lock'
mod_mem_cache.c:572: error: structure has no member named `lock'
mod_mem_cache.c: In function `remove_url':
mod_mem_cache.c:644: error: structure has no member named `lock'
mod_mem_cache.c:645: error: structure has no member named `lock'
mod_mem_cache.c:654: error: structure has no member named `lock'
mod_mem_cache.c:655: error: structure has no member named `lock'
mod_mem_cache.c: In function `store_body':
mod_mem_cache.c:928: error: structure has no member named `lock'
mod_mem_cache.c:929: error: structure has no member named `lock'
mod_mem_cache.c:964: error: structure has no member named `lock'
mod_mem_cache.c:965: error: structure has no member named `lock'
mod_mem_cache.c: In function `mem_cache_post_config':
mod_mem_cache.c:1034: error: structure has no member named `lock'
mod_mem_cache.c:1034: error: `APR_THREAD_MUTEX_DEFAULT' undeclared (first use in this function)
mod_mem_cache.c:1034: error: (Each undeclared identifier is reported only once
mod_mem_cache.c:1034: error: for each function it appears in.)
...
Stop in /usr/ports/www/apache2/work/httpd-2.0.55/modules/experimental.
*** Error code 1
...

From the error I could deduce that there were problems with the experimental modules. Since I did not need experimental I just removed it for the make options.


$> make -DWITH_LDAP_MODULES -DWITH_MISC_MODULES -DWITH_PROXY_MODULES -DWITH_SSL_MODULES -DWITH_SUEXEC_MODULES -DWITH_THREADS_MODULES install clean

After removing the flag "-DWITH_EXPERIMENTAL_MODULES", old object files needed to be removed as well before make could succeed.

$> make clean
===> Cleaning for libiconv-1.9.2_1
===> Cleaning for autoconf-2.59_2
===> Cleaning for gettext-0.14.5
===> Cleaning for gmake-3.80_2
===> Cleaning for libtool-1.5.20
...

$> make -DWITH_LDAP_MODULES -DWITH_MISC_MODULES -DWITH_PROXY_MODULES -DWITH_SSL_MODULES -DWITH_SUEXEC_MODULES -DWITH_THREADS_MODULES install clean
...
This port has installed the following startup scripts which may cause
these network services to be started at boot time.
/opt/etc/rc.d/apache2.sh
/opt/etc/rc.d/000.apache2libs.sh
...
===> Cleaning for autoconf-2.59_2
===> Cleaning for gettext-0.14.5
===> Cleaning for gmake-3.80_2
===> Cleaning for libtool-1.5.20
...

Well, that did the trick, so I can now work on configuring the config files.

Upgrading to FreeBSD 6.0-Stable

I recently upgraded my FreeBSD server at home to 6.0-Stable after sticking it through with 5.3 for sometime now.

The upgrade was pretty simple.

Edit: /usr/sup/stable-supfile

Changed:
*default release=cvs tag=RELENG_5 to *default release=cvs tag=RELENG_6

$> cd /usr/src
$> make update
--------------------------------------------------------------
>>> Running /usr/local/bin/cvsup
--------------------------------------------------------------
Parsing supfile "/usr/sup/stable-supfile"
Connecting to cvsup11.FreeBSD.org
Connected to cvsup11.FreeBSD.org
Server software version: SNAP_16_1h
Negotiating file attribute support
Exchanging collection information
Establishing multiplexed-mode data connection
Running
...

I then read over /usr/src/UPDATING (... from 5.x-stable or higher to 6.x-stable.) to make sure there was nothing critical which had to be done before upgrading.


$> make buildworld
$> make kernel

Note that I did not specify KERNCONF. This is because I have this variable defined in make.conf along with others. It is highly recommended to reboot into single at this point, but I choose not to. After make kernel, I proceeded with:

$> mergemaster -p
$> make installworld
$> mergemaster -i

before rebooting the machine. After "make installworld" "mergemaster -i" it is essential that the machine is rebooted, otherwise the system will become unstable real quick. I was releived to see the following when the machine started:

Copyright (c) 1992-2005 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
The Regents of the University of California. All rights reserved.
FreeBSD 6.0-STABLE #0: Sat Nov 5 12:54:51 EST 2005

Using Portsnap

For as long as I can remember I have been using cvsup to update my ports tree, but until recently I came across a quick excerpt on Richard Bejtlich blog about portsnap. I tried it once then stopped using cvsup for ports. Now I only use cvsup for sources and docs.

$> portsnap fetch
Fetching snapshot tag... done.
Fetching snapshot metadata... done.
Updating from Fri Jul 22 00:57:39 UTC 2005 to Fri Jul 22 02:22:01 UTC 2005.
Fetching 4 metadata patches... done.
Applying metadata patches... done.
Fetching 0 metadata files... done.
Fetching 4 patches... done.
...
Fetching 0 new ports or files... done.

$> portsnap extract
/usr/ports/x11/xtermset/
/usr/ports/x11/xtestpicture/
/usr/ports/x11/xtoolwait/
/usr/ports/x11/xtrlock/
/usr/ports/x11/xtset/
/usr/ports/x11/xvattr/
/usr/ports/x11/xvkbd/
/usr/ports/x11/xwatchwin/
/usr/ports/x11/xwit/
/usr/ports/x11/xxkb/
/usr/ports/x11/xzoom/
/usr/ports/x11/yalias/
/usr/ports/x11/yelp/
/usr/ports/x11/zenity/
Building new INDEX files... done.

$> portsnap update
Removing old files and directories... done.
Extracting new files:
/usr/ports/editors/abiword-devel/
/usr/ports/editors/abiword/
/usr/ports/irc/p5-POE-Component-IRC/
/usr/ports/www/chtml/
Building new INDEX files... done.


The fetch command fetches and stores a compressed snapshot of the ports tree, which is usually around 35MB in size. The compressed snapshot is stored in /usr/local/portsnap for later extraction using the 'extract' command. The extract command does exactly what it says, it extracts the contents of the compressed tree into /usr/ports/. Since this was my first time using portsnap and converting from cvsup, it was required that I extracted the compressed snapshot before I could use the update command to update my ports. Update is pretty fast compared to cvsup.

Now I just needed to see which ports were out dated:

$> pkg_version -L =
...
glib <
gnomekeyring <
iwi-firmware ?
k3b <
libidn <
mozilla <
...

There were about 20 ports which needed to be upgraded. Before I issuded the portupgrade command I needed to check for any stale dependencies and make sure my ports had no broken parts.

$> pkgdb -F

---> Checking the package registry database
Stale origin: 'sysutils/iwi-firmware': perhaps moved or obsoleted.
[Updating the portsdb in /usr/ports ... - 13244 port entries found .........1000.........2000.........3000.........4000.........5000.........6000
.........7000.........8000.........9000.........10000.........11000.........12000
.........13000.. ..... done]
Skip this for now? [yes] yes

The -F option lets you interactively fix the registry database if there appears to be a problem with a particular port. When I ran pkgdb one file was detected to have a stale origin, but I know this is no error as I have manually installed iwi-firmware to enable my ThinkPad wireless BG card to work correctly. iwi-firmware as of FreeBSD 5.4-Release was not included within the ports tree, but I assume that will change soon. I can now safely upgrade my the installed packages which need updating with portupgrade.

When I use portupgrade I like to first fetch all the required packages before compiling. I do a recursive fetch for all the ports which will be needed for the compile:

$> portupgrade -arF
$> portupgrade -ar

The -F option causes portupgrade to just fetch packages and store them in /usr/ports/distfiles for later compilation. -a and -r are for all packages and recursive respectively.

Power a wireless mouse with RFID?

This is Weird! RFID can be used to track ones where abouts, not power a wireless mouse right?. This is what I thought when I read the title Mouse Uses RFID Instead of Batteries over at Slashdot.


A4 Tech has created the worlds first battery free mouse, which uses A4 Tech's Innovative Radio Frequency Identification Technology. The mouse, in order for it to work must be accompanied by its trusty friend, the mouse pad. "The Mouse Pad transfers instant and constant power to the mouse as a replacement for batteries." Even though the mouse is wireless, the mouse pad is not. The mouse pad has a cord that must be connected to the computers USB port for the mouse to work. So, where the mouse pad goes the mouse must follow obediently. Hence the wireless mouse is limited only by the length of the cord which connects the mouse pad to the computer.

OPNET IT Guru: Quality of Service

For Lab 5 of TCP/IP we are studying Quality of Service (QoS) and the Impact of Queuing Policy using OPNET IT Guru Academic Edition 9.1.

OPNET is a network simulation tool with many capabilities. It can simulate several different types of networks in its entirety and predict the outcome its events. Events such as QoS, network performance other measures.

Quality of Service (QoS) gives routers the ability to classify packets into different queues based on their priority level.

For this lab two FTP applications are to be created each running on its own client workstation with different priorities, one higher one lower. The Type of Service (ToS) set for the first application will be Best Effort, which has the lowest priority level. The second application will have its ToS set to Excellent Effort. Although Excellent Effort is not the highest priority it is certainty higher than Best Effort. In addition to the two clients, two routers will be setup. On of the routers is just a regular router and the outer denoted as a QoS router. The two routers are connected to each other via PPP_DS1 links, while the QoS router is connected to a FTP Server via a PPP_DS3 link. The speed of the DS1 link is 1.5 Mbps (made of 24 DS0s, 64Kbps)and the speed of the DS3 link is 44.7 Mbps (the number of DS0s is a lot!). DS3 is short for Digital Signal Level. Both routers are configured to have the same QoS scheme of Priority Queuing. Different packets originating from two different applications will have their ToS field in its IP header checked to determine which will get the higher priority.

With the FIFO QoS Scheme the higher priority application always took precedence. It waited in the queue buffer much less than the lower priority packets. Jitter was experienced hardly ever experienced. And, the length of time to wait in the queue was pretty much never, because for as long as their are packets waiting in the this high priority queue packets in the low priority are never sent out.

:::snip:::
Due to time I have to finish this lab before it is due within the next few days. Coincidently, while working on this Lab my professor steped in the advanced lab and found me working on it. To his surprise I was the only one who did not have trouble with this lab. He himself had problems actually getting this lab to function as the tutorial stated.

Random Quote

A wise man once said: "Anything you learn can and may be used for or against you in the future. So learn wisely my son. This is where greed is a good thing!".

"The TCP Three-Way Handshake gone stale"

In response to my previous post I take it anything good can be used for bad? That does not even sound right. The TCP three-way handshake when used incorrectly, known as the TCP SYN Attack, can render services useless on a particular target system. I like the concise description given on Cicso's site:

When a normal TCP connection starts, a destination host receives a SYN (synchronize/start) packet from a source host and sends back a SYN ACK (synchronize acknowledge). The destination host must then hear an ACK (acknowledge) of the SYN ACK before the connection is established. This is referred to as the "TCP three-way handshake."

While waiting for the ACK to the SYN ACK, a connection queue of finite size on the destination host keeps track of connections waiting to be completed. This queue typically empties quickly since the ACK is expected to arrive a few milliseconds after the SYN ACK.

The TCP SYN attack exploits this design by having an attacking source host generate TCP SYN packets with random source addresses toward a victim host. The victim destination host sends a SYN ACK back to the random source address and adds an entry to the connection queue. Since the SYN ACK is destined for an incorrect or non-existent host, the last part of the "three-way handshake" is never completed and the entry remains in the connection queue until a timer expires, typically for about one minute. By generating phony TCP SYN packets from random IP addresses at a rapid rate, it is possible to fill up the connection queue and deny TCP services (such as e-mail, file transfer, or WWW) to legitimate users.

IP Spoofing has its good uses

I am over here doing an article on IP Spoofing for my TCP/IP class and came across some very interesting information. Although IP Spoofing is only used for bad things, spoofing has its good uses. I never thought Spoofing could be used for something good. This excerpt on dictionary.com reads:

One of the good uses for Spoofing is to reduce the required bandwidth on network by having devices such as bridges or routers answer for remote devices. This is done to fool (spoof) a LAN device into thinking a remote host is still connected to the network when in actually this host could be disconnected from the network. This saves bandwidth because no packet is ever sent out on the WAN. ["Network Spoofing" by Jeffrey Fritz, BYTE, December 1994, pages 221 - 224].

This is good to know because IP Spoofing always has associated with it negative connotations.

Change many extensions all at once!

I came across this neat little tip when I needed to change all the file extensions I had in a directory to something else. For example while working on a database project for class I wanted to change all the files which ended with .sql to .ddl. My current directory listing:

$> ls
Person.sql            lds_Author.sql        lds_Patron.sql        lds_WrittenBy.sql
lds_AllTables.sql     lds_Book.ddl          lds_Transaction.sql

To change all these file extensions to .sql I had to do:

$> foreach file (*.sql)
foreach? echo "Moving $file to $file:r.ddl"
foreach? mv $file $file:r.ddl
foreach? end

Moving Person.sql to Person.sql.ddl
Moving lds_AllTables.sql to lds_AllTables.sql.ddl
Moving lds_Author.sql to lds_Author.sql.ddl
Moving lds_Book.sql to lds_Book.sql.ddl
Moving lds_Patron.sql to lds_Patron.sql.ddl
Moving lds_Transaction.sql to lds_Transaction.sql.ddl
Moving lds_WrittenBy.sql to lds_WrittenBy.sql.ddl

$> ls 
Person.ddl            lds_Author.ddl        lds_Patron.ddl        lds_WrittenBy.ddl
lds_AllTables.ddl     lds_Book.ddl          lds_Transaction.ddl

"I just saved a bunch of money on my car insurance by switching to Gecko"

Haha, I just thought this was funny. See this post

Mail: Forward and leave a local copy using .forward

I have been forwarding email from my school account to my gmail account the very first day I received the 1G offer from gmail. Just recently I had the need to reply back to a particular email from my school account, but realized that no local copies of my mail were left behind at the originating server. This is what I indented from the Gecko get-go, but I just recently I thought it a good idea to just leave a copy behind just in case I needed to reply to an email. This means I will just have to delete mail periodically, so my quota does not get all used up.

A Google search for this solution, forwarding and leaving a local copy of mail, was found in this article on the University of South Wales Computer Science web site

Basically all you have to do in addition to adding a forward address to the .forward file is to pre-prepend your local username before your forward email and delimiting optional sub-sequent email addresses with a comma. For instance, since my username is winful and my address to forward emails is winful@gmail.com, my .forward file looks like the following:

winful,winful@gmail.com

It is as simple as that!

Update to my FreeBSD Checklist

Since I last came across this very useful FreeBSD checklist I was better able to keep track of what I was doing when installing FreeBSD on different machines. Since my last post on this checklist I have since update the check list to better fit my needs when installing FreeBSD. I even used this checklist to get one of my professors started with FreeBSD.

Partition Setup:
================
/ <400MB>
/var <400MB>
/tmp <400MB>
/usr
/storage



FreeBSD Security Checklist, taken from www.sddi.net


Installation
[ ] separate slices for /, /tmp(MB), /usr(G),
/usr/home(G), /var(MB), /storage(G) using the ufs2 fs

[ ] no inetd.conf, or nfs since port_map is not being used.

[ ] no ntp, since rdate is being used

[ ] add /sysutils/rdate-1.0 & /security/chkrootkit-0.36

[ ] add non-privileged user account in wheel group


Users
[ ] vipw and remove toor user, rename Charlie&, change shells

[ ] in /etc/group, and add ssh:*:0:sshusergroup
This is to disallow root the ability to ssh into the box

motd
[ ] cp /etc/motd /etc/motd.old

[ ] rm /etc/motd
[ ] touch /etc/motd
[ ] vi /etc/motd and create
What ever message you want to see when you or others users
login to the box.
[ ] cp /etc/motd /etc/issue

/etc/ssh/sshd_config
[ ] port 22
I change my port to 2222 to prevent default scans from
triggering alerts to port 22.

[ ] protocol 2

[ ] #Hostkey /etc/ssh/ssh_host_key

[ ] PermitRootLogin no

[ ] MaxStartups 5:50:10
After 5 bad logins, refuse 50% of new ones and refuse more than
10 total

[ ] X11Forwarding no
X11 forwarding does not prevent users from forwarding X11
traffic, as users can always install their own forwarders.

[ ] PrintLastLog yes

[ ] SyslogFacility auth
Sends log information to /var/log/auth

[ ] LogLevel VERBOSE

[ ] PasswordAuthentication no

[ ] Banner /etc/issue

[ ] AllowGroups sshusers

/etc/ssh/ssh_config
[ ] ForwardAgent no
[ ] ForwardX11 no
[ ] PasswordAuthentication no
[ ] CheckHostIP yes
This allows ssh to detect if a host key changed due to DNS
spoofing.

[ ] Protocol 2

DSA Key Generation (as opposed to passwd)
[ ] su - {nonprivuser} as root

[ ] ssh-keygen -t dsa

[ ] accept default /.ssh/id_dsa

[ ] enter passwords twice

[ ] cd .ssh

[ ] cat id_dsa.pub > authorized_keys2

[ ] copy key to floppy, and confirm

[ ] delete key from server

rc.conf
[ ] inetd.conf="NO"

[ ] syslogd_enable="YES"

[ ] syslogd_flags="-ss"
This disables port 514 to prevent logging to and from the
server.

[ ] icmp_drop_redirect="YES"
Ignore pings?

[ ] icmp_log_redirect="YES"

[ ] clear_tmp_enable="YES"
Empty /tmp on boot

[ ] portmap_enable="NO"
If not running nfs

[ ] icmp_bmcastecho="NO"
Prevent springboarding & smurf attacks

[ ] fsck_y_enable="YES"
fun fsck -y if the initial preen of filesystems fail?
-y assumes yes to all questions.

[ ] update_motd="NO"
We do not want to overwrite the mssage of the day on boot

[ ] tcp_drop_synfin="YES"
Drop packets with the syn or fin bit set.

[ ] log_in_vain="YES"
Log all attempts to access the box by a closed port.

[ ] sshd_enable="YES"
Run our sshd daemon on boot.

login.conf & auth.conf
[ ] vi /etc/login.conf

[ ] :passwd_format=blf: Change default password encryption from md5 to blowfish, an
algorithm yet to be broken.

[ ] :passwordtime=52d: Renew passwords every 52nd day

[ ] mixpasswordcase=true:
[ ] :minpasswordlen=9:
[ ] :idletime=32: This can be annoying!

[ ] cap_mkdb /etc/login.conf

[ ] confirm with vipw that password field starts with $2 for flowfish

[ ] confirm shells for users

[ ] vi /etc/auth.conf

[ ] crypt_default=blf
This makes blowfish the default algorithm for all new users
added

sysctl.conf
[ ] vi sysctl.conf

[ ] kern.ipc.shmmax=67108864
[ ] kern.ipc.shmall=32768
To further optimise performance
To enhance the shared memory X11 interface, it is recommended
that the values of some sysctl(8) variables should be increased

[ ] net.inet.tcp.blackhole=2

[ ] net.inet.udp.blackhole=1

[ ] kern.ps_showallprocs=0

[ ] vfs.usermount=1
Allows for normal users to mount filesystems

[ ] hw.ata.atapi_dma=1
Enables DMA access for ATAPI devices.

[ ] kern.ps_showallprocs=0
Disallow the viewing of other users processes. For normal users
only

[ ] net.inet.ip.forwarding=1
Enable IP Forwarding

[ ] net.inet.ip.check_interface=1
This verifies that an incoming packet arrives on an interface
that has an address matching the packet's destination address

[ ] net.inet.tcp.recvspace=65535
To enable high performance data transfers. This is good when
transfering files.

[ ] net.inet.tcp.sendspace=65535
<>

[ ] net.inet.tcp.blackhole=2

[ ] net.inet.udp.blackhole=1

[ ] kern.ipc.shm_allow_removed=1
For vmware

fstab
[ ] vi /etc/fstab
[ ] /tmp to rw,noexec
[ ] /usr/home to rw,nosuid,noexec
[ ] /floppy to rw,noauoto,noexec,nosuid,nodev,noatime
[ ] /cdrom to ro,noauto

cvsup
[ ] vi /etc/make.conf
...



crontab
[ ] chmod 600 /etc/crontab
[ ] touch /var/cron/allow and add users who can change cron jobs
[ ] chmod 600 /var/cron/deny
[ ] vi /var/cron/deny and add users to disallow
[ ] add 0 2 * * * root /usr/libexec/locate.updatedb
[ ] add 0 2 * * * root /usr/local/sbin/rdate {ntpserver}
[ ] add 1 3 * * * root /usr/local/sbin/chkrootkit

Kernel Changes /usr/src/sys/i386/conf/{kernelname}
[ ] #pseudo-device bpf
[ ] options SC_NO_HISTORY
[ ] options SC_DISABLE_REBOOT
[ ] options SC_DISABLE_DDBKEY
[ ] options TCP_DROP_SYNFIN
[ ] options RANDOM_IP_ID
[ ] options ICMP_BANDLIM
[ ] confirm settings in /usr/src/sys/i386/conf/LINT
[ ] rebuild kernel and reboot

making world
[ ]
... Dave, do your magic

File Permissions
[ ] chmod 700 /root
[ ] chmod 600 /etc/syslog.conf
[ ] chmod 600 /etc/rc.conf
[ ] chmod 600 /etc/newsyslog.conf
[ ] chmod 600 /etc/hosts.allow
[ ] chmod 600 on /etc/login.conf
[ ] chmod 700 /usr/home/*

Network Time Protocol
[ ] restrict default ignore

TCP Wrappers
vi /etc/hosts.allow
[ ] sshd : localhost : allow
[ ] sshd : x.x.x.x, x.x.x.x : allow
[ ] sshd : all : deny
[ ] ftpd : ALL : deny and so on for unused services

Console Access
[ ] vi /etc/ttys
[ ] first line: console none unknown off insecure
[ ] on insecure for each tty

Bash Shell
[ ] vi /usr/share/skel/.bash_logout
[ ] clear

chflags
[ ] list files to sappnd & schg

Clean-up
[ ] sockstat -4
[ ] tcpdump -xX
======================================================================

Create a bootable WinXP cd from the contents of your /i386 directory

This is a very useful article if ever interested in creating a bootable WinXP CD from using the contents of the i386/ directory. I must need to do this one of these days.

ThinkPads with IPS Technology

Someone asked a question "What does IPS mean?" while I was reading the fourms at thinkpads.com. I too asked myself that very same question the last time I read the specs for my T43P-H2U in the tabook. From what I can gather, of the responses to this question IPS stands for: Inline-Plane-Switching. This is another name for a Flexview display, which allows for better viewing angles.

X-Bit's Guide has great details on IPS and other LCD technologies. According to X-Bit's guide, the IPS technology was originally developed by Hitachi in 1996 and has since been improved by companies such as NEC, IBM, Samsung and others. IBM's improvement on IPS is better known as Dual Domain IPS (DD-IPS) and they do not share this technology with just anyone.

Come to Papa

I ordered my very first laptop (ThinkPad T43P 2668-H2U) from IBM on 2/2/05. It will ship on 3/14/05, so I should receive it on the 17th of March if everything goes well. I just wish IBM would ship sooner, but I know its worth the wait. The 17th will be during spring break so I'll have more time to play with my new toy then. I know if I received it now I would be totally distracted from doing other things. It's better I wait to spring break.

Remote backup with ease... I mean SSH

http://www.wsp.krakow.pl/~bar/DOC/ssh_backup.html

( cd SOURCEDIR && tar cvf - . | gzip -1 -) | ssh target_address "(cd DESTDIR && cat - > remotefile.tgz )"