Category Archives: Work

This part of my life which provides butter for breakfast bread

Cleaning up Apple’s wireless Mighty Mouse

December 27, 2007 tomasz 22 Comments

Note: Newer version of the procedure is here

I use it all the time. I’m taking it everywhere with me together with my laptop. Thanks to it’s wirelessness it’s easy and nice to handle. I like this mouse a lot. The only problem I have encounter is dirty roll. It slowly stops working – first in down direction. if you press it a little bit dipper it still works, but only for a moment. Then other directions stop working too. Apple’s provided method of cleaning usually works only for couple of minutes.

So out of desperation I started to look for methods to disassemble it. Unfortunately Apple decided to glue it together so you can’t disassemble it without breaking things. Although some say you can glue it back I don’t like this solution at all.

Some googling later I think I have found the solution. If Apple’s cleaning method doesn’t work for you anymore proceed to second step. Find a flat surface and lay a sheet of white printer paper on it. Then turn your mouse upside down and, for about 1-2 minutes, do this:

After some time you should start seeing small dirt leaving your mouse and staying on the paper. Don’t expect too much – there isn’t much space inside the mouse for dirt to accumulate, yet it’s enough to prevent it from working. Anyway judging from amount of dirt my mouse left on paper it should work like new – and in fact it does!

Technorati Tags: wireless, mouse, Apple, cleaning, working

ISPConfig, Work

Postfix DOS problem

February 7, 2007 tomasz Leave a comment

Today suddenly my email server stopped accepting incoming connections. I wasn’t able to send any emails. After careful checking logs I have figured out that I’m a victim of DOS attack. More – I asked for it tuning maximum number of incoming connections in my firewall to low. Anyway, after correcting firewall I started to look over the internet how to better secure my Postfix configuration to prevent such problems in the future. What I have found is some simple main.cf tweaks posted on the nixCraft site:

disable_vrfy_command = yes
smtpd_delay_reject = yes
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks,
reject_non_fqdn_hostname,
reject_invalid_hostname,
permit

smtpd_recipient_restrictions =
permit_sasl_authenticated,
reject_invalid_hostname,
reject_non_fqdn_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
permit_mynetworks,
reject_rbl_client list.dsbl.org,
reject_rbl_client sbl.spamhaus.org,
reject_rbl_client cbl.abuseat.org,
reject_rbl_client dul.dnsbl.sorbs.net,
permit

smtpd_error_sleep_time = 1s
smtpd_soft_error_limit = 10
smtpd_hard_error_limit = 20

Simple as that, and it works. Now I can see how my server is rejecting spammers one by one without even talking to them past HELO command.

Technorati Tags: email server, DOS attack, Postfix

Work

Zend Studio toolbar with Firefox 2

October 26, 2006 tomasz Leave a comment

I have just upgraded Firefox to it’s newest version. Of course there was problem with extensions – some of them are still not compatible with the newer Firefox. One which I needed the most for everyday work is the Zend Studio Toolbar. But I have found this blog so quick modification and test and voila – I have my toolbox upgraded. Time to go back to work…

Technorati Tags: Firefox, Zend Studio Toolbar

Work

ZEND Certified Engineer

August 9, 2006 tomasz 1 Comment

I’m pleased to tell, that today I passed the ZEND PHP Certification test and from now on I am a ZEND Certified Engineer.

Technorati Tags: ZEND, PHP Certification, ZEND Certified Engineer

Work

Debian syslog replacement

July 20, 2006 tomasz Leave a comment

Standard way how Debian is logging things always made me crazy. Why the hell this daemon is logging everything 5 times? Why do I have to see mail logs in syslog file? Anyway, I started to look for some better solution and at one point I came on article describing installation and configuration if the standard syslogd replacement: syslog-ng. I decided to give it a try.

As the whole process is almost trivial I’ll put here only couple info

First – syslog-ng configuration file

The file is under /etc/syslog-ng/syslog-ng.conf

#
# Configuration file for syslog-ng under Debian
#

# the standard syslog levels are (in descending order of priority):
# emerg alert crit err warning notice info debug
# the aliases “error”, “panic”, and “warn” are deprecated
# the “none” priority found in the original syslogd configuration is
# only used in internal messages created by syslogd

######
# options

options {
chain_hostnames(0);
time_reopen(10);
time_reap(360);
sync(5);
log_fifo_size(2048);
create_dirs(yes);
owner(root);
group(root);
perm(0640);
#dir_owner(root);
#dir_group(root);
dir_perm(0755);
use_dns(no);
#log_msg_size(2048);
stats_freq(0);
};

######
# sources

source int { internal(); };
source main { unix-stream(“/dev/log”); };
source kernel { file(“/proc/kmsg” log_prefix(“kernel: “)); };

######
# destinations

destination mail { file(“/var/log/mail.log”); };
destination kernel { file(“/var/log/kernel.log”); };
destination messages { file(“/var/log/messages”); };
destination sshd { file(“/var/log/ssh.log”); };

######
# filters
filter mail { facility(mail); };
filter sshd { program(“ssh”); };

######
# logs
# order matters if you use “flags(final);” to mark the end of processing in a
# “log” statement

# these rules provide the same behavior as the commented original syslogd rules

log { source(kernel); destination(kernel); };
log { source(main); filter(sshd); destination(sshd); flags(final); };
log { source(main); filter(mail); destination(mail); flags(final); };
log { source(main); source(int); destination(messages); };

Little explanation:

Sources – defines sorce of incomming lg message. To be honest I didn’t dig deeper about meanings of every line there – it works.
Destinations – the name says it all – places (not only files) where messages ends.
Filters – again – rules allowing you to filter some messages out
Logs – the actual place where something happens. You decide here, from which source, with which filter applied to which destination message goes. Simply, clean and effective.

Second – logrotate script

As you may noticed as an output we have 4 files. I personally preferr to save them for a little longer. So my logrotate file for syslog looks like:

/var/log/ssh.log {
rotate 52
weekly
missingok
notifempty
compress
}

/var/log/kernel.log {
rotate 52
weekly
missingok
notifempty
compress
}

/var/log/mail.log {
rotate 52
weekly
missingok
notifempty
compress
}

/var/log/messages {
rotate 52
weekly
missingok
notifempty
compress
postrotate
/etc/init.d/syslog-ng reload >/dev/null
endscript
}

Please notice the postrotate part at the end of the file. It forces syslog-ng to writo to the new files.

Third – logcheck

Why would we need to have nicely divided logs without automated monitoring – here comes the logcheck. Here the only worth to mention change is a list of monitored files:

comp# cat /etc/logcheck/logcheck.logfiles
# these files will be checked by logcheck
# This has been tuned towards a default syslog install
/var/log/mesages
/var/log/kernel.log
/var/log/ssh.log
/var/log/mail.log
/var/log/auth.log

Don’t forget to teach your antispam filter to accept logcheck’s reports!

Technorati Tags: Debian, syslog-ng, logrotate, logcheck

Tomasz Korwel

Category Archives: Work

Cleaning up Apple’s wireless Mighty Mouse

Postfix DOS problem

Zend Studio toolbar with Firefox 2

ZEND Certified Engineer

Debian syslog replacement

First – syslog-ng configuration file

Second – logrotate script

Third – logcheck

programmer, administrator, engineer – my everyday fights with reality