Hawaii

September 5, 2008 I quoted a Cookie fortune left is a cubicle a couple days earlier,

Life is either a daring adventure, or nothing.

and I elaborated:

After telling a gal on the phone, while looking at my beach calendars, I gotta’ go to Hawaii for the Feast next year, y’all are scaring me regarding airport security. I should toss my paranoia of in the river, afterall, Hawaii is a non-stop domestic flight.

This year, I’m seriously considering going to Hawaii for the Feast of Tabernacles.

I hadn’t flown since 9/11 until flying to Florida last fall. I hadn’t needed to fly really. I would drive for visits to Dallas, or attending the Feast of Tabernacles in Texas. For Florida, I had to. I didn’t have enough paid-time-off leave to drive two days to Florida. Thinking there is no way to get to Florida in time. I realized I could fly, so I flew. It wasn’t so bad. I was just fascinated by watching the clouds and the scenery outside the window. Even though the flight was an hour and a half, I didn’t watch a full episode of Star Trek on each flight. Good thing I didn’t sit by that cute girl a few rows in front of me. She would have been annoyed by me leaning over to look out the window. I took a few pitchers and marveled at the number of ships at sea.

I’ve long been fascinated with the tropics. Many years I’d buy a tropical island calendar. A long decoration fantasy I’ve had for my residence is a three panel poster of a tropical beach; white sand, green palm trees, blue water.

Mr. Richard Aimes encouraged us to stretch outside our comfort zone and mentioned Hawaii. That set in motion a desire and will to attend the Feast of Tabernacles in Hawaii. Now, I’m planning, learning the geography; important since the direct flight to Honolulu I always looked up lands me on the wrong island for the Feast. I assumed the big island. The big island is Hawaii. Honolulu is on Oahu. The the Feast site is on Kauai. The Keck Observatory, by the way, is on Mauna Kea on Hawaii Island.

Delete, no, for real

Deleting a file in WIndows, Mac, GUI desktops on *nix don’t actually delete the file. They normally just move the file to the Trash or Recycle Bin.  Even emptying the Trash or Recycle Bin doesn’t completely remove the file.  It’s only marked as free space.  EFF elaborates on the subject:

Secure Deletion | EFF Surveillance Self-Defense Project

 

 

 

Copy from DOS Command Prompt

Knowing a few simple tasks can expedite technical support. Many people consider Microsoft Word the lowest common denominator while others prefer plain text for everything. Plain text is universally accessible and doesn’t require a large application like Word to view. Plain text is well suited for sharing troubleshooting information from ping and traceroute. It’s quite unnecessary to take a screen capture of ping or traceroute. It’s doubly unnecessary to paste that screen capture into a Microsoft Word document. That text can be copied from the command prompt. Inconveniently, the familiar keyboard shortcuts for copying and pasting won’t copy text from the DOS Prompt on Windows.

Microsoft offers instructions:

1. Right-click the title bar of the command prompt window, point to Edit, and then click Mark.
2. Click the beginning of the text you want to copy.
3. Press and hold down the SHIFT key, and then click the end of the text you want to copy (or you can click and drag the cursor to select the text).
4. Right-click the title bar, point to Edit, and then click Copy.

Now the text is in the clipboard. You can paste it anywhere, including the body of a ticket. To preserve layout, paste the text in Notepad, then attach the file to the ticket.

Seven Tips for Server Preparation

I work with customers regualarly, and thought a setup guide would help customers get started with ease. This documentation is based on my expereince with my own server and helping customers with their new servers.

Password

Be sure to change your password. Use a combination of letters, numbers, even symbols. You can even mix captialization. Don’t use names, birthdays and other trivia that can be dug up out of public records. Conventional wisedom has stated, don’t write down your passwords. Microsoft’s Jesper Johansson senior program manager for security policy at Microsoft suggests write down your passwords.

If I write them down and then protect the piece of paper–or whatever it is I wrote them down on–there is nothing wrong with that. That allows us to remember more passwords and better passwords.

Bruce Schneier — a notable security technologist and writer – agrees and explains,

We’re all good at securing small pieces of paper. I recommend that people write their passwords down on a small piece of paper, and keep it with their other valuable small pieces of paper: in their wallet.

Firewall

Firewalls block network connections. Configuring a firewall manually can get very complicated, expecially when invovling protocols like FTP. FTP opens random ports on either the client, or the server. A quick way to deal with this is to use the system-config-securitylevel-tui tool. Over course, ssh, web server, ftp, mail and all the ports the control panel uses need to be open.

Mail ports

• 25 – SMTP
• 110 – POP3
• 143 – IMAP
• 465 – SMTPS
• 993 – IMAPS
• 995 – POP3S

web server ports

• 80 – HTTP
• 443 – HTTPS

cPanel ports

• 2077 – webDisk (unsecured)
• 2078 – webDisk
• 2082 – cPanel control panel (unsecured)
• 2083 – cPanel control panel
• 2086 – WHM control panel (unsecured)
• 2087 – WHM control panel
• 2095 – webmail (unsecured)
• 2096 – webmail

Personally, I closed the unsecured control panel ports 2077, 2082, 2086 and 2095 closed. Using SSL protected ports better protects passwords and data. To access secured control panel pages without browser popups warning about invalid certificates, buy proper SSL certificates (explained below).

Other

• 22 – SSH (secure shell – Linux)
• 53 – DNS name servers
• 3389 – RDP (Remote Desktop Protocal – Windows)
• 8443 – Plesk control panel
• 19638 – Ensim control panel

DNS

DNS is a naming system for computers and services on the Internet. Domain names like “theplanet.com” and “orbit.theplanet.com” are easier to remember than IP address like 70.87.6.117 and 70.87.6.16.

DNS looks up the A record to retreive the IP address for a domain name. PTR records are used to lookup the domain name associated to an IP address.

Hostname

Pick a hostname for your server. It can be anything DNS allows, but some names are better than others. Hostnames such as “accounting” or “hackme” may draw unwanted attention. The hostname must be resolvable by DNS, so “example.theplanet.host” will never resolve since there is no such top level domain of “host”. “host.example.com” or “server.example.com” are examples of the proper form of a hostname. Don’t use “www”, that may conflict with a website on your server. Of course, replace “example.com” with the domain name you registered.

In cPanel, the hostname can be easily set in “Networking Setup”. In PLesk, the hostname is set in “Server Preferences”.

A Records

You may want to create common subdomains such as “www”, “ftp”, “mail”. Log into Orbit and use “DNS Administration” to add an A record for your server’s hostname. If your server’s hostname is “host.example.com”, add an A record for “host”.

PTR Records

Many ISPes configure their mail servers that recieve email to lookup the IP address of the senders email server in the reverse DNS and checks to see that the domain name matches the email servers host name.

You can look up the PTR record for your IP address. in Linux and Mac use the “host” command on the console or in the Terminal.app. On Windows use “nslookup” on the Command Prompt. If the results of the PTR record lookup don’t match the server’s hostname, open a DNS change request asking that the PTR or reverse DNS be configured. Please include both the IP address and the server’s hostname.

SSL Certificates

Getting SSL certficates is optional, but it has advantages. SSL encrypts passwords and data sent on the network. The certificates will also assure your customers that they are visiting the right site. A visible benefit is that the web browser won’t popup warnings for invalid SSL certificates. Browsers won’t trust SSL certificates created by the server. It’s really a bad habit to click past those security features.

When ordering, please have a domain name and a working email address. Remember, any website using SSL Certificates should be assigned its own IP address. More information can be found on our support portal.

Protect Your Data

An old adage says:

Better to have and not need it, than to need it an not have it.

Data loss can happen to anyone. I recently experienced a hard disk drive failure at home. It’s certainly disruptive trying to recover data without a current backup.

There are a number reasons data can be lost. We won’t name them all, but just imagine what would happen to your business if you lost just some of your data.

Control panels include backup functionality and can be configured to automaticly backup regularly. For example, cPanel and Plesk will backup to an FTP site, therefore network backup is a good match for customer’s using control panels. There’s no excuse for neglecting backup when configuring your new server.

Know the Mail guidlines

Some Internet Service Providers are very particular about email sent to them. As a mail server administrator, you may experience frustration when your server’s emails are not accepted by ISPs that aggressively combat spam. To better prepare for your server’s operations, you may want to verify with the larger email providers that your messages will meet their criteria for valid traffic. Read what a few of the larger postmasters have to say:

• Hotmail
• Yahoo
• AOL
• Comcast

Move In!

Now that the server has been prepared and the data protected, you are ready to migrate your content. The documentation provided by the vendors are a great resource. Here are the links for our control panels:

• Plesk
• cPanel
• Ensim
• Helm