Category Archives: IDTENT

Error stuff.

Shespamigans

When training the Bayesian filters for SpamAssassin, be very careful about using sa-learn on your active IMAP inbox. Most IMAP clients don’t actually delete messages until they synchronize the mbox. So, after deleting around a hundred Spams, I ran sa-learn over my inbox and SpamAssassin happily learned all of the Spams I had marked deleted as Ham (non-Spam).

Since it was a few hours before I realized what had happened when the incoming Spam getting by SpamAssassin increased tenfold, it was too late to run sa-learn over the old Spams because they had already been truly deleted.

I had to wipe my Bayesian database and start over. No big deal; just inconvenient.

I suck.

Barracuda Spam Firewall

Description (www.barracudanetworks.com):
The Barracuda Spam Firewall is an integrated hardware and software solution for complete protection of your e-mail server. It provides a powerful, easy to use, and affordable solution to eliminate spam and viruses from your organization.

Synopsis:
Under normal circumstances, the Barracuda Spam Firewall only relays traffic for domains it is configured for. If a sender’s domain or the Barracuda’s own domain is whitelisted, however, all rules are bypassed and the Barracuda becomes an open relay for all e-mail sent from the whitelisted domain. This is unacceptable behavior, and whitelisted senders should only be able to send e-mail to domains for which the Barracuda is configured to relay.

Effected Versions:
= Firmware 3.1.11 Fixed (Firmware 3.1.12 Released 02/09/2005)
Continue reading Barracuda Spam Firewall

2STF/1/4: MAC-IO ata-4 – Master

2STF/1/4 is Apple’s way of telling me they hate my soul and I should fuck off and die. Well, not really—it looks like I’ve actually succumbed to the infamous IBM Deskstar 120 GB drive failure. My rig started freezing intermittently on the evening of the 7th and the two 120 GB drives on my ATA/66 bus would randomly disappear and then reappear upon reboot. Running hardware diagnostics resulted in a 2STF/1/4: MAC-IO ata-4 - Master error (Master disk on ATA/66 bus bad).

I panicked. Guess which drive my Retrospect backup index was on? After four or five reboots I managed to copy my Retrospect backup indexes to my boot drive. As soon as my indexes finished copying, the Deskstar breathed its last breath and my rig froze again. Reboot after reboot—I had no ATA/66 bus. The drive was gone. I let out a barrage of obscenities, and I swear I could hear Taps playing softly in the background.

I started searching for big drives since my current 4-drive 400 GB setup was slow, almost full, and now short 120 GB. I missed out on the Office Depot special on 300 GB internal drives for $150 and couldn’t find any other bargains on internals, so I started looking for deals on the LaCie Bigger Disk Extreme 1.0 TB and 500 GB. After finding a sale at Dell, I managed to stack multiple now-expired 30% off and dollar amount coupons and came away with 1.0 TB of storage with free shipping. It took 2 or 3 hours of digging, collecting, and trial and error testing both current and expired coupons, but it saved me over 50%.

A majority of the weekend was then spent restoring just over 100 GB of incremental data from 62 4.7 GB DVD-Rs. Even at 270 MB/minute with two drives sequentially churning away it took quite a few hours of running up and down the stairs as I multitasked swapping DVDs, reading a book, and working on the Powerbook while vegitating in front of the TV. While I was at it, I also restored 8 20 GB TR-5 tapes and two dozen miscellaneous backup CDs and DVDs I had previously created as I ran out of disk space.

Everything eventually successfully restored, and this week will now consist of anally sifting through a decade’s worth of haphazardly-organized projects as well as weeding out duplicate files and old revisions. I’m a loser, but the effort will be well worth it.

Olympus SmartMedia Card Error: Repairing/Recovering Corrupted Cards

Quite a few months ago my Father gave me a pile of large SmartMedia cards that stopped working in his Olympus digital camera. After a few months of use, each card slowly started reporting CARD ERROR on the camera LCD. I was able to use the cards in various other devices, but they never worked again in Olympus digital cameras.

This weekend while visiting friends in Maryland, I was presented with the same conundrum: yet more SmartMedia cards that had become corrupted and made effectively useless in Olympus digital cameras. After doing some research, I finally ran across Sally and Steve’s SmartMedia Repair Guide. All the information presented on their page is available by scouring various other resources, but it was the first page I ran across that made the modified SMPrep (smprep.exe) binaries available:

The basic gist is that some PC card readers can erase the Olympus low-level header, and running smprep1.exe intentionally breaks the low-level formatting of the card so smprep2.exe is forced to restore the Olympus low-level formatting and Panoramic mode.

The process is time consuming, but has successfully repaired all of the corrupted SmartMedia cards! Looks like I’ll be mailing a pile of SmartMedia cards back to my friend in Maryland!

useradd: invalid user name ‘first.last’

Starting somewhere around the migration from Red Hat Linux 9 to Fedora Core, useradd (adduser) stopped allowing dots in usernames. This was all well and good to fix some of the problems that dots can cause under certain circumstances, but it left some systems administrators high and dry when it came to creating new users where company policy dictated a firstname.lastname username scheme.

For the past few months I’ve been using a quick and dirty hack with no ill effects. Create the user as firstname_lastname, rename their home directory to firstname.lastname, and then run vipw and vigr to modify the password and group files to change all instances of firstname_lastname to firstname.lastname.

It sucks, but it works…

We trust you, really! And who were you again?

In theory, the Merchant ID and Terminal ID numbers used to configure a payment processing system and link it to a merchant account are highly sensitive pieces of data that should never be revealed to anyone. With those two numbers, any fraudster could configure their credit card terminal to siphon funds from the account in question by issuing credits to their own credit cards. VeriSign even goes so far as to obfuscate the Merchant ID and Terminal ID numbers in their Transaction Terminal to protect merchants from shoulder surfing customers and co-workers.

A Merchant Account number, much like a checking account number, is generally public knowledge. All checks have a checking account number and routing number printed on them, and most credit card terminals in stores have a decal with the Merchant Account number emblazoned in plain view. Some uneducated clerks and store owners will write their Merchant ID and Terminal ID numbers on the Merchant Account decal out of convenience and, although still a very Bad Thing™, that’s not the subject of my rant.

Oh, no. Instead, I’m going to rant about Paymentech. Make your business run more efficiently, securely and profitably. Since I was setting up a new payment processing system and didn’t have my Merchant ID or Terminal ID numbers handy, I called their customer service line. An incredibly chipper young woman answered and, after asking for my Merchant Account number and what type of software I was configuring, she was more than happy to give me my Merchant ID and Terminal ID numbers! WTF? She didn’t even ask me my name!

So, let’s review. The only piece of identification I supplied was my Merchant Account number, which is easily obtainable by virtually any customer, and in return I was given the two ID numbers a fraudster would need to hijack my account. Awesome! I feel so warm and fuzzy now…

Linux Process Accounting

When installing a fresh copy of Fedora, make sure to select the psacct and sysstat packages and run chkconfig psacct on to enable process accounting. Always a good thing to have snapshots of activity to show which processes and users are sucking up the most system time and bandwidth.

Process accounting was invaluable over the past few days while diagnosing problems with Tomcat4. One of our servers kept spiking up to a load average of well over 100, kernel panicing, and going unresponsive to pings. After various Web searches, we found that other people were experiencing similar problems with Tomcat4 where a server that had been operating normally for months (or years) suddenly started randomly crashing and burning.

After seeing recommendations to upgrade to Jetty or Tomcat5, we chose Tomcat5 for simplicity of configuration and that solved our problem. Hopefully, it won’t happen again.

Looking for devices matching vendor ID=1193

If you disconnect your Canon CanonScan LiDE 80, 50, or 30 scanner, be prepared for thousands of logfile entries while the scanner driver searches the USB bus for the scanner.

Looking for devices matching vendor ID=1193 and product ID=8717
Looking for devices matching vendor ID=1193 and product ID=8718

Wonderful. Since I permanently deinstalled the scanner to replace it with an EPSON Perfection 2400, I ended up running the driver delete utility to nuke it from my system.

No more errors. Joy.

Update: Jon Rentzsch seems to agree that the LiDE sucks.