Archives
I just wanted to give a shout out to Wordpress, my blogging platform. I've used it since I switched from MovableType whenever they went to a pay model, plus I wanted a completely OSS solution that I could use commercially.
I love that I can upgrade my Wordpress version with the click of a link on my Dashboard.
In fact, it takes me longer to back up my Wordpress install than to update it, just because I need to type in my mysql password:
The long-awaited CentOS update to 5.4 shipped yesterday! Release Notes and Mirrors (including .torrent files). Another great release in the line of a completely free, rock-solid stable Enterprise-grade Linux.
If you have an existing CentOS 5.x system configured to automatically update with Yum, or if you occasionally manually update via Yum, be sure to look at the Known Issues and follow these steps:
Sometimes you just want to have a little fun, and no, reading the news is not really fun, even if it is the Darwin Awards and makes you chuckle a little bit. The best fun is something you can share with some else too.
Enter the World of Goo! If you haven't tried this amazingly simple, but yet fun and complex and puzzling game, try the demo now, and then (by Oct 25th) you can pay whatever you think the game is worth to buy the full version (Windows, Mac, LINUX!).
For those of us with the need for DNSSEC NSEC3 support (required for .GOV, .ORG and others) on RHEL5 / CentOS5, official support isn't coming until RHEL6 (RH BugID 504052). For now, though, we can use the source RPM from Fedora 11 (now Fedora 12) to compile it ourselves.
Install rpmbuild and other dependencies:
yum -y install make gcc rpm-build libtool autoconf openssl-devel libcap-devel libidn-devel libxml2-devel openldap-devel postgresql-devel sqlite-devel mysql-devel krb5-devel xmlto
Download the latest F11 bind and dnssec-conf src.rpm:
cd /usr/src/redhat/SRPMS
wget -c ftp://mirrors.kernel.org/pub/fedora/updates/11/SRPMS/bind-9.6.*.src.rpm
wget -c ftp://mirrors.kernel.org/pub/fedora/updates/11/SRPMS/dnssec-conf-*.src.rpm
Update: F12 has been released with the latest bind and dnssec-conf src.rpm:
cd /usr/src/redhat/SRPMS
wget -c ftp://mirrors.kernel.org/pub/fedora/updates/12/SRPMS/bind-9.6.*.src.rpm
wget -c ftp://mirrors.kernel.org/pub/fedora/releases/12/Fedora/source/SRPMS/dnssec-conf-*.src.rpm
Now install the SRPMs (the trick here is --nomd5 to stop signature verification which will fail due to Fedora's new sha1sum version in RPM):
rpm -ivh --nomd5 bind-9.6.*.src.rpm dnssec-conf-*.src.rpm
Build the RPMs:
cd /usr/src/redhat/SPECS
rpmbuild -ba ./bind.spec
The built bind RPM is now in /usr/src/redhat/RPMS/i386/ or /usr/src/redhat/RPMS/x86_64/ depending on your Arch.
rpmbuild --ba ./dnssec-conf.spec
The built dnssec-conf RPM is now in /usr/src/redhat/RPMS/noarch/
To install bind and dnssec-conf, you need curl and python-dns*(requires EPEL):
yum -y install curl python-dns
Then:
cd /usr/src/redhat/RPMS/*86*
rpm -Uvh bind-9.6.*.rpm bind-chroot-9.6.*.rpm bind-utils-9.6.*.rpm bind-libs-9.6.*.rpm ../noarch/dnssec-conf-1.21-*.noarch.rpm
A newer dnssec-conf is available via EPEL that is more up to date (ITAR, etc.) than the current F11 SRPM (F12 is current), so update it from there if this is allowed by your policy:
yum -y update dnssec-conf
Now you need to subscribe to Fedora bind updates so you can repeat as bug fixes are released. (I've written a detailed post describing how to do this).
--
Update Jun 1, 2010: RedHat has published a BIND 9.7 tech preview for RHEL5.6 per my request:
http://people.redhat.com/atkac/bind/5.6-test/.
There are many different options to help you secure your PC. Good password protection, software protection, and network/dns protection.
There are two important things you can do to secure your computer, no matter if you run on Windows, Mac, Linux, *BSD, or whatever.
Highlevel:
When you SSH to a host/server, the host/server sends its Public Key, much the same as an SSL connection allows you to do with a web-based https connection. This allows you to encrypt data from your client and send it to the host/server which has the Private Key to decrypt it.
With SSL/https we have Certificate Authorities (CAs) that do some sort of verification and then sign SSL certs. Our web browsers (Internet Explorer, Firefox, Opera, Safari, etc.) come with a list of CA Roots. This allows us to verify without going external to our clients that a Public Key is legit, as it has been signed by a pre-trusted CA Root.
