Not all that much to say today. My wife and I are busy prep’ing for the upcoming AWANA year @ Salem Heights Church. I am the AWANA commander, so leading/organizing/enabling the club is my responsibility. The Lord has provided me with an excellent helper in my wife, and together with the Lord’s strength, we are able to accomplish this enormous task. So far the prep to this year has been an exercise in faith as we have 24 out of the 50 leaders that we need for a fully staffed club, and at our first leaders’ meeting we only have 5 people show up, counting us. Praise the Lord that He is going to provide for this ministry. Not only will the Lord’s will be accomplished in the club year, but the Lord is also continually teaching us to be humbly dependent on Him, which is the only place I want to be.

Please pray that the Lord will be bless this AWANA club year. That He will bring the children to the club whom He wants to be there, and that He will provide the leaders to work with these clubbers. Also pray that the Lord will continue to teach me how to be an effective shepherd of His people.

Today as I was trying to secure a squirrelmail install, I needed to force any web requests to go over SSL. At first I searched for ways to do this with apache, but then I found this neat little plugin for squirrelmail called Secure Login. This sweet little plugin auto-redirects any requests sent to http://www.example.com/webmail to https://www.example.com/webmail. Although I still want to know how to do this with apache, this is at least a starting point.

For the last 3 months or so I have been using a Debian linux system as my main firewall/server instead of the old Mandrake box that I had for a long while. One thing that I have really enjoyed about the debian system is the availablity of packages that aren’t in most distro’s, and how simple it is to attain these packages. Using the apt system life is pretty easy: apt-get install apache, apt-get update, apt-get upgrade…. Such things were easy enough, and I have really enjoyed the simplicity of that.

Now I am coming to another point at which I must further learn the “debian way”, how to build/re-build packages. Using an rpm based system I got pretty good at installing source rpms, editing the spec files, and building my own personally tailored rpm files. This worked out quite well for porting packages across multiple machines. Since I usually learn best based on ‘needing’ to do something, I didn’t bother to try and fully understand the debian package system until now. Thus my task is this, to learn the debian package system, and how to re-build packages with my own special trimmings.

To accomplish my goal I turned to my usual research source: google. Searching for the term, “building debian packages”, I found the following items of interest:

http://www.cjfearnley.com/pads/libgnupg.pdf
http://lists.debian.org/debian-user/1997/debian-user-199709/msg00076.html
http://www-106.ibm.com/developerworks/linux/library/l-debpkg.html

Those are just the tip of the iceburg, but they seem to be a good start for me. I will try and keep you updated with the status of my experience with the Debian packaging system.

I was just reading this article at The One Ring (.net) and they mentioned how NewLine Cinema is going to be re-releasing the extended versions of the first two movies back to theaters. Now for those of us who don’t have the luxury of a big screen and surround sound, we can get refreshed in the movies for only $11/person. Please pardon the sarcasm, as I am very excited about the re-release of these to theaters, but not so happy about the current state of ticket prices in America.

I just got back from lunch and saw this email from Microsoft. A quick perusal of this left me only to say, “WOW!”

Title: Unchecked Buffer in DirectX Could Enable System
Compromise (819696)
Released: 23 July 2003
Revised: 20 August 2003 (version 2.0)

Software: Microsoft DirectX(r) 5.2 on Windows 98
Microsoft DirectX 6.1 on Windows 98 SE
Microsoft DirectX 7.1 on Windows Millennium Edition
Microsoft DirectX 7.0 on Windows 2000
Microsoft DirectX 8.0, 8.0a, 8.1, 8.1a, and 8.1b when
installed on Windows 98, Windows 98 SE, Windows
Millennium Edition or Windows 2000
Microsoft DirectX 8.1 on Windows XP or
Windows Server 2003
Microsoft DirectX 9.0a when installed on Windows 98,
Windows 98 SE, Windows Millennium Edition (Windows Me),
Windows 2000, Windows XP, or Windows Server 2003
Microsoft Windows NT 4.0 Server with either Windows
Media Player 6.4 or Internet Explorer 6 Service Pack 1
installed.
Microsoft Windows NT 4.0, Terminal Server Edition with
either Windows Media Player 6.4 or Internet Explorer 6
Service Pack 1 installed.

Impact: Allow an attacker to execute code on a user’s system
Max Risk: Critical
Bulletin: MS03-030

Microsoft encourages customers to review the Security Bulletin at:
http://www.microsoft.com/technet/security/bulletin/MS03-030.asp
http://www.microsoft.com/security/security_bulletins/MS03-030.asp

Over the last several days there has been quite a bit of traffic on Bugtraq reguarding Blaster and it’s variants. What was interesting to see was one readers (well thought out) opinion that somehow the major blackout on the east coast was somehow due to the affect of Blaster taking many of the remotely accessible power control machines offline. After reading his case for this unforseen affect of the worm, I find myself wanting to believe him. As I hear the ‘official’ explanation that it was the result of lightning I hope that this is not the case. I hope that a system would be well designed enough, with plenty of backup systems to be able to handle even the powerful lightning storms that we saw while on vacation (yes, yes there is more on that coming…). I sincerely hope that this issue was the result of something unforseen, like a windows worm, rather than something that could very easily be forseen, lightning.

It that fellows saying that the blackout a result of a little too much paranoia, probably. Though for our sakes, I hope he is correct.

According to CNN there seems to be a major blackout on the East Coast. It looks like someone forgot to put another quarter in the machine to keep it running.

I was reading my daily dose of comics this morning, and I found this Foxtrot comic. Although I must say in the defense of Windows, that it has drastically improved with xp.

Today I did my first install of pop-before-smtp. I found a little howto for how to get it working with postfix. I definitely suggest that anyone who is interested in remotely relaying email give this a look. Also, if you combine this with pop3 (or imap) over ssl, you get yourself a secure remote email solution. To make it even more secure you could use a pop3 server that maintains it’s own password database, but that is a pain to security ratio that you will have to weigh out for yourself, especially since it does you no good to have users with the same password on the system as in the pop3 password database.

I was reading Security Focus earlier today, and I read two excellent articles about security and blogging. (Links are here and here).

The author talks how through the usage of blogs data can quickly and accurately be disseminated. I am going to follow his advice and find a free “RSS aggregators” and make is easy to read multiple blogs. When I find a good one I will post more about it. If anyone has any ideas, please ‘comment’.