Technology
Dell NBD Service
I bought my Dell Latitude C840 notebook a little over three years ago and I was smart enough to get next business day service for it for a four year period. While I haven’t used the service all that much, I’ve used it enough that I feel it was worth the extra cost. Today I had my fans replaced for the third time. Normally I would think that this is perhaps a quality issue but when you consider that my fans are running almost all the time, I don’t feel that the quality is poor. They are little fans and they probably run 2500 hours or more a year. In any case, I called Dell on Friday and on Monday morning I had a contract tech from Dell replacing my fans. And when my BIOS clock was failing, they had a new motherboard for me the next day too. Compare that with warranty service where you take the laptop back to the point of purchase or worse, mail back to depot service. When you rely on your notebook to do your job, suddenly the extra $300 for three more years of coverage doesn’t seem so bad does it?
When at work, I have my notebook docked and because of a poor design, the docking station somewhat blocks the flow of hot air pushed out the laptop from the fans. As such, my notebook tends to run a bit hotter when docked. As such, the at least one of the fans are running throughout the day. Interestingly enough, the Dell BIOS doesn’t have the fans come on until the temperature reaches the mid sixties, which to me, seems awfully high. But luckily enough there is a nice set of utilities for Linux that allow me to monitor the temperature and fan speeds and thus keep the temperature much lower. I used to do that manually until I discovered an even cooler plugin for Gkrellm called i8krellm that monitors the temperatures and automatically turns on the fans as appropriate when certain temperature levels are reached. That ultimately means that my fans last longer since they only come on when needed and more importantly it means a longer overall life for my notebook.
And for the past year I’ve been considering a new Dell notebook. But I at this point I can’t see it happening. My C840 is a 2 GHz Pentium 4 M. But after the C840 was discontinued and they moved onto the D-series, they dropped the CPU speeds down to 1.x GHz on Latitude notebooks and it’s only recently that they brought out the D840 which finally has a CPU speed that rivals my three year old notebook. I guess most business customers (Latitude is mostly geared for business) don’t need high speed for compiling (and playing Enemy Territory) like I do.
[…]
Referrer Spam - Followup
I thought I’d follow up my referrer spam entries with some details on the results of my efforts. As of this afternoon, instead of the blog server being bombarded with referrer spam hits, only 1.3% of the hits are referrer spam that are getting past my new redirection setup using Apache’s mod_rewrite module. Apache (the web server) is still getting the same amount of hits from those zombie networks but thanks to mod_rewrite, the resulting bad referrer page is only 854 bytes in size and doesn’t hit the blog application whatsoever. This means less traffic for sure, but more importantly, it means less strain on Roller (the blog application) and as result less strain on the database user by Roller. And when spam sneaks past Apache, 99% of that gets blocked by Roller, which returns a 403 error if there’s no referring link back to this blog. And when I see those in the Apache logs, I adjust the Apache configuration.
So how did I accomplish this successful referrer spam blocking. As I mentioned, I’m using Apache’s mod_rewrite module and started with a config file I got from Dave Child’s log. You can see that file over on Dave Child’s blog or if you want something more recent, you can the most recent referrer spam blocker file that I’m using.
[…]
Referrer Spam - Day 3
In the continuing saga of Douglas vs. the blog referrer spam, I think I can finally say that while the war continues, the initial battle is over. And the war is more of an Internet war, being fought by system administrators around the globe. In any case, for now I have given up trying to stop the referrers at the firewall level, though I have some ideas that I may pursue in my spare time. Until those ideas get implimented, I’ve settled on an Apache-based solution, in addition to the Roller changes mentioned yesterday.
Thanks to some Google searches, I landed on Dave Child’s page on blocking referrer spam using the Apache’s mod_rewrite. You can see the details on Dave’s site and I’ve taken his list and updated and modified it. If anyone wants my list, I will be updating it regularly and would be more than happy to share.
To see the way it works, simply go to an ’Airplane Fetish’ page that I set up. Apache doesn’t look at the page contents but instead looks at the referring URL, that in this case will be sent along with the browser. Apache will catch the “-fetish” in the referring URL and instead forward you to a friendly page explaining what just happened and giving you a few options. I did this on the off chance that my rules catch something that isn’t really referrer spam, such as the link above which is clearly just a page written by a guy who loves airplanes.
If you have referring turned off in your web browser, you won’t see anything but then again I’m not trying to stop that. A typical referrer spam looks like this in the logs:
216.203.40.167 - - [18/Jan/2006:14:48:41 -0700] "GET /roller/page/downey?catname=/Games HTTP/1.1" 200 854 "http://www.some-bad-domain.com/keyword1/keyword2/etc/keyword-N.html
The bad guys are trying to get their domain, www.some-bad-domain.com, to show up in my referrer list with the hopes that either someone viewing the page will click on the link or that when Google will slurps up the contents of the page, it will see the link to some-bad-domain.com and increase that domain’s rank in their search results.
The irony of this whole thing? We don’t ever have referrer lists on our blogs. Nice.
[…]
Referrer Spam Continues
I spent some time today adding IPs to the block list on the blog server’s firewall. Fun times. As fast as I could add one IP, another two would show up. I finally gave up and started looking at other options. The mod_evasive Apache module didn’t work because the referrer spamming program is smart enough to not hit the site from the same IP within 30 or more seconds. I’ve started looking at other options at the Apache level.
I’ve also enabled a few features on the blog server that should help, but only after the referrer spam has reached the blog application which can cause unnecessary drain on resources. The first of these options is that referring URLs containing various keywords are ignored and an error page is returned. This shouldn’t be an issue for any regular readers who read the Zymeta-based blogs via an RSS reader or a bookmark. The second option I enabled is Roller’s Linkback extraction, which means that if the referring URL doesn’t actually contain a link to the page being requested, an error page is returned. The downside to this option especially is that there will be a reduction in speed for accessing the page.
Regular readers shouldn’t notice much in the way of difference but if anyone encounters any problems, please let me know. Oh, and if any zombie network owners are going to be in Calgary anytime soon, let me know ‘cause my shotgun has a few words to say to you.
[…]
Death To Referrer Spam
Last night I was trying to edit some of my IFR entries (which, for those who have been waiting, should start appearing this week), but kept running into errors with Roller Weblogger. Roller is the Java Servlet based application that I’ve set up to run our blogs and for the most part it’s been pretty stable. So I couldn’t understand why I was having issues. A quick check into the logs showed that Roller was exhausting the database connection pool, which also didn’t make any sense. That is until I checked the Apache logs and discovered six IPs hammerring the blog server (mostly Mike’s for some reason) with a dozen hits or so per IP per second. As a result, Roller couldn’t keep up and was throwing exceptions due to an exhausted connection pool.
The IPs that were hammering our server are now blocked by the machine’s firewall. And I’m looking into an Apache module that will also help with DoS type attacks, whether an attack per se or not. I did a reverse lookup on the IPs and most seem to be regular IPs assigned to ISP blocks. That likely means that most of the IPs doing this referrer spam are computers part of a so-called zombie network. While I can’t say for sure, I’d be willing to bet that the majority of all zombie computers are running the Microsoft Windows operating system.
I’m in awe that Microsoft can continue to ship software that is built such that exploits are easy to take advantage of and are hard for Microsoft to fix. I realize that there are exploits in Linux also, but Windows is a commercial product that people are paying for. And yet, despite the influx of cash and army of programmers, Microsoft is unable to come up with anything remotely close to Linux in terms of security or ease of patching exploits. On top of that, the default Windows setup for the longest time was open to the world in terms of exploits.
So for now, I seem to have repulsed the referrer spam attack but I know that they’ll simply regroup and attack again. But in the meantime, I’ll be looking for other defences and hope to repulse them all for good. One can only hope.
[…]
Watching the NYC Marathon (from the other side of the country)
My former business partner Marcos is running the NYC Marathon this morning. Actually, as I write this he’s been running for at least 3 hours, 3 minutes and 24 seconds. I know this because I’ve been tracking his progress online, from the comfort of my living room (thanks to my wireless network, right Mike?), and can see that Marcos passed the 20 mile mark with that time.
I think I’ve said this before but this is the kind of thing the Internet was really meant to be used for; the sharing of information and connecting the world. It was not meant for zombie computer networks, spam, pr0n or other such interruptions. Those things are an immense annoyance but we put up with them because of cool things like tracking your friend’s four hour marathon struggle online.
Oh, and Marcos, when you read this, you owe me $34.99 USD. Your rubberdinghy.com domain is still listed under my old Network Solutions account and it expired on November 4th. And seeing as we’re friends and all, I renewed it for you… again. :)
[…]
On Cookies
I’m not paranoid but I do have my Firefox web browser set such that it asks me every time a website wants to set a cookie. Initially this was a huge pain, but in today’s connected world I think it’s my right to not be tracked by anyone and everyone. Some sites (such as Google, my online banking, etc) I allow to set whatever cookies they want. I either trust them or require functionality that continues between browser sessions. Other sites (such as IMDB or my online photo developer) I allow cookies to be set for the session only, meaning that they can set whatever cookies they like but those cookies will disappear as soon as I shutdown my browser. The rest of the cookies I receive, I either allow for the session or I block entirely.
What bugs me the most about cookies is the fact that some sites insist on setting a cookie for every file that’s sent. So for image heavy sites that do this, they are setting the same cookies over and over for each image. And this happens for every page. Why would they set their server or application up to do that? What could possible be achieved? I thought perhaps it was a web thing in general but on a recent application I built with Apache and Tomcat, I set 3 cookies at the start of the session and that’s it.
So I now have a rule; every general website gets to set 5 cookies and then they are added to my deny list. If the site doesn’t function without cookies (which a regular, non-login type site should), then they no longer get my business, so to speak. Oh, and those 2o7.net cookies that everyone seems to use? Those are blocked forever more.
[…]
Web Browser Standards
I’ve been working on a web-based booking system for the past six months for the Calgary Flying Club. It’s a part-time project, hense the long development time frame, with work being done here and there as free time in evening and weekends becomes available. Of all the web applications I’ve worked on in the past, most have always been about content and although they were clean and easy to use, they didn’t use anything fancy HTML-wise. This web booking system however, is the first application where the things we are doing are pushing the standards envelope.
We’re actually not push the envelope much, but it’s enough to produce results that are… irritating. For example, when specifying the size of an object, one browser will include the border in that size and another won’t. So if you have a 2 pixel border, one browser will display that object 4 pixels wider (2 pixels on either side) that the other. I don’t know which way is the proper, standard-specified way nor do I care. All I care about are browsers that follow standards.
Unfortunately, it’s not ever likely to happen that all browsers will follow all standards. That means that you either have to develop for the lowest common denominator (for the browsers you wish to support) or you have to single out one or two browsers and force people to use those. I’m not a fan of the latter at all. For those of us using Linux or using a non-IE browser (or both), we’ve faced that problem for many years. But things are looking up. Microsoft has lost market share to Firefox over the past year and I’m encountering fewer and fewer websites and apps that “require” Internet Explorer.
For the booking system we chose a fairly conservative ’middle’ ground; we recommend Firefox or Internet Explorer, support a handful of other popular browsers (such as Opera and Konqueror) and have documented what works and what doesn’t on the majority of the other popular browsers (such as Safari or Lynx). We’ve pushed Firefox as the browser of choice, but only because it truly supports the latest standards and because the developers responsible for it are continually upgrading it and fixing bugs (unlike Microsoft, who haven’t upgraded IE for the past couple years).
[…]
iPod woes
I was catching up on my reading today (I had let my news aggregator climb to almost 1500 unread articles) and read about one man’s troubles with his iPod and Apple’s service. I realize that it’s just a single example but when you read about something like this, you have to wonder how many other times this has happened.
[…]
Google Is Amazing
Google’s crawling power is amazing. I’m not sure if Google is crawling every URL on the web 100% of the time or if they focus their crawls on sites that update more frequently, but whichever it is Google is on top of the searching game. I posted a blog entry yesterday morning about my NYC trip and how I’m staying with my former business partner who’s now president of Solium Capital’s NYC office. The next day I’m in the middle of page three of results from a Google search for “Solium Capital”. So in just over 24 hours time, Google crawled my blog, grabbed the latest content and indexed it such that it shows up in some search results.
That said, I’m not entirely sure my entry has much to do with Solium’s operations but nevertheless I find Google’s gobbling up of the web fascinating. Perhaps they have faith in my posting as a source of information. I will have to do an entry in the near future about my two years at Solium to justify Google’s ’faith.’
[…]
