geekwisdom's blog

Sending Cache-control Headers Using Apache's header module

Posted Sat, 2005-02-12 15:55 by geekwisdom

NOTE: If you're using Apache 2.x go here.

I manage a fair number of Apache 1.3x web servers. Most of which are used for virtual hosting. After reading an article by Jeff Fulmer in SysAdmin Magazine entitled "Save Bandwidth and Increase Performance with Cache-control Response Headers" I decided to configure my Apache servers to use mod_header to send the Cache-control header for graphics files.

Countermeasures for Identity Theft from Frank W. Abagnale

Posted Mon, 2005-02-07 11:23 by geekwisdom

An article by Frank W. Abagnale, the lecturer and consultant, entitled 14 tips to avoid identity theft details some good advice for protecting your identity.

Abagnale's tips:

1. Guard your Social Security number. It is the key to your credit report and banking accounts and is the prime target of criminals.

2. Monitor your credit report. It contains your SSN, present and prior employers, a listing of all account numbers, including those that have been closed, and your overall credit score. After applying for a loan, credit card, rental or anything else that requires a credit report, request that your SSN on the application be truncated or completely obliterated and your original credit report be shredded before your eyes or returned to you once a decision has been made. A lender or rental manager needs to retain only your name and credit score to justify a decision.<!-- break -->

Password management

Posted Tue, 2005-02-01 12:26 by geekwisdom

Many people need to create accounts for different things. Accounts for buying things, accounts for viewing things, accounts for participating in things. Then there are all the accounts they need for things like e-mail, terminal logins, etc.

I've heard of people who use the same password for everything. While it would be easy to remember this password it is also easy to compromise a single password. This risk increases if it is ever sent over a network or the Internet in plain-text. If someone could intercept the password while it passed over the network they would have access to every account protected by that password. This is dangerous.

Using Spamassassin with Qmail

Posted Sun, 2005-01-16 16:53 by geekwisdom

I've been using Qmail for some time now and like it quite a bit. I recently configured a new Qmail server and wanted to set it up to use Spamassassin on a per user basis. I used to use ifspamh to do this but for some reason it would not work properly on my new server. While I was looking for a fix I came across a better way.

Open Middleware

Posted Wed, 2004-09-29 11:22 by geekwisdom
OpenAdapter is open source EAI (Enterprise Application Integration) software. Written in Java, OpenAdapter can creat application to application or application to middleware connections. OpenAdapter provides "many ready-built interface components for JMS, LDAP, Mail, MQ Series, Oracle, Sybase and MSSQL Server as well as data exchange formats such as XML. New components are regularly added." [OpenAdapter]

Open Source JMS

Posted Mon, 2004-09-27 08:07 by geekwisdom
"OpenJMS is an open source implementation of Sun Microsystems's Java Message Service API 1.0.2 Specification."

Assessing Internet Explorer Use in Light of Vulnerabilities

Posted Thu, 2004-07-01 10:05 by geekwisdom
I think some of the wrong conclusions are being drawn about the latest exploits for some known vulnerabilities in Internet Explorer (IE). First of all there is NO production level patch for Windows that will protect you from this exploit. SP2 RC2 is a release candidate, thus RC2. Microsoft says, "Customers who are already following our safe browsing guidance significantly reduce their risk from this type of attack." Reduce the risk, not eliminate it.
http://www.microsoft.com/security/incident/download_ject.mspx