Paolo found a bug today in activeRenderer's instal procedure. It doesn't update the www/#Prefs.txt file properly, a new line separator is missing between the last 2 lines.

You can either correct the #Prefs.txt file manually using your favorite text editor, or restore the version of #Prefs.txt activeRenderer has backed up in www/gems/activeRenderer/backup, then update activeRenderer to version 1.0 beta 4, quit and restart Radio.

To activate the outline style, check activeRenderer's preferences in Tools / activeRenderer / Preferences...

I'm currently attending David Blank-Edelman's Perl For System Administration tutorial at Usenix 2002.

David is a gifted and experienced teacher, listening to him the whole day is a priviledge.

The first part of his tutorial largely draws from his O'Reilly book. I love the part about 'safe scripting'.

This afternoon's part is even better, David just calls it story telling, but he manages to transmit a lot of his own experience in it.

The other nice thing in this tutorial is that it's full of very accurate and useful Perl sample code, that addresses almost any concern of a regular sysadmin.

L.M. Orchard has modified activeRenderer's XSLT code to devise an RSS news aggregator for Amphetadesk. The result looks pretty good.

Here our some ground rules when using SNMP and client server tools to monitor systems and network devices

1. Do not trust your firewall when using SNMP

   SNMP version 1 transfers all data, including passwords, in the clear. There are a bunch of worms and trojans these days which sole purpose is to penetrate your firewall, then start network sniffers. SNMP monitoring data will be music to crackers ears when it finally reaches them.

   So any SNMP data that travels your firewall protected internal LAN should be encrypted, which is why everyone should be using SNMP version 3 when possible.

2. Beware of client/server schemes

   Most centralized monitors rely on agent modules on on monitored hosts to listen to their requests and respond with relevant information.

   Which means that on every host, the agent will very likely open a TCP or UDP port to listen to requests. This may sound paranoïd again, but every open port is a door a potential cracker might use to access the system. It really depends on the quality of the code that opened the port.

   A more secure way of monitoring a host is having the host send information by itself, on a time or event (trap) driven basis. This avoids the always-open-port potential vulnerability issue.

   Even with SNMP, it is possible to restrict access to the SNMP database to the localhost only, and then have some monitoring code on the host itself send reports and alerts after querying the local MIB.

My laptop's disk let me down yesterday. It's now full of bad blocks. This prevented me from posting for most of yesterday's afternoon. I've managed to keep current bad blocks in check, and restored a working system partition, but this may not hold for long.

Once they have gained a large enough beachhead, it gets difficult to repel a bad blocks invasion.

Anyway, the second part of yesterday's System And Network Monitoring tutorial at the Usenix conference was focused on monitoring packages such as MRTG, Cricket, BigBrother and their ilk, plus what John Sellens call a case study. More on those tools in my upcoming SNMP OPML resources directory.

John is a real SNMP-head. He's written a very simple open source utility, Thresh, to leverage SNMP for system monitoring. I like Thresh because you can see John's experience as a sysadmin through it. It is very 'real world' oriented.

What I think John's presentation lacks is proper focus on security: to my liking, he is not paranoïd enough. More on this subject in my next post.

I'm finished releasing the parts necessary to turn on the 'outline style' in your weblog pages.

• First update your copy of activeRenderer, bringing Radio to the front, and selecting the Tools / activeRenderer / Update menu. This will download all the necessary parts
• Restart Radio.
• Make a security backup of the following files from Radio's www folder:
  • #dayTemplate.txt
  • #homeTemplate.txt
  • #itemTemplate.txt
  • #Prefs.txt
  Just in case you run into unexpected trouble.
• Bring Radio to the front again, and select the Tools / activeRenderer / Preferences... menu. This should bring the activeRenderer preferences page in your browser.

Late breaking news: there is a bug in version 1.0 beta 3, check this update and upgrade to 1.0 beta 4.