How to Install Mac Fonts on Ubuntu also works on Fedora 12.
I love my little 10″ Asus Eee PC 1005HA. It’s an awesome netbook that does the netbook job well. It’s small, light and has good battery life. It has a big hard drive, a web cam, and it runs Linux well. I use it every day.
I decided to use Arch Linux because I wanted a lightweight distribution to go with the netbook theme, which is small and fast. I like how Arch is a rolling release distro and I get updates faster than some of the bigger distros like Ubuntu. Arch Linux also has a cool wiki page for the 1005HA too.
I used the Arch wiki to configure my netbook and most things worked perfectly. I only had a problem with screen glitches after putting the netbook in sleep mode. Waking up from sleep would have the laptop blinking and eventually it would get bad enough to freeze up.
After searching google and forums for a solution, I read through the Wiki again to make sure I didn’t miss something. After reading the display and input settings paragraph again, I noticed that it said an xorg.conf file is not needed. Then after that it goes on to talk about all the options to put in your xorg.conf file… WTF? Anyway, I moved my xorg.conf file and rebooted and it seemed to help with the glitches.
I think it’s a software or a config problem because I booted with a Fedora 12 usb key and I don’t have the same problem.
UPDATE: I still had the same problem with glitches after a week of working with it. So I installed Fedora 12 and it works flawlessly.
I started using CakePHP for a web project that I am doing because I want to update my web development skills. I am making a simple blog site to start off. I have a Posts model, a Comments model, and a Tags model. I am leaving the Tags model alone and focusing on getting Comments going. I am running up against a problem having to do with a Posts model and the HasMany relationship with the Comments model.
When I add a Comment, the form shows a drop down with all the possible Posts to link it to. This is not what I want. I want to hit a button inside a Post to create a comment. I don’t want the user to have to select the Post that they were just looking at.
Check out the site at ohsoccer.net.
Posts model:
-
-
<?php
-
-
class Post extends AppModel {
-
var $name = ‘Post’;
-
‘rule’ => ‘notEmpty’
-
),
-
‘rule’ => ‘notEmpty’
-
)
-
);
-
‘Comment’=>array(
-
‘className’=>‘Comment’,
-
‘foreignKey’=>‘post_id’,
-
‘dependent’=>true
-
)
-
);
-
}
-
?>
-
Comments model:
-
-
<?php
-
-
class Comment extends AppModel {
-
var $name = ‘Comment’;
-
‘rule’ => ‘notEmpty’
-
),
-
‘rule’ => ‘notEmpty’
-
),
-
‘rule’ => ‘notEmpty’
-
)
-
);
-
-
‘Post’=>array(
-
‘className’=>‘Post’
-
)
-
);
-
}
-
-
?>
-
Posts Controller:
-
-
<?php
-
-
class PostsController extends AppController {
-
-
‘limit’=>20,
-
‘order’=>array(
-
‘Post.created’ => ‘desc’
-
)
-
);
-
-
var $name = ‘Posts’;
-
-
function index() {
-
//$this->set(‘posts’, $this->Post->find(‘all’));
-
$data = $this->paginate(‘Post’);
-
$this->set(‘data’, $data);
-
}
-
-
function display() {
-
$this->set(‘posts’, $this->paginate(‘Post’));
-
}
-
-
function view($id = null) {
-
$this->Post->id = $id;
-
$this->set(‘post’, $this->Post->read());
-
}
-
-
function add() {
-
if ($this->Post->save($this->data)) {
-
$this->Session->setFlash(‘Your post has been saved.’);
-
}
-
}
-
}
-
-
function delete($id) {
-
$this->Post->del($id);
-
$this->Session->setFlash(‘The post with id: ‘.$id.‘ has been deleted.’);
-
}
-
-
function edit($id = null) {
-
$this->Post->id = $id;
-
$this->data = $this->Post->read();
-
} else {
-
if ($this->Post->save($this->data)) {
-
$this->Session->setFlash(‘Your post has been updated.’);
-
}
-
}
-
}
-
-
}
-
?>
-
Comments Controller:
-
-
<?php
-
class CommentsController extends AppController {
-
-
var $name = ‘Comments’;
-
-
function index() {
-
$this->set(‘comments’, $this->Comment->find(‘all’));
-
}
-
-
function view($id = null) {
-
$this->Comment->id = $id;
-
$this->set(‘comment’, $this->Comment->read());
-
}
-
-
function add() {
-
if ($this->Comment->save($this->data)) {
-
$this->Session->setFlash(‘Your comment has been saved.’);
-
}
-
}
-
$posts = $this->Comment->Post->find(‘list’);
-
}
-
-
function delete($id) {
-
$this->Comment->del($id);
-
$this->Session->setFlash(‘The comment with id: ‘.$id.‘ has been deleted.’);
-
}
-
-
function edit($id = null) {
-
$this->Comment->id = $id;
-
$this->data = $this->Comment->read();
-
} else {
-
if ($this->Comment->save($this->data)) {
-
$this->Session->setFlash(‘Your comment has been updated.’);
-
}
-
}
-
}
-
-
}
-
?>
-
Posts View Form:
-
-
-
<!– SHOW COMMENTS –>
-
<?php foreach($post[‘Comment’] as $comment):?>
-
<?php endforeach;?>
-
Comments Add Form:
-
-
<h1>Comment</h1>
-
<?php
-
//echo $form->input(‘post_id’);
-
//echo $form->input(‘post_id’, array(‘type’=>’hidden’) );
-
//echo $form->input(‘post_id’, array(‘type’=>’hidden’, ‘value’ => $session->read(‘Post.id’)));
-
//echo $form->input(‘post_id’, array(‘type’=>’hidden’));
-
//echo $form->hidden(‘post_id’, array(‘value’=>’13′));
-
-
//print_r($session->read());
-
?>
-
I am a Linux veteran, but I am recently getting updated on all the new Linux desktop stuff going on. I have decided that I like this desktop because of its simplicity.
I am using Avant Window Navigator, PyPanel, and Gnome-Do as my main tools in this interface. This allows me to not have any Gnome panels, but it still gives me a Mac-like launcher at the bottom and Gnome-do to launch anything else. The rest of the interface is clean. I also have compiz cube and 4 desktops to increase my screen real estate.
The background is a picture I took of the latest Ohio blizzard in my back yard (Blizzard of 2008).
I like my iPod Nano, but I do not like having to dual-boot into Windows to use iTunes. Since my iPod is new and has new firmware, it is not supported by the cool Linux software out there. I’d like to get a new MP3 player that I can use with Linux and Banshee. It would be nice if it was small and had that “cool factor” like the iPod does. I suppose I could just wait until Rockbox firmware comes out for it.
Ogg Vorbis support is mandatory in my opinion. It is a free format comparable to mp3, except it is not proprietary or patented, so it can be included in Linux without any headaches or licensing fees.
Rockbox firmware should be avaliable for it if it does not support Linux natively.
My first choice would be to buy a new player, but I would settle for buying a used one off of eBay.
I’d like to hear any comments from people who like their MP3 players and use Linux with it.
We are used to IP addresses looking like this: 192.168.1.50, four sets of decimal numbers from 0 to 255. IPv6 will eventually replace our current system and the new addresses look very different. This is an example IPv6 address: fe80::20f:66ff:feed:7c77/64. It looks pretty different from what we are used to. It looks like there is a word in there, “feed.”
The main difference between the two addresses is the amount of bits they represent. The old IP address only has 32 bits, 4 groups of 8 bits represented by decimal numbers. In binary, 11111111 equals 255 in decimal, so that is the largest number we can have in an octet. IPv6 addresses have 128 bits, 8 groups of 16 bits. The largest decimal number that can be represented with 16 bits is 65535. That would make a large IP address. Imagine an address like this: 65535.50034.12232.55332.20576.10016.34113.29991. That would be worse than the real IPv6 address above.
IPv6 addresses use hexadecimal instead of decimal. In hex, we can count all the way from 0 to 15 with one digit by using letters “a” through “f”. So, one hex digit can represent four bits (1111 = f). Four hex digits can represent 16 bits, which makes our IPv6 octet. Our IPv6 address looks like this: fe80:0000:0000:0000:020f:66ff:feed:7c77. We can shorten this further by leaving out leading 0’s, and we can take one set of all 0’s and replace them with a double colon (::). So we can shorten this address to: fe80::20f:66ff:feed:7c77/64. The /64 is the prefix length, and it just means that the first 64 bits, or half of the whole address relates to the network portion of the address. The last 64 bits is the host portion of the address.
My hosting provider (Geekempirehosting.com) made me move my web site from their server at Softlayer.com to a new one at Rackspace.com. If you had any problems getting here during that transition, then that was the issue. It looks like everything is back up pretty smoothly, with only DNS caching slowing things down. Thanks to Geekempirehosting for their quality support and customer service!
This article is a brief introduction to the subject of Ethernet switch security.
Modern Ethernet switches have many features that enhance a network, but also introduce some vulnerabilities. VLANs (Virtual LANs) have been around a long time. Switches can be connected with trunk links that transmit multiple VLAN traffic to another switch. This allows, for example, port 5 on switch 1 to be in the same “LAN” as port 10 on switch 2. Bob in accounting can be on the same LAN as his accounting server even though they are in different buildings. This is very powerful, but there are several ways that this technology can be exploited, and there are a few things a network administrator can do to minimize the threat.
VTP Security
Virtual Trunking Protocol (VTP) makes VLAN configuration convenient for network administrators. Instead of defining a VLAN on every switch in the network, an administrator only needs to define it once on a VTP server, and VTP will propagate that VLAN to all of the switches in the same VTP domain.
VTP has three modes of operation: server, client, and transparent. VLANs can only be set up on a swtich when it is in VTP server or VTP transparent mode. VTP clients listen for VLAN updates from VTP servers. Switches set up in transparent mode do not participate in the VTP domain, but they forward VTP updates that they receive.
Transparent mode is the most secure way to set up a switch. It cannot get its VLAN database over-written by a VLAN update from a server. However, this may not be practical if there are many VLANs that need to be configured on many different switches.
Switches in client and server mode can have their VLAN databases wiped out by a rogue member of their VTP domain, either a malicious hacker or a administrator that does not understand how his actions might affect network. If a switch doesn’t have a VLAN defined, then it cannot forward that traffic and systems will be down.
VTP domains need to be secured with a password so that a hacker cannot negotiate a trunk on a switch port and begin participating in a VTP domain, and possibly overwriting the VLAN databases of all the switches in the network.
Administrators need to be careful when bringing in a new switch into the VTP domain. Before they plug in a new switch, it should be configured as a client on the domain so that it doesn’t overwrite its blank database to any other switches. After it learns all of the VLANs on the network, then it can be carefully switched over to a VTP server if necessary.
802.1q Security
802.1q is an open standard for VLAN Trunking. This protocol is what switches use to communicate with each other over trunk links. A lot of switches have the default setting of auto-negotiate on their ports. This could allow for a hacker to plug in his own switch and negotiate a trunk. He could then sniff all traffic on the network at his leisure. He could also do malicious things like bring down the network, as we saw in the section on VTP.
Network administrators should configure all non-trunk ports to be access only ports. Switch modes should never be auto, they should be either trunk mode for switches or multi-homed hosts or access mode for single-homed hosts.
Port Security
Switches should be configured so that only the computer that the administrator configures can use the network. If that computer is unplugged and a different one is plugged into the port, the port should error to disabled and alert the network administrator.
Dsniff
Applications like Dsniff expose switches as less secure than originally thought. Since each switch port is on it’s own collision domain, it was thought that a regular Ethernet sniffer would not be able to capture unicast traffic of hosts in a switched environment. Arpspoof fools hosts into sending ethernet traffic to the sniffer using arp packets that declare the spoofing host to be the gateway for the subnet. All traffic is sent through the sniffer even though the switched network is supposed to be sniff proof.
The best way to segment a network is to use multiple switches separated by a firewall or a router with firewall software. Setting up a secure Ethernet switch takes a lot of work and planning. The default settings are usually for the switch to just work, but these default settings can open up the switch to vulnerabilities down the road.
IPv6 is the future of IP, and it’s a good time to start learning about it. It’s very easy to put an IPv6 address on Linux. IPv6 addresses have 126 bits. This allows for an enormous address space. Addresses are 8 sets of 4 hexidecimal numbers. Each hex digit represents 4 bits. This gives us 16 x 8 = 128 bits. Addresses look something like this:
fef0:aaaa:0:bbbb::50/64 (short for fef0:aaaa:0000:bbbb:0000:0000:0000:0050/64)
This is the IPv6 address I am using on my workstation. The first 16 bits (fef0) identify the address as a “site local” address. This is the equivalent of a private IPv4 IP (192.168.1.50 for example). “Global unicast” addresses begin with a 2 or 3 as the first hex digit. These addresses are like public routable IPv4 addresses.
In linux, you can set up an IPv6 address with this command:
ifconfig wlan0 inet6 add fef0:aaaa:0:bbbb::50/64
where wlan0 is my network device.
To test: (fef0:aaaa:0:bbbb::25 is another workstation on my LAN)
[root@alpha1 network-scripts]# ping6 fef0:aaaa:0:bbbb::25
PING fef0:aaaa:0:bbbb::25(fef0:aaaa:0:bbbb::25) 56 data bytes
64 bytes from fef0:aaaa:0:bbbb::25: icmp_seq=1 ttl=64 time=73.6 ms
64 bytes from fef0:aaaa:0:bbbb::25: icmp_seq=2 ttl=64 time=2.23 ms
64 bytes from fef0:aaaa:0:bbbb::25: icmp_seq=3 ttl=64 time=2.26 ms
64 bytes from fef0:aaaa:0:bbbb::25: icmp_seq=4 ttl=64 time=2.25 ms— fef0:aaaa:0:bbbb::25 ping statistics —
4 packets transmitted, 4 received, 0% packet loss, time 3000ms
rtt min/avg/max/mdev = 2.236/20.105/73.665/30.922 ms
(Edit)
ICANN controls the root DNS zone for the Internet, and 6 of the 13 root DNS servers are now reachable by an IPv6 address. See: this article.
Desktop Linux has arrived. But there still are a few things that prevent it from being the only OS I need. Linux is strong at a lot of things. It has the best desktop experience in my opinion with Compiz effects and KDE 4 out now.
iTunes
iTunes seriously needs to get a Linux port from Apple, but Apple won’t do it because MacOS would get killed by Linux. They like it the way it is. The best option besides Windows is MacOS because of the support it gets, while Linux is the black sheep of the family.
Games
I know wine has come a long way, but I can’t seem to get anything running. I mostly don’t play games at all in Linux. I know Linux has some ok 3d games like the ones listed here, but this list is missing the retail boxed games that people want to play. You can’t go to Best Buy and buy a cool game for Linux. They are all for the PC.
Tax Software
This time of year, I have to run Windows to use Taxcut or TurboTax. There is a TurboTax online that I tried, but it needs Windows or MacOS to run.
