ColdFusion Muse

The "Certificate Authority" Racket

Mark Kruger December 1, 2005 11:16 AM Hosting and Networking Comments (13)

You might think that a "secure certificate" is all about encryption. Actually there are two reasons to buy a secure certificate and only one of them is encryption. The other one is about "legitimacy". That second reason is a bit of a sham. It's also about how a very few companies get to profit from a ubiquitous a essentially free technology.

Read More
  • Share:

Email Injection Bot Attacks and SPF Records

Mark Kruger November 5, 2005 11:44 AM Coldfusion Security, Hosting and Networking Comments (2)

I got an email from someone on my blog about implementing SPF that said it should cut down on email injection attacks. The reasoning was that the email injection attack typically sends "from" the domain of the web site. Since SPF dictates the servers or domains mail can come "from" then mail from the web server would be rejected. Stopping Email Injection Bots would be a nice side effect of SPF, but it is unlikely. This reasoning does not take into account 2 important details.

Read More
  • Share:

Dual NIC - Dual Gateway Issue on Windows 2000

Mark Kruger November 4, 2005 7:04 PM Hosting and Networking Comments (0)

Here's a tip on a windows 2000 box. If you have 2 NICs connected to the same subnet using NAT with static IPs but you are using 2 separate gateways you may suffer from periodic outages of 80 to 180 seconds. In a network I recently worked on, there was a machine that handled static mappings for 2 sets of IPs routed through 2 separate PIX using static mappings and NAT. In this scenario the PIX is the gateway. So NIC 1 with address 192.168.0.8 was setup with gateway 192.168.0.1 and NIC 2 with IP 192.168.0.9 was set up with gateway 192.168.0.2 - both gateway metrics set to 1.

Read More
  • Share:

Spam Wars Episode III - Revenge of the SPF

Mark Kruger November 3, 2005 11:47 AM Hosting and Networking Comments (0)

Yesterday and today I've joined the SPF bandwagon. SPF or "Sender Policy Framework" is a way of trying to back track an e-mail’s domain and figure out if the server is legitimate . It does this by adding what is essentially a mask or pattern to a simple text record in the DNS server. For example, you can specify that all mail from a domain should be rejected unless it originates from a particular server or domain. You might dictate that mail must come from servers listed as MX records, or you can specify an "A" record. If your data center has just a few subnets you could specify a range of IP addresses. Pretty neat huh?

Read More
  • Share:

Working With Hive Files (Recovering From a Crash)

Mark Kruger November 1, 2005 12:28 PM Hosting and Networking Comments (0)

Did you ever have a truly catastrophic crash where you had to reinstall the whole operating system? If you work with servers this is particularly daunting. A server configuration is more than just the installation of programs. For example, one of our customers recently lost the system drive on a mail server. The hosting company reinstalled Windows 2000 on a new drive and we had to come up with a plan for getting Imail back up and running with over 200 domains. The prospect of calling so many users and reissuing so many passwords made us want to run out into the cold Nebraska night screaming (like we do whenever the Huskers lose to Oklahoma). We had to come up with an alternative plan.

Read More
  • Share:

Explaining DNS Without Drinking (or was it Before Drinking)

Mark Kruger October 7, 2005 5:19 PM Hosting and Networking Comments (0)

"DNS is yet another one of those Internet 'things' that just makes me step back and go... Wow! This is amazingly complex, and yet it works really well" Those are the words of Jeff Zimmerman the Cisco King that always has an answer to questions about our network and equipment. He and I trade emails rife with geek speak about cool stuff like DNS. Surprisingly, I have to explain Domain Name Service (DNS) to clients and customers on a regular basis. Questions always arise when a customer is setting up a new web site to host with us, or they are moving an existing web site over to us. The 2 most frequent questions are "What is DNS?" and "Why does it take 12 to 48 hours to make a name change?"

Read More
  • Share:

Part II - Possibly the BEST Marketing Strategy Ever

Mark Kruger July 22, 2005 3:56 PM Hosting and Networking, Humor and Life Comments (3)

I stand corrected. The candidate is now actually going to GO WITH the blackmailing host company. Not only that, but the company supports no scripting languages - only Front Page Extensions. They do this for security reasons (security reasons?). So my friend the developer is busy converting his site into a front page site to make it more secure. Meanwhile, I'm going to contact the host and see if they are interested in my new idea - selling bottled Nebraska air on E-bay. I think they might be able to pull it off.

(this is a follow up to my previous post.)

  • Share:

Developersauros Tarpit - Email Marketing

Mark Kruger July 17, 2005 9:46 PM Hosting and Networking, Follies and Foibles Comments (8)

If it hasn't happened to you yet get ready - it will. Some client or potential client is going to ask you if you can do an "email blast". Now, they might mean that they want to send a newsletter or announcement to their own customers. Or they might mean they want you to contribute to the juggernaut of spam that is flooding the Internet. To you, spam is a battle - a titanic struggle between good and evil. To them, spam is minor annoyance, or (due to the fact that many clients are salesman turned businessman) a goldmine of nearly free marketing. Of course, they may not read 200 to 300 emails a day. In any case you will have to consider how to respond and what kind of advice to give your client. Here are a few important things to consider.

Read More
  • Share: