Digital Choke Daynotes

"Daynotes" are popularized by a Internet Web site called the "Daynotes Gang" (http://www.daynotes.com or http://www.daynotes.org), a collection of the daily technical and personal observations from the famous and others. That group started on October 29, 1999, and has grown to an interesting collection of individuals. Readers are invited and encouraged to visit those sites for other interesting daily journals. You can send your comments to us by clicking on any mailbox icon.

Reports

Notice the new report up there at the top of the page: "Is that a Felony in Your Computer". It's possible that you might find it interesting. It's a PDF file, and it will open up a new window, in case you have pop-up blocking.

Not much else happened today. We slept in a bit, had a leisurely breakfast while reading the Sunday paper, then off to church. Got back home, had a nice phone call from Stacy at college (she got the 'care package' with a bunch of Halloween stuff), then barbequed some chicken breasts, which we had with a backed potato and green beans. It was a nice day here today (mid-80's, slight breeze), so we ate out on the back porch. It was getting close to sunset, which was quite pretty, due to the partly cloudy sky. Lots of reds and oranges; it was very nice.

I played around with the graphic I use at the top of the page, as you might have noticed. As you can tell, I am not an artist. But I sort of like the moving text.

Back to work tomorrow. I need to set up my other laptop with Win2003 server (it already has Win2K Server on it), and play with some policy and security templates. I need to put together an 'as-built' checklist for both OS's, and then run some security tests against the templates. The plan is to get a good set of templates and policies that we can run against our existing servers. I may also try sticking a Linux distro on there so I can play around with it a bit. And there is the usual meetings and planning going on. So, a busy week is in my plan. But it will be interesting.

Did you like the bit of time travel there? Yesterday was September 19th, today is October 20th. Weird, right?

Thanks to Brian C for catching that. I have a good reason, though. When a new week rolls around, I grab the "blank" file that is the base of these pages. The page contains everything except the mindless ramblings that I put between each date block. On Sunday, I grab a new "blank", save it with the week's date, fix the "last week" link, and put in the day numbers. The day name, month, and year are already there.

So, that's what I did yesterday. And didn't notice that the month name was September when it should have been October. But Brian noticed. He's my unofficial editor, sending me short notices when I screw up. (A cynical person might think that I get mail from him every day.) But I enjoy getting his mail, and knowing that he is reading this helps me be more careful. I especially have to look closely at my use of possessive nouns, and to do a spell check before I post each day's drivel.

At the office, I played with security templates on my other laptop. It has Windows 2000 Server on it, and I am using it as a test bed for some standardized security templates. It isn't connected to the network, so I can goof with it all I want. I'll be doing some more of that tomorrow. When I get the template tweaked, I'll bring it into the lab environment for some testing there.

A warm day today, temps in the upper 80's, but cooling off at night. We got home early enough to throw some burgers on the grill for dinner. Then Pam and I watched "Holes", which was a fairly good movie, a bit better than I expected. A rattlesnake and some bearded dragon lizards really freaked Pam out, though. Enough that she went into the kitchen to fix me a bowl of ice cream with some chocolate sauce and nuts. It reminded me of the time early in our marriage when we watched "Sssssss". From the description in the Internet Movie Database:

Strother Martin (who died in 1980) played "Dr. Stoner" (and a lot of other movies), Dirk Benedict was "David" (he was "Lt Starbuck" in the "Battlestar Galactica" TV series). All of this info from the above site; you can spend a lot of time in there. For instance, Dr. Stoner's daughter was played by Heather Menzies, who was married to Robert Urich, one of my favorite actors ("Vegas!", "Spenser: For Hire", "Lonesome Dove" and many others). And she also was "Louisa Von Trapp" in "Sound of Music".

Anywho, the movie made it to TV in about 1975-76. We were in our first house (3 bed/1 bath, paid $28K), no kids yet, just a fish tank. The movie was pretty good, and might be worth finding in the VHS bins. It would be a good 'date' movie, guaranteed to require a bit of hugging during the scary parts. That's how it worked when we watched it, except during one sequence that really bothered Pam, so she left the room to go make the bed. That's been a standard/inside joke around here -- if a movie is scary enough that she has to "go make the bed".

One of the security newsletters I get (and like) is from the SecurityFocus folks. Here's an interesting article; you can get the full story here:

Read it without any prejudices, and then think about it. Subscribe to their newsletters here.

I worked on the security templates some more today. I also looked at the anti-spam rules we have in place. Our spam catching percentage was about 25% when we first started, but it has dropped down quite a bit. It may be that the spammers are getting smarter; for instance, many offensive mails now use the technique of embedded URLs to display their message, and those are hard to catch.The SurfControl people have released a newer version that is supposed to catch mail that the more advanced spammers use. The plan is to put that on the new servers, but there has been a delay in getting those in place. It's a bit frustrating, especially when there are some senior executives complaining about all the spam they are getting.

And I notice that Yahoo! is adding spam control to their mail, although at an extra cost. And one report said that they will be checking all attachments for viruses before a user can download the attachment. A quick look didn't find any technical information on how they are going to do these things, but I suspect that that information will come out one way or another.

The first is the anti-spam server. It's been less effective than when we first put it into place. I got a plan to fix that: some new servers to improve the mail system infrastructure, an upgrade to the software (SurfControl) that includes some new techniques for catching the spam. I don't think that the software is causing the problem. So I was thinking last night that I needed to take a real close look at all the blocking rules. Which is what I did this morning. And I found a possibility.

I've got the rules set up with different rules for incoming and outgoing mail. Outgoing mail gets checked for offensive text, and incoming mail gets checked for all different kinds of spam. And all mail with any executable program gets blocked; that catches a lot of the virus mail. In order to split the incoming from the outgoing mail, the rules look at the sender's domain name. And I found one rule that wasn't looking at all of the right domain names (we have several). One entry had a misspelling (my fault), and some domains were missing. So I fixed that, and I'll have to see what the overnight stats show. Most spam mail comes overnight, rather than during business hours.

There were some other things that needed to be done to that server. The design of the software keeps a separate database for blocked message information. That database needs to be sync 'd with the actual message files that are held. The database is the 'tiny MS sql' database, which really can't handle the load we're giving it ...there are too many records to make it very efficient. Which is why the new system will use MS-SQL as the database. The syncing program doesn't work well with the existing database, due to the number of records. It has to work so hard that the normal processing of messages get backed up. I let the syncing program work for about 3 hours, then finally stopped it because of the backlog of messages.

The new system, if we ever get to get it installed, will be much more efficient in it's design. In the meantime, I keep on tweaking the current system to get a higher 'catch' rate.

The other thing I did today was to install Windows 2003 Server on an empty partition of my other laptop. The install went pretty easy. The plan is to use the security template that I built for Win2K Server to see what Win2K3 does differently. Win2K3 is much more secure, and the settings that I looked at on the new mail servers bear that out. Since I think that it's important that we get some of our public-facing servers upgraded to Win2K3, getting some experience and knowledge with hardening templates will be helpful.

One weird thing that I thought that I saw after the Win2K3 install. Even though I believe I put it on a separate partition, it looks like that partition knows about the "C" drive on the Win2K partition. It's probably a configuration setting I need to fix, but it was a bit strange. I didn't have time to look at it today, though.

Tomorrow will be busy. Two meetings about some long-term projects, and some work on the security templates along with monitoring and tweaking the anti-spam server.

Oh, and the other thing that bugged me today. I got a couple of insect bites on my hands. One right on the knuckle, and two others on the side of a finger on the other hand. Just a tiny bit of swelling, and a bit itchy. So I've been carrying around a tube of ant-itch cream to cut down on the itching.

I decided to do something different. I skipped Thursday this week, rather than Friday.

Actually, I was on the 'net last night. I was watching our anti-spam server, still trying to figure out why the catch rate has gone done. I was watching it from about 8:30pm to 10:30pm (while watching TV), just to keep an eye on the message backlog. What was interesting was all of the incoming mail streaming into the mail server.

Our company is not a 24-hour operation. There's a couple people that might be there late, but they aren't sending out continuous email messages. Besides, most of the traffic was incoming. And most of it, based on the sender names, was spam. With all that spam coming in, you'd think that the program would catch a lot of it. But I wasn't seeing the catch rate get much over about 5%.

Now, I don't think that it's the fault of the program we are using. It's good a good reputation, and it's one of the top three anti-spam solutions. My current theory is that the tracking database is out of whack, probably because the database is overloaded. So tonight, I'm running a program to try to sync the tracking database with the messages that are in the holding queue folders. Last night I deleted a bunch of old held messages, probably over 250K of them. The tracking database needs to sync the current list of files. That process takes a bit of processing time, so I wanted to start it after hours. It may take most of the night to run.

I also sent the current rule set to the program support guys. Another possibility is that the rule set is a bit corrupted in some way. This weekend, I may unload and load the rule set to see if that makes a difference. I've already restarted the server to see if that would clean up a few things. It's possible that a rule unload/load might help out. I'll try that after the database sync finishes.

So, Friday has rolled around, right on schedule. Pam is still in the 'end of year' crunch time, so we stayed a bit late tonight. Traffic wasn't too bad on the way home, so we stopped by the store and picked up a couple of steaks and got home in time to barbeque them before it got too dark. That's one of the advantages of a propane BBQ grill. It doesn't take much time to heat it up, and the electronic thermometer is useful for when it gets a bit dark out there to see if the steak is done. It worked out well. But with the end of Daylight Savings Time, our weeknight BBQ opportunities are going to be limited.

Pam has to work tomorrow, so I've made up my list of things to do around here while she's gone. The car is still in the shop getting the hood fixed. It was to be ready today, but the paint wasn't quite cured and ready to go. So we're down to one car (a truck, actually); she'll use it to go off to work, and I'll work on the chore list until she returns. It's not too bad, just the usual stuff: clean out the bathroom shower, vacuum, maybe mop the floor, trim the plants outside a bit more, finish the light fixture installation out in the garage, put a hole in the rain gutter for the downspout, clean up the barbeque, get rid of a few cobwebs on the outdoor furniture. Not a hard or long list, so I should be able to get some college football game watching, or perhaps some old western TV series. And pop on the 'net to take a look at the spam server to see how it's doing.

I'd bet that my list is a lot easier than Brian Bilbrey's. He's moving to his new house this weekend. That's a bit more effort. Been there, done that, didn't get a T-shirt. Good luck, Brian and Marcia!

And here's something that will brighten up your day: left-handed sugar. Wired Magazine reports that it is approved by the FDA, and "It's got full flavor at one-third the calories. It's safe for teeth and diabetics. And it's all natural." And it's at your local 7-11, as a Pepsi Diet Slurpee. Works for me.

Daynotes	a daily journal of our activity	Send us email
Digital Choke	an action that is sometimes needed for your computer; also a short techno-story available here.	Send us email