College Visit to Georgia Tech

We visited Atlanta and Georgia Tech this weekend with Sarah. It was a great trip. The Connect with Tech program was very, very good. The timing was good for us because the application deadline for the first scholarships is October 31, so at least we have a jump start on things.

Xupiter is dead. May it never come back...

Xupiter was the company that pushed spyware onto millions of desktops and redirected browser searches to its web sites. It was really a pain for millions of people and now its dead.

There is justice in the world.

Fixing BIND to ignore Verisign

Thanks to Russell Kroll. I was losing my mind sorting out my named.conf and he had a clear example of how to configure delegate-only for the new BIND release.

BIND vs. Verisign
Steps to make life less lame in this brave new world of com and net wildcards:


Fetch patches

Rebuild named and restart it

Amend your named.conf:

zone "com" {
type delegation-only;
};

zone "net" {
type delegation-only;
};


rndc reconfig

dig paulbegleyhatesverisign.com and notice what happens

djbdns vs. Verisign

Here's another approach:

IGNOREIP patch for dnscache

I'm in NYC on 9/11.

I'm not phobic, but I would prefer to travel another day.
To compound things, I got to the bus stop early and got on the 6:00 bus. I wondered what was up when we went through the Holland rather than the Lincoln Tunnel. When we turned off Broadway onto Chambers, I knew something was up. I was on the Wall Street bus, not the Pen Station bus.

Duh!

I bought an MTA card and got on the subway and was on 51st street by 8AM and got a coffee at Starbucks. Aaahhh.

UPS Package Tracking

UPS buried its Tracking page.

Yeow! We are fully converted to the T1 from a 144Kbps IDSL circuit.
The network has been switched and DNS changes are in place. Everything should be flowing in the next 24-48 hours.

Its neat to have a full time UNIX system available at home. I'm running Linux 7.3 and will install FreeBSD today because I think its more secure to run BIND and mail services. I'm looking at a combination of LDAP, Postfix and Courier for UNIX based mail and Exchange 2003 for Windows based mail and related services.

Notable issues:
Had to fix port speed for all servers for reliable connections. I do this with client systems, and gosh, I have to do it here as well. Duh.
Got a Compaq Netelligent 24 port, managed switch for <$60 on e-Bay. Such a deal
I'm using a Netgear hardware VPN/Switch for VPN access. Its pretty nice - under $150 and you can use it with several VPN clients.

Government Liquidation Government Surplus Auctions Army Surplus Vehicles Sales

www.liquidation.com - commercial site

Storage Policies | Policies Are A Critical First Step In Effective Storage Management | Storage Pipeline

Note this for client work.
I will index my site and add search over the weekend.

MCSE:�Messaging on Microsoft Windows 2000 Certification Requirements

http://www.microsoft.com/Traincert/mcp/mcse/messaging/windowsserver2003.asp

Gotta get cracking.

Bad Designs - Table of Contents
We run into 'bad design' every day, here is a guy that documents it. I don't agree with him on all points, but he has some good examples and comments.

Download details: Support Tools for Microsoft Operating Systems, Phase 6 Service Release 1 (SR1)

Wow - support tools for Windows 2003. Post link for 2000 tools and test in home lab.

813840 - XGEN: March 2003 Exchange 2000 Server Post-Service Pack 3 Rollup

Apply to home server, note additional link below for Exchange 2000 roll-up.

Exchange 2000 post SP3 rollup.

Bart's PE Builder v3

Check this out to support servers and workstations. Home and clients.

Compare the SSL Providers side by side

We completed the purchase, install and testing of a cert from GeoTrust. Everything went off without a hitch and we had the cert in ~15-20 minutes.

In addition, GeoTrust let's you 'transfer' a cert. If you have an existing cert you can give a URL or paste a certificate data when you purchase a cert from Geotrust. They reduce the cert price to $119 and they extend the certificate expiration by the number of months left on your existing cert.

This worked to my client's advantage because they are retiring a Linux box with a Thwate cert that didn't expire until next June, so they bought a new one year cert that won't expire until 2005.

They validate the cert two ways, sending an e-mail to one of the domain registration accounts (another reason for companies NOT to have third parties register domain names in their behalf) and with a phone call. The phone call is automated, you must enter a four digit code which is displayed during the registration process and record your name (through the phone).

Other companies have a more manual process (FAX, human intervention,etc) which may be more through, but takes 2-5 working days which can cause problems when your on a client site trying to get something working.

296192 - OL2002: Additional Command-Line Switches

command line options for Outlook. Only way to reset some features like FreeBusy information, reset toolbar, etc.