I recalled reading on Slashdot that Novell was planning to release Evolution Connector under the GPL in May. While browsing to see what Ximian was up to since being aquired by Novell, I found that they had done so on May 14th.

I bought a license for this MS Exchange interface for Evolution last fall and found it worked well. I returned the license only because it didn’t support offline capabilities, which limited my use of the product on my Linux based notebook. Hopefully a future release will support offline work.

Parking your car could be a whole lot easier in future.

A message posted to NANOG on Monday outlines a case in which a New Jersey judge has issued a temporary restraining order against the an ISP preventing them from restricting a customer from taking their IP address space with them to a new ISP. The issues the ISP raises are important, but after reading the affidavits filed by the plaintiff (a web-hoisting company), it seems the fears of the Internet collapsing as customers everywhere seek to make addressing portable are a little overstated.

The plaintiff only seeks to ensure that they have continued access to the IP address space until they are able to convert their remaining customers to new addresses. They claim that pressure tactics, including steep price increases and the unilateral changing of payment terms by the ISP forced them to seek an alternative provider.

Certainly the judge should be careful to ensure this is only a temporary arrangement.

We use the squid cache at the office to improve web performance, and to provide basic limits on web traffic (e.g., blocking access to some well-known spyware download URLs). During a recent upgrade we rebuilt the proxy machine from scratch, using Fedora Core 2 instead of OpenBSD. We chose Linux to reduce the number of OSes we support by one.

After the upgrade, we noticed that some web sites begain failing, including the RNAO’s site, which drew a lot of complaints from nurses. The quick fix was to add problem sites to the list of sites that bypassed the proxy while we looked into the root cause. As it turns out it was fairly simple, and documented in the Linux kernel configuration documentation:

CONFIG_INET_ECN:

Explicit Congestion Notification (ECN) allows routers to notify clients about network congestion, resulting in fewer dropped packets and increased network performance. This option adds ECN support to the Linux kernel, as well as a sysctl (/proc/sys/net/ipv4/tcp_ecn) which allows ECN support to be disabled at runtime.

Note that, on the Internet, there are many broken firewalls which refuse connections from ECN-enabled machines, and it may be a while before these firewalls are fixed. Until then, to access a site behind such a firewall (some of which are major sites, at the time of this writing) you will have to disable this option, either by saying N now or by using the sysctl.


Adding echo "0" >/proc/sys/net/ipv4/tcp_ecn to the startup scripts fixed the problem.

It seems that some firewalls, including PIXs running older software versions, send a RSET in response to tcp connections with ECN bits set.

I’ve spent much of the last 24 hours troubleshooting Outlook Web Access at the hospital. For whatever reason it stopped working yesterday morning, and has worked sporadically since. I’ve now moved it off the DMZ and onto the local lan to ensure nothing in the firewall could possibly screw it up. Yet it still refused to run properly.

So next it was re-installing, and wanting everything overwritten. Except that the MS engineers, in their infinite wisdom won’t let you overwrite newer files without answering yes to every single one! You can say “no” to all, but there is no option to say “yes” to all. The re-install partially fixed the problem, but IIS was quirky too, and kept picking up other settings since I’ve removed the information store from the front end. The virtual directories for Exchange would redirect as well if I changed the root directory to a redirect, which resulted in the browser endlessly looping.

The fix was to use a default page that reloaded the correct page. It’s cleaner because it’s outside of the IIS settings, and standard with every other web server.

OWA has been unreliable for us since we first installed v5.5, and I’m sure much of that has to do with the firewall being between OWA and Exchange. Perhaps the new configuration will run longer than a few weeks before mysteriously failing.

If you follow the SCO saga, eWeek is reporting SCO lost in its attempt to move the Novell contract/copyright dispute back to the Utah State Court. In his decision, Judge Kimball states “it is questionable on the face of the documents whether there was any intention to transfer the copyrights“. This leaves SCO with little to stand on: if they can’t prove copyright ownership, they’ll have a tough time winning the infringement suits they’ve brought against others.

I got caught in advertising hell at Salon.com tonight while trying to read an article linked from another site. I have my browsers set to prompt me before storing any cookies on my machine, and naturally said no when Salon asked to store a cookie. Ultramercial then wanted to store something too, so of course I declined. That meant I couldn’t see the article because Salon wants you to subscribe, sight unseen, or watch video commercials to get a “free pass”.

Since I wanted to read the article the other writer had commented on, I went back and accepted the cookie from Salon, and then from Ultramercial and watched a completely irrelevant (to a non-US resident) commercial. When it was over, I clicked to go to the next page, and found myself being prompted to watch again. This repeated itself several times until I cleared all cookie settings for both sites.

Surely advertisers must realize that this type of trouble is more likely to put people off than to encourage them to buy?

NetGear got itself into a bit of hot water recently when it was discovered that a backdoor admin account was in the firmware of the WG602 access point.

Any user logging in with the username “super” and the password “5777364″ is in complete control of the device.

In response, NetGear released a firmware update to fix the “illegal user access the WEB configuration utility.” But they didn’t fix the problem, and today there’s a mesasge on BugTraq stating:

I can confirm that this vulnerability still exists in the latest firmware upgrade(1.7.14) for the WG602. They’ve simply gone and changed the username to superman and password to 21241036.

I actually don’t own any NetGear products myself, but do have a couple of small switches at the office for use on the test bench. I won’t be buying any of their products either. To be fair this apparently was installed by their OEM, but the fix issued in response to the initial finding is a completely uncceptable answer to the problem.

Seems replacing my Linux box with the Linksys device hasn’t changed the reliability of my DSL connection. For whatever reason, it drops at some point each weekend and remains down for several hours. It’s incentive to get the backup WiFi link to a friend in the neighbourhood who’s on cable.

Tonight I loaded the latest Sveasoft firmware into the WRT54G, and got everything up and running. I had a slight problem getting the DynDns service working. All I needed to add was &system=custom after the domain name, and everything worked. I haven’t configured WiFi yet, but will get to that this weekend hopefully. I’ve got a D600 with an a/b/g card in it to test out running a VPN over WiFi.

Once I had the router up and going I started into building a new software image for some Latitude D600’s that arrived at the office today. I took things a little far with the tweaks though, and seemed to have killed the image that took several hours to build. Most of that time was spent waiting for various patches to download. One I managed to get Safe Mode up (which took more work that it should have), I disabled the LargeSystemCache entry, and everything was back to normal. The other tweaks (most from I am Not a geek’s Windows XP Performance Tweaking Guide. Most of the tweaks are not things I’d do to a corporate image, but some of them are useful.