Tuesday, November 28, 2006

A bit off topic

This really isn't about saving money or cheap technology... but it's such a good effort by someone in Japan that I couldn't resist. This gentleman guts his Mac Cube and gives it a new enclosure, echoing a miniature version of the Aluminum Grilled Power Mac G5 in Cube Form.

I wonder if I could get him to cut the holes for my cheese grater antenna...

Saturday, November 25, 2006

Internet Cafe Security

This PDF discusses a simple (and free) way to foil keyloggers on public terminals such as those found in Internet Cafes. It's common for thieves to install malicious software such as keyloggers in an effort to steal personal information, passwords and so forth from those who use the systems.

Since I hate reading PDFs in web browsers, I copy the relevant bits here:

Rather than hide the password our approach is to embed it in a sequence of random characters. So we seek a way of entering random keys so that they will be seen by the keylogger, but will not affect normal login. The trick lies in the fact that keyloggers employ very low level OS calls. The keylogger sees everything, but it doesn’t understand what it sees. The browser also sees everything, but it doesn’t use everything that it sees: it does not know what to do with keys that are typed anywhere other than the text entry fields, and lets them fall on the floor. The keylogger has no easy way to determine which keys are used by the browser and which fall on the floor. It is very easy to record all of the keys or mouse events (this is true both for Windows and Linux based systems). It is also very easy to determine which application had focus at the time of the event (e.g. this key went to the browser). But it is very hard to determine what the application did with those events. Between successive keys of the password we will enter random keys. In the spirit of chaffing and winnowing, the string that the keylogger receives will contain the password, but embedded in so much random junk that discovering it is infeasible. Observe that we are not exploiting a particular feature of any particular browser: this trick works with all versions of Internet Explorer, Netscape Navigator and Mozilla Firefox. We are exploiting the difficulty from the OS layer of determining how the GUI of an an application handles events. It involves typing random characters between successive characters of the password, and changing focus to and from the password field using the mouse. Instead of the password snoopy2 the keylogger now gets:
hotmail.comspqmlainsdgsosdgfsodgfdpuouuyhdg2
Here a total of 26 random characters have been inserted among the 7 characters of the actual password. In general a total of n extra characters in a length k password will yield so many possible passwords that attack is infeasible (recall the password that can only be tested by attempting login). There are various attacks on this method as we explain below. However, none of the keyloggers reviewed ... appear to have to functionality to defeat this simple trick.
Simple, neat trick.

Computer Part Wreath

This is too funny -- this site shows a Christmas wreath made from left over/spare/elderly computer parts, wired to a frame. There are no details of construction -- just the picture. But seriously, how hard could it be? And who among us does not have a few dozen spare printed circuit boards laying around?

I think I'll give this a try and impress my wife. She laments the fact that I see Christmas decorations as both pointless and wasteful.

Friday, November 24, 2006

DIY Home Theatre PC - Update

I've done some looking around, and found that there are quite a few varying opinions on building a Digital Home Theatre System.

On a side note, I should probably come up with something simpler to call it. "Digital Home Theatre System" is too cumbersome, and DHTS sounds wrong somehow. Well, it's a PC, and it's a home theatre... how about Home Theatre PC, or HTPC for short?

This article over at PCStats.com outlines their approach to building a system (which, I might add, they call their HTPC. I confess; I stole the acronym). It's quite good, right up until the point where they elect to install Windows as their operating system. There's nothing wrong with Windox XP (even the media center edition is fine for most people). I just don't want to (a) pay for it; (b) steal it; or (c) keep it patched and up to date. This is a TV system I'm building. I don't particularly want to have to reboot my television.

The information provided, though, is quite helpful.

I'll keep researching.

Replace your phone service with Skype

The folks over at Linuxjournal.com have a nifty how-to guide for replacing your PSTN phone service (that's Public Switched Telephone Network, for people like me, who are still new to this whole VOIP thing) with a Skype based solution.

This is rather slick...

The author claims that his "solution was to build a Skype server that provides 24/7 phone service with the minimum of hassle and fuss. By dumping your regular phone company and taking back control of your home phone wiring using a Skype server, you will have not only a phone system with nearly the same capabilities as before-indeed, in some ways better-you will also save a bundle of money! In my case, I save a little less than $700 US each year (this year, next year, and the year after that, and so on), or about 82% off of my old phone bill."

Hmmm... 82% is a lot of dough.

Update:
Darn. The SkypeIn service (details on the Skype website) is not yet available in Canada. Well, it is, but my next door neighbours would have to call a number in some other country to get me... and that's not going to happen.

Oh well.

Thursday, November 23, 2006

Freevo - the MythTV Alternative?

So I've been doing some more reading into my Digital home theatre project (it seems I've been doing a lot of reading lately). I came across an alternative to MythTV: Freevo. As the name suggests, this is intended to be a free (as in you put hours of work into something and place no actual monetary value on your time) alternative to TiVo.

It looks interesting. I'm not sure if there is any general consensus as to which is better, but it is probably worth some additional investigation.

I did find a bunch of comments on someone's digg post that argue both sides of the fence, which wasn't very helpful. I wanted to post a screenshot, but the ones on Freevo's site don't seem to work (which isn't very encouraging).

Wednesday, November 22, 2006

Why MythTV?

I've been doing some more reading, and it seems that MythTV is a logical choice for the Home Theatre PC I want to put together. Here are some of the features offered by MythTV:

  • Basic 'live-tv' functionality. Pause/Fast Forward/Rewind "live" TV.
  • Support for multiple tuner cards and multiple simultaneous recordings.
  • Distributed architecture allowing multiple recording machines and multiple playback machines on the same network, completely transparent to the user.
  • Compresses video in software using rtjpeg (from Nuppelvideo) or mpeg4 (from libavcodec). Full support for Hardware MPEG-2 encoder cards (Hauppauge PVR-250 / PVR-350). Preliminary support for DVB cards and the new pcHDTV tuner card.
  • Support for the (very nice looking) hardware MPEG-2 decoder and TV out present on the Hauppauge PVR-350.
  • Completely automatic commercial detection/skipping
  • Grabs program information using xmltv.
  • A fully themeable menu to tie it all together.

Here's what it looks like (the above info and the below screenshot are taken from the MythTV website):


All in all, this looks like a pretty good system. Of course, my wife will insist that it's aesthetically pleasing as well, and that could be more of a challenge...

DIY Home Theater

Last night I realized that I am using a VCR that is older than my oldest child, and she hits the double digits next year.

I'm getting old.

Rather than wallow in self pity, though, I decided to focus my energy into something productive. It's time to do away with the elderly analog VCR and try building a Home Theater PC. I've been thinking about this for quite some time, and believe it's time to give it a go.

Although I don't have the specifics worked out, I am certain that MythTV will be a component of the final mix. This is a free, Tivo-like package that does not require a subscription.

Besides, I think that getting my Asterisk system working is going to take awhile. I need to have a success of some sort in the meantime.

Tuesday, November 21, 2006

Interesting Add On for Asterisk

While planning for my Asterisk install, it occurred to me that someone has almost certainly already built and released an open source project for web based administration of the server. While I have by no means completed my research into this topic, I did stumble across a very nice package called VoiceOne. This seems to be almost exactly what I will need.

Here is a sample screenshot of the application. It looks very promising.

Asterisk update

I've been doing some more reading about the hardware requirements and options for setting up an Asterisk PBX, and came across this information:

"If you build an Asterisk system without the need for PCI cards, you have a much greater set of choices for what kind of computer to run Asterisk on. If things are configured correctly, the ATAs are handling all of the load for coding/decoding digitized streams of voice to/from analog. You have a better chance of being able to successfully share a computer for asterisk and some other tasks. There are some great choices in small form factor computers. It's even possible to run Asterisk on a Linksys WRT54GS, but that box is a bit too underpowered for a full featured Asterisk configuration. Linksys also sells ATAs with firmware from Sipura. Now it's been announced that Linksys is buying Sipura. I haven't seen any reports on hacking the version of the WRT54G with the embedded ATA yet, but I'm hoping we might see some pretty cool things soon."

Please note that I fixed some spelling errors in this prior to putting it here. I can't help it; the English prof in me takes precedence over the nerd from time to time. Anyway, it sounds a lot like the external box (i.e. the Linksys - Sipura SPA-3000) might be a better solution given that I'm using older hardware for my home installation of Asterisk. After a bit of browsing, I found an excellent price on one here, in Canada. I'm tempted to try this using my Linksys WRT54GS router, but since that's currently connecting my antenna to the Internet, I might be asking it to do more than it can.

Monday, November 20, 2006

Automatic Backups with rdiff-backup

I finally got around to finishing my backup scripts. My goal was to have off site backup of machines on my internal network to a remote location, through a secure tunnel established with OpenVPN. I elected to go with rdiff-backup, as it permits nifty features like point-in-time recovery (i.e. restore this file/directory/whatever as it was on a certain date at a certain time). I set up a machine in the same physical location as the servers I wanted to back up as a primary backup server (so as to permit speedy recovery without having to go through the tunnel), and then backed up once a day off site to the remote machine.

It turned out to be pretty easy.

The first step was to allow automatic backups without human intervention. The way that rdiff-backup works is actually pretty cool. You establish a connection to the remote server using some login facility such as telnet, rlogin, or ssh (I went with ssh for obvious reasons -- it's the most secure), and then execute the rdiff-backup program on the remote machine, telling it to send the files across the network to wherever you want them backed up. This means that rdiff-backup has to be installed on both the "server" and the "clients". Installation is a snap.

The next step is to create a "backupuser" account on all machines, and use Public Key Infrastructure (PKI) to permit secure unattended logins.

This is relatively simple. First, create the account on all machines (i.e. adduser command). Next, generate a public/private keypair for the account as follows:

trolius> ssh-keygen2
Generating 2048-bit dsa key pair
1 oOo.oOo.o
Key generated.
2048-bit dsa, user@Local, Wed Mar 22 2002 00:13:43 +0200
Passphrase :
Again :
Private key saved to /home/backupuser/.ssh/id_dsa_2048_a
Public key saved to /home/backupuser/.ssh/id_dsa_2048_a.pub


Note that you might get slightly different feedback depending on your version of OpenSSH. Next, rename the generate private and public keys to whatever your OpenSSH requires them to be (hint: read /etc/ssh/sshd_config for a clue). Copy the keys to the remote machines, and log into each once so that you can say "yes" when prompted as to whether or not you want to accept the keys.

Finally, back everything up! These commands will do it for you:

/usr/local/bin/rdiff-backup \
backupuser@192.168.0.16::/home/httpd \
/backup/luther/httpd
Note that the slashes (\) are there to keep the command from going out of the text area on the blog; you can use them or not, as you wish, when you type the actual commands. This command backs up /home/httpd on "luther" to /backup/luther/httpd on the machine which originated the command (i.e. the one that is receiving the backup).
rdiff-backup -r 3D /backup/luther/httpd/somedir/ \
/home/backupuser/tmp/
This will restore the entire "somedir" directory to the local directory /home/backupuser/tmp/ as it was three days ago. The "r" stands for "restore as of". You can use a variety of formats to specify date, time, etc. Other acceptable time strings include 5m4s (5 minutes and 4 seconds) and 2002-03-05 (March 5th, 2002).

I ran the backups once, to ensure that everything is backed up, and then added each command as a crontab in /etc/crontab to run it hourly on the "primary" backup server. I then added similar entries on the crontab of the remote backup server, to run once a day at 4:00 AM.

Couldn't be simpler, and I can sleep better at night knowing my data is stored redundantly.

Planning the Asterisk Install

After reviewing the basic instructions found here, it would appear that I need to purchase PCI cards with Foreign eXchange Station (FXS) ports, and with Foreign Exchange Office ports. Telephones are connected to the FXS ports, and phone lines are connected to the FXO ports.

Apparently bad things happen if you get this wrong. FXS ports provide power and generate ring signals, while FXO ports receive power and ring signals. I'll have to be careful with that.

I'm also going to need an Analog Telephone Adaptor, or ATA, that acts as a gateway between my digital network (the Asterisk box) and plain old analog phones and phone lines. Fortunately, the most common ATAs offer FXS ports, so there is less hardware to buy (and money to spend).

Apparently there has been considerable success using the TDM400P with a couple of daughter cards for a self contained PC to handle everything. Or, we could go with the Sipura 3000 (a stand alone box that you connect your Asterisk machine to via ethernet). I guess it all comes down to price.

Pricing out the first option, the Digium TDM400P, doesn't look too bad. I found a decent price here, at voipdepot.ca.

My, what a wonderful new crop of acronyms to learn. I connect from the CO to my FXO, then go through my ATA to FXS to connect to a phone and get dial tone. What fun.

Sunday, November 19, 2006

Why install Asterisk at home?

I've had a number of people ask me why I would be interested in installing Asterisk PBX at home. Well, there are a number of reasons. First, I pay for voice mail and a few other features on my home phones, and it costs me a bit of cash every month. The PBX will pay for itself inside of a year. The main reason, though, is functionality. Here are some of the features that are of interest to me:

  • Sophisticated Voice Mail system - This can provide a mail box per person, that can be deliver notification by e-mail. Web based access to your voice mail is also available.
  • Interactive Voice Response IVR system - You can present callers with a menu, which can be particularly useful if you have more people in the house than you have incoming phone lines. "Press 1 for Him, Press 2 for Her, Press 3 for Kid No. 1, Press 4 for Kid No. 2"...
  • Control over which phones ring, and at what times.
  • Functions as an Intercom - Place in house calls.
  • Call routing - Route incoming calls by Caller ID.
  • Multi-line functionality - if you need more than 2 incoming lines, you will quickly discover that phones that handle more than two lines are much more expensive than 1 or 2 line phones, and there isn't very much selection available.
  • Call Detail Reports - for attempting to gain some control over costs, and/or teenagers, etc.
  • Check your voice mail over the web.
  • Email notification of voice mail.
There are many more features, but even this brief overview shows the kind of control you can have.

Plus, it's cool. And although I do hate to admit it, there is a fairly wide "geek" streak in me. It rears its ugly head sometimes.

Saturday, November 18, 2006

Progress with Asterisk

Asterisk logo
I've made some progress with my Asterisk PBX planning. As I indicated earlier, I had to do a re-install of the operating system on my backup server (From FreeBSD to CentOS) first, and I've managed to get that out of the way. I've also developed a strong appreciation and respect for the "yum" package manager. It's very good, and as easy to use as ports on FreeBSD.

Anyway, I've begun the work necessary to build a simple PBX system at home, using Asterisk. I figure I'll practice at home, and if it works well, eventually migrate my business onto the same system. At this point, it's largely reading and research, as I have to (gasp) actually purchase some hardware in order to make this work.

Apparently, I'm going to need a PSTN interface card.

For those not in the know (like me, up until recently), PSTN stands for Public Switched Telephone Network. Also, POTS is Plain Old Telephone Service. And in case you were wondering, PBX stands for Private Branch eXchange. Wikipedia has some great info on the history of the PBX.

I'm sorry for the digression.

A PSTN interface card is the basic device that permits you to connect analog or digital phone lines (the ones that you use at work or at home to connect regular phones to) to your PBX. Once you've done that you have access to all the nifty features that Asterisk offers, such as call parking, voice mail, and so forth.

There is a helpful site found here that details all of the various cards known to work well with Asterisk. I'm going to have to do some serious price comparison for awhile, and find one known to work well with my system.

This is going to take awhile.

Thursday, November 16, 2006

No go on the cheese grater

After some careful consideration, I've decided to give the slotted wave guide antenna a miss. I only have 10 fingers, and I'm particularly attached to them. I spoke with a friend who does metal work, and asked him if he thought I could do it... and I think he's still laughing.

Oh well...

Asterisk - VOIP for the handyman

While configuring my backup server, it occurred to me that this would be an ideal time to try working with Asterisk, the free VOIP solution available for Linux. Naturally, this entails re-doing much of what I have already done with Samba, as I chose FreeBSD as my operating system. I'll have to strip it and go with CentOS instead. Sigh.

The Asterisk site claims that Asterisk is a complete PBX in software. It runs on Linux, BSD and MacOSX and provides all of the features you would expect from a PBX and more. Asterisk does voice over IP in many protocols, and can interoperate with almost all standards-based telephony equipment using relatively inexpensive hardware. However, my research has indicated that it runs best on Linux, so Linux it is.

I'll keep you posted. And this time I'll take notes.

Sunday, November 12, 2006

Slotted Waveguide Antenna for 802.11x

This looks interesting... This is a slotted waveguide antenna, which is an alternative to the double-biquad on a satellite dish I put together last month. According to Trevor Marshall's site, this is a rather good design for Wifi network reception. I wonder how hard it would be to make one of these...



Making your own portable internet

As promised, here are the details for making your own, I'll-only-pay-for-this-once "portable Internet." The goal here is simple: we are going to take a standard wireless router and use the "antennna-side" to connect to an existing wireless network as a client, and then use the "wired ports-side" on that hub to connect our machine(s) to the Internet.

This is really a trivial exercise. There are only two things you'll need:

1) A wireless base station that supports dd-wrt;
2) A copy of dd-wrt.

The first is strictly a matter of preference and budget. I went with the readily available Linksys WRT54G model. You can find them all over the place, but whatever you do, make certain that you look at the serial number prior to buying it. The newest releases are not able to run any version of dd-wrt, as Linksys (in their infinite wisdom) has somewhat crippled them by reducing the amount of flash memory they have. Ensure that you have nothing later than version 7.0 by comparing the serial number on the outside of the box against this chart on Wikipedia.

If you want to spend a bit more, but get a machine with some additional horsepower, then the kind folks at dd-wrt recommend the Buffalo Airstation WHR-HP-G54. It costs a few dollars more, but it's worth it. Not only is it more aesthetically pleasing, but it also has loads of memory, and (so I am told) a better range than the Linksys models. I didn't do this. I wish I had.

Once you have your wireless router, simply download the appropriate version of dd-wrt by going here. Installation is trivial; just follow the instructions here.

Once you have that done, this is a trivial exercise.

1) Run an ethernet cable from one of the router ports on the back of your wireless hub to the ethernet port of your pc/mac/laptop/whatever.

2) Start up a web browser on your computer.

3) Access the following URL http://192.168.1.1

4) Click on the "Status" tab. When prompted, type in the username/password to get into the admin tool (by default, these are set to root/admin. Please change them). Then click on the "Wireless" subtab.

5) Scroll down till you see "Wireless Nodes". Click on "Site Survey".

7) A window opens showing all available networks. Pick one that you can legally connect to, and click "Join". When a button allowing you to continue shows up, click it.

8) Next you are bounced to the "Basic Settings" for wireless config page. Ensure that "Client" is chosen in the drop down menu, and click "Save Settings".

You are done. Wasn't that easy? For future connects, you simply have to repeat steps 3 through 8 to pick the network you want to connect to. It only takes a few seconds. Personally, I find performing a 10 second routine is preferable to giving someone $50/month.... but that's just my opinion.

Saturday, November 11, 2006

Rogers Portable Internet

I live in a fairly rural part of Canada, and this means that we sometimes lag behind other parts of the world for the latest technical advances to become available. We were late getting digital cell phone coverage, Vonage service, Cable modems (although we did have DSL coverage long before the rest of the country for some strange reason).

However, this should not not be any kind of barrier to the truly dedicated. After all, my goal is to get much of this kind of functionality for free, or at least as close to free as I can get. Besides, you will often see larger corporations doing little more than charging you a monthly fee for something you could get for free yourself.

Take Rogers in Canada, for instance. They now offer the "Portable Internet". This is a Wifi adaptor that connects to your computer, and then searches for and connects to available Wifi networks. As some readers have helpfully pointed out, Rogers portable internet is not a Wifi service at all. Mea culpa, and my apologies to Rogers. However, you can still use this post and its followup to connect to free Wifi networks if you happen to have any nearby. This is a great idea, and Rogers helpfully supplies you with coverage maps showing where the "hot spots" are throughout the country. What they neglect to tell you is that in a lot of cases the "coverage area" is not supplied by Rogers at all. In fact, all they are really doing is renting you a piece of hardware for what seems to me to be a very high price (at the time of this writing, you pay approximately $100 for the "modem" and $50/month for the service). Given the fact that all they really need to do is ship you the "modem", and someone else is providing the actual connectivity, this is a bit outrageous.

In fact, you can give yourself exactly the same service as Rogers excellent access to available free Wifi Networks in your area for a one time fee of about $50.00. It involves purchasing the appropriate wireless router and installing dd-wrt on it.

I'm going to post detailed instructions for doing so here. I like Rogers' network, and in fact subscribe to a number of their services... but this $50/month for the right to use someone else's network strikes me as usurious.

Stay tuned...

Thursday, November 09, 2006

Antenna Update

My double biquad antenna got a real test last night. We had seriously heavy rainfall, and I am told that water absorbs radio frequency in the 2.4 GHz range (the range used by WiFi). I am pleased to report that it worked flawlessly throughout the entire storm.

Wednesday, November 08, 2006

Yes, it was the caffeine

It turns out that caffeine deprivation is not a good thing. Following copious quantities of Jamaican Blue Mountain bean, I successfully mounted Trolius (my new Samba server) on the network as a master browser. It worked, and I have no idea what I did differently. This is why I usually write things down as I do them.

The next step is to relocate this machine to a remove location, connect to the network at the office using OpenVPN, and start experimenting with rdiff-backup. Hopefully I'll have some time to do that over the weekend.

It's good to be back to coffee. I don't think I'll try giving it up again...

Tuesday, November 07, 2006

Irritations with Samba

I've been drinking less coffee lately, and that might go a long way towards explaining why I had such trouble trying to configure Samba last night. This should have been a trivial exercise, but my forehead is sore from banging it against the wall so much.

As a side note, I need to get softer walls.

The installation of Samba on FreeBSD is trivial. Just type:

cd /usr/ports/net/samba
make install clean

Wait a bit, and suddenly you have samba installed. The startup scripts are, as usual, in:

/usr/local/etc/rc.d

and the configuration files are in:

/usr/local/etc/samba
.

Nothing unusual there.

The next step is to modify the sample configuration file (smb.conf). I copied it (to save the original) and opened it up. Wow. There are a lot of options in there. I decided to try something simple at first, just to get it working. I had formatted the filesystem to leave a large (750 gig) partition mounted as /archive. That was where I planned to have rdiff-backup store everything. Why not make that mount as a Windows fileserver? That should be easy.

Using the existing smb.conf file as a starting point, I examined some of the sample entries. Here's the one I went with:

;[public]
; path = /usr/somewhere/else/public
; public = yes
; only guest = yes
; writable = yes
; printable = no

This seemed simple enough, so I changed it to this (removing the semicolons, which are comment markers):

[Archive]
path = /archive
public = yes
writable = yes


That looked easy enough. I made the change, entered some simple stuff at the top (server name, etc.) and started the process. Typing ps ax | grep smb showed that the process was running, so I fired up a Windows laptop, typed this in the address bar of a window:

\\trolius.local\Archive

(trolius.local being the name of the box I am working on, obviously). Lo and behold, the server mounted! Great. Well, that was easy. Just to be sure that things were working as expected, I opened the "My Network Places" icon on my desktop, and browsed the local network.

No server.

And it's still not there. And I can't figure out why. I think I'll purchase some coffee and try again. Caffeine solves so many problems...

Monday, November 06, 2006

Step one complete...

I took the time necessary to do a clean install of FreeBSD 6.1 on my dual processor Compaq last evening. It was, as is usually the case with FreeBSD, a very painless process.

The only thing that was a bit annoying was setting up the SMP part of the kernel. By default, FreeBSD does not use a kernel that supports multiple processors. Fortunately, this is a simple thing to do (although it did take quite a while to compile).

Tonight I hope to start experimenting with Samba, and see how much it's changed since I last gave it any consideration. I'll also install rdiff-backup, as (if things go well) I'll need it fairly soon anyway.

Saturday, November 04, 2006

"The rumours of my death...."

In my previous post I had suggested that Tiny Sofa linux was in hibernation. Apparently this is not true, as anyone with enough initiative to visit their website can see. It was updated to tinysofa classic server 2.0 Update 6 (Ceara) just last month. To be fair, I was talking about the Enterprise version of this distro, which hasn't seen a significant update since February, 2005.

Mea culpa.

Picking an Operating System

Step one in getting my "this isn't going to cost me anything 'cause we'll just use open source and exising hardware" file server up and running is, of course, picking an appropriate operating system. I've always been somewhat agnostic in this area; I run a number of FreeBSD boxen, a couple of Macs, several Linux machines, and so forth. In the BSD world, I do have a decided preference for FreeBSD As for Linux, I used to use a distro called Tiny Sofa, but it appears to have gone into hibernation. Currently, I've been using CentOS, a repackaged version of Red Hat Enterprise Linux 4, without the subscription fee. (I did visit distrowatch.com to see what was "cool" these days, but decided that it's turned into little more than a popularity contest).

The hardware I want to work with is an elderly Compaq, with dual Pentium III processors, tons of disk space and a gig of RAM. While this might seem museum-quality gear to to uninitiated, please bear in mind that we'll be running this without the Redmond tax, and without the (massive) overhead required by Windows. In fact, we won't run any windowing system at all; everything will be set up via the command line. If we want a GUI of some sort for administration, we'll find an open source web service that fits the bill, and run it from there.

Anyway, back to the process of choosing an operating system. A primary consideration, of course, is maintenance. I don't want to even think about this machine once it is up and running. Thus, updates should be painless. Well, CentOS has a pretty simple to use update manager (typing "yum update" and hitting the "y" a couple of times is pretty easy). But it's very hard to beat the ports system in FreeBSD.

After a bit of research into hardware compatibility, reliability, etc., I could not come up with a compelling reason to go with one operating system over the other. What it finally came down to was this: I found the FreeBSD install CD before I located my CentoOS disks.

FreeBSD it is!

Friday, November 03, 2006

Replacing a Windows Fileserver

We have been using an elderly Pentium II with an ancient install of Windows NT Server as our primary backup and file server for quite some time now. I was considering simply retiring the box, and replacing it with a newer machine with Windows Server 2003 (some variation thereof), when it occurred to me that reading about the open source alternative, Samba, has been on my to do list for quite some time.

Why make Microsoft any richer, when there is a free alternative out there?

This would also give me a chance to try out rdiff-backup, a rather nifty open source back up solution with point-in-time recovery (i.e. restore this file/directory/whatever to the condition it was last Tuesday at 11:23 AM). That would be very, very helpful in my line of work.

The Goal: use existing hardware and free software to create a fully functional Windows compatible file server and turf the elderly NT server solution. At the same time, design and implement a set-and-forget, point-in-time recovery capable backup strategy that will regularly poll live servers and our internal network and back everything up.

I'm going to start reading now. I'll keep you posted.