Jun 04, 2008

Making Net-Akismet play with TypePad AntiSpam

I've been getting a lot of blog spam lately; it appears that Akismet is slipping. Fortunately, there's a new Akismet-compatible alternative at TypePad AntiSpam which I read about from Justin Mason's post. And it being perl, I decided to try it out here on my blog (never mind it being Blosxom, as long as it uses Frank Hecker's feedback plugin that in turn uses Net::Akismet.

But alas, the current version of Net::Akismet doesn't support user-supplied REST endpoints, so I added it, and promptly filed a report on the CPAN. Hopefully it gets included in the next release very soon.

As for the Blosxom feedback plugin, tweaking it to use the new feature in Net::Akismet was a cinch, so only the real test (of incoming spam filtered by TypePad) remains. Hopefully it does work.

[PS: Looks like the first line in blosxom posts don't like package-like names such as Net::Akismet (during editing my blog title disappeared on the render!) Needs to be looked at later...]

Tags: , , , . | Posted at: 10:10 | 0 Comments/Trackbacks.

May 13, 2008

OpenSSL Ouch

I won't repeat it here, but there's DSA-1571-1 waiting for your attention, especially if you made some material out of openssl over the last couple of years or so. Yes, you read it right: COUPLE.

Upgrading to the new OpenSSL is easy. Generating new keys is another story.

To save (or add to, depending on how you handle this) your pain, there is a simple checker that can currently see if your OpenSSH or OpenVPN public keys are weak enough to warrant replacement. I await a version that can handle X.509 certificates too (though I only just generated a new one today, before the announcement, so that means I have to do it again (and get its CSR to CACert for signing, etc.)

And yeah, if you're running openssh-server, consider regenerating your host RSA and DSA keys, e.g.:

# mv /etc/ssh/ssh_host_{dsa,rsa}_key* /some/place/else
# dpkg-reconfigure -plow openssh-server

That should regenerate your keys and restart openssh-server once the new keys are installed to /etc/ssh.

The hard part (of making sure all the keys of your systems are updated and tested) is still up to you, however.

UPDATE: The Debian wiki has up-to-date information regarding other packages that generate SSH/SSL keys at postinst. Please refer to that while the key-rollover page isn't up yet.

UPDATE 2: openssh-server is updated (with corresponding DSA-1576-1) that is linked to the updated OpenSSL library. Be sure to upgrade! The new package also pulls in openssh-blacklist, a new package that contains the database needed by the new ssh-vulnkey for checking SSH public keys.

Tags: , , , , , , . | Posted at: 16:32 | 13 Comments/Trackbacks.

May 11, 2008

Adding Some Blog Bling

I added some more bling to this blog last night, like a spiffy new CSS theme (based on twocolumncss) and a handful of plugins to improve feed generation, readable and extensionless URIs, and support for comments and trackbacks. Blosxom indeed is such a flexible toolkit for making a blog! :D

That said, I did find one or two quirks in the plugins existing in the blosxom and blosxom-plugins CVS repository; I'll post patches to my git mirrors of these repositories. I'll probably add some more features on some of the plugins I used too (that reminds me, I should put up a list somewhere.)

Tags: , , . | Posted at: 01:46 | 0 Comments/Trackbacks.

Apr 26, 2008

Hello, World

You have reached my little site. There's not much here at the moment, but do drop by every now and then; its a work in progress.

As you can see, this site is quite spartan, and that's the way I like it. I'm currently using blosxom for this ephemeral blog site, despite the prevalence of database-backed blogging and CMS software with all the Web 2.0, AJAX, and Web Services bullshit. Those are not for me, at least for the moment; nor do I want to encourage a "community" around my site, whatever that is, as I have better things to do than exchange pleasantries.

That said, I know that the blosxom code is rather old and the plugins available for it seem to be disappearing. Since its in Perl, however, I think I can take a crack at writing my own plugins (and possibly improving blosxom itself.) I might probably rewrite it in CGI::Application, if it comes to that.

By the way, in case you're wondering: I'm Zak B. Elep, and I go by zakame on the Internets. I actually have an older, more dynamic, and friendlier weblog at spunge.org, where it all started; more on that later.

And yeah, the standard disclaimers for blogging applies: this site contains my own personal opinions on various matters (and maybe some real, hard facts, from time to time,) and in now way should these opinions be construed as official statements of organizations or companies I'm connected with. They have their own PR reps: talk to them if you need "official" shit.

That's all for the moment: I'll go play out with some code.

Tags: , , , , . | Posted at: 07:44 | 0 Comments/Trackbacks.

About

Ubuntu member, Perl hacker, Debian maintainer, UPOU student, and more...

Feeds

Tags

, , , , , , , , , , , , , , , , , ,

Recent Posts

Blosxom Plugins

Plugins used here:

  • extensionless
  • flavourpathinfo
  • metaclear
  • metamail
  • recententries
  • tags
  • entries_timestamp
  • storydate
  • permalink
  • whoami
  • Markdown
  • absolute
  • emptymessage
  • feedback
  • plugin_list
  • storytags
  • storytitle
  • tagcloud
  • theme
  • xml_ping_generic
  • atomfeed
  • rss20
  • moreentries

Copyright

Copyright © 2008 Zak B. Elep

Verbatim copying and redistribution of this entire page are permitted provided this notice is preserved.

Powered By

Monitored By