jhcore.com

This guide is designed for users who have a shared hosting account (no root access), namely on DreamHost. We will make use of ClamAV, procmail, and ClamAssassin.

Note: If you add a ~/.procmailrc file to DreamHost, you will likely be unable to use the DreamHost Control Panel’s Junk Filtering. Therefore, it is recommended that you check out this excellent SpamAssassin guide and the Dreamhost wiki. Note that I have installed everything in a ~/packages folder, which the previously mentioned guide does not do, so you should adjust accordingly. I also installed a more recent version of SpamAssassin than the previous guide (3.1.8 vs 3.1.0).

Install ClamAV

mkdir ~/install_files
mkdir ~/packages
cd ~/install_files
wget http://freshmeat.net/redir/clamav/29355/url_tgz/clamav-0.90.1.tar.gz
tar xvzf clamav-0.90.1.tar.gz
cd clamav-0.90.1
./configure --prefix=$HOME/packages --disable-clamav
make
make install

The –disable-clamav flag allows the package to be installed without a special user for clamav.

Modify Your Environment Variables

In your ~/.bash_profile, add the

export PATH="$HOME/packages/bin:$PATH"

At the console enter:

source ~/.bash_profile

Set up ClamAV

In ~/packages/etc/clamd.conf, comment out the line “Example”.
In ~/packages/etc/freshclam.conf, comment out the line “Example”.

Install ClamAssassin

ClamAssassin is a wrapper for ClamAV for use in procmail.

cd ~/install_files
wget http://drivel.com/clamassassin/clamassassin-1.2.4.tar.gz
tar xvzf clamassassin-1.2.4.tar.gz
cd clamassassin-1.2.4
./configure --prefix=$HOME/packages --disable-clamdscan --enable-subject-rewrite
make install

The –disable-clamdscan flag forces ClamAssassin to use clamscan rather than clamd (you don’t have to open any ports for a daemon). The –enable-subject-rewrite[=message] flag prepends an alert[=message] to the subject line of the email.

Add an entry to ~/.procmailrc to call ClamAssassin and move the email if a virus is found

# Scan for virii with clamassassin
:0fw
| $HOME/packages/bin/clamassassin
 
# Send virus email to special folder
:0:
* ^X-Virus-Status: Yes
.virus/

Update ClamAV

Update with FreshClam in your crontab

freshclam
crontab -e

Add this line, to update the virus definitions at 1 AM everyday:

0 1 * * * /home/<your username>/packages/bin/freshclam

Test

Send an email to yourself, you should see the X-Virus-Status header (view all the headers). On thunderbird, go to View > Headers > All.
You should see

(Optional) Clean up the install dir

cd ~/install_files
rm -rf *

References

[1] - Installing ClamAV with a non-root account
[2] - ClamAssassin Documentation

Just found a nice tool for using MediaWiki’s markup inside of Wordpress at Zech’s Blog. The WYSIWYG editor is Wordpress is nice, but staying at the keyboard with the wiki markup is nice (without the clutter of XHTML).

I have started to become a fan of the MediaWiki markup, because it leaves the text of document less cluttered than XHTML. I have recently been working quite a bit on wiki’s (RadLex and several Trac installations). I originally coded the RadLex wiki text in XHTML, before I learned about MediaWiki’s markup. But picking up the wiki markup was quick and I found reformatting the RadLex page in wiki markup to be much quicker than my first attempt with XHTML (which I have years of experience with).

Update: The plugin does not play well with WP-FLV.

To start off the collection of security / pen-testing virtual machines, BackTrack 2.0 beta is now available as a virtual machine of VMWare. All you need is the free VMWare player, and my BackTrack appliance (MD5: 794683c043179c7ba54c5d88e8f986f2) .

Check out the Virtual Machine page for updates and other distros. Enjoy!

There’s a new kid in town, Songbird (A few screenshots). Imagine if Firefox mated with iTunes, and somehow the gray and brush metal interfaces formed a midnight black child–that would be Songbird. Songbird is an attempt to use the XUL design framework from Mozilla Firefox to create a user experience similar to Apple’s iTunes program. While some have said that Songbird is nothing but a direct rip off of iTunes, Songbird brings new ideas to the media player realm. Like iTunes (and most media players), there is a library with the typical sorting features. However, instead of only providing a single source for new content like iTunes has with iTMS, Songbird uses the whole internet as its “music store.” Any site with open media content can be part of Songbirds “music store,” as Songbird auto discovers tracks on the site. Songbird uses services from Amazon, Creative Commons, eMusic, and dozens of others. Podcasts and streaming radio are easily accessible sources of content in Songbird. A nice feature is the Wikipedia plugin (make sure to install it during the Songbird installation), which shows the Wikipedia page for the currently playing artist.

After testing the latest release (a “beta” of 0.2), I found Songbird interesting and refreshing, but at times slow. When adding content to my Media Library, I found the process to be slower than Winamp 5’s process. The worst part came as I started to scroll through my music, when Songbird started loading in the ID3 tags for all the songs. This process took several minutes on top of scanning the directories. However, this process only occurred the first time I used Songbird, since then I have had no complaints about loading ID3 data. Overall the program does at times feel a little sluggish (on a Athlon 3000+ with 2.3 GB RAM). I’m not yet holding the Songbird team at fault for this one with a beta of their 0.2 release. Yet, one may question whether using the XUL interface will ever be as quick as a program like Winamp. But, I must admit, Songbird still seemed like a racehorse compared to Windows Media Player 10. The sluggish-ness is only noticeable when loading web pages or changing views in the player, song quality was perfectly fine when I just let it play.

I definitely suggest keeping your eye on this program as it evolves. Take a look at some Songbird Screenshots!

Digg This!

The new version of Mozilla Firefox is out–grab a beta copy now! There have been doubts if Firefox can keep making inroads against Microsoft’s Internet Explorer, given the fact that IE 7 is now out in beta and has many of the features that the internet community has come to expect from a “modern browser” (tabbed browser, feed integration, etc.). However, it appears as if the Mozilla team is going strong with the latest preview of Firefox and will beat Microsoft to the market in the latest round of the browser wars.

New Firefox Features:

• Search engines - the simplistic search tool has been given an update, especially with the ability to natively remove engines from Firefox.
• Tabbed browsing - a tab-close button now rests on each tab, making the closure of tabs more intuitive. The tabs are now able to me moved around, without an extension.
• Spell Checking - form boxes are now checked by Firefox. A nice tool for anyone using form boxes for blogging software.
• Options Menu - the ever evolving option menu gets a face lift again, this time with some new features.
• Feed Integration - Live Bookmarks are taken a step forward–Firefox can now put a feed into your RSS program and various RSS web readers. Also, once a feed is clicked, a nicely formatted page is displayed instead of the raw XML.
• Anti-Phishing Tools - Firefox checks the page against Google or a precompiled database to help users know if the website is authentic.

The only issue I ran into during nearly a week of testing is that my current antivirus program (AntiVir Guard) identified Firefox’s anti-phishing tool as spyware. This identification occurred repeatedly, even after chosing to ignore, delete, or quarantine. Firefox did not suffer when losing this file, however, it is expected that the anti-phishing tool will not work as accurately, if at all. Mozilla’s forums indicated that this was a known issue, so hopefully AVG will adjust their rules accordingly before Firefox is released in late October.