Menu Categories Author

Nubis Novem

Consulting On Cloud Nine

Debian Jessie from Discovery to Mastery

A new edition of The Debian Administrator’s Handbook by Raphaël Hertzog, Roland Mas—the third one counting only English editions, and the seventh if the first four French-only are included—has been issued by Freexian. Shortly after the first English edition, communal experience with the book has justified the the in its title, the book becoming both the most widely read introduction into Debian and the most used single handbook, leaving out the documentation itself, of course.

Read more

Evo Misbehaving After Upgrade to Jessie

If your Evolution mail client—after upgrading to Debian Jessie (i. e. up to v. 3.12.9)—“loses” some messages received through IMAP, check its local Junk directory for a remote IMAP server, even if you cannot remember configuring local spam filtering. Mind that for whatever reason Evo does not indicate the number of messages in this directory.

Read more

Pinning a hole in Palo Alto: NAT forwarding of inbound TCP port

Today our challenge was to create a simple setup that is often called inbound TCP port forwarding, or, a pinhole with a more (or less) advanced firewall device. The network appliance for this cosmetic surgery was one of the recent PAN (Palo Alto Networks) PA-3000 series running PAN OS 6.0. First of all, do not do it. Again, do not do it. And again: please, do not create a destination port forwarding from external network interface into an internal or trusted network behind the firewall. There are other (proper!) techniques that would be better to use for remote network access, dedicated line or VPN (stands for Virtual Private Networking), for instance. Modern VPNs have little overhead and lots of security benefits. Though, for testing purposes only, we have decided to ignore our own advice which was just mentioned above for 3 times.

Read more

Server Name Change Surgery

Say, you have a stand-alone Windows 2008 R2 server that is not part of a domain. You decide that it would make more sense to adjust the server name in the system properties (Computer name – Change) from WinServ1 to a more meaningful WinDevelServ1. After mandatory server reboot you discover that (surprise!) Remote Desktop licensing is not active anymore. A brief error message on dashboard icon makes it clear that you have 120 days to activate the license or else users will lose their ability to connect via Remote Desktop.

What went wrong is one of the gotchas of Windows networking. Server name needs adjustments in various places of the system during name change and the Remote Desktop license server setting is apparently one that they forgot to take care of.

Read more

Responsive UI

Recently I spent some time on learning and practicing responsive UI design. That basically means “making web site mobile friendly”.

First I started with Twitter bootstrap. The problem with Twitter bootstrap is that it brings ~100 KB CSS file (and lots of other junk if you are not careful).
Which means that when user’s smartphone opens my Twitter-bootstrap backed web page, it needs to download extra 100 KB. Which makes page load slower. Not surprisingly, Twitter does not use their own Twitter Bootstrap CSS.

Metro UI seems like a bit better alternative (smaller CSS file size at ~10 KB). Still, it is extra file to load.

Read more

Mirrored to oblivion

We have made a trip to data center recently to replace a faulty 900Gb hard drive in a RAID-10 logical volume of a 3.5 year old HP server. In the modern age of cloud hosting we still manage a few physical servers, for various reasons but mostly for our clients. Since last year we knew the drive may fail due to growing number of soft errors and ordered two extra drives in advance to be ready for day X: one as a replacement and another as a spare for that volume.

Read more