Bluetrait

I think I've found the cause for Akismet not working as well as it should have.

The class I was using had a low timeout value; I've since increased this to 10 seconds, inline with the new Wordpress 2 plugin.

So hopefully that will improve the amount of spam being caught.

I just purchased My Chemical Romance, The Black Parade. I saw them live when I went to see Green Day. I'm really enjoying this album.

I'm testing out a new spam system I quickly wrote.

Hopefully now if you're either logged in or have posted before with the same email address your comment shouldn't be deleted.

I plan to add more tests (see post below) later.

Argh. Too much spam is getting through again; even with Akismet. So I'm in the process of writing a new spam class. The aim is to build a comment score (similar to email spam filtering programs) based on the following:

• Email Address/Name/Website
• Comment Body (number of links etc)
• If the user is registered
• If the user has successfully posted a comment before
• white and black lists
• response from akismet
• how old and how many comments a post has

So hopefully I can cut down the spam.

And that should be the last time for a while.

IP Addresses
Web: 202.129.82.194
Mail: 202.129.82.193

EDIT: Looks like some of our secondary DNS servers (rollernet.us) are having problems updating. I've just made some changes to try and fix it.

We've also just purchased an SSL Certificate for mail.lttd.net, so the primary mail server address will soon be mail.lttd.net.

I suspect trying to have both a blog called Bluetrait and a piece of blog software called Bluetrait is a bad idea...

We'll I finally got my new Juniper SSG 5 firewall (the replacement model for my old Netscreen 5gt).

I ordered it back in November, originally I was going to get the wireless version but they were still out of stock early this year so I ended up getting the base model (with 256mb of ram).

The main reason for the upgrade was that we'd run out of VPN tunnels (the 5gt did 10). The new version supports 25, plus it upgradeable to 40.
The SSG also has the following advantages over the 5gt (I'm comparing the base model 5gt and SSG 5):

• 4000 sessions, up from 2000
• 25 VPN tunnels, up from 10
• Unlimited users, up from 20 (my 5gt has an upgrade to support 20 users)
• 7 ethernet interfaces, up from 5 (plus they aren't limited in terms of zones like the 5gt).
• DMZ support (we've just got a subnet so this should be useful)
• Support for ScreenOS 6 which should be out this year
• Faster (160mb firewall (from 75mb), 40mb VPN (from 20mb))
• 256mb Ram, up from 128mb
• 64mb Flash, up from 32mb

So the device is pretty much double everything that the 5gt is.

It also cost me double. I got the 5gt off ebay for $320, where as the SSG 5 new cost me $640. I got a really good price on it has Bryn was able to sign up as a Juniper reseller, the SSG 5 is about $1200 retail.

The main limitation of the old Netscreen 5gt was the port modes.

The port mode defines what zone (untrust, trust, dmz etc) each ethernet interface is in. Any time you needed to change this you were required to reset the device and config (see below).


Where as the SSG 5 has something called bridge groups allowing you to easily change what zone each interface is in without resetting the device and/or config.

Much more useful if you're playing round with different network topologies (see below).

I've updated some of the IPSEC benchmarks to include both the SSG 5 and an old Netscreen 100 I picked up.

I found the following address in my logs. Looks like a spamming program. Feel free to try and take it offline.

http://serversinfo.org/VIP/master.php

EDIT: I've changed the message so it spams it own site, hopefully taking itself offline. The stop command didn't seem to work, so this is the next best thing.

EDIT2: Looks like the owner has password protected the area.

I had another Seagate drive die on me. I'm not going to be buying that brand from now on, pity I thought they were pretty good.

Any recommendations?