As part of a Sharepoint deployment project, this week I've been building up one of the blades in our blade centre (an HP C-Class with an MSA1500 sitting on the back). A couple of things have struck me as I've been going through the build process - firstly, the insanely huge recommended partition size for Windows Server 2008 R2. The minimum recommended is 64GB. Take a while and let that sink in. 64 GB. The blade I'm using comes equipped with a pair of 137GB SAS drives, so once we mirror them, nearly half of the available space is taken! Not funny Microsoft! I'm sure that the chaps at Redmond will justify this by saying that it means that the OS has the optimum amount of space to spread in to, but compare this with a CentOS installation on the same hardware. 1.5GB. There is no way anyone can justify more than 40 times space for an equivalent installation - our CentOS box runs mySQL, Apache with 4 virtual sites and 2 instances of our VLE (Moodle - more of that in later posts). It's just not on, and it's no wonder that a lot of the admins I speak to are looking more and more seriously at an Open Source back end...
Secondly, the lack of 64 bit driver support is a major pain. Building the blade with a SmartStart v7.9 disk was an absolute no-no, even though it's only around a year old. Had to download v8.3 to get driver support for R2 x64. It's no wonder that lacklustre support from vendors leads to the same from developers - on my 64 bit desktop, probably half of the apps are still installed in the x86 Program Files root. 64 bit computing is not a new idea, and until either Microsoft or Intel make a stand and push 64 bit then we'll be stuck in a situation where 64 bit chips are running 32 bit code, hosting virtual machines to run 16 bit code designed by 2 bit companies...

Over the past few years, people have become much more used to getting things for free. Linux has progressed from an academic project to the OS of choice for half of the servers on the internet. This acceptance of free software has led to the creation of some truly fantastic software. Much of this has been reviewed by myself and others repeatedly - Firefox, OpenOffice and The GIMP are known by anyone with even a passing interest in computers. There are however a few gems that you might not be aware of. In the next couple of posts, I'll be sharing some of my favourites with you.

The undoubted king of DTP is QuarkXPress. Since its inception on the Apple Mac over 20 years ago, it has been the defacto choice for print work. The Open Source community is never one to duck a fight though, and thus Scribus was born...

What can you say about it? Well, if you've used MS Publisher, this'll be like driving a Ferrari after plodding along in a Skoda! Unless you are an international publishing house (and to be honest, even if you are), Scribus will do everything you need. It's a triumph of coding, and it's free! I've been using it for my print advertising for a while now, and I'm hooked - having used Quark before, you can easily make the transition, and if you haven't, the learning curve is not as steep.

If you'd like to learn more, head on over to www.scribus.net

Over the past few weeks, I've been playing with a lot of new stuff, mainly because I've just acquired a load of web space for free. As you'll probably know, I'm a big fan of Open Source Software, so when somebody told me about OpenSourceCMS.com, I headed straight over. The premise behind the project is excellent - they have installed loads of Open Source CMS's that you can play with to your hearts content. Every two hours, the VM's are refreshed and you start again with a blank installation. If you're interested in that sort of stuff, it's definitely worth a visit.

Anyway, under the Light section, there is an item called eyeOS. Clicking on the demo link presents you with this screen:

Obviously, this is radically different from the front page for most sites. They provide a login and password (root and demo), so off we go...

On logging in, you get something like this (will open in a new window as the picture is quite large). It is, as near as damn it, a full desktop. If you delve deeper, you'll find a mail client, spreadsheet, word processor and all sorts of other things. From a programming perspective, it's genius. There is even a process monitor and a file manager (see below):

The big question is, aside from the proof of concept and the undoubted skill of the programming team, is it any good? Well, surprisingly, it is. As it stands, it's not going to replace Windows or OSX. I'm pretty sure however that to compare eyeOS to those two is missing the point. I work on tens of different computers during my working week - Windows machines, UNIX and Linux boxes and even the occasional Mac. What eyeOS gives me is the ability to access the little files that I need (configuration data, usernames, application patches etc) from one location, and to edit them in place. I've installed the software on one of my other domains, and I find that I am using it more and more. Where I used to stick stuff on a USB key or email it to myself, I'm now using eyeOS. It also provides a mobile friendly site which allows you to access your files on the move, which I can see being a killer app.

I think the best way to think of this product is to compare it to the Asus Eee PC. In the same way that it provides slightly reduced functionality for a greatly reduced price, so eyeOS limits what you can do, but allows you to do everything in the same place.

If you're interested in having a play, head on over to the leve demo at OpenSourceCMS.com - click here to go straight to the demo. If you'd like to find out more about the project, pay a visit to eyeos.org. Here you'll find a wealth of information, as well as loads of community developed applications.

I think this project could be one to watch...

Apologies for the blatant plug here, but if I can't advertise my own business on my own site, where can I? For the last year or so, we've been selling Pink Hard Hats on eBay. Strange product I know, but my other half found them and they're a pretty decent seller. As you'll also know, eBay seem hell bent on making it as difficult as possible to sell stuff on their site. We've therefore decided to shift the focus off of eBay and on to our site. If you know someone who'd like one, please point them at the link below, or click on the picture...

www.pinkhardhats.co.uk - go on, you know you want one!

From a technical perspective, I knocked the site up with Joomla 1.5. This is the first time I've used this version, having been a die-hard 1.0x boy. I must say that it's not a massive leap forwards, but there are some really nice features on the admin side that make content management more pleasurable. Adding in more complex HTML to posts still requires that you turn of TinyMCE, but that's really no hardship, and basic code is supported pretty well. The media manager is a nice addition, and grouping together all of the module management tools makes a lot of sense. If you've got a lot invested in themes there is also a 1.0x compatibility mode available so you can put off rewriting your code for a while. As you've probably guessed, I'm a big fan of all things Joomla, and this version just goes to strengthen that feeling. With the abundance of GPL templates on the web, it is incredibly easy to make a professional looking site with little or no artistic skill, which is a bonus for me! I'm still not sure if it's up to handling a large site with 10's of editors and 1000's of users, but for an SME website, it's unbeatable. From unzipping the files to my desktop to submitting the site to Google, about an hour and a half passed. I don't think you can get much quicker than that...

If you've been wondering where we've been for the last couple of days, the answer is quite simple. I broke the server.

As you may know, I've been on a Sharepoint developers course for the last week. Staying in a hotel away from home is boring as hell, so I decided to do some housekeeping and general tidying of my web server. I'm currently with Jumpline, who provide a complete virtualised box that included its own version of Apache, mySQL and so on. Connecting to it via FTP, I merrily started deleting files. I probably should have checked what I was actually deleting, because by the time I realised my mistake, half of the /etc path had been deleted... Things then went from bad to worse as the FTP connection dropped and (obviously) wouldn't allow me to reconnect. In desperation, I restarted the server, which then died completely.

I've spent most of today getting my box back to where it should be - we restored the VM from the day before and everything seems to have come back OK. I'm now $50 lighter and a lot more forgiving of users who fail to back up!

What did impress me though was the ease with which I could bring back a Joomla installation, even when the file system is corrupt. One of the sites I host was properly broken by the crash and was having problems after the restore (it uses a lot of externally hosted code). To get it back literally took 10 minutes - I installed a new instance of Joomla in another directory, repointed that at the old database, uploaded the site template, and away we go!

As you'll probably know by now if you've read my previous posts, I work with Microsoft products on a day to day basis. I'm also a huge advocate of Open Source Software (OSS). When many people think of OSS, there are a lot who remember the homebrew days of the 70s and 80s and recoil in horror at the thought of putting anything made by the community on their networks. Obviously, there are some absolute dog pieces of software out there, but there are some that rival anything that can be bought. Some often cited examples are OpenOffice, GIMP, and of course Ubuntu. One that is very rarely mentioned is arguably unrivalled by any commercial product - this is FileZilla.

FileZilla is, in my opinion, the best FTP client on the market. Full stop. From being able to enter and process raw UNIX commands from a file to automatic CHMODing files on upload, it is a complete solution.

div class="image_block">

Couple it with the FileZilla FTP server and you have an incredibly powerful file transfer and management solution. The server is currently Windows only, but the client is available for all flavours of Windows, OSX and Linux, with unofficial ports existing for some very esoteric OS's. Some would argue that FTP has had it's day, given the laughable security attached to it. However, the fact remains that if you want to move large amounts of data around the web, it's the protocol of choice. Pop on over to the site, download it and have a play. I'm pretty sure you'll end up with a similar sized corner of your heart reserved for it. If not, well, uninstall it, and remember that it cost you nothing

This week I've been playing with Windows Sharepoint Services 3.0 (WSS). I must admit to a bit of ambivalence with regards to WSS - it's always appeared to me to be a bit of a lame duck. Kind of like Personal Web Server was to IIS. This opinion was based on the exposure that I'd had to WSS 2.0. As you may know, I've worked on quite a few open source projects, mainly using Joomla, Drupal and osCommerce. When you've used these products, you're used to working with a certain degree of sophistication. All three are very polished bits of kit, and to be honest, WSS2.0 just didn't cut the mustard.

So, what's WSS3.0 like? Well, the main feature from a developers point of view is the ability to customise templates in Visual Studio. Previously, WSS2.0 had restricted you to Frontpage, which is kind of like having no editing tools at all, but somehow worse. Thankfully, Microsoft have partially abandoned their "go it alone" approach to the internet and have embraced web standards. Allowing editing and development in Visual Studio extends on this - you'll see WSS3.0 sites passing many more compliance tests than their earlier brothers and sisters. By using Visual Studio for editing, Microsoft have also opened up a far broader base of code. Anything that you can write in ASP.net can be incorporated in to a WSS3.0 site, wich leads to a much richer visual and interactive experience (Don't believe me? Try paying Hed Kandi a visit - the whole site runs on WSS3.0).

All in all, WSS3.0 is a much more mature product than the 2.0 incarnation. That said, unless you are tied to a Windows platform, it's not a product I'd recommend. As I've mentioned above, there are a wealth of OSS alternatives to WSS3.0, and their open source platform is their strength. If you want a plugin for a particular purpose, the chances are it'll already exist, and if it doesn't, you have full access to the source code to make the change yourself. WSS3.0 by contrast is hampered by its closed source heritage. In general, if you want a plugin (read Web Part in Microsoft terminology), you're going to have to pay for it, and it's going to be bound by the restraints that are placed on managed code by the OS and the application.

There are some very high profile sites - Vodafone India for example - that are built on WSS3.0, but I would contend that the decision to use WSS came from a need to be more fully integrated with other Microsoft products such as Office and BizTalk. As a pure CMS, WSS3.0 is a huge step forward from WSS2.0, but unless you have a pressing need for tight integration with other Microsoft products, the smart money is still on Open Source.

As part of my day to day work, I deal with a wide range of technologies. Recently, a client asked me to help out with adding some affiliate links in to their site. Easy, huh? Well, it's a bit of a pain to be frank. The site runs on a Joomla framework, which means it's incredibly easy to configure - if you've never used Joomla before, I'd suggest popping over to their site and having a look.

So, getting your content laid out as you want it is easy enough. However, when it comes to adding scripts, all bets are off! Even though it's now 2008, the default WYSIWYG editor tinyMCE has no facility for adding in scripted content - you have to go all the way in to the site global preferences and turn the editor off, add your scripts, then go and turn it back on. God help you if you then edit that content and forget to turn it off again - make sure you have backups!

So Joomla guys, if you read this, can we please have a default WYSIWYG editor that at least has the option to insert scripts? Please!

If you've done any sort of network management, you'll know that most will be targeted at some point. Have a think - how much sensitive data do you hold on your desktops and servers? What would happen if that data made the public domain? More importantly, who would get the blame?

The best way to protect your network is to try to break in to it before someone else does. Penetration testing is the acceptable face of hacking - by looking at your network as a hacker would, you can identify weak spots and close the holes that you find. The down side is that to get it done by a professional is extremely expensive. This is where BackTrack comes in.

This live CD is based on the Slackware distro, and is optimised for penetration testing.

The CD runs the KDE windowing package, and contains all the tools you'll need for attacking your network. The CD its self cam about from the joining of forces of the Whax and Auditor Security Collection teams, and is aligned with all of the major testing and best practise frameworks.

The CD currently boasts over 300 tools - if you can't find what you're looking for here, you'll probably have to write it yourself!

Please pay these guys a visit - it's not a promotional link, just one that'll make your life a hell of a lot easier. www.remote-exploit.org

Coming from the world of Windows, I'm used to nice dialogue boxes and animations when I configure my security settings... Raw Linux is therefore incredibly scary! However, when it comes to web directory security, LAMP is incredibly powerful.

Under IIS, securing a directory is, to be frank, a pain in the arse. Under Apache, you can do it with two files - .htaccess and .htpasswd. We'll have a look at these in a little more detail...

First of all, the . Under UNIX and variants, the . signifies a hidden file. This is obviously a good thing, as you don't want any dodgy types trawling your directories and finding it. So make sure you use the dot!

.htpasswd, as you may imagine, contains usernames and passwords in encrypted form similar to what's below:

technorama:dGE7EaNuRBiic

You'll need to add a line for every user, and it's only one user per line. To generate the encrypted password, try htaccess tools password generator.

.htaccess is a little more complex. Basically, you put this file in any directory that you want to protect. The contents should be similar to that below (you can also visit htaccess tools to create your own):

AuthType Basic
AuthName "Keep Out!"
AuthUserFile /path/to/.htpasswd
Require valid-user

The parts of interest above are the AuthName and AuthUserFile.

AuthName is the title of the box that is presented to anyone who tries to access your protected directory. AuthUserFile is the full path to your .htpasswd file - this can be in any directory you like. The standard path is to drop it in to your /etc directory.

To see it in action, click here. And no, you can't have the password!

Hopefully you should be able to see what a powerful tool this is. Obviously, if you want to protect more directories, you can repeat this procedure. You can also use as many .htpasswd files as you like, so you can allow cetatin users access to some directories but not others